Merge pull request #1391 from nrathaus/master

A few updates

cves/2020/CVE-2020-35489.yaml

@@ -26,5 +26,5 @@ requests:
 
       - type: regex
         regex:
-          - '^([0-4]\.|5\.[0-2]\.|5\.3\.[0-1]$)'
+          - '^= ([0-4]\.[0-9\.]+|5\.[0-2]|5\.[0-2]\.[0-9]+|5\.3\.[0-1]) ='
         part: body

vulnerabilities/jenkins/jenkins-asyncpeople.yaml

@@ -5,6 +5,11 @@ info:
   author: nadino
   severity: info
   tags: jenkins
+  reference: |
+    - https://bugs.eclipse.org/bugs/show_bug.cgi?id=564944
+    - https://issues.jenkins.io/browse/JENKINS-30107
+    - https://issues.jenkins.io/browse/JENKINS-18884
+    - https://issues.jenkins.io/browse/JENKINS-26469
 
 requests:
   - method: GET

vulnerabilities/jenkins/unauthenticated-jenkin-dashboard.yaml

@@ -1,7 +1,7 @@
 id: unaunthenticated-jenkin
 
 info:
-  name: Unauthenticated Jenkin Dashboard
+  name: Unauthenticated Jenkins Dashboard
   author: dhiyaneshDK
   severity: high
   tags: jenkins

vulnerabilities/other/rce-via-java-deserialization.yaml

@@ -4,6 +4,7 @@ info:
   author: uhnysh
   severity: critical
   tags: java,rce
+  reference: https://www.synopsys.com/blogs/software-security/mitigate-java-deserialization-vulnerability-jboss/
 
   # This can only be used to detect the vuln, please make sure to run ysoserial over the URLs to verify.
 

vulnerabilities/other/tpshop-directory-traversal.yaml

@@ -1,7 +1,7 @@
 id: tpshop-directory-traversal
 
 info:
-  name: Tpshop Directory Traversal
+  name: TPshop Directory Traversal
   author: pikpikcu
   severity: high
   reference: https://mp.weixin.qq.com/s/3MkN4ZuUYpP2GgPbTzrxbA

vulnerabilities/other/vpms-auth-bypass.yaml

@@ -24,8 +24,8 @@ requests:
 
     matchers-condition: and
     matchers:
-      - type: regex
-        regex:
+      - type: word
+        words:
           - "LAGOS PARKER"
           - "Login Successfully"
           - "location.href = 'index.php';"

vulnerabilities/other/wems-manager-xss.yaml

@@ -6,9 +6,8 @@ info:
   severity: medium
   tags: xss
 
-  # Source
-  # https://packetstormsecurity.com/files/155777/WEMS-Enterprise-Manager-2.58-Cross-Site-Scripting.html
-  # https://github.com/pikpikcu/nuclei-templates/blob/master/vulnerabilities/wems-enterprise-xss.yaml
+  reference: |
+    - https://packetstormsecurity.com/files/155777/WEMS-Enterprise-Manager-2.58-Cross-Site-Scripting.html
 
 requests:
   - method: GET

vulnerabilities/vmware/vmware-vcenter-lfi.yaml

@@ -4,13 +4,11 @@ info:
   name: VMware vCenter Unauthenticated Arbitrary File Read
   author: dwisiswant0
   severity: high
-  reference: https://kb.vmware.com/s/article/7960893
+  reference: |
+    - https://kb.vmware.com/s/article/7960893
+    - https://twitter.com/ptswarm/status/1316016337550938122
   tags: vmware,lfi
 
-  # Reference:-
-  # https://twitter.com/ptswarm/status/1316016337550938122
-  # https://kb.vmware.com/s/article/7960893
-
 requests:
   - payloads:
       path:

vulnerabilities/wordpress/wordpress-rce-simplefilelist.yaml

@@ -5,6 +5,8 @@ info:
   author: princechaddha
   severity: critical
   reference: https://wpscan.com/vulnerability/10192
+  description: |
+    The Simple File List WordPress plugin was found to be vulnerable to an unauthenticated arbitrary file upload leading to remote code execution. The Python exploit first uploads a file containing PHP code but with a png image file extension. A second request is sent to move (rename) the png file to a PHP file.
   tags: wordpress,wp-plugin,rce
 
 requests: